last executing test programs: 10.343203937s ago: executing program 3 (id=1932): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004200)=@base={0x12, 0x7, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r0, &(0x7f00000001c0), 0x20000000}, 0x20) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000040), 0x20000000}, 0x20) bpf$MAP_GET_NEXT_KEY(0x3, &(0x7f0000000340)={r0, &(0x7f0000000180), 0x0}, 0x20) 10.318999778s ago: executing program 3 (id=1933): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f000076e000/0x4000)=nil, 0x400000, 0x0, 0x2}) 10.258451074s ago: executing program 3 (id=1934): bind$xdp(0xffffffffffffffff, 0x0, 0x0) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x18}, @NETEM_LOSS_GI={0x18, 0x1, {0x10}}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x9c}}, 0x0) 10.224828226s ago: executing program 3 (id=1935): r0 = socket$key(0xf, 0x3, 0x2) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) sendmsg$key(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)={0x2, 0x9, 0x6, 0x2, 0x2, 0x0, 0x70bd2b, 0x25dfdbff}, 0x10}}, 0x90) 10.210073428s ago: executing program 3 (id=1936): unshare(0x20000600) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01040400000a00120002002800000019002d4400009b84136ef75afb83de066a5900e1baac341b61130000f2ff00000100"/85, 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0) recvmsg(r1, &(0x7f00000055c0)={0x0, 0x0, 0x0}, 0x0) 10.17733903s ago: executing program 3 (id=1937): ptrace(0x10, 0x1) r0 = inotify_init1(0x0) sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x4001) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$getenv(0x4204, r1, 0x201, &(0x7f0000000000)) 5.579618703s ago: executing program 2 (id=1961): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18) r1 = socket(0x1e, 0x805, 0x0) connect$tipc(r1, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10) connect$tipc(r1, &(0x7f0000000000)=@id, 0x10) close(r1) 5.543338526s ago: executing program 2 (id=1962): r0 = socket(0x10, 0x3, 0x0) sendmsg$GTP_CMD_DELPDP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f00000000c0), 0x10) sendmsg$can_bcm(r2, &(0x7f0000000340)={&(0x7f00000003c0)={0x1d, r1}, 0x10, &(0x7f0000000540)={&(0x7f00000004c0)={0x1, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "d500000000002a00"}}, 0x48}}, 0x0) 5.535084417s ago: executing program 2 (id=1963): r0 = socket(0x10, 0x3, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4001080}, 0x0) 5.526813198s ago: executing program 2 (id=1964): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r1 = dup(r0) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/snmp\x00') syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x24f, &(0x7f0000000b40)="$eJzs3T9oJGUcBuB3Znc9c7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUO+G8YJe1srHQWiWVTRA7o6WkCTaKYBU1RWxEDRYGCy1WZieRmKxEs+uOZJ4HZmdm55v5fcPM++02sxugtc4mOZ+kk2Q+SS9Jsb/B3fV0dnd1eW79cjIcPvFzMWpXr9f29juTZJDkoSRrZZGXusni6jNbv248dt+b13v3vr/69NxMT3LX9tbm4zvvXXzjowsPLn7x1Y8Xi5xP/y/nNX3FmPe6RXLLf1Hsf6LoNt0D/olLr334dZX7W5PcM8p/L2Xqi/fWtRvWenng3b/b9+2fvrx9ln0Fpm847FWfgYMh0Dplkn6KciFJvVyWCwv1d/hvOqfLl69ee3X+xavXr7zQ9EgFTEs/2Xz0k1MfnzmQ/+87df6Bk6vK/5OXVr6tlnc6TfcGmIk76lmV//nnlu6P/EPryD+0l/xDe8k/tJf8Q3vJP7SX/MMJ1ttbGIzdLP/QXvIP7SX/0F778w8AtMvwVNNPIANNaXr8AQAAAAAAAAAAAAAAAAAADlueW7+8Nx3R9Idp1fzsnWT7kSTdcfU7o/8jTm4cvZ7+paia/amod5vIs3dNeIAJfdDw09c3fddc7eqqfn5nc/UrS1eSwetJznW7h++/Yvf+O76bj9jee37CAv9ScWD94admW/+g31earX9hI/m0Gn/OjRt/ytw2mo8ff/r7f2L5mF75bcIDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDN/BAAA//97MG6+") mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 