last executing test programs: 3.283509613s ago: executing program 1 (id=275): pipe(&(0x7f0000000180)) r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10) write$binfmt_misc(r0, &(0x7f0000000340), 0x2000011a) sendmmsg$sock(r0, &(0x7f00000212c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)="15", 0x1}], 0x1}}], 0x1, 0x40001) 3.151814073s ago: executing program 1 (id=278): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0xe, 0x141341) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@updpolicy={0xc0, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x8f47, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x4479d51f}, 0x0, 0x0, 0x1, 0x1, 0x2}, [@replay_thresh={0x8, 0xb, 0x6}]}, 0xc0}}, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='ext4_es_lookup_extent_enter\x00', r2}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00', r3}, 0x18) bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000140)='./file0\x00', 0x0, 0x8}, 0x9) r4 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000000000)={'lo\x00'}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r7}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r8, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) syz_emit_ethernet(0x0, 0x0, 0x0) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_emit_ethernet(0xbe, &(0x7f0000000100)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "f4cb985d33b16266b5efb88aaa87eda081bac8b2f9a49d564054f1c9218f47b3", "cf8743eb4d9e776f94a6a58d36e006ac614f6f7bce9217cbfea31675d4a860cf6003977b1e4dbb16dc31cc76522bf19d", "5043edd2a8cc8c41345f8feb1a7a8e23043b8a465b1ed5bf8bc91307", {"c7193f7edd1efc4742dc481e6f57f901", "948177bcc5dea4029ba4683a6bdcd7a1"}}}}}}}, 0x0) ioctl$USBDEVFS_IOCTL(r0, 0xc00c5512, &(0x7f0000000200)) ioctl$USBDEVFS_BULK(r0, 0xc0185502, &(0x7f00000001c0)={{{0x1, 0x1}}, 0xfffffca9, 0xfffffffc, 0x0}) 3.140818652s ago: executing program 1 (id=279): getpid() socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) getpid() r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0) socket(0x840000000002, 0x3, 0xff) r2 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r2, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r3, 0x80015b11, &(0x7f0000000040)) 2.732158911s ago: executing program 3 (id=281): capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7}) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x1abb01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) 2.731981831s ago: executing program 3 (id=282): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x24) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000080)) 2.731884371s ago: executing program 3 (id=283): mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f00000000c0)={'trans=virtio,', {[{@cache_fscache}, {@cachetag={'cachetag', 0x3d, 'overlay\x00'}}]}}) 2.716972051s ago: executing program 3 (id=284): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000440)={0x1, 0x0, [{0x80000000, 0x81, 0x8, 0xfffffffe, 0x2, 0xd663, 0x9}]}) 2.697680061s ago: executing program 3 (id=285): r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000480)=@broute={'broute\x00', 0x20, 0x1, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000180], 0x0, 0x0, &(0x7f0000000180)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x1, 0xfffffffffffffffc}]}, 0x108) 2.644087101s ago: executing program 3 (id=286): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000b00)={0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGVERSION(r1, 0x80044801, &(0x7f0000000000)) 2.39015053s ago: executing program 4 (id=287): iopl(0x3) getpriority(0x2, 0x0) 2.37598944s ago: executing program 4 (id=288): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x4000810) 2.36649575s ago: executing program 4 (id=289): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000150001030000407d000000000b0000006e0b"], 0x14}}, 0x0) 2.308058619s ago: executing program 4 (id=290): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x800000000000002, 0x0) sendto$inet6(r2, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0x2, 0x4e24, 0x0, @local}, 0x1c) 2.30775319s ago: executing program 4 (id=291): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xfe05a, 0x5000, 0x0, 0x0, 0xc}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) ioctl$NS_GET_OWNER_UID(r2, 0xc0046686, 0x0) 2.27503375s ago: executing program 4 (id=292): r0 = syz_usb_connect(0x5, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05044000000905830391"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000440)={0x24, &(0x7f0000000240)={0x20, 0xe, 0x14, "799218e10f5c6afc50d76ea1f4e8a1c2ae9a29ae"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_open_dev$evdev(&(0x7f00000001c0), 0x4, 0xc800) 1.047996115s ago: executing program 2 (id=304): r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000040), 0x10) listen(r0, 0x0) r1 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r1, &(0x7f0000000080), 0x10) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x1, 0x5}, 0x8) sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000c00)='_', 0x1}], 0x1}}], 0x1, 0x24008094) accept4$unix(r0, 0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r3, 0xffffffffffffffff, 0x0) 624.775323ms ago: executing program 0 (id=306): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="380000003d0007010000000000000000047c000008000880040008000c000180060006"], 0x38}}, 0xc000) 572.118073ms ago: executing program 0 (id=307): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x2) syz_emit_ethernet(0x52, &(0x7f0000000000)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x1c, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0x2, 0x7f, 0x0, 0x3, {[@fastopen={0x22, 0x5, "866a6f"}]}}}}}}}}, 0x0) 571.938262ms ago: executing program 0 (id=308): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x28, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000000}, 0x80) 571.566612ms ago: executing program 0 (id=309): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) writev(r1, &(0x7f0000001100)=[{&(0x7f0000000ac0)='FG', 0x2}], 0x1) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000200)=0x8, 0x4) 571.441423ms ago: executing program 0 (id=310): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_NESTED_STATE(r0, 0x4080aebf, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 475.662642ms ago: executing program 0 (id=311): syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x1, 0x4, 0x5, 0x0, 0x0, {0x7}}, 0x14}}, 0x2000004) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000040)=""/95) 236.274491ms ago: executing program 2 (id=312): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000745f0020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00d, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x23) 104.097291ms ago: executing program 2 (id=313): r0 = socket(0x10, 0x803, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x40, 0x0, 0xe670, 0x904f}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0) 103.929311ms ago: executing program 1 (id=314): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000feffffff850000007100000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 100.33924ms ago: executing program 1 (id=315): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0xba98575a95aeb710) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e0306003c5c980128846360"], 0xffdd) close_range(r0, 0xffffffffffffffff, 0x0) 63.10156ms ago: executing program 2 (id=316): open$dir(0x0, 0x0, 0x0) r0 = socket$inet6(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x7, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001100a7cc5a8100ae541d002007000000", @ANYRES32=r2, @ANYBLOB="00000a00100000801c001a80080002802d03fa0408000200f47b0c0d"], 0x44}, 0x1, 0x10000000}, 0x0) sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 46.648201ms ago: executing program 2 (id=317): mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r1 = dup(r0) bind$bt_l2cap(r1, &(0x7f0000000080), 0xe) 952.33µs ago: executing program 2 (id=318): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) fsetxattr$trusted_overlay_origin(r3, 0x0, 0x0, 0x0, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6) ioctl$HCIINQUIRY(r4, 0x800448f0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xb, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000019000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x2, 0x4) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000b00)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80, 0x2}, [@nested={0x8, 0x0, 0x0, 0x1, [@typed={0x4}]}, @generic="d7"]}, 0x20}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) ptrace(0x10, r2) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x5}]}], {0x14}}, 0x64}}, 0x0) ptrace$pokeuser(0x6, r2, 0x118, 0x89) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {}, {0x7, 0x0, 0xb, 0x7}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000061196c00000000009500080400000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) 0s ago: executing program 1 (id=319): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x58, 0x18, &(0x7f00000005c0)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x3c}, @fd={0x66642a85, 0x0, r3}, @flat=@weak_handle={0x77682a85, 0x1001}}, &(0x7f0000000200)={0x0, 0x28, 0x40}}, 0x1000}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000400)="07e21b4c679ad349a854c278df9cb3a5f9eeed7bf3f5c06fe473adcb4a726103e6ba5501971a8be0247f4f8d449ee0be07fb0c7f32a40fdcc81d94a2040c06bdc13977567e6bb39c40802b08db19dc75"}) 0s ago: executing program 1 (id=321): r0 = socket(0x10, 0x803, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x2, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x40, 0xffffffff, 0xe670, 0x904f}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.10.29' (ED25519) to the list of known hosts. [ 20.392999][ T30] audit: type=1400 audit(1736029102.653:66): avc: denied { integrity } for pid=278 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 20.416730][ T30] audit: type=1400 audit(1736029102.683:67): avc: denied { mounton } for pid=278 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 20.418128][ T278] cgroup: Unknown subsys name 'net' [ 20.439208][ T30] audit: type=1400 audit(1736029102.683:68): avc: denied { mount } for pid=278 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 20.466140][ T30] audit: type=1400 audit(1736029102.713:69): avc: denied { unmount } for pid=278 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 20.466310][ T278] cgroup: Unknown subsys name 'devices' [ 20.635619][ T278] cgroup: Unknown subsys name 'hugetlb' [ 20.641039][ T278] cgroup: Unknown subsys name 'rlimit' [ 20.841961][ T30] audit: type=1400 audit(1736029103.103:70): avc: denied { setattr } for pid=278 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 20.865080][ T30] audit: type=1400 audit(1736029103.103:71): avc: denied { mounton } for pid=278 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 20.889767][ T30] audit: type=1400 audit(1736029103.103:72): avc: denied { mount } for pid=278 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 20.897410][ T282] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). Setting up swapspace version 1, size = 127995904 bytes [ 20.921418][ T30] audit: type=1400 audit(1736029103.193:73): avc: denied { relabelto } for pid=282 comm="mkswap" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.947155][ T30] audit: type=1400 audit(1736029103.193:74): avc: denied { write } for pid=282 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.984783][ T30] audit: type=1400 audit(1736029103.253:75): avc: denied { read } for pid=278 comm="syz-executor" name="swap-file" dev="sda1" ino=1928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 21.010418][ T278] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 21.960391][ T290] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.967286][ T290] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.974716][ T290] device bridge_slave_0 entered promiscuous mode [ 21.982509][ T290] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.989532][ T290] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.996906][ T290] device bridge_slave_1 entered promiscuous mode [ 22.050167][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.057102][ T289] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.064343][ T289] device bridge_slave_0 entered promiscuous mode [ 22.084260][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.091125][ T289] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.098975][ T289] device bridge_slave_1 entered promiscuous mode [ 22.108640][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.115627][ T292] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.122771][ T292] device bridge_slave_0 entered promiscuous mode [ 22.142273][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.149149][ T292] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.156409][ T292] device bridge_slave_1 entered promiscuous mode [ 22.190816][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.197702][ T291] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.204999][ T291] device bridge_slave_0 entered promiscuous mode [ 22.212162][ T291] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.219074][ T291] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.226222][ T291] device bridge_slave_1 entered promiscuous mode [ 22.347654][ T293] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.354556][ T293] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.361707][ T293] device bridge_slave_0 entered promiscuous mode [ 22.380762][ T293] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.387660][ T293] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.394913][ T293] device bridge_slave_1 entered promiscuous mode [ 22.458981][ T291] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.465851][ T291] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.472982][ T291] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.479756][ T291] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.515421][ T289] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.522271][ T289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.529426][ T289] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.536273][ T289] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.557312][ T292] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.564175][ T292] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.571270][ T292] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.578089][ T292] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.597114][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.604369][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.611317][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.618477][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.625699][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.632712][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.640968][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 22.648373][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.675960][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 22.684521][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.692702][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.699582][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.706913][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 22.715294][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.723217][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.730221][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.738144][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 22.765777][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.774175][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.781983][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.790504][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.798939][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.805799][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.813120][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.821412][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.828277][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.854324][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.863432][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.871040][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.879525][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.886416][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.894036][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.901873][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.909945][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.916796][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.924336][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.934500][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.958967][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 22.966589][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 22.974055][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.984823][ T290] device veth0_vlan entered promiscuous mode [ 22.994691][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 23.002005][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 23.016437][ T289] device veth0_vlan entered promiscuous mode [ 23.024125][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 23.032154][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.040303][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 23.048446][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.056479][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.064320][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.092437][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.099855][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.107333][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 23.115678][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 23.123900][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.130739][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.138191][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 23.146412][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 23.154407][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.161416][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.168779][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 23.176064][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 23.183529][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 23.191524][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.199492][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 23.207429][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.215512][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.223710][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.231677][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.239812][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.247877][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 23.258555][ T289] device veth1_macvtap entered promiscuous mode [ 23.266586][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 23.274318][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 23.282823][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 23.291190][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 23.298188][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 23.306298][ T290] device veth1_macvtap entered promiscuous mode [ 23.317175][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 23.324707][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 23.332803][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 23.341115][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 23.348032][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 23.355274][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.363381][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.390502][ T293] device veth0_vlan entered promiscuous mode [ 23.399784][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.408267][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.416606][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.424884][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.432968][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.441361][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.449654][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 23.457978][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.466263][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 23.474490][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.482663][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.490787][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.498816][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.506605][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.514647][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.521930][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.529471][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 23.536766][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 23.554939][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.563406][ T290] request_module fs-gadgetfs succeeded, but still no fs? [ 23.564628][ T291] device veth0_vlan entered promiscuous mode [ 23.591384][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.606513][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.615854][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 23.623843][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 23.631940][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 23.641313][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 23.652212][ T293] device veth1_macvtap entered promiscuous mode [ 23.726452][ T291] device veth1_macvtap entered promiscuous mode [ 23.737330][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 23.746066][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.755300][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.914819][ T321] loop0: detected capacity change from 0 to 128 [ 23.924790][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.964363][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.979500][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 24.025538][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 24.078988][ T292] device veth0_vlan entered promiscuous mode [ 24.164521][ T292] device veth1_macvtap entered promiscuous mode [ 24.988702][ T321] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 25.000109][ T321] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 25.495165][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 25.503002][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.544859][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 25.552953][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.561100][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 25.568863][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.577948][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.586635][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.595204][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.603428][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.612102][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.620633][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.629235][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.681615][ T30] kauditd_printk_skb: 36 callbacks suppressed [ 25.681630][ T30] audit: type=1400 audit(1736029107.943:112): avc: denied { mounton } for pid=292 comm="syz-executor" path="/root/syzkaller.yEBrKH/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 25.716883][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 25.754726][ T311] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 25.762978][ T30] audit: type=1400 audit(1736029107.983:113): avc: denied { mount } for pid=292 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 25.933168][ T334] loop3: detected capacity change from 0 to 128 [ 25.982067][ T30] audit: type=1400 audit(1736029107.983:114): avc: denied { mounton } for