last executing test programs: 59.764009088s ago: executing program 2 (id=274): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xaf}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 59.732119277s ago: executing program 2 (id=276): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000300)=0x3) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000000500)="00214717a70700000000030600710a5e31163ceb9d0471200000000500000000000000ffff03425d4d50e7182ce0ab6d0000c94a6072890afd959ea16f3c89bd9e8954dd7a88b3b58ccb812a886e0021b935a182189d", 0x56}], 0x1, 0x0, 0x0) 59.656261337s ago: executing program 2 (id=281): pipe2(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f00000024c0), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002380)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) write$FUSE_INIT(r1, &(0x7f0000002280)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x29, 0xffffffe6, 0x1c02661, 0x2000, 0x0, 0x400}}, 0x90) splice(r0, 0x0, r2, 0x0, 0x50, 0xf) 58.801409125s ago: executing program 2 (id=300): syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000080)={[{@dioread_nolock}, {@errors_remount}, {@nolazytime}, {@stripe={'stripe', 0x3d, 0x4000020}}, {@bh}, {@lazytime}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x12, r0, 0xf23d6000) 58.678191285s ago: executing program 2 (id=301): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x0, 0xf4240}) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0) 58.443998435s ago: executing program 2 (id=302): r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0xfff, 0x4, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18) read$FUSE(r0, &(0x7f0000002a80)={0x2020}, 0x2020) 58.443537855s ago: executing program 32 (id=302): r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0xfff, 0x4, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18) read$FUSE(r0, &(0x7f0000002a80)={0x2020}, 0x2020) 57.990708814s ago: executing program 1 (id=314): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x0) 57.970608214s ago: executing program 1 (id=315): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f00000011c0)={0xa, 0x5, 0xfd}) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000000)={0xb740000000000000}) 57.872331593s ago: executing program 1 (id=318): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x8, 0x0, &(0x7f0000000200)=[@acquire], 0x0, 0x0, 0x0}) 57.851330613s ago: executing program 1 (id=320): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==") rmdir(&(0x7f0000000180)='./file0/../file0\x00') mkdir(&(0x7f0000000000)='./control\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x0, 0x0) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0) 57.765418063s ago: executing program 1 (id=321): timer_create(0x2, 0x0, &(0x7f0000000100)=0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r2}, 0x10) timer_delete(r0) 57.348069612s ago: executing program 1 (id=325): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xf30, 0x111, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x3, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f00000006c0)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002208000000aa8cc829"], 0x0}, 0x0) 57.327762792s ago: executing program 33 (id=325): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xf30, 0x111, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x3, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f00000006c0)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="002208000000aa8cc829"], 0x0}, 0x0) 15.346408085s ago: executing program 6 (id=1249): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='percpu_create_chunk\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 15.224112215s ago: executing program 6 (id=1252): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x141001, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r2) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x662) 15.167380645s ago: executing program 6 (id=1254): unshare(0x24020400) r0 = socket$unix(0x1, 0x1, 0x0) fallocate(0xffffffffffffffff, 0x0, 0xf4001000, 0x1000f4) bind$unix(r0, &(0x7f00000000c0)=@abs={0x1}, 0x6e) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file1\x00'}, 0x6e) 15.127133095s ago: executing program 6 (id=1256): syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x418484, &(0x7f0000000440), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") creat(&(0x7f0000000100)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x1) preadv2(r0, &(0x7f00000001c0)=[{&(0x7f0000002200)=""/4103, 0xfffffe0d}, {&(0x7f0000000480)=""/214}, {&(0x7f0000000580)=""/188}], 0x1, 0x2, 0x0, 0x10) 15.004306365s ago: executing program 6 (id=1260): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000008c0)='sys_enter\x00', r1}, 0x10) getresgid(&(0x7f0000004080), &(0x7f00000040c0), &(0x7f0000000fc0)) 14.864031994s ago: executing program 6 (id=1263): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) close_range(r3, r1, 0x0) close_range(r0, 0xffffffffffffffff, 0x2) 14.855010614s ago: executing program 34 (id=1263): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) close_range(r3, r1, 0x0) close_range(r0, 0xffffffffffffffff, 0x2) 3.300568788s ago: executing program 3 (id=1509): r0 = socket(0x2, 0x3, 0xff) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x199c, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendmmsg$unix(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="643c87cf2bd21d995e613d73613b1e78334efea0", 0x14}], 0x1}}], 0x1, 0x0) 3.286685297s ago: executing program 3 (id=1511): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x0) ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f00000003c0)) 2.352815766s ago: executing program 0 (id=1549): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup(r1) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x4, 0x0, 0x0) 2.337305405s ago: executing program 0 (id=1540): syz_mount_image$exfat(&(0x7f0000000380), &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==") mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="48000000120001000000000000000000ac141400000000000000000000000000000000000000000014000d00200100000000000000000000001cc3000c0015000000000004000000dea6149caea377fca8fa9bb02a61d8ad91498cac0a3417f47980b671e0a3f810262e09fa73c62b96a7dc9349b9d272dd7657232a17ecf60362119f7542895dd596602387af571ed9f6fc5aab5b8ad96845f1caa414ea39cff3cedf04665cf5ef4cfd9109c69ef3d3e8dbfea5a58e67061e7bf9a0e9cd4ff55cff3dba367ab8aba749521ac6a29155074773efaaf4960db339c7b6191545925c5bda220f49878beb35340a6100847113658db42cdbff7840352a9339d79d216ce599a76056f017e48c0596994e33b1955e786be12414f2fd440922abe3b6c70fc0db093a99e9456747a63e282252ba745a7737a00c26390dc5b61464cc87a00db3d533ae6b1d375758c1db9c342d972fd943a3c390ad0079efc35b71ef391a0cc4219489b698e697c0219ed7e20f144d6f12fba05d151da421739ceee42c419dd973d899fdbd3b926bb6535fb48c6bf1e019f217f086d6f7799efbc35df4d7d26c10c74303453f7b488f0d035dbaf9876a5d0cf8b1885077d2cc59d703c21d4c53d15e71282d9afb996cb75ca8f4afee1d8e152e9b7342e3c9ec1f45951a41cac2295d1e15fda3bc0343cb1d80be58da9955207bcfcec3"], 0x48}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) truncate(&(0x7f0000000080)='./file1\x00', 0xf000) 2.269126545s ago: executing program 0 (id=1543): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_GET_DEVICE_ATTR_vcpu(r3, 0x4018aee2, 0x0) 1.366746503s ago: executing program 0 (id=1556): syz_mount_image$erofs(&(0x7f00000003c0), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA") chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) pivot_root(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000100)='./file0\x00') 1.242976423s ago: executing program 0 (id=1546): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xc, 0x4, 0x4, 0x10000, 0x0, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 1.153722803s ago: executing program 3 (id=1548): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4871b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) 1.043914542s ago: executing program 0 (id=1550): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) io_setup(0x7, &(0x7f0000000280)=0x0) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10) 980.637022ms ago: executing program 35 (id=1550): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) io_setup(0x7, &(0x7f0000000280)=0x0) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1}, 0x10) 954.296672ms ago: executing program 5 (id=1554): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c) r1 = socket$inet6(0xa, 0x3, 0x84) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@mcast2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0x0, 0x6c}, 0x0, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x2}}, 0xe8) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) 924.657152ms ago: executing program 3 (id=1555): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000080)=r1}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x10004, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 907.643532ms ago: executing program 5 (id=1557): timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400)=0x0) timer_create(0xfffffffc, 0x0, &(0x7f0000000040)=0x0) timer_settime(r1, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) timer_settime(r0, 0x0, &(0x7f00000005c0)={{}, {0x0, 0x989680}}, &(0x7f0000000600)) 885.748992ms ago: executing program 5 (id=1559): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$UHID_CREATE(r2, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x0, 0x3}}, 0x120) 817.188422ms ago: executing program 3 (id=1560): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00') fchdir(r0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000300)={0x1, &(0x7f00000002c0)=[{0x6}]}) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0xffff4a9c0080ffff, 0xfffffffffffffffc) 796.987202ms ago: executing program 5 (id=1562): capset(&(0x7f00000020c0)={0x19980330}, &(0x7f0000002100)) setrlimit(0x40000000000008, &(0x7f0000000000)) r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f00000001c0)={0x200000000000001}, 0x8) sendto$inet6(r0, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c) 728.011002ms ago: executing program 5 (id=1565): openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="12000000090000000400000002"], 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000240), 0x20000000}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={r0, &(0x7f0000000100)}, 0x20) 640.444291ms ago: executing program 5 (id=1567): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xf, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r0, r1, 0x6, 0x0, @void}, 0x10) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r0, r1, 0x6, 0x0, @val=@tracing}, 0x40) syz_usb_connect(0x0, 0x24, &(0x7f0000000940)=ANY=[@ANYBLOB="120100002eab5a40401c3405cc6d01020301090212"], 0x0) 375.270691ms ago: executing program 4 (id=1571): r0 = syz_open_dev$loop(&(0x7f0000000000), 0x4, 0x2) r1 = socket$unix(0x1, 0x1, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(r2, r2, r2) ioctl$IOC_PR_CLEAR(r0, 0x401070cd, 0x0) 356.106641ms ago: executing program 7 (id=1572): openat(0xffffffffffffffff, 0x0, 0x0, 0x0) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/dev_snmp6\x00') getdents(r0, &(0x7f0000000080)=""/255, 0x18) getdents(r0, &(0x7f0000001440)=""/228, 0xe4) 333.142061ms ago: executing program 4 (id=1573): r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x4}}, 0x26) connect$inet6(r0, &(0x7f0000000400)={0xa, 0x0, 0x0, @mcast2, 0x6}, 0x1c) sendmsg$inet(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4041) 321.846961ms ago: executing program 7 (id=1574): syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000100)='./file1\x00', 0x400, &(0x7f0000000180)=ANY=[], 0x1, 0x27e, &(0x7f0000001980)="$eJzs3E9rI2UYAPDHdLvtdtlNDyIoiC960UvYrZ8gyC6IBaVuRD0IszbV0DEpmViJiLs3r36OxaM3Qf0CvXjzLl6KIHjZgxjZ/LFpjbb+iVM3vx+EeTLv+2TemcyEZwbyHr7+6Xu7O0VtJ+tFZTVFJeJu3I9YfxCNPTJeVobxxZh2N567/NO3T776xpsv1Tc3b2yldLN+6/mNlNLVp7784KPPnv66d/m1z69+sRIH628d/rjx3cFjB48f/nJr8umdXsrS7U6nl93Om2m7VezWUnolb2ZFM7XaRbN7rH0n7+zt9VPW3r6yttdtFkXK2v202+ynXif1uv2UvZO12qlWq6Ura7Folv5yRuPe1lZWn8tgKMOlWSu73Xq2NLOxce+/GBQAcL6UVf+/2ypSq0jt0+r/Sqj/50f9vwge1P9r4+v3OPU/AAAAAAAAAAAAAAD8H9wfDKqDwaA6WU5eKxGxGhGT92WPk/nw/S+2qT/urUbkn+w39huj5ai9vhOtyKMZ15Yjfh6eD2Oj+OaLmzeupaH1+Cq/M86/s99YipVJ/sT67Pzro/x0PH851qa3vxHVeHR2/sbM/Ivx7DNT+bWoxjdvRyfy2B6e10f5H19P6YWXN0/kXxr2AwAAgIdBLf3md/fvw/ZamkwbcqJ9tPLo+UBUT3k+cOL++kI8caG8/QYAAIBFUvQ/3M3yvNn9g2B53O/P+ixkcPqhE/zDoBIRJW39h4g4HwfhXw2+f390NZ+lc5m/SgAAwDwcFf1ljwQAAAAAAAAAAAAAAAAAAAAW11knD5v0/ztzj01tbqmcvQQAAAAAAAAAAAAAAAAAAAAAAIDz4dcAAAD//y7fHdA=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) renameat2(r0, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000200)='./bus/file0\x00', 0x0) 289.441981ms ago: executing program 4 (id=1575): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000140)='cpuset.memory_spread_page\x00', 0x2, 0x0) r2 = openat$cgroup_procs(r0, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0) sendfile(r2, r1, 0x0, 0x4) 257.053841ms ago: executing program 7 (id=1576): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) pivot_root(0x0, 0x0) 253.45328ms ago: executing program 4 (id=1577): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)=r1}, 0x20) rt_tgsigqueueinfo(0x0, 0x0, 0x11, 0x0) 222.68918ms ago: executing program 4 (id=1578): syz_mount_image$erofs(&(0x7f00000003c0), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x0, 0x17d, &(0x7f0000001ac0)="$eJzsmLFP+kAUx7/vyg/yMy6uLg4SxcHSFjUuxLA5mogaNwlUghYx0EGYdPH/cHZwdvOPMM7qYFwY3Uxqej3oQQR10MT4PsPj+7h313evyXcoGIb5szw+vNyvFe+EAWASaaTU/89GXCO0+tfb83Jraj1/OfeUv041robPIwBB8PnnJwDcFAz4Kg+Cwd1p9VuE6OstCCwovQOCqfQeBLaVdkHYVfpA042w3jT3a55rlhteJRRWGOwwOGHIDffXPSNUtP5IW2+1O4clz3Ob3yg+ml+3IJDX+tPfV282ljY/GwK20jkQNpVeRao3m2gk2v2nE/H5xg/fnwULFr9NxP4UXBDmNX9KaP6R9evH2Va7s1irl6pu1T1ynNyKtWRZy05WGlEUx/jff+lPE9r5/0bUJimJk5LvN+0o9nMniu85rpD+J5CZjfLQ+5Mju4nWSe0jqTLGmHKGYRiGYRiGYRiGYRiGYZgvMAOSX0EldIo4GcDZkNVvAQAA///an3MA") chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) pivot_root(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000100)='./file0\x00') 198.189681ms ago: executing program 7 (id=1579): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000080)='sched_kthread_work_queue_work\x00', r1}, 0x18) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'sit0\x00', @local}) 173.628551ms ago: executing program 4 (id=1580): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000500)={0x2, 0x0, @ioapic={0x0, 0x7fffffff, 0x0, 0xeffffdff, 0x0, [{}, {0x1, 0x5, 0xfd}, {0x0, 0x4, 0x0, '\x00', 0xff}, {0x1, 0x0, 0x9, '\x00', 0x2}, {0x8, 0x0, 0x0, '\x00', 0xf}, {}, {0x0, 0x81}, {0x0, 0x4}, {0x20, 0x1d, 0x84, '\x00', 0xff}, {0x0, 0x6}, {}, {0x0, 0x5}, {0x0, 0x0, 0x4}, {0xd}, {0x4, 0x42}, {}, {0x0, 0x0, 0x0, '\x00', 0x4}, {}, {0x0, 0x6, 0x8}, {0x0, 0x0, 0x0, '\x00', 0x60}, {0x0, 0x0, 0x3}, {0x8, 0x0, 0x0, '\x00', 0xfe}, {0x4, 0x0, 0xc}, {0x3, 0x3, 0x76}]}}) 49.45847ms ago: executing program 7 (id=1581): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0xfffffffa) ioctl$TCSETS(r0, 0x40045431, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, "00769a1c95595915303d60ffdeffff000400"}) r1 = syz_open_pts(r0, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x2) 3.88008ms ago: executing program 7 (id=1582): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="0a00000004000000f100000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000001000)=@base={0x10, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 0s ago: executing program 3 (id=1583): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) sendto$inet6(r0, &(0x7f0000000240)="c4", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty, 0x1}, 0x1c) shutdown(r0, 0x2) sendmmsg$inet6(r0, &(0x7f0000002c00)=[{{&(0x7f0000000180)={0xa, 0x4e22, 0x104, @empty, 0xa3}, 0x1c, &(0x7f0000002840)=[{&(0x7f0000000200)='6', 0x1}], 0x1}}], 0x1, 0x20000000) kernel console output (not intermixed with test programs): .165390][ T2202] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.169331][ T2196] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.808: Invalid block bitmap block 3 in block_group 0 [ 58.197824][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.204543][ T2196] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5887: Corrupt filesystem [ 58.214319][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.220980][ T2196] EXT4-fs error (device loop4): ext4_dirty_inode:6091: inode #3: comm syz.4.808: mark_inode_dirty error [ 58.232384][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.238834][ T2196] Quota error (device loop4): write_blk: dquota write failed [ 58.246181][ T2196] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 1: comm syz.4.808: lblock 6 mapped to illegal pblock 1 (length 1) [ 58.260981][ T296] EXT4-fs (loop0): unmounting filesystem. [ 58.267110][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.273681][ T2196] Quota error (device loop4): write_blk: dquota write failed [ 58.281415][ T2196] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 58.304950][ T2196] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 48: comm syz.4.808: lblock 0 mapped to illegal pblock 48 (length 1) [ 58.328958][ T2212] input: syz0 as /devices/virtual/input/input16 [ 