5.26413693s ago: executing program 2 (id=1966): syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x80c406, &(0x7f0000000500)=ANY=[@ANYBLOB="646f74732c646f747300646d61736b3d30303030303030303003994db69d6fadd9fe8357bb9b326973636172642c0166733d6e6f7774066c655f726f2c6769643d8bde74b54a903862b1d491a0644fd032adf103782b3e6ab9bb8b7d5a0000008000000000831cac568a8781052c1f78a90d525fbffbbe712b3588cd20fd6b4fa30f99796b63d0000200006bf7964f30b515830fe521179cb856fcec51525e76986850e3c2079c07811902047009a8bd311ec4398a92a06f061a5a0ba1eb2b3db991e65cb55232662ecb874cb1ea47734fd6c56b06c03f20235fad7299622ac7c70fbb5466c8f69e506f15f9048273682c4abdddc8cbc849980b03000000000000000000000063e0c97554c132b6effff3b3e0c109c72f794db4da27b9108716f1877464f58d22d0ea6e75321d887a6a375c5cf8cce358a8df2720e76ce466c78c7901cc6071bc2eafaa394d4290e95d4db56b59ed5d9bd10d94b075a7ace6d3f19993baa452c9ecc39f61cc383b51b627ad3b736c045f8c784b64bbaac710f4372841998dee85b80f515bdeba72caeb00c76ae7cb06986d7e9f9fec03b990c1fc56d5161ae3c622a649f9f95781dd32bc8e4090861fcad6bed6a3be33f3602b136695e7543543b93f62312f5387cd4c6d1aa22271ec1be39d675c08f44ed601b6c8fbf92f448158194570618bfd504dfd0ff459eff7bc34e453816efefe372fcecc66f0956afbe155f1f53d0eff4872d6921804209e82af2ed0a588b8ebbef33bbbc3d495d110acf1a7537f33a8f5a82a29e2d6761b50d3db9dae0a9606eb4b0a92cdb504659776a21344b8fdc9ca3851a76938dd00e59cb1d1ad7ec9ac6e19d3244e209fd56e67caf895cf9f8507b063cac9ddc2ae46f7dff3f9b86b5b3838383015a502f3540a8a796580c78737b10f54977af5cee89e91cc54e21101973aed1e03820294e9811ef0c389ec53e04e14f226213fa4fd2f9c32cd317f936edcf16bffd78d69907336f1e4cf69c22d2e8f0a1caa2623483b45be9f59f1b74cd3f19a92db916f959d4bcb800c50bfabd4d63861e036ef6d614d46c31ab711ad2ead248d781e89017fc7c22d22be274e450e5f1837bf10921f4b117439ad4503f11682542bdba745be99695d4c3d64b96997f1a6f8f3145f94f227694be7682e8a2a1a288b69474164171c6dc00e770cb068702087467ee08643516fbc3f5f71715559152dbdb61082060c73a9338db0407ed89b6941d034f623a6643e394456", @ANYRES16, @ANYBLOB="5fc5e0cc89c3068519a1a4d35631da3ac1da1498ccbed34b45633d4cecc0ce311f7adfa5ee00b0ede9ce477b0717355c8145c254b208e7b26c8704f414550ccfcd9f78ef990092397d833e4961136c5ad068266b4af5edbd182a21f3"], 0xff, 0x2b1, &(0x7f0000000100)="$eJzs3E1rE0EYwPEn2TabVvpyEvTig170stR4VKFRWhADStoV9SBs6VZDYlJ2gyYimLOnfo7i0ZsgfoHe/QDeiiA99eRKk826iemLISY1/f8g7Mw8O5uZnQSeCWx2H2+9LG741oZTlWRaJSnSkH2ReSlIWyI8pprlVNQutzPSkGsLr/berzx5ej+byy3lVZezqzcyqjp76fPrtx8uf6mee/Rx1jRlZ/7Z7o/Mt53zOxd2f66+KPha8LVcqaqja5VK1Vkrubpe8IuW6sOS6/iuFsq+63XEN0qVzc26OuX1melNz/V9dcp1TUpdqxVNh6Mqq2VZOjN9UE7LGZL66x72dj7vZHuGztSdG2+el3UMEZn6Y03t7dGMCAAAjNLh+X8yOqed/ye783+RY/L/d+FZs58Gnv8bEuX/RbeZ/1e9ujrPnUI8/8eR7MXO/H/xRL2S/25A6FeiEavc6Qh5XnaqdyfyfwAAAAAAAAAAAAAAAAAAAAAA/gf7QTAXBMHcwTEpIkFYN0XEiNV7dOUJ8TEQX/8g9jLDBT5i/TEGYg/upUW+N2p2zU40j6348r3c0oI2xR7826vVbCOKX2/FtTM+KdNhPNMznpKrV1rxg9jdB7l4fKtmT8l611iNjlpjkLcBAAAAAICxZmlkPmpMS7S/tyw1pTve3L83CxMi0v59oGt/PyEXJ4Y4EQAAAAAAcCi//qbolEquN5yCMcT36rsg0l/3m4E5kGEYIhJrMcOlip+TXxEZ3JRTcuyU9UQXNMVtj3a4C/c123f39Cn51J2wcGtgFwwSIq2WyXDNur4FAAAAAMbL7/3AqEcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDZNYy/Lhv1HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDT4lcAAAD//4aMsuk=") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000000280)='./bus/file0\x00', 0x0) renameat2(r1, &(0x7f00000001c0)='./bus/file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x0) 