last executing test programs: 10.468861204s ago: executing program 2 (id=496): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendto$inet(r2, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0) recvmsg(r2, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x437aba2}], 0x1, 0x0, 0x46, 0x407006}, 0x104) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x800100, 0x0, 0x0, 0x0, 0x0, 0x0) 9.153819999s ago: executing program 2 (id=500): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x2, 0x1, 0x0, r0}, @generic={0x61}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9e}}]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x7e) 7.259144343s ago: executing program 2 (id=505): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b0af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r0}, &(0x7f0000000740), &(0x7f0000000900)='%-5lx \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00') readlinkat(r5, &(0x7f0000000180)='./cgroup\x00', &(0x7f0000002780)=""/4112, 0x1010) lchown(&(0x7f0000000340)='./bus\x00', r4, 0x0) fsetxattr$system_posix_acl(r2, &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000003c0)={{}, {}, [], {}, [{0x8, 0x3}], {0x10, 0x7}}, 0x2c, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) unshare(0x62040200) syz_usb_connect(0x0, 0x5b, &(0x7f0000001e00)=ANY=[@ANYBLOB="1201000002ffa9400819151300000102030109024900020000000009047f00022513bf000a240100000002010205240400001d050000000000000007250100000000072501000000000905000000000000000904"], 0x0) 5.747793709s ago: executing program 0 (id=510): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000040)=0x0) sched_setscheduler(r3, 0x7, &(0x7f0000000080)=0xffff) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_NMI(r2, 0xae9a) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000600)=[@text16={0x10, 0x0}], 0x1, 0x41, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 5.542117237s ago: executing program 0 (id=513): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e) socket$pppl2tp(0x18, 0x1, 0x1) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) poll(0x0, 0x0, 0x5) lsetxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000380), &(0x7f00000004c0)={0x0, 0xfb, 0x88, 0x2, 0xff, "da9068525ce4b467dcb0d240ff4b3c27", "3310e5a4c742ec77e142c5ebf2b307895df889ed3ea4ff08ead8b1c5ed0aa36d987772375324853c5fc1d6eee1d6732ff4dc56bedcabd061a6016844c841d300951c5b00407fbd6955e8880e356e3a91ea87ab061adf3c144997ae71da6bd31f8d64020a191d29b31f0fa756e8f3e37220faef"}, 0x88, 0x3) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) epoll_create1(0x0) timer_create(0x0, 0x0, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) 4.656695225s ago: executing program 0 (id=519): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000380)={[{@fat=@errors_remount}, {@fat=@errors_continue}, {}, {@dots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@dots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@fat=@discard}, {@dots}, {@dots}, {@fat=@tz_utc}, {@fat=@errors_continue}, {@nodots}, {@fat=@nfs_stale_rw}, {@fat=@quiet}, {@dots}]}, 0xfd, 0x1bf, &(0x7f0000000840)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10) bpf$MAP_CREATE(0x700000000000000, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32], 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) shutdown(0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0xf0, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x2, 0x1, 0x0, r0}, @generic={0x61}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x9e}}]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x7e) 3.383438221s ago: executing program 2 (id=521): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000006c0)=ANY=[@ANYBLOB="240000001a0021002bbd7000f8dbdf250a100002fd0000090010000008000400", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) 3.319834441s ago: executing program 2 (id=522): fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000340)='\xcd\xd4\xdc\x8b\'\x00\xb9\x11JX\xc2\x0eP\va\x84\xcb\xa0\xa1r\xab\xd2\xaf\x81\xfd\x14M\xf4\x844z\xc8\xf8x\xa5&v\xe1\x12\xbb\x95\xae u\x1b\xeb\x11\xed\x9a\x83n\xc30L \a\xa7\xf6\xeb\xcb+\xa0\xc8\xb8eo\xb8\x89\xfaWy2\xee\x88\xab\xfb\f \x88\x95C_\r!\xd4\xc2\xa5c\xc6\x1f\x95\x83\x04\xa5\xeb\xa16\xba\a\xe7', 0x0, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x200000, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0xfcc00000}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000, 0x0, r2, 0x0, 0x440, 0x880000}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0xa9) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000380)={0x3, 0x5, 0x3, 0x7, 0x1a, "90e05e7611df6e5b7a0b9154245b4688e1efd6"}) 3.02047208s ago: executing program 0 (id=523): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x0) getsockname$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x4}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x86dd}, @TCA_FLOWER_KEY_IP_TTL={0x5, 0x4b, 0x3}]}}]}, 0x44}}, 0x24000000) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2.892730609s ago: executing program 0 (id=526): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b00"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f000000c300)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELOBJ={0x14, 0x14, 0xa, 0x3, 0x0, 0x0, {0x6, 0x0, 0x8}}, @NFT_MSG_NEWSET={0x4c, 0x9, 0xa, 0x0, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x1}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_POLICY={0x8}]}, @NFT_MSG_DELOBJ={0x78, 0x14, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_USERDATA={0x36, 0x8, "8fa5cd6018c5f5bba0d62ab5d78a375193f652291052456f1a8d283d8705179b467064558e577c41d5e913b155b28e924f4c"}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}, @NFTA_OBJ_USERDATA={0x4}]}, @NFT_MSG_DELRULE={0x14, 0x8, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x2}}, @NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x2}}, @NFT_MSG_NEWSETELEM={0x14, 0xc, 0xa, 0x3, 0x0, 0x0, {0x7}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x13c}, 0x1, 0x0, 0x0, 0xc1}, 0x24000010) 2.892436779s ago: executing program 2 (id=527): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x5b01, 0x0) 2.844172749s ago: executing program 0 (id=529): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x5b03, 0x0) 2.696249579s ago: executing program 1 (id=542): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x1, 0x0, 0x1}}, 0xb8}}, 0x0) 2.621383608s ago: executing program 1 (id=543): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000bc0)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xa, 0xffe0}, {}, {0x1c, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x2}]}}]}, 0x38}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2.621142188s ago: executing program 1 (id=544): r0 = socket(0x2b, 0x80801, 0x1) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x10000, @empty}, 0x1c) recvmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0xde80d0ce6cb4ca67) 2.620932438s ago: executing program 1 (id=545): r0 = syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r1, &(0x7f0000000280)=""/239, 0xef) syz_usb_disconnect(r0) 1.093827373s ago: executing program 4 (id=564): syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101201) socket$inet6_udp(0xa, 0x2, 0x0) signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) syz_io_uring_setup(0x39, &(0x7f0000000580)={0x0, 0xe7b7, 0x40}, 0x0, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x181, 0x0) socket$netlink(0x10, 0x3, 0xf) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000680)) r0 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r2, 0x36}, 0x80, &(0x7f0000000140)=[{&(0x7f00000000c0)='O', 0x28}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0) 1.032987863s ago: executing program 4 (id=565): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000bc0)=@newtfilter={0x38, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x1c, 0xffe0}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x2}]}}]}, 0x38}}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendto$inet_nvme_of_msg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 964.194083ms ago: executing program 4 (id=566): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'bridge_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x40d, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r1, 0x3004}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_BCAST_FLOOD={0x5, 0x1e, 0x1}]}}}]}, 0x44}}, 0x0) 963.939593ms ago: executing program 4 (id=567): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000a40)={@fallback=r0, r0, 0x2f, 0x0, 0x0, @void, @value}, 0x20) 963.647163ms ago: executing program 4 (id=568): r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1c1900, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000200)="0fa20367553f46836b4874760fc71a66ba4104ed0fc79900000000c00f320f4285a15a00000f30b923020000b817000000ba000000000f30450fa26698af008ed86446d8e4b8010000000f01d9", 0x4d}], 0x1, 0x20, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYRES64=r2]) ioctl$KVM_RUN(r3, 0xae80, 0x0) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000100)='./bus\x00', 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 371.968421ms ago: executing program 3 (id=577): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) prlimit64(0x0, 0xe, 0x0, 0x0) r2 = getpid() r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300)=0xffffffffffffffff, 0x4) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, 0x1b, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) socket(0x10, 0x803, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e20, 0x401, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x6}, 0x1c) r4 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1}}) 319.083461ms ago: executing program 4 (id=578): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000100)=[@mss={0x2, 0x43}, @window={0x3, 0x1}, @window={0x3, 0x0, 0xb35}, @mss, @sack_perm, @window={0x3, 0x98}, @timestamp, @mss={0x2, 0x9}], 0x8) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x1f, 0x0, 0x0) 306.984821ms ago: executing program 1 (id=579): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), &(0x7f0000000240)={&(0x7f0000000200)={[0x1]}, 0x8}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001000090400"/20, @ANYRES32=r2, @ANYBLOB="020000000000000024001280110001006272696467655f736c617665000000000c00058005002b"], 0x44}}, 0x0) 216.025971ms ago: executing program 1 (id=580): ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x10, 0x4, 0x0, 0x0, 0x40, 0x65, 0x0, 0x0, 0x0, 0x0, @private=0xa010100, @remote, {[@timestamp_prespec={0x44, 0x2c, 0xc0, 0x3, 0x1, [{@private=0xa010100, 0x7ff}, {@multicast1, 0x5}, {@remote}, {@broadcast}, {@empty, 0x3}]}]}}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x5}, {0xffff, 0xffff}, {0xfff3, 0x10}}}, 0x24}}, 0x44080) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000}) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) 215.58297ms ago: executing program 3 (id=581): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x67d2, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, 0x0) close(r3) ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000340)) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r4, 0x4004743a, &(0x7f0000000300)) write$binfmt_aout(r2, &(0x7f0000000100)=ANY=[], 0xfce1) ioctl$TCFLSH(r1, 0x540b, 0x2) 144.1839ms ago: executing program 3 (id=582): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="d402000010001304fefffffffbdbdf25fe800000000000000000000000000000ac1414bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000ffff000000060000000032000000fe8000000000000000000000000000bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b000000000000000000000000000000008000000000000000000000000000000000000000000000000000000a0000000000000000000000e3011200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b80c000040"], 0x2d4}}, 0x4000080) 106.19891ms ago: executing program 3 (id=583): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x1c1900, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000540)="0fa20367553f46836b4876760fc71a66ba4100edb9fb008e00c1c1320f4285a15a0000420f017805450f0866b8af006446d8e4b8010000000f01d9", 0x3b}], 0x1, 0x20, 0x0, 0x24) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000000)=ANY=[@ANYRES64=r1]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 64.51999ms ago: executing program 3 (id=584): syz_emit_ethernet(0xf4, &(0x7f0000000240)={@local, @local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x2, 0x3f, 0xe6, 0x68, 0x0, 0xd, 0x2f, 0x0, @loopback, @remote}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x45, 0x0, [0xf000], "2b4fb81326735b1addb4ca6a7b92c2839118a83242a095b293bee4b0775696d0ccd126e0fb85c8034d48539bd3ae39a941824eab65e33bc15e72d7bdd865b5aecd0fd67df5"}, {0x1, 0x0, 0x1}, {}, {0x8, 0x88be, 0x4, {{0xf, 0x1, 0x3d, 0x2, 0x1, 0x2, 0x6}, 0x1, {0x5}}}, {0x8, 0x22eb, 0x0, {{0x9, 0x2, 0x8, 0x0, 0x1, 0x1, 0x6, 0xff}, 0x2, {0x5, 0x9, 0x1, 0x1e, 0x0, 0x0, 0x1}}}, {0x8, 0x6558, 0x3, "5f48a564e3364eed083aa166725dc9b8b81441ab1f5ce40cdbe0ce6c9cc823c3cd4c39c12b9e1a864e576964bae7ddbbb37c9056acccd2170f9eedd3dc20f35a80a3b0298b0331"}}}}}}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_emit_ethernet(0x32, &(0x7f0000000440)={@local, @local, @void, {@ipv4={0x800, @dccp={{0x5, 0x4, 0x0, 0x3, 0x24, 0x65, 0x0, 0xb, 0x21, 0x0, @private=0xa010100, @local}, {{0x4e23, 0x4e20, 0x4, 0x1, 0x6, 0x0, 0x0, 0x6, 0x3, "fa0504", 0xf7, '!(\x00'}}}}}}, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr\x00', 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d) r1 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0xb}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET6={0x4}, @AF_MPLS={0x4}]}]}, 0x2c}}, 0x0) r5 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, 0x0) sendmmsg$inet6(r0, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="cf4c", 0x2}], 0x1}}], 0x1, 0x1) 0s ago: executing program 3 (id=585): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xc, 0x4, 0x3, 0xbff, 0x100}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0) kernel console output (not intermixed with test programs): 480135][ T1046] ? slow_avc_audit+0x3c0/0x3c0 [ 69.484819][ T1046] common_lsm_audit+0xd8/0x18b0 [ 69.489505][ T1046] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 69.494892][ T1046] ? ipv6_skb_to_auditdata+0xd90/0xd90 [ 69.500183][ T1046] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 69.505824][ T1046] ? avc_update_node+0x2f9/0xd00 [ 69.510599][ T1046] slow_avc_audit+0x26c/0x3c0 [ 69.515111][ T1046] ? avc_get_hash_stats+0x180/0x180 [ 69.520148][ T1046] ? avc_has_perm_noaudit+0x2dd/0x430 [ 69.525354][ T1046] ? avc_denied+0x1b0/0x1b0 [ 69.529695][ T1046] ? vfs_write+0x94d/0x1110 [ 69.534053][ T1046] avc_has_perm+0x1f5/0x260 [ 69.538376][ T1046] ? avc_has_perm_noaudit+0x430/0x430 [ 69.543579][ T1046] ? selinux_capable+0x2f1/0x430 [ 69.548353][ T1046] ? selinux_capset+0xf0/0xf0 [ 69.552881][ T1046] selinux_lockdown+0x1ff/0x2a0 [ 69.557552][ T1046] ? selinux_perf_event_write+0x110/0x110 [ 69.563109][ T1046] ? security_capable+0x87/0xb0 [ 69.567797][ T1046] security_locked_down+0x62/0x90 [ 69.572659][ T1046] ksys_ioperm+0x6d/0x580 [ 69.576823][ T1046] ? debug_smp_processor_id+0x17/0x20 [ 69.582096][ T1046] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 69.587934][ T1046] __x64_sys_ioperm+0x75/0x80 [ 69.592446][ T1046] x64_sys_call+0x4d5/0x9a0 [ 69.596785][ T1046] do_syscall_64+0x3b/0xb0 [ 69.601038][ T1046] ? clear_bhb_loop+0x35/0x90 [ 69.605551][ T1046] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 69.611278][ T1046] RIP: 0033:0x7f2cf01e2d29 [ 69.615530][ T1046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.634973][ T1046] RSP: 002b:00007f2cee854038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad [ 69.643218][ T1046] RAX: ffffffffffffffda RBX: 00007f2cf03d2fa0 RCX: 00007f2cf01e2d29 [ 69.651027][ T1046] RDX: 0000000000000009 RSI: 0000000000000007 RDI: 0000000000000005 [ 69.658837][ T1046] RBP: 00007f2cee854090 R08: 0000000000000000 R09: 0000000000000000 [ 69.666681][ T1046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 69.674467][ T1046] R13: 0000000000000000 R14: 00007f2cf03d2fa0 R15: 00007ffe95219b38 [ 69.682281][ T1046] [ 69.712127][ T1046] SELinux: