last executing test programs: 1m0.849796222s ago: executing program 4 (id=5): mkdirat(0xffffffffffffff9c, &(0x7f0000001a40)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000240)='./file0\x00') 1m0.824309912s ago: executing program 4 (id=6): capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000}) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000300)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}, {@stripe={'stripe', 0x3d, 0x2}}, {@jqfmt_vfsold}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) unlink(0x0) 1m0.697098424s ago: executing program 4 (id=7): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x40048c67) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000180)={0x27800000000, 0x0, 0x8, r2, 0x1}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x27800000000, 0x0, 0x8, r2, 0x5}) 1m0.662552015s ago: executing program 32 (id=7): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x40048c67) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000180)={0x27800000000, 0x0, 0x8, r2, 0x1}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x27800000000, 0x0, 0x8, r2, 0x5}) 4.558332672s ago: executing program 1 (id=1107): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f0000000400)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1000}}, {@nodiscard}, {@quota}]}, 0x1, 0x56f, &(0x7f00000004c0)="$eJzs3c9vHFcdAPDvjH82SesEeoAKSIBCQFHW8aaNql5aLiBUVUJUHBCH1Ngby2Q3G7LrUptIuH8DSCBxgj+BAxIHpJ44wIkjEgdAlANSgYgqRuph0MyO1669Jou93m12Px9pMj/ezHzf283Me367Oy+AiXUpIrYjYjYiXo+IhXJ7Uk7xcmfK93v44P7KzoP7K0lk2Wv/TIr0fFtxwHy5f0ScLc85HxFf/0rEt5PDcVubW7eX6/XavXJ9sd24u9ja3Lq63lheq63V7lSrN5ZuXHvh+vPVgZX1YuMX7355/ZVv/PpXn3zn99tf/H6erXNlWrccA9Yp+kw3Tm46Il45jWAjMFXOZ0ecD44njYiPRMRniut/IaaK/50AwDjLsoXIFvavAwDjLi36wJK0EhFpWjYCKp0+vKfjTFpvttpXbjU37qx2+srOx0x6a71eu3Zh7o/fLXaeSfL1pSKtSC/WqwfWr0fEhYj40dwTxXplpVlfHU2TBwAm3tn99X9EvDeXppVKX4f2+FQPAHhszI86AwDA0Kn/AWDyqP8BYPL0Uf+XH/Zvn3peAIDh6O/vf9/3A4Bxov8fACaP+h8AJsrXXn01n7Kd8vnXq29sbtxuvnF1tda6XWlsrFRWmvfuVtaazbXimT2NR52v3mzeXXouNt5cbNda7cXW5tbNRnPjTvtm8Vzvm7WZoZQKAPhfLlx8+w9JRGy/+EQxxb6xHNTVMN7SAe4FPF6mTnKwBgI81oz2BZOrryq8aCT89tTzAoxGzx/3zPdc/KCf/B9BfM8IPlQuf7z//n9jPMN4OdCz/342qowAQ3e8/v+XBp4PYPiO3f//58HmAxi+LEsOjvk/200CAMbSCb7Cl/1gUI0QYKQe9XDPgXz+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGPmXER8J5K0UowFnub/ppVKxJMRcT5mklvr9dq1iHgqLkbEzFy+vrR78HujzTsAcFzp35Ny/K/LC8+eO5g6m/xnrphHxPd++tqP31xut+8t5dv/1d0+tzt8WHXvuBOMKwgA9O+v/exU1N/Vcr60t/3hg/sru9Mp5vGQd7/UHXx0ZefB/WLqpExHlmVZxHzRljjz7ySmy2PmI+KZiJgaQPzttyLiY73KnxR9I+fLkU/3x48y9pNDjZ9+IH5apHXm+cv30QHkBSbN2/n95+Ve118al4p57+t/vrhDnVxx/5uP2L337eyLP11GmuoRP7/mL/Ub47nffPXQxmyhk/ZWxDPTveIn3fjJEfGf7TP+nz7xqR++dERa9rOIy9E7/v5Yi+3G3cXW5tbV9cbyWm2tdqdavbF049oL15+vLhZ91Iu7PdWH/ePFK08dlbe8/GeOiN95588eKP9s99jP9Vn+n7//+rc+vbc6dzD+Fz7b+/1/uojY+/XP68TP9xl/+cwvjxy+O4+/ekT5H/X+X+kz/jt/21rtc1cAYAham1u3l+v12r0TLeR/hQ7iPIcW8iz2t/Nuc/FkQf8SxcLey5JEEsc+4UzvpLwx1tfhp/WqnvrCdLetONgzfzM/45CLkw68FMdZiPPlwsNhBR3dPQkYjr2LPiJ+N+rcAAAAAAAAAAAAAAAAvQzjN0yjLiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADj678BAAD//2PAxWs=") 4.509101643s ago: executing program 1 (id=1108): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000140)={[{@test_dummy_encryption_v1}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}]}, 0x3, 0x459, &(0x7f0000000ac0)="$eJzs281vFOUfAPDvzHbLjx9gK+ILLyqKxsaXlgIqMRzUaOIBExM96LFpC0EWamhNhBAFY/BkjIl348GD/4InvRjjycSr3g0JMVwAT2tmd4buLrvbdt2yhf18kmmfZ+aZfZ7vzjy7z8yzE8DQ2pv9SSK2RsQfETFWzzYX2Fv/d/3q+dkbV8/PJlGtvv13Uit37er52aJosd+WPDORRqSfJbG7Tb2LZ8+dnKlU5s/k+amlUx9MLZ4999yJUzPH54/Pnz5w+PChg9MvvnDg+b7EmbXp2q6PF/bsfOO9r948+kVT/HkcR/pSU7S+dFtPVqv9rW3AtjWkk5EBNoQ1KUVEdrjKtf4/FqVYPnhj8fqnA20csK6q1Wp1S+fNF6rAXSyJ5rwuD8Oi+KLPrn+LpXUQ8PL6DT8G7sor9QugLO7r+VLfMhJpXqbccn3bT3sj4t0L/3yTLdFyPwUAYD38mI1/nm03/kvjgYZy9+RzQ+MRcW9EbI+I+yJiR0TcH1Er+2BEPLTG+lsnSW4d/6SXewpslbLx35F8bqt5/FeM/mK8lOe21eIvJ8dOVOb35+/JRJQ3ZfnpLnX89NrvX3ba1jj+y5as/mIsmLfj8sim5n3mZpZm/kvMja5cjNg10i7+5OZMQBIROyNiV491nHj6+z2dtq0cfxd9mGeqfhvxVP34X4iW+AtJ9/nJqf9FZX7/VHFW3OrX3y691an+PP6XvotYe/x9kB3//7c9/2/GP540ztcurr2OS39+3vGaptfzfzR5p5Yezdd9NLO0dGY6YjQ5Wm904/oDy/sW+aJ8Fv/Evvb9f3ssvxO7IyI7iR+OiEci4tG87Y9FxOMRsa9L/L+8+sT7K8U/2sv53wdZ/HNrOv7LidFoXdM+UTr58w9NlY7fEv+N7sf/UC01ka9ZzeffatrV29kMAAAAd540IrZGkk7eTKfp5GT99/I7ItLKwuLSM8cWPjw9V39GYDwiLe50jTXcD53OL+vr+YsRUf9pQbH9YH7f+OvS5lp+cnahMjfo4GHIbenQ/zN/lQbdOmDdeV4Lhpf+D8NL/4fhpf/D8GrT/zcPoh3A7dfu+/+TAbQDuP1a+r9pPxgirv9heOn/MLz0fxhKi5tj5YfkuyaKV+px97s2EeUN0Yx1S0S6IZqxYRPlO7xfDO4zCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ/+DQAA//9Ra9vE") creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) symlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') symlink(&(0x7f0000002500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 4.403407175s ago: executing program 1 (id=1109): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000bc0)={{r0}, &(0x7f0000000000), &(0x7f0000000040)=r1}, 0x20) lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0) 4.316341307s ago: executing program 1 (id=1110): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) umount2(&(0x7f0000000000)='./file0/../file0\x00', 0x1) 4.296969657s ago: executing program 1 (id=1111): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000008000000004"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r2}, 0x10) 4.211933699s ago: executing program 1 (id=1112): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3fb, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4771, 0x0, 0x0, 0x1], [0x0, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x334, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x7, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) write$uinput_user_dev(r0, &(0x7f0000000500)={'syz1\x00', {0xb710, 0xe, 0x3}, 0x34, [0xe, 0x1ff, 0x8, 0x3, 0x2, 0x8, 0x69, 0x2, 0x0, 0x874, 0x9, 0xd4a1, 0x3, 0x3, 0x3, 0x5b8, 0x2, 0x6, 0xc, 0x7, 0x51, 0xbe4, 0x100, 0x1, 0xd, 0x8, 0xfff, 0x8, 0xb, 0x80, 0x9ad, 0x29, 0x1, 0x5, 0x1, 0x1, 0x905e, 0xf87, 0xe2ee, 0x0, 0x6, 0x5, 0x1, 0x80000000, 0x1000, 0x1d7, 0x2, 0x6, 0xfd, 0x8001, 0x10, 0x2, 0xc3bb, 0x1, 0x1, 0x5, 0x1, 0x4, 0x2, 0x339, 0xbbf, 0xfffff000, 0x800, 0x8], [0x2, 0x100, 0x7af, 0x6, 0x5, 0x0, 0x5, 0x80000, 0x2, 0x6, 0xa, 0x10000, 0x2, 0x17, 0x20, 0x2, 0x5, 0x5, 0xa, 0x65, 0x9, 0x9, 0x8, 0x4, 0x7fff, 0x3ff, 0xffffff01, 0x8, 0x3, 0x9, 0xb6, 0x7cb4cb2c, 0x0, 0x2, 0x81, 0xffff, 0x2340, 0xc5d3, 0xa, 0xc2e, 0x7, 0x9, 0x9, 0x8, 0x2, 0xfffffffe, 0x7c, 0x9, 0x5, 0x5, 0xa, 0x5, 0xc98, 0x9, 0xffffcbb6, 0xd0, 0x1, 0x5, 0x6, 0x80001, 0x7, 0x5, 0x1, 0x6], [0x4, 0x5, 0xffffffff, 0x200, 0x5e4, 0x6, 0x6, 0x3, 0x1ff, 0x6, 0x9, 0x3, 0x0, 0x10000, 0x9, 0x3, 0x2, 0x89a, 0x68e7, 0x5, 0x400002, 0x1, 0x3, 0xfffffffb, 0x7, 0x2006, 0x20000007, 0x9, 0x4, 0x0, 0x3, 0x9, 0x0, 0x2, 0x80000000, 0x0, 0xfffffff8, 0x5, 0x9, 0x40a, 0x6, 0x0, 0x5, 0x3, 0x9bd, 0xa, 0x0, 0x4, 0x7, 0x3ff, 0x0, 0xe5c, 0x1, 0x5, 0x4000009, 0x7, 0x80000000, 0x8, 0x1, 0x0, 0x42c0, 0x76, 0xe339], [0x248, 0x1, 0x9, 0xb, 0x4, 0x7f, 0x6, 0x2, 0x0, 0x7ff, 0x2, 0x10000, 0x8, 0x8001, 0x80, 0xfb, 0xe68f, 0xdaba, 0xfffffffe, 0x52b, 0x8000, 0x9, 0xff, 0x80000000, 0x8, 0x8, 0x2, 0x5, 0xfffffffb, 0x5, 0x7, 0x7, 0xd2c7, 0x8001, 0x94, 0x80000000, 0x8, 0x0, 0x5, 0x0, 0x8, 0xe, 0x3, 0x7, 0x0, 0x7, 0x961a, 0x1, 0x7, 0x49, 0x7, 0x255d, 0x1, 0x0, 0x9, 0x9, 0x10, 0x7, 0x0, 0xff, 0x66, 0x90000000, 0x7, 0x81]}, 0x45c) read(r0, 0x0, 0x0) 4.210533389s ago: executing program 33 (id=1112): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x80000000, 0x3, 0x3fb, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x1], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xedc0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffff8, 0x2, 0x0, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4771, 0x0, 0x0, 0x1], [0x0, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x334, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4], [0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x7, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) write$uinput_user_dev(r0, &(0x7f0000000500)={'syz1\x00', {0xb710, 0xe, 0x3}, 0x34, [0xe, 0x1ff, 0x8, 0x3, 0x2, 0x8, 0x69, 0x2, 0x0, 0x874, 0x9, 0xd4a1, 0x3, 0x3, 0x3, 0x5b8, 0x2, 0x6, 0xc, 0x7, 0x51, 0xbe4, 0x100, 0x1, 0xd, 0x8, 0xfff, 0x8, 0xb, 0x80, 0x9ad, 0x29, 0x1, 0x5, 0x1, 0x1, 0x905e, 0xf87, 0xe2ee, 0x0, 0x6, 0x5, 0x1, 0x80000000, 0x1000, 0x1d7, 0x2, 0x6, 0xfd, 0x8001, 0x10, 0x2, 0xc3bb, 0x1, 0x1, 0x5, 0x1, 0x4, 0x2, 0x339, 0xbbf, 0xfffff000, 0x800, 0x8], [0x2, 0x100, 0x7af, 0x6, 0x5, 0x0, 0x5, 0x80000, 0x2, 0x6, 0xa, 0x10000, 0x2, 0x17, 0x20, 0x2, 0x5, 0x5, 0xa, 0x65, 0x9, 0x9, 0x8, 0x4, 0x7fff, 0x3ff, 0xffffff01, 0x8, 0x3, 0x9, 0xb6, 0x7cb4cb2c, 0x0, 0x2, 0x81, 0xffff, 0x2340, 0xc5d3, 0xa, 0xc2e, 0x7, 0x9, 0x9, 0x8, 0x2, 0xfffffffe, 0x7c, 0x9, 0x5, 0x5, 0xa, 0x5, 0xc98, 0x9, 0xffffcbb6, 0xd0, 0x1, 0x5, 0x6, 0x80001, 0x7, 0x5, 0x1, 0x6], [0x4, 0x5, 0xffffffff, 0x200, 0x5e4, 0x6, 0x6, 0x3, 0x1ff, 0x6, 0x9, 0x3, 0x0, 0x10000, 0x9, 0x3, 0x2, 0x89a, 0x68e7, 0x5, 0x400002, 0x1, 0x3, 0xfffffffb, 0x7, 0x2006, 0x20000007, 0x9, 0x4, 0x0, 0x3, 0x9, 0x0, 0x2, 0x80000000, 0x0, 0xfffffff8, 0x5, 0x9, 0x40a, 0x6, 0x0, 0x5, 0x3, 0x9bd, 0xa, 0x0, 0x4, 0x7, 0x3ff, 0x0, 0xe5c, 0x1, 0x5, 0x4000009, 0x7, 0x80000000, 0x8, 0x1, 0x0, 0x42c0, 0x76, 0xe339], [0x248, 0x1, 0x9, 0xb, 0x4, 0x7f, 0x6, 0x2, 0x0, 0x7ff, 0x2, 0x10000, 0x8, 0x8001, 0x80, 0xfb, 0xe68f, 0xdaba, 0xfffffffe, 0x52b, 0x8000, 0x9, 0xff, 0x80000000, 0x8, 0x8, 0x2, 0x5, 0xfffffffb, 0x5, 0x7, 0x7, 0xd2c7, 0x8001, 0x94, 0x80000000, 0x8, 0x0, 0x5, 0x0, 0x8, 0xe, 0x3, 0x7, 0x0, 0x7, 0x961a, 0x1, 0x7, 0x49, 0x7, 0x255d, 0x1, 0x0, 0x9, 0x9, 0x10, 0x7, 0x0, 0xff, 0x66, 0x90000000, 0x7, 0x81]}, 0x45c) read(r0, 0x0, 0x0) 3.12050033s ago: executing program 2 (id=1137): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000a0850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000003c0)={r0}, 0xc) 3.10331787s ago: executing program 2 (id=1139): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8101, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r2, 0x7fffffff, 0x3}) 3.039824801s ago: executing program 2 (id=1140): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/239, 0xef}], 0x1, 0x0, 0x0, 0x200000}, 0x1f00) 2.297779416s ago: executing program 5 (id=1142): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) read$FUSE(r0, &(0x7f0000002200)={0x2020}, 0x2020) r2 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000140)={0x2000200d}) write$binfmt_script(r1, &(0x7f0000020240), 0x10010) 2.206878257s ago: executing program 5 (id=1144): bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xb}}, 0x6}, 0x1c) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty=0xe0, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x10001}}}}}, 0x0) 2.192189988s ago: executing program 2 (id=1145): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) umount2(&(0x7f0000000000)='./file0/../file0\x00', 0x1) 2.169305448s ago: executing program 2 (id=1147): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0) 2.165697358s ago: executing program 5 (id=1148): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x8000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x4, 0xffff}, {0x0, 0xffff}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0) r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x102, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x31b}) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000400000004"]) 2.06749202s ago: executing program 5 (id=1152): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x10, &(0x7f0000000100), 0xfe, 0x458, &(0x7f00000001c0)="$eJzs3MtvG8UfAPDvOnH6/iW/Uh4tLYSXqHgkTfqgBy5FIHEACQkORZxMmlalboOaINGqgoJQOaJK3BFHJP4CLpQLAk5IXOGOkCqUC4XTorV3UzexnThx4hJ/PtImM95xZr67O/F4xusA+tZo9iOJ2BkRv0bEcD17Z4HR+q9b81em/p6/MpVEmr7+Z1Ir99f8lamiaPG8HfVMOtCm3mtvRVSq1emLeX587vy747OXLj979nzlzPSZ6QuTx48fOXxg6Njk0a7EuStr674PZvbvffnN669Onbz+9o9fZ+3dme9vjKNbRutHt6knul1Zj+1qSCeDPWwIHcn6aHa6yrX+PxwDsW1h33C89HFPGwesqzQtpVta776apmm6tVYO2HwSfRv6VPFCn73/LbYNGnrcFW6eiIV5jFv5Vt8zGKW8THkd6x+NiJNX//ki22Kd5iEAABrdOBERzzQb/5XivoZy/8vXhkYi4v8RsTsi7omIPRFxb0St7P0R8UCH9S9eIVk6/kmHVxXYCmXjv+fzta07x3/F6C9GBvLcrlr85eT02er0ofyYHIzyliw/0aaO71785bNW+xrHf9mW1V+MBfN2/DG4aILuVKVcWUvMjW5+FBHJSJP4kyiWcbLx8d6I2Nfh3y7WhM4+9dX+VmWWj7+NLqwzpV9GPFk//1djUfyFpOX65MRzxyaPjm+N6vSh8eKqWOqnn6+91qr+NcXfBTdvpLG96fW/EP9IsjVi9tLlc7X12tnO67j226ct39Os7vqfqwwlb9TSQ/lj71fm5i5ORAwlryx9fPL2c4t8UT67/g8+1rz/747bR+LBiMgu4gMR8VBEPJy3/ZGIeDQiPmkT/w8vPP5O5/G3mZXvoiz+U8ud/2g8/50nBs59/03n8Rey83+kljqYP5Kd/+XiWmkD13LsAAAA4L+iVPsMfFIaW0iXSmNj9c/w74ntperM7NzTp2feu3Cq/ln5kSiXipmu4Yb50Il8brjITy7KH87njT8f2FbLj03NVDudKwa6a0eL/p/5vd0NPMDm4H4t6F/6P/Qv/R/6l/4P/Uv/h/7VrP9/2IN2ABtvmdf/bRvVDmDjGf9D/9L/oX/p/9CXWt4bX1rTLf8SPUp8O7S272pYeSJKd0nImyZRjqa7Blf8ZRarTGxpuqvX/5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6498AAAD//+qa3cY=") r0 = syz_usb_connect$uac1(0x0, 0xdc, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206"], 0x0) syz_usb_control_io(r0, &(0x7f0000001bc0)={0x2c, 0x0, &(0x7f0000000980)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x407}}, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$uac1(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000300)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x84c}}}, 0x0) syz_usb_control_io(r0, &(0x7f0000000680)={0x2c, 0x0, &(0x7f0000000400)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) 1.905071093s ago: executing program 2 (id=1156): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1.886582864s ago: executing program 34 (id=1156): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1.160397957s ago: executing program 7 (id=1157): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) 1.147704128s ago: executing program 7 (id=1169): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac) 1.139236058s ago: executing program 3 (id=1170): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000140), 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=") creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x9) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10cd0e0, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8000, 0x1) symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.136546058s ago: executing program 7 (id=1171): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x18) arch_prctl$ARCH_GET_XCOMP_PERM(0x1022, &(0x7f0000000000)) 1.115792148s ago: executing program 7 (id=1172): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000e00)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x925, 0x8866, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x3, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x8, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x81, 0x0, 0x1}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000d80)={0x0, 0x22, 0x7, {[@main=@item_4={0x3, 0x0, 0x9, "4663b08d"}, @global=@item_012={0x0, 0x1, 0xa}, @global=@item_012={0x0, 0x1, 0x4}]}}, 0x0}, 0x0) connect$netlink(0xffffffffffffffff, &(0x7f0000000340), 0xc) 1.03255423s ago: executing program 3 (id=1174): r0 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=0x0) timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) readv(r2, &(0x7f0000000380)=[{&(0x7f0000000d00)=""/161, 0xa1}], 0x1) 1.00332289s ago: executing program 0 (id=1176): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x112}) ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x3d, 0x2, 0x9, 0x4010}]}) 897.503783ms ago: executing program 0 (id=1179): socket$inet_tcp(0x2, 0x1, 0x0) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f00000002c0)=ANY=[], 0x5, 0x1510, &(0x7f00000037c0)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==") syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x208004, &(0x7f00000006c0)=ANY=[@ANYBLOB="000a6905b4bb465890b3f6a2a93ab129dfdce30eb1b072f8855307000000000000006f5dca9dfa48a8c77acdd4be5f2b31757de819d5b02b7025746c26658e5f97e46aab194ad17325cc49b6150d2152fca1bc8c847eae0bf4db1a8c2ce968322201895abe1559edc895169768f87feab8fb82b819f36ded7291156780b357d3020fd72c13b0ee3a53a27c3d76c5ef1dcb91a7d94aaa4550af8374b2b0b71a2656f8c29c95337dcb8b", @ANYRES64, @ANYRESOCT], 0x1, 0x277, &(0x7f0000000000)="$eJzs3cFqE10UB/CTNm3zdZPA50pcDLhxFZq+wSAVxIAQyaKuGmwL0oTCFAK6sN35Lj6Oj+ETRBAizQSTqaMgto4mvx8Mc8jNH+5kkXsX5yZHD0Znx+cXp4f/f4pGI4l6xFV8jojYiM0oqs2u7cJrVwEA/Gt6vUFa9Ry4W1mWDrYiYue7kf6HSiYEAAAAAAAAAADAbyvt/59EtJb6/2vz+4b+fwBYCfr/V1+WpYPd+f6tSP8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUJ3JdNqc/uSqen4AwO2z/gPA+rH+A8D6mRTW+lpY/wFg9b04fPks7XYPeknSiBi9H/fH/fyej6en8TqGcRJ70Ywvcb0/mMvrJ0+7B3vJTCuORpfz/OW4v1nMd6IZrfJ8J88nxfxW7C7n96MZ98rz+6X57Xj0cCnfjmZ8fBXnMYzjuM4u8u86SfL4efdGfmf2PgAAAAAAAAAAAAAAAAAAAPgT2sk3pef32+0fjef5X/h9gBvn6+txv17tswMAAAAAAAAAAAAAAAAAAMDf4uLN27PBcHiSKW6h+M+nqliRouIvJgAAAAAAAAAAAAAAAAAAWEOLQ79VzwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqrP4//+7K6p+RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA9fA0AAP//C4boJw==") mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) 877.321003ms ago: executing program 0 (id=1180): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, 0x0}], 0x1, 0x8, 0x0, 0x0) 649.557317ms ago: executing program 0 (id=1184): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x5c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x5c}}, 0x0) 640.725397ms ago: executing program 0 (id=1185): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x80000002}) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 598.826778ms ago: executing program 0 (id=1186): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="05000000"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'veth1_to_bond\x00', @multicast}) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) 303.467714ms ago: executing program 6 (id=1193): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) 293.212934ms ago: executing program 6 (id=1194): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) io_setup(0x1, &(0x7f0000002500)=0x0) close(r0) socket$unix(0x1, 0x1, 