58.365862][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.393495][ T2196] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 58.412916][ T2196] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.808: Failed to acquire dquot type 0 [ 58.439766][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.448121][ T2196] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 49: comm syz.4.808: lblock 1 mapped to illegal pblock 49 (length 1) [ 58.463851][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.479839][ T2196] Quota error (device loop4): do_insert_tree: Can't read tree quota block 1 [ 58.492752][ T2196] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 58.502921][ T2196] EXT4-fs error (device loop4): ext4_acquire_dquot:6788: comm syz.4.808: Failed to acquire dquot type 0 [ 58.514287][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.520731][ T2196] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5887: Corrupt filesystem [ 58.530306][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.536639][ T2196] EXT4-fs error (device loop4): ext4_evict_inode:279: inode #15: comm syz.4.808: mark_inode_dirty error [ 58.554968][ T2196] EXT4-fs (loop4): Remounting filesystem read-only [ 58.567135][ T2196] EXT4-fs warning (device loop4): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 58.574840][ T2216] loop5: detected capacity change from 0 to 40427 [ 58.577375][ T2196] EXT4-fs (loop4): 1 orphan inode deleted [ 58.589077][ T2216] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 58.589231][ T2196] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 58.597027][ T2216] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 58.624878][ T2216] F2FS-fs (loop5): invalid crc value [ 58.631768][ T2216] F2FS-fs (loop5): Found nat_bits in checkpoint [ 58.678243][ T2216] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 58.685233][ T2216] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 58.709764][ T321] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 58.798396][ T2233] loop6: detected capacity change from 0 to 256 [ 58.827314][ T2233] exfat: Deprecated parameter 'namecase' [ 58.843613][ T2233] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 58.892037][ T2238] loop6: detected capacity change from 0 to 512 [ 58.900847][ T321] usb 4-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 58.919847][ T321] usb 4-1: config 7 has 1 interface, different from the descriptor's value: 2 [ 58.946055][ T321] usb 4-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84 [ 58.956879][ T2238] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 58.969437][ T321] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 58.977818][ T2238] ext4 filesystem being mounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.015459][ T2196] syz.4.808 (2196) used greatest stack depth: 19656 bytes left [ 59.023316][ T321] usb 4-1: Product: syz [ 59.033779][ T321] usb 4-1: SerialNumber: syz [ 59.037286][ T1070] EXT4-fs (loop6): unmounting filesystem. [ 59.044284][ T298] EXT4-fs (loop4): unmounting filesystem. [ 59.054070][ T321] usb 4-1: bad CDC descriptors [ 59.146065][ T2262] loop0: detected capacity change from 0 to 512 [ 59.153177][ T2262] EXT4-fs (loop0): external journal device major/minor numbers have changed [ 59.164611][ T2262] EXT4-fs (loop0): failed to open journal device unknown-block(11,127) -6 [ 59.257608][ T321] usb 4-1: USB disconnect, device number 5 [ 59.313321][ T2280] loop4: detected capacity change from 0 to 512 [ 59.314367][ T2279] loop6: detected capacity change from 0 to 1024 [ 59.339013][ T2280] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 59.348338][ T2279] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 59.380660][ T2279] EXT4-fs (loop6): orphan cleanup on readonly fs [ 59.386988][ T2280] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.398338][ T2279] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5887: Corrupt filesystem [ 59.408365][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.414924][ T2279] EXT4-fs error (device loop6): ext4_dirty_inode:6091: inode #3: comm syz.6.839: mark_inode_dirty error [ 59.430269][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.437679][ T2266] loop5: detected capacity change from 0 to 40427 [ 59.451686][ T2279] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:477: comm syz.6.839: Invalid block bitmap block 3 in block_group 0 [ 59.451871][ T2287] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 59.470848][ T2266] F2FS-fs (loop5): invalid crc value [ 59.485674][ T298] EXT4-fs (loop4): unmounting filesystem. [ 59.495183][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.501971][ T2279] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5887: Corrupt filesystem [ 59.502578][ T2266] F2FS-fs (loop5): Found nat_bits in checkpoint [ 59.518691][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.525645][ T2279] EXT4-fs error (device loop6): ext4_dirty_inode:6091: inode #3: comm syz.6.839: mark_inode_dirty error [ 59.560467][ T2293] loop4: detected capacity change from 0 to 128 [ 59.574953][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.584147][ T2279] EXT4-fs error (device loop6): ext4_map_blocks:634: inode #3: block 1: comm syz.6.839: lblock 6 mapped to illegal pblock 1 (length 1) [ 59.599329][ T2266] F2FS-fs (loop5): Start checkpoint disabled! [ 59.605689][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.612487][ T2279] EXT4-fs error (device loop6): ext4_map_blocks:634: inode #3: block 48: comm syz.6.839: lblock 0 mapped to illegal pblock 48 (length 1) [ 59.613175][ T2293] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002] [ 59.633650][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.634644][ T2266] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 59.642882][ T2279] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.839: Failed to acquire dquot type 0 [ 59.663636][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.666574][ T2293] System zones: 1-3, 19-19, 35-36 [ 59.675717][ T2293] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 59.684355][ T2279] EXT4-fs error (device loop6): ext4_map_blocks:634: inode #3: block 49: comm syz.6.839: lblock 1 mapped to illegal pblock 49 (length 1) [ 59.698912][ T2293] ext4 filesystem being mounted at /179/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 59.711704][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.724849][ T2279] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.839: Failed to acquire dquot type 0 [ 59.752867][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.753342][ T454] kworker/u4:5: attempt to access beyond end of device [ 59.753342][ T454] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 59.759294][ T2279] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5887: Corrupt filesystem [ 59.787877][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.794219][ T2293] EXT4-fs warning (device loop4): ext4_group_extend:1870: can't shrink FS - resize aborted [ 59.799214][ T2304] loop3: detected capacity change from 0 to 1024 [ 59.810279][ T2279] EXT4-fs error (device loop6): ext4_evict_inode:279: inode #15: comm syz.6.839: mark_inode_dirty error [ 59.821469][ T2279] EXT4-fs (loop6): Remounting filesystem read-only [ 59.827800][ T2279] EXT4-fs warning (device loop6): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 59.838938][ T2279] EXT4-fs (loop6): 1 orphan inode deleted [ 59.844849][ T2279] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 59.859944][ T2304] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 59.868367][ T298] EXT4-fs (loop4): unmounting filesystem. [ 59.893898][ T2304] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.970782][ T632] EXT4-fs (loop3): unmounting filesystem. [ 60.009146][ T2314] loop3: detected capacity change from 0 to 128 [ 60.051064][ T2314] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 60.069564][ T2314] ext4 filesystem being mounted at /133/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 60.105163][ T2314] fscrypt (loop3, inode 12): Unsupported encryption modes (contents 0, filenames 0) [ 60.181710][ T632] EXT4-fs (loop3): unmounting filesystem. [ 60.301754][ T2331] loop3: detected capacity change from 0 to 128 [ 60.329192][ T2308] loop4: detected capacity change from 0 to 40427 [ 60.347183][ T2308] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 60.358530][ T2331] FAT-fs (loop3): Directory bread(block 162) failed [ 60.364524][ T2308] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 60.383180][ T2331] FAT-fs (loop3): Directory bread(block 163) failed [ 60.383488][ T2308] F2FS-fs (loop4): invalid crc value [ 60.400027][ T2279] syz.6.839 (2279) used greatest stack depth: 19048 bytes left [ 60.409859][ T2331] FAT-fs (loop3): Directory bread(block 164) failed [ 60.423171][ T2308] F2FS-fs (loop4): Found nat_bits in checkpoint [ 60.426640][ T2331] FAT-fs (loop3): Directory bread(block 165) failed [ 60.469787][ T2331] FAT-fs (loop3): Directory bread(block 166) failed [ 60.476250][ T2331] FAT-fs (loop3): Directory bread(block 167) failed [ 60.516778][ T2331] FAT-fs (loop3): Directory bread(block 168) failed [ 60.530017][ T2308] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 60.533755][ T2331] FAT-fs (loop3): Directory bread(block 169) failed [ 60.537078][ T2308] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 60.570545][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 60.576917][ T2331] FAT-fs (loop3): Directory bread(block 162) failed [ 60.599783][ T2331] FAT-fs (loop3): Directory bread(block 163) failed [ 60.631743][ T2331] syz.3.857: attempt to access beyond end of device [ 60.631743][ T2331] loop3: rw=3, sector=226, nr_sectors = 6 limit=128 [ 60.645053][ T2331] syz.3.857: attempt to access beyond end of device [ 60.645053][ T2331] loop3: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 60.661843][ T320] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 60.679182][ T320] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 60.714621][ T2348] loop3: detected capacity change from 0 to 256 [ 60.727089][ T2348] exfat: Deprecated parameter 'namecase' [ 60.755123][ T2348] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 60.780649][ T2355] tmpfs: Unknown parameter 'nolazytime’’' [ 60.804129][ T2348] exFAT-fs (loop3): hint_cluster is invalid (1) [ 60.810608][ T2348] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 60.812544][ T2357] loop0: detected capacity change from 0 to 512 [ 60.819177][ T2348] exFAT-fs (loop3): error, failed to bmap (inode : ffff8881177ac910 iblock : 9, err : -5) [ 60.836788][ T2348] syz.3.864: attempt to access beyond end of device [ 60.836788][ T2348] loop3: rw=2049, sector=34359738488, nr_sectors = 8 limit=256 [ 60.856270][ T2348] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 60.865331][ T2348] exFAT-fs (loop3): error, failed to bmap (inode : ffff8881177ac910 iblock : 4, err : -5) [ 60.900225][ T2357] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 60.923362][ T2357] EXT4-fs (loop0): 1 truncate cleaned up [ 60.951471][ T2368] loop5: detected capacity change from 0 to 512 [ 60.983398][ T2368] EXT4-fs (loop5): external journal device major/minor numbers have changed [ 60.992762][ T2368] EXT4-fs (loop5): failed to open journal device unknown-block(11,127) -6 [ 61.199875][ T24] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 61.278170][ T2377] loop0: detected capacity change from 0 to 40427 [ 61.296911][ T2377] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 61.305106][ T2377] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 61.314182][ T2377] F2FS-fs (loop0): invalid crc value [ 61.316375][ T2379] loop4: detected capacity change from 0 to 40427 [ 61.321149][ T2377] F2FS-fs (loop0): Found nat_bits in checkpoint [ 61.337132][ T2379] F2FS-fs (loop4): fault_injection options not supported [ 61.344797][ T2379] F2FS-fs (loop4): invalid crc value [ 61.351274][ T2379] F2FS-fs (loop4): Found nat_bits in checkpoint [ 61.374260][ T2377] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 61.381411][ T2377] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 61.392787][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 61.411054][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 61.421949][ T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 61.435103][ T24] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 61.435114][ T2379] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 61.435148][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.460077][ T24] usb 4-1: config 0 descriptor?? [ 61.468005][ T454] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 61.477915][ T454] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 61.498976][ T2387] f2fs_ckpt-7:4: attempt to access beyond end of device [ 61.498976][ T2387] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 61.791079][ T2398] loop0: detected capacity change from 0 to 40427 [ 61.807510][ T2398] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 61.815210][ T2398] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 61.824307][ T2398] F2FS-fs (loop0): invalid crc value [ 61.831259][ T2398] F2FS-fs (loop0): Found nat_bits in checkpoint [ 61.869356][ T24] plantronics 0003:047F:FFFF.000A: item fetching failed at offset 12/15 [ 61.878160][ T24] plantronics 0003:047F:FFFF.000A: parse failed [ 61.879135][ T2398] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 61.884314][ T24] plantronics: probe of 0003:047F:FFFF.000A failed with error -22 [ 61.899102][ T2398] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 62.080750][ T24] usb 4-1: USB disconnect, device number 6 [ 62.269780][ T1034] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 62.450937][ T1034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 62.461770][ T1034] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 62.471382][ T1034] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 62.484133][ T1034] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 62.493125][ T1034] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.501650][ T1034] usb 1-1: config 0 descriptor?? [ 62.554056][ T2412] loop5: detected capacity change from 0 to 256 [ 62.560486][ T2412] exfat: Deprecated parameter 'namecase' [ 62.569752][ T2412] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 62.588689][ T2412] exFAT-fs (loop5): hint_cluster is invalid (1) [ 62.595429][ T2412] exFAT-fs (loop5): error, invalid access to exfat cache (entry 0x00000000) [ 62.609484][ T2412] exFAT-fs (loop5): error, failed to bmap (inode : ffff8881177ad990 iblock : 9, err : -5) [ 62.612124][ T2414] loop3: detected capacity change from 0 to 2048 [ 62.619367][ T1827] Bluetooth: hci0: command 0x1003 tx timeout [ 62.625676][ T1471] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 62.631548][ T2412] syz.5.881: attempt to access beyond end of device [ 62.631548][ T2412] loop5: rw=2049, sector=34359738488, nr_sectors = 8 limit=256 [ 62.657304][ T2412] exFAT-fs (loop5): error, invalid access to exfat cache (entry 0x00000000) [ 62.666384][ T2412] exFAT-fs (loop5): error, failed to bmap (inode : ffff8881177ad990 iblock : 4, err : -5) [ 62.729570][ T2423] loop4: detected capacity change from 0 to 512 [ 62.749963][ T2423] EXT4-fs (loop4): external journal device major/minor numbers have changed [ 62.778433][ T2423] EXT4-fs (loop4): failed to open journal device unknown-block(11,127) -6 [ 62.915279][ T1034] isku 0003:1E7D:319C.000B: invalid report_size 23040 [ 62.926725][ T1034] isku 0003:1E7D:319C.000B: item 0 2 1 7 parsing failed [ 62.937429][ T1034] isku 0003:1E7D:319C.000B: parse failed [ 62.949767][ T1034] isku: probe of 0003:1E7D:319C.000B failed with error -22 [ 62.989506][ T2429] loop5: detected capacity change from 0 to 40427 [ 62.998329][ T2429] F2FS-fs (loop5): fault_injection options not supported [ 63.007014][ T2429] F2FS-fs (loop5): invalid crc value [ 63.016566][ T2429] F2FS-fs (loop5): Found nat_bits in checkpoint [ 63.043483][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.051114][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.058523][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.066128][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.076114][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.084436][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.085239][ T2449] loop6: detected capacity change from 0 to 1024 [ 63.092103][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.103752][ T2429] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 63.105474][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.120237][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.132554][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.139858][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.147241][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.154419][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.161698][ T1034] hid-generic 0000:0003:0000.000C: unknown main item tag 0x0 [ 63.169545][ T1034] hid-generic 0000:0003:0000.000C: hidraw0: HID v0.00 Device [syz0] on syz1 [ 63.180289][ T1034] usb 1-1: USB disconnect, device number 8 [ 63.209781][ T2442] f2fs_ckpt-7:5: attempt to access beyond end of device [ 63.209781][ T2442] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 