last executing test programs: 13.232276347s ago: executing program 1: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x2}, 0x10) write(r0, &(0x7f0000000040)="240000001e005f0214fffffffffffff807000000000000000002ffff040008000d000000", 0x24) 12.92102336s ago: executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x3c) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x7, 0x4, 0x300, 0x5}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r3, &(0x7f0000000000), 0x0}, 0x20) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r4, 0x0, 0x39000, 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e) 12.429558375s ago: executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0) umount2(&(0x7f0000000100)='./file0/file0\x00', 0xb) 12.118479221s ago: executing program 1: syz_usb_connect(0x0, 0x41, &(0x7f0000003680)={{0x12, 0x1, 0x0, 0xf8, 0x8, 0x74, 0x10, 0xb3c, 0xc00b, 0x5a83, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2f, 0x2, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x53, 0x14, 0x40, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x2, 0x4}]}}, {}]}}, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x68, 0xbe, 0xd2}}]}}]}}, 0x0) 12.042442129s ago: executing program 4: syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x1014810, &(0x7f0000000200)=ANY=[@ANYRES16=0x0, @ANYRES32, @ANYRES8, @ANYRES8, @ANYRES8=0x0, @ANYRESDEC, @ANYRESOCT=0x0, @ANYRES64, @ANYRESDEC=0x0], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_serviced\x00', 0x275a, 0x0) setuid(0xee00) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ftruncate(r0, 0xc17c) syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) fdatasync(r0) 11.649248392s ago: executing program 1: openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0) syz_open_dev$video(&(0x7f0000000400), 0x9, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x7fff, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) pselect6(0x40, &(0x7f0000000000)={0xfc}, 0x0, 0x0, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r0, 0xffffffffffffffff, 0x0) 10.407277516s ago: executing program 4: socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff) socket(0x2, 0x5, 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000bc0), 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getegid() r5 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$kcm(r5, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001a00)="e8a472", 0x3}, {&(0x7f00000000c0)="bcc9b1557de1fad1f955144629ed4dcf3c33679ea22502e3cff8923bf5d43921bc111a262f295a8eb540", 0x7fffeffd}, {&(0x7f0000001680)="094fb143daa9baa36aaa2cca06886c533118e056", 0x14}], 0x3}, 0x0) 10.174883854s ago: executing program 1: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) 8.450487679s ago: executing program 4: syz_usb_connect(0x0, 0x41, &(0x7f0000003680)={{0x12, 0x1, 0x0, 0xf8, 0x8, 0x74, 0x10, 0xb3c, 0xc00b, 0x5a83, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2f, 0x2, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x53, 0x14, 0x40, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x2, 0x4}]}}, {}]}}, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x68, 0xbe, 0xd2}}]}}]}}, 0x0) 7.833080054s ago: executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000180)=0x6, 0x4) setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000140)=0x30, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_pts(0xffffffffffffffff, 0x0) ioctl$TIOCSTI(r2, 0x540c, 0x0) ioctl$TIOCGPTPEER(r1, 0x5441, 0x0) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in=@dev, 0x0, 0x0, 0x0, 0x7}}, 0xe8) sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0) 7.829936248s ago: executing program 2: r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2004d95, &(0x7f0000000040), 0x0, 0x523, &(0x7f0000000a80)="$eJzs3c1vHGcZAPBnNrtJnDi1+ThAJUKhRU4F2bVr2locSpEQnCohyj0Ye21ZXnst77qNVxV1/gIkhACJE1y4IPEHIKFIXDgipEpwBqkIhCCFAwfooJ2d9Vd27W262XXs30+azPvO1/O8m8zszOybmQAurGci4tWIeD9N0+cjYiqSbHohH2KvM7SXe+/BW0vtIYk0ff0fSbZku97dVpKPr+erXY2Ib3494jvJw3Ebu631xVqtup3XK82NrUpjt3V7bWNxtbpa3Zyfn3tp4eWFFxdmh9LOGxHxylf/8sPv/fxrr/z6C2/++c7fbn23ndZkPv9wOz6g4kkzO00vZZ/F4RW2HzHYWVTMWpibGGyde48xHwAA+muf4380Ij4bEc/HVFw6+XQWAAAAeAKlX56M/yYRaW+X+0wHAAAAniCFrA9sUijnfQEmo1Aolzt9eD8e1wq1eqP5+ZX6zuZyp6/sdJQKK2u16mzWVzirJ+36XFY+qL9wrD5/pXO/4QdTE1m9vFSvLY/75gcAAABcENePXf//e6pz/Q8AAACcM9PjTgAAAAB47Fz/AwAAwPnn+h8AAADOtW+89tpERKTd918vv7G7s15/4/ZytbFe3thZKi/Vt7fKq/X6avbMvo3Ttler17e+GJs7dyvNaqNZaey27mzUdzabd9aOvAIbAAAAGKGPfPr+H5OI2PvSRDa0XR53UsBIFPdLST7usff/6anO+N0RJQWMxKUBlnn3yggSAUauOO4EgLEpjTsBYOySU+b37bzzu3z8meHmAwAADN/MJ/v//l84cc29k2cDZ56dGC6uY/t/2jauXIDRyn7/H7TDr5MFOFdKA/UABM6zD/37/6lcVwAAwLhNZkNSKOe39yajUCiXI25krwUoJStrtepsRDwVEX+YKl1p1+diwP84CAAAAAAAAAAAAAAAAAAAAAAAAABk0jTpvPQHAAAAOLciCn9NfpNk7/+amXpu8vj9gcvJf6Yif0Xomz95/Ud3F5vN7bn29H/uT2/+OJ/+wjjuYAAAAADHda/Tu9fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBM7z14a6k7jDLu378SEdO94hfjaja+GqWIuPavJIqH1ksi4tIQ4u/di4hP9IqftNPaD9kr/sTjjx/T+afQK/71IcSHi+x++/jzaq/9rxDPZOPe+18x4kj9UR05/rVuHjn+do9/l/rs/zcGjPH0O7+s9I1/L+LpYu/jTzd+0if+swPG//a3Wq1+89KfRsz0/P5JjsSqNDe2Ko3d1u21jcXV6mp1c35+7qWFlxdeXJitrKzVqvmfPWN8/1O/ev+k9l/rE3/6lPY/N2D7//fO3Qcf6xRLB1Mn9uPferZH/N/+LF/u4fiF/Lvvc3m5PX+mW97rlA+7+Yvf3zyp/csH7S99kL//WwO2fyg7CgAwNI3d1vpirVbdfsIKb+f5n75w+zzrbOT8CIXkbKRxXgtvD3WDaZqm7X+TPWbdj4hBtpPEWfhYssJ4j0sAAMDwHZz0jzsTAAAAAAAAAAAAAAAAAAAAuLgefvpXmsaQH0J2PObefinxZGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Mz4fwAAAP//j6PX8g==") fsetxattr$trusted_overlay_nlink(r0, 0x0, 0x0, 0x0, 0x0) 6.333284671s ago: executing program 2: socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff) socket(0x2, 0x5, 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000bc0), 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getegid() r5 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$kcm(r5, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001a00)="e8a472", 0x3}, {&(0x7f00000000c0)="bcc9b1557de1fad1f955144629ed4dcf3c33679ea22502e3cff8923bf5d43921bc111a262f295a8eb540", 0x7fffeffd}, {&(0x7f0000001680)="094fb143daa9baa36aaa2cca06886c533118e056", 0x14}], 0x3}, 0x0) 6.331775886s ago: executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x3c) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x7, 0x4, 0x300, 0x5}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r3, &(0x7f0000000000), 0x0}, 0x20) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r4, 0x0, 0x39000, 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e) 6.137355338s ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x14d35e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4012011, r1, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f4) io_setup(0x7ff, &(0x7f0000002080)) 4.789782982s ago: executing program 0: prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = syz_io_uring_setup(0x6908, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000180), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1b3f, &(0x7f0000000300), &(0x7f00000000c0)=0x0, &(0x7f0000000240)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x184c, 0x0, 0x0, 0x0, 0x0) 4.698930266s ago: executing program 3: ioperm(0x0, 0x7, 0x7) getdents(0xffffffffffffffff, 0x0, 0x0) 4.506400241s ago: executing program 2: socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff) socket(0x2, 0x5, 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000bc0), 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getegid() r5 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$kcm(r5, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001a00)="e8a472", 0x3}, {&(0x7f00000000c0)="bcc9b1557de1fad1f955144629ed4dcf3c33679ea22502e3cff8923bf5d43921bc111a262f295a8eb540", 0x7fffeffd}, {&(0x7f0000001680)="094fb143daa9baa36aaa2cca06886c533118e056", 0x14}], 0x3}, 0x0) 4.339781755s ago: executing program 4: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r0, 0x5, 0x1, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) socketpair(0x11, 0x3, 0x300, &(0x7f0000000000)) 4.30274341s ago: executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="5000000010000305000000000000000000000068", @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800800010068737200240002"], 0x50}}, 0x0) 4.262079964s ago: executing program 0: openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/handlers\x00', 0x0, 0x0) syz_open_dev$video(&(0x7f0000000400), 0x9, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x7fff, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) pselect6(0x40, &(0x7f0000000000)={0xfc}, 0x0, 0x0, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r0, 0xffffffffffffffff, 0x0) 2.900664152s ago: executing program 2: r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x1c, r2, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x1c}}, 0x0) 2.841231069s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000040), &(0x7f0000000200)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) wait4(0x0, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 2.778917918s ago: executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x0, 0x0, 0x0, 0x9}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) bpf$ITER_CREATE(0x21, &(0x7f0000000bc0), 0x8) socketpair$tipc(0x1e, 0x0, 0x0, 0x0) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000001b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000042000000b700000000000010950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836801ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d09a0a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a504a0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c3e2f5066a803a880c29295b397a75c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffaf, 0x10, &(0x7f0000000040)}, 0x3c) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000079102300000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b901040000000000009b6f5bec", 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.612141998s ago: executing program 4: r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201fb0019b40320d812010079de01ec020109021b0001000003000904000001785e4c00090585020004"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_usb_disconnect(r0) 2.504358415s ago: executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet6(0xa, 0x3, 0x3c) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=@base={0x7, 0x4, 0x300, 0x5}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r3, &(0x7f0000000000), 0x0}, 0x20) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r4, 0x0, 0x39000, 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e) 1.570295582s ago: executing program 2: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000140)={[{@user_xattr}, {@nombcache}, {@dioread_lock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54c, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec+9Nzz0593t6Tk5CAhhaE9mPQsSrEfFtEnG47dho5Acn1s5bfXh9NtuSaDQ++yuJJN/XOj/Jfx/MM69ExG9fR5wsbCy3tryyUCqX08U8P1mvXJmsLa+culQpzafz6eXpmZkz78xMv//eu32r65vn//nh07sfnfnm+Or3v9w/cjuJs3EoP9Zejx240Z6ZiIn8ORmLs0+cONWHwgZJstsXwLaM5HE+FlkfcDhG8qgH/v++iogGMKQS8Q9DqjUOaM3t+zQPfmE8+HBtArSx/qNrr43Evubc6MBq8tjMKJvvjveh/KyMX/+8czvbon+vQwBs6cbNiDg9Orqx/0vy/m/7TvdwzpNl6P/g+bmbjX/e6jT+KayPf6LD+Odgh9jdjq3jv3C/D8V0lY3/Pug4/l1ftBofyXMvNcd8Y8nFS+U069tejogTMbY3y2+2nnNm9V6j27H28V+2ZeW3xoL5ddwf3fv4Y+ZK9dJO6tzuwc2I1zqOf5P19k86tH/2fJzvsYxj6Z3Xux3buv7PVuPniDc6tv+jFa1k8/XJyeb9MNm6Kzb6+9ax37uVv9v1z9r/wOb1H0/a12trT1/GT/v+Tbsd2+79vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr/Kz+J45v3v91uv/3R8QXPdb/1tFbXU8dhPafe6r2f/rEvY+//LFb+b21/9vN1Il8Ty/9X68XuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G5XHgAAAAAAAAAAAAAAAAAAAAbEwS6f/8/8MbLbVwc8c77yG4bXlvHfj296AgaS//8wvMQ/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/AMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfnT93Ltsaqw+vz2b5uavLSwvVq6fm0tpCsbI0W5ytLl4pzler8+W0OFutbPX3ytXqlanpWLo2WU9r9cna8sqFSnXpcv3CpUppPr2Qjj2XWgEAAAAAAAAAAAAAAAAAAMCLpba8slAql9NFCYltJUYH4zIk+pzY7Z4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB75LwAA///MUDi3") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.freeze\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r3, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)) 1.538933452s ago: executing program 0: socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff) socket(0x2, 0x5, 0x0) sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000bc0), 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10) setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getegid() r5 = accept4(r1, 0x0, 0x0, 0x0) sendmsg$kcm(r5, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001a00)="e8a472", 0x3}, {&(0x7f00000000c0)="bcc9b1557de1fad1f955144629ed4dcf3c33679ea22502e3cff8923bf5d43921bc111a262f295a8eb540", 0x7fffeffd}, {&(0x7f0000001680)="094fb143daa9baa36aaa2cca06886c533118e056", 0x14}], 0x3}, 0x0) 1.156008638s ago: executing program 3: r0 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r0, 0x0) recvmmsg(r0, &(0x7f0000004b80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 92.983555ms ago: executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000000c0), 0x4000000000001a7, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$dri(0x0, 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f00000008c0), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040), 0x0, 0x0}) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x0, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, &(0x7f0000000000)=0x7fffffffffffffff, 0x8, 0x0) ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f00000002c0)={0x0}) r4 = fsopen(&(0x7f00000003c0)='ext3\x00', 0x0) r5 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) bind$nfc_llcp(r5, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "750a65a3c93199cd485a10497ead5ac3e112baf740f0853a3660ea0ca01c5078a94a0bb37a8dbd611d75f7d309540c18a222bcb970c5d34d2369ea9659f976"}, 0x60) close_range(r4, 0xffffffffffffffff, 0x0) 0s ago: executing program 3: prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) r0 = syz_io_uring_setup(0x6908, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000180), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1b3f, &(0x7f0000000300), &(0x7f00000000c0)=0x0, &(0x7f0000000240)) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r0, 0x184c, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): ng attributes in process `syz-executor.1'. [ 452.017747][ T29] audit: type=1326 audit(1716933030.921:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9150 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f853267cee9 code=0x7ffc0000 [ 452.073279][ T9155] ext4 filesystem being mounted at /root/syzkaller-testdir2306294244/syzkaller.nZRrId/18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 452.132814][ T5152] usb 1-1: USB disconnect, device number 6 [ 452.392734][ T6711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.413130][ T8586] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.547415][ T9174] Falling back ldisc for ptm0. [ 452.772330][ T9171] syzkaller0: entered promiscuous mode [ 452.780981][ T9171] syzkaller0: entered allmulticast mode [ 455.541977][ T9186] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 455.551624][ T9186] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.1'. [ 455.870860][ T9193] loop4: detected capacity change from 0 to 4096 [ 455.883929][ T29] kauditd_printk_skb: 36 callbacks suppressed [ 455.883953][ T29] audit: type=1400 audit(1716933036.291:615): avc: denied { write } for pid=9195 comm="syz-executor.0" name="ppp" dev="devtmpfs" ino=694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 455.976899][ T9200] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 456.021377][ T9202] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 456.597927][ T9207] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 458.074038][ T9221] loop4: detected capacity change from 0 to 24 [ 458.083736][ T9221] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 458.123094][ T9221] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 458.163958][ T29] audit: type=1400 audit(1716933038.571:616): avc: denied { mounton } for pid=9220 comm="syz-executor.4" path="/root/syzkaller-testdir148238811/syzkaller.wwUmKH/164/file0" dev="loop4" ino=32 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:romfs_t tclass=dir permissive=1 [ 458.261940][ T9226] loop1: detected capacity change from 0 to 256 [ 458.362175][ T9226] loop1: detected capacity change from 0 to 128 [ 458.423920][ T29] audit: type=1800 audit(1716933038.831:617): pid=9226 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name=3ADC332C3F474EEDF6F6B659997387B7E6CCC3A2FDEB79DE8461C7A9982B2246E1D848EDF6533D2E dev="sda1" ino=1966 res=0 errno=0 [ 458.640222][ T9230] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 458.657778][ T9230] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'. [ 460.673727][ T9254] loop2: detected capacity change from 0 to 16 [ 460.694370][ T9254] cramfs: Unknown parameter '' [ 460.894226][ T9263] loop0: detected capacity change from 0 to 256 [ 460.906880][ T9264] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'. [ 460.936381][ T9263] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 460.939580][ T9263] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512 [ 460.939625][ T9263] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 460.939650][ T9263] UDF-fs: Scanning with blocksize 512 failed [ 460.958184][ T9263] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 460.964394][ T9263] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 461.112483][ T29] audit: type=1800 audit(1716933041.521:618): pid=9263 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.0" name=3ADC332C3F474EEDF6F6B659997387B7E6CCC3A2FDEB79DE8461C7A9982B2246E1D848EDF6533D2E dev="loop0" ino=77 res=0 errno=0 [ 461.282237][ T9270] loop1: detected capacity change from 0 to 2048 [ 464.832824][ T29] audit: type=1400 audit(1716933044.211:619): avc: denied { create } for pid=9269 comm="syz-executor.1" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1 [ 464.962432][ T29] audit: type=1400 audit(1716933044.221:620): avc: denied { setattr } for pid=9269 comm="syz-executor.1" name="bus" dev="sda1" ino=1965 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1 [ 465.095838][ T29] audit: type=1400 audit(1716933045.211:621): avc: denied { unlink } for pid=8355 comm="syz-executor.1" name="bus" dev="sda1" ino=1965 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1 [ 465.636400][ T29] audit: type=1400 audit(1716933046.041:622): avc: denied { write } for pid=9296 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 465.689975][ T9295] netlink: 200 bytes leftover after parsing attributes in process `syz-executor.2'. [ 465.698749][ T29] audit: type=1400 audit(1716933046.091:623): avc: denied { getopt } for pid=9293 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 465.839727][ T9295] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 465.864070][ T7217] IPVS: starting estimator thread 0... [ 465.891187][ T9303] loop3: detected capacity change from 0 to 256 [ 465.948595][ T9303] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 465.980759][ T9303] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 465.992205][ T9302] IPVS: using max 21 ests per chain, 50400 per kthread [ 466.009682][ T9303] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 466.027211][ T9303] UDF-fs: Scanning with blocksize 512 failed [ 466.049294][ T9303] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 466.128013][ T9303] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 466.444023][ T29] audit: type=1800 audit(1716933046.841:624): pid=9303 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.3" name=3ADC332C3F474EEDF6F6B659997387B7E6CCC3A2FDEB79DE8461C7A9982B2246E1D848EDF6533D2E dev="loop3" ino=77 res=0 errno=0 [ 466.622349][ T9310] loop1: detected capacity change from 0 to 2048 [ 467.117875][ T9316] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 467.981648][ T9286] loop4: detected capacity change from 0 to 32768 [ 468.407647][ T7217] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 468.642323][ T7217] usb 4-1: New USB device found, idVendor=04cb, idProduct=010b, bcdDevice=3d.e0 [ 468.660183][ T7217] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 468.673304][ T7217] usb 4-1: Product: syz [ 468.684475][ T7217] usb 4-1: Manufacturer: syz [ 468.694060][ T7217] usb 4-1: SerialNumber: syz [ 468.720929][ T7217] usb 4-1: config 0 descriptor?? [ 468.741573][ T7217] gspca_main: finepix-2.14.0 probing 04cb:010b [ 468.764114][ T9336] loop2: detected capacity change from 0 to 256 [ 468.913039][ T9336] loop2: detected capacity change from 0 to 128 [ 468.960225][ T7217] usb 4-1: USB disconnect, device number 6 [ 469.053426][ T29] audit: type=1800 audit(1716933049.461:625): pid=9336 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name=3ADC332C3F474EEDF6F6B659997387B7E6CCC3A2FDEB79DE8461C7A9982B2246E1D848EDF6533D2E dev="sda1" ino=1966 res=0 errno=0 [ 469.054375][ T9342] vcan0: entered allmulticast mode [ 469.953224][ T9348] loop2: detected capacity change from 0 to 1024 [ 470.023382][ T9354] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 470.041333][ T9354] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT [ 470.068289][ T9354] loop3: detected capacity change from 0 to 512 [ 470.893229][ T9354] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 470.902104][ T9354] System zones: 0-2, 18-18, 34-35 [ 470.969606][ T9354] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 470.984171][ T9354] ext4 filesystem being mounted at /root/syzkaller-testdir2306294244/syzkaller.nZRrId/31/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 471.365452][ T8586] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 471.720613][ T29] audit: type=1804 audit(1716933052.131:626): pid=9363 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2306294244/syzkaller.nZRrId/32/bus" dev="sda1" ino=1960 res=1 errno=0 [ 471.753341][ T9363] Invalid ELF header len 32 [ 471.803365][ T29] audit: type=1804 audit(1716933052.131:627): pid=9363 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2306294244/syzkaller.nZRrId/32/bus" dev="sda1" ino=1960 res=1 errno=0 [ 471.827276][ T9365] loop0: detected capacity change from 0 to 256 [ 471.901044][ T29] audit: type=1804 audit(1716933052.131:628): pid=9363 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2306294244/syzkaller.nZRrId/32/bus" dev="sda1" ino=1960 res=1 errno=0 [ 471.970503][ T29] audit: type=1400 audit(1716933052.161:629): avc: denied { module_load } for pid=9361 comm="syz-executor.3" path="/root/syzkaller-testdir2306294244/syzkaller.nZRrId/32/bus" dev="sda1" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=system permissive=1 [ 472.473309][ T9372] loop1: detected capacity change from 0 to 1024 [ 472.549797][ T9378] vcan0: entered allmulticast mode [ 472.914532][ T9383] loop2: detected capacity change from 0 to 16 [ 473.019865][ T9383] erofs: (device loop2): mounted with root inode @ nid 36. [ 473.558817][ T9381] syz-executor.2: attempt to access beyond end of device [ 473.558817][ T9381] loop2: rw=0, sector=8, nr_sectors = 16 limit=16 [ 473.732164][ T9389] loop4: detected capacity change from 0 to 1024 [ 473.850275][ T9389] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 473.904719][ T9393] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 474.081820][ T29] audit: type=1400 audit(1716933054.491:630): avc: denied { map } for pid=9388 comm="syz-executor.4" path="/root/syzkaller-testdir148238811/syzkaller.wwUmKH/176/file1/file0/freezer.self_freezing" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 474.171122][ T9397] VFS: Lookup of 'file0' in ext4 loop4 would have caused loop [ 474.352469][ T29] audit: type=1400 audit(1716933054.761:631): avc: denied { listen } for pid=9399 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 474.401515][ T29] audit: type=1400 audit(1716933054.801:632): avc: denied { accept } for pid=9399 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 474.461207][ T29] audit: type=1400 audit(1716933054.871:633): avc: denied { execute } for pid=9388 comm="syz-executor.4" path="/root/syzkaller-testdir148238811/syzkaller.wwUmKH/176/file1/file0/cpu.stat" dev="loop4" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 474.653899][ T6711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.757333][ T9413] vcan0: entered allmulticast mode [ 474.934507][ T29] audit: type=1400 audit(1716933055.341:634): avc: denied { mount } for pid=9407 comm="syz-executor.0" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 474.999319][ T29] audit: type=1400 audit(1716933055.371:635): avc: denied { read } for pid=9407 comm="syz-executor.0" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1 [ 475.115248][ T9419] could not open pipe file descriptor [ 475.174111][ T9423] loop1: detected capacity change from 0 to 16 [ 475.200309][ T9423] erofs: (device loop1): mounted with root inode @ nid 36. [ 475.401642][ T9427] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 475.572313][ T9421] syz-executor.1: attempt to access beyond end of device [ 475.572313][ T9421] loop1: rw=0, sector=8, nr_sectors = 16 limit=16 [ 475.709699][ T9431] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.3'. [ 475.953866][ T9435] loop3: detected capacity change from 0 to 256 [ 475.966607][ T9434] loop0: detected capacity change from 0 to 1024 [ 476.054580][ T9434] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 476.341105][ T9415] loop2: detected capacity change from 0 to 32768 [ 476.385907][ T9434] VFS: Lookup of 'file0' in ext4 loop0 would have caused loop [ 476.626197][ T8257] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 477.040213][ T9463] loop4: detected capacity change from 0 to 16 [ 477.112678][ T9463] erofs: (device loop4): mounted with root inode @ nid 36. [ 477.894573][ T9462] syz-executor.4: attempt to access beyond end of device [ 477.894573][ T9462] loop4: rw=0, sector=8, nr_sectors = 16 limit=16 [ 478.892133][ T9485] loop0: detected capacity change from 0 to 1024 [ 478.900742][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 478.900765][ T29] audit: type=1400 audit(1716933059.311:639): avc: denied { connect } for pid=9487 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 478.926859][ C0] vkms_vblank_simulate: vblank timer overrun [ 478.982134][ T9485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 479.262125][ T9485] VFS: Lookup of 'file0' in ext4 loop0 would have caused loop [ 479.547031][ T8257] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.764047][ T9510] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 481.756459][ T9502] loop2: detected capacity change from 0 to 32768 [ 482.120586][ T9538] loop4: detected capacity change from 0 to 512 [ 482.481328][ T9545] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 482.812423][ T29] audit: type=1400 audit(1716933063.221:640): avc: denied { cmd } for pid=9550 comm="syz-executor.1" path="socket:[25362]" dev="sockfs" ino=25362 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 482.916600][ T29] audit: type=1400 audit(1716933063.291:641): avc: denied { mounton } for pid=9552 comm="syz-executor.3" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1 [ 482.953677][ T5111] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 482.971129][ T5111] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 482.982359][ T5111] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 482.991228][ T5111] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 483.000377][ T5111] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 483.008249][ T5111] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 483.048719][ T9556] loop2: detected capacity change from 0 to 2048 [ 483.273382][ T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.370419][ T29] audit: type=1400 audit(1716933063.761:642): avc: denied { setopt } for pid=9561 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 483.616410][ T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.641816][ T9572] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 483.684173][ T9552] lo speed is unknown, defaulting to 1000 [ 483.875440][ T9572] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 483.922284][ T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.111452][ T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.185771][ T9578] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'. [ 484.512580][ T9583] loop2: detected capacity change from 0 to 16 [ 484.772259][ T9589] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 484.996829][ T9593] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 485.033517][ T61] bridge_slave_1: left allmulticast mode [ 485.054488][ T61] bridge_slave_1: left promiscuous mode [ 485.070691][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.128261][ T5107] Bluetooth: hci4: command tx timeout [ 485.137284][ T61] bridge_slave_0: left allmulticast mode [ 485.176524][ T61] bridge_slave_0: left promiscuous mode [ 485.191891][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 485.265210][ T9595] loop2: detected capacity change from 0 to 2048 [ 486.046587][ T9612] ebt_limit: overflow, try lower: 0/0 [ 487.208291][ T5107] Bluetooth: hci4: command tx timeout [ 488.391773][ T9635] loop4: detected capacity change from 0 to 4096 [ 488.423310][ T9622] loop0: detected capacity change from 0 to 32768 [ 488.425173][ T9635] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 488.984698][ T9622] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 489.267836][ T9622] XFS (loop0): Ending clean mount [ 489.288128][ T5107] Bluetooth: hci4: command tx timeout [ 489.412783][ T9622] XFS (loop0): Quotacheck needed: Please wait. [ 489.638120][ T29] audit: type=1400 audit(1716933070.041:643): avc: denied { associate } for pid=9634 comm="syz-executor.4" name="bus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 489.643625][ T9622] XFS (loop0): Quotacheck: Done. [ 489.659928][ C0] vkms_vblank_simulate: vblank timer overrun [ 489.899216][ T8257] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 490.382644][ T9652] loop4: detected capacity change from 0 to 8192 [ 490.410435][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 490.488215][ T9652] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 490.503363][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 490.534884][ T9652] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 490.561680][ T61] bond0 (unregistering): Released all slaves [ 490.618682][ T9652] REISERFS (device loop4): using ordered data mode [ 490.637862][ T9652] reiserfs: using flush barriers [ 490.655915][ T9610] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'. [ 490.672311][ T9652] REISERFS warning (device loop4): sh-458 journal_init_dev: cannot init journal device unknown-block(7,4): -16 [ 490.768892][ T9652] REISERFS warning (device loop4): sh-462 journal_init: unable to initialize journal device [ 490.816427][ T9552] chnl_net:caif_netlink_parms(): no params data found [ 490.822005][ T9652] REISERFS warning (device loop4): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 490.846725][ T61] IPVS: stopping backup sync thread 8992 ... [ 490.997186][ T9659] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 491.345070][ T29] audit: type=1400 audit(1716933071.731:644): avc: denied { read } for pid=9668 comm="syz-executor.4" name="btrfs-control" dev="devtmpfs" ino=1119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 491.368453][ T5107] Bluetooth: hci4: command tx timeout [ 491.401907][ T29] audit: type=1400 audit(1716933071.731:645): avc: denied { open } for pid=9668 comm="syz-executor.4" path="/dev/btrfs-control" dev="devtmpfs" ino=1119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 492.091247][ T9552] bridge0: port 1(bridge_slave_0) entered blocking state [ 492.132818][ T9552] bridge0: port 1(bridge_slave_0) entered disabled state [ 492.141209][ T9552] bridge_slave_0: entered allmulticast mode [ 492.149533][ T9552] bridge_slave_0: entered promiscuous mode [ 492.160950][ T9552] bridge0: port 2(bridge_slave_1) entered