security_context_str_to_sid(root) failed for (dev ?, type ?) errno=-22 [ 69.724861][ T1046] overlayfs: missing 'lowerdir' [ 70.308173][ T1057] netlink: 20 bytes leftover after parsing attributes in process `syz.2.202'. [ 70.330777][ T1057] netlink: 20 bytes leftover after parsing attributes in process `syz.2.202'. [ 70.346978][ T1058] loop0: detected capacity change from 0 to 256 [ 70.406187][ T1062] loop4: detected capacity change from 0 to 1024 [ 70.435654][ T1066] loop2: detected capacity change from 0 to 512 [ 70.463818][ T1062] EXT4-fs (loop4): dax option not supported [ 71.465466][ T1075] loop1: detected capacity change from 0 to 256 [ 71.476112][ T1066] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,bsddf,. Quota mode: writeback. [ 71.487804][ T1066] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.923903][ T1066] EXT4-fs error (device loop2): ext4_get_first_dir_block:3597: inode #12: comm syz.2.206: Attempting to read directory block (0) that is past i_size (3) [ 71.939415][ T1066] EXT4-fs (loop2): Remounting filesystem read-only [ 71.998724][ T1081] loop4: detected capacity change from 0 to 256 [ 72.447463][ T1097] FAULT_INJECTION: forcing a failure. [ 72.447463][ T1097] name failslab, interval 1, probability 0, space 0, times 0 [ 72.460008][ T1097] CPU: 1 PID: 1097 Comm: syz.1.213 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 72.469640][ T1097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 72.479536][ T1097] Call Trace: [ 72.482672][ T1097] [ 72.485430][ T1097] dump_stack_lvl+0x151/0x1c0 [ 72.489946][ T1097] ? io_uring_drop_tctx_refs+0x190/0x190 [ 72.495423][ T1097] ? arch_stack_walk+0xf3/0x140 [ 72.500100][ T1097] dump_stack+0x15/0x20 [ 72.504091][ T1097] should_fail+0x3c6/0x510 [ 72.508345][ T1097] __should_failslab+0xa4/0xe0 [ 72.512941][ T1097] ? __alloc_skb+0xbe/0x550 [ 72.517282][ T1097] should_failslab+0x9/0x20 [ 72.521621][ T1097] slab_pre_alloc_hook+0x37/0xd0 [ 72.526396][ T1097] ? __alloc_skb+0xbe/0x550 [ 72.530735][ T1097] kmem_cache_alloc+0x44/0x250 [ 72.535334][ T1097] __alloc_skb+0xbe/0x550 [ 72.539502][ T1097] tipc_msg_build+0x149/0x1230 [ 72.544099][ T1097] ? new_inode+0x28/0x1c0 [ 72.548285][ T1097] ? proc_tid_base_lookup+0x2b/0x30 [ 72.553302][ T1097] ? __x64_sys_openat+0x243/0x290 [ 72.558166][ T1097] ? tipc_node_find+0x206/0x4c0 [ 72.562934][ T1097] ? memcpy+0x56/0x70 [ 72.566753][ T1097] ? tipc_msg_fragment+0x760/0x760 [ 72.571704][ T1097] ? avc_has_perm_noaudit+0x2dd/0x430 [ 72.576910][ T1097] ? tipc_node_get_mtu+0x20f/0x2b0 [ 72.581857][ T1097] __tipc_sendmsg+0x1c7b/0x3240 [ 72.586548][ T1097] ? avc_has_perm_noaudit+0x2dd/0x430 [ 72.591752][ T1097] ? local_bh_enable+0x30/0x30 [ 72.596353][ T1097] ? avc_denied+0x1b0/0x1b0 [ 72.600695][ T1097] ? avc_has_perm+0x16f/0x260 [ 72.605205][ T1097] ? stack_trace_save+0x1c0/0x1c0 [ 72.610063][ T1097] ? avc_has_perm_noaudit+0x430/0x430 [ 72.615276][ T1097] ? __kasan_check_write+0x14/0x20 [ 72.620221][ T1097] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 72.625080][ T1097] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 72.630116][ T1097] ? __local_bh_enable_ip+0x58/0x80 [ 72.635148][ T1097] ? lock_sock_nested+0x266/0x300 [ 72.640010][ T1097] ? sock_init_data+0xc0/0xc0 [ 72.644521][ T1097] ? wait_woken+0x170/0x170 [ 72.648861][ T1097] ? kmem_cache_free+0x115/0x330 [ 72.653635][ T1097] ? kasan_set_track+0x5d/0x70 [ 72.658236][ T1097] ? kasan_set_track+0x4b/0x70 [ 72.662838][ T1097] tipc_sendmsg+0x55/0x70 [ 72.667000][ T1097] ? tipc_recvmsg+0x13b0/0x13b0 [ 72.671689][ T1097] ____sys_sendmsg+0x59e/0x8f0 [ 72.676292][ T1097] ? __sys_sendmsg_sock+0x40/0x40 [ 72.681158][ T1097] ? import_iovec+0xe5/0x120 [ 72.685579][ T1097] ___sys_sendmsg+0x252/0x2e0 [ 72.690094][ T1097] ? __sys_sendmsg+0x260/0x260 [ 72.694698][ T1097] ? putname+0xfa/0x150 [ 72.698686][ T1097] ? __fdget+0x1bc/0x240 [ 72.702764][ T1097] __se_sys_sendmsg+0x19a/0x260 [ 72.707452][ T1097] ? __x64_sys_sendmsg+0x90/0x90 [ 72.712237][ T1097] ? ksys_write+0x260/0x2c0 [ 72.716563][ T1097] ? debug_smp_processor_id+0x17/0x20 [ 72.721772][ T1097] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 72.727681][ T1097] __x64_sys_sendmsg+0x7b/0x90 [ 72.732271][ T1097] x64_sys_call+0x16a/0x9a0 [ 72.736609][ T1097] do_syscall_64+0x3b/0xb0 [ 72.740863][ T1097] ? clear_bhb_loop+0x35/0x90 [ 72.745392][ T1097] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 72.751107][ T1097] RIP: 0033:0x7f1acb3bdd29 [ 72.755372][ T1097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.774802][ T1097] RSP: 002b:00007f1ac9a0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.783047][ T1097] RAX: ffffffffffffffda RBX: 00007f1acb5ae080 RCX: 00007f1acb3bdd29 [ 72.790858][ T1097] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000008 [ 72.798667][ T1097] RBP: 00007f1ac9a0e090 R08: 0000000000000000 R09: 0000000000000000 [ 72.806481][ T1097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 72.814294][ T1097] R13: 0000000000000000 R14: 00007f1acb5ae080 R15: 00007ffde883ca28 [ 72.822108][ T1097] [ 72.826580][ T1098] loop1: detected capacity change from 0 to 128 [ 72.851509][ T30] kauditd_printk_skb: 33 callbacks suppressed [ 72.851525][ T30] audit: type=1326 audit(1737206093.993:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 72.880964][ T30] audit: type=1326 audit(1737206094.023:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 72.904094][ T30] audit: type=1326 audit(1737206094.023:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 72.929922][ T1101] 9pnet: Insufficient options for proto=fd [ 72.943571][ T30] audit: type=1326 audit(1737206094.063:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 72.966858][ T30] audit: type=1326 audit(1737206094.063:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 72.990026][ T30] audit: type=1326 audit(1737206094.063:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 73.013648][ T30] audit: type=1326 audit(1737206094.063:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 73.040064][ T30] audit: type=1326 audit(1737206094.063:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 73.065919][ T30] audit: type=1326 audit(1737206094.063:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 73.092808][ T30] audit: type=1326 audit(1737206094.063:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1100 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 73.170426][ T1112] loop4: detected capacity change from 0 to 256 [ 73.223689][ T1112] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 74.009326][ T1136] loop3: detected capacity change from 0 to 256 [ 74.540972][ T300] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 74.716502][ T1141] loop1: detected capacity change from 0 to 256 [ 74.820764][ T300] usb 5-1: Using ep0 maxpacket: 8 [ 74.944463][ T1149] loop2: detected capacity change from 0 to 256 [ 75.149625][ T1149] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 75.188189][ T1149] FAULT_INJECTION: forcing a failure. [ 75.188189][ T1149] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 75.201608][ T1149] CPU: 0 PID: 1149 Comm: syz.2.227 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 75.211236][ T1149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 75.221129][ T1149] Call Trace: [ 75.224260][ T1149] [ 75.227028][ T1149] dump_stack_lvl+0x151/0x1c0 [ 75.231544][ T1149] ? io_uring_drop_tctx_refs+0x190/0x190 [ 75.237013][ T1149] dump_stack+0x15/0x20 [ 75.241001][ T1149] should_fail+0x3c6/0x510 [ 75.245263][ T1149] should_fail_alloc_page+0x5a/0x80 [ 75.250314][ T1149] prepare_alloc_pages+0x15c/0x700 [ 75.255238][ T1149] ? asm_exc_page_fault+0x27/0x30 [ 75.260097][ T1149] ? __alloc_pages_bulk+0xd80/0xd80 [ 75.265132][ T1149] ? strncpy_from_user+0x2b1/0x2d0 [ 75.270076][ T1149] __alloc_pages+0x18c/0x8f0 [ 75.274511][ T1149] ? prep_new_page+0x110/0x110 [ 75.279105][ T1149] ? __kasan_check_write+0x14/0x20 [ 75.284051][ T1149] ? __switch_to+0x62a/0x1190 [ 75.288582][ T1149] ? compat_start_thread+0x20/0x20 [ 75.293510][ T1149] ? bpf_trace_run2+0x210/0x210 [ 75.298198][ T1149] new_slab+0x9a/0x4e0 [ 75.302106][ T1149] ___slab_alloc+0x39e/0x830 [ 75.306528][ T1149] ? _raw_spin_unlock+0x4d/0x70 [ 75.311216][ T1149] ? __d_alloc+0x2d/0x6c0 [ 75.315393][ T1149] ? finish_task_switch+0x167/0x7b0 [ 75.320418][ T1149] ? __d_alloc+0x2d/0x6c0 [ 75.324581][ T1149] __slab_alloc+0x4a/0x90 [ 75.328749][ T1149] ? __d_alloc+0x2d/0x6c0 [ 75.332915][ T1149] kmem_cache_alloc+0x139/0x250 [ 75.337603][ T1149] __d_alloc+0x2d/0x6c0 [ 75.341594][ T1149] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 75.347236][ T1149] d_alloc_parallel+0xe6/0x12e0 [ 75.351930][ T1149] ? down_read+0xd50/0x1900 [ 75.356264][ T1149] ? __rcu_read_unlock+0xd0/0xd0 [ 75.361035][ T1149] ? d_hash_and_lookup+0x1e0/0x1e0 [ 75.365985][ T1149] ? __down_common+0x550/0x550 [ 75.370588][ T1149] ? __rcu_read_unlock+0x7e/0xd0 [ 75.375368][ T1149] __lookup_slow+0x154/0x400 [ 75.379783][ T1149] ? lookup_one_len+0x2c0/0x2c0 [ 75.384470][ T1149] ? lookup_fast+0x306/0x7b0 [ 75.388898][ T1149] ? handle_dots+0x1030/0x1030 [ 75.393497][ T1149] lookup_slow+0x5a/0x80 [ 75.397579][ T1149] walk_component+0x48c/0x610 [ 75.402094][ T1149] ? nd_alloc_stack+0xf0/0xf0 [ 75.406605][ T1149] ? handle_lookup_down+0x130/0x130 [ 75.411640][ T1149] path_lookupat+0x16d/0x450 [ 75.416068][ T1149] filename_lookup+0x230/0x5c0 [ 75.420666][ T1149] ? hashlen_string+0x120/0x120 [ 75.425356][ T1149] ? getname_flags+0x1fd/0x520 [ 75.429950][ T1149] user_path_at_empty+0x43/0x1a0 [ 75.434726][ T1149] do_sys_truncate+0xa3/0x190 [ 75.439236][ T1149] ? break_lease+0xd0/0xd0 [ 75.443491][ T1149] ? debug_smp_processor_id+0x17/0x20 [ 75.448696][ T1149] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 75.454603][ T1149] __x64_sys_truncate+0x5b/0x70 [ 75.459286][ T1149] x64_sys_call+0x23c/0x9a0 [ 75.463626][ T1149] do_syscall_64+0x3b/0xb0 [ 75.467880][ T1149] ? clear_bhb_loop+0x35/0x90 [ 75.472391][ T1149] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 75.478122][ T1149] RIP: 0033:0x7f2cf01e2d29 [ 75.482375][ T1149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.501820][ T1149] RSP: 002b:00007f2cee812038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 75.510059][ T1149] RAX: ffffffffffffffda RBX: 00007f2cf03d3160 RCX: 00007f2cf01e2d29 [ 75.517871][ T1149] RDX: 0000000000000000 RSI: 000000000000b73d RDI: 0000000020000900 [ 75.525682][ T1149] RBP: 00007f2cee812090 R08: 0000000000000000 R09: 0000000000000000 [ 75.533494][ T1149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.541303][ T1149] R13: 0000000000000000 R14: 00007f2cf03d3160 R15: 00007ffe95219b38 [ 75.549121][ T1149] [ 76.051957][ T1153] 9pnet: Insufficient options for proto=fd [ 76.084153][ T60] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 76.126653][ T1155] loop1: detected capacity change from 0 to 4096 [ 76.563300][ T1159] loop3: detected capacity change from 0 to 256 [ 76.619632][ T1159] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 76.667542][ T1159] exFAT-fs (loop3): hint_cluster is invalid (17) [ 76.679033][ T1155] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 76.898050][ T1143] loop0: detected capacity change from 0 to 128 [ 77.060717][ C1] sched: RT throttling activated [ 77.066620][ T300] usb 5-1: config 0 has an invalid interface number: 211 but max is 0 [ 77.074655][ T300] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 77.085089][ T300] usb 5-1: config 0 has no interface number 0 [ 77.091384][ T300] usb 5-1: config 0 interface 211 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 77.104334][ T300] usb 5-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e [ 77.184683][ T300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.328920][ T300] usb 5-1: config 0 descriptor?? [ 78.344208][ T1143] EXT4-fs: failed to create workqueue [ 78.362612][ T300] usb 5-1: can't set config #0, error -71 [ 78.369648][ T1143] EXT4-fs (loop0): mount failed [ 78.383116][ T300] usb 5-1: USB disconnect, device number 5 [ 78.457988][ T1179] loop3: detected capacity change from 0 to 2048 [ 78.513287][ T1179] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none. [ 78.536724][ T60] usb 1-1: unable to get BOS descriptor or descriptor too short [ 78.584630][ T1192] loop1: detected capacity change from 0 to 256 [ 78.713946][ T60] usb 1-1: too many configurations: 30, using maximum allowed: 8 [ 79.225924][ T1192] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 79.409266][ T1192] FAULT_INJECTION: forcing a failure. [ 79.409266][ T1192] name failslab, interval 1, probability 0, space 0, times 0 [ 79.421755][ T1192] CPU: 0 PID: 1192 Comm: syz.1.233 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 79.431328][ T1192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 79.441222][ T1192] Call Trace: [ 79.444347][ T1192] [ 79.447124][ T1192] dump_stack_lvl+0x151/0x1c0 [ 79.451636][ T1192] ? io_uring_drop_tctx_refs+0x190/0x190 [ 79.457107][ T1192] ? __schedule+0xcd4/0x1590 [ 79.461532][ T1192] dump_stack+0x15/0x20 [ 79.465526][ T1192] should_fail+0x3c6/0x510 [ 79.470050][ T1192] __should_failslab+0xa4/0xe0 [ 79.474649][ T1192] ? exfat_alloc_inode+0x1b/0x60 [ 79.479421][ T1192] should_failslab+0x9/0x20 [ 79.483764][ T1192] slab_pre_alloc_hook+0x37/0xd0 [ 79.488537][ T1192] ? exfat_alloc_inode+0x1b/0x60 [ 79.493311][ T1192] kmem_cache_alloc+0x44/0x250 [ 79.497911][ T1192] ? exfat_fill_super+0x2d80/0x2d80 [ 79.502944][ T1192] exfat_alloc_inode+0x1b/0x60 [ 79.507545][ T1192] ? exfat_fill_super+0x2d80/0x2d80 [ 79.512577][ T1192] new_inode_pseudo+0x64/0x220 [ 79.517179][ T1192] new_inode+0x28/0x1c0 [ 79.521188][ T1192] exfat_build_inode+0x19c/0x1220 [ 79.526031][ T1192] ? exfat_free_dentry_set+0x248/0x2c0 [ 79.531331][ T1192] exfat_lookup+0xd81/0x18c0 [ 79.535753][ T1192] ? exfat_utf8_d_cmp+0x510/0x510 [ 79.540613][ T1192] ? preempt_schedule_irq+0xe7/0x140 [ 79.545848][ T1192] __lookup_slow+0x2b9/0x400 [ 79.550244][ T1192] ? lookup_one_len+0x2c0/0x2c0 [ 79.554934][ T1192] ? lookup_fast+0x306/0x7b0 [ 79.559362][ T1192] ? handle_dots+0x1030/0x1030 [ 79.563960][ T1192] lookup_slow+0x5a/0x80 [ 79.568039][ T1192] walk_component+0x48c/0x610 [ 79.572553][ T1192] ? nd_alloc_stack+0xf0/0xf0 [ 79.577065][ T1192] ? handle_lookup_down+0x130/0x130 [ 79.582103][ T1192] path_lookupat+0x16d/0x450 [ 79.586528][ T1192] filename_lookup+0x230/0x5c0 [ 79.591125][ T1192] ? hashlen_string+0x120/0x120 [ 79.595816][ T1192] ? getname_flags+0x1fd/0x520 [ 79.600412][ T1192] user_path_at_empty+0x43/0x1a0 [ 79.605187][ T1192] do_sys_truncate+0xa3/0x190 [ 79.609699][ T1192] ? break_lease+0xd0/0xd0 [ 79.613949][ T1192] ? __kasan_check_write+0x14/0x20 [ 79.618899][ T1192] __x64_sys_truncate+0x5b/0x70 [ 79.623584][ T1192] x64_sys_call+0x23c/0x9a0 [ 79.627924][ T1192] do_syscall_64+0x3b/0xb0 [ 79.632179][ T1192] ? clear_bhb_loop+0x35/0x90 [ 79.636691][ T1192] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 79.642421][ T1192] RIP: 0033:0x7f1acb3bdd29 [ 79.646675][ T1192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.666206][ T1192] RSP: 002b:00007f1ac99ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 79.674445][ T1192] RAX: ffffffffffffffda RBX: 00007f1acb5ae160 RCX: 00007f1acb3bdd29 [ 79.682263][ T1192] RDX: 0000000000000000 RSI: 000000000000b73d RDI: 0000000020000900 [ 79.690069][ T1192] RBP: 00007f1ac99ed090 R08: 0000000000000000 R09: 0000000000000000 [ 79.697894][ T1192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 79.705695][ T1192] R13: 0000000000000000 R14: 00007f1acb5ae160 R15: 00007ffde883ca28 [ 79.713510][ T1192] [ 79.823142][ T30] kauditd_printk_skb: 60 callbacks suppressed [ 79.823159][ T30] audit: type=1326 audit(1737206100.963:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1178 comm="syz.3.235" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3a854d3d29 code=0x0 [ 79.920798][ T60] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 79.932610][ T60] usb 1-1: can't read configurations, error -71 [ 79.980300][ T1205] 9pnet: Insufficient options for proto=fd [ 79.989720][ T30] audit: type=1326 audit(1737206101.113:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 80.086827][ T30] audit: type=1326 audit(1737206101.113:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 80.111498][ T30] audit: type=1326 audit(1737206101.113:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 80.135347][ T30] audit: type=1326 audit(1737206101.113:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 80.158662][ T30] audit: type=1326 audit(1737206101.113:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 80.222507][ T30] audit: type=1326 audit(1737206101.113:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 80.271392][ T30] audit: type=1326 audit(1737206101.113:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 80.294687][ T30] audit: type=1326 audit(1737206101.113:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 80.317616][ T30] audit: type=1326 audit(1737206101.113:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1204 comm="syz.4.