63.321006][ T2458] loop4: detected capacity change from 0 to 128 [ 63.338463][ T2458] EXT4-fs mount: 6 callbacks suppressed [ 63.338484][ T2458] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 63.353175][ T2458] ext4 filesystem being mounted at /190/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 63.383689][ T2458] fscrypt (loop4, inode 12): Unsupported encryption modes (contents 0, filenames 0) [ 63.405832][ T298] EXT4-fs (loop4): unmounting filesystem. [ 63.439148][ T2467] loop4: detected capacity change from 0 to 256 [ 63.449125][ T2467] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 63.776939][ T28] kauditd_printk_skb: 15 callbacks suppressed [ 63.776958][ T28] audit: type=1326 audit(2000000016.938:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0443f85d29 code=0x7ffc0000 [ 63.809991][ T1034] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 63.835023][ T28] audit: type=1326 audit(2000000016.938:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0443f85d29 code=0x7ffc0000 [ 63.877045][ T2498] loop3: detected capacity change from 0 to 512 [ 63.921706][ T28] audit: type=1326 audit(2000000016.938:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0443f85d29 code=0x7ffc0000 [ 63.951220][ T2498] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 63.965721][ T28] audit: type=1326 audit(2000000016.938:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0443f85d29 code=0x7ffc0000 [ 63.989492][ T28] audit: type=1326 audit(2000000016.968:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0443f85d29 code=0x7ffc0000 [ 63.995739][ T2498] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 64.029247][ T28] audit: type=1326 audit(2000000016.968:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0443f7cce7 code=0x7ffc0000 [ 64.030710][ T1070] EXT4-fs (loop6): unmounting filesystem. [ 64.052583][ T28] audit: type=1326 audit(2000000016.968:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0443f21f29 code=0x7ffc0000 [ 64.081067][ T28] audit: type=1326 audit(2000000016.968:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f0443f85d29 code=0x7ffc0000 [ 64.110526][ T1034] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 64.123456][ T632] EXT4-fs (loop3): unmounting filesystem. [ 64.129611][ T1034] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 64.139220][ T1034] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 64.157025][ T28] audit: type=1326 audit(2000000016.968:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0443f7cce7 code=0x7ffc0000 [ 64.180168][ T1034] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.192536][ T1034] usb 6-1: config 0 descriptor?? [ 64.198987][ T28] audit: type=1326 audit(2000000016.968:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2492 comm="syz.0.916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0443f21f29 code=0x7ffc0000 [ 64.309494][ T2527] netlink: 'syz.0.929': attribute type 12 has an invalid length. [ 64.317781][ T2527] netlink: 'syz.0.929': attribute type 29 has an invalid length. [ 64.325597][ T2527] netlink: 148 bytes leftover after parsing attributes in process `syz.0.929'. [ 64.335084][ T2527] netlink: 'syz.0.929': attribute type 1 has an invalid length. [ 64.499791][ T40] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 64.601749][ T1034] pyra 0003:1E7D:2CF6.000D: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.5-1/input0 [ 64.670437][ T2569] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 64.681791][ T40] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 64.697547][ T40] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 64.729666][ T2574] xt_hashlimit: size too large, truncated to 1048576 [ 64.730678][ T40] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 64.761916][ T2576] loop0: detected capacity change from 0 to 2048 [ 64.779749][ T40] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 64.787610][ T40] usb 7-1: SerialNumber: syz [ 64.800795][ T1034] pyra 0003:1E7D:2CF6.000D: couldn't init struct pyra_device [ 64.810599][ T2576] loop0: p1 < > p4 [ 64.815513][ T2576] loop0: p4 size 8388608 extends beyond EOD, truncated [ 64.822362][ T1034] pyra 0003:1E7D:2CF6.000D: couldn't install mouse [ 64.843742][ T102] loop0: p1 < > p4 [ 64.847995][ T102] loop0: p4 size 8388608 extends beyond EOD, truncated [ 64.855407][ T1034] pyra: probe of 0003:1E7D:2CF6.000D failed with error -71 [ 64.883185][ T1034] usb 6-1: USB disconnect, device number 5 [ 64.989158][ T2585] loop0: detected capacity change from 0 to 1024 [ 64.996306][ T2585] EXT4-fs: Ignoring removed i_version option [ 65.000322][ T40] usb 7-1: 0:2 : does not exist [ 65.006840][ T40] usb 7-1: usbmixer: too many channels (61) in unit 5 [ 65.007469][ T2585] EXT4-fs (loop0): Test dummy encryption mode enabled [ 65.023720][ T40] usb 7-1: USB disconnect, device number 7 [ 65.029759][ T1050] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 65.045757][ T2585] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 65.062741][ T2585] fscrypt: AES-256-XTS using blk-crypto-fallback [ 65.087323][ T296] EXT4-fs (loop0): unmounting filesystem. [ 65.132888][ T2592] netlink: 8 bytes leftover after parsing attributes in process `syz.0.959'. [ 65.169351][ T2596] loop0: detected capacity change from 0 to 256 [ 65.179283][ T2596] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 65.207771][ T2598] tmpfs: Unknown parameter 'mpo' [ 65.221143][ T2600] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 65.231115][ T1050] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 65.259918][ T1050] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 65.269499][ T1050] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 65.283231][ T1050] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 65.292614][ T1050] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.318785][ T1050] usb 4-1: config 0 descriptor?? [ 65.376292][ T2613] loop5: detected capacity change from 0 to 1024 [ 65.394130][ T2613] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 65.416826][ T1011] EXT4-fs (loop5): unmounting filesystem. [ 65.516809][ T2621] loop4: detected capacity change from 0 to 512 [ 65.558292][ T2621] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 65.573169][ T2621] ext4 filesystem being mounted at /211/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.589300][ T2630] loop0: detected capacity change from 0 to 1024 [ 65.632314][ T2630] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 65.659843][ T2630] ext4 filesystem being mounted at /243/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.681945][ T2630] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 65.700026][ T2630] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28 [ 65.717671][ T2630] EXT4-fs (loop0): This should not happen!! Data will be lost [ 65.717671][ T2630] [ 65.727356][ T40] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 65.737034][ T1050] isku 0003:1E7D:319C.000E: invalid report_size 23040 [ 65.743919][ T2630] EXT4-fs (loop0): Total free blocks count 0 [ 65.749781][ T1050] isku 0003:1E7D:319C.000E: item 0 2 1 7 parsing failed [ 65.756806][ T1050] isku 0003:1E7D:319C.000E: parse failed [ 65.761379][ T2630] EXT4-fs (loop0): Free/Dirty block details [ 65.767994][ T2630] EXT4-fs (loop0): free_blocks=4293918720 [ 65.773796][ T1050] isku: probe of 0003:1E7D:319C.000E failed with error -22 [ 65.791937][ T2630] EXT4-fs (loop0): dirty_blocks=112 [ 65.799113][ T2630] EXT4-fs (loop0): Block reservation details [ 65.805410][ T2630] EXT4-fs (loop0): i_reserved_data_blocks=7 [ 65.920887][ T40] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 65.941083][ T40] usb 6-1: config 7 has 1 interface, different from the descriptor's value: 2 [ 65.941336][ T1034] usb 4-1: USB disconnect, device number 7 [ 65.956632][ T40] usb 6-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 0.84 [ 65.975777][ T40] usb 6-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 65.995991][ T40] usb 6-1: Product: syz [ 66.000391][ T40] usb 6-1: SerialNumber: syz [ 66.007813][ T40] usb 6-1: bad CDC descriptors [ 66.211091][ T321] usb 6-1: USB disconnect, device number 6 [ 66.217713][ T320] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 28 [ 66.348707][ T2658] device batadv_slave_1 entered promiscuous mode [ 66.374885][ T298] EXT4-fs (loop4): unmounting filesystem. [ 66.381013][ T2657] device batadv_slave_1 left promiscuous mode [ 66.495636][ T2670] xt_hashlimit: size too large, truncated to 1048576 [ 66.592388][ T2678] loop0: detected capacity change from 0 to 2048 [ 66.616877][ T2679] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 66.639013][ T2678] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 66.751647][ T296] EXT4-fs (loop0): unmounting filesystem. [ 66.988500][ T2700] loop5: detected capacity change from 0 to 2048 [ 67.019224][ T2668] loop6: detected capacity change from 0 to 40427 [ 67.046545][ T2668] F2FS-fs (loop6): invalid crc value [ 67.060832][ T2668] F2FS-fs (loop6): Found nat_bits in checkpoint [ 67.061615][ T2700] loop5: p1 < > p4 [ 67.078026][ T2700] loop5: p4 size 8388608 extends beyond EOD, truncated [ 67.157645][ T2668] F2FS-fs (loop6): Start checkpoint disabled! [ 67.185208][ T2708] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1006'. [ 67.188403][ T2668] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 67.228210][ T2710] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1005'. [ 67.274886][ T2718] loop3: detected capacity change from 0 to 512 [ 67.300346][ T2718] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 67.337962][ T2718] EXT4-fs (loop3): 1 truncate cleaned up [ 67.349867][ T2718] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 67.431622][ T454] kworker/u4:5: attempt to access beyond end of device [ 67.431622][ T454] loop6: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 67.643410][ T1034] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 67.842595][ T1034] usb 4-1: no configurations [ 67.847384][ T1034] usb 4-1: can't read configurations, error -22 [ 67.891400][ T2753] incfs: Options parsing error. -22 [ 67.896585][ T2753] incfs: mount failed -22 [ 68.009862][ T1034] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 68.179750][ T6] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 68.200262][ T1034] usb 4-1: no configurations [ 68.204735][ T1034] usb 4-1: can't read configurations, error -22 [ 68.217600][ T1034] usb usb4-port1: attempt power cycle [ 68.380892][ T6] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 68.390810][ T6] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 68.400182][ T6] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 68.409021][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 68.416854][ T6] usb 5-1: SerialNumber: syz [ 68.519784][ T1050] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 68.625259][ T6] usb 5-1: 0:2 : does not exist [ 68.629968][ T6] usb 5-1: usbmixer: too many channels (61) in unit 5 [ 68.639604][ T6] usb 5-1: USB disconnect, device number 8 [ 68.659797][ T1034] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 68.690607][ T1034] usb 4-1: no configurations [ 68.695117][ T1034] usb 4-1: can't read configurations, error -22 [ 68.702311][ T1050] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 68.713392][ T1050] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 68.722902][ T1050] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 68.731762][ T1050] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.740359][ T1050] usb 1-1: config 0 descriptor?? [ 68.859984][ T1034] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 68.900496][ T1034] usb 4-1: no configurations [ 68.904942][ T1034] usb 4-1: can't read configurations, error -22 [ 68.911123][ T1034] usb usb4-port1: unable to enumerate USB device [ 69.148836][ T1050] pyra 0003:1E7D:2CF6.000F: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0 [ 69.164120][ T2777] loop5: detected capacity change from 0 to 1024 [ 69.180959][ T2777] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 69.347901][ T1050] pyra 0003:1E7D:2CF6.000F: couldn't init struct pyra_device [ 69.357924][ T1050] pyra 0003:1E7D:2CF6.000F: couldn't install mouse [ 69.370384][ T1050] pyra: probe of 0003:1E7D:2CF6.000F failed with error -71 [ 69.389624][ T1050] usb 1-1: USB disconnect, device number 9 [ 69.442327][ T2791] loop6: detected capacity change from 0 to 256 [ 69.477944][ T2791] exfat: Deprecated parameter 'utf8' [ 69.487173][ T2791] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 69.945705][ T2805] loop4: detected capacity change from 0 to 40427 [ 69.979290][ T2821] input: syz0 as /devices/virtual/input/input17 [ 70.000410][ T2805] F2FS-fs (loop4): invalid crc value [ 70.016559][ T2805] F2FS-fs (loop4): Found nat_bits in checkpoint [ 70.116960][ T2805] F2FS-fs (loop4): Start checkpoint disabled! [ 70.123730][ T1011] EXT4-fs (loop5): unmounting filesystem. [ 70.149612][ T2805] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 70.167224][ T2835] loop5: detected capacity change from 0 to 128 [ 70.193366][ T535] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 70.242268][ T2842] loop0: detected capacity change from 0 to 16 [ 70.260540][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.274684][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.283181][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.288516][ T2842] erofs: (device loop0): mounted with root inode @ nid 36. [ 70.293967][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.306660][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.314784][ T632] EXT4-fs (loop3): unmounting filesystem. [ 70.315240][ T47] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000] [ 70.331586][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.332073][ T2842] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 70.338857][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.357114][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.365314][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.373069][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.386209][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.397829][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.405383][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.413044][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.420449][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.427798][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.436359][ T480] kworker/u4:6: attempt to access beyond end of device [ 70.436359][ T480] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 70.436596][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.457371][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.464587][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.471897][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.479134][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.486503][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.487849][ T2854] loop0: detected capacity change from 0 to 4096 [ 70.493956][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.507415][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.515001][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.522544][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.530082][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.535091][ T2854] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 70.537539][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.553401][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560602][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560630][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560652][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560672][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560693][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560713][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560734][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560755][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560776][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560797][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560818][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560839][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560860][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.560881][ T321] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0 [ 70.583842][ T321] hid-generic 0000:0000:0000.0010: hidraw0: HID v0.00 Device [syz0] on syz1 [ 70.686757][ T296] EXT4-fs (loop0): unmounting filesystem. [ 70.753026][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 70.753044][ T28] audit: type=1326 audit(2000000023.918:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2875 comm="syz.5.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc36785d29 code=0x7ffc0000 [ 70.785544][ T28] audit: type=1326 audit(2000000023.918:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2875 comm="syz.5.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc36785d29 code=0x7ffc0000 [ 70.860170][ T28] audit: type=1326 audit(2000000023.948:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2875 comm="syz.5.