last executing test programs: 1.689146852s ago: executing program 3 (id=821): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0) 1.672303333s ago: executing program 3 (id=822): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001c00)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000280000000000000095000000000000002ba724a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142da7646c4fe02996b60cf81ebcd50fa9ea4308123f602000000000000de89e661168c1886d0d4d94f204e345c652fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762011052eac2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dc8aff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e4b9ec7a410ec42315255be1ed66d9051f22614d1f62734d679039a97d2b74f9e8e993ccd314000f747f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798ab20000000bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d2000000000000000819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a56a6d920335c8e8726fd8329d9a728995b1531bd20360d33d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c55969a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba84279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047050d7296cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5603a9d801300000000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed03a6fe7860b3e13c3173a60a1823cb7dde8212a8531bd9060000006a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d74df524b760ab92efcce7dd1574052c73596f860221156437f4d6b76ecc4b35bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d535556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a0000000000000001ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba0790ee0d112f99e59ba82e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee52303da186b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c44500f8ffff970d5254727e804fbd99ccefb7c09269dd2c5ca93125e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8f09c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c1b04e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305977eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f87204311327c18380fedf3d309d8549f99bf6c5cb060fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39289f675f39d01719cdbab3f1ce1060f3e6806e774a5f079c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae794286b6c3e1f5a76b85ed6e1f0000c608b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a650be5114c31582d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc882d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1951393352bc756f3fcaad2c1c399a3e43eaaeca70db90f2fa395964434476719334482eb5424c81814079a24fe3681ad9ac361f71ac279a688f10a12105edebc5e3b8dad4c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fbdd351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd61dfb3de7f503d58ac8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2dff78ce9308c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f200000000000000000089de7f8485d9507164a187220b36ddc7fa645d4bd0c1414c30a416f80ba17d21d53961471b2d2d459e4bb23230d676ca49633b25e26a322024beb7c3427da59f7daa70a5d44a0eb895f29245df6401295d3da9399507126a3be932f47fe61ef1bfe83086651af7e23c2a8fa702b9aaa65aa3edaaa6b3f5a0c7cdfd008c898d73bb97168ca390ef539800000000000077a5ad1e683aeff92bb0b66b33ed878df1e344b99450086c819bf174578705c049d2fb25a91ba04643cde1a3c391d8646e5249dbf28b13b1c4d5127f685ee0c0576bf74e17cd3b4df4eb7095e504e361689572b0f93ff1dc6f52e8728a03e5a4df80a32c6055df8f4f4152c0d74d793b20ac2cfa907b5af80716118f82027d3e4cb096fe86de545008b85cb9b637bca30d765b0c3ad489db32955454dcfe000000002830e5e125322d2f5829040a91405bf2fe5bf14833fd7b1e72c775f267bc4511183096eff3188a288c408b10285e7ec75f826e9b08a82cde1f4470545eebc71440623752e87ecc689b7fec2f667e22705b4660b2ef936cce446244bb48f8c7d062ea4a955facf6c2957cfb3c3ee9229efab5b72a5c5266eb493c7c3b08a91971692d9673cb9df620a8240d4f94b9fafd8e2bf0f9cedd1e08f4f10fd8f25f3169ed878624adccb5572cb918e0e3ba7e4ac0967aa65241903509778e63bebf00107524f858d7d48ef9e2c112c75d732344dc0a9bc506172d5a45e3bcb203862307c24c20fe1ffe6b5a43dbc1b20156161b5f59ab9955f2a6fbc64f547a671ded4896d8c4bac78f23e15c8e6cb72599d27607e5a1ad434cdee73d026e5dd14d9824202052181dda714fff7dc43444bc948541f641ac8215a5dae7fa8a50897b916a856aedcdf16be8736b33823ab7b2f1c77554bf2c36e412fcdc2c7c2bf0499ed5dfe84db2d7d3bb802f47dd2ebb7945e09f542d464dfbd2c70a90ab36ebd331a6549fa16f2e83a06c512c83eec56b5b94040d31da56e021a48c8651ebf3e1f8931a6d18150f1d76d07e7d8ecacbed15e9c2a50e610f1d0b523083b182cde6cf655ddd45409400c23fb89eba0db0ab4eee055a60a6ac7fea75703e8e4d737bfabae0fc3c1406b6b454ba694673a69b1782eb0052c2a4e251c8f96c7bcab1845dc347ded7fb207fd19f2bea2e496d63613af735b8e8376658ce4b43a09b53846f0a0218661d917e39bcd79063128f4c5c570b6214db8ed5e1255d48725ad8dc0d3c5aafafb47095dc1f3572650e4b3d0540cec5340638d325897dc3ecc721634875abc32f6ea1c28bf579013269343786a7e8389df8bf34fee174310f070f0abfb9b5e035aa32be5721b5c8475faba7cce82fc9af55e73d8398a45dd151b0a1490700c02135e81d4153c992e171cec6720269625daec40c909f2bb92f9dae7e7caf86be26f080daeb973bd5912562e4211ef924f284dd583537e15b342ef7a7c3cf4c976742c086915d8d92be7e9f9464fb12fa3908c957ae1b2e4443be891828c9cf41036fcd4d871080e4d035c6dcab88a13704f0538c48d7b24f35282adaa33f588ecd4ce7eb861023e10c5adfd80df856524d14c6485198bb7045921f8ca677a7e50123d8ad717d259f31e4f4808f"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f00000001c0)=r2) ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000340)=r2) 1.59909393s ago: executing program 3 (id=826): bind$inet(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) personality(0x0) 1.558433663s ago: executing program 3 (id=830): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x1, 0x0, @pic={0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[], 0x0, 0x2c0710}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.384641868s ago: executing program 3 (id=835): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) 1.270928918s ago: executing program 3 (id=842): syz_usb_connect(0x0, 0x2d, &(0x7f0000000940)=ANY=[@ANYBLOB="1201000074020440fd07010099480102030109021b0001000000000904000001c5b3e30009050b", @ANYRES64], 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a9a4850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) 1.237932321s ago: executing program 4 (id=846): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000200000000000005100000000000018310000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) 1.02209859s ago: executing program 4 (id=856): socket$packet(0x11, 0x2, 0x300) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'wg0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000180)="0b03feffe2ff020002004788aa96a13bb1000011000088ca1a00", 0x1001c, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 999.828972ms ago: executing program 4 (id=857): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x10) io_setup(0x23, &(0x7f0000000280)=0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) io_submit(r2, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}]) ioctl$BINDER_WRITE_READ(r3, 0x40046208, 0x0) 912.47035ms ago: executing program 4 (id=858): unshare(0x400) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200)) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) 884.244602ms ago: executing program 4 (id=859): pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_script(r1, 0x0, 0xb) write$binfmt_misc(r3, &(0x7f00000000c0)=ANY=[], 0xfdef) splice(r0, 0x0, r3, 0x0, 0x80, 0x0) syz_fuse_handle_req(r0, &(0x7f0000004480)="b9c26168d753599e11c910d43bfb11c3f029c92f600145162f146948ff83649e20214d4f493d4878d43a0850a7a52157c2850bf22cf7ac86506c76d2b6e68b3a92418afc0e8d751c0847e2ab29567bc9ac154e9129c2f8f6ecdf3b1e01d4153c3d6ddd081d2f52da81f741c393f576537555e77e32c01d4c24ed95acc2a91344a5ac71a9b538a73a8b539054fd78477ffcc092b9565149571839141d559775bb730e45bda25239a212fdb05e0a289a37d09aa97c1b2d0e7beeba532fff5b3fd8ea38779140788d19da2e73fb9735b93b04fbfd71d528faf16fb3e44f68ecfa66ecc0b1bf206081c85d35966722e50189af5bf5764757809fe5b0f71fcd3ef0682c18407b30fdba9cc7738eaf8384c299ac1601174371400692ef393dab5605c076c5f8f63be1728e5097a7a7c4500f5e7d695456ca7d199e2452dfea678eb8ed5d5338c204a45ce552cd1c784caf99394b626b182c517647ac66678ac18f8eaf717833cd03172a13bdd72ae1adfd5bef7de1b014f0ff561cbcea00cbf128c0708499849adafd365f5449ccac4813bd4245e73be52c03042d05774702172ab7be4b5d02a58139b0940f74e461291eb660c97116046fc6f37626d8c074ac496b5fb7411f185ed5f3628cba30ea5001eafdd777c90fad6523ff3e351bceb2e632f05bc3e047ca08033d25570a8f6126564687f08b2b163da584f72527b36d889f832d08cc372dbd28e4ac5d01f928b3ecc4f8c70ad8d8740b8946f970bc1d0d55cfae389f9042a4f3154fd04b27d933cd99ead2249b50c4cb24e8669a01f80f04a56fa4cfbedd22e85e6ab5303b199a9c11226ce652bc6b8a0c100ae2bcc5dcda53fcadcb426c85ef8811bd3aa386d2527fd93aa794ce482e5928261f2a64119c7c10cb31fa5138772a57c43ba871137f82f58f8cb091868487cbca1c8393d44d5083cfe34a73a1200c75e822705892f363d399ee2b677a309d734b93e5353e5bf3cda67a3434c1a1756e689b546a229ce1b49ec051d87b21174f2267f39363468fa948207f4755a0af52cf8a1846f9662eb1ee7d369913601b7739745f26d6e2c955ccad2e7d50dfb782a78332dc07c0701dd784e7653c39169fff8c0154678bd6fc6f594a51658de6b7baf407f2d6485acaaba974b83c9562c83420b313d49aba5a9b9245fbd18d28597ecdbce6f998b301641a17155dc2ce0e62d4fd7a0a02c82a62e816507708527f9fb965418775876afdc50fb3ac8c82784afae6f98b92c944d130e37541d77ef0cfcee47a74701ae66421fc776bd79c7c36afa2362901ddd62e519055ee6cd654e84268322c0e99b3efe8109ceae8cd73dd72e300e74164db0766f143928eed749e2c40e2912dd9d57ebb6a348bde5d606e338c7d2a92207b39399a4f0fda75601cceb00651a68b76e52e4d834c82a5269ad1a242fdb8b18cb393ff7049a86f905b9a9e7edc37ab3b6cd11df571c7068f431c2f7b486777b23cf0e3bd589ec6d0cfeadc023f64634ec67e07b07565cc1bd288a6ee24c7a41eabf3747cbb7abbbad3c381da6a1b21abe5c6a882a155844d81323a45867dc6bbce9c48d53d426f2b105bfcb166cefa90343bc08b5b004f4bf05bd773975624bf098e07b3a7c1db53c372d41ac7257c9b696c80a74165bfe48bd0c6f37e1ae0beb523ff1f5fc94152ad71c93cd33b234abc800efcdffb7ce037a407440c800a467e3154968b72fa8aae80f8b653661a9e839c353a72ebb61393c991527f0d3ea406780da2acb635229c16a49ffdad88b007e9cb20d396a63f7c9f618454a2295b5a30a1eea359f88d490b2a3436608c4a7adffa7aa0e61cbb2340d0dcdad00552b5a006de96e7356f2b98865218291b16728ec95ede6feee838c27e4049cf0eab6f46c65c5024b89ba6ebcfa0545378929be28d88dcd7f1f42e33ea58bc3370ee591344f96259d82cd1b30e4205f69a9d40b601840e54e16eb711b0643c3dcb6ae97f8d261842b80a3ff84eadbbf121d0697d4744490a8a0f737786a8b4817f172eae68523569bf3db248b7c08b321b45d8cd385de22ed8a327abebd33f9c658632d2d18505317b1b9a9ce68eba93ea080b8ee400220dea4584947984491cabeccf66127611f0dc85e2784305c399f4a3c602f0787a49326bd23e4dcea0db83b601983fb98daaeb8f82e5d28e92ed5519436bcc8cd770ccd5002d0b12769a3c93b16c238d088d5bbbe86423610ab3a6840d1fd591bdf348a3a2b715b1e539a5544f0dddd83954d00ab6e8c9cfe6d446f4d9bcc912dff54b526d482ecc5805df2c259b52d6314c684c8fcdb2c790686edcc07608b5c068e91b48002f57a97ca8d78d23735a23d425b1599314f0c99f8c91e8f02f028be55e8b92e6e67375600fccc3ddfa02be04c45dd3f451f0c3d62d65ded63109a7b9b7406fed8d3e3d52eee9e120a276a05159e8ff235c52a23a2d9ac1f35d2d86557d6b7771107de5df52f49612418cc2fe60adb758ae40aac5b81559500e53dcd0d56856a86bc21fa357aac6c5215042bb9be0dc9b7a210ac4253f3710951fb5098b2233892ade0f9d33d44a980157fed2fb7a55f9e35f789139c02fe7a69578bea1ef8479b7a26f4957acfd1ac28147f215e4ba4757125e6de9ac3e1a2db16edf944daa186d1d72102fa1247bab6d6bd783945d977d642de5505a0c2015f2bd4d078c8c5faa8c9895bb247dc6559f9cf5d814b3cf534781c5931b66568252c911bc5d74d7d35dc0d84bfbd7af4c7f264380047661873bc6eef2abae5165d7daaff9f390bd4d0e2333c5867822d093627fe688f47e309235d8ef2ea0e3a5b0ca81c011fab088998f6da416194e19766f3f5fbc64c61fcb6e06afbb72dd578a964d0dd4243d0063c22adde6c4c1a243bc9c0d88b00e69f7f43be83077ff23037e1a5fc28bc86fbabd6f4a571209969b51302526bf1a18e472faa53f622f992465e9177f0fce7d2c7c247e0927415eb78655448367c77e7b3b63ec1dafed933cca7a5de7220716f8ede224eb457ed4bb5c596f16337da7000bc729730cf00783de38ac84c169a9f3ff6a7801c630ad1d801808f0f1afc1b43f3e1ac84352571292e5997bcbc9803881261ae228432fbba69a1c73463da7ba3206cc24b8a0c12b757196ed4ca52ee041a61b18460127962442fb88c04284dd77921085fc81d790fc4b9b2e8923d5d90fddb07d52133dc885f03219a50fa152391bfe8d064850a55ccdcaf2a34b39942c7ed373996ce0158f5aaae1c9762ec439ef8fbbbdf5ca4afd73dd7d753d4ca749e225ca511976c354d8035fe6e71a11f4ea0a0b4a70361cf0ce9b9d97cf97fdc4c5ee3c52a4bb5b22c696ced8be0e28f23539d75935943a885cbd9b2cd2899e1f920eb3e3d13dd5f8665a3a839d2920bc13215bfbda9d89c4e87ca3a05d5cb69d3e9c730b0e480655d9b2017da5c82285382aa8e96dc526dc21088d69a85130fd97eb17e306d49f04a8c953c223dcdfa56ad259fd56f59e9b3be8c78cb35b19ca61a7f0a0630e2d02f805f385c90a5cc5910128395bf4e5e42cce87e86acf1c7332b68d4b52207485d45f4ffedc6b569fa3f916d4d46507d9424da6f1796c612a8417d63c53c877e9ddd141532a8600831e2982c4ff43bbc4884e3b9f168552f8ff7508dd8d892dcae3fbd1fba5d0817f3911c5adf6ca414515e9fd0f6e80aa7f9901235a64e7a55c508b0064b79a060473816019a92e52a9309abb0cd921d052d01bfd98fc7951d795e46ea996ca7ed908c385b206d5bbf05728e503f257e78f066a34649175eebaea0e3bbdb942ceb0427efea3a532adef6c58c2cffbd24546034151ea47244c7c20a56f54e8248c94eab49b0577429f196290eb5bd81bcac1ca5618d7d21152f80a521b4433b366e1f3d5b4e0a8e6ec65af7cc75c2ebd09c63d93c758e67974feed1cc037aa1f0e5b8efbfae0a365b3591e4f2b187e14ec7cb986215a038f0ba1f6b593e498339e67f6a9cf77fe7f3de87fcb1ee7820ac7a79e377084ec9567fdc0110e7e23f4fde408847289b51e8578651284f5d07fe05f30b663d8ebbe4f31772e8f0db0c1b9c67e26086cab0a437326422e4b9d4cc684d8e71acdfabebeac531163323b9d5bc0e18bd9f2634676c5b4135aabf63d1460fed2149f28ca2a94f3b70ecd1e044cd29a12b5a49bae66bd5588a60a54b706949f7ed0a25e015474863b3180de23c57a7fda9b877e81aca83abbd242de87431fa29d976c434c3b05749d148984f8d7dde32552f2755cd63a74adf278a0ea50a57d66e1c328ae3bc618b0fa6d25514342f1e67c341e0d5596067a856888da1da646a6df00b5426a5b2372124ef55dba574f1384774fa22b478abd41473fb2fd000fe64933852b8236ee7350e8f1decf59a8c770cc78d17a94cc48fa794e40672f9b96d0c5aa2aa45ad8b5106160261f8359468b373df298917e1e1f087911eb3ede54635c3522f32045689659d29ecfe5ae5aab1a10b58346fa8fb07ab88d955a35e969677b90115ac1860e007c78bd4d71c4800b69690f3f7df1c67d4ec884e5d3be6c1a8c400ab64856ec5da45bbb7916ff9879d1b0aa840f42480aa1af7695967c739800d059428ca865680c5d604be2284f9e42ff3c922e5aa007e16b88de48178ae4676416c049af6aacbb6f9a93237c0986f5d69ea81fda80f5406b97468443d0c3596a89763c76cf6e8d156f075ae1ab5643555cccec0fcdeb69bf1f84ad67eb5688a19a3599a50175faa594f1d5c4c7f219729031b3b5d07fa6fba50dec701f5745edd067b08c7fa4985d9bf62b9677732a5d84c3aa04ce8f764ca3d9097aa18fc749948e471202b83b1879e1e7adcb61db720a73eb634f186499456e1c1fde97af78b34457090ed46eb5719edea8731f850109776d457bdf805cd8ed04d49c6bc9b99a866d0cfe773e088f020bdb2a1724cfb431f877a18aa96bdf936031cc92388f5dfe96737583a7fc6f57216f6fd6df77950d56e7545ca620bd5f1ef7c778686c9330493c27be0b2d3d23f0febc2592ce216c49efb9bf63c1043912f31e68874a4b24e4505a5e1905e5162120ca4f450613c3310eb8aef5d03412a5f24eeea37e5ad169009852e4419c02aa005a60b35fdc0ee38b1ea25f4b4b1157b687f0a05538a8e2ad23f5d0e93d96f368a43e649b83d7e235f5087eb603e29c0a962cb694b9a735bc52c3ed31a4f2ec8df2f031f2901e4b8959426b391989c831e0508c5da9f8e63b4c40f633f2ed358deb57692a0c7f8c51825c14d6e50d34af6d1d4a2a5be22c7da7db069fe031348f0cda5e624a19a58d15788929466d566e37603918eff9998fd0732879518eee0c4bdd48bcd6588d46ed2d103d56a5418bd7eb67f0d2569464e7d0d5636e2f249f0230e277ab112110ba76878f1211e15c1848669d846ac2364c5e1a1f3b1a39aa6df01932cf5a672d5afc0e8f9b7b9394b8cb1f9e49a06c9777c50b551c173af59090eddf11882b090779bd6d1fe41935e4c1c5ca2025bd4d38d912fade6e8e613d7dc73ffe578362a26361672fc1d9c42cfea9ee11c04db1a3821deebd5dc34761da811360a5b603a8bc820cb6525ad8e47b92cb2829c34dfe54e8ff2aee4d9023fac31c8f5caeb6bbf23b9c41df5d55e431443a91bd0c0cf61bb9b0cc10a3ab22977bceed06e6fa0d1d28a979e9acd51ed323f2f0912ca7465190020b2e1b21d013d3448cdb5de8a7340d6ee76eaecda4fa56fb002e629c1a5be282db354db5aa5dec70673f9c0f44672dae517204c00bcce97dfe191e2088f87e16911eed0b743d181bce7de164c0f6cafab39c4b053da580763065cddcb002f87de7bceb026b9742b5ac9f87c0f41de6c9b53a0f016df8fc81105bc553c713a6fb9010e2d65b768fe6376914760d9b9b1634f062adcac5c81263e2a7ddc1bc69467e51e1a4137105bcb243cf065f98535200634f11360459dce4caa64f558cfe1f0e6052b43898da6fda0bb5e2f05e9f331182a5d580c44ffbc57109d1ac8cdb79323548029348ccc81174f2021474d1bc92681b3ad8d92c347623c339bdfa4fcc9c65779ec650c6b4103c1b85eab28ba98cd460fc725c717c3d7217a9299e68005b1dfb9a240e25637b8c80e5f82f32c79010e4bad2f487485293bd43eb4a070ddf8501119b692e3496a3a733981122c584e88d256cae550714680cb2d8e96f1b89a1a896e3856156cfbeabba0ac13f4f222848c2edd287150b40046e91ca8154f9d9d911324f70a892316c7fc94fa3b90d716dfb1fc2141450fa9f61d427bad6306e9bcf9de3f7976ccb1001d9cf4b04c211e69a6f33104e5c1edb47cb6bee6f6a3a58e0a224e36a650fd4aec813f91e0328963676fd62fa949758edbb02597ea29fe4e35247034e5248d4ac350ef30b3b0cfa74013d37dd885f25968432638f1a56b07c145aed8dda2c266bf64006051ff73d5b19591ceeded48a19dad2b2b598d96484f6357900d8eb29d29b653aaadfb972dfcb6848b72087987600b2dffed833bc07524dc3754e388eca6114f480f78b5a20e4bf5b1fc6c34bee8529142ef4a0095d383ff2e1e27150b3e6e557578a376f4c9139806184315ac616ed441b8570ddf220da43ee54a85048d5be78d2c7fd9ae4dd1ccd6ec2b052f478486535d7fa7de13837dde391325e60579f226e727b73d8741d5a27fc3aa8c003d24d32c1ae145131b2e8bcede3decf65b234a4aa793cc6d99ea5f4c62a639cc16f0f892ee6fef2ad06e49963a90e668957188d6f044caea81b5a6731f92695689e54725c1db10de606f9e9215865852fd78563f26968e7806d37d157807c7bf7f45f146671ab76f3f3c8f6f993b77a787a05c3383eaee54846303e72e2bdd65e76de6de027bb062898315a2b1389adebd26f7267f36d94e17e82399811724cc5b0e191e56e2a2171ab736c5be14835a010d3a002549c7cb9a9bb3054fa1a79524fe6b37485d1935ab69dfbee041653f548b5d42b6a2ab0e7a722958212ec3c93ddcc5757c80e354e0c5163126ae4ea069b0eea1d641fe9908d3ef14b9de4374ac7baab0f1b11575dd6732ae5a7f5b2824322705b09710224b8c7f4fdf2526f99e6062d7e838b6f164947382533aa2ceb64291cfa9be21db4c11a3593030be28d432d49fb0ad4ea929fb2c63241fb0065b4a2178442b72140f6545507fc9f30f01d47f09e4b4a0a0b64d89ce12b2e458ff112633dfca7227456ed5d8d5281727dd1f8a8631c21012c4c948387468ef2e45282197ada9cbc435f76b9b950a90ee04e6189c8176f82efce0b5c66bf7c688cccb6008823ca437a8d995141e5fb230852c56b7a67d992b232aa941c7eccb6de8dfac56ce7659dfca36dbd83877a1705d5478d08e7727dfeaa1c71ce11dd4e50875dc3e3b2e9f3f4aa2b18265d5869131bca028a27c25828836f21639b51cb1da11e45e27f68a291de37f85b406e0b9fc75ea8e039fc91dd67a71c9c4d3a282e11b8cd2b1968698ce3b809e877282375519a0016777d1a5492a4ac67f2646381afb19fc46fe34807edc6ae01db02ffd3b2e763c59994e8d329b34239e6cb04e225c2f16adb1123a9b1589fc744c8efb49e7a414a3bef552859f051079bb80ac9955f67acb0cbc91c86b4c67daedcf79139c4de362be782c23d4997121ed5