last executing test programs: 1.968310171s ago: executing program 2 (id=1333): r0 = socket$inet6(0xa, 0x2, 0x3a) sendmmsg$inet6(r0, &(0x7f0000001980)=[{{&(0x7f0000000380)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5, '\x00', 0x0}}, 0x1c, &(0x7f0000000000)=[{&(0x7f0000000100)="a0002883781ecc0e", 0x8}], 0x1}}, {{0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000140)="143122362026c6af", 0x8}], 0x1}}], 0x2, 0x0) 1.961700332s ago: executing program 2 (id=1334): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0) getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=0x0) write$FUSE_IOCTL(r3, &(0x7f0000000180)={0x20}, 0x20) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',privport,access=', @ANYRESDEC=r4]) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=@known='trusted.overlay.redirect\x00', 0x0, 0x0) 1.949088193s ago: executing program 2 (id=1335): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000140)={0x46b, 0x0, 0x0, 0x0, 0x0, "4cca8e4d4235a1f6"}) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x13) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0)) 1.90386026s ago: executing program 2 (id=1338): bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r1}, 0x10) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x80, 0x5, 0x0, 0x4c4, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x9}, 0x48) r4 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c) setsockopt$inet_mreqsrc(r4, 0x0, 0x25, &(0x7f0000000100)={@multicast2, @loopback, @empty=0x3}, 0xc) getdents(0xffffffffffffffff, &(0x7f0000000300)=""/104, 0x68) getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={r1, 0xe0, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0], 0x0, 0x88, &(0x7f0000000480), 0x0, 0x10, &(0x7f0000000400), &(0x7f0000000580), 0x8, 0x64, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xd, &(0x7f0000000640)=ANY=[@ANYBLOB="180100000000002600000000000000851000ac80cc38400833ff00", @ANYRES64=r3], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) r8 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r8, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="9feb0100180000000000000018000000180000000a000000080000000100000f0500000000000000000000000000000000000000000000002e000b30fad8b0e0a45db66f65dabfcbd40b696c47d5df2ae7cd265c3f78343182c9c6844b4395acb7b2d920688cc96cfd1d00c85e4b4113b91a71faa86990630899314af34f70453dc4617fdaf207ed712bd7ed87f78415da82ac7b4889eb7427354bef97b9291e103903029ca396bf2de5d277bf1a983cdfbe35a9ca7e5dc90de8a010c52514d6d79caade9fac5d29be70834fed714d43a2dd4965343e2afc7cd1ad3f927d0466e197b3220762c32fb7aa2f2f85d74933548ffed6"], &(0x7f0000000040)=""/249, 0x3a, 0xf9, 0x6}, 0x20) r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x7b75c1, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x4a0381, 0x0) ioctl$TUNGETSNDBUF(r9, 0x800454d3, &(0x7f00000001c0)) r10 = socket$nl_xfrm(0x10, 0x3, 0x6) timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x77359400}}, &(0x7f0000000300)={{}, {0x0, 0x0}}) sendmsg$nl_xfrm(r10, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="b8000000190005"], 0xb8}}, 0x0) r12 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) write$binfmt_aout(r7, &(0x7f0000000940)=ANY=[@ANYRESHEX=r2, @ANYRES16=r11, @ANYRESOCT, @ANYBLOB="ad14b12ea64191b8fc63a78dba29d7de8caf28700907b182e3565273fdf1c583d7d7744e88d686b67e4c909bed7591109c7bebd68a6c66316c5f9a5c1c51ce84e66ff6928334b44bbb2e1d74b66659c52ee2f4afa9c2be963e3780fe450a63a1d2b41fd4c455ea007df7d29d", @ANYRES16, @ANYRES64=0x0], 0xff2e) ioctl$TCSETS(r12, 0x40045431, &(0x7f0000000080)={0xfffffffd, 0x2, 0xe815, 0x0, 0x15}) 1.710876479s ago: executing program 2 (id=1347): open(&(0x7f0000000000)='./bus\x00', 0x1c5c7e, 0x0) r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) close(r0) r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 1.165174333s ago: executing program 0 (id=1352): socket$packet(0x11, 0x3, 0x300) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) r1 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', 0x0}) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000003c0)='kmem_cache_free\x00', r4}, 0x10) sendto$packet(r0, &(0x7f0000000180)="10030600e0ff020002004788aa96a13bb100001100007fca1a00", 0x1000a, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14) 1.103518632s ago: executing program 0 (id=1356): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="18010000000000000000000000000010850000006d00000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) setresgid(0xffffffffffffffff, 0x0, 0x0) 1.065860848s ago: executing program 0 (id=1357): unshare(0x400) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, 0x0) 1.031740023s ago: executing program 0 (id=1360): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x2, 0x6a1843290ea05e7b, 0x1}, 0x48) socket$key(0xf, 0x3, 0x2) r0 = socket$inet6(0xa, 0x80803, 0x87) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) socket(0x10, 0x0, 0x0) write$binfmt_elf64(r1, &(0x7f0000000440)=ANY=[], 0x78) sendfile(r0, r1, &(0x7f0000000000), 0x4) 1.009499036s ago: executing program 4 (id=1362): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb26fc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xbffffffe, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x521140, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f00000003c0)='dctcp\x00', 0x6) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x0) umount2(&(0x7f0000000380)='./file0\x00', 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r7, 0x400455c8, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 980.669031ms ago: executing program 0 (id=1363): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x58, &(0x7f0000000a00)={[{@inode_readahead_blks}, {@grpid}, {@nomblk_io_submit}, {@stripe={'stripe', 0x3d, 0x4ffff}}, {@norecovery}, {@errors_remount}, {}]}, 0xfe, 0x799, &(0x7f00000001c0)="$eJzs3c1rHGUYAPBnNp+m1UYQbL00Jy2UbtoaWwWh8SSChYKebcNmG2I22ZLdlCbkYBFBEEGLB0Evnv2oN28ievZv8CIiLVXTYsWDrMx+JJtukm7TTdI2vx9M8r4zs/PMs7Pzvu/uDLsB7FpD6Z9MxIGI+CiJ2Fefn0RET7XUHTFaW+/20mIunZKoVN74M6muc2tpMRdNj0ntqVf2R8SP70UczrTGLc0vTI0VCvnZen24PH1huDS/cGRyemwiP5GfOXFsZOT4yRdOnuhcrn//vLD3+sevPvfN6L/vPn31w5+SGI299WXNeXTKUAzVn5Oe9Cms+b7TUR4MyU7vAJuSnppdtbM8DsS+6KqWAIBHWdr/VwCAXSbR/wPALtP4HODW0mKuMe3sJxLb68YrEdFfy79xfbO2pLt+za6/eh104Fay6spIEhGDHYi/PyI+/+6tr9Iptug6JMBa3rkcEecGh1rb/2TlnoVNOtrGOkN31LV/sH1+SMc/L641/sssj39ijfFP3xrn7mYMRfTWN1fVev5nrq0K2nCqA8Hr47+Xa/e2pYk2jf+Wb1ob7KrXHk8rByNispBP27YnIuJQ9PSdnyzkj20Q49DN/26ut2yoafz315W3v0zjp/9X1shc6+5b/ZjxsfLY/eTc7MbliGe6V+7tu93S/jeOeuv498xGGz64Unztpfc/W2+1NP8038bUmv/WqnwR8WysnX9DsuH9icPp4T9a+7t2jG9//XRgvfjNxz+d0viN9wLbIT3+AxvnP5g0369Z6mz8u+e//Ppf3qH09d+bvFkt99bnXRorl2ePRfQmr7fOP76ytUa9sX6af23Di72xKv+V9i9Zo/1L3xOeazPH7ut/fL35/LdWmv/4PR3/ey9cvT3VtV789o7/SLV0qD6nnfav3R28n+cOAAAAAAAAAAAAAAAAAAAAAAAAANqViYi9kWSyy+VMJput/Yb3UzGQKRRL5cPni3Mz41H9rezB6Mk0vupyX62eNL7/dLCpfvyO+vMR8WREfNL3WLWezRUL4zudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7Vnn9/9Tv/ft9N4BAFumv2VOpVKpNNdv5jdcDAA8dFr7fwDgUaf/B4DdR/8PALuP/h8Adh/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvszOnT6VT5Z2kxl9bHL87PTRUvHhnPl6ay03O5bK44eyE7USxOFPLZXHH6btsrFIsXRmJm7tJwOV8qD5fmF85OF+dmymcnp8dOxdl8z7ZkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3pjS/MDVWKORnH4nCBxHxAOyGQmcLvx35Zf9G61y5y8t4tI1Y/fUT4gFJeecLO9wwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwk/g8AAP//Ez0kyA==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) socket(0x10, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x28}}, 0x0) r3 = epoll_create1(0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020}, 0x2020) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000002200)={0x50}, 0x50) read$FUSE(r4, &(0x7f0000002900)={0x2020}, 0x2020) write$FUSE_INTERRUPT(0xffffffffffffffff, 0x0, 0x0) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) fstat(0xffffffffffffffff, 0x0) r5 = dup(r3) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000300)={0x4000000d}) mount$9p_fd(0x20000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r5}}) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000140)) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x42400) getdents64(r0, &(0x7f0000000400)=""/258, 0x102) 688.362115ms ago: executing program 2 (id=1364): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000000)={0x0, 0x3, &(0x7f00000010c0)="f39561"}) r1 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3}, 0x10) syz_usb_control_io$cdc_ecm(r1, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) 613.596156ms ago: executing program 4 (id=1368): socket$packet(0x11, 0x3, 0x300) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) r1 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', 0x0}) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000003c0)='kmem_cache_free\x00', r4}, 0x10) sendto$packet(r0, &(0x7f0000000180)="10030600e0ff020002004788aa96a13bb100001100007fca1a00", 0x1000a, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14) 589.99906ms ago: executing program 3 (id=1370): unshare(0x400) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, 0x0) 589.58985ms ago: executing program 4 (id=1371): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x2, &(0x7f0000000080)=[{0x20, 0x0, 0x0, 0x8}, {0x6}]}) 555.519505ms ago: executing program 1 (id=1372): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x8}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001f00)={{r0}, &(0x7f0000001e80), &(0x7f0000001ec0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x9) connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc) sendmsg$TIPC_CMD_GET_MAX_PORTS(r2, &(0x7f0000000000)={&(0x7f0000000a00), 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x1c}, 0xe80}}, 0x0) 555.348305ms ago: executing program 3 (id=1373): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000d50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x11) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000210001"], 0x24}}, 0x0) 548.018117ms ago: executing program 3 (id=1374): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r3}, 0x10) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r6 = dup(r5) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6]) 516.964371ms ago: executing program 4 (id=1375): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0) getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=0x0) write$FUSE_IOCTL(r3, &(0x7f0000000180)={0x20}, 0x20) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',privport,access=', @ANYRESDEC=r4]) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=@known='trusted.overlay.redirect\x00', 0x0, 0x0) 500.905343ms ago: executing program 1 (id=1376): bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000), 0x0, 0x62f, &(0x7f0000000d40)="$eJzs3c9rXNUeAPDvnfxO3ntJw+O917d4LyDagjZp0laKCLYIrkqpPxaCG8cmLbXTHzQRTa00hboRxI0LwZUL68J/QbQguPIfcKELV1IpItkoRUfu5M44SeYmk5iZaTOfD0znnHtu5pzbzDfnzJlzZgLoWhPpP4WIvRFxOYkYryvrjaxwYuW85Z+vnU5vSZTLz/+UxLXryVL9YyXZ/UhEpAW/jUbyVUSM96yvd37x6vliqTR3JctPLVy4PDW/ePXAuQvFs3Nn5y7OPD5z9MjhI0enD9b91Jlntnp9e+rSJ26++vroOydf+vjDe8n0J9+eTOJYrdHpdW31sTczERNRztQfT/9fj+50ZR3SU3ue/ClZe2Ctp1vYILak+vvri4h/x2j01P02R+PtZzvaOKClyknU+iig2yTiH7pUdRxQfW3f3Ovg/haPSoB2uHs84pFa/PdFRDX+e1fmBmOwMjcwvJysmudJIuLgDtSf1vH1lydvprdo0Twc0NjSjYFsCnxt/59UYnMsBiu54eXCqvgvZNO4Y9n84XMbVzOaVzCxJp/VP7Dd6wGat3QjIv7TaPy/efy/nN2nx1/ZZv058Q8AAAAAAABsw+3jEfFYxPJn30Wsev+vUFv/099g/c9IRBzbgfo3f/+vcGcHqgEauHs84smG638L1VPGerLc3yvrAfqSM+dKcwcj4h8RsT/6BtL8dP2Dflr30xFx4N3xD/Lqr1//l97S+qtrAbN23OldsxpotrhQ3IFLh65390bEf3vz1/+k/X+S9v/3knXrfy43Wcf4w7dO5ZVtHv9Aq5Q/itjXsP9PauckG38+x1RlPDBVHRWs97833/s8r37xD52T9v/DG8f/QFL/eT3zW3v8/og4tNhbziuf6Nve+L8/eaEn6nYivlFcWLgyHdGfnFh/fGZrbYYHyWDzp74VEZV4qMZLGv/7H2r8+n/V+H85ifo4HMo+46sZ//p95Pu8Mv0/dE4a/7Mb9/9jq/v/rSdmbo19kVf/qabm/w5X+vT92RHzf7CxZgO00+0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAdRISL+FklhspYuFCYnI0Yi4p8xXChdml949Myl1y7OpmWV7/8vVL/pd3Qln1S//3+sLj+zJn8oIvZExPs9Q5X85OlLpdlOXzwAAAAAAAAAAAAAAAAAAADcJ0ZW7tbt/0/90NPRpgHt0Jvdi3foPr2dbgDQMeIfupf4h+6VH/+/3CtXtLU5QBs12/+Xr7e4IUDbbXP87+0C2AW8/odu1dfcaYOtbgfQCfp/AAAAAADYVfb8//Y3SUQsPTFUuaX6s7LaG4NDnWod0EqFvIKB9rYDaD9reKF7WfoD3avJxb/ALpbUUr823Oyfv/o/aU2DAAAAAAAAAAAAAIB19u1tYv8/sCvl7v8Hdr0N9v832tjj4wJgF7H/H7rXgB4dul51sJ/3Tf/2/wMAAAAAAAAAAADAfWDw6vliqTR3ZX6x6cT1rZz81xM/Rl7RU+1sxk4llor3RTMehERfRKwpKo+uPG3PF0svRnvbU42YdtTV38a6chId+nsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs80cAAAD//0+VJxQ=") 491.926445ms ago: executing program 4 (id=1377): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x248, &(0x7f0000000980)={[{@test_dummy_encryption}, {@resgid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x8}}, {@mblk_io_submit}, {@norecovery}, {@nodelalloc}, {@dioread_lock}, {@data_journal}]}, 0x1, 0x4a4, &(0x7f0000000c00)="$eJzs3M1rHGUYAPBnZjfpdxNr/WitNlrF4kfSpFULClVB8KAg6KGeJCZpqU0baSLYUmyUUi+CFryL4EXwL+jJk6gnwavepVCkl1ZPK5OdXTfJ7mbbTXbz8fvBdufNvLPv8+x8vTPvTgPYsAayf5KI7RHxR0T0RUS6sMKW8tvtmxfH/rl5cSyJUuntv5Nssbh18+JYpWqSv28rF4rZB6WXk3i5TrvT5y+cHp2cnDiXl4dmznw4NH3+wrOnzoyenDg5cXbk6NEjh4dfeH7kuWXJM4vp1t5Ppvbtef3dq2+OHb/6/i8/JDVB1+bRphf7qpPXBpMGlZ5YpsZWix0100mxcb3Spk5EQ6uy1ZGtrp65/b8vCpd3Vuf1xWufdTU4YEWVSqXSSOPZsyVgHUui2xEA3VE50WfXv5VXh7oeq8KNV8oXQFnet/NXeU6xfB9kU/naaMcKtT8QEcdn//0me8Ud34foWaGoAID17Mes//NMvf5fGvfX1NuZjw31R8Q9EbErIu6NiN0RcV/EXN0HIuLB+s0MvNeg/YEF5cX9n/T63We3tKz/91I+tjW//1cdBesvZKXech+wP3qSE6cmJw7l38nB6NmUlYfrfnoSMZu9//5lo/Zr+3/ZK2u/0hfM47hePDZ/mfHRmdG2E8/d+DRib7Fe/kkU/88i9kTE3rts49RT3++b/5dCdWrp/JtoMs7UqtK3EU+W1/9sLMi/Imk+Pjm0OSYnDg1VtorFfv3tyluN2i/nn0bz/Le0n2gD2frfWm/7P1bNvz+pHa+dXvQRvUu1ceXPzxte07S0/S8YM8y2/97knXmNfzw6M3NuOKI3eWPx32tucFfKlfpZ/gcP1N//d+XLZPk/FBHZRvxwRDwSEfvz2B+NiMci4kCT/H9+9fEPGua/v43tfxlk+Y/XPf41Wv93PlE4/dO1Ru23tv6PVApzQbVy/Gs1wHa+OwAAAFgr0ojYHkk6WJ1O08HB8u/ld8fWdHJqeubpE1MfnR0vPyPQHz1p5U5XX8390OH83nClPJKXL+Xlw/l9468LW+bKg2NTk+PdTh42uG0N9v/MX4VuRwesuGUYRwPWqKX3/7QjcQCdd/fnfz0HWOuW2Iud/GEdcxaHjave/n+ptpBE+VfywLrj/A8bV3X//6qFyjWPey18eBNYe5qd/0t9HQwE6Dj9f9iQ2nmuf1VMxHcRzeskqyXUO5r4op3Fi4tnpbHMEUbaxe+ntysrZaQQ0cVNotjq/2oR50uX2m503mFic9cOUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG36LwAA//9AEOVn") mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]}) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000003c0)='cpuset.memory_spread_page\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f00000000c0), 0x12) 461.13911ms ago: executing program 3 (id=1378): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e) r2 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x32) connect$pppl2tp(r2, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0x1}}, 0x2e) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x3, 0x20000000, 0x4) 408.051448ms ago: executing program 3 (id=1379): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb26fc000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xbffffffe, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x521140, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f00000003c0)='dctcp\x00', 0x6) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x0) umount2(&(0x7f0000000380)='./file0\x00', 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r7, 0x400455c8, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 