blocking state [ 492.168254][ T9552] bridge0: port 2(bridge_slave_1) entered disabled state [ 492.177384][ T9552] bridge_slave_1: entered allmulticast mode [ 492.185981][ T9552] bridge_slave_1: entered promiscuous mode [ 492.886283][ T61] hsr_slave_0: left promiscuous mode [ 492.950128][ T61] hsr_slave_1: left promiscuous mode [ 492.973688][ T9686] loop4: detected capacity change from 0 to 4096 [ 493.015692][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 493.033704][ T9686] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 493.063938][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 493.106350][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 493.158306][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 493.276752][ T61] veth1_macvtap: left promiscuous mode [ 493.307637][ T61] veth0_macvtap: left promiscuous mode [ 493.313538][ T61] veth1_vlan: left promiscuous mode [ 493.326604][ T61] veth0_vlan: left promiscuous mode [ 493.703072][ T9693] input: syz1 as /devices/virtual/input/input20 [ 493.933202][ T5111] Bluetooth: hci1: command 0x0406 tx timeout [ 493.955201][ T9695] loop4: detected capacity change from 0 to 256 [ 493.994770][ T9695] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xba7df490, utbl_chksum : 0xe619d30d) [ 494.146886][ T29] audit: type=1400 audit(1716933074.481:646): avc: denied { read append open } for pid=9694 comm="syz-executor.4" path="/root/syzkaller-testdir148238811/syzkaller.wwUmKH/200/file0/cpu.stat" dev="loop4" ino=1048678 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 494.321495][ T29] audit: type=1400 audit(1716933074.491:647): avc: denied { write } for pid=9694 comm="syz-executor.4" name="cpu.stat" dev="loop4" ino=1048678 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 495.731844][ T9705] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 496.221802][ T29] audit: type=1400 audit(1716933076.631:648): avc: denied { read } for pid=9710 comm="syz-executor.2" name="nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 496.291672][ T29] audit: type=1400 audit(1716933076.661:649): avc: denied { open } for pid=9710 comm="syz-executor.2" path="/dev/nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 496.388931][ T9713] loop0: detected capacity change from 0 to 256 [ 496.491211][ T9713] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 496.538018][ T9713] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 496.726967][ T29] audit: type=1400 audit(1716933077.131:650): avc: denied { map } for pid=9712 comm="syz-executor.0" path="/root/syzkaller-testdir3537421396/syzkaller.ZS3q4U/91/bus/bus" dev="loop0" ino=1048679 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 496.833756][ T29] audit: type=1400 audit(1716933077.131:651): avc: denied { execute } for pid=9712 comm="syz-executor.0" path="/root/syzkaller-testdir3537421396/syzkaller.ZS3q4U/91/bus/bus" dev="loop0" ino=1048679 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 497.027833][ T61] team0 (unregistering): Port device team_slave_1 removed [ 497.194958][ T61] team0 (unregistering): Port device team_slave_0 removed [ 497.203541][ T9721] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.0'. [ 497.232070][ T9721] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.0'. [ 497.417918][ T9725] loop0: detected capacity change from 0 to 64 [ 497.430278][ T9725] hfs: invalid btree extent records [ 497.437771][ T9725] hfs: unable to open extent tree [ 497.453401][ T9725] hfs: can't find a HFS filesystem on dev loop0 [ 497.627121][ T9727] loop4: detected capacity change from 0 to 512 [ 497.645651][ T9727] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 497.655324][ T9727] UDF-fs: Scanning with blocksize 512 failed [ 497.712435][ T9727] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 497.724040][ T9727] UDF-fs: Scanning with blocksize 1024 failed [ 497.735609][ T9727] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 497.747040][ T9727] UDF-fs: Scanning with blocksize 2048 failed [ 497.754978][ T9727] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 497.795694][ T9727] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 497.864532][ T9729] loop0: detected capacity change from 0 to 1024 [ 497.894005][ T9716] loop2: detected capacity change from 0 to 32768 [ 497.938529][ T9716] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES [ 498.952128][ T9739] loop2: detected capacity change from 0 to 256 [ 499.018020][ T29] audit: type=1400 audit(1716933079.421:652): avc: denied { bind } for pid=9740 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 499.062673][ T5107] Bluetooth: hci2: command 0x0406 tx timeout [ 499.187782][ T9731] loop4: detected capacity change from 0 to 32768 [ 499.373930][ T9731] read_mapping_page failed! [ 499.404406][ T9731] ERROR: (device loop4): txAbort: [ 499.404406][ T9731] [ 499.434370][ T9731] ERROR: (device loop4): remounting filesystem as read-only [ 499.918155][ T9750] loop2: detected capacity change from 0 to 1024 [ 499.978979][ T9552] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 500.021583][ T9691] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'. [ 500.083449][ T9552] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 500.415398][ T9552] team0: Port device team_slave_0 added [ 500.455960][ T9552] team0: Port device team_slave_1 added [ 500.480489][ T9764] loop1: detected capacity change from 0 to 256 [ 500.501232][ T9765] loop4: detected capacity change from 0 to 64 [ 500.547274][ T9765] hfs: invalid btree extent records [ 500.566644][ T9765] hfs: unable to open extent tree [ 500.582704][ T29] audit: type=1804 audit(1716933080.991:653): pid=9764 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir787715573/syzkaller.Yuh6la/95/bus" dev="sda1" ino=1961 res=1 errno=0 [ 500.591874][ T9765] hfs: can't find a HFS filesystem on dev loop4 [ 500.707675][ T9552] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 500.714693][ T9552] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 500.787798][ T9552] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 500.831310][ T9552] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 500.857906][ T9552] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 500.916035][ T9552] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 500.964374][ T9773] loop1: detected capacity change from 0 to 2048 [ 501.174255][ T29] audit: type=1400 audit(1716933081.571:654): avc: denied { connect } for pid=9774 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 501.190608][ T61] IPVS: stop unused estimator thread 0... [ 501.252869][ T9552] hsr_slave_0: entered promiscuous mode [ 501.273406][ T9552] hsr_slave_1: entered promiscuous mode [ 501.285231][ T9780] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'. [ 501.327395][ T29] audit: type=1800 audit(1716933081.731:655): pid=9779 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="file1" dev="overlay" ino=1965 res=0 errno=0 [ 502.065341][ T29] audit: type=1400 audit(1716933082.451:656): avc: denied { mount } for pid=9781 comm="syz-executor.2" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 502.368244][ T9789] loop1: detected capacity change from 0 to 1024 [ 502.557155][ T9769] loop0: detected capacity change from 0 to 32768 [ 502.744951][ T29] audit: type=1400 audit(1716933083.151:657): avc: denied { setattr } for pid=9794 comm="syz-executor.2" name="/" dev="configfs" ino=1228 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 502.773422][ T9802] loop1: detected capacity change from 0 to 64 [ 502.792379][ T9769] read_mapping_page failed! [ 502.805954][ T9769] ERROR: (device loop0): txAbort: [ 502.805954][ T9769] [ 502.828083][ T9769] ERROR: (device loop0): remounting filesystem as read-only [ 503.311448][ T9552] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 503.319249][ T29] audit: type=1400 audit(1716933083.731:658): avc: denied { watch watch_reads } for pid=9810 comm="syz-executor.2" path="pipe:[27343]" dev="pipefs" ino=27343 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 503.363349][ T9552] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 503.565426][ T9552] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 503.640496][ T9552] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 503.800078][ T9822] loop1: detected capacity change from 0 to 1024 [ 504.170468][ T5111] Bluetooth: hci3: command 0x0406 tx timeout [ 504.942341][ T9552] 8021q: adding VLAN 0 to HW filter on device bond0 [ 504.958096][ T9827] loop4: detected capacity change from 0 to 2048 [ 504.977059][ T9827] UDF-fs: warning (device loop4): udf_fill_super: No fileset found [ 505.054937][ T9552] 8021q: adding VLAN 0 to HW filter on device team0 [ 505.078927][ T7321] bridge0: port 1(bridge_slave_0) entered blocking state [ 505.086258][ T7321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 505.142767][ T7217] bridge0: port 2(bridge_slave_1) entered blocking state [ 505.150158][ T7217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 505.390514][ T29] audit: type=1800 audit(1716933085.801:659): pid=9827 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="overlay" ino=1964 res=0 errno=0 [ 505.509002][ T9834] loop1: detected capacity change from 0 to 256 [ 506.275855][ T9836] loop0: detected capacity change from 0 to 256 [ 508.238254][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 508.244696][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 508.609886][ T9836] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 509.255753][ T9552] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 509.690701][ T9851] loop0: detected capacity change from 0 to 164 [ 509.759010][ T9851] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 509.813746][ T9857] loop2: detected capacity change from 0 to 1024 [ 509.920353][ T9552] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 509.983458][ T9859] loop4: detected capacity change from 0 to 512 [ 510.084766][ T9859] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 510.150293][ T9859] ext4 filesystem being mounted at /root/syzkaller-testdir148238811/syzkaller.wwUmKH/217/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 510.273587][ T29] audit: type=1400 audit(1716933090.531:660): avc: denied { getopt } for pid=9867 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 510.622824][ T9873] loop1: detected capacity change from 0 to 256 [ 510.968654][ T9875] loop2: detected capacity change from 0 to 256 [ 514.264408][ T9859] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 589824 out of range 0-6 [ 514.278480][ T9865] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 514.343589][ T9859] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 514.403756][ T9859] EXT4-fs error (device loop4): ext4_acquire_dquot:6858: comm syz-executor.4: Failed to acquire dquot type 1 [ 514.720821][ T6711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 514.756222][ T9552] veth0_vlan: entered promiscuous mode [ 514.835680][ T9552] veth1_vlan: entered promiscuous mode [ 514.976380][ T9552] veth0_macvtap: entered promiscuous mode [ 515.028590][ T9552] veth1_macvtap: entered promiscuous mode [ 515.123800][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 515.135203][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 515.151534][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 515.163737][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 515.175927][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 515.187152][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 515.202942][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 515.231568][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 515.252453][ T9552] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 515.312680][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 515.342413][ T9891] loop0: detected capacity change from 0 to 164 [ 515.343323][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 515.377008][ T9891] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 515.384257][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 515.412171][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 515.459264][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 515.488666][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 515.509978][ T9552] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 515.535214][ T9552] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 515.586896][ T9552] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 515.644353][ T9552] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 515.693125][ T9552] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 515.707812][ T9552] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 515.716595][ T9552] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 515.795682][ T9899] loop0: detected capacity change from 0 to 1024 [ 516.224873][ T5152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 516.270423][ T3846] hfsplus: b-tree write err: -5, ino 4 [ 516.281397][ T5152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 517.693121][ T9911] loop2: detected capacity change from 0 to 256 [ 518.030242][ T9913] loop0: detected capacity change from 0 to 256 [ 522.244912][ T9913] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 523.545808][ T5152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 523.581771][ T5152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 523.930828][ T9928] overlay: filesystem on ./bus not supported [ 524.372668][ T9936] loop2: detected capacity change from 0 to 164 [ 524.378678][ T9939] loop4: detected capacity change from 0 to 1024 [ 524.397603][ T29] audit: type=1400 audit(1716933104.791:661): avc: denied { connect } for pid=9942 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 524.448032][ T9940] loop0: detected capacity change from 0 to 2048 [ 524.460372][ T9936] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 524.573104][ T9940] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 524.705530][ T5765] hfsplus: b-tree write err: -5, ino 4 [ 524.730214][ T9940] EXT4-fs (loop0): Online defrag not supported with bigalloc [ 524.861824][ T8257] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.465776][ T9964] loop4: detected capacity change from 0 to 256 [ 525.624413][ T9964] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 526.548822][ T9965] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 526.638484][ T9965] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 526.657504][ T29] audit: type=1400 audit(1716933107.061:662): avc: denied { create } for pid=9954 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1 [ 526.699338][ T9965] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (1) [ 527.072879][ T5111] Bluetooth: hci5: sending frame failed (-49) [ 527.090691][ T5107] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 527.980528][ T9985] overlay: filesystem on ./bus not supported [ 528.043694][ T9989] loop0: detected capacity change from 0 to 2048 [ 528.149751][ T9989] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 528.215349][ T9989] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 528.298118][ T9989] UDF-fs: Scanning with blocksize 512 failed [ 529.398965][T10001] loop3: detected capacity change from 0 to 512 [ 529.439607][ T9989] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 529.588150][T10001] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.3: corrupted in-inode xattr: bad e_name length [ 529.686917][T10001] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 529.813661][T10001] EXT4-fs (loop3): mounted filesystem 00000004-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 530.929868][T10001] EXT4-fs error (device loop3): ext4_read_inline_dir:1559: inode #12: block 7: comm syz-executor.3: path /root/syzkaller-testdir608833614/syzkaller.J1Wo5c/4/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=67108877, rec_len=0, size=80 fake=0 [ 531.168256][ T9552] EXT4-fs (loop3): unmounting filesystem 00000004-0000-0000-0000-000000000000. [ 531.566331][T10015] loop1: detected capacity