pid=292 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=514 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 26.166591][ T334] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 26.177508][ T334] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 26.839038][ T30] audit: type=1400 audit(1736029108.143:115): avc: denied { ioctl } for pid=318 comm="syz.1.2" path="socket:[16431]" dev="sockfs" ino=16431 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 26.878808][ T30] audit: type=1400 audit(1736029108.233:116): avc: denied { name_bind } for pid=318 comm="syz.1.2" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 26.881464][ T341] loop4: detected capacity change from 0 to 512 [ 26.907981][ T30] audit: type=1400 audit(1736029108.233:117): avc: denied { node_bind } for pid=318 comm="syz.1.2" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 27.227146][ T30] audit: type=1400 audit(1736029109.213:118): avc: denied { write } for pid=338 comm="syz.0.6" name="001" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 27.576158][ T30] audit: type=1326 audit(1736029109.573:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=343 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 27.602448][ T351] loop0: detected capacity change from 0 to 512 [ 27.609060][ T30] audit: type=1326 audit(1736029109.573:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=343 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 27.650916][ T30] audit: type=1326 audit(1736029109.583:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=343 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 27.735590][ T341] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 27.832234][ T341] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 27.874895][ T351] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 27.896153][ T341] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 27.905556][ T351] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 27.912576][ T341] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 27.921697][ T341] EXT4-fs (loop4): 1 truncate cleaned up [ 27.927830][ T341] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 28.016412][ T365] loop1: detected capacity change from 0 to 128 [ 28.069477][ T351] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 28.153681][ T351] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 28.196293][ T365] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 28.207143][ T365] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 28.371339][ T366] loop2: detected capacity change from 0 to 2048 [ 28.380814][ T351] EXT4-fs (loop0): 1 truncate cleaned up [ 28.411036][ T351] EXT4-fs (loop0): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 28.486108][ T368] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 29.963932][ T341] syz.4.5 (341) used greatest stack depth: 21176 bytes left [ 30.034882][ T371] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 30.116910][ T366] EXT4-fs (loop2): Mount option "norecovery" incompatible with ext2 [ 30.169027][ T378] loop1: detected capacity change from 0 to 256 [ 31.681481][ T378] FAT-fs (loop1): bogus number of FAT sectors [ 31.693758][ T30] kauditd_printk_skb: 39 callbacks suppressed [ 31.693800][ T30] audit: type=1400 audit(1736029113.893:161): avc: denied { create } for pid=364 comm="syz.2.9" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 32.308373][ T378] FAT-fs (loop1): Can't find a valid FAT filesystem [ 32.410698][ T390] loop4: detected capacity change from 0 to 256 [ 32.558799][ T393] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 32.575351][ T30] audit: type=1400 audit(1736029114.843:162): avc: denied { write } for pid=387 comm="syz.3.25" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 32.657168][ T390] FAT-fs (loop4): bogus number of FAT sectors [ 32.784660][ T390] FAT-fs (loop4): Can't find a valid FAT filesystem [ 32.951636][ T30] audit: type=1400 audit(1736029115.163:163): avc: denied { bind } for pid=377 comm="syz.1.10" lport=9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 33.050742][ T30] audit: type=1400 audit(1736029115.173:164): avc: denied { write } for pid=377 comm="syz.1.10" lport=9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 33.072514][ T30] audit: type=1400 audit(1736029115.203:165): avc: denied { write } for pid=396 comm="syz.2.15" name="event2" dev="devtmpfs" ino=266 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 33.127270][ T30] audit: type=1400 audit(1736029115.203:166): avc: denied { open } for pid=396 comm="syz.2.15" path="/dev/input/event2" dev="devtmpfs" ino=266 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 33.566223][ T30] audit: type=1326 audit(1736029115.833:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=400 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 33.647939][ T30] audit: type=1326 audit(1736029115.833:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=400 comm="syz.0.13" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 33.787202][ T412] loop3: detected capacity change from 0 to 128 [ 33.938538][ T30] audit: type=1326 audit(1736029116.123:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=406 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 34.095024][ T412] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 34.105848][ T412] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 34.227494][ T30] audit: type=1326 audit(1736029116.123:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=406 comm="syz.2.18" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 35.150171][ T409] sched: RT throttling activated [ 35.222465][ T427] loop0: detected capacity change from 0 to 256 [ 35.643940][ T427] FAT-fs (loop0): bogus number of FAT sectors [ 35.675571][ T427] FAT-fs (loop0): Can't find a valid FAT filesystem [ 36.983629][ T447] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 37.754623][ T453] loop1: detected capacity change from 0 to 512 [ 38.098231][ T453] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 38.105869][ T453] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 38.115155][ T453] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 38.161303][ T453] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 38.170036][ T453] EXT4-fs (loop1): 1 truncate cleaned up [ 40.111129][ T30] kauditd_printk_skb: 63 callbacks suppressed [ 40.159741][ T453] EXT4-fs (loop1): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 40.174475][ T30] audit: type=1326 audit(1736029121.523:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 40.214331][ T30] audit: type=1326 audit(1736029121.523:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 40.245318][ T470] loop0: detected capacity change from 0 to 128 [ 40.373148][ T30] audit: type=1326 audit(1736029121.523:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 40.565603][ T470] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 40.576393][ T470] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 40.716023][ T477] loop3: detected capacity change from 0 to 256 [ 41.174192][ T30] audit: type=1326 audit(1736029121.523:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 41.220862][ T477] FAT-fs (loop3): bogus number of FAT sectors [ 41.235178][ T477] FAT-fs (loop3): Can't find a valid FAT filesystem [ 41.301986][ T30] audit: type=1326 audit(1736029121.523:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 41.428201][ T30] audit: type=1326 audit(1736029121.523:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 41.476896][ T482] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 41.484048][ T30] audit: type=1326 audit(1736029121.523:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 41.534007][ T30] audit: type=1326 audit(1736029121.523:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 41.556986][ T30] audit: type=1326 audit(1736029121.523:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 41.579948][ T30] audit: type=1326 audit(1736029121.523:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=459 comm="syz.3.32" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabe80bcd29 code=0x7ffc0000 [ 41.773585][ T336] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 43.755823][ T336] usb 2-1: Using ep0 maxpacket: 16 [ 43.853603][ T336] usb 2-1: device descriptor read/all, error -71 [ 45.133563][ T30] kauditd_printk_skb: 83 callbacks suppressed [ 45.133580][ T30] audit: type=1400 audit(1736029127.393:327): avc: denied { create } for pid=511 comm="syz.1.41" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 45.460624][ T506] loop0: detected capacity change from 0 to 128 [ 45.905245][ T506] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 46.030900][ T30] audit: type=1400 audit(1736029127.423:328): avc: denied { read } for pid=511 comm="syz.1.41" name="binder1" dev="binder" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 46.115841][ T506] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 46.134383][ T30] audit: type=1400 audit(1736029127.423:329): avc: denied { open } for pid=511 comm="syz.1.41" path="/dev/binderfs/binder1" dev="binder" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 46.655935][ T523] loop3: detected capacity change from 0 to 256 [ 46.714227][ T523] FAT-fs (loop3): bogus number of FAT sectors [ 46.723602][ T523] FAT-fs (loop3): Can't find a valid FAT filesystem [ 47.463680][ T30] audit: type=1326 audit(1736029129.653:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 47.843500][ T30] audit: type=1326 audit(1736029129.653:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 47.941144][ T542] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 48.017670][ T30] audit: type=1326 audit(1736029129.653:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 49.658082][ T30] audit: type=1326 audit(1736029129.653:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 50.645464][ T30] audit: type=1326 audit(1736029129.653:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 50.669212][ T30] audit: type=1326 audit(1736029129.653:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 50.710757][ T30] audit: type=1326 audit(1736029129.653:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 52.021104][ T30] audit: type=1326 audit(1736029129.653:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 52.044253][ T30] audit: type=1326 audit(1736029129.653:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 52.864630][ T568] loop4: detected capacity change from 0 to 128 [ 53.632865][ T571] loop2: detected capacity change from 0 to 128 [ 53.815714][ T571] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 53.826618][ T571] ext4 filesystem being mounted at /13/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 53.843763][ T568] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 53.854235][ T568] ext4 filesystem being mounted at /9/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 54.121420][ T30] audit: type=1326 audit(1736029129.653:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 55.235649][ T30] audit: type=1326 audit(1736029129.653:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 55.279463][ T584] 9pnet: Insufficient options for proto=fd [ 55.351047][ T30] audit: type=1326 audit(1736029129.653:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 55.375596][ T30] audit: type=1326 audit(1736029129.653:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 55.399200][ T30] audit: type=1326 audit(1736029129.653:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=529 comm="syz.0.