last executing test programs: 4.532844542s ago: executing program 1 (id=2607): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r1, &(0x7f0000000000), 0x8) listen(r1, 0x0) bind$bt_sco(r0, &(0x7f0000000040), 0x8) listen(r0, 0x0) 4.505340885s ago: executing program 1 (id=2610): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000480, &(0x7f0000000380), 0x45, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4YQeZ31Jlso1KWHUmgg0J6bGFkxqWUrWHKIjWkTSqGXQlt6ay859+el9Nofh17a/6MkpK0TmtJDcRn9sJVYcuTElpLm84Gx3pt50nvfeaOZJ81YE8Bjazz9k4k4EhFvJRGj9flJRPRXU9mImVq52xvr+XRKYnPzhR+TaplbG+v5aHpO6lA98/eI+Or1iKOZnfWWV9cWZovFwnI9P1lZvDBZXl07dn5xdr4wX1g6MTU9ffzk/06e2L9Yf/5u7fD1t5/998czv772t0/e/DqJmThcX9Ycx34Zj/H6OulPV+Edntnvynrms1c6KNS0BWQPsjHsUdoxffVeORKj0bdb/wx3s2UAwEF5NSI22+lruwQAeKQlteP/U71uBwDQLY3vAW5trOcbU2+/keiuG09HxFAt/sb5zdqSbP2c3VD1POjIreSOMyNJRIztQ/3jEfH+5y99mE5xQOchAVq5fCUizo6N79z/JzuuWdir/3RQZvyuvP0fdM8X6fjn/63Gf5mt8U+0GP8Mtnjv3o97v/8z1/ahmrbS8d+TTde23W6Kv26sr577U3XM15+cO18spPu2P0fERPQPpvmpXeqYuPnbzXbLmsd/P73z8gdp/enjdonMtezgnc+Zm63MPkjMzW5cifhHtlX8yVb/J23Gv6c7rOO5J954r92yNP403sa0M/6DtXk14l8t+z/ZKpPsen3iZHVzmGxsFC18OhMj7eofz273fzql9Tc+C3RD2v8ju8c/ljRfr1nu+KW3rhb79urol+0KNW//reNvvf0PJC9W0wP1eZdmK5XlqYiB5Pmd849vP7eRb5RP45/4Z+v3/27bf/qZ8GyHKyJ7/YeP7j/+g5XGP7en/t9zIoZuL/S1q7+z/p+upibqczrZ/3XawAdZdwAAAAAAAAAAAAAAAAAAAAAAAADQqUxEHI4kk9tKZzK5XO0e3n+NkUyxVK4cPVdaWZqL6r2yx6I/0/ipy9Gm30Odqv8efiN//K78fyPiLxHx7uBwNZ/Ll4pzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOoOtbn/f+r7wV63DgA4MEN9vW4BANBlSTbb6yYAAN02tKfSwwfWDgCge/Z2/AcA/ggc/wHg8XOP479/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBBnT51Kp02f9lYz6f5uYurKwuli8fmCuWF3OJKPpcvLV/IzZdK88VCLl9abPtCl2sPxVLpwnQsrVyarBTKlcny6tqZxdLKUuXM+cXZ+cKZQn/XIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzpVX1xZmi8XCskRPEgvf1PrhYWmPxN4ScbnWfw9Le/YvEQPbe4nh3uycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4BvwcAAP//JJMi3A==") r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r2, 0x0, 0x58) 2.884476977s ago: executing program 4 (id=2616): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==") mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) fallocate(r0, 0x0, 0x0, 0x20000) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x18) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000180)=@v1={0x0, @adiantum, 0x0, @desc1}) 2.882293587s ago: executing program 1 (id=2625): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000000100)=ANY=[], 0x6) 2.798960544s ago: executing program 4 (id=2618): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_clone(0x40004000, 0x0, 0x0, 0x0, 0x0, 0x0) 2.788117265s ago: executing program 1 (id=2619): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000b8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001900)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800785, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) 2.669278155s ago: executing program 0 (id=2621): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) r1 = getuid() r2 = getgid() syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f00000020c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}}, 0x0, 0x0, &(0x7f0000002140)) syz_fuse_handle_req(r0, &(0x7f0000002180), 0x2000, &(0x7f0000004180)={&(0x7f0000004200)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000004280), 0x2000, &(0x7f0000006280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.641283988s ago: executing program 3 (id=2622): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000fc18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socket$packet(0x11, 0x0, 0x300) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000640)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@resgid}, {@nodiscard}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5e8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT1+zuTOluZ/u7Hex8PsnSmXk7fd9h+9038/a92QBKa7D2TyVif0RMJxH9yfxCWWekhYON5z34+5OztUcS1eobfyaRpNuy5yfpz750556I+PmnJPZ1LK13Zu7axfGpqcmr6frw7KXp4Zm5a4cvXBo/P3l+8vLoS6Mnjh87fmLkyLqO63rOttM33/+w/7Oxt7/75p9k5PvfxpI4Ga+mT1x8HJtlMAbr/yfJ0qK+E5tdWUE60r+TxS9x0llgQKxJ9vp1RcRT0R8d8fDF649PXys0OGBLVZOIKlBSifyHksrOA7Jr+9br4EohZyXAdrh/qtEBsDT/Oxt9g9FT7xvY/SCJxd06SUSsr2eu2Z6IuHtn7Oa5O2M3Y4v64YB88zci4um8/E/q+T8QPTFQz/9KU/7XzgvOpD9r219fZ/2tXcXyH7ZPI/97ls3/aJP/7yzK/3dzfnffKj4HGny4+F5vU/73bui4AAAAAAAAoIxun4qIF/M+/68sjP+JnPE/fRFxchPqH2xZX/r5f+XeJlQD5Lh/KuKV3PG/lWz070BHuvRYfTxAV3LuwtTkkYh4PCIORdeu2vrIMnUc/nzf1+3KBtPxf9mjVv/ddCxgGse9zl3N+0yMz45v9LiBiPs3Ip7JHf+bLLT/SU77X3s/mF5lHfuev3WmXdnK+Q9sleq3EQdz2/+Hd61Ilr8/x3D9fGA4OytY6tmPv/ihXf3rzX+3mICNq7X/u5fP/4Fk8f16ZtZex9G5zmq7svWe/3cnb9ZvOdOdbvtofHb26khEd3K6o7a1afvo2mOGnSjLhyxfavl/6Lnl+//yzv97I2K+5XcnfzXPKc48+W/f7+3icf4Pxanl/8Sa2v+1L4zeGvixXf2ra/+P1dv6Q+kW/X/Q8FWWpt3N23PSsTOvaLvjBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdoBIReyKpDC0sVypDQxF9EfFE7K5MXZmZfeHclQ8uT0Tvnsb3/1eyb/rtb6wn2ff/DyxaH21ZPxoReyPiy47e+vrQ2StTE0UfPAAAAAAAAAAAAAAAAAAAADwi+trM/6/5o6Po6IAt11l0AEBhcvL/lyLiALaf9h/KS/5DebXNfx2AsONp/6G85D+Ul/yH8pL/UF7yHwAAAAAAdpS9B27/mkTE/Mu99UdNd1rWVWhkwFarFB0AUBgzfKC8DP2B8nKNDyQrlPe03WmlPZczfXYDOwMAAAAAAAAAAABA6Rzcb/4/lJX5/1Be5v9DeWXz/w8UHAew/VzjA7HCTP7c+f+te13f3HgAAAAAAAAAAAAAgGYzc9cujk9NTV7duQsRq3vyW8WHut0L1Wq1Pmb7UYnnf76QDYV/VOJpWcjm+q1ur+LekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGb/BQAA//8T/yR6") quotactl$Q_QUOTAOFF(0xffffffff80000301, &(0x7f0000004240)=@loop={'/dev/loop', 0x0}, 0xee01, 0x0) 2.565649215s ago: executing program 0 (id=2623): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, r3, 0x3, 0x11, r2, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.382064381s ago: executing program 0 (id=2638): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) 2.302712588s ago: executing program 4 (id=2628): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014001100b7030000000000698500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.302208528s ago: executing program 3 (id=2640): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000b60000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000001d40), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_PORTS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x1c, r3, 0x1}, 0x1c}}, 0x0) 2.254777212s ago: executing program 3 (id=2630): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d90000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4841) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2d5a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000580)={0x2c, &(0x7f0000000340)={0x0, 0x0, 0x5, {0x5, 0x0, "0f6364"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 2.254327962s ago: executing program 0 (id=2643): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) 2.227431354s ago: executing program 1 (id=2632): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1e7d, 0x2ced, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000180), &(0x7f0000000200)=r2}, 0x20) syz_usb_control_io$hid(r0, &(0x7f0000000780)={0x24, 0x0, 0x0, &(0x7f0000000700)={0x0, 0x22, 0x5, {[@main=@item_012={0x1, 0x0, 0xc, "9f"}, @global=@item_012={0x2, 0x1, 0x0, "16c2"}]}}, 0x0}, 0x0) 2.171670239s ago: executing program 0 (id=2633): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x6666, 0x8801, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x22, 0xb, {[@main=@item_4={0x3, 0x0, 0x0, "881c7c75"}, @local=@item_4={0x3, 0x2, 0x2, "c0750696"}, @local]}}, 0x0}, 0x0) 563.68411ms ago: executing program 2 (id=2637): r0 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) syz_emit_ethernet(0x32, &(0x7f00000002c0)={@local, @empty, @val={@void}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) 563.32231ms ago: executing program 2 (id=2639): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="021380ee02"], 0x10}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmmsg(r2, &(0x7f0000000180), 0x32bc45944b084a6, 0x0) 561.60037ms ago: executing program 2 (id=2641): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x3, &(0x7f0000000c00)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$pppl2tp(0x18, 0x1, 0x1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c) connect$pppl2tp(r1, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) writev(r1, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1) 507.738715ms ago: executing program 2 (id=2642): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_clone(0x40004000, 0x0, 0x0, 0x0, 0x0, 0x0) 314.833922ms ago: executing program 4 (id=2644): r0 = creat(&(0x7f0000000200)='./file0\x00', 0x0) close(r0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0xfdef, 0x0, 0x0, 0xfffffffffffffdfd) read$FUSE(r0, &(0x7f0000000440)={0x2020}, 0x2020) 241.216828ms ago: executing program 2 (id=2645): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"]) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, &(0x7f0000000000)="ba610066eddeef642e67f20f2b4453a026670f707200970f01caf3d7f3a7b8b1008ee064d2e10f2084", 0x29}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 168.275214ms ago: executing program 2 (id=2646): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000b8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001900)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800785, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") r1 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) 168.160334ms ago: executing program 3 (id=2647): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) 168.067724ms ago: executing program 4 (id=2648): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x6, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='ext4_remove_blocks\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0xa08000, &(0x7f0000000240), 0xfe, 0x56b, &(0x7f00000003c0)="$eJzs3U1vG0UfAPD/Om99e56mUlUBBxSpB4pKnSbhpUgcyhFBRSW4FyvZRlWcuoqdqgmVaA/00guqQAhRCfEBuHOs+AJ8ikpQqUJVBAcuQeusWze2Ezd144B/P2mTmd1xZsa7M/6v184GMLAmsh+FiJcj4qsk4nDTtuHIN05slFt7dH02W5JYX//kjySSfF2jfJL/PphnXoqIX76MOFlorbe6srpQKpfTpTw/WVu8MlldWT11abE0n86nl6dnZs68NTP97jtv96yvr5//67uP731w5vbxtW9/enDkThJn41C+rbkfz+FGc2YiJvLnZCTObio41YPK9pKk3w1gR4bycT4S2RxwOIbyUQ/8930REevAgEqMfxhQjTigcW7fo/Pgf42H72+cALX2f3jjvZHYVz83OrCWPHVmlJ3vjveg/qyOn3+/eydbonfvQwBs68bNiDg9PNw6/yX5/Ldzp7sos7kO8x/snntZ/PNGu/in8Dj+iTbxz8E2Y3cnth//hQdtHpb06l3qLP57r238+/ii1fhQnvtfPeYbSS5eKqfZ3Pb/iDgRI2NZfqvrOWfW7q932tYc/2VLVn8jFszb8WB47OnHzJVqpefpc7OHNyNeaY1/h57M//vqse7m/Z89H+e7rONYevfVTtu27/+Ltf5jxGtt9/+TK1rJ1tcnJ+vHw2TjqGj1561jv3aqv9/9z/b/ga37P540X6+tPnsdP+z7O+20bafH/2jyaT09mq+7VqrVlqYiRpOPWtdPP3lsI98on/X/xPGt5792x//+iPisy/7fOnqrY9G9sP/nnmn/P3vi/oeff9+p/u72/5v11Il8TTfzX7cNfJ7nDgAAAAAAAPaaQkQciqRQfJwuFIrFjc93HI0DhXKlWjt5sbJ8eS7q35Udj5FC40r34abPQ0zln4dt5Kc35Wci4khEfD20v54vzlbKc/3uPAAAAAAAAAAAAAAAAAAAAOwRYx2+/5/5bejpsvl/BB/d/VYCL4xbfsPg2nb89+JOT8Ce5PUfBtcOxv83L6IdwO7z+g8DaqTfDQD6yes/DC7jHwaX8Q+Dy/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp/7ly2rK89uj6b5eeuriwvVK6emkurC8XF5dnibGXpSnG+Upkvp8XZyuJ2f69cqVyZmo7la5O1tFqbrK6sXlisLF+uXbi0WJpPL6TuNgQAAAAAAAAAAAAAAAAAAACtqiurC6VyOV2SkNhRYrjLwmPR96YOTOJ2D0Z3nycmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjyTwAAAP//4fE1qw==") chdir(&(0x7f0000000080)='./file0\x00') lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000280)=ANY=[], 0xe01, 0x0) rename(&(0x7f0000000300)='./file0\x00', &(0x7f00000000c0)='./file1\x00') 166.813505ms ago: executing program 1 (id=2656): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d90000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4841) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2d5a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000580)={0x2c, &(0x7f0000000340)={0x0, 0x0, 0x5, {0x5, 0x0, "0f6364"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 151.921686ms ago: executing program 0 (id=2649): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10) timer_create(0x2, 0x0, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) unshare(0x64000600) 103.68791ms ago: executing program 3 (id=2650): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000020000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802) write$evdev(r1, &(0x7f0000000000), 0x100000008) ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x40044591, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 95.080091ms ago: executing program 4 (id=2651): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) pause() 0s ago: executing program 3 (id=2652): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='kmem_cache_free\x00', r1}, 0x10) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r2 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r2, 0x0, 0x400000000000000, 0x7) kernel console output (not intermixed with test programs): 192.726503][ T5743] bridge0: port 1(bridge_slave_0) entered blocking state [ 192.729989][ T5748] loop1: detected capacity change from 0 to 40427 [ 192.733372][ T5743] bridge0: port 1(bridge_slave_0) entered forwarding state [ 192.769612][ T5748] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 192.785997][ T5748] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 192.837371][ T5748] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 192.841251][ T5761] loop3: detected capacity change from 0 to 256 [ 192.864697][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 192.885351][ T864] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.895054][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 192.908367][ T5748] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 192.908681][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 192.915212][ T5748] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 192.930103][ T5761] FAT-fs (loop3): bogus number of FAT sectors [ 192.935982][ T5761] FAT-fs (loop3): Can't find a valid FAT filesystem [ 192.983754][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 193.003313][ T319] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.010189][ T319] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.041696][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 193.068402][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 193.089343][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 193.113157][ T5743] device veth0_vlan entered promiscuous mode [ 193.136270][ T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 193.144870][ T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 193.172482][ T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 193.183752][ T5774] loop3: detected capacity change from 0 to 2048 [ 193.207213][ T5743] device veth1_macvtap entered promiscuous mode [ 193.224818][ T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 193.238623][ T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 193.265303][ T5774] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 193.283037][ T590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 193.309745][ T5783] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 193.358063][ T6] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 193.608144][ T6] usb 3-1: Using ep0 maxpacket: 16 [ 193.888116][ T6] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 193.897061][ T743] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 193.911195][ T6] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 193.928126][ T6] usb 3-1: Product: syz [ 193.938072][ T6] usb 3-1: Manufacturer: syz [ 193.942564][ T6] usb 3-1: SerialNumber: syz [ 193.951783][ T6] usb 3-1: config 0 descriptor?? [ 193.988682][ T6] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 194.000769][ T6] usb 3-1: Detected FT232H [ 194.099054][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.105966][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.113322][ T5819] device bridge_slave_0 entered promiscuous mode [ 194.120367][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.127256][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.134614][ T5819] device bridge_slave_1 entered promiscuous mode [ 194.208159][ T6] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 194.268239][ T743] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 194.283243][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.290201][ T5819] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.297319][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.304097][ T5819] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.318069][ T743] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 194.338080][ T743] usb 2-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 194.358050][ T743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.371802][ T743] usb 2-1: config 0 descriptor?? [ 194.381192][ T319] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.390067][ T319] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.452901][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 