last executing test programs: 25.434110291s ago: executing program 4 (id=204): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000340)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000008c0)={0x44, &(0x7f00000005c0)=ANY=[@ANYBLOB="000e46"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e21}, 0x6e) 23.772001666s ago: executing program 4 (id=255): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940)) 23.743952377s ago: executing program 4 (id=257): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10) 23.676646677s ago: executing program 4 (id=263): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044e, &(0x7f00000001c0)={[{@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") mount$incfs(&(0x7f0000000300)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000280), 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) r1 = openat$incfs(r0, &(0x7f0000000040)='.pending_reads\x00', 0x10b441, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f00000000c0)={{'\x00', 0x3}, {}, 0x103, 0x0, 0x0, 0x0, &(0x7f00000001c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0, 0x0, 0x0}) 23.50289055s ago: executing program 4 (id=271): r0 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe) connect$vsock_stream(r0, &(0x7f0000000240)={0x28, 0x0, 0x2710, @local}, 0x10) shutdown(r0, 0x1) writev(r0, &(0x7f0000000d40)=[{&(0x7f0000003680)="861009bc4337", 0x6}], 0x1) 23.395942321s ago: executing program 4 (id=279): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 23.308532153s ago: executing program 32 (id=279): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 12.271987287s ago: executing program 1 (id=554): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000005c0)='syz_tun\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x20000844, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) syz_emit_ethernet(0xab, &(0x7f0000000100)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x9d, 0x64, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10}, {"9b06b613cb563743651ec10953f064b31ded6c8f487f6a2d57c4d6824f6fffc8d7011abfbc07ec839f8f253d57f161507a9cb99c40a4ff46dd60cd5bde6ffdde0f03c1b3b126c4b6d1eb7151e887b1e9b400c247849da223a1442246bc3171641f8ec357e1b91f90a2d97773bb8b2858bc5f178afb"}}}}}}, 0x0) 12.223483028s ago: executing program 1 (id=556): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@lazytime}, {@nomblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@nombcache}, {@quota}, {@quota}]}, 0xff, 0x443, &(0x7f0000000940)="$eJzs3MtvG0UYAPBv10mgLxJKefQBBMqj4pE0aYEeuIBA4gASEhzKMSRpVeo2qAkSrSoICJUjqsQdcUTiL+BELwg4IXGFAzdUqUK9tHAyWnu3cYztNsbuQv37SevM7I4182V37JmdbAIYWpPZSxKxNSJ+iYjxRnZ9gcnGj6uXz87/efnsfBK12ht/JPVyVy6fnS+KFu/bkmf2pRHpJ0nsblPv8ukzx+eq1cVTeX565cS708unzzx97MTc0cWjiydnDx06eGDmuWdnn+lLnFlcV3Z9sLRn5ytvnX9t/vD5t3/4Oinib4mjTya7HXy0VutzdeXa1pRORkpsCBtSiYjsdI3W+/94VGLt5I3Hyx+X2jhgoGq5DodXa8AtLImyWwCUo/iiz+a/xXbzRh/lu/RCYwKUxX013xpHRiLNy4y2zG/7aTIiDq/+9UW2xWDuQwAArPNtNv55qt34L417msrdka+hTETEnRGxPSLuiogdEXF3RL3svRFx3wbrb10k+ef4J73YU2A3KBv/PZ+vba0f/xWjv5io5Llt9fhHkyPHqov7G8dWs5csP9Oljgsv/fxZp2PN479sy+ovxoJ5Oy6O3Lb+PQtzK3O9xtvq0kcRu0baxZ9cWwlIImJnROzqsY5jT3y1p9Ox68ffRR/WmWpfRjzeOP+r0RJ/Iem+Pjl9e1QX9083XRUtfvzp3Oud6v9X8fdBdv43t73+r8U/kTSv1y5vvI5zv37acU7T6/U/lrxZT4/l+96fW1k5NRMxlrzaaHTz/tm19xb5onwW/7697fv/9lj7TeyOiOwivj8iHoiIB/O2PxQRD0fE3i7xf//iI+/0Hv9gZfEvbOj8ryXGonVP+0Tl+HffrKt0YiPxZ+f/YD21L99T//xLusd1I+3q7WoGAACA/580IrZGkk5dS6fp1FTjb/h3xOa0urS88uSRpfdOLjSeEZiI0bS40zXedD90Jp/WF/nZlvyB/L7x55VN9fzU/FJ1oezgYcht6dD/M79Xym4dMHCe14Lhpf/D8NL/YXjp/zC82vT/TWW0A7j52n3/fxgRFx4roTHATdXS/y37wRAx/4fhpf/D8LqB/v/brfXvqoGIWN4U139IfrCJSpRZu0SPiUj/E82QGFCi7E8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg7AAD//9aZ7PU=") 12.08202146s ago: executing program 1 (id=558): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)=ANY=[@ANYBLOB="fe"]) 11.907748533s ago: executing program 1 (id=560): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x185093, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000040)='./file0\x00', r1, &(0x7f0000000180)='./file0\x00', 0x160) 11.051417026s ago: executing program 1 (id=584): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0) 10.951556557s ago: executing program 1 (id=588): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x9d, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001400)={{r0}, &(0x7f0000001380), &(0x7f00000013c0)='%-010d \x00'}, 0x20) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000080), 0x0}, 0x20) 10.910484037s ago: executing program 33 (id=588): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x9d, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001400)={{r0}, &(0x7f0000001380), &(0x7f00000013c0)='%-010d \x00'}, 0x20) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000080), 0x0}, 0x20) 3.190804362s ago: executing program 2 (id=737): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000000)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)={0x40, 0x13, 0x6, @multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "7f00"}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000740)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="00121e"], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(r0, 0x0, 0x0) 2.261200736s ago: executing program 6 (id=745): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000380)={0x26b0, 0x1, 0xffffffff, 0x3, 0x16, "28c4d95d3933aabcf900"}) 1.387426349s ago: executing program 6 (id=780): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='attr/prev\x00') r1 = creat(&(0x7f0000000080)='./file0\x00', 0x8d) close(r1) socket$tipc(0x1e, 0x2, 0x0) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 1.35211906s ago: executing program 6 (id=781): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r1}, 0x10) setitimer(0x2, 0x0, 0x0) 1.32783148s ago: executing program 6 (id=782): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x3d, &(0x7f0000000000)='cgroup\x00\x8d\f\xf3\xcd\xc6X$\x01n-Hg\x144-.\xe2\x053\xe2\xf4\xbf[\xe9\xdddU\x91\x9d,\t\x8d\xc3@\x86,\x7f\xe2Z\xe8L\x80\xdbe~c\xbc\x9b\xcf\x9b\x1cH\x95\xf3'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2, 0x0, @void, @value}, 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[], 0x10) 1.31566936s ago: executing program 6 (id=783): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./file0\x00') unlinkat(r0, &(0x7f0000000280)='./file0\x00', 0x200) unlink(&(0x7f0000000140)='./file1\x00') 1.171853412s ago: executing program 6 (id=786): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) readv(0xffffffffffffffff, &(0x7f0000000380), 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) getrandom(0x0, 0x0, 0x1) 1.108829853s ago: executing program 2 (id=787): pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x60680, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f00000000c0)=0x3ff) sendfile(r0, r1, 0x0, 0x10ffff) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0xd, 0x102, 0x100002, 0xf36, 0x11, "749412b104d57af63d72010000000900"}) 1.000962605s ago: executing program 2 (id=789): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r0}, 0x10) r1 = socket(0xa, 0x2400000001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000300)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) 910.582846ms ago: executing program 2 (id=793): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x8002, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20) 841.987837ms ago: executing program 2 (id=796): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 739.278929ms ago: executing program 2 (id=801): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x18) r1 = epoll_create1(0x0) syz_usb_connect(0x4, 0x24, 0x0, 0x0) epoll_pwait(r1, &(0x7f0000000080)=[{}], 0x1, 0x4c6, 0x0, 0x0) 732.161089ms ago: executing program 0 (id=802): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008204"]) 607.355811ms ago: executing program 0 (id=806): r0 = socket$inet6(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r1}, 0x10) sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) 467.541733ms ago: executing program 0 (id=809): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000d"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x8}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 460.227813ms ago: executing program 5 (id=810): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000001c000000000000002300850000000700000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r1, 0x0) syz_open_procfs(0x0, 0x0) 440.176093ms ago: executing program 5 (id=812): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xf, &(0x7f00000016c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000840)=ANY=[@ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="05"], 0x10) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000840)=ANY=[], 0x10) 409.117694ms ago: executing program 5 (id=813): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newlink={0x48, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20, 0x20}}}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 388.988674ms ago: executing program 3 (id=814): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x40) 388.318924ms ago: executing program 0 (id=815): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x2, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x1}, 0xe) r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, 0x0) 371.718694ms ago: executing program 0 (id=816): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10) ioprio_set$uid(0x3, 0x0, 0x4004) 344.745714ms ago: executing program 0 (id=817): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xfc, {"a2e3ad0e090d07f91b5e1a1887f70706d038e7ff7fc6e5539b0d3c0a8b089b3f32356e030890e0879b0a4cc6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07732f0acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xffffffffffffff34}}, 0x1006) syz_usb_ep_write(r0, 0x81, 0xffffff75, &(0x7f00000002c0)="b9425b44651dd23241963599000000110000004a16941ff5f4b4f1f0add7fcf2b877fceafffffffffff1ffdf4cd9f5d3969890522c77157d88010000003a5bd5531d459dffff03000000000091ff000000e8f5b3371da3635b8b4fa637135800001f65e4b436aa9e50bc0f19b7d3372ff9ebcede1fb5e9428f54d5d1f0cc752cf246a5d2da34a5aa97dc14a469c3dd3e26b41c356484e46fd66e3f2c7807e8773eed7b94fa099ab84feadec2ea95f65bba452eae5b0900f98a979a88c517a2dc360a00237723e2f467af706ea17226296b3a10a351cb47aba2c6b836c90679b4dd859ddc9e4800448aab0000000000000d75f34bb50d8d7084") 313.152385ms ago: executing program 5 (id=818): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 296.474795ms ago: executing program 3 (id=819): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = socket$xdp(0x2c, 0x3, 0x0) mremap(&(0x7f0000186000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00000ad000/0x3000)=nil) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x201000, 0x1000}, 0x20) 244.168576ms ago: executing program 3 (id=820): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x80}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 117.649768ms ago: executing program 3 (id=821): r0 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) socket$nl_route(0x10, 0x3, 0x0) write$selinux_user(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='system_u::bject_r:auth_cache_t r'], 0x27) 62.597999ms ago: executing program 3 (id=822): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0) fcntl$lock(r0, 0x26, &(0x7f0000000000)={0x0, 0x1, 0x62}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x2a12}) fcntl$lock(r0, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x1000001fd}) 37.950269ms ago: executing program 5 (id=823): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x10) fcntl$setstatus(r0, 0x4, 0x0) r1 = dup(r0) copy_file_range(r0, 0x0, r1, 0x0, 0x0, 0x0) 1.706ms ago: executing program 3 (id=824): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 0s ago: executing program 5 (id=825): r0 = getpid() r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10) process_vm_readv(r0, 0x0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.10.45' (ED25519) to the list of known hosts. [ 25.025594][ T28] audit: type=1400 audit(1749776957.686:64): avc: denied { mounton } for pid=274 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 25.027039][ T274] cgroup: Unknown subsys name 'net' [ 25.048489][ T28] audit: type=1400 audit(1749776957.686:65): avc: denied { mount } for pid=274 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 25.075954][ T28] audit: type=1400 audit(1749776957.716:66): avc: denied { unmount } for pid=274 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 25.076138][ T274] cgroup: Unknown subsys name 'devices' [ 25.220448][ T274] cgroup: Unknown subsys name 'hugetlb' [ 25.226099][ T274] cgroup: Unknown subsys name 'rlimit' [ 25.332963][ T28] audit: type=1400 audit(1749776957.996:67): avc: denied { setattr } for pid=274 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 25.356438][ T28] audit: type=1400 audit(1749776957.996:68): avc: denied { mounton } for pid=274 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 Setting up swapspace version 1, size = 127995904 bytes [ 25.380430][ T276] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 25.381429][ T28] audit: type=1400 audit(1749776957.996:69): avc: denied { mount } for pid=274 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 25.412891][ T28] audit: type=1400 audit(1749776958.056:70): avc: denied { relabelto } for pid=276 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.438368][ T28] audit: type=1400 audit(1749776958.056:71): avc: denied { write } for pid=276 comm="mkswap" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.457511][ T274] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 25.464263][ T28] audit: type=1400 audit(1749776958.106:72): avc: denied { read } for pid=274 comm="syz-executor" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 25.498471][ T28] audit: type=1400 audit(1749776958.106:73): avc: denied { open } for pid=274 comm="syz-executor" path="/root/swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 26.222366][ T282] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.229489][ T282] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.237618][ T282] device bridge_slave_0 entered promiscuous mode [ 26.246527][ T282] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.253803][ T282] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.261417][ T282] device bridge_slave_1 entered promiscuous mode [ 26.411427][ T284] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.418793][ T284] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.426225][ T284] device bridge_slave_0 entered promiscuous mode [ 26.434822][ T284] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.442003][ T284] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.449555][ T284] device bridge_slave_1 entered promiscuous mode [ 26.472818][ T283] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.479961][ T283] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.487475][ T283] device bridge_slave_0 entered promiscuous mode [ 26.494646][ T283] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.501852][ T283] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.509759][ T283] device bridge_slave_1 entered promiscuous mode [ 26.557558][ T285] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.564755][ T285] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.572296][ T285] device bridge_slave_0 entered promiscuous mode [ 26.592029][ T285] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.599326][ T285] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.606960][ T285] device bridge_slave_1 entered promiscuous mode [ 26.690771][ T282] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.698008][ T282] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.705553][ T282] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.712641][ T282] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.729722][ T286] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.736876][ T286] bridge0: port 1(bridge_slave_0) entered disabled state [ 26.744497][ T286] device bridge_slave_0 entered promiscuous mode [ 26.751776][ T286] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.759141][ T286] bridge0: port 2(bridge_slave_1) entered disabled state [ 26.766843][ T286] device bridge_slave_1 entered promiscuous mode [ 26.877645][ T283] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.884875][ T283] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.892599][ T283] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.900034][ T283] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.915527][ T284] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.923417][ T284] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.930833][ T284] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.938959][ T284] bridge0: port 1(bridge_slave_0) entered forwarding state [ 26.968191][ T285] bridge0: port 2(bridge_slave_1) entered blocking state [ 26.975706][ T285] bridge0: port 2(bridge_slave_1) entered forwarding state [ 26.983021][ T285] bridge0: port 1(bridge_slave_0) entered blocking state [ 26.990270][ T285] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.029925][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.037444][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.045750][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.053452][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.061112][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.068791][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.076255][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 27.083819][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 27.093428][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 27.101073][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.131160][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.139234][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.147575][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.154826][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.162732][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.172098][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.179897][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.187521][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.196085][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.203240][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.210866][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.219451][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.226729][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.247414][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.255867][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.282183][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 27.290104][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.297686][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 27.306320][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.314712][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 27.323081][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.344446][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.352926][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.361469][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.368561][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.376122][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 27.385304][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.393608][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.401098][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.408992][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 27.417477][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 27.426321][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 27.434186][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.459675][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.469399][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.477850][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.485221][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.494325][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 27.504163][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.513109][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.520199][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.527770][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 27.536262][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.544373][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 27.551954][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 27.559683][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 27.567836][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.576152][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 27.585030][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 27.593348][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 27.600395][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 27.607997][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 27.617231][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 27.625744][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 27.632983][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 27.641396][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 27.651978][ T283] device veth0_vlan entered promiscuous mode [ 27.666166][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 27.675191][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.683485][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 27.691371][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.706226][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.719208][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 27.727446][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 27.736222][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 27.745601][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.759974][ T283] device veth1_macvtap entered promiscuous mode [ 27.767821][ T282] device veth0_vlan entered promiscuous mode [ 27.774615][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 27.783106][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 27.791810][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 27.800408][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 27.808941][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 27.816892][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.825332][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 27.832954][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.842374][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 27.850858][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 27.865396][ T284] device veth0_vlan entered promiscuous mode [ 27.878514][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 27.888654][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.896977][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 27.905585][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 27.923676][ T285] device veth0_vlan entered promiscuous mode [ 27.939008][ T282] device veth1_macvtap entered promiscuous mode [ 27.948942][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 27.957657][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 27.966668][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 27.974684][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.983572][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 27.991815][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 27.999623][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 28.008439][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.016955][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 28.025533][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.033924][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 28.041623][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 28.050084][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.067957][ T286] device veth0_vlan entered promiscuous mode [ 28.080067][ T284] device veth1_macvtap entered promiscuous mode [ 28.089898][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.099145][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 28.109168][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 28.117305][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 28.125404][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 28.139573][ T286] device veth1_macvtap entered promiscuous mode [ 28.152502][ T285] device veth1_macvtap entered promiscuous mode [ 28.160277][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 28.169372][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 28.177773][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 28.186505][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 28.195312][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.213238][ T283] request_module fs-gadgetfs succeeded, but still no fs? [ 28.231265][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 28.240493][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.250291][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 28.258913][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 28.267341][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 28.275943][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.284574][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 28.293241][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 28.301996][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 28.310961][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 28.377127][ T308] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 28.398487][ T313] loop2: detected capacity change from 0 to 128 [ 28.425760][ T313] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 28.450363][ T313] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 28.517128][ T313] syz.2.3 (pid 313) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 28.573459][ T285] EXT4-fs (loop2): unmounting filesystem. [ 28.629049][ T345] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 28.723841][ T353] xt_bpf: check failed: parse error [ 28.726286][ T355] loop2: detected capacity change from 0 to 512 [ 28.779656][ T355] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 28.789926][ T355] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 28.819715][ T355] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #2: comm syz.2.19: corrupted inode contents [ 28.867184][ T355] EXT4-fs error (device loop2): ext4_dirty_inode:6120: inode #2: comm syz.2.19: mark_inode_dirty error [ 28.896401][ T355] EXT4-fs error (device loop2): ext4_do_update_inode:5255: inode #2: comm syz.2.19: corrupted inode contents [ 28.932022][ T359] syz.1.13 (359) used greatest stack depth: 21312 bytes left [ 28.947175][ T355] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.19: mark_inode_dirty error [ 29.031641][ T285] EXT4-fs (loop2): unmounting filesystem. [ 29.067225][ T333] loop4: detected capacity change from 0 to 40427 [ 29.125686][ T333] F2FS-fs (loop4): Found nat_bits in checkpoint [ 29.230408][ T387] loop1: detected capacity change from 0 to 512 [ 29.263265][ T333] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 29.426413][ T333] syz.4.9: attempt to access beyond end of device [ 29.426413][ T333] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 29.454702][ T407] Driver unsupported XDP return value 0 on prog (id 23) dev N/A, expect packet loss! [ 29.549637][ T417] process 'syz.2.45' launched './file0' with NULL argv: empty string added [ 29.767573][ T432] tipc: Enabling of bearer rejected, media not registered [ 29.776076][ T434] loop3: detected capacity change from 0 to 512 [ 29.810381][ T434] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 29.846193][ T434] EXT4-fs (loop3): invalid journal inode [ 29.874280][ T441] loop4: detected capacity change from 0 to 512 [ 29.876879][ T434] EXT4-fs (loop3): can't get journal size [ 29.899682][ T441] EXT4-fs (loop4): unsupported inode size: 22272 [ 29.908120][ T434] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c118, mo2=0002] [ 29.918295][ T434] System zones: 1-12, 13-13 [ 29.934504][ T441] EXT4-fs (loop4): blocksize: 1024 [ 29.948280][ T434] EXT4-fs (loop3): 1 truncate cleaned up [ 29.954226][ T434] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 29.985089][ T284] EXT4-fs (loop3): unmounting filesystem. [ 30.019590][ T452] syz.3.59 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 30.075750][ T458] loop3: detected capacity change from 0 to 512 [ 30.079976][ T460] loop2: detected capacity change from 0 to 512 [ 30.092394][ T459] loop4: detected capacity change from 0 to 512 [ 30.114546][ T459] EXT4-fs (loop4): Test dummy encryption mode enabled [ 30.118068][ T460] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 30.128816][ T459] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 30.142363][ T28] kauditd_printk_skb: 79 callbacks suppressed [ 30.142382][ T28] audit: type=1400 audit(1749776962.796:153): avc: denied { mount } for pid=455 comm="syz.3.61" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 30.158197][ T460] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 30.196295][ T459] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002] [ 30.204552][ T28] audit: type=1400 audit(1749776962.866:154): avc: denied { unmount } for pid=284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 30.227050][ T459] System zones: 1-12 [ 30.236530][ T460] EXT4-fs (loop2): 1 truncate cleaned up [ 30.259125][ T459] EXT4-fs (loop4): 1 truncate cleaned up [ 30.265032][ T459] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 30.269321][ T460] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 30.347709][ T459] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 30.399169][ T28] audit: type=1400 audit(1749776963.066:155): avc: denied { write } for pid=457 comm="syz.4.63" path="/5/file2/bus" dev="loop4" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 30.403656][ T459] EXT4-fs (loop4): Online defrag not supported for encrypted files [ 30.446681][ T285] EXT4-fs (loop2): unmounting filesystem. [ 30.449707][ T28] audit: type=1400 audit(1749776963.066:156): avc: denied { quotaon } for pid=456 comm="syz.2.62" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 30.476713][ T471] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 30.493409][ T471] bridge0: port 2(bridge_slave_1) entered disabled state [ 30.501833][ T471] bridge0: port 1(bridge_slave_0) entered disabled state [ 30.518299][ T28] audit: type=1400 audit(1749776963.146:157): avc: denied { ioctl } for pid=470 comm="syz.3.66" path="socket:[16639]" dev="sockfs" ino=16639 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 30.577395][ T477] fuse: Invalid group_id [ 30.585066][ T286] EXT4-fs (loop4): unmounting filesystem. [ 30.593845][ T28] audit: type=1400 audit(1749776963.236:158): avc: denied { read write } for pid=476 comm="syz.3.69" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 30.654465][ T28] audit: type=1400 audit(1749776963.236:159): avc: denied { open } for pid=476 comm="syz.3.69" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 30.700481][ T28] audit: type=1400 audit(1749776963.236:160): avc: denied { setopt } for pid=474 comm="syz.1.68" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 30.727638][ T487] loop4: detected capacity change from 0 to 1024 [ 30.765341][ T28] audit: type=1400 audit(1749776963.236:161): avc: denied { read } for pid=474 comm="syz.1.68" path="socket:[16326]" dev="sockfs" ino=16326 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 30.773585][ T487] ======================================================= [ 30.773585][ T487] WARNING: The mand mount option has been deprecated and [ 30.773585][ T487] and is ignored by this kernel. Remove the mand [ 30.773585][ T487] option from the mount to silence this warning. [ 30.773585][ T487] ======================================================= [ 30.834401][ T28] audit: type=1400 audit(1749776963.306:162): avc: denied { read } for pid=478 comm="syz.4.70" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 30.846864][ T495] netlink: 104 bytes leftover after parsing attributes in process `syz.1.76'. [ 30.899650][ T497] IPv6: sit1: Disabled Multicast RS [ 30.950246][ T487] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 30.959592][ T487] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.032227][ T487] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.73: bg 0: block 393: padding at end of block bitmap is not set [ 31.046802][ T487] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 117 [ 31.059922][ T487] EXT4-fs (loop4): This should not happen!! Data will be lost [ 31.059922][ T487] [ 31.083324][ T286] EXT4-fs (loop4): unmounting filesystem. [ 31.367870][ T533] loop4: detected capacity change from 0 to 512 [ 31.434875][ T533] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 31.448379][ T533] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.511216][ T286] EXT4-fs (loop4): unmounting filesystem. [ 31.684175][ T550] device pim6reg1 entered promiscuous mode [ 31.778856][ T551] binder: 549:551 unknown command 0 [ 31.779572][ T547] loop1: detected capacity change from 0 to 40427 [ 31.791917][ T551] binder: 549:551 ioctl c0306201 200000000840 returned -22 [ 31.800599][ T547] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 31.808724][ T547] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 31.849206][ T547] F2FS-fs (loop1): Found nat_bits in checkpoint [ 31.889694][ T547] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 31.897171][ T547] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 31.966204][ T504] loop2: detected capacity change from 0 to 131072 [ 32.002167][ T504] F2FS-fs (loop2): invalid crc value [ 32.013327][ T283] syz-executor: attempt to access beyond end of device [ 32.013327][ T283] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 32.065229][ T504] F2FS-fs (loop2): Found nat_bits in checkpoint [ 32.197100][ T504] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 32.360147][ T565] loop0: detected capacity change from 0 to 40427 [ 32.360311][ T583] IPv6: addrconf: prefix option has invalid lifetime [ 32.371848][ T565] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 32.405830][ T565] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 32.428498][ T586] IPv6: addrconf: prefix option has invalid lifetime [ 32.439358][ T565] F2FS-fs (loop0): invalid crc value [ 32.465313][ T570] loop3: detected capacity change from 0 to 40427 [ 32.475578][ T565] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 32.504446][ T570] F2FS-fs (loop3): fault_injection options not supported [ 32.558107][ T570] F2FS-fs (loop3): invalid crc value [ 32.585750][ T570] F2FS-fs (loop3): Found nat_bits in checkpoint [ 32.600283][ T565] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 32.617665][ T565] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 32.676096][ T570] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 32.678455][ T605] block device autoloading is deprecated and will be removed. [ 32.719587][ T565] syz.0.108: attempt to access beyond end of device [ 32.719587][ T565] loop0: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 32.768969][ T284] syz-executor: attempt to access beyond end of device [ 32.768969][ T284] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 32.796355][ T282] syz-executor: attempt to access beyond end of device [ 32.796355][ T282] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 32.828106][ T24] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 32.958827][ T618] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 32.995963][ T622] loop2: detected capacity change from 0 to 128 [ 33.118675][ T622] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 33.129660][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 33.139104][ T622] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 33.149563][ T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 33.163579][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 33.172097][ T24] usb 5-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 33.181932][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 33.193634][ T24] usb 5-1: config 0 descriptor?? [ 33.221879][ T285] EXT4-fs (loop2): unmounting filesystem. [ 33.238252][ T640] loop9: detected capacity change from 0 to 128 [ 33.582222][ T678] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 33.603326][ T678] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 33.605700][ T24] hid (null): nested delimiters [ 33.643885][ T24] hid-generic 0003:060B:500A.0001: unexpected long global item [ 33.664059][ T24] hid-generic: probe of 0003:060B:500A.0001 failed with error -22 [ 33.776850][ T703] netlink: '+}[@': attribute type 13 has an invalid length. [ 33.807419][ T703] gretap0: refused to change device tx_queue_len [ 33.825791][ T703] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 33.836619][ T700] syz.0.164 (700) used greatest stack depth: 20832 bytes left [ 33.852855][ T297] usb 5-1: USB disconnect, device number 2 [ 33.920501][ T712] loop3: detected capacity change from 0 to 2048 [ 33.986888][ T712] loop3: p1 < > p4 [ 33.994623][ T712] loop3: p4 size 8388608 extends beyond EOD, truncated [ 34.080045][ T722] netlink: 8 bytes leftover after parsing attributes in process `syz.3.175'. [ 34.083252][ T306] udevd[306]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 34.092100][ T310] udevd[310]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 34.126442][ T708] loop0: detected capacity change from 0 to 40427 [ 34.144640][ T310] udevd[310]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 34.149978][ T306] udevd[306]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 34.169484][ T708] F2FS-fs (loop0): Invalid SB checksum offset: 0 [ 34.177649][ T720] SELinux: ebitmap: truncated map [ 34.184243][ T708] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 34.214183][ T708] F2FS-fs (loop0): invalid crc value [ 34.222936][ T728] SELinux: Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped). [ 34.231664][ T720] SELinux: failed to load policy [ 34.239149][ T708] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 34.280826][ T733] input: syz0 as /devices/virtual/input/input5 [ 34.308838][ T708] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 34.317702][ T708] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 34.385803][ T746] syz.2.184[746] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 34.385908][ T746] syz.2.184[746] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 34.427450][ T708] syz.0.167: attempt to access beyond end of device [ 34.427450][ T708] loop0: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 34.460051][ T708] syz.0.167: attempt to access beyond end of device [ 34.460051][ T708] loop0: rw=2049, sector=53256, nr_sectors = 8 limit=40427 [ 34.477740][ T708] syz.0.167: attempt to access beyond end of device [ 34.477740][ T708] loop0: rw=2049, sector=53264, nr_sectors = 104 limit=40427 [ 34.502089][ T282] syz-executor: attempt to access beyond end of device [ 34.502089][ T282] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 34.594573][ T759] loop4: detected capacity change from 0 to 128 [ 34.651563][ T759] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 34.686362][ T759] ext4 filesystem being mounted at /30/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 34.782061][ T766] loop1: detected capacity change from 0 to 2048 [ 34.817483][ T286] EXT4-fs (loop4): unmounting filesystem. [ 34.862922][ T766] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 34.883954][ T766] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 34.907900][ T304] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28 [ 34.925597][ T304] EXT4-fs (loop1): This should not happen!! Data will be lost [ 34.925597][ T304] [ 34.946564][ T304] EXT4-fs (loop1): Total free blocks count 0 [ 34.962488][ T304] EXT4-fs (loop1): Free/Dirty block details [ 34.969249][ T304] EXT4-fs (loop1): free_blocks=2415919120 [ 34.980638][ T304] EXT4-fs (loop1): dirty_blocks=16 [ 34.986300][ T304] EXT4-fs (loop1): Block reservation details [ 34.994364][ T786] capability: warning: `syz.4.202' uses 32-bit capabilities (legacy support in use) [ 35.003811][ T304] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 35.016049][ T283] EXT4-fs (loop1): unmounting filesystem. [ 35.139861][ T28] kauditd_printk_skb: 73 callbacks suppressed [ 35.139880][ T28] audit: type=1400 audit(1749776967.806:236): avc: denied { execmem } for pid=802 comm="syz.2.209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 35.170989][ T28] audit: type=1400 audit(1749776967.806:237): avc: denied { read write } for pid=804 comm="syz.1.210" name="fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 35.196914][ T28] audit: type=1400 audit(1749776967.806:238): avc: denied { open } for pid=804 comm="syz.1.210" path="/dev/fuse" dev="devtmpfs" ino=93 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 35.235921][ T28] audit: type=1400 audit(1749776967.806:239): avc: denied { mounton } for pid=804 comm="syz.1.210" path="/40/file0" dev="tmpfs" ino=225 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 35.259577][ T28] audit: type=1400 audit(1749776967.806:240): avc: denied { mount } for pid=804 comm="syz.1.210" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 35.291213][ T28] audit: type=1400 audit(1749776967.806:241): avc: denied { unmount } for pid=283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 35.312209][ T28] audit: type=1400 audit(1749776967.866:242): avc: denied { bpf } for pid=806 comm="syz.1.211" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 35.338208][ T24] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 35.339100][ T28] audit: type=1400 audit(1749776967.866:243): avc: denied { prog_load } for pid=806 comm="syz.1.211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 35.365127][ T28] audit: type=1400 audit(1749776967.866:244): avc: denied { perfmon } for pid=806 comm="syz.1.211" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 35.387440][ T28] audit: type=1400 audit(1749776967.866:245): avc: denied { prog_run } for pid=806 comm="syz.1.211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 35.521550][ T24] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 35.534779][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 35.557139][ T24] usb 5-1: config 0 descriptor?? [ 35.747650][ T841] loop3: detected capacity change from 0 to 2048 [ 35.775829][ T841] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 35.803824][ T284] EXT4-fs (loop3): unmounting filesystem. [ 35.910940][ T853] input: syz1 as /devices/virtual/input/input6 [ 35.956226][ T838] loop0: detected capacity change from 0 to 40427 [ 35.965905][ T838] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 35.974476][ T838] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 35.997321][ T858] netlink: 44 bytes leftover after parsing attributes in process `syz.3.231'. [ 36.003379][ T838] F2FS-fs (loop0): Found nat_bits in checkpoint [ 36.041845][ T863] loop1: detected capacity change from 0 to 256 [ 36.077062][ T865] loop3: detected capacity change from 0 to 2048 [ 36.096316][ T838] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 36.105367][ T838] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 36.122021][ T865] loop3: p1 < > p4 [ 36.137184][ T865] loop3: p4 size 8388608 extends beyond EOD, truncated [ 36.170627][ T24] usb 5-1: Cannot set autoneg [ 36.175905][ T24] MOSCHIP usb-ethernet driver: probe of 5-1:0.0 failed with error -71 [ 36.205619][ T24] usb 5-1: USB disconnect, device number 3 [ 36.215777][ T102] loop3: p1 < > p4 [ 36.221313][ T102] loop3: p4 size 8388608 extends beyond EOD, truncated [ 36.244735][ T306] udevd[306]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 36.257491][ T872] udevd[872]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 36.319846][ T883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.240'. [ 36.328823][ T883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.240'. [ 36.338644][ T883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.240'. [ 36.347988][ T883] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 36.363006][ T885] loop0: detected capacity change from 0 to 512 [ 36.400192][ T885] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 36.412177][ T885] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 36.419848][ T893] capability: warning: `syz.3.243' uses deprecated v2 capabilities in a way that may be insecure [ 36.436165][ T885] EXT4-fs error (device loop0): ext4_add_entry:2486: inode #12: comm syz.0.236: Directory hole found for htree leaf block 0 [ 36.445929][ T893] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 36.451663][ T885] EXT4-fs (loop0): Remounting filesystem read-only [ 36.465621][ T893] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 36.490985][ T282] EXT4-fs (loop0): unmounting filesystem. [ 36.553351][ T901] loop0: detected capacity change from 0 to 512 [ 36.564090][ T901] EXT4-fs: Ignoring removed bh option [ 36.571205][ T901] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 36.585439][ T901] EXT4-fs (loop0): 1 truncate cleaned up [ 36.591682][ T901] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 36.617943][ T282] EXT4-fs (loop0): unmounting filesystem. [ 36.794865][ T936] loop4: detected capacity change from 0 to 512 [ 36.833466][ T936] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 36.847054][ T936] EXT4-fs (loop4): 1 truncate cleaned up [ 36.853826][ T936] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 37.040678][ T286] EXT4-fs (loop4): unmounting filesystem. [ 37.172163][ T977] loop1: detected capacity change from 0 to 256 [ 37.408404][ T985] loop1: detected capacity change from 0 to 40427 [ 37.420975][ T985] F2FS-fs (loop1): invalid crc value [ 37.427897][ T990] netlink: 96 bytes leftover after parsing attributes in process `syz.0.289'. [ 37.447672][ T1004] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=1004 comm=syz.2.291 [ 37.449002][ T992] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.469974][ T985] F2FS-fs (loop1): Found nat_bits in checkpoint [ 37.480067][ T992] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.488007][ T992] device bridge_slave_0 entered promiscuous mode [ 37.517351][ T1004] netlink: 16 bytes leftover after parsing attributes in process `syz.2.291'. [ 37.518433][ T985] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 37.547063][ T992] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.566434][ T992] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.574582][ T992] device bridge_slave_1 entered promiscuous mode [ 37.725735][ T992] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.733314][ T992] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.741391][ T992] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.748560][ T992] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.808591][ T1032] loop0: detected capacity change from 0 to 128 [ 37.826842][ T1032] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 37.880642][ T992] device veth0_vlan entered promiscuous mode [ 37.902858][ T992] device veth1_macvtap entered promiscuous mode [ 37.924252][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.936341][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.946448][ T1032] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 37.982338][ T1034] loop1: detected capacity change from 0 to 40427 [ 37.990234][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.998359][ T1034] F2FS-fs (loop1): Invalid segment/section count (24 != 1 * 1) [ 38.005940][ T1034] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 38.015483][ T1034] F2FS-fs (loop1): invalid crc value [ 38.024541][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.033274][ T1039] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=1039 comm=syz.3.306 [ 38.061101][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.070500][ T1044] syz.3.307[1044] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.070576][ T1044] syz.3.307[1044] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 38.072558][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 38.083812][ T43] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 38.093801][ T1034] F2FS-fs (loop1): Found nat_bits in checkpoint [ 38.102720][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 38.127914][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 38.136909][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 38.168483][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 38.184026][ T1034] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 38.191219][ T1034] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 38.243453][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 38.274022][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 38.298890][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 38.323688][ T283] syz-executor: attempt to access beyond end of device [ 38.323688][ T283] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 38.477669][ T1075] loop5: detected capacity change from 0 to 512 [ 38.549871][ T523] device bridge_slave_1 left promiscuous mode [ 38.670763][ T523] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.689846][ T1075] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 38.707219][ T523] device bridge_slave_0 left promiscuous mode [ 38.715912][ T1075] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 38.750687][ T523] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.783397][ T523] device veth1_macvtap left promiscuous mode [ 38.818631][ T992] EXT4-fs (loop5): unmounting filesystem. [ 38.827299][ T523] device veth0_vlan left promiscuous mode [ 39.439222][ T1140] loop0: detected capacity change from 0 to 16 [ 39.463345][ T1140] erofs: (device loop0): z_erofs_load_lz4_config: too large lz4 pclusterblks 16832 [ 39.568199][ T295] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 39.582230][ T1157] SELinux: Context system_u:object_r:systemd_logger_exec_t:s0 is not valid (left unmapped). [ 39.651966][ T1168] netlink: 8 bytes leftover after parsing attributes in process `syz.3.359'. [ 39.769946][ T295] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 39.785333][ T295] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 39.820331][ T295] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 39.832462][ T295] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 39.843577][ T295] usb 6-1: SerialNumber: syz [ 39.875868][ T43] Bluetooth: hci0: Frame reassembly failed (-84) [ 39.885121][ T1187] Non-string source [ 40.054134][ T1196] loop1: detected capacity change from 0 to 512 [ 40.079238][ T295] usb 6-1: 0:2 : does not exist [ 40.085731][ T1196] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 40.104287][ T295] usb 6-1: USB disconnect, device number 2 [ 40.110407][ T1196] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 not in group (block 2)! [ 40.124670][ T1196] EXT4-fs (loop1): group descriptors corrupted! [ 40.158233][ T28] kauditd_printk_skb: 697 callbacks suppressed [ 40.158772][ T28] audit: type=1326 audit(1749777228.812:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20ab18e929 code=0x7ffc0000 [ 40.222625][ T28] audit: type=1326 audit(1749777228.832:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20ab12ab19 code=0x7ffc0000 [ 40.269519][ T28] audit: type=1326 audit(1749777228.832:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20ab12ab19 code=0x7ffc0000 [ 40.323254][ T28] audit: type=1326 audit(1749777228.832:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20ab12ab19 code=0x7ffc0000 [ 40.349401][ T306] udevd[306]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 40.417646][ T28] audit: type=1326 audit(1749777228.832:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20ab12ab19 code=0x7ffc0000 [ 40.444365][ T28] audit: type=1326 audit(1749777228.832:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20ab12ab19 code=0x7ffc0000 [ 40.468574][ T28] audit: type=1326 audit(1749777228.832:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20ab12ab19 code=0x7ffc0000 [ 40.504950][ T28] audit: type=1326 audit(1749777228.832:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20ab12ab19 code=0x7ffc0000 [ 40.543123][ T28] audit: type=1326 audit(1749777228.832:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20ab12ab19 code=0x7ffc0000 [ 40.635873][ T28] audit: type=1326 audit(1749777228.832:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1173 comm="syz.2.362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f20ab12ab19 code=0x7ffc0000 [ 40.783163][ T1217] loop1: detected capacity change from 0 to 2048 [ 40.839356][ T1217] loop1: p1 < > p2 p3 < p5 > p4 [ 40.845727][ T1217] loop1: partition table partially beyond EOD, truncated [ 40.856781][ T1217] loop1: p1 start 4278190080 is beyond EOD, truncated [ 40.868144][ T1217] loop1: p2 start 16908800 is beyond EOD, truncated [ 40.878670][ T1217] loop1: p4 start 11326 is beyond EOD, truncated [ 40.899931][ T1217] loop1: p5 start 16908800 is beyond EOD, truncated [ 41.026627][ T1242] loop1: detected capacity change from 0 to 2048 [ 41.035950][ T1246] IPv6: sit1: Disabled Multicast RS [ 41.038090][ T295] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 41.069041][ T1242] Alternate GPT is invalid, using primary GPT. [ 41.075844][ T1242] loop1: p1 p2 p3 [ 41.114198][ T1246] syz.5.396 (1246) used greatest stack depth: 20752 bytes left [ 41.199791][ T306] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 41.218397][ T873] udevd[873]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 41.218431][ T872] udevd[872]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory [ 41.251604][ T306] udevd[306]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 41.253153][ T295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 41.288708][ T1259] mmap: syz.1.400 (1259) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 41.301653][ T295] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 41.314022][ T295] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 41.331082][ T295] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 41.341247][ T295] usb 3-1: config 0 descriptor?? [ 41.386752][ T1269] loop5: detected capacity change from 0 to 256 [ 41.399298][ T1269] exfat: Deprecated parameter 'namecase' [ 41.409132][ T1269] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 41.506383][ T1275] loop5: detected capacity change from 0 to 512 [ 41.527010][ T1275] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 41.566051][ T1275] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 41.576284][ T1275] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 41.624390][ T43] EXT4-fs error (device loop5): ext4_release_dquot:6825: comm kworker/u4:2: Failed to release dquot type 1 [ 41.640739][ T1288] loop0: detected capacity change from 0 to 512 [ 41.648737][ T1288] EXT4-fs: Ignoring removed nobh option [ 41.657451][ T992] EXT4-fs (loop5): unmounting filesystem. [ 41.674481][ T1288] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.415: invalid indirect mapped block 256 (level 2) [ 41.701591][ T1288] EXT4-fs (loop0): 2 truncates cleaned up [ 41.716959][ T1288] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 41.755384][ T1288] EXT4-fs error (device loop0): ext4_check_dx_root:2266: inode #2: comm syz.0.415: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 41.784070][ T282] EXT4-fs (loop0): unmounting filesystem. [ 41.872340][ T1307] syz.1.424[1307] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 41.872445][ T1307] syz.1.424[1307] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 41.874788][ T1308] loop5: detected capacity change from 0 to 128 [ 41.903133][ T1189] Bluetooth: hci0: command 0x1003 tx timeout [ 41.908210][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 41.923950][ T1310] loop0: detected capacity change from 0 to 1024 [ 41.952615][ T1310] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 41.958662][ T1308] EXT4-fs (loop5): Test dummy encryption mode enabled [ 41.991068][ T1308] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 42.003978][ T1308] ext4 filesystem being mounted at /26/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 42.029772][ T282] EXT4-fs (loop0): unmounting filesystem. [ 42.056128][ T1322] loop1: detected capacity change from 0 to 1024 [ 42.076172][ T1322] EXT4-fs: Ignoring removed orlov option [ 42.078286][ T992] EXT4-fs (loop5): unmounting filesystem. [ 42.157186][ T1322] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 42.212029][ T1339] loop5: detected capacity change from 0 to 2048 [ 42.220882][ T283] EXT4-fs (loop1): unmounting filesystem. [ 42.244482][ T1343] netlink: 8 bytes leftover after parsing attributes in process `syz.1.438'. [ 42.269860][ T1345] loop3: detected capacity change from 0 to 512 [ 42.312140][ T1345] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c19d, mo2=0002] [ 42.326166][ T1345] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2195: inode #15: comm syz.3.440: corrupted in-inode xattr [ 42.363391][ T295] uclogic 0003:256C:006D.0002: failed retrieving string descriptor #200: -71 [ 42.383071][ T295] uclogic 0003:256C:006D.0002: failed retrieving pen parameters: -71 [ 42.405238][ T295] uclogic 0003:256C:006D.0002: failed probing pen v2 parameters: -71 [ 42.425863][ T1345] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.440: couldn't read orphan inode 15 (err -117) [ 42.450670][ T295] uclogic 0003:256C:006D.0002: failed probing parameters: -71 [ 42.468338][ T1345] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 42.488545][ T295] uclogic: probe of 0003:256C:006D.0002 failed with error -71 [ 42.501367][ T1350] loop5: detected capacity change from 0 to 40427 [ 42.523884][ T295] usb 3-1: USB disconnect, device number 2 [ 42.531550][ T1350] F2FS-fs (loop5): fault_type options not supported [ 42.552776][ T1350] F2FS-fs (loop5): invalid crc value [ 42.568929][ T284] EXT4-fs (loop3): unmounting filesystem. [ 42.576211][ T1350] F2FS-fs (loop5): Found nat_bits in checkpoint [ 42.696986][ T1350] F2FS-fs (loop5): Start checkpoint disabled! [ 42.704508][ T1341] loop0: detected capacity change from 0 to 40427 [ 42.712007][ T1341] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 42.720150][ T1350] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 42.728283][ T1341] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 42.747140][ T1341] F2FS-fs (loop0): invalid crc value [ 42.779386][ T1350] syz.5.442: attempt to access beyond end of device [ 42.779386][ T1350] loop5: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 42.794661][ T1341] F2FS-fs (loop0): Found nat_bits in checkpoint [ 42.830654][ T43] kworker/u4:2: attempt to access beyond end of device [ 42.830654][ T43] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 42.846400][ T1341] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 42.855089][ T1341] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 42.920906][ T282] syz-executor: attempt to access beyond end of device [ 42.920906][ T282] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 42.949792][ T523] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 42.967332][ T523] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 43.074325][ T1398] usb usb8: usbfs: process 1398 (syz.1.462) did not claim interface 0 before use [ 43.436705][ T1424] loop3: detected capacity change from 0 to 512 [ 43.440634][ T1405] loop1: detected capacity change from 0 to 40427 [ 43.486892][ T1424] EXT4-fs: Ignoring removed nomblk_io_submit option [ 43.516511][ T1405] F2FS-fs (loop1): invalid crc value [ 43.522443][ T1424] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 43.532073][ T1424] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01d, mo2=0102] [ 43.540940][ T1424] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (80) [ 43.551621][ T1424] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features [ 43.561118][ T1424] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 43.586178][ T1405] F2FS-fs (loop1): Found nat_bits in checkpoint [ 43.599563][ T284] EXT4-fs (loop3): unmounting filesystem. [ 43.709178][ T1405] F2FS-fs (loop1): Start checkpoint disabled! [ 43.738109][ T1405] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 43.814522][ T1405] syz.1.465: attempt to access beyond end of device [ 43.814522][ T1405] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 43.885175][ T523] kworker/u4:4: attempt to access beyond end of device [ 43.885175][ T523] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 44.077960][ T1447] loop3: detected capacity change from 0 to 40427 [ 44.100849][ T1447] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 44.137424][ T1447] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 44.185273][ T1447] F2FS-fs (loop3): Found nat_bits in checkpoint [ 44.288339][ T1447] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 44.307732][ T1447] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 44.313807][ T297] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 44.358225][ T297] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 44.560456][ T1482] loop0: detected capacity change from 0 to 1024 [ 44.578608][ T284] syz-executor: attempt to access beyond end of device [ 44.578608][ T284] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 44.596379][ T1482] EXT4-fs: Ignoring removed orlov option [ 44.676521][ T1495] IPv6: sit1: Disabled Multicast RS [ 44.686400][ T1482] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 44.690600][ T1491] loop1: detected capacity change from 0 to 2048 [ 44.718170][ T297] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 44.719225][ T282] EXT4-fs (loop0): unmounting filesystem. [ 44.908254][ T297] usb 6-1: Using ep0 maxpacket: 32 [ 44.915263][ T297] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 44.933638][ T297] usb 6-1: config 0 has no interface number 0 [ 44.941882][ T297] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 44.954106][ T297] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 44.965362][ T297] usb 6-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 44.975834][ T297] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 44.986743][ T297] usb 6-1: config 0 descriptor?? [ 45.208192][ T24] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 45.388124][ T24] usb 4-1: Using ep0 maxpacket: 32 [ 45.394899][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 45.407177][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 45.417304][ T24] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 45.426970][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 45.436589][ T24] usb 4-1: config 0 descriptor?? [ 45.594717][ T297] uclogic 0003:28BD:0094.0004: pen parameters not found [ 45.602528][ T297] uclogic 0003:28BD:0094.0004: interface is invalid, ignoring [ 45.801965][ T297] usb 6-1: USB disconnect, device number 3 [ 45.847681][ T24] savu 0003:1E7D:2D5A.0005: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 45.946415][ T28] kauditd_printk_skb: 115 callbacks suppressed [ 45.946430][ T28] audit: type=1400 audit(1749777235.611:1067): avc: denied { block_suspend } for pid=1550 comm="syz.1.526" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 46.129501][ T813] usb 4-1: USB disconnect, device number 2 [ 46.138173][ T19] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 46.268127][ T6] usb 2-1: new full-speed USB device number 2 using dummy_hcd [ 46.328108][ T19] usb 3-1: Using ep0 maxpacket: 8 [ 46.335142][ T19] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 46.344042][ T19] usb 3-1: config 179 has no interface number 0 [ 46.350765][ T19] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 46.368609][ T19] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 46.385152][ T19] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 46.397144][ T19] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 46.409029][ T19] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 46.424855][ T19] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 46.434518][ T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 46.443745][ T1544] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 46.469882][ T6] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 46.481320][ T6] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 46.494168][ T6] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 46.503414][ T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 46.511591][ T6] usb 2-1: Product: syz [ 46.516157][ T6] usb 2-1: Manufacturer: syz [ 46.520931][ T6] usb 2-1: SerialNumber: syz [ 46.526698][ T1554] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 46.658143][ T813] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 46.686935][ T28] audit: type=1400 audit(1749777236.351:1068): avc: denied { ioctl } for pid=1543 comm="syz.2.522" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 46.722433][ T24] usb 3-1: USB disconnect, device number 3 [ 46.722449][ C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 46.737991][ C0] dummy_hcd dummy_hcd.2: timer fired with no URBs pending? [ 46.868161][ T813] usb 6-1: Using ep0 maxpacket: 32 [ 46.875054][ T813] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 46.886684][ T813] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 46.896927][ T813] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 46.906239][ T813] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 46.915824][ T813] usb 6-1: config 0 descriptor?? [ 46.922438][ T813] hub 6-1:0.0: USB hub found [ 47.068243][ T1555] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 47.123187][ T813] hub 6-1:0.0: 1 port detected [ 47.258143][ T1555] usb 4-1: Using ep0 maxpacket: 32 [ 47.267006][ T1555] usb 4-1: config 0 has no interfaces? [ 47.273061][ T1555] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 47.284335][ T1555] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 47.297247][ T1555] usb 4-1: config 0 descriptor?? [ 47.353989][ T1585] netlink: 4344 bytes leftover after parsing attributes in process `syz.2.541'. [ 47.365075][ T28] audit: type=1400 audit(1749777237.031:1069): avc: denied { nlmsg_read } for pid=1584 comm="syz.2.541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 47.514452][ T24] usb 4-1: USB disconnect, device number 3 [ 47.525635][ T813] usb 6-1: USB disconnect, device number 4 [ 47.541492][ T6] cdc_ncm 2-1:1.0: failed to get mac address [ 47.552399][ T6] cdc_ncm 2-1:1.0: bind() failure [ 47.564252][ T6] cdc_ncm: probe of 2-1:1.1 failed with error -71 [ 47.571887][ T6] cdc_mbim: probe of 2-1:1.1 failed with error -71 [ 47.583127][ T6] usb 2-1: USB disconnect, device number 2 [ 48.154716][ T1611] netlink: 165 bytes leftover after parsing attributes in process `syz.1.563'. [ 48.250355][ T1619] loop1: detected capacity change from 0 to 512 [ 48.276830][ T1619] EXT4-fs: Ignoring removed nomblk_io_submit option [ 48.298598][ T1619] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 48.313873][ T1619] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 48.329034][ T1619] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 48.342452][ T1619] EXT4-fs (loop1): 1 truncate cleaned up [ 48.348469][ T1619] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 48.368217][ T813] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 48.377603][ T283] EXT4-fs (loop1): unmounting filesystem. [ 48.387574][ T1613] loop3: detected capacity change from 0 to 40427 [ 48.405850][ T1613] F2FS-fs (loop3): invalid crc value [ 48.420781][ T1613] F2FS-fs (loop3): Found nat_bits in checkpoint [ 48.455528][ T1613] F2FS-fs (loop3): Start checkpoint disabled! [ 48.462841][ T1613] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 48.493617][ T1613] syz.3.553: attempt to access beyond end of device [ 48.493617][ T1613] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 48.527102][ T523] kworker/u4:4: attempt to access beyond end of device [ 48.527102][ T523] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 48.588119][ T813] usb 6-1: Using ep0 maxpacket: 32 [ 48.598951][ T813] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 48.611796][ T813] usb 6-1: config 0 has no interfaces? [ 48.617375][ T813] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 48.626915][ T813] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 48.640290][ T813] usb 6-1: config 0 descriptor?? [ 48.687112][ T1637] tipc: Started in network mode [ 48.692343][ T1637] tipc: Node identity 2d514600650a58f1002e, cluster identity 4711 [ 48.713302][ T1639] loop3: detected capacity change from 0 to 128 [ 48.722162][ T1639] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 48.731318][ T1639] ext4 filesystem being mounted at /133/file supports timestamps until 2038-01-19 (0x7fffffff) [ 48.755239][ T284] EXT4-fs (loop3): unmounting filesystem. [ 48.768318][ T1185] Bluetooth: hci0: command 0x1003 tx timeout [ 48.773664][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 48.911578][ T8] Bluetooth: hci0: Frame reassembly failed (-84) [ 48.916682][ T28] audit: type=1400 audit(1749777238.581:1070): avc: denied { connect } for pid=1659 comm="syz.3.574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 48.938693][ T1661] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 49.045175][ T1671] loop0: detected capacity change from 0 to 2048 [ 49.089274][ T1671] Alternate GPT is invalid, using primary GPT. [ 49.095727][ T1671] loop0: p1 p2 p3 [ 49.179198][ T873] udevd[873]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 49.191011][ T872] udevd[872]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 49.193828][ T306] udevd[306]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 49.396429][ T28] audit: type=1400 audit(1749777239.061:1071): avc: denied { unmount } for pid=283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 49.417439][ T6] usb 6-1: USB disconnect, device number 5 [ 49.469874][ T1688] netlink: 136 bytes leftover after parsing attributes in process `syz.5.587'. [ 49.479917][ T1688] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 49.528122][ T813] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 49.564789][ T1692] netlink: 165 bytes leftover after parsing attributes in process `syz.2.590'. [ 49.615134][ T1695] loop5: detected capacity