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 56.944669][ T604] loop1: detected capacity change from 0 to 128 [ 56.951601][ T30] kauditd_printk_skb: 59 callbacks suppressed [ 56.951704][ T30] audit: type=1326 audit(1736029138.593:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 57.214560][ T604] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 57.225405][ T604] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 57.926833][ T30] audit: type=1326 audit(1736029138.593:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 57.950528][ T30] audit: type=1326 audit(1736029138.593:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 57.983732][ T30] audit: type=1326 audit(1736029138.593:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 59.244199][ T30] audit: type=1326 audit(1736029138.593:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 59.349323][ T30] audit: type=1326 audit(1736029138.593:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 59.372299][ T30] audit: type=1326 audit(1736029138.593:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 59.395756][ T30] audit: type=1326 audit(1736029138.593:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 59.419185][ T30] audit: type=1326 audit(1736029138.593:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 60.282865][ T30] audit: type=1326 audit(1736029138.593:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=597 comm="syz.2.63" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 60.371215][ T632] loop2: detected capacity change from 0 to 512 [ 60.779622][ T632] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 60.802884][ T638] loop4: detected capacity change from 0 to 512 [ 60.813623][ T632] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 60.845256][ T632] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 60.871193][ T632] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 60.887123][ T632] EXT4-fs (loop2): 1 truncate cleaned up [ 60.895599][ T638] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 60.895828][ T632] EXT4-fs (loop2): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 60.935413][ T638] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 61.061008][ T638] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 61.068950][ T638] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 61.083768][ T638] EXT4-fs (loop4): 1 truncate cleaned up [ 61.132602][ T638] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 61.159839][ T650] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 61.984902][ T30] kauditd_printk_skb: 107 callbacks suppressed [ 61.984918][ T30] audit: type=1326 audit(1736029143.893:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.140505][ T625] loop3: detected capacity change from 0 to 40427 [ 62.466811][ T659] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 62.506676][ T30] audit: type=1326 audit(1736029143.893:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.530127][ T30] audit: type=1326 audit(1736029143.893:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.556741][ T660] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 62.593662][ T30] audit: type=1326 audit(1736029143.893:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.631496][ T30] audit: type=1326 audit(1736029143.893:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.654912][ T30] audit: type=1326 audit(1736029143.893:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.680570][ T663] loop3: detected capacity change from 0 to 512 [ 62.697190][ T30] audit: type=1326 audit(1736029143.893:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.743619][ T30] audit: type=1326 audit(1736029143.893:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.763613][ T26] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 62.768397][ T30] audit: type=1326 audit(1736029143.893:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.777092][ T665] 9pnet: Insufficient options for proto=fd [ 62.797057][ T30] audit: type=1326 audit(1736029143.893:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=645 comm="syz.1.74" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 62.804587][ T663] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 62.838264][ T663] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 62.847688][ T663] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 62.861549][ T663] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 62.870148][ T663] EXT4-fs (loop3): 1 truncate cleaned up [ 62.876390][ T663] EXT4-fs (loop3): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 62.896849][ T39] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 63.022706][ T672] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 63.093619][ T26] usb 3-1: Using ep0 maxpacket: 16 [ 63.163692][ T39] usb 5-1: Using ep0 maxpacket: 16 [ 63.413659][ T26] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.424685][ T26] usb 3-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 63.434237][ T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.444065][ T26] usb 3-1: config 0 descriptor?? [ 63.503699][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.523410][ T39] usb 5-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 63.533642][ T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.542542][ T39] usb 5-1: config 0 descriptor?? [ 63.614650][ T26] usbhid 3-1:0.0: can't add hid device: -71 [ 63.622811][ T26] usbhid: probe of 3-1:0.0 failed with error -71 [ 63.633636][ T359] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 63.739677][ T26] usb 3-1: USB disconnect, device number 2 [ 64.913598][ T359] usb 4-1: Using ep0 maxpacket: 16 [ 65.033666][ T359] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 65.062605][ T359] usb 4-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 65.081939][ T359] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.104122][ T359] usb 4-1: config 0 descriptor?? [ 65.173603][ T39] usbhid 5-1:0.0: can't add hid device: -71 [ 65.179508][ T39] usbhid: probe of 5-1:0.0 failed with error -71 [ 65.194431][ T39] usb 5-1: USB disconnect, device number 3 [ 66.265402][ T693] loop0: detected capacity change from 0 to 40427 [ 66.383647][ T359] usbhid 4-1:0.0: can't add hid device: -71 [ 66.398001][ T359] usbhid: probe of 4-1:0.0 failed with error -71 [ 66.406491][ T359] usb 4-1: USB disconnect, device number 2 [ 66.418185][ T693] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 66.431504][ T693] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 66.486177][ T693] F2FS-fs (loop0): invalid crc value [ 66.544503][ T693] F2FS-fs (loop0): Found nat_bits in checkpoint [ 66.653115][ T693] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 66.664084][ T693] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 67.714576][ T30] kauditd_printk_skb: 140 callbacks suppressed [ 67.714597][ T30] audit: type=1400 audit(1736029149.863:670): avc: denied { write } for pid=692 comm="syz.0.84" name="/" dev="loop0" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 68.203677][ T30] audit: type=1400 audit(1736029149.863:671): avc: denied { add_name } for pid=692 comm="syz.0.84" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 68.233780][ T30] audit: type=1400 audit(1736029149.863:672): avc: denied { create } for pid=692 comm="syz.0.84" name="cgroup.controllers" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 68.288787][ T30] audit: type=1400 audit(1736029150.023:673): avc: denied { read append open } for pid=692 comm="syz.0.84" path="/17/file0/cgroup.controllers" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 70.339930][ T743] loop2: detected capacity change from 0 to 40427 [ 70.476967][ T743] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 70.493625][ T743] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 70.507874][ T743] F2FS-fs (loop2): invalid crc value [ 71.313596][ T30] audit: type=1326 audit(1736029153.573:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=751 comm="syz.4.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 71.343825][ T743] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-12) [ 71.419318][ T30] audit: type=1326 audit(1736029153.573:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=751 comm="syz.4.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 71.608529][ T770] loop1: detected capacity change from 0 to 128 [ 71.620247][ T30] audit: type=1326 audit(1736029153.573:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=751 comm="syz.4.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 71.687092][ T771] loop0: detected capacity change from 0 to 128 [ 71.717112][ T30] audit: type=1326 audit(1736029153.573:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=751 comm="syz.4.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 72.012722][ T771] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 72.023638][ T771] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 72.082929][ T770] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 72.391365][ T776] loop2: detected capacity change from 0 to 512 [ 72.403894][ T30] audit: type=1326 audit(1736029153.573:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=751 comm="syz.4.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 72.445900][ T770] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 72.499672][ T30] audit: type=1326 audit(1736029153.573:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=751 comm="syz.4.98" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 72.528121][ T776] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 72.545650][ T776] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 72.571931][ T776] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 72.617413][ T776] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 72.644122][ T776] EXT4-fs (loop2): 1 truncate cleaned up [ 72.659937][ T776] EXT4-fs (loop2): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 72.787850][ T783] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 72.896783][ T787] loop4: detected capacity change from 0 to 512 [ 72.934287][ T787] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 72.941433][ T787] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 72.975302][ T787] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 72.993291][ T787] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 73.012081][ T787] EXT4-fs (loop4): 1 truncate cleaned up [ 73.014411][ T780] loop3: detected capacity change from 0 to 40427 [ 73.021701][ T787] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 73.097675][ T780] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 73.113079][ T780] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 73.121550][ T789] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 73.133630][ T372] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 73.143110][ T780] F2FS-fs (loop3): invalid crc value [ 73.155076][ T780] F2FS-fs (loop3): Found nat_bits in checkpoint [ 73.200588][ T780] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 73.207558][ T780] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 73.373571][ T372] usb 3-1: Using ep0 maxpacket: 16 [ 73.416443][ T359] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 73.461777][ T30] kauditd_printk_skb: 18 callbacks suppressed [ 73.461806][ T30] audit: type=1400 audit(1736029155.723:698): avc: denied { mounton } for pid=779 comm="syz.3.104" path="/20/file0" dev="loop3" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 73.503901][ T372] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.536099][ T372] usb 3-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 73.577547][ T372] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.731806][ T372] usb 3-1: config 0 descriptor?? [ 73.853575][ T359] usb 5-1: Using ep0 maxpacket: 16 [ 74.708225][ T808] 9pnet: Insufficient options for proto=fd [ 74.797485][ T811] loop1: detected capacity change from 0 to 128 [ 74.923048][ T372] hid (null): invalid report_size 20446 [ 74.945853][ T814] loop3: detected capacity change from 0 to 256 [ 74.952313][ T372] hid (null): usage index exceeded [ 74.964537][ T811] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 74.975529][ T811] ext4 filesystem being mounted at /20/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 75.690452][ T30] audit: type=1400 audit(1736029157.393:699): avc: denied { create } for pid=775 comm="syz.2.100" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 75.727248][ T372] hid-generic 0003:05AC:029A.0001: unknown main item tag 0x6 [ 75.737588][ T814] FAT-fs (loop3): bogus number of FAT sectors [ 75.743490][ T814] FAT-fs (loop3): Can't find a valid FAT filesystem [ 