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 80.383185][ T1213] loop1: detected capacity change from 0 to 4096 [ 80.473046][ T1213] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 80.759987][ T1221] FAULT_INJECTION: forcing a failure. [ 80.759987][ T1221] name failslab, interval 1, probability 0, space 0, times 0 [ 80.773971][ T1221] CPU: 0 PID: 1221 Comm: syz.2.245 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 80.783616][ T1221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 80.793511][ T1221] Call Trace: [ 80.796634][ T1221] [ 80.799414][ T1221] dump_stack_lvl+0x151/0x1c0 [ 80.803926][ T1221] ? io_uring_drop_tctx_refs+0x190/0x190 [ 80.809402][ T1221] dump_stack+0x15/0x20 [ 80.813385][ T1221] should_fail+0x3c6/0x510 [ 80.817637][ T1221] __should_failslab+0xa4/0xe0 [ 80.822235][ T1221] should_failslab+0x9/0x20 [ 80.826574][ T1221] slab_pre_alloc_hook+0x37/0xd0 [ 80.831349][ T1221] __kmalloc+0x6d/0x2c0 [ 80.835342][ T1221] ? sk_prot_alloc+0xf9/0x330 [ 80.839855][ T1221] sk_prot_alloc+0xf9/0x330 [ 80.844195][ T1221] ? _copy_from_user+0x96/0xd0 [ 80.848794][ T1221] sk_alloc+0x38/0x430 [ 80.852700][ T1221] bpf_prog_test_run_skb+0x362/0x1420 [ 80.857910][ T1221] ? __kasan_check_write+0x14/0x20 [ 80.862855][ T1221] ? proc_fail_nth_write+0x20b/0x290 [ 80.867978][ T1221] ? selinux_file_permission+0x2c4/0x570 [ 80.873445][ T1221] ? proc_fail_nth_read+0x210/0x210 [ 80.878484][ T1221] ? fsnotify_perm+0x6a/0x5b0 [ 80.882998][ T1221] ? __bpf_prog_test_run_raw_tp+0x2e0/0x2e0 [ 80.888735][ T1221] ? __kasan_check_write+0x14/0x20 [ 80.893670][ T1221] ? fput_many+0x160/0x1b0 [ 80.897919][ T1221] ? __bpf_prog_test_run_raw_tp+0x2e0/0x2e0 [ 80.903651][ T1221] bpf_prog_test_run+0x3b0/0x630 [ 80.908425][ T1221] ? bpf_prog_query+0x220/0x220 [ 80.913110][ T1221] ? selinux_bpf+0xd2/0x100 [ 80.917454][ T1221] ? security_bpf+0x82/0xb0 [ 80.921789][ T1221] __sys_bpf+0x525/0x760 [ 80.925871][ T1221] ? fput_many+0x160/0x1b0 [ 80.930121][ T1221] ? bpf_link_show_fdinfo+0x300/0x300 [ 80.935333][ T1221] ? debug_smp_processor_id+0x17/0x20 [ 80.940544][ T1221] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 80.946442][ T1221] __x64_sys_bpf+0x7c/0x90 [ 80.950693][ T1221] x64_sys_call+0x87f/0x9a0 [ 80.955030][ T1221] do_syscall_64+0x3b/0xb0 [ 80.959283][ T1221] ? clear_bhb_loop+0x35/0x90 [ 80.963798][ T1221] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 80.969529][ T1221] RIP: 0033:0x7f2cf01e2d29 [ 80.973790][ T1221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.993222][ T1221] RSP: 002b:00007f2cee854038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 81.001467][ T1221] RAX: ffffffffffffffda RBX: 00007f2cf03d2fa0 RCX: 00007f2cf01e2d29 [ 81.009547][ T1221] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a [ 81.017348][ T1221] RBP: 00007f2cee854090 R08: 0000000000000000 R09: 0000000000000000 [ 81.025161][ T1221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.032972][ T1221] R13: 0000000000000000 R14: 00007f2cf03d2fa0 R15: 00007ffe95219b38 [ 81.040789][ T1221] [ 81.447149][ T1229] netlink: 28 bytes leftover after parsing attributes in process `syz.3.249'. [ 81.458414][ T1229] netlink: 8 bytes leftover after parsing attributes in process `syz.3.249'. [ 81.481778][ T1234] loop1: detected capacity change from 0 to 256 [ 81.505434][ T1239] loop3: detected capacity change from 0 to 128 [ 81.631899][ T1247] loop2: detected capacity change from 0 to 256 [ 82.476020][ T1247] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 82.491529][ T1247] FAULT_INJECTION: forcing a failure. [ 82.491529][ T1247] name failslab, interval 1, probability 0, space 0, times 0 [ 82.504052][ T1247] CPU: 0 PID: 1247 Comm: syz.2.253 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 82.513581][ T1247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 82.523475][ T1247] Call Trace: [ 82.526610][ T1247] [ 82.529380][ T1247] dump_stack_lvl+0x151/0x1c0 [ 82.533894][ T1247] ? io_uring_drop_tctx_refs+0x190/0x190 [ 82.539359][ T1247] dump_stack+0x15/0x20 [ 82.543352][ T1247] should_fail+0x3c6/0x510 [ 82.547603][ T1247] __should_failslab+0xa4/0xe0 [ 82.552206][ T1247] ? security_file_alloc+0x29/0x120 [ 82.557235][ T1247] should_failslab+0x9/0x20 [ 82.561575][ T1247] slab_pre_alloc_hook+0x37/0xd0 [ 82.566352][ T1247] ? security_file_alloc+0x29/0x120 [ 82.571383][ T1247] kmem_cache_alloc+0x44/0x250 [ 82.575990][ T1247] security_file_alloc+0x29/0x120 [ 82.580847][ T1247] __alloc_file+0xb2/0x2a0 [ 82.585098][ T1247] alloc_empty_file+0x95/0x180 [ 82.589698][ T1247] path_openat+0xfe/0x2f40 [ 82.593970][ T1247] ? _raw_spin_unlock+0x4d/0x70 [ 82.598640][ T1247] ? finish_task_switch+0x167/0x7b0 [ 82.603672][ T1247] ? requeue_task_rt+0x410/0x410 [ 82.608445][ T1247] ? __schedule+0xcd4/0x1590 [ 82.612876][ T1247] ? release_firmware_map_entry+0x190/0x190 [ 82.618600][ T1247] ? do_filp_open+0x460/0x460 [ 82.623113][ T1247] ? __kasan_check_read+0x11/0x20 [ 82.627978][ T1247] ? preempt_schedule_irq+0xe7/0x140 [ 82.633099][ T1247] ? __cond_resched+0x20/0x20 [ 82.637608][ T1247] do_filp_open+0x21c/0x460 [ 82.641950][ T1247] ? vfs_tmpfile+0x2c0/0x2c0 [ 82.646381][ T1247] do_sys_openat2+0x13f/0x820 [ 82.650909][ T1247] ? requeue_task_rt+0x410/0x410 [ 82.655664][ T1247] ? do_sys_open+0x220/0x220 [ 82.660089][ T1247] ? __schedule+0xcd4/0x1590 [ 82.664520][ T1247] ? release_firmware_map_entry+0x190/0x190 [ 82.670252][ T1247] ? ksys_write+0x260/0x2c0 [ 82.674582][ T1247] __x64_sys_openat+0x243/0x290 [ 82.679269][ T1247] ? __ia32_sys_open+0x270/0x270 [ 82.684049][ T1247] ? __kasan_check_write+0x14/0x20 [ 82.689086][ T1247] ? switch_fpu_return+0x15f/0x2e0 [ 82.694026][ T1247] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 82.699492][ T1247] x64_sys_call+0x6bf/0x9a0 [ 82.703932][ T1247] do_syscall_64+0x3b/0xb0 [ 82.708170][ T1247] ? clear_bhb_loop+0x35/0x90 [ 82.712686][ T1247] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 82.718415][ T1247] RIP: 0033:0x7f2cf01e1690 [ 82.722668][ T1247] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 82.742116][ T1247] RSP: 002b:00007f2cee811f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 82.750352][ T1247] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f2cf01e1690 [ 82.758167][ T1247] RDX: 0000000000000002 RSI: 00007f2cee811fa0 RDI: 00000000ffffff9c [ 82.765981][ T1247] RBP: 00007f2cee811fa0 R08: 0000000000000000 R09: 0000000000000000 [ 82.773786][ T1247] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 82.781608][ T1247] R13: 0000000000000000 R14: 00007f2cf03d3160 R15: 00007ffe95219b38 [ 82.789413][ T1247] [ 82.807241][ T1247] exFAT-fs (loop2): hint_cluster is invalid (17) [ 82.957860][ T1251] loop1: detected capacity change from 0 to 256 [ 83.064761][ T1251] FAT-fs (loop1): Directory bread(block 64) failed [ 83.094108][ T1251] FAT-fs (loop1): Directory bread(block 65) failed [ 83.100508][ T1251] FAT-fs (loop1): Directory bread(block 66) failed [ 83.101302][ T1256] loop3: detected capacity change from 0 to 256 [ 83.107499][ T1251] FAT-fs (loop1): Directory bread(block 67) failed [ 83.154386][ T1236] loop0: detected capacity change from 0 to 40427 [ 83.160932][ T1251] FAT-fs (loop1): Directory bread(block 68) failed [ 83.171060][ T1251] FAT-fs (loop1): Directory bread(block 69) failed [ 83.334139][ T1251] FAT-fs (loop1): Directory bread(block 70) failed [ 83.340501][ T1251] FAT-fs (loop1): Directory bread(block 71) failed [ 83.347311][ T1236] F2FS-fs (loop0): fault_type options not supported [ 83.364938][ T1236] F2FS-fs (loop0): invalid crc value [ 83.377152][ T1251] FAT-fs (loop1): Directory bread(block 72) failed [ 83.411158][ T1236] F2FS-fs (loop0): Found nat_bits in checkpoint [ 83.431593][ T1251] FAT-fs (loop1): Directory bread(block 73) failed [ 83.656450][ T1236] F2FS-fs (loop0): Start checkpoint disabled! [ 83.664513][ T1251] incfs: Error accessing: ./file0. [ 83.669581][ T1251] incfs: mount failed -20 [ 83.680775][ T1236] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 83.830863][ T1053] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 84.285183][ T1272] loop4: detected capacity change from 0 to 4096 [ 84.384431][ T1272] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 84.417923][ T1270] loop3: detected capacity change from 0 to 40427 [ 84.501478][ T1270] F2FS-fs (loop3): fault_type options not supported [ 84.503391][ T1270] F2FS-fs (loop3): invalid crc value [ 84.795184][ T1053] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 84.833497][ T1053] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 84.872047][ T1282] loop0: detected capacity change from 0 to 512 [ 84.925092][ T1270] F2FS-fs (loop3): Found nat_bits in checkpoint [ 84.941105][ T1053] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 84.960358][ T30] kauditd_printk_skb: 76 callbacks suppressed [ 84.960372][ T30] audit: type=1326 audit(1737206106.093:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1250 comm="syz.1.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 84.983158][ T1270] F2FS-fs (loop3): Start checkpoint disabled! [ 84.989885][ T1053] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.996083][ T30] audit: type=1326 audit(1737206106.123:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1250 comm="syz.1.254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 85.015461][ T1270] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 85.131436][ T1053] usb 3-1: config 0 descriptor?? [ 85.183648][ T1053] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 85.443886][ T30] audit: type=1326 audit(1737206106.443:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1274 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcbc79d29 code=0x7fc00000 [ 85.644727][ T30] audit: type=1326 audit(1737206106.783:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1298 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 85.648338][ T1290] loop1: detected capacity change from 0 to 40427 [ 85.674964][ T1299] FAULT_INJECTION: forcing a failure. [ 85.674964][ T1299] name failslab, interval 1, probability 0, space 0, times 0 [ 85.688099][ T30] audit: type=1326 audit(1737206106.813:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1298 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 85.711397][ T1299] CPU: 0 PID: 1299 Comm: syz.3.265 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 85.712071][ T30] audit: type=1326 audit(1737206106.813:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1298 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 85.721110][ T1299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 85.721124][ T1299] Call Trace: [ 85.721130][ T1299] [ 85.721138][ T1299] dump_stack_lvl+0x151/0x1c0 [ 85.721163][ T1299] ? io_uring_drop_tctx_refs+0x190/0x190 [ 85.721186][ T1299] dump_stack+0x15/0x20 [ 85.721203][ T1299] should_fail+0x3c6/0x510 [ 85.744395][ T30] audit: type=1326 audit(1737206106.813:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1298 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 85.754007][ T1299] __should_failslab+0xa4/0xe0 [ 85.754038][ T1299] should_failslab+0x9/0x20 [ 85.757234][ T30] audit: type=1326 audit(1737206106.813:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1298 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 85.759937][ T1299] slab_pre_alloc_hook+0x37/0xd0 [ 85.764478][ T30] audit: type=1326 audit(1737206106.813:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1298 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 85.769887][ T1299] ? sidtab_sid2str_get+0x12b/0x2a0 [ 85.769910][ T1299] __kmalloc_track_caller+0x6c/0x2c0 [ 85.773992][ T30] audit: type=1326 audit(1737206106.813:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1298 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 85.778131][ T1299] ? sidtab_sid2str_get+0x12b/0x2a0 [ 85.778153][ T1299] kmemdup+0x24/0x50 [ 85.903207][ T1299] sidtab_sid2str_get+0x12b/0x2a0 [ 85.908062][ T1299] security_sid_to_context_core+0x2b5/0x490 [ 85.913792][ T1299] security_sid_to_context+0x33/0x40 [ 85.918920][ T1299] selinux_secid_to_secctx+0x2a/0x40 [ 85.924039][ T1299] security_secid_to_secctx+0x74/0xb0 [ 85.929262][ T1299] audit_log_task_context+0x122/0x350 [ 85.934449][ T1299] ? audit_log_key+0x1d0/0x1d0 [ 85.939223][ T1299] audit_log_task+0x18c/0x2e0 [ 85.943735][ T1299] ? __kasan_check_write+0x14/0x20 [ 85.948682][ T1299] ? audit_core_dumps+0x100/0x100 [ 85.953541][ T1299] ? migrate_enable+0x1c1/0x2a0 [ 85.958375][ T1299] audit_seccomp+0x7a/0x1e0 [ 85.962712][ T1299] __seccomp_filter+0xc08/0x1c60 [ 85.967486][ T1299] ? putname+0xfa/0x150 [ 85.971475][ T1299] ? file_end_write+0x1c0/0x1c0 [ 85.976165][ T1299] ? __kasan_check_write+0x14/0x20 [ 85.981109][ T1299] ? __secure_computing+0x300/0x300 [ 85.986144][ T1299] ? __mutex_lock_slowpath+0x10/0x10 [ 85.991264][ T1299] ? __kasan_check_write+0x14/0x20 [ 85.996206][ T1299] ? fput_many+0x160/0x1b0 [ 86.000466][ T1299] ? __ia32_sys_read+0x90/0x90 [ 86.005063][ T1299] __secure_computing+0xf0/0x300 [ 86.009839][ T1299] syscall_enter_from_user_mode+0xd5/0x1b0 [ 86.015480][ T1299] do_syscall_64+0x1e/0xb0 [ 86.019731][ T1299] ? clear_bhb_loop+0x35/0x90 [ 86.024246][ T1299] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 86.029971][ T1299] RIP: 0033:0x7f3a854d3d29 [ 86.034226][ T1299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.053669][ T1299] RSP: 002b:00007f3a83b45038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 86.061913][ T1299] RAX: ffffffffffffffda RBX: 00007f3a856c3fa0 RCX: 00007f3a854d3d29 [ 86.069723][ T1299] RDX: 00000000000000b8 RSI: 0000000020001fc0 RDI: 0000000000000003 [ 86.077534][ T1299] RBP: 00007f3a83b45090 R08: 0000000000000000 R09: 0000000000000000 [ 86.085354][ T1299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.093159][ T1299] R13: 0000000000000000 R14: 00007f3a856c3fa0 R15: 00007ffe5ebdde28 [ 86.100974][ T1299] [ 86.120339][ T1302] loop3: detected capacity change from 0 to 512 [ 86.127701][ T1290] F2FS-fs (loop1): fault_type options not supported [ 86.135077][ T1290] F2FS-fs (loop1): invalid crc value [ 86.141873][ T1290] F2FS-fs (loop1): Found nat_bits in checkpoint [ 86.159690][ T1302] EXT4-fs (loop3): orphan cleanup on readonly fs [ 86.166749][ T1302] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.266: bg 0: block 248: padding at end of block bitmap is not set [ 86.181620][ T1302] EXT4-fs error (device loop3): ext4_acquire_dquot:6188: comm syz.3.266: Failed to acquire dquot type 1 [ 86.186804][ T1290] F2FS-fs (loop1): Start checkpoint disabled! [ 86.193578][ T1302] EXT4-fs (loop3): 1 truncate cleaned up [ 86.199234][ T1290] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 86.204786][ T1302] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,abort,noload,noload,,errors=continue. Quota mode: writeback. [ 86.230606][ T1302] FAULT_INJECTION: forcing a failure. [ 86.230606][ T1302] name failslab, interval 1, probability 0, space 0, times 0 [ 86.243211][ T1302] CPU: 0 PID: 1302 Comm: syz.3.266 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 86.252833][ T1302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 86.262733][ T1302] Call Trace: [ 86.265856][ T1302] [ 86.268629][ T1302] dump_stack_lvl+0x151/0x1c0 [ 86.273145][ T1302] ? io_uring_drop_tctx_refs+0x190/0x190 [ 86.278613][ T1302] dump_stack+0x15/0x20 [ 86.282604][ T1302] should_fail+0x3c6/0x510 [ 86.286857][ T1302] __should_failslab+0xa4/0xe0 [ 86.291459][ T1302] should_failslab+0x9/0x20 [ 86.295797][ T1302] slab_pre_alloc_hook+0x37/0xd0 [ 86.300578][ T1302] __kmalloc+0x6d/0x2c0 [ 86.304566][ T1302] ? stack_trace_save+0x1c0/0x1c0 [ 86.309425][ T1302] ? ext4_find_extent+0x375/0xe30 [ 86.314286][ T1302] ext4_find_extent+0x375/0xe30 [ 86.318972][ T1302] ? arch_stack_walk+0xf3/0x140 [ 86.323661][ T1302] ext4_ext_map_blocks+0x269/0x7450 [ 86.328709][ T1302] ? down_read+0xd50/0x1900 [ 86.333035][ T1302] ? ext4_ext_release+0x10/0x10 [ 86.337721][ T1302] ? __down_common+0x550/0x550 [ 86.342315][ T1302] ? is_bpf_text_address+0x172/0x190 [ 86.347436][ T1302] ? stack_trace_save+0x1c0/0x1c0 [ 86.352297][ T1302] ? __kernel_text_address+0x9b/0x110 [ 86.357504][ T1302] ? _raw_read_unlock+0x25/0x40 [ 86.362188][ T1302] ? ext4_es_lookup_extent+0x33b/0x940 [ 86.367486][ T1302] ext4_map_blocks+0x408/0x1c70 [ 86.372174][ T1302] ? ext4_issue_zeroout+0x250/0x250 [ 86.377203][ T1302] ? is_bpf_text_address+0x172/0x190 [ 86.382328][ T1302] ext4_getblk+0x19f/0x700 [ 86.386586][ T1302] ? ext4_get_block_unwritten+0x40/0x40 [ 86.391967][ T1302] ? stack_trace_save+0x113/0x1c0 [ 86.396821][ T1302] ext4_bread_batch+0x67/0x4c0 [ 86.401425][ T1302] __ext4_find_entry+0xfbe/0x1af0 [ 86.406285][ T1302] ? d_alloc+0x4b/0x1d0 [ 86.410276][ T1302] ? __x64_sys_mkdirat+0x89/0xa0 [ 86.415051][ T1302] ? ext4_ci_compare+0x660/0x660 [ 86.419825][ T1302] ? ext4_fname_setup_ci_filename+0x70/0x480 [ 86.425639][ T1302] ? generic_set_encrypted_ci_d_ops+0x91/0xf0 [ 86.431539][ T1302] ext4_lookup+0x3c6/0xaa0 [ 86.435794][ T1302] ? ext4_add_entry+0x12b0/0x12b0 [ 86.440650][ T1302] ? slab_post_alloc_hook+0x72/0x2c0 [ 86.445776][ T1302] ? __kasan_check_write+0x14/0x20 [ 86.450720][ T1302] ? _raw_spin_lock+0xa4/0x1b0 [ 86.455323][ T1302] ? __d_alloc+0x4dd/0x6c0 [ 86.459575][ T1302] ? _raw_spin_unlock+0x4d/0x70 [ 86.464259][ T1302] ? d_alloc+0x199/0x1d0 [ 86.468345][ T1302] lookup_one_qstr_excl+0x143/0x290 [ 86.473371][ T1302] filename_create+0x28e/0x530 [ 86.477973][ T1302] ? kern_path_create+0x1a0/0x1a0 [ 86.482835][ T1302] do_mkdirat+0xbd/0x450 [ 86.486915][ T1302] ? strncpy_from_user+0x18e/0x2d0 [ 86.491858][ T1302] ? vfs_mkdir+0x610/0x610 [ 86.496114][ T1302] ? getname_flags+0x1fd/0x520 [ 86.500718][ T1302] __x64_sys_mkdirat+0x89/0xa0 [ 86.505318][ T1302] x64_sys_call+0x6c6/0x9a0 [ 86.509661][ T1302] do_syscall_64+0x3b/0xb0 [ 86.513910][ T1302] ? clear_bhb_loop+0x35/0x90 [ 86.518425][ T1302] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 86.524145][ T1302] RIP: 0033:0x7f3a854d3d29 [ 86.528417][ T1302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.547841][ T1302] RSP: 002b:00007f3a83b45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 86.556089][ T1302] RAX: ffffffffffffffda RBX: 00007f3a856c3fa0 RCX: 00007f3a854d3d29 [ 86.563897][ T1302] RDX: 0000000000000000 RSI: 0000000020002040 RDI: ffffffffffffff9c [ 86.571711][ T1302] RBP: 00007f3a83b45090 R08: 0000000000000000 R09: 0000000000000000 [ 86.579524][ T1302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.587337][ T1302] R13: 0000000000000000 R14: 00007f3a856c3fa0 R15: 00007ffe5ebdde28 [ 86.595150][ T1302] [ 86.609898][ T1309] netlink: 12 bytes leftover after parsing attributes in process `syz.4.267'. [ 86.611939][ T1302] syz.3.266 (1302) used greatest stack depth: 19824 bytes left [ 86.642725][ T1312] loop4: detected capacity change from 0 to 256 [ 87.283027][ T1260] usb 3-1: USB disconnect, device number 2 [ 87.336237][ T1322] loop0: detected capacity change from 0 to 4096 [ 87.379831][ T1322] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 88.161773][ T1336] loop3: detected capacity change from 0 to 40427 [ 88.184934][ T1336] F2FS-fs (loop3): fault_type options not supported [ 88.197020][ T1336] F2FS-fs (loop3): invalid crc value [ 88.247637][ T1336] F2FS-fs (loop3): Found nat_bits in checkpoint [ 88.289861][ T1336] F2FS-fs (loop3): Start checkpoint disabled! [ 88.383898][ T1336] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 88.429016][ T1347] FAULT_INJECTION: forcing a failure. [ 88.429016][ T1347] name failslab, interval 1, probability 0, space 0, times 0 [ 88.441570][ T1347] CPU: 1 PID: 1347 Comm: syz.1.277 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 88.451195][ T1347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 88.461089][ T1347] Call Trace: [ 88.464217][ T1347] [ 88.466992][ T1347] dump_stack_lvl+0x151/0x1c0 [ 88.471505][ T1347] ? io_uring_drop_tctx_refs+0x190/0x190 [ 88.476975][ T1347] dump_stack+0x15/0x20 [ 88.480964][ T1347] should_fail+0x3c6/0x510 [ 88.485221][ T1347] __should_failslab+0xa4/0xe0 [ 88.489823][ T1347] should_failslab+0x9/0x20 [ 88.494159][ T1347] slab_pre_alloc_hook+0x37/0xd0 [ 88.498935][ T1347] kmem_cache_alloc_trace+0x48/0x270 [ 88.504051][ T1347] ? alloc_fs_context+0x65/0x830 [ 88.508829][ T1347] alloc_fs_context+0x65/0x830 [ 88.513430][ T1347] ? _raw_read_unlock+0x38/0x40 [ 88.518113][ T1347] ? get_fs_type+0x460/0x4e0 [ 88.522543][ T1347] fs_context_for_mount+0x24/0x30 [ 88.527407][ T1347] do_new_mount+0x15c/0xb30 [ 88.531754][ T1347] ? do_move_mount_old+0x160/0x160 [ 88.536685][ T1347] ? security_capable+0x87/0xb0 [ 88.541377][ T1347] ? ns_capable+0x89/0xe0 [ 88.545542][ T1347] path_mount+0x671/0x1070 [ 88.549796][ T1347] __se_sys_mount+0x2c4/0x3b0 [ 88.554321][ T1347] ? __x64_sys_mount+0xd0/0xd0 [ 88.558908][ T1347] ? __kasan_check_write+0x14/0x20 [ 88.563857][ T1347] ? switch_fpu_return+0x15f/0x2e0 [ 88.568802][ T1347] __x64_sys_mount+0xbf/0xd0 [ 88.573232][ T1347] x64_sys_call+0x49d/0x9a0 [ 88.577567][ T1347] do_syscall_64+0x3b/0xb0 [ 88.581820][ T1347] ? clear_bhb_loop+0x35/0x90 [ 88.586343][ T1347] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 88.592254][ T1347] RIP: 0033:0x7f1acb3bdd29 [ 88.596511][ T1347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.616031][ T1347] RSP: 002b:00007f1ac9a0e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 88.624275][ T1347] RAX: ffffffffffffffda RBX: 00007f1acb5ae080 RCX: 00007f1acb3bdd29 [ 88.632086][ T1347] RDX: 0000000020000040 RSI: 0000000020002580 RDI: 0000000000000000 [ 88.639896][ T1347] RBP: 00007f1ac9a0e090 R08: 0000000000000000 R09: 0000000000000000 [ 88.647708][ T1347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.655520][ T1347] R13: 0000000000000001 R14: 00007f1acb5ae080 R15: 00007ffde883ca28 [ 88.663337][ T1347] [ 88.977041][ T1351] syz.4.278[1351] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.979251][ T1351] loop4: detected capacity change from 0 to 16 [ 89.037217][ T1351] erofs: (device loop4): mounted with root inode @ nid 36. [ 89.101797][ T1354] netlink: 12 bytes leftover after parsing attributes in process `syz.0.280'. [ 90.158521][ T30] kauditd_printk_skb: 17 callbacks suppressed [ 90.158538][ T30] audit: type=1326 audit(1737206111.293:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.202519][ T30] audit: type=1326 audit(1737206111.333:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.227612][ T30] audit: type=1326 audit(1737206111.333:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.328333][ T1368] netlink: 12 bytes leftover after parsing attributes in process `syz.0.284'. [ 90.347284][ T30] audit: type=1326 audit(1737206111.333:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.382626][ T30] audit: type=1326 audit(1737206111.333:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.411057][ T30] audit: type=1326 audit(1737206111.333:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.438962][ T1374] netlink: 20 bytes leftover after parsing attributes in process `syz.4.288'. [ 90.447864][ T1374] netlink: 20 bytes leftover after parsing attributes in process `syz.4.288'. [ 90.450743][ T497] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 90.456596][ T30] audit: type=1326 audit(1737206111.333:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.551087][ T30] audit: type=1326 audit(1737206111.333:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.578783][ T30] audit: type=1326 audit(1737206111.343:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.605367][ T30] audit: type=1326 audit(1737206111.393:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1360 comm="syz.1.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1acb3bdd29 code=0x7ffc0000 [ 90.629510][ T1370] loop1: detected capacity change from 0 to 40427 [ 90.665442][ T1370] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 90.686533][ T1370] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 90.706454][ T1370] F2FS-fs (loop1): invalid crc value [ 90.730558][ T1370] F2FS-fs (loop1): Found nat_bits in checkpoint [ 90.774499][ T1370] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 90.782040][ T1370] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 90.860793][ T497] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 90.876274][ T497] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 90.909711][ T497] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 90.929386][ T497] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.951363][ T497] usb 3-1: config 0 descriptor?? [ 91.001271][ T497] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 91.096318][ T1396] handle_bad_sector: 66 callbacks suppressed [ 91.096334][ T1396] attempt to access beyond end of device [ 91.096334][ T1396] loop1: rw=10241, want=45104, limit=40427 [ 91.113488][ T1396] attempt to access beyond end of device [ 91.113488][ T1396] loop1: rw=2049, want=45104, limit=40427 [ 91.177721][ T1396] attempt to access beyond end of device [ 91.177721][ T1396] loop1: rw=2049, want=80080, limit=40427 [ 91.190091][ T1396] attempt to access beyond end of device [ 91.190091][ T1396] loop1: rw=2049, want=80392, limit=40427 [ 91.553020][ T844] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 91.841201][ T844] usb 1-1: Using ep0 maxpacket: 8 [ 91.860268][ T1421] netlink: 12 bytes leftover after parsing attributes in process `syz.3.298'. [ 91.875777][ T1421] device vlan2 entered promiscuous mode [ 91.948624][ T1426] 9pnet: Insufficient options for proto=fd [ 91.980823][ T844] usb 1-1: config 0 has an invalid interface number: 4 but max is 2 [ 91.988853][ T844] usb 1-1: config 0 has an invalid interface number: 4 but max is 2 [ 91.997258][ T844] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 3 [ 92.006370][ T844] usb 1-1: config 0 has no interface number 1 [ 92.012515][ T844] usb 1-1: config 0 interface 4 altsetting 5 endpoint 0x1 has invalid wMaxPacketSize 0 [ 92.022792][ T844] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 92.040788][ T844] usb 1-1: config 0 interface 4 has no altsetting 1 [ 92.094607][ T1430] loop3: detected capacity change from 0 to 256 [ 92.161207][ T1430] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 92.189670][ T1430] exFAT-fs (loop3): hint_cluster is invalid (17) [ 93.151478][ T844] usb 1-1: New USB device found, idVendor=12d1, idProduct=58e0, bcdDevice=45.5e [ 93.160561][ T844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.168428][ T844] usb 1-1: Product: syz [ 93.172581][ T844] usb 1-1: Manufacturer: syz [ 93.176977][ T844] usb 1-1: SerialNumber: syz [ 93.183812][ T1432] usb 3-1: USB disconnect, device number 3 [ 93.191355][ T844] usb 1-1: config 0 descriptor?? [ 93.787498][ T1432] usb 1-1: USB disconnect, device number 7 [ 93.889407][ T1458] loop2: detected capacity change from 0 to 512 [ 93.901995][ T1460] netlink: 12 bytes leftover after parsing attributes in process `syz.3.310'. [ 93.913469][ T1460] device vlan2 entered promiscuous mode [ 93.928484][ T1458] EXT4-fs (loop2): mounted filesystem without journal. Opts: resgid=0x0000000000000000,noload,noblock_validity,,errors=continue. Quota mode: none. [ 93.948902][ T1458] EXT4-fs (loop2): Couldn't remount RDWR because of unprocessed orphan inode list. Please umount/remount instead [ 94.008266][ T1468] netlink: 28 bytes leftover after parsing attributes in process `syz.3.314'. [ 94.410763][ T60] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 94.770791][ T60] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 94.780823][ T60] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 94.794129][ T60] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 94.806418][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.817992][ T60] usb 4-1: config 0 descriptor?? [ 94.861325][ T60] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 94.881555][ T1496] FAULT_INJECTION: forcing a failure. [ 94.881555][ T1496] name failslab, interval 1, probability 0, space 0, times 0 [ 94.904139][ T1496] CPU: 1 PID: 1496 Comm: syz.2.321 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 94.913778][ T1496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 94.923670][ T1496] Call Trace: [ 94.926796][ T1496] [ 94.929573][ T1496] dump_stack_lvl+0x151/0x1c0 [ 94.934087][ T1496] ? io_uring_drop_tctx_refs+0x190/0x190 [ 94.939555][ T1496] dump_stack+0x15/0x20 [ 94.943547][ T1496] should_fail+0x3c6/0x510 [ 94.947819][ T1496] __should_failslab+0xa4/0xe0 [ 94.952401][ T1496] should_failslab+0x9/0x20 [ 94.956735][ T1496] slab_pre_alloc_hook+0x37/0xd0 [ 94.961515][ T1496] __kmalloc+0x6d/0x2c0 [ 94.965505][ T1496] ? kvmalloc_node+0x1f0/0x4d0 [ 94.970103][ T1496] kvmalloc_node+0x1f0/0x4d0 [ 94.974533][ T1496] ? vm_mmap+0xb0/0xb0 [ 94.978434][ T1496] ? get_random_bytes+0x1c/0x30 [ 94.983122][ T1496] ? ip6_tnl_dev_setup+0x1f7/0x2e0 [ 94.988069][ T1496] alloc_netdev_mqs+0x5c4/0xc90 [ 94.992759][ T1496] ? IP6_ECN_decapsulate+0x1860/0x1860 [ 94.998061][ T1496] ip6_tnl_locate+0x570/0x6c0 [ 95.002565][ T1496] ? ip6_tnl_link_config+0x9a0/0x9a0 [ 95.007687][ T1496] ? ip6_tnl_siocdevprivate+0x9d4/0x16e0 [ 95.013154][ T1496] ? memcpy+0x56/0x70 [ 95.016970][ T1496] ip6_tnl_siocdevprivate+0x9fa/0x16e0 [ 95.022268][ T1496] ? ip6_tnl_start_xmit+0x1690/0x1690 [ 95.027575][ T1496] ? full_name_hash+0xa0/0xf0 [ 95.032086][ T1496] dev_ifsioc+0xc75/0x10c0 [ 95.036337][ T1496] ? dev_ioctl+0xe70/0xe70 [ 95.040590][ T1496] ? mutex_lock+0xb6/0x1e0 [ 95.044846][ T1496] ? wait_for_completion_killable_timeout+0x10/0x10 [ 95.051269][ T1496] dev_ioctl+0x5f3/0xe70 [ 95.055347][ T1496] sock_ioctl+0x665/0x740 [ 95.059509][ T1496] ? sock_poll+0x400/0x400 [ 95.063768][ T1496] ? security_file_ioctl+0x84/0xb0 [ 95.068707][ T1496] ? sock_poll+0x400/0x400 [ 95.072965][ T1496] __se_sys_ioctl+0x114/0x190 [ 95.077477][ T1496] __x64_sys_ioctl+0x7b/0x90 [ 95.081912][ T1496] x64_sys_call+0x98/0x9a0 [ 95.086155][ T1496] do_syscall_64+0x3b/0xb0 [ 95.090408][ T1496] ? clear_bhb_loop+0x35/0x90 [ 95.094923][ T1496] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 95.100650][ T1496] RIP: 0033:0x7f2cf01e2d29 [ 95.104905][ T1496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.124345][ T1496] RSP: 002b:00007f2cee854038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 95.132591][ T1496] RAX: ffffffffffffffda RBX: 00007f2cf03d2fa0 RCX: 00007f2cf01e2d29 [ 95.140401][ T1496] RDX: 0000000020000900 RSI: 00000000000089f1 RDI: 0000000000000004 [ 95.148211][ T1496] RBP: 00007f2cee854090 R08: 0000000000000000 R09: 0000000000000000 [ 95.156023][ T1496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.163839][ T1496] R13: 0000000000000000 R14: 00007f2cf03d2fa0 R15: 00007ffe95219b38 [ 95.171657][ T1496] [ 95.221907][ T30] kauditd_printk_skb: 57 callbacks suppressed [ 95.221923][ T30] audit: type=1326 audit(1737206116.353:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.298321][ T30] audit: type=1326 audit(1737206116.353:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.336570][ T30] audit: type=1326 audit(1737206116.353:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.389530][ T1508] netlink: 28 bytes leftover after parsing attributes in process `syz.4.325'. [ 95.492650][ T1507] netlink: 12 bytes leftover after parsing attributes in process `syz.2.326'. [ 95.557112][ T1507] device vlan2 entered promiscuous mode [ 95.652018][ T30] audit: type=1326 audit(1737206116.363:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.675360][ T30] audit: type=1326 audit(1737206116.363:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.698466][ T30] audit: type=1326 audit(1737206116.363:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.721548][ T30] audit: type=1326 audit(1737206116.363:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.744640][ T30] audit: type=1326 audit(1737206116.363:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.768579][ T30] audit: type=1326 audit(1737206116.363:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.791958][ T30] audit: type=1326 audit(1737206116.363:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1499 comm="syz.4.