0x0) io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000002180)={0x0, 0x0, 0x0, 0x0, 0x1000, r0, &(0x7f0000002540)='\r', 0x1}]) 199.928636ms ago: executing program 6 (id=1195): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) sendto$inet6(r0, 0x0, 0x0, 0x200c8084, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) sendto$inet6(r0, &(0x7f0000001cc0)="2501d77b330b7e73d6b1d1b8a473ff7420b4b43ce0861f000000714fa228ee1f5b48", 0xfffffffffffffe57, 0x8000, 0x0, 0x0) recvmmsg(r0, &(0x7f0000002480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002003, 0x0) 180.350166ms ago: executing program 6 (id=1196): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000000000000000001050000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ff4cff80850000007100000095"], &(0x7f0000000080)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x11, 0xe, 0x0, &(0x7f00000009c0)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4004, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 160.543397ms ago: executing program 3 (id=1197): socket$packet(0x11, 0x3, 0x300) socket$packet(0x11, 0x3, 0x300) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4) syz_emit_ethernet(0x2e, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @random="e43f6642531e", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x1, 0x1, 0x10, 0x0, @void}}}}}}}, 0x0) 145.782767ms ago: executing program 3 (id=1198): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) bind$packet(r0, &(0x7f0000000300)={0x11, 0x3, r1}, 0x14) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00') preadv(r2, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/126, 0x7e}, {&(0x7f0000000540)=""/235, 0xeb}], 0x2, 0x6, 0x3) 98.283898ms ago: executing program 3 (id=1199): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000980)={[{@grpquota}, {}, {@nombcache}, {@nodioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@noauto_da_alloc}]}, 0xfe, 0x54c, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec+9Nzz0593t6Tk5CAhhaE9mPQsSrEfFtEnG47dho5Acn1s5bfXh9NtuSaDQ++yuJJN/XOj/Jfx/MM69ExG9fR5wsbCy3tryyUCqX08U8P1mvXJmsLa+culQpzafz6eXpmZkz78xMv//eu32r65vn//nh07sfnfnm+Or3v9w/cjuJs3EoP9Zejx240Z6ZiIn8ORmLs0+cONWHwgZJstsXwLaM5HE+FlkfcDhG8qgH/v++iogGMKQS8Q9DqjUOaM3t+zQPfmE8+HBtArSx/qNrr43Evubc6MBq8tjMKJvvjveh/KyMX/+8czvbon+vQwBs6cbNiDg9Orqx/0vy/m/7TvdwzpNl6P/g+bmbjX/e6jT+KayPf6LD+Odgh9jdjq3jv3C/D8V0lY3/Pug4/l1ftBofyXMvNcd8Y8nFS+U069tejogTMbY3y2+2nnNm9V6j27H28V+2ZeW3xoL5ddwf3fv4Y+ZK9dJO6tzuwc2I1zqOf5P19k86tH/2fJzvsYxj6Z3Xux3buv7PVuPniDc6tv+jFa1k8/XJyeb9MNm6Kzb6+9ax37uVv9v1z9r/wOb1H0/a12trT1/GT/v+Tbsd2+79vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr/Kz+J45v3v91uv/3R8QXPdb/1tFbXU8dhPafe6r2f/rEvY+//LFb+b21/9vN1Il8Ty/9X68XuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G5XHgAAAAAAAAAAAAAAAAAAAAbEwS6f/8/8MbLbVwc8c77yG4bXlvHfj296AgaS//8wvMQ/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/AMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfnT93Ltsaqw+vz2b5uavLSwvVq6fm0tpCsbI0W5ytLl4pzler8+W0OFutbPX3ytXqlanpWLo2WU9r9cna8sqFSnXpcv3CpUppPr2Qjj2XWgEAAAAAAAAAAAAAAAAAAMCLpba8slAql9NFCYltJUYH4zIk+pzY7Z4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB75LwAA///MUDi3") syz_emit_ethernet(0x3e, &(0x7f0000000540)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "eddd00", 0x8, 0x3a, 0xff, @private1, @mcast2, {[], @echo_request={0x80, 0x0, 0x0, 0x0, 0x8}}}}}}, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000e80)='./bus\x00', 0x0, &(0x7f0000000500), 0x21, 0x4a6, &(0x7f0000003840)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=") setgroups(0x40000000000000dd, &(0x7f0000000400)=[0xee00]) quotactl$Q_GETQUOTA(0xffffffff80000701, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0) 75.034308ms ago: executing program 6 (id=1200): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x21) syz_emit_ethernet(0x2e, &(0x7f0000001140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) 32.573939ms ago: executing program 3 (id=1201): r0 = syz_usb_connect$cdc_ncm(0x0, 0x7a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d00000904010102020d0000090582020004000000090503020002"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000480)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x20, 0x80, 0x1c, {0x4005, 0x4000, 0xe4e, 0x2, 0xfff, 0x38e1, 0x5, 0x9, 0x202, 0x9, 0x200, 0x8}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) 31.726419ms ago: executing program 5 (id=1202): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x14, 0x0, 0x4}, 0x14}}, 0x0) syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), r0) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), r0) sendmsg$NL802154_CMD_SET_TX_POWER(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="478800100000faffff0001"], 0x1c}, 0x1, 0x0, 0x0, 0x24044815}, 0x0) 5.97063ms ago: executing program 5 (id=1203): setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xb, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800400, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x22) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file3\x00', 0x1d0) renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x2) 0s ago: executing program 6 (id=1204): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000040)=@framed={{0x18, 0x7, 0x0, 0x0, 0x400000}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, @exit]}, &(0x7f0000000000)='GPL\x00'}, 0x94) kernel console output (not intermixed with test programs): .655275][ T60] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 51.664527][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.676877][ T336] cdc_acm 3-1:1.0: ttyACM0: USB ACM device [ 51.690055][ T60] usb 1-1: config 0 descriptor?? [ 51.703410][ T336] usb 3-1: USB disconnect, device number 6 [ 51.731699][ T1909] syz.5.489: attempt to access beyond end of device [ 51.731699][ T1909] loop5: rw=2049, sector=77824, nr_sectors = 4096 limit=40427 [ 51.755047][ T1909] syz.5.489: attempt to access beyond end of device [ 51.755047][ T1909] loop5: rw=2049, sector=49152, nr_sectors = 4096 limit=40427 [ 51.832098][ T1909] syz.5.489: attempt to access beyond end of device [ 51.832098][ T1909] loop5: rw=2049, sector=57344, nr_sectors = 20480 limit=40427 [ 51.861613][ T1909] syz.5.489: attempt to access beyond end of device [ 51.861613][ T1909] loop5: rw=2049, sector=81920, nr_sectors = 3800 limit=40427 [ 51.958178][ T372] syz-executor: attempt to access beyond end of device [ 51.958178][ T372] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 52.032404][ T1924] loop3: detected capacity change from 0 to 128 [ 52.043295][ T1924] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 52.061456][ T1853] EXT4-fs (loop3): unmounting filesystem. [ 52.118900][ T60] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving [ 52.130120][ T60] plantronics 0003:047F:FFFF.000D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 52.178831][ T1940] loop5: detected capacity change from 0 to 4096 [ 52.218164][ T1940] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 52.230964][ T1940] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.501: corrupted inode contents [ 52.243181][ T1940] EXT4-fs error (device loop5): ext4_dirty_inode:6121: inode #15: comm syz.5.501: mark_inode_dirty error [ 52.255013][ T1940] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.501: corrupted inode contents [ 52.267599][ T1940] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #15: comm syz.5.501: mark_inode_dirty error [ 52.279405][ T1940] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.501: corrupted inode contents [ 52.292273][ T1940] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #15: comm syz.5.501: mark_inode_dirty error [ 52.304060][ T1940] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.501: corrupted inode contents [ 52.316087][ T1940] EXT4-fs error (device loop5): ext4_truncate:4314: inode #15: comm syz.5.501: mark_inode_dirty error [ 52.335208][ T1940] EXT4-fs error (device loop5) in ext4_setattr:5660: Corrupt filesystem [ 52.345860][ T28] audit: type=1400 audit(1758558775.954:341): avc: denied { setattr } for pid=1939 comm="syz.5.501" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 52.375877][ T1940] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #15: comm syz.5.501: corrupted inode contents [ 52.405229][ T372] EXT4-fs (loop5): unmounting filesystem. [ 52.434036][ T19] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 52.486163][ T1952] loop2: detected capacity change from 0 to 40427 [ 52.504290][ T1952] F2FS-fs (loop2): invalid crc value [ 52.514522][ T1952] F2FS-fs (loop2): Found nat_bits in checkpoint [ 52.555121][ T1952] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 52.565418][ T28] audit: type=1400 audit(1758558776.174:342): avc: denied { bind } for pid=1966 comm="syz.5.508" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 52.587078][ T28] audit: type=1400 audit(1758558776.174:343): avc: denied { name_bind } for pid=1966 comm="syz.5.508" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 52.608054][ T28] audit: type=1400 audit(1758558776.174:344): avc: denied { node_bind } for pid=1966 comm="syz.5.508" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 52.638104][ T19] usb 2-1: config 0 has an invalid interface number: 247 but max is 0 [ 52.647944][ T19] usb 2-1: config 0 has no interface number 0 [ 52.664374][ T19] usb 2-1: too many endpoints for config 0 interface 247 altsetting 138: 111, using maximum allowed: 30 [ 52.678295][ T1691] syz-executor: attempt to access beyond end of device [ 52.678295][ T1691] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 52.684585][ T19] usb 2-1: config 0 interface 247 altsetting 138 has 0 endpoint descriptors, different from the interface descriptor's value: 111 [ 52.707919][ T1972] loop5: detected capacity change from 0 to 512 [ 52.717720][ T19] usb 2-1: config 0 interface 247 has no altsetting 0 [ 52.725950][ T19] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 52.735330][ T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.749286][ T1972] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 52.764621][ T1972] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 52.786600][ T19] usb 2-1: config 0 descriptor?? [ 52.806498][ T372] EXT4-fs (loop5): unmounting filesystem. [ 52.859071][ T1979] loop2: detected capacity change from 0 to 16 [ 52.871574][ T1979] erofs: (device loop2): mounted with root inode @ nid 36. [ 52.895935][ T28] audit: type=1400 audit(1758558776.504:345): avc: denied { setopt } for pid=1980 comm="syz.5.513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 52.975826][ T1991] netlink: 340 bytes leftover after parsing attributes in process `syz.3.516'. [ 53.052460][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 53.144032][ T60] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 53.181505][ T1999] netlink: 116 bytes leftover after parsing attributes in process `syz.5.521'. [ 53.190711][ T1999] Zero length message leads to an empty skb [ 53.248300][ T19] usb 2-1: Cannot read MAC address [ 53.253564][ T19] MOSCHIP usb-ethernet driver: probe of 2-1:0.247 failed with error -71 [ 53.266820][ T19] usb 2-1: USB disconnect, device number 6 [ 53.308984][ T2007] input: syz0 as /devices/virtual/input/input7 [ 53.334042][ T60] usb 3-1: Using ep0 maxpacket: 16 [ 53.340416][ T60] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 53.352638][ T60] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 53.362870][ T60] usb 3-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 53.375949][ T60] usb 3-1: config 0 interface 0 has no altsetting 0 [ 53.382658][ T60] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 53.393376][ T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.402436][ C1] plantronics 0003:047F:FFFF.000D: usb_submit_urb(ctrl) failed: -1 [ 53.410133][ T28] audit: type=1400 audit(1758558777.014:346): avc: denied { mount } for pid=2010 comm="syz.5.527" name="/" dev="ramfs" ino=22294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 53.410769][ T60] usb 3-1: config 0 descriptor?? [ 53.842710][ T60] hid (null): unknown global tag 0xd5 [ 53.848403][ T60] hid (null): invalid report_size -2057069368 [ 53.854534][ T60] hid (null): unknown global tag 0x2c [ 53.859962][ T60] hid (null): unknown global tag 0xc [ 53.865372][ T60] hid (null): unknown global tag 0xd2 [ 53.872397][ T60] hid (null): report_id 0 is invalid [ 53.878034][ T60] hid (null): report_id 0 is invalid [ 53.883397][ T60] hid (null): unknown global tag 0xe [ 53.888771][ T60] hid (null): unknown global tag 0xd [ 54.067224][ T60] usb 3-1: USB disconnect, device number 7 [ 54.244408][ T6] usb 1-1: USB disconnect, device number 5 [ 54.794494][ T2028] loop3: detected capacity change from 0 to 40427 [ 54.803950][ T2028] F2FS-fs (loop3): fault_injection options not supported [ 54.811627][ T2028] F2FS-fs (loop3): Image doesn't support compression [ 54.818428][ T2028] F2FS-fs (loop3): Image doesn't support compression [ 54.826000][ T2028] F2FS-fs (loop3): invalid crc value [ 54.832359][ T2028] F2FS-fs (loop3): Found nat_bits in checkpoint [ 54.859776][ T2028] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 54.874041][ T6] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 54.954032][ T19] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 54.979433][ T2028] syz.3.535: attempt to access beyond end of device [ 54.979433][ T2028] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 55.055130][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 55.086540][ T6] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf [ 55.104651][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 55.123034][ T6] usb 1-1: Product: syz [ 55.127349][ T6] usb 1-1: Manufacturer: syz [ 55.131970][ T6] usb 1-1: SerialNumber: syz [ 55.138108][ T19] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 55.154037][ T19] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 55.174768][ T6] usb 1-1: config 0 descriptor?? [ 55.179800][ T19] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 55.189637][ T6] usb 1-1: Found UVC 0.00 device syz (18ec:3288) [ 55.196057][ T19] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12592, setting to 64 [ 55.209236][ T2054] loop3: detected capacity change from 0 to 16 [ 55.214059][ T6] usb 1-1: No valid video chain found. [ 55.223946][ T2054] erofs: (device loop3): mounted with root inode @ nid 36. [ 55.238724][ T19] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 55.250109][ T19] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 55.258271][ T19] usb 6-1: Product: syz [ 55.262450][ T19] usb 6-1: Manufacturer: syz [ 55.269341][ T2035] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 55.280948][ T19] cdc_wdm 6-1:1.0: skipping garbage [ 55.286280][ T19] cdc_wdm 6-1:1.0: skipping garbage [ 55.292302][ T19] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 55.304088][ T336] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 55.397237][ T39] usb 1-1: USB disconnect, device number 6 [ 55.410457][ T2071] loop1: detected capacity change from 0 to 512 [ 55.417872][ T2071] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 55.429365][ T2071] EXT4-fs (loop1): 1 orphan inode deleted [ 55.435127][ T2071] EXT4-fs (loop1): 1 truncate cleaned up [ 55.440830][ T2071] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 55.454709][ T2071] input: syz1 as /devices/virtual/input/input8 [ 55.468141][ T285] EXT4-fs (loop1): unmounting filesystem. [ 55.485568][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 55.496547][ T28] audit: type=1400 audit(1758558779.094:347): avc: denied { write } for pid=2075 comm="syz.1.556" name="anycast6" dev="proc" ino=4026532549 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 55.513857][ T19] usb 6-1: USB disconnect, device number 6 [ 55.525404][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.525433][ T336] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 55.525466][ T336] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 55.542286][ T2078] loop1: detected capacity change from 0 to 256 [ 55.548485][ T336] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.557461][ T6] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 55.567705][ T336] usb 3-1: config 0 descriptor?? [ 55.590204][ T2078] FAT-fs (loop1): Directory bread(block 64) failed [ 55.597597][ T2078] FAT-fs (loop1): Directory bread(block 65) failed [ 55.604324][ T2078] FAT-fs (loop1): Directory bread(block 66) failed [ 55.610967][ T2078] FAT-fs (loop1): Directory bread(block 67) failed [ 55.617810][ T2078] FAT-fs (loop1): Directory bread(block 68) failed [ 55.624603][ T2078] FAT-fs (loop1): Directory bread(block 69) failed [ 55.631238][ T2078] FAT-fs (loop1): Directory bread(block 70) failed [ 55.637920][ T2078] FAT-fs (loop1): Directory bread(block 71) failed [ 55.644584][ T2078] FAT-fs (loop1): Directory bread(block 72) failed [ 55.651119][ T2078] FAT-fs (loop1): Directory bread(block 73) failed [ 55.686215][ T1391] kworker/u4:63: attempt to access beyond end of device [ 55.686215][ T1391] loop1: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 55.757125][ T2086] input: syz1 as /devices/virtual/input/input9 [ 55.777670][ T2088] loop1: detected capacity change from 0 to 256 [ 55.789439][ T2088] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 55.800469][ T6] usb 4-1: Using ep0 maxpacket: 16 [ 55.807722][ T6] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 55.825853][ T6] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.838495][ T6] usb 4-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 55.840381][ T28] audit: type=1400 audit(1758558779.444:348): avc: denied { ioctl } for pid=2089 comm="syz.1.563" path="socket:[22864]" dev="sockfs" ino=22864 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 55.851610][ T6] usb 4-1: config 0 interface 0 has no altsetting 0 [ 55.884188][ T6] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 55.893616][ T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.904234][ T6] usb 4-1: config 0 descriptor?? [ 55.967310][ T2102] netlink: 'syz.1.569': attribute type 4 has an invalid length. [ 55.989591][ T336] plantronics 0003:047F:FFFF.000F: unknown main item tag 0xd [ 55.998814][ T336] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving [ 56.008238][ T336] plantronics 0003:047F:FFFF.000F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 56.057620][ T2111] loop5: detected capacity change from 0 to 256 [ 56.127590][ T2123] loop1: detected capacity change from 0 to 512 [ 56.136984][ T2123] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 56.148505][ T2123] EXT4-fs (loop1): 1 orphan inode deleted [ 56.154708][ T2123] EXT4-fs (loop1): 1 truncate cleaned up [ 56.160388][ T2123] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 56.178118][ T2123] EXT4-fs error (device loop1): empty_inline_dir:1877: inode #12: block 7: comm syz.1.579: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=784, size=60 fake=0 [ 56.197223][ T2123] EXT4-fs (loop1): Remounting filesystem read-only [ 56.203752][ T2123] EXT4-fs warning (device loop1): empty_inline_dir:1884: bad inline directory (dir #12) - inode 13, rec_len 784, name_len 5inline size 60 [ 56.256095][ T2123] EXT4-fs error (device loop1): ext4_search_dir:1549: inode #12: block 7: comm syz.1.579: bad entry in directory: directory entry overrun - offset=0, inode=13, rec_len=784, size=56 fake=0 [ 56.275070][ T2123] EXT4-fs (loop1): Remounting filesystem read-only [ 56.292407][ T285] EXT4-fs (loop1): unmounting filesystem. [ 56.295420][ T2126] kvm [2125]: vcpu0, guest rIP: 0x9139 disabled perfctr wrmsr: 0xc1 data 0x1 [ 56.312626][ T335] usb 3-1: USB disconnect, device number 8 [ 56.316015][ T28] audit: type=1400 audit(1758558779.924:349): avc: denied { setopt } for pid=2128 comm="syz.1.581" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 56.321117][ T6] hid (null): unknown global tag 0xd5 [ 56.355315][ T2126] kvm [2125]: vcpu0, guest rIP: 0x9139 disabled perfctr wrmsr: 0xc2 data 0x1 [ 56.364576][ T6] hid (null): invalid report_size -2057069368 [ 56.370968][ T6] hid (null): unknown global tag 0x2c [ 56.380044][ T2126] kvm [2125]: vcpu0, guest rIP: 0x9139 ignored wrmsr: 0x11e data 0x1 [ 56.389795][ T6] hid (null): unknown global tag 0xc [ 56.395522][ T6] hid (null): unknown global tag 0xd2 [ 56.402630][ T6] hid (null): report_id 0 is invalid [ 56.408618][ T6] hid (null): report_id 0 is invalid [ 56.412304][ T2126] kvm [2125]: vcpu0, guest rIP: 0x9139 disabled perfctr wrmsr: 0x186 data 0x1 [ 56.414225][ T6] hid (null): unknown global tag 0xe [ 56.428272][ T6] hid (null): unknown global tag 0xd [ 56.434372][ T2126] kvm [2125]: vcpu0, guest rIP: 0x9139 disabled perfctr wrmsr: 0x187 data 0x1 [ 56.447261][ T2126] kvm [2125]: vcpu0, guest rIP: 0x9139 vmx_set_msr: BTF|LBR in IA32_DEBUGCTLMSR 0x1, nop [ 56.572517][ T336] usb 4-1: USB disconnect, device number 2 [ 56.884057][ T335] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 56.943166][ T2165] loop2: detected capacity change from 0 to 8192 [ 57.077823][ T335] usb 2-1: config 1 has an invalid interface number: 105 but max is 0 [ 57.096086][ T335] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 57.125811][ T335] usb 2-1: config 1 has no interface number 0 [ 57.136395][ T335] usb 2-1: config 1 interface 105 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 57.150257][ T335] usb 2-1: config 1 interface 105 has no altsetting 0 [ 57.167573][ T335] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 57.194018][ T335] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.202053][ T335] usb 2-1: Product: syz [ 57.211439][ T335] usb 2-1: Manufacturer: syz [ 57.224050][ T335] usb 2-1: SerialNumber: syz [ 57.234511][ T28] audit: type=1400 audit(1758558780.834:350): avc: denied { validate_trans } for pid=2174 comm="syz.3.601" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 57.431630][ T335] aqc111: probe of 2-1:1.105 failed with error -22 [ 57.524679][ T2184] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 57.622951][ T2186] loop5: detected capacity change from 0 to 128 [ 57.638791][ T39] usb 2-1: USB disconnect, device number 7 [ 57.641742][ T2186] EXT4-fs: Ignoring removed nomblk_io_submit option [ 57.670870][ T2186] EXT4-fs: Ignoring removed nomblk_io_submit option [ 57.688367][ T2186] EXT4-fs (loop5): Test dummy encryption mode enabled [ 57.713732][ T2186] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 57.732585][ T2186] ext4 filesystem being mounted at /115/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 57.773654][ T28] audit: type=1400 audit(1758558781.374:351): avc: denied { create } for pid=2185 comm="syz.5.606" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1 [ 57.799221][ T2186] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 57.829953][ T28] audit: type=1400 audit(1758558781.434:352): avc: denied { rename } for pid=2185 comm="syz.5.606" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1 [ 57.863315][ T372] EXT4-fs (loop5): unmounting filesystem. [ 58.000046][ T2197] loop5: detected capacity change from 0 to 16 [ 58.028269][ T2197] erofs: (device loop5): mounted with root inode @ nid 36. [ 58.178183][ T2205] loop3: detected capacity change from 0 to 128 [ 58.314114][ T6] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 58.494099][ T6] usb 6-1: Using ep0 maxpacket: 16 [ 58.500464][ T6] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 58.511643][ T6] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 58.521407][ T6] usb 6-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 58.534200][ T6] usb 6-1: config 0 interface 0 has no altsetting 0 [ 58.540803][ T6] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 58.549882][ T6] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.558647][ T6] usb 6-1: config 0 descriptor?? [ 58.634041][ T39] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 58.718117][ T1467] Bluetooth: hci0: Frame reassembly failed (-84) [ 58.814156][ T39] usb 4-1: Using ep0 maxpacket: 32 [ 58.820502][ T39] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 58.828623][ T39] usb 4-1: config 0 has no interface number 0 [ 58.836168][ T39] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 58.845271][ T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.853339][ T39] usb 4-1: Product: syz [ 58.857528][ T39] usb 4-1: Manufacturer: syz [ 58.862127][ T39] usb 4-1: SerialNumber: syz [ 58.867322][ T39] usb 4-1: config 0 descriptor?? [ 58.873414][ T39] smsc95xx v2.0.0 [ 58.967979][ T6] hid (null): unknown global tag 0xd5 [ 58.973468][ T6] hid (null): invalid report_size -2057069368 [ 58.979594][ T6] hid (null): unknown global tag 0x2c [ 58.985033][ T6] hid (null): unknown global tag 0xc [ 58.990387][ T6] hid (null): unknown global tag 0xd2 [ 58.997078][ T6] hid (null): report_id 0 is invalid [ 59.002383][ T6] hid (null): report_id 0 is invalid [ 59.007734][ T6] hid (null): unknown global tag 0xe [ 59.013040][ T6] hid (null): unknown global tag 0xd [ 59.085748][ T2229] loop1: detected capacity change from 0 to 512 [ 59.105698][ T2229] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 59.115358][ T2229] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.140029][ T285] EXT4-fs (loop1): unmounting filesystem. [ 59.183629][ T6] usb 6-1: USB disconnect, device number 7 [ 59.270543][ T2234] loop1: detected capacity change from 0 to 40427 [ 59.279780][ T2234] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 59.287792][ T2234] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 59.296876][ T2234] F2FS-fs (loop1): invalid crc value [ 59.303466][ T2234] F2FS-fs (loop1): Found nat_bits in checkpoint [ 59.326760][ T2242] incfs: ino conflict with backing FS 1 [ 59.330004][ T28] audit: type=1400 audit(1758558782.934:353): avc: denied { mount } for pid=2241 comm="syz.2.627" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 59.332705][ T2242] incfs: ino conflict with backing FS 2 [ 59.366411][ T2234] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 59.373507][ T2234] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 59.373860][ T28] audit: type=1400 audit(1758558782.974:354): avc: denied { unmount } for pid=1691 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 59.479371][ T39] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71 [ 59.490915][ T39] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 59.511041][ T39] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 59.521943][ T39] smsc95xx: probe of 4-1:0.67 failed with error -71 [ 59.532877][ T39] usb 4-1: USB disconnect, device number 3 [ 59.550970][ T2234] syz.1.625: attempt to access beyond end of device [ 59.550970][ T2234] loop1: rw=2049, sector=77824, nr_sectors = 4096 limit=40427 [ 59.569460][ T2234] syz.1.625: attempt to access beyond end of device [ 59.569460][ T2234] loop1: rw=2049, sector=49152, nr_sectors = 4096 limit=40427 [ 59.608011][ T2234] syz.1.625: attempt to access beyond end of device [ 59.608011][ T2234] loop1: rw=2049, sector=57344, nr_sectors = 20480 limit=40427 [ 59.630136][ T2234] syz.1.625: attempt to access beyond end of device [ 59.630136][ T2234] loop1: rw=2049, sector=81920, nr_sectors = 3800 limit=40427 [ 59.728255][ T2250] loop2: detected capacity change from 0 to 512 [ 59.738074][ T2250] EXT4-fs: Ignoring removed nobh option [ 59.744396][ T285] syz-executor: attempt to access beyond end of device [ 59.744396][ T285] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 59.744748][ T2250] EXT4-fs (loop2): Test dummy encryption mode enabled [ 59.766897][ T2250] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 59.779755][ T2251] loop5: detected capacity change from 0 to 8192 [ 59.784247][ T2250] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.640: invalid indirect mapped block 2683928664 (level 1) [ 59.804566][ T2250] EXT4-fs (loop2): Remounting filesystem read-only [ 59.811620][ T2250] EXT4-fs (loop2): 1 truncate cleaned up [ 59.828395][ T2250] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 59.895556][ T2250] EXT4-fs (loop2): shut down requested (1) [ 59.923235][ T1691] EXT4-fs (loop2): unmounting filesystem. [ 60.235955][ T2282] loop1: detected capacity change from 0 to 1024 [ 60.245446][ T2282] EXT4-fs: Ignoring removed orlov option [ 60.260105][ T2282] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 60.283554][ T2282] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.287814][ T2274] loop3: detected capacity change from 0 to 40427 [ 60.298173][ T2286] loop5: detected capacity change from 0 to 1024 [ 60.314348][ T2286] EXT4-fs: Ignoring removed i_version option [ 60.320372][ T28] audit: type=1400 audit(1758558783.924:355): avc: denied { ioctl } for pid=2281 comm="syz.1.645" path="/155/file1/file1" dev="loop1" ino=15 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 60.327133][ T2274] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 60.351836][ T6] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 60.352072][ T1456] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: comm kworker/u4:128: lblock 0 mapped to illegal pblock 0 (length 1) [ 60.360707][ T2274] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 60.384208][ T2274] F2FS-fs (loop3): fault_injection options not supported [ 60.386127][ T1456] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 60.391285][ T2274] F2FS-fs (loop3): fault_type options not supported [ 60.403690][ T1456] EXT4-fs (loop1): This should not happen!! Data will be lost [ 60.403690][ T1456] [ 60.412281][ T285] EXT4-fs (loop1): unmounting filesystem. [ 60.422061][ T2274] F2FS-fs (loop3): invalid crc value [ 60.432501][ T2286] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 60.433469][ T2274] F2FS-fs (loop3): Found nat_bits in checkpoint [ 60.441249][ T2286] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.483926][ T2286] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: comm syz.5.646: lblock 0 mapped to illegal pblock 0 (length 4) [ 60.492210][ T2274] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 60.505659][ T2274] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 60.515421][ T2286] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: block 3: comm syz.5.646: lblock 3 mapped to illegal pblock 3 (length 1) [ 60.533390][ T2286] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117 [ 60.548536][ T2286] EXT4-fs (loop5): This should not happen!! Data will be lost [ 60.548536][ T2286] [ 60.569470][ T1393] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:65: lblock 8 mapped to illegal pblock 8 (length 8) [ 60.584972][ T28] audit: type=1400 audit(1758558784.194:356): avc: denied { setattr } for pid=2273 comm="syz.3.642" name="file0" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 60.585824][ T1393] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 60.612752][ T2299] loop1: detected capacity change from 0 to 256 [ 60.619365][ T1393] EXT4-fs (loop5): This should not happen!! Data will be lost [ 60.619365][ T1393] [ 60.636678][ T6] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 60.637202][ T372] EXT4-fs (loop5): unmounting filesystem. [ 60.650139][ T1853] syz-executor: attempt to access beyond end of device [ 60.650139][ T1853] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 60.667437][ T6] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 60.704647][ T6] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 60.719504][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 60.727597][ T2227] Bluetooth: hci0: command 0x1003 tx timeout [ 60.733866][ T28] audit: type=1400 audit(1758558784.344:357): avc: denied { mounton } for pid=2302 comm="syz.1.652" path="/proc/337/task" dev="proc" ino=23800 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 60.734675][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 60.773136][ T6] usb 3-1: SerialNumber: syz [ 60.849512][ T28] audit: type=1400 audit(1758558784.454:358): avc: denied { name_bind } for pid=2319 comm="syz.1.660" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 60.911953][ T2329] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=2329 comm=syz.5.663 [ 60.926573][ T2329] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=2329 comm=syz.5.663 [ 60.957325][ T28] audit: type=1400 audit(1758558784.564:359): avc: denied { map } for pid=2333 comm="syz.1.666" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 60.957779][ T2334] binder_alloc: binder_alloc_mmap_handler: 2333 200000ffc000-200000ffd000 already mapped failed -16 [ 60.988250][ T6] usb 3-1: 0:2 : does not exist [ 61.006964][ T6] usb 3-1: USB disconnect, device number 9 [ 62.754061][ T317] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 62.754568][ T28] audit: type=1400 audit(1758558786.364:360): avc: denied { mounton } for pid=2346 comm="syz.1.672" path="/166/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 62.809655][ T2353] loop1: detected capacity change from 0 to 256 [ 62.827099][ T2353] FAT-fs (loop1): Directory bread(block 64) failed [ 62.837632][ T338] udevd[338]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 62.837657][ T2353] FAT-fs (loop1): Directory bread(block 65) failed [ 62.862152][ T2353] FAT-fs (loop1): Directory bread(block 66) failed [ 62.869216][ T2353] FAT-fs (loop1): Directory bread(block 67) failed [ 62.882337][ T2353] FAT-fs (loop1): Directory bread(block 68) failed [ 62.917103][ T2353] FAT-fs (loop1): Directory bread(block 69) failed [ 62.917432][ T28] audit: type=1400 audit(1758558786.524:361): avc: denied { set_context_mgr } for pid=2360 comm="syz.2.679" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 62.927682][ T2353] FAT-fs (loop1): Directory bread(block 70) failed [ 62.950143][ T2361] binder: 2360:2361 ioctl c0306201 2000000003c0 returned -14 [ 62.960436][ T2363] loop0: detected capacity change from 0 to 512 [ 62.967019][ T317] usb 4-1: Using ep0 maxpacket: 16 [ 62.973393][ T317] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 62.984053][ T2353] FAT-fs (loop1): Directory bread(block 71) failed [ 62.984489][ T2363] EXT4-fs: Ignoring removed oldalloc option [ 62.993294][ T317] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 63.006936][ T2353] FAT-fs (loop1): Directory bread(block 72) failed [ 63.017665][ T2353] FAT-fs (loop1): Directory bread(block 73) failed [ 63.030116][ T317] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 63.048023][ T2348] loop5: detected capacity change from 0 to 40427 [ 63.062399][ T2348] F2FS-fs (loop5): fault_injection options not supported [ 63.075133][ T317] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 63.084440][ T2363] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.680: Parent and EA inode have the same ino 15 [ 63.095599][ T2348] F2FS-fs (loop5): fault_type options not supported [ 63.107311][ T2363] EXT4-fs (loop0): 1 orphan inode deleted [ 63.107657][ T2348] F2FS-fs (loop5): invalid crc value [ 63.122378][ T2363] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 63.131423][ T317] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 63.154027][ T317] usb 4-1: Product: syz [ 63.158221][ T317] usb 4-1: Manufacturer: syz [ 63.163687][ T2348] F2FS-fs (loop5): Found nat_bits in checkpoint [ 63.182483][ T2363] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.0.680: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0 [ 63.183057][ T317] usb 4-1: SerialNumber: syz [ 63.247518][ T2348] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 63.284033][ T284] EXT4-fs (loop0): unmounting filesystem. [ 63.368009][ T2379] loop0: detected capacity change from 0 to 512 [ 63.418734][ T2379] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 63.439870][ T2375] syz.1.675: attempt to access beyond end of device [ 63.439870][ T2375] loop1: rw=2051, sector=1224, nr_sectors = 608 limit=256 [ 63.445199][ T2379] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.454927][ T2375] syz.1.675: attempt to access beyond end