75.779419][ T372] hid-generic 0003:05AC:029A.0001: ignoring exceeding usage max [ 75.805173][ T372] hid-generic 0003:05AC:029A.0001: invalid report_size 20446 [ 75.831298][ T372] hid-generic 0003:05AC:029A.0001: item 0 2 1 7 parsing failed [ 77.123789][ T372] hid-generic: probe of 0003:05AC:029A.0001 failed with error -22 [ 77.133579][ T359] usb 5-1: unable to read config index 0 descriptor/all [ 77.140358][ T359] usb 5-1: can't read configurations, error -71 [ 77.188907][ T385] usb 3-1: USB disconnect, device number 3 [ 77.546843][ T831] loop4: detected capacity change from 0 to 128 [ 78.725203][ T832] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 80.783755][ T833] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 82.699836][ T842] loop3: detected capacity change from 0 to 40427 [ 84.989341][ T30] audit: type=1326 audit(1736029166.243:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 85.026906][ T842] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 85.065254][ T30] audit: type=1326 audit(1736029166.243:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 85.094431][ T865] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 85.109527][ T842] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 86.391292][ T867] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 86.400226][ T867] Zero length message leads to an empty skb [ 87.158056][ T868] 9pnet: Insufficient options for proto=fd [ 87.181519][ T842] F2FS-fs (loop3): invalid crc value [ 87.305985][ T30] audit: type=1326 audit(1736029166.243:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 87.712888][ T842] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12) [ 87.747196][ T30] audit: type=1326 audit(1736029166.243:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 87.773066][ T30] audit: type=1326 audit(1736029166.243:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 87.797524][ T30] audit: type=1326 audit(1736029166.243:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 87.820916][ T30] audit: type=1326 audit(1736029166.243:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 87.885475][ T30] audit: type=1326 audit(1736029166.243:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 87.908798][ T30] audit: type=1326 audit(1736029166.243:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 89.741004][ T30] audit: type=1326 audit(1736029166.243:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=849 comm="syz.2.122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6b6ed95d29 code=0x7ffc0000 [ 89.852336][ T894] loop2: detected capacity change from 0 to 256 [ 89.861455][ T893] loop0: detected capacity change from 0 to 512 [ 89.870048][ T896] 9pnet: Insufficient options for proto=fd [ 89.878583][ T894] FAT-fs (loop2): bogus number of FAT sectors [ 89.890422][ T894] FAT-fs (loop2): Can't find a valid FAT filesystem [ 89.919456][ T898] loop3: detected capacity change from 0 to 512 [ 89.941342][ T893] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 89.963698][ T898] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 89.970847][ T898] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 90.018619][ T893] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 90.061013][ T898] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 90.069332][ T893] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 90.077250][ T898] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 90.083628][ T893] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 90.093261][ T30] kauditd_printk_skb: 65 callbacks suppressed [ 90.093276][ T30] audit: type=1400 audit(1736029172.353:775): avc: denied { remove_name } for pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 90.094772][ T893] EXT4-fs (loop0): 1 truncate cleaned up [ 90.099333][ T30] audit: type=1400 audit(1736029172.353:776): avc: denied { rename } for pid=83 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 90.122187][ T898] EXT4-fs (loop3): 1 truncate cleaned up [ 90.127005][ T30] audit: type=1400 audit(1736029172.353:777): avc: denied { create } for pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 90.166428][ T893] EXT4-fs (loop0): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 90.174690][ T898] EXT4-fs (loop3): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 90.248158][ T30] audit: type=1400 audit(1736029172.353:778): avc: denied { append open } for pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 90.283655][ T30] audit: type=1400 audit(1736029172.353:779): avc: denied { getattr } for pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 90.508878][ T909] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 90.640897][ T910] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 90.765617][ T914] loop1: detected capacity change from 0 to 512 [ 90.886431][ T914] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 90.921951][ T914] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 90.932266][ T890] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 90.993618][ T60] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 91.007183][ T914] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 91.020956][ T914] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 91.031451][ T914] EXT4-fs (loop1): 1 truncate cleaned up [ 91.037234][ T914] EXT4-fs (loop1): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 91.162878][ T925] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 91.261947][ T30] audit: type=1326 audit(1736029173.473:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=922 comm="syz.4.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 91.262047][ T890] usb 1-1: Using ep0 maxpacket: 16 [ 91.290650][ T60] usb 4-1: Using ep0 maxpacket: 16 [ 91.299463][ T30] audit: type=1326 audit(1736029173.473:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=922 comm="syz.4.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 91.323330][ T30] audit: type=1326 audit(1736029173.473:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=922 comm="syz.4.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 91.347090][ T30] audit: type=1326 audit(1736029173.473:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=922 comm="syz.4.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 91.370862][ T30] audit: type=1326 audit(1736029173.473:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=922 comm="syz.4.138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 91.423817][ T890] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.434783][ T890] usb 1-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 91.443918][ T309] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 91.451468][ T890] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.463406][ T890] usb 1-1: config 0 descriptor?? [ 91.463631][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.480429][ T60] usb 4-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 91.489964][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.513100][ T60] usb 4-1: config 0 descriptor?? [ 91.693648][ T309] usb 2-1: Using ep0 maxpacket: 16 [ 91.884696][ T309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.896061][ T309] usb 2-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 91.905384][ T309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.926847][ T309] usb 2-1: config 0 descriptor?? [ 92.107928][ T60] hid (null): invalid report_size 20446 [ 92.114396][ T60] hid (null): usage index exceeded [ 92.137697][ T60] hid-generic 0003:05AC:029A.0002: unknown main item tag 0x6 [ 92.161618][ T60] hid-generic 0003:05AC:029A.0002: ignoring exceeding usage max [ 92.202109][ T60] hid-generic 0003:05AC:029A.0002: invalid report_size 20446 [ 92.209835][ T60] hid-generic 0003:05AC:029A.0002: item 0 2 1 7 parsing failed [ 92.220337][ T60] hid-generic: probe of 0003:05AC:029A.0002 failed with error -22 [ 92.305012][ T930] loop2: detected capacity change from 0 to 40427 [ 92.313796][ T890] usbhid 1-1:0.0: can't add hid device: -71 [ 92.319568][ T890] usbhid: probe of 1-1:0.0 failed with error -71 [ 92.326956][ T890] usb 1-1: USB disconnect, device number 3 [ 92.552941][ T309] hid (null): invalid report_size 20446 [ 92.565492][ T309] hid (null): usage index exceeded [ 92.620774][ T309] hid-generic 0003:05AC:029A.0003: unknown main item tag 0x6 [ 92.654925][ T930] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 92.704720][ T930] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 92.783706][ T309] hid-generic 0003:05AC:029A.0003: ignoring exceeding usage max [ 92.785268][ T930] F2FS-fs (loop2): invalid crc value [ 92.798016][ T309] hid-generic 0003:05AC:029A.0003: invalid report_size 20446 [ 92.805874][ T60] usb 4-1: USB disconnect, device number 3 [ 92.819587][ T930] F2FS-fs (loop2): Found nat_bits in checkpoint [ 92.826856][ T309] hid-generic 0003:05AC:029A.0003: item 0 2 1 7 parsing failed [ 92.854930][ T309] hid-generic: probe of 0003:05AC:029A.0003 failed with error -22 [ 92.894050][ T930] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 92.901057][ T930] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 92.925432][ T944] 9pnet: Insufficient options for proto=fd [ 93.014290][ T309] usb 2-1: USB disconnect, device number 4 [ 93.227469][ T952] loop4: detected capacity change from 0 to 512 [ 93.250335][ T952] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 93.257800][ T952] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 93.272895][ T952] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 93.281167][ T952] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 93.290000][ T952] EXT4-fs (loop4): 1 truncate cleaned up [ 93.295944][ T952] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 93.398891][ T954] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 93.481516][ T956] loop2: detected capacity change from 0 to 256 [ 93.501901][ T956] FAT-fs (loop2): bogus number of FAT sectors [ 93.508344][ T956] FAT-fs (loop2): Can't find a valid FAT filesystem [ 93.533355][ T958] loop3: detected capacity change from 0 to 512 [ 93.574449][ T958] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 93.592940][ T958] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 93.601440][ T958] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 93.609456][ T958] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 93.618289][ T958] EXT4-fs (loop3): 1 truncate cleaned up [ 93.623846][ T958] EXT4-fs (loop3): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 93.735808][ T961] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 95.850667][ T974] loop2: detected capacity change from 0 to 512 [ 95.864791][ T974] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 95.871941][ T974] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 95.883492][ T974] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 95.947620][ T981] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 96.016019][ T974] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 96.032169][ T974] EXT4-fs (loop2): 1 truncate cleaned up [ 96.039041][ T974] EXT4-fs (loop2): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 97.809897][ T986] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 97.951738][ T359] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 98.068731][ T992] loop1: detected capacity change from 0 to 128 [ 98.113938][ T309] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 98.200832][ T994] loop0: detected capacity change from 0 to 128 [ 98.332662][ T994] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 98.343565][ T994] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 98.417199][ T309] usb 3-1: Using ep0 maxpacket: 16 [ 98.435518][ T992] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 98.543846][ T309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 98.625644][ T309] usb 3-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 98.665872][ T992] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 98.729663][ T309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.152043][ T309] usb 3-1: config 0 descriptor?? [ 99.173687][ T309] usb 3-1: can't