d8e566b254f330fef0ef26a063dce23b745cece11c71349abe36438392e5f85f749d0e16fea9294c22d9e2711d76d9552b2dbdfadaed27ed8e352dfd98d00c3465e97448ae81757c53fb80e4b582405da2ff311943320dd35a9e681786f96f93f879e6bccc5726a37b02e4b3c41b7e15a41a035492cab412c2592eda26fc72936354549b89130beae339fffd2a2f8889ce05fa6910963a4eb775dd47cb73cd622ebf833bb76536610da89384ef4a4c29ae2a3c5bc1bbd6c7411f7b17ac56f68d8543f622436d379bb8a19b1db0348c5665eae9524075f54a276df0e97ed27271b354ddbb75dd2c59a316438e8354127e464ef7de5b72809a5e69ce4de70778ae41ac34504921ee4c287817935193b14ec6f62d56519f3d3a0954c8c3818e0b27ca656f4f1e1919560e1424a111e5676bdc4595b6791acb2a786e6e66f96405cc397dafd775b489e431eeace7b6e97a1a15b34afe10c5f0f76b2206dc4a74ffa9ea6fb532a166fd514ee738ba586cf5939b4b3f52363330b956aeac78cf42e834f43114c9c07930510f66c6eb5dad768999399be2a4718588e88e5671cc3b0cd6da5662be4dc3802d4361a1f56d29cc36764a8985c6df278e899018b5e78b9c17474f48813d412379581f567372edc4022d4ca19e027c69c8782048b8b9fe6fb48477a3b77e5ade5fd60a26fad2f5fa96e604efded1ed5a46ae35bbeff676b87500f60097a3cb55c9a24b307d4ec20a7882f4939716e2b5d620522b59cc375fb531ebb81ec02cb061e4bbac688bc556fbdc69e0b19959086e7f670475a8ac9d723572a5fd632ae69447ff2234e3a740fd5e73428d0ea09c0ca76e3743f9d4bf53007b659ff141c4e0e792c26ab92daf7405d650d2a4d501bc87916bcaa051cc6930a9613dfc608052923920c9eea9981362b12ceeb7e867bf873d645fbc69e1dc720e814a6319edd88369720bf40d98afd50c6fa5f15b96daccac7828efddbcc5b05c0655dded83a3916d44dcd166a040324aa4db4cf154e6d286f97c6fe581285781e82bb10e674c01781e73e742873db97fe1b44eb8a895d4b451f16e9f5829556a40a644084e68ee41b9ab3a42a067a03d51c252799296e81d62dcd3454f8fbb7816d6054d7e6e77bb6fdc8d588ec5a01b3ef993b677d8ced4a52a3afd370a50ba24558ec6b3ac85c3f688c9bb2be4c02c510070e3c444fe164d093b5c5682a992c48baefcedc584be0288d7aa2385492dd1b73e2e7cce35b05643f8c4547ad975266eebbd2c10d1ab327cb007bca9afc65fdb58c78bf8c1009f1a2ef476d1901188a1a341cd99ad33241a483784f78fbd0d920f541158fb8a46bd80f3b6821e8b3e110ceeace4c20466d194e5715810efaf3d890da7d9523de6131fba9b9572461365547d43634c9972562ae66e1b61f3648c9c379650db57eaeaaef31962941b3d2f77cee6ecf676a9bf1b3ad6ce73def006856c97d8f906f7a136d659e7b6e8be8f0375f2eab63f90d5ca97477cdb5d1719536e16f78ec07329dafc0d123d43d2bc5371154ee3f5cf772035941e0e3f98f643e90c61e141b3ecff82312bdac1c4f5ccc5ad67902e939ccb45d4d9763d2ada6e64d20d17b017cec037605571024c92e3ef8f6089e118e1094fbf31e3ba26c0c7f42cac78d521db284d79f21b55c4c3063e5cd2f8e33582c26ef1d444d39f97423f4d7408e5771eef088a8572f55cfed3d334f9ebbdf4ffea2f68bc596e5de3e70dab34762dcf0622604ea102722cac9d09603a127307d4bdb7cdfd479e35cb4dbc3ccaa0b0f82fc00cc2e02ae33dc7a6891019b94d63def846a3ef6e03c12f8a0ea9b3986f9e999dd8ff862b7a34cdf4080f28463de3c907d7168b325bc30b81575bc570afbc00ba4bbf9ffec388c927baba176fac335a6c623ac6921ff82174fc06ea0234e73d17785ee9884fe5dcfe9251fba39beced2fa0e9d1682c83166e5e5c9684f30a67e11bd490518c132f28ecd24ac8878ca4274efd0071affcdf485ac85e352e0c53df415a0feb0710b4867ba0b26f6e5eeb9654323a1f6d5634a7cb835ae945ed71de19f09a66085f4e932f04d1320a6e4fc9138ed3b343ac9b2c50a169aa4101edc43eaa41317fdc48a0131e7ce0a9a97f0ede09fe67624e85732802213bb18d35c833895e0fd040d90c1b56eafdc5cb41664403529e37754c1bb7e20ba4ff0ae3d2aec9c27aad14cd1e37f36bb7ff40327e0e301075dab7beda9be262662c510283a26c89d246c01888c4bba85ee306e6e62966219262502400bd0a966f5a97e14e85c4cee2d04e6fef5ae9fd60acf40278ee46d2c879556b48966a4b029b3d23c38987a0ba27bb878c614812d615c8d4fe2998b0ed69a6679d3ee3600b3cb066a135613a44436b4f515ea8ab5404a62c89735f694e83fd539e92dc82f3225b5e6dc87f0dfbe36222fa543213887de2b9b6b3f267d890e3cdb2653c1b824ad92e872969ffd6ffd6908bbcb02b4bc3220a3d836f8dfb573fa43ccdbf96520184d2cd88d125532c2554c3d0fbfb05703450a4ba07cd31ae678218598f5ed075e3bb4af0ca7548fb35492050b1cdc899fff4133a6b2331d890fbdbc96c699987056393ccb03382a28655c83ad5f4d56e010eba50a0b42708110ed5c58f5c585712c7f2a90a9004cf29f6ae10d7c4e3d2388f28f27433d2a4ffd97d980d816dff4592da7874724cfc46497458beb188e56444fbda15b9fb7d333ddfe726b9c292168320bec896747532ce215856530d3e961cc8dcfcf4593d65e04c5749abe03b41bda5e85ce8b83460fbe5ef8d7f1de00f8afe579ae8397ff9d18056ebb70693e4c3d58b4343f4ebbf0cba84b005a20fef017d842adaafd2de1feb531be6595717014b97935b940b0cc520dd7f2f05b0ec1b27ffc2f093a960cc1f472be441f2e1126995556dd690fcfab21d2bc2693ec4acced8c47db9f4966299c2ba5c0ec986c333bd7c9ca30d20310ff9454d12430714419dcb1795d027fa7ecb5c10a563a3ca4143afaf8468e11d292bb08d212499780cf5fba8c77a1c45ae901b7cc3eeb50a3ef2b4efe0e7721d117104c580ad31c3a00b88ea4c04ba21e556ba25dedae8e7e76763e7ffbc96bc019a90859cc979fdad86e05af9c49a328b2ceec6ada420e5a28dabdec4a8ac543b3555a957d43dbaabecba24610ea0a892503b901a5a03d31386f85410f4078633c969c1cccf68e3ed6d3c30ac9a535c4b9ee5bb4153759036dfbf6f1e1b212f7d93fe6feaff84a074ab00e2de915faa58fc5f7351600f5ae3a60dbed3f6cb5b21515bb46123ac98c55bfc2dfdba5eaf60ef39ad0c426d4bd637d89a7c8f85221f4aed051f30d4c446a34a77f4e3b25dfecf90974f9715d49c12c21f44bb25ebcb7ac66180d9b348844911e15debebfa76b88a810204dfe368d66a43a4fdc33d955f5de415c2e3c944aa16e5c771e24de67dda9d4d8610c490503e0b8dd35a835cba4a9093e0e9a238881c8bf010ca6b8290f6e8dcaf906ba6b716e42a22ba484363f0d298e63449d717c07d83c3812aed49b7c2a89c661732205e0721a75814015002c4757f9ffeae283ff4d24331e66d5a822c54e35388a1b503b0a6df6875b5a2f2f3fad8703e6d32d319ac83fb6e87c63fdeaa2cbd2a88d194b8173e8d459ae67c7c5361eb0db27d8f463ecdc74cb10c08624846e78123099ff119bcc7193410f4dcbcfb43ebd00111876c5bae70753a30475d3632205cdafede8300a8d23a7efe95483cb23cd45e0256c8a4874433f75f085461ec1dddd9b6e8725ae59d17a17bf3c0c6b1adbb2c5324383b5f5dff4fbc6cad9c851786c146b9f3e8a2f2472ccaede0549a52615b68d3dcb5ced84eb8caf0f337aa2be6e737a0f4d22ef397321e180c", 0x2000, &(0x7f0000003280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000026c0)={0x16, 0xfffffffffffffffe, 0x6, {'\'-{@%\x00'}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) read$FUSE(r2, &(0x7f00000002c0)={0x2020}, 0x2020) 304.344963ms ago: executing program 1 (id=862): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) 304.155813ms ago: executing program 2 (id=863): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 268.322316ms ago: executing program 2 (id=866): r0 = syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0xc000, &(0x7f00000006c0), 0x1, 0x246, &(0x7f00000007c0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x106) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @adiantum, 0x0, @desc3}) chdir(&(0x7f0000000140)='./file0\x00') syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000b00)='./file0/../file0\x00', 0x0, &(0x7f0000001380)=ANY=[@ANYRES64, @ANYRESDEC=r0, @ANYRESHEX=r1, @ANYBLOB="b70a6da1b413cb8a8b5231dc5b0f6c5a3197781c70d0116f63fa15b4230f93dabc7b8bd20e6d4460c8f2a128693fed987d3cd070068664a2fa6526e085bfd2577fe0b88f6676803c78ce8df684a746028a23b831447fed3a9faa9c89812ebca2821eb07ff98394d74859faa4ae5f7bc1b0b2fde4c5df9e5985ebd9b0945008fd928e41718fd1632aec16c3861718996311e1a45a89cba8ed25a2f06dac9876b9aa7b60fdc6615436d5c5d6de4fcd821c3586d00f8425a557666e6390de685e844f7d05b82d2bc348cc626cf52429d149ef09f00d4b82eb7ed80735f1d269fa1cc20e03f29f146d4989ae3288f1aafe9a37b33b2d", @ANYRES16, @ANYRES8=r1, @ANYRES8, @ANYRESOCT, @ANYRES16, @ANYRES32, @ANYRES64, @ANYRES8, @ANYBLOB="2026edcf7e52c453260c4c6a79f996557847e28286a656d03c54394159aac8ea80292bf26c3c5dd8048c9e89665922ee4d3624f9e7d9f8774f04ca68e4d640218cbcfde03173fe3002eac0f4c3a637fa7e7529b0b4c897689c3a5f264f877fbef4cb99b019aa20bd9b58bfdf91bf1230b33ce6e3c8af634216be4c9b9b6c1c9f672ac47cfb78c6289b62856874478459b705cce3f20c46f696a6ac69b11a9621a6440d2f0b0d2341440e2cdecf7d0eaa91807e2983e4ad4ca73e10a1cc52f7e523bf15de880c", @ANYRES64], 0x0, 0x0, &(0x7f0000000000)) unlinkat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x200) 238.414889ms ago: executing program 0 (id=867): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002a00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4) write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="72b9800007"], 0xd) 238.099129ms ago: executing program 1 (id=868): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x6e, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@x86={0x2, 0x5, 0x5, 0x0, 0x0, 0xd, 0x0, 0x6, 0xc, 0x3, 0x5, 0x9, 0x0, 0x6, 0x8, 0xfc, 0x40, 0x49, 0x1, '\x00', 0x4, 0x2}) 219.51665ms ago: executing program 0 (id=869): mkdir(0x0, 0x0) chdir(0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) utimes(&(0x7f0000000280)='./file1\x00', 0x0) 201.530762ms ago: executing program 0 (id=870): bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='signal_deliver\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 162.413295ms ago: executing program 1 (id=871): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000016000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) syz_clone(0x24041100, 0x0, 0x0, 0x0, 0x0, 0x0) 126.361709ms ago: executing program 2 (id=872): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r2}, 0x10) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 121.344719ms ago: executing program 0 (id=873): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8) close(r2) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid\x00') r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="85000000080000004e00000000000000850000007d00000095000000000000007ab9e683b171b4b09980af6c1ebeda4ac0d3e3aa71a9ab17e14e1b0be949499ca6a5b2c467b6d3d1c0ae1e9820331afd90cc832c761aa3adf9be48c401c7f893694bf8cd19b7173cd4688904f7310af046fd490d3f2cf49b5f68aecf0bc659dc3d53c2"], &(0x7f0000000140)='GPL\x00', 0x0, 0xbd, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={r3, 0x0, 0x11, 0x0, &(0x7f0000000600)="61df712bc884fef053a7a9a26e9b722780", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 101.827001ms ago: executing program 1 (id=874): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) read(r2, 0x0, 0x0) 64.813474ms ago: executing program 2 (id=875): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = dup2(r2, r1) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000d40)=ANY=[], 0x20) setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, 0x0, 0x0) 62.989954ms ago: executing program 0 (id=876): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2}, {{@in=@dev={0xac, 0x14, 0x14, 0x3f}, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0xe8) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0) 62.715714ms ago: executing program 1 (id=877): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='sched_switch\x00', r1}, 0x10) r2 = io_uring_setup(0x36a3, &(0x7f0000000340)) close(r2) clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe) 39.558006ms ago: executing program 4 (id=878): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r2}, 0x10) socketpair(0xa, 0x1, 0x0, &(0x7f0000000000)) 31.782627ms ago: executing program 2 (id=879): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) setrlimit(0x40000000000008, &(0x7f0000000000)) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendmmsg$inet(r1, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804) 13.284088ms ago: executing program 2 (id=880): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) timer_create(0x2, 0x0, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='signal_generate\x00', r0}, 0x10) syz_btf_id_by_name$bpf_lsm(0x0) 11.928948ms ago: executing program 0 (id=881): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) statfs(&(0x7f0000000280)='./file0\x00', 0x0) 0s ago: executing program 1 (id=882): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r2 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r2, 0x0, 0x400000000000000, 0x7) kernel console output (not intermixed with test programs): e [ 55.617902][ T1046] device veth0_vlan entered promiscuous mode [ 55.626194][ T302] usb 4-1: config 0 descriptor?? [ 55.632218][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 55.641241][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 55.649512][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 55.657168][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 55.664485][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 55.672223][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 55.689374][ T1063] netlink: 576 bytes leftover after parsing attributes in process `syz.1.282'. [ 55.706124][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 55.726096][ T1046] device veth1_macvtap entered promiscuous mode [ 55.737640][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.759570][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.799955][ T1078] loop4: detected capacity change from 0 to 128 [ 55.879447][ T1078] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 55.899783][ T1078] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038 (0x7fffffff) [ 55.929064][ T1078] syz.4.277 (pid 1078) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 55.944944][ T1078] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)" [ 56.014137][ T20] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 56.082728][ T1089] loop4: detected capacity change from 0 to 256 [ 56.095181][ T317] device bridge_slave_1 left promiscuous mode [ 56.101339][ T317] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.115520][ T302] hid (null): bogus close delimiter [ 56.121305][ T317] device bridge_slave_0 left promiscuous mode [ 56.134309][ T317] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.152914][ T317] device veth1_macvtap left promiscuous mode [ 56.164302][ T317] device veth0_vlan left promiscuous mode [ 56.264154][ T20] usb 1-1: Using ep0 maxpacket: 16 [ 56.364733][ T302] usb 4-1: language id specifier not provided by device, defaulting to English [ 56.490394][ T1100] netlink: 'syz.1.296': attribute type 12 has an invalid length. [ 56.544219][ T20] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 56.553429][ T20] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.561587][ T20] usb 1-1: Product: syz [ 56.566111][ T20] usb 1-1: Manufacturer: syz [ 56.570549][ T20] usb 1-1: SerialNumber: syz [ 56.575676][ T20] r8152-cfgselector 1-1: config 0 descriptor?? [ 56.584243][ T302] uclogic 0003:256C:006D.001A: failed retrieving Huion firmware version: -71 [ 56.593169][ T302] uclogic 0003:256C:006D.001A: failed probing parameters: -71 [ 56.601341][ T302] uclogic: probe of 0003:256C:006D.001A failed with error -71 [ 56.611602][ T302] usb 4-1: USB disconnect, device number 7 [ 56.671742][ T1106] loop2: detected capacity change from 0 to 128 [ 56.702482][ T1106] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 56.713132][ T1106] ext4 filesystem being mounted at /59/mnt supports timestamps until 2038 (0x7fffffff) [ 57.034212][ T316] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 57.054216][ T20] r8152-cfgselector 1-1: Unknown version 0x0000 [ 57.060969][ T20] r8152-cfgselector 1-1: bad CDC descriptors [ 57.085218][ T20] r8152-cfgselector 1-1: Unknown version 0x0000 [ 57.092869][ T20] r8152-cfgselector 1-1: USB disconnect, device number 12 [ 57.205857][ T1119] loop1: detected capacity change from 0 to 128 [ 57.245168][ T1119] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 57.256487][ T1119] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038 (0x7fffffff) [ 57.341788][ T1125] loop1: detected capacity change from 0 to 256 [ 57.395553][ T316] usb 3-1: config index 0 descriptor too short (expected 45, got 36) [ 57.404307][ T316] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 57.426754][ T316] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 57.441843][ T316] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 57.456770][ T316] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 57.466467][ T316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.476248][ T316] usb 3-1: config 0 descriptor?? [ 57.494156][ T786] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 57.501751][ T1115] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 57.774187][ T786] usb 4-1: Using ep0 maxpacket: 16 [ 57.924267][ T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 57.935321][ T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 57.945153][ T786] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 57.958425][ T786] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 57.967516][ T786] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.975515][ T316] plantronics 0003:047F:FFFF.001B: unknown main item tag 0xd [ 57.977640][ T786] usb 4-1: config 0 descriptor?? [ 57.989538][ T316] plantronics 0003:047F:FFFF.001B: No inputs registered, leaving [ 58.000811][ T316] plantronics 0003:047F:FFFF.001B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 58.245113][ T6] usb 3-1: USB disconnect, device number 12 [ 58.475359][ T786] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0 [ 58.482906][ T786] microsoft 0003:045E:07DA.001C: ignoring exceeding usage max [ 58.494766][ T786] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.001C/input/input13 [ 58.574800][ T30] kauditd_printk_skb: 49 callbacks suppressed [ 58.574819][ T30] audit: type=1400 audit(1725932678.493:7089): avc: denied { read } for pid=85 comm="acpid" name="event3" dev="devtmpfs" ino=572 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 58.576933][ T786] microsoft 0003:045E:07DA.001C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 58.584281][ T30] audit: type=1400 audit(1725932678.493:7090): avc: denied { open } for pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=572 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 58.640290][ T30] audit: type=1400 audit(1725932678.493:7091): avc: denied { ioctl } for pid=85 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=572 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 58.697127][ T316] usb 4-1: USB disconnect, device number 8 [ 58.766588][ T1134] loop4: detected capacity change from 0 to 256 [ 59.024130][ T786] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 59.090414][ T1139] loop2: detected capacity change from 0 to 256 [ 59.173364][ T1144] netlink: 'syz.0.309': attribute type 12 has an invalid length. [ 59.264291][ T786] usb 2-1: Using ep0 maxpacket: 16 [ 60.616019][ T30] audit: type=1326 audit(1725932680.533:7092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1161 comm="syz.2.331" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5675129ef9 code=0x0 [ 60.644202][ T786] usb 2-1: device descriptor read/all, error -71 [ 60.654026][ T1164] loop0: detected capacity change from 0 to 512 [ 60.718008][ T1164] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.333: attempt to clear invalid blocks 2 len 1 [ 60.731690][ T1164] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 60.747711][ T1164] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.333: invalid indirect mapped block 1819239214 (level 0) [ 60.762306][ T1164] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.333: invalid indirect mapped block 1819239214 (level 1) [ 60.777193][ T1164] EXT4-fs (loop0): 1 truncate cleaned up [ 60.782925][ T1164] EXT4-fs (loop0): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000003,,errors=continue. Quota mode: none. [ 60.866908][ T30] audit: type=1400 audit(1725932680.783:7093): avc: denied { unmount } for pid=295 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 60.887822][ T20] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 61.295440][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 61.307040][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 61.316841][ T20] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 61.325788][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.334730][ T20] usb 4-1: config 0 descriptor?? [ 61.816302][ T20] logitech-hidpp-device 0003:046D:C086.001D: item fetching failed at offset 3/5 [ 61.827150][ T20] logitech-hidpp-device 0003:046D:C086.001D: hidpp_probe:parse failed [ 61.835234][ T20] logitech-hidpp-device: probe of 0003:046D:C086.001D failed with error -22 [ 62.018353][ T302] usb 4-1: USB disconnect, device number 9 [ 62.552277][ T1175] loop0: detected capacity change from 0 to 1024 [ 62.589717][ T1175] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 62.608604][ T1175] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback. [ 62.661858][ T1185] loop1: detected capacity change from 0 to 256 [ 62.814141][ T6] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 62.873082][ T30] audit: type=1400 audit(1725932682.783:7094): avc: denied { write } for pid=1188 comm="syz.1.329" name="psched" dev="proc" ino=4026532299 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 62.977698][ T1203] loop1: detected capacity change from 0 to 512 [ 63.055000][ T1203] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 63.067306][ T1203] EXT4-fs (loop1): 1 truncate cleaned up [ 63.072779][ T1203] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,nombcache,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback. [ 63.104277][ T786] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 63.184209][ T6] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 63.194223][ T6] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 63.204176][ T298] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 63.212512][ T6] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 63.244166][ T316] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 63.384261][ T6] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 63.393847][ T6] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 63.402598][ T6] usb 5-1: Product: syz [ 63.406851][ T6] usb 5-1: Manufacturer: syz [ 63.411655][ T6] usb 5-1: SerialNumber: syz [ 63.444289][ T298] usb 1-1: Using ep0 maxpacket: 16 [ 63.454668][ T6] hub 5-1:1.0: bad descriptor, ignoring hub [ 63.461351][ T6] hub: probe of 5-1:1.0 failed with error -5 [ 63.467559][ T786] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.478952][ T786] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 63.488963][ T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.497635][ T786] usb 3-1: config 0 descriptor?? [ 63.504138][ T316] usb 4-1: Using ep0 maxpacket: 16 [ 63.564235][ T298] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 63.572323][ T298] usb 1-1: config 0 has no interface number 0 [ 63.582262][ T298] usb 1-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 63.675141][ T6] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 63.704219][ T298] usb 1-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 63.714530][ T298] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 63.722999][ T298] usb 1-1: Product: syz [ 63.727258][ T298] usb 1-1: SerialNumber: syz [ 63.733533][ T298] usb 1-1: config 0 descriptor?? [ 63.754236][ T1199] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 63.824244][ T316] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 63.833852][ T316] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 63.841942][ T316] usb 4-1: Product: syz [ 63.846329][ T316] usb 4-1: Manufacturer: syz [ 63.851120][ T316] usb 4-1: SerialNumber: syz [ 63.856795][ T316] r8152-cfgselector 4-1: config 0 descriptor?? [ 63.975260][ T786] keytouch 0003:0926:3333.001E: fixing up Keytouch IEC report descriptor [ 64.006088][ T786] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.001E/input/input14 [ 64.026985][ T302] usb 5-1: USB disconnect, device number 6 [ 64.034618][ T302] usblp0: removed [ 64.034969][ T298] usb 1-1: invalid MIDI in EP 0 [ 64.044753][ T298] snd-usb-audio: probe of 1-1:0.2 failed with error -22 [ 64.055934][ T298] usb 1-1: USB disconnect, device number 13 [ 64.087903][ T786] keytouch 0003:0926:3333.001E: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 64.180917][ T42] usb 3-1: USB disconnect, device number 13 [ 64.344230][ T316] r8152-cfgselector 4-1: Unknown version 0x0000 [ 64.350915][ T316] r8152-cfgselector 4-1: bad CDC descriptors [ 64.374217][ T316] r8152-cfgselector 4-1: Unknown version 0x0000 [ 64.381917][ T316] r8152-cfgselector 4-1: USB disconnect, device number 10 [ 64.539737][ T1219] loop0: detected capacity change from 0 to 256 [ 64.784208][ T302] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 64.848783][ T1231] loop3: detected capacity change from 0 to 1024 [ 64.894172][ T786] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 64.915985][ T1231] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 64.929187][ T1231] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue. Quota mode: writeback. [ 65.044149][ T302] usb 5-1: Using ep0 maxpacket: 16 [ 65.173873][ T30] audit: type=1326 audit(1725932685.083:7095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 65.199507][ T302] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 65.208253][ T328] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 65.216307][ T30] audit: type=1326 audit(1725932685.083:7096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 65.245343][ T302] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 65.248741][ T30] audit: type=1326 audit(1725932685.093:7097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 65.259491][ T302] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 65.281388][ T30] audit: type=1326 audit(1725932685.093:7098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 65.290857][ T302] usb 5-1: config 1 has no interface number 1 [ 65.333411][ T302] usb 5-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 65.333490][ T786] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 65.344250][ T302] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 65.354413][ T786] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 65.365710][ T302] usb 5-1: config 1 interface 2 has no altsetting 0 [ 65.375244][ T786] usb 2-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00 [ 65.382878][ T30] audit: type=1326 audit(1725932685.093:7099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 65.415415][ T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.424288][ T30] audit: type=1326 audit(1725932685.093:7100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 65.424493][ T786] usb 2-1: config 0 descriptor?? [ 65.451391][ T30] audit: type=1326 audit(1725932685.093:7101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 65.478344][ T30] audit: type=1326 audit(1725932685.093:7102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 65.478380][ T30] audit: type=1326 audit(1725932685.093:7103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 65.478401][ T30] audit: type=1326 audit(1725932685.113:7104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1238 comm="syz.3.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 65.594351][ T6] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 65.634245][ T302] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 65.644106][ T302] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 65.652268][ T302] usb 5-1: Product: syz [ 65.656566][ T302] usb 5-1: Manufacturer: syz [ 65.661238][ T302] usb 5-1: SerialNumber: syz [ 65.724234][ T328] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 65.735597][ T328] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 65.746049][ T328] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 65.758980][ T328] usb 1-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00 [ 65.768157][ T328] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.777043][ T328] usb 1-1: config 0 descriptor?? [ 65.935310][ T786] sony 0003:054C:0268.001F: unknown main item tag 0x0 [ 65.942381][ T786] sony 0003:054C:0268.001F: item fetching failed at offset 1/5 [ 65.950002][ T786] sony 0003:054C:0268.001F: parse failed [ 65.955808][ T6] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 65.965557][ T786] sony: probe of 0003:054C:0268.001F failed with error -22 [ 65.975976][ T6] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 65.985746][ T6] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 66.004206][ T302] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor [ 66.012524][ T302] usb 5-1: 2:1 : format type 39 is not supported yet [ 66.019241][ T302] usb 5-1: selecting invalid altsetting 0 [ 66.033386][ T302] usb 5-1: USB disconnect, device number 7 [ 66.163925][ T316] usb 2-1: USB disconnect, device number 14 [ 66.194268][ T6] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 66.203594][ T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 66.212059][ T6] usb 4-1: Product: syz [ 66.216599][ T6] usb 4-1: Manufacturer: syz [ 66.221202][ T6] usb 4-1: SerialNumber: syz [ 66.264767][ T6] hub 4-1:1.0: bad descriptor, ignoring hub [ 66.265134][ T328] betop 0003:11C2:2208.0020: item fetching failed at offset 4/5 [ 66.270998][ T6] hub: probe of 4-1:1.0 failed with error -5 [ 66.286700][ T328] betop 0003:11C2:2208.0020: parse failed [ 66.292485][ T328] betop: probe of 0003:11C2:2208.0020 failed with error -22 [ 66.473929][ T328] usb 1-1: USB disconnect, device number 14 [ 66.485468][ T6] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 66.774122][ T42] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 66.844261][ T323] usb 4-1: USB disconnect, device number 11 [ 66.851431][ T323] usblp0: removed [ 66.864152][ T6] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 66.971912][ T1263] loop1: detected capacity change from 0 to 128 [ 67.020336][ T1263] FAT-fs (loop1): bogus number of FAT sectors [ 67.030934][ T42] usb 5-1: Using ep0 maxpacket: 16 [ 67.036335][ T1263] FAT-fs (loop1): Can't find a valid FAT filesystem [ 67.095866][ T1275] loop0: detected capacity change from 0 to 2048 [ 67.104281][ T6] usb 3-1: Using ep0 maxpacket: 16 [ 67.153239][ T1275] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 67.178402][ T1275] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 67.194175][ T42] usb 5-1: config 0 has an invalid interface number: 2 but max is 0 [ 67.202466][ T1275] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 67.216478][ T42] usb 5-1: config 0 has no interface number 0 [ 67.222785][ T42] usb 5-1: config 0 interface 2 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 67.233618][ T1275] EXT4-fs (loop0): This should not happen!! Data will be lost [ 67.233618][ T1275] [ 67.234228][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 67.254878][ T1275] EXT4-fs (loop0): Total free blocks count 0 [ 67.260807][ T1275] EXT4-fs (loop0): Free/Dirty block details [ 67.268978][ T1275] EXT4-fs (loop0): free_blocks=2415919104 [ 67.274154][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 67.274935][ T1275] EXT4-fs (loop0): dirty_blocks=16 [ 67.285113][ T6] usb 3-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 67.299849][ T1275] EXT4-fs (loop0): Block reservation details [ 67.300860][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.316264][ T1275] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 67.325729][ T1285] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 67.344423][ T6] usb 3-1: config 0 descriptor?? [ 67.362070][ T1285] EXT4-fs (loop0): This should not happen!! Data will be lost [ 67.362070][ T1285] [ 67.372398][ T42] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 67.386185][ T42] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 67.417460][ T42] usb 5-1: Product: syz [ 67.421585][ T42] usb 5-1: SerialNumber: syz [ 67.436156][ T42] usb 5-1: config 0 descriptor?? [ 67.474354][ T1248] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 67.724839][ T42] usb 5-1: invalid MIDI in EP 0 [ 67.729934][ T42] snd-usb-audio: probe of 5-1:0.2 failed with error -22 [ 67.740209][ T42] usb 5-1: USB disconnect, device number 8 [ 67.815248][ T6] ntrig 0003:1B96:0008.0021: unbalanced collection at end of report description [ 67.825951][ T6] ntrig 0003:1B96:0008.0021: parse failed [ 67.831906][ T6] ntrig: probe of 0003:1B96:0008.0021 failed with error -22 [ 68.034705][ T6] usb 3-1: USB disconnect, device number 14 [ 68.216877][ T1302] netlink: 'syz.4.379': attribute type 12 has an invalid length. [ 68.252460][ T1307] loop0: detected capacity change from 0 to 512 [ 68.293081][ T1313] loop1: detected capacity change from 0 to 512 [ 68.329308][ T1316] loop4: detected capacity change from 0 to 128 [ 68.342675][ T1313] EXT4-fs (loop1): Ignoring removed orlov option [ 68.351766][ T1313] EXT4-fs warning (device loop1): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 68.352210][ T1307] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 68.364624][ T1313] EXT4-fs warning (device loop1): dx_probe:880: Enable large directory feature to access it [ 68.376535][ T1307] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038 (0x7fffffff) [ 68.387317][ T1313] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz.1.383: Corrupt directory, running e2fsck is recommended [ 68.414791][ T1307] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz.0.389: corrupted inode contents [ 68.434981][ T1307] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #2: comm syz.0.389: mark_inode_dirty error [ 68.438699][ T1316] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 68.449668][ T1313] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 68.461314][ T1307] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz.0.389: corrupted inode contents [ 68.480025][ T1316] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038 (0x7fffffff) [ 68.488208][ T1313] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz.1.383: corrupted in-inode xattr [ 68.499041][ T1307] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz.0.389: mark_inode_dirty error [ 68.531944][ T1313] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.383: couldn't read orphan inode 15 (err -117) [ 68.551609][ T1307] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback. [ 68.567089][ T1313] EXT4-fs (loop1): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,nogrpid,orlov,auto_da_alloc,grpjquota=.nouid32,inode_readahead_blks=0x0000000000020000,jqfmt=vfsold,stripe=0x0000000000005d95,,,errors=continue. Quota mode: writeback. [ 68.630044][ T1328] loop3: detected capacity change from 0 to 2048 [ 68.664987][ T1332] loop4: detected capacity change from 0 to 2048 [ 68.690204][ T1328] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 68.716424][ T1328] ext4 filesystem being mounted at /95/bus supports timestamps until 2038 (0x7fffffff) [ 68.727800][ T1332] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 68.777874][ T1332] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 68.793987][ T1332] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 68.808252][ T1332] EXT4-fs (loop4): This should not happen!! Data will be lost [ 68.808252][ T1332] [ 68.818900][ T1332] EXT4-fs (loop4): Total free blocks count 0 [ 68.826126][ T1332] EXT4-fs (loop4): Free/Dirty block details [ 68.833182][ T1332] EXT4-fs (loop4): free_blocks=2415919104 [ 68.839325][ T1332] EXT4-fs (loop4): dirty_blocks=16 [ 68.845040][ T1332] EXT4-fs (loop4): Block reservation details [ 68.851016][ T1332] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 68.879804][ T1332] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 68.910516][ T1332] EXT4-fs (loop4): This should not happen!! Data will be lost [ 68.910516][ T1332] [ 69.145414][ T1373] capability: warning: `syz.3.407' uses deprecated v2 capabilities in a way that may be insecure [ 69.147290][ T1371] loop4: detected capacity change from 0 to 512 [ 69.218605][ T1371] EXT4-fs (loop4): Ignoring removed orlov option [ 69.227097][ T1371] EXT4-fs warning (device loop4): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 69.246688][ T1371] EXT4-fs warning (device loop4): dx_probe:880: Enable large directory feature to access it [ 69.257402][ T1371] EXT4-fs warning (device loop4): dx_probe:965: inode #2: comm syz.4.404: Corrupt directory, running e2fsck is recommended [ 69.282591][ T1371] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 69.292302][ T1371] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #15: comm syz.4.404: corrupted in-inode xattr [ 69.354235][ T1371] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.404: couldn't read orphan inode 15 (err -117) [ 69.368370][ T1371] EXT4-fs (loop4): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,nogrpid,orlov,auto_da_alloc,grpjquota=.nouid32,inode_readahead_blks=0x0000000000020000,jqfmt=vfsold,stripe=0x0000000000005d95,,,errors=continue. Quota mode: writeback. [ 69.425472][ T1392] loop2: detected capacity change from 0 to 2048 [ 69.433067][ T1395] SELinux: Context Ü is not valid (left unmapped). [ 69.468527][ T1399] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=1399 comm=syz.1.418 [ 69.500088][ T1392] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 69.511851][ T1405] netlink: 8 bytes leftover after parsing attributes in process `syz.4.419'. [ 69.557563][ T1392] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 69.573277][ T1392] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 69.586790][ T1392] EXT4-fs (loop2): This should not happen!! Data will be lost [ 69.586790][ T1392] [ 69.599206][ T1392] EXT4-fs (loop2): Total free blocks count 0 [ 69.605336][ T1392] EXT4-fs (loop2): Free/Dirty block details [ 69.611089][ T1392] EXT4-fs (loop2): free_blocks=2415919104 [ 69.617373][ T1392] EXT4-fs (loop2): dirty_blocks=16 [ 69.622668][ T1392] EXT4-fs (loop2): Block reservation details [ 69.628855][ T1392] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 69.676364][ T1392] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 69.708050][ T1426] loop1: detected capacity change from 0 to 128 [ 69.722795][ T1392] EXT4-fs (loop2): This should not happen!! Data will be lost [ 69.722795][ T1392] [ 69.743447][ T323] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 69.839601][ T1433] loop4: detected capacity change from 0 to 2048 [ 69.868580][ T1437] loop2: detected capacity change from 0 to 512 [ 69.878784][ T1439] binder: 1438:1439 ioctl c0306201 200001c0 returned -14 [ 69.905848][ T1437] EXT4-fs (loop2): Ignoring removed orlov option [ 69.921890][ T1437] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 69.938209][ T1437] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 69.953219][ T1433] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 69.967264][ T1437] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.431: Corrupt directory, running e2fsck is recommended [ 69.984392][ T323] usb 1-1: Using ep0 maxpacket: 16 [ 70.012883][ T1433] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none. [ 70.017761][ T1437] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 70.043709][ T1437] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz.2.431: corrupted in-inode xattr [ 70.072316][ T1456] loop1: detected capacity change from 0 to 128 [ 70.078557][ T1437] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.431: couldn't read orphan inode 15 (err -117) [ 70.105221][ T1456] EXT4-fs (loop1): Test dummy encryption mode enabled [ 70.110777][ T1437] EXT4-fs (loop2): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,nogrpid,orlov,auto_da_alloc,grpjquota=.nouid32,inode_readahead_blks=0x0000000000020000,jqfmt=vfsold,stripe=0x0000000000005d95,,,errors=continue. Quota mode: writeback. [ 70.122424][ T323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 70.179794][ T1456] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,test_dummy_encryption,,errors=continue. Quota mode: none. [ 70.185032][ T1449] loop3: detected capacity change from 0 to 40427 [ 70.201666][ T1456] ext4 filesystem being mounted at /103/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 70.235328][ T323] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 70.251616][ T1456] EXT4-fs (loop1): Online defrag not supported for encrypted files [ 70.260229][ T1449] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 70.268284][ T1449] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 70.278548][ T323] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 70.287921][ T323] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.290577][ T1449] F2FS-fs (loop3): Found nat_bits in checkpoint [ 70.301497][ T323] usb 1-1: config 0 descriptor?? [ 70.322697][ T1449] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 70.330216][ T1449] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 70.385056][ T30] kauditd_printk_skb: 68 callbacks suppressed [ 70.385076][ T30] audit: type=1400 audit(1725932690.303:7173): avc: denied { create } for pid=1466 comm="syz.1.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 70.435542][ T30] audit: type=1400 audit(1725932690.303:7174): avc: denied { setopt } for pid=1466 comm="syz.1.446" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 70.531130][ T1477] serio: Serial port ptm1 [ 70.556178][ T1480] loop3: detected capacity change from 0 to 2048 [ 70.634159][ T6] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 70.647684][ T1480] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 70.668431][ T1480] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 70.685086][ T1480] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 70.699088][ T1480] EXT4-fs (loop3): This should not happen!! Data will be lost [ 70.699088][ T1480] [ 70.709814][ T1480] EXT4-fs (loop3): Total free blocks count 0 [ 70.716223][ T1480] EXT4-fs (loop3): Free/Dirty block details [ 70.722500][ T1480] EXT4-fs (loop3): free_blocks=2415919104 [ 70.728609][ T1480] EXT4-fs (loop3): dirty_blocks=16 [ 70.734455][ T1480] EXT4-fs (loop3): Block reservation details [ 70.740882][ T1480] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 70.747908][ T1484] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28 [ 70.761147][ T1484] EXT4-fs (loop3): This should not happen!! Data will be lost [ 70.761147][ T1484] [ 70.775780][ T323] HID 045e:07da: Invalid code 65791 type 1 [ 70.785817][ T323] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0022/input/input15 [ 70.798692][ T323] microsoft 0003:045E:07DA.0022: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0 [ 71.004211][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 71.015394][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 71.025816][ T6] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 71.035964][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.058295][ T6] usb 5-1: config 0 descriptor?? [ 71.112488][ T1486] loop3: detected capacity change from 0 to 131072 [ 71.184721][ T1486] F2FS-fs (loop3): QUOTA feature is enabled, so ignore qf_name [ 71.194217][ T20] usb 1-1: USB disconnect, device number 15 [ 71.204240][ T1486] F2FS-fs (loop3): invalid crc value [ 71.213110][ T1486] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 71.236456][ T1486] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 71.535562][ T6] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 71.545152][ T6] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 71.552031][ T6] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 71.559347][ T6] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 71.566946][ T6] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 71.573845][ T6] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 71.581239][ T6] lg-g15 0003:046D:C222.0023: unknown main item tag 0x0 [ 71.588836][ T6] lg-g15 0003:046D:C222.0023: item fetching failed at offset 7/11 [ 71.597599][ T6] lg-g15: probe of 0003:046D:C222.0023 failed with error -22 [ 71.715317][ T1502] loop0: detected capacity change from 0 to 512 [ 71.732718][ T1502] EXT4-fs (loop0): Ignoring removed orlov option [ 71.745851][ T30] audit: type=1400 audit(1725932691.663:7175): avc: denied { read } for pid=1505 comm="syz.1.457" dev="nsfs" ino=4026532287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 71.776732][ T6] usb 5-1: USB disconnect, device number 9 [ 71.783139][ T30] audit: type=1400 audit(1725932691.683:7176): avc: denied { open } for pid=1505 comm="syz.1.457" path="net:[4026532287]" dev="nsfs" ino=4026532287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 71.794906][ T1502] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 71.818874][ T1502] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 71.829915][ T1502] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz.0.454: Corrupt directory, running e2fsck is recommended [ 71.852872][ T1502] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 71.861479][ T1502] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.454: corrupted in-inode xattr [ 71.874449][ T1502] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.454: couldn't read orphan inode 15 (err -117) [ 71.886883][ T1502] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,nogrpid,orlov,auto_da_alloc,grpjquota=.nouid32,inode_readahead_blks=0x0000000000020000,jqfmt=vfsold,stripe=0x0000000000005d95,,,errors=continue. Quota mode: writeback. [ 71.940759][ T1517] loop1: detected capacity change from 0 to 1024 [ 71.976622][ T1517] EXT4-fs (loop1): Ignoring removed nobh option [ 71.983349][ T1517] EXT4-fs (loop1): Ignoring removed nobh option [ 71.990919][ T1517] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 72.007008][ T1517] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,noauto_da_alloc,jqfmt=vfsold,data_err=abort,nobh,dioread_nolock,barrier=0x0000000000000000,discard,jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 72.020430][ T1521] loop0: detected capacity change from 0 to 512 [ 72.047862][ T1521] EXT4-fs (loop0): Ignoring removed orlov option [ 72.057094][ T1521] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 72.069616][ T786] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 72.069634][ T1521] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 72.069657][ T1521] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz.0.472: Corrupt directory, running e2fsck is recommended [ 72.113295][ T1521] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 72.121872][ T1521] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.472: corrupted in-inode xattr [ 72.134568][ T1521] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.472: couldn't read orphan inode 15 (err -117) [ 72.147255][ T1521] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,nogrpid,orlov,auto_da_alloc,grpjquota=.nouid32,inode_readahead_blks=0x0000000000020000,jqfmt=vfsold,stripe=0x0000000000005d95,,,errors=continue. Quota mode: writeback. [ 72.464292][ T786] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 72.476401][ T786] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 72.486264][ T786] usb 3-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00 [ 72.495865][ T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.504709][ T786] usb 3-1: config 0 descriptor?? [ 72.985232][ T786] itetech 0003:258A:6A88.0024: unknown main item tag 0x0 [ 72.993061][ T786] itetech 0003:258A:6A88.0024: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.2-1/input0 [ 73.188476][ T786] usb 3-1: USB disconnect, device number 15 [ 73.736285][ T1538] netlink: 'syz.2.463': attribute type 12 has an invalid length. [ 73.953229][ T30] audit: type=1326 audit(1725932693.863:7177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5675129ef9 code=0x7ffc0000 [ 73.999021][ T30] audit: type=1326 audit(1725932693.863:7178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5675129ef9 code=0x7ffc0000 [ 74.090131][ T30] audit: type=1326 audit(1725932693.863:7179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5675129ef9 code=0x7ffc0000 [ 74.135064][ T30] audit: type=1326 audit(1725932693.863:7180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5675129ef9 code=0x7ffc0000 [ 74.161677][ T30] audit: type=1326 audit(1725932693.943:7181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5675129ef9 code=0x7ffc0000 [ 74.196278][ T1583] netlink: 'syz.1.486': attribute type 10 has an invalid length. [ 74.211592][ T1583] netlink: 148 bytes leftover after parsing attributes in process `syz.1.486'. [ 74.241870][ T30] audit: type=1326 audit(1725932693.943:7182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1558 comm="syz.2.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5675129ef9 code=0x7ffc0000 [ 74.283130][ T1593] netlink: 'syz.2.490': attribute type 12 has an invalid length. [ 74.572794][ T1642] syz.3.512[1642] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.572890][ T1642] syz.3.512[1642] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.589115][ T1642] serio: Serial port ptm0 [ 74.641205][ T1648] loop0: detected capacity change from 0 to 128 [ 74.659317][ T1654] netlink: 'syz.3.517': attribute type 12 has an invalid length. [ 74.744168][ T323] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 74.964776][ T1680] loop3: detected capacity change from 0 to 256 [ 75.091401][ T1684] loop3: detected capacity change from 0 to 128 [ 75.144146][ T20] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 75.156499][ T1684] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 75.164413][ T323] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 75.168143][ T1684] ext4 filesystem being mounted at /128/mnt supports timestamps until 2038 (0x7fffffff) [ 75.179414][ T323] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 75.201760][ T323] usb 2-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 75.215318][ T323] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.218016][ T1687] netlink: 'syz.3.532': attribute type 12 has an invalid length. [ 75.370747][ T1700] tap0: tun_chr_ioctl cmd 1074025675 [ 75.376050][ T1700] tap0: persist enabled [ 75.380231][ T1700] tap0: tun_chr_ioctl cmd 1074025675 [ 75.384127][ T20] usb 1-1: Using ep0 maxpacket: 8 [ 75.385622][ T1700] tap0: persist enabled [ 75.409215][ T30] kauditd_printk_skb: 32 callbacks suppressed [ 75.409235][ T30] audit: type=1400 audit(1725932695.323:7215): avc: denied { read } for pid=1701 comm="syz.3.539" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 75.514289][ T20] usb 1-1: config 135 has an invalid interface number: 230 but max is 0 [ 75.523009][ T20] usb 1-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 75.533672][ T20] usb 1-1: config 135 has no interface number 0 [ 75.540479][ T20] usb 1-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 75.554107][ T318] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 75.602992][ T1717] netlink: 'syz.3.545': attribute type 12 has an invalid length. [ 75.714252][ T20] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 75.723550][ T20] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 75.732541][ T20] usb 1-1: Product: syz [ 75.735514][ T323] logitech-hidpp-device 0003:046D:C086.0025: unknown main item tag 0x0 [ 75.736910][ T20] usb 1-1: Manufacturer: syz [ 75.746130][ T323] logitech-hidpp-device 0003:046D:C086.0025: unknown main item tag 0x0 [ 75.752922][ T20] usb 1-1: SerialNumber: syz [ 75.760991][ T323] logitech-hidpp-device 0003:046D:C086.0025: unknown main item tag 0x0 [ 75.772638][ T323] logitech-hidpp-device 0003:046D:C086.0025: unknown main item tag 0x0 [ 75.782050][ T323] logitech-hidpp-device 0003:046D:C086.0025: unknown main item tag 0x0 [ 75.791110][ T323] logitech-hidpp-device 0003:046D:C086.0025: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.1-1/input0 [ 75.809609][ T20] usb 1-1: Found UVC 0.00 device syz (18ec:3288) [ 75.816246][ T20] usb 1-1: No valid video chain found. [ 75.914192][ T318] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 75.924702][ T318] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 75.939866][ T20] usb 2-1: USB disconnect, device number 15 [ 75.974180][ T42] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 75.984155][ T302] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 76.004218][ T318] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 76.011084][ T323] usb 1-1: USB disconnect, device number 16 [ 76.014290][ T318] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 76.031622][ T318] usb 5-1: SerialNumber: syz [ 76.234143][ T302] usb 3-1: Using ep0 maxpacket: 8 [ 76.315162][ T318] usb 5-1: 0:2 : does not exist [ 76.319993][ T318] usb 5-1: unit 5: unexpected type 0x09 [ 76.328451][ T318] usb 5-1: USB disconnect, device number 10 [ 76.338783][ T346] udevd[346]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 76.374314][ T42] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 18 [ 76.384499][ T302] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 76.396119][ T302] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 76.407003][ T302] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 76.417440][ T302] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 76.431027][ T302] usb 3-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 76.440047][ T302] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.449957][ T302] usb 3-1: config 0 descriptor?? [ 76.478458][ T1728] loop1: detected capacity change from 0 to 512 [ 76.564314][ T42] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 76.574734][ T42] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.577616][ T1728] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 76.583129][ T42] usb 4-1: Product: syz [ 76.583153][ T42] usb 4-1: Manufacturer: syz [ 76.583167][ T42] usb 4-1: SerialNumber: syz [ 76.583937][ T42] usb 4-1: config 0 descriptor?? [ 76.593179][ T1728] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 76.622478][ T1728] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz.1.550: corrupted in-inode xattr [ 76.635284][ T1723] raw-gadget.3 gadget: fail, usb_ep_enable returned -22 [ 76.635611][ T1728] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.550: couldn't read orphan inode 15 (err -117) [ 76.656085][ T1728] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,mblk_io_submit,min_batch_time=0x0000000000000009,nogrpid,block_validity,errors=continue,mb_optimize_scan=0x0000000000000001,init_itable=0x00000000000003ed,,errors=continue. Quota mode: none. [ 76.723167][ T1734] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 76.740736][ T1736] loop1: detected capacity change from 0 to 256 [ 76.822314][ T30] audit: type=1400 audit(1725932696.733:7216): avc: denied { create } for pid=1735 comm="syz.1.553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 76.844893][ T318] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 76.852845][ T30] audit: type=1400 audit(1725932696.733:7217): avc: denied { getopt } for pid=1735 comm="syz.1.553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 76.895765][ T30] audit: type=1400 audit(1725932696.813:7218): avc: denied { write } for pid=1743 comm="syz.1.556" name="hwrng" dev="devtmpfs" ino=94 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 76.898564][ T42] usb 4-1: USB disconnect, device number 12 [ 76.935921][ T302] kye 0003:0458:5011.0026: unbalanced collection at end of report description [ 76.954400][ T302] kye 0003:0458:5011.0026: parse failed [ 76.960009][ T302] kye: probe of 0003:0458:5011.0026 failed with error -22 [ 77.154938][ T20] usb 3-1: USB disconnect, device number 16 [ 77.254218][ T318] usb 1-1: config 0 has an invalid interface number: 32 but max is 0 [ 77.262491][ T318] usb 1-1: config 0 has no interface number 0 [ 77.264113][ T302] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 77.268616][ T318] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.287343][ T318] usb 1-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 77.297163][ T318] usb 1-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 77.306624][ T318] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.317436][ T318] usb 1-1: config 0 descriptor?? [ 77.467263][ T30] audit: type=1400 audit(1725932697.383:7219): avc: denied { getopt } for pid=1757 comm="syz.3.562" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 77.495940][ T1760] syz.3.563[1760] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 77.496012][ T1760] syz.3.563[1760] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 77.585701][ T30] audit: type=1326 audit(1725932697.503:7220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1769 comm="syz.3.