194.461112][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 194.489044][ T863] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 194.497267][ T863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 194.518351][ T863] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.525205][ T863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.548667][ T863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 194.557167][ T863] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 194.585645][ T863] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.592524][ T863] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.600077][ T4557] handle_bad_sector: 230816 callbacks suppressed [ 194.600095][ T4557] attempt to access beyond end of device [ 194.600095][ T4557] loop4: rw=0, want=58176, limit=40427 [ 194.609081][ T3957] attempt to access beyond end of device [ 194.609081][ T3957] loop0: rw=524288, want=57848, limit=40427 [ 194.629982][ T4557] attempt to access beyond end of device [ 194.629982][ T4557] loop4: rw=0, want=58184, limit=40427 [ 194.641316][ T4557] attempt to access beyond end of device [ 194.641316][ T4557] loop4: rw=0, want=58192, limit=40427 [ 194.652490][ T4557] attempt to access beyond end of device [ 194.652490][ T4557] loop4: rw=0, want=58200, limit=40427 [ 194.653601][ T3957] attempt to access beyond end of device [ 194.653601][ T3957] loop0: rw=524288, want=57856, limit=40427 [ 194.663816][ T4557] attempt to access beyond end of device [ 194.663816][ T4557] loop4: rw=0, want=58208, limit=40427 [ 194.685839][ T3957] attempt to access beyond end of device [ 194.685839][ T3957] loop0: rw=524288, want=57864, limit=40427 [ 194.686432][ T4557] attempt to access beyond end of device [ 194.686432][ T4557] loop4: rw=0, want=58216, limit=40427 [ 194.707945][ T3957] attempt to access beyond end of device [ 194.707945][ T3957] loop0: rw=524288, want=57872, limit=40427 [ 194.721387][ T6] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71 [ 194.728369][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 194.736575][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 194.745013][ T6] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 194.753633][ T6] usb 3-1: USB disconnect, device number 39 [ 194.759937][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 194.767901][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 194.788786][ T6] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 194.808069][ T319] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 194.815597][ T6] ftdi_sio 3-1:0.0: device disconnected [ 194.821702][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 194.838623][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 194.853697][ T5819] device veth0_vlan entered promiscuous mode [ 194.859943][ T743] hid (null): global environment stack underflow [ 194.867150][ T743] uclogic 0003:5543:0522.004E: global environment stack underflow [ 194.878901][ T743] uclogic 0003:5543:0522.004E: item 0 1 1 11 parsing failed [ 194.888780][ T743] uclogic 0003:5543:0522.004E: parse failed [ 194.894518][ T743] uclogic: probe of 0003:5543:0522.004E failed with error -22 [ 194.901934][ T30] kauditd_printk_skb: 35 callbacks suppressed [ 194.901950][ T30] audit: type=1400 audit(1725984794.668:1911): avc: denied { block_suspend } for pid=5833 comm="syz.0.2269" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 194.936276][ T5819] device veth1_macvtap entered promiscuous mode [ 194.949430][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 194.957207][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 194.979033][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 194.987076][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 194.995391][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 195.015482][ T4868] device bridge_slave_1 left promiscuous mode [ 195.022753][ T4868] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.038737][ T4868] device bridge_slave_0 left promiscuous mode [ 195.048142][ T319] usb 4-1: Using ep0 maxpacket: 16 [ 195.053225][ T4868] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.069161][ T4868] device veth1_macvtap left promiscuous mode [ 195.078116][ T4868] device veth0_vlan left promiscuous mode [ 195.079993][ T6] usb 2-1: USB disconnect, device number 42 [ 195.168142][ T319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 195.188657][ T319] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 195.208116][ T319] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 195.216970][ T319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.241250][ T319] usb 4-1: config 0 descriptor?? [ 195.258185][ T309] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 195.282136][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 195.307893][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 195.315559][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 195.335696][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 195.344096][ T30] audit: type=1400 audit(1725984795.118:1912): avc: denied { create } for pid=5840 comm="syz.2.2272" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 195.391551][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 195.409857][ T864] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 195.498125][ T309] usb 1-1: Using ep0 maxpacket: 32 [ 195.618136][ T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 195.629702][ T26] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 195.648095][ T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 195.677447][ T309] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00 [ 195.688204][ T309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 195.707029][ T309] usb 1-1: config 0 descriptor?? [ 195.739278][ T319] hid-steam 0003:28DE:1142.004F: unknown main item tag 0x0 [ 195.747630][ T30] audit: type=1326 audit(1725984795.518:1913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5854 comm="syz.1.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa696335ef9 code=0x7ffc0000 [ 195.771427][ T319] hid-steam 0003:28DE:1142.004F: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0 [ 195.808127][ T30] audit: type=1326 audit(1725984795.548:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5854 comm="syz.1.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa696335ef9 code=0x7ffc0000 [ 195.858096][ T30] audit: type=1326 audit(1725984795.548:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5854 comm="syz.1.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fa696335ef9 code=0x7ffc0000 [ 195.918176][ T5858] loop1: detected capacity change from 0 to 1024 [ 195.922945][ T30] audit: type=1326 audit(1725984795.578:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5854 comm="syz.1.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa696335ef9 code=0x7ffc0000 [ 195.949380][ T319] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 195.956952][ T864] usb 4-1: USB disconnect, device number 32 [ 195.978707][ T5858] EXT4-fs (loop1): Ignoring removed nobh option [ 195.982946][ T30] audit: type=1326 audit(1725984795.578:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5856 comm="syz.1.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa696367fe5 code=0x7ffc0000 [ 196.038479][ T5858] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,noauto_da_alloc,jqfmt=vfsold,data_err=ignore,noquota,acl,init_itable=0x00000000000085c5,nojournal_checksum,jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 196.059877][ T30] audit: type=1326 audit(1725984795.608:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5854 comm="syz.1.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa696335ef9 code=0x7ffc0000 [ 196.088095][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.108090][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.127868][ T26] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 196.150904][ T30] audit: type=1326 audit(1725984795.628:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5854 comm="syz.1.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa696335ef9 code=0x7ffc0000 [ 196.184503][ T26] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 196.199061][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.217294][ T26] usb 3-1: config 0 descriptor?? [ 196.223297][ T309] lua 0003:1E7D:2C2E.0050: global environment stack underflow [ 196.234740][ T30] audit: type=1326 audit(1725984795.628:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5854 comm="syz.1.2277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa696335ef9 code=0x7ffc0000 [ 196.259151][ T309] lua 0003:1E7D:2C2E.0050: item 0 0 1 11 parsing failed [ 196.278280][ T309] lua 0003:1E7D:2C2E.0050: parse failed [ 196.288364][ T309] lua: probe of 0003:1E7D:2C2E.0050 failed with error -22 [ 196.328113][ T319] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.344221][ T319] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.363573][ T319] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 196.381050][ T319] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.398199][ T319] usb 5-1: config 0 descriptor?? [ 196.425547][ T590] usb 1-1: USB disconnect, device number 22 [ 196.728108][ T6] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 196.739104][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 196.756698][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 196.775655][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 196.788291][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 196.798866][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 196.968978][ T319] isku 0003:1E7D:319C.0052: unknown main item tag 0x0 [ 196.982892][ T6] usb 4-1: Using ep0 maxpacket: 32 [ 197.007306][ T319] isku 0003:1E7D:319C.0052: unbalanced collection at end of report description [ 197.035227][ T319] isku 0003:1E7D:319C.0052: parse failed [ 197.050489][ T319] isku: probe of 0003:1E7D:319C.0052 failed with error -22 [ 197.062823][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.073586][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.080868][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.088001][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.098152][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.108280][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.109731][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.116048][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.148095][ T6] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 197.163526][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.170853][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.177145][ T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.188272][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.196321][ T6] usb 4-1: config 0 descriptor?? [ 197.201540][ T26] plantronics 0003:047F:FFFF.0051: unknown main item tag 0x0 [ 197.210017][ T319] usb 5-1: USB disconnect, device number 36 [ 197.218231][ T26] plantronics 0003:047F:FFFF.0051: No inputs registered, leaving [ 197.236140][ T26] plantronics 0003:047F:FFFF.0051: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 197.249958][ T6] hub 4-1:0.0: USB hub found [ 197.259830][ T26] usb 3-1: USB disconnect, device number 40 [ 197.468125][ T6] hub 4-1:0.0: 1 port detected [ 197.560084][ T5893] syz.0.2291[5893] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 197.560165][ T5893] syz.0.2291[5893] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 197.571523][ T590] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 197.951578][ T6] usb 4-1: USB disconnect, device number 33 [ 197.968535][ T590] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 197.988068][ T590] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.997619][ T590] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 198.006511][ T309] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 198.028078][ T590] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.058926][ T590] usb 2-1: config 0 descriptor?? [ 198.298058][ T864] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 198.378336][ T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 198.396918][ T309] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 198.416747][ T309] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 198.436912][ T309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.447744][ T309] usb 1-1: config 0 descriptor?? [ 198.539020][ T590] isku 0003:1E7D:319C.0053: item fetching failed at offset 5/7 [ 198.546691][ T590] isku 0003:1E7D:319C.0053: parse failed [ 198.552640][ T590] isku: probe of 0003:1E7D:319C.0053 failed with error -22 [ 198.570977][ T5926] loop3: detected capacity change from 0 to 128 [ 198.668126][ T864] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 198.682484][ T864] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 198.742284][ T319] usb 2-1: USB disconnect, device number 43 [ 198.781620][ T864] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 198.797135][ T864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 198.813798][ T864] usb 5-1: SerialNumber: syz [ 198.908399][ T309] hid (null): bogus close delimiter [ 198.968058][ T6] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 199.080386][ T864] usb 5-1: 0:2 : does not exist [ 199.168148][ T309] usb 1-1: language id specifier not provided by device, defaulting to English [ 199.218076][ T6] usb 4-1: Using ep0 maxpacket: 16 [ 199.338174][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 199.358050][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 199.377764][ T6] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 199.400713][ T6] usb 4-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00 [ 199.418202][ T309] uclogic 0003:256C:006D.0054: failed retrieving Huion firmware version: -71 [ 199.420847][ T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.436558][ T309] uclogic 0003:256C:006D.0054: failed probing parameters: -71 [ 199.454036][ T309] uclogic: probe of 0003:256C:006D.0054 failed with error -71 [ 199.457357][ T6] usb 4-1: config 0 descriptor?? [ 199.462978][ T309] usb 1-1: USB disconnect, device number 23 [ 199.500917][ T864] usb 5-1: USB disconnect, device number 37 [ 199.608034][ T3957] handle_bad_sector: 229420 callbacks suppressed [ 199.608057][ T3957] attempt to access beyond end of device [ 199.608057][ T3957] loop0: rw=524288, want=58952, limit=40427 [ 199.608086][ T4557] attempt to access beyond end of device [ 199.608086][ T4557] loop4: rw=0, want=58360, limit=40427 [ 199.614274][ T3957] attempt to access beyond end of device [ 199.614274][ T3957] loop0: rw=524288, want=58960, limit=40427 [ 199.627078][ T319] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 199.636750][ T3957] attempt to access beyond end of device [ 199.636750][ T3957] loop0: rw=524288, want=58968, limit=40427 [ 199.647554][ T4557] attempt to access beyond end of device [ 199.647554][ T4557] loop4: rw=0, want=58368, limit=40427 [ 199.655137][ T3957] attempt to access beyond end of device [ 199.655137][ T3957] loop0: rw=524288, want=58976, limit=40427 [ 199.666146][ T4557] attempt to access beyond end of device [ 199.666146][ T4557] loop4: rw=0, want=58376, limit=40427 [ 199.678401][ T3957] attempt to access beyond end of device [ 199.678401][ T3957] loop0: rw=524288, want=58984, limit=40427 [ 199.688654][ T4557] attempt to access beyond end of device [ 199.688654][ T4557] loop4: rw=0, want=58384, limit=40427 [ 199.706070][ T3957] attempt to access beyond end of device [ 199.706070][ T3957] loop0: rw=524288, want=58992, limit=40427 [ 199.848119][ T6] usbhid 4-1:0.0: can't add hid device: -71 [ 199.853931][ T6] usbhid: probe of 4-1:0.0 failed with error -71 [ 199.873635][ T6] usb 4-1: USB disconnect, device number 34 [ 199.908168][ T319] usb 2-1: Using ep0 maxpacket: 16 [ 200.028137][ T319] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 200.036668][ T319] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 200.063331][ T319] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 200.178098][ T309] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 200.198089][ T26] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 200.228322][ T319] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 200.241836][ T319] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.257337][ T319] usb 2-1: Product: syz [ 200.264762][ T319] usb 2-1: Manufacturer: syz [ 200.271626][ T319] usb 2-1: SerialNumber: syz [ 200.448117][ T26] usb 1-1: Using ep0 maxpacket: 16 [ 200.548198][ T309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 200.568116][ T26] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 200.578193][ T309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 200.587664][ T309] usb 3-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 200.616807][ T309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.625758][ T309] usb 3-1: config 0 descriptor?? [ 200.749754][ T26] usb 1-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 200.768067][ T39] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 200.775521][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.795706][ T26] usb 1-1: Product: syz [ 200.799792][ T26] usb 1-1: Manufacturer: syz [ 200.804117][ T26] usb 1-1: SerialNumber: syz [ 200.818216][ T319] usb 2-1: 0:2 : does not exist [ 200.819687][ T26] usb 1-1: config 0 descriptor?? [ 200.826011][ T319] usb 2-1: USB disconnect, device number 44 [ 201.118410][ T309] hid (null): global environment stack underflow [ 201.135795][ T309] uclogic 0003:5543:0522.0055: global environment stack underflow [ 201.143570][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11 [ 201.154490][ T309] uclogic 0003:5543:0522.0055: item 0 1 1 11 parsing failed [ 201.174678][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024 [ 201.185789][ T309] uclogic 0003:5543:0522.0055: parse failed [ 201.191549][ T309] uclogic: probe of 0003:5543:0522.0055 failed with error -22 [ 201.268155][ T6] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 201.298198][ T26] usb 1-1: Found UVC 0.00 device syz (045e:0721) [ 201.314566][ T26] usb 1-1: No valid video chain found. [ 201.326287][ T26] usb 3-1: USB disconnect, device number 41 [ 201.339530][ T5960] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2319'. [ 201.358288][ T39] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 201.372754][ T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.389646][ T39] usb 4-1: Product: syz [ 201.403825][ T39] usb 4-1: Manufacturer: syz [ 201.408274][ T39] usb 4-1: SerialNumber: syz [ 201.423607][ T39] usb 4-1: config 0 descriptor?? [ 201.448156][ T5953] raw-gadget.3 gadget: fail, usb_ep_enable returned -22 [ 201.513392][ T590] usb 1-1: USB disconnect, device number 24 [ 201.638128][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.654264][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.676918][ T6] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 201.690152][ T39] usb 4-1: USB disconnect, device number 35 [ 201.694456][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.714709][ T6] usb 5-1: config 0 descriptor?? [ 201.879983][ T30] kauditd_printk_skb: 29 callbacks suppressed [ 201.879997][ T30] audit: type=1400 audit(1725984801.658:1950): avc: denied { read } for pid=5968 comm="syz.2.2323" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 201.938095][ T30] audit: type=1400 audit(1725984801.658:1951): avc: denied { open } for pid=5968 comm="syz.2.2323" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 201.982936][ T30] audit: type=1400 audit(1725984801.688:1952): avc: denied { ioctl } for pid=5968 comm="syz.2.2323" path="/dev/loop-control" dev="devtmpfs" ino=111 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 202.188738][ T6] keytouch 0003:0926:3333.0056: fixing up Keytouch IEC report descriptor [ 202.210141][ T6] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0056/input/input51 [ 202.227508][ T5982] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 202.248273][ T5982] pim6reg0: linktype set to 804 [ 202.278633][ T319] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 202.290144][ T5988] loop1: detected capacity change from 0 to 512 [ 202.310764][ T6] keytouch 0003:0926:3333.0056: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0 [ 202.333215][ T5988] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.2332: Invalid inode bitmap blk 4 in block_group 0 [ 202.366200][ T5988] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none. [ 202.409246][ T6] usb 5-1: USB disconnect, device number 38 [ 202.428992][ T30] audit: type=1400 audit(1725984802.208:1953): avc: denied { remove_name } for pid=5987 comm="syz.1.2332" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 202.451889][ T5988] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.2332: Invalid inode bitmap blk 4 in block_group 0 [ 202.478387][ T5988] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 202.488438][ T30] audit: type=1400 audit(1725984802.228:1954): avc: denied { rename } for pid=5987 comm="syz.1.2332" name="file0" dev="loop1" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 202.541204][ T30] audit: type=1400 audit(1725984802.228:1955): avc: denied { unlink } for pid=5987 comm="syz.1.2332" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 202.578092][ T39] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 202.585653][ T590] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 202.648135][ T319] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 202.665311][ T319] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 202.685073][ T319] usb 3-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00 [ 202.705244][ T319] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.718734][ T319] usb 3-1: config 0 descriptor?? [ 202.848074][ T590] usb 4-1: Using ep0 maxpacket: 16 [ 202.868341][ T308] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 202.968221][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 202.986137][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 203.006172][ T39] usb 1-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 203.015260][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.024081][ T39] usb 1-1: config 0 descriptor?? [ 203.138177][ T590] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 203.157247][ T590] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.165351][ T590] usb 4-1: Product: syz [ 203.178094][ T590] usb 4-1: Manufacturer: syz [ 203.182585][ T590] usb 4-1: SerialNumber: syz [ 203.193312][ T590] usb 4-1: config 0 descriptor?? [ 203.218908][ T319] belkin 0003:1020:0006.0057: report_id 0 is invalid [ 203.228147][ T308] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 203.238889][ T319] belkin 0003:1020:0006.0057: item 0 0 1 8 parsing failed [ 203.249754][ T590] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 203.258083][ T308] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 203.267477][ T590] usb 4-1: Detected FT232H [ 203.267803][ T319] belkin 0003:1020:0006.0057: parse failed [ 203.277540][ T319] belkin: probe of 0003:1020:0006.0057 failed with error -22 [ 203.294915][ T308] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 203.304974][ T308] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.325796][ T308] usb 2-1: config 0 descriptor?? [ 203.338104][ T309] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 203.431058][ T319] usb 3-1: USB disconnect, device number 42 [ 203.458163][ T590] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 203.498371][ T39] hid (null): global environment stack underflow [ 203.509454][ T39] uclogic 0003:5543:0522.0058: global environment stack underflow [ 203.527282][ T39] uclogic 0003:5543:0522.0058: item 0 1 1 11 parsing failed [ 203.544957][ T39] uclogic 0003:5543:0522.0058: parse failed [ 203.552558][ T39] uclogic: probe of 0003:5543:0522.0058 failed with error -22 [ 203.578077][ T309] usb 5-1: Using ep0 maxpacket: 16 [ 203.702377][ T60] usb 1-1: USB disconnect, device number 25 [ 203.708307][ T309] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 203.808991][ T308] isku 0003:1E7D:319C.0059: unknown main item tag 0x0 [ 203.818100][ T308] isku 0003:1E7D:319C.0059: unbalanced collection at end of report description [ 203.837194][ T308] isku 0003:1E7D:319C.0059: parse failed [ 203.842706][ T308] isku: probe of 0003:1E7D:319C.0059 failed with error -22 [ 203.899772][ T309] usb 5-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 203.918099][ T309] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.936090][ T309] usb 5-1: Product: syz [ 203.940275][ T590] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71 [ 203.946854][ T309] usb 5-1: Manufacturer: syz [ 203.957042][ T590] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 203.965222][ T309] usb 5-1: SerialNumber: syz [ 203.970917][ T590] usb 4-1: USB disconnect, device number 36 [ 203.982208][ T590] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 203.992769][ T309] usb 5-1: config 0 descriptor?? [ 203.997715][ T590] ftdi_sio 4-1:0.0: device disconnected [ 204.012507][ T308] usb 2-1: USB disconnect, device number 45 [ 204.308149][ T60] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 204.468191][ T309] usb 5-1: Found UVC 0.00 device syz (045e:0721) [ 204.478550][ T309] usb 5-1: No valid video chain found. [ 204.542971][ T6023] loop1: detected capacity change from 0 to 512 [ 204.608694][ T6023] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 204.618353][ T4557] handle_bad_sector: 266330 callbacks suppressed [ 204.618372][ T4557] attempt to access beyond end of device [ 204.618372][ T4557] loop4: rw=524288, want=58080, limit=40427 [ 204.618432][ T4557] attempt to access beyond end of device [ 204.618432][ T4557] loop4: rw=524288, want=58088, limit=40427 [ 204.624552][ T3957] attempt to access beyond end of device [ 204.624552][ T3957] loop0: rw=524288, want=58408, limit=40427 [ 204.636325][ T4557] attempt to access beyond end of device [ 204.636325][ T4557] loop4: rw=524288, want=58096, limit=40427 [ 204.646923][ T308] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 204.658784][ T4557] attempt to access beyond end of device [ 204.658784][ T4557] loop4: rw=524288, want=58104, limit=40427 [ 204.687936][ T3957] attempt to access beyond end of device [ 204.687936][ T3957] loop0: rw=524288, want=58416, limit=40427 [ 204.688434][ T4557] attempt to access beyond end of device [ 204.688434][ T4557] loop4: rw=524288, want=58112, limit=40427 [ 204.699611][ T743] usb 5-1: USB disconnect, device number 39 [ 204.710682][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11 [ 204.727618][ T3957] attempt to access beyond end of device [ 204.727618][ T3957] loop0: rw=524288, want=58424, limit=40427 [ 204.727673][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024 [ 204.740799][ T6023] EXT4-fs (loop1): 1 orphan inode deleted [ 204.749912][ T26] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 204.756804][ T6023] EXT4-fs (loop1): 1 truncate cleaned up [ 204.763010][ T4557] attempt to access beyond end of device [ 204.763010][ T4557] loop4: rw=524288, want=58120, limit=40427 [ 204.768702][ T3957] attempt to access beyond end of device [ 204.768702][ T3957] loop0: rw=524288, want=58432, limit=40427 [ 204.792317][ T6023] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,sb=0x0000000000000009,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback. [ 204.860750][ T6023] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 204.895334][ T6023] EXT4-fs (loop1): Remounting filesystem read-only [ 204.938073][ T308] usb 1-1: Using ep0 maxpacket: 16 [ 204.965364][ T30] audit: type=1400 audit(1725984804.738:1956): avc: denied { mount } for pid=6029 comm="syz.1.2349" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 204.988177][ T60] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 205.007173][ T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 205.012518][ T30] audit: type=1400 audit(1725984804.738:1957): avc: denied { mounton } for pid=6029 comm="syz.1.2349" path="/190/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 205.047446][ T60] usb 3-1: Product: syz [ 205.051545][ T60] usb 3-1: Manufacturer: syz [ 205.055865][ T60] usb 3-1: SerialNumber: syz [ 205.068113][ T308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 205.068256][ T60] usb 3-1: config 0 descriptor?? [ 205.081319][ T30] audit: type=1400 audit(1725984804.778:1958): avc: denied { unmount } for pid=4102 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 205.113702][ T308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 205.128075][ T308] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 205.128231][ T6007] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 205.143847][ T30] audit: type=1326 audit(1725984804.778:1959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6031 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa696335ef9 code=0x7ffc0000 [ 205.187300][ T308] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.196003][ T308] usb 1-1: config 0 descriptor?? [ 205.208245][ T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 205.228184][ T26] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 205.247986][ T26] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 205.256910][ T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.276373][ T26] usb 4-1: config 0 descriptor?? [ 205.412745][ T60] usb 3-1: USB disconnect, device number 43 [ 205.488071][ T743] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 205.658063][ T590] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 205.690429][ T308] hid-steam 0003:28DE:1142.005A: unknown main item tag 0x0 [ 205.709696][ T308] hid-steam 0003:28DE:1142.005A: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0 [ 205.738214][ T743] usb 2-1: Using ep0 maxpacket: 32 [ 205.748352][ T26] hid (null): bogus close delimiter [ 205.858162][ T743] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 205.878050][ T743] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 205.897843][ T743] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00 [ 205.916876][ T743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.935617][ T743] usb 2-1: config 0 descriptor?? [ 205.949630][ T864] usb 1-1: USB disconnect, device number 26 [ 206.008281][ T26] usb 4-1: language id specifier not provided by device, defaulting to English [ 206.028138][ T590] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.048055][ T590] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 206.057644][ T590] usb 5-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00 [ 206.066815][ T590] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.077802][ T590] usb 5-1: config 0 descriptor?? [ 206.238145][ T26] uclogic 0003:256C:006D.005B: failed retrieving Huion firmware version: -71 [ 206.256893][ T26] uclogic 0003:256C:006D.005B: failed probing parameters: -71 [ 206.267881][ T26] uclogic: probe of 0003:256C:006D.005B failed with error -71 [ 206.289251][ T26] usb 4-1: USB disconnect, device number 37 [ 206.418979][ T743] lua 0003:1E7D:2C2E.005C: global environment stack underflow [ 206.436498][ T743] lua 0003:1E7D:2C2E.005C: item 0 0 1 11 parsing failed [ 206.443450][ T743] lua 0003:1E7D:2C2E.005C: parse failed [ 206.458070][ T743] lua: probe of 0003:1E7D:2C2E.005C failed with error -22 [ 206.559023][ T590] petalynx 0003:18B1:0037.005D: collection stack underflow [ 206.566074][ T590] petalynx 0003:18B1:0037.005D: item 0 1 0 12 parsing failed [ 206.588257][ T590] petalynx 0003:18B1:0037.005D: parse failed [ 206.594082][ T590] petalynx: probe of 0003:18B1:0037.005D failed with error -22 [ 206.622420][ T743] usb 2-1: USB disconnect, device number 46 [ 206.762188][ T6] usb 5-1: USB disconnect, device number 40 [ 207.215575][ T6059] loop3: detected capacity change from 0 to 128 [ 207.305516][ T6062] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2362'. [ 207.408111][ T26] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 207.424020][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 207.424037][ T30] audit: type=1326 audit(1725984807.198:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fe2068ef9 code=0x7ffc0000 [ 207.438071][ T743] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 207.491443][ T30] audit: type=1326 audit(1725984807.198:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fe2068ef9 code=0x7ffc0000 [ 207.555163][ T30] audit: type=1326 audit(1725984807.238:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f0fe2068ef9 code=0x7ffc0000 [ 207.595499][ T30] audit: type=1326 audit(1725984807.238:1976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fe2068ef9 code=0x7ffc0000 [ 207.628161][ T590] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 207.639459][ T30] audit: type=1326 audit(1725984807.238:1977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6074 comm="syz.3.2369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fe2068ef9 code=0x7ffc0000 [ 207.662816][ T6] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 207.693157][ T30] audit: type=1400 audit(1725984807.458:1978): avc: denied { create } for pid=6076 comm="syz.3.2370" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 207.732692][ T30] audit: type=1400 audit(1725984807.458:1979): avc: denied { map } for pid=6076 comm="syz.3.2370" path="socket:[41578]" dev="sockfs" ino=41578 