set config #0, error -71 [ 99.200463][ T309] usb 3-1: USB disconnect, device number 4 [ 99.735172][ T1004] loop3: detected capacity change from 0 to 512 [ 99.760427][ T993] loop4: detected capacity change from 0 to 40427 [ 99.773975][ T1004] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 99.791335][ T1004] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 99.818634][ T1004] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 99.828244][ T993] F2FS-fs (loop4): invalid crc value [ 99.839385][ T993] F2FS-fs (loop4): Found nat_bits in checkpoint [ 99.853632][ T1004] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 99.863288][ T1004] EXT4-fs (loop3): 1 truncate cleaned up [ 99.899546][ T1004] EXT4-fs (loop3): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 99.972743][ T993] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 100.080969][ T1005] loop0: detected capacity change from 0 to 40427 [ 100.131570][ T1012] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 100.139316][ T1005] F2FS-fs (loop0): invalid crc value [ 100.173305][ T1005] F2FS-fs (loop0): Found nat_bits in checkpoint [ 100.253838][ T30] kauditd_printk_skb: 59 callbacks suppressed [ 100.253854][ T30] audit: type=1400 audit(1736029182.523:844): avc: denied { map } for pid=991 comm="syz.4.151" path="/28/file1/memory.events.local" dev="loop4" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 100.254739][ T991] attempt to access beyond end of device [ 100.254739][ T991] loop4: rw=10241, want=45104, limit=40427 [ 100.259771][ T30] audit: type=1400 audit(1736029182.523:845): avc: denied { write } for pid=991 comm="syz.4.151" path="/28/file1/memory.events.local" dev="loop4" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 100.318047][ T1005] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 100.365060][ T292] attempt to access beyond end of device [ 100.365060][ T292] loop4: rw=2049, want=45112, limit=40427 [ 100.463544][ T359] usb 4-1: device descriptor read/64, error -71 [ 100.538818][ T1020] loop2: detected capacity change from 0 to 40427 [ 100.546499][ T1002] attempt to access beyond end of device [ 100.546499][ T1002] loop0: rw=10241, want=45104, limit=40427 [ 100.562225][ T1020] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 100.576716][ T1020] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 100.588682][ T290] attempt to access beyond end of device [ 100.588682][ T290] loop0: rw=2049, want=45112, limit=40427 [ 100.588767][ T1020] F2FS-fs (loop2): invalid crc value [ 100.655387][ T1020] F2FS-fs (loop2): Found nat_bits in checkpoint [ 100.709336][ T1028] 9pnet: Insufficient options for proto=fd [ 100.760811][ T1020] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 100.767913][ T1020] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 101.456294][ T359] usb 4-1: Using ep0 maxpacket: 16 [ 102.402870][ T30] audit: type=1326 audit(1736029183.873:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1040 comm="syz.4.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 102.462433][ T30] audit: type=1326 audit(1736029183.873:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1040 comm="syz.4.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 102.485877][ T30] audit: type=1326 audit(1736029183.903:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1040 comm="syz.4.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 102.509101][ T30] audit: type=1326 audit(1736029183.903:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1040 comm="syz.4.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 102.515708][ T359] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 102.579115][ T30] audit: type=1326 audit(1736029183.903:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1040 comm="syz.4.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 102.622686][ T359] usb 4-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 102.632003][ T359] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.645683][ T359] usb 4-1: config 0 descriptor?? [ 102.655633][ T30] audit: type=1326 audit(1736029183.923:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1040 comm="syz.4.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 102.678927][ T359] usb 4-1: can't set config #0, error -71 [ 102.792064][ T30] audit: type=1326 audit(1736029183.923:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1040 comm="syz.4.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 103.736014][ T30] audit: type=1326 audit(1736029183.923:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1040 comm="syz.4.162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 103.765049][ T359] usb 4-1: USB disconnect, device number 4 [ 103.782776][ T1034] loop0: detected capacity change from 0 to 40427 [ 105.593643][ T30] kauditd_printk_skb: 65 callbacks suppressed [ 105.593665][ T30] audit: type=1326 audit(1736029187.653:919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 105.830948][ T30] audit: type=1326 audit(1736029187.653:920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 105.908141][ T30] audit: type=1326 audit(1736029187.823:921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 105.973417][ T30] audit: type=1326 audit(1736029187.823:922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 108.889334][ T30] audit: type=1326 audit(1736029187.823:923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 108.912822][ T30] audit: type=1326 audit(1736029187.823:924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 108.979732][ T30] audit: type=1326 audit(1736029187.823:925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 109.003999][ T30] audit: type=1326 audit(1736029187.823:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 109.051420][ T30] audit: type=1326 audit(1736029187.833:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 109.084011][ T1102] loop2: detected capacity change from 0 to 512 [ 109.138853][ T30] audit: type=1326 audit(1736029187.833:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1061 comm="syz.4.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0de246d29 code=0x7ffc0000 [ 109.209765][ T1102] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 109.490474][ T1102] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 110.354512][ T1102] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 110.368586][ T1102] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 110.624627][ T1102] EXT4-fs (loop2): 1 truncate cleaned up [ 110.649004][ T1102] EXT4-fs (loop2): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 110.673584][ T1126] loop3: detected capacity change from 0 to 512 [ 110.687007][ T1096] loop1: detected capacity change from 0 to 40427 [ 110.736799][ T1126] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 110.752319][ T1126] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 110.901449][ T1096] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 110.947246][ T1096] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 111.008826][ T1126] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 111.046139][ T1126] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 111.065885][ T1126] EXT4-fs (loop3): 1 truncate cleaned up [ 111.071822][ T1096] F2FS-fs (loop1): invalid crc value [ 111.077095][ T1126] EXT4-fs (loop3): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 111.121684][ T1096] F2FS-fs (loop1): Found nat_bits in checkpoint [ 111.148846][ T1135] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 111.186848][ T1096] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 111.193918][ T1096] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 111.203931][ T1137] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 111.265457][ T1130] loop4: detected capacity change from 0 to 40427 [ 111.286622][ T1130] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 111.294268][ T1130] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 111.303225][ T1130] F2FS-fs (loop4): invalid crc value [ 111.310070][ T1130] F2FS-fs (loop4): Found nat_bits in checkpoint [ 111.439185][ T324] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 111.529798][ T1130] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 111.538098][ T1130] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 111.653851][ T60] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 111.809862][ T30] kauditd_printk_skb: 83 callbacks suppressed [ 111.809876][ T30] audit: type=1326 audit(1736029194.073:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 111.883644][ T324] usb 3-1: Using ep0 maxpacket: 16 [ 112.003876][ T324] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.059842][ T30] audit: type=1326 audit(1736029194.093:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 112.153566][ T60] usb 4-1: Using ep0 maxpacket: 16 [ 112.226795][ T324] usb 3-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 112.235951][ T324] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.258337][ T324] usb 3-1: config 0 descriptor?? [ 112.273628][ T60] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.273658][ T324] usb 3-1: can't set config #0, error -71 [ 112.290318][ T30] audit: type=1326 audit(1736029194.093:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 112.323615][ T60] usb 4-1: New USB device found, idVendor=05ac, idProduct=029a, bcdDevice= 0.00 [ 112.324706][ T324] usb 3-1: USB disconnect, device number 5 [ 112.343760][ T30] audit: type=1326 audit(1736029194.093:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 112.345629][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.423582][ T30] audit: type=1326 audit(1736029194.093:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 112.457339][ T60] usb 4-1: config 0 descriptor?? [ 112.699817][ T30] audit: type=1326 audit(1736029194.093:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 112.891110][ T30] audit: type=1326 audit(1736029194.093:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 112.916467][ T30] audit: type=1326 audit(1736029194.093:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 112.941167][ T30] audit: type=1326 audit(1736029194.093:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 112.972712][ T30] audit: type=1326 audit(1736029194.093:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1145 comm="syz.0.184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 113.001552][ T1154] loop1: detected capacity change from 0 to 40427 [ 113.050201][ T1154] F2FS-fs (loop1): invalid crc value [ 113.377027][ T1154] F2FS-fs (loop1): Found nat_bits in checkpoint [ 113.571005][ T60] usbhid 4-1:0.0: can't add hid device: -71 [ 113.576860][ T60] usbhid: probe of 4-1:0.0 failed with error -71 [ 113.583098][ T1154] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 113.594822][ T60] usb 4-1: USB disconnect, device number 5 [ 114.510665][ T1153] attempt to access beyond end of device [ 114.510665][ T1153] loop1: rw=10241, want=45104, limit=40427 [ 114.614902][ T289] attempt to access beyond end of device [ 114.614902][ T289] loop1: rw=2049, want=45112, limit=40427 [ 114.892139][ T1186] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 116.008674][ T1197] loop0: detected capacity change from 0 to 512 [ 116.034309][ T1199] loop3: detected capacity change from 0 to 512 [ 116.115059][ T1197] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 116.122265][ T1199] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 116.130242][ T1197] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 116.137432][ T1199] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 116.146148][ T1197] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 116.154536][ T1197] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 116.162997][ T1197] EXT4-fs (loop0): 1 truncate cleaned up [ 116.163073][ T1199] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 116.189117][ T1197] EXT4-fs (loop0): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 116.213666][ T1199] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 116.242504][ T1199] EXT4-fs (loop3): 1 truncate cleaned up [ 116.252057][ T1199] EXT4-fs (loop3): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 116.347003][ T1192] loop2: detected capacity change from 0 to 40427 [ 116.381194][ T1192] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 116.388908][ T1192] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 116.398174][ T1192] F2FS-fs (loop2): invalid crc value [ 116.424023][ T1197] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 116.511986][ T1212] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 116.898173][ T1192] F2FS-fs (loop2): Found nat_bits in checkpoint [ 116.981624][ T1216] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 117.076227][ T336] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 117.079900][ T1192] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 117.092078][ T1192] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 118.488879][ T890] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 118.692747][ T1224] loop1: detected capacity change from 0 to 128 [ 119.895908][ T1232] loop3: detected capacity change from 0 to 512 [ 119.910298][ T1224] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 119.920750][ T1224] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 120.498441][ T1232] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 120.581139][ T1232] EXT4-fs (loop3): Ignoring removed mblk_io_submit option [ 120.769243][ T1242] 9pnet: Insufficient options for proto=fd [ 122.113944][ T336] usb 1-1: device not accepting address 4, error -71 [ 122.147500][ T1232] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 122.155416][ T1232] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 122.165983][ T1232] EXT4-fs (loop3): 1 truncate cleaned up [ 122.171458][ T1232] EXT4-fs (loop3): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 123.598372][ T1232] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 123.606373][ T30] kauditd_printk_skb: 42 callbacks suppressed [ 123.606391][ T30] audit: type=1326 audit(1736029205.123:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 123.736655][ T1261] loop0: detected capacity change from 0 to 128 [ 123.916929][ T1261] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 123.927833][ T1261] ext4 filesystem being mounted at /45/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 124.052902][ T1265] 9pnet: Insufficient options for proto=fd [ 124.720820][ T30] audit: type=1326 audit(1736029205.123:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 124.813583][ T30] audit: type=1326 audit(1736029205.223:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 124.837524][ T30] audit: type=1326 audit(1736029205.223:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 124.865772][ T30] audit: type=1326 audit(1736029205.223:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 124.901250][ T1277] 9pnet: Insufficient options for proto=fd [ 124.914003][ T30] audit: type=1326 audit(1736029205.323:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 124.940936][ T30] audit: type=1326 audit(1736029205.323:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 124.966733][ T30] audit: type=1326 audit(1736029205.323:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 124.990380][ T30] audit: type=1326 audit(1736029205.423:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 125.033162][ T30] audit: type=1326 audit(1736029205.423:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1248 comm="syz.1.205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a247b3d29 code=0x7ffc0000 [ 126.430367][ T1275] loop2: detected capacity change from 0 to 40427 [ 126.781047][ T1299] loop1: detected capacity change from 0 to 128 [ 126.829584][ T1275] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 126.878778][ T1275] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 126.917162][ T1299] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 126.928050][ T1299] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 127.226524][ T1275] F2FS-fs (loop2): invalid crc value [ 127.328001][ T1275] F2FS-fs (loop2): Found nat_bits in checkpoint [ 129.398186][ T30] kauditd_printk_skb: 13 callbacks suppressed [ 129.398203][ T30] audit: type=1326 audit(1736029211.663:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 129.466840][ T30] audit: type=1326 audit(1736029211.663:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 129.529791][ T30] audit: type=1326 audit(1736029211.663:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 129.607955][ T30] audit: type=1326 audit(1736029211.663:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 129.693836][ T30] audit: type=1326 audit(1736029211.663:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 129.763635][ T30] audit: type=1326 audit(1736029211.693:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 129.826486][ T30] audit: type=1326 audit(1736029211.693:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 129.851941][ T30] audit: type=1326 audit(1736029211.693:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 130.923596][ T30] audit: type=1326 audit(1736029211.693:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 130.947222][ T30] audit: type=1326 audit(1736029211.693:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1293 comm="syz.0.217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 132.664520][ T1351] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 133.067352][ T1353] 9pnet: Insufficient options for proto=fd [ 137.310150][ T30] kauditd_printk_skb: 71 callbacks suppressed [ 137.310170][ T30] audit: type=1326 audit(1736029219.143:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 137.339453][ T30] audit: type=1326 audit(1736029219.143:1169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 137.789118][ T30] audit: type=1326 audit(1736029219.243:1170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 137.864718][ T30] audit: type=1326 audit(1736029219.243:1171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 137.898455][ T30] audit: type=1326 audit(1736029219.243:1172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 137.978831][ T1394] loop1: detected capacity change from 0 to 512 [ 138.013573][ T30] audit: type=1326 audit(1736029219.343:1173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 138.153143][ T30] audit: type=1326 audit(1736029219.343:1174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 138.264961][ T1394] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 138.309664][ T1394] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 138.327220][ T30] audit: type=1326 audit(1736029219.343:1175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 138.363688][ T30] audit: type=1326 audit(1736029219.443:1176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 138.410982][ T1394] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 138.423571][ T1394] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 138.436561][ T1394] EXT4-fs (loop1): 1 truncate cleaned up [ 138.457448][ T1394] EXT4-fs (loop1): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,. Quota mode: writeback. [ 138.477967][ T30] audit: type=1326 audit(1736029219.443:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1374 comm="syz.0.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febd422dd29 code=0x7ffc0000 [ 138.639486][ T1396] loop4: detected capacity change from 0 to 40427 [ 138.643961][ T1405] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 138.789348][ T1411] 9pnet: Insufficient options for proto=fd [ 138.800915][ T1396] F2FS-fs (loop4): invalid crc value [ 138.807804][ T1396] F2FS-fs (loop4): Found nat_bits in checkpoint [ 140.115446][ T1396] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 140.196825][ T1420] loop2: detected capacity change from 0 to 128 [ 140.235942][ T890] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 140.330340][ T1420] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 140.341380][ T1420] ext4 filesystem being mounted at /51/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 141.083605][ T890] usb 2-1: Using ep0 maxpacket: 16 [ 141.260089][ T890] usb 2-1: device descriptor read/all, error -71 [ 141.315493][ T1395] attempt to access beyond end of device [ 141.315493][ T1395] loop4: rw=10241, want=45104, limit=40427 [ 141.341982][ T1430] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 141.406682][ T292] attempt to access beyond end of device [ 141.406682][ T292] loop4: rw=2049, want=45112, limit=40427 [ 141.650662][ T1442] loop1: detected capacity change from 0 to 128 [ 141.842971][ T1442] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 141.854056][ T1442] ext4 filesystem being mounted at /48/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 142.677724][ T30] kauditd_printk_skb: 12 callbacks suppressed [ 142.677742][ T30] audit: type=1400 audit(1736029224.943:1190): avc: denied { create } for pid=1452 comm="syz.3.255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 142.712339][ T1453] device bridge_slave_0 left promiscuous mode [ 142.734249][ T1453] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.753443][ T1453] device bridge_slave_1 left promiscuous mode [ 142.757664][ T30] audit: type=1400 audit(1736029224.973:1191): avc: denied { write } for pid=1452 comm="syz.3.255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 142.778548][ T30] audit: type=1400 audit(1736029225.013:1192): avc: denied { write } for pid=1456 comm="syz.3.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 142.798637][ T30] audit: type=1400 audit(1736029225.013:1193): avc: denied { nlmsg_write } for pid=1456 comm="syz.3.256" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 142.817695][ T1453] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.821380][ T30] audit: type=1400 audit(1736029225.013:1194): avc: denied { ioctl } for pid=1451 comm="syz.0.254" path="socket:[19892]" dev="sockfs" ino=19892 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 142.851943][ T30] audit: type=1400 audit(1736029225.093:1195): avc: denied { create } for pid=1458 comm="syz.3.258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 142.913346][ T30] audit: type=1400 audit(1736029225.173:1196): avc: denied { create } for pid=1468 comm="syz.0.261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 142.932994][ T20] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 142.960751][ T30] audit: type=1400 audit(1736029225.203:1197): avc: denied { write } for pid=1468 comm="syz.0.261" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 143.001577][ T30] audit: type=1400 audit(1736029225.253:1198): avc: denied { unlink } for pid=1471 comm="syz.0.262" name="#1" dev="tmpfs" ino=353 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 143.134294][ T30] audit: type=1400 audit(1736029225.403:1199): avc: denied { create } for pid=1473 comm="syz.1.