89.771906ms ago: executing program 0 (id=1380): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="18010000000000000000000000000010850000006d00000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) setresgid(0xffffffffffffffff, 0x0, 0x0) 76.074038ms ago: executing program 1 (id=1381): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) timer_create(0x0, 0x0, &(0x7f0000000000)) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='hrtimer_start\x00', r2}, 0x10) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) 70.741039ms ago: executing program 4 (id=1382): bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='jbd2_checkpoint\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) tkill(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x29, 0x4c414) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f00000003c0)) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000d94e3a89d9e36c000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095000000000000003124ec5f16de62599b926c1b4e305553116848df07fc1b556df97dbf69777b9d51c9b46a2a02e9f4c47e5015d71fd36fbf5d42b713ddc1c9273ee3476cc79a427c1f7774b73efd6c19c6db38ab5835ffa68b0f9e9becb598677cf27123c277dbbf9a44df40d690a62eef88222f0c9d9e3a0796c73cf2494bd03a66095ff1258e3cfbb6292ea92bc50a4a9f0353d0778b6d"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendmmsg$inet(r5, &(0x7f0000002f80)=[{{0x0, 0x0, &(0x7f0000002b40)}}], 0x600, 0x0) 19.809007ms ago: executing program 1 (id=1383): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r0, &(0x7f0000000380), 0x20000000}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f0000002b40)="f7", &(0x7f0000000000)=""/10, 0x2}, 0x20) 11.128618ms ago: executing program 1 (id=1384): unshare(0x400) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, 0x0) 118.29µs ago: executing program 3 (id=1385): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0x1}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r4}, &(0x7f00000008c0), &(0x7f00000002c0)=r3}, 0x20) 0s ago: executing program 1 (id=1386): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x2, &(0x7f0000000080)=[{0x20, 0x0, 0x0, 0x8}, {0x6}]}) kernel console output (not intermixed with test programs): 52.867923][ T1334] loop2: detected capacity change from 0 to 128 [ 52.871024][ T1278] device veth0_vlan entered promiscuous mode [ 52.887449][ T1278] device veth1_macvtap entered promiscuous mode [ 52.894707][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 52.903320][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 52.911454][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 52.919527][ T20] usb 2-1: Using ep0 maxpacket: 16 [ 52.924908][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 52.935070][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 52.942838][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 52.950261][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 52.963655][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 52.971736][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 52.980539][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 52.988697][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 53.038152][ T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 53.057474][ T1344] loop3: detected capacity change from 0 to 256 [ 53.060843][ T20] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 53.076234][ T20] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 53.082734][ T1348] loop2: detected capacity change from 0 to 128 [ 53.085065][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.100416][ T20] usb 2-1: config 0 descriptor?? [ 53.118776][ T1348] FAT-fs (loop2): bogus number of FAT sectors [ 53.124802][ T1348] FAT-fs (loop2): Can't find a valid FAT filesystem [ 53.290665][ T30] kauditd_printk_skb: 5 callbacks suppressed [ 53.290680][ T30] audit: type=1400 audit(1719359431.380:207): avc: denied { map } for pid=1356 comm="syz.4.416" path="socket:[22711]" dev="sockfs" ino=22711 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 53.442104][ T30] audit: type=1400 audit(1719359431.510:208): avc: denied { setopt } for pid=1351 comm="syz.2.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 53.523643][ T1375] loop2: detected capacity change from 0 to 256 [ 53.548841][ T30] audit: type=1400 audit(1719359431.520:209): avc: denied { bind } for pid=1351 comm="syz.2.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 53.847564][ T20] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0006/input/input4 [ 53.929125][ T20] microsoft 0003:045E:07DA.0006: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 54.008140][ T321] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 54.021977][ T30] audit: type=1400 audit(1719359432.110:210): avc: denied { mount } for pid=1400 comm="syz.0.435" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 54.044227][ T30] audit: type=1400 audit(1719359432.110:211): avc: denied { mounton } for pid=1400 comm="syz.0.435" path="/root/syzkaller.PoTJJL/10/file0/bus" dev="tmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 54.087178][ T30] audit: type=1400 audit(1719359432.110:212): avc: denied { unlink } for pid=1400 comm="syz.0.435" name="#9" dev="tmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 54.109741][ T30] audit: type=1400 audit(1719359432.110:213): avc: denied { unmount } for pid=1256 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 54.167521][ T1407] syz.2.438[1407] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 54.167589][ T1407] syz.2.438[1407] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 54.189034][ T45] device bridge_slave_1 left promiscuous mode [ 54.206225][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.214081][ T45] device bridge_slave_0 left promiscuous mode [ 54.220212][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.227834][ T45] device bridge_slave_1 left promiscuous mode [ 54.234023][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.241345][ T45] device bridge_slave_0 left promiscuous mode [ 54.247381][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.255539][ T45] device veth1_macvtap left promiscuous mode [ 54.261922][ T321] usb 4-1: Using ep0 maxpacket: 32 [ 54.267043][ T45] device veth0_vlan left promiscuous mode [ 54.272948][ T45] device veth1_macvtap left promiscuous mode [ 54.295757][ T45] device veth0_vlan left promiscuous mode [ 54.419768][ T30] audit: type=1400 audit(1719359432.510:214): avc: denied { read } for pid=1426 comm="syz.4.448" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 54.471965][ T30] audit: type=1400 audit(1719359432.560:215): avc: denied { write } for pid=1426 comm="syz.4.448" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 54.502317][ T30] audit: type=1400 audit(1719359432.580:216): avc: denied { unmount } for pid=1276 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 54.529287][ T1433] loop2: detected capacity change from 0 to 128 [ 54.538756][ T321] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=e2.de [ 54.547845][ T321] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.563695][ T321] usb 4-1: Product: syz [ 54.571349][ T321] usb 4-1: Manufacturer: syz [ 54.580043][ T1433] FAT-fs (loop2): bogus number of FAT sectors [ 54.585625][ T321] usb 4-1: SerialNumber: syz [ 54.586070][ T1433] FAT-fs (loop2): Can't find a valid FAT filesystem [ 54.594572][ T321] usb 4-1: config 0 descriptor?? [ 55.041879][ T362] usb 2-1: USB disconnect, device number 5 [ 55.086416][ T1461] loop1: detected capacity change from 0 to 256 [ 55.137393][ T1466] loop1: detected capacity change from 0 to 128 [ 55.150481][ T1464] loop0: detected capacity change from 0 to 2048 [ 55.189298][ T1464] loop0: p1 < > p4 [ 55.193629][ T1464] loop0: p4 size 8388608 extends beyond EOD, truncated [ 55.219318][ T1466] FAT-fs (loop1): bogus number of FAT sectors [ 55.225303][ T1466] FAT-fs (loop1): Can't find a valid FAT filesystem [ 55.234318][ T100] loop0: p1 < > p4 [ 55.243401][ T100] loop0: p4 size 8388608 extends beyond EOD, truncated [ 55.331408][ T345] udevd[345]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 55.357649][ T345] udevd[345]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 55.367381][ T321] CoreChips 4-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9 [ 55.398198][ T321] CoreChips: probe of 4-1:0.0 failed with error -71 [ 55.414119][ T321] usb 4-1: USB disconnect, device number 7 [ 55.554756][ T1456] loop2: detected capacity change from 0 to 131072 [ 55.573845][ T1456] F2FS-fs (loop2): Wrong segment_count / block_count (65567 > 16384) [ 55.583580][ T1456] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 55.593230][ T1490] syz.0.474[1490] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 55.593294][ T1490] syz.0.474[1490] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 55.611000][ T1456] F2FS-fs (loop2): Found nat_bits in checkpoint [ 55.631860][ T1497] loop4: detected capacity change from 0 to 128 [ 55.665801][ T1501] loop0: detected capacity change from 0 to 2048 [ 55.671963][ T1456] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 55.671989][ T1456] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 55.699222][ T1501] loop0: p1 < > p4 [ 55.703361][ T1501] loop0: p4 size 8388608 extends beyond EOD, truncated [ 55.730654][ T1497] FAT-fs (loop4): bogus number of FAT sectors [ 55.736601][ T1497] FAT-fs (loop4): Can't find a valid FAT filesystem [ 55.747639][ T1501] __loop_clr_fd: partition scan of loop0 failed (rc=-16) [ 55.772317][ T1504] loop0: detected capacity change from 0 to 256 [ 55.839228][ T319] udevd[319]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 55.968958][ T345] udevd[345]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 56.304780][ T1511] loop4: detected capacity change from 0 to 256 [ 56.434925][ T1547] loop1: detected capacity change from 0 to 16 [ 56.509146][ T1547] erofs: (device loop1): mounted with root inode @ nid 36. [ 56.517298][ T1547] erofs: (device loop1): z_erofs_map_blocks_iter: invalid logical cluster 0 at nid 36 [ 56.526804][ T1547] attempt to access beyond end of device [ 56.526804][ T1547] loop1: rw=0, want=304, limit=16 [ 56.537394][ T1547] erofs: (device loop1): z_erofs_readpage: failed to read, err [-117] [ 56.648327][ T1569] loop1: detected capacity change from 0 to 1024 [ 56.688097][ T26] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 56.745674][ T1569] EXT4-fs (loop1): Test dummy encryption mode enabled [ 56.763038][ T1569] EXT4-fs (loop1): Ignoring removed orlov option [ 56.771014][ T1569] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 56.830808][ T1581] netlink: 36 bytes leftover after parsing attributes in process `syz.4.511'. [ 56.851624][ T1583] loop3: detected capacity change from 0 to 16 [ 56.872119][ T1589] x_tables: duplicate underflow at hook 2 [ 56.916226][ T1583] erofs: (device loop3): mounted with root inode @ nid 36. [ 56.925340][ T1583] erofs: (device loop3): z_erofs_map_blocks_iter: invalid logical cluster 0 at nid 36 [ 56.935733][ T1583] attempt to access beyond end of device [ 56.935733][ T1583] loop3: rw=0, want=304, limit=16 [ 56.947262][ T1583] erofs: (device loop3): z_erofs_readpage: failed to read, err [-117] [ 56.998197][ T26] usb 3-1: Using ep0 maxpacket: 32 [ 57.218935][ T1597] xt_bpf: check failed: parse error [ 57.458693][ T26] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=e2.de [ 57.479293][ T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.487152][ T26] usb 3-1: Product: syz [ 57.491969][ T26] usb 3-1: Manufacturer: syz [ 57.499404][ T26] usb 3-1: SerialNumber: syz [ 57.504797][ T26] usb 3-1: config 0 descriptor?? [ 57.611144][ T1609] netlink: 'syz.3.521': attribute type 12 has an invalid length. [ 57.618765][ T1609] netlink: 'syz.3.521': attribute type 29 has an invalid length. [ 57.626290][ T1609] netlink: 'syz.3.521': attribute type 2 has an invalid length. [ 57.633961][ T1609] netlink: 'syz.3.521': attribute type 2 has an invalid length. [ 57.641407][ T1609] netlink: 'syz.3.521': attribute type 1 has an invalid length. [ 57.648881][ T1609] netlink: 'syz.3.521': attribute type 37 has an invalid length. [ 57.656502][ T1609] netlink: 'syz.3.521': attribute type 2 has an invalid length. [ 57.664013][ T1609] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.765320][ T1611] netem: change failed [ 57.815345][ T1615] loop1: detected capacity change from 0 to 1024 [ 57.852112][ T1607] loop0: detected capacity change from 0 to 40427 [ 57.869039][ T1615] EXT4-fs (loop1): Test dummy encryption mode enabled [ 57.875729][ T1615] EXT4-fs (loop1): Ignoring removed orlov option [ 57.884042][ T1615] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 57.934957][ T1607] F2FS-fs (loop0): invalid crc value [ 57.942299][ T1607] F2FS-fs (loop0): Found nat_bits in checkpoint [ 57.965680][ T1607] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 58.027743][ T1624] netlink: 36 bytes leftover after parsing attributes in process `syz.1.527'. [ 58.046628][ T1626] loop1: detected capacity change from 0 to 512 [ 58.271750][ T321] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 58.281802][ T1626] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 58.290198][ T1626] EXT4-fs (loop1): invalid inodes per group: 4 [ 58.290198][ T1626] [ 58.306046][ T26] CoreChips 3-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9 [ 58.317924][ T30] kauditd_printk_skb: 28 callbacks suppressed [ 58.317937][ T30] audit: type=1400 audit(1719359436.390:245): avc: denied { read } for pid=1629 comm="syz.3.529" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 58.357988][ T30] audit: type=1400 audit(1719359436.390:246): avc: denied { open } for pid=1629 comm="syz.3.529" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 58.389748][ T1626] netlink: 4 bytes leftover after parsing attributes in process `syz.1.528'. [ 58.390025][ T26] CoreChips: probe of 3-1:0.0 failed with error -71 [ 58.402044][ T1256] attempt to access beyond end of device [ 58.402044][ T1256] loop0: rw=524288, want=45072, limit=40427 [ 58.407579][ T26] usb 3-1: USB disconnect, device number 5 [ 58.428303][ T30] audit: type=1400 audit(1719359436.390:247): avc: denied { ioctl } for pid=1629 comm="syz.3.529" path="/dev/binderfs/binder0" dev="binder" ino=16 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 58.454285][ T30] audit: type=1400 audit(1719359436.390:248): avc: denied { set_context_mgr } for pid=1629 comm="syz.3.529" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 58.455839][ T1256] attempt to access beyond end of device [ 58.455839][ T1256] loop0: rw=0, want=45072, limit=40427 [ 58.478493][ T30] audit: type=1400 audit(1719359436.390:249): avc: denied { map } for pid=1629 comm="syz.3.529" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 58.508716][ T30] audit: type=1400 audit(1719359436.390:250): avc: denied { call } for pid=1629 comm="syz.3.529" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 58.528110][ T30] audit: type=1400 audit(1719359436.410:251): avc: denied { transfer } for pid=1629 comm="syz.3.529" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 