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc36784690 code=0x7ffc0000 [ 70.867020][ T2889] loop6: detected capacity change from 0 to 512 [ 70.902544][ T28] audit: type=1326 audit(2000000023.948:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2875 comm="syz.5.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc36785d29 code=0x7ffc0000 [ 70.926554][ T28] audit: type=1326 audit(2000000023.948:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2875 comm="syz.5.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc36785d29 code=0x7ffc0000 [ 70.936077][ T2889] EXT4-fs (loop6): Test dummy encryption mode enabled [ 70.951091][ T28] audit: type=1326 audit(2000000023.948:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2875 comm="syz.5.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fbc36785d29 code=0x7ffc0000 [ 70.956785][ T2889] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 70.999684][ T2889] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002] [ 71.004734][ T28] audit: type=1326 audit(2000000023.948:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2875 comm="syz.5.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc36785d29 code=0x7ffc0000 [ 71.030745][ T2889] System zones: 1-12 [ 71.030867][ T28] audit: type=1326 audit(2000000023.948:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2875 comm="syz.5.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc36785d29 code=0x7ffc0000 [ 71.058508][ T28] audit: type=1326 audit(2000000023.978:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2875 comm="syz.5.1074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc36785d29 code=0x7ffc0000 [ 71.081938][ T1057] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 71.089463][ T28] audit: type=1400 audit(2000000023.978:413): avc: denied { write } for pid=2875 comm="syz.5.1074" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 71.101266][ T2889] EXT4-fs (loop6): 1 truncate cleaned up [ 71.123292][ T2889] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 71.201996][ T2903] loop0: detected capacity change from 0 to 256 [ 71.231769][ T2903] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 71.246382][ T1070] EXT4-fs (loop6): unmounting filesystem. [ 71.279828][ T2909] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 71.310879][ T1057] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 71.337529][ T1057] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 71.367719][ T1057] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 71.380819][ T2921] loop6: detected capacity change from 0 to 1024 [ 71.393114][ T1057] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.403788][ T1057] usb 4-1: config 0 descriptor?? [ 71.428809][ T2921] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 71.437311][ T2921] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.469591][ T2921] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 71.490025][ T2921] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28 [ 71.502304][ T2921] EXT4-fs (loop6): This should not happen!! Data will be lost [ 71.502304][ T2921] [ 71.532705][ T2921] EXT4-fs (loop6): Total free blocks count 0 [ 71.538885][ T2921] EXT4-fs (loop6): Free/Dirty block details [ 71.544792][ T2921] EXT4-fs (loop6): free_blocks=4293918720 [ 71.550408][ T2921] EXT4-fs (loop6): dirty_blocks=112 [ 71.555429][ T2921] EXT4-fs (loop6): Block reservation details [ 71.562935][ T2921] EXT4-fs (loop6): i_reserved_data_blocks=7 [ 71.734074][ T2953] loop5: detected capacity change from 0 to 256 [ 71.750448][ T2953] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 71.761433][ T2953] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 71.781977][ T2953] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 71.813167][ T1057] logitech-hidpp-device 0003:046D:C086.0011: unknown main item tag 0x0 [ 71.831314][ T1057] logitech-hidpp-device 0003:046D:C086.0011: unknown main item tag 0x0 [ 71.847453][ T2959] tipc: Started in network mode [ 71.852541][ T1057] logitech-hidpp-device 0003:046D:C086.0011: unknown main item tag 0x0 [ 71.853076][ T2959] tipc: Node identity ac14142f, cluster identity 4711 [ 71.867440][ T2959] tipc: New replicast peer: 0.0.0.0 [ 71.868289][ T1057] logitech-hidpp-device 0003:046D:C086.0011: unknown main item tag 0x0 [ 71.873133][ T2959] tipc: Enabled bearer , priority 10 [ 71.891434][ T1057] logitech-hidpp-device 0003:046D:C086.0011: unknown main item tag 0x0 [ 71.898789][ T2959] tipc: New replicast peer: 100.1.1.1 [ 71.907709][ T1057] logitech-hidpp-device 0003:046D:C086.0011: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.3-1/input0 [ 71.983667][ T2964] input: syz0 as /devices/virtual/input/input18 [ 72.031358][ T1057] usb 4-1: USB disconnect, device number 12 [ 72.085406][ T2976] loop5: detected capacity change from 0 to 512 [ 72.092048][ T2976] EXT4-fs: Ignoring removed nomblk_io_submit option [ 72.112792][ T2976] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2 [ 72.120512][ T2979] loop4: detected capacity change from 0 to 1024 [ 72.133117][ T2979] EXT4-fs: Ignoring removed orlov option [ 72.135235][ T2976] EXT4-fs (loop5): 1 truncate cleaned up [ 72.144252][ T2976] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 72.159896][ T2979] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 72.178604][ T454] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 28 [ 72.191811][ T1011] EXT4-fs (loop5): unmounting filesystem. [ 72.202614][ T298] EXT4-fs (loop4): unmounting filesystem. [ 72.416632][ T2982] loop5: detected capacity change from 0 to 40427 [ 72.434100][ T2982] F2FS-fs (loop5): invalid crc value [ 72.446913][ T2982] F2FS-fs (loop5): Found nat_bits in checkpoint [ 72.521677][ T2982] F2FS-fs (loop5): Start checkpoint disabled! [ 72.523946][ T3006] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 72.532472][ T3007] loop4: detected capacity change from 0 to 1024 [ 72.542806][ T2982] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 72.603965][ T3010] loop3: detected capacity change from 0 to 512 [ 72.616897][ T3007] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 72.625486][ T320] kworker/u4:4: attempt to access beyond end of device [ 72.625486][ T320] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 72.660433][ T3007] ext4 filesystem being mounted at /249/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.685114][ T3010] EXT4-fs (loop3): Test dummy encryption mode enabled [ 72.702052][ T3007] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 72.705402][ T3010] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 72.717984][ T3007] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28 [ 72.727682][ T3010] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002] [ 72.739104][ T3007] EXT4-fs (loop4): This should not happen!! Data will be lost [ 72.739104][ T3007] [ 72.747525][ T3010] System zones: 1-12 [ 72.756886][ T3007] EXT4-fs (loop4): Total free blocks count 0 [ 72.766105][ T3010] EXT4-fs (loop3): 1 truncate cleaned up [ 72.767226][ T3007] EXT4-fs (loop4): Free/Dirty block details [ 72.771901][ T3010] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 72.789479][ T3007] EXT4-fs (loop4): free_blocks=4293918720 [ 72.795124][ T3007] EXT4-fs (loop4): dirty_blocks=80 [ 72.800137][ T3007] EXT4-fs (loop4): Block reservation details [ 72.805940][ T3007] EXT4-fs (loop4): i_reserved_data_blocks=5 [ 72.889748][ T1057] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 72.926803][ T632] EXT4-fs (loop3): unmounting filesystem. [ 72.966537][ T3022] netlink: 'syz.5.1133': attribute type 4 has an invalid length. [ 72.980175][ T3022] netlink: 17 bytes leftover after parsing attributes in process `syz.5.1133'. [ 72.990645][ T321] tipc: Node number set to 2886997039 [ 73.080063][ T1057] usb 1-1: Using ep0 maxpacket: 32 [ 73.094177][ T1057] usb 1-1: config 0 has an invalid interface number: 67 but max is 0 [ 73.107465][ T1057] usb 1-1: config 0 has no interface number 0 [ 73.124107][ T1057] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 73.133048][ T1057] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.152429][ T1057] usb 1-1: Product: syz [ 73.156420][ T1057] usb 1-1: Manufacturer: syz [ 73.164664][ T1057] usb 1-1: SerialNumber: syz [ 73.175610][ T1057] usb 1-1: config 0 descriptor?? [ 73.201231][ T1057] smsc95xx v2.0.0 [ 73.285941][ T3046] bridge_slave_0: default FDB implementation only supports local addresses [ 73.313959][ T319] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 28 [ 73.315337][ T3050] loop5: detected capacity change from 0 to 512 [ 73.340914][ T3050] EXT4-fs (loop5): Test dummy encryption mode enabled [ 73.347603][ T3050] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 73.359628][ T3050] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002] [ 73.367487][ T3050] System zones: 1-12 [ 73.372247][ T3050] EXT4-fs (loop5): 1 truncate cleaned up [ 73.377750][ T3050] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 73.434478][ T1011] EXT4-fs (loop5): unmounting filesystem. [ 73.455522][ T3054] loop5: detected capacity change from 0 to 512 [ 73.473287][ T3054] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 73.482668][ T3054] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.549769][ T1034] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 73.633224][ T3058] loop4: detected capacity change from 0 to 40427 [ 73.640060][ T3058] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 73.647540][ T3058] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 73.656106][ T3058] F2FS-fs (loop4): invalid crc value [ 73.662811][ T3058] F2FS-fs (loop4): Found nat_bits in checkpoint [ 73.705196][ T3058] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 73.712292][ T3058] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 73.734230][ T3058] syz.4.1148: attempt to access beyond end of device [ 73.734230][ T3058] loop4: rw=2051, sector=36912, nr_sectors = 8152 limit=40427 [ 73.748273][ T3058] syz.4.1148: attempt to access beyond end of device [ 73.748273][ T3058] loop4: rw=2051, sector=45096, nr_sectors = 85976 limit=40427 [ 73.762485][ T3058] F2FS-fs (loop4): Issue discard(4614, 4614, 1019) failed, ret: -5 [ 73.762521][ T3058] F2FS-fs (loop4): Issue discard(5637, 5637, 10747) failed, ret: -5 [ 73.769841][ T1034] usb 7-1: Using ep0 maxpacket: 16 [ 73.784509][ T1034] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.795285][ T1034] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 73.805558][ T1034] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 73.825162][ T1034] usb 7-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00 [ 73.834119][ T1034] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.846008][ T1034] usb 7-1: config 0 descriptor?? [ 74.005816][ T1057] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 74.065569][ T3069] loop3: detected capacity change from 0 to 40427 [ 74.073442][ T3069] F2FS-fs (loop3): invalid crc value [ 74.079881][ T3069] F2FS-fs (loop3): Found nat_bits in checkpoint [ 74.119381][ T3069] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 74.184482][ T632] syz-executor: attempt to access beyond end of device [ 74.184482][ T632] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 74.209791][ T1057] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 74.225684][ T1011] EXT4-fs (loop5): unmounting filesystem. [ 74.235181][ T1057] smsc95xx: probe of 1-1:0.67 failed with error -71 [ 74.256073][ T1034] input: HID 054c:03d5 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:054C:03D5.0012/input/input19 [ 74.268144][ T1057] usb 1-1: USB disconnect, device number 10 [ 74.276642][ T1034] sony 0003:054C:03D5.0012: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.6-1/input0 [ 74.369553][ T3080] loop5: detected capacity change from 0 to 8192 [ 74.410529][ T3080] loop5: p2 p3 p4 [ 74.414485][ T3080] loop5: p2 start 452985600 is beyond EOD, truncated [ 74.425944][ T3080] loop5: p3 size 33554432 extends beyond EOD, truncated [ 74.430870][ T3085] loop4: detected capacity change from 0 to 256 [ 74.433587][ T3080] loop5: p4 start 8388607 is beyond EOD, truncated [ 74.454927][ T321] usb 7-1: USB disconnect, device number 8 [ 74.464275][ T3085] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xc65ab44c, utbl_chksum : 0xe619d30d) [ 74.500383][ T535] udevd[535]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 74.509948][ T3085] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000005) [ 74.518788][ T3085] exFAT-fs (loop4): failed to initialize root inode [ 74.794238][ T3113] loop0: detected capacity change from 0 to 1024 [ 74.811810][ T3116] device vlan2 entered promiscuous mode [ 74.831616][ T3113] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 75.169787][ T321] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 75.350810][ T321] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 75.360889][ T321] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 75.371756][ T321] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 919, setting to 64 [ 75.382578][ T321] usb 5-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 75.397892][ T321] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.00 [ 75.406863][ T321] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 75.416451][ T321] usb 5-1: Product: syz [ 75.420535][ T321] usb 5-1: Manufacturer: syz [ 75.424921][ T321] usb 5-1: SerialNumber: syz [ 75.430913][ T3121] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 75.677062][ T296] EXT4-fs (loop0): unmounting filesystem. [ 75.679593][ T3134] loop3: detected capacity change from 0 to 256 [ 75.692516][ T3137] loop6: detected capacity change from 0 to 512 [ 75.702512][ T3137] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 75.719192][ T3137] EXT4-fs (loop6): orphan cleanup on readonly fs [ 75.726314][ T3137] EXT4-fs error (device loop6): ext4_acquire_dquot:6788: comm syz.6.1178: Failed to acquire dquot type 1 [ 75.742869][ T3137] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1178: bg 0: block 40: padding at end of block bitmap is not set [ 75.757532][ T3137] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 75.766542][ T3137] EXT4-fs (loop6): 1 truncate cleaned up [ 75.772170][ T3137] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 75.798641][ T1070] EXT4-fs (loop6): unmounting filesystem. [ 75.949744][ T24] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 76.007244][ T3157] input: syz0 as /devices/virtual/input/input20 [ 76.031469][ T28] kauditd_printk_skb: 36 callbacks suppressed [ 76.031486][ T28] audit: type=1400 audit(2000000029.198:448): avc: denied { accept } for pid=3158 comm="syz.6.1186" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 76.129814][ T24] usb 6-1: Using ep0 maxpacket: 16 [ 76.136073][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 76.146902][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 76.157212][ T24] usb 6-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 76.166153][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.175899][ T24] usb 6-1: config 0 descriptor?? [ 76.273705][ T3169] input: syz1 as /devices/virtual/input/input21 [ 76.301380][ T3171] loop3: detected capacity change from 0 to 256 [ 76.314701][ T3171] FAT-fs (loop3): Directory bread(block 64) failed [ 76.321152][ T3171] FAT-fs (loop3): Directory bread(block 65) failed [ 76.327514][ T3171] FAT-fs (loop3): Directory bread(block 66) failed [ 76.333857][ T3171] FAT-fs (loop3): Directory bread(block 67) failed [ 76.340361][ T3171] FAT-fs (loop3): Directory bread(block 68) failed [ 76.346609][ T3171] FAT-fs (loop3): Directory bread(block 69) failed [ 76.353012][ T3171] FAT-fs (loop3): Directory bread(block 70) failed [ 76.359287][ T3171] FAT-fs (loop3): Directory bread(block 71) failed [ 76.365818][ T3171] FAT-fs (loop3): Directory bread(block 72) failed [ 76.372183][ T3171] FAT-fs (loop3): Directory bread(block 73) failed [ 76.458272][ T321] cdc_ncm 5-1:1.0: bind() failure [ 76.465299][ T321] usb 5-1: USB disconnect, device number 9 [ 76.583253][ T3136] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 76.591780][ T3136] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 76.601102][ T24] hid (null): bogus close delimiter [ 76.609168][ T24] hid-generic 0003:0158:0100.0013: unknown main item tag 0x0 [ 76.616549][ T24] hid-generic 0003:0158:0100.0013: unknown main item tag 0x0 [ 76.623858][ T24] hid-generic 0003:0158:0100.0013: bogus close delimiter [ 76.630724][ T24] hid-generic 0003:0158:0100.0013: item 0 0 2 10 parsing failed [ 76.638299][ T24] hid-generic: probe of 0003:0158:0100.0013 failed with error -22 [ 76.804529][ T321] usb 6-1: USB disconnect, device number 7 [ 76.849829][ T1057] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 76.886472][ T3184] futex_wake_op: syz.6.1198 tries to shift op by 36; fix this program [ 76.906104][ T3186] loop6: detected capacity change from 0 to 128 [ 76.914645][ T3186] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 76.923332][ T3186] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.936265][ T3186] fscrypt (loop6, inode 12): Unsupported encryption flags (0xe0) [ 76.949575][ T1070] EXT4-fs (loop6): unmounting filesystem. [ 77.029754][ T1057] usb 1-1: Using ep0 maxpacket: 16 [ 77.035857][ T1057] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.048798][ T1057] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 77.058611][ T1057] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 77.071314][ T1057] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 77.080221][ T1057] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.098371][ T1057] usb 1-1: config 0 descriptor?? [ 77.112178][ T3201] netlink: 'syz.4.1206': attribute type 4 has an invalid length. [ 77.119853][ T3201] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1206'. [ 77.268225][ T3207] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 77.289830][ T1034] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 77.474405][ T3209] loop4: detected capacity change from 0 to 40427 [ 77.493816][ T3209] F2FS-fs (loop4): Found nat_bits in checkpoint [ 77.499982][ T1034] usb 7-1: Using ep0 maxpacket: 32 [ 77.506045][ T1034] usb 7-1: config 0 has an invalid interface number: 67 but max is 0 [ 77.515627][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.529821][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.536945][ T1034] usb 7-1: config 0 has no interface number 0 [ 77.547110][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.558824][ T1034] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 77.567842][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.574955][ T1034] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.582850][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.589909][ T1034] usb 7-1: Product: syz [ 77.593977][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.601018][ T1034] usb 7-1: Manufacturer: syz [ 77.605528][ T1034] usb 7-1: SerialNumber: syz [ 77.610369][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.617911][ T1034] usb 7-1: config 0 descriptor?? [ 77.622728][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.629805][ T3209] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 77.630020][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.645820][ T1034] smsc95xx v2.0.0 [ 77.649173][ T3199] loop3: detected capacity change from 0 to 131072 [ 77.655723][ T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 77.656692][ T1057] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0 [ 77.668170][ T3199] F2FS-fs (loop3): invalid crc value [ 77.690657][ T1057] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0014/input/input22 [ 77.702927][ T3199] F2FS-fs (loop3): Found nat_bits in checkpoint [ 77.704214][ T1057] microsoft 0003:045E:07DA.0014: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 77.724644][ T28] audit: type=1400 audit(2000000030.888:449): avc: denied { read } for pid=3208 comm="syz.4.1209" name="file0" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 77.738356][ T1057] usb 1-1: USB disconnect, device number 11 [ 77.757449][ T298] syz-executor: attempt to access beyond end of device [ 77.757449][ T298] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 77.788653][ T3199] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 77.850813][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.869657][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 77.879423][ T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 77.894349][ T24] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 77.903356][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.911885][ T24] usb 6-1: config 0 descriptor?? [ 77.927359][ T28] audit: type=1400 audit(2000000031.088:450): avc: denied { setattr } for pid=3198 comm="syz.3.1205" name="work" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 77.949648][ T28] audit: type=1400 audit(2000000031.088:451): avc: denied { write } for pid=3198 comm="syz.3.1205" name="work" dev="loop3" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 77.971163][ T28] audit: type=1400 audit(2000000031.088:452): avc: denied { add_name } for pid=3198 comm="syz.3.1205" name="#d" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 77.993961][ T28] audit: type=1400 audit(2000000031.088:453): avc: denied { remove_name } for pid=3198 comm="syz.3.1205" name="#d" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 78.048907][ T28] audit: type=1400 audit(2000000031.088:454): avc: denied { unlink } for pid=3198 comm="syz.3.1205" name="#d" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1 [ 78.071499][ T28] audit: type=1400 audit(2000000031.108:455): avc: denied { setattr } for pid=3198 comm="syz.3.1205" name="file1" dev="overlay" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 78.178519][ T3235] netlink: 124 bytes leftover after parsing attributes in process `syz.4.1218'. [ 78.187907][ T3235] Zero length message leads to an empty skb [ 78.302384][ T3241] loop3: detected capacity change from 0 to 1024 [ 78.322947][ T24] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 78.326125][ T3241] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 78.332254][ T24] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving [ 78.340921][ T3241] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.367891][ T24] plantronics 0003:047F:FFFF.0015: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 78.382076][ T3241] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 78.399427][ T3241] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28 [ 78.411701][ T3241] EXT4-fs (loop3): This should not happen!! Data will be lost [ 78.411701][ T3241] [ 78.421218][ T3241] EXT4-fs (loop3): Total free blocks count 0 [ 78.427021][ T3241] EXT4-fs (loop3): Free/Dirty block details [ 78.433549][ T3241] EXT4-fs (loop3): free_blocks=4293918720 [ 78.439143][ T3241] EXT4-fs (loop3): dirty_blocks=112 [ 78.444172][ T3241] EXT4-fs (loop3): Block reservation details [ 78.450134][ T3241] EXT4-fs (loop3): i_reserved_data_blocks=7 [ 78.476133][ T1034] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout [ 78.485843][ T1057] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 78.538765][ T3246] loop0: detected capacity change from 0 to 40427 [ 78.554620][ T3246] F2FS-fs (loop0): invalid crc value [ 78.561116][ T3246] F2FS-fs (loop0): Found nat_bits in checkpoint [ 78.603054][ T6] usb 6-1: USB disconnect, device number 8 [ 78.633996][ T3246] F2FS-fs (loop0): Start checkpoint disabled! [ 78.641151][ T3246] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 78.670919][ T1057] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 78.682809][ T1034] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 78.699925][ T1034] smsc95xx: probe of 7-1:0.67 failed with error -71 [ 78.709766][ T1057] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 78.730306][ T1034] usb 7-1: USB disconnect, device number 9 [ 78.736636][ T1057] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 78.745915][ T1057] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.760800][ T1057] usb 5-1: config 0 descriptor?? [ 78.830650][ T480] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 28 [ 78.862052][ T320] kworker/u4:4: attempt to access beyond end of device [ 78.862052][ T320] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 78.986144][ T3252] ------------[ cut here ]------------ [ 78.991495][ T3252] Please remove unsupported %[ 78.996070][ T3252] WARNING: CPU: 1 PID: 3252 at lib/vsprintf.c:2661 format_decode+0x12d2/0x1f10 [ 79.004999][ T3252] Modules linked in: [ 79.008835][ T3252] CPU: 1 PID: 3252 Comm: syz.3.1222 Not tainted 6.1.118-syzkaller-00019-ge09bed30088f #0 [ 79.019043][ T3252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 79.029134][ T3252] RIP: 0010:format_decode+0x12d2/0x1f10 [ 79.034521][ T3252] Code: 78 02 01 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 07 84 c0 0f 85 30 0c 00 00 41 0f be 36 48 c7 c7 40 82 2a 86 e8 1e f5 2d fc <0f> 0b e9 01 fa ff ff 48 8b 4c 24 18 80 e1 07 38 c1 0f 8c e3 ed ff [ 79.053979][ T3252] RSP: 0018:ffffc9000aab75c0 EFLAGS: 00010246 [ 79.059876][ T3252] RAX: 188488a0cc37b300 RBX: 00000000ffffffdb RCX: 0000000000080000 [ 79.067635][ T3252] RDX: ffffc9000fb4a000 RSI: 00000000000004d8 RDI: 00000000000004d9 [ 79.075477][ T3252] RBP: ffffc9000aab76b0 R08: ffffffff8144ad6e R09: fffff52001556e11 [ 79.083297][ T3252] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff0a00ffffff00 [ 79.091125][ T3252] R13: ffff0000ffffff00 R14: ffffc9000aab78ec R15: 1ffff92001556f1d [ 79.099046][ T3252] FS: 00007fecc35cd6c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 79.107863][ T3252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 79.114460][ T3252] CR2: 000000110c2be54f CR3: 0000000132677000 CR4: 00000000003506a0 [ 79.122540][ T3252] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 79.130584][ T3252] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 79.138396][ T3252] Call Trace: [ 79.141549][ T3252] [ 79.144294][ T3252] ? show_regs+0x58/0x60 [ 79.148372][ T3252] ? __warn+0x160/0x3d0 [ 79.152540][ T3252] ? format_decode+0x12d2/0x1f10 [ 79.157228][ T3252] ? report_bug+0x4d5/0x7d0 [ 79.161804][ T3252] ? format_decode+0x12d2/0x1f10 [ 79.166699][ T3252] ? handle_bug+0x41/0x70 [ 79.170959][ T3252] ? exc_invalid_op+0x1b/0x50 [ 79.175388][ T3252] ? asm_exc_invalid_op+0x1b/0x20 [ 79.177453][ T1057] hid-steam 0003:28DE:1142.0016: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0 [ 79.180295][ T3252] ? __warn_printk+0x28e/0x350 [ 79.195549][ T3252] ? format_decode+0x12d2/0x1f10 [ 79.200336][ T3252] ? vsnprintf+0x1c70/0x1c70 [ 79.204737][ T3252] ? bstr_printf+0x1bb/0x1160 [ 79.209246][ T3252] ? memcpy+0x56/0x70 [ 79.213127][ T3252] bstr_printf+0x130/0x1160 [ 79.217413][ T3252] ? vbin_printf+0x1be0/0x1be0 [ 79.221734][ T1057] hid-steam 0003:28DE:1142.0017: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.4-1/input0 [ 79.222215][ T3252] ? bpf_trace_printk+0x122/0x330 [ 79.238162][ T3252] ? memcpy+0x56/0x70 [ 79.242023][ T3252] bpf_trace_printk+0x1b5/0x330 [ 79.246665][ T3252] ? kmem_cache_alloc+0x175/0x320 [ 79.251783][ T3252] ? ktime_get+0xf1/0x160 [ 79.255937][ T3252] ? bpf_probe_write_user+0xf0/0xf0 [ 79.261070][ T3252] ? do_syscall_64+0x3b/0xb0 [ 79.265505][ T3252] ? ktime_get+0xf1/0x160 [ 79.269669][ T3252] bpf_prog_12183cdb1cd51dab+0x2e/0x32 [ 79.274953][ T3252] bpf_test_run+0x4ab/0xa40 [ 79.279298][ T3252] ? convert___skb_to_skb+0x670/0x670 [ 79.284621][ T3252] ? eth_type_trans+0x342/0x710 [ 79.289502][ T3252] ? eth_get_headlen+0x240/0x240 [ 79.294534][ T3252] ? convert___skb_to_skb+0x44/0x670 [ 79.299674][ T3252] ? build_skb+0xde/0x220 [ 79.303837][ T3252] bpf_prog_test_run_skb+0xaf1/0x13a0 [ 79.309051][ T3252] ? __bpf_prog_test_run_raw_tp+0x2e0/0x2e0 [ 79.314787][ T3252] ? __kasan_check_write+0x14/0x20 [ 79.319744][ T3252] ? fput+0x15b/0x1b0 [ 79.319809][ T1057] hid-steam 0003:28DE:1142.0016: Steam wireless receiver connected [ 79.323531][ T3252] ? __bpf_prog_test_run_raw_tp+0x2e0/0x2e0 [ 79.323559][ T3252] bpf_prog_test_run+0x3b0/0x630 [ 79.341793][ T3252] ? bpf_prog_query+0x260/0x260 [ 79.346463][ T3252] ? selinux_bpf+0xd2/0x100 [ 79.350824][ T3252] ? security_bpf+0x82/0xb0 [ 79.355126][ T3252] __sys_bpf+0x59f/0x7f0 [ 79.359205][ T3252] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 79.364440][ T3252] ? fpregs_restore_userregs+0x130/0x290 [ 79.369894][ T3252] __x64_sys_bpf+0x7c/0x90 [ 79.374393][ T3252] x64_sys_call+0x87f/0x9a0 [ 79.378738][ T3252] do_syscall_64+0x3b/0xb0 [ 79.383113][ T3252] ? clear_bhb_loop+0x55/0xb0 [ 79.387548][ T1057] usb 5-1: USB disconnect, device number 10 [ 79.387587][ T3252] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 79.399047][ T3252] RIP: 0033:0x7fecc2785d29 [ 79.400505][ T1057] hid-steam 0003:28DE:1142.0016: Steam wireless receiver disconnected [ 79.403325][ T3252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.430838][ T3252] RSP: 002b:00007fecc35cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 79.439141][ T3252] RAX: ffffffffffffffda RBX: 00007fecc2975fa0 RCX: 00007fecc2785d29 [ 79.446996][ T3252] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 000000000000000a [ 79.454890][ T3252] RBP: 00007fecc2801b08 R08: 0000000000000000 R09: 0000000000000000 [ 79.462700][ T3252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 79.470872][ T3252] R13: 0000000000000000 R14: 00007fecc2975fa0 R15: 00007ffc12686038 [ 79.478661][ T3252] [ 79.481548][ T3252] ---[ end trace 0000000000000000 ]--- [ 79.538610][ T3270] loop0: detected capacity change from 0 to 256 [ 79.586020][ T3278] loop5: detected capacity change from 0 to 256 [ 79.586599][ T3270] FAT-fs (loop0): Directory bread(block 64) failed [ 79.593077][ T3270] FAT-fs (loop0): Directory bread(block 65) failed [ 79.611752][ T3270] FAT-fs (loop0): Directory bread(block 66) failed [ 79.618282][ T3270] FAT-fs (loop0): Directory bread(block 67) failed [ 79.624979][ T3270] FAT-fs (loop0): Directory bread(block 68) failed [ 79.625098][ T3278] FAT-fs (loop5): bogus number of FAT sectors [ 79.631562][ T3270] FAT-fs (loop0): Directory bread(block 69) failed [ 79.643944][ T3270] FAT-fs (loop0): Directory bread(block 70) failed [ 79.647403][ T3278] FAT-fs (loop5): Can't find a valid FAT filesystem [ 79.656806][ T3270] FAT-fs (loop0): Directory bread(block 71) failed [ 79.663153][ T3270] FAT-fs (loop0): Directory bread(block 72) failed [ 79.674649][ T3270] FAT-fs (loop0): Directory bread(block 73) failed [ 79.686085][ T3282] loop6: detected capacity change from 0 to 512 [ 79.724410][ T3282] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 79.733473][ T3282] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.754331][ T3282] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #2: comm syz.6.1236: corrupted inode contents [ 79.766132][ T480] kworker/u4:6: attempt to access beyond end of device [ 79.766132][ T480] loop0: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 79.766211][ T3282] EXT4-fs error (device loop6): ext4_dirty_inode:6091: inode #2: comm syz.6.1236: mark_inode_dirty error [ 79.795995][ T3282] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #2: comm syz.6.1236: corrupted inode contents [ 79.829985][ T3282] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #2: comm syz.6.1236: mark_inode_dirty error [ 79.850565][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.857791][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.865344][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.872719][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.879956][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.887144][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.894415][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.901560][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.915491][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.939564][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.946885][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.954212][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.961551][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.968818][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.980181][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.987465][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 79.994730][ T6] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0 [ 80.002627][ T6] hid-generic 0000:0000:0000.0018: hidraw0: HID v0.00 Device [syz0] on syz0 [ 80.034405][ T1070] EXT4-fs (loop6): unmounting filesystem. [ 80.075597][ T28] audit: type=1400 audit(2000000033.238:456): avc: denied { write } for pid=3297 comm="syz.6.1241" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 80.297017][ T28] audit: type=1400 audit(2000000033.458:457): avc: denied { ioctl } for pid=3313 comm="syz.6.1252" path="/dev/rtc0" dev="devtmpfs" ino=259 ioctlcmd=0x700c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 80.361795][ T319] Bluetooth: hci0: Frame reassembly failed (-84) [ 80.401587][ T3325] loop6: detected capacity change from 0 to 2048 [ 80.426893][ T3325] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 80.547563][ T2270] EXT4-fs (loop6): unmounting filesystem. [ 80.679926][ T24] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 80.810663][ T3357] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.817522][ T3357] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.825301][ T3357] device bridge_slave_0 entered promiscuous mode [ 80.837392][ T3357] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.843235][ T3363] loop0: detected capacity change from 0 to 256 [ 80.844449][ T3357] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.855157][ T3363] exfat: Deprecated parameter 'namecase' [ 80.858034][ T3357] device bridge_slave_1 entered promiscuous mode [ 80.875992][ T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 80.888385][ T3363] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xc2dc8e67, utbl_chksum : 0xe619d30d) [ 80.894653][ T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 80.903518][ T3365] SELinux: failed to load policy [ 80.934456][ T24] usb 4-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 80.953881][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.971689][ T24] usb 4-1: Product: syz [ 80.976754][ T24] usb 4-1: Manufacturer: syz [ 80.982707][ T24] usb 4-1: SerialNumber: syz [ 80.992951][ T24] usb 4-1: config 0 descriptor?? [ 80.997992][ T3327] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 81.006906][ T3327] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 