change from 0 to 2048 [ 49.639836][ T1695] Alternate GPT is invalid, using primary GPT. [ 49.646592][ T1695] loop5: p1 p2 p3 [ 49.709230][ T813] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 49.719169][ T813] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 49.733289][ T813] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 49.743196][ T813] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 49.753318][ T813] usb 1-1: config 0 descriptor?? [ 49.785816][ T1698] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.797769][ T1698] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.798754][ T873] udevd[873]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 49.806618][ T1698] device bridge_slave_0 entered promiscuous mode [ 49.821142][ T306] udevd[306]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 49.825695][ T310] udevd[310]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 49.843903][ T1698] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.851152][ T1698] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.860434][ T1698] device bridge_slave_1 entered promiscuous mode [ 49.911276][ T28] audit: type=1400 audit(1749777239.581:1072): avc: denied { create } for pid=1710 comm="syz.5.599" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 49.941093][ T28] audit: type=1400 audit(1749777239.611:1073): avc: denied { setopt } for pid=1710 comm="syz.5.599" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 50.053486][ T28] audit: type=1400 audit(1749777239.721:1074): avc: denied { create } for pid=1723 comm="syz.5.605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 50.099903][ T28] audit: type=1400 audit(1749777239.741:1075): avc: denied { connect } for pid=1723 comm="syz.5.605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 50.117704][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4 [ 50.134858][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x2 [ 50.146309][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.155189][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.155322][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 50.164671][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.175815][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.185558][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.190595][ T813] kovaplus 0003:1E7D:2D50.0007: unknown main item tag 0x0 [ 50.203616][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.213751][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.222232][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.225035][ T813] kovaplus 0003:1E7D:2D50.0007: unknown main item tag 0x0 [ 50.230389][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.246056][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.254063][ T813] kovaplus 0003:1E7D:2D50.0007: unknown main item tag 0x0 [ 50.261517][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.261548][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.261572][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.261595][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.261616][ T6] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 50.277117][ T1731] loop5: detected capacity change from 0 to 8192 [ 50.278219][ T813] kovaplus 0003:1E7D:2D50.0007: unknown main item tag 0x0 [ 50.287718][ T6] hid-generic 0000:3000000:0000.0006: hidraw0: HID v0.00 Device [sy] on syz0 [ 50.295697][ T813] kovaplus 0003:1E7D:2D50.0007: unknown main item tag 0x0 [ 50.337042][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.352518][ T813] kovaplus 0003:1E7D:2D50.0007: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.0-1/input0 [ 50.364383][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.388406][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.395640][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.402909][ T1732] fido_id[1732]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 50.404111][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.430004][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.438916][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.446064][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.454474][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.474953][ T1734] device batadv_slave_1 entered promiscuous mode [ 50.484150][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 50.493592][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 50.503833][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.521333][ T1733] device batadv_slave_1 left promiscuous mode [ 50.530645][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 50.545621][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 50.553492][ T1737] loop5: detected capacity change from 0 to 128 [ 50.555859][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 50.569977][ T1698] device veth0_vlan entered promiscuous mode [ 50.587073][ T1737] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 50.599657][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 50.609299][ T1737] ext4 filesystem being mounted at /53/file supports timestamps until 2038-01-19 (0x7fffffff) [ 50.627113][ T1698] device veth1_macvtap entered promiscuous mode [ 50.651056][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 50.660529][ T992] EXT4-fs (loop5): unmounting filesystem. [ 50.680621][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 50.693763][ T813] kovaplus 0003:1E7D:2D50.0007: couldn't init struct kovaplus_device [ 50.708123][ T813] kovaplus 0003:1E7D:2D50.0007: couldn't install mouse [ 50.725872][ T813] kovaplus: probe of 0003:1E7D:2D50.0007 failed with error -71 [ 50.748437][ T813] usb 1-1: USB disconnect, device number 2 [ 50.793368][ T28] audit: type=1400 audit(1749777240.461:1076): avc: denied { remount } for pid=1753 comm="syz.5.616" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 50.829919][ T1751] fido_id[1751]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 50.880586][ T8] device bridge_slave_1 left promiscuous mode [ 50.889459][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.907417][ T8] device bridge_slave_0 left promiscuous mode [ 50.919317][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.928137][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 50.928967][ T1185] Bluetooth: hci0: command 0x1003 tx timeout [ 50.953204][ T8] device veth1_macvtap left promiscuous mode [ 50.985895][ T8] device veth0_vlan left promiscuous mode [ 51.010145][ T1769] loop3: detected capacity change from 0 to 1024 [ 51.034842][ T1769] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 51.119590][ T1769] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 51.152416][ T1778] loop6: detected capacity change from 0 to 1024 [ 51.161184][ T28] audit: type=1400 audit(1749777240.831:1077): avc: denied { attach_queue } for pid=1762 comm="syz.5.619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 51.189323][ T1778] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #11: comm syz.6.623: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 51.200665][ T1769] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #11: comm syz.3.621: missing EA_INODE flag [ 51.226953][ T28] audit: type=1400 audit(1749777240.861:1078): avc: denied { rename } for pid=1768 comm="syz.3.621" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 51.252136][ T1778] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.623: couldn't read orphan inode 11 (err -117) [ 51.252147][ T1769] EXT4-fs (loop3): Remounting filesystem read-only [ 51.252187][ T1769] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.621: error while reading EA inode 11 err=-117 [ 51.295442][ T1778] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 51.300141][ T28] audit: type=1400 audit(1749777240.861:1079): avc: denied { unlink } for pid=1768 comm="syz.3.621" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 51.333524][ T1769] EXT4-fs (loop3): Remounting filesystem read-only [ 51.352268][ T1769] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #11: comm syz.3.621: missing EA_INODE flag [ 51.370493][ T1769] EXT4-fs (loop3): Remounting filesystem read-only [ 51.377550][ T1769] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.621: error while reading EA inode 11 err=-117 [ 51.398862][ T1698] EXT4-fs (loop6): unmounting filesystem. [ 51.405061][ T1769] EXT4-fs (loop3): Remounting filesystem read-only [ 51.501916][ T284] EXT4-fs (loop3): unmounting filesystem. [ 51.549565][ T1793] netlink: 104 bytes leftover after parsing attributes in process `syz.3.630'. [ 51.729596][ T1798] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 51.748119][ T297] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 51.757298][ T1789] loop5: detected capacity change from 0 to 40427 [ 51.779352][ T1789] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 51.794378][ T1789] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 51.850380][ T1789] F2FS-fs (loop5): Found nat_bits in checkpoint [ 51.939378][ T297] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 51.958107][ T297] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 52.001219][ T1789] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 52.017124][ T297] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 52.027187][ T1789] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 52.035796][ T297] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 52.062149][ T297] usb 1-1: SerialNumber: syz [ 52.093121][ T28] audit: type=1400 audit(1749777241.761:1080): avc: denied { setattr } for pid=1788 comm="syz.5.629" name="file0" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 52.193567][ T1827] netlink: 60 bytes leftover after parsing attributes in process `syz.2.652'. [ 52.223251][ T1827] netlink: 60 bytes leftover after parsing attributes in process `syz.2.652'. [ 52.282061][ T297] usb 1-1: 0:2 : does not exist [ 52.299961][ T297] usb 1-1: USB disconnect, device number 3 [ 52.489715][ T1829] loop3: detected capacity change from 0 to 40427 [ 52.506721][ T1829] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 52.522405][ T1829] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 52.530915][ T1831] loop5: detected capacity change from 0 to 40427 [ 52.539186][ T1829] F2FS-fs (loop3): invalid crc value [ 52.545206][ T1831] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 52.555450][ T1831] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 52.569533][ T1829] F2FS-fs (loop3): Found nat_bits in checkpoint [ 52.588729][ T1831] F2FS-fs (loop5): Found nat_bits in checkpoint [ 52.609810][ T28] audit: type=1400 audit(1749777242.281:1081): avc: denied { write } for pid=1843 comm="syz.6.648" path="socket:[22648]" dev="sockfs" ino=22648 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 52.684061][ T1848] loop6: detected capacity change from 0 to 512 [ 52.693309][ T1829] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 52.702715][ T1831] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 52.710969][ T1829] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 52.712132][ T1848] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 52.728358][ T1831] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 52.737228][ T1848] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.802294][ T28] audit: type=1400 audit(1749777242.471:1082): avc: denied { map } for pid=1828 comm="syz.3.645" path="/151/bus/memory.events" dev="loop3" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 52.828355][ T1698] EXT4-fs (loop6): unmounting filesystem. [ 52.884439][ T304] kworker/u4:3: attempt to access beyond end of device [ 52.884439][ T304] loop3: rw=1, sector=45096, nr_sectors = 72 limit=40427 [ 52.997521][ T992] syz-executor: attempt to access beyond end of device [ 52.997521][ T992] loop5: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 53.164554][ T28] audit: type=1400 audit(1749777242.831:1083): avc: denied { bind } for pid=1867 comm="syz.3.654" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 53.218623][ T1858] loop6: detected capacity change from 0 to 40427 [ 53.254493][ T1858] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12 [ 53.288110][ T297] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 53.288938][ T1858] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 53.313955][ T1858] F2FS-fs (loop6): Found nat_bits in checkpoint [ 53.358748][ T1858] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 53.366846][ T1858] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 53.478068][ T297] usb 1-1: Using ep0 maxpacket: 32 [ 53.485166][ T297] usb 1-1: config 0 has no interfaces? [ 53.500709][ T297] usb 1-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 53.527180][ T297] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.553226][ T297] usb 1-1: config 0 descriptor?? [ 53.688093][ T813] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 53.775721][ T297] usb 1-1: USB disconnect, device number 4 [ 53.899466][ T813] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 53.917324][ T813] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 53.942367][ T813] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 53.956620][ T813] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 53.985939][ T813] usb 4-1: SerialNumber: syz [ 54.071006][ T1901] input: syz0 as /devices/virtual/input/input8 [ 54.216416][ T813] usb 4-1: 0:2 : does not exist [ 54.238449][ T813] usb 4-1: USB disconnect, device number 4 [ 54.258145][ T24] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 54.438116][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 54.444630][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 54.488193][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 54.508647][ T24] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 54.538084][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.576725][ T24] usb 6-1: config 0 descriptor?? [ 54.819115][ T1926] loop3: detected capacity change from 0 to 256 [ 54.829859][ T1926] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 54.887725][ T1935] netlink: 'syz.3.688': attribute type 280 has an invalid