58.548338][ T321] usb 5-1: Using ep0 maxpacket: 8 [ 58.557027][ T1638] x_tables: duplicate underflow at hook 2 [ 58.608748][ T1256] attempt to access beyond end of device [ 58.608748][ T1256] loop0: rw=2049, want=45104, limit=40427 [ 58.866437][ T321] usb 5-1: config index 0 descriptor too short (expected 5924, got 36) [ 58.874589][ T321] usb 5-1: config 250 has an invalid interface number: 228 but max is -1 [ 58.882816][ T321] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 58.891662][ T321] usb 5-1: config 250 has no interface number 0 [ 58.897696][ T321] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 58.909385][ T321] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 58.919694][ T321] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 26 [ 58.929825][ T321] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 58.944594][ T321] usb 5-1: config 250 interface 228 has no altsetting 0 [ 59.016785][ T1643] loop2: detected capacity change from 0 to 2048 [ 59.058657][ T1643] loop2: p1 < > p4 [ 59.063308][ T1643] loop2: p4 size 8388608 extends beyond EOD, truncated [ 59.077353][ T30] audit: type=1400 audit(1719359437.160:252): avc: denied { write } for pid=1642 comm="syz.2.535" name="loop2p1" dev="devtmpfs" ino=508 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 59.099909][ T321] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 59.112508][ T321] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 59.120644][ T321] usb 5-1: Product: syz [ 59.124580][ T321] usb 5-1: SerialNumber: syz [ 59.153436][ T1647] netlink: 36 bytes leftover after parsing attributes in process `syz.1.538'. [ 59.168645][ T321] hub 5-1:250.228: bad descriptor, ignoring hub [ 59.174843][ T321] hub: probe of 5-1:250.228 failed with error -5 [ 59.215125][ T1645] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.222377][ T1645] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.230301][ T1645] device bridge_slave_0 entered promiscuous mode [ 59.239640][ T1645] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.246515][ T1645] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.253947][ T1645] device bridge_slave_1 entered promiscuous mode [ 59.294365][ T1645] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.301216][ T1645] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.308321][ T1645] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.315089][ T1645] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.379605][ T1659] netlink: 'syz.1.540': attribute type 12 has an invalid length. [ 59.387234][ T1659] netlink: 'syz.1.540': attribute type 29 has an invalid length. [ 59.394834][ T1659] netlink: 'syz.1.540': attribute type 2 has an invalid length. [ 59.402272][ T1659] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.447936][ T30] audit: type=1400 audit(1719359437.530:253): avc: denied { mounton } for pid=1652 comm="syz.2.541" path="/root/syzkaller.z7ICeX/32/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1 [ 59.552424][ T30] audit: type=1326 audit(1719359437.610:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1661 comm="syz.3.542" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c636ecae9 code=0x7ffc0000 [ 59.634434][ T321] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 3 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 59.648935][ T26] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.657959][ T26] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.673208][ T45] device bridge_slave_1 left promiscuous mode [ 59.679333][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.686692][ T45] device bridge_slave_0 left promiscuous mode [ 59.692830][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.700454][ T45] device veth1_macvtap left promiscuous mode [ 59.706348][ T45] device veth0_vlan left promiscuous mode [ 59.767188][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.774947][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.784304][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.792619][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.800756][ T697] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.807583][ T697] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.817338][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.825613][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.833639][ T697] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.840573][ T697] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.858170][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 59.866012][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 59.873852][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 59.881698][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 59.890131][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 59.898274][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 59.906422][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.914132][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.922163][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 59.929499][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 59.937054][ T1645] device veth0_vlan entered promiscuous mode [ 59.947385][ T1645] device veth1_macvtap entered promiscuous mode [ 59.954355][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.962535][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.970730][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 59.982982][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.991358][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.999780][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.007830][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.148611][ T1611] usb 5-1: reset high-speed USB device number 3 using dummy_hcd [ 60.196990][ T1677] loop3: detected capacity change from 0 to 512 [ 60.268670][ T1677] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 60.276904][ T1677] EXT4-fs (loop3): invalid inodes per group: 4 [ 60.276904][ T1677] [ 60.318057][ T299] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 60.328070][ T26] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 60.362294][ T1677] netlink: 4 bytes leftover after parsing attributes in process `syz.3.548'. [ 60.558266][ T299] usb 2-1: Using ep0 maxpacket: 16 [ 60.568102][ T26] usb 1-1: Using ep0 maxpacket: 32 [ 60.678142][ T299] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 60.689008][ T299] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.698599][ T299] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 60.711174][ T299] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 60.719994][ T299] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.728529][ T299] usb 2-1: config 0 descriptor?? [ 60.808073][ C1] usblp0: nonzero read bulk status received: -71 [ 60.848141][ T26] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=e2.de [ 60.857193][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.865001][ T26] usb 1-1: Product: syz [ 60.869037][ T26] usb 1-1: Manufacturer: syz [ 60.873441][ T26] usb 1-1: SerialNumber: syz [ 60.881995][ T1679] netlink: 36 bytes leftover after parsing attributes in process `syz.3.549'. [ 60.886422][ T26] usb 1-1: config 0 descriptor?? [ 60.899316][ T1681] capability: warning: `syz.3.550' uses deprecated v2 capabilities in a way that may be insecure [ 60.939902][ T1685] x_tables: duplicate underflow at hook 2 [ 60.998347][ T60] usb 5-1: USB disconnect, device number 3 [ 61.005311][ T60] usblp0: removed [ 61.288115][ T299] usbhid 2-1:0.0: can't add hid device: -71 [ 61.293978][ T299] usbhid: probe of 2-1:0.0 failed with error -71 [ 61.301057][ T299] usb 2-1: USB disconnect, device number 6 [ 61.723140][ T26] CoreChips 1-1:0.0 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9 [ 61.748104][ T26] CoreChips: probe of 1-1:0.0 failed with error -71 [ 61.749220][ T1694] device pim6reg1 entered promiscuous mode [ 61.755855][ T26] usb 1-1: USB disconnect, device number 5 [ 62.101142][ T1707] netlink: 36 bytes leftover after parsing attributes in process `syz.1.560'. [ 62.119723][ T1709] loop1: detected capacity change from 0 to 512 [ 62.198424][ T1709] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 62.206926][ T1709] EXT4-fs (loop1): invalid inodes per group: 4 [ 62.206926][ T1709] [ 62.292620][ T1709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.561'. [ 62.575025][ T1719] x_tables: duplicate underflow at hook 2 [ 62.628056][ T697] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 62.941576][ T315] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 62.970963][ T1715] loop0: detected capacity change from 0 to 131072 [ 63.038815][ T1715] F2FS-fs (loop0): Wrong segment_count / block_count (65567 > 16384) [ 63.047181][ T1715] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 63.062161][ T1715] F2FS-fs (loop0): Found nat_bits in checkpoint [ 63.102414][ T1715] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 63.109428][ T697] usb 3-1: device descriptor read/64, error -71 [ 63.115526][ T1715] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 63.208117][ T315] usb 5-1: Using ep0 maxpacket: 16 [ 63.239726][ T1735] loop1: detected capacity change from 0 to 40427 [ 63.283476][ T1735] F2FS-fs (loop1): invalid crc value [ 63.295097][ T1735] F2FS-fs (loop1): Found nat_bits in checkpoint [ 63.331444][ T1735] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 63.348138][ T315] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.394201][ T315] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 63.418065][ T315] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 63.430904][ T315] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 63.457055][ T315] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.466215][ T315] usb 5-1: config 0 descriptor?? [ 63.642974][ T697] usb 3-1: device descriptor read/64, error -71 [ 63.990027][ T1231] attempt to access beyond end of device [ 63.990027][ T1231] loop1: rw=524288, want=45072, limit=40427 [ 64.001420][ T1231] attempt to access beyond end of device [ 64.001420][ T1231] loop1: rw=0, want=45072, limit=40427 [ 64.058882][ T1231] attempt to access beyond end of device [ 64.058882][ T1231] loop1: rw=2049, want=45104, limit=40427 [ 64.118058][ T697] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 64.128210][ T315] usbhid 5-1:0.0: can't add hid device: -71 [ 64.134032][ T315] usbhid: probe of 5-1:0.0 failed with error -71 [ 64.147892][ T315] usb 5-1: USB disconnect, device number 4 [ 64.227535][ T1756] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.234473][ T1756] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.241880][ T1756] device bridge_slave_0 entered promiscuous mode [ 64.250382][ T1756] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.257511][ T1756] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.264802][ T1756] device bridge_slave_1 entered promiscuous mode [ 64.304315][ T1756] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.311176][ T1756] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.318280][ T1756] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.325044][ T1756] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.344127][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.352858][ T321] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.360398][ T321] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.371072][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.379058][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.385889][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.393241][ T697] usb 3-1: device descriptor read/64, error -71 [ 64.408921][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.417055][ T315] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.423904][ T315] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.431514][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.439355][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.455236][ T1756] device veth0_vlan entered promiscuous mode [ 64.461589][ T1749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 64.470028][ T1749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 64.477866][ T1749] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 64.502934][ T1749] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 64.524959][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 64.534614][ T1756] device veth1_macvtap entered promiscuous mode [ 64.535073][ T30] kauditd_printk_skb: 12 callbacks suppressed [ 64.535084][ T30] audit: type=1400 audit(1719359442.620:267): avc: denied { audit_write } for pid=1762 comm="syz.3.580" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 64.545196][ T315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 64.567732][ T30] audit: type=1107 audit(1719359442.640:268): pid=1762 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 64.603758][ T1749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 64.630504][ T1769] loop1: detected capacity change from 0 to 512 [ 64.699124][ T45] device bridge_slave_1 left promiscuous mode [ 64.699661][ T1769] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 64.705112][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.720057][ T1769] EXT4-fs (loop1): invalid inodes per group: 4 [ 64.720057][ T1769] [ 64.930668][ T45] device bridge_slave_0 left promiscuous mode [ 64.949887][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.958415][ T45] device veth1_macvtap left promiscuous mode [ 64.964293][ T45] device veth0_vlan left promiscuous mode [ 65.018044][ T697] usb 3-1: device descriptor read/64, error -71 [ 65.057072][ T1774] loop4: detected capacity change from 0 to 40427 [ 65.081148][ T1769] netlink: 4 bytes leftover after parsing attributes in process `syz.1.578'. [ 65.138958][ T697] usb usb3-port1: attempt power cycle [ 65.141836][ T1774] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 65.151699][ T1774] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 65.160879][ T1774] F2FS-fs (loop4): invalid crc value [ 65.167499][ T1774] F2FS-fs (loop4): Found nat_bits in checkpoint [ 65.190316][ T1774] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 65.197359][ T1774] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 65.217942][ T1217] attempt to access beyond end of device [ 65.217942][ T1217] loop4: rw=2049, want=45104, limit=40427 [ 65.329023][ T1782] x_tables: duplicate underflow at hook 2 [ 66.688087][ T321] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 66.971464][ T1830] loop1: detected capacity change from 0 to 512 [ 67.058609][ T1830] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 67.066905][ T1830] EXT4-fs (loop1): invalid inodes per group: 4 [ 67.066905][ T1830] [ 67.078046][ T321] usb 4-1: Using ep0 maxpacket: 16 [ 67.133622][ T1830] netlink: 4 bytes leftover after parsing attributes in process `syz.1.600'. [ 67.178111][ T697] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 67.185440][ T30] audit: type=1400 audit(1719359445.270:269): avc: denied { write } for pid=1832 comm="syz.4.601" name="uinput" dev="devtmpfs" ino=166 