last executing test programs: 3.283612837s ago: executing program 1 (id=393): r0 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x800) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}}) r1 = gettid() rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8) tkill(r1, 0x7) 2.431792373s ago: executing program 1 (id=409): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',access=', @ANYRESDEC=0x0]) 2.396068224s ago: executing program 1 (id=411): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000140)=0x3) io_setup(0x4, &(0x7f0000000080)=0x0) io_submit(r1, 0x2, &(0x7f0000000000)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xf, 0xffffffffffffffff, 0x0, 0x0, 0x10000, 0x0, 0x2}]) write$char_usb(r0, &(0x7f0000000040)="e2", 0x2778) 2.315054135s ago: executing program 1 (id=413): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x94, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x94}, 0x1, 0x0, 0x0, 0x4041}, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400000003010101"], 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x84) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]}) close_range(r1, 0xffffffffffffffff, 0x0) 2.165339688s ago: executing program 1 (id=418): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000500)={0xa, 0xffff, 0x0, @mcast1, 0x9}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000440), 0x1000a) sendfile(r0, r1, &(0x7f0000000000)=0x1, 0x1001) 2.146292089s ago: executing program 1 (id=419): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x18) r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0xf, 0xea, 0x5c, 0x20, 0x1b3d, 0x9313, 0xe0d0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x2a, 0x7, 0x0, 0x59, 0xed, 0xbd}}]}}]}}, 0x0) syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0) 703.007216ms ago: executing program 2 (id=457): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000840)={[{@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@uni_xlate}, {@shortname_mixed}, {@shortname_mixed}, {@shortname_lower}, {@utf8}, {@fat=@errors_remount}, {@numtail}, {@shortname_mixed}, {@iocharset={'iocharset', 0x3d, 'macturkish'}}, {@numtail}, {@uni_xlate}, {@shortname_win95}, {@shortname_win95}]}, 0x2a, 0x33b, &(0x7f00000004c0)="$eJzs3U1oI3UUAPCXnWzTFtb2IAh6id4EWba96allWWGxB10Jfl0Mble0iQstBtZDs7koHhUvgp687UGPexYPIt48eHUF8QMv7q2wiyPJTJJJpnFLIV0/fr9Debz/e5k3k6FJS/Pvqxuxc/l0XLl9++dYXKxEdeP8RhwsxWqciiQy1wMA+C85SNP4I83cu/rD5WG0MOe5AID5Gbz+v35mnKjdz2kAgJNwxJ//nz00e3VuYwEAc3QQU6//j00sT/2avzr6mwAA4N/r+ZdefmZzK+JSvb4Y0X6v0+g04qnx+uaVeCNasR3nYiXuRmRvFLJ3C/2vT1/cunCu3vfLajT6HZ1GRLvbaWTvFDaTQX8t1mIlVvP+dNSf9PvXBv31iLjeHRw/2pVO43Qs58f/YTm2Yz1W4sFSf8TFrQvr9fwBGu1hfzeiF4vDk+jPfzZW4rvX4mq04nL0e8fz76/V6+fTrYn+zo3aoA4AAAAAAAAAAAAAAAAAAAAAAObhbH1kdbT/Tdrudt69NF2wOrE/TiNbzvcH6mX7A6W14e487yfT+wNN7s/TaVTj1H09cwAAAAAAAAAAAAAAAAAAAPjn2Lu2EM1Wa3t379o7O8WgW8i89c3nXy3FdM2byTgT1ezhJmryXBS6khi1p6P2NJmoyYMkYlx84+Zo4mJNbXQWpfZ+UCstVfKZmq3WmUd/+uSwrj/HmSRKl2UyqOTHLyy1H8hSf9M1O1i/R82tNE1nte9/XO6KSkS19MQdLxhe6yzzdaXw5H6Zb/rw+BMrL9z66LPfdpqtyNdbrYXdvbvpsY+eFO6fSn6dK4U7oflI6R4rBL1xptcvTr7//cWHP/h2qjg5/P5Ji5m3Z4/6xXRmIQv6Yx7lTE/PGL4cvHInO9nkOBfzoU83mjf3f/z1qF2FbxI26gAAAAAAAAAAAAAAAAAAgBNR+Kz4kWSfvX7yuflOBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAna/z//wtBr5TJgmocUjwK7nSjvFTb3t2befClEz1VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+x/4KAAD//wRdbYA=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 533.52795ms ago: executing program 0 (id=461): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x8) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004) pwritev(r0, &(0x7f00000002c0)=[{&(0x7f0000000380)="00218e02fae5d9d68d3008b4c027225e5ee2ee45db0390", 0x17}], 0x1, 0x7, 0x1) 522.582239ms ago: executing program 4 (id=463): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000f400004000"]) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="cf"]) 483.852921ms ago: executing program 3 (id=464): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") lchown(&(0x7f00000006c0)='./file0\x00', 0x0, 0xee01) quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x2, 0x0, 0xca, 0x0, 0x2, 0x8, 0x0, 0x0, 0x9d}) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) chown(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) 483.322191ms ago: executing program 2 (id=474): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 462.062721ms ago: executing program 0 (id=465): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0) 444.760631ms ago: executing program 2 (id=466): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x20}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) mincore(&(0x7f0000f0c000/0x3000)=nil, 0x0, &(0x7f0000afaf0a)=""/246) 371.952403ms ago: executing program 4 (id=467): setreuid(0xee01, 0x0) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) syz_clone(0x120e111f, 0x0, 0x13, 0x0, 0x0, 0x0) 319.804474ms ago: executing program 2 (id=468): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x28000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, &(0x7f0000000040)="0f20c035100003000f22c0d1c74d4bfd7ac443b948ac27f80000005f3664460f06b8010000000f01c10f90da64f30f524e6c660f179500000000660f3a0c1ff80fda7c55f7", 0x45}], 0x1, 0x5, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 310.215214ms ago: executing program 0 (id=469): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5) ioctl$KVM_CAP_MAX_VCPU_ID(r1, 0x4068aea3, &(0x7f0000000000)={0x80, 0x0, 0x6}) 263.744465ms ago: executing program 4 (id=470): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4) r1 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'sit0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000080)="33031600d1fd140000007ef52f555f2a3b9fe67025c1d97bfbf719143baa4b1f0f858c6632f47042195e", 0xfdef, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, r2, 0x1, 0x62}, 0x14) 231.454465ms ago: executing program 4 (id=471): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f00000004c0)="df034affffffffffff0000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x4c) 225.493335ms ago: executing program 3 (id=472): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x5e, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40042, 0x21) utimes(&(0x7f00000000c0)='./file0\x00', 0x0) 189.995706ms ago: executing program 4 (id=473): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x2100, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x10008, &(0x7f0000000700), 0xff, 0x4a8, &(0x7f0000000c00)="$eJzs3M9vFGUfAPDvbH/QvvxoX15e3hcEraCR+KOlBZWDBzWaeNDERA94rG1BZKGG1gRII8UYPBoS78ajiX+BNy9GPRgTr5p4NCREGxOKpzWzM0O3293SlrYr3c8n2e7zzI99nu/MPLvPzNOZANrWQPonidgRET9HRF+WXbzAQPY2PzczdntuZiyJSuWN35PqcrfmZsaKRYv1tueZI6WI0kdJPJ8sLXfq0uWzo+XyxIU8PzR97r2hqUuXnzpzbvT0xOmJ8yMnThw/NvzsMyNPr0ucaVy39n8weWDfK29df23s5PW3v/syrdbeg9n82jju6naDgBoYSLfaH5Wq+nmPrqLu94OdNemks4UVYVU6IiLdXV3V9t8XHbGw8/ri5Q9bWjlgQ6W/Tduaz56tAFtYEq2uAdAaxQ99ev5bvDap6/GPcPOFiO48PT83MzZ/J/7OKOXTuzaw/IGIODn712fpK1Z7HQIAYA2qfZsnG/X/SrG3+p6NdezKx1D6I+LfEbE7Iv4TEXsi4r8R1WX/FxH/z1au9K2w/IG6/NL+T+lGwzqvk7T/91xN32++Jv78rb8jz+2sxt+VnDpTnjiab5Mj0bUtzQ8vU8bXL/30SbN5tf2/9JWWX/QF8wrc6Ky7QDc+Oj26Xhvh5tWI/Z2N4k/ujASkR8C+iNi/uo/eVSTOPP7FgWYL3T3+ZazDOFPl84jHsv0/G3XxF5LlxyeHeqI8cXSoOCqW+v7Ha683K/+e4l8HNw89kCUW9n/dEn1/Jr15slyeuDC1+jKu/fJx03OatR7/3cmb1THrH97Jpl0cnZ6+MBzRnbxazRfndNXpIwvrXhyd7k3zxfLp8X/kcOP2vztfJ93/6VZKD+KDEfFgRDyU1/3hiDgUEYeXif/bFx95d5n4k0iidfv/asR4w++/O8d/f1I7Xr+GRMfZb75qNmK+sv1/PGar37WZ6vffXay0gve4+QAAAOC+UIqIHZGUBrP0wI4olQYHs//h3xP/KpUnp6afODX5/vnx7B6B/ugqFVe6+mquhw4ns/knZvmR/FpxMf9Yft34047ean5wbLI83uLYod1tX9z+o2j/qd86Wl07YMO5XwvaV337L7WoHsDmW8nvv3MB2JoWt/+e9E9vq+oCbC7n/9C+GrX/K3V5/X/Ympa2/18bPLIO2Ir0/6F9af/QvrR/aEv3cl//QqInIprMqlzJHjS4aFZxs8DaC+1Z8R3+7ZIonnixkWX1xuWz3fmUKLUo0o7mB9vWTaQtZnMLXXiGCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP3s7wAAAP//9aPj/g==") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0xa, 0x0, 0x0) ioctl$PTP_SYS_OFFSET(r0, 0x43403d05, &(0x7f0000000d00)) 174.262167ms ago: executing program 3 (id=475): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="010000006b0100000100000000000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="000000000100000015a6771949a0"], 0x48}}, 0x20000000) 153.107147ms ago: executing program 0 (id=476): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f00000000c0)={0x4c, r2, 0x1, 0xffffffff, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x20, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '(]!,:%+\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}]}]}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001}, 0x0) 142.175797ms ago: executing program 3 (id=477): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000002c0)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) sendmmsg$inet(r0, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000080)='\x00', 0x1}], 0x23}}, {{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000001c0)='}', 0x1}], 0x1}}], 0x2, 0x2400c042) 116.822757ms ago: executing program 0 (id=478): bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0x1ffffffffffffdf4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000000000b703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000400)='itimer_state\x00', r0}, 0x18) setitimer(0x2, 0x0, 0x0) 116.477337ms ago: executing program 3 (id=479): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, 0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r2, 0x0, &(0x7f0000001780)=""/4096}, 0x20) 101.007298ms ago: executing program 2 (id=480): bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x45bd}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_UNIMAP(r1, 0x4b52, &(0x7f0000000040)={0x0, 0x0}) 70.298108ms ago: executing program 0 (id=481): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000200)=[@acquire, @enter_looper], 0x53, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f0000000240)=[@request_death, @clear_death], 0x0, 0x0, 0x0}) 63.884669ms ago: executing program 4 (id=482): r0 = syz_io_uring_setup(0x4f0e, &(0x7f0000000480)={0x0, 0x0, 0x1}, &(0x7f0000000080)=0x0, &(0x7f0000000040)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_complete(r1) io_uring_enter(r0, 0x1815, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r0, 0x62dd, 0x0, 0x0, 0x0, 0x0) 9.57182ms ago: executing program 3 (id=483): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1e0) 0s ago: executing program 2 (id=484): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', 0xe02, 0x1c0) r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) sendfile(r2, r1, 0x0, 0x3a) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.230' (ED25519) to the list of known hosts. [ 