last executing test programs: 2.515455244s ago: executing program 0 (id=11093): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r1}, [@IFLA_MTU={0x8, 0x4, 0x100}]}, 0x28}}, 0x0) setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xcb, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x0, r1, 0x7}, 0xc) syz_emit_ethernet(0x42, &(0x7f00000004c0)={@local, @random="0020e0ffff07", @void, {@ipv4={0x800, @tcp={{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @dev, {[@timestamp={0x44, 0x4, 0x0, 0x3}, @cipso={0x86, 0x6}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={0x0}}, 0x0) 2.513622814s ago: executing program 0 (id=11094): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005000400000000000900020073797a30000000001400078008001340000000000800124000000000050005000000000005000100060000000d000300686173683a6d6163"], 0x5c}}, 0x0) 2.455632388s ago: executing program 0 (id=11095): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) 2.409266553s ago: executing program 0 (id=11096): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D'], 0x44}}, 0x0) sendmmsg$unix(r0, &(0x7f00000000c0), 0x3f, 0x0) 2.335907149s ago: executing program 0 (id=11097): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000680)=0x1f, 0x4) bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f00000000c0)="044aac2f202c5feda71e039a57a93088fdcce4afe28aac61837792741a190670ccbe1a2b00aa77a87d56a3f12c7920ad02928a5dac14e5b896f000fcf6521928480be9af82613a5c661f4110adba358afd8b5b4ef1702051e393ede2698112a1f1bdf1d0f568546ed322ab4c53545bd2cd6e48522f0c154cb3c6864dc30ae921db100f1ee97a234503338f8fdf356472da0c7ab62f274f34", 0xadf29f33fb903ae1, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 1.864317757s ago: executing program 4 (id=11112): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="660a0000000000006110a800000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90) 1.863890807s ago: executing program 4 (id=11114): socket$packet(0x11, 0x3, 0x300) chdir(0x0) bpf$PROG_LOAD(0x5, 0x0, 0x2b) mkdir(0x0, 0x0) dup(0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xea) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000600)='./bus\x00', 0x1c14744, &(0x7f00000002c0)={[{@errors_continue}]}, 0xfe, 0x49e, &(0x7f0000000b00)="$eJzs3MtvG8UfAPDvbpw+f78mlPJoqUSgICIeSZO20AMcQCBxAAkEh3IMiVuVug1qgkSrClKEyhFV4o44IvEXcOKEgBMSFw5wR5UqqJD6uGC09m5qGzs0rRM7+PORnMx4xzvzzezY4xk7AQyssexHEvG/iPglIkbq2eYCY/Vf166cm71+5dxsEtXqG78ntXJXr5ybLYoWj9ueZ8bTiPTjJK+k2cKZsydmKpXy6Tw/uXjy3cmFM2efOn5y5lj5WPnU9OHDBw9MPfP09KGmxx26zTiz+K7u+WB+7+6X37r46uyRi29//1XW3jQ/3hhHt4xlgf9RrWk99mi3K+uxv6o340xK2c8bbaKm3wxFRNZdw7XxPxJDtVzdSLz0UU8bB6yp7Dl7c+fDS1XgPyyJXrcA6I3ihT57/5vfhtdp6tEXLj9ffwOUxX4tv9WPlJbXBtbyDzIWEUeWbnye3aJlHaLqHTQAsAa+yeY/TzbN//L5Rxr3NpTbke8NjUbEXRGxMyLujohdEXFPRK3sfRFx/yrrb90a+uc+THopWvekuiib/z2b7201z/+K2V+MDuW5/9fiH06OHq+U9+d/k/EY3pzlp9qdvDjFiz992qn+xvlfdsvqL+aC+UkulTY3xz83szjTrUnp5fMRe0rt4k+WdwKyundHxJ7VnXpHkTj++Jd7OxX69/hXUFpdg9qpfhHxWL3/l6Il/kKy8v7k5JaolPdP1q+KoTZ1/PDjhdc61X9H8XdB1v/bmq//lhIjfyaN+7ULq6/jwq+fdNxbLd3i9d8ou/43JW/W9nQ35fe9P7O4eHoqYlPySi3fdP/0zccW+aJ8Fv/4vvbjf2f+mCz+ByJib8TPxbB7MO+7hyLi4YjYt0L8373wyDudjvVD/8+1ff5bvv5Hm/t/9YmhE99+3an+1viTPH+zRNb/B2up8fye2vNfbmuH83Zuzpa8xO1ezQAAALDxpLXPxifpxHI6TScm6p/h3xXb0sr8wuITR+ffOzVX/wz9aAynxfrnSMN66FSylJ+xnp/O14qL4wfydePPhrYmSVTKE7Pzlbkexw6DbnuH8Z/5rd1idkQ8t64tBNZUF/bRgA2qdfynPWoHsP68/sPgMv5hcBn/MLiK8f96w30ftpTpsBcAbHBe/2FwGf8wuJbH//netgNYf17/YSC1+5J88T8O7uAr/3eUKK3w7f0+TRSro/3SnhNJRKxtFZH2R6QdE5H/E4t+aU/TFX5LvXO9eptVlFYY3bea6M3zEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLf9HQAA//9H8ud7") open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(0xffffffffffffffff, 0x40106614, &(0x7f0000000040)) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000580)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x448c2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='tmpfs\x00', 0x0, &(0x7f0000000240)='nolazytime') 1.82392241s ago: executing program 3 (id=11116): r0 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r1, &(0x7f0000000440)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000340), &(0x7f00000003c0)=r3}, 0x20) ppoll(&(0x7f0000000d40)=[{r0}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0) 1.823615371s ago: executing program 1 (id=11117): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x45}], 0x1, 0x52, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.728284898s ago: executing program 3 (id=11118): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x100000, 0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0) 1.599663689s ago: executing program 3 (id=11120): r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = dup(r0) ioctl$PTP_EXTTS_REQUEST2(r1, 0xc0403d11, 0x0) 1.570242102s ago: executing program 3 (id=11121): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x3ffffffffffffda, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) ioctl$MON_IOCG_STATS(r3, 0x9204, 0x0) io_setup(0x0, 0x0) geteuid() sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x800) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000280)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000880)=ANY=[], 0x93, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000480)='kfree\x00'}, 0x10) pipe(&(0x7f0000005880)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$security_selinux(r4, 0x0, &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x22, 0x0) ioctl$RTC_IRQP_SET(0xffffffffffffffff, 0x4008700c, 0x722) 1.267728356s ago: executing program 0 (id=11122): capset(0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x16, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$MAP_UPDATE_CONST_STR(0x15, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x5, "72e57cd3"}]}}, 0x0}, 0x0) 795.387065ms ago: executing program 4 (id=11125): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) 667.715955ms ago: executing program 4 (id=11126): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) getitimer(0x0, &(0x7f00000002c0)) 610.01202ms ago: executing program 4 (id=11127): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62) openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) ioctl$EVIOCGUNIQ(r0, 0x80404508, 0x0) 608.53573ms ago: executing program 1 (id=11128): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r3 = epoll_create(0x8) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000440)) sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0) ppoll(&(0x7f0000000100)=[{r2, 0x181}, {r1, 0x1114}], 0x2, 0x0, 0x0, 0x0) close(r0) 315.110874ms ago: executing program 3 (id=11129): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NESTED_STATE(r3, 0x4048ae9b, 0x0) 263.830499ms ago: executing program 1 (id=11130): r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000f40)=ANY=[@ANYBLOB="1000000071"], 0x10}, 0x0) 263.384448ms ago: executing program 1 (id=11132): bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_emit_ethernet(0x4a, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x800}, 0x48) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000000)) lsetxattr$trusted_overlay_nlink(&(0x7f0000000140)='./cgroup/../file0\x00', &(0x7f0000000300), 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000440)='./bus\x00', 0x0, &(0x7f0000000240)={[{@nobh}, {@stripe={'stripe', 0x3d, 0x10000}}, {@dioread_nolock}]}, 0x1, 0x3f0, &(0x7f00000008c0)="$eJzs3U1vG0UfAPD/bt7atE+TSs+Bl4sFSERCJE3aApVAIuLCoT3RA0es2C1RnQYlRqJVxItA3EAC8QHgAHwEjnDgO8AZOEClCOVAys1o7V3HxHbapA6ukt9PGnlmZ+2Z9XTWu9PZSQDHVikiXo6IkYg4FxFT+fY0D/F+K2T7bW9tLP29tbGURKPx2p9JJPm24rOS/PVU/gEzaUT6URKP9yh3/dbtG+VarbqWp+fqK2/Nrd+6/ezySvl69Xr15sJz5y9cvPjCpYXnB3asmyvJJ099c/m3zz6ufP7TH99PZ/U9ned1HseglKLU/k52uzTowobsREc8GR1iRQAA2FOaX/uPNq//p2Ikdi7epuLTH4daOQAAAGAgGo3iFQAAADi6Evf+AAAAcMQV8wC2tzaWijDE6Qj8xzYXI2K61f5389DKGW0/0zu26/neQSpFxKsnrixkIQ7pOWwAAACA4+yHxdbCf93jf2k80rHfyYiYLNb2G6DSrnT3+E96Z8BF0mFzMeLFiLjbNf6XFrtMj+Sp/zWHCseSa8u16rmIOBMRMzE2kaXn9yjj3SdufNsvr3P878tfX5/Pys9ed/ZI74xO/Ps9lXK9/CDHzI7NDyIeG+3V/kl7zLdzncyDeGN5+6V+eVn7Z+1dhO725zA1vop4umf/31m5NNl7fda55vlgLj8rTHSX8cvprz/sV35n/89CVn7xfwEcvqz/T+7d/s11ctvr9a7vv4zv/rryc7+8e7d/7/P/eHK1WcHxfNs75Xp9bT5iPLncvd2/prbi+yi+r6z9Z57s/ftfXP8l+W//mY71offjlffOXu2Xp/8PV9b+lX31//1H3px8dKZf+ffX/y80K1N8iOu/e7vfBhp2PQEAAAAAAAAYjLQ5ty9JZ9vxNJ2dbc3z/X9MprXV9foz11bfvllpzQGcjrG0mP851TEfdL71GHk7vbArfT4izkbEF1Mnm+nZpdVaZdgHDwAAAMfEqT73/5nfD/KwBwAAAPBwmh52BQAAAIBD5/4fAAAAjrQHWde/Vl0r/kTQAd8uIiLycEaGfGICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOOb+CQAA///yfL+b") memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0) getpeername$inet(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f0000000000)=0x101, 0x4) sendto$inet6(r2, 0x0, 0x0, 0x2404c801, &(0x7f0000000040)={0xa, 0x4e22, 0x8001, @loopback, 0xfffffff7}, 0x1c) unshare(0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e21, 0xffff, @dev={0xfe, 0x80, '\x00', 0x35}, 0x7}, 0x1c) getpeername$inet6(r2, 0x0, &(0x7f0000000080)) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, 0x0, 0x0) 187.746005ms ago: executing program 2 (id=11133): r0 = socket$inet_udplite(0x2, 0x2, 0x88) sendmmsg$inet(r0, &(0x7f0000002740)=[{{&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000700000044080c40000000061c000000000000000000000008000000", @ANYRES8], 0x38}}], 0x1, 0x0) 130.910199ms ago: executing program 2 (id=11134): r0 = socket$inet6(0xa, 0x3, 0x9) read$FUSE(0xffffffffffffffff, &(0x7f0000007b80)={0x2020}, 0x2020) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000002840)={{{@in6=@mcast1, @in6=@local}}, {{@in6=@private2}, 0x0, @in6=@remote}}, &(0x7f0000002940)=0xe8) r1 = socket$unix(0x1, 0x1, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setgroups(0x1, &(0x7f0000000040)=[r2]) fcntl$getownex(r0, 0x10, &(0x7f00000050c0)) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000a00)={{{@in=@multicast1, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in=@private}}, &(0x7f0000005200)=0xe8) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000005280)) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000052c0)={{{@in=@multicast2, @in=@loopback}}, {{@in6=@private0}, 0x0, @in=@private}}, &(0x7f00000053c0)=0xe8) gettid() r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_clone3(&(0x7f00000056c0)={0x80000, &(0x7f0000005400), &(0x7f0000005440), &(0x7f0000005480), {0x38}, &(0x7f00000054c0)=""/147, 0x93, &(0x7f0000005580)=""/249, &(0x7f0000005680)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x7}, 0x58) 67.702444ms ago: executing program 3 (id=11135): setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) setresgid(0xee00, 0x0, 0x0) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x8, &(0x7f0000000100)=ANY=[], 0xfd, 0x191, &(0x7f00000006c0)="$eJzsmb1OKkEUx/8zy4Vwc1/g2lhAIpq47C5qbCyIsTEWJn7FTiIrARdR2EShs7S0tjC+gL2xMfERfAG10oLSes3sDDAh8mGMH4nnVxz+wxx2zjlk/s2CIIhfy+PDy/3d2fmVAeAfkoip75+MTg7X8g8nDvKLpaXLk9Pr+efE7f/u5zEgHgTDnx8BcJM14Kt1IND2k+pzFbyt18AxrvQGGEylt8CxrrQLhk2lS5quiHzT3Cl6rrld8fJCWCLYIjgiZLrrax4z5LX6mLZfqzd2c57nVj9RDJpfM8sx165vIdD/r9ZsLG1+NjhspTNgWFF6FrHWbORItP5HIp3+jS/uf5Bo9fvNZZAg8UMFH/6eRtVl+vChHX8KLhjGNP+MaP6R9sv76Vq9MVks5wpuwd1znMyMNWVZ0046NCIZ+/hfPPSnv9rz//TIjbIojnK+X7VlbK8dGd9yXB76H0cqIdfC+42e1ch9pn7HQpXql04QBEEQBEEQBEEQBEEQBPEORsHkW7T+OMth9msAAAD//20ub+8=") 63.729525ms ago: executing program 1 (id=11136): openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008002, &(0x7f00000004c0)={[{@grpquota}, {@delalloc}, {@resuid}, {@init_itable}, {@dioread_nolock}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0) write$cgroup_freezer_state(r0, &(0x7f00000001c0)='THAWED\x00', 0x7) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) r2 = open(&(0x7f0000000080)='./bus\x00', 0x145842, 0x0) fallocate(r2, 0x3, 0x0, 0x8000) prctl$PR_GET_NAME(0x10, &(0x7f0000000bc0)=""/4096) 50.289416ms ago: executing program 2 (id=11137): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) getitimer(0x0, &(0x7f00000002c0)) 30.198418ms ago: executing program 4 (id=11138): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f00000001c0), 0x1, 0x76a, &(0x7f0000000fc0)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=") bind$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = syz_clone(0x0, 0x0, 0xffa2, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace(0x8, r0) 29.677298ms ago: executing program 2 (id=11139): r0 = socket$inet6(0xa, 0x3, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000600)={{{@in=@local, @in=@dev, 0x0, 0x8, 0x0, 0x0, 0xa}, {0x0, 0x5f9}}, {{@in6=@mcast1, 0x0, 0x6c}, 0x0, @in=@multicast1, 0x0, 0x1, 0x0, 0x1}}, 0xe8) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97000288c19e9ace00000000000000002100000002ff020000000000000000000000000001"], 0x0) 522.76µs ago: executing program 2 (id=11140): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 302.03µs ago: executing program 1 (id=11141): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socket$netlink(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) writev(r2, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1) 0s ago: executing program 2 (id=11142): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x33}, 0x0, @in6=@dev, 0x0, 0x0, 0x0, 0x2}}, 0xe8) sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0x0) kernel console output (not intermixed with test programs): bInterval 0, changing to 7 [ 2024.338803][ T382] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2024.349033][ T30] audit: type=1400 audit(1722355933.973:131543): avc: denied { read write } for pid=6312 comm="syz-executor" name="loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2024.387267][ T382] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2024.421948][ T382] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 2024.452775][ T382] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2024.489948][ T382] usb 1-1: config 0 descriptor?? [ 2024.626816][ T7796] loop2: detected capacity change from 0 to 40427 [ 2024.660837][ T7796] F2FS-fs (loop2): invalid crc value [ 2024.692200][ T7796] F2FS-fs (loop2): Found nat_bits in checkpoint [ 2024.729585][ T7796] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 2024.739139][ T7796] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 2024.867641][ T7800] loop3: detected capacity change from 0 to 40427 [ 2025.143176][ T2480] Bluetooth: hci0: command 0x1003 tx timeout [ 2025.151094][ T8699] Bluetooth: hci0: sending frame failed (-49) [ 2025.160903][ T7800] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 2025.170045][ T382] koneplus 0003:1E7D:2E22.0233: unknown main item tag 0x0 [ 2025.177170][ T7800] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 2025.186261][ T382] koneplus 0003:1E7D:2E22.0233: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.0-1/input0 [ 2025.199673][ T7800] F2FS-fs (loop3): invalid crc value [ 2025.217981][ T7800] F2FS-fs (loop3): Found nat_bits in checkpoint [ 2025.259408][ T7800] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 2025.266598][ T7800] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 2025.389879][ T382] koneplus 0003:1E7D:2E22.0233: couldn't init struct koneplus_device [ 2025.397815][ T382] koneplus 0003:1E7D:2E22.0233: couldn't install mouse [ 2025.419496][ T382] koneplus: probe of 0003:1E7D:2E22.0233 failed with error -5 [ 2025.707194][ T382] usb 1-1: USB disconnect, device number 87 [ 2025.755674][ T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 2025.787494][ T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 2025.915282][ T7825] syz.1.10610[7825] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2025.915370][ T7825] syz.1.10610[7825] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2026.160136][ T7830] loop3: detected capacity change from 0 to 40427 [ 2026.273073][ T7830] F2FS-fs (loop3): invalid crc value [ 2026.313975][ T7830] F2FS-fs (loop3): Found nat_bits in checkpoint [ 2026.372598][ T7830] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 2026.380684][ T7830] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 2027.470143][ T608] Bluetooth: hci0: command 0x1001 tx timeout [ 2027.476260][ T8699] Bluetooth: hci0: sending frame failed (-49) [ 2027.542143][ T7853] loop2: detected capacity