length. [ 54.938625][ T1941] tmpfs: Unknown parameter 'i' [ 54.988067][ T24] savu 0003:1E7D:2D5A.0008: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0 [ 55.048155][ T813] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 55.101968][ T1945] loop3: detected capacity change from 0 to 40427 [ 55.109694][ T1945] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 55.117955][ T1945] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 55.127715][ T1945] F2FS-fs (loop3): invalid crc value [ 55.134850][ T1945] F2FS-fs (loop3): Found nat_bits in checkpoint [ 55.167328][ T1945] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 55.174939][ T1945] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 55.211581][ T28] audit: type=1400 audit(1749777244.881:1084): avc: denied { setattr } for pid=1944 comm="syz.3.702" path="/162/bus" dev="loop3" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 55.236327][ T813] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.237668][ T1001] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 55.248270][ T813] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 55.258154][ T1001] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 55.272998][ T813] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 55.288489][ T813] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.297335][ T24] usb 6-1: USB disconnect, device number 6 [ 55.308208][ T813] usb 3-1: config 0 descriptor?? [ 55.635770][ T1954] loop0: detected capacity change from 0 to 512 [ 55.672321][ T1954] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 55.687044][ T1954] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 55.693831][ T1961] loop3: detected capacity change from 0 to 128 [ 55.698478][ T1954] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 55.704425][ T1961] EXT4-fs: Ignoring removed nobh option [ 55.717958][ T1954] System zones: 0-2, 18-18, 34-34 [ 55.725033][ T813] kovaplus 0003:1E7D:2D50.0009: unknown main item tag 0x0 [ 55.734114][ T813] kovaplus 0003:1E7D:2D50.0009: unknown main item tag 0x0 [ 55.741502][ T1954] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 55.742032][ T813] kovaplus 0003:1E7D:2D50.0009: unknown main item tag 0x0 [ 55.758368][ T1961] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 55.764751][ T813] kovaplus 0003:1E7D:2D50.0009: unknown main item tag 0x0 [ 55.780495][ T813] kovaplus 0003:1E7D:2D50.0009: unknown main item tag 0x0 [ 55.781372][ T1961] ext4 filesystem being mounted at /165/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 55.805583][ T813] kovaplus 0003:1E7D:2D50.0009: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.2-1/input0 [ 55.818913][ T1954] EXT4-fs (loop0): 1 truncate cleaned up [ 55.824645][ T1954] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 55.859306][ T28] audit: type=1400 audit(1749777245.531:1085): avc: denied { append } for pid=1952 comm="syz.0.704" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 55.883692][ T282] EXT4-fs (loop0): unmounting filesystem. [ 55.891700][ T284] EXT4-fs (loop3): unmounting filesystem. [ 55.906521][ T1969] loop0: detected capacity change from 0 to 128 [ 55.918091][ T1555] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 56.085778][ T1993] loop0: detected capacity change from 0 to 256 [ 56.092747][ T1993] FAT-fs (loop0): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value [ 56.109637][ T1555] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 56.120400][ T1555] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 56.130219][ T813] kovaplus 0003:1E7D:2D50.0009: couldn't init struct kovaplus_device [ 56.140237][ T813] kovaplus 0003:1E7D:2D50.0009: couldn't install mouse [ 56.150910][ T28] audit: type=1400 audit(1749777245.821:1086): avc: denied { read } for pid=1995 comm="syz.3.714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 56.171830][ T1555] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 56.186223][ T813] kovaplus: probe of 0003:1E7D:2D50.0009 failed with error -71 [ 56.198870][ T1555] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 56.208710][ T813] usb 3-1: USB disconnect, device number 4 [ 56.214989][ T1555] usb 7-1: SerialNumber: syz [ 56.233604][ T2003] loop3: detected capacity change from 0 to 1024 [ 56.240937][ T2003] EXT4-fs: Ignoring removed orlov option [ 56.246742][ T2003] EXT4-fs: Ignoring removed nomblk_io_submit option [ 56.278150][ T24] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 56.282670][ T2000] fido_id[2000]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 56.319995][ T2003] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 56.361361][ T284] EXT4-fs (loop3): unmounting filesystem. [ 56.374120][ T2012] loop0: detected capacity change from 0 to 512 [ 56.394353][ T2012] EXT4-fs error (device loop0): ext4_get_journal_inode:5710: inode #32: comm syz.0.720: iget: special inode unallocated [ 56.408507][ T2012] EXT4-fs (loop0): Remounting filesystem read-only [ 56.413344][ T2014] incfs: Options parsing error. -22 [ 56.415245][ T2012] EXT4-fs (loop0): no journal found [ 56.421097][ T2014] incfs: mount failed -22 [ 56.427100][ T2012] EXT4-fs (loop0): can't get journal size [ 56.437801][ T2012] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 56.449792][ T2012] EXT4-fs error (device loop0): ext4_protect_reserved_inode:160: inode #32: comm syz.0.720: iget: special inode unallocated [ 56.465684][ T2012] EXT4-fs (loop0): Remounting filesystem read-only [ 56.473706][ T1555] usb 7-1: 0:2 : does not exist [ 56.479362][ T2012] EXT4-fs (loop0): failed to initialize system zone (-117) [ 56.487051][ T2012] EXT4-fs (loop0): mount failed [ 56.493369][ T1555] usb 7-1: USB disconnect, device number 2 [ 56.609275][ T2025] netlink: 60 bytes leftover after parsing attributes in process `syz.3.723'. [ 56.622080][ T2025] netlink: 60 bytes leftover after parsing attributes in process `syz.3.723'. [ 56.687728][ T1983] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 56.698132][ T1983] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 56.713170][ T306] udevd[306]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 56.716712][ T24] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 56.761413][ T24] usb 6-1: can't read configurations, error -71 [ 57.122710][ T2043] loop6: detected capacity change from 0 to 1024 [ 57.146511][ T2043] EXT4-fs: Ignoring removed orlov option [ 57.163224][ T2043] EXT4-fs: Ignoring removed nomblk_io_submit option [ 57.190976][ T2043] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 57.310637][ T1698] EXT4-fs (loop6): unmounting filesystem. [ 57.568195][ T813] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 57.748089][ T813] usb 3-1: Using ep0 maxpacket: 8 [ 57.757682][ T813] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 57.770411][ T813] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.790776][ T813] usb 3-1: config 0 descriptor?? [ 58.001333][ T813] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 58.246052][ T28] audit: type=1400 audit(1749777247.911:1087): avc: denied { connect } for pid=2074 comm="syz.0.747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 58.272774][ T28] audit: type=1400 audit(1749777247.941:1088): avc: denied { setopt } for pid=2074 comm="syz.0.747" laddr=172.20.20.10 lport=2 faddr=172.20.20.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 58.300183][ T28] audit: type=1400 audit(1749777247.941:1089): avc: denied { read } for pid=2074 comm="syz.0.747" path="socket:[23167]" dev="sockfs" ino=23167 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 58.547016][ T28] audit: type=1400 audit(1749777248.211:1090): avc: denied { read } for pid=2107 comm="syz.0.763" name="usbmon7" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 58.573935][ T28] audit: type=1400 audit(1749777248.211:1091): avc: denied { open } for pid=2107 comm="syz.0.763" path="/dev/usbmon7" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 58.602688][ T28] audit: type=1400 audit(1749777248.221:1092): avc: denied { ioctl } for pid=2107 comm="syz.0.763" path="/dev/usbmon7" dev="devtmpfs" ino=180 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 58.634073][ T28] audit: type=1400 audit(1749777248.281:1093): avc: denied { shutdown } for pid=2111 comm="syz.0.765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 58.791768][ T28] audit: type=1400 audit(1749777248.461:1094): avc: denied { mount } for pid=2125 comm="syz.0.771" name="/" dev="ramfs" ino=23346 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 58.830122][ T813] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 58.848206][ T813] asix: probe of 3-1:0.0 failed with error -71 [ 58.865263][ T28] audit: type=1400 audit(1749777248.531:1095): avc: denied { read } for pid=2131 comm="syz.0.774" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 58.893787][ T813] usb 3-1: USB disconnect, device number 5 [ 58.902762][ T28] audit: type=1400 audit(1749777248.531:1096): avc: denied { open } for pid=2131 comm="syz.0.774" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 59.005015][ T2142] loop0: detected capacity change from 0 to 16 [ 59.032381][ T2142] erofs: (device loop0): mounted with root inode @ nid 36. [ 59.046503][ T2142] erofs: (device loop0): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 59.056364][ T2142] syz.0.778: attempt to access beyond end of device [ 59.056364][ T2142] loop0: rw=524288, sector=524296, nr_sectors = 8 limit=16 [ 59.080546][ T1555] kernel write not supported for file task/42/attr/prev (pid: 1555 comm: kworker/0:4) [ 59.091725][ T2142] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096] [ 59.118136][ T2142] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096] [ 59.156516][ T2142] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096] [ 59.168556][ T2142] erofs: (device loop0): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096] [ 59.228636][ T2154] loop0: detected capacity change from 0 to 512 [ 59.236458][ T2154] EXT4-fs: Ignoring removed nobh option [ 59.276527][ T2154] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.785: invalid indirect mapped block 256 (level 2) [ 59.298397][ T2154] EXT4-fs (loop0): 2 truncates cleaned up [ 59.304365][ T2154] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 59.319155][ T2144] loop3: detected capacity change from 0 to 40427 [ 59.331707][ T2144] F2FS-fs (loop3): fault_injection options not supported [ 59.361154][ T2144] F2FS-fs (loop3): invalid crc value [ 59.390795][ T2144] F2FS-fs (loop3): Found nat_bits in checkpoint [ 59.399918][ T282] EXT4-fs (loop0): unmounting filesystem. [ 59.408079][ T1764] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 59.408162][ T1189] Bluetooth: hci0: command 0x1003 tx timeout [ 59.422545][ T2059] Bluetooth: hci0: Opcode 0x080f failed: -22 [ 59.493179][ T2144] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 59.565822][ T2173] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 59.584237][ T284] syz-executor: attempt to access beyond end of device [ 59.584237][ T284] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 59.764040][ T304] device bridge_slave_1 left promiscuous mode [ 59.779702][ T304] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.799661][ T304] device bridge_slave_0 left promiscuous mode [ 59.806104][ T304] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.823465][ T304] device veth1_macvtap left promiscuous mode [ 59.829670][ T304] device veth0_vlan left promiscuous mode [ 59.886631][ T2203] binder: 2201:2203 ioctl c0306201 200000001d40 returned -14 [ 59.965782][ T2202] netlink: 96 bytes leftover after parsing attributes in process `syz.0.806'. [ 60.040571][ T2178] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.052520][ T2178] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.060518][ T2178] device bridge_slave_0 entered promiscuous mode [ 60.107132][ T2221] device veth3 entered promiscuous mode [ 60.115096][ T2178] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.123563][ T2178] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.137869][ T2178] device bridge_slave_1 entered promiscuous mode [ 60.300694][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.311595][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.325756][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 60.345854][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.355620][ T304] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.363099][ T304] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.371675][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.386955][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.399470][ T1555] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 60.402447][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.421470][ T304] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.428869][ T304] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.448297][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.472091][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.480560][ T19] ================================================================== [ 60.488651][ T19] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480 [ 60.496022][ T19] Write of size 8 at addr ffff888141e44a00 by task kworker/0:1/19 [ 60.503952][ T19] [ 60.506384][ T19] CPU: 0 PID: 19 Comm: kworker/0:1 Not tainted 6.1.138-syzkaller-00008-g74db64dcc8aa #0 [ 60.516377][ T19] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 60.526581][ T19] Workqueue: mld mld_ifc_work [ 60.531525][ T19] Call Trace: [ 60.535003][ T19] [ 60.537970][ T19] __dump_stack+0x21/0x24 [ 60.542372][ T19] dump_stack_lvl+0xee/0x150 [ 60.547012][ T19] ? __cfi_dump_stack_lvl+0x8/0x8 [ 60.552099][ T19] ? ip6_output+0x1d1/0x3b0 [ 60.556666][ T19] ? enqueue_timer+0xae/0x480 [ 60.561445][ T19] print_address_description+0x71/0x210 [ 60.567573][ T19] print_report+0x4a/0x60 [ 60.572103][ T19] kasan_report+0x122/0x150 [ 60.577045][ T19] ? enqueue_timer+0xae/0x480 [ 60.581769][ T19] __asan_report_store8_noabort+0x17/0x20 [ 60.587789][ T19] enqueue_timer+0xae/0x480 [ 60.592504][ T19] __mod_timer+0x79f/0xb30 [ 