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 67.248282][ T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 67.259106][ T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 67.268670][ T321] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 67.281910][ T321] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 67.284196][ T30] audit: type=1400 audit(1719359445.370:270): avc: denied { ioctl } for pid=1832 comm="syz.4.601" path="/dev/uinput" dev="devtmpfs" ino=166 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 67.290786][ T321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.316902][ T1834] input: syz0 as /devices/virtual/input/input5 [ 67.326416][ T321] usb 4-1: config 0 descriptor?? [ 67.464466][ T1840] x_tables: duplicate underflow at hook 2 [ 67.522819][ T697] usb 3-1: device descriptor read/64, error -71 [ 68.502887][ T1848] device vlan2 entered promiscuous mode [ 68.508346][ T1848] device vlan0 entered promiscuous mode [ 68.524122][ T1848] device vlan0 left promiscuous mode [ 68.532851][ T30] audit: type=1400 audit(1719359446.020:271): avc: denied { setopt } for pid=1845 comm="syz.0.606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 68.618185][ T321] usbhid 4-1:0.0: can't add hid device: -71 [ 68.624050][ T321] usbhid: probe of 4-1:0.0 failed with error -71 [ 68.642348][ T321] usb 4-1: USB disconnect, device number 8 [ 68.717337][ T1863] loop4: detected capacity change from 0 to 256 [ 68.790527][ T1863] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d) [ 68.874467][ T1865] loop0: detected capacity change from 0 to 512 [ 68.912203][ T1865] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 68.948166][ T30] audit: type=1400 audit(1719359447.010:272): avc: denied { mounton } for pid=1862 comm="syz.4.612" path="/root/syzkaller.2Yhzmi/37/file2/file2" dev="loop4" ino=1048659 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 68.981818][ T697] usb 3-1: device descriptor read/64, error -71 [ 68.993952][ T1865] EXT4-fs (loop0): 1 truncate cleaned up [ 68.999589][ T1865] EXT4-fs (loop0): mounted filesystem without journal. Opts: nouid32,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback. [ 69.019584][ T30] audit: type=1400 audit(1719359447.080:273): avc: denied { write } for pid=1862 comm="syz.4.612" path="/root/syzkaller.2Yhzmi/37/file2/file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop4" ino=1048661 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 69.070090][ T30] audit: type=1326 audit(1719359447.160:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1862 comm="syz.4.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 69.103548][ T30] audit: type=1326 audit(1719359447.160:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1862 comm="syz.4.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 69.128325][ T30] audit: type=1326 audit(1719359447.190:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1862 comm="syz.4.612" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 69.248098][ T697] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 69.580618][ T315] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 69.796487][ T1888] netlink: 4 bytes leftover after parsing attributes in process `syz.2.619'. [ 69.805888][ T1888] netlink: 12 bytes leftover after parsing attributes in process `syz.2.619'. [ 69.828064][ T315] usb 1-1: Using ep0 maxpacket: 16 [ 69.845176][ T30] kauditd_printk_skb: 238 callbacks suppressed [ 69.845191][ T30] audit: type=1400 audit(1719359447.930:515): avc: denied { write } for pid=1891 comm="syz.2.621" name="ip6_flowlabel" dev="proc" ino=4026532597 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 69.920765][ T1898] syz.2.624[1898] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.920812][ T1898] syz.2.624[1898] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.948142][ T315] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 69.970606][ T315] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 69.983303][ T315] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 69.992468][ T315] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.000997][ T315] usb 1-1: config 0 descriptor?? [ 70.150485][ T1907] validate_nla: 4 callbacks suppressed [ 70.150502][ T1907] netlink: 'syz.4.628': attribute type 2 has an invalid length. [ 70.308220][ T697] usb 3-1: device descriptor read/64, error -71 [ 70.341925][ T1925] device vlan2 entered promiscuous mode [ 70.347355][ T1925] device vlan0 entered promiscuous mode [ 70.355895][ T1925] device vlan0 left promiscuous mode [ 70.564407][ T315] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0007/input/input6 [ 70.642547][ T315] microsoft 0003:045E:07DA.0007: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 70.938089][ T697] usb 3-1: Using ep0 maxpacket: 16 [ 71.088131][ T697] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 71.098917][ T697] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 71.109495][ T697] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 71.122423][ T697] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 71.131473][ T697] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.142756][ T697] usb 3-1: config 0 descriptor?? [ 71.513034][ T1952] netlink: 'syz.4.646': attribute type 2 has an invalid length. [ 71.592249][ T1955] loop4: detected capacity change from 0 to 128 [ 71.676795][ T327] attempt to access beyond end of device [ 71.676795][ T327] loop4: rw=1, want=1041, limit=128 [ 71.688076][ T697] usbhid 3-1:0.0: can't add hid device: -71 [ 71.693984][ T697] usbhid: probe of 3-1:0.0 failed with error -71 [ 71.701176][ T697] usb 3-1: USB disconnect, device number 10 [ 71.729475][ T30] audit: type=1326 audit(1719359449.820:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.4.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 71.752785][ T30] audit: type=1326 audit(1719359449.820:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.4.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 71.776003][ T30] audit: type=1326 audit(1719359449.820:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.4.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 71.804890][ T30] audit: type=1326 audit(1719359449.840:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.4.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 71.830852][ T30] audit: type=1326 audit(1719359449.840:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.4.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 71.863855][ T30] audit: type=1326 audit(1719359449.870:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.4.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 71.887083][ T30] audit: type=1326 audit(1719359449.890:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.4.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f52ba192b67 code=0x7ffc0000 [ 71.910328][ T30] audit: type=1326 audit(1719359449.890:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.4.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f52ba137539 code=0x7ffc0000 [ 71.937100][ T30] audit: type=1326 audit(1719359449.890:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1959 comm="syz.4.649" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 72.078085][ T697] usb 1-1: USB disconnect, device number 6 [ 72.375440][ T1998] netlink: 20 bytes leftover after parsing attributes in process `syz.2.664'. [ 72.855019][ T2017] loop2: detected capacity change from 0 to 512 [ 72.981729][ T2017] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 73.050121][ T2017] EXT4-fs (loop2): 1 truncate cleaned up [ 73.055649][ T2017] EXT4-fs (loop2): mounted filesystem without journal. Opts: nouid32,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback. [ 73.101856][ T2025] netlink: 'syz.3.675': attribute type 2 has an invalid length. [ 73.218612][ T2032] loop4: detected capacity change from 0 to 128 [ 73.225004][ T2035] syz.3.680[2035] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.225069][ T2035] syz.3.680[2035] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.279859][ T45] attempt to access beyond end of device [ 73.279859][ T45] loop4: rw=1, want=1041, limit=128 [ 73.368068][ T60] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 73.672670][ T2065] syz.1.693[2065] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.672741][ T2065] syz.1.693[2065] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.748466][ T2074] loop3: detected capacity change from 0 to 256 [ 73.828064][ T60] usb 3-1: Using ep0 maxpacket: 16 [ 73.877670][ T2097] syz.1.709[2097] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.877743][ T2097] syz.1.709[2097] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 73.948203][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 74.194887][ T60] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 74.209485][ T60] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 74.218364][ T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.228441][ T60] usb 3-1: config 0 descriptor?? [ 74.251957][ T2120] kernel profiling enabled (shift: 0) [ 74.305115][ T2125] syz.1.721[2125] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.305184][ T2125] syz.1.721[2125] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.453461][ T2127] overlayfs: failed to resolve './file0': -2 [ 74.514469][ T2127] loop1: detected capacity change from 0 to 512 [ 74.568481][ T2127] FAT-fs (loop1): Unrecognized mount option "workdir=./bus" or missing value [ 74.650602][ T2127] loop1: detected capacity change from 0 to 128 [ 74.877574][ T60] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0008/input/input7 [ 74.891497][ T2127] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 74.902654][ T2127] ext4 filesystem being mounted at /root/syzkaller.Iy1QFY/32/mnt supports timestamps until 2038 (0x7fffffff) [ 74.969046][ T60] microsoft 0003:045E:07DA.0008: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 75.149240][ T30] kauditd_printk_skb: 408 callbacks suppressed [ 75.149255][ T30] audit: type=1326 audit(1719359453.240:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.179215][ T30] audit: type=1326 audit(1719359453.240:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.202777][ T30] audit: type=1326 audit(1719359453.240:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.226087][ T30] audit: type=1326 audit(1719359453.240:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.253131][ T30] audit: type=1326 audit(1719359453.240:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.277116][ T30] audit: type=1326 audit(1719359453.240:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.304934][ T30] audit: type=1326 audit(1719359453.240:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.329071][ T30] audit: type=1326 audit(1719359453.240:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2155 comm="syz.0.733" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.352297][ T30] audit: type=1326 audit(1719359453.390:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.0.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.376108][ T30] audit: type=1326 audit(1719359453.390:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2164 comm="syz.0.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 75.433921][ T2169] netlink: 20 bytes leftover after parsing attributes in process `syz.4.739'. [ 75.442905][ T2169] IPv6: Can't replace route, no match found [ 75.488798][ T2182] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 75.506940][ T2188] syz.3.747 uses obsolete (PF_INET,SOCK_PACKET) [ 75.557796][ T2198] mmap: syz.1.752 (2198) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 75.592116][ T2190] loop0: detected capacity change from 0 to 8192 [ 75.597057][ T2207] syz.1.756[2207] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 75.598375][ T2207] syz.1.756[2207] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 75.612386][ T2207] syz.1.756[2207] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 75.623657][ T2207] syz.1.756[2207] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 75.639603][ T2190] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 75.692430][ T2214] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 75.718413][ T2216] syz.1.760 (2216) used greatest stack depth: 18912 bytes left [ 76.044788][ T2238] syz.1.770[2238] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.044835][ T2238] syz.1.770[2238] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.057121][ T2238] syz.1.770[2238] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.068445][ T2238] syz.1.770[2238] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.081894][ T2240] syz.0.767[2240] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.093602][ T2240] syz.0.767[2240] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.117192][ T2243] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 76.161286][ T697] usb 3-1: USB disconnect, device number 11 [ 76.227407][ T2258] loop2: detected capacity change from 0 to 8192 [ 76.256717][ T2264] loop0: detected capacity change from 0 to 512 [ 76.279142][ T2264] EXT4-fs (loop0): ea_inode feature is not supported for Hurd [ 76.287148][ T2258] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 76.367278][ T2269] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 76.409195][ T2266] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 76.568255][ T2291] loop0: detected capacity change from 0 to 512 [ 76.649064][ T2291] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 76.712506][ T2291] EXT4-fs (loop0): 1 truncate cleaned up [ 76.718046][ T2291] EXT4-fs (loop0): mounted filesystem without journal. Opts: nouid32,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback. [ 76.748317][ T2295] loop3: detected capacity change from 0 to 8192 [ 76.770790][ T2295] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 77.018077][ T1749] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 77.098064][ T697] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 77.218205][ T369] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 77.258106][ T1749] usb 1-1: Using ep0 maxpacket: 16 [ 77.315627][ T2321] loop2: detected capacity change from 0 to 256 [ 77.351065][ T2321] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001023f, chksum : 0x0e440cfe, utbl_chksum : 0xe619d30d) [ 77.368064][ T697] usb 2-1: Using ep0 maxpacket: 16 [ 77.378232][ T1749] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.389028][ T1749] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 77.401562][ T1749] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 77.410474][ T1749] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.418955][ T1749] usb 1-1: config 0 descriptor?? [ 77.480147][ T369] usb 4-1: Using ep0 maxpacket: 8 [ 77.629000][ T369] usb 4-1: config 0 has too many interfaces: 129, using maximum allowed: 32 [ 77.637939][ T369] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 129 [ 77.647267][ T369] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.666406][ T369] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 77.678991][ T369] usb 