change from 0 to 512 [ 2027.606344][ T7853] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2027.618154][ T7853] ext4 filesystem being mounted at /74/bus supports timestamps until 2038 (0x7fffffff) [ 2027.728183][ T7858] loop3: detected capacity change from 0 to 40427 [ 2027.987321][ T6] usb 2-1: new high-speed USB device number 104 using dummy_hcd [ 2028.004531][ T7858] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 2028.012254][ T7858] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 2028.021345][ T7858] F2FS-fs (loop3): invalid crc value [ 2028.029108][ T7858] F2FS-fs (loop3): Found nat_bits in checkpoint [ 2028.054062][ T7858] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 2028.060995][ T7858] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 2028.512993][ T1780] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 2028.537016][ T1780] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 2028.575191][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2028.598998][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2028.613264][ T6] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2028.625681][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2028.663348][ T6] usb 2-1: config 0 descriptor?? [ 2028.856973][ T7885] syz.3.10621[7885] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2028.857065][ T7885] syz.3.10621[7885] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2029.166134][ T7888] loop3: detected capacity change from 0 to 40427 [ 2029.338319][ T30] kauditd_printk_skb: 435 callbacks suppressed [ 2029.338356][ T30] audit: type=1400 audit(1722355938.911:131979): avc: denied { mounton } for pid=7886 comm="syz.3.10624" path="/69/bus" dev="tmpfs" ino=394 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 2029.367767][ T30] audit: type=1400 audit(1722355938.939:131980): avc: denied { prog_load } for pid=7889 comm="syz.2.10625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2029.387072][ T30] audit: type=1400 audit(1722355938.948:131981): avc: denied { bpf } for pid=7889 comm="syz.2.10625" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2029.409001][ T30] audit: type=1400 audit(1722355938.948:131982): avc: denied { perfmon } for pid=7889 comm="syz.2.10625" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2029.409760][ T6] usb 2-1: string descriptor 0 read error: -22 [ 2029.430330][ T30] audit: type=1400 audit(1722355938.967:131983): avc: denied { prog_load } for pid=7889 comm="syz.2.10625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2029.455661][ T30] audit: type=1400 audit(1722355938.967:131984): avc: denied { prog_run } for pid=7889 comm="syz.2.10625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2029.475197][ T30] audit: type=1400 audit(1722355939.022:131985): avc: denied { read } for pid=82 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 2029.491843][ T7894] loop0: detected capacity change from 0 to 512 [ 2029.503236][ T7888] F2FS-fs (loop3): invalid crc value [ 2029.504385][ T30] audit: type=1400 audit(1722355939.022:131986): avc: denied { search } for pid=82 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2029.525913][ T7888] F2FS-fs (loop3): Found nat_bits in checkpoint [ 2029.529697][ T30] audit: type=1400 audit(1722355939.022:131987): avc: denied { append } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2029.557943][ T30] audit: type=1400 audit(1722355939.022:131988): avc: denied { open } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2029.563920][ T7888] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 2029.589725][ T7888] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 2029.653703][ T7894] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2029.665028][ T7894] ext4 filesystem being mounted at /43/bus supports timestamps until 2038 (0x7fffffff) [ 2029.680299][ T382] Bluetooth: hci0: command 0x1009 tx timeout [ 2029.723588][ T6] uclogic 0003:256C:006D.0234: interface is invalid, ignoring [ 2030.629776][ T7913] loop0: detected capacity change from 0 to 40427 [ 2030.689753][ T6] usb 2-1: USB disconnect, device number 104 [ 2030.780012][ T7913] F2FS-fs (loop0): invalid crc value [ 2030.787754][ T7913] F2FS-fs (loop0): Found nat_bits in checkpoint [ 2030.811716][ T7913] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 2030.818855][ T7913] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 2031.299043][ T7930] loop2: detected capacity change from 0 to 40427 [ 2031.558448][ T7930] F2FS-fs (loop2): invalid crc value [ 2031.577423][ T7930] F2FS-fs (loop2): Found nat_bits in checkpoint [ 2031.615564][ T7930] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 2031.691498][ T7942] syz.1.10634[7942] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2031.691586][ T7942] syz.1.10634[7942] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2031.703384][ T7930] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 2031.787732][ T7942] fuse: Unknown parameter 'grou00000000000000000000' [ 2031.906701][ T7953] loop3: detected capacity change from 0 to 512 [ 2032.214531][ T7953] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2032.226667][ T7953] ext4 filesystem being mounted at /75/bus supports timestamps until 2038 (0x7fffffff) [ 2033.471247][ T7981] loop0: detected capacity change from 0 to 40427 [ 2033.571617][ T7981] F2FS-fs (loop0): invalid crc value [ 2033.580146][ T7981] F2FS-fs (loop0): Found nat_bits in checkpoint [ 2033.609701][ T7981] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 2033.623593][ T7981] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 2033.790165][ T7992] syz.3.10648[7992] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2033.790249][ T7992] syz.3.10648[7992] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2034.077107][ T7992] fuse: Unknown parameter 'grou00000000000000000000' [ 2034.145032][ T7990] bridge0: port 1(bridge_slave_0) entered blocking state [ 2034.154463][ T7987] loop2: detected capacity change from 0 to 40427 [ 2034.158837][ T7990] bridge0: port 1(bridge_slave_0) entered disabled state [ 2034.170022][ T7990] device bridge_slave_0 entered promiscuous mode [ 2034.178801][ T7990] bridge0: port 2(bridge_slave_1) entered blocking state [ 2034.185792][ T7990] bridge0: port 2(bridge_slave_1) entered disabled state [ 2034.193221][ T7990] device bridge_slave_1 entered promiscuous mode [ 2034.248770][ T7987] F2FS-fs (loop2): invalid crc value [ 2034.277402][ T7987] F2FS-fs (loop2): Found nat_bits in checkpoint [ 2034.364955][ T7987] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 2034.376594][ T7987] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 2034.385230][ T7990] bridge0: port 2(bridge_slave_1) entered blocking state [ 2034.392074][ T7990] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2034.399319][ T7990] bridge0: port 1(bridge_slave_0) entered blocking state [ 2034.406180][ T7990] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2034.563075][ T8014] loop3: detected capacity change from 0 to 512 [ 2034.573566][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2034.767178][ T30] kauditd_printk_skb: 463 callbacks suppressed [ 2034.767200][ T30] audit: type=1400 audit(1722355944.016:132452): avc: denied { search } for pid=82 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2034.795811][ T4644] bridge0: port 2(bridge_slave_1) entered disabled state [ 2034.804206][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 2034.804678][ T30] audit: type=1400 audit(1722355944.034:132453): avc: denied { mounton } for pid=8013 comm="syz.3.10654" path="/81/bus" dev="tmpfs" ino=459 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 2034.812047][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2034.842575][ T30] audit: type=1400 audit(1722355944.052:132454): avc: denied { append } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2034.853867][ T8014] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2034.865527][ T30] audit: type=1400 audit(1722355944.052:132455): avc: denied { open } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2034.876404][ T8014] ext4 filesystem being mounted at /81/bus supports timestamps until 2038 (0x7fffffff) [ 2034.898661][ T30] audit: type=1400 audit(1722355944.052:132456): avc: denied { getattr } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2034.931978][ T30] audit: type=1400 audit(1722355944.126:132457): avc: denied { mount } for pid=8013 comm="syz.3.10654" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 2034.957407][ T30] audit: type=1400 audit(1722355944.154:132458): avc: denied { read write } for pid=8013 comm="syz.3.10654" name="loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2034.984386][ T30] audit: type=1400 audit(1722355944.154:132459): avc: denied { open } for pid=8013 comm="syz.3.10654" path="/dev/loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2034.987792][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 2035.011599][ T30] audit: type=1400 audit(1722355944.154:132460): avc: denied { ioctl } for pid=8013 comm="syz.3.10654" path="/dev/loop3" dev="devtmpfs" ino=115 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2035.018436][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2035.042429][ T30] audit: type=1400 audit(1722355944.172:132461): avc: denied { prog_load } for pid=7986 comm="syz.2.10646" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2035.336357][ T6] bridge0: port 2(bridge_slave_1) entered blocking state [ 2035.343208][ T6] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2035.360571][ T6005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 2035.380383][ T6005] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2035.414588][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 2035.426830][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2035.441665][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 2035.457960][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 2035.480357][ T7990] device veth0_vlan entered promiscuous mode [ 2035.491497][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 2035.504811][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 2035.529507][ T7990] device veth1_macvtap entered promiscuous mode [ 2035.546445][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 2035.554878][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 2035.562196][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 2035.593435][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 2035.601761][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 2035.618491][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 2035.626984][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 2035.636207][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 2035.644809][ T4644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 2035.933077][ T8] device bridge_slave_1 left promiscuous mode [ 2035.935720][ T8038] syz.3.10658[8038] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2035.939134][ T8038] syz.3.10658[8038] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2035.940270][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 2035.971740][ T8] device bridge_slave_0 left promiscuous mode [ 2035.978254][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 2036.001052][ T8038] fuse: Unknown parameter 'grou00000000000000000000' [ 2036.008594][ T8] device veth1_macvtap left promiscuous mode [ 2036.014585][ T8] device veth0_vlan left promiscuous mode [ 2036.103799][ T8046] loop3: detected capacity change from 0 to 512 [ 2036.171349][ T8046] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2036.183379][ T8046] ext4 filesystem being mounted at /84/bus supports timestamps until 2038 (0x7fffffff) [ 2036.874149][T30302] usb 3-1: new high-speed USB device number 70 using dummy_hcd [ 2037.077241][ T8066] loop0: detected capacity change from 0 to 40427 [ 2037.098883][ T8069] loop3: detected capacity change from 0 to 512 [ 2037.111193][ T8066] F2FS-fs (loop0): invalid crc value [ 2037.119377][ T8066] F2FS-fs (loop0): Found nat_bits in checkpoint [ 2037.144974][T30302] usb 3-1: Using ep0 maxpacket: 16 [ 2037.162419][ T8069] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2037.178132][ T8069] ext4 filesystem being mounted at /85/bus supports timestamps until 2038 (0x7fffffff) [ 2037.191202][ T8066] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0 [ 2037.212753][ T8066] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 2037.340350][T30302] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2037.351339][T30302] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2037.363349][T30302] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2038.228192][T30302] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 2038.263106][T30302] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2038.320354][T30302] usb 3-1: config 0 descriptor?? [ 2038.394222][ T8093] syz.3.10672[8093] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2038.394569][ T8093] syz.3.10672[8093] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2038.427638][ T8093] fuse: Unknown parameter 'group_i00000000000000000000' [ 2038.432977][ T8095] loop0: detected capacity change from 0 to 512 [ 2038.490615][ T8095] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2038.502551][ T8095] ext4 filesystem being mounted at /52/bus supports timestamps until 2038 (0x7fffffff) [ 2039.107578][T30302] koneplus 0003:1E7D:2E22.0235: unknown main item tag 0x0 [ 2039.115415][T30302] koneplus 0003:1E7D:2E22.0235: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.2-1/input0 [ 2039.333566][T30302] koneplus 0003:1E7D:2E22.0235: couldn't init struct koneplus_device [ 2039.342157][T30302] koneplus 0003:1E7D:2E22.0235: couldn't install mouse [ 2039.353404][T30302] koneplus: probe of 0003:1E7D:2E22.0235 failed with error -5 [ 2039.567485][ T4644] usb 3-1: USB disconnect, device number 70 [ 2040.259333][ T30] kauditd_printk_skb: 448 callbacks suppressed [ 2040.259348][ T30] audit: type=1400 audit(1722355949.092:132910): avc: denied { read write } for pid=6312 comm="syz-executor" name="loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2040.271927][ T8127] loop2: detected capacity change from 0 to 40427 [ 2040.296364][ T30] audit: type=1400 audit(1722355949.092:132911): avc: denied { read write open } for pid=6312 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2040.322456][ T30] audit: type=1400 audit(1722355949.092:132912): avc: denied { ioctl } for pid=6312 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=113 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2040.330652][ T8127] F2FS-fs (loop2): invalid crc value [ 2040.351922][ T30] audit: type=1400 audit(1722355949.120:132913): avc: denied { read } for pid=82 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 2040.375252][ T30] audit: type=1400 audit(1722355949.120:132914): avc: denied { search } for pid=82 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 2040.399121][ T30] audit: type=1400 audit(1722355949.120:132915): avc: denied { append } for pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2040.421901][ T30] audit: type=1400 audit(1722355949.120:132916): avc: denied { open } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2040.450412][ T30] audit: type=1400 audit(1722355949.120:132917): avc: denied { getattr } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2040.481247][ T30] audit: type=1400 audit(1722355949.129:132918): avc: denied { mounton } for pid=8126 comm="syz.2.10682" path="/86/bus" dev="tmpfs" ino=487 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 2040.481282][ T8127] F2FS-fs (loop2): Found nat_bits in checkpoint [ 2040.505421][ T30] audit: type=1400 audit(1722355949.138:132919): avc: denied { module_request } for pid=8128 comm="syz.1.10683" kmod="net-pf-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 2040.723213][ T8127] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 2040.797065][ T8127] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 2042.475416][ T608] usb 3-1: new high-speed USB device number 71 using dummy_hcd [ 2042.746273][ T608] usb 3-1: Using ep0 maxpacket: 16 [ 2042.876650][ T608] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2042.887503][ T608] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2042.897059][ T608] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2042.909717][ T608] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 2042.918473][ T608] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2042.927693][ T608] usb 3-1: config 0 descriptor?? [ 2043.451594][ T608] koneplus 0003:1E7D:2E22.0236: unknown main item tag 0x0 [ 2043.459678][ T608] koneplus 0003:1E7D:2E22.0236: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.2-1/input0 [ 2043.504764][ T4644] usb 1-1: new high-speed USB device number 88 using dummy_hcd [ 2043.678116][ T608] koneplus 0003:1E7D:2E22.0236: couldn't init struct koneplus_device [ 2043.686360][ T608] koneplus 0003:1E7D:2E22.0236: couldn't install mouse [ 2043.702382][ T608] koneplus: probe of 0003:1E7D:2E22.0236 failed with error -5 [ 2043.775539][ T4644] usb 1-1: Using ep0 maxpacket: 16 [ 2044.546506][ T382] usb 3-1: USB disconnect, device number 71 [ 2044.580507][ T4644] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2044.591282][ T4644] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2044.601470][ T4644] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2044.614176][ T4644] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 2044.623350][ T4644] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2044.633811][ T4644] usb 1-1: config 0 descriptor?? [ 2045.118968][T30302] usb 2-1: new high-speed USB device number 105 using dummy_hcd [ 2045.250583][ T4644] koneplus 0003:1E7D:2E22.0237: unknown main item tag 0x0 [ 2045.265261][ T4644] koneplus 0003:1E7D:2E22.0237: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.0-1/input0 [ 2045.476588][ T4644] koneplus 0003:1E7D:2E22.0237: couldn't init struct koneplus_device [ 2045.484996][ T4644] koneplus 0003:1E7D:2E22.0237: couldn't install mouse [ 2045.502543][ T4644] koneplus: probe of 0003:1E7D:2E22.0237 failed with error -5 [ 2045.519894][T30302] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2045.530795][T30302] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2045.540399][T30302] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2045.550899][T30302] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2045.569592][T30302] usb 2-1: config 0 descriptor?? [ 2045.701426][ T6] usb 1-1: USB disconnect, device number 88 [ 2045.846625][ T30] kauditd_printk_skb: 388 callbacks suppressed [ 2045.846640][ T30] audit: type=1400 audit(1722355954.252:133308): avc: denied { ioctl } for pid=8203 comm="syz.1.10703" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2046.105771][ T30] audit: type=1400 audit(1722355954.492:133309): avc: denied { map_create } for pid=8203 comm="syz.1.10703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2046.126054][ T30] audit: type=1400 audit(1722355954.492:133310): avc: denied { prog_load } for pid=8203 comm="syz.1.10703" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2046.146568][ T30] audit: type=1400 audit(1722355954.492:133311): avc: denied { bpf } for pid=8203 comm="syz.1.10703" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2046.167725][ T30] audit: type=1400 audit(1722355954.492:133312): avc: denied { perfmon } for pid=8203 comm="syz.1.10703" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2046.188725][ T30] audit: type=1400 audit(1722355954.492:133313): avc: denied { ioctl } for pid=8203 comm="syz.1.10703" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2046.220766][ T30] audit: type=1400 audit(1722355954.593:133314): avc: denied { read write } for pid=6506 comm="syz-executor" name="loop2" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2046.245109][ T30] audit: type=1400 audit(1722355954.593:133315): avc: denied { read write open } for pid=6506 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2046.270348][ T30] audit: type=1400 audit(1722355954.593:133316): avc: denied { ioctl } for pid=6506 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=114 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2046.298265][ T30] audit: type=1400 audit(1722355954.612:133317): avc: denied { map_create } for pid=8226 comm="syz.2.10711" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2046.364998][T30302] usb 2-1: string descriptor 0 read error: -22 [ 2046.646650][T30302] uclogic 0003:256C:006D.0238: interface is invalid, ignoring [ 2046.830788][ T6] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 2047.112458][ T6] usb 4-1: Using ep0 maxpacket: 16 [ 2047.173605][T30302] usb 2-1: USB disconnect, device number 105 [ 2047.242777][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2047.269659][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2047.271772][ T8251] loop0: detected capacity change from 0 to 512 [ 2047.294147][ T6] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2047.307014][ T6] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 2047.316658][ T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2047.331319][ T6] usb 4-1: config 0 descriptor?? [ 2047.370938][ T8251] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2047.382669][ T8251] ext4 filesystem being mounted at /60/bus supports timestamps until 2038 (0x7fffffff) [ 2047.505685][ T8265] loop4: detected capacity change from 0 to 512 [ 2047.775658][ T8265] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2047.786834][ T8265] ext4 filesystem being mounted at /12/bus supports timestamps until 2038 (0x7fffffff) [ 2048.142752][ T6] koneplus 0003:1E7D:2E22.0239: unknown main item tag 0x0 [ 2048.150799][ T6] koneplus 0003:1E7D:2E22.0239: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.3-1/input0 [ 2048.380146][ T6] koneplus 0003:1E7D:2E22.0239: couldn't init struct koneplus_device [ 2048.388146][ T6] koneplus 0003:1E7D:2E22.0239: couldn't install mouse [ 2048.419453][ T6] koneplus: probe of 0003:1E7D:2E22.0239 failed with error -5 [ 2048.602579][ T6] usb 4-1: USB disconnect, device number 36 [ 2048.770106][ T4644] usb 2-1: new high-speed USB device number 106 using dummy_hcd [ 2049.073472][ T4644] usb 2-1: Using ep0 maxpacket: 16 [ 2049.214439][ T4644] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2049.227358][ T4644] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2049.237658][ T4644] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 2049.247107][ T4644] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2049.268657][ T4644] usb 2-1: config 0 descriptor?? [ 2049.463500][ T2480] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 2049.481645][ T8298] loop4: detected capacity change from 0 to 40427 [ 2049.495258][ T8298] F2FS-fs (loop4): invalid crc value [ 2049.504949][ T8298] F2FS-fs (loop4): Found nat_bits in checkpoint [ 2049.528311][ T8298] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 2049.535490][ T8298] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 2049.843880][ T4644] kovaplus 0003:1E7D:2D50.023A: item fetching failed at offset 5/7 [ 2049.851812][ T4644] kovaplus 0003:1E7D:2D50.023A: parse failed [ 2049.857641][ T4644] kovaplus: probe of 0003:1E7D:2D50.023A failed with error -22 [ 2049.896952][ T2480] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2049.907879][ T2480] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2049.917454][ T2480] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2049.926353][ T2480] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2049.936443][ T2480] usb 4-1: config 0 descriptor?? [ 2050.071404][T30302] usb 2-1: USB disconnect, device number 106 [ 2050.235070][ T8310] loop2: detected capacity change from 0 to 128 [ 2050.698893][ T2480] usb 4-1: string descriptor 0 read error: -22 [ 2050.984817][ T2480] uclogic 0003:256C:006D.023B: interface is invalid, ignoring [ 2051.313458][ T30] kauditd_printk_skb: 441 callbacks suppressed [ 2051.313473][ T30] audit: type=1400 audit(1722355959.291:133759): avc: denied { read write } for pid=7990 comm="syz-executor" name="loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2051.349305][ T30] audit: type=1400 audit(1722355959.291:133760): avc: denied { open } for pid=7990 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2051.374022][ T30] audit: type=1400 audit(1722355959.291:133761): avc: denied { ioctl } for pid=7990 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2051.435710][ T30] audit: type=1400 audit(1722355959.411:133762): avc: denied { read write } for pid=8327 comm="syz.4.10738" name="loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2051.436162][ T8328] loop4: detected capacity change from 0 to 40427 [ 2051.460409][ T30] audit: type=1400 audit(1722355959.411:133763): avc: denied { open } for pid=8327 comm="syz.4.10738" path="/dev/loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2051.490162][ T30] audit: type=1400 audit(1722355959.411:133764): avc: denied { ioctl } for pid=8327 comm="syz.4.10738" path="/dev/loop4" dev="devtmpfs" ino=116 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2051.499863][ T8328] F2FS-fs (loop4): invalid crc value [ 2051.515779][ T30] audit: type=1400 audit(1722355959.430:133765): avc: denied { mounton } for pid=8327 comm="syz.4.10738" path="/16/bus" dev="tmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 2051.526706][ T4644] usb 4-1: USB disconnect, device number 37 [ 2051.589728][ T30] audit: type=1400 audit(1722355959.531:133766): avc: denied { read write } for pid=6656 comm="syz-executor" name="loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2051.626166][ T30] audit: type=1400 audit(1722355959.531:133767): avc: denied { read write open } for pid=6656 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2051.653997][ T8328] F2FS-fs (loop4): Found nat_bits in checkpoint [ 2051.655573][ T30] audit: type=1400 audit(1722355959.531:133768): avc: denied { ioctl } for pid=6656 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=115 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2051.688702][ T8328] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 2051.696294][ T8328] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 2051.832241][ T8339] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10740'. [ 2052.586981][ T8354] loop3: detected capacity change from 0 to 512 [ 2052.622240][ T8354] EXT4-fs (loop3): can't mount with journal_async_commit, fs mounted w/o journal [ 2052.774053][ T8352] loop4: detected capacity change from 0 to 40427 [ 2052.847613][ T8352] F2FS-fs (loop4): invalid crc value [ 2052.857337][ T8352] F2FS-fs (loop4): Found nat_bits in checkpoint [ 2052.881364][ T8352] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 2052.888385][ T8352] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 2053.227193][T30302] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 2053.479146][ T8376] loop4: detected capacity change from 0 to 512 [ 2053.551095][ T8376] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2053.562328][ T8376] ext4 filesystem being mounted at /18/bus supports timestamps until 2038 (0x7fffffff) [ 2053.624123][T21355] usb 3-1: new high-speed USB device number 72 using dummy_hcd [ 2053.667255][T30302] usb 4-1: config 0 has an invalid descriptor of length 169, skipping remainder of the config [ 2053.689706][T30302] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 2053.698618][T30302] usb 4-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 2053.707579][T30302] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2053.716535][T30302] usb 4-1: config 0 descriptor?? [ 2054.046423][T21355] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 2054.056978][T21355] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 2054.154807][T21355] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 2054.163724][T21355] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 2054.172037][T21355] usb 3-1: SerialNumber: syz [ 2054.191885][ T8389] FAULT_INJECTION: forcing a failure. [ 2054.191885][ T8389] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2054.204804][ T8389] CPU: 0 PID: 8389 Comm: syz.3.10745 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2054.214525][ T8389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2054.224423][ T8389] Call Trace: [ 2054.227544][ T8389] [ 2054.230348][ T8389] dump_stack_lvl+0x151/0x1b7 [ 2054.234839][ T8389] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2054.240306][ T8389] dump_stack+0x15/0x17 [ 2054.244299][ T8389] should_fail+0x3c6/0x510 [ 2054.248557][ T8389] should_fail_usercopy+0x1a/0x20 [ 2054.253414][ T8389] _copy_to_user+0x20/0x90 [ 2054.257665][ T8389] simple_read_from_buffer+0xc7/0x150 [ 2054.262957][ T8389] proc_fail_nth_read+0x1a3/0x210 [ 2054.267822][ T8389] ? proc_fault_inject_write+0x390/0x390 [ 2054.273381][ T8389] ? fsnotify_perm+0x470/0x5d0 [ 2054.277972][ T8389] ? security_file_permission+0x86/0xb0 [ 2054.283350][ T8389] ? proc_fault_inject_write+0x390/0x390 [ 2054.288822][ T8389] vfs_read+0x27d/0xd40 [ 2054.292812][ T8389] ? kernel_read+0x1f0/0x1f0 [ 2054.297242][ T8389] ? __kasan_check_write+0x14/0x20 [ 2054.302188][ T8389] ? mutex_lock+0xb6/0x1e0 [ 2054.306454][ T8389] ? wait_for_completion_killable_timeout+0x10/0x10 [ 2054.312865][ T8389] ? __fdget_pos+0x2e7/0x3a0 [ 2054.317287][ T8389] ? ksys_read+0x77/0x2c0 [ 2054.321461][ T8389] ksys_read+0x199/0x2c0 [ 2054.325533][ T8389] ? vfs_write+0x1110/0x1110 [ 2054.329972][ T8389] ? __kasan_check_read+0x11/0x20 [ 2054.334821][ T8389] __x64_sys_read+0x7b/0x90 [ 2054.339162][ T8389] do_syscall_64+0x3d/0xb0 [ 2054.343411][ T8389] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 2054.349059][ T8389] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2054.354783][ T8389] RIP: 0033:0x7f8ad2f9dd7c [ 2054.359035][ T8389] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 2054.378480][ T8389] RSP: 002b:00007f8ad1bfe040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2054.386724][ T8389] RAX: ffffffffffffffda RBX: 00007f8ad312e058 RCX: 00007f8ad2f9dd7c [ 2054.394537][ T8389] RDX: 000000000000000f RSI: 00007f8ad1bfe0b0 RDI: 000000000000000a [ 2054.402347][ T8389] RBP: 00007f8ad1bfe0a0 R08: 0000000000000000 R09: 0000000000000000 [ 2054.410163][ T8389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2054.417969][ T8389] R13: 000000000000006e R14: 00007f8ad312e058 R15: 00007ffd13e2ddf8 [ 2054.425786][ T8389] [ 2054.469075][T30302] usb 4-1: string descriptor 0 read error: -71 [ 2054.476206][T30302] usb 4-1: USB disconnect, device number 38 [ 2055.021448][ T6005] usb 2-1: new high-speed USB device number 107 using dummy_hcd [ 2055.487411][ T6005] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2055.500750][ T6005] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2055.511925][ T6005] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2055.521224][ T6005] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2055.530417][ T6005] usb 2-1: config 0 descriptor?? [ 2055.597957][ T8418] loop4: detected capacity change from 0 to 256 [ 2055.602506][ T8413] loop3: detected capacity change from 0 to 40427 [ 2055.652175][ T8413] F2FS-fs (loop3): invalid crc value [ 2055.659723][ T8413] F2FS-fs (loop3): Found nat_bits in checkpoint [ 2055.682842][ T8413] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 2055.690218][ T8413] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 2056.147791][ T8429] bridge0: port 1(bridge_slave_0) entered blocking state [ 2056.154810][ T8429] bridge0: port 1(bridge_slave_0) entered disabled state [ 2056.162115][ T8429] device bridge_slave_0 entered promiscuous mode [ 2056.169470][ T8429] bridge0: port 2(bridge_slave_1) entered blocking state [ 2056.176398][ T8429] bridge0: port 2(bridge_slave_1) entered disabled state [ 2056.183542][ T8429] device bridge_slave_1 entered promiscuous mode [ 2056.228841][ T8429] bridge0: port 2(bridge_slave_1) entered blocking state [ 2056.235724][ T8429] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2056.242827][ T8429] bridge0: port 1(bridge_slave_0) entered blocking state [ 2056.249627][ T8429] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2056.271943][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2056.279475][ T26] bridge0: port 1(bridge_slave_0) entered disabled state [ 2056.286596][ T26] bridge0: port 2(bridge_slave_1) entered disabled state [ 2056.297937][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2056.305948][ T6005] usb 2-1: string descriptor 0 read error: -22 [ 2056.312310][ T6] bridge0: port 1(bridge_slave_0) entered blocking state [ 2056.319188][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2056.329402][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2056.337508][ T26] bridge0: port 2(bridge_slave_1) entered blocking state [ 2056.344372][ T26] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2056.361391][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2056.372744][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2056.395229][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 2056.409410][ T8429] device veth0_vlan entered promiscuous mode [ 2056.424736][ T8429] device veth1_macvtap entered promiscuous mode [ 2056.442022][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 2056.450357][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 2056.458555][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 2056.466525][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 2056.490809][ T8434] loop3: detected capacity change from 0 to 512 [ 2056.490937][T30302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 2056.514491][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 2056.539789][ T8434] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2056.552258][ T8434] ext4 filesystem being mounted at /105/bus supports timestamps until 2038 (0x7fffffff) [ 2056.562746][T21355] usb 3-1: 0:2 : does not exist [ 2056.567514][T21355] usb 3-1: unit 5 not found! [ 2056.637905][T21355] usb 3-1: USB disconnect, device number 72 [ 2056.677919][ T6665] udevd[6665]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 2056.765917][ T30] kauditd_printk_skb: 591 callbacks suppressed [ 2056.765958][ T30] audit: type=1400 audit(1722355964.322:134360): avc: denied { write } for pid=8433 comm="syz.3.10767" name="/" dev="loop3" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 2056.887803][ T30] audit: type=1400 audit(1722355964.322:134361): avc: denied { add_name } for pid=8433 comm="syz.3.10767" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 2056.909583][ T30] audit: type=1400 audit(1722355964.322:134362): avc: denied { create } for pid=8433 comm="syz.3.10767" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 2056.944059][ T30] audit: type=1400 audit(1722355964.395:134363): avc: denied { write } for pid=8433 comm="syz.3.10767" name="bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 2056.966127][ T6005] uclogic 0003:256C:006D.023C: interface is invalid, ignoring [ 2056.974800][ T30] audit: type=1400 audit(1722355964.395:134364): avc: denied { add_name } for pid=8433 comm="syz.3.10767" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 2056.995945][ T30] audit: type=1400 audit(1722355964.395:134365): avc: denied { create } for pid=8433 comm="syz.3.10767" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 2057.019125][ T30] audit: type=1400 audit(1722355964.423:134366): avc: denied { setattr } for pid=8433 comm="syz.3.10767" name="file0" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 2057.045368][ T30] audit: type=1400 audit(1722355964.460:134367): avc: denied { write } for pid=8433 comm="syz.3.10767" name="bus" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 2057.072592][ T30] audit: type=1400 audit(1722355964.460:134368): avc: denied { remove_name } for pid=8433 comm="syz.3.10767" name="file0" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 2057.095642][ T30] audit: type=1400 audit(1722355964.460:134369): avc: denied { rmdir } for pid=8433 comm="syz.3.10767" name="file0" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 2057.156349][ T8452] loop4: detected capacity change from 0 to 40427 [ 2057.246807][ T8452] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 2057.254916][ T8452] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 2057.266937][ T8452] F2FS-fs (loop4): Found nat_bits in checkpoint [ 2057.287802][ T8452] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 2057.300117][ T8452] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 2057.307014][ T8452] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 2057.417704][ T8458] FAULT_INJECTION: forcing a failure. [ 2057.417704][ T8458] name failslab, interval 1, probability 0, space 0, times 0 [ 2057.430887][ T8458] CPU: 0 PID: 8458 Comm: syz.4.10772 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2057.440680][ T8458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2057.450580][ T8458] Call Trace: [ 2057.453698][ T8458] [ 2057.456475][ T8458] dump_stack_lvl+0x151/0x1b7 [ 2057.460989][ T8458] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2057.466468][ T8458] dump_stack+0x15/0x17 [ 2057.470450][ T8458] should_fail+0x3c6/0x510 [ 2057.474706][ T8458] __should_failslab+0xa4/0xe0 [ 2057.479303][ T8458] ? avc_alloc_node+0x8f/0x500 [ 2057.483900][ T8458] should_failslab+0x9/0x20 [ 2057.488242][ T8458] slab_pre_alloc_hook+0x37/0xd0 [ 2057.493017][ T8458] ? avc_alloc_node+0x8f/0x500 [ 2057.497618][ T8458] kmem_cache_alloc+0x44/0x200 [ 2057.501368][ T8461] loop3: detected capacity change from 0 to 512 [ 2057.502212][ T8458] ? kmem_cache_free+0x116/0x2e0 [ 2057.502238][ T8458] avc_alloc_node+0x8f/0x500 [ 2057.517494][ T8458] ? __kasan_check_write+0x14/0x20 [ 2057.522439][ T8458] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 2057.527735][ T8458] ? _raw_spin_lock+0x1b0/0x1b0 [ 2057.532420][ T8458] ? avc_xperms_free+0x280/0x280 [ 2057.537200][ T8458] avc_compute_av+0x146/0x830 [ 2057.541712][ T8458] avc_has_perm_noaudit+0x299/0x430 [ 2057.543324][ T8461] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2057.546742][ T8458] ? avc_denied+0x1b0/0x1b0 [ 2057.546766][ T8458] ? proc_fail_nth_write+0x20b/0x290 [ 2057.546784][ T8458] ? fsnotify_perm+0x6a/0x5d0 [ 2057.546803][ T8458] avc_has_perm+0xd2/0x260 [ 2057.558100][ T8461] ext4 filesystem being mounted at /106/bus supports timestamps until 2038 (0x7fffffff) [ 2057.561841][ T8458] ? avc_has_perm_noaudit+0x430/0x430 [ 2057.561865][ T8458] ? file_end_write+0x1c0/0x1c0 [ 2057.595177][ T8458] selinux_bpf+0xcb/0x100 [ 2057.599341][ T8458] security_bpf+0x72/0xb0 [ 2057.603506][ T8458] __sys_bpf+0x254/0x760 [ 2057.607667][ T8458] ? fput_many+0x160/0x1b0 [ 2057.611921][ T8458] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 2057.617130][ T8458] ? debug_smp_processor_id+0x17/0x20 [ 2057.622335][ T8458] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2057.628237][ T8458] __x64_sys_bpf+0x7c/0x90 [ 2057.632496][ T8458] do_syscall_64+0x3d/0xb0 [ 2057.636744][ T8458] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2057.642473][ T8458] RIP: 0033:0x7ff733a14299 [ 2057.646726][ T8458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2057.666293][ T8458] RSP: 002b:00007ff732673048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2057.674535][ T8458] RAX: ffffffffffffffda RBX: 00007ff733ba3058 RCX: 00007ff733a14299 [ 2057.682350][ T8458] RDX: 0000000000000048 RSI: 0000000020000840 RDI: 0000000000000000 [ 2057.690159][ T8458] RBP: 00007ff7326730a0 R08: 0000000000000000 R09: 0000000000000000 [ 2057.697970][ T8458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2057.705781][ T8458] R13: 000000000000006e R14: 00007ff733ba3058 R15: 00007ffdc754c978 [ 2057.713599][ T8458] [ 2057.723098][ T6005] usb 2-1: USB disconnect, device number 107 [ 2057.989877][ T8470] FAULT_INJECTION: forcing a failure. [ 2057.989877][ T8470] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2058.002886][ T8470] CPU: 1 PID: 8470 Comm: syz.1.10775 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2058.012587][ T8470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2058.022479][ T8470] Call Trace: [ 2058.025603][ T8470] [ 2058.028380][ T8470] dump_stack_lvl+0x151/0x1b7 [ 2058.032897][ T8470] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2058.038360][ T8470] ? irqentry_exit+0x30/0x40 [ 2058.042788][ T8470] ? sysvec_reschedule_ipi+0x7d/0x150 [ 2058.047998][ T8470] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 2058.053466][ T8470] dump_stack+0x15/0x17 [ 2058.057456][ T8470] should_fail+0x3c6/0x510 [ 2058.061710][ T8470] should_fail_usercopy+0x1a/0x20 [ 2058.066570][ T8470] _copy_from_user+0x20/0xd0 [ 2058.071006][ T8470] __se_sys_memfd_create+0x131/0x3e0 [ 2058.076116][ T8470] __x64_sys_memfd_create+0x5b/0x70 [ 2058.081151][ T8470] do_syscall_64+0x3d/0xb0 [ 2058.085401][ T8470] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2058.091134][ T8470] RIP: 0033:0x7f86eb763299 [ 2058.095385][ T8470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2058.114830][ T8470] RSP: 002b:00007f86ea3a0d78 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 2058.123070][ T8470] RAX: ffffffffffffffda RBX: 00000000000005ff RCX: 00007f86eb763299 [ 2058.130881][ T8470] RDX: 00007f86ea3a0dfc RSI: 0000000000000000 RDI: 00007f86eb7d1094 [ 2058.138788][ T8470] RBP: 0000000020000000 R08: 00007f86ea3a0b17 R09: 0000000000000000 [ 2058.146592][ T8470] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001 [ 2058.154404][ T8470] R13: 00007f86ea3a0dfc R14: 00007f86ea3a0e00 R15: 00007ffd1d4c5d78 [ 2058.162224][ T8470] [ 2059.008981][ T8477] loop2: detected capacity change from 0 to 40427 [ 2059.056855][ T8477] F2FS-fs (loop2): invalid crc value [ 2059.067653][ T8488] loop4: detected capacity change from 0 to 40427 [ 2059.082340][ T8477] F2FS-fs (loop2): Found nat_bits in checkpoint [ 2059.107162][ T8] device bridge_slave_1 left promiscuous mode [ 2059.110957][ T8477] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0 [ 2059.113156][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 2059.121043][ T8477] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 2059.133687][ T8] device bridge_slave_0 left promiscuous mode [ 2059.140255][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 2059.148691][ T8] device veth1_macvtap left promiscuous mode [ 2059.155190][ T8] device veth0_vlan left promiscuous mode [ 2059.169124][ T8488] F2FS-fs (loop4): invalid crc value [ 2059.205253][ T8488] F2FS-fs (loop4): Found nat_bits in checkpoint [ 2059.276721][ T8488] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 2059.283755][ T8488] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 2060.515184][ T8506] loop3: detected capacity change from 0 to 512 [ 2060.549748][ T8506] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2060.560988][ T8506] ext4 filesystem being mounted at /109/bus supports timestamps until 2038 (0x7fffffff) [ 2060.730861][ T8508] loop0: detected capacity change from 0 to 40427 [ 2060.954666][ T608] usb 2-1: new high-speed USB device number 108 using dummy_hcd [ 2061.079510][ T8508] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 2061.087127][ T8508] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 2061.120349][ T8508] F2FS-fs (loop0): Found nat_bits in checkpoint [ 2061.143374][ T8508] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 2061.155270][ T8508] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 2061.162174][ T8508] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 2061.240367][ T608] usb 2-1: Using ep0 maxpacket: 16 [ 2061.370445][ T608] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 2061.381451][ T608] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 2061.391175][ T608] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 2061.422212][ T608] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2061.438389][ T608] usb 2-1: config 0 descriptor?? [ 2062.026344][ T8510] UDC core: couldn't find an available UDC or it's busy: -16 [ 2062.044118][ T8510] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2062.064219][ T608] hid (null): report_id 0 is invalid [ 2062.070608][ T608] hid-generic 0003:0158:0100.023D: unknown main item tag 0x1 [ 2062.077888][ T608] hid-generic 0003:0158:0100.023D: unexpected long global item [ 2062.085413][ T608] hid-generic: probe of 0003:0158:0100.023D failed with error -22 [ 2062.283307][ T608] usb 2-1: USB disconnect, device number 108 [ 2062.356230][ T6005] usb 3-1: new high-speed USB device number 73 using dummy_hcd [ 2062.378170][ T30] kauditd_printk_skb: 413 callbacks suppressed [ 2062.378185][ T30] audit: type=1400 audit(1722355969.509:134783): avc: denied { ioctl } for pid=8541 comm="syz.2.10793" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2062.413897][ T30] audit: type=1400 audit(1722355969.537:134784): avc: denied { read write } for pid=6656 comm="syz-executor" name="loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2062.438202][ T30] audit: type=1400 audit(1722355969.537:134785): avc: denied { read write open } for pid=6656 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2062.467501][ T30] audit: type=1400 audit(1722355969.537:134786): avc: denied { ioctl } for pid=6656 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=115 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2062.493305][ T30] audit: type=1400 audit(1722355969.537:134787): avc: denied { prog_load } for pid=8546 comm="syz.3.10795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2062.512507][ T30] audit: type=1400 audit(1722355969.537:134788): avc: denied { map_create } for pid=8546 comm="syz.3.10795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2062.535705][ T30] audit: type=1400 audit(1722355969.537:134789): avc: denied { prog_load } for pid=8546 comm="syz.3.10795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2062.558644][ T8549] FAULT_INJECTION: forcing a failure. [ 2062.558644][ T8549] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2062.571607][ T8549] CPU: 1 PID: 8549 Comm: syz.0.10796 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2062.581393][ T8549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2062.591288][ T8549] Call Trace: [ 2062.594412][ T8549] [ 2062.597188][ T8549] dump_stack_lvl+0x151/0x1b7 [ 2062.601701][ T8549] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2062.607170][ T8549] dump_stack+0x15/0x17 [ 2062.611161][ T8549] should_fail+0x3c6/0x510 [ 2062.615416][ T8549] should_fail_usercopy+0x1a/0x20 [ 2062.620275][ T8549] copy_fpstate_to_sigframe+0x708/0x9a0 [ 2062.625659][ T8549] ? fpregs_set+0x6f0/0x6f0 [ 2062.630095][ T8549] ? bpf_trace_run3+0x123/0x250 [ 2062.634779][ T8549] ? bpf_trace_run2+0x210/0x210 [ 2062.639468][ T8549] ? fpu__alloc_mathframe+0x89/0x150 [ 2062.644588][ T8549] get_sigframe+0x378/0x4b0 [ 2062.648928][ T8549] ? memcpy+0x56/0x70 [ 2062.652748][ T8549] ? restore_sigcontext+0x710/0x710 [ 2062.657783][ T8549] arch_do_signal_or_restart+0x2ad/0x1680 [ 2062.663337][ T8549] ? __send_signal+0x96f/0xcb0 [ 2062.667939][ T8549] ? get_sigframe_size+0x10/0x10 [ 2062.672710][ T8549] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 2062.678350][ T8549] ? force_sig_info_to_task+0x31c/0x440 [ 2062.683733][ T8549] ? force_sig+0x114/0x1d0 [ 2062.687985][ T8549] ? send_sig+0x60/0x60 [ 2062.691980][ T8549] exit_to_user_mode_loop+0xa0/0xe0 [ 2062.697012][ T8549] exit_to_user_mode_prepare+0x5a/0xa0 [ 2062.702305][ T8549] irqentry_exit_to_user_mode+0x9/0x20 [ 2062.707601][ T8549] irqentry_exit+0x12/0x40 [ 2062.711858][ T8549] exc_general_protection+0x327/0x4b0 [ 2062.717062][ T8549] ? debug_smp_processor_id+0x17/0x20 [ 2062.722270][ T8549] ? syscall_exit_to_user_mode+0x34/0x160 [ 2062.727825][ T8549] asm_exc_general_protection+0x27/0x30 [ 2062.733204][ T8549] RIP: 0033:0x7fd7968acbb9 [ 2062.737459][ T8549] Code: f8 77 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 89 f8 48 89 fa c5 f9 ef c0 25 ff 0f 00 00 3d e0 0f 00 00 0f 87 27 01 00 00 fd 74 0f c5 fd d7 c1 85 c0 74 5b f3 0f bc c0 e9 30 01 00 00 66 [ 2062.756898][ T8549] RSP: 002b:00007fd7955537d8 EFLAGS: 00010283 [ 2062.762800][ T8549] RAX: 0000000000000999 RBX: 00007fd795553d40 RCX: 00007fd796a23160 [ 2062.770612][ T8549] RDX: 9999999999999999 RSI: 