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 207.758095][ T743] usb 2-1: Using ep0 maxpacket: 16 [ 207.785977][ T30] audit: type=1400 audit(1725984807.458:1980): avc: denied { read } for pid=6076 comm="syz.3.2370" path="socket:[41578]" dev="sockfs" ino=41578 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 207.858455][ T26] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 207.878088][ T26] usb 3-1: config 0 has no interfaces? [ 207.883452][ T26] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 207.903614][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.923545][ T26] usb 3-1: config 0 descriptor?? [ 208.008155][ T590] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.030061][ T590] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 208.048094][ T590] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 208.048149][ T743] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00 [ 208.065898][ T6] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 208.067113][ T590] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.086020][ T6] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 208.095155][ T590] usb 5-1: config 0 descriptor?? [ 208.096103][ T743] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 208.100107][ T60] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 208.127947][ T743] usb 2-1: Product: syz [ 208.132044][ T743] usb 2-1: Manufacturer: syz [ 208.136361][ T743] usb 2-1: SerialNumber: syz [ 208.148852][ T743] usb 2-1: config 0 descriptor?? [ 208.189089][ T39] usb 3-1: USB disconnect, device number 44 [ 208.189638][ T6] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 208.204297][ T743] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 208.214095][ T743] usb 2-1: Detected FT232H [ 208.228076][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 208.246027][ T6] usb 1-1: SerialNumber: syz [ 208.398140][ T743] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 208.499759][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.518089][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 208.529752][ T6] usb 1-1: 0:2 : does not exist [ 208.534445][ T6] usb 1-1: unit 5 not found! [ 208.537877][ T60] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 208.548441][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.549694][ T6] usb 1-1: USB disconnect, device number 27 [ 208.562380][ T60] usb 4-1: config 0 descriptor?? [ 208.567430][ T30] audit: type=1400 audit(1725984808.338:1981): avc: denied { write } for pid=82 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 208.600615][ T590] isku 0003:1E7D:319C.005E: item fetching failed at offset 5/7 [ 208.619092][ T590] isku 0003:1E7D:319C.005E: parse failed [ 208.624579][ T590] isku: probe of 0003:1E7D:319C.005E failed with error -22 [ 208.629779][ T30] audit: type=1400 audit(1725984808.338:1982): avc: denied { remove_name } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 208.832224][ T590] usb 5-1: USB disconnect, device number 41 [ 208.868456][ T743] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71 [ 208.887175][ T743] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 208.897433][ T743] usb 2-1: USB disconnect, device number 47 [ 208.907586][ T743] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 208.927680][ T743] ftdi_sio 2-1:0.0: device disconnected [ 209.058748][ T60] keytouch 0003:0926:3333.005F: fixing up Keytouch IEC report descriptor [ 209.076301][ T60] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.005F/input/input52 [ 209.124959][ T6095] loop2: detected capacity change from 0 to 2048 [ 209.160699][ T60] keytouch 0003:0926:3333.005F: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0 [ 209.203368][ T6095] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 209.295147][ T590] usb 4-1: USB disconnect, device number 38 [ 209.448057][ T60] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 209.548073][ T308] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 209.628204][ T4557] handle_bad_sector: 248942 callbacks suppressed [ 209.628227][ T4557] attempt to access beyond end of device [ 209.628227][ T4557] loop4: rw=524288, want=58256, limit=40427 [ 209.629079][ T3957] attempt to access beyond end of device [ 209.629079][ T3957] loop0: rw=0, want=59104, limit=40427 [ 209.636053][ T4557] attempt to access beyond end of device [ 209.636053][ T4557] loop4: rw=524288, want=58264, limit=40427 [ 209.646665][ T3957] attempt to access beyond end of device [ 209.646665][ T3957] loop0: rw=0, want=59112, limit=40427 [ 209.657648][ T4557] attempt to access beyond end of device [ 209.657648][ T4557] loop4: rw=524288, want=58272, limit=40427 [ 209.668622][ T3957] attempt to access beyond end of device [ 209.668622][ T3957] loop0: rw=0, want=59120, limit=40427 [ 209.700905][ T4557] attempt to access beyond end of device [ 209.700905][ T4557] loop4: rw=524288, want=58280, limit=40427 [ 209.700959][ T4557] attempt to access beyond end of device [ 209.700959][ T4557] loop4: rw=524288, want=58288, limit=40427 [ 209.712852][ T3957] attempt to access beyond end of device [ 209.712852][ T3957] loop0: rw=0, want=59128, limit=40427 [ 209.734231][ T4557] attempt to access beyond end of device [ 209.734231][ T4557] loop4: rw=524288, want=58296, limit=40427 [ 209.748112][ T60] usb 1-1: Using ep0 maxpacket: 32 [ 209.868219][ T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.888917][ T60] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.908485][ T60] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 209.927553][ T60] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.928253][ T308] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.949101][ T60] usb 1-1: config 0 descriptor?? [ 209.959244][ T308] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.980127][ T308] usb 3-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00 [ 209.998584][ T60] hub 1-1:0.0: USB hub found [ 209.998689][ T308] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.023922][ T308] usb 3-1: config 0 descriptor?? [ 210.218807][ T60] hub 1-1:0.0: 1 port detected [ 210.228078][ T39] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 210.508985][ T308] petalynx 0003:18B1:0037.0060: collection stack underflow [ 210.526340][ T308] petalynx 0003:18B1:0037.0060: item 0 1 0 12 parsing failed [ 210.534042][ T308] petalynx 0003:18B1:0037.0060: parse failed [ 210.548585][ T308] petalynx: probe of 0003:18B1:0037.0060 failed with error -22 [ 210.608152][ T39] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 210.628177][ T39] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 210.688805][ T60] usb 1-1: USB disconnect, device number 28 [ 210.719808][ T39] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 210.738072][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 210.748150][ T39] usb 4-1: SerialNumber: syz [ 210.753606][ T6] usb 3-1: USB disconnect, device number 45 [ 210.759500][ T743] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 210.844554][ T6133] syz.4.2393[6133] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 210.844628][ T6133] syz.4.2393[6133] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 211.018691][ T39] usb 4-1: 0:2 : does not exist [ 211.118141][ T743] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 211.138055][ T743] usb 2-1: config 0 has no interfaces? [ 211.143419][ T743] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 211.165740][ T743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.184407][ T743] usb 2-1: config 0 descriptor?? [ 211.469344][ T60] usb 4-1: USB disconnect, device number 39 [ 211.475834][ T590] usb 2-1: USB disconnect, device number 48 [ 211.481594][ T26] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 211.538286][ T39] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 211.858223][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.877048][ T26] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.896790][ T26] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 211.916970][ T26] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.924918][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.946116][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.955976][ T26] usb 5-1: config 0 descriptor?? [ 211.962336][ T39] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 211.983124][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.000993][ T39] usb 1-1: config 0 descriptor?? [ 212.011116][ T6149] loop3: detected capacity change from 0 to 2048 [ 212.099119][ T6149] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 212.408067][ T6] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 212.428373][ T26] hid (null): bogus close delimiter [ 212.488768][ T39] keytouch 0003:0926:3333.0062: fixing up Keytouch IEC report descriptor [ 212.502710][ T39] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0062/input/input53 [ 212.591447][ T39] keytouch 0003:0926:3333.0062: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 212.658054][ T6] usb 3-1: Using ep0 maxpacket: 16 [ 212.688141][ T26] usb 5-1: language id specifier not provided by device, defaulting to English [ 212.693644][ T864] usb 1-1: USB disconnect, device number 29 [ 212.778117][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 212.798051][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 212.817758][ T6] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 212.857881][ T6] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 212.879359][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.897968][ T6] usb 3-1: config 0 descriptor?? [ 212.928122][ T26] uclogic 0003:256C:006D.0061: failed retrieving Huion firmware version: -71 [ 212.946893][ T26] uclogic 0003:256C:006D.0061: failed probing parameters: -71 [ 212.967072][ T26] uclogic: probe of 0003:256C:006D.0061 failed with error -71 [ 212.988111][ T26] usb 5-1: USB disconnect, device number 42 [ 213.114343][ T6165] loop1: detected capacity change from 0 to 40427 [ 213.170330][ T6165] F2FS-fs (loop1): Mismatch start address, segment0(134218240) cp_blkaddr(0) [ 213.188317][ T6165] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 213.238902][ T6165] F2FS-fs (loop1): Found nat_bits in checkpoint [ 213.288323][ T6165] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 213.291667][ T30] kauditd_printk_skb: 22 callbacks suppressed [ 213.291680][ T30] audit: type=1400 audit(1725984813.068:2005): avc: denied { ioctl } for pid=6171 comm="syz.0.2403" path="/39/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x671e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 213.295181][ T6165] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 213.378932][ T6] koneplus 0003:1E7D:2E22.0063: unknown main item tag 0x0 [ 213.396137][ T6] koneplus 0003:1E7D:2E22.0063: unknown main item tag 0x0 [ 213.416785][ T30] audit: type=1400 audit(1725984813.188:2006): avc: denied { create } for pid=6180 comm="syz.3.2410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 213.437499][ T6] koneplus 0003:1E7D:2E22.0063: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.2-1/input0 [ 213.476117][ T6185] tipc: Started in network mode [ 213.488690][ T6185] tipc: Node identity 2, cluster identity 4711 [ 213.494683][ T6185] tipc: Node number set to 2 [ 213.573379][ T6193] netlink: 'syz.3.2418': attribute type 1 has an invalid length. [ 213.598156][ T6] koneplus 0003:1E7D:2E22.0063: couldn't init struct koneplus_device [ 213.616476][ T6] koneplus 0003:1E7D:2E22.0063: couldn't install mouse [ 213.638412][ T6] koneplus: probe of 0003:1E7D:2E22.0063 failed with error -5 [ 213.778165][ T864] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 213.803888][ T6] usb 3-1: USB disconnect, device number 46 [ 213.848756][ T6206] netem: unknown loss type 5 [ 213.856042][ T6206] netem: change failed [ 213.893632][ T6212] loop3: detected capacity change from 0 to 512 [ 213.948848][ T6212] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.2425: Invalid inode bitmap blk 4 in block_group 0 [ 213.970726][ T6224] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 213.988220][ T6212] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,data_err=abort,noload,nobarrier,lazytime,,errors=continue. Quota mode: none. [ 214.028008][ T6212] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.2425: Invalid inode bitmap blk 4 in block_group 0 [ 214.066259][ T6212] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem [ 214.138168][ T864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 214.155349][ T864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.175281][ T864] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 214.195442][ T864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.206152][ T864] usb 5-1: config 0 descriptor?? [ 214.212102][ T6237] netem: unknown loss type 5 [ 214.216931][ T6237] netem: change failed [ 214.249693][ T30] audit: type=1400 audit(1725984814.028:2007): avc: denied { map } for pid=6239 comm="syz.0.2437" path="socket:[42281]" dev="sockfs" ino=42281 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 214.348116][ T39] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 214.392580][ T6254] loop2: detected capacity change from 0 to 16 [ 214.409178][ T6254] erofs: (device loop2): mounted with root inode @ nid 36. [ 214.638054][ T4557] handle_bad_sector: 232385 callbacks suppressed [ 214.638074][ T4557] attempt to access beyond end of device [ 214.638074][ T4557] loop4: rw=524288, want=57704, limit=40427 [ 214.655995][ T3957] attempt to access beyond end of device [ 214.655995][ T3957] loop0: rw=524288, want=57352, limit=40427 [ 214.658100][ T590] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 214.667320][ T3957] attempt to access beyond end of device [ 214.667320][ T3957] loop0: rw=524288, want=57360, limit=40427 [ 214.685901][ T4557] attempt to access beyond end of device [ 214.685901][ T4557] loop4: rw=524288, want=57712, limit=40427 [ 214.697397][ T864] hid (null): global environment stack underflow [ 214.703682][ T4557] attempt to access beyond end of device [ 214.703682][ T4557] loop4: rw=524288, want=57720, limit=40427 [ 214.715958][ T864] uclogic 0003:5543:0522.0064: global environment stack underflow [ 214.720061][ T6256] loop2: detected capacity change from 0 to 40427 [ 214.723680][ T3957] attempt to access beyond end of device [ 214.723680][ T3957] loop0: rw=524288, want=57368, limit=40427 [ 214.730318][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 214.741064][ T864] uclogic 0003:5543:0522.0064: item 0 1 1 11 parsing failed [ 214.741239][ T864] uclogic 0003:5543:0522.0064: parse failed [ 214.752283][ T39] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 214.759293][ T4557] attempt to access beyond end of device [ 214.759293][ T4557] loop4: rw=524288, want=57728, limit=40427 [ 214.764920][ T39] usb 2-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00 [ 214.774200][ T3957] attempt to access beyond end of device [ 214.774200][ T3957] loop0: rw=524288, want=57376, limit=40427 [ 214.785682][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.794191][ T864] uclogic: probe of 0003:5543:0522.0064 failed with error -22 [ 214.806336][ T39] usb 2-1: config 0 descriptor?? [ 214.813239][ T4557] attempt to access beyond end of device [ 214.813239][ T4557] loop4: rw=524288, want=57736, limit=40427 [ 214.821492][ T3957] attempt to access beyond end of device [ 214.821492][ T3957] loop0: rw=524288, want=57384, limit=40427 [ 214.838142][ T6256] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 214.864579][ T6256] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 214.883906][ T6256] F2FS-fs (loop2): invalid crc value [ 214.913872][ T6256] F2FS-fs (loop2): Found nat_bits in checkpoint [ 214.971817][ T6256] F2FS-fs (loop2): Start checkpoint disabled! [ 214.985399][ T60] usb 5-1: USB disconnect, device number 43 [ 214.988128][ T6256] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 214.998070][ T864] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 215.005403][ T6256] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 215.079841][ T590] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 215.091197][ T30] audit: type=1400 audit(1725984814.868:2008): avc: denied { link } for pid=6255 comm="syz.2.2442" name="file0" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 215.098072][ T590] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 215.142714][ T590] usb 4-1: New USB device found, idVendor=1020, idProduct=0006, bcdDevice= 0.00 [ 215.162887][ T590] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.178706][ T590] usb 4-1: config 0 descriptor?? [ 215.238056][ T864] usb 1-1: Using ep0 maxpacket: 16 [ 215.290161][ T6264] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 