60.597136][ T19] add_timer+0x68/0x80 [ 60.601243][ T19] __queue_delayed_work+0x173/0x200 [ 60.607219][ T19] mod_delayed_work_on+0x74/0xe0 [ 60.612727][ T19] mld_ifc_work+0xa26/0xbe0 [ 60.617263][ T19] ? pwq_dec_nr_in_flight+0x18c/0x3c0 [ 60.622738][ T19] process_one_work+0x71f/0xc40 [ 60.627705][ T19] worker_thread+0xa29/0x11f0 [ 60.632409][ T19] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 60.638020][ T19] kthread+0x281/0x320 [ 60.642139][ T19] ? __cfi_worker_thread+0x10/0x10 [ 60.647346][ T19] ? __cfi_kthread+0x10/0x10 [ 60.651953][ T19] ret_from_fork+0x1f/0x30 [ 60.656473][ T19] [ 60.660059][ T19] [ 60.662487][ T19] Allocated by task 2059: [ 60.667097][ T19] kasan_set_track+0x4b/0x70 [ 60.671934][ T19] kasan_save_alloc_info+0x25/0x30 [ 60.677097][ T19] __kasan_kmalloc+0x95/0xb0 [ 60.681841][ T19] __kmalloc+0xb1/0x1e0 [ 60.686033][ T19] hci_alloc_dev_priv+0x27/0x1bd0 [ 60.691074][ T19] hci_uart_tty_ioctl+0x3d6/0xa20 [ 60.696152][ T19] tty_ioctl+0x8ef/0xc60 [ 60.700440][ T19] __se_sys_ioctl+0x12f/0x1b0 [ 60.705246][ T19] __x64_sys_ioctl+0x7b/0x90 [ 60.710457][ T19] x64_sys_call+0x58b/0x9a0 [ 60.714992][ T19] do_syscall_64+0x4c/0xa0 [ 60.719611][ T19] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 60.725775][ T19] [ 60.728381][ T19] Freed by task 2059: [ 60.732483][ T19] kasan_set_track+0x4b/0x70 [ 60.737123][ T19] kasan_save_free_info+0x31/0x50 [ 60.742714][ T19] ____kasan_slab_free+0x132/0x180 [ 60.748571][ T19] __kasan_slab_free+0x11/0x20 [ 60.754387][ T19] slab_free_freelist_hook+0xc2/0x190 [ 60.759995][ T19] __kmem_cache_free+0xb7/0x1b0 [ 60.765118][ T19] kfree+0x6f/0xf0 [ 60.769112][ T19] hci_release_dev+0x13ad/0x1500 [ 60.774158][ T19] bt_host_release+0x82/0x90 [ 60.778856][ T19] device_release+0xa4/0x1d0 [ 60.783468][ T19] kobject_put+0x19d/0x280 [ 60.788296][ T19] put_device+0x1f/0x30 [ 60.792471][ T19] hci_dev_cmd+0x265/0x720 [ 60.796969][ T19] hci_sock_ioctl+0x41e/0x7f0 [ 60.801757][ T19] sock_do_ioctl+0x101/0x310 [ 60.806383][ T19] sock_ioctl+0x4d8/0x6e0 [ 60.810821][ T19] __se_sys_ioctl+0x12f/0x1b0 [ 60.815727][ T19] __x64_sys_ioctl+0x7b/0x90 [ 60.820362][ T19] x64_sys_call+0x58b/0x9a0 [ 60.825426][ T19] do_syscall_64+0x4c/0xa0 [ 60.829891][ T19] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 60.835894][ T19] [ 60.838226][ T19] Last potentially related work creation: [ 60.843971][ T19] kasan_save_stack+0x3a/0x60 [ 60.848657][ T19] __kasan_record_aux_stack+0xb6/0xc0 [ 60.854045][ T19] kasan_record_aux_stack_noalloc+0xb/0x10 [ 60.859896][ T19] insert_work+0x51/0x300 [ 60.864241][ T19] __queue_work+0x9b1/0xd30 [ 60.868933][ T19] queue_work_on+0xd2/0x140 [ 60.873488][ T19] __hci_cmd_sync_sk+0xa3e/0xcf0 [ 60.878443][ T19] hci_cmd_sync_status+0x53/0x120 [ 60.883505][ T19] hci_dev_cmd+0x628/0x720 [ 60.887980][ T19] hci_sock_ioctl+0x41e/0x7f0 [ 60.892685][ T19] sock_do_ioctl+0x101/0x310 [ 60.897324][ T19] sock_ioctl+0x4d8/0x6e0 [ 60.901666][ T19] __se_sys_ioctl+0x12f/0x1b0 [ 60.906629][ T19] __x64_sys_ioctl+0x7b/0x90 [ 60.911255][ T19] x64_sys_call+0x58b/0x9a0 [ 60.915904][ T19] do_syscall_64+0x4c/0xa0 [ 60.920362][ T19] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 60.926366][ T19] [ 60.928872][ T19] Second to last potentially related work creation: [ 60.935553][ T19] kasan_save_stack+0x3a/0x60 [ 60.940365][ T19] __kasan_record_aux_stack+0xb6/0xc0 [ 60.946011][ T19] kasan_record_aux_stack_noalloc+0xb/0x10 [ 60.951985][ T19] insert_work+0x51/0x300 [ 60.956512][ T19] __queue_work+0x9b1/0xd30 [ 60.961396][ T19] queue_work_on+0xd2/0x140 [ 60.966039][ T19] hci_cmd_timeout+0x191/0x200 [ 60.970936][ T19] process_one_work+0x71f/0xc40 [ 60.975803][ T19] worker_thread+0xa29/0x11f0 [ 60.980593][ T19] kthread+0x281/0x320 [ 60.984768][ T19] ret_from_fork+0x1f/0x30 [ 60.989206][ T19] [ 60.991536][ T19] The buggy address belongs to the object at ffff888141e44000 [ 60.991536][ T19] which belongs to the cache kmalloc-8k of size 8192 [ 61.005947][ T19] The buggy address is located 2560 bytes inside of [ 61.005947][ T19] 8192-byte region [ffff888141e44000, ffff888141e46000) [ 61.019496][ T19] [ 61.021879][ T19] The buggy address belongs to the physical page: [ 61.028330][ T19] page:ffffea0005079000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x141e40 [ 61.038585][ T19] head:ffffea0005079000 order:3 compound_mapcount:0 compound_pincount:0 [ 61.046921][ T19] flags: 0x4000000000010200(slab|head|zone=1) [ 61.053026][ T19] raw: 4000000000010200 ffffea0004628c00 dead000000000005 ffff888100043500 [ 61.061666][ T19] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000 [ 61.070336][ T19] page dumped because: kasan: bad access detected [ 61.076761][ T19] page_owner tracks the page as allocated [ 61.082513][ T19] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 1174, tgid 1173 (syz.2.362), ts 40162086937, free_ts 39818244300 [ 61.105688][ T19] post_alloc_hook+0x1f5/0x210 [ 61.111404][ T19] prep_new_page+0x1c/0x110 [ 61.117815][ T19] get_page_from_freelist+0x2c7b/0x2cf0 [ 61.123659][ T19] __alloc_pages+0x19e/0x3a0 [ 61.128364][ T19] alloc_slab_page+0x6e/0xf0 [ 61.133009][ T19] new_slab+0x98/0x3d0 [ 61.137092][ T19] ___slab_alloc+0x6f6/0xb50 [ 61.141692][ T19] __slab_alloc+0x5e/0xa0 [ 61.146036][ T19] __kmem_cache_alloc_node+0x203/0x2c0 [ 61.151591][ T19] kmalloc_trace+0x29/0xb0 [ 61.156110][ T19] audit_log_d_path+0xc6/0x240 [ 61.160894][ T19] audit_log_d_path_exe+0x42/0x70 [ 61.165958][ T19] audit_log_task+0x205/0x2e0 [ 61.171018][ T19] audit_seccomp+0x7f/0x160 [ 61.175630][ T19] __seccomp_filter+0xacd/0x19d0 [ 61.180585][ T19] __secure_computing+0xea/0x290 [ 61.185721][ T19] page last free stack trace: [ 61.190393][ T19] free_unref_page_prepare+0x742/0x750 [ 61.195992][ T19] free_unref_page+0x8f/0x530 [ 61.200673][ T19] __free_pages+0x67/0x100 [ 61.205190][ T19] free_pages+0x82/0x90 [ 61.209632][ T19] packet_set_ring+0x1944/0x2470 [ 61.214590][ T19] packet_release+0x78e/0xcb0 [ 61.220005][ T19] sock_close+0xf1/0x290 [ 61.224377][ T19] __fput+0x1fc/0x8f0 [ 61.228381][ T19] ____fput+0x15/0x20 [ 61.232372][ T19] task_work_run+0x1db/0x240 [ 61.237002][ T19] exit_to_user_mode_loop+0x9b/0xb0 [ 61.242299][ T19] exit_to_user_mode_prepare+0x5a/0xa0 [ 61.247779][ T19] syscall_exit_to_user_mode+0x1a/0x30 [ 61.253388][ T19] do_syscall_64+0x58/0xa0 [ 61.258038][ T19] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 61.264064][ T19] [ 61.266412][ T19] Memory state around the buggy address: [ 61.272234][ T19] ffff888141e44900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.280320][ T19] ffff888141e44980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.288402][ T19] >ffff888141e44a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.297171][ T19] ^ [ 61.303183][ T19] ffff888141e44a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 61.315421][ T19] ffff888141e44b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 61.323679][ T19] ================================================================== [ 61.332868][ T19] Disabling lock debugging due to kernel taint [ 61.358682][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 61.368231][ T304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.488130][ C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 61.500424][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 61.509262][ C0] CPU: 0 PID: 2248 Comm: syz.5.825 Tainted: G B 6.1.138-syzkaller-00008-g74db64dcc8aa #0 [ 61.523006][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 61.533613][ C0] RIP: 0010:__queue_work+0x575/0xd30 [ 61.539435][ C0] Code: 39 2b 0f 84 b9 00 00 00 e8 f8 d2 28 00 4c 89 ff e8 50 c6 a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 0c 2b 6d 00 49 8b 7d 00 e8 33 c2 [ 61.562647][ C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046 [ 61.569272][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888118a2bcc0 [ 61.577878][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 61.586885][ C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007 [ 61.595029][ C0] R10: ffffed10283c8939 R11: 1ffff110283c8939 R12: dffffc0000000000 [ 61.603463][ C0] R13: 0000000000000000 R14: ffff888141e449c8 R15: 0000000000000008 [ 61.611734][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 61.620813][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 61.627697][ C0] CR2: 000056150866ab98 CR3: 0000000006e0f000 CR4: 00000000003506b0 [ 61.635698][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 61.643679][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 61.652126][ C0] Call Trace: [ 61.655427][ C0] [ 61.658287][ C0] delayed_work_timer_fn+0x61/0x80 [ 61.663517][ C0] ? __cfi_delayed_work_timer_fn+0x10/0x10 [ 61.669804][ C0] call_timer_fn+0x46/0x2a0 [ 61.674528][ C0] ? __cfi_delayed_work_timer_fn+0x10/0x10 [ 61.680890][ C0] __run_timers+0x667/0x9a0 [ 61.685455][ C0] ? calc_index+0x200/0x200 [ 61.690006][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 61.695330][ C0] run_timer_softirq+0x6a/0xf0 [ 61.700198][ C0] handle_softirqs+0x1d7/0x600 [ 61.704972][ C0] ? irqtime_account_irq+0xc4/0x240 [ 61.710204][ C0] __irq_exit_rcu+0x52/0xf0 [ 61.714765][ C0] irq_exit_rcu+0x9/0x10 [ 61.719059][ C0] sysvec_apic_timer_interrupt+0xa9/0xc0 [ 61.724715][ C0] [ 61.727656][ C0] [ 61.730598][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 61.736582][ C0] RIP: 0010:check_preemption_disabled+0x1/0x120 [ 61.742833][ C0] Code: 90 90 90 90 b8 25 e5 7d 83 55 48 89 e5 48 c7 c7 40 f6 a9 85 48 c7 c6 80 f6 a9 85 e8 09 00 00 00 5d c3 0f 1f 80 00 00 00 00 55 <48> 89 e5 41 57 41 56 41 54 53 48 83 ec 10 65 48 8b 04 25 28 00 00 [ 61.762482][ C0] RSP: 0018:ffffc900042cf380 EFLAGS: 00000202 [ 61.768651][ C0] RAX: 000000000000000d RBX: 0000000000000012 RCX: dffffc0000000000 [ 61.776760][ C0] RDX: ffffffffffffffff RSI: ffffffff858f2480 RDI: ffffffff85a9f6a0 [ 61.784765][ C0] RBP: ffffc900042cf390 R08: dffffc0000000000 R09: fffff94000951e5f [ 61.793016][ C0] R10: fffff94000951e5f R11: 1ffffd4000951e5e R12: 000000000003c74c [ 61.801100][ C0] R13: 0000000000000012 R14: ffffffffffffffff R15: ffffffffffffffff [ 61.809231][ C0] ? __this_cpu_preempt_check+0x13/0x20 [ 61.814822][ C0] __mod_node_page_state+0x61/0xd0 [ 61.819973][ C0] __mod_lruvec_page_state+0x183/0x200 [ 61.825461][ C0] ? page_remove_rmap+0x1ea/0x980 [ 61.830598][ C0] page_remove_rmap+0x6bf/0x980 [ 61.835563][ C0] ? __tlb_remove_page_size+0x120/0x300 [ 61.841682][ C0] ? vm_normal_page+0x99/0x200 [ 61.846659][ C0] unmap_page_range+0x120d/0x2310 [ 61.852143][ C0] ? __cfi_unmap_page_range+0x10/0x10 [ 61.857532][ C0] ? mas_find+0x155/0x370 [ 61.862143][ C0] unmap_vmas+0x31c/0x430 [ 61.866842][ C0] ? __cfi_unmap_vmas+0x10/0x10 [ 61.872148][ C0] ? __cfi_lru_add_drain_cpu+0x10/0x10 [ 61.878107][ C0] ? __kasan_check_write+0x14/0x20 [ 61.883605][ C0] exit_mmap+0x263/0xa40 [ 61.887872][ C0] ? __kasan_check_read+0x11/0x20 [ 61.893369][ C0] ? __cfi_exit_mmap+0x10/0x10 [ 61.898255][ C0] ? __cfi_exit_aio+0x10/0x10 [ 61.903059][ C0] ? uprobe_clear_state+0x2c1/0x320 [ 61.908269][ C0] __mmput+0x93/0x320 [ 61.912364][ C0] ? mmput+0x43/0x150 [ 61.916397][ C0] mmput+0x4b/0x150 [ 61.920238][ C0] do_exit+0x979/0x2650 [ 61.924420][ C0] ? __rcu_report_exp_rnp+0x177/0x1b0 [ 61.930020][ C0] ? __cfi_do_exit+0x10/0x10 [ 61.935594][ C0] ? __cfi____update_load_sum+0x10/0x10 [ 61.941202][ C0] ? __kasan_check_write+0x14/0x20 [ 61.946433][ C0] ? _raw_spin_lock_irq+0x8f/0xe0 [ 61.951477][ C0] ? __cfi__raw_spin_lock_irq+0x10/0x10 [ 61.957092][ C0] do_group_exit+0x210/0x2d0 [ 61.961788][ C0] ? __kasan_check_write+0x14/0x20 [ 61.967309][ C0] get_signal+0x13b5/0x1520 [ 61.972077][ C0] arch_do_signal_or_restart+0xb0/0x1030 [ 61.977732][ C0] ? __schedule+0xb8f/0x14e0 [ 61.982529][ C0] ? release_firmware_map_entry+0x194/0x194 [ 61.988458][ C0] ? __cfi_arch_do_signal_or_restart+0x10/0x10 [ 61.995257][ C0] ? __kasan_check_read+0x11/0x20 [ 62.000421][ C0] ? preempt_schedule_common+0xbe/0xf0 [ 62.006074][ C0] ? __kasan_check_write+0x14/0x20 [ 62.011573][ C0] ? recalc_sigpending+0x180/0x1c0 [ 62.016715][ C0] exit_to_user_mode_loop+0x7a/0xb0 [ 62.022373][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 62.027861][ C0] syscall_exit_to_user_mode+0x1a/0x30 [ 62.033361][ C0] ret_from_fork+0x15/0x30 [ 62.037830][ C0] RIP: 0033:0x7f6189dc3189 [ 62.042816][ C0] Code: Unable to access opcode bytes at 0x7f6189dc315f. [ 62.050456][ C0] RSP: 002b:00007f618ac531c0 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3 [ 62.058997][ C0] RAX: 0000000000000000 RBX: 00007f6189d45590 RCX: 00007f6189dc3189 [ 62.067062][ C0] RDX: 00007f6189d45590 RSI: 0000000000000058 RDI: 00007ffcfb2d09a0 [ 62.075260][ C0] RBP: 00007f618ac536c0 R08: 00007f618ac536c0 R09: 00007ffcfb2d0a87 [ 62.084673][ C0] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8 [ 62.093546][ C0] R13: 000000000000006e R14: 00007ffcfb2d09a0 R15: 00007ffcfb2d0a88 [ 62.102332][ C0] [ 62.106668][ C0] Modules linked in: [ 62.110598][ C0] ---[ end trace 0000000000000000 ]--- [ 62.117456][ C0] RIP: 0010:__queue_work+0x575/0xd30 [ 62.123155][ C0] Code: 39 2b 0f 84 b9 00 00 00 e8 f8 d2 28 00 4c 89 ff e8 50 c6 a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 0c 2b 6d 00 49 8b 7d 00 e8 33 c2 [ 62.143498][ C0] RSP: 0018:ffffc90000007c70 EFLAGS: 00010046 [ 62.149799][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff888118a2bcc0 [ 62.157858][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 62.166570][ C0] RBP: ffffc90000007d08 R08: fffffffffffffffb R09: 0000000000000007 [ 62.175108][ C0] R10: ffffed10283c8939 R11: 1ffff110283c8939 R12: dffffc0000000000 [ 62.183104][ C0] R13: 0000000000000000 R14: ffff888141e449c8 R15: 0000000000000008 [ 62.191221][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 62.200390][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 62.207075][ C0] CR2: 000056150866ab98 CR3: 0000000006e0f000 CR4: 00000000003506b0 [ 62.215240][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 62.223239][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 62.231406][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 62.239017][ C0] Kernel Offset: disabled [ 62.243425][ C0] Rebooting in 86400 seconds..