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 77.622705][ T30] audit: type=1326 audit(1725932697.503:7221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1769 comm="syz.3.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 77.648119][ T302] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 77.651474][ T30] audit: type=1326 audit(1725932697.503:7222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1769 comm="syz.3.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 77.661098][ T302] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 77.685639][ T30] audit: type=1326 audit(1725932697.503:7223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1769 comm="syz.3.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 77.721363][ T302] usb 5-1: New USB device found, idVendor=0f30, idProduct=0111, bcdDevice= 0.00 [ 77.731717][ T302] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.742758][ T302] usb 5-1: config 0 descriptor?? [ 77.749262][ T30] audit: type=1326 audit(1725932697.503:7224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1769 comm="syz.3.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe877e42ef9 code=0x7ffc0000 [ 77.750323][ T1772] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=1772 comm=syz.3.569 [ 77.778804][ T1774] syz.2.570[1774] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 77.789111][ T1774] syz.2.570[1774] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 77.805473][ T318] logitech-djreceiver 0003:046D:C71B.0027: unknown main item tag 0x6 [ 77.830504][ T318] logitech-djreceiver 0003:046D:C71B.0027: hidraw0: USB HID v0.00 Device [HID 046d:c71b] on usb-dummy_hcd.0-1/input32 [ 77.868324][ T1778] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22 [ 77.888755][ T1778] SELinux: security_context_str_to_sid(staff_u) failed for (dev tmpfs, type tmpfs) errno=-22 [ 77.978321][ T1795] loop1: detected capacity change from 0 to 512 [ 77.997433][ T1799] loop3: detected capacity change from 0 to 256 [ 78.013309][ T1795] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities [ 78.024610][ T20] usb 1-1: USB disconnect, device number 17 [ 78.236514][ T302] pantherlord 0003:0F30:0111.0028: item fetching failed at offset 6/7 [ 78.247693][ T302] pantherlord 0003:0F30:0111.0028: parse failed [ 78.257020][ T302] pantherlord: probe of 0003:0F30:0111.0028 failed with error -22 [ 78.448074][ T786] usb 5-1: USB disconnect, device number 11 [ 78.572667][ T1851] loop0: detected capacity change from 0 to 512 [ 78.595552][ T1852] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 78.603528][ T1852] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=65504 sclass=netlink_audit_socket pid=1852 comm=syz.2.601 [ 78.627122][ T1851] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 78.638572][ T1851] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038 (0x7fffffff) [ 78.664230][ T1856] input: syz0 as /devices/virtual/input/input16 [ 78.670742][ T1856] input: failed to attach handler leds to device input16, error: -6 [ 78.790929][ T1858] loop0: detected capacity change from 0 to 40427 [ 78.884680][ T1858] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 78.892644][ T1858] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 78.904382][ T1858] F2FS-fs (loop0): Found nat_bits in checkpoint [ 78.940613][ T1858] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 78.948907][ T1858] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 78.984195][ T302] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 79.022429][ T786] hid-generic 0000:0000:0000.0029: unknown main item tag 0x0 [ 79.033587][ T786] hid-generic 0000:0000:0000.0029: hidraw0: HID v0.00 Device [syz1] on syz0 [ 79.079995][ T1878] loop4: detected capacity change from 0 to 128 [ 79.224202][ T302] usb 3-1: Using ep0 maxpacket: 16 [ 79.304165][ T20] usb 4-1: new full-speed USB device number 13 using dummy_hcd [ 79.354218][ T302] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 79.373340][ T302] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 79.390576][ T302] usb 3-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 79.403217][ T302] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.409247][ T1903] loop1: detected capacity change from 0 to 128 [ 79.418872][ T302] usb 3-1: config 0 descriptor?? [ 79.714145][ T20] usb 4-1: unable to get BOS descriptor or descriptor too short [ 79.731106][ T1934] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.739303][ T1934] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.748691][ T1934] device bridge_slave_0 entered promiscuous mode [ 79.758848][ T1934] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.766621][ T1934] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.774497][ T1934] device bridge_slave_1 entered promiscuous mode [ 79.850824][ T1941] netlink: 12 bytes leftover after parsing attributes in process `syz.1.643'. [ 79.860051][ T20] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 79.868492][ T20] usb 4-1: can't read configurations, error -71 [ 79.899077][ T1934] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.905104][ T302] lenovo 0003:17EF:6009.002A: item fetching failed at offset 1/5 [ 79.906589][ T1934] bridge0: port 2(bridge_slave_1) entered forwarding state [ 79.917654][ T302] lenovo 0003:17EF:6009.002A: hid_parse failed [ 79.921846][ T1934] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.928684][ T302] lenovo: probe of 0003:17EF:6009.002A failed with error -22 [ 79.936012][ T1934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.957067][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 79.969940][ T318] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.979951][ T318] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.995330][ T1947] loop0: detected capacity change from 0 to 128 [ 80.003504][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 80.012192][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.019427][ T302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.027139][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 80.028593][ T1947] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 80.035540][ T302] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.047328][ T1947] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038 (0x7fffffff) [ 80.053801][ T302] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.072206][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 80.080415][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 80.094437][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 80.113217][ T1934] device veth0_vlan entered promiscuous mode [ 80.120260][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 80.129223][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 80.137074][ T42] usb 3-1: USB disconnect, device number 17 [ 80.137413][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 80.161459][ T1953] xt_hashlimit: size too large, truncated to 1048576 [ 80.186599][ T1934] device veth1_macvtap entered promiscuous mode [ 80.194614][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 80.224414][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 80.249763][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 80.374189][ T302] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 80.553611][ T1963] loop4: detected capacity change from 0 to 40427 [ 80.567914][ T1963] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 80.568042][ T1970] loop0: detected capacity change from 0 to 512 [ 80.583769][ T1963] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 80.602923][ T1963] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 80.636216][ T1963] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 80.643696][ T1963] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 80.648639][ T1965] loop3: detected capacity change from 0 to 40427 [ 80.654107][ T302] usb 2-1: Using ep0 maxpacket: 16 [ 80.678684][ T1970] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,errors=continue,quota,,errors=continue. Quota mode: writeback. [ 80.687614][ T1980] loop2: detected capacity change from 0 to 1024 [ 80.694450][ T1970] ext4 filesystem being mounted at /98/bus supports timestamps until 2038 (0x7fffffff) [ 80.712003][ T427] device bridge_slave_1 left promiscuous mode [ 80.715602][ T1963] attempt to access beyond end of device [ 80.715602][ T1963] loop4: rw=2049, want=45112, limit=40427 [ 80.721110][ T427] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.739617][ T427] device bridge_slave_0 left promiscuous mode [ 80.746631][ T30] kauditd_printk_skb: 94 callbacks suppressed [ 80.746650][ T30] audit: type=1400 audit(1725932700.653:7319): avc: denied { setattr } for pid=1969 comm="syz.0.654" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 80.755047][ T1970] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 80.778569][ T43] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #3: block 15: comm kworker/u4:2: lblock 2 mapped to illegal pblock 15 (length 1) [ 80.788100][ T1934] attempt to access beyond end of device [ 80.788100][ T1934] loop4: rw=2049, want=45120, limit=40427 [ 80.815032][ T302] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.822265][ T30] audit: type=1400 audit(1725932700.663:7320): avc: denied { mounton } for pid=1969 comm="syz.0.654" path="/98/bus/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 80.854781][ T302] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.854892][ T427] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.866532][ T302] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 80.888395][ T427] device veth1_macvtap left promiscuous mode [ 80.888506][ T1970] EXT4-fs error (device loop0): ext4_setattr:5449: inode #12: comm syz.0.654: mark_inode_dirty error [ 80.911352][ T1965] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 80.920128][ T427] device veth0_vlan left promiscuous mode [ 80.920233][ T1965] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 80.935392][ T43] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 80.943602][ T43] EXT4-fs error (device loop0): ext4_write_dquot:6167: comm kworker/u4:2: Failed to commit dquot type 0 [ 80.961302][ T302] usb 2-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 80.971040][ T302] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.974640][ T1980] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled [ 80.981115][ T302] usb 2-1: config 0 descriptor?? [ 80.996338][ T43] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync! [ 81.020913][ T295] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1) [ 81.034078][ T1980] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 81.045107][ T43] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #3: block 13: comm kworker/u4:2: lblock 0 mapped to illegal pblock 13 (length 1) [ 81.060970][ T1980] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 81.067553][ T1965] F2FS-fs (loop3): invalid crc_offset: 12 [ 81.079929][ T1980] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e841c09c, mo2=0003] [ 81.081511][ T1965] F2FS-fs (loop3): Failed to get valid F2FS checkpoint [ 81.090258][ T43] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 81.105588][ T1980] System zones: 0-1, 3-36 [ 81.106258][ T43] EXT4-fs error (device loop0): ext4_release_dquot:6210: comm kworker/u4:2: Failed to release dquot type 0 [ 81.122386][ T43] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #4: block 19: comm kworker/u4:2: lblock 2 mapped to illegal pblock 19 (length 1) [ 81.151561][ T43] Quota error (device loop0): qtree_write_dquot: dquota write failed [ 81.162686][ T1980] EXT4-fs (loop2): mounted filesystem without journal. Opts: minixdf,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,jqfmt=vfsold,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback. [ 81.184074][ T43] EXT4-fs error (device loop0): ext4_write_dquot:6167: comm kworker/u4:2: Failed to commit dquot type 1 [ 81.195968][ T30] audit: type=1400 audit(1725932701.103:7321): avc: denied { create } for pid=1984 comm="syz.4.657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 81.223488][ T43] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync! [ 81.223656][ T30] audit: type=1400 audit(1725932701.103:7322): avc: denied { write } for pid=1984 comm="syz.4.657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 81.258843][ T43] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #4: block 16: comm kworker/u4:2: lblock 0 mapped to illegal pblock 16 (length 1) [ 81.261975][ T30] audit: type=1400 audit(1725932701.103:7323): avc: denied { nlmsg_write } for pid=1984 comm="syz.4.657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 81.326706][ T1965] loop3: detected capacity change from 0 to 16 [ 81.481062][ T1965] erofs: (device loop3): mounted with root inode @ nid 36. [ 81.534124][ T20] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 82.055008][ T427] device bridge_slave_1 left promiscuous mode [ 82.061738][ T427] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.124280][ T427] device bridge_slave_0 left promiscuous mode [ 82.130650][ T427] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.204963][ T427] device veth1_macvtap left promiscuous mode [ 82.210867][ T427] device veth0_vlan left promiscuous mode [ 85.842952][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 85.842973][ T30] audit: type=1400 audit(1725932705.753:7325): avc: denied { create } for pid=1997 comm="syz.2.665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 85.890887][ T302] usbhid 2-1:0.0: can't add hid device: -71 [ 85.899330][ T302] usbhid: probe of 2-1:0.0 failed with error -71 [ 85.911107][ T302] usb 2-1: USB disconnect, device number 16 [ 85.916877][ T30] audit: type=1400 audit(1725932705.793:7326): avc: denied { write } for pid=1997 comm="syz.2.665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 85.997913][ T2008] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.005769][ T2008] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.013970][ T2008] device bridge_slave_0 entered promiscuous mode [ 86.021628][ T2008] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.029402][ T2008] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.037342][ T2008] device bridge_slave_1 entered promiscuous mode [ 86.079392][ T2004] loop2: detected capacity change from 0 to 40427 [ 86.102491][ T2008] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.109646][ T2008] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.117176][ T2008] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.124526][ T2008] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.145917][ T318] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.154006][ T318] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.161488][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 86.169014][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 86.178559][ T323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 86.187105][ T323] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.194149][ T323] bridge0: port 1(bridge_slave_0) entered forwarding state [ 86.202390][ T2004] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 86.210869][ T2004] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 86.215418][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 86.222601][ T2004] F2FS-fs (loop2): Found nat_bits in checkpoint [ 86.227512][ T316] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.241548][ T316] bridge0: port 2(bridge_slave_1) entered forwarding state [ 86.264124][ T302] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 86.281422][ T2004] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 86.289249][ T2004] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 86.298053][ T323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 86.312393][ T30] audit: type=1400 audit(1725932706.223:7327): avc: denied { create } for pid=2003 comm="syz.2.667" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 86.314491][ T323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 86.343328][ T30] audit: type=1400 audit(1725932706.253:7328): avc: denied { mounton } for pid=2003 comm="syz.2.667" path="/125/bus/bus" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 86.351881][ T2008] device veth0_vlan entered promiscuous mode [ 86.376011][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 86.386078][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 86.389890][ T296] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 86.394490][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 86.394935][ T296] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 86.402381][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 86.409840][ T2008] device veth1_macvtap entered promiscuous mode [ 86.414340][ T30] audit: type=1400 audit(1725932706.253:7329): avc: denied { write } for pid=2003 comm="syz.2.667" name="bus" dev="loop2" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 86.426644][ T296] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 86.455107][ T296] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 86.456768][ T30] audit: type=1400 audit(1725932706.253:7330): avc: denied { add_name } for pid=2003 comm="syz.2.667" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 86.462950][ T296] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 86.471368][ T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 86.501421][ T296] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 86.506904][ T30] audit: type=1400 audit(1725932706.263:7331): avc: denied { setattr } for pid=2003 