23.066689][ T28] audit: type=1400 audit(1759176289.163:64): avc: denied { mounton } for pid=275 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 23.068115][ T275] cgroup: Unknown subsys name 'net' [ 23.089949][ T28] audit: type=1400 audit(1759176289.163:65): avc: denied { mount } for pid=275 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 23.117289][ T28] audit: type=1400 audit(1759176289.193:66): avc: denied { unmount } for pid=275 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 23.117472][ T275] cgroup: Unknown subsys name 'devices' [ 23.228691][ T275] cgroup: Unknown subsys name 'hugetlb' [ 23.234392][ T275] cgroup: Unknown subsys name 'rlimit' [ 23.369141][ T28] audit: type=1400 audit(1759176289.463:67): avc: denied { setattr } for pid=275 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 23.392341][ T28] audit: type=1400 audit(1759176289.463:68): avc: denied { mounton } for pid=275 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 23.417245][ T28] audit: type=1400 audit(1759176289.463:69): avc: denied { mount } for pid=275 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 23.423031][ T277] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 23.449614][ T28] audit: type=1400 audit(1759176289.543:70): avc: denied { relabelto } for pid=277 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 23.475777][ T28] audit: type=1400 audit(1759176289.543:71): avc: denied { write } for pid=277 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 23.517004][ T28] audit: type=1400 audit(1759176289.613:72): avc: denied { read } for pid=275 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 23.517550][ T275] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 23.542555][ T28] audit: type=1400 audit(1759176289.613:73): avc: denied { open } for pid=275 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 24.305325][ T284] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.312526][ T284] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.320112][ T284] device bridge_slave_0 entered promiscuous mode [ 24.328269][ T284] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.335407][ T284] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.342904][ T284] device bridge_slave_1 entered promiscuous mode [ 24.437977][ T285] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.445310][ T285] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.453002][ T285] device bridge_slave_0 entered promiscuous mode [ 24.464208][ T283] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.471349][ T283] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.478835][ T283] device bridge_slave_0 entered promiscuous mode [ 24.486997][ T283] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.494047][ T283] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.501665][ T283] device bridge_slave_1 entered promiscuous mode [ 24.510636][ T285] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.517714][ T285] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.525075][ T285] device bridge_slave_1 entered promiscuous mode [ 24.597249][ T287] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.604315][ T287] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.611911][ T287] device bridge_slave_0 entered promiscuous mode [ 24.620994][ T287] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.628158][ T287] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.635528][ T287] device bridge_slave_1 entered promiscuous mode [ 24.670018][ T286] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.677083][ T286] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.684521][ T286] device bridge_slave_0 entered promiscuous mode [ 24.705774][ T286] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.712937][ T286] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.720602][ T286] device bridge_slave_1 entered promiscuous mode [ 24.817088][ T285] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.825470][ T285] bridge0: port 2(bridge_slave_1) entered forwarding state [ 24.837935][ T285] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.846829][ T285] bridge0: port 1(bridge_slave_0) entered forwarding state [ 24.922751][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.930310][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.939627][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.947386][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.997505][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 25.005803][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.014698][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.021782][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.029193][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 25.037614][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.045733][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.052814][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.060250][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 25.091998][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 25.100036][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 25.107953][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.116118][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.123183][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.130810][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.139210][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.146252][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.153746][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.161807][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.169836][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.178295][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.185315][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.192739][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 25.210822][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 25.219089][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.228369][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.236313][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.244699][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.251762][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.259417][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.267788][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.274832][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.282403][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 25.307939][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.316195][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.324713][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.331797][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.339919][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 25.348056][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.356066][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 25.364170][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.373678][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.382292][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.397122][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.405586][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.414155][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 25.422399][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.440954][ T285] device veth0_vlan entered promiscuous mode [ 25.448909][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.457035][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.465306][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.473597][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.481884][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 25.489427][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 25.497016][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 25.504423][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 25.523312][ T283] device veth0_vlan entered promiscuous mode [ 25.529945][ T284] device veth0_vlan entered promiscuous mode [ 25.538757][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 25.546306][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 25.554023][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 25.562577][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.571063][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.578558][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.586298][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.594755][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.603334][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.611282][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.619430][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 25.627889][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.636117][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.643164][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.650721][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 25.658533][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 25.665951][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 25.684982][ T285] device veth1_macvtap entered promiscuous mode [ 25.698107][ T283] device veth1_macvtap entered promiscuous mode [ 25.706006][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 25.714825][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.723046][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 25.731418][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.739633][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.748083][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.756287][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 25.764195][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.772506][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.780885][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 25.793139][ T284] device veth1_macvtap entered promiscuous mode [ 25.806928][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.815124][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.823357][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 25.831513][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.840001][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.848559][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.856911][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.876155][ T286] device veth0_vlan entered promiscuous mode [ 25.886345][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.894665][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 