5.15157955s ago: executing program 2 (id=1967): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804000, &(0x7f0000000600)={[{@data_journal}, {@abort}, {@mblk_io_submit}, {@nobh}, {@bh}]}, 0x3, 0x4d4, &(0x7f0000000a00)="$eJzs3V9rHGsZAPBnJklNz8kxOerF8YDHoEfSot1NGtsGL9oKolcFtd7HmGxCyCYbspu2CUVS/ACCiIpeeeWN4AcQpB9BhILei4hStK0XXqgrsztb07CbpHb/tNnfD97MO392n+edZd/dd2cyE8DQmo6ImxExEhEXI2IyX57mJQ6aJdvu6ZP7y1lJol6//bckknxZ67mSfPp2/rDxiPjm1yK+kyTNBYdU9/Y3lsrl0k4+X6xtbhere/uX1jeX1kprpa35+bmrC9cWrizMdq2t17/y5x99/xdfvf6bL9z94+JfL3w3y3ciX3e4Hd3U3CdjjX3RMhoRO70INgAjeXvGTtzyoC/5AABwvOw7/sci4jMR8eyng84GAAAA6IX6jYn4VxJRBwAAAM6stHEObJIW8nMBJiJNC4XmObyfiBtRrlRrn1+t7G6tNM+VnYqxdHW9XJrNzxWeirEkm59r1HPr5dLlfL61fj4i3o2IH06eb8wXlivllcH+9AEAAABDIxvnT6TNejb5x2Rz/A8AAACcMVOn2upcz/MAAAAAeud0438AAADgTdZx/J+M9jcRAAAAoBe+futWVuqt+1+v3Nnb3ajcubRSqm4UNneXC8uVne3CWqWy1rhm3+ZJz1euVLa/GFu794q1UrVWrO7tL25Wdrdqi437ei+WTr5PNAAAANBt73764R+SiDj40vlGiUP/6G+sDmdb+nKbJ73KA+i/kUEnAAyME3xheBnjAycN7Mf7lAcAANA7M590/B+G1Use/wfOEMf/YXg5/g/Dyxgf+L+P//+2+7kAAAC9MdEoSVrIjwVORJoWChHvNG4LMJasrpdLsxHx0Yj4/eTYR7L5uUEnDQAAAAAAAAAAAAAAAAAAAAAAAABvmHo9iToAAABwpkWkf0ny+3/NTH44cfT3gXPJPycb04i4+7PbP763VKvtzGXL//58ee0n+fLLg/gFAwAAADiqNU5vjeMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJuePrm/3Cr9jPv4yxEx1S7+aIw3puMxFhFvPUti9NDjkogY6UL8gwcR8V67+EmWVkzlWRyNn0bE+T7Fb9f+LP7bXYgPw+xh1v/cbPf+S2O6MW3//h/Ny6t6PN2p/0uf938jHfq/d0547nP59P1Hvyo+f9DR+A8i3h9t3/+04iev2P9++1v7+53W1X8eMdP28yd5IVaxtrldrO7tX1rfXForrZW25ufnri5cW7iyMFtcXS+X8r9tY/zgU7/+T6f4WfvfejF+2lo3dUL7Pzw0P9IxQsS/H9178vFj4l/4bPvX/71j4mf7/nP550C2fqZVP2jWD/vgl7/74Lj2r3TY/ye9/hc6N/kFF7/xvT+dclMAoA+qe/sbS+Vyaec0lTReYmOVV6xMvx5pqAxnJe8gxgfcQQEAAF3zvy/9g84EAAAAAAAAAAAAAAAAAAAAhlc/Lid2OJ7LiQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAr6v/BgAA//+cGtRa") r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0) faccessat(r2, &(0x7f0000000000)='./file0\x00', 0x5) 3.401374429s ago: executing program 1 (id=1986): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) fcntl$setstatus(r0, 0x4, 0x42000) r1 = open$dir(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) fcntl$setstatus(r1, 0x4, 0x42400) open$dir(&(0x7f0000000100)='./file0\x00', 0x6400, 0x100) 3.393267769s ago: executing program 1 (id=1987): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000016c0)={0x1, &(0x7f0000001680)=[{0x6}]}) socket$packet(0x11, 0x0, 0x300) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) bpf$MAP_CREATE(0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 2.680476731s ago: executing program 0 (id=2000): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$int_in(r1, 0x5452, &(0x7f0000000900)=0x5) bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6) 2.671460112s ago: executing program 0 (id=2001): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400}) close(r0) 2.639811344s ago: executing program 0 (id=2002): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000cc0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000740)="3de652c5982c0f4af3971cdaf08c44aaf0bdf95d98badd5d3c57e96ff0b8c340616bc68bb5a60f6ba780e8a700e93153e857378fd572fdb2c811241768b2a1a3649c1a9c015c63a58b967241c860e45dc550ce40449c6b694ba0da307e00fcd36aaa0465997ba6111d22e562a73c055bfd3f8cdd0504c6823b0d00"/135, 0x87}, {&(0x7f0000000440)="63301fbbe982716c8def3cd8ff3fd571ff4de2dfcb5e342ec7e29b20390ac060158a54831705c069c98391e92029a67cdb12a63ccc2ae533a97bf033f100434f721d9e2b521d70be1d6892d2bf40fb7510a7c0bb0d384f838b0baf4bf8cc459a1f9f19706d34a20bbef8432fd74c4d3cd5c4cbac16ab064d411d42", 