4-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00 [ 77.688138][ T369] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.696872][ T369] usb 4-1: config 0 descriptor?? [ 77.838130][ T697] usb 2-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=90.6b [ 77.847060][ T697] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.855528][ T697] usb 2-1: Product: syz [ 77.859514][ T697] usb 2-1: Manufacturer: syz [ 77.863912][ T697] usb 2-1: SerialNumber: syz [ 77.868842][ T697] usb 2-1: config 0 descriptor?? [ 77.901709][ T1749] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0009/input/input8 [ 77.918362][ T697] plusb: probe of 2-1:0.0 failed with error -22 [ 77.978924][ T1749] microsoft 0003:045E:07DA.0009: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 78.178818][ T369] itetech 0003:048D:8595.000A: unexpected long global item [ 78.186010][ T369] itetech: probe of 0003:048D:8595.000A failed with error -22 [ 78.381750][ T697] usb 4-1: USB disconnect, device number 9 [ 78.712661][ T20] usb 2-1: USB disconnect, device number 7 [ 78.750067][ T2350] overlayfs: './file0' not a directory [ 79.163083][ T2369] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 79.174933][ T2369] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 79.313150][ T2392] netlink: 'syz.2.837': attribute type 15 has an invalid length. [ 79.321085][ T2392] netlink: 24 bytes leftover after parsing attributes in process `syz.2.837'. [ 79.356457][ T2398] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 79.366734][ T2398] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 80.406230][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 80.406271][ T30] audit: type=1400 audit(1719359458.490:959): avc: denied { unmount } for pid=1645 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 80.407356][ T20] usb 1-1: USB disconnect, device number 7 [ 80.452296][ T2405] overlayfs: './file0' not a directory [ 80.563642][ T2408] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 80.571547][ T2408] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 80.581396][ T2408] kvm: MONITOR instruction emulated as NOP! [ 80.685184][ T2418] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.692181][ T2418] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.700427][ T2418] device bridge_slave_0 entered promiscuous mode [ 80.705255][ T30] audit: type=1400 audit(1719359458.790:960): avc: denied { write } for pid=2435 comm="syz.4.855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 80.707535][ T2418] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.748920][ T2418] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.748948][ T30] audit: type=1400 audit(1719359458.820:961): avc: denied { nlmsg_write } for pid=2435 comm="syz.4.855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 80.756199][ T2418] device bridge_slave_1 entered promiscuous mode [ 80.868193][ T30] audit: type=1400 audit(1719359458.940:962): avc: denied { name_bind } for pid=2434 comm="syz.3.854" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 81.051514][ T2418] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.058411][ T2418] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.065502][ T2418] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.072293][ T2418] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.093212][ T2440] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2440 comm=syz.3.854 [ 81.150741][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 81.163101][ T362] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.186476][ T362] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.316747][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.348446][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.355323][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.378183][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.396806][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.403691][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.413304][ T2458] loop3: detected capacity change from 0 to 256 [ 81.432032][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 81.440387][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 81.457495][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 81.471635][ T2458] FAT-fs (loop3): Directory bread(block 64) failed [ 81.478093][ T2458] FAT-fs (loop3): Directory bread(block 65) failed [ 81.484462][ T2458] FAT-fs (loop3): Directory bread(block 66) failed [ 81.490817][ T2458] FAT-fs (loop3): Directory bread(block 67) failed [ 81.497164][ T2458] FAT-fs (loop3): Directory bread(block 68) failed [ 81.503519][ T2458] FAT-fs (loop3): Directory bread(block 69) failed [ 81.509819][ T2458] FAT-fs (loop3): Directory bread(block 70) failed [ 81.516107][ T2458] FAT-fs (loop3): Directory bread(block 71) failed [ 81.522482][ T2458] FAT-fs (loop3): Directory bread(block 72) failed [ 81.528802][ T2458] FAT-fs (loop3): Directory bread(block 73) failed [ 81.550588][ T2418] device veth0_vlan entered promiscuous mode [ 81.561225][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 81.574328][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 81.616552][ T2463] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2463 comm=syz.0.864 [ 81.626802][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 81.628725][ T30] audit: type=1400 audit(1719359459.700:963): avc: denied { mount } for pid=2462 comm="syz.0.864" name="/" dev="sockfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 81.643158][ T2418] device veth1_macvtap entered promiscuous mode [ 81.675225][ T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 81.683393][ T369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 81.693329][ T369] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 81.848417][ T10] device bridge_slave_1 left promiscuous mode [ 81.961161][ T30] audit: type=1326 audit(1719359459.930:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2467 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cae10ae9 code=0x7ffc0000 [ 81.984464][ T30] audit: type=1326 audit(1719359460.070:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2467 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f53cae10ae9 code=0x7ffc0000 [ 82.007665][ T30] audit: type=1326 audit(1719359460.070:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2467 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cae10ae9 code=0x7ffc0000 [ 82.010581][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.030706][ T30] audit: type=1326 audit(1719359460.070:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2467 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cae10ae9 code=0x7ffc0000 [ 82.061405][ T30] audit: type=1326 audit(1719359460.070:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2467 comm="syz.1.866" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f53cae10ae9 code=0x7ffc0000 [ 82.065251][ T2476] loop4: detected capacity change from 0 to 256 [ 82.098255][ T10] device bridge_slave_0 left promiscuous mode [ 82.103634][ T2480] loop1: detected capacity change from 0 to 256 [ 82.106685][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.120183][ T10] device veth1_macvtap left promiscuous mode [ 82.126017][ T10] device veth0_vlan left promiscuous mode [ 82.145111][ T2480] FAT-fs (loop1): Directory bread(block 64) failed [ 82.155652][ T2480] FAT-fs (loop1): Directory bread(block 65) failed [ 82.165384][ T2480] FAT-fs (loop1): Directory bread(block 66) failed [ 82.176198][ T2480] FAT-fs (loop1): Directory bread(block 67) failed [ 82.183636][ T2480] FAT-fs (loop1): Directory bread(block 68) failed [ 82.191656][ T2480] FAT-fs (loop1): Directory bread(block 69) failed [ 82.205328][ T2480] FAT-fs (loop1): Directory bread(block 70) failed [ 82.218682][ T2480] FAT-fs (loop1): Directory bread(block 71) failed [ 82.266355][ T2480] FAT-fs (loop1): Directory bread(block 72) failed [ 82.273357][ T2480] FAT-fs (loop1): Directory bread(block 73) failed [ 82.539128][ T2492] loop3: detected capacity change from 0 to 2048 [ 82.543250][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 82.557472][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 82.569097][ T2492] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 82.574057][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 82.586643][ T2491] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2491 comm=syz.1.875 [ 82.596204][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 83.807607][ T2511] syz.1.880 (2511): /proc/2511/oom_adj is deprecated, please use /proc/2511/oom_score_adj instead. [ 83.951997][ T2528] loop1: detected capacity change from 0 to 256 [ 83.973165][ T2532] tipc: Started in network mode [ 83.983316][ T2530] loop4: detected capacity change from 0 to 2048 [ 84.001843][ T2528] FAT-fs (loop1): Directory bread(block 64) failed [ 84.008297][ T2532] tipc: Node identity f0, cluster identity 4711 [ 84.015475][ T2532] tipc: Node number set to 240 [ 84.020181][ T2528] FAT-fs (loop1): Directory bread(block 65) failed [ 84.027215][ T2528] FAT-fs (loop1): Directory bread(block 66) failed [ 84.033325][ T2536] loop0: detected capacity change from 0 to 256 [ 84.039789][ T2528] FAT-fs (loop1): Directory bread(block 67) failed [ 84.046170][ T2528] FAT-fs (loop1): Directory bread(block 68) failed [ 84.052694][ T2528] FAT-fs (loop1): Directory bread(block 69) failed [ 84.059112][ T2528] FAT-fs (loop1): Directory bread(block 70) failed [ 84.065603][ T2528] FAT-fs (loop1): Directory bread(block 71) failed [ 84.072941][ T2530] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 84.078097][ T2528] FAT-fs (loop1): Directory bread(block 72) failed [ 84.087853][ T2528] FAT-fs (loop1): Directory bread(block 73) failed [ 84.737437][ T2561] overlayfs: failed to verify origin (/, ino=1, err=-1) [ 84.744381][ T2561] overlayfs: failed to verify upper root origin [ 84.814800][ T2567] loop1: detected capacity change from 0 to 256 [ 84.865293][ T2567] FAT-fs (loop1): Directory bread(block 64) failed [ 84.876989][ T2567] FAT-fs (loop1): Directory bread(block 65) failed [ 84.883664][ T2567] FAT-fs (loop1): Directory bread(block 66) failed [ 84.890108][ T2567] FAT-fs (loop1): Directory bread(block 67) failed [ 84.896756][ T2567] FAT-fs (loop1): Directory bread(block 68) failed [ 84.903534][ T2567] FAT-fs (loop1): Directory bread(block 69) failed [ 84.910092][ T2567] FAT-fs (loop1): Directory bread(block 70) failed [ 84.916901][ T2567] FAT-fs (loop1): Directory bread(block 71) failed [ 84.923527][ T2567] FAT-fs (loop1): Directory bread(block 72) failed [ 84.929957][ T2567] FAT-fs (loop1): Directory bread(block 73) failed [ 84.973587][ T2577] loop0: detected capacity change from 0 to 2048 [ 84.983123][ T2577] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities [ 85.080238][ T2600] bpf_get_probe_write_proto: 2 callbacks suppressed [ 85.080255][ T2600] syz.1.917[2600] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 85.091919][ T2600] syz.1.917[2600] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 85.114794][ T2600] syz.1.917[2600] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 85.121459][ T2603] loop3: detected capacity change from 0 to 512 [ 85.133193][ T2600] syz.1.917[2600] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 85.146229][ T2600] EXT4-fs warning (device sda1): ext4_group_extend:1822: can't shrink FS - resize aborted [ 85.248752][ T2603] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.920: casefold flag without casefold feature [ 85.270720][ T2603] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.920: missing EA_INODE flag [ 85.290964][ T2603] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.920: error while reading EA inode 12 err=-117 [ 85.305641][ T2603] EXT4-fs (loop3): 1 orphan inode deleted [ 85.312889][ T2603] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 85.329734][ T2603] device batadv_slave_1 entered promiscuous mode [ 85.336346][ T2602] device batadv_slave_1 left promiscuous mode [ 85.364498][ T369] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 86.115140][ T2637] syz.4.933[2637] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.115189][ T2637] syz.4.933[2637] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.127518][ T2637] syz.4.933[2637] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.138806][ T2637] syz.4.933[2637] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.151453][ T2637] EXT4-fs warning (device sda1): ext4_group_extend:1822: can't shrink FS - resize aborted [ 86.218149][ T369] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 86.231802][ T2639] loop4: detected capacity change from 0 to 256 [ 86.238551][ T369] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 86.249775][ T369] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 86.260056][ T369] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 86.272857][ T369] usb 1-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00 [ 86.304787][ T2641] loop2: detected capacity change from 0 to 2048 [ 86.318072][ T2639] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 86.330029][ T369] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.338965][ T369] usb 1-1: config 0 descriptor?? [ 86.352682][ T2641] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,noload,jqfmt=vfsold,. Quota mode: writeback. [ 86.376973][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 86.376988][ T30] audit: type=1400 audit(1719359464.460:977): avc: denied { read write } for pid=2640 comm="syz.2.936" name="bus" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 86.405260][ T30] audit: type=1400 audit(1719359464.480:978): avc: denied { open } for pid=2640 comm="syz.2.936" path="/root/syzkaller.QQwdgo/14/file0/bus" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 86.429968][ T2641] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.936: bg 0: block 234: padding at end of block bitmap is not set [ 86.451077][ T2641] EXT4-fs (loop2): Remounting filesystem read-only [ 86.482667][ T2667] loop3: detected capacity change from 0 to 256 [ 86.498787][ T2671] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2671 comm=syz.1.949 [ 86.691179][ T2696] input: syz0 as /devices/virtual/input/input9 [ 86.697902][ T30] audit: type=1400 audit(1719359464.780:979): avc: denied { read } for pid=85 comm="acpid" name="event3" dev="devtmpfs" ino=562 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 86.731597][ T2695] loop1: detected capacity change from 0 to 2048 [ 86.748080][ T30] audit: type=1400 audit(1719359464.780:980): avc: denied { open } for pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=562 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 86.771359][ T30] audit: type=1400 audit(1719359464.790:981): avc: denied { ioctl } for pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=562 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 86.796969][ T2695] loop1: p1 < > p4 [ 86.801901][ T2695] loop1: p4 size 8388608 extends beyond EOD, truncated [ 86.828862][ T369] thrustmaster 0003:044F:B653.000B: unbalanced delimiter at end of report description [ 86.838512][ T369] thrustmaster 