81.077902][ T3357] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.084799][ T3357] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.091925][ T3357] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.098777][ T3357] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.173501][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 81.182371][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 81.193049][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 81.219090][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 81.224386][ T3327] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 81.227621][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 81.233757][ T3327] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 81.249126][ T480] device bridge_slave_1 left promiscuous mode [ 81.255415][ T480] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.263106][ T480] device bridge_slave_0 left promiscuous mode [ 81.269124][ T480] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.276935][ T480] device veth1_macvtap left promiscuous mode [ 81.282843][ T480] device veth0_vlan left promiscuous mode [ 81.395779][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 81.408583][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 81.422044][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 81.429573][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 81.437924][ T3357] device veth0_vlan entered promiscuous mode [ 81.460289][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 81.469989][ T3357] device veth1_macvtap entered promiscuous mode [ 81.480997][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 81.491470][ T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 81.707679][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 81.707696][ T28] audit: type=1400 audit(2000000034.865:459): avc: denied { rmdir } for pid=3410 comm="syz.7.1292" name="file0" dev="incremental-fs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 81.736282][ T40] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 81.771685][ T3415] mmap: syz.7.1294 (3415): VmData 24899584 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 81.920881][ T40] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 81.932112][ T40] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 81.943271][ T40] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 81.956162][ T40] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 81.965127][ T40] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.974204][ T40] usb 5-1: config 0 descriptor?? [ 81.979325][ T3403] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 82.017359][ T3426] loop7: detected capacity change from 0 to 40427 [ 82.025164][ T3426] F2FS-fs (loop7): invalid crc value [ 82.043601][ T3426] F2FS-fs (loop7): Found nat_bits in checkpoint [ 82.048705][ T3431] loop0: detected capacity change from 0 to 1024 [ 82.059208][ T24] dm9601 4-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL [ 82.071399][ T3431] EXT4-fs: Ignoring removed i_version option [ 82.077711][ T3431] EXT4-fs (loop0): Test dummy encryption mode enabled [ 82.079516][ T24] usb 4-1: USB disconnect, device number 13 [ 82.093932][ T3431] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 82.118263][ T3426] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 82.145444][ T296] EXT4-fs (loop0): unmounting filesystem. [ 82.181385][ T3426] syz.7.1299: attempt to access beyond end of device [ 82.181385][ T3426] loop7: rw=0, sector=77824, nr_sectors = 8 limit=40427 [ 82.206725][ T3357] syz-executor: attempt to access beyond end of device [ 82.206725][ T3357] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 82.222895][ T3442] tmpfs: Unknown parameter 'nolazytimep' [ 82.243926][ T3444] input: syz0 as /devices/virtual/input/input23 [ 82.370123][ T45] Bluetooth: hci0: command 0x1003 tx timeout [ 82.376027][ T1471] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 82.394340][ T40] plantronics 0003:047F:FFFF.0019: unknown main item tag 0xd [ 82.404960][ T40] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving [ 82.414050][ T40] plantronics 0003:047F:FFFF.0019: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 82.478741][ T28] audit: type=1400 audit(2000000035.635:460): avc: denied { mounton } for pid=3459 comm="syz.7.1312" path="/14/file0" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=dir permissive=1 [ 82.479583][ T3460] incfs: Error accessing: ./file0/file0. [ 82.506527][ T3460] incfs: mount failed -2 [ 82.646743][ T3470] incfs: Options parsing error. -22 [ 82.651897][ T3470] incfs: mount failed -22 [ 82.669313][ T28] audit: type=1400 audit(2000000035.825:461): avc: denied { read write } for pid=3471 comm="syz.7.1317" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 82.696571][ T28] audit: type=1400 audit(2000000035.855:462): avc: denied { open } for pid=3471 comm="syz.7.1317" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 82.703309][ T1034] usb 5-1: USB disconnect, device number 11 [ 82.781051][ T3467] loop3: detected capacity change from 0 to 40427 [ 82.790352][ T3467] F2FS-fs (loop3): invalid crc value [ 82.796880][ T3467] F2FS-fs (loop3): Found nat_bits in checkpoint [ 82.832575][ T3467] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 82.862834][ T3467] syz.3.1315: attempt to access beyond end of device [ 82.862834][ T3467] loop3: rw=0, sector=77824, nr_sectors = 8 limit=40427 [ 82.881991][ T632] syz-executor: attempt to access beyond end of device [ 82.881991][ T632] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 83.043883][ T3481] loop3: detected capacity change from 0 to 1024 [ 83.071657][ T3481] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 83.234261][ T3488] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 83.250273][ T3488] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 83.327458][ T3497] netlink: 'syz.0.1324': attribute type 1 has an invalid length. [ 83.335343][ T3497] netlink: 'syz.0.1324': attribute type 2 has an invalid length. [ 83.345570][ T3497] netlink: 'syz.0.1324': attribute type 1 has an invalid length. [ 83.353312][ T3497] netlink: 'syz.0.1324': attribute type 2 has an invalid length. [ 83.413195][ T3503] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1328'. [ 83.437291][ T28] audit: type=1400 audit(2000000036.595:463): avc: denied { sys_module } for pid=3504 comm="syz.0.1330" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 83.463916][ T3507] tipc: Started in network mode [ 83.470599][ T3507] tipc: Node identity b65fc411c97b, cluster identity 4711 [ 83.483212][ T3507] tipc: Enabled bearer , priority 10 [ 83.490848][ T28] audit: type=1400 audit(2000000036.655:464): avc: denied { ioctl } for pid=3506 comm="syz.4.1331" path="socket:[29941]" dev="sockfs" ino=29941 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 83.516830][ T3512] syz.4.1333[3512] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 83.516910][ T3512] syz.4.1333[3512] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 83.542501][ T3512] netem: change failed [ 83.599975][ T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 83.682335][ T3528] loop7: detected capacity change from 0 to 512 [ 83.698567][ T3527] loop0: detected capacity change from 0 to 2048 [ 83.726125][ T3528] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 83.740265][ T3528] ext4 filesystem being mounted at /22/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 83.753100][ T3527] Alternate GPT is invalid, using primary GPT. [ 83.765362][ T3527] loop0: p2 p3 p7 [ 83.786966][ T3528] EXT4-fs error (device loop7): ext4_find_dest_de:2115: inode #12: block 32: comm syz.7.1341: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0 [ 83.807994][ T24] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 83.823493][ T24] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 83.865762][ T535] udevd[535]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 83.887013][ T1069] udevd[1069]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 83.889457][ T3521] loop4: detected capacity change from 0 to 40427 [ 83.899964][ T402] udevd[402]: inotify_add_watch(7, /dev/loop0p7, 10) failed: No such file or directory [ 83.916702][ T3521] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 83.922347][ T24] usb 6-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 83.932542][ T3521] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 83.936503][ T28] audit: type=1400 audit(2000000037.095:465): avc: denied { setattr } for pid=3531 comm="syz.0.1342" name="bus" dev="tmpfs" ino=1720 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 83.975642][ T28] audit: type=1400 audit(2000000037.135:466): avc: denied { write } for pid=3531 comm="syz.0.1342" name="bus" dev="tmpfs" ino=1720 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 83.990605][ T3357] EXT4-fs (loop7): unmounting filesystem. [ 83.998355][ T28] audit: type=1400 audit(2000000037.135:467): avc: denied { open } for pid=3531 comm="syz.0.1342" path="/322/file0/bus" dev="tmpfs" ino=1720 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 84.003611][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.034618][ T3521] F2FS-fs (loop4): Found nat_bits in checkpoint [ 84.073014][ T24] usb 6-1: Product: syz [ 84.077447][ T24] usb 6-1: Manufacturer: syz [ 84.082306][ T24] usb 6-1: SerialNumber: syz [ 84.103843][ T24] usb 6-1: config 0 descriptor?? [ 84.118421][ T3499] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 84.129633][ T3499] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 84.159072][ T3521] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 84.168894][ T3521] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 84.178201][ T632] EXT4-fs (loop3): unmounting filesystem. [ 84.231121][ T3551] loop7: detected capacity change from 0 to 256 [ 84.251181][ T3551] exfat: Deprecated parameter 'utf8' [ 84.260230][ T3551] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 84.345242][ T3499] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 84.355389][ T3499] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 84.448513][ T3568] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1358'. [ 84.599735][ T1057] tipc: Node number set to 2133115921 [ 84.611144][ T28] audit: type=1400 audit(2000000037.765:468): avc: denied { remount } for pid=3520 comm="syz.4.1339" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 84.630687][ T3521] F2FS-fs (loop4): Start checkpoint disabled! [ 84.789763][ T40] usb 8-1: new full-speed USB device number 2 using dummy_hcd [ 84.819765][ T321] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 84.990844][ T40] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 85.004954][ T40] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 85.015927][ T321] usb 4-1: Using ep0 maxpacket: 16 [ 85.022060][ T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 85.039290][ T321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 85.049001][ T40] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 85.067085][ T321] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 85.090033][ T40] usb 8-1: New USB device found, idVendor=056a, idProduct=00bb, bcdDevice= 0.00 [ 85.099006][ T40] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.106858][ T321] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 85.120171][ T321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 85.140486][ T321] usb 4-1: config 0 descriptor?? [ 85.145590][ T40] usb 8-1: config 0 descriptor?? [ 85.150816][ T3581] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22 [ 85.219012][ T24] dm9601 6-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL [ 85.232797][ T24] usb 6-1: USB disconnect, device number 9 [ 85.598847][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.607575][ T40] wacom 0003:056A:00BB.001B: Unknown device_type for 'HID 056a:00bb'. Assuming pen. [ 85.616946][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.625069][ T40] wacom 0003:056A:00BB.001B: hidraw0: USB HID v0.00 Device [HID 056a:00bb] on usb-dummy_hcd.7-1/input0 [ 85.636014][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.643801][ T40] input: Wacom Intuos4 12x19 Pen as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:056A:00BB.001B/input/input25 [ 85.655931][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.662948][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.671764][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.678832][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.685931][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.708309][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.715875][ T321] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0 [ 85.728886][ T321] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.001A/input/input28 [ 85.742177][ T321] microsoft 0003:045E:07DA.001A: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 85.762607][ C1] raw-gadget.2 gadget.3: ignoring, device is not running [ 85.769742][ C1] raw-gadget.2 gadget.3: ignoring, device is not running [ 85.789616][ T1057] usb 8-1: USB disconnect, device number 2 [ 85.798042][ T321] usb 4-1: USB disconnect, device number 14 [ 85.813764][ T3594] loop5: detected capacity change from 0 to 2048 [ 85.843404][ T3594] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 85.851910][ T3594] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.878060][ T3594] fs-verity: sha512 using implementation "sha512-avx2" [ 85.908003][ T1011] EXT4-fs (loop5): unmounting filesystem. [ 85.999816][ T1034] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 86.124489][ T3608] SELinux: policydb version 0 does not match my version range 15-33 [ 86.133914][ T3608] SELinux: failed to load policy [ 86.181056][ T1034] usb 5-1: config index 0 descriptor too short (expected 10860, got 146) [ 86.189388][ T1034] usb 5-1: config 0 has too many interfaces: 44, using maximum allowed: 32 [ 86.205947][ T1034] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 86.226510][ T1034] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 44 [ 86.237541][ T3613] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1375'. [ 86.246689][ T1034] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 86.268024][ T1034] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 86.289731][ T1034] usb 5-1: SerialNumber: syz [ 86.300619][ T1034] usb 5-1: config 0 descriptor?? [ 86.329317][ T3619] xt_hashlimit: size too large, truncated to 1048576 [ 86.421193][ T3622] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem [ 86.539227][ T1034] usb 5-1: USB disconnect, device number 12 [ 86.564062][ T3627] loop7: detected capacity change from 0 to 1024 [ 86.593077][ T3627] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 86.615113][ T3627] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 86.673340][ T3357] EXT4-fs (loop7): unmounting filesystem. [ 86.783891][ T3630] loop0: detected capacity change from 0 to 1024 [ 86.806256][ T3630] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 86.833716][ T3630] EXT4-fs error (device loop0): ext4_get_inode_usage:834: inode #2: comm syz.0.1382: corrupted in-inode xattr [ 86.845782][ T3630] EXT4-fs (loop0): Remounting filesystem read-only [ 86.853735][ T3630] EXT4-fs error (device loop0): ext4_xattr_ibody_get:603: inode #2: comm syz.0.1382: corrupted in-inode xattr [ 86.865467][ T3630] EXT4-fs (loop0): Remounting filesystem read-only [ 86.879522][ T296] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2739: inode #2: comm syz-executor: corrupted in-inode xattr [ 86.892197][ T296] EXT4-fs (loop0): Remounting filesystem read-only [ 86.903061][ T296] EXT4-fs (loop0): unmounting filesystem. [ 87.181360][ T3641] loop3: detected capacity change from 0 to 256 [ 87.208398][ T3645] loop0: detected capacity change from 0 to 2048 [ 87.221686][ T3645] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 87.235136][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 87.235155][ T28] audit: type=1400 audit(2000000040.395:471): avc: denied { execute } for pid=3644 comm="syz.0.1388" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 87.264024][ T320] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 87.264280][ T28] audit: type=1400 audit(2000000040.395:472): avc: denied { execute_no_trans } for pid=3644 comm="syz.0.1388" path="/333/file0/file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 87.301147][ T320] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 87.352949][ T28] audit: type=1400 audit(2000000040.515:473): avc: denied { map } for pid=3652 comm="syz.7.1391" path="socket:[30787]" dev="sockfs" ino=30787 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 87.381343][ T320] EXT4-fs (loop0): This should not happen!! Data will be lost [ 87.381343][ T320] [ 87.391805][ T28] audit: type=1400 audit(2000000040.515:474): avc: denied { read accept } for pid=3652 comm="syz.7.1391" path="socket:[30787]" dev="sockfs" ino=30787 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 87.420695][ T320] EXT4-fs (loop0): Total free blocks count 0 [ 87.434580][ T320] EXT4-fs (loop0): Free/Dirty block details [ 87.457930][ T320] EXT4-fs (loop0): free_blocks=2415919104 [ 87.464057][ T320] EXT4-fs (loop0): dirty_blocks=16 [ 87.470940][ T320] EXT4-fs (loop0): Block