of device [ 63.454927][ T2375] loop1: rw=2051, sector=1864, nr_sectors = 14368 limit=256 [ 63.483622][ T2379] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 63.516882][ T28] audit: type=1400 audit(1758558787.124:362): avc: denied { watch_reads } for pid=2378 comm="syz.0.685" path="/107/file1" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 63.554347][ T284] EXT4-fs (loop0): unmounting filesystem. [ 63.593319][ T2399] loop5: detected capacity change from 0 to 1024 [ 63.631749][ T2408] loop0: detected capacity change from 0 to 512 [ 63.639791][ T317] usb 4-1: 0:2 : does not exist [ 63.686770][ T28] audit: type=1400 audit(1758558787.294:363): avc: denied { load_policy } for pid=2411 comm="syz.5.698" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 63.686803][ T2412] SELinux: policydb version 1207 does not match my version range 15-33 [ 63.717556][ T2412] SELinux: failed to load policy [ 63.727234][ T2408] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.750460][ T28] audit: type=1400 audit(1758558787.354:364): avc: denied { map } for pid=2413 comm="syz.2.699" path="socket:[24006]" dev="sockfs" ino=24006 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 63.854596][ T28] audit: type=1400 audit(1758558787.464:365): avc: denied { getopt } for pid=2425 comm="syz.2.705" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 64.016577][ T2449] loop5: detected capacity change from 0 to 512 [ 64.044041][ T6] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 64.045935][ T2449] EXT4-fs mount: 4 callbacks suppressed [ 64.045951][ T2449] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 64.066256][ T2449] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 64.105584][ T372] EXT4-fs (loop5): unmounting filesystem. [ 64.174025][ T39] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 64.224067][ T6] usb 2-1: Using ep0 maxpacket: 16 [ 64.240306][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 64.251406][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 64.264332][ T6] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 64.273653][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.286200][ T317] usb 4-1: USB disconnect, device number 4 [ 64.292417][ T6] usb 2-1: config 0 descriptor?? [ 64.365689][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 64.376726][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 64.386782][ T39] usb 3-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00 [ 64.395867][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.404978][ T39] usb 3-1: config 0 descriptor?? [ 64.624041][ T335] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 64.678955][ T2476] loop5: detected capacity change from 0 to 16 [ 64.686122][ T2476] erofs: (device loop5): mounted with root inode @ nid 36. [ 64.696053][ T2476] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=86 [ 64.705377][ T2476] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=86 [ 64.706773][ T6] hid-multitouch 0003:1FD2:6007.0012: item fetching failed at offset 1/5 [ 64.714572][ T2476] overlayfs: failed to get metacopy (-117) [ 64.723606][ T6] hid-multitouch: probe of 0003:1FD2:6007.0012 failed with error -22 [ 64.815124][ T39] uclogic 0003:2179:0053.0013: interface is invalid, ignoring [ 64.835082][ T335] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 64.845975][ T335] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 64.856116][ T335] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 64.869003][ T335] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 64.878041][ T335] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.886574][ T335] usb 1-1: config 0 descriptor?? [ 64.917114][ T2489] loop5: detected capacity change from 0 to 128 [ 64.923869][ T2489] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 64.924206][ T39] usb 2-1: USB disconnect, device number 8 [ 65.020881][ T336] usb 3-1: USB disconnect, device number 10 [ 65.055716][ T2500] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 65.068316][ T1478] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 65.077713][ T1478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 65.086001][ T1478] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 65.094524][ T1478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 65.102783][ T1478] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 65.111009][ T1478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 65.119260][ T1478] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 65.127645][ T1478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 65.189864][ T2503] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 65.303432][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.310959][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.318595][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.326343][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.336709][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.344325][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.351976][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.359634][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.370732][ T2511] loop3: detected capacity change from 0 to 16 [ 65.371408][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.382125][ T2511] erofs: (device loop3): mounted with root inode @ nid 36. [ 65.384750][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.399250][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.406891][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.414820][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.422321][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.429997][ T335] plantronics 0003:047F:FFFF.0014: unknown main item tag 0x0 [ 65.437684][ T335] plantronics 0003:047F:FFFF.0014: No inputs registered, leaving [ 65.447562][ T335] plantronics 0003:047F:FFFF.0014: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 65.463094][ T2515] loop1: detected capacity change from 0 to 256 [ 65.471881][ T2515] exFAT-fs (loop1): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d) [ 65.490086][ T2515] exFAT-fs (loop1): error, found bogus dentry(11) beyond unused empty group(10) (start_clu : 5, cur_clu : 5) [ 65.502560][ T2515] exFAT-fs (loop1): Filesystem has been set read-only [ 65.636483][ T39] usb 1-1: USB disconnect, device number 7 [ 65.647591][ T2519] loop1: detected capacity change from 0 to 40427 [ 65.659395][ T2519] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 65.667415][ T2519] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 65.676284][ T2519] F2FS-fs (loop1): invalid crc value [ 65.682549][ T2519] F2FS-fs (loop1): Found nat_bits in checkpoint [ 65.704413][ T2519] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 65.711448][ T2519] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 65.738859][ T28] kauditd_printk_skb: 61 callbacks suppressed [ 65.738873][ T28] audit: type=1400 audit(1758558789.344:427): avc: denied { write open } for pid=2518 comm="syz.1.744" path="/172/bus/file1" dev="loop1" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 65.740648][ T2519] syz.1.744: attempt to access beyond end of device [ 65.740648][ T2519] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 65.745314][ T28] audit: type=1400 audit(1758558789.344:428): avc: denied { ioctl } for pid=2518 comm="syz.1.744" path="/172/bus/file1" dev="loop1" ino=10 ioctlcmd=0xf501 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 65.816213][ T285] syz-executor: attempt to access beyond end of device [ 65.816213][ T285] loop1: rw=2051, sector=45096, nr_sectors = 8 limit=40427 [ 65.830329][ T285] F2FS-fs (loop1): Issue discard(5637, 5637, 1) failed, ret: -5 [ 65.901166][ T28] audit: type=1400 audit(1758558789.504:429): avc: denied { mounton } for pid=2535 comm="syz.1.748" path="/173/file0" dev="tmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 65.901338][ T2536] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 65.941404][ T28] audit: type=1400 audit(1758558789.544:430): avc: denied { name_bind } for pid=2537 comm="syz.3.751" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 65.941802][ T2536] FAT-fs (loop3): unable to read boot sector [ 65.969803][ T28] audit: type=1400 audit(1758558789.574:431): avc: denied { node_bind } for pid=2537 comm="syz.3.751" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 66.006318][ T2543] loop5: detected capacity change from 0 to 512 [ 66.028376][ T2543] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 66.031615][ T28] audit: type=1400 audit(1758558789.634:432): avc: denied { create } for pid=2546 comm="syz.1.754" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 66.056185][ T28] audit: type=1400 audit(1758558789.654:433): avc: denied { connect } for pid=2546 comm="syz.1.754" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 66.075661][ T28] audit: type=1400 audit(1758558789.664:434): avc: denied { write } for pid=2546 comm="syz.1.754" path="socket:[25016]" dev="sockfs" ino=25016 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 66.099914][ T372] EXT4-fs (loop5): unmounting filesystem. [ 66.151504][ T2559] SELinux: failed to load policy [ 66.155025][ T28] audit: type=1400 audit(1758558789.754:435): avc: denied { load_policy } for pid=2558 comm="syz.1.759" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1 [ 66.223373][ T2569] loop2: detected capacity change from 0 to 512 [ 66.229981][ T2569] EXT4-fs: Ignoring removed i_version option [ 66.236278][ T28] audit: type=1400 audit(1758558789.844:436): avc: denied { block_suspend } for pid=2562 comm="syz.1.761" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 66.261528][ T2569] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 66.302409][ T1691] EXT4-fs (loop2): unmounting filesystem. [ 66.338084][ T2583] loop2: detected capacity change from 0 to 1024 [ 66.347799][ T2583] EXT4-fs: Ignoring removed nobh option [ 66.353389][ T2583] EXT4-fs: Ignoring removed bh option [ 66.359454][ T2583] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 66.368185][ T2581] loop0: detected capacity change from 0 to 8192 [ 66.401823][ T2583] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 66.404111][ T6] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 66.437634][ T2583] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.770: Allocating blocks 497-513 which overlap fs metadata [ 66.455045][ T2583] EXT4-fs (loop2): pa ffff88811e552d20: logic 256, phys. 385, len 8 [ 66.463125][ T2583] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 66.514889][ T1691] EXT4-fs (loop2): unmounting filesystem. [ 66.584019][ T336] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 66.625115][ T6] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 66.636140][ T6] usb 6-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 66.645429][ T6] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.657127][ T6] usb 6-1: config 0 descriptor?? [ 66.662426][ T2553] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 66.765416][ T336] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 66.784026][ T336] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 66.793794][ T336] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 66.808238][ T39] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 66.823370][ T336] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 66.844037][ T336] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.854367][ T336] usb 2-1: config 0 descriptor?? [ 66.995244][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 67.006236][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 67.016211][ T39] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 67.029617][ T39] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 67.034427][ T19] kernel write not supported for file /input/event1 (pid: 19 comm: kworker/0:1) [ 67.038892][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.056644][ T39] usb 3-1: config 0 descriptor?? [ 67.073652][ T6] hid-generic 0003:04F3:0755.0015: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.5-1/input0 [ 67.078267][ T2618] loop3: detected capacity change from 0 to 512 [ 67.105298][ T2618] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.784: casefold flag without casefold feature [ 67.118917][ T2618] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.784: couldn't read orphan inode 15 (err -117) [ 67.131086][ T2618] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 67.150677][ T1853] EXT4-fs (loop3): unmounting filesystem. [ 67.178361][ T2624] loop3: detected capacity change from 0 to 512 [ 67.195593][ T2624] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #3: comm syz.3.786: corrupted inode contents [ 67.208015][ T2624] EXT4-fs error (device loop3): ext4_dirty_inode:6121: inode #3: comm syz.3.786: mark_inode_dirty error [ 67.219804][ T2624] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #3: comm syz.3.786: corrupted inode contents [ 67.231868][ T2624] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #3: comm syz.3.786: mark_inode_dirty error [ 67.243492][ T2624] EXT4-fs error (device loop3): ext4_acquire_dquot:6801: comm syz.3.786: Failed to acquire dquot type 0 [ 67.254750][ T24] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 67.264361][ T336] plantronics 0003:047F:FFFF.0016: unknown main item tag 0xe [ 67.264922][ T2624] EXT4-fs (loop3): 1 orphan inode deleted [ 67.272165][ T336] plantronics 0003:047F:FFFF.0016: unknown main item tag 0x0 [ 67.284373][ T1393] EXT4-fs error (device loop3): ext4_release_dquot:6837: comm kworker/u4:65: Failed to release dquot type 1 [ 67.285469][ T336] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving [ 67.305372][ T2624] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 67.306754][ T336] plantronics 0003:047F:FFFF.0016: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 67.315045][ T2624] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.374218][ T1853] EXT4-fs (loop3): unmounting filesystem. [ 67.434065][ T24] usb 1-1: Using ep0 maxpacket: 16 [ 67.440328][ T24] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 67.449171][ T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 67.459629][ T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 67.478789][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.486308][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.493752][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.501386][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.508888][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.516407][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.523844][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.531332][ T24] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 67.540445][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.547867][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.555905][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.563303][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.570716][ T24] usb 1-1: Product: syz [ 67.574916][ T24] usb 1-1: Manufacturer: syz [ 67.579512][ T24] usb 1-1: SerialNumber: syz [ 67.584163][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.585137][ T19] usb 2-1: USB disconnect, device number 9 [ 67.591551][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.591577][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.591598][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.619906][ T39] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0 [ 67.627944][ T39] plantronics 0003:047F:FFFF.0017: No inputs registered, leaving [ 68.037748][ T24] usb 1-1: 0:2 : does not exist [ 68.177456][ T39] plantronics 0003:047F:FFFF.0017: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 68.198520][ T39] usb 3-1: USB disconnect, device number 11 [ 68.233305][ T2641] fido_id[2641]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 68.299988][ T2645] loop3: detected capacity change from 0 to 2048 [ 68.339337][ T2645] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 68.354915][ T2645] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.391324][ T2645] fs-verity: sha512 using implementation "sha512-avx2" [ 68.408782][ T1853] EXT4-fs (loop3): unmounting filesystem. [ 68.426453][ T2652] loop3: detected capacity change from 0 to 16 [ 68.436367][ T2652] erofs: (device loop3): mounted with root inode @ nid 36. [ 68.509781][ T2661] loop1: detected capacity change from 0 to 512 [ 68.521117][ T2664] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 68.535562][ T2664] FAT-fs (loop5): unable to read boot sector [ 68.641088][ T2682] loop1: detected capacity change from 0 to 512 [ 68.651378][ T2682] EXT4-fs: Ignoring removed i_version option [ 68.664846][ T24] usb 1-1: 1:0: failed to get current value for ch 0 (-22) [ 68.676389][ T2682] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 68.690243][ T24] usb 1-1: USB disconnect, device number 8 [ 68.716795][ T285] EXT4-fs (loop1): unmounting filesystem. [ 68.726764][ T2688] loop5: detected capacity change from 0 to 256 [ 68.773419][ T2688] FAT-fs (loop5): Directory bread(block 64) failed [ 68.798226][ T2688] FAT-fs (loop5): Directory bread(block 65) failed [ 68.805611][ T2688] FAT-fs (loop5): Directory bread(block 66) failed [ 68.810377][ T2697] syz.2.815 uses obsolete (PF_INET,SOCK_PACKET) [ 68.817593][ T2688] FAT-fs (loop5): Directory bread(block 67) failed [ 68.827625][ T2695] tmpfs: Unknown parameter 'hash' [ 68.828288][ T2688] FAT-fs (loop5): Directory bread(block 68) failed [ 68.839466][ T2688] FAT-fs (loop5): Directory bread(block 69) failed [ 68.846288][ T2688] FAT-fs (loop5): Directory bread(block 70) failed [ 68.856945][ T2688] FAT-fs (loop5): Directory bread(block 71) failed [ 68.868654][ T2688] FAT-fs (loop5): Directory bread(block 72) failed [ 68.870024][ T2704] loop3: detected capacity change from 0 to 256 [ 68.875266][ T2688] FAT-fs (loop5): Directory bread(block 73) failed [ 68.882207][ T2704] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 68.901288][ T2704] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 68.994287][ T336] usb 6-1: USB disconnect, device number 8 [ 69.028832][ T39] kernel write not supported for file /uhid (pid: 39 comm: kworker/1:1) [ 69.097719][ T2688] syz.5.813: attempt to access beyond end of device [ 69.097719][ T2688] loop5: rw=2051, sector=1224, nr_sectors = 608 limit=256 [ 69.111779][ T2688] syz.5.813: attempt to access beyond end of device [ 69.111779][ T2688] loop5: rw=2051, sector=1864, nr_sectors = 18912 limit=256 [ 69.135009][ T19] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 69.197870][ T2722] netlink: 12 bytes leftover after parsing attributes in process `syz.0.828'. [ 69.267221][ T2720] loop3: detected capacity change from 0 to 40427 [ 69.274803][ T2720] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 69.282547][ T2720] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 69.291540][ T2720] F2FS-fs (loop3): invalid crc value [ 69.318623][ T2720] F2FS-fs (loop3): Found nat_bits in checkpoint [ 69.319548][ T2730] loop0: detected capacity change from 0 to 16 [ 69.349792][ T19] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 69.364218][ T2720] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 69.367972][ T2730] erofs: (device loop0): mounted with root inode @ nid 36. [ 69.371289][ T2720] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 69.412305][ T19] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 69.429804][ T19] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 69.443019][ T2730] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=86 [ 69.454981][ T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 69.463680][ T19] usb 2-1: SerialNumber: syz [ 69.471483][ T2730] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=86 [ 69.482672][ T2730] overlayfs: failed to get metacopy (-117) [ 69.484769][ T2742] loop5: detected capacity change from 0 to 512 [ 69.495865][ T2742] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 69.651789][ T2760] loop2: detected capacity change from 0 to 512 [ 69.659481][ T2760] EXT4-fs: quotafile must be on filesystem root [ 69.684933][ T19] usb 2-1: 0:2 : does not exist [ 69.691372][ T19] usb 2-1: USB disconnect, device number 10 [ 69.731555][ T2763] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 69.742443][ T1456] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 69.750910][ T1456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.759319][ T1456] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 69.768509][ T1456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 69.776936][ T1456] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.785583][ T1456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.793834][ T1456] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.802109][ T1456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.844125][ T6] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 69.874075][ T336] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 69.904966][ T338] udevd[338]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 69.918370][ T2768] loop2: detected capacity change from 0 to 512 [ 69.935841][ T2768] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 69.944840][ T2768] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 70.035323][ T6] usb 6-1: unable to get BOS descriptor or descriptor too short [ 70.043368][ T6] usb 6-1: not running at top speed; connect to a high speed hub [ 70.052065][ T6] usb 6-1: config 5 has 1 interface, different from the descriptor's value: 2 [ 70.061026][ T6] usb 6-1: config 5 interface 0 has no altsetting 0 [ 70.067810][ T336] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 70.068792][ T1691] EXT4-fs (loop2): unmounting filesystem. [ 70.079085][ T336] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 70.085750][ T6] usb 6-1: New USB device found, idVendor=0582, idProduct=0074, bcdDevice=2a.70 [ 70.094332][ T336] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 70.116221][ T336] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 70.118356][ T6] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.134381][ T336] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.137017][ T6] usb 6-1: Product: syz [ 70.146849][ T6] usb 6-1: Manufacturer: syz [ 70.151615][ T6] usb 6-1: SerialNumber: syz [ 70.157227][ T336] usb 1-1: config 0 descriptor?? [ 70.290706][ T2793] loop2: detected capacity change from 0 to 512 [ 70.302557][ T2793] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 70.311905][ T2793] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 70.343229][ T2793] EXT4-fs error (device loop2): ext4_get_first_dir_block:3591: inode #12: block 32: comm syz.2.857: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 70.365633][ T2793] EXT4-fs (loop2): Remounting filesystem read-only [ 70.373379][ T6] rndis_host 6-1:5.0: skipping garbage [ 70.375178][ T2793] EXT4-fs error (device loop2): ext4_get_first_dir_block:3594: inode #12: comm syz.2.857: directory missing '.' [ 70.390943][ T6] usb 6-1: bad CDC descriptors [ 70.395945][ T6] usb 6-1: USB disconnect, device number 9 [ 70.402293][ T2793] EXT4-fs (loop2): Remounting filesystem read-only [ 70.427476][ T1691] EXT4-fs (loop2): unmounting filesystem. [ 70.499974][ T2809] loop2: detected capacity change from 0 to 512 [ 70.506525][ T2812] loop1: detected capacity change from 0 to 512 [ 70.521455][ T2812] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 70.537060][ T2812] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #2: block 9: comm syz.1.865: lblock 0 mapped to illegal pblock 9 (length 1) [ 70.552415][ T2812] EXT4-fs (loop1): mount failed [ 70.561121][ T2809] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 70.567679][ T2821] loop3: detected capacity change from 0 to 1024 [ 70.571538][ T2809] ext4 filesystem being mounted at /81/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 70.582653][ T336] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving [ 70.617226][ T336] plantronics 0003:047F:FFFF.0018: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 70.656785][ T2821] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 70.687818][ T1853] EXT4-fs (loop3): unmounting filesystem. [ 70.722899][ T1691] EXT4-fs (loop2): unmounting filesystem. [ 70.926687][ T6] usb 1-1: USB disconnect, device number 9 [ 71.031981][ T28] kauditd_printk_skb: 118 callbacks suppressed [ 71.031998][ T28] audit: type=1326 audit(1758558794.634:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.090832][ T28] audit: type=1326 audit(1758558794.634:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.135234][ T28] audit: type=1326 audit(1758558794.634:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.183466][ T28] audit: type=1326 audit(1758558794.634:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.239050][ T28] audit: type=1326 audit(1758558794.634:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.266096][ T28] audit: type=1326 audit(1758558794.634:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.300784][ T28] audit: type=1326 audit(1758558794.634:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.334188][ T28] audit: type=1326 audit(1758558794.634:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.379299][ T28] audit: type=1326 audit(1758558794.634:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.426297][ T28] audit: type=1326 audit(1758558794.634:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2852 comm="syz.5.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83f378eec9 code=0x7ff00000 [ 71.529762][ T2855] loop1: detected capacity change from 0 to 40427 [ 71.536854][ T2855] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 71.544783][ T2855] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 71.554057][ T2855] F2FS-fs (loop1): invalid crc value [ 71.581880][ T2855] F2FS-fs (loop1): Found nat_bits in checkpoint [ 71.615745][ T2855] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 71.622911][ T2855] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 71.653363][ T285] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 71.653385][ T285] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 71.670429][ T285] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 71.684519][ T285] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 71.706778][ T285] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 71.714759][ T285] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 71.722592][ T285] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 71.813720][ T2877] loop0: detected capacity change from 0 to 256 [ 71.841389][ T2877] FAT-fs (loop0): Directory bread(block 64) failed [ 71.848355][ T2877] FAT-fs (loop0): Directory bread(block 65) failed [ 71.855507][ T2877] FAT-fs (loop0): Directory bread(block 66) failed [ 71.862132][ T2877] FAT-fs (loop0): Directory bread(block 67) failed [ 71.869177][ T2877] FAT-fs (loop0): Directory bread(block 68) failed [ 71.875919][ T2877] FAT-fs (loop0): Directory bread(block 69) failed [ 71.882475][ T2877] FAT-fs (loop0): Directory bread(block 70) failed [ 71.889336][ T2877] FAT-fs (loop0): Directory bread(block 71) failed [ 71.891319][ T2883] loop2: detected capacity change from 0 to 128 [ 71.896156][ T2877] FAT-fs (loop0): Directory bread(block 72) failed [ 71.908954][ T2877] FAT-fs (loop0): Directory bread(block 73) failed [ 71.927614][ T2883] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 71.936431][ T2883] ext4 filesystem being mounted at /88/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 71.977497][ T1691] EXT4-fs (loop2): unmounting filesystem. [ 72.018323][ T2889] loop2: detected capacity change from 0 to 512 [ 72.027751][ T2889] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 72.042014][ T2889] EXT4-fs (loop2): 1 truncate cleaned up [ 72.048522][ T2889] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 72.074005][ T39] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 72.082378][ T1691] EXT4-fs (loop2): unmounting filesystem. [ 72.104023][ T336] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 72.138433][ T2877] syz.0.887: attempt to access beyond end of device [ 72.138433][ T2877] loop0: rw=2051, sector=1224, nr_sectors = 608 limit=256 [ 72.152385][ T2877] syz.0.887: attempt to access beyond end of device [ 72.152385][ T2877] loop0: rw=2051, sector=1864, nr_sectors = 19392 limit=256 [ 72.223798][ T2905] device vlan2 entered promiscuous mode [ 72.229842][ T2905] device veth0 entered promiscuous mode [ 72.265115][ T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 72.285135][ T39] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 72.296384][ T39] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 72.311031][ T39] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 72.321971][ T336] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 72.332945][ T336] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 72.342788][ T39] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.350906][ T336] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 72.364929][ T39] usb 6-1: config 0 descriptor?? [ 72.369959][ T336] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 72.379132][ T336] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.388490][ T336] usb 2-1: config 0 descriptor?? [ 72.574023][ T6] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 72.664377][ T2923] loop3: detected capacity change from 0 to 40427 [ 72.675013][ T2923] F2FS-fs (loop3): invalid crc value [ 72.681814][ T2923] F2FS-fs (loop3): Found nat_bits in checkpoint [ 72.706654][ T2923] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 72.764029][ T6] usb 1-1: Using ep0 maxpacket: 16 [ 72.770411][ T6] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 72.782536][ T6] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 72.792915][ T6] usb 1-1: config 0 interface 0 has no altsetting 0 [ 72.793740][ T39] plantronics 0003:047F:FFFF.0019: unknown main item tag 0xe [ 72.800096][ T6] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 72.807999][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.816375][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.823588][ T24] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 72.839794][ T1853] syz-executor: attempt to access beyond end of device [ 72.839794][ T1853] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 72.842102][ T6] usb 1-1: config 0 descriptor?? [ 72.854051][ T39] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0 [ 72.866536][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.874262][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.881943][ T39] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving [ 72.889955][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.897811][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.906381][ T39] plantronics 0003:047F:FFFF.0019: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 72.918943][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.926382][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.933785][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.942990][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.950477][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.958051][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.965885][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.973302][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.980956][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.988378][ T336] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 72.996166][ T336] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving [ 73.005119][ T336] plantronics 0003:047F:FFFF.001A: hiddev97,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 73.055084][ T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.066366][ T24] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 73.078538][ T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 73.088432][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.096576][ T24] usb 3-1: Product: syz [ 73.100748][ T24] usb 3-1: Manufacturer: syz [ 73.105530][ T24] usb 3-1: SerialNumber: syz [ 73.110986][ T1910] usb 6-1: USB disconnect, device number 10 [ 73.117514][ T24] cdc_mbim 3-1:1.0: skipping garbage [ 73.118234][ T444] usb 2-1: USB disconnect, device number 11 [ 73.281189][ T6] hid (null): report_id 19321 is invalid [ 73.287078][ T6] hid (null): unknown global tag 0xe [ 73.292469][ T6] hid (null): unknown global tag 0xd [ 73.297817][ T6] hid (null): nested delimiters [ 73.318511][ T2917] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22 [ 73.354061][ T336] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 73.509051][ T1910] usb 1-1: USB disconnect, device number 10 [ 73.534953][ T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 73.545961][ T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 73.555872][ T336] usb 4-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00 [ 73.565405][ T336] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.573899][ T336] usb 4-1: config 0 descriptor?? [ 73.927559][ T2917] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22 [ 73.935753][ T24] cdc_mbim 3-1:1.0: cdc-wdm0: USB WDM device [ 73.943331][ T24] cdc_mbim 3-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.2-1, CDC MBIM, 7e:d6:c1:09:94:a5 [ 73.982876][ T336] uclogic 0003:2179:0053.001C: interface is invalid, ignoring [ 74.058680][ T142] 8021q: adding VLAN 0 to HW filter on device wwan0 [ 74.148452][ T336] usb 3-1: USB disconnect, device number 12 [ 74.154967][ T336] cdc_mbim 3-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.2-1, CDC MBIM [ 74.189154][ T19] usb 4-1: USB disconnect, device number 5 [ 74.668200][ T2975] loop2: detected capacity change from 0 to 256 [ 74.708456][ T2975] FAT-fs (loop2): Directory bread(block 64) failed [ 74.733730][ T2982] loop0: detected capacity change from 0 to 512 [ 74.740328][ T2975] FAT-fs (loop2): Directory bread(block 65) failed [ 74.772201][ T2975] FAT-fs (loop2): Directory bread(block 66) failed [ 74.779345][ T2982] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 74.787950][ T2975] FAT-fs (loop2): Directory bread(block 67) failed [ 74.796390][ T2975] FAT-fs (loop2): Directory bread(block 68) failed [ 74.803102][ T2975] FAT-fs (loop2): Directory bread(block 69) failed [ 74.810194][ T2975] FAT-fs (loop2): Directory bread(block 70) failed [ 74.817128][ T2975] FAT-fs (loop2): Directory bread(block 71) failed [ 74.824187][ T2975] FAT-fs (loop2): Directory bread(block 72) failed [ 74.830736][ T2975] FAT-fs (loop2): Directory bread(block 73) failed [ 74.894921][ T284] EXT4-fs (loop0): unmounting filesystem. [ 74.959376][ T2975] syz.2.910: attempt to access beyond end of device [ 74.959376][ T2975] loop2: rw=2051, sector=12104, nr_sectors = 32 limit=256 [ 75.001856][ T3008] syz.2.910: attempt to access beyond end of device [ 75.001856][ T3008] loop2: rw=2051, sector=1224, nr_sectors = 608 limit=256 [ 75.015999][ T3008] syz.2.910: attempt to access beyond end of device [ 75.015999][ T3008] loop2: rw=2051, sector=1864, nr_sectors = 10240 limit=256 [ 75.183175][ T3028] netlink: 'syz.1.930': attribute type 1 has an invalid length. [ 75.190968][ T336] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 75.264862][ T3039] SELinux: Context Ü is not valid (left unmapped). [ 75.379753][ T336] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 75.404298][ T336] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 75.424073][ T24] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 75.433152][ T336] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 75.451486][ T336] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 75.460697][ T336] usb 4-1: Product: syz [ 75.466901][ T336] usb 4-1: Manufacturer: syz [ 75.471719][ T336] usb 4-1: SerialNumber: syz [ 75.477011][ T3062] input: syz1 as /devices/virtual/input/input12 [ 75.484946][ T336] cdc_mbim 4-1:1.0: skipping garbage [ 75.605538][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 75.611875][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 75.630068][ T24] usb 3-1: New USB device found, idVendor=04e7, idProduct=0009, bcdDevice= 0.00 [ 75.643685][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.658463][ T24] usb 3-1: config 0 descriptor?? [ 75.686047][ T3002] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 75.701579][ T3081] loop0: detected capacity change from 0 to 1024 [ 75.720407][ T3081] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 75.737990][ T3069] loop1: detected capacity change from 0 to 40427 [ 75.749091][ T3069] F2FS-fs (loop1): Found nat_bits in checkpoint [ 75.773109][ T3081] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 75.786947][ T3081] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters [ 75.791067][ T3069] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 75.801869][ T3081] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 75.822485][ T3081] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28 [ 75.835162][ T3081] EXT4-fs (loop0): This should not happen!! Data will be lost [ 75.835162][ T3081] [ 75.845054][ T3081] EXT4-fs (loop0): Total free blocks count 0 [ 75.846320][ T3089] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 5 with error 28 [ 75.851084][ T3081] EXT4-fs (loop0): Free/Dirty block details [ 75.863607][ T3089] EXT4-fs (loop0): This should not happen!! Data will be lost [ 75.863607][ T3089] [ 75.870832][ T285] syz-executor: attempt to access beyond end of device [ 75.870832][ T285] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 75.878978][ T3089] EXT4-fs (loop0): Total free blocks count 0 [ 75.895092][ T3081] EXT4-fs (loop0): free_blocks=20480 [ 75.906925][ T3081] EXT4-fs (loop0): dirty_blocks=32 [ 75.979990][ T60] kernel write not supported for file bpf-prog (pid: 60 comm: kworker/1:2) [ 76.081533][ T3095] loop0: detected capacity change from 0 to 40427 [ 76.091241][ T3095] F2FS-fs (loop0): invalid crc value [ 76.096079][ T24] elo 0003:04E7:0009.001D: ignoring exceeding usage max [ 76.098520][ T3095] F2FS-fs (loop0): Found nat_bits in checkpoint [ 76.105647][ T24] elo 0003:04E7:0009.001D: hidraw0: USB HID v0.00 Device [HID 04e7:0009] on usb-dummy_hcd.2-1/input0 [ 76.137597][ T3095] F2FS-fs (loop0): Start checkpoint disabled! [ 76.145015][ T3095] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 76.267284][ T28] kauditd_printk_skb: 139 callbacks suppressed [ 76.267300][ T28] audit: type=1400 audit(1758558799.874:701): avc: denied { read } for pid=3101 comm="syz.0.959" name="usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 76.301481][ T28] audit: type=1400 audit(1758558799.874:702): avc: denied { open } for pid=3101 comm="syz.0.959" path="/dev/usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 76.321434][ T3002] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 76.334736][ T336] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device [ 76.335765][ T444] usb 3-1: USB disconnect, device number 13 [ 76.342323][ T336] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, ae:e3:95:a3:13:3c [ 76.441314][ T142] 8021q: adding VLAN 0 to HW filter on device wwan0 [ 76.546280][ T336] usb 4-1: USB disconnect, device number 6 [ 76.552308][ T336] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM [ 76.836154][ T3150] loop1: detected capacity change from 0 to 512 [ 76.870973][ T3150] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 76.928489][ T3161] loop2: detected capacity change from 0 to 16 [ 76.947496][ T3161] erofs: (device loop2): mounted with root inode @ nid 36. [ 76.968993][ T285] EXT4-fs (loop1): unmounting filesystem. [ 76.990430][ T3163] loop0: detected capacity change from 0 to 128 [ 77.002481][ T3163] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 77.011483][ T3163] ext4 filesystem being mounted at /169/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 77.050716][ T28] audit: type=1400 audit(1758558800.654:703): avc: denied { append } for pid=3162 comm="syz.0.969" path="/169/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/cpu.stat" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 77.097662][ T284] EXT4-fs (loop0): unmounting filesystem. [ 77.140276][ T28] audit: type=1400 audit(1758558800.744:704): avc: denied { block_suspend } for pid=3178 comm="syz.0.981" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 77.199697][ T3187] loop1: detected capacity change from 0 to 512 [ 77.232180][ T3187] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 77.241384][ T3187] ext4 filesystem being mounted at /221/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.264886][ T285] EXT4-fs (loop1): unmounting filesystem. [ 77.382108][ T3203] loop1: detected capacity change from 0 to 256 [ 77.388488][ T24] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 77.398255][ T3203] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x23633d53, utbl_chksum : 0xe619d30d) [ 77.428240][ T28] audit: type=1400 audit(1758558801.034:705): avc: denied { write } for pid=3202 comm="syz.1.986" name="/" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 77.450267][ T28] audit: type=1400 audit(1758558801.034:706): avc: denied { add_name } for pid=3202 comm="syz.1.986" name="control" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 77.471278][ T28] audit: type=1400 audit(1758558801.034:707): avc: denied { associate } for pid=3202 comm="syz.1.986" name="control" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 77.493126][ T60] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 77.506014][ T28] audit: type=1400 audit(1758558801.034:708): avc: denied { watch } for pid=3202 comm="syz.1.986" path="/225/file0/control" dev="loop1" ino=1048664 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 77.555927][ T28] audit: type=1400 audit(1758558801.164:709): avc: denied { relabelfrom } for pid=3208 comm="syz.1.989" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 77.575791][ T28] audit: type=1400 audit(1758558801.164:710): avc: denied { relabelto } for pid=3208 comm="syz.1.989" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 77.635059][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.646130][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 77.655946][ T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 77.668957][ T24] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 77.678127][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.689151][ T24] usb 4-1: config 0 descriptor?? [ 77.705066][ T60] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.718002][ T336] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 77.726639][ T60] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 77.739695][ T3215] loop5: detected capacity change from 0 to 512 [ 77.745294][ T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 77.756546][ T60] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.770539][ T60] usb 1-1: Product: syz [ 77.780011][ T60] usb 1-1: Manufacturer: syz [ 77.784903][ T60] usb 1-1: SerialNumber: syz [ 77.785868][ T3215] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 77.798770][ T3215] ext4 filesystem being mounted at /192/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.799768][ T60] cdc_mbim 1-1:1.0: skipping garbage [ 77.827241][ T372] EXT4-fs (loop5): unmounting filesystem. [ 77.856375][ T3211] loop1: detected capacity change from 0 to 40427 [ 77.864934][ T3211] F2FS-fs (loop1): invalid crc value [ 77.876502][ T3211] F2FS-fs (loop1): Found nat_bits in checkpoint [ 77.916376][ T3211] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 77.925283][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.950954][ T3211] syz.1.990: attempt to access beyond end of device [ 77.950954][ T3211] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 77.954664][ T3228] netlink: 16 bytes leftover after parsing attributes in process `syz.5.995'. [ 77.973701][ T336] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 77.973952][ T285] syz-executor: attempt to access beyond end of device [ 77.973952][ T285] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 77.984597][ T336] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 78.012216][ T3193] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 78.038764][ T336] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 78.052110][ T336] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.061457][ T336] usb 3-1: config 0 descriptor?? [ 78.100831][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.115093][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.132694][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.140167][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.147689][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.155246][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.162714][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.171778][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.179469][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.187646][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.195127][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.202974][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.210948][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.218488][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.225972][ T24] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 78.233575][ T24] plantronics 0003:047F:FFFF.001E: No inputs registered, leaving [ 78.242965][ T24] plantronics 0003:047F:FFFF.001E: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 78.329733][ T3242] loop1: detected capacity change from 0 to 4096 [ 78.354058][ T3242] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 78.404833][ T24] usb 4-1: USB disconnect, device number 7 [ 78.421063][ T285] EXT4-fs (loop1): unmounting filesystem. [ 78.470669][ T336] plantronics 0003:047F:FFFF.001F: unknown main item tag 0xd [ 78.479272][ T336] plantronics 0003:047F:FFFF.001F: No inputs registered, leaving [ 78.488646][ T336] plantronics 0003:047F:FFFF.001F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 78.642392][ T3193] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 78.650372][ T60] cdc_mbim 1-1:1.0: cdc-wdm0: USB WDM device [ 78.657699][ T60] cdc_mbim 1-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.0-1, CDC MBIM, 06:25:6f:c0:d3:04 [ 78.703197][ T6] usb 3-1: USB disconnect, device number 14 [ 78.774944][ T142] 8021q: adding VLAN 0 to HW filter on device wwan0 [ 78.864894][ T444] usb 1-1: USB disconnect, device number 11 [ 78.870965][ T444] cdc_mbim 1-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.0-1, CDC MBIM [ 78.928337][ T3285] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1008'. [ 78.938996][ T3286] loop5: detected capacity change from 0 to 128 [ 78.957016][ T3286] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 79.024650][ T3297] overlayfs: failed to resolve './bus': -2 [ 79.284767][ T3335] loop3: detected capacity change from 0 to 1024 [ 79.298636][ T3335] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 79.316315][ T3335] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 79.325332][ T3335] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.340017][ T60] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 79.348701][ T3335] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 3: comm syz.3.1024: lblock 3 mapped to illegal pblock 3 (length 1) [ 79.363288][ T3335] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117 [ 79.376356][ T3335] EXT4-fs (loop3): This should not happen!! Data will be lost [ 79.376356][ T3335] [ 79.395883][ T3335] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 3: comm syz.3.1024: lblock 3 mapped to illegal pblock 3 (length 1) [ 79.417292][ T1853] EXT4-fs (loop3): unmounting filesystem. [ 79.472847][ T3357] syz.0.1033[3357] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 79.472921][ T3357] syz.0.1033[3357] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 79.534082][ T60] usb 6-1: Using ep0 maxpacket: 16 [ 79.567369][ T60] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 79.585423][ T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.613721][ T60] usb 6-1: Product: syz [ 79.618347][ T60] usb 6-1: Manufacturer: syz [ 79.622980][ T60] usb 6-1: SerialNumber: syz [ 79.743097][ T3390] 9pnet: p9_errstr2errno: server reported unknown error 00000000000000000000004D†ü [ 79.867671][ T1456] Bluetooth: hci0: Frame reassembly failed (-84) [ 79.874442][ T1393] Bluetooth: hci0: received HCILL_GO_TO_SLEEP_ACK in state 0 [ 79.882082][ T1393] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 79.890090][ T60] r8152-cfgselector 6-1: Unknown version 0x0000 [ 79.999331][ T60] r8152-cfgselector 6-1: Unknown version 0x0000 [ 80.008047][ T60] r8152-cfgselector 6-1: USB disconnect, device number 11 [ 80.034025][ T444] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 80.047977][ T3374] loop1: detected capacity change from 0 to 131072 [ 80.057545][ T3374] F2FS-fs (loop1): Test dummy encryption mode enabled [ 80.066030][ T3374] F2FS-fs (loop1): invalid crc value [ 80.103050][ T3374] F2FS-fs (loop1): Found nat_bits in checkpoint [ 80.135873][ T3374] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 80.214050][ T444] usb 4-1: Using ep0 maxpacket: 16 [ 80.220492][ T444] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 80.229979][ T444] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 80.240357][ T444] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 80.251090][ T444] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 80.260519][ T444] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.268701][ T444] usb 4-1: Product: syz [ 80.273002][ T444] usb 4-1: Manufacturer: syz [ 80.277867][ T444] usb 4-1: SerialNumber: syz [ 80.316811][ T3417] loop1: detected capacity change from 0 to 512 [ 80.323688][ T3417] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 80.336808][ T3417] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 80.345765][ T3417] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.363950][ T3417] EXT4-fs (loop1): re-mounted. Quota mode: writeback. [ 80.377278][ T285] EXT4-fs (loop1): unmounting filesystem. [ 80.600968][ T3431] loop1: detected capacity change from 0 to 40427 [ 80.608262][ T3431] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 80.615597][ T3431] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 80.634592][ T3431] F2FS-fs (loop1): Found nat_bits in checkpoint [ 80.663167][ T3431] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 80.670998][ T3431] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 80.688568][ T444] usb 4-1: 0:2 : does not exist [ 80.708790][ T285] syz-executor: attempt to access beyond end of device [ 80.708790][ T285] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 80.818587][ T3451] loop5: detected capacity change from 0 to 1024 [ 80.830027][ T3451] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 80.839769][ T3451] EXT4-fs (loop5): orphan cleanup on readonly fs [ 80.846461][ T3451] EXT4-fs error (device loop5): ext4_free_blocks:6210: comm syz.5.1072: Freeing blocks not in datazone - block = 0, count = 4096 [ 80.861109][ T3451] EXT4-fs (loop5): 1 orphan inode deleted [ 80.867073][ T3451] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 80.886090][ T372] EXT4-fs (loop5): unmounting filesystem. [ 80.975365][ T3460] binder: 3459:3460 ioctl c0306201 200000000540 returned -14 [ 81.020219][ T3464] loop2: detected capacity change from 0 to 512 [ 81.042339][ T3464] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 81.051709][ T3464] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.062904][ T3464] EXT4-fs (loop2): unmounting filesystem. [ 81.094050][ T19] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 81.275101][ T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.281886][ T3458] loop5: detected capacity change from 0 to 131072 [ 81.286564][ T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 81.302537][ T19] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 81.315747][ T19] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 81.325116][ T19] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.332226][ T3458] F2FS-fs (loop5): Found nat_bits in checkpoint [ 81.334554][ T19] usb 2-1: config 0 descriptor?? [ 81.357752][ T444] usb 4-1: 1:0: failed to get current value for ch 0 (-22) [ 81.374035][ T444] usb 4-1: USB disconnect, device number 8 [ 81.404506][ T3458] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 81.461516][ T3488] loop2: detected capacity change from 0 to 512 [ 81.484206][ T3488] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 81.496279][ T3488] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 81.505406][ T3488] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.535910][ T3458] F2FS-fs (loop5): lookup inode (7) has corrupted xattr [ 81.543403][ T3458] F2FS-fs (loop5): list inode (7) has corrupted xattr [ 81.552258][ T1691] EXT4-fs (loop2): unmounting filesystem. [ 81.573033][ T28] kauditd_printk_skb: 41 callbacks suppressed [ 81.573047][ T28] audit: type=1400 audit(1758558805.174:752): avc: denied { create } for pid=3491 comm="syz.2.1086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 81.613716][ T28] audit: type=1400 audit(1758558805.214:753): avc: denied { setopt } for pid=3493 comm="syz.2.