25.902133][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 25.909815][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.918432][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.926867][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.935078][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.943804][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.952235][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.960866][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.969258][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.977875][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 25.986180][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 26.008337][ T283] request_module fs-gadgetfs succeeded, but still no fs? [ 26.018387][ T287] device veth0_vlan entered promiscuous mode [ 26.034788][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 26.046689][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 26.055066][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 26.055793][ T337] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 26.064323][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 26.079813][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 26.088954][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 26.096884][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 26.115403][ T286] device veth1_macvtap entered promiscuous mode [ 26.131664][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 26.167299][ T345] loop0: detected capacity change from 0 to 1024 [ 26.178652][ T287] device veth1_macvtap entered promiscuous mode [ 26.186074][ T345] EXT4-fs: Ignoring removed i_version option [ 26.203610][ T345] EXT4-fs (loop0): Test dummy encryption mode enabled [ 26.211764][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 26.222308][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 26.231301][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 26.238289][ T345] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 26.240795][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 26.294874][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 26.304258][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 26.313141][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 26.321739][ T283] EXT4-fs (loop0): unmounting filesystem. [ 26.321798][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 26.387385][ T361] binder: 360:361 ioctl c018620c 200000000000 returned -22 [ 26.463814][ T375] loop4: detected capacity change from 0 to 2048 [ 26.532028][ T375] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 26.608771][ T375] EXT4-fs error (device loop4): ext4_find_extent:936: inode #2: comm syz.4.16: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 26.678677][ T287] EXT4-fs (loop4): unmounting filesystem. [ 26.774953][ T372] loop1: detected capacity change from 0 to 40427 [ 26.786655][ T24] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 26.806625][ T372] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 26.836993][ T372] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 26.870478][ T372] F2FS-fs (loop1): invalid crc value [ 26.898757][ T372] F2FS-fs (loop1): Found nat_bits in checkpoint [ 26.986778][ T372] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 26.993946][ T372] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 26.996580][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 27.012324][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 27.035307][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 27.062721][ T24] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 27.093220][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 27.115056][ T24] usb 4-1: config 0 descriptor?? [ 27.225449][ T416] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 27.240229][ T411] loop0: detected capacity change from 0 to 40427 [ 27.260648][ T411] ======================================================= [ 27.260648][ T411] WARNING: The mand mount option has been deprecated and [ 27.260648][ T411] and is ignored by this kernel. Remove the mand [ 27.260648][ T411] option from the mount to silence this warning. [ 27.260648][ T411] ======================================================= [ 27.314959][ T411] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 27.352275][ T411] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 27.376250][ T420] Illegal XDP return value 232485436 on prog (id 22) dev N/A, expect packet loss! [ 27.387835][ T411] F2FS-fs (loop0): invalid crc value [ 27.427395][ T411] F2FS-fs (loop0): Found nat_bits in checkpoint [ 27.529267][ T24] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0 [ 27.538114][ T411] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 27.550074][ T411] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 27.561802][ T24] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0 [ 27.585164][ T24] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0 [ 27.606578][ T24] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0 [ 27.613975][ T24] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0 [ 27.626487][ T24] savu 0003:1E7D:2D5A.0001: unbalanced collection at end of report description [ 27.653864][ T24] savu 0003:1E7D:2D5A.0001: parse failed [ 27.673734][ T24] savu: probe of 0003:1E7D:2D5A.0001 failed with error -22 [ 27.683524][ T422] loop1: detected capacity change from 0 to 40427 [ 27.752301][ T24] usb 4-1: USB disconnect, device number 2 [ 27.759358][ T422] F2FS-fs (loop1): Found nat_bits in checkpoint [ 27.795197][ T422] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 27.853785][ T422] SELinux: Context system_u:object_r:dhcp_state_t:s0 is not valid (left unmapped). [ 27.881955][ T457] loop0: detected capacity change from 0 to 2048 [ 27.901055][ T284] syz-executor: attempt to access beyond end of device [ 27.901055][ T284] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 27.902959][ T459] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 27.931981][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 27.947567][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 27.957192][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 27.965603][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 27.975001][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 27.983865][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 27.992323][ T457] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 27.994457][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 28.001516][ T457] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 28.028002][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 28.037629][ T461] tipc: Started in network mode [ 28.042531][ T461] tipc: Node identity ac14142f, cluster identity 4711 [ 28.058059][ T283] EXT4-fs (loop0): unmounting filesystem. [ 28.064085][ T461] tipc: New replicast peer: 0.0.0.0 [ 28.087655][ T461] tipc: Enabled bearer , priority 10 [ 28.102137][ T464] netlink: 44 bytes leftover after parsing attributes in process `syz.2.48'. [ 28.117168][ T464] tipc: Disabling bearer [ 28.132764][ T28] kauditd_printk_skb: 72 callbacks suppressed [ 28.132779][ T28] audit: type=1400 audit(1759176294.223:146): avc: denied { write } for pid=468 comm="syz.1.49" name="anycast6" dev="proc" ino=4026532420 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 28.174561][ T28] audit: type=1400 audit(1759176294.263:147): avc: denied { create } for pid=470 comm="syz.4.51" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 28.193855][ T475] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 28.201806][ T28] audit: type=1400 audit(1759176294.263:148): avc: denied { ioctl } for pid=470 comm="syz.4.51" path="socket:[16362]" dev="sockfs" ino=16362 ioctlcmd=0x48d3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 28.216093][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 28.235370][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 28.247160][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 28.258235][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 28.267141][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 28.275419][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 28.284078][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 28.292785][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 28.319575][ T485] loop4: detected capacity change from 0 to 128 [ 28.332671][ T487] loop3: detected capacity change from 0 to 256 [ 28.342415][ T28] audit: type=1400 audit(1759176294.443:149): avc: denied { mount } for pid=484 comm="syz.4.57" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 28.365177][ T485] syz.4.57: attempt to access beyond end of device [ 28.365177][ T485] loop4: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 28.378011][ T487] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000905) [ 28.392032][ T485] Buffer I/O error on dev loop4, logical block 128, lost async page write [ 28.393654][ T28] audit: type=1400 audit(1759176294.483:150): avc: denied { unmount } for pid=286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 28.454411][ T490] loop2: detected capacity change from 0 to 2048 [ 28.495122][ T494] loop3: detected capacity change from 0 to 8192 [ 28.506679][ T334] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 28.528727][ T490] Alternate GPT is invalid, using primary GPT. [ 28.530065][ T28] audit: type=1400 audit(1759176294.623:151): avc: denied { mounton } for pid=493 comm="syz.3.61" path="/6/file0/bus" dev="loop3" ino=1048603 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1 [ 28.535247][ T490] loop2: p1 p2 p3 [ 28.565951][ T28] audit: type=1400 audit(1759176294.663:152): avc: denied { unmount } for pid=286 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 28.627992][ T28] audit: type=1400 audit(1759176294.703:153): avc: denied { validate_trans } for pid=497 comm="syz.4.63" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 28.672343][ T28] audit: type=1400 audit(1759176294.763:154): avc: denied { block_suspend } for pid=503 comm="syz.3.66" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 28.698111][ T334] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 28.726890][ T334] usb 2-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00 [ 28.737086][ T334] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 28.751967][ T334] usb 2-1: config 0 descriptor?? [ 28.761282][ T371] udevd[371]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 28.772770][ T448] udevd[448]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 28.782468][ T28] audit: type=1400 audit(1759176294.873:155): avc: denied { name_bind } for pid=509 comm="syz.4.68" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 28.806047][ T368] udevd[368]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 28.858579][ T514] SELinux: failed to load policy [ 29.022697][ T539] loop4: detected capacity change from 0 to 1024 [ 29.029907][ T539] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 29.069899][ T539] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 29.094661][ T539] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 29.109738][ T539] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 29.126847][ T539] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28 [ 29.139837][ T539] EXT4-fs (loop4): This should not happen!! Data will be lost [ 29.139837][ T539] [ 29.150479][ T539] EXT4-fs (loop4): Total free blocks count 0 [ 29.151164][ T553] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 28 [ 29.156652][ T539] EXT4-fs (loop4): Free/Dirty block details [ 29.185037][ T539] EXT4-fs (loop4): free_blocks=20480 [ 29.192829][ T539] EXT4-fs (loop4): dirty_blocks=32 [ 29.199150][ T539] EXT4-fs (loop4): Block reservation details [ 29.205158][ T539] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 29.216079][ T334] wacom 0003:056A:0015.0002: Unknown device_type for 'HID 056a:0015'. Assuming pen. [ 29.231800][ T334] wacom 0003:056A:0015.0002: hidraw0: USB HID v9.14 Device [HID 056a:0015] on usb-dummy_hcd.1-1/input0 [ 29.251036][ T334] input: Wacom Graphire4 4x5 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0015.0002/input/input4 [ 29.346506][ T24] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 29.445676][ T19] usb 2-1: USB disconnect, device number 2 [ 29.457286][ T563] kvm [562]: vcpu2, guest rIP: 0x9133 Unhandled WRMSR(0x11e) = 0x9d000005 [ 29.469029][ T563] kvm [562]: vcpu2, guest rIP: 0x9133 Unhandled WRMSR(0x186) = 0x9d000005 [ 29.477763][ T563] kvm [562]: vcpu2, guest rIP: 0x9133 Unhandled WRMSR(0x187) = 0x9d000005 [ 29.501815][ T563] kvm [562]: vcpu2, guest rIP: 0x9133 Unhandled WRMSR(0x1d9) = 0x9d000005 [ 29.556451][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 29.565633][ T24] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 29.574974][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 29.583345][ T24] usb 1-1: Product: syz [ 29.594373][ T24] usb 1-1: Manufacturer: syz [ 29.599469][ T24] usb 1-1: SerialNumber: syz [ 29.618134][ T570] loop3: detected capacity change from 0 to 1024 [ 29.642976][ T570] EXT4-fs: Ignoring removed i_version option [ 29.650470][ T570] EXT4-fs (loop3): Test dummy encryption mode enabled [ 29.660822][ T570] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 29.670343][ T570] EXT4-fs (loop3): unmounting filesystem. [ 29.760588][ T579] loop3: detected capacity change from 0 to 1024 [ 29.778462][ T579] EXT4-fs: Ignoring removed nomblk_io_submit option [ 29.785474][ T579] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 29.798508][ T579] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 29.807432][ T579] System zones: 0-1, 3-36 [ 29.812764][ T579] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 29.839742][ T579] capability: warning: `syz.3.94' uses deprecated v2 capabilities in a way that may be insecure [ 29.858581][ T286] EXT4-fs (loop3): unmounting filesystem. [ 29.881566][ T24] r8152-cfgselector 1-1: Unknown version 0x0000 [ 29.892283][ T590] syz.3.98 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 29.943685][ T594] loop3: detected capacity change from 0 to 128 [ 29.959273][ T594] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 29.976807][ T594] ext4 filesystem being mounted at /22/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 30.027478][ T24] r8152-cfgselector 1-1: Unknown version 0x0000 [ 30.035926][ T24] r8152-cfgselector 1-1: USB disconnect, device number 2 [ 30.083071][ T286] EXT4-fs (loop3): unmounting filesystem. [ 30.348198][ T645] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=645 comm=syz.1.122 [ 30.391863][ T650] loop4: detected capacity change from 0 to 4096 [ 30.408944][ T650] EXT4-fs: Ignoring removed mblk_io_submit option [ 30.420378][ T650] EXT4-fs (loop4): Test dummy encryption mode enabled [ 30.428981][ T650] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.125: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 30.477780][ T650] EXT4-fs error (device loop4): ext4_quota_enable:7014: comm syz.4.125: Bad quota inode: 3, type: 0 [ 30.495481][ T650] EXT4-fs warning (device loop4): ext4_enable_quotas:7055: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 30.519477][ T650] EXT4-fs (loop4): mount failed [ 30.587277][ T668] loop1: detected capacity change from 0 to 512 [ 30.594018][ T668] EXT4-fs: Ignoring removed i_version option [ 30.598810][ T661] loop3: detected capacity change from 0 to 4096 [ 30.617234][ T668] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 30.629060][ T666] loop0: detected capacity change from 0 to 2048 [ 30.658961][ T666] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 30.669244][ T661] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 30.679346][ T284] EXT4-fs (loop1): unmounting filesystem. [ 30.694777][ T661] fs-verity: sha256 using implementation "sha256-avx2" [ 30.703640][ T283] EXT4-fs (loop0): unmounting filesystem. [ 30.734097][ T286] EXT4-fs (loop3): unmounting filesystem. [ 30.899746][ T704] loop4: detected capacity change from 0 to 512 [ 30.930790][ T704] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.146: casefold flag without casefold feature [ 30.949895][ T704] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.146: couldn't read orphan inode 15 (err -117) [ 30.962064][ T680] binder: 679:680 ioctl c0306201 200000001a80 returned -14 [ 30.970384][ T704] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 31.016899][ T716] loop3: detected capacity change from 0 to 512 [ 31.017761][ T704] syz.4.146 (pid 704) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 31.040668][ T716] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.150: casefold flag without casefold feature [ 31.058871][ T716] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.150: couldn't read orphan inode 15 (err -117) [ 31.077595][ T287] EXT4-fs (loop4): unmounting filesystem. [ 31.077977][ T716] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 31.130016][ T286] EXT4-fs (loop3): unmounting filesystem. [ 31.188825][ T730] loop3: detected capacity change from 0 to 8192 [ 31.232531][ T552] Bluetooth: hci0: command 0x1003 tx timeout [ 31.240564][ T474] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 31.306844][ T739] loop3: detected capacity change from 0 to 256 [ 31.313962][ T739] exfat: Deprecated parameter 'utf8' [ 31.319451][ T739] exfat: Unexpected value for 'utf8' [ 31.363439][ T747] loop2: detected capacity change from 0 to 1024 [ 31.380727][ T371] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 31.405473][ T747] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 31.461726][ T285] EXT4-fs (loop2): unmounting filesystem. [ 31.838483][ T818] loop2: detected capacity change from 0 to 4096 [ 31.872511][ T818] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 31.905791][ T285] EXT4-fs (loop2): unmounting filesystem. [ 32.061992][ T849] syz.1.209 (849) used greatest stack depth: 20944 bytes left [ 32.083382][ T857] netlink: 'syz.3.212': attribute type 6 has an invalid length. [ 32.126767][ T60] usb 1-1: new low-speed USB device number 3 using dummy_hcd [ 32.273457][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 32.327596][ T60] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 32.342173][ T60] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 32.353428][ T60] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 32.365775][ T60] usb 1-1: string descriptor 0 read error: -22 [ 32.372484][ T60] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 32.381977][ T60] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 32.392263][ T60] usb 1-1: 0:2 : does not exist [ 32.516573][ T24] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 32.556528][ T334] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 32.598088][ T760] usb 1-1: USB disconnect, device number 3 [ 32.697621][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 32.708686][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 32.719082][ T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 32.732061][ T24] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 32.741141][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 32.749999][ T334] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 32.763061][ T334] usb 5-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00 [ 32.763271][ T24] usb 4-1: config 0 descriptor?? [ 32.776614][ T334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 32.785886][ T334] usb 5-1: config 0 descriptor?? [ 32.846336][ T935] loop2: detected capacity change from 0 to 1024 [ 32.856247][ T935] EXT4-fs: Ignoring removed nomblk_io_submit option [ 32.863616][ T935] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 32.876045][ T935] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 32.884376][ T935] System zones: 0-1, 3-36 [ 32.890659][ T935] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 32.915105][ T285] EXT4-fs (loop2): unmounting filesystem. [ 33.187428][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.195647][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.198165][ T334] usbhid 5-1:0.0: can't add hid device: -71 [ 33.203573][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.209724][ T334] usbhid: probe of 5-1:0.0 failed with error -71 [ 33.217909][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.224845][ T334] usb 5-1: USB disconnect, device number 2 [ 33.232768][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.243679][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.251195][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.258700][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.266103][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.273529][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.281081][ T24] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 33.288746][ T24] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 33.309210][ T24] plantronics 0003:047F:FFFF.0003: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 33.477095][ T60] usb 4-1: USB disconnect, device number 3 [ 33.606465][ T291] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 33.786483][ T291] usb 1-1: Using ep0 maxpacket: 32 [ 33.792999][ T291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 33.804246][ T291] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 33.814363][ T291] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 33.824009][ T291] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 33.837009][ T291] usb 1-1: config 0 descriptor?? [ 33.925553][ T956] loop2: detected capacity change from 0 to 40427 [ 33.934318][ T956] F2FS-fs (loop2): heap/no_heap options were deprecated [ 33.941436][ T956] F2FS-fs (loop2): fault_type options not supported [ 33.948823][ T956] F2FS-fs (loop2): invalid crc value [ 33.968233][ T28] kauditd_printk_skb: 100 callbacks suppressed [ 33.968249][ T28] audit: type=1400 audit(1759176300.075:256): avc: denied { ioctl } for pid=960 comm="syz.4.259" path="socket:[19492]" dev="sockfs" ino=19492 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 34.006532][ T956] F2FS-fs (loop2): Found nat_bits in checkpoint [ 34.055272][ T956] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 34.085740][ T28] audit: type=1400 audit(1759176300.185:257): avc: denied { setopt } for pid=971 comm="syz.3.264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 34.110810][ T970] loop4: detected capacity change from 0 to 1024 [ 34.127761][ T970] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 34.144037][ T970] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 34.155129][ T970] JBD2: no valid journal superblock found [ 34.161254][ T970] EXT4-fs (loop4): error loading journal [ 34.216301][ T28] audit: type=1400 audit(1759176300.315:258): avc: denied { create } for pid=969 comm="syz.4.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 34.241992][ T970] netlink: 8 bytes leftover after parsing attributes in process `syz.4.263'. [ 34.259799][ T291] savu 0003:1E7D:2D5A.0004: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0 [ 34.302069][ T28] audit: type=1400 audit(1759176300.345:259): avc: denied { write } for pid=969 comm="syz.4.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 34.323535][ T552] Bluetooth: hci0: command 0x1003 tx timeout [ 34.323583][ T474] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 34.336120][ T28] audit: type=1400 audit(1759176300.345:260): avc: denied { nlmsg_read } for pid=969 comm="syz.4.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 34.368319][ T28] audit: type=1400 audit(1759176300.475:261): avc: denied { nlmsg_write } for pid=979 comm="syz.4.267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 34.387642][ T980] netlink: 104 bytes leftover after parsing attributes in process `syz.4.267'. [ 34.393286][ T984] netlink: 12 bytes leftover after parsing attributes in process `syz.2.268'. [ 34.448824][ T28] audit: type=1400 audit(1759176300.555:262): avc: denied { setopt } for pid=989 comm="syz.4.272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 34.487008][ T994] loop1: detected capacity change from 0 to 512 [ 34.503029][ T28] audit: type=1400 audit(1759176300.585:263): avc: denied { write } for pid=989 comm="syz.4.272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 34.523575][ T28] audit: type=1400 audit(1759176300.605:264): avc: denied { bind } for pid=997 comm="syz.4.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 34.551454][ T994] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.275: casefold flag without casefold feature [ 34.564809][ T994] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.275: couldn't read orphan inode 15 (err -117) [ 34.578453][ T994] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 34.579183][ T291] usb 1-1: USB disconnect, device number 4 [ 34.594651][ T28] audit: type=1400 audit(1759176300.605:265): avc: denied { name_bind } for pid=997 comm="syz.4.276" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 34.677952][ T284] EXT4-fs (loop1): unmounting filesystem. [ 34.693739][ T1009] loop3: detected capacity change from 0 to 128 [ 34.703514][ T1009] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 34.730571][ T1009] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 34.828213][ T1022] syz.2.285[1022] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 34.828292][ T1022] syz.2.285[1022] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 34.895462][ T1030] tap0: tun_chr_ioctl cmd 1074812118 [ 35.116453][ T291] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 35.196494][ T760] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 35.276459][ T354] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 35.296452][ T291] usb 4-1: Using ep0 maxpacket: 32 [ 35.302762][ T291] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 35.322460][ T291] usb 4-1: New USB device found, idVendor=056a, idProduct=0027, bcdDevice= 0.00 [ 35.331632][ T291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 35.340335][ T291] usb 4-1: config 0 descriptor?? [ 35.376568][ T760] usb 2-1: Using ep0 maxpacket: 16 [ 35.389626][ T760] usb 2-1: config 0 interface 0 has no altsetting 0 [ 35.396324][ T760] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 35.408554][ T760] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 35.408947][ T1054] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000004 [ 35.417887][ T760] usb 2-1: config 0 descriptor?? [ 35.445050][ T1056] loop4: detected capacity change from 0 to 256 [ 35.453237][ T1056] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 35.464163][ T1056] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 35.474159][ T354] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 35.491613][ T354] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 35.505739][ T1056] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 35.517928][ T354] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 35.528136][ T354] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 35.537274][ T354] usb 3-1: config 0 descriptor?? [ 35.593647][ T1064] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 35.721612][ T1069] loop0: detected capacity change from 0 to 8192 [ 35.759349][ T291] wacom 0003:056A:0027.0005: unknown main item tag 0x0 [ 35.776638][ T291] wacom 0003:056A:0027.0005: unknown main item tag 0x0 [ 35.783578][ T291] wacom 0003:056A:0027.0005: unknown main item tag 0x0 [ 35.798050][ T291] wacom 0003:056A:0027.0005: Unknown device_type for 'HID 056a:0027'. Assuming pen. [ 35.817459][ T291] wacom 0003:056A:0027.0005: hidraw0: USB HID v0.00 Device [HID 056a:0027] on usb-dummy_hcd.3-1/input0 [ 35.833675][ T760] hid (null): nested delimiters [ 35.838773][ T760] hid (null): report_id 42461 is invalid [ 35.847116][ T291] input: Wacom Intuos5 touch M Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0027.0005/input/input8 [ 35.951736][ T354] hid-steam 0003:28DE:1142.0007: hidraw1: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0 [ 35.981272][ T1075] loop4: detected capacity change from 0 to 512 [ 35.988518][ T760] usb 4-1: USB disconnect, device number 4 [ 35.995454][ T1075] EXT4-fs: Ignoring removed oldalloc option [ 36.012248][ T1075] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 36.039142][ T1075] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 36.053568][ T354] usb 2-1: USB disconnect, device number 3 [ 36.056650][ T1075] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 36.072360][ T1075] EXT4-fs (loop4): 1 truncate cleaned up [ 36.078672][ T1075] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 36.130585][ T287] EXT4-fs (loop4): unmounting filesystem. [ 36.159988][ T60] usb 3-1: USB disconnect, device number 2 [ 36.170366][ T1085] loop4: detected capacity change from 0 to 256 [ 36.179739][ T1085] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 36.360340][ T1078] syz.0.310 (1078) used greatest stack depth: 20896 bytes left [ 36.373936][ T1093] netlink: 96 bytes leftover after parsing attributes in process `syz.0.316'. [ 36.526488][ T760] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 36.706460][ T760] usb 5-1: Using ep0 maxpacket: 16 [ 36.717752][ T760] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 36.729491][ T760] usb 5-1: config 0 has no interfaces? [ 36.735268][ T760] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 36.751411][ T760] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 36.766693][ T760] usb 5-1: config 0 descriptor?? [ 36.786205][ T1130] loop3: detected capacity change from 0 to 512 [ 36.793082][ T1130] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 36.866253][ T1138] serio: Serial port ptm0 [ 36.956508][ T60] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 37.136446][ T60] usb 3-1: Using ep0 maxpacket: 32 [ 37.142750][ T60] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 37.151060][ T60] usb 3-1: config 0 has no interface number 0 [ 37.158778][ T60] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 37.167979][ T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 37.175982][ T60] usb 3-1: Product: syz [ 37.176430][ T1091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 37.180285][ T60] usb 3-1: Manufacturer: syz [ 37.191285][ T1091] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 37.193356][ T60] usb 3-1: SerialNumber: syz [ 37.206877][ T60] usb 3-1: config 0 descriptor?? [ 37.211969][ T760] usb 5-1: USB disconnect, device number 3 [ 37.212857][ T60] smsc95xx v2.0.0 [ 37.614585][ T60] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 37.635763][ T60] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 37.723233][ T1169] loop3: detected capacity change from 0 to 1024 [ 37.744541][ T1169] EXT4-fs: Ignoring removed orlov option [ 37.761849][ T1175] loop4: detected capacity change from 0 to 1024 [ 37.774441][ T1175] EXT4-fs: Ignoring removed oldalloc option [ 37.783237][ T1175] EXT4-fs: Ignoring removed bh option [ 37.789719][ T1169] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 37.813962][ T1175] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 37.850148][ T1175] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 37.913343][ T1189] loop1: detected capacity change from 0 to 512 [ 37.925536][ T287] EXT4-fs (loop4): unmounting filesystem. [ 37.934261][ T1189] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.358: casefold flag without casefold feature [ 37.948677][ T1189] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.358: couldn't read orphan inode 15 (err -117) [ 37.961180][ T1189] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 37.990928][ T1189] EXT4-fs (loop1): unmounting filesystem. [ 38.015530][ T286] EXT4-fs (loop3): unmounting filesystem. [ 38.047299][ T60] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 38.054823][ T1200] SELinux: truncated policydb string