reservation details [ 87.490009][ T320] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 87.503170][ T296] EXT4-fs (loop0): unmounting filesystem. [ 87.619758][ T3674] loop3: detected capacity change from 0 to 2048 [ 87.627482][ T1034] hid-generic 0000:0003:0000.001C: unknown main item tag 0x0 [ 87.635490][ T1034] hid-generic 0000:0003:0000.001C: unknown main item tag 0x0 [ 87.643682][ T1034] hid-generic 0000:0003:0000.001C: hidraw0: HID v0.00 Device [syz0] on syz1 [ 87.661188][ T3674] Alternate GPT is invalid, using primary GPT. [ 87.667312][ T3674] loop3: p1 p2 p3 [ 87.878587][ T3710] loop7: detected capacity change from 0 to 128 [ 87.889376][ T3710] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 87.898530][ T3710] ext4 filesystem being mounted at /48/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 87.965555][ T3714] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 87.997906][ T3716] loop4: detected capacity change from 0 to 128 [ 88.003821][ T3694] mmap: syz.3.1408 (3694) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 88.040419][ T3716] EXT4-fs (loop4): Test dummy encryption mode enabled [ 88.072986][ T3716] ext4 filesystem being mounted at /315/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 88.099328][ T3720] loop7: detected capacity change from 0 to 256 [ 88.099812][ T321] usb 1-1: new full-speed USB device number 12 using dummy_hcd [ 88.136405][ T3720] FAT-fs (loop7): Directory bread(block 64) failed [ 88.143411][ T3720] FAT-fs (loop7): Directory bread(block 65) failed [ 88.150069][ T3720] FAT-fs (loop7): Directory bread(block 66) failed [ 88.153829][ T3716] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 88.169742][ T3720] FAT-fs (loop7): Directory bread(block 67) failed [ 88.176616][ T3720] FAT-fs (loop7): Directory bread(block 68) failed [ 88.182072][ T3725] loop3: detected capacity change from 0 to 256 [ 88.182936][ T3720] FAT-fs (loop7): Directory bread(block 69) failed [ 88.195675][ T3720] FAT-fs (loop7): Directory bread(block 70) failed [ 88.202193][ T3720] FAT-fs (loop7): Directory bread(block 71) failed [ 88.208619][ T3720] FAT-fs (loop7): Directory bread(block 72) failed [ 88.214907][ T28] audit: type=1400 audit(2000000041.365:475): avc: denied { rename } for pid=3715 comm="syz.4.1419" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 88.236632][ T3720] FAT-fs (loop7): Directory bread(block 73) failed [ 88.236898][ T3725] FAT-fs (loop3): Unrecognized mount option "shortnaŁčme=winnt" or missing value [ 88.246215][ T28] audit: type=1400 audit(2000000041.365:476): avc: denied { reparent } for pid=3715 comm="syz.4.1419" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 88.330816][ T321] usb 1-1: config 0 has an invalid interface number: 20 but max is 0 [ 88.358804][ T321] usb 1-1: config 0 has no interface number 0 [ 88.375725][ T321] usb 1-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 88.401761][ T321] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 88.410802][ T3743] syz.4.1430[3743] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.410891][ T3743] syz.4.1430[3743] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 88.422124][ T321] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 88.447604][ T321] usb 1-1: Product: syz [ 88.451640][ T321] usb 1-1: Manufacturer: syz [ 88.456031][ T321] usb 1-1: SerialNumber: syz [ 88.473604][ T3747] loop5: detected capacity change from 0 to 512 [ 88.480168][ T321] usb 1-1: config 0 descriptor?? [ 88.485227][ T3703] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 88.502111][ T3745] loop3: detected capacity change from 0 to 2048 [ 88.524403][ T321] usb-storage 1-1:0.20: USB Mass Storage device detected [ 88.525204][ T3747] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.554023][ T3745] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 88.585227][ T321] usb-storage 1-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 88.601355][ T3745] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 1 with error 28 [ 88.628017][ T3747] EXT4-fs (loop5): re-mounted. Quota mode: writeback. [ 88.631193][ T3745] EXT4-fs (loop3): This should not happen!! Data will be lost [ 88.631193][ T3745] [ 88.650939][ T3745] EXT4-fs (loop3): Total free blocks count 0 [ 88.657593][ T3745] EXT4-fs (loop3): Free/Dirty block details [ 88.662808][ T3764] loop7: detected capacity change from 0 to 1024 [ 88.665012][ T3745] EXT4-fs (loop3): free_blocks=2415919504 [ 88.675910][ T3745] EXT4-fs (loop3): dirty_blocks=16 [ 88.681402][ T3745] EXT4-fs (loop3): Block reservation details [ 88.690858][ T3745] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 88.719776][ T321] scsi host1: usb-storage 1-1:0.20 [ 88.736265][ T3762] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28 [ 88.748742][ T3762] EXT4-fs (loop3): This should not happen!! Data will be lost [ 88.748742][ T3762] [ 88.913487][ T6] usb 1-1: USB disconnect, device number 12 [ 88.976349][ T3806] loop4: detected capacity change from 0 to 2048 [ 89.044896][ T3806] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 89.069863][ T3806] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 1 with error 28 [ 89.092024][ T28] audit: type=1326 audit(2000000042.255:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3809 comm="syz.3.1456" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fecc2785d29 code=0x0 [ 89.092723][ T3806] EXT4-fs (loop4): This should not happen!! Data will be lost [ 89.092723][ T3806] [ 89.128817][ T3806] EXT4-fs (loop4): Total free blocks count 0 [ 89.134712][ T3806] EXT4-fs (loop4): Free/Dirty block details [ 89.140519][ T3806] EXT4-fs (loop4): free_blocks=2415919504 [ 89.146403][ T3806] EXT4-fs (loop4): dirty_blocks=16 [ 89.151532][ T3806] EXT4-fs (loop4): Block reservation details [ 89.157370][ T3806] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 89.163556][ T3816] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28 [ 89.176265][ T3816] EXT4-fs (loop4): This should not happen!! Data will be lost [ 89.176265][ T3816] [ 89.218149][ T3819] loop7: detected capacity change from 0 to 256 [ 89.387351][ T3833] loop7: detected capacity change from 0 to 2048 [ 89.435763][ T3833] Alternate GPT is invalid, using primary GPT. [ 89.454793][ T3833] loop7: p1 p2 p3 [ 89.510764][ T3845] loop5: detected capacity change from 0 to 128 [ 89.527661][ T3845] EXT4-fs (loop5): Test dummy encryption mode enabled [ 89.557085][ T3845] ext4 filesystem being mounted at /205/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 89.646561][ T3837] loop4: detected capacity change from 0 to 40427 [ 89.653494][ T3837] F2FS-fs (loop4): Unrecognized mount option "fault_injection=08" or missing value [ 89.759757][ T321] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 89.852155][ T3856] input: syz0 as /devices/virtual/input/input29 [ 89.889819][ T6] usb 6-1: new full-speed USB device number 10 using dummy_hcd [ 89.939817][ T321] usb 1-1: Using ep0 maxpacket: 16 [ 89.947863][ T321] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00 [ 89.957134][ T321] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.964996][ T321] usb 1-1: Product: syz [ 89.968941][ T321] usb 1-1: Manufacturer: syz [ 89.973457][ T321] usb 1-1: SerialNumber: syz [ 89.985863][ T321] usb 1-1: config 0 descriptor?? [ 89.991953][ T321] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 89.999585][ T321] usb 1-1: Detected FT-X [ 90.021301][ T480] Bluetooth: hci0: Frame reassembly failed (-84) [ 90.080810][ T6] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 90.091787][ T6] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 90.102653][ T6] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 90.115424][ T6] usb 6-1: New USB device found, idVendor=056a, idProduct=00bb, bcdDevice= 0.00 [ 90.124394][ T6] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.136000][ T6] usb 6-1: config 0 descriptor?? [ 90.141164][ T3852] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 90.193357][ T321] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 90.503389][ T3882] loop7: detected capacity change from 0 to 2048 [ 90.553210][ T3882] Alternate GPT is invalid, using primary GPT. [ 90.555222][ T6] wacom 0003:056A:00BB.001D: Unknown device_type for 'HID 056a:00bb'. Assuming pen. [ 90.559469][ T3882] loop7: p2 p3 p7 [ 90.573277][ T6] wacom 0003:056A:00BB.001D: hidraw0: USB HID v0.00 Device [HID 056a:00bb] on usb-dummy_hcd.5-1/input0 [ 90.585174][ T6] input: Wacom Intuos4 12x19 Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:00BB.001D/input/input30 [ 90.603215][ T321] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 90.613635][ T102] Alternate GPT is invalid, using primary GPT. [ 90.626221][ T102] loop7: p2 p3 p7 [ 90.649670][ T1069] udevd[1069]: inotify_add_watch(7, /dev/loop7p2, 10) failed: No such file or directory [ 90.650284][ T535] udevd[535]: inotify_add_watch(7, /dev/loop7p3, 10) failed: No such file or directory [ 90.668786][ T1069] udevd[1069]: inotify_add_watch(7, /dev/loop7p7, 10) failed: No such file or directory [ 90.706165][ T402] udevd[402]: inotify_add_watch(7, /dev/loop7p3, 10) failed: No such file or directory [ 90.706171][ T407] udevd[407]: inotify_add_watch(7, /dev/loop7p7, 10) failed: No such file or directory [ 90.727376][ T3595] udevd[3595]: inotify_add_watch(7, /dev/loop7p2, 10) failed: No such file or directory [ 90.767823][ T3899] loop4: detected capacity change from 0 to 128 [ 90.768089][ T321] usb 6-1: USB disconnect, device number 10 [ 90.774678][ T3899] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 90.800250][ T3899] FAT-fs (loop4): FAT read failed (blocknr 128) [ 90.806479][ T24] usb 1-1: USB disconnect, device number 13 [ 90.825785][ T480] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 90.836891][ T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 90.856703][ T24] ftdi_sio 1-1:0.0: device disconnected [ 91.099757][ T6] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 91.600613][ T6] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.613738][ T6] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 91.624408][ T6] usb 8-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 91.633534][ T6] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.650112][ T6] usb 8-1: config 0 descriptor?? [ 91.721099][ T28] audit: type=1400 audit(2000000044.885:478): avc: denied { setopt } for pid=3921 comm="syz.5.1501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 91.749807][ T321] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 91.763106][ T3925] loop5: detected capacity change from 0 to 1024 [ 91.781399][ T3925] EXT4-fs: Ignoring removed nobh option [ 91.791260][ T3925] EXT4-fs error (device loop5): ext4_ext_check_inode:520: inode #11: comm syz.5.1502: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 91.810935][ T3925] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.1502: couldn't read orphan inode 11 (err -117) [ 91.830329][ T3925] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:477: comm syz.5.1502: Invalid block bitmap block 0 in block_group 0 [ 91.844248][ T3925] Quota error (device loop5): write_blk: dquota write failed [ 91.851592][ T3925] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 91.863259][ T3925] EXT4-fs error (device loop5): ext4_acquire_dquot:6788: comm syz.5.1502: Failed to acquire dquot type 0 [ 91.880969][ T3925] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.1502: Invalid inode bitmap blk 137438953472 in block_group 0 [ 91.901750][ T480] EXT4-fs error (device loop5): __ext4_get_inode_loc:4508: comm kworker/u4:6: Invalid inode table block 8589934593 in block_group 0 [ 91.930769][ T3930] loop5: detected capacity change from 0 to 1024 [ 91.937378][ T3930] EXT4-fs: Ignoring removed nobh option [ 91.942876][ T3930] EXT4-fs: Ignoring removed mblk_io_submit option [ 91.949576][ T3930] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 91.961309][ T321] usb 1-1: config index 0 descriptor too short (expected 10860, got 146) [ 91.969638][ T321] usb 1-1: config 0 has too many interfaces: 44, using maximum allowed: 32 [ 91.978434][ T321] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 91.988408][ T321] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 44 [ 91.998023][ T321] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 92.006920][ T321] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 92.010015][ T3930] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3841: comm syz.5.1503: Allocating blocks 497-513 which overlap fs metadata [ 92.014800][ T321] usb 1-1: SerialNumber: syz [ 92.039558][ T321] usb 1-1: config 0 descriptor?? [ 92.049748][ T1827] Bluetooth: hci0: command 0x1003 tx timeout [ 92.055595][ T1471] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 92.067005][ T6] hid-led 0003:0FC5:B080.001E: unknown main item tag 0x0 [ 92.078768][ T3929] EXT4-fs (loop5): pa ffff888131e5bc78: logic 32, phys. 177, len 21 [ 92.086670][ T3929] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 92.131720][ T3940] loop5: detected capacity change from 0 to 128 [ 92.147515][ T3940] ext4 filesystem being mounted at /212/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 92.199129][ T3940] EXT4-fs (loop5): shut down requested (2) [ 92.229547][ T320] Bluetooth: hci0: Frame reassembly failed (-84) [ 92.261899][ T1050] usb 1-1: USB disconnect, device number 14 [ 92.342839][ T3955] usb usb9: check_ctrlrecip: process 3955 (syz.5.1514) requesting ep 01 but needs 81 [ 92.352634][ T3955] usb usb9: usbfs: process 3955 (syz.5.1514) did not claim interface 0 before use [ 92.380453][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 92.380470][ T28] audit: type=1400 audit(2000000045.545:480): avc: denied { mount } for pid=3956 comm="syz.5.1515" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 92.679261][ T6] usb 8-1: USB disconnect, device number 3 [ 92.783107][ T3987] loop0: detected capacity change from 0 to 128 [ 92.799839][ T3987] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 92.851258][ T3987] FAT-fs (loop0): FAT read failed (blocknr 128) [ 92.859903][ T3993] device bridge2 entered promiscuous mode [ 92.906347][ T480] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 93.175503][ T4016] loop0: detected capacity change from 0 to 256 [ 93.184290][ T4016] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 93.212704][ T4016] exFAT-fs (loop0): hint_cluster is invalid (17) [ 93.227662][ T4020] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1542'. [ 93.250130][ T6] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 93.419801][ T24] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 93.450974][ T6] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 93.464663][ T6] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 93.473566][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 93.481368][ T6] usb 5-1: SerialNumber: syz [ 93.600928][ T24] usb 6-1: config index 0 descriptor too short (expected 10860, got 146) [ 93.609341][ T24] usb 6-1: config 0 has too many interfaces: 44, using maximum allowed: 32 [ 93.617793][ T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 93.627672][ T24] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 44 [ 93.637192][ T24] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 93.646106][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 93.653880][ T24] usb 6-1: SerialNumber: syz [ 93.658980][ T24] usb 6-1: config 0 descriptor?? [ 93.866466][ T1057] usb 6-1: USB disconnect, device number 11 [ 94.091730][ T6] cdc_ether 5-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 94.112662][ T28] audit: type=1400 audit(2000000047.275:481): avc: denied { read } for pid=140 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 94.144002][ T4030] loop0: detected capacity change from 0 to 16 [ 94.153524][ T4032] loop7: detected capacity change from 0 to 128 [ 94.168217][ T28] audit: type=1400 audit(2000000047.275:482): avc: denied { search } for pid=140 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 94.173242][ T4030] erofs: (device loop0): mounted with root inode @ nid 36. [ 94.196747][ T4032] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 94.215625][ T28] audit: type=1400 audit(2000000047.375:483): avc: denied { read } for pid=4034 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=420 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 94.241938][ T4032] FAT-fs (loop7): FAT read failed (blocknr 128) [ 94.267852][ T28] audit: type=1400 audit(2000000047.375:484): avc: denied { open } for pid=4034 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=420 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 94.289757][ T1827] Bluetooth: hci0: command 0x1003 tx timeout [ 94.297572][ T1471] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 94.304502][ T480] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 94.305598][ T28] audit: type=1400 audit(2000000047.375:485): avc: denied { getattr } for pid=4034 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=420 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 94.325692][ T3947] Bluetooth: hci0: Opcode 0x0c1a failed: -22 [ 94.356315][ T28] audit: type=1400 audit(2000000047.515:486): avc: denied { write } for pid=4033 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=419 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 94.379290][ T28] audit: type=1400 audit(2000000047.515:487): avc: denied { add_name } for pid=4033 comm="dhcpcd-run-hook" name="resolv.conf.eth1.