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 81.744743][ T3500] netlink: 'syz.5.1090': attribute type 6 has an invalid length. [ 81.760645][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.768335][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.775963][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.783781][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.791210][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.798632][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.806242][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.813927][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.821845][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.829306][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.836840][ T19] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 81.844776][ T19] plantronics 0003:047F:FFFF.0020: No inputs registered, leaving [ 81.853667][ T19] plantronics 0003:047F:FFFF.0020: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 81.897584][ T3511] loop3: detected capacity change from 0 to 128 [ 81.904047][ T6] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 81.914473][ T3511] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 81.923185][ T3511] ext4 filesystem being mounted at /112/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 81.933828][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 81.934210][ T2226] Bluetooth: hci0: command 0x1003 tx timeout [ 81.962936][ T1853] EXT4-fs (loop3): unmounting filesystem. [ 82.024768][ T24] usb 2-1: USB disconnect, device number 12 [ 82.085333][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 82.096274][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 82.106013][ T6] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 82.118915][ T6] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 82.127998][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.136727][ T6] usb 3-1: config 0 descriptor?? [ 82.154025][ T19] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 82.224038][ T60] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 82.254019][ T336] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 82.343990][ T19] usb 6-1: Using ep0 maxpacket: 16 [ 82.350155][ T19] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 82.358976][ T19] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 82.369480][ T19] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 82.379699][ T19] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 82.388780][ T19] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.396839][ T19] usb 6-1: Product: syz [ 82.401015][ T19] usb 6-1: Manufacturer: syz [ 82.405704][ T19] usb 6-1: SerialNumber: syz [ 82.415274][ T60] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 82.426977][ T60] usb 1-1: New USB device found, idVendor=050e, idProduct=a4a1, bcdDevice= 0.40 [ 82.436551][ T60] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.444621][ T60] usb 1-1: Product: syz [ 82.448851][ T60] usb 1-1: Manufacturer: syz [ 82.453555][ T60] usb 1-1: SerialNumber: syz [ 82.458823][ T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 82.470107][ T336] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 82.480038][ T336] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 82.493486][ T336] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 82.502749][ T336] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.511755][ T336] usb 4-1: config 0 descriptor?? [ 82.544571][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.552344][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.557665][ T3522] loop1: detected capacity change from 0 to 4096 [ 82.560066][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.566916][ T3522] EXT4-fs: Ignoring removed mblk_io_submit option [ 82.576861][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.588482][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.596178][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.597300][ T3522] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 82.603614][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.603639][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.627598][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.635245][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.642755][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.650219][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.657683][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.665147][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.666243][ T28] audit: type=1400 audit(1758558806.274:754): avc: denied { append } for pid=3521 comm="syz.1.1099" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 82.672584][ T6] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 82.702319][ T6] plantronics 0003:047F:FFFF.0021: No inputs registered, leaving [ 82.711800][ T6] plantronics 0003:047F:FFFF.0021: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 82.712088][ T285] EXT4-fs (loop1): unmounting filesystem. [ 82.835498][ T19] usb 6-1: 0:2 : does not exist [ 82.887125][ T24] usb 3-1: USB disconnect, device number 15 [ 82.936249][ T336] plantronics 0003:047F:FFFF.0022: unknown main item tag 0xd [ 82.949514][ T336] plantronics 0003:047F:FFFF.0022: No inputs registered, leaving [ 82.958709][ T336] plantronics 0003:047F:FFFF.0022: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 82.986421][ T103] udevd[103]: worker [409] terminated by signal 33 (Unknown signal 33) [ 82.995022][ T103] udevd[103]: worker [409] failed while handling '/devices/platform/dummy_hcd.3/usb4/4-1' [ 83.006440][ T3541] loop1: detected capacity change from 0 to 512 [ 83.042503][ T3544] loop1: detected capacity change from 0 to 512 [ 83.050553][ T3544] EXT4-fs (loop1): Test dummy encryption mode enabled [ 83.057495][ T3544] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 83.069138][ T3544] EXT4-fs (loop1): 1 truncate cleaned up [ 83.075072][ T3544] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 83.090790][ T28] audit: type=1400 audit(2000000000.330:755): avc: denied { create } for pid=3543 comm="syz.1.1108" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 83.135485][ T285] EXT4-fs (loop1): unmounting filesystem. [ 83.151402][ T3547] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 83.161415][ T28] audit: type=1400 audit(2000000000.410:756): avc: denied { relabelto } for pid=3546 comm="syz.1.1109" name="258" dev="tmpfs" ino=1361 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 83.188120][ T28] audit: type=1400 audit(2000000000.410:757): avc: denied { associate } for pid=3546 comm="syz.1.1109" name="258" dev="tmpfs" ino=1361 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0" [ 83.215944][ T6] usb 4-1: USB disconnect, device number 9 [ 83.222116][ T28] audit: type=1400 audit(2000000000.460:758): avc: denied { write } for pid=285 comm="syz-executor" name="258" dev="tmpfs" ino=1361 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 83.248412][ T28] audit: type=1400 audit(2000000000.460:759): avc: denied { remove_name } for pid=285 comm="syz-executor" name="binderfs" dev="tmpfs" ino=1365 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 83.275438][ T28] audit: type=1400 audit(2000000000.460:760): avc: denied { rmdir } for pid=285 comm="syz-executor" name="258" dev="tmpfs" ino=1361 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 83.302246][ T28] audit: type=1400 audit(2000000000.480:761): avc: denied { unmount } for pid=3548 comm="syz.1.1110" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 83.453794][ T19] usb 6-1: USB disconnect, device number 12 [ 83.471572][ T338] udevd[338]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 83.487967][ T3551] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.495263][ T3551] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.502732][ T3551] device bridge_slave_0 entered promiscuous mode [ 83.510438][ T3551] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.517890][ T3551] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.526596][ T3551] device bridge_slave_1 entered promiscuous mode [ 83.536059][ T60] cdc_ncm 1-1:1.0: bind() failure [ 83.565118][ T60] usb 1-1: USB disconnect, device number 12 [ 83.665712][ T3551] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.672881][ T3551] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.680212][ T3551] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.687352][ T3551] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.732542][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 83.740403][ T1393] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.749130][ T1393] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.780955][ T1391] bridge0: port 2(bridge_slave_1) entered disabled state [ 83.792510][ T1391] device bridge_slave_0 left promiscuous mode [ 83.805139][ T1391] bridge0: port 1(bridge_slave_0) entered disabled state [ 83.829188][ T1391] device veth1_macvtap left promiscuous mode [ 83.837117][ T1391] device veth0_vlan left promiscuous mode [ 83.985124][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 83.993769][ T1393] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.000849][ T1393] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.019567][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 84.027928][ T1393] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.035005][ T1393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.043236][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 84.051437][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 84.085238][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 84.100412][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 84.110722][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.122895][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.131104][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.131502][ T3551] device veth0_vlan entered promiscuous mode [ 84.144636][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.152180][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.160020][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.167499][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 84.175889][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 84.183673][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.193509][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.200989][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.208624][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.216601][ T3551] device veth1_macvtap entered promiscuous mode [ 84.224114][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.224270][ T336] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 84.236994][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.246857][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 84.248824][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.262268][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.263916][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 84.269756][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.278847][ T1393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 84.286112][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.300867][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.308309][ T444] hid-generic 0003:0004:0000.0023: unknown main item tag 0x0 [ 84.316880][ T444] hid-generic 0003:0004:0000.0023: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 84.350930][ T3612] fido_id[3612]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 84.407026][ T1456] Bluetooth: hci0: Frame reassembly failed (-84) [ 84.435420][ T336] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 84.449778][ T336] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 84.461752][ T336] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 84.471083][ T336] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 84.479184][ T336] usb 4-1: SerialNumber: syz [ 84.691021][ T336] usb 4-1: 0:2 : does not exist [ 84.696003][ T1910] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 84.703645][ T336] usb 4-1: unit 48 not found! [ 84.711702][ T336] usb 4-1: USB disconnect, device number 10 [ 84.894054][ T1910] usb 1-1: Using ep0 maxpacket: 16 [ 84.900521][ T1910] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 84.909449][ T1910] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 84.919797][ T1910] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 84.930189][ T1910] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 84.939411][ T1910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.947497][ T1910] usb 1-1: Product: syz [ 84.951673][ T1910] usb 1-1: Manufacturer: syz [ 84.956314][ T1910] usb 1-1: SerialNumber: syz [ 85.363682][ T1910] usb 1-1: 0:2 : does not exist [ 85.490126][ T3654] loop5: detected capacity change from 0 to 512 [ 85.538856][ T3654] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1152: bg 0: block 288: padding at end of block bitmap is not set [ 85.556140][ T3654] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 85.573046][ T3654] EXT4-fs error (device loop5): ext4_clear_blocks:883: inode #13: comm syz.5.1152: attempt to clear invalid blocks 1024 len 1 [ 85.590159][ T3654] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1152: invalid indirect mapped block 1819239214 (level 0) [ 85.606621][ T3654] EXT4-fs (loop5): 1 truncate cleaned up [ 85.612290][ T3654] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 85.766540][ T3670] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.773601][ T3670] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.781134][ T3670] device bridge_slave_0 entered promiscuous mode [ 85.789740][ T3670] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.796900][ T3670] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.804465][ T3670] device bridge_slave_1 entered promiscuous mode [ 85.822495][ T3675] loop3: detected capacity change from 0 to 512 [ 85.829533][ T3675] EXT4-fs: Ignoring removed nobh option [ 85.836121][ T3675] EXT4-fs (loop3): Test dummy encryption mode enabled [ 85.844895][ T3675] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 85.853352][ T3675] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1161: invalid indirect mapped block 2683928664 (level 1) [ 85.867897][ T3675] EXT4-fs (loop3): Remounting filesystem read-only [ 85.875167][ T3675] EXT4-fs (loop3): 1 truncate cleaned up [ 85.880936][ T3675] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 85.894860][ T3675] EXT4-fs (loop3): shut down requested (1) [ 85.904270][ T6] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 85.912549][ T1853] EXT4-fs (loop3): unmounting filesystem. [ 85.967413][ T3670] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.974513][ T3670] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.980829][ T1910] usb 1-1: USB disconnect, device number 13 [ 85.981797][ T3670] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.994725][ T3670] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.015057][ T1456] device bridge_slave_1 left promiscuous mode [ 86.021332][ T1456] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.029531][ T1456] device bridge_slave_0 left promiscuous mode [ 86.036204][ T1456] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.044704][ T1456] device veth1_macvtap left promiscuous mode [ 86.050797][ T1456] device veth0_vlan left promiscuous mode [ 86.096124][ T6] usb 6-1: Using ep0 maxpacket: 16 [ 86.106926][ T6] usb 6-1: config 1 has an invalid descriptor of length 119, skipping remainder of the config [ 86.117273][ T6] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 86.128511][ T6] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 86.137612][ T6] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.146378][ T6] usb 6-1: Product: syz [ 86.150558][ T6] usb 6-1: Manufacturer: syz [ 86.155197][ T6] usb 6-1: SerialNumber: syz [ 86.160581][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.168667][ T1391] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.176128][ T1391] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.195799][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 86.204566][ T1391] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.211609][ T1391] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.219802][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 86.228674][ T1391] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.235736][ T1391] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.243335][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 86.259096][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 86.270772][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 86.288069][ T3670] device veth0_vlan entered promiscuous mode [ 86.295406][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 86.305508][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 86.313136][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 86.325783][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 86.335868][ T3670] device veth1_macvtap entered promiscuous mode [ 86.346257][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 86.356653][ T1391] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 86.416106][ T3705] loop3: detected capacity change from 0 to 512 [ 86.425136][ T3705] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1170: iget: bad i_size value: 38620345925642 [ 86.438445][ T3705] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1170: couldn't read orphan inode 15 (err -117) [ 86.451632][ T3705] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 86.467439][ T3705] EXT4-fs error (device loop3): ext4_check_dx_root:2266: inode #2: comm syz.3.1170: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 86.484193][ T3513] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 86.484272][ T2227] Bluetooth: hci0: command 0x1003 tx timeout [ 86.497595][ T3619] Bluetooth: hci0: Opcode 0x080f failed: -22 [ 86.506201][ T1853] EXT4-fs (loop3): unmounting filesystem. [ 86.553388][ T3721] loop6: detected capacity change from 0 to 1024 [ 86.566828][ T3721] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 86.570271][ T6] usb 6-1: 0:2 : does not exist [ 86.582147][ T28] kauditd_printk_skb: 85 callbacks suppressed [ 86.582159][ T28] audit: type=1400 audit(2000000003.830:847): avc: denied { mounton } for pid=3720 comm="syz.6.1177" path="/3/file1/file0" dev="loop6" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 86.611371][ T28] audit: type=1400 audit(2000000003.830:848): avc: denied { read } for pid=3720 comm="syz.6.1177" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 86.636005][ T28] audit: type=1400 audit(2000000003.830:849): avc: denied { open } for pid=3720 comm="syz.6.1177" path="/3/file1/file0/.pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 86.661913][ T28] audit: type=1400 audit(2000000003.830:850): avc: denied { ioctl } for pid=3720 comm="syz.6.1177" path="/3/file1/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x671e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 86.688650][ T28] audit: type=1400 audit(2000000003.830:851): avc: denied { remove_name } for pid=3551 comm="syz-executor" name="lost+found" dev="loop6" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 86.712169][ T336] usb 8-1: new full-speed USB device number 2 using dummy_hcd [ 86.713200][ T28] audit: type=1400 audit(2000000003.830:852): avc: denied { rmdir } for pid=3551 comm="syz-executor" name="lost+found" dev="loop6" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 86.744079][ T28] audit: type=1400 audit(2000000003.830:853): avc: denied { unmount } for pid=3551 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 86.780551][ T28] audit: type=1400 audit(2000000003.850:854): avc: denied { rmdir } for pid=3551 comm="syz-executor" name=".index" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 86.810167][ T28] audit: type=1400 audit(2000000003.850:855): avc: denied { unlink } for pid=3551 comm="syz-executor" name="file0" dev="loop6" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 86.820786][ T3735] capability: warning: `syz.6.1182' uses 32-bit capabilities (legacy support in use) [ 86.832900][ T28] audit: type=1400 audit(2000000003.850:856): avc: denied { unlink } for pid=3551 comm="syz-executor" name="file1" dev="loop6" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 86.915100][ T336] usb 8-1: New USB device found, idVendor=0925, idProduct=8866, bcdDevice= 0.00 [ 86.924387][ T336] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.935977][ T336] usb 8-1: config 0 descriptor?? [ 86.951407][ T3746] loop6: detected capacity change from 0 to 512 [ 86.958291][ T3746] EXT4-fs: Ignoring removed nobh option [ 86.964783][ T3746] EXT4-fs (loop6): Test dummy encryption mode enabled [ 86.973716][ T6] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 86.974516][ T3746] EXT4-fs error (device loop6): __ext4_iget:5079: inode #11: block 1: comm syz.6.1187: invalid block [ 86.992380][ T3746] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.1187: couldn't read orphan inode 11 (err -117) [ 86.998805][ T6] usb 6-1: USB disconnect, device number 13 [ 87.053682][ T3749] loop6: detected capacity change from 0 to 8192 [ 87.174095][ T444] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 87.344920][ T336] smartjoyplus 0003:0925:8866.0024: hidraw0: USB HID v0.00 Device [HID 0925:8866] on usb-dummy_hcd.7-1/input0 [ 87.356975][ T336] smartjoyplus 0003:0925:8866.0024: Force feedback for SmartJoy PLUS PS2/USB adapter [ 87.365096][ T444] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.402514][ T444] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.413342][ T444] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 87.443193][ T444] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 87.455147][ T444] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.469168][ T444] usb 1-1: config 0 descriptor?? [ 87.473765][ T3774] loop3: detected capacity change from 0 to 1024 [ 87.517307][ T3780] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1202'. [ 87.550609][ T19] ================================================================== [ 87.558792][ T19] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480 [ 87.565835][ T19] Write of size 8 at addr ffff888113dd4a00 by task kworker/0:1/19 [ 87.573627][ T19] [ 87.575948][ T19] CPU: 0 PID: 19 Comm: kworker/0:1 Not tainted syzkaller #0 [ 87.583213][ T19] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 87.593430][ T19] Workqueue: usb_hub_wq hub_event [ 87.598466][ T19] Call Trace: [ 87.601735][ T19] [ 87.604673][ T19] __dump_stack+0x21/0x24 [ 87.609009][ T19] dump_stack_lvl+0xee/0x150 [ 87.613587][ T19] ? __cfi_dump_stack_lvl+0x8/0x8 [ 87.618604][ T19] ? enqueue_timer+0xae/0x480 [ 87.623266][ T19] print_address_description+0x71/0x1e0 [ 87.628801][ T19] print_report+0x4a/0x60 [ 87.633114][ T19] kasan_report+0x122/0x150 [ 87.637600][ T19] ? enqueue_timer+0xae/0x480 [ 87.642261][ T19] __asan_report_store8_noabort+0x17/0x20 [ 87.647968][ T19] enqueue_timer+0xae/0x480 [ 87.652461][ T19] __mod_timer+0x79f/0xb30 [ 87.656859][ T19] schedule_timeout+0x127/0x2e0 [ 87.661695][ T19] ? __cfi_schedule_timeout+0x10/0x10 [ 87.667056][ T19] ? __cfi_process_timeout+0x10/0x10 [ 87.672339][ T19] ? __cfi__raw_spin_lock+0x10/0x10 [ 87.677535][ T19] ? _raw_spin_lock+0x8e/0xe0 [ 87.682191][ T19] wait_for_common+0x354/0x620 [ 87.686940][ T19] ? usb_hcd_giveback_urb+0x351/0x410 [ 87.692300][ T19] ? wait_for_completion+0x20/0x20 [ 87.697400][ T19] ? usb_submit_urb+0x122d/0x1900 [ 87.702415][ T19] wait_for_completion_timeout+0xe/0x10 [ 87.707968][ T19] usb_start_wait_urb+0x166/0x2f0 [ 87.712980][ T19] ? usb_api_blocking_completion+0xb0/0xb0 [ 87.718778][ T19] ? usb_alloc_urb+0x44/0x140 [ 87.723461][ T19] ? __kasan_check_write+0x14/0x20 [ 87.728553][ T19] usb_control_msg+0x241/0x3f0 [ 87.733303][ T19] hub_ext_port_status+0x100/0x6b0 [ 87.738408][ T19] hub_event+0x72f/0x4350 [ 87.742817][ T19] ? sched_clock+0x9/0x10 [ 87.747134][ T19] ? __kasan_check_write+0x14/0x20 [ 87.752225][ T19] ? kthread_data+0x50/0xc0 [ 87.756713][ T19] ? _raw_spin_unlock+0x4c/0x70 [ 87.761638][ T19] ? __cfi_hub_event+0x10/0x10 [ 87.766388][ T19] ? __schedule+0xb8f/0x14e0 [ 87.770964][ T19] ? __cfi__raw_spin_lock_irq+0x10/0x10 [ 87.776494][ T19] process_one_work+0x71f/0xc40 [ 87.781330][ T19] worker_thread+0xa29/0x11f0 [ 87.785995][ T19] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 87.791440][ T19] kthread+0x281/0x320 [ 87.795498][ T19] ? __cfi_worker_thread+0x10/0x10 [ 87.800593][ T19] ? __cfi_kthread+0x10/0x10 [ 87.805164][ T19] ret_from_fork+0x1f/0x30 [ 87.809573][ T19] [ 87.812599][ T19] [ 87.814908][ T19] Allocated by task 3619: [ 87.819212][ T19] kasan_set_track+0x4b/0x70 [ 87.823787][ T19] kasan_save_alloc_info+0x25/0x30 [ 87.828886][ T19] __kasan_kmalloc+0x95/0xb0 [ 87.833467][ T19] __kmalloc+0xb1/0x1e0 [ 87.837607][ T19] hci_alloc_dev_priv+0x27/0x1bd0 [ 87.842614][ T19] hci_uart_tty_ioctl+0x3d6/0xa20 [ 87.847728][ T19] tty_ioctl+0x8ef/0xc60 [ 87.851974][ T19] __se_sys_ioctl+0x12f/0x1b0 [ 87.856716][ T19] __x64_sys_ioctl+0x7b/0x90 [ 87.861372][ T19] x64_sys_call+0x58b/0x9a0 [ 87.865861][ T19] do_syscall_64+0x4c/0xa0 [ 87.870257][ T19] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 87.876132][ T19] [ 87.878435][ T19] Freed by task 3619: [ 87.882393][ T19] kasan_set_track+0x4b/0x70 [ 87.886966][ T19] kasan_save_free_info+0x31/0x50 [ 87.892410][ T19] ____kasan_slab_free+0x132/0x180 [ 87.897507][ T19] __kasan_slab_free+0x11/0x20 [ 87.902351][ T19] slab_free_freelist_hook+0xc2/0x190 [ 87.907709][ T19] __kmem_cache_free+0xb7/0x1b0 [ 87.912553][ T19] kfree+0x6f/0xf0 [ 87.916257][ T19] hci_release_dev+0x12a3/0x13b0 [ 87.921178][ T19] bt_host_release+0x82/0x90 [ 87.925752][ T19] device_release+0xa4/0x1d0 [ 87.930328][ T19] kobject_put+0x19d/0x280 [ 87.934727][ T19] put_device+0x1f/0x30 [ 87.938883][ T19] hci_dev_cmd+0x265/0x720 [ 87.943374][ T19] hci_sock_ioctl+0x41e/0x7f0 [ 87.948033][ T19] sock_do_ioctl+0x101/0x310 [ 87.952613][ T19] sock_ioctl+0x4d8/0x6e0 [ 87.956926][ T19] __se_sys_ioctl+0x12f/0x1b0 [ 87.961586][ T19] __x64_sys_ioctl+0x7b/0x90 [ 87.966157][ T19] x64_sys_call+0x58b/0x9a0 [ 87.970676][ T19] do_syscall_64+0x4c/0xa0 [ 87.975078][ T19] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 87.980953][ T19] [ 87.983256][ T19] Last potentially related work creation: [ 87.988960][ T19] kasan_save_stack+0x3a/0x60 [ 87.993617][ T19] __kasan_record_aux_stack+0xb6/0xc0 [ 87.998975][ T19] kasan_record_aux_stack_noalloc+0xb/0x10 [ 88.004768][ T19] insert_work+0x51/0x300 [ 88.009087][ T19] __queue_work+0x9b1/0xd30 [ 88.013573][ T19] queue_work_on+0xd2/0x140 [ 88.018053][ T19] __hci_cmd_sync_sk+0xa3e/0xcf0 [ 88.022976][ T19] hci_cmd_sync_status+0x53/0x120 [ 88.027978][ T19] hci_dev_cmd+0x628/0x720 [ 88.032640][ T19] hci_sock_ioctl+0x41e/0x7f0 [ 88.037308][ T19] sock_do_ioctl+0x101/0x310 [ 88.041886][ T19] sock_ioctl+0x4d8/0x6e0 [ 88.046200][ T19] __se_sys_ioctl+0x12f/0x1b0 [ 88.050860][ T19] __x64_sys_ioctl+0x7b/0x90 [ 88.055431][ T19] x64_sys_call+0x58b/0x9a0 [ 88.059917][ T19] do_syscall_64+0x4c/0xa0 [ 88.064310][ T19] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 88.070186][ T19] [ 88.072491][ T19] Second to last potentially related work creation: [ 88.079052][ T19] kasan_save_stack+0x3a/0x60 [ 88.083710][ T19] __kasan_record_aux_stack+0xb6/0xc0 [ 88.089151][ T19] kasan_record_aux_stack_noalloc+0xb/0x10 [ 88.095210][ T19] insert_work+0x51/0x300 [ 88.099530][ T19] __queue_work+0x9b1/0xd30 [ 88.104021][ T19] queue_work_on+0xd2/0x140 [ 88.108506][ T19] hci_cmd_timeout+0x191/0x200 [ 88.113442][ T19] process_one_work+0x71f/0xc40 [ 88.118269][ T19] worker_thread+0xa29/0x11f0 [ 88.122922][ T19] kthread+0x281/0x320 [ 88.126969][ T19] ret_from_fork+0x1f/0x30 [ 88.131364][ T19] [ 88.133671][ T19] The buggy address belongs to the object at ffff888113dd4000 [ 88.133671][ T19] which belongs to the cache kmalloc-8k of size 8192 [ 88.147709][ T19] The buggy address is located 2560 bytes inside of [ 88.147709][ T19] 8192-byte region [ffff888113dd4000, ffff888113dd6000) [ 88.161148][ T19] [ 88.163463][ T19] The buggy address belongs to the physical page: [ 88.169861][ T19] page:ffffea00044f7400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x113dd0 [ 88.180081][ T19] head:ffffea00044f7400 order:3 compound_mapcount:0 compound_pincount:0 [ 88.188386][ T19] flags: 0x4000000000010200(slab|head|zone=1) [ 88.194474][ T19] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043500 [ 88.203038][ T19] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000 [ 88.211604][ T19] page dumped because: kasan: bad access detected [ 88.218007][ T19] page_owner tracks the page as allocated [ 88.223714][ T19] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 3614, tgid 3613 (syz.6.1113), ts 84343084716, free_ts 84328221693 [ 88.244370][ T19] post_alloc_hook+0x1f5/0x210 [ 88.249130][ T19] prep_new_page+0x1c/0x110 [ 88.253619][ T19] get_page_from_freelist+0x2c7b/0x2cf0 [ 88.259150][ T19] __alloc_pages+0x1c3/0x450 [ 88.263720][ T19] alloc_slab_page+0x6e/0xf0 [ 88.268382][ T19] new_slab+0x98/0x3d0 [ 88.272447][ T19] ___slab_alloc+0x6f6/0xb50 [ 88.277032][ T19] __slab_alloc+0x5e/0xa0 [ 88.281353][ T19] __kmem_cache_alloc_node+0x203/0x2c0 [ 88.286807][ T19] kmalloc_trace+0x29/0xb0 [ 88.291213][ T19] audit_log_d_path+0xc6/0x240 [ 88.295959][ T19] common_lsm_audit+0x327/0x16d0 [ 88.300880][ T19] slow_avc_audit+0x1ac/0x220 [ 88.305543][ T19] avc_has_perm+0x1e6/0x240 [ 88.310027][ T19] selinux_file_open+0x467/0x620 [ 88.314942][ T19] security_file_open+0x73/0xb0 [ 88.319776][ T19] page last free stack trace: [ 88.324856][ T19] free_unref_page_prepare+0x742/0x750 [ 88.330300][ T19] free_unref_page+0x8f/0x530 [ 88.334964][ T19] __free_pages+0x67/0x100 [ 88.339364][ T19] __free_slab+0xca/0x1a0 [ 88.343679][ T19] __unfreeze_partials+0x160/0x190 [ 88.348772][ T19] put_cpu_partial+0xa9/0x100 [ 88.353438][ T19] __slab_free+0x1c4/0x280 [ 88.357943][ T19] ___cache_free+0xbf/0xd0 [ 88.362336][ T19] qlist_free_all+0xc6/0x140 [ 88.366912][ T19] kasan_quarantine_reduce+0x14a/0x170 [ 88.372349][ T19] __kasan_slab_alloc+0x24/0x80 [ 88.377179][ T19] slab_post_alloc_hook+0x4f/0x2d0 [ 88.382278][ T19] kmem_cache_alloc+0x16e/0x330 [ 88.387107][ T19] getname_flags+0xb9/0x500 [ 88.391599][ T19] __x64_sys_mkdirat+0x7c/0xa0 [ 88.396349][ T19] x64_sys_call+0x73d/0x9a0 [ 88.400850][ T19] [ 88.403163][ T19] Memory state around the buggy address: [ 88.408781][ T19] ffff888113dd4900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.416824][ T19] ffff888113dd4980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.424864][ T19] >ffff888113dd4a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.432909][ T19] ^ [ 88.436957][ T19] ffff888113dd4a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.445002][ T19] ffff888113dd4b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 88.453035][ T19] ================================================================== [ 88.461069][ T19] Disabling lock debugging due to kernel taint [ 88.470556][ T3783] loop5: detected capacity change from 0 to 512 [ 88.478252][ T444] usbhid 1-1:0.0: can't add hid device: -71 [ 88.491365][ T444] usbhid: probe of 1-1:0.0 failed with error -71 [ 88.503629][ T444] usb 1-1: USB disconnect, device number 14 [ 88.510538][ T3783] ext4 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.531779][ T19] usb 8-1: USB disconnect, device number 2 [ 88.574048][ C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 88.585877][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 88.594273][ C0] CPU: 0 PID: 3742 Comm: syz.0.1186 Tainted: G B syzkaller #0 [ 88.603114][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 88.613153][ C0] RIP: 0010:__queue_work+0x575/0xd30 [ 88.618445][ C0] Code: 39 2b 0f 84 b9 00 00 00 e8 a8 dd 28 00 4c 89 ff e8 f0 90 ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 ec 45 6d 00 49 8b 7d 00 e8 d3 8c [ 88.624016][ T39] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 88.638038][ C0] RSP: 0000:ffffc9000114fbb0 EFLAGS: 00010046 [ 88.638061][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888114640000 [ 88.638073][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 88.638082][ C0] RBP: ffffc9000114fc48 R08: fffffffffffffffb R09: 0000000000000007 [ 88.638093][ C0] R10: ffffed10227ba939 R11: 1ffff110227ba939 R12: dffffc0000000000 [ 88.638104][ C0] R13: 0000000000000000 R14: ffff888113dd49c8 R15: 0000000000000008 [ 88.638116][ C0] FS: 0000555572a35500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 88.700557][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.707176][ C0] CR2: 0000001b2e819ff8 CR3: 0000000136177000 CR4: 00000000003506b0 [ 88.715147][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 88.723117][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 88.731279][ C0] Call Trace: [ 88.734543][ C0] [ 88.737456][ C0] delayed_work_timer_fn+0x61/0x80 [ 88.742547][ C0] ? __cfi_delayed_work_timer_fn+0x10/0x10 [ 88.748331][ C0] call_timer_fn+0x46/0x2a0 [ 88.752818][ C0] ? __cfi_delayed_work_timer_fn+0x10/0x10 [ 88.758603][ C0] __run_timers+0x667/0x9a0 [ 88.763092][ C0] ? calc_index+0x200/0x200 [ 88.767579][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 88.772874][ C0] run_timer_softirq+0x6a/0xf0 [ 88.777633][ C0] handle_softirqs+0x1d7/0x600 [ 88.782402][ C0] __irq_exit_rcu+0x52/0xf0 [ 88.787127][ C0] irq_exit_rcu+0x9/0x10 [ 88.791350][ C0] sysvec_apic_timer_interrupt+0x58/0xc0 [ 88.796986][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 88.803051][ C0] RIP: 0033:0x7f4d0a26f910 [ 88.807455][ C0] Code: 08 48 39 d1 72 ec 49 83 c4 08 48 89 0e 49 39 ec 75 c8 e9 c7 fc ff ff 48 39 e8 0f 84 e4 fc ff ff 48 8d 50 10 48 39 d5 74 1a 90 <48> 8b 0a 48 39 08 74 08 48 89 48 08 48 83 c0 08 48 83 c2 08 48 39 [ 88.825114][ T39] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.827128][ C0] RSP: 002b:00007ffe6364f840 EFLAGS: 00000283 [ 88.827150][ C0] RAX: 00007f4d08df90f8 RBX: 00007f4d0b115720 RCX: ffffffff8147d94f [ 88.838109][ T39] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 88.844050][ C0] RDX: 00007f4d08e1f250 RSI: ffffffff8135e313 RDI: 00007f4d08df9010 [ 88.844068][ C0] RBP: 00007f4d08f4d180 R08: 00007f4d08df9050 R09: 00007f4d0a5d2000 [ 88.844078][ C0] R10: 00007f4d08df9008 R11: 00000000000000ff R12: 00007f4d08f4d180 [ 88.844089][ C0] R13: 00007f4d0a5e5f40 R14: ffffffffffffffff R15: 00007f4d08df9008 [ 88.844103][ C0] ? wq_watchdog_touch+0x7f/0x190 [ 88.855059][ T39] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 88.862016][ C0] ? __virt_addr_valid+0x13/0x2e0 [ 88.862043][ C0] [ 88.870149][ T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 88.878043][ C0] Modules linked in: [ 88.878062][ C0] ---[ end trace 0000000000000000 ]--- [ 88.878071][ C0] RIP: 0010:__queue_work+0x575/0xd30 [ 88.886483][ T39] usb 4-1: Product: syz [ 88.893989][ C0] Code: 39 2b 0f 84 b9 00 00 00 e8 a8 dd 28 00 4c 89 ff e8 f0 90 ac 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 ec 45 6d 00 49 8b 7d 00 e8 d3 8c [ 88.894006][ C0] RSP: 0000:ffffc9000114fbb0 EFLAGS: 00010046 [ 88.899220][ T39] usb 4-1: Manufacturer: syz [ 88.908083][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888114640000 [ 88.908099][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 88.908110][ C0] RBP: ffffc9000114fc48 R08: fffffffffffffffb R09: 0000000000000007 [ 88.908121][ C0] R10: ffffed10227ba939 R11: 1ffff110227ba939 R12: dffffc0000000000 [ 88.913472][ T39] usb 4-1: SerialNumber: syz [ 88.916148][ C0] R13: 0000000000000000 R14: ffff888113dd49c8 R15: 0000000000000008 [ 88.916162][ C0] FS: 0000555572a35500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 88.916177][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.916189][ C0] CR2: 0000001b2e819ff8 CR3: 0000000136177000 CR4: 00000000003506b0 [ 88.926462][ T39] cdc_mbim 4-1:1.0: skipping garbage [ 88.928200][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 89.054623][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 89.062600][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 89.075890][ C0] Kernel Offset: disabled [ 89.080206][ C0] Rebooting in 86400 seconds..