identifier [ 38.070748][ T60] smsc95xx: probe of 3-1:0.67 failed with error -71 [ 38.078047][ T1200] SELinux: failed to load policy [ 38.093337][ T60] usb 3-1: USB disconnect, device number 3 [ 38.111678][ T1206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.365'. [ 38.145138][ T1209] loop3: detected capacity change from 0 to 512 [ 38.180605][ T1209] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 38.204735][ T1209] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 38.226924][ T286] EXT4-fs (loop3): unmounting filesystem. [ 38.306671][ T39] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 38.420873][ T1229] loop4: detected capacity change from 0 to 40427 [ 38.430604][ T1229] F2FS-fs (loop4): fault_injection options not supported [ 38.437775][ T1229] F2FS-fs (loop4): Image doesn't support compression [ 38.444681][ T1229] F2FS-fs (loop4): Image doesn't support compression [ 38.452243][ T1229] F2FS-fs (loop4): invalid crc value [ 38.458904][ T1229] F2FS-fs (loop4): Found nat_bits in checkpoint [ 38.490979][ T1229] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 38.498638][ T39] usb 2-1: Using ep0 maxpacket: 8 [ 38.517410][ T39] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 38.528248][ T39] usb 2-1: config 0 has no interfaces? [ 38.533757][ T39] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 38.543099][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.556720][ T39] usb 2-1: config 0 descriptor?? [ 38.566448][ T334] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 38.594732][ T1238] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=1238 comm=syz.0.388 [ 38.679088][ T1229] syz.4.375: attempt to access beyond end of device [ 38.679088][ T1229] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 38.757622][ T334] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30 [ 38.767712][ T24] usb 2-1: USB disconnect, device number 4 [ 38.768787][ T334] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 38.785171][ T334] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 33 [ 38.804954][ T334] usb 4-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00 [ 38.814268][ T334] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.841483][ T334] usb 4-1: config 0 descriptor?? [ 38.856602][ T1227] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 38.897633][ T1251] loop4: detected capacity change from 0 to 128 [ 38.904660][ T1251] FAT-fs (loop4): bogus sectors per cluster 0 [ 38.910907][ T1251] FAT-fs (loop4): Can't find a valid FAT filesystem [ 38.945244][ T1254] input: syz1 as /devices/virtual/input/input12 [ 38.951673][ T1254] input: failed to attach handler leds to device input12, error: -6 [ 38.993313][ T1258] loop4: detected capacity change from 0 to 512 [ 39.008235][ T1258] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 39.030936][ T287] EXT4-fs (loop4): unmounting filesystem. [ 39.270349][ T334] hid (null): report_id 675303578 is invalid [ 39.277562][ T334] uclogic 0003:5543:0005.0008: report_id 675303578 is invalid [ 39.285122][ T334] uclogic 0003:5543:0005.0008: item 0 4 1 8 parsing failed [ 39.293014][ T334] uclogic 0003:5543:0005.0008: parse failed [ 39.299112][ T334] uclogic: probe of 0003:5543:0005.0008 failed with error -22 [ 39.316490][ T24] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 39.363069][ T1268] loop1: detected capacity change from 0 to 128 [ 39.377545][ T1268] FAT-fs (loop1): error, invalid FAT chain (i_pos 548, last_block 8) [ 39.385933][ T1268] FAT-fs (loop1): Filesystem has been set read-only [ 39.480939][ T334] usb 4-1: USB disconnect, device number 5 [ 39.494766][ T28] kauditd_printk_skb: 31 callbacks suppressed [ 39.494777][ T28] audit: type=1400 audit(1759176305.595:297): avc: denied { bind } for pid=1278 comm="syz.0.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 39.497593][ T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 39.531092][ T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 39.542410][ T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 39.551691][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 39.561167][ T24] usb 5-1: Product: syz [ 39.566266][ T24] usb 5-1: Manufacturer: syz [ 39.571131][ T24] usb 5-1: SerialNumber: syz [ 39.650703][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 39.778675][ T24] usb 5-1: 0:2 : does not exist [ 39.785509][ T24] usb 5-1: 5:0: failed to get current value for ch 0 (-22) [ 39.796824][ T24] usb 5-1: USB disconnect, device number 4 [ 40.002857][ T371] udevd[371]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 40.018634][ T334] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 40.206453][ T334] usb 3-1: Using ep0 maxpacket: 16 [ 40.212572][ T28] audit: type=1400 audit(1759176306.315:298): avc: denied { mounton } for pid=1308 comm="syz.3.408" path="/95/file0" dev="tmpfs" ino=509 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 40.213028][ T1309] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 40.237319][ T334] usb 3-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb [ 40.244806][ T1309] FAT-fs (loop7): unable to read boot sector [ 40.254320][ T334] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 40.268084][ T334] usb 3-1: Product: syz [ 40.272329][ T334] usb 3-1: Manufacturer: syz [ 40.287878][ T334] usb 3-1: SerialNumber: syz [ 40.326348][ T1313] loop4: detected capacity change from 0 to 2048 [ 40.342188][ T1313] EXT4-fs: Ignoring removed nobh option [ 40.354326][ T1317] loop3: detected capacity change from 0 to 512 [ 40.364296][ T1317] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 40.379596][ T1313] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 40.405147][ T1313] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.441270][ T28] audit: type=1400 audit(1759176306.535:299): avc: denied { append } for pid=1312 comm="syz.4.410" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 40.479585][ T287] EXT4-fs (loop4): unmounting filesystem. [ 40.549320][ T1330] SELinux: failed to load policy [ 40.718620][ T1328] loop4: detected capacity change from 0 to 40427 [ 40.731869][ T1328] F2FS-fs (loop4): invalid crc value [ 40.744561][ T1328] F2FS-fs (loop4): Found nat_bits in checkpoint [ 40.792163][ T1328] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 40.848943][ T1355] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 40.866590][ T24] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 40.902384][ T334] snd-usb-audio: probe of 3-1:222.0 failed with error -2 [ 40.921711][ T287] syz-executor: attempt to access beyond end of device [ 40.921711][ T287] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 40.925886][ T371] udevd[371]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:222.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 41.056499][ T24] usb 2-1: Using ep0 maxpacket: 32 [ 41.064556][ T24] usb 2-1: config 0 has an invalid interface number: 42 but max is 0 [ 41.073316][ T24] usb 2-1: config 0 has no interface number 0 [ 41.079588][ T24] usb 2-1: config 0 interface 42 has no altsetting 0 [ 41.105325][ T24] usb 2-1: New USB device found, idVendor=1b3d, idProduct=9313, bcdDevice=e0.d0 [ 41.114525][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 41.122631][ T24] usb 2-1: Product: syz [ 41.126906][ T24] usb 2-1: Manufacturer: syz [ 41.127305][ T334] usb 3-1: USB disconnect, device number 4 [ 41.131513][ T24] usb 2-1: SerialNumber: syz [ 41.144853][ T24] usb 2-1: config 0 descriptor?? [ 41.155005][ T24] ftdi_sio 2-1:0.42: FTDI USB Serial Device converter detected [ 41.163214][ T24] ftdi_sio ttyUSB0: unknown device type: 0xe0d0 [ 41.192623][ T1370] loop4: detected capacity change from 0 to 1024 [ 41.199549][ T1370] EXT4-fs: Ignoring removed nobh option [ 41.208118][ T1370] EXT4-fs: Ignoring removed bh option [ 41.213566][ T1370] EXT4-fs: Ignoring removed i_version option [ 41.231221][ T1370] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 41.247963][ T1370] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 41.279013][ T287] EXT4-fs (loop4): unmounting filesystem. [ 41.310617][ T1376] loop4: detected capacity change from 0 to 2048 [ 41.347951][ T1376] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 41.386530][ T1372] loop3: detected capacity change from 0 to 40427 [ 41.394373][ T1372] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 41.395178][ T287] EXT4-fs (loop4): unmounting filesystem. [ 41.402174][ T1372] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 41.416738][ T1372] F2FS-fs (loop3): invalid crc value [ 41.425454][ T1372] F2FS-fs (loop3): Found nat_bits in checkpoint [ 41.472567][ T1372] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 41.480056][ T1372] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 41.530748][ T28] audit: type=1400 audit(1759176307.635:300): avc: denied { rename } for pid=1371 comm="syz.3.434" name="file0" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 41.553757][ T286] syz-executor: attempt to access beyond end of device [ 41.553757][ T286] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 41.628395][ T1394] loop4: detected capacity change from 0 to 256 [ 41.635175][ T1394] exfat: Deprecated parameter 'namecase' [ 41.641373][ T1394] exfat: Deprecated parameter 'utf8' [ 41.662485][ T1394] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x22785e93, utbl_chksum : 0xe619d30d) [ 41.676661][ T552] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 41.676749][ T474] Bluetooth: hci0: command 0x1003 tx timeout [ 41.693603][ T1289] Bluetooth: hci0: Opcode 0x080f failed: -4 [ 41.788696][ T1408] loop2: detected capacity change from 0 to 512 [ 41.793444][ T1405] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 41.808561][ T1408] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 41.826130][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 41.841028][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 41.849757][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 41.858410][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 41.872311][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 41.880771][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 41.890749][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 41.899221][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 41.900142][ T285] EXT4-fs (loop2): unmounting filesystem. [ 41.928439][ T1416] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 41.941736][ T1416] FAT-fs (loop5): unable to read boot sector [ 41.992296][ T1427] loop0: detected capacity change from 0 to 512 [ 42.003788][ T1427] EXT4-fs: quotafile must be on filesystem root [ 