00007fd7969416a4 RDI: 9999999999999999 [ 2062.778425][ T8549] RBP: 000000000000000b R08: 0000000000000000 R09: 0000000000000000 [ 2062.786235][ T8549] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000073 [ 2062.794044][ T8549] R13: 00007fd795553ec0 R14: 9999999999999999 R15: 0000000000000000 [ 2062.801863][ T8549] [ 2062.818216][ T30] audit: type=1400 audit(1722355969.537:134790): avc: denied { map_read map_write } for pid=8546 comm="syz.3.10795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2062.854450][ T30] audit: type=1400 audit(1722355969.537:134791): avc: denied { bpf } for pid=8546 comm="syz.3.10795" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2062.891771][ T30] audit: type=1400 audit(1722355969.537:134792): avc: denied { perfmon } for pid=8546 comm="syz.3.10795" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2062.975214][ T6005] usb 3-1: Using ep0 maxpacket: 16 [ 2063.019424][ T8554] input: syz0 as /devices/virtual/input/input56 [ 2063.104098][ T6005] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2063.118244][ T6005] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2063.147204][ T6005] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2063.171478][ T6005] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 2063.201309][ T6005] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2063.213760][ T6005] usb 3-1: config 0 descriptor?? [ 2063.231467][ T8561] loop4: detected capacity change from 0 to 512 [ 2063.343708][ T8561] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled [ 2063.456609][ T8561] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,jqfmt=vfsold,noquota,min_batch_time=0x0000000000000010,journal_dev=0x000000000000000d,,errors=continue. Quota mode: writeback. [ 2063.478183][ T8561] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038 (0x7fffffff) [ 2063.776873][ T6005] koneplus 0003:1E7D:2E22.023E: unknown main item tag 0x0 [ 2063.799465][ T6005] koneplus 0003:1E7D:2E22.023E: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.2-1/input0 [ 2064.024781][ T6005] koneplus 0003:1E7D:2E22.023E: couldn't init struct koneplus_device [ 2064.032692][ T6005] koneplus 0003:1E7D:2E22.023E: couldn't install mouse [ 2064.056750][ T6005] koneplus: probe of 0003:1E7D:2E22.023E failed with error -5 [ 2064.451453][ T6005] usb 3-1: USB disconnect, device number 73 [ 2065.162299][ T6005] usb 5-1: new high-speed USB device number 77 using dummy_hcd [ 2065.574087][ T6005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2065.595816][ T6005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2065.605404][ T6005] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2065.616799][ T6005] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2065.629633][ T6005] usb 5-1: config 0 descriptor?? [ 2066.086658][ T8619] loop2: detected capacity change from 0 to 512 [ 2066.183436][ T8619] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2066.194615][ T8619] ext4 filesystem being mounted at /112/bus supports timestamps until 2038 (0x7fffffff) [ 2066.526753][ T6005] usb 5-1: string descriptor 0 read error: -22 [ 2066.562661][ T8627] loop3: detected capacity change from 0 to 2048 [ 2066.652398][ T8627] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2066.755007][ T6005] uclogic 0003:256C:006D.023F: interface is invalid, ignoring [ 2067.147630][ T8636] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10820'. [ 2067.361666][ T26] usb 2-1: new high-speed USB device number 109 using dummy_hcd [ 2067.473552][ T6005] usb 5-1: USB disconnect, device number 77 [ 2067.632526][ T26] usb 2-1: Using ep0 maxpacket: 16 [ 2067.661688][ T8650] loop3: detected capacity change from 0 to 40427 [ 2067.687635][ T8650] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 2067.699496][ T8650] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 2067.717757][ T8650] F2FS-fs (loop3): invalid crc value [ 2067.719988][ T8653] FAULT_INJECTION: forcing a failure. [ 2067.719988][ T8653] name failslab, interval 1, probability 0, space 0, times 0 [ 2067.725764][ T8650] F2FS-fs (loop3): Found nat_bits in checkpoint [ 2067.737228][ T8653] CPU: 0 PID: 8653 Comm: syz.0.10828 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2067.751168][ T8653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2067.761067][ T8653] Call Trace: [ 2067.764184][ T8653] [ 2067.766964][ T8653] dump_stack_lvl+0x151/0x1b7 [ 2067.770125][ T8650] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 2067.771476][ T8653] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2067.778396][ T8650] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 2067.783803][ T8653] ? __kasan_check_write+0x14/0x20 [ 2067.792213][ T26] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2067.796044][ T8653] dump_stack+0x15/0x17 [ 2067.796076][ T8653] should_fail+0x3c6/0x510 [ 2067.796093][ T8653] __should_failslab+0xa4/0xe0 [ 2067.819564][ T8653] ? __alloc_file+0x29/0x2a0 [ 2067.822046][ T26] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 64 [ 2067.823986][ T8653] should_failslab+0x9/0x20 [ 2067.834344][ T26] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 2067.837871][ T8653] slab_pre_alloc_hook+0x37/0xd0 [ 2067.851215][ T30] kauditd_printk_skb: 539 callbacks suppressed [ 2067.851228][ T30] audit: type=1400 audit(1722355974.484:135332): avc: denied { append } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2067.855405][ T8653] ? __alloc_file+0x29/0x2a0 [ 2067.861670][ T30] audit: type=1400 audit(1722355974.484:135333): avc: denied { ioctl } for pid=8634 comm="syz.1.10822" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2067.883959][ T8653] kmem_cache_alloc+0x44/0x200 [ 2067.883983][ T8653] ? _raw_spin_trylock_bh+0x190/0x190 [ 2067.884000][ T8653] __alloc_file+0x29/0x2a0 [ 2067.884016][ T8653] alloc_empty_file+0x95/0x180 [ 2067.884030][ T8653] alloc_file+0x5a/0x4e0 [ 2067.884045][ T8653] alloc_file_pseudo+0x259/0x2f0 [ 2067.884067][ T8653] ? alloc_empty_file_noaccount+0x80/0x80 [ 2067.889394][ T30] audit: type=1400 audit(1722355974.502:135334): avc: denied { ioctl } for pid=8634 comm="syz.1.10822" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2067.913298][ T8653] ? _raw_spin_lock+0xa4/0x1b0 [ 2067.913334][ T8653] ? _raw_spin_trylock_bh+0x190/0x190 [ 2067.913351][ T8653] ? inode_init_always+0x784/0x9d0 [ 2067.913368][ T8653] sock_alloc_file+0xbb/0x260 [ 2067.913385][ T8653] do_accept+0x3c5/0x6f0 [ 2067.913399][ T8653] ? __ia32_sys_listen+0x70/0x70 [ 2067.918498][ T30] audit: type=1400 audit(1722355974.521:135335): avc: denied { append } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2067.923107][ T8653] __sys_accept4+0x108/0x180 [ 2067.927556][ T30] audit: type=1400 audit(1722355974.521:135336): avc: denied { mount } for pid=8649 comm="syz.3.10827" name="/" dev="loop3" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 2067.931954][ T8653] __x64_sys_accept4+0x9a/0xb0 [ 2067.936298][ T30] audit: type=1400 audit(1722355974.521:135337): avc: denied { read write } for pid=8649 comm="syz.3.10827" name="loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2067.940807][ T8653] do_syscall_64+0x3d/0xb0 [ 2067.946375][ T30] audit: type=1400 audit(1722355974.521:135338): avc: denied { open } for pid=8649 comm="syz.3.10827" path="/dev/loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2067.971275][ T8653] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2067.971297][ T8653] RIP: 0033:0x7fd7968d4299 [ 2067.971312][ T8653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2067.971329][ T8653] RSP: 002b:00007fd795554048 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 2067.971346][ T8653] RAX: ffffffffffffffda RBX: 00007fd796a62f80 RCX: 00007fd7968d4299 [ 2067.971357][ T8653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 2067.971365][ T8653] RBP: 00007fd7955540a0 R08: 0000000000000000 R09: 0000000000000000 [ 2067.971374][ T8653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2067.971383][ T8653] R13: 000000000000000b R14: 00007fd796a62f80 R15: 00007ffc963efcd8 [ 2067.971400][ T8653] [ 2067.976161][ T26] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2067.991260][ T30] audit: type=1400 audit(1722355974.521:135339): avc: denied { ioctl } for pid=8649 comm="syz.3.10827" path="/dev/loop3" dev="devtmpfs" ino=115 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2067.995623][ T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 2068.048251][ T30] audit: type=1400 audit(1722355974.530:135340): avc: denied { append } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2068.113084][ T26] usb 2-1: SerialNumber: syz [ 2068.181848][ T8660] FAULT_INJECTION: forcing a failure. [ 2068.181848][ T8660] name failslab, interval 1, probability 0, space 0, times 0 [ 2068.209434][ T30] audit: type=1400 audit(1722355974.548:135341): avc: denied { append } for pid=82 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=36 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 2068.288789][ T8660] CPU: 0 PID: 8660 Comm: syz.3.10827 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2068.298513][ T8660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2068.304563][ T8635] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 2068.308407][ T8660] Call Trace: [ 2068.308415][ T8660] [ 2068.321079][ T8660] dump_stack_lvl+0x151/0x1b7 [ 2068.325590][ T8660] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2068.326378][ T26] cdc_acm 2-1:1.0: Control and data interfaces are not separated! [ 2068.331077][ T8660] ? avc_denied+0x1b0/0x1b0 [ 2068.343038][ T8660] ? __kasan_slab_alloc+0xc3/0xe0 [ 2068.347920][ T8660] dump_stack+0x15/0x17 [ 2068.351891][ T8660] should_fail+0x3c6/0x510 [ 2068.356154][ T8660] __should_failslab+0xa4/0xe0 [ 2068.360745][ T8660] ? __d_alloc+0x2d/0x6c0 [ 2068.364906][ T8660] should_failslab+0x9/0x20 [ 2068.369253][ T8660] slab_pre_alloc_hook+0x37/0xd0 [ 2068.374022][ T8660] ? __d_alloc+0x2d/0x6c0 [ 2068.378184][ T8660] kmem_cache_alloc+0x44/0x200 [ 2068.382787][ T8660] __d_alloc+0x2d/0x6c0 [ 2068.386778][ T8660] d_alloc_parallel+0xe6/0x12e0 [ 2068.391466][ T8660] ? inode_permission+0xf8/0x460 [ 2068.396239][ T8660] ? link_path_walk+0xb29/0xd90 [ 2068.400935][ T8660] ? d_hash_and_lookup+0x1e0/0x1e0 [ 2068.405880][ T8660] ? rwsem_mark_wake+0x770/0x770 [ 2068.410651][ T8660] ? __mnt_want_write+0x1f6/0x270 [ 2068.415514][ T8660] path_openat+0xa02/0x2f40 [ 2068.419849][ T8660] ? stack_trace_snprint+0xf0/0xf0 [ 2068.424801][ T8660] ? kasan_set_track+0x5d/0x70 [ 2068.429400][ T8660] ? __kasan_slab_alloc+0xb1/0xe0 [ 2068.434257][ T8660] ? kmem_cache_alloc+0xf5/0x200 [ 2068.439040][ T8660] ? do_filp_open+0x460/0x460 [ 2068.443550][ T8660] do_filp_open+0x21c/0x460 [ 2068.447902][ T8660] ? vfs_tmpfile+0x2c0/0x2c0 [ 2068.452324][ T8660] do_sys_openat2+0x13f/0x830 [ 2068.456823][ T8660] ? wait_for_completion_killable_timeout+0x10/0x10 [ 2068.463246][ T8660] ? __mutex_lock_slowpath+0x10/0x10 [ 2068.468367][ T8660] ? do_sys_open+0x220/0x220 [ 2068.472796][ T8660] ? __kasan_check_write+0x14/0x20 [ 2068.477742][ T8660] ? ksys_write+0x260/0x2c0 [ 2068.482083][ T8660] __x64_sys_creat+0x11f/0x160 [ 2068.486680][ T8660] ? __x64_compat_sys_openat+0x290/0x290 [ 2068.492148][ T8660] ? debug_smp_processor_id+0x17/0x20 [ 2068.497354][ T8660] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2068.503261][ T8660] ? exit_to_user_mode_prepare+0x39/0xa0 [ 2068.508731][ T8660] do_syscall_64+0x3d/0xb0 [ 2068.512980][ T8660] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2068.518706][ T8660] RIP: 0033:0x7f8ad2f9f299 [ 2068.522959][ T8660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2068.542399][ T8660] RSP: 002b:00007f8ad1bfe048 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 2068.550645][ T8660] RAX: ffffffffffffffda RBX: 00007f8ad312e058 RCX: 00007f8ad2f9f299 [ 2068.558636][ T8660] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000380 [ 2068.566445][ T8660] RBP: 00007f8ad1bfe0a0 R08: 0000000000000000 R09: 0000000000000000 [ 2068.574261][ T8660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2068.582072][ T8660] R13: 000000000000006e R14: 00007f8ad312e058 R15: 00007ffd13e2ddf8 [ 2068.589885][ T8660] [ 2068.669444][ T8668] FAULT_INJECTION: forcing a failure. [ 2068.669444][ T8668] name failslab, interval 1, probability 0, space 0, times 0 [ 2068.695908][ T8668] CPU: 0 PID: 8668 Comm: syz.4.10833 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2068.705709][ T8668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2068.715601][ T8668] Call Trace: [ 2068.718726][ T8668] [ 2068.721503][ T8668] dump_stack_lvl+0x151/0x1b7 [ 2068.726030][ T8668] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2068.731538][ T8668] ? dump_stack+0x9/0x17 [ 2068.735564][ T8668] dump_stack+0x15/0x17 [ 2068.739556][ T8668] should_fail+0x3c6/0x510 [ 2068.743807][ T8668] __should_failslab+0xa4/0xe0 [ 2068.748408][ T8668] ? __alloc_skb+0xbe/0x550 [ 2068.752745][ T8668] should_failslab+0x9/0x20 [ 2068.757086][ T8668] slab_pre_alloc_hook+0x37/0xd0 [ 2068.761860][ T8668] ? __alloc_skb+0xbe/0x550 [ 2068.766547][ T8668] kmem_cache_alloc+0x44/0x200 [ 2068.771156][ T8668] __alloc_skb+0xbe/0x550 [ 2068.775318][ T8668] audit_log_start+0x456/0xa80 [ 2068.779914][ T8668] ? audit_serial+0x30/0x30 [ 2068.784256][ T8668] ? rcu_gp_kthread_wake+0x90/0x90 [ 2068.789200][ T8668] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 2068.794503][ T8668] ? slow_avc_audit+0x3c0/0x3c0 [ 2068.799182][ T8668] common_lsm_audit+0xd8/0x18b0 [ 2068.803869][ T8668] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 2068.809251][ T8668] ? ipv6_skb_to_auditdata+0xd90/0xd90 [ 2068.814544][ T8668] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 2068.820185][ T8668] ? avc_update_node+0x2f9/0xd50 [ 2068.824962][ T8668] slow_avc_audit+0x26c/0x3c0 [ 2068.829474][ T8668] ? avc_get_hash_stats+0x180/0x180 [ 2068.834505][ T8668] ? avc_has_perm_noaudit+0x2dd/0x430 [ 2068.839716][ T8668] ? stack_trace_save+0x1c0/0x1c0 [ 2068.844661][ T8668] avc_has_perm+0x1f5/0x260 [ 2068.849007][ T8668] ? avc_has_perm_noaudit+0x430/0x430 [ 2068.854210][ T8668] ? stack_trace_save+0x113/0x1c0 [ 2068.859069][ T8668] selinux_socket_recvmsg+0x243/0x340 [ 2068.864275][ T8668] ? selinux_socket_sendmsg+0x340/0x340 [ 2068.869657][ T8668] ? kasan_set_track+0x5d/0x70 [ 2068.874258][ T8668] ? do_sys_openat2+0x71c/0x830 [ 2068.878948][ T8668] ? __x64_sys_openat+0x243/0x290 [ 2068.883802][ T8668] ? do_syscall_64+0x3d/0xb0 [ 2068.888228][ T8668] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2068.894134][ T8668] security_socket_recvmsg+0x77/0xb0 [ 2068.899254][ T8668] ____sys_recvmsg+0x1e6/0x530 [ 2068.903855][ T8668] ? __sys_recvmsg_sock+0x50/0x50 [ 2068.908716][ T8668] ? import_iovec+0xe5/0x120 [ 2068.913142][ T8668] ___sys_recvmsg+0x1ec/0x690 [ 2068.917655][ T8668] ? __sys_recvmsg+0x260/0x260 [ 2068.922254][ T8668] ? vfs_write+0x9ec/0x1110 [ 2068.926599][ T8668] ? __fdget+0x1bc/0x240 [ 2068.930672][ T8668] __x64_sys_recvmsg+0x1dc/0x2b0 [ 2068.935445][ T8668] ? fput+0x1a/0x20 [ 2068.939091][ T8668] ? ___sys_recvmsg+0x690/0x690 [ 2068.943781][ T8668] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2068.949681][ T8668] ? exit_to_user_mode_prepare+0x39/0xa0 [ 2068.955150][ T8668] do_syscall_64+0x3d/0xb0 [ 2068.959402][ T8668] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2068.965132][ T8668] RIP: 0033:0x7ff733a14299 [ 2068.969383][ T8668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2068.988824][ T8668] RSP: 002b:00007ff732694048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 2068.997068][ T8668] RAX: ffffffffffffffda RBX: 00007ff733ba2f80 RCX: 00007ff733a14299 [ 2069.004880][ T8668] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000003 [ 2069.012691][ T8668] RBP: 00007ff7326940a0 R08: 0000000000000000 R09: 0000000000000000 [ 2069.020503][ T8668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2069.028313][ T8668] R13: 000000000000000b R14: 00007ff733ba2f80 R15: 00007ffdc754c978 [ 2069.036133][ T8668] [ 2069.158508][ T8681] loop3: detected capacity change from 0 to 512 [ 2069.185966][ T26] cdc_acm 2-1:1.0: ttyACM0: USB ACM device [ 