0003:044F:B653.000B: parse failed [ 86.844671][ T369] thrustmaster: probe of 0003:044F:B653.000B failed with error -22 [ 86.850399][ T30] audit: type=1400 audit(1719359464.930:982): avc: denied { mounton } for pid=2694 comm="syz.1.959" path="/dev/loop1p1" dev="devtmpfs" ino=563 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 87.018057][ T39] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 87.031180][ T321] usb 1-1: USB disconnect, device number 8 [ 87.198101][ T20] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 87.258073][ T39] usb 4-1: Using ep0 maxpacket: 32 [ 87.328493][ T2704] loop2: detected capacity change from 0 to 16 [ 87.359664][ T2704] erofs: (device loop2): mounted with root inode @ nid 36. [ 87.438052][ T20] usb 2-1: Using ep0 maxpacket: 16 [ 87.458418][ T39] usb 4-1: New USB device found, idVendor=046d, idProduct=08f6, bcdDevice=81.8a [ 87.458435][ T30] audit: type=1400 audit(1719359465.550:983): avc: denied { bind } for pid=2708 comm="syz.2.964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 87.486694][ T39] usb 4-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 87.494930][ T39] usb 4-1: Product: syz [ 87.500754][ T39] usb 4-1: config 0 descriptor?? [ 87.548137][ T2709] netlink: 'syz.2.964': attribute type 4 has an invalid length. [ 87.568141][ T20] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 87.605748][ T2714] loop2: detected capacity change from 0 to 2048 [ 87.618083][ T20] usb 2-1: language id specifier not provided by device, defaulting to English [ 87.675294][ T2714] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,noload,jqfmt=vfsold,. Quota mode: writeback. [ 87.700068][ T2714] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.966: bg 0: block 234: padding at end of block bitmap is not set [ 87.745038][ T2714] EXT4-fs (loop2): Remounting filesystem read-only [ 87.971921][ T39] usb 4-1: USB disconnect, device number 10 [ 88.168135][ T20] usb 2-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.40 [ 88.177143][ T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 88.184967][ T20] usb 2-1: Product: syz [ 88.189005][ T20] usb 2-1: Manufacturer: 㓊첥눂㺷ᅯ⫦⮴儑끷눙 [ 88.196063][ T20] usb 2-1: SerialNumber: syz [ 88.231930][ T2731] loop2: detected capacity change from 0 to 256 [ 88.248458][ T20] usbhid 2-1:1.0: couldn't find an input interrupt endpoint [ 88.281078][ T2731] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d) [ 88.303401][ T30] audit: type=1326 audit(1719359466.390:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2730 comm="syz.2.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ed20dcae9 code=0x7ffc0000 [ 88.326754][ T30] audit: type=1326 audit(1719359466.390:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2730 comm="syz.2.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ed20dcae9 code=0x7ffc0000 [ 88.350198][ T30] audit: type=1326 audit(1719359466.400:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2730 comm="syz.2.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6ed20dcae9 code=0x7ffc0000 [ 88.450947][ T20] usb 2-1: USB disconnect, device number 8 [ 88.909248][ T2753] loop3: detected capacity change from 0 to 512 [ 88.949021][ T2753] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 88.998771][ T39] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 89.025977][ T2753] EXT4-fs (loop3): 1 truncate cleaned up [ 89.031871][ T2753] EXT4-fs (loop3): mounted filesystem without journal. Opts: nouid32,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback. [ 89.162381][ T2750] loop4: detected capacity change from 0 to 1024 [ 89.218993][ T2750] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 89.231379][ T2750] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 89.239647][ T2750] System zones: 0-1, 2-3, 4-36, 98-101, 102-102 [ 89.246302][ T2750] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,debug,norecovery,commit=0x0000000000000005,norecovery,,errors=continue. Quota mode: writeback. [ 89.317717][ T2766] serio: Serial port ptm0 [ 89.406332][ T20] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 89.431912][ T39] usb 3-1: New USB device found, idVendor=04dd, idProduct=8007, bcdDevice=6b.3f [ 89.446495][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.452804][ T2773] loop4: detected capacity change from 0 to 256 [ 89.463935][ T39] usb 3-1: config 0 descriptor?? [ 89.500991][ T2773] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 89.508552][ T39] usb 3-1: unsupported MDLM descriptors [ 89.725961][ T697] usb 3-1: USB disconnect, device number 12 [ 89.848112][ T20] usb 4-1: Using ep0 maxpacket: 16 [ 89.860211][ T2791] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=2791 comm=syz.4.993 [ 90.008119][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 90.018876][ T20] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 90.031394][ T20] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 90.040322][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.048622][ T20] usb 4-1: config 0 descriptor?? [ 90.245715][ T2797] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 90.297077][ T2805] loop0: detected capacity change from 0 to 256 [ 90.330870][ T2805] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 90.391179][ T2819] serio: Serial port pts0 [ 90.417231][ T2799] loop1: detected capacity change from 0 to 1024 [ 90.458671][ T2799] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 90.478391][ T2799] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800e11d, mo2=0002] [ 90.486509][ T2799] System zones: 0-1, 2-3, 4-36, 98-101, 102-102 [ 90.493144][ T2799] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,debug,norecovery,commit=0x0000000000000005,norecovery,,errors=continue. Quota mode: writeback. [ 90.730315][ T20] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.000C/input/input10 [ 90.809196][ T20] microsoft 0003:045E:07DA.000C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 91.178060][ T20] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 91.695607][ T20] usb 2-1: New USB device found, idVendor=04dd, idProduct=8007, bcdDevice=6b.3f [ 91.704585][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.712915][ T20] usb 2-1: config 0 descriptor?? [ 91.758405][ T20] usb 2-1: unsupported MDLM descriptors [ 91.973354][ T20] usb 2-1: USB disconnect, device number 9 [ 91.979227][ T315] usb 4-1: USB disconnect, device number 11 [ 92.113583][ T2859] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 92.120629][ T2859] IPv6: NLM_F_CREATE should be set when creating new route [ 92.554988][ T315] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 92.831287][ T315] usb 4-1: Using ep0 maxpacket: 8 [ 93.150863][ T2880] loop1: detected capacity change from 0 to 512 [ 93.225941][ T2880] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 93.258202][ T315] usb 4-1: config 3 has an invalid interface number: 209 but max is 1 [ 93.266264][ T315] usb 4-1: config 3 has an invalid interface number: 163 but max is 1 [ 93.307472][ T315] usb 4-1: config 3 has no interface number 0 [ 93.313447][ T315] usb 4-1: config 3 has no interface number 1 [ 93.320245][ T315] usb 4-1: config 3 interface 209 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 93.325402][ T2880] EXT4-fs (loop1): 1 truncate cleaned up [ 93.343634][ T2880] EXT4-fs (loop1): mounted filesystem without journal. Opts: nouid32,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback. [ 93.395588][ T315] usb 4-1: config 3 interface 163 altsetting 8 endpoint 0xF has invalid maxpacket 1023, setting to 64 [ 93.406832][ T315] usb 4-1: config 3 interface 163 altsetting 8 has a duplicate endpoint with address 0x7, skipping [ 93.418322][ T315] usb 4-1: config 3 interface 209 has no altsetting 0 [ 93.424945][ T315] usb 4-1: config 3 interface 163 has no altsetting 0 [ 93.618303][ T315] usb 4-1: Dual-Role OTG device on HNP port [ 93.638153][ T315] usb 4-1: New USB device found, idVendor=2040, idProduct=7070, bcdDevice=19.44 [ 93.647658][ T315] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.655792][ T315] usb 4-1: Product: ᜡ౲Ꝛற⬮濤椽씤윷壥䴠쟂퇵姙篈ꍷٖퟔꭂꔈ䚤樓䖁慝骂얾柃璘ず깜䠖⫢垻醒솑悼ﶀ´贔驾屫জ䐱ꅮ欚背砀ὅ龜哢屖ꑟ帏醠랝쒇磈ᑘ泀棕ꞓ戦〧쯰ᬗ埶褴绖⮩뒍ཏ䌢⃽㪹㧅ꅺ䫵擠䦾銓뇰踉髫詓鵢쀥㞋绪잁왯놂 [ 93.686776][ T315] usb 4-1: Manufacturer: Џ [ 93.691402][ T315] usb 4-1: SerialNumber: Ћ [ 93.834283][ T20] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 93.961286][ T2921] kvm: emulating exchange as write [ 93.970077][ T2921] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 94.077208][ T2936] syz.0.1046[2936] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.077256][ T2936] syz.0.1046[2936] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.088504][ T20] usb 2-1: Using ep0 maxpacket: 16 [ 94.110547][ T2936] syz.0.1046[2936] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.110593][ T2936] syz.0.1046[2936] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.228166][ T20] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 94.250576][ T20] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 94.263375][ T20] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 94.272691][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.281181][ T20] usb 2-1: config 0 descriptor?? [ 94.339448][ T315] usb 4-1: USB disconnect, device number 12 [ 94.353461][ T30] kauditd_printk_skb: 145 callbacks suppressed [ 94.353476][ T30] audit: type=1400 audit(1719359472.440:1132): avc: denied { getattr } for pid=2959 comm="syz.0.1055" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 94.354828][ T2960] overlayfs: statfs failed on './file0' [ 94.441988][ T2962] loop2: detected capacity change from 0 to 512 [ 94.442163][ T2950] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 94.506769][ T2964] syz.4.1058[2964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.506851][ T2964] syz.4.1058[2964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.519336][ T2964] syz.4.1058[2964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.532150][ T2962] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 94.552267][ T2964] syz.4.1058[2964] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 94.557053][ T2962] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 94.586640][ T2962] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 94.595792][ T2962] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 94.604309][ T2962] System zones: 0-2, 18-18, 34-34 [ 94.628152][ T2962] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 94.642914][ T2962] EXT4-fs (loop2): 1 truncate cleaned up [ 94.648602][ T2962] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 94.665659][ T30] audit: type=1400 audit(1719359472.750:1133): avc: denied { ioctl } for pid=2961 comm="syz.2.1056" path="/root/syzkaller.QQwdgo/45/file1/file1" dev="loop2" ino=15 ioctlcmd=0x5839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 94.754519][ T20] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.000D/input/input11 [ 94.836366][ T20] microsoft 0003:045E:07DA.000D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 95.672814][ T3011] overlayfs: statfs failed on './file0' [ 95.690620][ T3013] loop0: detected capacity change from 0 to 512 [ 95.739810][ T3013] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 95.748998][ T3013] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 95.765226][ T3020] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1076'. [ 95.774119][ T3013] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 95.784740][ T3013] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 95.792630][ T3013] System zones: 0-2, 18-18, 34-34 [ 95.798212][ T3013] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 95.812825][ T3013] EXT4-fs (loop0): 1 truncate cleaned up [ 95.818344][ T3013] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 95.947215][ T3048] incfs: Error accessing: ./file0/file0. [ 95.952779][ T3048] incfs: mount failed -2 [ 95.965916][ T3050] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1090'. [ 96.078103][ T20] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 96.183301][ T3068] syz.3.1098 (3068): attempted to duplicate a private mapping with mremap. This is not supported. [ 96.197393][ T30] audit: type=1400 audit(1719359474.280:1134): avc: denied { create } for pid=3067 comm="syz.3.1098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 96.219688][ T3074] incfs: Error accessing: ./file0/file0. [ 96.225259][ T3074] incfs: mount failed -2 [ 96.239582][ T3076] device batadv_slave_0 entered promiscuous mode [ 96.241134][ T3078] netlink: 'syz.3.1103': attribute type 3 has an invalid length. [ 96.245999][ T3076] device batadv_slave_1 entered promiscuous mode [ 96.261932][ T3075] device batadv_slave_1 left promiscuous mode [ 96.268065][ T3075] device batadv_slave_0 left promiscuous mode [ 96.338076][ T20] usb 5-1: Using ep0 maxpacket: 8 [ 96.568157][ T20] usb 5-1: config 3 has an invalid interface number: 209 but max is 1 [ 96.576191][ T20] usb 5-1: config 3 has an invalid interface number: 163 but max is 1 [ 96.584400][ T20] usb 5-1: config 3 has no interface number 0 [ 96.590346][ T20] usb 5-1: config 3 has no interface number 1 [ 96.596393][ T20] usb 5-1: config 3 interface 209 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 96.609531][ T20] usb 5-1: config 3 interface 163 altsetting 8 endpoint 0xF has invalid maxpacket 1023, setting to 64 [ 96.620465][ T20] usb 5-1: config 3 interface 163 altsetting 8 has a duplicate endpoint with address 0x7, skipping [ 96.645920][ T20] usb 5-1: config 3 interface 209 has no altsetting 0 [ 96.761164][ T3095] loop3: detected capacity change from 0 to 256 [ 96.767757][ T30] audit: type=1400 audit(1719359474.790:1135): avc: denied { listen } for pid=3089 comm="syz.3.1107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 96.838943][ T20] usb 5-1: config 3 interface 163 has no altsetting 0 [ 96.846812][ T321] usb 2-1: USB disconnect, device number 10 [ 96.855777][ T3095] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5b196f7a, utbl_chksum : 0xe619d30d) [ 96.980067][ T3106] incfs: Error accessing: ./file0/file0. [ 96.985618][ T3106] incfs: mount failed -2 [ 96.996106][ T3108] netlink: 'syz.2.1114': attribute type 3 has an invalid length. [ 97.008176][ T20] usb 5-1: Dual-Role OTG device on HNP port [ 97.022684][ T3112] device batadv_slave_0 entered promiscuous mode [ 97.029764][ T3112] device batadv_slave_1 entered promiscuous mode [ 97.036169][ T3111] device batadv_slave_1 left promiscuous mode [ 97.042125][ T20] usb 5-1: New USB device found, idVendor=2040, idProduct=7070, bcdDevice=19.44 [ 97.042505][ T3111] device batadv_slave_0 left promiscuous mode [ 97.051075][ T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.064796][ T20] usb 5-1: Product: ᜡ౲Ꝛற⬮濤椽씤윷壥䴠쟂퇵姙篈ꍷٖퟔꭂꔈ䚤樓䖁慝骂얾柃璘ず깜䠖⫢垻醒솑悼ﶀ´贔驾屫জ䐱ꅮ欚背砀ὅ龜哢屖ꑟ帏醠랝쒇磈ᑘ泀棕ꞓ戦〧쯰ᬗ埶褴绖⮩뒍ཏ䌢⃽㪹㧅ꅺ䫵擠䦾銓뇰踉髫詓鵢쀥㞋绪잁왯놂 [ 97.095341][ T20] usb 5-1: Manufacturer: Џ [ 97.100083][ T20] usb 5-1: SerialNumber: Ћ [ 97.151555][ T30] audit: type=1400 audit(1719359475.240:1136): avc: denied { ioctl } for pid=3117 comm="syz.0.1119" path="/root/syzkaller.gYhTV1/95/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 97.151578][ T3118] Source