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 94.396878][ T4047] loop7: detected capacity change from 0 to 256 [ 94.412225][ T4046] device bridge1 entered promiscuous mode [ 94.435462][ T28] audit: type=1400 audit(2000000047.595:488): avc: denied { remove_name } for pid=4048 comm="rm" name="resolv.conf.eth1.link" dev="tmpfs" ino=9357 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 94.505619][ T321] usb 5-1: USB disconnect, device number 13 [ 94.512028][ T321] cdc_ether 5-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device [ 94.638152][ T4070] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1558'. [ 94.655653][ T28] audit: type=1326 audit(2000000047.815:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4072 comm="syz.3.1560" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fecc2785d29 code=0x0 [ 94.725187][ T4079] capability: warning: `syz.5.1562' uses 32-bit capabilities (legacy support in use) [ 94.825342][ T4080] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.836236][ T4080] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.850915][ T4080] device bridge_slave_0 entered promiscuous mode [ 94.867282][ T4080] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.876609][ T4080] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.884488][ T4080] device bridge_slave_1 entered promiscuous mode [ 94.903525][ T4100] device bridge1 entered promiscuous mode [ 95.007344][ T4080] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.014262][ T4080] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.021367][ T4080] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.028657][ T4080] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.075169][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.085344][ T319] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.111459][ T319] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.138097][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 95.149852][ T1057] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 95.155250][ T319] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.164311][ T319] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.183773][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 95.192426][ T319] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.199297][ T319] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.201019][ T4128] loop7: detected capacity change from 0 to 128 [ 95.233760][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 95.243918][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 95.258534][ T320] device bridge_slave_1 left promiscuous mode [ 95.266548][ T320] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.278158][ T320] device bridge_slave_0 left promiscuous mode [ 95.288179][ T320] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.299498][ T4136] loop4: detected capacity change from 0 to 16 [ 95.313391][ T4136] erofs: (device loop4): mounted with root inode @ nid 36. [ 95.315533][ T320] device veth0_vlan left promiscuous mode [ 95.340974][ T1057] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 95.351143][ T1057] usb 6-1: config 0 has no interfaces? [ 95.357905][ T1057] usb 6-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 95.366840][ T1057] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.375356][ T1057] usb 6-1: Product: syz [ 95.379377][ T1057] usb 6-1: Manufacturer: syz [ 95.383853][ T1057] usb 6-1: SerialNumber: syz [ 95.390256][ T1057] usb 6-1: config 0 descriptor?? [ 95.437606][ T4080] device veth0_vlan entered promiscuous mode [ 95.463065][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 95.473774][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 95.482550][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 95.493558][ T319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 95.505055][ T6] ================================================================== [ 95.512941][ T6] BUG: KASAN: use-after-free in enqueue_timer+0xa6/0x480 [ 95.519882][ T6] Write of size 8 at addr ffff888137870a00 by task kworker/0:0/6 [ 95.527545][ T6] [ 95.529717][ T6] CPU: 0 PID: 6 Comm: kworker/0:0 Tainted: G W 6.1.118-syzkaller-00019-ge09bed30088f #0 [ 95.540648][ T6] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 95.550547][ T6] Workqueue: ipv6_addrconf addrconf_dad_work [ 95.556361][ T6] Call Trace: [ 95.559484][ T6] [ 95.562262][ T6] dump_stack_lvl+0x151/0x1b7 [ 95.566778][ T6] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 95.572068][ T6] ? _printk+0xd1/0x111 [ 95.576149][ T6] ? __virt_addr_valid+0x242/0x2f0 [ 95.581616][ T6] print_report+0x158/0x4e0 [ 95.585996][ T6] ? __virt_addr_valid+0x242/0x2f0 [ 95.590918][ T6] ? kasan_complete_mode_report_info+0x90/0x1b0 [ 95.596993][ T6] ? enqueue_timer+0xa6/0x480 [ 95.601490][ T6] kasan_report+0x13c/0x170 [ 95.605831][ T6] ? enqueue_timer+0xa6/0x480 [ 95.610344][ T6] __asan_report_store8_noabort+0x17/0x20 [ 95.615902][ T6] enqueue_timer+0xa6/0x480 [ 95.620239][ T6] __mod_timer+0x8d3/0xcf0 [ 95.624490][ T6] ? __kasan_check_write+0x14/0x20 [ 95.629525][ T6] ? crng_make_state+0x22f/0x430 [ 95.634298][ T6] ? mod_timer_pending+0x30/0x30 [ 95.639070][ T6] ? __kasan_check_write+0x14/0x20 [ 95.644019][ T6] ? try_to_grab_pending+0x1de/0x5d0 [ 95.649140][ T6] add_timer+0x68/0x80 [ 95.653047][ T6] __queue_delayed_work+0x16d/0x1f0 [ 95.658083][ T6] mod_delayed_work_on+0xee/0x190 [ 95.662938][ T6] ? mld_ifc_event+0x20a/0x2b0 [ 95.667542][ T6] ? __queue_delayed_work+0x1f0/0x1f0 [ 95.672750][ T6] ? mld_del_delrec+0x7a0/0x7a0 [ 95.677435][ T6] addrconf_mod_dad_work+0x81/0x120 [ 95.682468][ T6] addrconf_dad_kick+0x2df/0x3f0 [ 95.687243][ T6] ? addrconf_dad_completed+0xdb0/0xdb0 [ 95.692634][ T6] addrconf_dad_work+0x1164/0x16b0 [ 95.697574][ T6] ? _raw_spin_unlock+0x4c/0x70 [ 95.702259][ T6] ? ipv6_get_saddr_eval+0xf00/0xf00 [ 95.707378][ T6] ? pwq_activate_inactive_work+0x366/0x4a0 [ 95.713106][ T6] ? __kasan_check_read+0x11/0x20 [ 95.717964][ T6] ? read_word_at_a_time+0x12/0x20 [ 95.722911][ T6] ? strscpy+0x9c/0x260 [ 95.726904][ T6] process_one_work+0x73d/0xcb0 [ 95.731596][ T6] worker_thread+0xa60/0x1260 [ 95.736110][ T6] kthread+0x26d/0x300 [ 95.740011][ T6] ? worker_clr_flags+0x1a0/0x1a0 [ 95.744874][ T6] ? kthread_blkcg+0xd0/0xd0 [ 95.749296][ T6] ret_from_fork+0x1f/0x30 [ 95.753576][ T6] [ 95.756429][ T6] [ 95.758583][ T6] Allocated by task 3947: [ 95.762767][ T6] kasan_set_track+0x4b/0x70 [ 95.767175][ T6] kasan_save_alloc_info+0x1f/0x30 [ 95.772308][ T6] __kasan_kmalloc+0x9c/0xb0 [ 95.776723][ T6] __kmalloc+0xb4/0x1e0 [ 95.780717][ T6] hci_alloc_dev_priv+0x27/0x1c00 [ 95.785577][ T6] hci_uart_tty_ioctl+0x401/0xa70 [ 95.790439][ T6] tty_ioctl+0x903/0xc50 [ 95.794518][ T6] __se_sys_ioctl+0x114/0x190 [ 95.799030][ T6] __x64_sys_ioctl+0x7b/0x90 [ 95.803473][ T6] x64_sys_call+0x98/0x9a0 [ 95.807712][ T6] do_syscall_64+0x3b/0xb0 [ 95.811961][ T6] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 95.817692][ T6] [ 95.819860][ T6] Freed by task 3947: [ 95.823678][ T6] kasan_set_track+0x4b/0x70 [ 95.828103][ T6] kasan_save_free_info+0x2b/0x40 [ 95.832966][ T6] ____kasan_slab_free+0x131/0x180 [ 95.837911][ T6] __kasan_slab_free+0x11/0x20 [ 95.842510][ T6] __kmem_cache_free+0x21d/0x410 [ 95.847285][ T6] kfree+0x7a/0xf0 [ 95.850852][ T6] hci_release_dev+0x14d3/0x1640 [ 95.855615][ T6] bt_host_release+0x83/0xa0 [ 95.860044][ T6] device_release+0x95/0x1c0 [ 95.864471][ T6] kobject_put+0x178/0x260 [ 95.868733][ T6] put_device+0x1f/0x30 [ 95.872716][ T6] hci_dev_cmd+0x2be/0x9b0 [ 95.876972][ T6] hci_sock_ioctl+0x415/0x7f0 [ 95.881485][ T6] sock_do_ioctl+0x152/0x450 [ 95.885921][ T6] sock_ioctl+0x455/0x740 [ 95.890073][ T6] __se_sys_ioctl+0x114/0x190 [ 95.894588][ T6] __x64_sys_ioctl+0x7b/0x90 [ 95.899012][ T6] x64_sys_call+0x98/0x9a0 [ 95.903357][ T6] do_syscall_64+0x3b/0xb0 [ 95.907624][ T6] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 95.913339][ T6] [ 95.915505][ T6] Last potentially related work creation: [ 95.921061][ T6] kasan_save_stack+0x3b/0x60 [ 95.925571][ T6] __kasan_record_aux_stack+0xb4/0xc0 [ 95.930779][ T6] kasan_record_aux_stack_noalloc+0xb/0x10 [ 95.936425][ T6] insert_work+0x56/0x310 [ 95.940607][ T6] __queue_work+0x9b6/0xd70 [ 95.944936][ T6] queue_work_on+0x105/0x170 [ 95.949351][ T6] __hci_cmd_sync_sk+0xc2a/0xf70 [ 95.954127][ T6] hci_cmd_sync_status+0x52/0x130 [ 95.958988][ T6] hci_dev_cmd+0x39e/0x9b0 [ 95.963241][ T6] hci_sock_ioctl+0x415/0x7f0 [ 95.967753][ T6] sock_do_ioctl+0x152/0x450 [ 95.972180][ T6] sock_ioctl+0x455/0x740 [ 95.976347][ T6] __se_sys_ioctl+0x114/0x190 [ 95.980856][ T6] __x64_sys_ioctl+0x7b/0x90 [ 95.985282][ T6] x64_sys_call+0x98/0x9a0 [ 95.989535][ T6] do_syscall_64+0x3b/0xb0 [ 95.993790][ T6] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 95.999518][ T6] [ 96.001691][ T6] Second to last potentially related work creation: [ 96.008113][ T6] kasan_save_stack+0x3b/0x60 [ 96.012624][ T6] __kasan_record_aux_stack+0xb4/0xc0 [ 96.017833][ T6] kasan_record_aux_stack_noalloc+0xb/0x10 [ 96.023476][ T6] insert_work+0x56/0x310 [ 96.027641][ T6] __queue_work+0x9b6/0xd70 [ 96.031978][ T6] queue_work_on+0x105/0x170 [ 96.036405][ T6] hci_cmd_timeout+0x199/0x200 [ 96.041015][ T6] process_one_work+0x73d/0xcb0 [ 96.045694][ T6] worker_thread+0xa60/0x1260 [ 96.050209][ T6] kthread+0x26d/0x300 [ 96.054113][ T6] ret_from_fork+0x1f/0x30 [ 96.058366][ T6] [ 96.060537][ T6] The buggy address belongs to the object at ffff888137870000 [ 96.060537][ T6] which belongs to the cache kmalloc-8k of size 8192 [ 96.074424][ T6] The buggy address is located 2560 bytes inside of [ 96.074424][ T6] 8192-byte region [ffff888137870000, ffff888137872000) [ 96.087959][ T6] [ 96.090106][ T6] The buggy address belongs to the physical page: [ 96.096369][ T6] page:ffffea0004de1c00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x137870 [ 96.106602][ T6] head:ffffea0004de1c00 order:3 compound_mapcount:0 compound_pincount:0 [ 96.114765][ T6] flags: 0x4000000000010200(slab|head|zone=1) [ 96.120758][ T6] raw: 4000000000010200 ffffea000448ea00 dead000000000002 ffff888100043500 [ 96.129183][ T6] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000 [ 96.137606][ T6] page dumped because: kasan: bad access detected [ 96.143924][ T6] page_owner tracks the page as allocated [ 96.149558][ T6] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 3189, tgid 3188 (syz.6.1200), ts 76971993109, free_ts 76959674100 [ 96.172910][ T6] post_alloc_hook+0x213/0x220 [ 96.177502][ T6] prep_new_page+0x1b/0x110 [ 96.181841][ T6] get_page_from_freelist+0x2f41/0x2fc0 [ 96.187223][ T6] __alloc_pages+0x234/0x610 [ 96.191650][ T6] alloc_slab_page+0x6c/0xf0 [ 96.196078][ T6] new_slab+0x90/0x3e0 [ 96.199980][ T6] ___slab_alloc+0x6f9/0xb80 [ 96.204408][ T6] __slab_alloc+0x5d/0xa0 [ 96.208576][ T6] __kmem_cache_alloc_node+0x207/0x2a0 [ 96.213869][ T6] __kmalloc_node_track_caller+0xa2/0x1e0 [ 96.219421][ T6] __alloc_skb+0x125/0x2d0 [ 96.223760][ T6] netlink_dump+0x1f0/0xd40 [ 96.228101][ T6] netlink_recvmsg+0x6ca/0x1180 [ 96.232788][ T6] ____sys_recvmsg+0x285/0x530 [ 96.237387][ T6] do_recvmmsg+0x46d/0xab0 [ 96.241641][ T6] __x64_sys_recvmmsg+0x1b4/0x240 [ 96.246504][ T6] page last free stack trace: [ 96.251014][ T6] free_unref_page_prepare+0x83d/0x850 [ 96.256398][ T6] free_unref_page+0xb2/0x5c0 [ 96.260925][ T6] __free_pages+0x61/0xf0 [ 96.265092][ T6] __free_slab+0xce/0x1a0 [ 96.269247][ T6] __unfreeze_partials+0x165/0x1a0 [ 96.274199][ T6] put_cpu_partial+0xa9/0x100 [ 96.278700][ T6] __slab_free+0x1c8/0x280 [ 96.282954][ T6] ___cache_free+0xc6/0xd0 [ 96.287207][ T6] qlist_free_all+0xc5/0x140 [ 96.291634][ T6] kasan_quarantine_reduce+0x15a/0x180 [ 96.296928][ T6] __kasan_slab_alloc+0x24/0x80 [ 96.301615][ T6] slab_post_alloc_hook+0x53/0x2c0 [ 96.306568][ T6] kmem_cache_alloc+0x175/0x320 [ 96.311247][ T6] getname_flags+0xba/0x520 [ 96.315586][ T6] __x64_sys_mkdirat+0x7c/0xa0 [ 96.320191][ T6] x64_sys_call+0x6c6/0x9a0 [ 96.324527][ T6] [ 96.326696][ T6] Memory state around the buggy address: [ 96.332172][ T6] ffff888137870900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.340068][ T6] ffff888137870980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.347966][ T6] >ffff888137870a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.355861][ T6] ^ [ 96.359769][ T6] ffff888137870a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.367665][ T6] ffff888137870b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 96.375562][ T6] ================================================================== [ 96.383459][ T6] Disabling lock debugging due to kernel taint SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 96.390103][ C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 96.401762][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 96.409983][ C0] CPU: 0 PID: 6 Comm: kworker/0:0 Tainted: G B W 6.1.118-syzkaller-00019-ge09bed30088f #0 [ 96.420925][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 96.430810][ C0] Workqueue: ipv6_addrconf addrconf_dad_work [ 96.436617][ C0] RIP: 0010:__queue_work+0x4f1/0xd70 [ 96.442088][ C0] Code: 39 03 0f 84 40 01 00 00 e8 8c 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 60 e1 71 00 49 8b 3e e8 98 cc d6 [ 96.461528][ C0] RSP: 0018:ffffc90000007c98 EFLAGS: 00010046 [ 96.467428][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888100385100 [ 96.475248][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 96.483053][ C0] RBP: ffffc90000007d20 R08: ffffffff814b186b R09: 0000000000000007 [ 96.490866][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881378709c8 [ 96.498674][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881378709e0 [ 96.506485][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 96.515249][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.521674][ C0] CR2: 00007ffc3a506ff8 CR3: 0000000129f82000 CR4: 00000000003506b0 [ 96.529488][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 96.537297][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 96.545106][ C0] Call Trace: [ 96.548230][ C0] [ 96.550924][ C0] ? __die_body+0x62/0xb0 [ 96.555089][ C0] ? die_addr+0x9f/0xd0 [ 96.559081][ C0] ? exc_general_protection+0x317/0x4c0 [ 96.564556][ C0] ? asm_exc_general_protection+0x27/0x30 [ 96.570115][ C0] ? __queue_work+0x28b/0xd70 [ 96.574715][ C0] ? __queue_work+0x4f1/0xd70 [ 96.579330][ C0] ? __queue_work+0x29c/0xd70 [ 96.583856][ C0] delayed_work_timer_fn+0x61/0x80 [ 96.588796][ C0] ? queue_work_node+0x1d0/0x1d0 [ 96.593565][ C0] call_timer_fn+0x3b/0x2d0 [ 96.597907][ C0] ? queue_work_node+0x1d0/0x1d0 [ 96.602680][ C0] __run_timers+0x756/0xa10 [ 96.607034][ C0] ? calc_index+0x270/0x270 [ 96.611361][ C0] run_timer_softirq+0x69/0xf0 [ 96.615963][ C0] handle_softirqs+0x1db/0x650 [ 96.620568][ C0] __do_softirq+0xb/0xd [ 96.624556][ C0] do_softirq+0xf6/0x150 [ 96.628721][ C0] [ 96.631504][ C0] [ 96.634289][ C0] ? __local_bh_enable_ip+0x80/0x80 [ 96.639315][ C0] ? addrconf_dad_completed+0xdb0/0xdb0 [ 96.644695][ C0] __local_bh_enable_ip+0x75/0x80 [ 96.649560][ C0] _raw_read_unlock_bh+0x29/0x30 [ 96.654324][ C0] addrconf_dad_work+0x1176/0x16b0 [ 96.659271][ C0] ? _raw_spin_unlock+0x4c/0x70 [ 96.663954][ C0] ? ipv6_get_saddr_eval+0xf00/0xf00 [ 96.669075][ C0] ? pwq_activate_inactive_work+0x366/0x4a0 [ 96.674802][ C0] ? __kasan_check_read+0x11/0x20 [ 96.679748][ C0] ? read_word_at_a_time+0x12/0x20 [ 96.684699][ C0] ? strscpy+0x9c/0x260 [ 96.688692][ C0] process_one_work+0x73d/0xcb0 [ 96.693386][ C0] worker_thread+0xa60/0x1260 [ 96.697897][ C0] kthread+0x26d/0x300 [ 96.701797][ C0] ? worker_clr_flags+0x1a0/0x1a0 [ 96.706661][ C0] ? kthread_blkcg+0xd0/0xd0 [ 96.711084][ C0] ret_from_fork+0x1f/0x30 [ 96.715344][ C0] [ 96.718196][ C0] Modules linked in: [ 96.721935][ C0] ---[ end trace 0000000000000000 ]--- [ 96.727224][ C0] RIP: 0010:__queue_work+0x4f1/0xd70 [ 96.732437][ C0] Code: 39 03 0f 84 40 01 00 00 e8 8c 6b 2a 00 4c 89 e7 e8 e4 d3 d6 03 49 bd 00 00 00 00 00 fc ff df 4c 8b 65 d0 4c 89 f0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 f7 e8 60 e1 71 00 49 8b 3e e8 98 cc d6 [ 96.752048][ C0] RSP: 0018:ffffc90000007c98 EFLAGS: 00010046 [ 96.757952][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888100385100 [ 96.765770][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 96.773577][ C0] RBP: ffffc90000007d20 R08: ffffffff814b186b R09: 0000000000000007 [ 96.781387][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881378709c8 [ 96.789195][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8881378709e0 [ 96.797008][ C0] FS: 0000000000000000(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 96.805881][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 96.812305][ C0] CR2: 00007ffc3a506ff8 CR3: 0000000129f82000 CR4: 00000000003506b0 [ 96.820127][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 96.828023][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 96.835838][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 96.843343][ C0] Kernel Offset: disabled [ 96.847467][ C0] Rebooting in 86400 seconds..