2069.230127][ T26] usb 2-1: USB disconnect, device number 109 [ 2069.266169][ T8681] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2069.282267][ T8681] ext4 filesystem being mounted at /118/bus supports timestamps until 2038 (0x7fffffff) [ 2069.420170][ T2480] usb 3-1: new high-speed USB device number 74 using dummy_hcd [ 2069.940269][ T2480] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2069.951107][ T2480] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2069.960680][ T2480] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 2069.969994][ T2480] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2069.989013][ T2480] usb 3-1: config 0 descriptor?? [ 2070.275633][ T8693] loop4: detected capacity change from 0 to 40427 [ 2070.312795][ T8693] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 2070.396454][ T8693] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 2070.451621][ T8693] F2FS-fs (loop4): invalid crc value [ 2070.499271][ T8693] F2FS-fs (loop4): Found nat_bits in checkpoint [ 2070.598459][ T8693] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 2070.605735][ T8693] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 2070.892945][ T2480] usb 3-1: string descriptor 0 read error: -22 [ 2071.249567][ T8720] tmpfs: Unknown parameter 'r' [ 2071.306366][ T2480] uclogic 0003:256C:006D.0240: interface is invalid, ignoring [ 2071.325757][ T1780] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 2071.351499][ T1780] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 2071.448323][ T8720] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10845'. [ 2071.560412][ T8730] loop4: detected capacity change from 0 to 1024 [ 2071.582125][ T8730] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 2071.589614][ T8730] EXT4-fs (loop4): Mount option "delalloc" incompatible with ext3 [ 2071.616594][ T8697] loop3: detected capacity change from 0 to 131072 [ 2071.666826][ T8697] F2FS-fs (loop3): invalid crc value [ 2071.675197][ T8697] F2FS-fs (loop3): Found nat_bits in checkpoint [ 2071.812445][ T8697] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 2071.989485][ T2480] usb 3-1: USB disconnect, device number 74 [ 2072.307129][ T8747] loop0: detected capacity change from 0 to 512 [ 2072.426306][ T8747] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2072.443488][ T8747] ext4 filesystem being mounted at /92/bus supports timestamps until 2038 (0x7fffffff) [ 2072.984812][ T2480] usb 5-1: new high-speed USB device number 78 using dummy_hcd [ 2073.244685][ T2480] usb 5-1: Using ep0 maxpacket: 16 [ 2073.285760][ T30] kauditd_printk_skb: 399 callbacks suppressed [ 2073.285775][ T30] audit: type=1400 audit(1722355979.570:135739): avc: denied { map_create } for pid=8763 comm="syz.2.10855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2073.311895][ T30] audit: type=1400 audit(1722355979.588:135740): avc: denied { unmount } for pid=6912 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 2073.331941][ T30] audit: type=1400 audit(1722355979.588:135741): avc: denied { ioctl } for pid=8754 comm="syz.4.10852" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2073.359150][ T30] audit: type=1400 audit(1722355979.643:135742): avc: denied { ioctl } for pid=8754 comm="syz.4.10852" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2073.384509][ T30] audit: type=1400 audit(1722355979.643:135743): avc: denied { create } for pid=8763 comm="syz.2.10855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 2073.405535][ T2480] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2073.416340][ T30] audit: type=1400 audit(1722355979.643:135744): avc: denied { write } for pid=8763 comm="syz.2.10855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 2073.471021][ T2480] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2073.486976][ T2480] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2073.566279][ T30] audit: type=1400 audit(1722355979.643:135745): avc: denied { read } for pid=8763 comm="syz.2.10855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 2073.586663][ T2480] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 2073.595508][ T2480] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2073.603311][ T30] audit: type=1400 audit(1722355979.653:135746): avc: denied { map_create } for pid=8763 comm="syz.2.10855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2073.643821][ T2480] usb 5-1: config 0 descriptor?? [ 2073.677912][ T30] audit: type=1400 audit(1722355979.653:135747): avc: denied { map_read map_write } for pid=8763 comm="syz.2.10855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2073.756920][ T30] audit: type=1400 audit(1722355979.653:135748): avc: denied { prog_load } for pid=8763 comm="syz.2.10855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2074.767615][ T2480] koneplus 0003:1E7D:2E22.0241: unknown main item tag 0x0 [ 2074.776132][ T2480] koneplus 0003:1E7D:2E22.0241: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.4-1/input0 [ 2074.826547][ T2480] koneplus 0003:1E7D:2E22.0241: couldn't init struct koneplus_device [ 2074.834492][ T2480] koneplus 0003:1E7D:2E22.0241: couldn't install mouse [ 2074.852922][ T2480] koneplus: probe of 0003:1E7D:2E22.0241 failed with error -5 [ 2074.934647][ T8795] loop2: detected capacity change from 0 to 256 [ 2075.159595][ T443] usb 5-1: USB disconnect, device number 78 [ 2075.552375][ T2480] usb 3-1: new high-speed USB device number 75 using dummy_hcd [ 2075.813873][ T2480] usb 3-1: Using ep0 maxpacket: 16 [ 2076.001880][ T2480] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2076.016058][ T2480] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 64 [ 2076.039861][ T2480] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 2076.142996][ T2480] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 2076.152265][ T2480] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 2076.210968][ T2480] usb 3-1: SerialNumber: syz [ 2076.235278][ T8801] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 2076.257098][ T2480] cdc_acm 3-1:1.0: Control and data interfaces are not separated! [ 2076.592727][ T443] usb 1-1: new high-speed USB device number 89 using dummy_hcd [ 2076.600408][ T2480] cdc_acm 3-1:1.0: ttyACM0: USB ACM device [ 2076.611754][ T2480] usb 3-1: USB disconnect, device number 75 [ 2076.917496][ T8838] FAULT_INJECTION: forcing a failure. [ 2076.917496][ T8838] name failslab, interval 1, probability 0, space 0, times 0 [ 2076.929980][ T8838] CPU: 1 PID: 8838 Comm: syz.3.10879 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2076.939711][ T8838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2076.949606][ T8838] Call Trace: [ 2076.952729][ T8838] [ 2076.955507][ T8838] dump_stack_lvl+0x151/0x1b7 [ 2076.960019][ T8838] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2076.965487][ T8838] ? format_decode+0x72f/0x1f10 [ 2076.970176][ T8838] ? pointer+0xc40/0xc40 [ 2076.974257][ T8838] dump_stack+0x15/0x17 [ 2076.978243][ T8838] should_fail+0x3c6/0x510 [ 2076.982500][ T8838] __should_failslab+0xa4/0xe0 [ 2076.987100][ T8838] should_failslab+0x9/0x20 [ 2076.991439][ T8838] slab_pre_alloc_hook+0x37/0xd0 [ 2076.996214][ T8838] ? sidtab_sid2str_get+0x12b/0x2a0 [ 2077.001244][ T8838] __kmalloc_track_caller+0x6c/0x260 [ 2077.006361][ T8838] ? ptr_to_hashval+0x60/0x60 [ 2077.010875][ T8838] ? sidtab_sid2str_get+0x12b/0x2a0 [ 2077.015914][ T8838] kmemdup+0x24/0x50 [ 2077.019646][ T8838] sidtab_sid2str_get+0x12b/0x2a0 [ 2077.024503][ T8838] security_sid_to_context_core+0x2b5/0x490 [ 2077.030234][ T8838] security_sid_to_context+0x33/0x40 [ 2077.035353][ T8838] avc_audit_post_callback+0x1af/0xb20 [ 2077.040647][ T8838] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 2077.046030][ T8838] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 2077.051424][ T8838] common_lsm_audit+0xbc6/0x18b0 [ 2077.056184][ T8838] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 2077.061564][ T8838] ? ipv6_skb_to_auditdata+0xd90/0xd90 [ 2077.066857][ T8838] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 2077.072501][ T8838] ? avc_update_node+0x2f9/0xd50 [ 2077.077278][ T8838] slow_avc_audit+0x26c/0x3c0 [ 2077.081787][ T8838] ? avc_get_hash_stats+0x180/0x180 [ 2077.086820][ T8838] ? avc_has_perm_noaudit+0x2dd/0x430 [ 2077.092031][ T8838] avc_has_perm+0x1f5/0x260 [ 2077.096368][ T8838] ? avc_has_perm_noaudit+0x430/0x430 [ 2077.101577][ T8838] ? socket_type_to_security_class+0x39/0x3a0 [ 2077.107481][ T8838] ? security_transition_sid+0x7d/0x90 [ 2077.112778][ T8838] selinux_socket_create+0x1c2/0x330 [ 2077.117894][ T8838] ? selinux_socket_unix_may_send+0x2f0/0x2f0 [ 2077.123801][ T8838] security_socket_create+0x77/0xb0 [ 2077.128835][ T8838] __sock_create+0xd6/0x760 [ 2077.133172][ T8838] __sys_socketpair+0x29f/0x6e0 [ 2077.137858][ T8838] ? __ia32_sys_socket+0x90/0x90 [ 2077.142630][ T8838] __x64_sys_socketpair+0x9b/0xb0 [ 2077.147489][ T8838] do_syscall_64+0x3d/0xb0 [ 2077.151743][ T8838] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2077.157471][ T8838] RIP: 0033:0x7f8ad2f9f299 [ 2077.161723][ T8838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2077.181168][ T8838] RSP: 002b:00007f8ad1bdd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 2077.189410][ T8838] RAX: ffffffffffffffda RBX: 00007f8ad312e130 RCX: 00007f8ad2f9f299 [ 2077.197221][ T8838] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000001e [ 2077.205033][ T8838] RBP: 00007f8ad1bdd0a0 R08: 0000000000000000 R09: 0000000000000000 [ 2077.212850][ T8838] R10: 0000000020000240 R11: 0000000000000246 R12: 0000000000000001 [ 2077.220659][ T8838] R13: 000000000000006e R14: 00007f8ad312e130 R15: 00007ffd13e2ddf8 [ 2077.228478][ T8838] [ 2077.281506][ T8841] FAULT_INJECTION: forcing a failure. [ 2077.281506][ T8841] name failslab, interval 1, probability 0, space 0, times 0 [ 2077.318331][ T443] usb 1-1: Using ep0 maxpacket: 16 [ 2077.327223][ T8841] CPU: 0 PID: 8841 Comm: syz.2.10880 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2077.337028][ T8841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2077.346924][ T8841] Call Trace: [ 2077.350045][ T8841] [ 2077.352829][ T8841] dump_stack_lvl+0x151/0x1b7 [ 2077.357339][ T8841] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2077.362811][ T8841] dump_stack+0x15/0x17 [ 2077.366798][ T8841] should_fail+0x3c6/0x510 [ 2077.371182][ T8841] __should_failslab+0xa4/0xe0 [ 2077.375781][ T8841] should_failslab+0x9/0x20 [ 2077.380205][ T8841] slab_pre_alloc_hook+0x37/0xd0 [ 2077.384981][ T8841] ? audit_log_start+0x456/0xa80 [ 2077.389753][ T8841] __kmalloc_track_caller+0x6c/0x260 [ 2077.394871][ T8841] ? audit_log_start+0x456/0xa80 [ 2077.399646][ T8841] ? audit_log_start+0x456/0xa80 [ 2077.404418][ T8841] __alloc_skb+0x10c/0x550 [ 2077.408679][ T8841] audit_log_start+0x456/0xa80 [ 2077.413276][ T8841] ? audit_serial+0x30/0x30 [ 2077.417615][ T8841] ? rcu_gp_kthread_wake+0x90/0x90 [ 2077.422556][ T8841] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 2077.427860][ T8841] ? slow_avc_audit+0x3c0/0x3c0 [ 2077.432540][ T8841] common_lsm_audit+0xd8/0x18b0 [ 2077.437227][ T8841] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 2077.442697][ T8841] ? ipv6_skb_to_auditdata+0xd90/0xd90 [ 2077.447992][ T8841] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 2077.448442][ T443] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2077.453632][ T8841] ? avc_update_node+0x2f9/0xd50 [ 2077.453664][ T8841] slow_avc_audit+0x26c/0x3c0 [ 2077.473594][ T8841] ? avc_get_hash_stats+0x180/0x180 [ 2077.475292][ T443] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2077.478624][ T8841] ? avc_has_perm_noaudit+0x2dd/0x430 [ 2077.493478][ T8841] avc_has_perm+0x1f5/0x260 [ 2077.497818][ T8841] ? avc_has_perm_noaudit+0x430/0x430 [ 2077.503022][ T8841] selinux_socket_sendmsg+0x243/0x340 [ 2077.508226][ T8841] ? selinux_socket_accept+0x5b0/0x5b0 [ 2077.510353][ T443] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 2077.513522][ T8841] ? proc_fail_nth_write+0x20b/0x290 [ 2077.513548][ T8841] ? check_stack_object+0xf4/0x130 [ 2077.513565][ T8841] security_socket_sendmsg+0x72/0xb0 [ 2077.533553][ T443] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2077.537560][ T8841] __sys_sendto+0x4d4/0x720 [ 2077.537585][ T8841] ? __ia32_sys_getpeername+0x90/0x90 [ 2077.537600][ T8841] ? mutex_unlock+0xb2/0x260 [ 2077.559350][ T8841] ? fput_many+0x160/0x1b0 [ 2077.563611][ T8841] ? debug_smp_processor_id+0x17/0x20 [ 2077.568808][ T8841] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2077.574710][ T8841] __x64_sys_sendto+0xe5/0x100 [ 2077.579309][ T8841] do_syscall_64+0x3d/0xb0 [ 2077.583561][ T8841] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2077.589294][ T8841] RIP: 0033:0x7f3f0dbc7299 [ 2077.593542][ T8841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2077.611869][ T443] usb 1-1: config 0 descriptor?? [ 2077.613068][ T8841] RSP: 002b:00007f3f0c847048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 2077.626093][ T8841] RAX: ffffffffffffffda RBX: 00007f3f0dd55f80 RCX: 00007f3f0dbc7299 [ 2077.633901][ T8841] RDX: 000000000000e90c RSI: 00000000200000c0 RDI: 0000000000000004 [ 2077.641713][ T8841] RBP: 00007f3f0c8470a0 R08: 0000000020000540 R09: 0000000000000014 [ 2077.649524][ T8841] R10: 000000000000a0c4 R11: 0000000000000246 R12: 0000000000000001 [ 2077.657335][ T8841] R13: 000000000000000b R14: 00007f3f0dd55f80 R15: 00007fffa198ed28 [ 2077.665152][ T8841] [ 2077.783996][ T8855] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10887'. [ 2078.224932][ T443] kovaplus 0003:1E7D:2D50.0242: item fetching failed at offset 5/7 [ 2078.237916][ T443] kovaplus 0003:1E7D:2D50.0242: parse failed [ 2078.285071][ T443] kovaplus: probe of 0003:1E7D:2D50.0242 failed with error -22 [ 2078.483819][ T443] usb 1-1: USB disconnect, device number 89 [ 2078.806954][ T30] kauditd_printk_skb: 502 callbacks suppressed [ 2078.806967][ T30] audit: type=1400 audit(1722355984.674:136249): avc: denied { read write } for pid=6656 comm="syz-executor" name="loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2078.846106][ T30] audit: type=1400 audit(1722355984.674:136250): avc: denied { read write open } for pid=6656 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=115 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2078.887616][ T30] audit: type=1400 audit(1722355984.674:136251): avc: denied { ioctl } for pid=6656 comm="syz-executor" path="/dev/loop3" dev="devtmpfs" ino=115 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2078.914447][ T30] audit: type=1400 audit(1722355984.711:136252): avc: denied { read write } for pid=6506 comm="syz-executor" name="loop2" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2078.945319][ T30] audit: type=1400 audit(1722355984.711:136253): avc: denied { read write open } for pid=6506 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2078.971115][ T30] audit: type=1400 audit(1722355984.711:136254): avc: denied { ioctl } for pid=6506 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=114 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2078.997230][ T30] audit: type=1400 audit(1722355984.729:136255): avc: denied { map_create } for pid=8877 comm="syz.2.10894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2079.017190][ T30] audit: type=1400 audit(1722355984.738:136256): avc: denied { prog_load } for pid=8877 comm="syz.2.10894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2079.036772][ T30] audit: type=1400 audit(1722355984.738:136257): avc: denied { wake_alarm } for pid=8877 comm="syz.2.10894" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2079.058421][ T30] audit: type=1400 audit(1722355984.757:136258): avc: denied { map_create } for pid=8876 comm="syz.3.10893" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2079.788510][ T443] usb 2-1: new high-speed USB device number 110 using dummy_hcd [ 2080.135214][ T6005] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 2080.178958][ T443] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2080.189792][ T443] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2080.199347][ T443] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 2080.208633][ T443] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2080.219584][ T443] usb 2-1: config 0 descriptor?? [ 2080.421899][ T6005] usb 4-1: Using ep0 maxpacket: 16 [ 2080.673452][ T6005] usb 4-1: config index 0 descriptor too short (expected 36164, got 36) [ 2080.681646][ T6005] usb 4-1: config 85 has too many interfaces: 95, using maximum allowed: 32 [ 2080.690142][ T6005] usb 4-1: config 85 has an invalid descriptor of length 123, skipping remainder of the config [ 2080.700285][ T6005] usb 4-1: config 85 has 0 interfaces, different from the descriptor's value: 95 [ 2080.709223][ T6005] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 2080.718085][ T6005] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2080.746651][ T443] isku 0003:1E7D:319C.0243: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.1-1/input0 [ 2081.130001][ T8917] UDC core: couldn't find an available UDC or it's busy: -16 [ 2081.137376][ T8917] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 2081.191976][ T443] usb 2-1: USB disconnect, device number 110 [ 2081.220672][ T8945] loop0: detected capacity change from 0 to 512 [ 2081.319867][ T8945] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2081.331003][ T8945] ext4 filesystem being mounted at /105/bus supports timestamps until 2038 (0x7fffffff) [ 2081.422619][ T8950] loop4: detected capacity change from 0 to 512 [ 2081.569832][ T8917] 9pnet: bogus RWRITE count (2 > 1) [ 2081.747108][ T8950] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2081.758384][ T8950] ext4 filesystem being mounted at /33/bus supports timestamps until 2038 (0x7fffffff) [ 2081.857953][ T6005] usb 4-1: string descriptor 0 read error: -71 [ 2081.876684][ T6005] usb 4-1: USB disconnect, device number 39 [ 2082.435679][ T8971] loop4: detected capacity change from 0 to 512 [ 2082.476997][ T8971] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2082.488069][ T8971] ext4 filesystem being mounted at /34/bus supports timestamps until 2038 (0x7fffffff) [ 2083.257365][ T8994] FAULT_INJECTION: forcing a failure. [ 2083.257365][ T8994] name failslab, interval 1, probability 0, space 0, times 0 [ 2083.269907][ T8994] CPU: 0 PID: 8994 Comm: syz.3.10929 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2083.279699][ T8994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2083.289593][ T8994] Call Trace: [ 2083.292719][ T8994] [ 2083.295498][ T8994] dump_stack_lvl+0x151/0x1b7 [ 2083.300010][ T8994] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2083.305483][ T8994] ? avc_denied+0x1b0/0x1b0 [ 2083.309812][ T8994] ? __kasan_slab_alloc+0xc3/0xe0 [ 2083.314676][ T8994] dump_stack+0x15/0x17 [ 2083.318668][ T8994] should_fail+0x3c6/0x510 [ 2083.325018][ T8994] __should_failslab+0xa4/0xe0 [ 2083.329614][ T8994] ? __d_alloc+0x2d/0x6c0 [ 2083.333774][ T8994] should_failslab+0x9/0x20 [ 2083.338114][ T8994] slab_pre_alloc_hook+0x37/0xd0 [ 2083.342889][ T8994] ? __d_alloc+0x2d/0x6c0 [ 2083.347051][ T8994] kmem_cache_alloc+0x44/0x200 [ 2083.351652][ T8994] __d_alloc+0x2d/0x6c0 [ 2083.355644][ T8994] d_alloc_parallel+0xe6/0x12e0 [ 2083.360331][ T8994] ? inode_permission+0xf8/0x460 [ 2083.365188][ T8994] ? proc_readfd+0x30/0x30 [ 2083.369442][ T8994] ? link_path_walk+0xb29/0xd90 [ 2083.374139][ T8994] ? d_hash_and_lookup+0x1e0/0x1e0 [ 2083.379076][ T8994] ? rwsem_mark_wake+0x770/0x770 [ 2083.383846][ T8994] ? __mnt_want_write+0x1f6/0x270 [ 2083.388710][ T8994] path_openat+0xa02/0x2f40 [ 2083.393047][ T8994] ? stack_trace_snprint+0xf0/0xf0 [ 2083.397998][ T8994] ? do_filp_open+0x460/0x460 [ 2083.402508][ T8994] do_filp_open+0x21c/0x460 [ 2083.406850][ T8994] ? vfs_tmpfile+0x2c0/0x2c0 [ 2083.411280][ T8994] do_sys_openat2+0x13f/0x830 [ 2083.415786][ T8994] ? __kasan_check_write+0x14/0x20 [ 2083.420734][ T8994] ? mutex_unlock+0xb2/0x260 [ 2083.425167][ T8994] ? wait_for_completion_killable_timeout+0x10/0x10 [ 2083.431583][ T8994] ? do_sys_open+0x220/0x220 [ 2083.436011][ T8994] ? __kasan_check_write+0x14/0x20 [ 2083.440959][ T8994] ? fput_many+0x160/0x1b0 [ 2083.445212][ T8994] ? fput+0x1a/0x20 [ 2083.448857][ T8994] __x64_sys_openat+0x243/0x290 [ 2083.453547][ T8994] ? __ia32_sys_open+0x270/0x270 [ 2083.458317][ T8994] ? debug_smp_processor_id+0x17/0x20 [ 2083.463528][ T8994] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2083.469971][ T8994] ? exit_to_user_mode_prepare+0x39/0xa0 [ 2083.475415][ T8994] do_syscall_64+0x3d/0xb0 [ 2083.479672][ T8994] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2083.485397][ T8994] RIP: 0033:0x7f8ad2f9f299 [ 2083.489649][ T8994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2083.509089][ T8994] RSP: 002b:00007f8ad1bfe048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2083.517334][ T8994] RAX: ffffffffffffffda RBX: 00007f8ad312e058 RCX: 00007f8ad2f9f299 [ 2083.525145][ T8994] RDX: 0000000000000041 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 2083.532957][ T8994] RBP: 00007f8ad1bfe0a0 R08: 0000000000000000 R09: 0000000000000000 [ 2083.540770][ T8994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2083.548581][ T8994] R13: 000000000000006e R14: 00007f8ad312e058 R15: 00007ffd13e2ddf8 [ 2083.556397][ T8994] [ 2084.230619][ T30] kauditd_printk_skb: 612 callbacks suppressed [ 2084.230635][ T30] audit: type=1400 audit(1722355989.667:136871): avc: denied { ioctl } for pid=9014 comm="syz.1.10936" path="/dev/loop1" dev="devtmpfs" ino=113 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2084.264994][ T30] audit: type=1400 audit(1722355989.676:136872): avc: denied { prog_load } for pid=9016 comm="syz.3.10937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2084.289344][ T30] audit: type=1400 audit(1722355989.676:136873): avc: denied { map_create } for pid=9016 comm="syz.3.10937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2084.308863][ T30] audit: type=1400 audit(1722355989.676:136874): avc: denied { bpf } for pid=9016 comm="syz.3.10937" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2084.329635][ T30] audit: type=1400 audit(1722355989.676:136875): avc: denied { map_read map_write } for pid=9016 comm="syz.3.10937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2084.349738][ T30] audit: type=1400 audit(1722355989.676:136876): avc: denied { perfmon } for pid=9016 comm="syz.3.10937" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 2084.370812][ T30] audit: type=1400 audit(1722355989.713:136877): avc: denied { prog_run } for pid=9016 comm="syz.3.10937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 2084.390044][ T30] audit: type=1400 audit(1722355989.713:136878): avc: denied { ioctl } for pid=9014 comm="syz.1.10936" path="/dev/loop1" dev="devtmpfs" ino=113 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2084.415627][ T30] audit: type=1400 audit(1722355989.732:136879): avc: denied { create } for pid=9016 comm="syz.3.10937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 2084.435668][ T30] audit: type=1400 audit(1722355989.732:136880): avc: denied { setopt } for pid=9016 comm="syz.3.10937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 2084.933764][ T9027] FAULT_INJECTION: forcing a failure. [ 2084.933764][ T9027] name failslab, interval 1, probability 0, space 0, times 0 [ 2084.949441][ T9027] CPU: 0 PID: 9027 Comm: syz.2.10941 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2084.959244][ T9027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2084.969141][ T9027] Call Trace: [ 2084.972264][ T9027] [ 2084.975043][ T9027] dump_stack_lvl+0x151/0x1b7 [ 2084.979559][ T9027] ? io_uring_drop_tctx_refs+0x190/0x190 [ 2084.985023][ T9027] dump_stack+0x15/0x17 [ 2084.989012][ T9027] should_fail+0x3c6/0x510 [ 2084.993268][ T9027] __should_failslab+0xa4/0xe0 [ 2084.997872][ T9027] should_failslab+0x9/0x20 [ 2085.002207][ T9027] slab_pre_alloc_hook+0x37/0xd0 [ 2085.006979][ T9027] ? audit_log_start+0x456/0xa80 [ 2085.011756][ T9027] __kmalloc_track_caller+0x6c/0x260 [ 2085.016875][ T9027] ? audit_log_start+0x456/0xa80 [ 2085.021656][ T9027] ? audit_log_start+0x456/0xa80 [ 2085.026425][ T9027] __alloc_skb+0x10c/0x550 [ 2085.030679][ T9027] audit_log_start+0x456/0xa80 [ 2085.035278][ T9027] ? audit_serial+0x30/0x30 [ 2085.039618][ T9027] ? rcu_gp_kthread_wake+0x90/0x90 [ 2085.044560][ T9027] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 2085.049860][ T9027] ? slow_avc_audit+0x3c0/0x3c0 [ 2085.054544][ T9027] common_lsm_audit+0xd8/0x18b0 [ 2085.059231][ T9027] ? avc_audit_pre_callback+0x2b0/0x2b0 [ 2085.064617][ T9027] ? ipv6_skb_to_auditdata+0xd90/0xd90 [ 2085.069906][ T9027] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 2085.075546][ T9027] ? avc_update_node+0x2f9/0xd50 [ 2085.080444][ T9027] slow_avc_audit+0x26c/0x3c0 [ 2085.084956][ T9027] ? avc_get_hash_stats+0x180/0x180 [ 2085.089987][ T9027] ? avc_has_perm_noaudit+0x2dd/0x430 [ 2085.095198][ T9027] ? vfs_write+0x340/0x1110 [ 2085.099533][ T9027] ? vfs_write+0x3f4/0x1110 [ 2085.103873][ T9027] avc_has_perm+0x1f5/0x260 [ 2085.108212][ T9027] ? avc_has_perm_noaudit+0x430/0x430 [ 2085.113425][ T9027] ? file_end_write+0x1c0/0x1c0 [ 2085.118111][ T9027] selinux_bpf+0xcb/0x100 [ 2085.122282][ T9027] security_bpf+0x72/0xb0 [ 2085.126442][ T9027] __sys_bpf+0x254/0x760 [ 2085.130516][ T9027] ? fput_many+0x160/0x1b0 [ 2085.134773][ T9027] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 2085.139977][ T9027] ? debug_smp_processor_id+0x17/0x20 [ 2085.145182][ T9027] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 2085.151086][ T9027] __x64_sys_bpf+0x7c/0x90 [ 2085.155341][ T9027] do_syscall_64+0x3d/0xb0 [ 2085.159589][ T9027] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2085.165318][ T9027] RIP: 0033:0x7f3f0dbc7299 [ 2085.169573][ T9027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2085.189018][ T9027] RSP: 002b:00007f3f0c847048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2085.197266][ T9027] RAX: ffffffffffffffda RBX: 00007f3f0dd55f80 RCX: 00007f3f0dbc7299 [ 2085.205074][ T9027] RDX: 0000000000000048 RSI: 0000000020000840 RDI: 0000000000000000 [ 2085.212881][ T9027] RBP: 00007f3f0c8470a0 R08: 0000000000000000 R09: 0000000000000000 [ 2085.220697][ T9027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2085.228510][ T9027] R13: 000000000000000b R14: 00007f3f0dd55f80 R15: 00007fffa198ed28 [ 2085.236335][ T9027] [ 2085.693294][ T9034] loop3: detected capacity change from 0 to 40427 [ 2085.730194][ T9041] loop2: detected capacity change from 0 to 40427 [ 2085.772664][ T9041] F2FS-fs (loop2): invalid crc value [ 2085.782291][ T9041] F2FS-fs (loop2): Found nat_bits in checkpoint [ 2085.794401][ T9034] F2FS-fs (loop3): invalid crc value [ 2085.839558][ T9041] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 2085.873109][ T9034] F2FS-fs (loop3): Found nat_bits in checkpoint [ 2085.900056][ T6506] attempt to access beyond end of device [ 2085.900056][ T6506] loop2: rw=2049, want=45104, limit=40427 [ 2085.943580][ T9034] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 2085.954223][ T9034] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 2086.950014][ T443] usb 2-1: new high-speed USB device number 111 using dummy_hcd [ 2087.340432][ T443] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2087.352153][ T443] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2087.362785][ T443] usb 2-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 2087.375354][ T443] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2087.385465][ T443] usb 2-1: config 0 descriptor?? [ 2087.903729][ T443] hid (null): global environment stack underflow [ 2087.935336][ T443] uclogic 0003:5543:0522.0244: global environment stack underflow [ 2087.957544][ T443] uclogic 0003:5543:0522.0244: item 0 1 1 11 parsing failed [ 2087.964941][ T443] uclogic 0003:5543:0522.0244: parse failed [ 2088.004948][ T443] uclogic: probe of 0003:5543:0522.0244 failed with error -22 [ 2088.134014][T30304] usb 2-1: USB disconnect, device number 111 [ 2088.721639][T30304] usb 5-1: new high-speed USB device number 79 using dummy_hcd [ 2088.726821][ T443] usb 1-1: new high-speed USB device number 90 using dummy_hcd [ 2089.203649][ T443] usb 1-1: Using ep0 maxpacket: 16 [ 2089.214394][T30304] usb 5-1: Using ep0 maxpacket: 8 [ 2089.377268][T30304] usb 5-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 2089.438852][T30304] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 2089.476728][T30304] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 2089.495324][T30304] usb 5-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2089.507214][ T443] usb 1-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 2089.529039][ T443] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2089.537134][ T443] usb 1-1: Product: syz [ 2089.542713][ T443] usb 1-1: Manufacturer: syz [ 2089.554724][ T443] usb 1-1: SerialNumber: syz [ 2089.567189][ T443] usb 1-1: config 0 descriptor?? [ 2089.626097][T30304] usb 5-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 2089.636406][T30304] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 2089.683052][T30304] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 2089.695824][ T30] kauditd_printk_skb: 657 callbacks suppressed [ 2089.695838][ T30] audit: type=1400 audit(1722355994.716:137536): avc: denied { read write } for pid=6506 comm="syz-executor" name="loop2" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2089.742014][T30304] usb 5-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2089.765857][ T30] audit: type=1400 audit(1722355994.753:137537): avc: denied { read write open } for pid=6506 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2089.797685][ T30] audit: type=1400 audit(1722355994.753:137538): avc: denied { ioctl } for pid=6506 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=114 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2089.799457][T32240] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 2089.823657][ T30] audit: type=1400 audit(1722355994.781:137540): avc: denied { read write } for pid=6506 comm="syz-executor" name="loop2" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2089.863577][ T30] audit: type=1400 audit(1722355994.781:137539): avc: denied { read write } for pid=6312 comm="syz-executor" name="loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2089.888334][T30304] usb 5-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config [ 2089.894473][ T8771] usb 1-1: USB disconnect, device number 90 [ 2089.901631][ T30] audit: type=1400 audit(1722355994.781:137542): avc: denied { open } for pid=6506 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2089.939016][T30304] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 2089.943041][ T30] audit: type=1400 audit(1722355994.781:137541): avc: denied { open } for pid=6312 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2089.953538][T30304] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 2089.974580][ T30] audit: type=1400 audit(1722355994.781:137543): avc: denied { ioctl } for pid=6312 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=113 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2089.983921][T30304] usb 5-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 2090.010368][ T30] audit: type=1400 audit(1722355994.781:137544): avc: denied { ioctl } for pid=6506 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=114 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2090.049233][ T30] audit: type=1400 audit(1722355994.790:137545): avc: denied { execmem } for pid=9241 comm="syz.2.11034" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 2090.102722][T32240] usb 4-1: Using ep0 maxpacket: 8 [ 2090.211116][T30304] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 2090.220015][T30304] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2090.227805][T30304] usb 5-1: Product: syz [ 2090.231786][T30304] usb 5-1: Manufacturer: syz [ 2090.232782][T32240] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 2090.236222][T30304] usb 5-1: SerialNumber: syz [ 2090.246623][ T443] usb 2-1: new high-speed USB device number 112 