215.308973][ T39] petalynx 0003:18B1:0037.0065: collection stack underflow [ 215.324221][ T39] petalynx 0003:18B1:0037.0065: item 0 1 0 12 parsing failed [ 215.340610][ T39] petalynx 0003:18B1:0037.0065: parse failed [ 215.358191][ T864] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 215.358784][ T39] petalynx: probe of 0003:18B1:0037.0065 failed with error -22 [ 215.386588][ T864] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 215.410166][ T864] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 215.428636][ T864] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.447247][ T864] usb 1-1: config 0 descriptor?? [ 215.597811][ T26] usb 2-1: USB disconnect, device number 49 [ 215.678907][ T590] belkin 0003:1020:0006.0066: report_id 0 is invalid [ 215.687940][ T590] belkin 0003:1020:0006.0066: item 0 0 1 8 parsing failed [ 215.705880][ T590] belkin 0003:1020:0006.0066: parse failed [ 215.715851][ T590] belkin: probe of 0003:1020:0006.0066 failed with error -22 [ 215.749742][ T6268] loop2: detected capacity change from 0 to 40427 [ 215.798935][ T6268] F2FS-fs (loop2): Mismatch start address, segment0(134218240) cp_blkaddr(0) [ 215.813240][ T6268] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 215.848926][ T6268] F2FS-fs (loop2): Found nat_bits in checkpoint [ 215.913567][ T6268] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 215.920682][ T6268] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 215.928958][ T864] savu 0003:1E7D:2D5A.0067: item fetching failed at offset 2/5 [ 215.956766][ T864] savu 0003:1E7D:2D5A.0067: parse failed [ 215.962321][ T864] savu: probe of 0003:1E7D:2D5A.0067 failed with error -22 [ 215.990743][ T864] usb 4-1: USB disconnect, device number 40 [ 216.164617][ T308] usb 1-1: USB disconnect, device number 30 [ 216.328781][ T30] audit: type=1400 audit(1725984816.108:2009): avc: denied { relabelfrom } for pid=6296 comm="syz.2.2462" name="" dev="pipefs" ino=42490 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 216.388067][ T743] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 216.578047][ T6] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 216.638113][ T743] usb 5-1: Using ep0 maxpacket: 16 [ 216.648200][ T26] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 216.768170][ T743] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 216.788051][ T743] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 216.807750][ T743] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 216.830523][ T743] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 216.848116][ T743] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.868343][ T743] usb 5-1: config 0 descriptor?? [ 216.898078][ T60] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 216.948181][ T6] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 216.968055][ T6] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 217.028163][ T26] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 217.048068][ T26] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 217.058133][ T6] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 217.066977][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 217.095151][ T6] usb 2-1: SerialNumber: syz [ 217.149347][ T26] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 217.168080][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 217.186034][ T26] usb 3-1: SerialNumber: syz [ 217.258103][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 217.278045][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 217.297768][ T60] usb 4-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 217.318072][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.338328][ T60] usb 4-1: config 0 descriptor?? [ 217.349115][ T743] koneplus 0003:1E7D:2E22.0068: unknown main item tag 0x0 [ 217.359809][ T743] koneplus 0003:1E7D:2E22.0068: unknown main item tag 0x0 [ 217.377587][ T743] koneplus 0003:1E7D:2E22.0068: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.4-1/input0 [ 217.389585][ T6] usb 2-1: 0:2 : does not exist [ 217.568129][ T743] koneplus 0003:1E7D:2E22.0068: couldn't init struct koneplus_device [ 217.586222][ T743] koneplus 0003:1E7D:2E22.0068: couldn't install mouse [ 217.594950][ T743] koneplus: probe of 0003:1E7D:2E22.0068 failed with error -5 [ 217.609161][ T26] usb 3-1: 0:2 : does not exist [ 217.613860][ T26] usb 3-1: unit 5 not found! [ 217.629323][ T26] usb 3-1: USB disconnect, device number 47 [ 217.774579][ T590] usb 5-1: USB disconnect, device number 44 [ 217.811469][ T743] usb 2-1: USB disconnect, device number 50 [ 217.828402][ T60] hid (null): global environment stack underflow [ 217.835601][ T60] uclogic 0003:5543:0522.0069: global environment stack underflow [ 217.858143][ T60] uclogic 0003:5543:0522.0069: item 0 1 1 11 parsing failed [ 217.869507][ T60] uclogic 0003:5543:0522.0069: parse failed [ 217.875232][ T60] uclogic: probe of 0003:5543:0522.0069 failed with error -22 [ 218.009897][ T6319] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2465'. [ 218.036771][ T590] usb 4-1: USB disconnect, device number 41 [ 218.375863][ T6337] loop1: detected capacity change from 0 to 2048 [ 218.378119][ T308] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 218.474775][ T6337] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.2473: bad orphan inode 8192 [ 218.498288][ T6337] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 218.565238][ T6345] netlink: 'syz.3.2477': attribute type 4 has an invalid length. [ 218.606287][ T6345] netlink: 'syz.3.2477': attribute type 4 has an invalid length. [ 218.648250][ T308] usb 1-1: Using ep0 maxpacket: 32 [ 218.667875][ T30] audit: type=1404 audit(1725984818.438:2010): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 218.682834][ T590] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 218.714995][ T30] audit: type=1404 audit(1725984818.468:2011): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1 [ 218.749240][ T30] audit: type=1400 audit(1725984818.468:2012): avc: denied { wake_alarm } for pid=6348 comm="syz.1.2476" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 218.788138][ T30] audit: type=1400 audit(1725984818.478:2013): avc: denied { read write } for pid=4088 comm="syz-executor" name="loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 218.831904][ T30] audit: type=1400 audit(1725984818.478:2014): avc: denied { open } for pid=4088 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 218.881185][ T30] audit: type=1400 audit(1725984818.478:2015): avc: denied { ioctl } for pid=4088 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=115 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 218.928066][ T743] usb 3-1: new high-speed USB device number 48 using dummy_hcd [ 218.938161][ T308] usb 1-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=3a.75 [ 218.949766][ T308] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 218.958362][ T590] usb 5-1: Using ep0 maxpacket: 8 [ 218.959651][ T308] usb 1-1: Product: syz [ 218.967337][ T308] usb 1-1: Manufacturer: syz [ 218.972236][ T308] usb 1-1: SerialNumber: syz [ 218.977787][ T30] audit: type=1400 audit(1725984818.478:2016): avc: denied { read write } for pid=4102 comm="syz-executor" name="loop1" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 219.005415][ T308] usb 1-1: config 0 descriptor?? [ 219.010737][ T30] audit: type=1400 audit(1725984818.478:2017): avc: denied { open } for pid=4102 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 219.034369][ T30] audit: type=1400 audit(1725984818.478:2018): avc: denied { ioctl } for pid=4102 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=726 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 219.059794][ T308] usb_ehset_test: probe of 1-1:0.0 failed with error -32 [ 219.067580][ T30] audit: type=1400 audit(1725984818.488:2019): avc: denied { ioctl } for pid=6327 comm="syz.0.2469" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 219.138138][ T590] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 219.238158][ T590] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 219.257180][ T590] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 219.267271][ T590] usb 5-1: SerialNumber: syz [ 219.268156][ T308] usb 1-1: USB disconnect, device number 31 [ 219.278075][ T864] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 219.285798][ T590] usb 5-1: config 0 descriptor?? [ 219.328494][ T590] usb 5-1: Found UVC 0.00 device (05ac:8501) [ 219.329230][ T743] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 219.345371][ T590] uvcvideo 5-1:0.0: Entity type for entity Output 255 was not initialized! [ 219.355446][ T590] usb 5-1: Failed to create links for entity 255 [ 219.361764][ T743] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 219.375597][ T590] usb 5-1: Failed to register entities (-22). [ 219.378055][ T743] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 219.408048][ T743] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.426646][ T743] usb 3-1: config 0 descriptor?? [ 219.518079][ T864] usb 4-1: Using ep0 maxpacket: 16 [ 219.540029][ T26] usb 5-1: USB disconnect, device number 45 [ 219.641221][ T864] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 219.651933][ T4557] handle_bad_sector: 225231 callbacks suppressed [ 219.651951][ T4557] attempt to access beyond end of device [ 219.651951][ T4557] loop4: rw=524288, want=59256, limit=40427 [ 219.658232][ T3957] attempt to access beyond end of device [ 219.658232][ T3957] loop0: rw=0, want=57472, limit=40427 [ 219.669953][ T4557] attempt to access beyond end of device [ 219.669953][ T4557] loop4: rw=524288, want=59264, limit=40427 [ 219.680111][ T864] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 219.692274][ T4557] attempt to access beyond end of device [ 219.692274][ T4557] loop4: rw=524288, want=59272, limit=40427 [ 219.700874][ T3957] attempt to access beyond end of device [ 219.700874][ T3957] loop0: rw=0, want=57480, limit=40427 [ 219.712502][ T4557] attempt to access beyond end of device [ 219.712502][ T4557] loop4: rw=524288, want=59280, limit=40427 [ 219.722894][ T864] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 219.734694][ T4557] attempt to access beyond end of device [ 219.734694][ T4557] loop4: rw=524288, want=59288, limit=40427 [ 219.746850][ T3957] attempt to access beyond end of device [ 219.746850][ T3957] loop0: rw=0, want=57488, limit=40427 [ 219.758627][ T4557] attempt to access beyond end of device [ 219.758627][ T4557] loop4: rw=524288, want=59296, limit=40427 [ 219.769015][ T864] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 219.780380][ T4557] attempt to access beyond end of device [ 219.780380][ T4557] loop4: rw=524288, want=59304, limit=40427 [ 219.789336][ T864] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.819476][ T864] usb 4-1: config 0 descriptor?? [ 219.918813][ T743] keytouch 0003:0926:3333.006A: fixing up Keytouch IEC report descriptor [ 219.938702][ T743] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.006A/input/input54 [ 220.030142][ T743] keytouch 0003:0926:3333.006A: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 220.108074][ T6] usb 2-1: new high-speed USB device number 51 using dummy_hcd [ 220.147826][ T590] usb 3-1: USB disconnect, device number 48 [ 220.299004][ T864] koneplus 0003:1E7D:2E22.006B: unknown main item tag 0x0 [ 220.305973][ T864] koneplus 0003:1E7D:2E22.006B: unknown main item tag 0x0 [ 220.326568][ T864] koneplus 0003:1E7D:2E22.006B: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.3-1/input0 [ 220.429893][ T6379] netlink: 'syz.0.2491': attribute type 4 has an invalid length. [ 220.452365][ T6379] netlink: 'syz.0.2491': attribute type 4 has an invalid length. [ 220.488163][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 220.508119][ T864] koneplus 0003:1E7D:2E22.006B: couldn't init struct koneplus_device [ 220.516045][ T864] koneplus 0003:1E7D:2E22.006B: couldn't install mouse [ 220.523019][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 220.538204][ T6] usb 2-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 220.547374][ T864] koneplus: probe of 0003:1E7D:2E22.006B failed with error -5 [ 220.560914][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.579338][ T6] usb 2-1: config 0 descriptor?? [ 220.673383][ T6394] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2498'. [ 220.776390][ T590] usb 4-1: USB disconnect, device number 42 [ 220.958090][ T60] usb 3-1: new high-speed USB device number 49 using dummy_hcd [ 221.069739][ T6] hid (null): global environment stack underflow [ 221.077099][ T6] uclogic 0003:5543:0522.006C: global environment stack underflow [ 221.098058][ T6] uclogic 0003:5543:0522.006C: item 0 1 1 11 parsing failed [ 221.105342][ T6] uclogic 0003:5543:0522.006C: parse failed [ 221.128076][ T6] uclogic: probe of 0003:5543:0522.006C failed with error -22 [ 221.272702][ T39] usb 2-1: USB disconnect, device number 51 [ 221.338113][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 221.360084][ T60] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 221.378150][ T60] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 221.398054][ T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.413384][ T60] usb 3-1: config 0 descriptor?? [ 221.429582][ T6418] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 221.721482][ T6431] netlink: 'syz.4.2514': attribute type 4 has an invalid length. [ 221.757498][ T6431] netlink: 'syz.4.2514': attribute type 4 has an invalid length. [ 221.826122][ T6438] loop3: detected capacity change from 0 to 256 [ 221.870136][ T6438] exfat: Deprecated parameter 'namecase' [ 221.880223][ T6438] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d) [ 221.919266][ T60] logitech-djreceiver 0003:046D:C71B.006D: unknown main item tag 0x0 [ 221.937358][ T60] logitech-djreceiver 0003:046D:C71B.006D: item fetching failed at offset 2/7 [ 221.950244][ T60] logitech-djreceiver 0003:046D:C71B.006D: logi_dj_probe: parse failed [ 221.978096][ T60] logitech-djreceiver: probe of 0003:046D:C71B.006D failed with error -22 [ 222.138954][ T60] usb 3-1: USB disconnect, device number 49 [ 222.318163][ T6] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 222.558057][ T6] usb 1-1: Using ep0 maxpacket: 16 [ 222.655407][ T6462] netlink: 'syz.2.2527': attribute type 4 has an invalid length. [ 222.678170][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 222.692980][ T6462] netlink: 'syz.2.2527': attribute type 4 has an invalid length. [ 222.703279][ T6465] loop3: detected capacity change from 0 to 512 [ 222.712359][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 222.741171][ T6] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 222.778342][ T6] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 222.802943][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.827703][ T6465] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 222.839400][ T6] usb 1-1: config 0 descriptor?? [ 222.875653][ T6485] loop2: detected capacity change from 0 to 512 [ 222.882705][ T6465] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038 (0x7fffffff) [ 222.894394][ T6487] loop1: detected capacity change from 0 to 256 [ 222.914290][ T6465] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz.3.2530: corrupted inode contents [ 222.936440][ T6465] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz.3.2530: mark_inode_dirty error [ 222.959907][ T6465] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz.3.2530: corrupted inode contents [ 222.990748][ T6485] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,grpid,auto_da_alloc,,errors=continue. Quota mode: writeback. [ 223.013885][ T6465] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz.3.2530: mark_inode_dirty error [ 223.033476][ T6485] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038 (0x7fffffff) [ 223.126206][ T6485] EXT4-fs error (device loop2): ext4_map_blocks:602: inode #2: block 3: comm syz.2.2534: lblock 0 mapped to illegal pblock 3 (length 1) [ 223.166838][ T6499] loop3: detected capacity change from 0 to 1024 [ 223.187713][ T6485] EXT4-fs warning (device loop2): ext4_empty_dir:3093: inode #2: lblock 0: comm syz.2.2534: error -117 reading directory block [ 223.238588][ T4840] EXT4-fs error (device loop2): ext4_map_blocks:602: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1) [ 223.258630][ T6499] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 223.282089][ T6499] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 223.297216][ T4840] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor: error -117 reading directory block [ 223.318468][ T6499] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869) [ 