comm="syz.2.667" name="work" dev="loop2" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 86.506969][ T296] F2FS-fs (loop2): invalid namelen(0), ino:0, run fsck to fix. [ 86.515581][ T30] audit: type=1400 audit(1725932706.283:7332): avc: denied { remove_name } for pid=2003 comm="syz.2.667" name="#7" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 86.569362][ T302] usb 2-1: Using ep0 maxpacket: 16 [ 86.575658][ T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 86.584159][ T20] usb 5-1: device descriptor read/64, error -71 [ 86.591850][ T323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 86.594464][ T30] audit: type=1400 audit(1725932706.283:7333): avc: denied { rename } for pid=2003 comm="syz.2.667" name="#7" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 86.621953][ T30] audit: type=1400 audit(1725932706.283:7334): avc: denied { unlink } for pid=2003 comm="syz.2.667" name="#7" dev="loop2" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1 [ 86.704443][ T302] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 86.735300][ T302] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 86.746293][ T302] usb 2-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 86.756483][ T302] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.768466][ T302] usb 2-1: config 0 descriptor?? [ 86.994326][ T318] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 88.144338][ T20] usb 5-1: device descriptor read/all, error -71 [ 88.374168][ T6] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 88.744214][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.767197][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 88.779131][ T6] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 88.792675][ T6] usb 1-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 88.803639][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.814957][ T2072] netlink: 6 bytes leftover after parsing attributes in process `syz.2.691'. [ 88.825277][ T6] usb 1-1: config 0 descriptor?? [ 88.859666][ T2072] netlink: 6 bytes leftover after parsing attributes in process `syz.2.691'. [ 88.953463][ T2078] loop2: detected capacity change from 0 to 8192 [ 89.015866][ T2078] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 89.164177][ T302] usbhid 2-1:0.0: can't add hid device: -71 [ 89.170469][ T302] usbhid: probe of 2-1:0.0 failed with error -71 [ 89.181095][ T302] usb 2-1: USB disconnect, device number 17 [ 89.264111][ T20] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 89.305346][ T6] logitech 0003:046D:C293.002B: item fetching failed at offset 5/7 [ 89.313402][ T6] logitech 0003:046D:C293.002B: parse failed [ 89.320298][ T6] logitech: probe of 0003:046D:C293.002B failed with error -22 [ 89.505575][ T6] usb 1-1: USB disconnect, device number 18 [ 89.524171][ T318] usb 4-1: new full-speed USB device number 16 using dummy_hcd [ 89.534172][ T302] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 89.554264][ T786] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 89.634273][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.646191][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.656286][ T20] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 89.669675][ T20] usb 5-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00 [ 89.678791][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.687878][ T20] usb 5-1: config 0 descriptor?? [ 89.774176][ T302] usb 2-1: Using ep0 maxpacket: 8 [ 89.804269][ T786] usb 3-1: Using ep0 maxpacket: 8 [ 89.894168][ T302] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 89.903726][ T302] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.912623][ T302] usb 2-1: config 0 descriptor?? [ 89.916633][ T318] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 89.929630][ T786] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 89.938915][ T318] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 89.950590][ T786] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 89.961608][ T318] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.972052][ T786] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 89.981328][ T318] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 89.995932][ T318] usb 4-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00 [ 90.005733][ T318] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.016102][ T318] usb 4-1: config 0 descriptor?? [ 90.135214][ T20] betop 0003:11C2:2208.002C: item fetching failed at offset 4/5 [ 90.145486][ T20] betop 0003:11C2:2208.002C: parse failed [ 90.152222][ T20] betop: probe of 0003:11C2:2208.002C failed with error -22 [ 90.197063][ T786] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 90.214129][ T786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.222603][ T786] usb 3-1: Product: syz [ 90.233369][ T786] usb 3-1: Manufacturer: syz [ 90.242070][ T786] usb 3-1: SerialNumber: syz [ 90.352566][ T42] usb 5-1: USB disconnect, device number 13 [ 90.495299][ T318] hid-rmi 0003:17EF:6085.002D: unknown main item tag 0x0 [ 90.502877][ T318] hid-rmi 0003:17EF:6085.002D: unknown main item tag 0x0 [ 90.509918][ T318] hid-rmi 0003:17EF:6085.002D: item fetching failed at offset 2/5 [ 90.518563][ T318] hid-rmi 0003:17EF:6085.002D: parse failed [ 90.524850][ T318] hid-rmi: probe of 0003:17EF:6085.002D failed with error -22 [ 90.614342][ T786] usb 3-1: 0:2 : does not exist [ 90.621525][ T786] usb 3-1: USB disconnect, device number 18 [ 90.630302][ T346] udevd[346]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 90.698981][ T298] usb 4-1: USB disconnect, device number 16 [ 91.118182][ T2127] loop0: detected capacity change from 0 to 512 [ 91.126563][ T2127] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 91.137735][ T2127] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 91.155759][ T2127] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 91.164211][ T2127] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002] [ 91.164245][ T316] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 91.172390][ T2127] System zones: 0-1, 15-15, 18-18, 34-34 [ 91.172962][ T2127] EXT4-fs (loop0): orphan cleanup on readonly fs [ 91.193288][ T2127] __quota_error: 71 callbacks suppressed [ 91.193304][ T2127] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 91.208821][ T2127] EXT4-fs warning (device loop0): ext4_enable_quotas:6422: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 91.223847][ T2127] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 91.232073][ T2127] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.715: bg 0: block 40: padding at end of block bitmap is not set [ 91.248810][ T2127] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6184: Corrupt filesystem [ 91.258530][ T2127] EXT4-fs (loop0): 1 truncate cleaned up [ 91.264601][ T2127] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,nouid32,jqfmt=vfsv0,norecovery,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 91.282804][ T30] audit: type=1400 audit(1725932711.203:7406): avc: denied { mount } for pid=2126 comm="syz.0.715" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 91.326350][ T2127] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 91.334850][ T30] audit: type=1400 audit(1725932711.243:7407): avc: denied { read } for pid=2126 comm="syz.0.715" name="file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 91.358404][ T2127] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 91.367163][ T2127] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 91.375876][ T2127] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 91.385323][ T2127] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 91.387020][ T2137] xt_hashlimit: size too large, truncated to 1048576 [ 91.394021][ T2127] fscrypt (loop0, inode 16): Error -61 getting encryption context [ 91.408859][ T30] audit: type=1400 audit(1725932711.303:7408): avc: denied { setopt } for pid=2136 comm="syz.3.719" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 91.430621][ T30] audit: type=1400 audit(1725932711.333:7409): avc: denied { unmount } for pid=2008 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 91.451480][ T316] usb 5-1: Using ep0 maxpacket: 16 [ 91.464653][ T30] audit: type=1400 audit(1725932711.383:7410): avc: denied { module_request } for pid=2136 comm="syz.3.719" kmod="ip6t_" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 91.474339][ T302] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 91.497976][ T302] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 91.517394][ T302] asix: probe of 2-1:0.0 failed with error -71 [ 91.527287][ T302] usb 2-1: USB disconnect, device number 18 [ 91.568489][ T2142] netlink: 6 bytes leftover after parsing attributes in process `syz.0.721'. [ 91.577600][ T316] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.577695][ T2142] netlink: 6 bytes leftover after parsing attributes in process `syz.0.721'. [ 91.593330][ T316] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 91.619814][ T316] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 91.644717][ T316] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 91.644925][ T30] audit: type=1400 audit(1725932711.563:7411): avc: denied { ioctl } for pid=2143 comm="syz.0.722" path="socket:[22716]" dev="sockfs" ino=22716 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 91.661842][ T316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.697020][ T2144] device syzkaller0 entered promiscuous mode [ 91.724377][ T2114] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 91.756635][ T316] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 91.825999][ T30] audit: type=1400 audit(1725932711.743:7412): avc: denied { create } for pid=2150 comm="syz.0.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 91.846334][ T30] audit: type=1400 audit(1725932711.743:7413): avc: denied { connect } for pid=2150 comm="syz.0.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 91.867818][ T30] audit: type=1400 audit(1725932711.743:7414): avc: denied { write } for pid=2150 comm="syz.0.725" path="socket:[22725]" dev="sockfs" ino=22725 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 91.964657][ T316] cdc_acm 5-1:1.0: ttyACM0: USB ACM device [ 91.974004][ T316] usb 5-1: USB disconnect, device number 14 [ 92.056554][ T2168] netlink: 6 bytes leftover after parsing attributes in process `syz.3.733'. [ 92.072535][ T2168] netlink: 6 bytes leftover after parsing attributes in process `syz.3.733'. [ 92.092395][ T2170] loop1: detected capacity change from 0 to 512 [ 92.120661][ T2178] xt_hashlimit: size too large, truncated to 1048576 [ 92.176973][ T2170] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,errors=continue,quota,,errors=continue. Quota mode: writeback. [ 92.192973][ T323] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 92.200929][ T2170] ext4 filesystem being mounted at /160/bus supports timestamps until 2038 (0x7fffffff) [ 92.236483][ T2170] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 92.247152][ T2170] EXT4-fs error (device loop1): ext4_setattr:5449: inode #12: comm syz.1.745: mark_inode_dirty error [ 92.258724][ T43] EXT4-fs error (device loop1): ext4_map_blocks:602: inode #3: block 15: comm kworker/u4:2: lblock 2 mapped to illegal pblock 15 (length 1) [ 92.268275][ T293] EXT4-fs error (device loop1): ext4_map_blocks:602: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1) [ 92.290566][ T43] EXT4-fs error (device loop1): ext4_write_dquot:6167: comm kworker/u4:2: Failed to commit dquot type 0 [ 92.302337][ T43] EXT4-fs error (device loop1): ext4_map_blocks:602: inode #3: block 13: comm kworker/u4:2: lblock 0 mapped to illegal pblock 13 (length 1) [ 92.318378][ T43] EXT4-fs error (device loop1): ext4_release_dquot:6210: comm kworker/u4:2: Failed to release dquot type 0 [ 92.331366][ T43] EXT4-fs error (device loop1): ext4_map_blocks:602: inode #4: block 19: comm kworker/u4:2: lblock 2 mapped to illegal pblock 19 (length 1) [ 92.346498][ T43] EXT4-fs error (device loop1): ext4_write_dquot:6167: comm kworker/u4:2: Failed to commit dquot type 1 [ 92.358745][ T43] EXT4-fs error (device loop1): ext4_map_blocks:602: inode #4: block 16: comm kworker/u4:2: lblock 0 mapped to illegal pblock 16 (length 1) [ 92.434284][ T323] usb 1-1: Using ep0 maxpacket: 16 [ 92.518915][ T2202] netlink: 6 bytes leftover after parsing attributes in process `syz.4.747'. [ 92.529881][ T2202] netlink: 6 bytes leftover after parsing attributes in process `syz.4.747'. [ 92.544281][ T2194] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.551778][ T2194] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.559774][ T323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 92.562479][ T2194] device bridge_slave_0 entered promiscuous mode [ 92.571543][ T323] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 92.579194][ T2194] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.594992][ T323] usb 1-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 92.595488][ T2194] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.612395][ T323] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.613314][ T2194] device bridge_slave_1 entered promiscuous mode [ 92.622276][ T323] usb 1-1: config 0 descriptor?? [ 92.651843][ T2207] syz.4.749[2207] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 92.651946][ T2207] syz.4.749[2207] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 92.704818][ T2194] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.724174][ T2194] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.731763][ T2194] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.739316][ T2194] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.763780][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 92.771349][ T786] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.778979][ T786] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.789036][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 92.797449][ T302] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 92.805960][ T302] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.812824][ T302] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.821999][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 92.830615][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 92.838880][ T298] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.845998][ T298] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.859364][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 92.867633][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 92.877359][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 92.886181][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 92.904806][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 92.913990][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 92.923088][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 92.931863][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 92.940647][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 92.949057][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 92.960473][ T2194] device veth0_vlan entered promiscuous mode [ 92.974271][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 92.976074][ T2210] loop3: detected capacity change from 0 to 512 [ 92.983492][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 92.999945][ T2194] device veth1_macvtap entered promiscuous mode [ 93.014889][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 93.017544][ T2210] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,errors=continue,quota,,errors=continue. Quota mode: writeback. [ 93.022646][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 93.036786][ T2210] ext4 filesystem being mounted at /185/bus supports timestamps until 2038 (0x7fffffff) [ 93.044805][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 93.067241][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 93.076106][ T318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 93.095570][ T323] lenovo 0003:17EF:6009.002E: item fetching failed at offset 1/5 [ 93.102399][ T2210] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 93.103834][ T323] lenovo 0003:17EF:6009.002E: hid_parse failed [ 93.115035][ T43] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #3: block 15: comm kworker/u4:2: lblock 2 mapped to illegal pblock 15 (length 1) [ 93.124002][ T323] lenovo: probe of 0003:17EF:6009.002E failed with error -22 [ 93.136552][ T2210] EXT4-fs error (device loop3): ext4_setattr:5449: inode #12: comm syz.3.750: mark_inode_dirty error [ 93.161249][ T43] EXT4-fs error (device loop3): ext4_write_dquot:6167: comm kworker/u4:2: Failed to commit dquot type 0 [ 93.174663][ T43] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #3: block 13: comm kworker/u4:2: lblock 0 mapped to illegal pblock 13 (length 1) [ 93.188374][ T294] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1) [ 93.207036][ T43] EXT4-fs error (device loop3): ext4_release_dquot:6210: comm kworker/u4:2: Failed to release dquot type 0 [ 93.219637][ T43] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #4: block 19: comm kworker/u4:2: lblock 2 mapped to illegal pblock 19 (length 1) [ 93.235409][ T43] EXT4-fs error (device loop3): ext4_write_dquot:6167: comm kworker/u4:2: Failed to commit dquot type 1 [ 93.248560][ T43] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #4: block 16: comm kworker/u4:2: lblock 0 mapped to illegal pblock 16 (length 1) [ 93.362559][ T786] usb 1-1: USB disconnect, device number 19 [ 93.798380][ T2231] netlink: 6 bytes leftover after parsing attributes in process `syz.1.758'. [ 93.809181][ T2231] netlink: 6 bytes leftover after parsing attributes in process `syz.1.758'. [ 93.855897][ T2229] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.863136][ T2229] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.871103][ T2229] device bridge_slave_0 entered promiscuous mode [ 93.879473][ T2229] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.886901][ T2229] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.894698][ T2229] device bridge_slave_1 entered promiscuous mode [ 94.104111][ T318] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 95.296338][ T2249] loop1: detected capacity change from 0 to 1024 [ 95.342487][ T2255] loop0: detected capacity change from 0 to 1024 [ 95.348567][ T2249] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 95.371875][ T2249] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 95.383290][ T2249] JBD2: no valid journal superblock found [ 95.389284][ T2249] EXT4-fs (loop1): error loading journal [ 95.389527][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 95.402660][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.415489][ T2255] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 95.420433][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 95.424862][ T2255] EXT4-fs (loop0): orphan cleanup on readonly fs [ 95.433249][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 95.439084][ T2255] EXT4-fs error (device loop0): ext4_free_blocks:6224: comm syz.0.768: Freeing blocks not in datazone - block = 0, count = 4096 [ 95.455877][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.468880][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.472895][ T2255] EXT4-fs (loop0): 1 orphan inode deleted [ 95.476976][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 95.477306][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 95.477482][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.477497][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.484648][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 95.494129][ T2255] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 95.495253][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 95.550651][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 95.571448][ T2229] device veth0_vlan entered promiscuous mode [ 95.583288][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 95.593095][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 95.601386][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 95.609541][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 95.631689][ T2259] input: syz0 as /devices/virtual/input/input17 [ 95.633151][ T2229] device veth1_macvtap entered promiscuous mode [ 95.658781][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 95.676464][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 95.685525][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 95.694107][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 95.702452][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 95.775957][ T2277] loop3: detected capacity change from 0 to 512 [ 95.833687][ T2277] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 95.847971][ T2277] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038 (0x7fffffff) [ 95.873268][ T2277] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #3: block 13: comm syz.3.754: lblock 0 mapped to illegal pblock 13 (length 1) [ 95.908573][ T2277] EXT4-fs error (device loop3): ext4_acquire_dquot:6187: comm syz.3.754: Failed to acquire dquot type 0 [ 95.925219][ T2293] kvm: emulating exchange as write [ 95.928316][ T2286] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 95.940230][ T2229] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1) [ 95.955998][ T2229] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 95.966666][ T2286] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 95.974166][ T2229] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor: mark_inode_dirty error [ 96.031181][ T2229] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 96.041800][ T2229] EXT4-fs error (device loop3): ext4_quota_off:6476: inode #3: comm syz-executor: mark_inode_dirty error [ 96.057262][ T2229] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 96.070561][ T2229] EXT4-fs error (device loop3): ext4_quota_off:6476: inode #4: comm syz-executor: mark_inode_dirty error [ 96.244220][ T318] usb 5-1: device descriptor read/64, error -71 [ 96.337191][ T2321] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.354451][ T2321] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.370728][ T2321] device bridge_slave_0 entered promiscuous mode [ 96.398889][ T2320] loop2: detected capacity change from 0 to 40427 [ 96.406965][ T30] kauditd_printk_skb: 64 callbacks suppressed [ 96.406985][ T30] audit: type=1326 audit(1725932716.323:7457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.438365][ T2321] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.446670][ T2321] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.454226][ T2321] device bridge_slave_1 entered promiscuous mode [ 96.465119][ T30] audit: type=1326 audit(1725932716.323:7458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.471645][ T2320] F2FS-fs (loop2): invalid crc value [ 96.493301][ T30] audit: type=1326 audit(1725932716.323:7459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.519256][ T30] audit: type=1326 audit(1725932716.323:7460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.543966][ T30] audit: type=1326 audit(1725932716.323:7461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.549300][ T2320] F2FS-fs (loop2): Found nat_bits in checkpoint [ 96.568157][ T30] audit: type=1326 audit(1725932716.323:7462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.598342][ T30] audit: type=1326 audit(1725932716.323:7463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.625817][ T30] audit: type=1326 audit(1725932716.323:7464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.650765][ T30] audit: type=1326 audit(1725932716.323:7465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.675437][ T30] audit: type=1326 audit(1725932716.323:7466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2335 comm="syz.1.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317cfc1ef9 code=0x7ffc0000 [ 96.700732][ T2320] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 96.741027][ T296] attempt to access beyond end of device [ 96.741027][ T296] loop2: rw=2049, want=45104, limit=40427 [ 96.804777][ T2321] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.812025][ T2321] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.820564][ T2321] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.828122][ T2321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.854276][ T318] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11 [ 96.883046][ T318] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024 [ 96.918730][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 96.932215][ T316] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.942975][ T316] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.978729][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 96.987139][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.994619][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.003281][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 97.012399][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.020302][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.031349][ T8] device bridge_slave_1 left promiscuous mode [ 97.038068][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.047020][ T8] device bridge_slave_0 left promiscuous mode [ 97.053579][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.062309][ T8] device veth1_macvtap left promiscuous mode [ 97.069032][ T8] device veth0_vlan left promiscuous mode [ 97.075761][ T318] usb 5-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 97.085306][ T318] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.093614][ T318] usb 5-1: Product: syz [ 97.098424][ T318] usb 5-1: Manufacturer: syz [ 97.103399][ T318] usb 5-1: SerialNumber: syz [ 97.128854][ T318] usb 5-1: config 0 descriptor?? [ 97.154568][ T2282] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 97.170810][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 97.179500][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 97.191133][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 97.200046][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 97.214202][ T20] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 97.224600][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 97.235544][ T42] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 97.247183][ T2321] device veth0_vlan entered promiscuous mode [ 97.255403][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 97.268847][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 97.278299][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 97.286041][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 97.301249][ T2321] device veth1_macvtap entered promiscuous mode [ 97.308732][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 97.319236][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 97.327846][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 97.345897][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 97.354205][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 97.362379][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 97.370897][ T786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 97.399706][ T318] usb 5-1: USB disconnect, device number 15 [ 97.419475][ T603] udevd[603]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 97.458797][ T2365] loop1: detected capacity change from 0 to 1024 [ 97.478739][ T2365] EXT4-fs (loop1): Test dummy encryption mode enabled [ 97.495571][ T2365] EXT4-fs (loop1): Ignoring removed orlov option [ 97.512507][ T2365] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 97.574239][ T2376] loop3: detected capacity change from 0 to 1024 [ 97.591524][ T2376] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 97.600090][ T2376] EXT4-fs (loop3): orphan cleanup on readonly fs [ 97.607390][ T2376] EXT4-fs error (device loop3): ext4_free_blocks:6224: comm syz.3.817: Freeing blocks not in datazone - block = 0, count = 4096 [ 97.623897][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 97.623914][ T2376] EXT4-fs (loop3): 1 orphan inode deleted [ 97.623937][ T20] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.636445][ T2376] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 97.657339][ T20] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 97.680393][ T20] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.690627][ T20] usb 1-1: config 0 descriptor?? [ 97.855251][ T2396] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22 [ 97.865939][ T2396] SELinux: security_context_str_to_sid(staff_u) failed for (dev tmpfs, type tmpfs) errno=-22 [ 97.919267][ T2406] loop2: detected capacity change from 0 to 1024 [ 97.943854][ T2406] EXT4-fs (loop2): Test dummy encryption mode enabled [ 97.959233][ T2406] EXT4-fs (loop2): Ignoring removed orlov option [ 97.969355][ T2406] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback. [ 98.154345][ T2432] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 98.165457][ T20] hid (null): bogus close delimiter [ 98.173382][ T2432] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=65504 sclass=netlink_audit_socket pid=2432 comm=syz.1.836 [ 98.418300][ T20] usb 1-1: language id specifier not provided by device, defaulting to English [ 98.474124][ T42] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 98.644196][ T20] uclogic 0003:256C:006D.002F: failed retrieving Huion firmware version: -71 [ 98.654604][ T20] uclogic 0003:256C:006D.002F: failed probing parameters: -71 [ 98.662209][ T20] uclogic: probe of 0003:256C:006D.002F failed with error -71 [ 98.677655][ T20] usb 1-1: USB disconnect, device number 20 [ 98.844530][ T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11 [ 98.856269][ T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024 [ 99.024289][ T42] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 99.033794][ T42] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.042545][ T42] usb 4-1: Product: syz [ 99.047150][ T42] usb 4-1: Manufacturer: syz [ 99.051843][ T42] usb 4-1: SerialNumber: syz [ 99.057535][ T42] usb 4-1: config 0 descriptor?? [ 99.074471][ T2438] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 99.217406][ T2489] loop2: detected capacity change from 0 to 128 [ 99.277330][ T2489] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 99.307415][ T2489] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038 (0x7fffffff) [ 99.321274][ T42] usb 4-1: USB disconnect, device number 17 [ 199.543989][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 199.551031][ C0] rcu: 1-...!: (1 GPs behind) idle=9c5/1/0x4000000000000000 softirq=17427/17428 fqs=0 last_accelerate: b131/d847 dyntick_enabled: 1 [ 199.565003][ C0] (detected by 0, t=10005 jiffies, g=13849, q=566) [ 199.571382][ C0] Sending NMI from CPU 0 to CPUs 1: [ 199.576780][ C1] NMI backtrace for cpu 1 [ 199.576789][ C1] CPU: 1 PID: 2524 Comm: syz.1.882 Not tainted 5.15.158-syzkaller-00979-gc53388f01037 #0 [ 199.576806][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 199.576815][ C1] RIP: 0010:kvm_wait+0x117/0x180 [ 199.576838][ C1] Code: 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 53 41 0f b6 45 00 44 38 f0 0f 85 63 ff ff ff 66 90 0f 00 2d ca ec 12 04 f4 54 ff ff ff fa 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b [ 199.576851][ C1] RSP: 0000:ffffc90000b06e00 EFLAGS: 00000046 [ 199.576866][ C1] RAX: 0000000000000003 RBX: 1ffff92000160dc4 RCX: ffffffff81552fff [ 199.576877][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810a724ec0 [ 199.576888][ C1] RBP: ffffc90000b06eb0 R08: dffffc0000000000 R09: ffffed10214e49d9 [ 199.576898][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 199.576908][ C1] R13: ffff88810a724ec0 R14: 0000000000000003 R15: 1ffff92000160dc8 [ 199.576918][ C1] FS: 00007f317bc3b6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 199.576932][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 199.576943][ C1] CR2: ffffffffdfa50000 CR3: 000000010cf9a000 CR4: 00000000003506a0 [ 199.576959][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 199.576968][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 199.576978][ C1] Call Trace: [ 199.576984][ C1] [ 199.576993][ C1] ? show_regs+0x58/0x60 [ 199.577009][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 199.577028][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 199.577046][ C1] ? kvm_wait+0x117/0x180 [ 199.577060][ C1] ? kvm_wait+0x117/0x180 [ 199.577111][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 199.577128][ C1] ? nmi_handle+0xa8/0x280 [ 199.577143][ C1] ? kvm_wait+0x117/0x180 [ 199.577157][ C1] ? default_do_nmi+0x69/0x160 [ 199.577172][ C1] ? exc_nmi+0xad/0x100 [ 199.577185][ C1] ? end_repeat_nmi+0x16/0x31 [ 199.577201][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 199.577220][ C1] ? kvm_wait+0x117/0x180 [ 199.577234][ C1] ? kvm_wait+0x117/0x180 [ 199.577248][ C1] ? kvm_wait+0x117/0x180 [ 199.577261][ C1] [ 199.577266][ C1] [ 199.577271][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 199.577287][ C1] ? pv_hash+0x86/0x150 [ 199.577302][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 199.577320][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 199.577405][ C1] _raw_spin_lock_irqsave+0x1a0/0x210 [ 199.577425][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 199.577443][ C1] force_sig_info_to_task+0x72/0x440 [ 199.577459][ C1] ? search_extable+0xaf/0xf0 [ 199.577475][ C1] force_sig_fault+0x127/0x1d0 [ 199.577490][ C1] ? force_sig_fault_to_task+0x1c0/0x1c0 [ 199.577506][ C1] ? fixup_exception+0xbb9/0x13c0 [ 199.577521][ C1] kernelmode_fixup_or_oops+0x236/0x270 [ 199.577540][ C1] __bad_area_nosemaphore+0xcf/0x490 [ 199.577558][ C1] bad_area_nosemaphore+0x2d/0x40 [ 199.577574][ C1] do_kern_addr_fault+0x69/0x80 [ 199.577589][ C1] exc_page_fault+0x4eb/0x830 [ 199.577604][ C1] ? __stack_depot_save+0x34/0x470 [ 199.577618][ C1] ? __kasan_slab_alloc+0xc3/0xe0 [ 199.577632][ C1] ? __kasan_slab_alloc+0xb1/0xe0 [ 199.577645][ C1] ? slab_post_alloc_hook+0x53/0x2c0 [ 199.577660][ C1] ? kmem_cache_alloc+0xf5/0x200 [ 199.577675][ C1] ? __sigqueue_alloc+0x130/0x200 [ 199.577689][ C1] ? __send_signal+0x1fd/0xcb0 [ 199.577702][ C1] ? send_signal+0x43a/0x590 [ 199.577715][ C1] ? force_sig_info_to_task+0x2fe/0x440 [ 199.577729][ C1] ? force_sig_fault+0x127/0x1d0 [ 199.577742][ C1] ? kernelmode_fixup_or_oops+0x236/0x270 [ 199.577760][ C1] asm_exc_page_fault+0x27/0x30 [ 199.577775][ C1] RIP: 0010:strncpy_from_kernel_nofault+0x1c2/0x1e0 [ 199.577797][ C1] Code: c1 7c 9c 48 8b 7d c8 e8 cc c4 18 00 48 8b 75 c8 48 8b 55 d0 eb 89 89 f9 80 e1 07 38 c1 7c 96 e8 14 c5 18 00 48 8b 55 d0 eb 8b 69 73 d6 ff 48 c7 c3 f2 ff ff ff e9 45 ff ff ff 66 2e 0f 1f 84 [ 199.577809][ C1] RSP: 0000:ffffc90000b07548 EFLAGS: 00010046 [ 199.577825][ C1] RAX: 0000000000000000 RBX: ffffffffdfa50000 RCX: ffff888115b04f00 [ 199.577836][ C1] RDX: ffffc90000b075e8 RSI: ffffffffdfa50000 RDI: ffffffffdfa50000 [ 199.577847][ C1] RBP: ffffc90000b07590 R08: ffffffff81361f19 R09: ffffed1022b609e1 [ 199.577929][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 199.577940][ C1] R13: ffffffffdfa50000 R14: dffffc0000000000 R15: 0000000000000008 [ 199.577954][ C1] ? copy_from_kernel_nofault_allowed+0xa9/0x120 [ 199.577977][ C1] ? strncpy_from_kernel_nofault+0x41/0x1e0 [ 199.578010][ C1] bpf_probe_read_compat_str+0x112/0x180 [ 199.578028][ C1] bpf_prog_3b9dd6b9ec8089c9+0x3f/0x90c [ 199.578041][ C1] bpf_trace_run5+0x172/0x290 [ 199.578056][ C1] ? bpf_trace_run4+0x270/0x270 [ 199.578071][ C1] ? complete_signal+0x67e/0xd60 [ 199.578088][ C1] ? prepare_signal+0xc20/0xc20 [ 199.578102][ C1] __bpf_trace_signal_generate+0x3c/0x50 [ 199.578117][ C1] __send_signal+0xc52/0xcb0 [ 199.578132][ C1] send_signal+0x43a/0x590 [ 199.578147][ C1] force_sig_info_to_task+0x2fe/0x440 [ 199.578163][ C1] force_sig_fault+0x127/0x1d0 [ 199.578177][ C1] ? force_sig_fault_to_task+0x1c0/0x1c0 [ 199.578193][ C1] ? fixup_exception+0xbb9/0x13c0 [ 199.578206][ C1] ? ____kasan_slab_free+0x131/0x160 [ 199.578223][ C1] kernelmode_fixup_or_oops+0x236/0x270 [ 199.578240][ C1] __bad_area_nosemaphore+0xcf/0x490 [ 199.578257][ C1] bad_area+0x73/0x90 [ 199.578353][ C1] exc_page_fault+0x58d/0x830 [ 199.578375][ C1] asm_exc_page_fault+0x27/0x30 [ 199.578391][ C1] RIP: 0010:__put_user_nocheck_8+0x11/0x21 [ 199.578409][ C1] Code: 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f 00 00 48 39 d9 73 14 0f 01 cb 48 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 <0f> 01 ca b9 f2 ff ff ff c3 cc cc cc cc cc cc cc 55 48 89 e5 41 57 [ 199.578422][ C1] RSP: 0000:ffffc90000b07c98 EFLAGS: 