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 143.183926][ T20] usb 3-1: Using ep0 maxpacket: 8 [ 143.303639][ T20] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 143.318870][ T20] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 143.329160][ T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.338499][ T20] usb 3-1: config 0 descriptor?? [ 143.382429][ T1509] usb usb4: usbfs: process 1509 (syz.1.278) did not claim interface 0 before use [ 143.563546][ T359] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 143.703658][ T890] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 143.826766][ T1523] 9pnet_virtio: no channels available for device syz [ 143.923650][ T359] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 143.934573][ T359] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.945428][ T359] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 143.954957][ T359] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 143.963551][ T890] usb 2-1: Using ep0 maxpacket: 8 [ 144.043669][ T359] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 144.052611][ T359] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 144.060467][ T359] usb 1-1: Manufacturer: syz [ 144.065912][ T359] usb 1-1: config 0 descriptor?? [ 144.113668][ T890] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 144.123655][ T890] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 144.133428][ T890] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 144.143305][ T890] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 144.156613][ T890] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 144.170963][ T890] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.545066][ T359] appleir 0003:05AC:8243.0004: unknown main item tag 0x0 [ 144.552188][ T359] appleir 0003:05AC:8243.0004: No inputs registered, leaving [ 144.559451][ T20] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 144.568510][ T359] appleir 0003:05AC:8243.0004: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 144.803536][ T20] usb 5-1: Using ep0 maxpacket: 8 [ 144.923610][ T20] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 144.931805][ T20] usb 5-1: config 179 has no interface number 0 [ 144.937925][ T20] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10 [ 144.949042][ T20] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 144.960458][ T20] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 144.971661][ T20] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 144.984774][ T20] usb 5-1: config 179 interface 65 has no altsetting 0 [ 144.991532][ T20] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 145.000505][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.023606][ T1544] raw-gadget.4 gadget: fail, usb_ep_enable returned -22 [ 145.045322][ T20] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input4 [ 145.147037][ T20] usb 3-1: USB disconnect, device number 6 [ 145.414254][ T20] usb 1-1: USB disconnect, device number 6 [ 145.454197][ T1567] fuse: root generation should be zero [ 145.947454][ T1582] syz.0.307 (1582) used greatest stack depth: 21168 bytes left [ 146.353657][ T864] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 146.436568][ T890] usb 2-1: USB disconnect, device number 7 [ 146.475106][ T1599] device syzkaller0 entered promiscuous mode [ 146.481984][ T324] syzkaller0: tun_net_xmit 48 [ 146.503600][ T1599] syzkaller0: create flow: hash 3769759600 index 1 [ 146.516028][ T1599] syzkaller0: delete flow: hash 3769759600 index 1 [ 146.587419][ T1613] ================================================================== [ 146.595324][ T1613] BUG: KASAN: slab-out-of-bounds in tc_setup_flow_action+0xb9d/0x3430 [ 146.603306][ T1613] Read of size 8 at addr ffff88811087abc0 by task syz.1.321/1613 [ 146.611029][ T1613] [ 146.613208][ T1613] CPU: 1 PID: 1613 Comm: syz.1.321 Not tainted 5.15.173-syzkaller-00213-gaf461d0249a8 #0 [ 146.622914][ T1613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 146.632912][ T1613] Call Trace: [ 146.636034][ T1613] [ 146.638809][ T1613] dump_stack_lvl+0x151/0x1c0 [ 146.643328][ T1613] ? io_uring_drop_tctx_refs+0x190/0x190 [ 146.648878][ T1613] ? panic+0x760/0x760 [ 146.652811][ T1613] print_address_description+0x87/0x3b0 [ 146.658165][ T1613] kasan_report+0x179/0x1c0 [ 146.662499][ T1613] ? tc_setup_flow_action+0xb9d/0x3430 [ 146.667797][ T1613] ? tc_setup_flow_action+0xb9d/0x3430 [ 146.673177][ T1613] __asan_report_load8_noabort+0x14/0x20 [ 146.678649][ T1613] tc_setup_flow_action+0xb9d/0x3430 [ 146.683767][ T1613] mall_replace_hw_filter+0x394/0xc20 [ 146.688992][ T1613] ? mall_set_parms+0x4b0/0x4b0 [ 146.693669][ T1613] ? tcf_exts_destroy+0xb0/0xb0 [ 146.698347][ T1613] ? pcpu_memcg_post_alloc_hook+0x1b1/0x260 [ 146.704087][ T1613] ? pcpu_alloc+0xda0/0x13e0 [ 146.708508][ T1613] ? mall_set_parms+0x1c3/0x4b0 [ 146.713198][ T1613] mall_change+0x56e/0x780 [ 146.717450][ T1613] ? mall_get+0xb0/0xb0 [ 146.721436][ T1613] ? tcf_chain_tp_insert_unique+0xa90/0xbb0 [ 146.727173][ T1613] ? nla_strcmp+0xed/0x120 [ 146.731423][ T1613] ? mall_get+0xb0/0xb0 [ 146.735416][ T1613] tc_new_tfilter+0x151a/0x1c00 [ 146.740101][ T1613] ? tcf_gate_entry_destructor+0x20/0x20 [ 146.745574][ T1613] ? security_capable+0x87/0xb0 [ 146.750341][ T1613] ? ns_capable+0x89/0xe0 [ 146.754591][ T1613] ? netlink_net_capable+0x125/0x160 [ 146.759720][ T1613] ? tcf_gate_entry_destructor+0x20/0x20 [ 146.765184][ T1613] rtnetlink_rcv_msg+0x776/0xc40 [ 146.770044][ T1613] ? rtnetlink_bind+0x80/0x80 [ 146.774567][ T1613] ? stack_trace_save+0x1c0/0x1c0 [ 146.779422][ T1613] ? __kernel_text_address+0x9b/0x110 [ 146.784710][ T1613] ? unwind_get_return_address+0x4d/0x90 [ 146.790302][ T1613] ? avc_has_perm_noaudit+0x348/0x430 [ 146.795561][ T1613] ? memcpy+0x56/0x70 [ 146.799379][ T1613] ? avc_has_perm_noaudit+0x2dd/0x430 [ 146.804581][ T1613] ? avc_denied+0x1b0/0x1b0 [ 146.808923][ T1613] ? avc_has_perm+0x16f/0x260 [ 146.813435][ T1613] ? ____kasan_kmalloc+0xed/0x110 [ 146.818295][ T1613] ? avc_has_perm_noaudit+0x430/0x430 [ 146.823504][ T1613] ? x64_sys_call+0x16a/0x9a0 [ 146.828014][ T1613] netlink_rcv_skb+0x1cf/0x410 [ 146.832614][ T1613] ? rtnetlink_bind+0x80/0x80 [ 146.837127][ T1613] ? netlink_ack+0xb10/0xb10 [ 146.841554][ T1613] ? __netlink_lookup+0x37b/0x3a0 [ 146.846415][ T1613] rtnetlink_rcv+0x1c/0x20 [ 146.850669][ T1613] netlink_unicast+0x8df/0xac0 [ 146.855268][ T1613] ? netlink_detachskb+0x90/0x90 [ 146.860039][ T1613] ? security_netlink_send+0x7b/0xa0 [ 146.865164][ T1613] netlink_sendmsg+0xa0a/0xd20 [ 146.869763][ T1613] ? netlink_getsockopt+0x560/0x560 [ 146.875232][ T1613] ? security_socket_sendmsg+0x82/0xb0 [ 146.880523][ T1613] ? netlink_getsockopt+0x560/0x560 [ 146.885560][ T1613] ____sys_sendmsg+0x59e/0x8f0 [ 146.890291][ T1613] ? __sys_sendmsg_sock+0x40/0x40 [ 146.895145][ T1613] ? import_iovec+0xe5/0x120 [ 146.899571][ T1613] ___sys_sendmsg+0x252/0x2e0 [ 146.904383][ T1613] ? __sys_sendmsg+0x260/0x260 [ 146.909011][ T1613] ? check_stack_object+0xf4/0x130 [ 146.913916][ T1613] ? __fdget+0x1bc/0x240 [ 146.917985][ T1613] __se_sys_sendmsg+0x19a/0x260 [ 146.922672][ T1613] ? __x64_sys_sendmsg+0x90/0x90 [ 146.927448][ T1613] ? __kasan_check_write+0x14/0x20 [ 146.932392][ T1613] ? switch_fpu_return+0x15f/0x2e0 [ 146.937431][ T1613] __x64_sys_sendmsg+0x7b/0x90 [ 146.942028][ T1613] x64_sys_call+0x16a/0x9a0 [ 146.946450][ T1613] do_syscall_64+0x3b/0xb0 [ 146.950703][ T1613] ? clear_bhb_loop+0x35/0x90 [ 146.955216][ T1613] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 146.960954][ T1613] RIP: 0033:0x7f4a247b3d29 [ 146.965200][ T1613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.984658][ T1613] RSP: 002b:00007f4a22e25038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 146.992975][ T1613] RAX: ffffffffffffffda RBX: 00007f4a249a3fa0 RCX: 00007f4a247b3d29 [ 147.000785][ T1613] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000000000003 [ 147.008732][ T1613] RBP: 00007f4a2482fb08 R08: 0000000000000000 R09: 0000000000000000 [ 147.016540][ T1613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.024351][ T1613] R13: 0000000000000000 R14: 00007f4a249a3fa0 R15: 00007ffc26fe7928 [ 147.032255][ T1613] [ 147.035117][ T1613] [ 147.037298][ T1613] Allocated by task 1613: [ 147.041449][ T1613] ____kasan_kmalloc+0xdb/0x110 [ 147.046140][ T1613] __kasan_kmalloc+0x9/0x10 [ 147.050483][ T1613] __kmalloc+0x13f/0x2c0 [ 147.054553][ T1613] tcf_idr_create+0x5f/0x780 [ 147.058992][ T1613] tcf_idr_create_from_flags+0x5f/0x70 [ 147.064274][ T1613] tcf_gact_init+0x3cd/0x6e0 [ 147.068701][ T1613] tcf_action_init_1+0x50f/0x7f0 [ 147.073477][ T1613] tcf_action_init+0x306/0x840 [ 147.078082][ T1613] tcf_exts_validate+0x236/0x520 [ 147.083031][ T1613] mall_set_parms+0x44/0x4b0 [ 147.087540][ T1613] mall_change+0x495/0x780 [ 147.091794][ T1613] tc_new_tfilter+0x151a/0x1c00 [ 147.096476][ T1613] rtnetlink_rcv_msg+0x776/0xc40 [ 147.101263][ T1613] netlink_rcv_skb+0x1cf/0x410 [ 147.106008][ T1613] rtnetlink_rcv+0x1c/0x20 [ 147.110226][ T1613] netlink_unicast+0x8df/0xac0 [ 147.114828][ T1613] netlink_sendmsg+0xa0a/0xd20 [ 147.119426][ T1613] ____sys_sendmsg+0x59e/0x8f0 [ 147.124042][ T1613] ___sys_sendmsg+0x252/0x2e0 [ 147.128545][ T1613] __se_sys_sendmsg+0x19a/0x260 [ 147.133321][ T1613] __x64_sys_sendmsg+0x7b/0x90 [ 147.137924][ T1613] x64_sys_call+0x16a/0x9a0 [ 147.142350][ T1613] do_syscall_64+0x3b/0xb0 [ 147.146608][ T1613] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 147.152339][ T1613] [ 147.154503][ T1613] The buggy address belongs to the object at ffff88811087ab00 [ 147.154503][ T1613] which belongs to the cache kmalloc-192 of size 192 [ 147.168390][ T1613] The buggy address is located 0 bytes to the right of [ 147.168390][ T1613] 192-byte region [ffff88811087ab00, ffff88811087abc0) [ 147.181956][ T1613] The buggy address belongs to the page: [ 147.187416][ T1613] page:ffffea0004421e80 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11087a [ 147.197466][ T1613] flags: 0x4000000000000200(slab|zone=1) [ 147.202942][ T1613] raw: 4000000000000200 0000000000000000 dead000000000122 ffff888100042c00 [ 147.211361][ T1613] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 147.219774][ T1613] page dumped because: kasan: bad access detected [ 147.226029][ T1613] page_owner tracks the page as allocated [ 147.231574][ T1613] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 1613, ts 146587336214, free_ts 146585594820 [ 147.247547][ T1613] post_alloc_hook+0x1a3/0x1b0 [ 147.252159][ T1613] prep_new_page+0x1b/0x110 [ 147.256570][ T1613] get_page_from_freelist+0x3550/0x35d0 [ 147.261951][ T1613] __alloc_pages+0x27e/0x8f0 [ 147.266471][ T1613] new_slab+0x9a/0x4e0 [ 147.270369][ T1613] ___slab_alloc+0x39e/0x830 [ 147.274799][ T1613] __slab_alloc+0x4a/0x90 [ 147.278964][ T1613] kmem_cache_alloc_trace+0x147/0x270 [ 147.284170][ T1613] mall_change+0x273/0x780 [ 147.288424][ T1613] tc_new_tfilter+0x151a/0x1c00 [ 147.293211][ T1613] rtnetlink_rcv_msg+0x776/0xc40 [ 147.297983][ T1613] netlink_rcv_skb+0x1cf/0x410 [ 147.302582][ T1613] rtnetlink_rcv+0x1c/0x20 [ 147.306841][ T1613] netlink_unicast+0x8df/0xac0 [ 147.311434][ T1613] netlink_sendmsg+0xa0a/0xd20 [ 147.316035][ T1613] ____sys_sendmsg+0x59e/0x8f0 [ 147.320637][ T1613] page last free stack trace: [ 147.325158][ T1613] free_unref_page_prepare+0x7c8/0x7d0 [ 147.330442][ T1613] free_unref_page+0xe8/0x750 [ 147.334968][ T1613] __free_pages+0x61/0xf0 [ 147.339149][ T1613] __free_slab+0xec/0x1d0 [ 147.343290][ T1613] __unfreeze_partials+0x165/0x1a0 [ 147.348443][ T1613] put_cpu_partial+0xc4/0x120 [ 147.352965][ T1613] __slab_free+0x1c8/0x290 [ 147.357296][ T1613] ___cache_free+0x109/0x120 [ 147.361723][ T1613] qlink_free+0x4d/0x90 [ 147.365714][ T1613] qlist_free_all+0x44/0xb0 [ 147.370052][ T1613] kasan_quarantine_reduce+0x15a/0x180 [ 147.375355][ T1613] __kasan_slab_alloc+0x2f/0xe0 [ 147.380039][ T1613] slab_post_alloc_hook+0x53/0x2c0 [ 147.384988][ T1613] kmem_cache_alloc_trace+0xf9/0x270 [ 147.390105][ T1613] inetdev_init+0x83/0x4c0 [ 147.394357][ T1613] inetdev_event+0x205/0x10a0 [ 147.398875][ T1613] [ 147.401039][ T1613] Memory state around the buggy address: [ 147.406606][ T1613] ffff88811087aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.414671][ T1613] ffff88811087ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 147.422571][ T1613] >ffff88811087ab80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 147.430556][ T1613] ^ [ 147.436544][ T1613] ffff88811087ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.444439][ T1613] ffff88811087ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 147.452335][ T1613] ================================================================== [ 147.460240][ T1613] Disabling lock debugging due to kernel taint [ 147.496371][ T26] usb 5-1: USB disconnect, device number 6 [ 147.504162][ T26] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 147.603612][ T864] usb 1-1: config index 0 descriptor too short (expected 23569, got 27) [ 147.611817][ T864] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 147.693614][ T864] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 147.702583][ T864] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 147.710441][ T864] usb 1-1: Manufacturer: syz [ 147.715688][ T864] usb 1-1: config 0 descriptor?? [ 147.955448][ T864] usb 1-1: USB disconnect, device number 7