223.342713][ T6499] journal_init_common: Cannot get buffer for journal superblock [ 223.354657][ T6] koneplus 0003:1E7D:2E22.006E: unknown main item tag 0x0 [ 223.362193][ T10] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm kworker/u4:1: Invalid inode table block 0 in block_group 0 [ 223.374898][ T6] koneplus 0003:1E7D:2E22.006E: unknown main item tag 0x0 [ 223.383174][ T6499] EXT4-fs (loop3): Could not load journal inode [ 223.390443][ T6] koneplus 0003:1E7D:2E22.006E: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.0-1/input0 [ 223.514418][ T6513] xt_CT: You must specify a L4 protocol and not use inversions on it [ 223.558241][ T6] koneplus 0003:1E7D:2E22.006E: couldn't init struct koneplus_device [ 223.570066][ T6] koneplus 0003:1E7D:2E22.006E: couldn't install mouse [ 223.600497][ T6] koneplus: probe of 0003:1E7D:2E22.006E failed with error -5 [ 223.752653][ T6520] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.765299][ T6] usb 1-1: USB disconnect, device number 32 [ 223.766089][ T6520] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.786474][ T6520] device bridge_slave_0 entered promiscuous mode [ 223.806776][ T6520] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.825513][ T6520] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.844428][ T6520] device bridge_slave_1 entered promiscuous mode [ 223.979117][ T30] kauditd_printk_skb: 141 callbacks suppressed [ 223.979132][ T30] audit: type=1400 audit(1725984823.758:2161): avc: denied { create } for pid=6520 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 223.988600][ T6520] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.012382][ T6520] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.019510][ T6520] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.026257][ T6520] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.058208][ T30] audit: type=1400 audit(1725984823.758:2162): avc: denied { write } for pid=6520 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 224.096360][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 224.107780][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.114898][ T30] audit: type=1400 audit(1725984823.758:2163): avc: denied { read } for pid=6520 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 224.135391][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.161697][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 224.171976][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.178843][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.198986][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 224.211356][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.218229][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.241354][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 224.251464][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 224.277130][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 224.295275][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 224.303297][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 224.310941][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 224.319137][ T6520] device veth0_vlan entered promiscuous mode [ 224.334520][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 224.357508][ T6520] device veth1_macvtap entered promiscuous mode [ 224.377474][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 224.392029][ T30] audit: type=1400 audit(1725984824.168:2164): avc: denied { remount } for pid=6533 comm="syz.0.2552" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 224.392312][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 224.412404][ T6534] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22 [ 224.442310][ T30] audit: type=1400 audit(1725984824.218:2165): avc: denied { mounton } for pid=6520 comm="syz-executor" path="/root/syzkaller.EifTrM/syz-tmp" dev="sda1" ino=1982 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 224.467662][ T6534] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 224.518222][ T30] audit: type=1400 audit(1725984824.218:2166): avc: denied { mount } for pid=6520 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 224.576798][ T30] audit: type=1400 audit(1725984824.218:2167): avc: denied { mount } for pid=6520 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 224.631369][ T30] audit: type=1400 audit(1725984824.248:2168): avc: denied { mounton } for pid=6520 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=362 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 224.657589][ T6545] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 224.665404][ T3957] handle_bad_sector: 178962 callbacks suppressed [ 224.665422][ T3957] attempt to access beyond end of device [ 224.665422][ T3957] loop0: rw=524288, want=57544, limit=40427 [ 224.665479][ T3957] attempt to access beyond end of device [ 224.665479][ T3957] loop0: rw=524288, want=57552, limit=40427 [ 224.665520][ T3957] attempt to access beyond end of device [ 224.665520][ T3957] loop0: rw=524288, want=57560, limit=40427 [ 224.694647][ T6545] tipc: Enabled bearer , priority 10 [ 224.706839][ T4557] attempt to access beyond end of device [ 224.706839][ T4557] loop4: rw=0, want=59000, limit=40427 [ 224.712172][ T30] audit: type=1400 audit(1725984824.268:2169): avc: denied { unmount } for pid=4102 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 224.739008][ T4557] attempt to access beyond end of device [ 224.739008][ T4557] loop4: rw=0, want=59008, limit=40427 [ 224.742505][ T30] audit: type=1400 audit(1725984824.388:2170): avc: denied { read } for pid=6542 comm="syz.0.2554" name="ppp" dev="devtmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 224.770224][ T3957] attempt to access beyond end of device [ 224.770224][ T3957] loop0: rw=524288, want=57568, limit=40427 [ 224.778413][ T743] usb 2-1: new high-speed USB device number 52 using dummy_hcd [ 224.788944][ T4557] attempt to access beyond end of device [ 224.788944][ T4557] loop4: rw=0, want=59016, limit=40427 [ 224.811292][ T3957] attempt to access beyond end of device [ 224.811292][ T3957] loop0: rw=524288, want=57576, limit=40427 [ 224.816521][ T4557] attempt to access beyond end of device [ 224.816521][ T4557] loop4: rw=0, want=59024, limit=40427 [ 224.908208][ T3957] attempt to access beyond end of device [ 224.908208][ T3957] loop0: rw=524288, want=57584, limit=40427 [ 224.922544][ T318] device bridge_slave_1 left promiscuous mode [ 224.938256][ T318] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.958536][ T318] device bridge_slave_0 left promiscuous mode [ 224.964498][ T318] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.009162][ T318] device veth1_macvtap left promiscuous mode [ 225.015001][ T318] device veth0_vlan left promiscuous mode [ 225.058185][ T743] usb 2-1: Using ep0 maxpacket: 16 [ 226.496534][ T6565] loop3: detected capacity change from 0 to 1024 [ 226.502809][ T743] usb 2-1: device descriptor read/all, error -71 [ 226.538731][ T6572] loop2: detected capacity change from 0 to 128 [ 226.568099][ T6572] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 226.581252][ T6565] EXT4-fs (loop3): mounted filesystem without journal. Opts: discard,bsdgroups,resuid=0x0000000000000000,noblock_validity,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000006,data_err=abort,. Quota mode: writeback. [ 226.608161][ T6572] ext4 filesystem being mounted at /3/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 226.622930][ T6565] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2739: inode #2: comm syz.3.2564: corrupted in-inode xattr [ 226.708779][ T6565] EXT4-fs (loop3): Remounting filesystem read-only [ 226.725295][ T6565] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2809: Unable to expand inode 2. Delete some EAs or run e2fsck. [ 226.751367][ T6579] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22 [ 226.788196][ T6577] EXT4-fs error (device loop3): ext4_xattr_ibody_list:748: inode #2: comm syz.3.2564: corrupted in-inode xattr [ 226.791548][ T6579] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 226.949989][ T6585] tipc: Started in network mode [ 226.961688][ T6585] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 227.002107][ T6585] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 227.018418][ T6585] tipc: Enabled bearer , priority 10 [ 227.169937][ T6612] loop1: detected capacity change from 0 to 128 [ 227.230792][ T6612] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 227.270908][ T6612] ext4 filesystem being mounted at /235/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 227.318251][ T308] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 227.553993][ T6622] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev ?, type ?) errno=-22 [ 227.618612][ T6622] SELinux: security_context_str_to_sid(unconfined_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 227.658192][ T864] usb 5-1: new high-speed USB device number 46 using dummy_hcd [ 227.679864][ T308] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 227.700346][ T308] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 227.720193][ T308] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 227.748294][ T308] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.777044][ T308] usb 4-1: config 0 descriptor?? [ 227.928087][ T864] usb 5-1: Using ep0 maxpacket: 16 [ 228.018086][ T26] tipc: Node number set to 1 [ 228.048205][ T864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.078056][ T864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 228.097794][ T864] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 228.120854][ T864] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 228.141033][ T864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.161969][ T864] usb 5-1: config 0 descriptor?? [ 228.188070][ T590] usb 2-1: new high-speed USB device number 54 using dummy_hcd [ 228.269049][ T308] arvo 0003:1E7D:30D4.006F: collection stack underflow [ 228.285930][ T308] arvo 0003:1E7D:30D4.006F: item 0 1 0 12 parsing failed [ 228.298235][ T308] arvo 0003:1E7D:30D4.006F: parse failed [ 228.313853][ T308] arvo: probe of 0003:1E7D:30D4.006F failed with error -22 [ 228.472278][ T60] usb 4-1: USB disconnect, device number 43 [ 228.579820][ T590] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.598074][ T590] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 228.617741][ T590] usb 2-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 228.637830][ T590] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.644047][ T864] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0070/input/input55 [ 228.667660][ T590] usb 2-1: config 0 descriptor?? [ 228.759327][ T864] microsoft 0003:045E:07DA.0070: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 228.901177][ T864] usb 5-1: USB disconnect, device number 46 [ 229.149288][ T590] logitech-djreceiver 0003:046D:C71B.0071: unknown main item tag 0x0 [ 229.177425][ T590] logitech-djreceiver 0003:046D:C71B.0071: item fetching failed at offset 2/7 [ 229.197645][ T590] logitech-djreceiver 0003:046D:C71B.0071: logi_dj_probe: parse failed [ 229.217579][ T590] logitech-djreceiver: probe of 0003:046D:C71B.0071 failed with error -22 [ 229.353256][ T60] usb 2-1: USB disconnect, device number 54 [ 229.668089][ T4557] handle_bad_sector: 107971 callbacks suppressed [ 229.668111][ T4557] attempt to access beyond end of device [ 229.668111][ T4557] loop4: rw=524288, want=58592, limit=40427 [ 229.685849][ T3957] attempt to access beyond end of device [ 229.685849][ T3957] loop0: rw=524288, want=57816, limit=40427 [ 229.697202][ T3957] attempt to access beyond end of device [ 229.697202][ T3957] loop0: rw=524288, want=57824, limit=40427 [ 229.708705][ T4557] attempt to access beyond end of device [ 229.708705][ T4557] loop4: rw=524288, want=58600, limit=40427 [ 229.720548][ T4557] attempt to access beyond end of device [ 229.720548][ T4557] loop4: rw=524288, want=58608, limit=40427 [ 229.738232][ T3957] attempt to access beyond end of device [ 229.738232][ T3957] loop0: rw=524288, want=57832, limit=40427 [ 229.748405][ T4557] attempt to access beyond end of device [ 229.748405][ T4557] loop4: rw=524288, want=58616, limit=40427 [ 229.760318][ T3957] attempt to access beyond end of device [ 229.760318][ T3957] loop0: rw=524288, want=57840, limit=40427 [ 229.768109][ T4557] attempt to access beyond end of device [ 229.768109][ T4557] loop4: rw=524288, want=58624, limit=40427 [ 229.788659][ T4557] attempt to access beyond end of device [ 229.788659][ T4557] loop4: rw=524288, want=58632, limit=40427 [ 231.168395][ T30] kauditd_printk_skb: 24 callbacks suppressed [ 231.168412][ T30] audit: type=1400 audit(1725984830.948:2195): avc: denied { write } for pid=6638 comm="syz.3.2591" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 231.231422][ T30] audit: type=1400 audit(1725984831.008:2196): avc: denied { bind } for pid=6647 comm="syz.1.2603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 231.277014][ T6650] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 231.325590][ T30] audit: type=1400 audit(1725984831.098:2197): avc: denied { connect } for pid=6662 comm="syz.4.2595" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 231.538379][ T864] usb 3-1: new high-speed USB device number 50 using dummy_hcd [ 231.581538][ T6691] loop1: detected capacity change from 0 to 2048 [ 231.669282][ T6691] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 231.678140][ T6] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 231.697646][ T6709] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2614'. [ 231.778105][ T864] usb 3-1: Using ep0 maxpacket: 16 [ 231.898217][ T864] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 231.918072][ T864] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 231.937981][ T864] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 231.947087][ T864] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 231.958823][ T864] usb 3-1: config 0 descriptor?? [ 232.049799][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 232.068056][ T6] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6 [ 232.098092][ T6] usb 1-1: New USB device found, idVendor=056a, idProduct=00d1, bcdDevice= 0.00 [ 232.117087][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 232.139604][ T6] usb 1-1: config 0 descriptor?? [ 232.438954][ T864] savu 0003:1E7D:2D5A.0072: item fetching failed at offset 2/5 [ 232.456621][ T864] savu 0003:1E7D:2D5A.0072: parse failed [ 232.463769][ T864] savu: probe of 0003:1E7D:2D5A.0072 failed with error -22 [ 232.620095][ T6] wacom 0003:056A:00D1.0073: unknown main item tag 0x0 [ 232.636961][ T6] wacom 0003:056A:00D1.0073: unknown main item tag 0x0 [ 232.642175][ T590] usb 3-1: USB disconnect, device number 50 [ 232.643858][ T6] wacom 0003:056A:00D1.0073: unknown main item tag 0x0 [ 232.668073][ T6] wacom 0003:056A:00D1.0073: unknown main item tag 0x0 [ 232.674770][ T6] wacom 0003:056A:00D1.0073: unknown main item tag 0x0 [ 232.693544][ T6] wacom 0003:056A:00D1.0073: Unknown device_type for 'HID 056a:00d1'. Assuming pen. [ 232.714445][ T6] wacom 0003:056A:00D1.0073: hidraw0: USB HID v0.05 Device [HID 056a:00d1] on usb-dummy_hcd.0-1/input0 [ 232.737226][ T6] input: Wacom Bamboo 2FG 4x5 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:00D1.0073/input/input56 [ 232.844916][ T60] usb 1-1: USB disconnect, device number 33 [ 233.192341][ T6723] loop3: detected capacity change from 0 to 1024 [ 233.209275][ T30] audit: type=1400 audit(1725984832.988:2198): avc: denied { write } for pid=6720 comm="syz.1.2625" path="socket:[44723]" dev="sockfs" ino=44723 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 233.254471][ T6723] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 233.285620][ T30] audit: type=1400 audit(1725984833.058:2199): avc: denied { map } for pid=6719 comm="syz.3.2617" path="/261/file0/memory.events" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 233.312517][ T6728] loop1: detected capacity change from 0 to 512 [ 233.368599][ T6728] EXT4-fs (loop1): orphan cleanup on readonly fs [ 233.396266][ T6728] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.2619: inode #1: comm syz.1.2619: iget: illegal inode # [ 233.446261][ T6728] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2619: error while reading EA inode 1 err=-117 [ 233.476334][ T6740] loop3: detected capacity change from 0 to 1024 [ 233.513767][ T6743] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 233.524437][ T6728] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 233.548161][ T6740] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,resgid=0x0000000000000000,nodiscard,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback. [ 