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 95.950778][ T1432] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 96.100497][ T1527] loop0: detected capacity change from 0 to 4096 [ 96.176139][ T1527] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 96.236802][ T1432] usb 5-1: Using ep0 maxpacket: 32 [ 96.371032][ T1432] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 96.379245][ T1432] usb 5-1: config 0 has no interface number 0 [ 96.386962][ T1432] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 96.398863][ T1432] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 96.409436][ T1432] usb 5-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 96.419683][ T1432] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.434354][ T1432] usb 5-1: config 0 descriptor?? [ 96.564537][ T1533] loop1: detected capacity change from 0 to 512 [ 96.622722][ T1533] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,bsddf,. Quota mode: writeback. [ 96.634807][ T1533] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.659849][ T1533] EXT4-fs error (device loop1): ext4_get_first_dir_block:3597: inode #12: comm syz.1.332: Attempting to read directory block (0) that is past i_size (3) [ 96.690899][ T1533] EXT4-fs (loop1): Remounting filesystem read-only [ 96.761963][ T1540] loop2: detected capacity change from 0 to 256 [ 97.717300][ T497] usb 4-1: USB disconnect, device number 4 [ 97.737765][ T1549] loop1: detected capacity change from 0 to 512 [ 97.749373][ T1548] 9pnet: p9_errstr2errno: server reported unknown error [ 97.778109][ T1551] loop0: detected capacity change from 0 to 256 [ 97.785101][ T1549] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,bsddf,. Quota mode: writeback. [ 97.811112][ T1549] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.821928][ T1548] loop3: detected capacity change from 0 to 8192 [ 97.839365][ T1549] EXT4-fs error (device loop1): ext4_get_first_dir_block:3597: inode #12: comm syz.1.336: Attempting to read directory block (0) that is past i_size (3) [ 97.862234][ T1548] FAT-fs (loop3): Unrecognized mount option "" or missing value [ 97.881275][ T1549] EXT4-fs (loop1): Remounting filesystem read-only [ 97.961831][ T1432] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0094.0001/input/input6 [ 97.975590][ T1432] uclogic 0003:28BD:0094.0001: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.4-1/input1 [ 98.688969][ T1571] loop0: detected capacity change from 0 to 256 [ 99.360782][ T497] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 99.411263][ T844] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 99.419015][ T449] usb 5-1: USB disconnect, device number 6 [ 99.494410][ T1599] loop4: detected capacity change from 0 to 1024 [ 99.543948][ T1599] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,usrquota,data_err=abort,user_xattr,,errors=continue. Quota mode: writeback. [ 99.663374][ T497] usb 3-1: Using ep0 maxpacket: 8 [ 100.050876][ T497] usb 3-1: config 0 has an invalid interface number: 4 but max is 2 [ 100.059152][ T497] usb 3-1: config 0 has an invalid interface number: 4 but max is 2 [ 100.095550][ T497] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 3 [ 100.130983][ T844] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 100.154249][ T497] usb 3-1: config 0 has no interface number 1 [ 100.165261][ T844] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 100.232826][ T497] usb 3-1: config 0 interface 4 altsetting 5 endpoint 0x1 has invalid wMaxPacketSize 0 [ 100.242492][ T844] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 100.251656][ T497] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 100.261156][ T844] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.268956][ T497] usb 3-1: config 0 interface 4 has no altsetting 1 [ 100.276091][ T844] usb 4-1: config 0 descriptor?? [ 100.321393][ T844] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 100.460795][ T497] usb 3-1: New USB device found, idVendor=12d1, idProduct=58e0, bcdDevice=45.5e [ 100.469945][ T497] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.510606][ T497] usb 3-1: Product: syz [ 100.550477][ T1619] netlink: 24 bytes leftover after parsing attributes in process `syz.0.359'. [ 100.555892][ T497] usb 3-1: Manufacturer: syz [ 100.563849][ T497] usb 3-1: SerialNumber: syz [ 100.570224][ T497] usb 3-1: config 0 descriptor?? [ 100.645987][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 100.646021][ T30] audit: type=1326 audit(1737206121.783:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbcbc79d29 code=0x7ffc0000 [ 100.652614][ T1622] loop0: detected capacity change from 0 to 1024 [ 100.683308][ T30] audit: type=1326 audit(1737206121.783:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdbcbc79d29 code=0x7ffc0000 [ 100.706996][ T30] audit: type=1326 audit(1737206121.783:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdbcbc79d63 code=0x7ffc0000 [ 100.730100][ T30] audit: type=1326 audit(1737206121.783:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdbcbc787df code=0x7ffc0000 [ 100.753226][ T30] audit: type=1326 audit(1737206121.783:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdbcbc79db7 code=0x7ffc0000 [ 100.776685][ T30] audit: type=1326 audit(1737206121.783:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdbcbc78690 code=0x7ffc0000 [ 100.802909][ T30] audit: type=1326 audit(1737206121.783:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdbcbc7992b code=0x7ffc0000 [ 100.837121][ T30] audit: type=1326 audit(1737206121.823:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdbcbc7898a code=0x7ffc0000 [ 100.863447][ T30] audit: type=1326 audit(1737206121.823:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fdbcbc7898a code=0x7ffc0000 [ 100.936549][ T1622] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue. Quota mode: none. [ 100.958259][ T844] usb 3-1: USB disconnect, device number 4 [ 100.989862][ T30] audit: type=1326 audit(1737206121.893:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1618 comm="syz.0.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fdbcbc78597 code=0x7ffc0000 [ 101.065812][ T1638] loop1: detected capacity change from 0 to 512 [ 101.090073][ T1640] loop0: detected capacity change from 0 to 256 [ 101.182619][ T1638] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 101.193678][ T1638] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.624768][ T1655] incfs: Backing dir is not set, filesystem can't be mounted. [ 101.637467][ T1655] incfs: mount failed -2 [ 101.646151][ T1655] overlayfs: failed to resolve './file1': -2 [ 102.753864][ T20] usb 4-1: USB disconnect, device number 5 [ 104.211794][ T1683] loop3: detected capacity change from 0 to 256 [ 104.290795][ T592] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 104.379415][ T1688] loop2: detected capacity change from 0 to 256 [ 104.764902][ T1688] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 104.981644][ T592] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 105.003325][ T1688] FAT-fs (loop2): Directory bread(block 64) failed [ 105.010170][ T592] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 105.031482][ T592] usb 1-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 105.325982][ T1688] FAT-fs (loop2): Directory bread(block 65) failed [ 105.339756][ T1688] FAT-fs (loop2): Directory bread(block 66) failed [ 105.362496][ T1688] FAT-fs (loop2): Directory bread(block 67) failed [ 105.371147][ T592] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.372281][ T1688] FAT-fs (loop2): Directory bread(block 68) failed [ 105.387251][ T1688] FAT-fs (loop2): Directory bread(block 69) failed [ 105.388691][ T592] usb 1-1: config 0 descriptor?? [ 105.398653][ T1688] FAT-fs (loop2): Directory bread(block 70) failed [ 105.405527][ T1688] FAT-fs (loop2): Directory bread(block 71) failed [ 105.412594][ T1688] FAT-fs (loop2): Directory bread(block 72) failed [ 105.419040][ T1688] FAT-fs (loop2): Directory bread(block 73) failed [ 105.466934][ T1699] loop3: detected capacity change from 0 to 256 [ 105.631055][ T1699] exfat: Unknown parameter '0x00000000ffffffff' [ 107.022262][ T592] logitech-hidpp-device 0003:046D:C086.0002: unknown main item tag 0xe [ 107.101500][ T592] logitech-hidpp-device 0003:046D:C086.0002: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.0-1/input0 [ 107.219311][ T1715] loop1: detected capacity change from 0 to 256 [ 107.821878][ T317] usb 1-1: USB disconnect, device number 8 [ 108.007771][ T1725] netlink: 12 bytes leftover after parsing attributes in process `syz.4.389'. [ 108.111263][ T1726] FAULT_INJECTION: forcing a failure. [ 108.111263][ T1726] name failslab, interval 1, probability 0, space 0, times 0 [ 108.140754][ T1726] CPU: 0 PID: 1726 Comm: syz.0.387 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 108.150398][ T1726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 108.160298][ T1726] Call Trace: [ 108.163417][ T1726] [ 108.166195][ T1726] dump_stack_lvl+0x151/0x1c0 [ 108.170791][ T1726] ? io_uring_drop_tctx_refs+0x190/0x190 [ 108.176261][ T1726] dump_stack+0x15/0x20 [ 108.180252][ T1726] should_fail+0x3c6/0x510 [ 108.184507][ T1726] __should_failslab+0xa4/0xe0 [ 108.189105][ T1726] ? security_inode_alloc+0x29/0x120 [ 108.194224][ T1726] should_failslab+0x9/0x20 [ 108.198562][ T1726] slab_pre_alloc_hook+0x37/0xd0 [ 108.203339][ T1726] ? security_inode_alloc+0x29/0x120 [ 108.208454][ T1726] kmem_cache_alloc+0x44/0x250 [ 108.213056][ T1726] security_inode_alloc+0x29/0x120 [ 108.218004][ T1726] inode_init_always+0x76d/0x9d0 [ 108.222777][ T1726] ? sockfs_init_fs_context+0xb0/0xb0 [ 108.227984][ T1726] new_inode_pseudo+0x93/0x220 [ 108.232587][ T1726] __sock_create+0x132/0x7e0 [ 108.237014][ T1726] ? exit_to_user_mode_prepare+0x39/0xa0 [ 108.242481][ T1726] ? irqentry_exit_to_user_mode+0xe/0x10 [ 108.247945][ T1726] __sys_socket+0x132/0x370 [ 108.252291][ T1726] ? sock_create_kern+0x50/0x50 [ 108.256974][ T1726] __x64_sys_socket+0x7a/0x90 [ 108.261486][ T1726] x64_sys_call+0x147/0x9a0 [ 108.265827][ T1726] do_syscall_64+0x3b/0xb0 [ 108.270082][ T1726] ? clear_bhb_loop+0x35/0x90 [ 108.274593][ T1726] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 108.280323][ T1726] RIP: 0033:0x7fdbcbc7bc47 [ 108.284575][ T1726] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.304022][ T1726] RSP: 002b:00007fdbca2c8fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 108.312263][ T1726] RAX: ffffffffffffffda RBX: 00007fdbcbe6a080 RCX: 00007fdbcbc7bc47 [ 108.320071][ T1726] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 108.327885][ T1726] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 108.335694][ T1726] R10: 0000000020000040 R11: 0000000000000286 R12: 0000000000000001 [ 108.343505][ T1726] R13: 0000000000000000 R14: 00007fdbcbe6a080 R15: 00007ffe0c299df8 [ 108.351332][ T1726] [ 108.359932][ T1726] socket: no more sockets [ 108.620566][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 108.626844][ T30] audit: type=1400 audit(1737206129.753:1108): avc: denied { create } for pid=1734 comm="syz.3.392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 108.647379][ T1736] input: syz0 as /devices/virtual/input/input7 [ 108.823977][ T30] audit: type=1400 audit(1737206129.763:1109): avc: denied { read write } for pid=1734 comm="syz.3.392" name="uinput" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 108.876862][ T1739] loop2: detected capacity change from 0 to 256 [ 108.917354][ T30] audit: type=1400 audit(1737206129.763:1110): avc: denied { open } for pid=1734 comm="syz.3.392" path="/dev/uinput" dev="devtmpfs" ino=254 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 108.945879][ T30] audit: type=1400 audit(1737206129.783:1111): avc: denied { ioctl } for pid=1734 comm="syz.3.392" path="/dev/uinput" dev="devtmpfs" ino=254 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 108.996354][ T1741] loop4: detected capacity change from 0 to 256 [ 109.977517][ T1751] loop0: detected capacity change from 0 to 1024 [ 110.016369][ T1751] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 110.035885][ T1751] EXT4-fs (loop0): orphan cleanup on readonly fs [ 110.049102][ T1751] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.396: Invalid block bitmap block 0 in block_group 0 [ 110.062845][ T1751] Quota error (device loop0): write_blk: dquota write failed [ 110.071973][ T1751] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 110.085750][ T1751] EXT4-fs error (device loop0): ext4_acquire_dquot:6188: comm syz.0.396: Failed to acquire dquot type 0 [ 110.098219][ T1751] EXT4-fs error (device loop0): ext4_free_blocks:6223: comm syz.0.396: Freeing blocks not in datazone - block = 0, count = 4096 [ 110.111857][ T1751] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.396: Invalid inode bitmap blk 0 in block_group 0 [ 110.124515][ T1751] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem [ 110.133346][ T391] Quota error (device loop0): remove_tree: Getting block too big (0 >= 9) [ 110.142340][ T1751] EXT4-fs (loop0): 1 orphan inode deleted [ 110.148056][ T391] EXT4-fs error (device loop0): ext4_release_dquot:6211: comm kworker/u4:5: Failed to release dquot type 0 [ 110.159937][ T1751] EXT4-fs (loop0): mounted filesystem without journal. Opts: ; ,errors=continue. Quota mode: writeback. [ 110.517400][ T1768] netlink: 12 bytes leftover after parsing attributes in process `syz.3.400'. [ 110.555742][ T30] audit: type=1326 audit(1737206131.693:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1772 comm="syz.3.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 110.579383][ T1773] loop3: detected capacity change from 0 to 2048 [ 110.579533][ T30] audit: type=1326 audit(1737206131.693:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1772 comm="syz.3.