0x7b}, {&(0x7f00000006c0)="12e5ce490b26ced6796da950fb8b718fd0bcecd452f977707fa19b6cd3f51b5b2119d5c00ee022f6359aee2a753bd8c73850102a3159d2e8b08bf2a6e51c45eccbe365524338bd8ffeb72246ad1159f04754765113add6bd4997b9f32fe5ac14946552c20db1bd650167ddb257ba69", 0x6f}, {&(0x7f000001aa80)="2c855adcc4c9adb94980ed1e16da372ff484669aa64426b28563d3c7203f4055e4694075b0039f12a370beda103bb0c99099512f13159b560540b4cd40733e183a7974dc607aa984ec67e3245e7f06b1a901277318498d9c0de7084e64ce95d3844e4a94807f2228221bd74831bd1d9e47345b13496cedc92b319380999c5a1a54087ca313b51b99f8d3e57a22ef5e84c3afc387073641c58c95bdda636dfb9cf2e4e9b276ce50b92a4ab181ed27b799c86d162b3ef29cba0027731967a061d5fb84cb10a401f472eee67bed1492dc883fb3d226890cd2ef2b07f718d05917678254fec7ebf84d87642e66de5857c77a43f552ae0d42e86b7dd4427ad0f21ed1c8f29359662511cc779bf523db1069fad4bc5bccd97791bede61e9a0c0ba3fd44a9185c3fd4bcfbd25c62c34ac7e04912325aedce11a4f3fedd3ee812530d4e5f76999a798b3c3435601141f7844d9d893e18b92ff45dd50c0f2c2e064ea5c0bb66f846280527108", 0x168}], 0x4}, 0x24040000) recvmsg(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)=""/233, 0xe9}], 0x1, &(0x7f0000001d00)=""/4080, 0xff0}, 0x0) close(r0) 2.581135119s ago: executing program 0 (id=2003): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_io_uring_setup(0x5bb8, &(0x7f0000000100), &(0x7f0000000180), &(0x7f00000001c0)) io_uring_enter(r2, 0x145c, 0x0, 0x0, 0x0, 0x0) 2.56881848s ago: executing program 0 (id=2004): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r0}, &(0x7f00000001c0), &(0x7f0000000300)}, 0x20) setitimer(0x3, 0x0, 0x0) 2.552974372s ago: executing program 1 (id=2005): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000088500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 2.538311853s ago: executing program 0 (id=2006): r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x90, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) 2.517630995s ago: executing program 1 (id=2007): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000480)={0x0, 0x22, 0xa, {[@main=@item_4={0x3, 0x0, 0xc, "f81d36c1"}, @local=@item_4={0x3, 0x2, 0x7}]}}, 0x0}, 0x0) 2.205248861s ago: executing program 4 (id=2020): r0 = memfd_create(&(0x7f0000000100)='+\x88\xc7s\x00\x00\x942nodev\x00\x00\x8cZ_Pv\x03\xa7\xc1\b\xec\x90Q\x85\x83\xcd\x16\xdcw\'\x8a\xe5N\x8c\x17\xfd\xc5\xad\xd5y\x15\x1fx\x17\f\xbc\xd1.\x8cA\x17\x86\xb7-j!Y\x92\xd9\xc4\r8\xd0\xc9X\xa7\x11\xa3\xf0\x8a*\xbc\x87\xcd\x1fl\xfc\xf3]\xb8\xbd\x02\v<\fl\xa6]\xa5\xfb\x05\xcb\x9c\xe2\xc8\x05\xa5\xa5\xeb\xa9\xef\xe3\xf1b\x81\xec\xac\xb6\x80\xd5\xf5S\x85\x06O\x05\xb8\xa1\x15\xcc\x17\xe8s\x95\x95B\xee_\x98\x91)\xe7\xa8+\x8c\xee\x83@q\x16\xcf3\x0f\x81\xa8\xa9`i\x01m:\xcc\x1c\xed<\xcfA3n\xfd\n>\x03\xae\f \xdbH\'\x05\x82\xdbLE\x14\xcdq\x1abcf\xdb8\xe9a\xa8\x00'/201, 0x2) fcntl$addseals(r0, 0x409, 0x12) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1}) 2.198225402s ago: executing program 4 (id=2021): connect$tipc(0xffffffffffffffff, 0x0, 0x0) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f00000002c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000540)=""/32, 0x20}}, 0x120) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000000000040341a02080000000000010902"], 0x0) r1 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGFEATURE(r1, 0x80084808, 0x0) 796.671722ms ago: executing program 4 (id=2022): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket$can_bcm(0x1d, 