42.021501][ T1432] loop2: detected capacity change from 0 to 256 [ 42.051407][ T1432] FAT-fs (loop2): Directory bread(block 64) failed [ 42.060310][ T1432] FAT-fs (loop2): Directory bread(block 65) failed [ 42.067002][ T1432] FAT-fs (loop2): Directory bread(block 66) failed [ 42.074271][ T1432] FAT-fs (loop2): Directory bread(block 67) failed [ 42.081079][ T1432] FAT-fs (loop2): Directory bread(block 68) failed [ 42.088009][ T1432] FAT-fs (loop2): Directory bread(block 69) failed [ 42.094606][ T1432] FAT-fs (loop2): Directory bread(block 70) failed [ 42.101261][ T1432] FAT-fs (loop2): Directory bread(block 71) failed [ 42.108140][ T1432] FAT-fs (loop2): Directory bread(block 72) failed [ 42.115423][ T1432] FAT-fs (loop2): Directory bread(block 73) failed [ 42.240597][ T1451] loop3: detected capacity change from 0 to 1024 [ 42.256892][ T1451] EXT4-fs: Ignoring removed nomblk_io_submit option [ 42.267893][ T28] audit: type=1400 audit(1759176308.375:301): avc: denied { map } for pid=1452 comm="syz.0.465" path="socket:[20790]" dev="sockfs" ino=20790 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 42.301954][ T1451] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 42.308340][ T28] audit: type=1400 audit(1759176308.375:302): avc: denied { read } for pid=1452 comm="syz.0.465" path="socket:[20790]" dev="sockfs" ino=20790 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 42.340487][ T1451] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 42.353156][ T28] audit: type=1400 audit(1759176308.455:303): avc: denied { create } for pid=1458 comm="syz.4.467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 42.358193][ T1451] System zones: [ 42.374110][ T28] audit: type=1400 audit(1759176308.455:304): avc: denied { sys_admin } for pid=1458 comm="syz.4.467" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 42.398964][ T1451] 0-1, 3-36 [ 42.406277][ T1451] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 42.488065][ T286] EXT4-fs (loop3): unmounting filesystem. [ 42.528556][ T1474] loop4: detected capacity change from 0 to 512 [ 42.543020][ T1474] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.473: casefold flag without casefold feature [ 42.580177][ T1474] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.473: couldn't read orphan inode 15 (err -117) [ 42.618380][ T1474] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 42.645941][ T287] EXT4-fs (loop4): unmounting filesystem. [ 42.662269][ T28] audit: type=1400 audit(1759176308.765:305): avc: denied { set_context_mgr } for pid=1488 comm="syz.0.481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 42.663187][ T1489] binder: 1488:1489 ioctl c0306201 2000000003c0 returned -14 [ 42.729872][ T1495] ================================================================== [ 42.737996][ T1495] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480 [ 42.745079][ T1495] Write of size 8 at addr ffff88810e16ca00 by task syz.2.484/1495 [ 42.752933][ T1495] [ 42.755280][ T1495] CPU: 0 PID: 1495 Comm: syz.2.484 Not tainted syzkaller #0 [ 42.756468][ T1491] loop3: detected capacity change from 0 to 8192 [ 42.762582][ T1495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 42.762613][ T1495] Call Trace: [ 42.762622][ T1495] [ 42.785237][ T1495] __dump_stack+0x21/0x24 [ 42.789586][ T1495] dump_stack_lvl+0xee/0x150 [ 42.794193][ T1495] ? __cfi_dump_stack_lvl+0x8/0x8 [ 42.799237][ T1495] ? enqueue_timer+0xae/0x480 [ 42.803928][ T1495] print_address_description+0x71/0x200 [ 42.809494][ T1495] print_report+0x4a/0x60 [ 42.813843][ T1495] kasan_report+0x122/0x150 [ 42.818356][ T1495] ? enqueue_timer+0xae/0x480 [ 42.823062][ T1495] __asan_report_store8_noabort+0x17/0x20 [ 42.828799][ T1495] enqueue_timer+0xae/0x480 [ 42.833312][ T1495] __mod_timer+0x79f/0xb30 [ 42.837731][ T1495] ? __kasan_check_write+0x14/0x20 [ 42.842848][ T1495] add_timer+0x68/0x80 [ 42.846920][ T1495] __queue_delayed_work+0x173/0x200 [ 42.852126][ T1495] mod_delayed_work_on+0x74/0xe0 [ 42.857085][ T1495] cgroup_pidlist_stop+0xa0/0x100 [ 42.862115][ T1495] ? __cfi_cgroup_pidlist_stop+0x10/0x10 [ 42.867848][ T1495] cgroup_seqfile_stop+0xb9/0xd0 [ 42.872796][ T1495] ? __cfi_cgroup_seqfile_stop+0x10/0x10 [ 42.878434][ T1495] kernfs_seq_stop+0xe0/0x130 [ 42.883123][ T1495] seq_read_iter+0xb7d/0xdd0 [ 42.887724][ T1495] kernfs_fop_read_iter+0x147/0x480 [ 42.892940][ T1495] ? iov_iter_pipe+0x102/0x270 [ 42.897719][ T1495] generic_file_splice_read+0x1b6/0x500 [ 42.903293][ T1495] ? __cfi_generic_file_splice_read+0x10/0x10 [ 42.909382][ T1495] ? __kasan_check_read+0x11/0x20 [ 42.914418][ T1495] ? fsnotify_perm+0x269/0x5b0 [ 42.919546][ T1495] ? security_file_permission+0x94/0xb0 [ 42.925119][ T1495] ? rw_verify_area+0xa7/0x1c0 [ 42.929951][ T1495] splice_direct_to_actor+0x3c5/0xb10 [ 42.935363][ T1495] ? __cfi_direct_splice_actor+0x10/0x10 [ 42.941240][ T1495] ? __cfi_splice_direct_to_actor+0x10/0x10 [ 42.947776][ T1495] ? security_file_permission+0x94/0xb0 [ 42.953470][ T1495] ? rw_verify_area+0xa7/0x1c0 [ 42.958282][ T1495] do_splice_direct+0x1b3/0x2c0 [ 42.963160][ T1495] ? avc_policy_seqno+0x1b/0x70 [ 42.968249][ T1495] ? __cfi_do_splice_direct+0x10/0x10 [ 42.973906][ T1495] ? security_file_permission+0x94/0xb0 [ 42.979476][ T1495] do_sendfile+0x5c6/0xeb0 [ 42.983906][ T1495] ? do_preadv+0x330/0x330 [ 42.988329][ T1495] ? __se_sys_futex+0x273/0x2e0 [ 42.993198][ T1495] __x64_sys_sendfile64+0x18f/0x1f0 [ 42.998434][ T1495] ? __cfi___x64_sys_sendfile64+0x10/0x10 [ 43.004199][ T1495] ? fpregs_restore_userregs+0x128/0x260 [ 43.009856][ T1495] ? switch_fpu_return+0xe/0x10 [ 43.014721][ T1495] x64_sys_call+0x62c/0x9a0 [ 43.019325][ T1495] do_syscall_64+0x4c/0xa0 [ 43.023753][ T1495] ? clear_bhb_loop+0x30/0x80 [ 43.028450][ T1495] ? clear_bhb_loop+0x30/0x80 [ 43.033141][ T1495] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 43.039067][ T1495] RIP: 0033:0x7fac18b8eec9 [ 43.043501][ T1495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 43.063119][ T1495] RSP: 002b:00007fac199e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 43.071566][ T1495] RAX: ffffffffffffffda RBX: 00007fac18de5fa0 RCX: 00007fac18b8eec9 [ 43.079561][ T1495] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 43.087541][ T1495] RBP: 00007fac18c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 43.095517][ T1495] R10: 000000000000003a R11: 0000000000000246 R12: 0000000000000000 [ 43.103581][ T1495] R13: 00007fac18de6038 R14: 00007fac18de5fa0 R15: 00007ffe674c4568 [ 43.111678][ T1495] [ 43.114724][ T1495] [ 43.117049][ T1495] Allocated by task 1289: [ 43.121372][ T1495] kasan_set_track+0x4b/0x70 [ 43.125972][ T1495] kasan_save_alloc_info+0x25/0x30 [ 43.131095][ T1495] __kasan_kmalloc+0x95/0xb0 [ 43.135701][ T1495] __kmalloc+0xb1/0x1e0 [ 43.139869][ T1495] hci_alloc_dev_priv+0x27/0x1bd0 [ 43.144898][ T1495] hci_uart_tty_ioctl+0x3d6/0xa20 [ 43.150047][ T1495] tty_ioctl+0x8ef/0xc60 [ 43.154322][ T1495] __se_sys_ioctl+0x12f/0x1b0 [ 43.159023][ T1495] __x64_sys_ioctl+0x7b/0x90 [ 43.163709][ T1495] x64_sys_call+0x58b/0x9a0 [ 43.168237][ T1495] do_syscall_64+0x4c/0xa0 [ 43.172658][ T1495] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 43.178578][ T1495] [ 43.180899][ T1495] Freed by task 1289: [ 43.184877][ T1495] kasan_set_track+0x4b/0x70 [ 43.189473][ T1495] kasan_save_free_info+0x31/0x50 [ 43.194519][ T1495] ____kasan_slab_free+0x132/0x180 [ 43.199705][ T1495] __kasan_slab_free+0x11/0x20 [ 43.204482][ T1495] slab_free_freelist_hook+0xc2/0x190 [ 43.210646][ T1495] __kmem_cache_free+0xb7/0x1b0 [ 43.215523][ T1495] kfree+0x6f/0xf0 [ 43.219274][ T1495] hci_release_dev+0x12a3/0x13b0 [ 43.224649][ T1495] bt_host_release+0x82/0x90 [ 43.229333][ T1495] device_release+0xa4/0x1d0 [ 43.233924][ T1495] kobject_put+0x19d/0x280 [ 43.238343][ T1495] put_device+0x1f/0x30 [ 43.242604][ T1495] hci_dev_cmd+0x265/0x720 [ 43.247034][ T1495] hci_sock_ioctl+0x41e/0x7f0 [ 43.251718][ T1495] sock_do_ioctl+0x101/0x310 [ 43.256402][ T1495] sock_ioctl+0x4d8/0x6e0 [ 43.260747][ T1495] __se_sys_ioctl+0x12f/0x1b0 [ 43.265438][ T1495] __x64_sys_ioctl+0x7b/0x90 [ 43.270059][ T1495] x64_sys_call+0x58b/0x9a0 [ 43.274573][ T1495] do_syscall_64+0x4c/0xa0 [ 43.278998][ T1495] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 43.284900][ T1495] [ 43.287699][ T1495] Last potentially related work creation: [ 43.294810][ T1495] kasan_save_stack+0x3a/0x60 [ 43.299519][ T1495] __kasan_record_aux_stack+0xb6/0xc0 [ 43.304915][ T1495] kasan_record_aux_stack_noalloc+0xb/0x10 [ 43.310738][ T1495] insert_work+0x51/0x300 [ 43.315172][ T1495] __queue_work+0x9b1/0xd30 [ 43.319690][ T1495] queue_work_on+0xd2/0x140 [ 43.324203][ T1495] __hci_cmd_sync_sk+0xa3e/0xcf0 [ 43.329152][ T1495] hci_cmd_sync_status+0x53/0x120 [ 43.334180][ T1495] hci_dev_cmd+0x628/0x720 [ 43.338614][ T1495] hci_sock_ioctl+0x41e/0x7f0 [ 43.343328][ T1495] sock_do_ioctl+0x101/0x310 [ 43.347925][ T1495] sock_ioctl+0x4d8/0x6e0 [ 43.352260][ T1495] __se_sys_ioctl+0x12f/0x1b0 [ 43.356939][ T1495] __x64_sys_ioctl+0x7b/0x90 [ 43.361528][ T1495] x64_sys_call+0x58b/0x9a0 [ 43.366037][ T1495] do_syscall_64+0x4c/0xa0 [ 43.370456][ T1495] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 43.376356][ T1495] [ 43.378684][ T1495] Second to last potentially related work creation: [ 43.385264][ T1495] kasan_save_stack+0x3a/0x60 [ 43.389953][ T1495] __kasan_record_aux_stack+0xb6/0xc0 [ 43.395334][ T1495] kasan_record_aux_stack_noalloc+0xb/0x10 [ 43.401146][ T1495] insert_work+0x51/0x300 [ 43.405482][ T1495] __queue_work+0x9b1/0xd30 [ 43.409990][ T1495] queue_work_on+0xd2/0x140 [ 43.414499][ T1495] hci_cmd_timeout+0x191/0x200 [ 43.419266][ T1495] process_one_work+0x71f/0xc40 [ 43.424139][ T1495] worker_thread+0xa29/0x11f0 [ 43.428818][ T1495] kthread+0x281/0x320 [ 43.432892][ T1495] ret_from_fork+0x1f/0x30 [ 43.437320][ T1495] [ 43.439650][ T1495] The buggy address belongs to the object at ffff88810e16c000 [ 43.439650][ T1495] which belongs to the cache kmalloc-8k of size 8192 [ 43.453710][ T1495] The buggy address is located 2560 bytes inside of [ 43.453710][ T1495] 8192-byte region [ffff88810e16c000, ffff88810e16e000) [ 43.467168][ T1495] [ 43.469527][ T1495] The buggy address belongs to the physical page: [ 43.475935][ T1495] page:ffffea0004385a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10e168 [ 43.486197][ T1495] head:ffffea0004385a00 order:3 compound_mapcount:0 compound_pincount:0 [ 43.494514][ T1495] flags: 0x4000000000010200(slab|head|zone=1) [ 43.500620][ T1495] raw: 4000000000010200 ffffea0004547a00 dead000000000002 ffff888100043500 [ 43.509210][ T1495] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000 [ 43.517785][ T1495] page dumped because: kasan: bad access detected [ 43.524199][ T1495] page_owner tracks the page as allocated [ 43.529993][ T1495] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 285, tgid 285 (syz-executor), ts 26030115777, free_ts 26005721603 [ 43.550485][ T1495] post_alloc_hook+0x1f5/0x210 [ 43.555257][ T1495] prep_new_page+0x1c/0x110 [ 43.559849][ T1495] get_page_from_freelist+0x2c7b/0x2cf0 [ 43.565397][ T1495] __alloc_pages+0x1c3/0x450 [ 43.569997][ T1495] alloc_slab_page+0x6e/0xf0 [ 43.574601][ T1495] new_slab+0x98/0x3d0 [ 43.578674][ T1495] ___slab_alloc+0x6bd/0xb20 [ 43.583267][ T1495] __slab_alloc+0x5e/0xa0 [ 43.587616][ T1495] __kmem_cache_alloc_node+0x203/0x2c0 [ 43.593078][ T1495] kmalloc_trace+0x29/0xb0 [ 43.597512][ T1495] audit_log_d_path+0xc6/0x240 [ 43.602392][ T1495] common_lsm_audit+0x8f8/0x16d0 [ 43.607351][ T1495] slow_avc_audit+0x1ac/0x220 [ 43.612065][ T1495] avc_has_extended_perms+0x8d3/0xdc0 [ 43.617452][ T1495] ioctl_has_perm+0x391/0x4c0 [ 43.622133][ T1495] selinux_file_ioctl+0x377/0x480 [ 43.627175][ T1495] page last free stack trace: [ 43.631842][ T1495] free_unref_page_prepare+0x742/0x750 [ 43.637308][ T1495] free_unref_page+0x8f/0x530 [ 43.641993][ T1495] __free_pages+0x67/0x100 [ 43.646410][ T1495] __free_slab+0xca/0x1a0 [ 43.650749][ T1495] __unfreeze_partials+0x160/0x190 [ 43.655959][ T1495] put_cpu_partial+0xa9/0x100 [ 43.660641][ T1495] __slab_free+0x1c4/0x280 [ 43.665074][ T1495] ___cache_free+0xbf/0xd0 [ 43.669582][ T1495] qlist_free_all+0xc6/0x140 [ 43.674172][ T1495] kasan_quarantine_reduce+0x14a/0x170 [ 43.679633][ T1495] __kasan_slab_alloc+0x24/0x80 [ 43.684513][ T1495] slab_post_alloc_hook+0x4f/0x2d0 [ 43.689722][ T1495] kmem_cache_alloc+0x16e/0x330 [ 43.694580][ T1495] getname_kernel+0x59/0x2e0 [ 43.699344][ T1495] kern_path+0x24/0x1b0 [ 43.703503][ T1495] do_loopback+0xc1/0x500 [ 43.707841][ T1495] [ 43.710165][ T1495] Memory state around the buggy address: [ 43.716047][ T1495] ffff88810e16c900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 43.724105][ T1495] ffff88810e16c980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 43.732169][ T1495] >ffff88810e16ca00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 43.740234][ T1495] ^ [ 43.744319][ T1495] ffff88810e16ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 43.752382][ T1495] ffff88810e16cb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 43.760440][ T1495] ================================================================== [ 43.768694][ T1495] Disabling lock debugging due to kernel taint [ 43.775237][ C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 43.786979][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 43.795413][ C0] CPU: 0 PID: 1495 Comm: syz.2.484 Tainted: G B syzkaller #0 [ 43.804192][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 43.814302][ C0] RIP: 0010:__queue_work+0x575/0xd30 [ 43.819649][ C0] Code: 39 2b 0f 84 b9 00 00 00 e8 88 dc 28 00 4c 89 ff e8 70 db ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 2c 4b 6d 00 49 8b 7d 00 e8 53 d7 [ 43.839449][ C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046 [ 43.844572][ T28] audit: type=1400 audit(1759176309.935:306): avc: denied { read } for pid=85 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 43.845568][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88811a74e540 [ 43.845586][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 43.845601][ C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007 [ 43.891490][ C0] R10: ffffed1021c2d939 R11: 1ffff11021c2d939 R12: dffffc0000000000 [ 43.891625][ T24] usb 2-1: USB disconnect, device number 5 [ 43.899478][ C0] R13: 0000000000000000 R14: ffff88810e16c9c8 R15: 0000000000000008 [ 43.899496][ C0] FS: 00007fac199e66c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 43.899514][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.899528][ C0] CR2: 0000001b2ea1fff8 CR3: 0000000131549000 CR4: 00000000003506b0 [ 43.899545][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.899558][ C0] DR3: 000000000000e58e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 43.912404][ T24] ftdi_sio 2-1:0.42: device disconnected [ 43.913332][ C0] Call Trace: [ 43.913341][ C0] [ 43.913353][ C0] delayed_work_timer_fn+0x61/0x80 [ 43.969917][ C0] ? __cfi_delayed_work_timer_fn+0x10/0x10 [ 43.975768][ C0] call_timer_fn+0x46/0x2a0 [ 43.980309][ C0] ? __cfi_delayed_work_timer_fn+0x10/0x10 [ 43.986155][ C0] __run_timers+0x667/0x9a0 [ 43.990695][ C0] ? calc_index+0x200/0x200 [ 43.995235][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 44.000468][ C0] run_timer_softirq+0x6a/0xf0 [ 44.005267][ C0] handle_softirqs+0x1d7/0x600 [ 44.010061][ C0] ? irqtime_account_irq+0xc4/0x240 [ 44.015294][ C0] __irq_exit_rcu+0x52/0xf0 [ 44.019813][ C0] irq_exit_rcu+0x9/0x10 [ 44.024077][ C0] sysvec_apic_timer_interrupt+0xa9/0xc0 [ 44.029741][ C0] [ 44.032689][ C0] [ 44.035631][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 44.041650][ C0] RIP: 0010:preempt_schedule_irq+0x96/0x110 [ 44.047662][ C0] Code: 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 74 0b 0f 0b 48 f7 03 08 00 00 00 74 4d bf 01 00 00 00 e8 00 f4 58 fc fb bf 01 00 00 00 55 e5 ff ff fa bf 01 00 00 00 e8 aa f5 58 fc 65 48 8b 1d 82 af [ 44.067724][ C0] RSP: 0018:ffffc9000ed27560 EFLAGS: 00000246 [ 44.073820][ C0] RAX: 1ffff110234e9e01 RBX: ffffc9000ed27628 RCX: ffffffff87972100 [ 44.081819][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 44.089814][ C0] RBP: ffffc9000ed275d8 R08: dffffc0000000000 R09: ffffed10234e9ca9 [ 44.097812][ C0] R10: ffffed10234e9ca9 R11: 1ffff110234e9ca8 R12: 0000000000000000 [ 44.105806][ C0] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff92001da4eac [ 44.113809][ C0] ? __cfi_preempt_schedule_irq+0x10/0x10 [ 44.119643][ C0] ? _raw_spin_unlock_irqrestore+0x5a/0x80 [ 44.125483][ C0] raw_irqentry_exit_cond_resched+0x29/0x30 [ 44.131399][ C0] irqentry_exit+0x37/0x40 [ 44.135876][ C0] sysvec_reschedule_ipi+0x78/0x80 [ 44.141012][ C0] asm_sysvec_reschedule_ipi+0x1b/0x20 [ 44.146492][ C0] RIP: 0010:mod_delayed_work_on+0xa1/0xe0 [ 44.152235][ C0] Code: c8 4c 89 f6 48 81 e6 00 02 00 00 31 ff e8 27 d3 28 00 49 81 e6 00 02 00 00 75 07 e8 59 ce 28 00 eb 06 e8 52 ce 28 00 fb 31 ff <89> de e8 68 d2 28 00 85 db 0f 95 c0 65 48 8b 0c 25 28 00 00 00 48 [ 44.171854][ C0] RSP: 0018:ffffc9000ed276d0 EFLAGS: 00000246 [ 44.177944][ C0] RAX: ffffffff81474fae RBX: 0000000000000000 RCX: 0000000000080000 [ 44.185935][ C0] RDX: ffffc900022cd000 RSI: 000000000007ffff RDI: 0000000000000000 [ 44.193917][ C0] RBP: ffffc9000ed27710 R08: dffffc0000000000 R09: ffffed103ee04f8f [ 44.201889][ C0] R10: ffffed103ee04f8f R11: 1ffff1103ee04f8e R12: ffff888100199800 [ 44.209871][ C0] R13: 0000000000000008 R14: 0000000000000200 R15: ffff8881163a1138 [ 44.217869][ C0] ? mod_delayed_work_on+0x9e/0xe0 [ 44.223038][ C0] cgroup_pidlist_stop+0xa0/0x100 [ 44.228063][ C0] ? __cfi_cgroup_pidlist_stop+0x10/0x10 [ 44.233698][ C0] cgroup_seqfile_stop+0xb9/0xd0 [ 44.238746][ C0] ? __cfi_cgroup_seqfile_stop+0x10/0x10 [ 44.244381][ C0] kernfs_seq_stop+0xe0/0x130 [ 44.249165][ C0] seq_read_iter+0xb7d/0xdd0 [ 44.253843][ C0] kernfs_fop_read_iter+0x147/0x480 [ 44.259041][ C0] ? iov_iter_pipe+0x102/0x270 [ 44.263808][ C0] generic_file_splice_read+0x1b6/0x500 [ 44.269362][ C0] ? __cfi_generic_file_splice_read+0x10/0x10 [ 44.275433][ C0] ? __kasan_check_read+0x11/0x20 [ 44.280451][ C0] ? fsnotify_perm+0x269/0x5b0 [ 44.285215][ C0] ? security_file_permission+0x94/0xb0 [ 44.290763][ C0] ? rw_verify_area+0xa7/0x1c0 [ 44.295530][ C0] splice_direct_to_actor+0x3c5/0xb10 [ 44.301007][ C0] ? __cfi_direct_splice_actor+0x10/0x10 [ 44.306735][ C0] ? __cfi_splice_direct_to_actor+0x10/0x10 [ 44.312632][ C0] ? security_file_permission+0x94/0xb0 [ 44.318177][ C0] ? rw_verify_area+0xa7/0x1c0 [ 44.322951][ C0] do_splice_direct+0x1b3/0x2c0 [ 44.327804][ C0] ? avc_policy_seqno+0x1b/0x70 [ 44.332654][ C0] ? __cfi_do_splice_direct+0x10/0x10 [ 44.338126][ C0] ? security_file_permission+0x94/0xb0 [ 44.343671][ C0] do_sendfile+0x5c6/0xeb0 [ 44.348091][ C0] ? do_preadv+0x330/0x330 [ 44.352514][ C0] ? __se_sys_futex+0x273/0x2e0 [ 44.357380][ C0] __x64_sys_sendfile64+0x18f/0x1f0 [ 44.362591][ C0] ? __cfi___x64_sys_sendfile64+0x10/0x10 [ 44.368311][ C0] ? fpregs_restore_userregs+0x128/0x260 [ 44.373959][ C0] ? switch_fpu_return+0xe/0x10 [ 44.378810][ C0] x64_sys_call+0x62c/0x9a0 [ 44.383319][ C0] do_syscall_64+0x4c/0xa0 [ 44.387737][ C0] ? clear_bhb_loop+0x30/0x80 [ 44.392421][ C0] ? clear_bhb_loop+0x30/0x80 [ 44.397097][ C0] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 44.403080][ C0] RIP: 0033:0x7fac18b8eec9 [ 44.407494][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 44.427109][ C0] RSP: 002b:00007fac199e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 44.435522][ C0] RAX: ffffffffffffffda RBX: 00007fac18de5fa0 RCX: 00007fac18b8eec9 [ 44.443581][ C0] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000006 [ 44.451565][ C0] RBP: 00007fac18c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 44.459543][ C0] R10: 000000000000003a R11: 0000000000000246 R12: 0000000000000000 [ 44.467511][ C0] R13: 00007fac18de6038 R14: 00007fac18de5fa0 R15: 00007ffe674c4568 [ 44.475485][ C0] [ 44.478498][ C0] Modules linked in: [ 44.482402][ C0] ---[ end trace 0000000000000000 ]--- [ 44.487868][ C0] RIP: 0010:__queue_work+0x575/0xd30 [ 44.493678][ C0] Code: 39 2b 0f 84 b9 00 00 00 e8 88 dc 28 00 4c 89 ff e8 70 db ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 2c 4b 6d 00 49 8b 7d 00 e8 53 d7 [ 44.513368][ C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046 [ 44.519431][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88811a74e540 [ 44.527484][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 44.535457][ C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007 [ 44.543449][ C0] R10: ffffed1021c2d939 R11: 1ffff11021c2d939 R12: dffffc0000000000 [ 44.551438][ C0] R13: 0000000000000000 R14: ffff88810e16c9c8 R15: 0000000000000008 [ 44.559412][ C0] FS: 00007fac199e66c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 44.568358][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.574956][ C0] CR2: 0000001b2ea1fff8 CR3: 0000000131549000 CR4: 00000000003506b0 [ 44.582937][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.590911][ C0] DR3: 000000000000e58e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 44.598894][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 44.606355][ C0] Kernel Offset: disabled [ 44.610688][ C0] Rebooting in 86400 seconds..