233.604609][ T6728] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.2619: inode #1: comm syz.1.2619: iget: illegal inode # [ 233.662654][ T6728] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.2619: error while reading EA inode 1 err=-117 [ 233.724440][ T6728] EXT4-fs (loop1): 1 orphan inode deleted [ 233.730267][ T6728] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,,errors=continue. Quota mode: writeback. [ 233.782728][ T6759] loop2: detected capacity change from 0 to 1024 [ 233.860676][ T6759] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 233.891771][ T30] audit: type=1400 audit(1725984833.668:2200): avc: denied { setattr } for pid=6758 comm="syz.2.2629" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 233.935436][ T6759] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #14: comm syz.2.2629: attempt to clear invalid blocks 1886221359 len 1 [ 233.968269][ T30] audit: type=1400 audit(1725984833.708:2201): avc: denied { rename } for pid=6758 comm="syz.2.2629" name="file0" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 234.018947][ T30] audit: type=1400 audit(1725984833.708:2202): avc: denied { unlink } for pid=6758 comm="syz.2.2629" name="file1" dev="loop2" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 234.041775][ T590] usb 5-1: new high-speed USB device number 47 using dummy_hcd [ 234.118095][ T60] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 234.138219][ T26] usb 2-1: new high-speed USB device number 55 using dummy_hcd [ 234.148410][ T39] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 234.288068][ T590] usb 5-1: Using ep0 maxpacket: 32 [ 234.368167][ T60] usb 4-1: Using ep0 maxpacket: 16 [ 234.378246][ T26] usb 2-1: Using ep0 maxpacket: 8 [ 234.408234][ T590] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.428167][ T590] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 234.447986][ T590] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 234.456925][ T590] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.485827][ T590] usb 5-1: config 0 descriptor?? [ 234.498191][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.509054][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.519973][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 234.531153][ T590] hub 5-1:0.0: USB hub found [ 234.545737][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 234.555346][ T26] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 234.564927][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 234.575025][ T26] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 234.583942][ T39] usb 1-1: New USB device found, idVendor=6666, idProduct=8801, bcdDevice= 0.00 [ 234.592826][ T60] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 234.601597][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.609482][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.617671][ T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 234.626615][ T60] usb 4-1: config 0 descriptor?? [ 234.631624][ T26] usb 2-1: config 0 descriptor?? [ 234.636787][ T39] usb 1-1: config 0 descriptor?? [ 234.678712][ T4557] handle_bad_sector: 170633 callbacks suppressed [ 234.678731][ T4557] attempt to access beyond end of device [ 234.678731][ T4557] loop4: rw=524288, want=57352, limit=40427 [ 234.696535][ T3957] attempt to access beyond end of device [ 234.696535][ T3957] loop0: rw=524288, want=58920, limit=40427 [ 234.707867][ T3957] attempt to access beyond end of device [ 234.707867][ T3957] loop0: rw=524288, want=58928, limit=40427 [ 234.719565][ T4557] attempt to access beyond end of device [ 234.719565][ T4557] loop4: rw=524288, want=57360, limit=40427 [ 234.731097][ T3957] attempt to access beyond end of device [ 234.731097][ T3957] loop0: rw=524288, want=58936, limit=40427 [ 234.743565][ T4557] attempt to access beyond end of device [ 234.743565][ T4557] loop4: rw=524288, want=57368, limit=40427 [ 234.745906][ T3957] attempt to access beyond end of device [ 234.745906][ T3957] loop0: rw=524288, want=58944, limit=40427 [ 234.766192][ T590] hub 5-1:0.0: 1 port detected [ 234.768111][ T4557] attempt to access beyond end of device [ 234.768111][ T4557] loop4: rw=524288, want=57376, limit=40427 [ 234.770907][ T3957] attempt to access beyond end of device [ 234.770907][ T3957] loop0: rw=524288, want=58952, limit=40427 [ 234.789081][ T4557] attempt to access beyond end of device [ 234.789081][ T4557] loop4: rw=524288, want=57384, limit=40427 [ 235.110380][ T26] kone 0003:1E7D:2CED.0074: collection stack underflow [ 235.117983][ T60] savu 0003:1E7D:2D5A.0075: item fetching failed at offset 2/5 [ 235.125542][ T60] savu 0003:1E7D:2D5A.0075: parse failed [ 235.138082][ T26] kone 0003:1E7D:2CED.0074: item 0 1 0 12 parsing failed [ 235.148989][ T39] smartjoyplus 0003:6666:8801.0076: unknown main item tag 0x0 [ 235.156348][ T60] savu: probe of 0003:1E7D:2D5A.0075 failed with error -22 [ 235.163505][ T26] kone 0003:1E7D:2CED.0074: parse failed [ 235.169069][ T39] smartjoyplus 0003:6666:8801.0076: ignoring exceeding usage max [ 235.177619][ T39] smartjoyplus 0003:6666:8801.0076: usage index exceeded [ 235.195405][ T26] kone: probe of 0003:1E7D:2CED.0074 failed with error -22 [ 235.215596][ T39] smartjoyplus 0003:6666:8801.0076: item 0 0 2 0 parsing failed [ 235.223343][ T39] smartjoyplus 0003:6666:8801.0076: parse failed [ 235.229753][ T39] smartjoyplus: probe of 0003:6666:8801.0076 failed with error -22 [ 235.248787][ T590] usb 5-1: USB disconnect, device number 47 [ 235.312761][ T39] usb 2-1: USB disconnect, device number 55 [ 235.338703][ T60] usb 4-1: USB disconnect, device number 44 [ 235.365321][ T462] usb 1-1: USB disconnect, device number 34 [ 235.522499][ T30] audit: type=1400 audit(1725984835.298:2203): avc: denied { create } for pid=6787 comm="syz.2.2641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 235.568076][ T30] audit: type=1400 audit(1725984835.298:2204): avc: denied { connect } for pid=6787 comm="syz.2.2641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 235.911976][ T6802] loop2: detected capacity change from 0 to 512 [ 235.969061][ T6802] EXT4-fs (loop2): orphan cleanup on readonly fs [ 235.978544][ T6802] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2646: inode #1: comm syz.2.2646: iget: illegal inode # [ 235.998913][ T6802] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2646: error while reading EA inode 1 err=-117 [ 236.031054][ T6802] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2646: inode #1: comm syz.2.2646: iget: illegal inode # [ 236.090570][ T6802] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2646: error while reading EA inode 1 err=-117 [ 336.158014][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 336.164788][ C1] rcu: 0-...!: (1 ticks this GP) idle=ea7/1/0x4000000000000000 softirq=29164/29171 fqs=1 last_accelerate: c6f0/0dd1 dyntick_enabled: 1 [ 336.178481][ C1] (detected by 1, t=10006 jiffies, g=32697, q=287) [ 336.184911][ C1] Sending NMI from CPU 1 to CPUs 0: [ 336.190082][ C0] NMI backtrace for cpu 0 [ 336.190106][ C0] CPU: 0 PID: 6815 Comm: syz.3.2652 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0 [ 336.190123][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 336.190133][ C0] RIP: 0010:kvm_wait+0x117/0x180 [ 336.190165][ C0] Code: 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 53 41 0f b6 45 00 44 38 f0 0f 85 63 ff ff ff 66 90 0f 00 2d ca ec 12 04 f4 54 ff ff ff fa 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b [ 336.190178][ C0] RSP: 0000:ffffc90000da6e60 EFLAGS: 00000046 [ 336.190193][ C0] RAX: 0000000000000003 RBX: 1ffff920001b4dd0 RCX: ffffffff81552fff [ 336.190204][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88811aa99180 [ 336.190215][ C0] RBP: ffffc90000da6f10 R08: dffffc0000000000 R09: ffffed1023553231 [ 336.190227][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 336.190237][ C0] R13: ffff88811aa99180 R14: 0000000000000003 R15: 1ffff920001b4dd4 [ 336.190248][ C0] FS: 00007f0fe0ce26c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 336.190262][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 336.190272][ C0] CR2: 0000000000000000 CR3: 00000001063f1000 CR4: 00000000003506b0 [ 336.190286][ C0] Call Trace: [ 336.190293][ C0] [ 336.190301][ C0] ? show_regs+0x58/0x60 [ 336.190321][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 336.190340][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 336.190359][ C0] ? kvm_wait+0x117/0x180 [ 336.190372][ C0] ? kvm_wait+0x117/0x180 [ 336.190386][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 336.190405][ C0] ? nmi_handle+0xa8/0x280 [ 336.190421][ C0] ? kvm_wait+0x117/0x180 [ 336.190434][ C0] ? default_do_nmi+0x69/0x160 [ 336.190449][ C0] ? exc_nmi+0xad/0x100 [ 336.190461][ C0] ? end_repeat_nmi+0x16/0x31 [ 336.190477][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 336.190500][ C0] ? kvm_wait+0x117/0x180 [ 336.190513][ C0] ? kvm_wait+0x117/0x180 [ 336.190528][ C0] ? kvm_wait+0x117/0x180 [ 336.190541][ C0] [ 336.190545][ C0] [ 336.190551][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 336.190567][ C0] ? pv_hash+0x86/0x150 [ 336.190582][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 336.190601][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 336.190621][ C0] _raw_spin_lock_irqsave+0x1a0/0x210 [ 336.190638][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 336.190656][ C0] force_sig_info_to_task+0x72/0x440 [ 336.190675][ C0] ? search_extable+0xaf/0xf0 [ 336.190691][ C0] force_sig_fault+0x127/0x1d0 [ 336.190707][ C0] ? force_sig_fault_to_task+0x1c0/0x1c0 [ 336.190723][ C0] ? fixup_exception+0xdab/0x13c0 [ 336.190737][ C0] ? stack_trace_save+0x1c0/0x1c0 [ 336.190757][ C0] kernelmode_fixup_or_oops+0x236/0x270 [ 336.190775][ C0] __bad_area_nosemaphore+0xcf/0x490 [ 336.190794][ C0] bad_area_nosemaphore+0x2d/0x40 [ 336.190811][ C0] exc_page_fault+0x79d/0x830 [ 336.190831][ C0] asm_exc_page_fault+0x27/0x30 [ 336.190847][ C0] RIP: 0010:.E_copy+0x12/0x8f [ 336.190864][ C0] Code: 0a 48 83 e1 f8 48 8b 01 8d 0a 83 e1 07 c1 e1 03 48 d3 e8 e9 85 d5 67 fd 48 89 c8 c3 01 ca e9 ee e8 6a fd c1 e1 06 01 ca eb 07 <8d> 14 ca eb 02 89 ca e9 db e8 6a fd 01 ca e9 d4 e8 6a fd 8d 0c ca [ 336.190876][ C0] RSP: 0000:ffffc90000da7570 EFLAGS: 00050002 [ 336.190888][ C0] RAX: 000000000000000e RBX: ffff88811711c6d0 RCX: 0000000000000001 [ 336.190898][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90000da75e8 [ 336.190908][ C0] RBP: ffffc90000da75a0 R08: 0000000000000005 R09: ffffffff81b93e73 [ 336.190919][ C0] R10: 0000000000000003 R11: ffff88811711bb40 R12: ffffc90000da75e8 [ 336.190929][ C0] R13: 0000000000000008 R14: 0000000000000000 R15: 1ffff11022e238da [ 336.190941][ C0] ? __check_object_size+0x73/0x3d0 [ 336.190960][ C0] ? copy_from_user_nofault+0xaa/0x130 [ 336.190978][ C0] bpf_probe_read_user+0x2a/0x70 [ 336.190995][ C0] bpf_prog_02073d59a3c0f06f+0x3d/0x8a4 [ 336.191014][ C0] bpf_trace_run5+0x172/0x290 [ 336.191030][ C0] ? bpf_trace_run4+0x270/0x270 [ 336.191045][ C0] ? complete_signal+0x67e/0xd60 [ 336.191062][ C0] ? prepare_signal+0xc20/0xc20 [ 336.191078][ C0] __bpf_trace_signal_generate+0x3c/0x50 [ 336.191094][ C0] __send_signal+0xc52/0xcb0 [ 336.191115][ C0] send_signal+0x43a/0x590 [ 336.191130][ C0] force_sig_info_to_task+0x2fe/0x440 [ 336.191148][ C0] force_sig_fault+0x127/0x1d0 [ 336.191163][ C0] ? force_sig_fault_to_task+0x1c0/0x1c0 [ 336.191179][ C0] ? fixup_exception+0xbb9/0x13c0 [ 336.191194][ C0] kernelmode_fixup_or_oops+0x236/0x270 [ 336.191213][ C0] __bad_area_nosemaphore+0xcf/0x490 [ 336.191231][ C0] bad_area+0x73/0x90 [ 336.191247][ C0] exc_page_fault+0x58d/0x830 [ 336.191266][ C0] asm_exc_page_fault+0x27/0x30 [ 336.191282][ C0] RIP: 0010:__put_user_nocheck_8+0x11/0x21 [ 336.191298][ C0] Code: 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f 00 00 48 39 d9 73 14 0f 01 cb 48 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 <0f> 01 ca b9 f2 ff ff ff c3 cc cc cc cc cc cc cc 55 48 89 e5 41 57 [ 336.191310][ C0] RSP: 0000:ffffc90000da7c98 EFLAGS: 00050283 [ 336.191322][ C0] RAX: 0000000066e07043 RBX: 00007fffffffeff9 RCX: 0000000000000019 [ 336.191333][ C0] RDX: ffffc90002375000 RSI: 0000000000000ada RDI: 0000000000000adb [ 336.191343][ C0] RBP: ffffc90000da7d60 R08: ffffffff81613ef5 R09: ffffc90000da7ce0 [ 336.191354][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000da7ce0 [ 336.191365][ C0] R13: dffffc0000000000 R14: 1ffff920001b4f98 R15: 0000000000000019 [ 336.191377][ C0] ? ktime_get_real_ts64+0x215/0x340 [ 336.191396][ C0] ? __x64_sys_gettimeofday+0xf9/0x240 [ 336.191413][ C0] ? __ia32_sys_stime32+0x160/0x160 [ 336.191428][ C0] ? __secure_computing+0xf0/0x300 [ 336.191446][ C0] emulate_vsyscall+0xed6/0x13f0 [ 336.191464][ C0] exc_page_fault+0x187/0x830 [ 336.191484][ C0] asm_exc_page_fault+0x27/0x30 [ 336.191500][ C0] RIP: 0033:_end+0x77fda000/0x0 [ 336.191515][ C0] Code: Unable to access opcode bytes at RIP 0xffffffffff5fffd6. [ 336.191522][ C0] RSP: 002b:00007f0fe0ce1a78 EFLAGS: 00010246 [ 336.191534][ C0] RAX: ffffffffffffffda RBX: 00007f0fe2220f80 RCX: 00007f0fe2068ef9 [ 336.191545][ C0] RDX: 00007f0fe0ce1a80 RSI: 00007f0fe0ce1bb0 RDI: 0000000000000019 [ 336.191556][ C0] RBP: 00007f0fe20db9f6 R08: 0000000000000000 R09: 0000000000000000 [ 336.191566][ C0] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 336.191575][ C0] R13: 0000000000000000 R14: 00007f0fe2220f80 R15: 00007ffd2e1b4688 [ 336.191590][ C0] [ 336.192040][ C1] rcu: rcu_preempt kthread starved for 10000 jiffies! g32697 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 336.815683][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 336.825486][ C1] rcu: RCU grace-period kthread stack dump: [ 336.831220][ C1] task:rcu_preempt state:R running task stack:28288 pid: 14 ppid: 2 flags:0x00004000 [ 336.841805][ C1] Call Trace: [ 336.844943][ C1] [ 336.847709][ C1] __schedule+0xccc/0x1590 [ 336.851961][ C1] ? release_firmware_map_entry+0x190/0x190 [ 336.857688][ C1] ? del_timer_sync+0x1bc/0x230 [ 336.862375][ C1] ? __kasan_check_write+0x14/0x20 [ 336.867321][ C1] ? __kasan_check_write+0x14/0x20 [ 336.872275][ C1] schedule+0x11f/0x1e0 [ 336.876264][ C1] schedule_timeout+0x18c/0x370 [ 336.880958][ C1] ? __kasan_check_write+0x14/0x20 [ 336.885896][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 336.891196][ C1] ? console_conditional_schedule+0x30/0x30 [ 336.896928][ C1] ? update_process_times+0x200/0x200 [ 336.902144][ C1] ? prepare_to_swait_event+0x308/0x320 [ 336.907514][ C1] rcu_gp_fqs_loop+0x2af/0xf80 [ 336.912108][ C1] ? dump_blkd_tasks+0x7e0/0x7e0 [ 336.916908][ C1] ? rcu_gp_init+0xc30/0xc30 [ 336.921307][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 336.926342][ C1] ? rcu_gp_init+0x9cf/0xc30 [ 336.930769][ C1] rcu_gp_kthread+0xa4/0x350 [ 336.935193][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 336.939881][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 336.944392][ C1] ? __kasan_check_read+0x11/0x20 [ 336.949255][ C1] ? __kthread_parkme+0xb2/0x200 [ 336.954027][ C1] kthread+0x421/0x510 [ 336.957933][ C1] ? wake_nocb_gp+0x1e0/0x1e0 [ 336.962445][ C1] ? kthread_blkcg+0xd0/0xd0 [ 336.966873][ C1] ret_from_fork+0x1f/0x30 [ 336.971128][ C1] [ 336.973994][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 336.980152][ C1] NMI backtrace for cpu 1 [ 336.984317][ C1] CPU: 1 PID: 6808 Comm: syz.0.2649 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0 [ 336.994038][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 337.004019][ C1] Call Trace: [ 337.007144][ C1] [ 337.009834][ C1] dump_stack_lvl+0x151/0x1c0 [ 337.014346][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 337.019816][ C1] dump_stack+0x15/0x20 [ 337.023810][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 337.028581][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 337.034568][ C1] ? panic+0x760/0x760 [ 337.038477][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 337.044398][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 337.050191][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 337.056101][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 337.061822][ C1] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 337.067810][ C1] print_other_cpu_stall+0x112d/0x1340 [ 337.073128][ C1] ? print_cpu_stall+0x5f0/0x5f0 [ 337.077893][ C1] rcu_sched_clock_irq+0xaec/0x12f0 [ 337.082927][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 337.089192][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 337.094354][ C1] update_process_times+0x198/0x200 [ 337.099378][ C1] tick_sched_timer+0x188/0x240 [ 337.104063][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 