0x2, 0x2) io_setup(0xa, &(0x7f0000000240)=0x0) connect$can_bcm(r0, &(0x7f0000000000), 0x10) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x0, 0x0, 0x0, {0x0, 0x2710}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "196c3df741c82283"}}, 0x48}}, 0x0) io_submit(r1, 0x20000000000002d6, &(0x7f0000000280)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="050000000000003f420f000000000000580f02000000003f420f000000000000ffffffff000000000000", 0x38}]) 656.481854ms ago: executing program 4 (id=2023): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) 56.077186ms ago: executing program 4 (id=2025): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000500), &(0x7f0000000200)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000000d40)={0x0, 0x7000003, &(0x7f00000023c0)=[{&(0x7f0000000b40)='?', 0x1}, {0x0, 0x1}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x20001) 54.410886ms ago: executing program 1 (id=2026): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x40046207, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000000)={0x8, 0x0, &(0x7f00000003c0)=[@increfs], 0x0, 0x0, 0x0}) dup3(r1, r0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x10, 0x0, &(0x7f00000002c0)=[@request_death={0x400c6313}], 0x0, 0x0, 0x0}) 43.328077ms ago: executing program 1 (id=2027): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000900)={'bridge0\x00', @broadcast}) 0s ago: executing program 4 (id=2028): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x76a, &(0x7f0000001b00)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=") r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000200)='./file0\x00', 0xcd8) r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) close(r0) kernel console output (not intermixed with test programs): transferred, expected 20 got 0 [ 115.020547][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.020940][ T6] playstation 0003:054C:0CE6.003E: Failed to retrieve DualSense pairing info: -22 [ 115.036710][ T6] playstation 0003:054C:0CE6.003E: Failed to get MAC address from DualSense [ 115.045241][ T6] playstation 0003:054C:0CE6.003E: Failed to create dualsense. [ 115.045627][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 115.053966][ T6] playstation: probe of 0003:054C:0CE6.003E failed with error -22 [ 115.060124][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 115.076190][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 115.084290][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.091131][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 115.100083][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 115.108018][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.114859][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 115.127186][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 115.136428][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 115.150119][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 115.161725][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 115.170065][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 115.177278][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 115.185603][ T3556] device veth0_vlan entered promiscuous mode [ 115.195760][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 115.208818][ T3556] device veth1_macvtap entered promiscuous mode [ 115.220158][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 115.228302][ T2707] usb 4-1: USB disconnect, device