change from 0 to 256 [ 532.955823][T10014] loop0: detected capacity change from 0 to 4096 [ 532.991458][T10014] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 533.064794][T10014] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 533.077937][ T29] audit: type=1400 audit(1716933113.471:663): avc: denied { shutdown } for pid=10033 comm="syz-executor.3" lport=53201 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 533.229314][T10037] loop3: detected capacity change from 0 to 8 [ 533.274338][T10037] SQUASHFS error: Failed to read block 0x62: -5 [ 533.298154][T10037] squashfs image failed sanity check [ 533.386126][ T5111] Bluetooth: hci5: sending frame failed (-49) [ 533.396809][ T5107] Bluetooth: hci5: Opcode 0x1003 failed: -49 [ 533.428179][T10041] Bluetooth: hci5: Frame reassembly failed (-84) [ 533.446793][T10040] overlay: filesystem on ./bus not supported [ 533.705544][ T63] ntfs3: loop0: ino=5, ntfs3_write_inode failed, -22. [ 533.787885][T10045] loop4: detected capacity change from 0 to 2048 [ 533.809879][T10045] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 533.856206][T10045] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 533.877186][T10045] UDF-fs: Scanning with blocksize 512 failed [ 533.894210][T10049] loop1: detected capacity change from 0 to 512 [ 533.919394][T10045] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 536.968973][T10073] xt_TPROXY: Can be used only with -p tcp or -p udp [ 537.446642][T10089] overlay: filesystem on ./bus not supported [ 537.831226][T10099] loop0: detected capacity change from 0 to 64 [ 539.287317][T10116] overlayfs: missing 'lowerdir' [ 539.386500][T10112] loop3: detected capacity change from 0 to 4096 [ 539.395286][T10112] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 539.426287][T10112] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 541.187087][T10135] loop0: detected capacity change from 0 to 64 [ 541.274517][ T9998] ntfs3: loop3: ino=5, ntfs3_write_inode failed, -22. [ 541.450993][T10141] loop4: detected capacity change from 0 to 256 [ 541.546667][T10141] FAT-fs (loop4): Directory bread(block 64) failed [ 541.562201][T10141] FAT-fs (loop4): Directory bread(block 65) failed [ 541.578340][T10141] FAT-fs (loop4): Directory bread(block 66) failed [ 541.599847][T10141] FAT-fs (loop4): Directory bread(block 67) failed [ 541.646137][T10141] FAT-fs (loop4): Directory bread(block 68) failed [ 541.685148][T10141] FAT-fs (loop4): Directory bread(block 69) failed [ 541.729424][T10141] FAT-fs (loop4): Directory bread(block 70) failed [ 541.748223][T10141] FAT-fs (loop4): Directory bread(block 71) failed [ 541.769747][T10141] FAT-fs (loop4): Directory bread(block 72) failed [ 541.789556][T10141] FAT-fs (loop4): Directory bread(block 73) failed [ 542.115222][T10141] syz-executor.4: attempt to access beyond end of device [ 542.115222][T10141] loop4: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 542.178777][T10141] syz-executor.4: attempt to access beyond end of device [ 542.178777][T10141] loop4: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 542.993444][T10178] loop3: detected capacity change from 0 to 64 [ 543.003678][T10180] netlink: 'syz-executor.2': attribute type 8 has an invalid length. [ 543.114388][T10180] loop2: detected capacity change from 0 to 1024 [ 543.152908][T10184] ebt_among: src integrity fail: 200 [ 543.229423][T10180] loop2: detected capacity change from 0 to 512 [ 543.347033][T10154] loop1: detected capacity change from 0 to 32768 [ 543.572496][T10194] loop0: detected capacity change from 0 to 1024 [ 543.602513][T10194] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 543.651152][T10194] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 543.823713][ T29] audit: type=1400 audit(1716933124.231:664): avc: denied { read } for pid=10202 comm="syz-executor.3" name="mice" dev="devtmpfs" ino=832 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 543.860474][ T29] audit: type=1400 audit(1716933124.261:665): avc: denied { open } for pid=10202 comm="syz-executor.3" path="/dev/input/mice" dev="devtmpfs" ino=832 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 544.208216][ T29] audit: type=1400 audit(1716933124.621:666): avc: denied { mounton } for pid=10209 comm="syz-executor.1" path="/proc/10209/cgroup" dev="proc" ino=28232 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1 [ 544.245884][ T8257] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 544.439640][ T5179] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 544.645474][ T5179] usb 4-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 544.658094][ T5179] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 544.674044][ T5179] usb 4-1: config 0 descriptor?? [ 544.686606][ T5179] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 545.078180][ T5179] gspca_sonixj: reg_w1 err -71 [ 545.096182][ T5179] sonixj 4-1:0.0: probe with driver sonixj failed with error -71 [ 545.147996][ T5179] usb 4-1: USB disconnect, device number 7 [ 545.191561][T10236] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 545.203499][T10236] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 546.238305][T10268] loop3: detected capacity change from 0 to 256 [ 546.262442][T10268] FAT-fs (loop3): Directory bread(block 1795) failed [ 546.337867][T10268] FAT-fs (loop3): Directory bread(block 1795) failed [ 546.362804][T10268] FAT-fs (loop3): Directory bread(block 1795) failed [ 546.376709][T10268] FAT-fs (loop3): Directory bread(block 1795) failed [ 546.674077][ T29] audit: type=1400 audit(1716933127.081:667): avc: denied { bind } for pid=10269 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 546.768714][T10270] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 546.846587][T10271] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10271 comm=syz-executor.2 [ 546.899196][ T29] audit: type=1400 audit(1716933127.311:668): avc: denied { bind } for pid=10279 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 547.085007][T10281] 8021q: adding VLAN 0 to HW filter on device bond1 [ 547.121352][T10281] bond0: (slave bond1): Enslaving as an active interface with an up link [ 547.143361][T10285] loop1: detected capacity change from 0 to 764 [ 547.333006][T10271] 8021q: adding VLAN 0 to HW filter on device bond1 [ 547.355223][T10271] bond1: (slave xfrm1): The slave device specified does not support setting the MAC address [ 547.389347][T10271] bond1: (slave xfrm1): Error -95 calling set_mac_address [ 547.742525][T10295] serio: Serial port pts0 [ 547.781928][T10266] loop4: detected capacity change from 0 to 32768 [ 547.836850][T10266] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (10266) [ 547.893087][T10266] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 547.922593][T10266] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 547.952258][T10266] BTRFS info (device loop4): using free-space-tree [ 547.971795][T10298] loop0: detected capacity change from 0 to 1024 [ 547.991452][T10300] loop2: detected capacity change from 0 to 256 [ 548.036220][T10298] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 548.430260][ T8257] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 548.476827][ T6711] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 548.516407][T10326] loop3: detected capacity change from 0 to 256 [ 548.538697][T10326] FAT-fs (loop3): Directory bread(block 1795) failed [ 548.642463][ T29] audit: type=1326 audit(1716933129.041:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10327 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f853267cee9 code=0x0 [ 548.682620][T10326] FAT-fs (loop3): Directory bread(block 1795) failed [ 548.696791][T10326] FAT-fs (loop3): Directory bread(block 1795) failed [ 548.705701][T10326] FAT-fs (loop3): Directory bread(block 1795) failed [ 549.063552][T10333] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 549.128261][T10335] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10335 comm=syz-executor.1 [ 549.231850][T10335] 8021q: adding VLAN 0 to HW filter on device bond1 [ 549.255645][T10335] bond0: (slave bond1): Enslaving as an active interface with an up link [ 549.403488][T10333] 8021q: adding VLAN 0 to HW filter on device bond1 [ 549.423324][T10333] bond1: (slave xfrm1): The slave device specified does not support setting the MAC address [ 549.455380][T10333] bond1: (slave xfrm1): Error -95 calling set_mac_address [ 549.459606][T10343] loop3: detected capacity change from 0 to 1024 [ 549.482869][T10343] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 549.525491][T10343] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 549.824262][T10354] loop4: detected capacity change from 0 to 128 [ 549.843622][T10354] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 549.940013][ T9552] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 549.955893][T10358] loop1: detected capacity change from 0 to 256 [ 550.332387][T10367] loop3: detected capacity change from 0 to 256 [ 550.398565][T10367] FAT-fs (loop3): Directory bread(block 1795) failed [ 550.551447][ T6711] sysv_free_block: trying to free block not in datazone [ 550.594177][T10367] FAT-fs (loop3): Directory bread(block 1795) failed [ 550.602523][ T6711] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 550.614797][T10367] FAT-fs (loop3): Directory bread(block 1795) failed [ 550.647619][T10367] FAT-fs (loop3): Directory bread(block 1795) failed [ 551.089302][T10377] vxcan1: entered allmulticast mode [ 551.144500][T10381] loop3: detected capacity change from 0 to 764 [ 551.174493][ T29] audit: type=1326 audit(1716933131.581:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10378 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f20ec47cee9 code=0x0 [ 551.460746][T10362] loop0: detected capacity change from 0 to 32768 [ 551.485962][T10362] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (10362) [ 551.535663][T10362] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 551.550230][T10362] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 551.580493][T10362] BTRFS info (device loop0): using free-space-tree [ 551.829622][ T8257] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 551.871980][T10415] loop3: detected capacity change from 0 to 256 [ 551.885669][T10415] FAT-fs (loop3): Directory bread(block 1795) failed [ 552.059537][ T5152] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 552.120717][T10415] FAT-fs (loop3): Directory bread(block 1795) failed [ 552.145554][T10415] FAT-fs (loop3): Directory bread(block 1795) failed [ 552.166715][T10415] FAT-fs (loop3): Directory bread(block 1795) failed [ 552.299588][ T5152] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 552.328204][ T5152] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 552.378032][ T5152] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 552.432894][ T5152] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 552.467873][ T5152] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 552.524354][ T5152] usb 2-1: config 0 descriptor?? [ 552.532991][T10413] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 552.574961][T10423] vxcan1: entered allmulticast mode [ 552.597925][T10425] loop3: detected capacity change from 0 to 764 [ 552.937810][ T29] audit: type=1400 audit(1716933133.341:671): avc: denied { unmount } for pid=6711 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 552.953986][T10429] loop0: detected capacity change from 0 to 4096 [ 552.982327][T10429] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 553.073344][ T5152] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0 [ 553.108982][ T5152] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving [ 553.139645][T10429] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 553.147892][ T5152] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 553.195913][ T29] audit: type=1326 audit(1716933133.601:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10436 comm="syz-executor.3" exe="/root/syz-executor.3" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1afa67cee9 code=0x0 [ 553.509717][ T7266] usb 2-1: USB disconnect, device number 3 [ 553.616689][ T6147] ntfs3: loop0: ino=5, ntfs3_write_inode failed, -22. [ 553.809719][ T29] audit: type=1326 audit(1716933134.221:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10448 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f20ec47cee9 code=0x0 [ 554.178221][T10439] loop2: detected capacity change from 0 to 32768 [ 554.951103][T10469] loop0: detected capacity change from 0 to 64 [ 555.063642][ T29] audit: type=1400 audit(1716933135.471:674): avc: denied { ioctl } for pid=10467 comm="syz-executor.0" path="socket:[29689]" dev="sockfs" ino=29689 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 555.101250][T10471] loop4: detected capacity change from 0 to 1024 [ 555.132033][T10471] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 555.153352][ T29] audit: type=1400 audit(1716933135.501:675): avc: denied { map } for pid=10467 comm="syz-executor.0" path="/dev/vmci" dev="devtmpfs" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 555.179693][ T29] audit: type=1400 audit(1716933135.501:676): avc: denied { execute } for pid=10467 comm="syz-executor.0" path="/dev/vmci" dev="devtmpfs" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 555.253754][T10471] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:482: comm syz-executor.4: Invalid block bitmap block 0 in block_group 0 [ 555.301883][T10471] Quota error (device loop4): write_blk: dquota write failed [ 555.314053][T10471] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 555.324793][T10471] EXT4-fs error (device loop4): ext4_acquire_dquot:6858: comm syz-executor.4: Failed to acquire dquot type 0 [ 555.360442][T10471] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz-executor.4: Freeing blocks not in datazone - block = 0, count = 4096 [ 555.401605][T10471] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz-executor.4: Invalid inode bitmap blk 0 in block_group 0 [ 555.439303][T10471] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 555.443887][ T6147] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-8 [ 555.482289][T10471] EXT4-fs (loop4): 1 orphan inode deleted [ 555.491368][ T6147] EXT4-fs error (device loop4): ext4_release_dquot:6881: comm kworker/u8:12: Failed to release dquot type 0 [ 555.519737][T10471] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 555.581942][T10471] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 555.633186][ T6711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 556.124491][ T5179] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 556.735785][T10501] syz-executor.4 (10501): drop_caches: 2 [ 557.165151][ T5179] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 557.238705][ T5179] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 557.269730][ T5179] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 557.317665][ T5179] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 557.339875][ T5179] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 557.375691][ T5179] usb 4-1: config 0 descriptor?? [ 557.387285][T10486] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 557.987998][ T5179] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 557.997098][ T5179] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving [ 558.049697][ T5179] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 558.147110][T10522] loop1: detected capacity change from 0 to 2048 [ 558.367277][ T5179] usb 4-1: USB disconnect, device number 8 [ 558.377667][ T7311] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 558.567671][ T7311] usb 5-1: Using ep0 maxpacket: 32 [ 558.590189][ T7311] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 558.614299][ T7311] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 558.647243][ T7311] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 558.673950][ T7311] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 558.718586][ T7311] usb 5-1: Product: syz [ 558.722882][ T7311] usb 5-1: Manufacturer: syz [ 558.732899][T10507] loop2: detected capacity change from 0 to 32768 [ 558.775421][ T7311] hub 5-1:4.0: USB hub found [ 558.781832][T10510] loop0: detected capacity change from 0 to 32768 [ 558.801202][T10510] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (10510) [ 558.823578][T10510] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 558.834079][T10510] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 558.846869][T10510] BTRFS info (device loop0): using free-space-tree [ 558.862318][T10529] loop1: detected capacity change from 0 to 2048 [ 559.070025][ T7311] hub 5-1:4.0: 2 ports detected [ 559.080126][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 559.080189][ T29] audit: type=1804 audit(1716933139.491:679): pid=10529 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir787715573/syzkaller.Yuh6la/152/bus" dev="sda1" ino=1967 res=1 errno=0 [ 559.308016][ T8257] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 559.948619][T10551] loop1: detected capacity change from 0 to 256 [ 560.832995][T10554] loop2: detected capacity change from 0 to 256 [ 561.139072][ T7311] hub 5-1:4.0: activate --> -90 [ 561.285083][ T29] audit: type=1400 audit(1716933141.691:680): avc: denied { mounton } for pid=10561 comm="syz-executor.1" path="/root/syzkaller-testdir787715573/syzkaller.Yuh6la/155/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 561.376979][T10564] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 561.403883][ T7311] hub 5-1:4.0: hub_ext_port_status failed (err = -71) [ 561.404569][ T25] usb 5-1: USB disconnect, device number 5 [ 561.427704][T10564] netlink: 'syz-executor.2': attribute type 18 has an invalid length. [ 561.945252][T10568] loop0: detected capacity change from 0 to 256 [ 564.486684][T10577] loop1: detected capacity change from 0 to 2048 [ 564.623420][T10584] loop2: detected capacity change from 0 to 512 [ 564.659015][T10584] ext4: Unknown parameter 'appraise' [ 565.572481][T10601] loop4: detected capacity change from 0 to 256 [ 565.599399][ T7311] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 566.487553][ T5179] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 566.698043][ T5179] usb 3-1: Using ep0 maxpacket: 32 [ 566.713817][ T5179] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 566.739812][T10605] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 566.760263][ T5179] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 566.802989][ T5179] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 566.841341][ T5179] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 566.890568][ T5179] usb 3-1: Product: syz [ 566.915123][ T5179] usb 3-1: Manufacturer: syz [ 566.994022][ T5179] hub 3-1:4.0: USB hub found [ 567.148738][T10609] loop1: detected capacity change from 0 to 256 [ 567.235394][ T7311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 568.373471][ T7311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 568.384775][ T7311] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 568.398838][ T7311] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 568.408083][ T7311] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 568.445499][ T7311] usb 4-1: config 0 descriptor?? [ 568.479732][ T7311] usb 4-1: can't set config #0, error -71 [ 568.511342][ T5179] hub 3-1:4.0: config failed, can't read hub descriptor (err -22) [ 568.514793][ T7311] usb 4-1: USB disconnect, device number 9 [ 568.603482][ T5179] usb 3-1: USB disconnect, device number 8 [ 568.654166][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.660829][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.036479][T10624] loop4: detected capacity change from 0 to 2048 [ 569.111665][T10624] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 569.419195][ T29] audit: type=1400 audit(1716933149.811:681): avc: denied { create } for pid=10618 comm="syz-executor.4" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:iso9660_t tclass=chr_file permissive=1 [ 569.678769][T10634] loop0: detected capacity change from 0 to 256 [ 570.758128][ T29] audit: type=1400 audit(1716933151.061:682): avc: denied { unlink } for pid=10618 comm="syz-executor.4" name="file0" dev="loop4" ino=1367 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=chr_file permissive=1 [ 571.262374][T10617] loop2: detected capacity change from 0 to 32768 [ 571.437765][ T7312] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 571.497884][T10655] xt_l2tp: v2 doesn't support IP mode [ 571.667517][ T7312] usb 5-1: Using ep0 maxpacket: 32 [ 571.677172][ T7312] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 571.717702][ T7312] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 571.745484][ T7312] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 571.773726][ T7312] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 571.797673][ T7312] usb 5-1: Product: syz [ 571.806550][ T7312] usb 5-1: Manufacturer: syz [ 571.840624][ T7312] hub 5-1:4.0: USB hub found [ 572.115700][ T7312] hub 5-1:4.0: 2 ports detected [ 572.567850][T10671] loop2: detected capacity change from 0 to 2048 [ 572.570026][T10673] hfs: can't find a HFS filesystem on dev nullb0 [ 573.152367][T10659] loop3: detected capacity change from 0 to 32768 [ 573.322109][T10664] loop1: detected capacity change from 0 to 32768 [ 573.411409][ T7312] hub 5-1:4.0: activate --> -90 [ 573.653496][ T7312] hub 5-1:4.0: hub_ext_port_status failed (err = -71) [ 573.674865][ T7312] usb 5-1: USB disconnect, device number 6 [ 575.400406][T10723] loop1: detected capacity change from 0 to 512 [ 575.991211][T10728] batadv0: entered promiscuous mode [ 576.009262][T10696] loop2: detected capacity change from 0 to 40427 [ 576.016581][T10728] macsec1: entered promiscuous mode [ 576.033822][T10728] macsec1: entered allmulticast mode [ 576.052083][T10728] batadv0: entered allmulticast mode [ 576.152395][T10728] batadv0: left allmulticast mode [ 576.158413][T10728] batadv0: left promiscuous mode [ 576.237133][T10711] loop4: detected capacity change from 0 to 32768 [ 576.496039][T10734] ip6t_srh: unknown srh invflags 7863 [ 576.595634][T10717] loop0: detected capacity change from 0 to 32768 [ 577.019630][T10739] loop3: detected capacity change from 0 to 256 [ 578.692541][T10754] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 578.727294][T10754] netlink: 'syz-executor.3': attribute type 18 has an invalid length. [ 579.939832][ T7312] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 580.151590][ T7312] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 580.170537][ T7312] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 580.203275][ T7312] usb 2-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 580.232648][ T7312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.282571][ T7312] usb 2-1: config 0 descriptor?? [ 580.697235][ T29] audit: type=1400 audit(1716933161.101:683): avc: denied { append } for pid=10755 comm="syz-executor.1" name="nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 581.171391][ T5152] usb 2-1: USB disconnect, device number 4 [ 582.142395][T10794] loop0: detected capacity change from 0 to 64 [ 582.347645][ T5152] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 582.511011][T10775] loop2: detected capacity change from 0 to 32768 [ 582.575127][ T5152] usb 4-1: Using ep0 maxpacket: 16 [ 582.607892][ T5152] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 582.623898][ T5152] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 582.634766][ T5152] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 582.656821][ T5152] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 582.673283][ T5152] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 582.713659][ T5152] usb 4-1: config 0 descriptor?? [ 583.280499][ T29] audit: type=1400 audit(1716933163.681:684): avc: denied { ioctl } for pid=10790 comm="syz-executor.3" path="socket:[31284]" dev="sockfs" ino=31284 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 587.778752][ T5152] usbhid 4-1:0.0: can't add hid device: -32 [ 587.784890][ T5152] usbhid 4-1:0.0: probe with driver usbhid failed with error -32 [ 588.137243][ T29] audit: type=1400 audit(1716933168.541:685): avc: denied { setattr } for pid=10809 comm="syz-executor.2" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 588.742336][ T5152] usb 4-1: USB disconnect, device number 10 [ 589.114712][ T5179] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 589.241409][T10820] netlink: 'syz-executor.0': attribute type 7 has an invalid length. [ 589.271227][T10820] netlink: 199836 bytes leftover after parsing attributes in process `syz-executor.0'. [ 589.317548][ T5152] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 589.331190][ T5179] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 589.385193][ T5179] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 589.455262][ T5179] usb 3-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 589.721618][ T5179] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 589.737110][ T5152] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 589.810198][ T5179] usb 3-1: config 0 descriptor?? [ 590.840222][ T5152] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 590.851415][ T5152] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 590.875348][ T5152] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 591.136451][ T5152] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 591.146949][ T5152] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 591.155292][ T5152] usb 4-1: Manufacturer: syz [ 591.189071][ T5152] usb 4-1: config 0 descriptor?? [ 592.180343][ T5152] usbhid 4-1:0.0: can't add hid device: -71 [ 592.196367][ T5152] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 592.267692][ T5152] usb 4-1: USB disconnect, device number 11 [ 593.055538][ T5152] usb 3-1: USB disconnect, device number 9 [ 595.847560][ T5152] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 595.932456][T10853] loop3: detected capacity change from 0 to 512 [ 596.023551][T10853] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 596.059917][T10853] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 596.078353][ T5152] usb 3-1: Using ep0 maxpacket: 16 [ 596.088462][T10859] loop1: detected capacity change from 0 to 64 [ 596.097806][T10853] System zones: 0-1, 15-15, 18-18, 34-34 [ 596.104530][T10853] EXT4-fs (loop3): orphan cleanup on readonly fs [ 596.108429][ T5152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 596.112025][T10853] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 596.136162][T10853] EXT4-fs warning (device loop3): ext4_enable_quotas:7074: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 596.154351][T10853] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 596.168366][T10853] EXT4-fs error (device loop3): ext4_orphan_get:1420: comm syz-executor.3: bad orphan inode 16 [ 596.198341][ T5152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 596.207180][T10853] ext4_test_bit(bit=15, block=18) = 1 [ 596.223272][T10853] is_bad_inode(inode)=0 [ 596.230941][T10853] NEXT_ORPHAN(inode)=0 [ 596.244824][T10853] max_ino=32 [ 596.249136][T10853] i_nlink=2 [ 596.254663][T10853] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 596.311467][ T5152] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 596.421797][ T5152] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 596.705840][ T5152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 597.928748][ T5152] usb 3-1: config 0 descriptor?? [ 597.987776][ T5152] usb 3-1: can't set config #0, error -71 [ 598.007964][ T5152] usb 3-1: USB disconnect, device number 10 [ 598.044853][ T9552] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 598.230566][T10872] Cannot find map_set index 0 as target [ 598.467875][ T25] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 598.613701][T10882] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 598.681721][ T25] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 598.712912][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 598.740624][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 598.755052][ T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 598.773967][ T25] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 598.786466][ T25] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 598.795328][ T25] usb 1-1: Manufacturer: syz [ 598.805508][ T25] usb 1-1: config 0 descriptor?? [ 599.094791][T10890] loop3: detected capacity change from 0 to 64 [ 599.333876][ T25] appleir 0003:05AC:8243.0010: unknown main item tag 0x0 [ 599.386673][ T25] appleir 0003:05AC:8243.0010: No inputs registered, leaving [ 599.473801][ T25] appleir 0003:05AC:8243.0010: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 600.919388][T10899] loop1: detected capacity change from 0 to 256 [ 601.045600][T10878] loop2: detected capacity change from 0 to 32768 [ 602.171829][ T9] usb 1-1: USB disconnect, device number 7 [ 603.272178][T10933] tipc: Started in network mode [ 603.277614][T10933] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 603.296361][T10933] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 603.308005][T10933] tipc: Enabled bearer , priority 10 [ 603.457701][ T7321] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 603.688827][ T29] audit: type=1400 audit(1716933184.091:686): avc: denied { bind } for pid=10934 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 604.441954][ T7217] tipc: Node number set to 1 [ 604.571819][ T7321] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 604.588800][ T7321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 604.607985][ T7321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 604.627714][ T7321] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 604.691400][ T7321] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 604.713179][ T7321] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 604.733830][ T7321] usb 1-1: Manufacturer: syz [ 604.759601][ T7321] usb 1-1: config 0 descriptor?? [ 605.286443][ T7321] appleir 0003:05AC:8243.0011: unknown main item tag 0x0 [ 605.329187][ T7321] appleir 0003:05AC:8243.0011: No inputs registered, leaving [ 605.375416][ T7321] appleir 0003:05AC:8243.0011: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 605.470411][T10954] fscrypt (sda1, inode 1963): Unsupported log2_data_unit_size in encryption policy: 133 [ 606.072743][T10963] loop2: detected capacity change from 0 to 64 [ 606.233662][ T25] usb 1-1: USB disconnect, device number 8 [ 606.567577][ T5111] Bluetooth: hci4: command 0x0406 tx timeout [ 606.733016][T10971] x_tables: duplicate underflow at hook 1 [ 607.128226][T10977] loop0: detected capacity change from 0 to 256 [ 607.246576][T10949] loop3: detected capacity change from 0 to 32768 [ 607.340563][T10949] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 607.426836][T10979] loop1: detected capacity change from 0 to 2048 [ 607.448118][T10989] tmpfs: Bad value for 'mpol' [ 607.546563][T10949] XFS (loop3): Ending clean mount [ 607.630018][T10949] XFS (loop3): Quotacheck needed: Please wait. [ 607.880499][T10949] XFS (loop3): Quotacheck: Done. [ 608.031561][ T29] audit: type=1800 audit(1716933188.441:687): pid=10949 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=9291 res=0 errno=0 [ 608.056214][T10998] loop0: detected capacity change from 0 to 8 [ 608.135027][ T7321] IPVS: starting estimator thread 0... [ 608.145766][T10998] unable to read id index table [ 608.152247][T11002] x_tables: duplicate underflow at hook 1 [ 608.237626][T11003] IPVS: using max 17 ests per chain, 40800 per kthread [ 608.741072][ T29] audit: type=1400 audit(1716933189.151:688): avc: denied { setattr } for pid=11005 comm="syz-executor.0" name="" dev="pipefs" ino=31625 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 609.030784][ T9552] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 609.042756][T11013] loop4: detected capacity change from 0 to 2048 [ 609.127866][T11013] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 609.130227][T11015] loop2: detected capacity change from 0 to 2048 [ 609.162365][ T29] audit: type=1400 audit(1716933189.571:689): avc: denied { read write } for pid=11012 comm="syz-executor.4" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 609.211897][ T29] audit: type=1400 audit(1716933189.591:690): avc: denied { open } for pid=11012 comm="syz-executor.4" path="/root/syzkaller-testdir148238811/syzkaller.wwUmKH/281/file0/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 609.250954][ T29] audit: type=1800 audit(1716933189.591:691): pid=11013 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.4" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 609.278519][T11013] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 609.425679][T11013] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 9 with error 28 [ 609.511114][ T29] audit: type=1800 audit(1716933189.921:692): pid=11015 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1936 res=0 errno=0 [ 609.516486][T11025] loop0: detected capacity change from 0 to 2048 [ 609.543601][T11013] EXT4-fs (loop4): This should not happen!! Data will be lost [ 609.543601][T11013] [ 609.554389][T11023] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 609.563292][T11013] EXT4-fs (loop4): Total free blocks count 0 [ 609.589246][T11013] EXT4-fs (loop4): Free/Dirty block details [ 609.619925][T11013] EXT4-fs (loop4): free_blocks=2415919104 [ 609.637743][T11013] EXT4-fs (loop4): dirty_blocks=32 [ 609.656689][T11013] EXT4-fs (loop4): Block reservation details [ 609.675779][T11013] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 609.684003][T11025] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 609.708000][T11025] ext4 filesystem being mounted at /root/syzkaller-testdir3537421396/syzkaller.ZS3q4U/200/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 609.835433][T11033] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 609.853155][T11035] tmpfs: Bad value for 'mpol' [ 609.920376][T11033] tipc: Enabled bearer , priority 10 [ 609.929721][ T29] audit: type=1400 audit(1716933190.341:693): avc: denied { ioctl } for pid=11024 comm="syz-executor.0" path="/root/syzkaller-testdir3537421396/syzkaller.ZS3q4U/200/file0/file0/file0" dev="loop0" ino=13 ioctlcmd=0x6685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 610.000454][T11025] fs-verity: sha512 using implementation "sha512-avx2" [ 610.030873][ T29] audit: type=1400 audit(1716933190.341:694): avc: denied { listen } for pid=11036 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 610.294422][ T8257] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 610.609400][ T5179] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 610.837571][ T5179] usb 2-1: Using ep0 maxpacket: 8 [ 610.846586][ T5179] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 610.873282][ T5179] usb 2-1: config 0 has no interface number 0 [ 610.907623][ T5179] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 610.947339][ T5179] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 610.977742][ T5179] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 611.011161][ T5179] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 611.043258][ T25] tipc: Node number set to 10005162 [ 611.059950][ T5179] usb 2-1: config 0 descriptor?? [ 611.121662][ T5179] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 611.453893][ T29] audit: type=1400 audit(1716933191.861:695): avc: denied { create } for pid=11045 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 611.575905][ T29] audit: type=1400 audit(1716933191.981:696): avc: denied { write } for pid=11045 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 611.608850][ T7312] usb 2-1: USB disconnect, device number 5 [ 611.639946][ T7312] iowarrior 2-1:0.1: I/O-Warror #0 now disconnected [ 611.654314][ T29] audit: type=1400 audit(1716933192.001:697): avc: denied { nlmsg_write } for pid=11045 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 611.675395][ C0] vkms_vblank_simulate: vblank timer overrun [ 612.641007][T11077] lo speed is unknown, defaulting to 1000 [ 614.243293][T11072] loop3: detected capacity change from 0 to 64 [ 614.531275][ T7312] kernel write not supported for file bpf-prog (pid: 7312 comm: kworker/0:10) [ 615.004095][T11096] loop3: detected capacity change from 0 to 512 [ 615.036864][T11096] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz-executor.3: iget: bad i_size value: -67835469387268086 [ 615.274613][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 615.274637][ T29] audit: type=1326 audit(1716933195.631:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11093 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41a7cee9 code=0x7ffc0000 [ 615.622516][ T29] audit: type=1326 audit(1716933195.641:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11093 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41a7cee9 code=0x7ffc0000 [ 615.668420][T11096] EXT4-fs (loop3): Remounting filesystem read-only [ 616.107847][ T29] audit: type=1326 audit(1716933195.651:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11093 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f5a41a7cee9 code=0x7ffc0000 [ 616.136125][T11096] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 616.202579][T11096] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 616.236209][ T29] audit: type=1326 audit(1716933195.651:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11093 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41a7cee9 code=0x7ffc0000 [ 616.262879][ T29] audit: type=1326 audit(1716933195.651:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11093 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41a7cee9 code=0x7ffc0000 [ 616.301729][T11096] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 616.369971][ T29] audit: type=1326 audit(1716933195.671:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11090 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 616.455305][ T29] audit: type=1326 audit(1716933195.671:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11090 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 616.507273][T11096] CUSE: unknown device info "./file0" [ 616.530604][T11096] CUSE: unknown device info "errors" [ 616.541173][ T29] audit: type=1326 audit(1716933195.681:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11090 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 616.565504][T11096] CUSE: DEVNAME unspecified [ 616.568527][T11105] loop4: detected capacity change from 0 to 128 [ 616.618869][T11105] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 616.683202][ T29] audit: type=1326 audit(1716933195.681:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11090 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 616.862437][ T29] audit: type=1326 audit(1716933195.681:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11090 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 617.030106][T11113] loop1: detected capacity change from 0 to 64 [ 617.156281][ T6711] sysv_free_block: trying to free block not in datazone [ 617.268221][ T6711] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 618.094637][T11117] lo speed is unknown, defaulting to 1000 [ 619.623014][ T5111] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 619.639362][ T5111] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 619.651290][ T5111] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 619.665937][ T5111] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 619.675876][ T5111] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 619.685159][ T5111] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 619.836378][ T63] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 620.467036][ T63] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 622.802109][ T5107] Bluetooth: hci4: command tx timeout [ 622.811285][ T29] audit: type=1326 audit(1716933202.421:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11130 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 622.914673][ T29] audit: type=1326 audit(1716933202.421:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11130 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 622.991876][ T29] audit: type=1326 audit(1716933202.421:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11130 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 623.061677][ T29] audit: type=1326 audit(1716933202.421:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11130 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 623.108053][ T29] audit: type=1326 audit(1716933202.421:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11130 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 623.127804][T11142] loop0: detected capacity change from 0 to 128 [ 623.137589][ T29] audit: type=1326 audit(1716933202.461:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97b887cee9 code=0x7ffc0000 [ 623.163399][ T29] audit: type=1326 audit(1716933202.471:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97b887cee9 code=0x7ffc0000 [ 623.186194][T11122] lo speed is unknown, defaulting to 1000 [ 623.244616][T11142] VFS: Found a Xenix FS (block size = 512) on device loop0 [ 623.261468][ T29] audit: type=1326 audit(1716933202.471:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f97b887cee9 code=0x7ffc0000 [ 623.273021][T11144] loop1: detected capacity change from 0 to 1024 [ 623.341228][ T29] audit: type=1326 audit(1716933202.471:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97b887cee9 code=0x7ffc0000 [ 623.349530][ T63] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 623.414736][ T8257] sysv_free_block: trying to free block not in datazone [ 623.433944][ T29] audit: type=1326 audit(1716933202.471:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11134 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97b887cee9 code=0x7ffc0000 [ 623.451704][ T8257] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 623.633988][ T63] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 623.676703][ T7312] libceph: connect (1)[c::]:6789 error -101 [ 623.683038][ T7312] libceph: mon0 (1)[c::]:6789 connect error [ 623.719719][T11151] ceph: No mds server is up or the cluster is laggy [ 624.560717][ T9] libceph: connect (1)[c::]:6789 error -101 [ 624.566979][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 624.898033][ T5111] Bluetooth: hci4: command tx timeout [ 625.423713][T11163] lo speed is unknown, defaulting to 1000 [ 625.505511][ T5152] libceph: connect (1)[c::]:6789 error -101 [ 625.514011][ T5152] libceph: mon0 (1)[c::]:6789 connect error [ 626.948322][ T1609] kernel write not supported for file bpf-prog (pid: 1609 comm: kworker/1:2) [ 626.970015][ T5111] Bluetooth: hci4: command tx timeout [ 627.614604][T11188] loop4: detected capacity change from 0 to 128 [ 627.626272][ T63] bridge_slave_1: left allmulticast mode [ 627.654364][ T63] bridge_slave_1: left promiscuous mode [ 627.660976][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 627.686159][ T63] bridge_slave_0: left allmulticast mode [ 627.693838][T11188] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 627.695880][ T63] bridge_slave_0: left promiscuous mode [ 627.722846][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 627.943060][ T6711] sysv_free_block: trying to free block not in datazone [ 627.954520][T11193] loop2: detected capacity change from 0 to 1024 [ 627.970745][ T6711] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 628.256674][T11168] loop0: detected capacity change from 0 to 32768 [ 628.306129][ T9] libceph: connect (1)[c::]:6789 error -101 [ 628.313397][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 628.327750][T11197] ceph: No mds server is up or the cluster is laggy [ 628.350491][T11168] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 628.643434][ T29] kauditd_printk_skb: 15 callbacks suppressed [ 628.643503][ T29] audit: type=1400 audit(1716933209.051:734): avc: denied { getopt } for pid=11210 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 628.720322][T11168] XFS (loop0): Ending clean mount [ 628.804208][ T8257] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 629.222287][ T29] audit: type=1326 audit(1716933209.581:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11215 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 629.308798][ T5111] Bluetooth: hci4: command tx timeout [ 629.892509][ T29] audit: type=1326 audit(1716933209.581:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11215 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 629.963337][ T29] audit: type=1326 audit(1716933209.601:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11215 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 629.997698][ T29] audit: type=1326 audit(1716933209.611:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11215 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 630.094746][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 630.101415][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 630.113338][ T29] audit: type=1326 audit(1716933209.611:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11215 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ec47cee9 code=0x7ffc0000 [ 630.160136][T11223] loop2: detected capacity change from 0 to 256 [ 630.597343][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 630.612689][ T9] kernel write not supported for file bpf-prog (pid: 9 comm: kworker/0:1) [ 630.628537][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 630.642408][ T63] bond0 (unregistering): Released all slaves [ 630.682295][T11122] chnl_net:caif_netlink_parms(): no params data found [ 630.881945][ T63] tipc: Disabling bearer [ 630.912350][ T63] tipc: Left network mode [ 630.963765][T11235] ceph: No mds server is up or the cluster is laggy [ 631.351680][T11248] loop1: detected capacity change from 0 to 1024 [ 631.518829][T11248] loop1: detected capacity change from 0 to 256 [ 631.559844][T11122] bridge0: port 1(bridge_slave_0) entered blocking state [ 631.579859][T11122] bridge0: port 1(bridge_slave_0) entered disabled state [ 631.599317][T11122] bridge_slave_0: entered allmulticast mode [ 631.621667][T11122] bridge_slave_0: entered promiscuous mode [ 631.646150][T11122] bridge0: port 2(bridge_slave_1) entered blocking state [ 631.668232][T11122] bridge0: port 2(bridge_slave_1) entered disabled state [ 631.683697][T11122] bridge_slave_1: entered allmulticast mode [ 631.717873][T11122] bridge_slave_1: entered promiscuous mode [ 631.790305][T11257] bridge0: port 2(bridge_slave_1) entered disabled state [ 631.800332][T11257] bridge0: port 1(bridge_slave_0) entered disabled state [ 631.830623][T11257] bridge0: entered allmulticast mode [ 631.976580][T11256] bridge0: port 2(bridge_slave_1) entered blocking state [ 631.984010][T11256] bridge0: port 2(bridge_slave_1) entered forwarding state [ 631.991831][T11256] bridge0: port 1(bridge_slave_0) entered blocking state [ 631.999175][T11256] bridge0: port 1(bridge_slave_0) entered forwarding state [ 632.028100][T11256] bridge0: entered promiscuous mode [ 632.091990][T11122] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 632.142713][T11122] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 632.195208][ T29] audit: type=1800 audit(1716933212.601:740): pid=11270 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1944 res=0 errno=0 [ 632.260595][ T29] audit: type=1800 audit(1716933212.601:741): pid=11270 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1944 res=0 errno=0 [ 632.288464][T11273] loop0: detected capacity change from 0 to 16 [ 632.316589][T11273] erofs: (device loop0): erofs_read_superblock: cannot find valid erofs superblock [ 632.329527][T11272] loop2: detected capacity change from 0 to 1024 [ 632.449867][ T63] hsr_slave_0: left promiscuous mode [ 632.474518][ T63] hsr_slave_1: left promiscuous mode [ 632.495881][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 632.508325][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 632.526797][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 632.552987][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 