337.109446][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 337.114482][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 337.119425][ C1] ? clockevents_program_event+0x22f/0x300 [ 337.125085][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 337.130970][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 337.135750][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 337.141471][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 337.146940][ C1] [ 337.149715][ C1] [ 337.152492][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 337.158308][ C1] RIP: 0010:smp_call_function_many_cond+0x843/0x9b0 [ 337.164731][ C1] Code: 45 8b 7d 00 44 89 fe 83 e6 01 31 ff e8 f6 a8 0a 00 41 83 e7 01 49 bf 00 00 00 00 00 fc ff df 75 07 e8 31 a5 0a 00 eb 38 f3 90 <42> 0f b6 04 3b 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 15 a5 [ 337.184170][ C1] RSP: 0018:ffffc900010ef360 EFLAGS: 00000293 [ 337.190075][ C1] RAX: ffffffff8165c7eb RBX: 1ffff1103ee07af1 RCX: ffff888143878000 [ 337.197884][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 337.205696][ C1] RBP: ffffc900010ef478 R08: ffffffff8165c7ba R09: ffffed103ee271d3 [ 337.213508][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 337.221323][ C1] R13: ffff8881f703d788 R14: ffff8881f7138e80 R15: dffffc0000000000 [ 337.229132][ C1] ? smp_call_function_many_cond+0x82a/0x9b0 [ 337.234946][ C1] ? smp_call_function_many_cond+0x85b/0x9b0 [ 337.240765][ C1] ? text_poke_sync+0x30/0x30 [ 337.245272][ C1] ? smp_call_function_many+0x40/0x40 [ 337.250481][ C1] ? insn_decode+0x308/0x490 [ 337.254907][ C1] ? text_poke_sync+0x30/0x30 [ 337.259420][ C1] on_each_cpu_cond_mask+0x40/0x80 [ 337.264369][ C1] ? send_sigqueue+0x3a5/0x650 [ 337.269006][ C1] text_poke_bp_batch+0x1db/0x720 [ 337.273829][ C1] ? text_poke_loc_init+0x680/0x680 [ 337.278864][ C1] ? __kasan_check_write+0x14/0x20 [ 337.283811][ C1] ? mutex_lock+0xb6/0x1e0 [ 337.288160][ C1] ? __mutex_lock_slowpath+0x10/0x10 [ 337.293278][ C1] ? wait_for_completion_killable_timeout+0x10/0x10 [ 337.299693][ C1] ? text_poke_queue+0xe4/0x1a0 [ 337.304381][ C1] text_poke_finish+0x1a/0x30 [ 337.308894][ C1] arch_jump_label_transform_apply+0x15/0x30 [ 337.314707][ C1] __jump_label_update+0x36a/0x380 [ 337.319655][ C1] jump_label_update+0x3af/0x450 [ 337.324428][ C1] static_key_disable_cpuslocked+0xcd/0x1b0 [ 337.330154][ C1] static_key_disable+0x1a/0x30 [ 337.334841][ C1] tracepoint_probe_unregister+0x60a/0x900 [ 337.340484][ C1] ? perf_trace_signal_deliver+0x5e0/0x5e0 [ 337.346126][ C1] bpf_probe_unregister+0x61/0x70 [ 337.350985][ C1] bpf_raw_tp_link_release+0x63/0x90 [ 337.356105][ C1] bpf_link_free+0x129/0x3f0 [ 337.360533][ C1] ? free_nsproxy+0x20d/0x260 [ 337.365046][ C1] ? bpf_link_put_deferred+0x20/0x20 [ 337.370166][ C1] ? kmem_cache_free+0x116/0x2e0 [ 337.374941][ C1] bpf_link_release+0x170/0x180 [ 337.379626][ C1] ? bpf_prog_get_stats+0x2f0/0x2f0 [ 337.384662][ C1] __fput+0x3fe/0x910 [ 337.388480][ C1] ____fput+0x15/0x20 [ 337.392298][ C1] task_work_run+0x129/0x190 [ 337.396725][ C1] do_exit+0xc48/0x2ca0 [ 337.400719][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 337.405405][ C1] ? put_task_struct+0x80/0x80 [ 337.410004][ C1] ? __kasan_check_write+0x14/0x20 [ 337.414951][ C1] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 337.419896][ C1] ? _raw_spin_lock_irqsave+0x210/0x210 [ 337.425279][ C1] do_group_exit+0x141/0x310 [ 337.429706][ C1] get_signal+0x7a3/0x1630 [ 337.433958][ C1] ? mutex_unlock+0xb2/0x260 [ 337.438387][ C1] arch_do_signal_or_restart+0xbd/0x1680 [ 337.443853][ C1] ? longest_prefix_match+0x4b8/0x650 [ 337.449061][ C1] ? get_sigframe_size+0x10/0x10 [ 337.453834][ C1] ? __se_sys_futex+0x37b/0x3e0 [ 337.458522][ C1] ? fpu_flush_thread+0xf0/0xf0 [ 337.463207][ C1] exit_to_user_mode_loop+0xa0/0xe0 [ 337.468242][ C1] exit_to_user_mode_prepare+0x5a/0xa0 [ 337.473539][ C1] syscall_exit_to_user_mode+0x26/0x160 [ 337.478916][ C1] do_syscall_64+0x47/0xb0 [ 337.483169][ C1] ? clear_bhb_loop+0x35/0x90 [ 337.487682][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 337.493411][ C1] RIP: 0033:0x7f7f5678cef9 [ 337.497663][ C1] Code: Unable to access opcode bytes at RIP 0x7f7f5678cecf. [ 337.504867][ C1] RSP: 002b:00007f7f554060e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 337.513112][ C1] RAX: fffffffffffffe00 RBX: 00007f7f56944f88 RCX: 00007f7f5678cef9 [ 337.520922][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7f56944f88 [ 337.528737][ C1] RBP: 00007f7f56944f80 R08: 0000000000000000 R09: 0000000000000000 [ 337.536546][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7f56944f8c [ 337.544356][ C1] R13: 0000000000000000 R14: 00007ffd3108da80 R15: 00007ffd3108db68 [ 337.552174][ C1] [ 485.060471][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 246s! [syz.0.2649:6808] [ 485.068624][ C1] Modules linked in: [ 485.072361][ C1] CPU: 1 PID: 6808 Comm: syz.0.2649 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0 [ 485.082077][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 485.091969][ C1] RIP: 0010:smp_call_function_many_cond+0x843/0x9b0 [ 485.098391][ C1] Code: 45 8b 7d 00 44 89 fe 83 e6 01 31 ff e8 f6 a8 0a 00 41 83 e7 01 49 bf 00 00 00 00 00 fc ff df 75 07 e8 31 a5 0a 00 eb 38 f3 90 <42> 0f b6 04 3b 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 15 a5 [ 485.118352][ C1] RSP: 0018:ffffc900010ef360 EFLAGS: 00000293 [ 485.124282][ C1] RAX: ffffffff8165c7eb RBX: 1ffff1103ee07af1 RCX: ffff888143878000 [ 485.132066][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 485.139877][ C1] RBP: ffffc900010ef478 R08: ffffffff8165c7ba R09: ffffed103ee271d3 [ 485.147687][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 485.155498][ C1] R13: ffff8881f703d788 R14: ffff8881f7138e80 R15: dffffc0000000000 [ 485.163570][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 485.172336][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 485.178848][ C1] CR2: 0000000000000000 CR3: 0000000006a0f000 CR4: 00000000003506a0 [ 485.186661][ C1] Call Trace: [ 485.189871][ C1] [ 485.192563][ C1] ? show_regs+0x58/0x60 [ 485.196639][ C1] ? watchdog_timer_fn+0x4b1/0x5f0 [ 485.201675][ C1] ? proc_watchdog_cpumask+0xd0/0xd0 [ 485.206793][ C1] ? __hrtimer_run_queues+0x41a/0xad0 [ 485.212003][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 485.216948][ C1] ? clockevents_program_event+0x22f/0x300 [ 485.222596][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 485.228495][ C1] ? hrtimer_interrupt+0x40c/0xaa0 [ 485.233441][ C1] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 485.239349][ C1] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 485.245072][ C1] [ 485.247876][ C1] [ 485.250634][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 485.256615][ C1] ? smp_call_function_many_cond+0x82a/0x9b0 [ 485.262435][ C1] ? smp_call_function_many_cond+0x85b/0x9b0 [ 485.268247][ C1] ? smp_call_function_many_cond+0x843/0x9b0 [ 485.274064][ C1] ? text_poke_sync+0x30/0x30 [ 485.278577][ C1] ? smp_call_function_many+0x40/0x40 [ 485.283779][ C1] ? insn_decode+0x308/0x490 [ 485.288217][ C1] ? text_poke_sync+0x30/0x30 [ 485.292716][ C1] on_each_cpu_cond_mask+0x40/0x80 [ 485.297753][ C1] ? send_sigqueue+0x3a5/0x650 [ 485.302351][ C1] text_poke_bp_batch+0x1db/0x720 [ 485.307211][ C1] ? text_poke_loc_init+0x680/0x680 [ 485.312245][ C1] ? __kasan_check_write+0x14/0x20 [ 485.317192][ C1] ? mutex_lock+0xb6/0x1e0 [ 485.321444][ C1] ? __mutex_lock_slowpath+0x10/0x10 [ 485.326585][ C1] ? wait_for_completion_killable_timeout+0x10/0x10 [ 485.332989][ C1] ? text_poke_queue+0xe4/0x1a0 [ 485.337676][ C1] text_poke_finish+0x1a/0x30 [ 485.342191][ C1] arch_jump_label_transform_apply+0x15/0x30 [ 485.348004][ C1] __jump_label_update+0x36a/0x380 [ 485.352953][ C1] jump_label_update+0x3af/0x450 [ 485.357724][ C1] static_key_disable_cpuslocked+0xcd/0x1b0 [ 485.363453][ C1] static_key_disable+0x1a/0x30 [ 485.368140][ C1] tracepoint_probe_unregister+0x60a/0x900 [ 485.373869][ C1] ? perf_trace_signal_deliver+0x5e0/0x5e0 [ 485.379510][ C1] bpf_probe_unregister+0x61/0x70 [ 485.384386][ C1] bpf_raw_tp_link_release+0x63/0x90 [ 485.389530][ C1] bpf_link_free+0x129/0x3f0 [ 485.393918][ C1] ? free_nsproxy+0x20d/0x260 [ 485.398516][ C1] ? bpf_link_put_deferred+0x20/0x20 [ 485.403636][ C1] ? kmem_cache_free+0x116/0x2e0 [ 485.408419][ C1] bpf_link_release+0x170/0x180 [ 485.413099][ C1] ? bpf_prog_get_stats+0x2f0/0x2f0 [ 485.418131][ C1] __fput+0x3fe/0x910 [ 485.421951][ C1] ____fput+0x15/0x20 [ 485.425768][ C1] task_work_run+0x129/0x190 [ 485.430196][ C1] do_exit+0xc48/0x2ca0 [ 485.434240][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 485.438969][ C1] ? put_task_struct+0x80/0x80 [ 485.443564][ C1] ? __kasan_check_write+0x14/0x20 [ 485.448519][ C1] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 485.453456][ C1] ? _raw_spin_lock_irqsave+0x210/0x210 [ 485.458836][ C1] do_group_exit+0x141/0x310 [ 485.463264][ C1] get_signal+0x7a3/0x1630 [ 485.467515][ C1] ? mutex_unlock+0xb2/0x260 [ 485.471945][ C1] arch_do_signal_or_restart+0xbd/0x1680 [ 485.477413][ C1] ? longest_prefix_match+0x4b8/0x650 [ 485.482708][ C1] ? get_sigframe_size+0x10/0x10 [ 485.487478][ C1] ? __se_sys_futex+0x37b/0x3e0 [ 485.492167][ C1] ? fpu_flush_thread+0xf0/0xf0 [ 485.496851][ C1] exit_to_user_mode_loop+0xa0/0xe0 [ 485.501887][ C1] exit_to_user_mode_prepare+0x5a/0xa0 [ 485.507268][ C1] syscall_exit_to_user_mode+0x26/0x160 [ 485.512648][ C1] do_syscall_64+0x47/0xb0 [ 485.516900][ C1] ? clear_bhb_loop+0x35/0x90 [ 485.521412][ C1] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 485.527141][ C1] RIP: 0033:0x7f7f5678cef9 [ 485.531395][ C1] Code: Unable to access opcode bytes at RIP 0x7f7f5678cecf. [ 485.538598][ C1] RSP: 002b:00007f7f554060e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 485.546842][ C1] RAX: fffffffffffffe00 RBX: 00007f7f56944f88 RCX: 00007f7f5678cef9 [ 485.554654][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7f56944f88 [ 485.562469][ C1] RBP: 00007f7f56944f80 R08: 0000000000000000 R09: 0000000000000000 [ 485.570275][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7f56944f8c [ 485.578087][ C1] R13: 0000000000000000 R14: 00007ffd3108da80 R15: 00007ffd3108db68 [ 485.585991][ C1] [ 485.588853][ C1] Sending NMI from CPU 1 to CPUs 0: [ 485.593931][ C0] NMI backtrace for cpu 0 [ 485.593940][ C0] CPU: 0 PID: 6815 Comm: syz.3.2652 Not tainted 5.15.159-syzkaller-01152-g99ada58989e6 #0 [ 485.593956][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 485.593965][ C0] RIP: 0010:kvm_wait+0x117/0x180 [ 485.593985][ C0] Code: 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 53 41 0f b6 45 00 44 38 f0 0f 85 63 ff ff ff 66 90 0f 00 2d ca ec 12 04 f4 54 ff ff ff fa 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b [ 485.593998][ C0] RSP: 0000:ffffc90000da6e60 EFLAGS: 00000046 [ 485.594012][ C0] RAX: 0000000000000003 RBX: 1ffff920001b4dd0 RCX: ffffffff81552fff [ 485.594023][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88811aa99180 [ 485.594034][ C0] RBP: ffffc90000da6f10 R08: dffffc0000000000 R09: ffffed1023553231 [ 485.594046][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 485.594057][ C0] R13: ffff88811aa99180 R14: 0000000000000003 R15: 1ffff920001b4dd4 [ 485.594068][ C0] FS: 00007f0fe0ce26c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 485.594081][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 485.594093][ C0] CR2: 0000000000000000 CR3: 00000001063f1000 CR4: 00000000003506b0 [ 485.594108][ C0] Call Trace: [ 485.594114][ C0] [ 485.594121][ C0] ? show_regs+0x58/0x60 [ 485.594136][ C0] ? nmi_cpu_backtrace+0x29f/0x300 [ 485.594156][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 485.594175][ C0] ? kvm_wait+0x117/0x180 [ 485.594188][ C0] ? kvm_wait+0x117/0x180 [ 485.594202][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 485.594220][ C0] ? nmi_handle+0xa8/0x280 [ 485.594235][ C0] ? kvm_wait+0x117/0x180 [ 485.594248][ C0] ? kvm_wait+0x117/0x180 [ 485.594261][ C0] ? default_do_nmi+0x69/0x160 [ 485.594275][ C0] ? exc_nmi+0xad/0x100 [ 485.594288][ C0] ? end_repeat_nmi+0x16/0x31 [ 485.594303][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 485.594322][ C0] ? kvm_wait+0x117/0x180 [ 485.594336][ C0] ? kvm_wait+0x117/0x180 [ 485.594350][ C0] ? kvm_wait+0x117/0x180 [ 485.594364][ C0] [ 485.594368][ C0] [ 485.594374][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 485.594390][ C0] ? pv_hash+0x86/0x150 [ 485.594405][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 485.594424][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 485.594444][ C0] _raw_spin_lock_irqsave+0x1a0/0x210 [ 485.594462][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 485.594480][ C0] force_sig_info_to_task+0x72/0x440 [ 485.594496][ C0] ? search_extable+0xaf/0xf0 [ 485.594512][ C0] force_sig_fault+0x127/0x1d0 [ 485.594528][ C0] ? force_sig_fault_to_task+0x1c0/0x1c0 [ 485.594544][ C0] ? fixup_exception+0xdab/0x13c0 [ 485.594558][ C0] ? stack_trace_save+0x1c0/0x1c0 [ 485.594576][ C0] kernelmode_fixup_or_oops+0x236/0x270 [ 485.594593][ C0] __bad_area_nosemaphore+0xcf/0x490 [ 485.594612][ C0] bad_area_nosemaphore+0x2d/0x40 [ 485.594629][ C0] exc_page_fault+0x79d/0x830 [ 485.594658][ C0] asm_exc_page_fault+0x27/0x30 [ 485.594675][ C0] RIP: 0010:.E_copy+0x12/0x8f [ 485.594691][ C0] Code: 0a 48 83 e1 f8 48 8b 01 8d 0a 83 e1 07 c1 e1 03 48 d3 e8 e9 85 d5 67 fd 48 89 c8 c3 01 ca e9 ee e8 6a fd c1 e1 06 01 ca eb 07 <8d> 14 ca eb 02 89 ca e9 db e8 6a fd 01 ca e9 d4 e8 6a fd 8d 0c ca [ 485.594704][ C0] RSP: 0000:ffffc90000da7570 EFLAGS: 00050002 [ 485.594716][ C0] RAX: 000000000000000e RBX: ffff88811711c6d0 RCX: 0000000000000001 [ 485.594726][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc90000da75e8 [ 485.594736][ C0] RBP: ffffc90000da75a0 R08: 0000000000000005 R09: ffffffff81b93e73 [ 485.594747][ C0] R10: 0000000000000003 R11: ffff88811711bb40 R12: ffffc90000da75e8 [ 485.594758][ C0] R13: 0000000000000008 R14: 0000000000000000 R15: 1ffff11022e238da [ 485.594769][ C0] ? __check_object_size+0x73/0x3d0 [ 485.594789][ C0] ? copy_from_user_nofault+0xaa/0x130 [ 485.594807][ C0] bpf_probe_read_user+0x2a/0x70 [ 485.594825][ C0] bpf_prog_02073d59a3c0f06f+0x3d/0x8a4 [ 485.594838][ C0] bpf_trace_run5+0x172/0x290 [ 485.594854][ C0] ? bpf_trace_run4+0x270/0x270 [ 485.594869][ C0] ? complete_signal+0x67e/0xd60 [ 485.594887][ C0] ? prepare_signal+0xc20/0xc20 [ 485.594902][ C0] __bpf_trace_signal_generate+0x3c/0x50 [ 485.594919][ C0] __send_signal+0xc52/0xcb0 [ 485.594935][ C0] send_signal+0x43a/0x590 [ 485.594951][ C0] force_sig_info_to_task+0x2fe/0x440 [ 485.594969][ C0] force_sig_fault+0x127/0x1d0 [ 485.594984][ C0] ? force_sig_fault_to_task+0x1c0/0x1c0 [ 485.595001][ C0] ? fixup_exception+0xbb9/0x13c0 [ 485.595017][ C0] kernelmode_fixup_or_oops+0x236/0x270 [ 485.595035][ C0] __bad_area_nosemaphore+0xcf/0x490 [ 485.595054][ C0] bad_area+0x73/0x90 [ 485.595070][ C0] exc_page_fault+0x58d/0x830 [ 485.595091][ C0] asm_exc_page_fault+0x27/0x30 [ 485.595107][ C0] RIP: 0010:__put_user_nocheck_8+0x11/0x21 [ 485.595123][ C0] Code: 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f 00 00 48 39 d9 73 14 0f 01 cb 48 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 <0f> 01 ca b9 f2 ff ff ff c3 cc cc cc cc cc cc cc 55 48 89 e5 41 57 [ 485.595135][ C0] RSP: 0000:ffffc90000da7c98 EFLAGS: 00050283 [ 485.595147][ C0] RAX: 0000000066e07043 RBX: 00007fffffffeff9 RCX: 0000000000000019 [ 485.595157][ C0] RDX: ffffc90002375000 RSI: 0000000000000ada RDI: 0000000000000adb [ 485.595167][ C0] RBP: ffffc90000da7d60 R08: ffffffff81613ef5 R09: ffffc90000da7ce0 [ 485.595178][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000da7ce0 [ 485.595189][ C0] R13: dffffc0000000000 R14: 1ffff920001b4f98 R15: 0000000000000019 [ 485.595202][ C0] ? ktime_get_real_ts64+0x215/0x340 [ 485.595220][ C0] ? __x64_sys_gettimeofday+0xf9/0x240 [ 485.595236][ C0] ? __ia32_sys_stime32+0x160/0x160 [ 485.595251][ C0] ? __secure_computing+0xf0/0x300 [ 485.595267][ C0] emulate_vsyscall+0xed6/0x13f0 [ 485.595287][ C0] exc_page_fault+0x187/0x830 [ 485.595306][ C0] asm_exc_page_fault+0x27/0x30 [ 485.595322][ C0] RIP: 0033:_end+0x77fda000/0x0 [ 485.595336][ C0] Code: Unable to access opcode bytes at RIP 0xffffffffff5fffd6. [ 485.595344][ C0] RSP: 002b:00007f0fe0ce1a78 EFLAGS: 00010246 [ 485.595356][ C0] RAX: ffffffffffffffda RBX: 00007f0fe2220f80 RCX: 00007f0fe2068ef9 [ 485.595368][ C0] RDX: 00007f0fe0ce1a80 RSI: 00007f0fe0ce1bb0 RDI: 0000000000000019 [ 485.595378][ C0] RBP: 00007f0fe20db9f6 R08: 0000000000000000 R09: 0000000000000000 [ 485.595388][ C0] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 485.595397][ C0] R13: 0000000000000000 R14: 00007f0fe2220f80 R15: 00007ffd2e1b4688 [ 485.595411][ C0]