using dummy_hcd [ 2090.259434][T32240] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x93, skipping [ 2090.270510][T32240] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 2090.449538][T32240] usb 4-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 2090.458443][T32240] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 2090.466392][T32240] usb 4-1: Product: syz [ 2090.470298][T32240] usb 4-1: Manufacturer: syz [ 2090.474749][T32240] usb 4-1: SerialNumber: syz [ 2090.480430][T32240] usb 4-1: config 0 descriptor?? [ 2090.583220][T30304] usb 5-1: USB disconnect, device number 79 [ 2090.644531][ T443] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2090.655724][ T443] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2090.665262][ T443] usb 2-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 2090.674156][ T443] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2090.685725][ T443] usb 2-1: config 0 descriptor?? [ 2090.763077][ T26] usb 4-1: USB disconnect, device number 40 [ 2091.208054][ T443] hid (null): global environment stack underflow [ 2091.219062][ T443] uclogic 0003:5543:0522.0245: global environment stack underflow [ 2091.239151][ T443] uclogic 0003:5543:0522.0245: item 0 1 1 11 parsing failed [ 2091.257963][ T443] uclogic 0003:5543:0522.0245: parse failed [ 2091.274587][ T443] uclogic: probe of 0003:5543:0522.0245 failed with error -22 [ 2091.513139][ T9278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 2091.680797][T30304] usb 2-1: USB disconnect, device number 112 [ 2091.795722][ T9284] loop0: detected capacity change from 0 to 512 [ 2091.828636][ T9284] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:164: inode #12: comm syz.0.11048: inline data xattr refers to an external xattr inode [ 2091.844177][ T9284] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.11048: couldn't read orphan inode 12 (err -117) [ 2091.856572][ T9284] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=continue,,errors=continue. Quota mode: none. [ 2091.872016][ T9284] syz.0.11048[9284] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2091.872283][ T9284] syz.0.11048[9284] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2092.107081][ T26] usb 3-1: new high-speed USB device number 76 using dummy_hcd [ 2092.437202][ T9310] loop3: detected capacity change from 0 to 512 [ 2092.519117][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2092.529867][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2092.539382][ T26] usb 3-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.00 [ 2092.552812][ T9310] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 2092.555106][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2092.598117][ T9310] EXT4-fs (loop3): 1 orphan inode deleted [ 2092.598150][ T26] usb 3-1: config 0 descriptor?? [ 2092.603767][ T9310] EXT4-fs (loop3): 1 truncate cleaned up [ 2092.618228][ T9310] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,max_dir_size_kb=0x0000000000000004,resgid=0x0000000000000000,inode_readahead_blks=0x0000000000010000,max_dir_size_kb=0x0000000000000008,errors=remount-ro,init_itable=0x0000000000000008,journal_dev=0x000000007fffff. Quota mode: none. [ 2092.717550][ T9328] loop3: detected capacity change from 0 to 16 [ 2092.723962][ T9328] erofs: Unknown parameter 'ÿÿÿÿÿÿ18446744073709551615°íi‚®(ŒíˆµFïp' [ 2092.789968][ T9294] loop4: detected capacity change from 0 to 131072 [ 2092.825847][ T9294] F2FS-fs (loop4): Test dummy encryption mode enabled [ 2092.835477][ T9294] F2FS-fs (loop4): invalid crc value [ 2092.875826][ T9294] F2FS-fs (loop4): Found nat_bits in checkpoint [ 2092.885247][ T9344] loop0: detected capacity change from 0 to 256 [ 2092.975727][ T9294] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 2092.999628][ T9352] loop0: detected capacity change from 0 to 512 [ 2093.051205][ T9352] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a80ee02d, mo2=0002] [ 2093.066750][ T9361] loop3: detected capacity change from 0 to 4096 [ 2093.076766][ T9352] System zones: 1-12 [ 2093.080983][ T9352] EXT4-fs (loop0): orphan cleanup on readonly fs [ 2093.096891][ T9352] EXT4-fs error (device loop0): __ext4_iget:4892: inode #11: block 393240: comm syz.0.11077: invalid block [ 2093.132021][ T9352] EXT4-fs (loop0): Remounting filesystem read-only [ 2093.140433][ T9352] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.11077: couldn't read orphan inode 11 (err -117) [ 2093.152927][ T9361] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2093.153903][ T26] pantherlord 0003:0F30:0111.0246: item fetching failed at offset 6/7 [ 2093.176617][ T26] pantherlord 0003:0F30:0111.0246: parse failed [ 2093.182730][ T9352] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,nodiscard,nombcache,errors=remount-ro,max_dir_size_kb=0x000000000000001d. Quota mode: writeback. [ 2093.199715][ T26] pantherlord: probe of 0003:0F30:0111.0246 failed with error -22 [ 2093.404375][ T26] usb 3-1: USB disconnect, device number 76 [ 2093.444060][ T9378] netlink: 124 bytes leftover after parsing attributes in process `syz.4.11083'. [ 2093.500667][ T9386] loop4: detected capacity change from 0 to 512 [ 2093.564890][ T9386] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 47 vs 41 free clusters [ 2093.603783][ T9386] EXT4-fs (loop4): Remounting filesystem read-only [ 2093.613869][ T9386] EXT4-fs (loop4): 1 orphan inode deleted [ 2093.634743][T15249] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 2093.634967][ T9386] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,noblock_validity,grpid,. Quota mode: writeback. [ 2093.676073][ T9386] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038 (0x7fffffff) [ 2093.808536][ T9407] device batadv_slave_1 entered promiscuous mode [ 2093.815171][ T9406] device batadv_slave_1 left promiscuous mode [ 2093.848837][ T9411] loop4: detected capacity change from 0 to 128 [ 2093.943348][ T9411] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11098'. [ 2094.274695][ T9437] loop4: detected capacity change from 0 to 512 [ 2094.345192][ T9437] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:164: inode #12: comm syz.4.11114: inline data xattr refers to an external xattr inode [ 2094.360229][ T9437] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.11114: couldn't read orphan inode 12 (err -117) [ 2094.363523][ T9446] kvm: pic: non byte write [ 2094.373434][ T9437] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=continue,,errors=continue. Quota mode: none. [ 2094.414000][ T9437] syz.4.11114[9437] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2094.414085][ T9437] syz.4.11114[9437] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 2094.444526][ T9454] loop2: detected capacity change from 0 to 512 [ 2094.556735][ T9454] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 2094.600253][ T9454] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038 (0x7fffffff) [ 2094.814159][ T9454] netlink: 12 bytes leftover after parsing attributes in process `syz.2.11119'. [ 2095.112619][ T9473] loop2: detected capacity change from 0 to 512 [ 2095.129815][ T6005] usb 1-1: new high-speed USB device number 91 using dummy_hcd [ 2095.152558][ T30] kauditd_printk_skb: 811 callbacks suppressed [ 2095.152600][ T30] audit: type=1400 audit(1722355999.756:138354): avc: denied { ioctl } for pid=9464 comm="syz.0.11122" path="/dev/raw-gadget" dev="devtmpfs" ino=162 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 2095.323304][ T30] audit: type=1400 audit(1722355999.894:138355): avc: denied { unmount } for pid=8429 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 2095.394887][ T9473] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.11124: invalid indirect mapped block 11 (level 0) [ 2095.509512][ T30] audit: type=1400 audit(1722355999.894:138356): avc: denied { mounton } for pid=9472 comm="syz.2.11124" path="/166/file0" dev="tmpfs" ino=909 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 2095.532593][ T9473] EXT4-fs (loop2): Remounting filesystem read-only [ 2095.541745][ T30] audit: type=1400 audit(1722355999.940:138357): avc: denied { read write } for pid=8429 comm="syz-executor" name="loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2095.565930][ T9473] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.11124: attempt to clear invalid blocks 1024 len 1 [ 2095.566509][ T9473] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 2095.566717][ T9473] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.11124: invalid indirect mapped block 1819239214 (level 0) [ 2095.610328][ T30] audit: type=1400 audit(1722355999.940:138358): avc: denied { open } for pid=8429 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2095.614051][ T9473] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.11124: invalid indirect mapped block 33554432 (level 2) [ 2095.655603][ T9473] EXT4-fs (loop2): 1 truncate cleaned up [ 2095.655973][ T30] audit: type=1400 audit(1722355999.940:138359): avc: denied { ioctl } for pid=8429 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2095.686793][ T30] audit: type=1400 audit(1722356000.014:138360): avc: denied { read write } for pid=8429 comm="syz-executor" name="loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2095.689238][ T9473] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000001000,usrquota,nodelalloc,errors=remount-ro,max_batch_time=0x00000000000000ea,nodiscard,. Quota mode: writeback. [ 2095.844916][ T6005] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 2095.855626][ T6005] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 2095.876378][ T6005] usb 1-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00 [ 2095.885829][ T30] audit: type=1400 audit(1722356000.014:138361): avc: denied { open } for pid=8429 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2095.915526][ T6005] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 2095.932431][ T6005] usb 1-1: config 0 descriptor?? [ 2095.948172][ T30] audit: type=1400 audit(1722356000.014:138362): avc: denied { ioctl } for pid=8429 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=116 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 2095.977992][ T9495] audit: audit_backlog=65 > audit_backlog_limit=64 [ 2096.047822][ T9502] loop3: detected capacity change from 0 to 16 [ 2096.101257][ T9506] loop4: detected capacity change from 0 to 2048 [ 2096.129884][ T9502] erofs: (device loop3): check_layout_compatibility: unidentified incompatible feature 9000000, please upgrade kernel version [ 2096.156747][ T9516] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 2096.168292][ T9516] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 2096.176533][ T9516] CPU: 1 PID: 9516 Comm: syz.2.11142 Not tainted 5.15.151-syzkaller-00134-gd0a6506ecafd #0 [ 2096.186338][ T9516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 2096.196240][ T9516] RIP: 0010:bpf_check+0x9514/0x12bf0 [ 2096.201354][ T9516] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 a6 af 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 7e af 30 00 48 8b 1b 48 85 db 0f 84 [ 2096.220799][ T9516] RSP: 0018:ffffc900009c7500 EFLAGS: 00010246 [ 2096.226705][ T9516] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 2096.234509][ T9516] RDX: ffff8881159662c0 RSI: 00000000fffffff3 RDI: 0000000000000000 [ 2096.242321][ T9516] RBP: ffffc900009c7bd0 R08: ffffffff817c0a03 R09: fffff520001d8849 [ 2096.250131][ T9516] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000013212 [ 2096.257942][ T9516] R13: ffff8881101cc008 R14: ffffffff817bc3d0 R15: ffffc90000099094 [ 2096.265758][ T9516] FS: 00007f3f0c8476c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 2096.274520][ T9516] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2096.280943][ T9516] CR2: 00007f3f0c846fa8 CR3: 00000001223ba000 CR4: 00000000003506a0 [ 2096.288757][ T9516] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2096.296565][ T9516] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2096.304376][ T9516] Call Trace: [ 2096.307503][ T9516] [ 2096.310380][ T9516] ? __die_body+0x62/0xb0 [ 2096.314541][ T9516] ? die_addr+0x9f/0xd0 [ 2096.318620][ T9516] ? exc_general_protection+0x311/0x4b0 [ 2096.324008][ T9516] ? asm_exc_general_protection+0x27/0x30 [ 2096.329613][ T9516] ? tracing_prog_func_proto+0x300/0x300 [ 2096.335027][ T9516] ? bpf_tracing_func_proto+0x1b3/0x4a0 [ 2096.340411][ T9516] ? bpf_check+0x9514/0x12bf0 [ 2096.344937][ T9516] ? bpf_get_btf_vmlinux+0x60/0x60 [ 2096.349866][ T9516] ? arch_stack_walk+0xf3/0x140 [ 2096.354558][ T9516] ? stack_trace_save+0x113/0x1c0 [ 2096.359413][ T9516] ? stack_trace_snprint+0xf0/0xf0 [ 2096.364366][ T9516] ? ____kasan_kmalloc+0xed/0x110 [ 2096.369220][ T9516] ? ____kasan_kmalloc+0xdb/0x110 [ 2096.374080][ T9516] ? __kasan_kmalloc+0x9/0x10 [ 2096.378593][ T9516] ? kmem_cache_alloc_trace+0x115/0x210 [ 2096.383975][ T9516] ? selinux_bpf_prog_alloc+0x51/0x140 [ 2096.389272][ T9516] ? security_bpf_prog_alloc+0x62/0x90 [ 2096.394564][ T9516] ? bpf_prog_load+0x9ee/0x1b50 [ 2096.399251][ T9516] ? __sys_bpf+0x4bc/0x760 [ 2096.403502][ T9516] ? __x64_sys_bpf+0x7c/0x90 [ 2096.407929][ T9516] ? do_syscall_64+0x3d/0xb0 [ 2096.412356][ T9516] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2096.418270][ T9516] ? __kasan_kmalloc+0x9/0x10 [ 2096.422774][ T9516] ? memset+0x35/0x40 [ 2096.426591][ T9516] ? bpf_obj_name_cpy+0x196/0x1e0 [ 2096.431455][ T9516] bpf_prog_load+0x12ac/0x1b50 [ 2096.436056][ T9516] ? map_freeze+0x370/0x370 [ 2096.440396][ T9516] ? selinux_bpf+0xcb/0x100 [ 2096.444731][ T9516] ? security_bpf+0x82/0xb0 [ 2096.449071][ T9516] __sys_bpf+0x4bc/0x760 [ 2096.453153][ T9516] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 2096.458360][ T9516] ? __kasan_check_read+0x11/0x20 [ 2096.463218][ T9516] __x64_sys_bpf+0x7c/0x90 [ 2096.467471][ T9516] do_syscall_64+0x3d/0xb0 [ 2096.471723][ T9516] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 2096.477451][ T9516] RIP: 0033:0x7f3f0dbc7299 [ 2096.481709][ T9516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2096.501146][ T9516] RSP: 002b:00007f3f0c847048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 2096.509391][ T9516] RAX: ffffffffffffffda RBX: 00007f3f0dd55f80 RCX: 00007f3f0dbc7299 [ 2096.517204][ T9516] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 2096.525015][ T9516] RBP: 00007f3f0dc348e6 R08: 0000000000000000 R09: 0000000000000000 [ 2096.532830][ T9516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2096.540637][ T9516] R13: 000000000000000b R14: 00007f3f0dd55f80 R15: 00007fffa198ed28 [ 2096.548456][ T9516] [ 2096.551312][ T9516] Modules linked in: [ 2096.557230][ T9506] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 2096.581872][ T9516] ---[ end trace 4c3da31a0d48f5ec ]--- [ 2096.587185][ T9516] RIP: 0010:bpf_check+0x9514/0x12bf0 [ 2096.592901][ T9516] Code: 24 70 80 3c 08 00 74 08 4c 89 ef e8 a6 af 30 00 49 8b 75 00 89 df 41 ff d6 48 89 c3 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 df e8 7e af 30 00 48 8b 1b 48 85 db 0f 84 [ 2096.612816][ T9516] RSP: 0018:ffffc900009c7500 EFLAGS: 00010246 [ 2096.618834][ T9516] RAX: 0000000000000000 RBX: 0000000000000000 RCX: dffffc0000000000 [ 2096.618852][ T9516] RDX: ffff8881159662c0 RSI: 00000000fffffff3 RDI: 0000000000000000 [ 2096.618864][ T9516] RBP: ffffc900009c7bd0 R08: ffffffff817c0a03 R09: fffff520001d8849 [ 2096.618876][ T9516] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000013212 [ 2096.618891][ T9516] R13: ffff8881101cc008 R14: ffffffff817bc3d0 R15: ffffc90000099094 [ 2096.618907][ T9516] FS: 00007f3f0c8476c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 2096.618924][ T9516] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2096.618938][ T9516] CR2: 000000110c2a1829 CR3: 00000001223ba000 CR4: 00000000003506b0 [ 2096.618954][ T9516] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2096.618965][ T9516] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2096.618990][ T9516] Kernel panic - not syncing: Fatal exception [ 2096.619227][ T9516] Kernel Offset: disabled [ 2096.706932][ T9516] Rebooting in 86400 seconds..