632.560007][T11273] loop0: detected capacity change from 0 to 16 [ 632.578562][T11273] erofs: Unknown parameter '‰ga?H#3C ?L7@&0f&g`dЃ TK ' [ 632.696955][ T63] veth1_macvtap: left promiscuous mode [ 632.747818][ T63] veth0_macvtap: left promiscuous mode [ 632.753685][ T63] veth1_vlan: left promiscuous mode [ 632.787874][ T63] veth0_vlan: left promiscuous mode [ 632.995380][T11292] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11292 comm=syz-executor.2 [ 633.051132][ T29] audit: type=1400 audit(1716933213.461:742): avc: denied { read } for pid=11286 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 634.561281][ T63] team0 (unregistering): Port device team_slave_1 removed [ 634.692029][ T63] team0 (unregistering): Port device team_slave_0 removed [ 634.790461][T11321] loop4: detected capacity change from 0 to 16 [ 634.817982][T11321] erofs: (device loop4): erofs_read_superblock: cannot find valid erofs superblock [ 635.012603][T11323] loop4: detected capacity change from 0 to 16 [ 635.021441][T11323] erofs: Unknown parameter '‰ga?H#3C ?L7@&0f&g`dЃ TK ' [ 636.829164][T11122] team0: Port device team_slave_0 added [ 636.851774][T11122] team0: Port device team_slave_1 added [ 636.988166][T11292] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 637.148057][T11299] bridge0: port 2(bridge_slave_1) entered disabled state [ 637.159567][T11299] bridge0: port 1(bridge_slave_0) entered disabled state [ 637.188316][T11299] bridge0: entered allmulticast mode [ 637.236063][T11303] bridge0: port 2(bridge_slave_1) entered blocking state [ 637.243498][T11303] bridge0: port 2(bridge_slave_1) entered forwarding state [ 637.251680][T11303] bridge0: port 1(bridge_slave_0) entered blocking state [ 637.259032][T11303] bridge0: port 1(bridge_slave_0) entered forwarding state [ 637.290313][T11303] bridge0: entered promiscuous mode [ 637.421353][ T29] audit: type=1400 audit(1716933217.831:743): avc: denied { getopt } for pid=11336 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 637.424885][T11122] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 637.424909][T11122] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 637.424954][T11122] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 637.458716][T11122] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 637.458740][T11122] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 637.458777][T11122] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 637.631219][ T29] audit: type=1800 audit(1716933218.041:744): pid=11344 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=1960 res=0 errno=0 [ 637.787970][T11346] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 637.798876][ T29] audit: type=1400 audit(1716933218.201:745): avc: denied { remount } for pid=11342 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 637.864883][T11122] hsr_slave_0: entered promiscuous mode [ 637.875982][T11122] hsr_slave_1: entered promiscuous mode [ 638.389898][ T7321] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 639.357604][ T7217] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 639.475805][T11363] loop2: detected capacity change from 0 to 2048 [ 639.501043][ T7321] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 639.523306][ T7321] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 639.538922][ T7321] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 639.558366][ T7321] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 639.575906][ T7217] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 639.602005][ T7321] usb 2-1: config 0 descriptor?? [ 639.609405][ T7217] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 639.637077][ T7217] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 639.677038][ T7217] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 639.698238][ T7217] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 639.721780][ T7217] usb 1-1: config 0 descriptor?? [ 639.760164][T11354] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 640.108930][T11368] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=11368 comm=syz-executor.4 [ 640.215621][T11369] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 640.284520][T11371] loop2: detected capacity change from 0 to 4096 [ 640.320660][ T7217] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 640.374794][ T7217] plantronics 0003:047F:FFFF.0012: unknown main item tag 0x0 [ 640.386521][ T7217] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving [ 640.418770][ T7217] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 640.512361][T11122] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 640.548614][ T29] audit: type=1800 audit(1716933220.951:746): pid=11371 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=1954 res=0 errno=0 [ 640.590563][T11122] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 640.614879][T11122] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 640.655258][T11122] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 641.143299][ T5152] usb 1-1: USB disconnect, device number 9 [ 641.242791][T11122] 8021q: adding VLAN 0 to HW filter on device bond0 [ 641.262820][ T29] audit: type=1800 audit(1716933221.671:747): pid=11384 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=1958 res=0 errno=0 [ 641.306115][ T9] usb 2-1: USB disconnect, device number 6 [ 641.361201][ T29] audit: type=1400 audit(1716933221.761:748): avc: denied { lock } for pid=11381 comm="syz-executor.2" path="/dev/ppp" dev="devtmpfs" ino=694 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 641.400859][T11122] 8021q: adding VLAN 0 to HW filter on device team0 [ 641.438717][ T5152] bridge0: port 1(bridge_slave_0) entered blocking state [ 641.446038][ T5152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 641.478157][T11386] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 641.524645][ T7311] bridge0: port 2(bridge_slave_1) entered blocking state [ 641.531984][ T7311] bridge0: port 2(bridge_slave_1) entered forwarding state [ 641.649866][T11390] loop2: detected capacity change from 0 to 512 [ 642.787846][ T29] audit: type=1400 audit(1716933223.191:749): avc: denied { append } for pid=11395 comm="syz-executor.0" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1 [ 643.030271][ T29] audit: type=1400 audit(1716933223.441:750): avc: denied { create } for pid=11399 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 643.079300][T11398] loop2: detected capacity change from 0 to 2048 [ 643.094607][ T29] audit: type=1400 audit(1716933223.461:751): avc: denied { connect } for pid=11399 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 643.119908][T11406] 9p: Unknown access argument 18446744073709551615: -34 [ 643.156537][ T29] audit: type=1400 audit(1716933223.491:752): avc: denied { write } for pid=11399 comm="syz-executor.4" path="socket:[33399]" dev="sockfs" ino=33399 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 643.396799][T11412] loop0: detected capacity change from 0 to 128 [ 643.426185][T11122] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 643.446513][T11412] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 643.490894][T11412] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 643.674189][T11122] veth0_vlan: entered promiscuous mode [ 643.691084][ T29] audit: type=1400 audit(1716933224.091:753): avc: denied { append } for pid=11410 comm="syz-executor.0" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 643.738984][ T5179] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 643.763509][T11122] veth1_vlan: entered promiscuous mode [ 643.960601][T11122] veth0_macvtap: entered promiscuous mode [ 644.002507][T11122] veth1_macvtap: entered promiscuous mode [ 644.012093][ T5179] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 644.060674][ T5179] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 644.132573][T11122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 644.147749][ T5179] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 644.175120][ T5179] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.200937][T11122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 644.226112][ T5179] usb 5-1: config 0 descriptor?? [ 644.242587][T11122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 644.263631][T11122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 644.267073][T11425] loop0: detected capacity change from 0 to 1 [ 644.282674][T11122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 644.304518][T11122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 644.316395][T11425] syz-executor.0: attempt to access beyond end of device [ 644.316395][T11425] loop0: rw=2048, sector=0, nr_sectors = 8 limit=1 [ 644.347322][T11425] SQUASHFS error: Failed to read block 0x0: -5 [ 644.374700][T11425] unable to read squashfs_super_block [ 644.383699][T11122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 644.412745][T11122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 644.417647][ T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 644.440379][T11122] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 644.505748][T11122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 644.559156][T11122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 644.630965][T11122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 644.649266][T11122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 644.670295][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 644.670911][T11122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 644.720160][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 644.728164][T11122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 644.785917][ T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 644.793861][T11122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 644.831960][ T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 644.855606][T11122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 644.862340][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.901746][ T9] usb 3-1: config 0 descriptor?? [ 644.907791][T11122] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 644.944116][T11423] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 644.996108][T11122] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 645.083332][T11122] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 645.103835][T11122] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 645.132711][T11122] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 645.406185][ T9] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 645.499622][ T9] plantronics 0003:047F:FFFF.0013: unknown main item tag 0x0 [ 645.523961][ T9] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving [ 645.564169][ T9] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 645.839005][ T7321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 645.889407][ T7321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 646.136757][T11435] macvlan0: entered promiscuous mode [ 646.157274][T11435] macvlan0: entered allmulticast mode [ 646.331756][T11438] veth1_vlan: entered allmulticast mode [ 646.359438][ T5179] usb 5-1: USB disconnect, device number 7 [ 646.390598][T11438] macvlan0: left promiscuous mode [ 646.410650][ T7312] usb 3-1: USB disconnect, device number 11 [ 646.432736][T11438] macvlan0: left allmulticast mode [ 646.464078][T11438] veth1_vlan: left allmulticast mode [ 646.546415][ T9998] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 646.592734][ T9998] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 647.391349][T11473] loop0: detected capacity change from 0 to 256 [ 647.550203][T11480] loop1: detected capacity change from 0 to 128 [ 647.644355][T11484] loop3: detected capacity change from 0 to 512 [ 647.655057][T11484] EXT4-fs: Ignoring removed mblk_io_submit option [ 647.684862][T11484] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 647.733768][T11484] EXT4-fs (loop3): 1 orphan inode deleted [ 647.747597][T11484] EXT4-fs (loop3): 1 truncate cleaned up [ 647.764515][T11484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 648.036351][T11122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 648.451693][ T29] audit: type=1400 audit(1716933228.861:754): avc: denied { nlmsg_write } for pid=11512 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 648.516817][ T29] audit: type=1400 audit(1716933228.901:755): avc: denied { connect } for pid=11511 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 648.952540][T11524] loop3: detected capacity change from 0 to 512 [ 648.976242][T11524] EXT4-fs: Ignoring removed mblk_io_submit option [ 649.018317][T11524] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 649.134659][T11524] EXT4-fs (loop3): 1 orphan inode deleted [ 649.146332][T11524] EXT4-fs (loop3): 1 truncate cleaned up [ 649.202311][T11524] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 649.381200][T11538] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 649.395378][ T29] audit: type=1400 audit(1716933229.801:756): avc: denied { bind } for pid=11537 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 649.576505][T11122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 650.065439][T11543] macvlan0: entered promiscuous mode [ 650.071020][T11543] macvlan0: entered allmulticast mode [ 651.144576][T11548] veth1_vlan: entered allmulticast mode [ 651.188189][T11548] macvlan0: left promiscuous mode [ 651.209046][T11548] macvlan0: left allmulticast mode [ 651.216407][T11548] veth1_vlan: left allmulticast mode [ 651.688178][T11522] loop2: detected capacity change from 0 to 32768 [ 651.726062][T11522] btrfs: Deprecated parameter 'usebackuproot' [ 651.779365][T11522] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 652.090906][T11563] loop3: detected capacity change from 0 to 256 [ 652.153133][T11563] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 652.409235][T11570] affs: No valid root block on device nbd0 [ 652.431621][T11572] loop4: detected capacity change from 0 to 512 [ 652.458434][T11572] EXT4-fs: Ignoring removed mblk_io_submit option [ 652.472298][T11572] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 652.551241][T11572] EXT4-fs (loop4): 1 orphan inode deleted [ 652.557084][T11572] EXT4-fs (loop4): 1 truncate cleaned up [ 652.595869][T11572] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 653.983807][T11587] loop2: detected capacity change from 0 to 512 [ 654.154091][ T6711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 654.265720][T11591] loop1: detected capacity change from 0 to 256 [ 654.330254][T11591] exfat: Deprecated parameter 'utf8' [ 654.379719][T11591] exfat: Deprecated parameter 'utf8' [ 654.455636][ T29] audit: type=1800 audit(1716933234.861:757): pid=11591 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=1939 res=0 errno=0 [ 654.808517][T11608] loop0: detected capacity change from 0 to 256 [ 654.908096][T11612] loop1: detected capacity change from 0 to 512 [ 654.909663][T11608] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 654.942118][T11612] EXT4-fs: Ignoring removed mblk_io_submit option [ 654.961142][T11601] loop3: detected capacity change from 0 to 4096 [ 654.981275][T11601] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 654.999421][T11615] netlink: 428 bytes leftover after parsing attributes in process `syz-executor.4'. [ 655.012793][T11615] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'. [ 655.088287][T11601] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 655.232383][T11122] ntfs3: loop3: ino=1a, ntfs_sync_fs failed, -22. [ 655.266293][T11122] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 657.641240][T11650] netlink: 428 bytes leftover after parsing attributes in process `syz-executor.1'. [ 657.703501][T11650] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'. [ 657.808293][T11653] loop4: detected capacity change from 0 to 256 [ 657.990212][T11653] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 658.789470][T11671] netlink: 9392 bytes leftover after parsing attributes