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 110.620247][ T30] audit: type=1326 audit(1737206131.693:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1772 comm="syz.3.402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 110.646815][ T1773] EXT4-fs (loop3): mounted filesystem without journal. Opts: noload,,errors=continue. Quota mode: none. [ 110.649637][ T1777] loop2: detected capacity change from 0 to 256 [ 110.657975][ T1773] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.193700][ T1789] loop2: detected capacity change from 0 to 128 [ 112.210805][ T1791] loop0: detected capacity change from 0 to 1024 [ 112.292397][ T1791] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 112.299590][ T1791] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 112.346479][ T1793] loop2: detected capacity change from 0 to 256 [ 112.374931][ T1791] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,delalloc,minixdf,errors=remount-ro,dioread_nolock,max_dir_size_kb=0x0000000000000009,nomblk_io_submit,grpquota,. Quota mode: writeback. [ 112.596700][ T1803] netlink: 12 bytes leftover after parsing attributes in process `syz.4.412'. [ 112.818036][ T1807] loop3: detected capacity change from 0 to 512 [ 112.960903][ T1807] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 112.972027][ T1807] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.982863][ T1813] loop0: detected capacity change from 0 to 1024 [ 113.039721][ T1813] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 113.064746][ T1813] EXT4-fs (loop0): orphan cleanup on readonly fs [ 113.158066][ T1813] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.413: Invalid block bitmap block 0 in block_group 0 [ 113.298535][ T1813] EXT4-fs error (device loop0): ext4_acquire_dquot:6188: comm syz.0.413: Failed to acquire dquot type 0 [ 113.309791][ T1813] EXT4-fs error (device loop0): ext4_free_blocks:6223: comm syz.0.413: Freeing blocks not in datazone - block = 0, count = 4096 [ 113.326708][ T1813] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.413: Invalid inode bitmap blk 0 in block_group 0 [ 113.339276][ T1813] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem [ 113.348246][ T1813] EXT4-fs (loop0): 1 orphan inode deleted [ 113.354925][ T391] EXT4-fs error (device loop0): ext4_release_dquot:6211: comm kworker/u4:5: Failed to release dquot type 0 [ 113.384383][ T1822] netlink: 20 bytes leftover after parsing attributes in process `syz.1.416'. [ 113.398972][ T1822] netlink: 20 bytes leftover after parsing attributes in process `syz.1.416'. [ 113.409508][ T1813] EXT4-fs (loop0): mounted filesystem without journal. Opts: ; ,errors=continue. Quota mode: writeback. [ 113.455770][ T1825] loop1: detected capacity change from 0 to 256 [ 115.112207][ T1835] loop4: detected capacity change from 0 to 256 [ 115.351937][ T1848] loop2: detected capacity change from 0 to 512 [ 116.692400][ T30] kauditd_printk_skb: 45 callbacks suppressed [ 116.692484][ T30] audit: type=1400 audit(1737206137.353:1157): avc: denied { write } for pid=1838 comm="syz.1.421" name="igmp" dev="proc" ino=4026532509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 116.879490][ T1848] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,bsddf,. Quota mode: writeback. [ 116.892166][ T1848] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 116.928656][ T1848] EXT4-fs error (device loop2): ext4_get_first_dir_block:3597: inode #12: comm syz.2.424: Attempting to read directory block (0) that is past i_size (3) [ 116.947242][ T1848] EXT4-fs (loop2): Remounting filesystem read-only [ 117.200503][ T1867] netlink: 12 bytes leftover after parsing attributes in process `syz.0.428'. [ 117.220575][ T1867] device vlan2 entered promiscuous mode [ 117.332778][ T1871] loop3: detected capacity change from 0 to 512 [ 117.381040][ T1871] EXT4-fs (loop3): 1 orphan inode deleted [ 117.383052][ T1875] netlink: 20 bytes leftover after parsing attributes in process `syz.2.427'. [ 117.386608][ T1871] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 117.395702][ T1875] netlink: 20 bytes leftover after parsing attributes in process `syz.2.427'. [ 117.408904][ T1871] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.432900][ T30] audit: type=1400 audit(1737206138.573:1158): avc: denied { ioctl } for pid=1870 comm="syz.3.430" path="/newroot/80/file1/file1" dev="loop3" ino=15 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 117.496454][ T1879] loop2: detected capacity change from 0 to 4096 [ 117.538988][ T1879] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 117.564215][ T1885] loop3: detected capacity change from 0 to 512 [ 117.646367][ T1885] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback. [ 117.660153][ T1885] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 118.336445][ T30] audit: type=1326 audit(1737206139.473:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 118.359933][ T30] audit: type=1326 audit(1737206139.473:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 118.383189][ T30] audit: type=1326 audit(1737206139.473:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 118.452397][ T315] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 118.465188][ T30] audit: type=1326 audit(1737206139.473:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 118.491494][ T30] audit: type=1326 audit(1737206139.473:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 118.514918][ T30] audit: type=1326 audit(1737206139.473:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 118.538451][ T30] audit: type=1326 audit(1737206139.473:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 118.561959][ T30] audit: type=1326 audit(1737206139.473:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1884 comm="syz.3.434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a854d3d29 code=0x7ffc0000 [ 118.620466][ T1897] loop2: detected capacity change from 0 to 256 [ 118.651235][ T1897] exfat: Bad value for 'gid' [ 118.752106][ T1899] loop1: detected capacity change from 0 to 128 [ 118.929118][ T1901] netlink: 24 bytes leftover after parsing attributes in process `syz.4.438'. [ 119.634409][ T315] usb 1-1: Using ep0 maxpacket: 16 [ 119.710765][ T20] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 119.719928][ T1913] loop4: detected capacity change from 0 to 256 [ 119.790819][ T315] usb 1-1: config 1 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 119.801601][ T315] usb 1-1: config 1 interface 0 altsetting 3 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 120.405670][ T315] usb 1-1: config 1 interface 0 has no altsetting 0 [ 120.425739][ T1921] netlink: 20 bytes leftover after parsing attributes in process `syz.0.442'. [ 120.434611][ T1921] netlink: 20 bytes leftover after parsing attributes in process `syz.0.442'. [ 120.451706][ T315] usb 1-1: string descriptor 0 read error: -71 [ 120.459569][ T315] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 120.468597][ T315] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.490954][ T315] usb 1-1: can't set config #1, error -71 [ 120.497079][ T315] usb 1-1: USB disconnect, device number 9 [ 120.670813][ T20] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 120.685795][ T20] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 120.714137][ T1938] loop4: detected capacity change from 0 to 4096 [ 120.720337][ T20] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 120.738396][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.749784][ T20] usb 4-1: config 0 descriptor?? [ 120.781654][ T1938] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 120.791436][ T20] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 121.615114][ T1954] netlink: 24 bytes leftover after parsing attributes in process `syz.4.451'. [ 121.647784][ T1955] loop0: detected capacity change from 0 to 256 [ 121.712365][ T1955] FAT-fs (loop0): Unrecognized mount option "iocharset" or missing value [ 121.754901][ T1958] netlink: 20 bytes leftover after parsing attributes in process `syz.2.453'. [ 121.771960][ T1958] netlink: 20 bytes leftover after parsing attributes in process `syz.2.453'. [ 121.886600][ T1952] loop1: detected capacity change from 0 to 40427 [ 121.908400][ T1955] loop0: detected capacity change from 0 to 2048 [ 121.942383][ T1952] F2FS-fs (loop1): invalid crc value [ 121.952135][ T1952] F2FS-fs (loop1): Found nat_bits in checkpoint [ 121.981890][ T1955] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrjquota=,,errors=continue. Quota mode: none. [ 121.997543][ T1952] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 121.999943][ T1955] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.014572][ T1952] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 122.047052][ T30] kauditd_printk_skb: 39 callbacks suppressed [ 122.047087][ T30] audit: type=1400 audit(1737206143.183:1206): avc: denied { setattr } for pid=1951 comm="syz.1.452" name="work" dev="loop1" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 122.048754][ T1952] overlayfs: conflicting lowerdir path [ 122.056647][ T30] audit: type=1400 audit(1737206143.183:1207): avc: denied { rename } for pid=1951 comm="syz.1.452" name="#5" dev="loop1" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 122.103463][ T30] audit: type=1400 audit(1737206143.183:1208): avc: denied { unlink } for pid=1951 comm="syz.1.452" name="#5" dev="loop1" ino=23 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1 [ 122.125729][ T30] audit: type=1400 audit(1737206143.183:1209): avc: denied { unlink } for pid=1951 comm="syz.1.452" name="#6" dev="loop1" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 122.148587][ T1952] attempt to access beyond end of device [ 122.148587][ T1952] loop1: rw=2049, want=45104, limit=40427 [ 122.328543][ T1973] 9pnet: Insufficient options for proto=fd [ 122.355590][ T1975] loop1: detected capacity change from 0 to 256 [ 122.807503][ T1984] FAULT_INJECTION: forcing a failure. [ 122.807503][ T1984] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 122.820512][ T1984] CPU: 1 PID: 1984 Comm: syz.2.458 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 122.830089][ T1984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 122.839995][ T1984] Call Trace: [ 122.843114][ T1984] [ 122.845895][ T1984] dump_stack_lvl+0x151/0x1c0 [ 122.850405][ T1984] ? io_uring_drop_tctx_refs+0x190/0x190 [ 122.855890][ T1984] dump_stack+0x15/0x20 [ 122.859870][ T1984] should_fail+0x3c6/0x510 [ 122.864119][ T1984] should_fail_usercopy+0x1a/0x20 [ 122.868975][ T1984] _copy_to_user+0x20/0x90 [ 122.873231][ T1984] simple_read_from_buffer+0xc7/0x150 [ 122.878438][ T1984] proc_fail_nth_read+0x1a3/0x210 [ 122.883301][ T1984] ? proc_fault_inject_write+0x390/0x390 [ 122.888779][ T1984] ? fsnotify_perm+0x269/0x5b0 [ 122.893366][ T1984] ? security_file_permission+0x86/0xb0 [ 122.898834][ T1984] ? proc_fault_inject_write+0x390/0x390 [ 122.904305][ T1984] vfs_read+0x27d/0xd40 [ 122.908306][ T1984] ? kernel_read+0x1f0/0x1f0 [ 122.912721][ T1984] ? __kasan_check_write+0x14/0x20 [ 122.917674][ T1984] ? mutex_lock+0xb6/0x1e0 [ 122.921922][ T1984] ? wait_for_completion_killable_timeout+0x10/0x10 [ 122.928345][ T1984] ? __fdget_pos+0x2e7/0x3a0 [ 122.932773][ T1984] ? ksys_read+0x77/0x2c0 [ 122.936940][ T1984] ksys_read+0x199/0x2c0 [ 122.941019][ T1984] ? vfs_write+0x1110/0x1110 [ 122.945442][ T1984] __x64_sys_read+0x7b/0x90 [ 122.949783][ T1984] x64_sys_call+0x28/0x9a0 [ 122.954033][ T1984] do_syscall_64+0x3b/0xb0 [ 122.958294][ T1984] ? clear_bhb_loop+0x35/0x90 [ 122.962803][ T1984] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 122.968528][ T1984] RIP: 0033:0x7f2cf01e173c [ 122.972787][ T1984] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 122.992225][ T1984] RSP: 002b:00007f2cee812030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 123.000475][ T1984] RAX: ffffffffffffffda RBX: 00007f2cf03d3160 RCX: 00007f2cf01e173c [ 123.008279][ T1984] RDX: 000000000000000f RSI: 00007f2cee8120a0 RDI: 000000000000000f [ 123.016095][ T1984] RBP: 00007f2cee812090 R08: 0000000000000000 R09: 0000000000000000 [ 123.023900][ T1984] R10: 0000000020000a00 R11: 0000000000000246 R12: 0000000000000001 [ 123.031719][ T1984] R13: 0000000000000000 R14: 00007f2cf03d3160 R15: 00007ffe95219b38 [ 123.039529][ T1984] [ 123.054116][ T20] usb 4-1: USB disconnect, device number 6 [ 123.181214][ T1996] loop3: detected capacity change from 0 to 4096 [ 123.245388][ T1999] netlink: 20 bytes leftover after parsing attributes in process `syz.2.463'. [ 123.257539][ T1996] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 123.366270][ T1999] device vlan2 entered promiscuous mode [ 123.381766][ T30] audit: type=1400 audit(1737206144.523:1210): avc: denied { write } for pid=2002 comm="syz.1.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 123.416998][ T30] audit: type=1400 audit(1737206144.523:1211): avc: denied { nlmsg_write } for pid=2002 comm="syz.1.465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 123.952293][ T2016] netlink: 24 bytes leftover after parsing attributes in process `syz.0.469'. [ 125.119502][ T2021] loop4: detected capacity change from 0 to 256 [ 125.190787][ T30] audit: type=1400 audit(1737206146.313:1212): avc: denied { read } for pid=2023 comm="syz.3.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 125.228579][ T2028] loop3: detected capacity change from 0 to 256 [ 125.941548][ T2042] loop4: detected capacity change from 0 to 256 [ 126.005801][ T2046] loop2: detected capacity change from 0 to 256 [ 126.041213][ T2046] exfat: Bad value for 'gid' [ 127.013507][ T2055] netlink: 20 bytes leftover after parsing attributes in process `syz.2.479'. [ 127.095060][ T2055] device vlan2 entered promiscuous mode [ 127.175032][ T2058] loop4: detected capacity change from 0 to 4096 [ 127.197024][ T2058] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 129.194232][ T2072] loop0: detected capacity change from 0 to 256 [ 129.219285][ T2074] loop1: detected capacity change from 0 to 256 [ 129.234893][ T30] audit: type=1400 audit(1737206150.373:1213): avc: denied { watch watch_reads } for pid=2068 comm="syz.2.483" path="/99/control" dev="tmpfs" ino=567 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 129.299259][ T2083] FAULT_INJECTION: forcing a failure. [ 129.299259][ T2083] name failslab, interval 1, probability 0, space 0, times 0 [ 129.311945][ T2083] CPU: 0 PID: 2083 Comm: syz.4.487 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 129.321573][ T2083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 129.331471][ T2083] Call Trace: [ 129.334595][ T2083] [ 129.337369][ T2083] dump_stack_lvl+0x151/0x1c0 [ 129.341888][ T2083] ? io_uring_drop_tctx_refs+0x190/0x190 [ 129.347353][ T2083] ? avc_has_perm_noaudit+0x348/0x430 [ 129.352570][ T2083] dump_stack+0x15/0x20 [ 129.356550][ T2083] should_fail+0x3c6/0x510 [ 129.360805][ T2083] __should_failslab+0xa4/0xe0 [ 129.365411][ T2083] should_failslab+0x9/0x20 [ 129.369746][ T2083] slab_pre_alloc_hook+0x37/0xd0 [ 129.374518][ T2083] __kmalloc+0x6d/0x2c0 [ 129.378511][ T2083] ? inotify_handle_inode_event+0x17f/0x4b0 [ 129.384335][ T2083] inotify_handle_inode_event+0x17f/0x4b0 [ 129.389891][ T2083] inotify_ignored_and_remove_idr+0x29/0x70 [ 129.395617][ T2083] inotify_freeing_mark+0x1d/0x30 [ 129.400474][ T2083] ? inotify_free_group_priv+0x80/0x80 [ 129.405768][ T2083] fsnotify_destroy_mark+0x125/0x180 [ 129.410886][ T2083] fsnotify_destroy_marks+0x284/0x4f0 [ 129.416091][ T2083] ? fsnotify_clear_marks_by_group+0x6b0/0x6b0 [ 129.422087][ T2083] ? __kasan_check_write+0x14/0x20 [ 129.427032][ T2083] __fsnotify_inode_delete+0x1c/0x20 [ 129.432326][ T2083] dentry_unlink_inode+0x2e7/0x430 [ 129.437300][ T2083] d_delete+0xa5/0x190 [ 129.441171][ T2083] vfs_rmdir+0x209/0x470 [ 129.445250][ T2083] do_rmdir+0x3ab/0x630 [ 129.449243][ T2083] ? d_delete_notify+0x160/0x160 [ 129.454019][ T2083] ? strncpy_from_user+0x18e/0x2d0 [ 129.458963][ T2083] ? getname_flags+0x1fd/0x520 [ 129.463567][ T2083] __x64_sys_rmdir+0x49/0x50 [ 129.467989][ T2083] x64_sys_call+0x274/0x9a0 [ 129.472330][ T2083] do_syscall_64+0x3b/0xb0 [ 129.476580][ T2083] ? clear_bhb_loop+0x35/0x90 [ 129.481095][ T2083] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 129.486830][ T2083] RIP: 0033:0x7f6623c63d29 [ 129.491345][ T2083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.510786][ T2083] RSP: 002b:00007f66222b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 129.519031][ T2083] RAX: ffffffffffffffda RBX: 00007f6623e54080 RCX: 00007f6623c63d29 [ 129.526839][ T2083] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 [ 129.534665][ T2083] RBP: 00007f66222b4090 R08: 0000000000000000 R09: 0000000000000000 [ 129.542471][ T2083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 129.550275][ T2083] R13: 0000000000000000 R14: 00007f6623e54080 R15: 00007ffd739bc108 [ 129.558091][ T2083] [ 129.968898][ T2090] netlink: 12 bytes leftover after parsing attributes in process `syz.4.489'. [ 130.219626][ T2099] netlink: 20 bytes leftover after parsing attributes in process `syz.1.493'. [ 130.228412][ T2099] netlink: 20 bytes leftover after parsing attributes in process `syz.1.493'. [ 130.285079][ T2101] loop4: detected capacity change from 0 to 128 [ 130.438104][ T2101] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002] [ 130.446115][ T2101] System zones: 1-3, 19-19, 35-36 [ 130.491954][ T2101] EXT4-fs (loop4): mounted filesystem without journal. Opts: resgid=0x0000000000000000,debug,,errors=continue. Quota mode: none. [ 130.505730][ T2101] ext4 filesystem being mounted at /108/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 130.547947][ T2101] FAULT_INJECTION: forcing a failure. [ 130.547947][ T2101] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.560789][ T2101] CPU: 0 PID: 2101 Comm: syz.4.491 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 130.570423][ T2101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 130.580318][ T2101] Call Trace: [ 130.583540][ T2101] [ 130.586314][ T2101] dump_stack_lvl+0x151/0x1c0 [ 130.590828][ T2101] ? io_uring_drop_tctx_refs+0x190/0x190 [ 130.596295][ T2101] ? avc_has_extended_perms+0xad7/0x10f0 [ 130.601765][ T2101] dump_stack+0x15/0x20 [ 130.605755][ T2101] should_fail+0x3c6/0x510 [ 130.610009][ T2101] should_fail_usercopy+0x1a/0x20 [ 130.614869][ T2101] strncpy_from_user+0x24/0x2d0 [ 