00050283 [ 199.578437][ C1] RAX: 0000000066dfa4af RBX: 00007fffffffeff9 RCX: 0000000000000019 [ 199.578447][ C1] RDX: ffffc90000f19000 RSI: 00000000000009fa RDI: 00000000000009fb [ 199.578457][ C1] RBP: ffffc90000b07d60 R08: ffffffff81613ef5 R09: ffffc90000b07ce0 [ 199.578467][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000b07ce0 [ 199.578478][ C1] R13: dffffc0000000000 R14: 1ffff92000160f98 R15: 0000000000000019 [ 199.578489][ C1] ? ktime_get_real_ts64+0x215/0x340 [ 199.578506][ C1] ? __x64_sys_gettimeofday+0xf9/0x240 [ 199.578523][ C1] ? __ia32_sys_stime32+0x160/0x160 [ 199.578538][ C1] ? __secure_computing+0xf0/0x300 [ 199.578553][ C1] emulate_vsyscall+0xed6/0x13f0 [ 199.578571][ C1] exc_page_fault+0x187/0x830 [ 199.578590][ C1] asm_exc_page_fault+0x27/0x30 [ 199.578605][ C1] RIP: 0033:_end+0x77fda000/0x0 [ 199.578619][ C1] Code: Unable to access opcode bytes at RIP 0xffffffffff5fffd6. [ 199.578626][ C1] RSP: 002b:00007f317bc3aa78 EFLAGS: 00010246 [ 199.578638][ C1] RAX: ffffffffffffffda RBX: 00007f317d179f80 RCX: 00007f317cfc1ef9 [ 199.578648][ C1] RDX: 00007f317bc3aa80 RSI: 00007f317bc3abb0 RDI: 0000000000000019 [ 199.578657][ C1] RBP: 00007f317d0349f6 R08: 0000000000000000 R09: 0000000000000000 [ 199.578667][ C1] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 199.578676][ C1] R13: 0000000000000000 R14: 00007f317d179f80 R15: 00007ffea8220fd8 [ 199.578688][ C1] [ 199.578741][ C0] rcu: rcu_preempt kthread starved for 10005 jiffies! g13849 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 200.307856][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 200.317830][ C0] rcu: RCU grace-period kthread stack dump: [ 200.323947][ C0] task:rcu_preempt state:R running task stack:28288 pid: 14 ppid: 2 flags:0x00004000 [ 200.334961][ C0] Call Trace: [ 200.338075][ C0] [ 200.341210][ C0] __schedule+0xccc/0x1590 [ 200.345731][ C0] ? release_firmware_map_entry+0x190/0x190 [ 200.351546][ C0] ? __kasan_check_write+0x14/0x20 [ 200.356703][ C0] schedule+0x11f/0x1e0 [ 200.360779][ C0] schedule_timeout+0x18c/0x370 [ 200.365646][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 200.370678][ C0] ? console_conditional_schedule+0x30/0x30 [ 200.376581][ C0] ? update_process_times+0x200/0x200 [ 200.381943][ C0] ? prepare_to_swait_event+0x308/0x320 [ 200.387525][ C0] rcu_gp_fqs_loop+0x2af/0xf80 [ 200.392292][ C0] ? debug_smp_processor_id+0x17/0x20 [ 200.397609][ C0] ? __note_gp_changes+0x4ab/0x920 [ 200.403219][ C0] ? rcu_gp_init+0xc30/0xc30 [ 200.407960][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 200.413333][ C0] ? rcu_gp_init+0x9cf/0xc30 [ 200.418460][ C0] rcu_gp_kthread+0xa4/0x350 [ 200.422951][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 200.428171][ C0] ? wake_nocb_gp+0x1e0/0x1e0 [ 200.432719][ C0] ? __kasan_check_read+0x11/0x20 [ 200.437750][ C0] ? __kthread_parkme+0xb2/0x200 [ 200.442611][ C0] kthread+0x421/0x510 [ 200.446806][ C0] ? wake_nocb_gp+0x1e0/0x1e0 [ 200.451410][ C0] ? kthread_blkcg+0xd0/0xd0 [ 200.455835][ C0] ret_from_fork+0x1f/0x30 [ 200.460093][ C0] [ 200.462954][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 200.470777][ C0] NMI backtrace for cpu 0 [ 200.475105][ C0] CPU: 0 PID: 318 Comm: kworker/0:4 Not tainted 5.15.158-syzkaller-00979-gc53388f01037 #0 [ 200.485513][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 200.495578][ C0] Workqueue: events bpf_prog_free_deferred [ 200.501467][ C0] Call Trace: [ 200.504595][ C0] [ 200.507582][ C0] dump_stack_lvl+0x151/0x1c0 [ 200.512095][ C0] ? io_uring_drop_tctx_refs+0x190/0x190 [ 200.517734][ C0] dump_stack+0x15/0x20 [ 200.521918][ C0] nmi_cpu_backtrace+0x2f7/0x300 [ 200.526759][ C0] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 200.532943][ C0] ? panic+0x760/0x760 [ 200.537090][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 200.543082][ C0] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 200.548919][ C0] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 200.555154][ C0] arch_trigger_cpumask_backtrace+0x10/0x20 [ 200.561413][ C0] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 200.567393][ C0] print_other_cpu_stall+0x112d/0x1340 [ 200.572686][ C0] ? print_cpu_stall+0x5f0/0x5f0 [ 200.577636][ C0] rcu_sched_clock_irq+0xaec/0x12f0 [ 200.582846][ C0] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 200.588970][ C0] ? hrtimer_run_queues+0x15f/0x440 [ 200.594003][ C0] update_process_times+0x198/0x200 [ 200.599036][ C0] tick_sched_timer+0x188/0x240 [ 200.603719][ C0] ? tick_setup_sched_timer+0x480/0x480 [ 200.609102][ C0] __hrtimer_run_queues+0x41a/0xad0 [ 200.614143][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 200.619084][ C0] ? clockevents_program_event+0x22f/0x300 [ 200.624727][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 200.630803][ C0] hrtimer_interrupt+0x40c/0xaa0 [ 200.635586][ C0] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 200.641305][ C0] sysvec_apic_timer_interrupt+0x95/0xc0 [ 200.646775][ C0] [ 200.650128][ C0] [ 200.652932][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 200.659202][ C0] RIP: 0010:smp_call_function_many_cond+0x84c/0x9b0 [ 200.665913][ C0] Code: 01 31 ff e8 f6 a8 0a 00 41 83 e7 01 49 bf 00 00 00 00 00 fc ff df 75 07 e8 31 a5 0a 00 eb 38 f3 90 42 0f b6 04 3b 84 c0 75 11 <41> f7 45 00 01 00 00 00 74 1e e8 15 a5 0a 00 eb e4 44 89 e9 80 e1 [ 200.686486][ C0] RSP: 0018:ffffc900055e7880 EFLAGS: 00000246 [ 200.692471][ C0] RAX: 0000000000000000 RBX: 1ffff1103ee2784d RCX: ffff88810a6862c0 [ 200.700454][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 200.708657][ C0] RBP: ffffc900055e7988 R08: ffffffff8165c7ba R09: ffffc900055e77c0 [ 200.716728][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001 [ 200.724801][ C0] R13: ffff8881f713c268 R14: ffff8881f7038e80 R15: dffffc0000000000 [ 200.733753][ C0] ? smp_call_function_many_cond+0x82a/0x9b0 [ 200.740321][ C0] ? flush_tlb_all+0x30/0x30 [ 200.745383][ C0] ? smp_call_function_many+0x40/0x40 [ 200.750760][ C0] ? __kasan_check_write+0x14/0x20 [ 200.755980][ C0] ? _raw_spin_lock+0xa4/0x1b0 [ 200.760595][ C0] ? flush_tlb_all+0x30/0x30 [ 200.765154][ C0] on_each_cpu_cond_mask+0x40/0x80 [ 200.770183][ C0] flush_tlb_kernel_range+0x49/0x210 [ 200.775390][ C0] __purge_vmap_area_lazy+0x230/0x1690 [ 200.780944][ C0] ? cpumask_next+0x8a/0xb0 [ 200.785276][ C0] ? purge_fragmented_blocks_allcpus+0x80b/0x920 [ 200.791565][ C0] ? purge_fragmented_blocks_allcpus+0x89b/0x920 [ 200.797905][ C0] ? mutex_lock+0xb6/0x1e0 [ 200.802159][ C0] ? purge_fragmented_blocks_allcpus+0x920/0x920 [ 200.808319][ C0] _vm_unmap_aliases+0x339/0x3b0 [ 200.813106][ C0] __vunmap+0x617/0x8f0 [ 200.817084][ C0] vfree+0x7f/0xb0 [ 200.820638][ C0] module_memfree+0x17/0x30 [ 200.824978][ C0] bpf_jit_free_exec+0x15/0x20 [ 200.829777][ C0] bpf_jit_free+0x98/0x240 [ 200.834294][ C0] bpf_prog_free_deferred+0x61e/0x730 [ 200.839520][ C0] process_one_work+0x6bb/0xc10 [ 200.844458][ C0] worker_thread+0xad5/0x12a0 [ 200.848978][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 200.853928][ C0] kthread+0x421/0x510 [ 200.857815][ C0] ? worker_clr_flags+0x180/0x180 [ 200.862770][ C0] ? kthread_blkcg+0xd0/0xd0 [ 200.867329][ C0] ret_from_fork+0x1f/0x30 [ 200.871543][ C0] [ 331.579289][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 225s! [kworker/0:4:318] [ 331.588993][ C0] Modules linked in: [ 331.592937][ C0] CPU: 0 PID: 318 Comm: kworker/0:4 Not tainted 5.15.158-syzkaller-00979-gc53388f01037 #0 [ 331.603711][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 331.614189][ C0] Workqueue: events bpf_prog_free_deferred [ 331.619985][ C0] RIP: 0010:smp_call_function_many_cond+0x843/0x9b0 [ 331.626647][ C0] Code: 45 8b 7d 00 44 89 fe 83 e6 01 31 ff e8 f6 a8 0a 00 41 83 e7 01 49 bf 00 00 00 00 00 fc ff df 75 07 e8 31 a5 0a 00 eb 38 f3 90 <42> 0f b6 04 3b 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 15 a5 [ 331.647686][ C0] RSP: 0018:ffffc900055e7880 EFLAGS: 00000293 [ 331.653601][ C0] RAX: ffffffff8165c7eb RBX: 1ffff1103ee2784d RCX: ffff88810a6862c0 [ 331.661589][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 331.670078][ C0] RBP: ffffc900055e7988 R08: ffffffff8165c7ba R09: ffffc900055e77c0 [ 331.677989][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000001 [ 331.686434][ C0] R13: ffff8881f713c268 R14: ffff8881f7038e80 R15: dffffc0000000000 [ 331.694822][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 331.704321][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 331.710781][ C0] CR2: 00007f56756ff000 CR3: 000000011ee2e000 CR4: 00000000003506b0 [ 331.718798][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 331.727158][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 331.735368][ C0] Call Trace: [ 331.738596][ C0] [ 331.741771][ C0] ? show_regs+0x58/0x60 [ 331.746656][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 331.752057][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 331.757923][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 331.763646][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 331.769115][ C0] ? clockevents_program_event+0x22f/0x300 [ 331.774854][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 331.781189][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 331.786286][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 331.792144][ C0] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 331.798395][ C0] [ 331.801305][ C0] [ 331.804123][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 331.810290][ C0] ? smp_call_function_many_cond+0x82a/0x9b0 [ 331.816076][ C0] ? smp_call_function_many_cond+0x85b/0x9b0 [ 331.822040][ C0] ? smp_call_function_many_cond+0x843/0x9b0 [ 331.827954][ C0] ? flush_tlb_all+0x30/0x30 [ 331.832467][ C0] ? smp_call_function_many+0x40/0x40 [ 331.838357][ C0] ? __kasan_check_write+0x14/0x20 [ 331.843393][ C0] ? _raw_spin_lock+0xa4/0x1b0 [ 331.848161][ C0] ? flush_tlb_all+0x30/0x30 [ 331.852684][ C0] on_each_cpu_cond_mask+0x40/0x80 [ 331.857805][ C0] flush_tlb_kernel_range+0x49/0x210 [ 331.863093][ C0] __purge_vmap_area_lazy+0x230/0x1690 [ 331.868562][ C0] ? cpumask_next+0x8a/0xb0 [ 331.872905][ C0] ? purge_fragmented_blocks_allcpus+0x80b/0x920 [ 331.879587][ C0] ? purge_fragmented_blocks_allcpus+0x89b/0x920 [ 331.886028][ C0] ? mutex_lock+0xb6/0x1e0 [ 331.890349][ C0] ? purge_fragmented_blocks_allcpus+0x920/0x920 [ 331.896688][ C0] _vm_unmap_aliases+0x339/0x3b0 [ 331.901808][ C0] __vunmap+0x617/0x8f0 [ 331.905800][ C0] vfree+0x7f/0xb0 [ 331.909534][ C0] module_memfree+0x17/0x30 [ 331.913878][ C0] bpf_jit_free_exec+0x15/0x20 [ 331.918918][ C0] bpf_jit_free+0x98/0x240 [ 331.923164][ C0] bpf_prog_free_deferred+0x61e/0x730 [ 331.928691][ C0] process_one_work+0x6bb/0xc10 [ 331.933718][ C0] worker_thread+0xad5/0x12a0 [ 331.938439][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 331.943210][ C0] kthread+0x421/0x510 [ 331.947107][ C0] ? worker_clr_flags+0x180/0x180 [ 331.952280][ C0] ? kthread_blkcg+0xd0/0xd0 [ 331.956865][ C0] ret_from_fork+0x1f/0x30 [ 331.961397][ C0] [ 331.964399][ C0] Sending NMI from CPU 0 to CPUs 1: [ 331.969611][ C1] NMI backtrace for cpu 1 [ 331.969620][ C1] CPU: 1 PID: 2524 Comm: syz.1.882 Not tainted 5.15.158-syzkaller-00979-gc53388f01037 #0 [ 331.969637][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 331.969645][ C1] RIP: 0010:kvm_wait+0x117/0x180 [ 331.969665][ C1] Code: 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 53 41 0f b6 45 00 44 38 f0 0f 85 63 ff ff ff 66 90 0f 00 2d ca ec 12 04 f4 54 ff ff ff fa 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b [ 331.969677][ C1] RSP: 0000:ffffc90000b06e00 EFLAGS: 00000046 [ 331.969693][ C1] RAX: 0000000000000003 RBX: 1ffff92000160dc4 RCX: ffffffff81552fff [ 331.969704][ C1] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810a724ec0 [ 331.969714][ C1] RBP: ffffc90000b06eb0 R08: dffffc0000000000 R09: ffffed10214e49d9 [ 331.969725][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 331.969735][ C1] R13: ffff88810a724ec0 R14: 0000000000000003 R15: 1ffff92000160dc8 [ 331.969746][ C1] FS: 00007f317bc3b6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 331.969759][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 331.969770][ C1] CR2: ffffffffdfa50000 CR3: 000000010cf9a000 CR4: 00000000003506a0 [ 331.969786][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 331.969795][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 331.969805][ C1] Call Trace: [ 331.969854][ C1] [ 331.969860][ C1] ? show_regs+0x58/0x60 [ 331.969876][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 331.969894][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 331.969913][ C1] ? kvm_wait+0x117/0x180 [ 331.969925][ C1] ? kvm_wait+0x117/0x180 [ 331.969938][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 331.969954][ C1] ? nmi_handle+0xa8/0x280 [ 331.969969][ C1] ? kvm_wait+0x117/0x180 [ 331.969981][ C1] ? kvm_wait+0x117/0x180 [ 331.969994][ C1] ? default_do_nmi+0x69/0x160 [ 331.970009][ C1] ? exc_nmi+0xad/0x100 [ 331.970022][ C1] ? end_repeat_nmi+0x16/0x31 [ 331.970037][ C1] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 331.970055][ C1] ? kvm_wait+0x117/0x180 [ 331.970068][ C1] ? kvm_wait+0x117/0x180 [ 331.970081][ C1] ? kvm_wait+0x117/0x180 [ 331.970094][ C1] [ 331.970098][ C1] [ 331.970104][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 331.970118][ C1] ? pv_hash+0x86/0x150 [ 331.970132][ C1] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 331.970149][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 331.970167][ C1] _raw_spin_lock_irqsave+0x1a0/0x210 [ 331.970183][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 331.970200][ C1] force_sig_info_to_task+0x72/0x440 [ 331.970216][ C1] ? search_extable+0xaf/0xf0 [ 331.970231][ C1] force_sig_fault+0x127/0x1d0 [ 331.970246][ C1] ? force_sig_fault_to_task+0x1c0/0x1c0 [ 331.970261][ C1] ? fixup_exception+0xbb9/0x13c0 [ 331.970277][ C1] kernelmode_fixup_or_oops+0x236/0x270 [ 331.970294][ C1] __bad_area_nosemaphore+0xcf/0x490 [ 331.970312][ C1] bad_area_nosemaphore+0x2d/0x40 [ 331.970327][ C1] do_kern_addr_fault+0x69/0x80 [ 331.970343][ C1] exc_page_fault+0x4eb/0x830 [ 331.970357][ C1] ? __stack_depot_save+0x34/0x470 [ 331.970371][ C1] ? __kasan_slab_alloc+0xc3/0xe0 [ 331.970385][ C1] ? __kasan_slab_alloc+0xb1/0xe0 [ 331.970398][ C1] ? slab_post_alloc_hook+0x53/0x2c0 [ 331.970435][ C1] ? kmem_cache_alloc+0xf5/0x200 [ 331.970449][ C1] ? __sigqueue_alloc+0x130/0x200 [ 331.970462][ C1] ? __send_signal+0x1fd/0xcb0 [ 331.970476][ C1] ? send_signal+0x43a/0x590 [ 331.970488][ C1] ? force_sig_info_to_task+0x2fe/0x440 [ 331.970502][ C1] ? force_sig_fault+0x127/0x1d0 [ 331.970515][ C1] ? kernelmode_fixup_or_oops+0x236/0x270 [ 331.970532][ C1] asm_exc_page_fault+0x27/0x30 [ 331.970548][ C1] RIP: 0010:strncpy_from_kernel_nofault+0x1c2/0x1e0 [ 331.970568][ C1] Code: c1 7c 9c 48 8b 7d c8 e8 cc c4 18 00 48 8b 75 c8 48 8b 55 d0 eb 89 89 f9 80 e1 07 38 c1 7c 96 e8 14 c5 18 00 48 8b 55 d0 eb 8b 69 73 d6 ff 48 c7 c3 f2 ff ff ff e9 45 ff ff ff 66 2e 0f 1f 84 [ 331.970580][ C1] RSP: 0000:ffffc90000b07548 EFLAGS: 00010046 [ 331.970592][ C1] RAX: 0000000000000000 RBX: ffffffffdfa50000 RCX: ffff888115b04f00 [ 331.970602][ C1] RDX: ffffc90000b075e8 RSI: ffffffffdfa50000 RDI: ffffffffdfa50000 [ 331.970612][ C1] RBP: ffffc90000b07590 R08: ffffffff81361f19 R09: ffffed1022b609e1 [ 331.970622][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 331.970631][ C1] R13: ffffffffdfa50000 R14: dffffc0000000000 R15: 0000000000000008 [ 331.970642][ C1] ? copy_from_kernel_nofault_allowed+0xa9/0x120 [ 331.970660][ C1] ? strncpy_from_kernel_nofault+0x41/0x1e0 [ 331.970677][ C1] bpf_probe_read_compat_str+0x112/0x180 [ 331.970694][ C1] bpf_prog_3b9dd6b9ec8089c9+0x3f/0x90c [ 331.970707][ C1] bpf_trace_run5+0x172/0x290 [ 331.970723][ C1] ? bpf_trace_run4+0x270/0x270 [ 331.970737][ C1] ? complete_signal+0x67e/0xd60 [ 331.970752][ C1] ? prepare_signal+0xc20/0xc20 [ 331.970767][ C1] __bpf_trace_signal_generate+0x3c/0x50 [ 331.970782][ C1] __send_signal+0xc52/0xcb0 [ 331.970797][ C1] send_signal+0x43a/0x590 [ 331.970811][ C1] force_sig_info_to_task+0x2fe/0x440 [ 331.970827][ C1] force_sig_fault+0x127/0x1d0 [ 331.970841][ C1] ? force_sig_fault_to_task+0x1c0/0x1c0 [ 331.970856][ C1] ? fixup_exception+0xbb9/0x13c0 [ 331.970869][ C1] ? ____kasan_slab_free+0x131/0x160 [ 331.970884][ C1] kernelmode_fixup_or_oops+0x236/0x270 [ 331.970901][ C1] __bad_area_nosemaphore+0xcf/0x490 [ 331.970918][ C1] bad_area+0x73/0x90 [ 331.970933][ C1] exc_page_fault+0x58d/0x830 [ 331.970951][ C1] asm_exc_page_fault+0x27/0x30 [ 331.970965][ C1] RIP: 0010:__put_user_nocheck_8+0x11/0x21 [ 331.970980][ C1] Code: 0f 01 ca c3 66 0f 1f 44 00 00 48 bb f9 ef ff ff ff 7f 00 00 48 39 d9 73 14 0f 01 cb 48 89 01 31 c9 0f 01 ca c3 0f 1f 44 00 00 <0f> 01 ca b9 f2 ff ff ff c3 cc cc cc cc cc cc cc 55 48 89 e5 41 57 [ 331.970991][ C1] RSP: 0000:ffffc90000b07c98 EFLAGS: 00050283 [ 331.971002][ C1] RAX: 0000000066dfa4af RBX: 00007fffffffeff9 RCX: 0000000000000019 [ 331.971012][ C1] RDX: ffffc90000f19000 RSI: 00000000000009fa RDI: 00000000000009fb [ 331.971021][ C1] RBP: ffffc90000b07d60 R08: ffffffff81613ef5 R09: ffffc90000b07ce0 [ 331.971032][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000b07ce0 [ 331.971041][ C1] R13: dffffc0000000000 R14: 1ffff92000160f98 R15: 0000000000000019 [ 331.971053][ C1] ? ktime_get_real_ts64+0x215/0x340 [ 331.971070][ C1] ? __x64_sys_gettimeofday+0xf9/0x240 [ 331.971086][ C1] ? __ia32_sys_stime32+0x160/0x160 [ 331.971101][ C1] ? __secure_computing+0xf0/0x300 [ 331.971116][ C1] emulate_vsyscall+0xed6/0x13f0 [ 331.971132][ C1] exc_page_fault+0x187/0x830 [ 331.971150][ C1] asm_exc_page_fault+0x27/0x30 [ 331.971164][ C1] RIP: 0033:_end+0x77fda000/0x0 [ 331.971179][ C1] Code: Unable to access opcode bytes at RIP 0xffffffffff5fffd6. [ 331.971186][ C1] RSP: 002b:00007f317bc3aa78 EFLAGS: 00010246 [ 331.971197][ C1] RAX: ffffffffffffffda RBX: 00007f317d179f80 RCX: 00007f317cfc1ef9 [ 331.971207][ C1] RDX: 00007f317bc3aa80 RSI: 00007f317bc3abb0 RDI: 0000000000000019 [ 331.971216][ C1] RBP: 00007f317d0349f6 R08: 0000000000000000 R09: 0000000000000000 [ 331.971225][ C1] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 331.971233][ C1] R13: 0000000000000000 R14: 00007f317d179f80 R15: 00007ffea8220fd8 [ 331.971246][ C1]