file dentry negative [ 97.221922][ T3130] loop0: detected capacity change from 0 to 512 [ 97.239156][ T3130] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 97.248103][ T3130] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 97.256948][ T3130] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 97.265990][ T3130] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 97.274002][ T3130] System zones: 0-2, 18-18, 34-34 [ 97.279496][ T3130] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 97.294306][ T3130] EXT4-fs (loop0): 1 truncate cleaned up [ 97.299880][ T3130] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 97.315250][ T3133] incfs: Error accessing: ./file0/file0. [ 97.320781][ T3133] incfs: mount failed -2 [ 97.328052][ T321] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 97.340356][ T3135] device batadv_slave_0 entered promiscuous mode [ 97.347018][ T3135] device batadv_slave_1 entered promiscuous mode [ 97.353531][ T3134] device batadv_slave_1 left promiscuous mode [ 97.359677][ T3137] netlink: 'syz.0.1126': attribute type 3 has an invalid length. [ 97.367464][ T3134] device batadv_slave_0 left promiscuous mode [ 97.445956][ T3147] Source file dentry negative [ 97.549657][ T3160] loop0: detected capacity change from 0 to 512 [ 97.568906][ T3160] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 97.577936][ T3160] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 97.586747][ T3160] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 97.595620][ T3160] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 97.603583][ T3160] System zones: 0-2, 18-18, 34-34 [ 97.609162][ T3160] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 97.625317][ T3160] EXT4-fs (loop0): 1 truncate cleaned up [ 97.631030][ T3160] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 97.689475][ T3164] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 97.819321][ T20] usb 5-1: USB disconnect, device number 5 [ 97.843178][ T3166] loop0: detected capacity change from 0 to 256 [ 97.888141][ T321] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 97.898666][ T3166] exfat: Deprecated parameter 'namecase' [ 97.898812][ T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 97.904653][ T3166] exFAT-fs (loop0): bogus data start sector [ 97.920754][ T3166] exFAT-fs (loop0): failed to read boot sector [ 97.924810][ T321] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.926802][ T3166] exFAT-fs (loop0): failed to recognize exfat type [ 97.936442][ T321] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 97.955511][ T321] usb 2-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00 [ 97.964360][ T321] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.972636][ T321] usb 2-1: config 0 descriptor?? [ 98.042883][ T3168] netlink: 'syz.0.1139': attribute type 3 has an invalid length. [ 98.057031][ T3170] device batadv_slave_0 entered promiscuous mode [ 98.063777][ T3170] device batadv_slave_1 entered promiscuous mode [ 98.070590][ T3169] device batadv_slave_1 left promiscuous mode [ 98.076625][ T3169] device batadv_slave_0 left promiscuous mode [ 98.233587][ T3179] loop0: detected capacity change from 0 to 256 [ 98.298919][ T3179] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5b196f7a, utbl_chksum : 0xe619d30d) [ 98.461928][ T3182] device syzkaller0 entered promiscuous mode [ 98.499402][ T3184] loop2: detected capacity change from 0 to 2048 [ 98.528524][ T3184] loop2: p1 < > p4 [ 98.533626][ T3184] loop2: p4 size 8388608 extends beyond EOD, truncated [ 98.609131][ T30] audit: type=1326 audit(1719359476.700:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3196 comm="syz.4.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 98.634141][ T30] audit: type=1326 audit(1719359476.700:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3196 comm="syz.4.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 98.660919][ T321] thrustmaster 0003:044F:B653.000E: unbalanced delimiter at end of report description [ 98.670686][ T321] thrustmaster 0003:044F:B653.000E: parse failed [ 98.676935][ T321] thrustmaster: probe of 0003:044F:B653.000E failed with error -22 [ 98.686585][ T30] audit: type=1326 audit(1719359476.700:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3196 comm="syz.4.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 98.718080][ T30] audit: type=1326 audit(1719359476.700:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3196 comm="syz.4.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 98.752068][ T30] audit: type=1326 audit(1719359476.700:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3196 comm="syz.4.1150" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f52ba19bae9 code=0x7ffc0000 [ 98.777241][ T3207] netlink: 'syz.3.1154': attribute type 1 has an invalid length. [ 98.784941][ T3207] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1154'. [ 99.080523][ T697] usb 2-1: USB disconnect, device number 11 [ 99.098073][ T20] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 99.264667][ T3234] loop4: detected capacity change from 0 to 1024 [ 99.291871][ T3234] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,,errors=continue. Quota mode: none. [ 99.306441][ T3234] EXT4-fs (loop4): Unrecognized mount option "۟?֞v+'ޓV"$l?豭|'o>uG=[]{Ľ[ԉ|O/_'" or missing value [ 99.329407][ T1217] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.2Yhzmi/148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.353177][ T20] usb 3-1: Using ep0 maxpacket: 16 [ 99.358552][ T1217] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.377441][ T30] kauditd_printk_skb: 30 callbacks suppressed [ 99.377459][ T30] audit: type=1400 audit(1719359477.450:1172): avc: denied { rmdir } for pid=1217 comm="syz-executor" name="lost+found" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 99.406397][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.417868][ T1217] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.2Yhzmi/148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.441305][ T1217] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.460442][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.471974][ T1217] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.2Yhzmi/148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.495538][ T1217] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.514673][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.518107][ T20] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 99.526606][ T1217] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.2Yhzmi/148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.558999][ T1217] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.578702][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.590235][ T1217] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.2Yhzmi/148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.598107][ T20] usb 3-1: language id specifier not provided by device, defaulting to English [ 99.622701][ T1217] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 99.642566][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.660648][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.677040][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.689655][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.702029][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.714078][ T1217] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 99.741295][ T3246] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=3246 comm=syz.0.1168 [ 99.758151][ T3251] input: syz0 as /devices/virtual/input/input12 [ 99.768407][ T20] usb 3-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.40 [ 99.771326][ T3253] binder: 3252:3253 unknown command 0 [ 99.777520][ T20] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.782918][ T3253] binder: 3252:3253 ioctl c0306201 20000380 returned -22 [ 99.793151][ T20] usb 3-1: Product: syz [ 99.805865][ T20] usb 3-1: Manufacturer: 㓊첥눂㺷ᅯ⫦⮴儑끷눙 [ 99.813233][ T20] usb 3-1: SerialNumber: syz [ 99.858483][ T20] usbhid 3-1:1.0: couldn't find an input interrupt endpoint [ 99.946013][ T3263] loop1: detected capacity change from 0 to 256 [ 99.981112][ T321] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 99.994931][ T3263] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5b196f7a, utbl_chksum : 0xe619d30d) [ 100.191742][ T315] usb 3-1: USB disconnect, device number 13 [ 100.202274][ T3261] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.209375][ T3261] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.216747][ T3261] device bridge_slave_0 entered promiscuous mode [ 100.225909][ T3261] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.233004][ T3261] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.240358][ T3261] device bridge_slave_1 entered promiscuous mode [ 100.315899][ T3261] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.322790][ T3261] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.329905][ T3261] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.336738][ T3261] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.365314][ T30] audit: type=1326 audit(1719359478.450:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 100.369092][ T697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 100.397017][ T697] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.404521][ T697] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.411611][ T30] audit: type=1326 audit(1719359478.450:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 100.435085][ T30] audit: type=1326 audit(1719359478.450:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 100.458544][ T30] audit: type=1326 audit(1719359478.450:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 100.481925][ T30] audit: type=1326 audit(1719359478.450:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 100.508233][ T30] audit: type=1326 audit(1719359478.450:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 100.508425][ T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.542572][ T30] audit: type=1326 audit(1719359478.450:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 100.542604][ T30] audit: type=1326 audit(1719359478.450:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 100.542625][ T30] audit: type=1326 audit(1719359478.480:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3275 comm="syz.0.1180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe9b3060ae9 code=0x7ffc0000 [ 100.566184][ T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.626208][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 100.635858][ T321] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 100.636992][ T3278] request_module fs-ceph succeeded, but still no fs? [ 100.651717][ T362] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.658595][ T362] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.666148][ T321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.676501][ T321] usb 4-1: config 0 descriptor?? [ 100.678791][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 100.689420][ T362] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.696287][ T362] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.703767][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 100.717649][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 100.735867][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 100.765889][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 100.776729][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 100.782591][ T3283] input: syz0 as /devices/virtual/input/input13 [ 100.784370][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 100.801352][ T3261] device veth0_vlan entered promiscuous mode [ 100.812987][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 100.822192][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 100.833466][ T10] device bridge_slave_1 left promiscuous mode [ 100.840032][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.849437][ T10] device bridge_slave_0 left promiscuous mode [ 100.855683][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.906078][ T10] device veth1_macvtap left promiscuous mode [ 100.912359][ T10] device veth0_vlan left promiscuous mode [ 101.004524][ T3288] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1185'. [ 101.021024][ T3288] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1185'. [ 101.030318][ T3288] netlink: 'syz.1.1185': attribute type 2 has an invalid length. [ 101.038081][ T3288] netlink: 'syz.1.1185': attribute type 3 has an invalid length. [ 101.158939][ T321] isku 0003:1E7D:319C.000F: unknown main item tag 0x0 [ 101.167687][ T321] isku 0003:1E7D:319C.000F: unbalanced collection at end of report description [ 101.184714][ T321] isku 0003:1E7D:319C.000F: parse failed [ 101.190629][ T321] isku: probe of 0003:1E7D:319C.000F failed with error -22 [ 101.221405][ T3261] device veth1_macvtap entered promiscuous mode [ 101.233402][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 101.241119][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 101.249182][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 101.257451][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 101.336968][ T3297] loop1: detected capacity change from 0 to 512 [ 101.409108][ T3297] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 101.470286][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 101.498036][ T3297] EXT4-fs (loop1): 1 truncate cleaned up [ 101.503533][ T3297] EXT4-fs (loop1): mounted filesystem without journal. Opts: nouid32,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback. [ 101.548193][ T60] usb 4-1: USB disconnect, device number 13 [ 101.760208][ T3320] loop4: detected capacity change from 0 to 1024 [ 101.789509][ T3320] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,,errors=continue. Quota mode: none. [ 101.803061][ T3320] EXT4-fs (loop4): Unrecognized mount option "۟?֞v+'ޓV"$l?