in process `syz-executor.0'. [ 658.839741][T11671] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 659.491781][T11681] xt_hashlimit: overflow, try lower: 1125899906842624/8 [ 659.542072][T11683] netlink: 428 bytes leftover after parsing attributes in process `syz-executor.3'. [ 659.585471][T11683] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'. [ 659.911283][T11693] loop2: detected capacity change from 0 to 256 [ 660.406178][T11717] netlink: 428 bytes leftover after parsing attributes in process `syz-executor.2'. [ 660.457778][T11717] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'. [ 660.951898][T11726] loop1: detected capacity change from 0 to 1024 [ 661.620531][T11737] loop3: detected capacity change from 0 to 256 [ 661.659752][T11737] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 662.074022][T11719] loop4: detected capacity change from 0 to 32768 [ 662.102297][T11719] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section replicas_v0: invalid device 108 in entry user: 1/9 [0 0 0 0 0 0 0 0 108] [ 662.102297][T11719] replicas_v0 (size 24): [ 662.102297][T11719] btree: 1 [0] journal: 1 [0] user: 9 [0 0 0 0 0 0 0 0 108] [ 662.102297][T11719] [ 662.903441][ T29] audit: type=1400 audit(1716933243.311:758): avc: denied { map } for pid=11751 comm="syz-executor.2" path="/dev/sg0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 663.002350][ T29] audit: type=1400 audit(1716933243.341:759): avc: denied { execute } for pid=11751 comm="syz-executor.2" path="/dev/sg0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 663.148525][T11756] loop3: detected capacity change from 0 to 128 [ 663.219163][T11756] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 663.363925][T11756] ext4 filesystem being mounted at /root/syzkaller-testdir815600556/syzkaller.fIsTGU/25/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 663.574888][T11122] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 664.613571][T11794] loop2: detected capacity change from 0 to 512 [ 664.735187][T11793] loop4: detected capacity change from 0 to 4096 [ 664.783605][T11793] NILFS (loop4): invalid segment: Checksum error in segment payload [ 664.813848][T11793] NILFS (loop4): trying rollback from an earlier position [ 664.999024][T11793] NILFS (loop4): recovery complete [ 665.056794][T11802] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 665.886393][ T63] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 666.435683][ T63] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 667.673290][ T63] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.116124][ T63] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.468930][ T5107] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 668.481947][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 668.495928][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 668.508679][ T5107] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 668.519686][ T5107] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 668.527300][ T5107] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 668.527705][ T5152] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 668.801379][ T63] bridge_slave_1: left allmulticast mode [ 668.825015][ T63] bridge_slave_1: left promiscuous mode [ 668.859761][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 668.877682][T11854] loop2: detected capacity change from 0 to 512 [ 668.918941][ T63] bridge_slave_0: left allmulticast mode [ 668.945517][ T63] bridge_slave_0: left promiscuous mode [ 668.962293][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 669.021783][T11854] EXT4-fs (loop2): write access unavailable, skipping orphan cleanup [ 669.040804][T11854] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 669.058529][ T5152] usb 5-1: Using ep0 maxpacket: 16 [ 669.066800][ T5152] usb 5-1: config 0 has an invalid interface descriptor of length 2, skipping [ 669.082062][ T5152] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 669.091202][ T5152] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 669.108745][ T5152] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 669.122992][ T5152] usb 5-1: Duplicate descriptor for config 0 interface 0 altsetting 0, skipping [ 670.200026][ T8383] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 670.230246][ T5152] usb 5-1: New USB device found, idVendor=0b3c, idProduct=c00b, bcdDevice=5a.83 [ 670.255078][ T5152] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 670.263245][ T5152] usb 5-1: Product: syz [ 670.267502][ T5152] usb 5-1: Manufacturer: syz [ 670.272148][ T5152] usb 5-1: SerialNumber: syz [ 670.280844][ T5152] usb 5-1: config 0 descriptor?? [ 670.298230][ T5152] option 5-1:0.0: GSM modem (1-port) converter detected [ 670.415566][T11861] loop3: detected capacity change from 0 to 1024 [ 670.432786][T11861] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 670.623647][T11861] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 670.666236][ T5111] Bluetooth: hci2: command tx timeout [ 670.693316][ T9] usb 5-1: USB disconnect, device number 8 [ 670.711988][ T9] option 5-1:0.0: device disconnected [ 670.806965][ T29] audit: type=1800 audit(1716933251.211:760): pid=11861 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 670.837696][ T29] audit: type=1800 audit(1716933251.221:761): pid=11861 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 671.781990][T11122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 672.805247][ T5111] Bluetooth: hci2: command tx timeout [ 674.192932][ T7312] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 674.377771][ T7312] usb 5-1: Using ep0 maxpacket: 32 [ 674.387088][ T7312] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 674.400498][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 674.412122][ T7312] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 674.428040][ T7312] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 674.436879][ T7312] usb 5-1: Product: syz [ 674.441670][ T7312] usb 5-1: Manufacturer: syz [ 674.444904][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 674.447646][ T7312] usb 5-1: SerialNumber: syz [ 674.475007][ T63] bond0 (unregistering): (slave bond1): Releasing backup interface [ 674.476397][ T7312] usb 5-1: config 0 descriptor?? [ 674.497032][T11895] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 674.498825][ T63] bond0 (unregistering): Released all slaves [ 674.825663][ T7312] usb 5-1: USB disconnect, device number 9 [ 674.890410][ T5111] Bluetooth: hci2: command tx timeout [ 675.039373][T11902] loop2: detected capacity change from 0 to 1024 [ 675.053784][ T63] bond1 (unregistering): Released all slaves [ 675.130063][T11879] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'. [ 675.213600][T11841] lo speed is unknown, defaulting to 1000 [ 676.257738][ T29] audit: type=1400 audit(1716933256.651:762): avc: denied { read } for pid=11905 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 676.301526][ T63] tipc: Disabling bearer [ 676.347714][ T63] tipc: Left network mode [ 676.458248][ T25] ================================================================== [ 676.466375][ T25] BUG: KASAN: slab-use-after-free in tipc_aead_encrypt_done+0x4bd/0x510 [ 676.474777][ T25] Read of size 8 at addr ffff88807a733000 by task kworker/1:0/25 [ 676.482550][ T25] [ 676.484907][ T25] CPU: 1 PID: 25 Comm: kworker/1:0 Not tainted 6.10.0-rc1-syzkaller-00021-ge0cce98fe279 #0 [ 676.494937][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 676.505043][ T25] Workqueue: cryptd cryptd_queue_worker [ 676.510686][ T25] Call Trace: [ 676.513998][ T25] [ 676.516989][ T25] dump_stack_lvl+0x116/0x1f0 [ 676.521750][ T25] print_report+0xc3/0x620 [ 676.526244][ T25] ? __virt_addr_valid+0x5e/0x580 [ 676.531321][ T25] ? __phys_addr+0xc6/0x150 [ 676.535893][ T25] kasan_report+0xd9/0x110 [ 676.540383][ T25] ? tipc_aead_encrypt_done+0x4bd/0x510 [ 676.545985][ T25] ? tipc_aead_encrypt_done+0x4bd/0x510 [ 676.551595][ T25] tipc_aead_encrypt_done+0x4bd/0x510 [ 676.557020][ T25] cryptd_aead_crypt+0x3b8/0x750 [ 676.562038][ T25] ? __pfx_generic_gcmaes_encrypt+0x10/0x10 [ 676.568010][ T25] ? __pfx_cryptd_aead_encrypt+0x10/0x10 [ 676.573731][ T25] ? __local_bh_enable_ip+0xa4/0x120 [ 676.579083][ T25] ? __pfx_cryptd_aead_encrypt+0x10/0x10 [ 676.584777][ T25] cryptd_queue_worker+0x131/0x200 [ 676.589948][ T25] process_one_work+0x9fb/0x1b60 [ 676.594911][ T25] ? __pfx_nsim_dev_trap_report_work+0x10/0x10 [ 676.601108][ T25] ? __pfx_process_one_work+0x10/0x10 [ 676.606504][ T25] ? assign_work+0x1a0/0x250 [ 676.611131][ T25] worker_thread+0x6c8/0xf70 [ 676.615745][ T25] ? __pfx_worker_thread+0x10/0x10 [ 676.620877][ T25] kthread+0x2c1/0x3a0 [ 676.624974][ T25] ? _raw_spin_unlock_irq+0x23/0x50 [ 676.630207][ T25] ? __pfx_kthread+0x10/0x10 [ 676.634824][ T25] ret_from_fork+0x45/0x80 [ 676.639274][ T25] ? __pfx_kthread+0x10/0x10 [ 676.643891][ T25] ret_from_fork_asm+0x1a/0x30 [ 676.648696][ T25] [ 676.651726][ T25] [ 676.654057][ T25] Allocated by task 8355: [ 676.658399][ T25] kasan_save_stack+0x33/0x60 [ 676.663109][ T25] kasan_save_track+0x14/0x30 [ 676.667819][ T25] __kasan_kmalloc+0xaa/0xb0 [ 676.672437][ T25] tipc_crypto_start+0xcc/0x9e0 [ 676.677309][ T25] tipc_init_net+0x2dd/0x430 [ 676.681944][ T25] ops_init+0xb9/0x650 [ 676.686034][ T25] setup_net+0x435/0xb40 [ 676.690319][ T25] copy_net_ns+0x2f0/0x670 [ 676.694775][ T25] create_new_namespaces+0x3ea/0xb10 [ 676.700089][ T25] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 676.705760][ T25] ksys_unshare+0x419/0x970 [ 676.710304][ T25] __x64_sys_unshare+0x31/0x40 [ 676.715102][ T25] do_syscall_64+0xcd/0x250 [ 676.719628][ T25] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 676.725572][ T25] [ 676.727904][ T25] Freed by task 63: [ 676.731717][ T25] kasan_save_stack+0x33/0x60 [ 676.736425][ T25] kasan_save_track+0x14/0x30 [ 676.741137][ T25] kasan_save_free_info+0x3b/0x60 [ 676.746186][ T25] poison_slab_object+0xf7/0x160 [ 676.751161][ T25] __kasan_slab_free+0x32/0x50 [ 676.755957][ T25] kfree+0x12a/0x3b0 [ 676.759881][ T25] tipc_crypto_stop+0x23c/0x500 [ 676.764752][ T25] tipc_exit_net+0x8c/0x110 [ 676.769292][ T25] ops_exit_list+0xb0/0x180 [ 676.773821][ T25] cleanup_net+0x5b7/0xbf0 [ 676.778258][ T25] process_one_work+0x9fb/0x1b60 [ 676.783214][ T25] worker_thread+0x6c8/0xf70 [ 676.787821][ T25] kthread+0x2c1/0x3a0 [ 676.791926][ T25] ret_from_fork+0x45/0x80 [ 676.796375][ T25] ret_from_fork_asm+0x1a/0x30 [ 676.801175][ T25] [ 676.803509][ T25] The buggy address belongs to the object at ffff88807a733000 [ 676.803509][ T25] which belongs to the cache kmalloc-512 of size 512 [ 676.817592][ T25] The buggy address is located 0 bytes inside of [ 676.817592][ T25] freed 512-byte region [ffff88807a733000, ffff88807a733200) [ 676.831372][ T25] [ 676.833711][ T25] The buggy address belongs to the physical page: [ 676.840150][ T25] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a730 [ 676.849015][ T25] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 676.857533][ T25] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 676.865096][ T25] page_type: 0xffffefff(slab) [ 676.869793][ T25] raw: 00fff00000000040 ffff888015441c80 dead000000000100 dead000000000122 [ 676.878401][ T25] raw: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000 [ 676.887001][ T25] head: 00fff00000000040 ffff888015441c80 dead000000000100 dead000000000122 [ 676.895691][ T25] head: 0000000000000000 0000000000100010 00000001ffffefff 0000000000000000 [ 676.904382][ T25] head: 00fff00000000002 ffffea0001e9cc01 ffffffffffffffff 0000000000000000 [ 676.913073][ T25] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 676.921751][ T25] page dumped because: kasan: bad access detected [ 676.928183][ T25] page_owner tracks the page as allocated [ 676.933915][ T25] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5106, tgid 5106 (syz-executor.0), ts 112574689400, free_ts 112512468747 [ 676.955667][ T25] post_alloc_hook+0x2d1/0x350 [ 676.960458][ T25] get_page_from_freelist+0x136a/0x2df0 [ 676.966047][ T25] __alloc_pages_noprof+0x22b/0x2460 [ 676.971363][ T25] alloc_slab_page+0x56/0x110 [ 676.976064][ T25] new_slab+0x84/0x260 [ 676.980251][ T25] ___slab_alloc+0xdac/0x1870 [ 676.984969][ T25] __slab_alloc.constprop.0+0x56/0xb0 [ 676.990375][ T25] __kmalloc_noprof+0x36d/0x410 [ 676.995257][ T25] fib6_info_alloc+0x40/0x160 [ 676.999959][ T25] ip6_route_info_create+0x337/0x1940 [ 677.005418][ T25] addrconf_f6i_alloc+0x393/0x670 [ 677.010501][ T25] ipv6_add_addr+0x538/0x2090 [ 677.015208][ T25] inet6_addr_add+0x3bb/0xbe0 [ 677.019918][ T25] inet6_rtm_newaddr+0x11e7/0x1ab0 [ 677.025082][ T25] rtnetlink_rcv_msg+0x3c7/0xe60 [ 677.030055][ T25] netlink_rcv_skb+0x16b/0x440 [ 677.034839][ T25] page last free pid 5109 tgid 5109 stack trace: [ 677.041173][ T25] free_unref_page+0x64a/0xe40 [ 677.045978][ T25] __put_partials+0x14c/0x170 [ 677.050702][ T25] qlist_free_all+0x4e/0x140 [ 677.055320][ T25] kasan_quarantine_reduce+0x192/0x1e0 [ 677.060811][ T25] __kasan_slab_alloc+0x69/0x90 [ 677.065694][ T25] kmalloc_trace_noprof+0x11e/0x300 [ 677.070926][ T25] rtnl_newlink+0x49/0xa0 [ 677.075292][ T25] rtnetlink_rcv_msg+0x3c7/0xe60 [ 677.080266][ T25] netlink_rcv_skb+0x16b/0x440 [ 677.085069][ T25] netlink_unicast+0x542/0x820 [ 677.089851][ T25] netlink_sendmsg+0x8b8/0xd70 [ 677.094635][ T25] __sys_sendto+0x47f/0x4e0 [ 677.099190][ T25] __x64_sys_sendto+0xe0/0x1c0 [ 677.104010][ T25] do_syscall_64+0xcd/0x250 [ 677.108541][ T25] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.114470][ T25] [ 677.116799][ T25] Memory state around the buggy address: [ 677.122437][ T25] ffff88807a732f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 677.130515][ T25] ffff88807a732f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 677.138630][ T25] >ffff88807a733000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 677.146707][ T25] ^ [ 677.150798][ T25] ffff88807a733080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 677.158893][ T25] ffff88807a733100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 677.166974][ T25] ================================================================== [ 677.175114][ T25] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 677.182340][ T25] CPU: 1 PID: 25 Comm: kworker/1:0 Not tainted 6.10.0-rc1-syzkaller-00021-ge0cce98fe279 #0 [ 677.192370][ T25] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 677.202471][ T25] Workqueue: cryptd cryptd_queue_worker [ 677.208099][ T25] Call Trace: [ 677.211427][ T25] [ 677.214401][ T25] dump_stack_lvl+0x3d/0x1f0 [ 677.219055][ T25] panic+0x6f5/0x7a0 [ 677.223044][ T25] ? __pfx_panic+0x10/0x10 [ 677.227533][ T25] ? check_panic_on_warn+0x1f/0xb0 [ 677.232714][ T25] check_panic_on_warn+0xab/0xb0 [ 677.237722][ T25] end_report+0x117/0x180 [ 677.242121][ T25] kasan_report+0xe9/0x110 [ 677.246613][ T25] ? tipc_aead_encrypt_done+0x4bd/0x510 [ 677.252216][ T25] ? tipc_aead_encrypt_done+0x4bd/0x510 [ 677.257830][ T25] tipc_aead_encrypt_done+0x4bd/0x510 [ 677.263271][ T25] cryptd_aead_crypt+0x3b8/0x750 [ 677.268287][ T25] ? __pfx_generic_gcmaes_encrypt+0x10/0x10 [ 677.274238][ T25] ? __pfx_cryptd_aead_encrypt+0x10/0x10 [ 677.279950][ T25] ? __local_bh_enable_ip+0xa4/0x120 [ 677.285295][ T25] ? __pfx_cryptd_aead_encrypt+0x10/0x10 [ 677.290995][ T25] cryptd_queue_worker+0x131/0x200 [ 677.296176][ T25] process_one_work+0x9fb/0x1b60 [ 677.301167][ T25] ? __pfx_nsim_dev_trap_report_work+0x10/0x10 [ 677.307388][ T25] ? __pfx_process_one_work+0x10/0x10 [ 677.312816][ T25] ? assign_work+0x1a0/0x250 [ 677.317478][ T25] worker_thread+0x6c8/0xf70 [ 677.322126][ T25] ? __pfx_worker_thread+0x10/0x10 [ 677.327294][ T25] kthread+0x2c1/0x3a0 [ 677.331409][ T25] ? _raw_spin_unlock_irq+0x23/0x50 [ 677.336649][ T25] ? __pfx_kthread+0x10/0x10 [ 677.341285][ T25] ret_from_fork+0x45/0x80 [ 677.345746][ T25] ? __pfx_kthread+0x10/0x10 [ 677.350370][ T25] ret_from_fork_asm+0x1a/0x30 [ 677.355177][ T25] [ 677.358509][ T25] Kernel Offset: disabled [ 677.362836][ T25] Rebooting in 86400 seconds..