130.619644][ T2101] strncpy_from_user_nofault+0x73/0x150 [ 130.625026][ T2101] bpf_probe_read_compat_str+0xec/0x180 [ 130.630406][ T2101] bpf_prog_d73d3bb03d5a037f+0x35/0xb08 [ 130.635790][ T2101] bpf_trace_run3+0x11e/0x250 [ 130.640299][ T2101] ? sched_clock_cpu+0x18/0x3b0 [ 130.644988][ T2101] ? bpf_trace_run2+0x210/0x210 [ 130.649676][ T2101] ? psi_task_switch+0x53/0x810 [ 130.654373][ T2101] __bpf_trace_sched_switch+0xb/0x10 [ 130.659494][ T2101] __schedule+0x134b/0x1590 [ 130.663829][ T2101] ? release_firmware_map_entry+0x190/0x190 [ 130.669555][ T2101] preempt_schedule_irq+0xc7/0x140 [ 130.674500][ T2101] ? __cond_resched+0x20/0x20 [ 130.679014][ T2101] ? selinux_file_ioctl+0x3cc/0x540 [ 130.684135][ T2101] ? selinux_file_alloc_security+0x120/0x120 [ 130.689949][ T2101] irqentry_exit_cond_resched+0x2a/0x30 [ 130.695328][ T2101] irqentry_exit+0x30/0x40 [ 130.699587][ T2101] sysvec_reschedule_ipi+0x8c/0x160 [ 130.704620][ T2101] asm_sysvec_reschedule_ipi+0x1b/0x20 [ 130.709919][ T2101] RIP: 0010:ext4_ioctl+0x0/0x5830 [ 130.714771][ T2101] Code: 48 8b 4c 24 50 80 e1 07 80 c1 03 38 c1 0f 8c c4 fc ff ff 48 8b 7c 24 50 e8 ed fc c8 ff e9 b5 fc ff ff 0f 1f 84 00 00 00 00 00 <55> 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec a0 04 [ 130.734214][ T2101] RSP: 0018:ffffc90000cd7ea0 EFLAGS: 00000293 [ 130.740114][ T2101] RAX: ffffffff81bfefd8 RBX: ffffffff81e9d510 RCX: ffff88811fa1a780 [ 130.747923][ T2101] RDX: 0000000020000dc0 RSI: 00000000c0c0583b RDI: ffff8881159c2480 [ 130.755747][ T2101] RBP: ffffc90000cd7ee0 R08: ffffffff81bfef77 R09: ffffffff81c009ef [ 130.763547][ T2101] R10: 0000000000000006 R11: ffff88811fa1a780 R12: 0000000020000dc0 [ 130.771372][ T2101] R13: ffff8881159c2480 R14: ffff8881159c2481 R15: 00000000c0c0583b [ 130.779172][ T2101] ? ext4_fileattr_set+0x16c0/0x16c0 [ 130.784291][ T2101] ? do_vfs_ioctl+0xaef/0x2a80 [ 130.788976][ T2101] ? __se_sys_ioctl+0xa7/0x190 [ 130.793588][ T2101] ? __se_sys_ioctl+0x108/0x190 [ 130.798268][ T2101] ? __se_sys_ioctl+0x114/0x190 [ 130.803127][ T2101] __x64_sys_ioctl+0x7b/0x90 [ 130.807551][ T2101] x64_sys_call+0x98/0x9a0 [ 130.811805][ T2101] do_syscall_64+0x3b/0xb0 [ 130.816057][ T2101] ? clear_bhb_loop+0x35/0x90 [ 130.820572][ T2101] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 130.826361][ T2101] RIP: 0033:0x7f6623c63d29 [ 130.830553][ T2101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.849992][ T2101] RSP: 002b:00007f6622293038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 130.858242][ T2101] RAX: ffffffffffffffda RBX: 00007f6623e54160 RCX: 00007f6623c63d29 [ 130.866050][ T2101] RDX: 0000000020000dc0 RSI: 00000000c0c0583b RDI: 0000000000000008 [ 130.873859][ T2101] RBP: 00007f6622293090 R08: 0000000000000000 R09: 0000000000000000 [ 130.881691][ T2101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.889492][ T2101] R13: 0000000000000000 R14: 00007f6623e54160 R15: 00007ffd739bc108 [ 130.897298][ T2101] [ 131.020259][ T2103] loop1: detected capacity change from 0 to 4096 [ 131.166788][ T2103] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 132.015761][ T592] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 132.249346][ T30] audit: type=1400 audit(1737206153.383:1214): avc: denied { map } for pid=2119 comm="syz.3.499" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 132.273744][ T2120] binder_alloc: binder_alloc_mmap_handler: 2119 20fff000-21000000 already mapped failed -16 [ 132.322161][ T30] audit: type=1326 audit(1737206153.463:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2121 comm="syz.4.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 132.373610][ T30] audit: type=1326 audit(1737206153.463:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2121 comm="syz.4.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 132.397089][ T2127] FAULT_INJECTION: forcing a failure. [ 132.397089][ T2127] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 132.410976][ T2127] CPU: 0 PID: 2127 Comm: syz.4.501 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 132.420617][ T2127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 132.430508][ T2127] Call Trace: [ 132.433633][ T2127] [ 132.436402][ T2127] dump_stack_lvl+0x151/0x1c0 [ 132.440914][ T2127] ? io_uring_drop_tctx_refs+0x190/0x190 [ 132.446382][ T2127] ? avc_has_perm+0x16f/0x260 [ 132.450899][ T2127] dump_stack+0x15/0x20 [ 132.454887][ T2127] should_fail+0x3c6/0x510 [ 132.459161][ T2127] should_fail_alloc_page+0x5a/0x80 [ 132.464181][ T2127] prepare_alloc_pages+0x15c/0x700 [ 132.469128][ T2127] ? __alloc_pages_bulk+0xd80/0xd80 [ 132.474159][ T2127] ? stack_trace_save+0x1c0/0x1c0 [ 132.479019][ T2127] __alloc_pages+0x18c/0x8f0 [ 132.483444][ T2127] ? prep_new_page+0x110/0x110 [ 132.488041][ T2127] ? avc_has_perm_noaudit+0x2dd/0x430 [ 132.493250][ T2127] ? avc_denied+0x1b0/0x1b0 [ 132.497606][ T2127] skb_page_frag_refill+0x209/0x3b0 [ 132.502623][ T2127] tun_get_user+0x6f0/0x3aa0 [ 132.507056][ T2127] ? tun_do_read+0x2010/0x2010 [ 132.511653][ T2127] ? file_has_perm+0x508/0x6c0 [ 132.516256][ T2127] ? kstrtol_from_user+0x310/0x310 [ 132.521200][ T2127] ? match_file+0x140/0x140 [ 132.525543][ T2127] ? selinux_file_permission+0x450/0x570 [ 132.531006][ T2127] tun_chr_write_iter+0x1e1/0x2e0 [ 132.535870][ T2127] vfs_write+0xd5d/0x1110 [ 132.540038][ T2127] ? file_end_write+0x1c0/0x1c0 [ 132.544720][ T2127] ? __fdget_pos+0x209/0x3a0 [ 132.549145][ T2127] ? ksys_write+0x77/0x2c0 [ 132.553397][ T2127] ksys_write+0x199/0x2c0 [ 132.557567][ T2127] ? __ia32_sys_read+0x90/0x90 [ 132.562170][ T2127] ? debug_smp_processor_id+0x17/0x20 [ 132.567458][ T2127] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 132.573359][ T2127] __x64_sys_write+0x7b/0x90 [ 132.577969][ T2127] x64_sys_call+0x2f/0x9a0 [ 132.582227][ T2127] do_syscall_64+0x3b/0xb0 [ 132.586469][ T2127] ? clear_bhb_loop+0x35/0x90 [ 132.590984][ T2127] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 132.596711][ T2127] RIP: 0033:0x7f6623c627df [ 132.600967][ T2127] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 132.620410][ T2127] RSP: 002b:00007f66222d5000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 132.628655][ T2127] RAX: ffffffffffffffda RBX: 00007f6623e53fa0 RCX: 00007f6623c627df [ 132.636469][ T2127] RDX: 00000000000000a2 RSI: 0000000020000dc0 RDI: 00000000000000c8 [ 132.644279][ T2127] RBP: 00007f66222d5090 R08: 0000000000000000 R09: 0000000000000000 [ 132.652091][ T2127] R10: 00000000000000a2 R11: 0000000000000293 R12: 0000000000000001 [ 132.659900][ T2127] R13: 0000000000000000 R14: 00007f6623e53fa0 R15: 00007ffd739bc108 [ 132.667719][ T2127] [ 132.679452][ T30] audit: type=1326 audit(1737206153.483:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2121 comm="syz.4.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 132.681768][ T2124] blk_update_request: I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0 [ 132.710865][ T30] audit: type=1326 audit(1737206153.483:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2121 comm="syz.4.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 132.737148][ T592] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 132.746882][ T592] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 132.757817][ T592] usb 1-1: config 220 has no interface number 2 [ 132.764368][ T592] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 132.778069][ T30] audit: type=1326 audit(1737206153.483:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2121 comm="syz.4.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 132.826963][ T592] usb 1-1: config 220 interface 0 has no altsetting 0 [ 132.867348][ T592] usb 1-1: config 220 interface 76 has no altsetting 0 [ 132.954893][ T592] usb 1-1: config 220 interface 1 has no altsetting 0 [ 132.959059][ T30] audit: type=1326 audit(1737206153.483:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2121 comm="syz.4.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 132.984835][ T30] audit: type=1326 audit(1737206153.483:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2121 comm="syz.4.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 133.013964][ T2135] loop4: detected capacity change from 0 to 256 [ 133.017330][ T30] audit: type=1326 audit(1737206153.483:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2121 comm="syz.4.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6623c63d29 code=0x7ffc0000 [ 134.330305][ T2147] netlink: 20 bytes leftover after parsing attributes in process `syz.0.506'. [ 134.349269][ T2147] netlink: 20 bytes leftover after parsing attributes in process `syz.0.506'. [ 134.358353][ T592] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 134.377511][ T592] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.391855][ T2149] netlink: 20 bytes leftover after parsing attributes in process `syz.4.504'. [ 134.410760][ T592] usb 1-1: Product: syz [ 134.414869][ T2149] netlink: 20 bytes leftover after parsing attributes in process `syz.4.504'. [ 134.500879][ T592] usb 1-1: can't set config #220, error -71 [ 134.513729][ T2156] loop0: detected capacity change from 0 to 256 [ 134.519912][ T592] usb 1-1: USB disconnect, device number 10 [ 134.594682][ T2156] exFAT-fs (loop0): bogus data start sector [ 134.600449][ T2156] exFAT-fs (loop0): failed to read boot sector [ 134.616755][ T2156] exFAT-fs (loop0): failed to recognize exfat type [ 134.807141][ T2158] loop4: detected capacity change from 0 to 512 [ 135.018719][ T2158] EXT4-fs (loop4): 1 orphan inode deleted [ 135.024358][ T2158] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 135.045275][ T2158] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 135.134005][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 135.134030][ T30] audit: type=1400 audit(1737206156.273:1241): avc: denied { remount } for pid=2154 comm="syz.0.507" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 135.206269][ T2160] loop1: detected capacity change from 0 to 256 [ 135.739715][ T2160] exFAT-fs (loop1): invalid boot record signature [ 135.781091][ T2160] exFAT-fs (loop1): failed to read boot sector [ 135.804017][ T2160] exFAT-fs (loop1): failed to recognize exfat type [ 135.830629][ T30] audit: type=1400 audit(1737206156.313:1242): avc: denied { setattr } for pid=2154 comm="syz.0.507" name="/" dev="incremental-fs" ino=507 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 135.876094][ T2165] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 135.884840][ T30] audit: type=1400 audit(1737206156.953:1243): avc: denied { write } for pid=2164 comm="syz.0.510" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 135.902388][ T2165] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 135.940790][ T1432] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 135.974263][ T2160] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 135.999454][ T2168] loop3: detected capacity change from 0 to 2048 [ 136.038070][ T2172] loop4: detected capacity change from 0 to 256 [ 136.073974][ T2172] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5442421d, utbl_chksum : 0xe619d30d) [ 136.097251][ T2168] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 136.540769][ T1432] usb 3-1: config 0 has an invalid interface number: 127 but max is 1 [ 136.549028][ T1432] usb 3-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0 [ 136.561152][ T1432] usb 3-1: config 0 has no interface number 1 [ 136.567019][ T1432] usb 3-1: config 0 interface 127 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 136.579890][ T1432] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 29 [ 136.750792][ T1432] usb 3-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 136.759777][ T1432] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.767827][ T1432] usb 3-1: Product: syz [ 136.771890][ T1432] usb 3-1: Manufacturer: syz [ 136.776247][ T1432] usb 3-1: SerialNumber: syz [ 136.781425][ T1432] usb 3-1: config 0 descriptor?? [ 136.846473][ T1432] usb-storage 3-1:0.127: USB Mass Storage device detected [ 136.856050][ T1432] usb-storage 3-1:0.127: Quirks match for vid 1908 pid 1315: 20000 [ 136.857899][ T2192] loop0: detected capacity change from 0 to 256 [ 136.881993][ T1432] usb-storage 3-1:0.0: USB Mass Storage device detected [ 136.889428][ T1432] usb-storage 3-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 138.130024][ T1432] usb 3-1: USB disconnect, device number 5 [ 138.535862][ T30] audit: type=1400 audit(1737206159.673:1244): avc: denied { read } for pid=2206 comm="syz.2.522" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 138.573606][ T2218] 9pnet_virtio: no channels available for device syz [ 138.574343][ T30] audit: type=1400 audit(1737206159.673:1245): avc: denied { open } for pid=2206 comm="syz.2.522" path="/105/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1 [ 138.643910][ T30] audit: type=1400 audit(1737206159.703:1246): avc: denied { create } for pid=2215 comm="syz.0.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 138.667263][ T2231] tipc: Started in network mode [ 138.672490][ T2231] tipc: Node identity ac14140f, cluster identity 4711 [ 138.679197][ T2231] tipc: New replicast peer: 255.255.255.255 [ 138.685635][ T2231] tipc: Enabled bearer , priority 10 [ 138.705831][ T30] audit: type=1400 audit(1737206159.843:1247): avc: denied { connect } for pid=2236 comm="syz.3.534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 138.763602][ T30] audit: type=1400 audit(1737206159.903:1248): avc: denied { ioctl } for pid=2245 comm="syz.4.538" path="socket:[21765]" dev="sockfs" ino=21765 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 138.823939][ T2258] Zero length message leads to an empty skb [ 138.859446][ T30] audit: type=1400 audit(1737206159.993:1249): avc: denied { create } for pid=2259 comm="syz.1.544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 138.890813][ T940] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 138.907691][ T2264] netlink: 4 bytes leftover after parsing attributes in process `syz.4.546'. [ 138.944572][ T2266] ------------[ cut here ]------------ [ 138.949946][ T2266] WARNING: CPU: 0 PID: 2266 at arch/x86/kvm/x86.c:10346 kvm_arch_vcpu_ioctl_run+0x203b/0x2270 [ 138.960051][ T2266] Modules linked in: [ 138.964377][ T2266] CPU: 0 PID: 2266 Comm: syz.4.547 Not tainted 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 138.974135][ T2266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 138.980729][ T1432] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 138.984051][ T2266] RIP: 0010:kvm_arch_vcpu_ioctl_run+0x203b/0x2270 [ 138.997648][ T2266] Code: ff e8 59 32 a3 00 e9 68 e4 ff ff 89 d9 80 e1 07 38 c1 0f 8c 99 fa ff ff 48 89 df e8 9f 31 a3 00 e9 8c fa ff ff e8 e5 cc 60 00 <0f> 0b e9 5b fb ff ff 89 d9 80 e1 07 38 c1 0f 8c db fa ff ff 48 89 [ 139.018553][ T2266] RSP: 0018:ffffc90001217b80 EFLAGS: 00010283 [ 139.026751][ T2266] RAX: ffffffff810f9f7b RBX: 0000000000000000 RCX: 0000000000080000 [ 139.034701][ T2266] RDX: ffffc90004336000 RSI: 000000000000003d RDI: 000000000000003e [ 139.042628][ T2266] RBP: ffffc90001217cd0 R08: ffffffff81169e66 R09: ffffed1022b7dc59 [ 139.050502][ T2266] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811282b00e [ 139.062945][ T2266] R13: 1ffff92000242fa4 R14: dffffc0000000000 R15: ffff88811282b000 [ 139.080963][ T2266] FS: 00007f66222d56c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 139.093795][ T2266] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.103237][ T2266] CR2: 000000110c2b808d CR3: 000000012b4b9000 CR4: 00000000003526b0 [ 139.111565][ T2266] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 139.119634][ T2266] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 139.128019][ T2266] Call Trace: [ 139.131348][ T940] usb 1-1: Using ep0 maxpacket: 8 [ 139.132762][ T2266] [ 139.139013][ T2266] ? show_regs+0x58/0x60 [ 139.143357][ T2266] ? __warn+0x160/0x2f0 [ 139.147338][ T2266] ? kvm_arch_vcpu_ioctl_run+0x203b/0x2270 [ 139.153205][ T2266] ? report_bug+0x3d9/0x5b0 [ 139.157598][ T2266] ? kvm_arch_vcpu_ioctl_run+0x203b/0x2270 [ 139.163540][ T2266] ? handle_bug+0x41/0x70 [ 139.167799][ T2266] ? exc_invalid_op+0x1b/0x50 [ 139.172435][ T2266] ? asm_exc_invalid_op+0x1b/0x20 [ 139.177512][ T2266] ? kvm_lapic_hv_timer_in_use+0x66/0xc0 [ 139.181425][ T499] usb 2-1: new low-speed USB device number 5 using dummy_hcd [ 139.183748][ T2266] ? kvm_arch_vcpu_ioctl_run+0x203b/0x2270 [ 139.196523][ T2266] ? kvm_arch_vcpu_ioctl_run+0x203b/0x2270 [ 139.202673][ T2266] ? ioctl_has_perm+0x1f8/0x560 [ 139.207419][ T2266] ? __kasan_check_write+0x14/0x20 [ 139.213186][ T2266] ? mutex_lock_killable+0xb6/0x1e0 [ 139.220312][ T2266] ? __kvm_request_immediate_exit+0x70/0x70 [ 139.226451][ T2266] ? slab_free_freelist_hook+0xbd/0x190 [ 139.233590][ T2266] kvm_vcpu_ioctl+0x7eb/0xcf0 [ 139.238106][ T2266] ? preempt_count_add+0x92/0x1a0 [ 139.240751][ T1432] usb 3-1: Using ep0 maxpacket: 8 [ 139.243469][ T2266] ? kvm_clear_stat_per_vcpu+0x1e0/0x1e0 [ 139.250854][ T940] usb 1-1: config index 0 descriptor too short (expected 301, got 45) [ 139.253839][ T2266] ? selinux_file_ioctl+0x3cc/0x540 [ 139.266729][ T2266] ? selinux_file_alloc_security+0x120/0x120 [ 139.266979][ T940] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 139.273310][ T2266] ? __fget_files+0x31e/0x380 [ 139.282884][ T940] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 139.287213][ T2266] ? security_file_ioctl+0x84/0xb0 [ 139.296227][ T940] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 139.309326][ T2266] ? kvm_clear_stat_per_vcpu+0x1e0/0x1e0 [ 139.316339][ T940] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 139.317399][ T2266] __se_sys_ioctl+0x114/0x190 [ 139.329598][ T940] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 139.334256][ T2266] __x64_sys_ioctl+0x7b/0x90 [ 139.342811][ T940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.347271][ T2266] x64_sys_call+0x98/0x9a0 [ 139.359348][ T2266] do_syscall_64+0x3b/0xb0 [ 139.360842][ T1432] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 139.363666][ T2266] ? clear_bhb_loop+0x35/0x90 [ 139.374482][ T1432] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 139.385831][ T1432] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 139.386250][ T2266] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 139.401870][ T1432] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 139.411798][ T1432] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 139.420765][ T2266] RIP: 0033:0x7f6623c63d29 [ 139.425005][ T1432] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 139.428906][ T2266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.437991][ T1432] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.465341][ T2266] RSP: 002b:00007f66222d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 139.478418][ T2266] RAX: ffffffffffffffda RBX: 00007f6623e53fa0 RCX: 00007f6623c63d29 [ 139.486568][ T2266] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 139.494629][ T2266] RBP: 00007f6623cdfb08 R08: 0000000000000000 R09: 0000000000000000 [ 139.508377][ T2266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.516528][ T2266] R13: 0000000000000000 R14: 00007f6623e53fa0 R15: 00007ffd739bc108 [ 139.524596][ T2266] [ 139.525142][ T2287] kvm [2286]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x130 [ 139.527529][ T2266] ---[ end trace 90155abd7d471f79 ]--- [ 139.537524][ T2287] kvm [2286]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x130 [ 139.551691][ T2287] kvm [2286]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x6892 [ 139.600774][ T499] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 139.612433][ T499] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 139.622991][ T499] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 139.710790][ T499] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 139.718016][ T499] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 139.728539][ T499] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 139.779051][ T30] audit: type=1400 audit(1737206160.913:1250): avc: denied { getopt } for pid=2295 comm="syz.4.558" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 139.799111][ T2297] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2248643489 (17989147912 ns) > initial count (11631199424 ns). Using initial count to start timer. [ 139.816686][ T315] tipc: Node number set to 2886997007 [ 139.823000][ T2297] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability [ 139.836394][ T499] usb 2-1: config 168 descriptor has 1 excess byte, ignoring [ 139.843873][ T499] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 139.854405][ T499] usb 2-1: config 168 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 139.952795][ T2299] kvm: emulating exchange as write [ 140.172189][ T499] usb 2-1: string descriptor 0 read error: -22 [ 140.178258][ T499] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 140.187230][ T499] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 140.196874][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 140.196887][ T30] audit: type=1400 audit(1737206161.333:1254): avc: denied { ioctl } for pid=2310 comm="syz.4.562" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 140.227995][ T30] audit: type=1400 audit(1737206161.333:1255): avc: denied { set_context_mgr } for pid=2310 comm="syz.4.562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 140.248119][ T30] audit: type=1400 audit(1737206161.333:1256): avc: denied { call } for pid=2310 comm="syz.4.562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 140.439123][ T30] audit: type=1400 audit(1737206161.573:1257): avc: denied { write } for pid=2318 comm="syz.4.564" name="ptp0" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 140.472506][ T940] usb 2-1: USB disconnect, device number 5 [ 140.498065][ T2323] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.613636][ T30] audit: type=1400 audit(1737206161.753:1258): avc: denied { mount } for pid=2333 comm="syz.3.571" name="/" dev="ramfs" ino=21500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 140.643685][ T2334] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 140.650691][ T2334] overlayfs: failed to set xattr on upper [ 140.650793][ T30] audit: type=1400 audit(1737206161.783:1259): avc: denied { mounton } for pid=2333 comm="syz.3.571" path="/111/bus/bus" dev="ramfs" ino=22276 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1 [ 140.708863][ T30] audit: type=1400 audit(1737206161.823:1260): avc: denied { create } for pid=2333 comm="syz.3.571" name="#b" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=chr_file permissive=1 [ 140.749436][ T30] audit: type=1400 audit(1737206161.823:1261): avc: denied { link } for pid=2333 comm="syz.3.571" name="#b" dev="ramfs" ino=22281 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=chr_file permissive=1 [ 140.794068][ T30] audit: type=1400 audit(1737206161.823:1262): avc: denied { rename } for pid=2333 comm="syz.3.571" name="#c" dev="ramfs" ino=22281 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=chr_file permissive=1 [ 140.838627][ T30] audit: type=1400 audit(1737206161.833:1263): avc: denied { unmount } for pid=296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 141.087762][ T2348] 9pnet_virtio: no channels available for device syz [ 141.209808][ T2355] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.219744][ T1906] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 141.474376][ T2373] ================================================================== [ 141.482287][ T2373] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0xb9d/0x3430 [ 141.490287][ T2373] Read of size 8 at addr ffff8881291ceac0 by task syz.3.585/2373 [ 141.497812][ T2373] [ 141.499984][ T2373] CPU: 0 PID: 2373 Comm: syz.3.585 Tainted: G W 5.15.176-syzkaller-00972-g829d9f138569 #0 [ 141.511004][ T2373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 141.520902][ T2373] Call Trace: [ 141.524023][ T2373] [ 141.526800][ T2373] dump_stack_lvl+0x151/0x1c0 [ 141.531317][ T2373] ? io_uring_drop_tctx_refs+0x190/0x190 [ 141.536787][ T2373] ? panic+0x760/0x760 [ 141.540691][ T2373] print_address_description+0x87/0x3b0 [ 141.546073][ T2373] kasan_report+0x179/0x1c0 [ 141.550407][ T2373] ? tc_setup_flow_action+0xb9d/0x3430 [ 141.555705][ T2373] ? tc_setup_flow_action+0xb9d/0x3430 [ 141.560997][ T2373] __asan_report_load8_noabort+0x14/0x20 [ 141.566466][ T2373] tc_setup_flow_action+0xb9d/0x3430 [ 141.571597][ T2373] mall_replace_hw_filter+0x394/0xc20 [ 141.576798][ T2373] ? mall_set_parms+0x4b0/0x4b0 [ 141.581496][ T2373] ? tcf_exts_destroy+0xb0/0xb0 [ 141.586172][ T2373] ? pcpu_memcg_post_alloc_hook+0x1b1/0x260 [ 141.591897][ T2373] ? pcpu_alloc+0xda0/0x13e0 [ 141.596327][ T2373] ? mall_set_parms+0x1c3/0x4b0 [ 141.601011][ T2373] mall_change+0x56e/0x780 [ 141.605269][ T2373] ? mall_get+0xb0/0xb0 [ 141.609279][ T2373] ? tcf_chain_tp_insert_unique+0xa90/0xbb0 [ 141.614992][ T2373] ? nla_strcmp+0xed/0x120 [ 141.619242][ T2373] ? mall_get+0xb0/0xb0 [ 141.623322][ T2373] tc_new_tfilter+0x151a/0x1c00 [ 141.628006][ T2373] ? tcf_gate_entry_destructor+0x20/0x20 [ 141.633517][ T2373] ? security_capable+0x87/0xb0 [ 141.638158][ T2373] ? ns_capable+0x89/0xe0 [ 141.642334][ T2373] ? netlink_net_capable+0x125/0x160 [ 141.647461][ T2373] ? tcf_gate_entry_destructor+0x20/0x20 [ 141.652914][ T2373] rtnetlink_rcv_msg+0x776/0xc40 [ 141.657693][ T2373] ? rtnetlink_bind+0x80/0x80 [ 141.662209][ T2373] ? stack_trace_save+0x1c0/0x1c0 [ 141.667057][ T2373] ? __kernel_text_address+0x9b/0x110 [ 141.672278][ T2373] ? unwind_get_return_address+0x4d/0x90 [ 141.677748][ T2373] ? avc_has_perm_noaudit+0x348/0x430 [ 141.682948][ T2373] ? memcpy+0x56/0x70 [ 141.686766][ T2373] ? avc_has_perm_noaudit+0x2dd/0x430 [ 141.691969][ T2373] ? avc_denied+0x1b0/0x1b0 [ 141.696315][ T2373] ? avc_has_perm+0x16f/0x260 [ 141.700822][ T2373] ? ____kasan_kmalloc+0xed/0x110 [ 141.705683][ T2373] ? avc_has_perm_noaudit+0x430/0x430 [ 141.710889][ T2373] ? x64_sys_call+0x16a/0x9a0 [ 141.715406][ T2373] netlink_rcv_skb+0x1cf/0x410 [ 141.720004][ T2373] ? rtnetlink_bind+0x80/0x80 [ 141.724516][ T2373] ? netlink_ack+0xb10/0xb10 [ 141.729133][ T2373] ? __netlink_lookup+0x37b/0x3a0 [ 141.733990][ T2373] rtnetlink_rcv+0x1c/0x20 [ 141.738243][ T2373] netlink_unicast+0x8df/0xac0 [ 141.742844][ T2373] ? netlink_detachskb+0x90/0x90 [ 141.747701][ T2373] ? security_netlink_send+0x7b/0xa0 [ 141.752824][ T2373] netlink_sendmsg+0xa0a/0xd20 [ 141.757425][ T2373] ? netlink_getsockopt+0x560/0x560 [ 141.762469][ T2373] ? security_socket_sendmsg+0x82/0xb0 [ 141.767750][ T2373] ? netlink_getsockopt+0x560/0x560 [ 141.772789][ T2373] ____sys_sendmsg+0x59e/0x8f0 [ 141.777388][ T2373] ? __sys_sendmsg_sock+0x40/0x40 [ 141.782263][ T2373] ? import_iovec+0xe5/0x120 [ 141.786674][ T2373] ___sys_sendmsg+0x252/0x2e0 [ 141.791191][ T2373] ? __sys_sendmsg+0x260/0x260 [ 141.795788][ T2373] ? check_stack_object+0xf4/0x130 [ 141.800736][ T2373] ? __fdget+0x1bc/0x240 [ 141.804809][ T2373] __se_sys_sendmsg+0x19a/0x260 [ 141.809501][ T2373] ? __x64_sys_sendmsg+0x90/0x90 [ 141.814273][ T2373] ? __kasan_check_write+0x14/0x20 [ 141.819218][ T2373] ? switch_fpu_return+0x15f/0x2e0 [ 141.824166][ T2373] __x64_sys_sendmsg+0x7b/0x90 [ 141.828766][ T2373] x64_sys_call+0x16a/0x9a0 [ 141.833105][ T2373] do_syscall_64+0x3b/0xb0 [ 141.837364][ T2373] ? clear_bhb_loop+0x35/0x90 [ 141.841873][ T2373] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 141.847615][ T2373] RIP: 0033:0x7f3a854d3d29 [ 141.851855][ T2373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.871443][ T2373] RSP: 002b:00007f3a83b45038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 141.879688][ T2373] RAX: ffffffffffffffda RBX: 00007f3a856c3fa0 RCX: 00007f3a854d3d29 [ 141.887587][ T2373] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000000000004 [ 141.895409][ T2373] RBP: 00007f3a8554fb08 R08: 0000000000000000 R09: 0000000000000000 [ 141.903212][ T2373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.911019][ T2373] R13: 0000000000000000 R14: 00007f3a856c3fa0 R15: 00007ffe5ebdde28 [ 141.918835][ T2373] [ 141.921791][ T2373] [ 141.923953][ T2373] Allocated by task 2373: [ 141.928117][ T2373] ____kasan_kmalloc+0xdb/0x110 [ 141.932804][ T2373] __kasan_kmalloc+0x9/0x10 [ 141.937140][ T2373] __kmalloc+0x13f/0x2c0 [ 141.941222][ T2373] tcf_idr_create+0x5f/0x780 [ 141.945647][ T2373] tcf_idr_create_from_flags+0x5f/0x70 [ 141.950941][ T2373] tcf_gact_init+0x3cd/0x6e0 [ 141.955372][ T2373] tcf_action_init_1+0x50f/0x7f0 [ 141.960148][ T2373] tcf_action_init+0x306/0x840 [ 141.964829][ T2373] tcf_exts_validate+0x236/0x520 [ 141.969602][ T2373] mall_set_parms+0x44/0x4b0 [ 141.974029][ T2373] mall_change+0x495/0x780 [ 141.978279][ T2373] tc_new_tfilter+0x151a/0x1c00 [ 141.982968][ T2373] rtnetlink_rcv_msg+0x776/0xc40 [ 141.987751][ T2373] netlink_rcv_skb+0x1cf/0x410 [ 141.992342][ T2373] rtnetlink_rcv+0x1c/0x20 [ 141.996593][ T2373] netlink_unicast+0x8df/0xac0 [ 142.001214][ T2373] netlink_sendmsg+0xa0a/0xd20 [ 142.005797][ T2373] ____sys_sendmsg+0x59e/0x8f0 [ 142.010393][ T2373] ___sys_sendmsg+0x252/0x2e0 [ 142.014908][ T2373] __se_sys_sendmsg+0x19a/0x260 [ 142.019593][ T2373] __x64_sys_sendmsg+0x7b/0x90 [ 142.024198][ T2373] x64_sys_call+0x16a/0x9a0 [ 142.028535][ T2373] do_syscall_64+0x3b/0xb0 [ 142.032789][ T2373] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 142.038520][ T2373] [ 142.040690][ T2373] The buggy address belongs to the object at ffff8881291cea00 [ 142.040690][ T2373] which belongs to the cache kmalloc-192 of size 192 [ 142.054575][ T2373] The buggy address is located 0 bytes to the right of [ 142.054575][ T2373] 192-byte region [ffff8881291cea00, ffff8881291ceac0) [ 142.068120][ T2373] The buggy address belongs to the page: [ 142.073589][ T2373] page:ffffea0004a47380 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1291ce [ 142.083741][ T2373] flags: 0x4000000000000200(slab|zone=1) [ 142.089224][ T2373] raw: 4000000000000200 0000000000000000 0000000100000001 ffff888100042c00 [ 142.097632][ T2373] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 142.106038][ T2373] page dumped because: kasan: bad access detected [ 142.112301][ T2373] page_owner tracks the page as allocated [ 142.117844][ T2373] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 1396, ts 91040949718, free_ts 88214407452 [ 142.133639][ T2373] post_alloc_hook+0x1a3/0x1b0 [ 142.138244][ T2373] prep_new_page+0x1b/0x110 [ 142.142577][ T2373] get_page_from_freelist+0x3550/0x35d0 [ 142.147957][ T2373] __alloc_pages+0x27e/0x8f0 [ 142.152385][ T2373] new_slab+0x9a/0x4e0 [ 142.156291][ T2373] ___slab_alloc+0x39e/0x830 [ 142.160719][ T2373] __slab_alloc+0x4a/0x90 [ 142.164886][ T2373] kmem_cache_alloc_trace+0x147/0x270 [ 142.170091][ T2373] push_stack+0x8e/0x4f0 [ 142.174171][ T2373] do_check+0xceae/0xf2c0 [ 142.178378][ T2373] do_check_common+0x909/0x1290 [ 142.183029][ T2373] bpf_check+0x3851/0x12c60 [ 142.187365][ T2373] bpf_prog_load+0x12ac/0x1b50 [ 142.191965][ T2373] __sys_bpf+0x4bc/0x760 [ 142.196043][ T2373] __x64_sys_bpf+0x7c/0x90 [ 142.200297][ T2373] x64_sys_call+0x87f/0x9a0 [ 142.204649][ T2373] page last free stack trace: [ 142.209160][ T2373] free_unref_page_prepare+0x7c8/0x7d0 [ 142.214445][ T2373] free_unref_page+0xe8/0x750 [ 142.218955][ T2373] __free_pages+0x61/0xf0 [ 142.223122][ T2373] ringbuf_map_free+0xbe/0x120 [ 142.227883][ T2373] bpf_map_free_deferred+0x10d/0x1e0 [ 142.232951][ T2373] process_one_work+0x6bb/0xc10 [ 142.237640][ T2373] worker_thread+0xad5/0x12a0 [ 142.242152][ T2373] kthread+0x421/0x510 [ 142.246056][ T2373] ret_from_fork+0x1f/0x30 [ 142.250327][ T2373] [ 142.252485][ T2373] Memory state around the buggy address: [ 142.257953][ T2373] ffff8881291ce980: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 142.265852][ T2373] ffff8881291cea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 142.273753][ T2373] >ffff8881291cea80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 142.281645][ T2373] ^ [ 142.287636][ T2373] ffff8881291ceb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 142.295534][ T2373] ffff8881291ceb80: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc [ 142.303428][ T2373] ================================================================== [ 142.311345][ T2373] Disabling lock debugging due to kernel taint [ 142.346924][ T315] usb 1-1: USB disconnect, device number 11 [ 142.419532][ T1432] usb 3-1: USB disconnect, device number 6