豭|'o>uG=[]{Ľ[ԉ|O/_'" or missing value [ 101.808067][ T39] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 101.951303][ T3327] xt_CT: No such helper "netbios-ns" [ 102.067262][ T3261] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.jDTeAL/2/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.090537][ T3261] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.139683][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.151262][ T3261] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.jDTeAL/2/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.174268][ T39] usb 2-1: Using ep0 maxpacket: 16 [ 102.174720][ T3261] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.198657][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.210255][ T3261] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.jDTeAL/2/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.233354][ T3261] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.316964][ T3331] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 102.340355][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 102.351600][ T39] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 102.364513][ T39] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 102.373742][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.383282][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.404352][ T3261] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.jDTeAL/2/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.427838][ T3261] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.448371][ T39] usb 2-1: config 0 descriptor?? [ 102.453370][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.464906][ T3261] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor: path /root/syzkaller.jDTeAL/2/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.489189][ T3261] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 102.508879][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.520654][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.532462][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.556381][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.610438][ T3339] loop2: detected capacity change from 0 to 512 [ 102.617306][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.629298][ T3261] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor: directory missing '.' [ 102.646007][ T3339] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e02c, mo2=0002] [ 102.653920][ T3339] System zones: 1-12 [ 102.658880][ T3339] EXT4-fs error (device loop2): __ext4_iget:4892: inode #11: block 393240: comm syz.2.1203: invalid block [ 102.670318][ T3339] EXT4-fs (loop2): Remounting filesystem read-only [ 102.676735][ T3339] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1203: couldn't read orphan inode 11 (err -117) [ 102.688937][ T3339] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier=0x0000000000000004,min_batch_time=0x0000000000000001,nojournal_checksum,errors=remount-ro,stripe=0x000000007fffffff. Quota mode: none. [ 103.059061][ T39] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0010/input/input14 [ 103.145345][ T39] microsoft 0003:045E:07DA.0010: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 103.278588][ T3352] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.285558][ T3352] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.293339][ T3352] device bridge_slave_0 entered promiscuous mode [ 103.300439][ T3352] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.307362][ T3352] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.314858][ T3352] device bridge_slave_1 entered promiscuous mode [ 103.322173][ T327] device bridge_slave_1 left promiscuous mode [ 103.338457][ T327] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.345859][ T327] device bridge_slave_0 left promiscuous mode [ 103.351850][ T327] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.359819][ T327] device veth1_macvtap left promiscuous mode [ 103.365641][ T327] device veth0_vlan left promiscuous mode [ 103.477322][ T3352] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.484229][ T3352] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.491324][ T3352] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.498096][ T3352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.517246][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 103.524809][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.532049][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.538966][ T321] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 103.549461][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 103.557672][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.564517][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.580909][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 103.589005][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.595838][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.603057][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 103.611184][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 103.619214][ T3371] netlink: 'syz.3.1214': attribute type 4 has an invalid length. [ 103.641527][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 103.652524][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 103.660378][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 103.667553][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 103.676189][ T3352] device veth0_vlan entered promiscuous mode [ 103.687810][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 103.697576][ T3352] device veth1_macvtap entered promiscuous mode [ 103.707385][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 103.717488][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 103.938144][ T321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.948967][ T321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.958600][ T321] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 103.967440][ T321] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.976045][ T321] usb 1-1: config 0 descriptor?? [ 104.388076][ T39] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 104.404367][ T30] kauditd_printk_skb: 107 callbacks suppressed [ 104.404381][ T30] audit: type=1326 audit(1719359482.490:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3394 comm="syz.4.1224" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f59a629fae9 code=0x0 [ 104.496609][ T20] usb 2-1: USB disconnect, device number 12 [ 104.507468][ T321] isku 0003:1E7D:319C.0011: unknown main item tag 0x0 [ 104.515903][ T321] isku 0003:1E7D:319C.0011: unbalanced collection at end of report description [ 104.528154][ T321] isku 0003:1E7D:319C.0011: parse failed [ 104.536970][ T321] isku: probe of 0003:1E7D:319C.0011 failed with error -22 [ 104.645911][ T3400] device syzkaller0 entered promiscuous mode [ 104.723432][ T315] usb 1-1: USB disconnect, device number 9 [ 104.748268][ T39] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 104.839481][ T39] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 104.848600][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 104.856625][ T39] usb 3-1: SerialNumber: syz [ 105.260890][ T3408] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1228'. [ 105.278675][ T30] audit: type=1326 audit(1719359483.370:1290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3409 comm="syz.3.1229" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c636ecae9 code=0x0 [ 105.381649][ T3421] netlink: 'syz.3.1229': attribute type 4 has an invalid length. [ 105.395892][ T3423] loop0: detected capacity change from 0 to 512 [ 105.430059][ T3423] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e02c, mo2=0002] [ 105.437929][ T3423] System zones: 1-12 [ 105.442308][ T3423] EXT4-fs error (device loop0): __ext4_iget:4892: inode #11: block 393240: comm syz.0.1234: invalid block [ 105.453687][ T3423] EXT4-fs (loop0): Remounting filesystem read-only [ 105.460133][ T3423] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.1234: couldn't read orphan inode 11 (err -117) [ 105.471971][ T3423] EXT4-fs (loop0): mounted filesystem without journal. Opts: barrier=0x0000000000000004,min_batch_time=0x0000000000000001,nojournal_checksum,errors=remount-ro,stripe=0x000000007fffffff. Quota mode: none. [ 105.524333][ T3426] /dev/nbd0: Can't open blockdev [ 105.549743][ T39] cdc_ether 3-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.2-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 105.776095][ T39] usb 3-1: USB disconnect, device number 14 [ 105.783667][ T39] cdc_ether 3-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.2-1, CDC Ethernet Device [ 106.172154][ T3441] loop3: detected capacity change from 0 to 256 [ 106.194598][ T3443] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1242'. [ 106.229835][ T3441] exfat: Deprecated parameter 'utf8' [ 106.235264][ T3441] exfat: Deprecated parameter 'namecase' [ 106.241035][ T3441] exfat: Deprecated parameter 'utf8' [ 106.254262][ T3441] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 106.694466][ T3454] loop4: detected capacity change from 0 to 512 [ 106.837511][ T3456] netem: change failed [ 106.846758][ T3454] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e02c, mo2=0002] [ 106.855073][ T3454] System zones: 1-12 [ 106.860865][ T3454] EXT4-fs error (device loop4): __ext4_iget:4892: inode #11: block 393240: comm syz.4.1246: invalid block [ 106.872307][ T3454] EXT4-fs (loop4): Remounting filesystem read-only [ 106.879123][ T3454] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.1246: couldn't read orphan inode 11 (err -117) [ 106.891297][ T3454] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier=0x0000000000000004,min_batch_time=0x0000000000000001,nojournal_checksum,errors=remount-ro,stripe=0x000000007fffffff. Quota mode: none. [ 107.105136][ T3472] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1254'. [ 107.123514][ T30] audit: type=1400 audit(1719359485.210:1291): avc: denied { nlmsg_read } for pid=3478 comm="syz.4.1258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 107.169661][ T30] audit: type=1400 audit(1719359485.260:1292): avc: denied { setopt } for pid=3488 comm="syz.3.1262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 107.199691][ T3493] syz.3.1263[3493] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 107.199751][ T3493] syz.3.1263[3493] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 107.243192][ T3495] loop4: detected capacity change from 0 to 256 [ 107.279040][ T3495] exfat: Deprecated parameter 'utf8' [ 107.284210][ T3495] exfat: Deprecated parameter 'namecase' [ 107.289950][ T3495] exfat: Deprecated parameter 'utf8' [ 107.297438][ T3495] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 107.375350][ T3504] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1269'. [ 107.586912][ T60] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 107.612450][ T3514] /dev/nbd3: Can't open blockdev [ 107.649114][ T3520] syz.3.1276[3520] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 107.649185][ T3520] syz.3.1276[3520] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 107.738149][ T3528] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1280'. [ 107.999179][ T60] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 108.012117][ T321] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 108.110929][ T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 108.119866][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 108.127609][ T60] usb 1-1: SerialNumber: syz [ 108.213293][ T3557] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 108.508227][ T321] usb 4-1: config 0 contains an unexpected descriptor of type 0x2, skipping [ 108.517010][ T321] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 108.527275][ T321] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 108.618660][ T321] usb 4-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00 [ 108.627763][ T321] usb 4-1: New USB device strings: Mfr=0, Product=18, SerialNumber=0 [ 108.635823][ T321] usb 4-1: Product: syz [ 108.640876][ T321] usb 4-1: config 0 descriptor?? [ 108.807141][ T30] audit: type=1400 audit(1719359486.890:1293): avc: denied { read write } for pid=3607 comm="syz.2.1316" name="uhid" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 108.832836][ T60] cdc_ether 1-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 108.853140][ T30] audit: type=1400 audit(1719359486.890:1294): avc: denied { open } for pid=3607 comm="syz.2.1316" path="/dev/uhid" dev="devtmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 108.920614][ T697] usb 4-1: USB disconnect, device number 14 [ 109.036196][ T362] usb 1-1: USB disconnect, device number 10 [ 109.047300][ T362] cdc_ether 1-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [ 109.462424][ T3644] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 109.820654][ T30] audit: type=1326 audit(1719359487.910:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3661 comm="syz.4.1339" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f59a629fae9 code=0x0 [ 110.516037][ T30] audit: type=1400 audit(1719359488.600:1296): avc: denied { ioctl } for pid=3688 comm="syz.1.1350" path="socket:[32719]" dev="sockfs" ino=32719 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 110.565968][ T30] audit: type=1400 audit(1719359488.630:1297): avc: denied { read } for pid=3688 comm="syz.1.1350" path="socket:[32719]" dev="sockfs" ino=32719 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 110.614754][ T30] audit: type=1326 audit(1719359488.690:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3696 comm="syz.1.1354" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f53cae10ae9 code=0x0 [ 110.645795][ T3702] loop3: detected capacity change from 0 to 1024 [ 110.667832][ T3708] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3708 comm=syz.4.1359 [ 110.685025][ T3707] loop1: detected capacity change from 0 to 512 [ 110.710413][ T3702] EXT4-fs (loop3): barriers disabled [ 110.710599][ T3707] EXT4-fs (loop1): bad s_want_extra_isize: 11962 [ 110.716948][ T3702] JBD2: no valid journal superblock found [ 110.727359][ T3702] EXT4-fs (loop3): error loading journal [ 110.745076][ T3716] loop0: detected capacity change from 0 to 2048 [ 110.799021][ T3716] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 110.809479][ T3716] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000000,grpid,nomblk_io_submit,stripe=0x000000000004ffff,norecovery,errors=remount-ro,bsddf,. Quota mode: none. [ 110.958318][ T30] audit: type=1400 audit(1719359488.970:1299): avc: denied { mounton } for pid=3715 comm="syz.0.1363" path="/root/syzkaller.gYhTV1/145/file1/file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 111.044961][ T3723] EXT4-fs error (device loop0): ext4_read_inline_dir:1610: inode #12: block 5: comm syz.0.1363: path /root/syzkaller.gYhTV1/145/file1/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0 [ 111.083811][ T3723] EXT4-fs (loop0): Remounting filesystem read-only [ 111.130550][ T30] audit: type=1326 audit(1719359489.220:1300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3739 comm="syz.4.1371" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f59a629fae9 code=0x0 [ 111.179618][ T3744] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3744 comm=syz.1.1372 [ 111.231217][ T3750] loop1: detected capacity change from 0 to 1024 [ 111.257927][ T30] audit: type=1400 audit(1719359489.340:1301): avc: denied { setopt } for pid=3751 comm="syz.3.1378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 111.264257][ T3754] loop4: detected capacity change from 0 to 512 [ 111.283694][ T3720] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 111.284215][ T3750] EXT4-fs (loop1): barriers disabled [ 111.301387][ T3750] JBD2: no valid journal superblock found [ 111.306986][ T3750] EXT4-fs (loop1): error loading journal [ 111.312576][ T321] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 111.321191][ T3754] EXT4-fs (loop4): bad s_want_extra_isize: 11962 [ 111.718296][ T30] audit: type=1326 audit(1719359489.810:1302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3768 comm="syz.1.1386" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f53cae10ae9 code=0x0