number 23 [ 115.241137][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 115.471526][ T3569] loop1: detected capacity change from 0 to 512 [ 115.490698][ T3569] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 115.505195][ T3569] EXT4-fs (loop1): 1 orphan inode deleted [ 115.510880][ T3569] EXT4-fs (loop1): 1 truncate cleaned up [ 115.516410][ T3569] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,sb=0x0000000000000009,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000000010000,block_validity,quota,. Quota mode: writeback. [ 115.596908][ T3579] loop1: detected capacity change from 0 to 16 [ 115.607284][ T3579] erofs: (device loop1): mounted with root inode @ nid 36. [ 115.639652][ T3583] loop2: detected capacity change from 0 to 256 [ 115.819457][ T2707] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 115.920814][ T382] device bridge_slave_1 left promiscuous mode [ 115.927789][ T382] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.935872][ T382] device bridge_slave_0 left promiscuous mode [ 115.942219][ T382] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.962747][ T382] device veth1_macvtap left promiscuous mode [ 115.968621][ T382] device veth0_vlan left promiscuous mode [ 116.183602][ T3625] loop1: detected capacity change from 0 to 40427 [ 116.199718][ T2707] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.210719][ T2707] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 116.220765][ T3625] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 116.220994][ T2707] usb 5-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 116.228314][ T3625] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 116.237489][ T2707] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.260257][ T2707] usb 5-1: config 0 descriptor?? [ 116.273554][ T3625] F2FS-fs (loop1): Found nat_bits in checkpoint [ 116.307504][ T3625] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 116.330950][ T3625] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 116.340638][ T3625] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 116.427872][ T3625] attempt to access beyond end of device [ 116.427872][ T3625] loop1: rw=2049, want=80088, limit=40427 [ 116.441843][ T3625] attempt to access beyond end of device [ 116.441843][ T3625] loop1: rw=2049, want=81920, limit=40427 [ 116.455574][ T3625] attempt to access beyond end of device [ 116.455574][ T3625] loop1: rw=2049, want=51216, limit=40427 [ 116.469758][ T3625] attempt to access beyond end of device [ 116.469758][ T3625] loop1: rw=2049, want=53248, limit=40427 [ 116.484346][ T3625] attempt to access beyond end of device [ 116.484346][ T3625] loop1: rw=2049, want=59392, limit=40427 [ 116.499166][ T3625] attempt to access beyond end of device [ 116.499166][ T3625] loop1: rw=2049, want=61448, limit=40427 [ 116.513380][ T3625] attempt to access beyond end of device [ 116.513380][ T3625] loop1: rw=2049, want=63496, limit=40427 [ 116.528230][ T3625] attempt to access beyond end of device [ 116.528230][ T3625] loop1: rw=2049, want=65552, limit=40427 [ 116.619597][ T20] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 116.761526][ T2707] hid (null): unknown global tag 0xe [ 116.771971][ T2707] logitech-hidpp-device 0003:046D:C086.003F: unknown main item tag 0x0 [ 116.784854][ T2707] logitech-hidpp-device 0003:046D:C086.003F: unknown main item tag 0x0 [ 116.799314][ T2707] logitech-hidpp-device 0003:046D:C086.003F: unknown main item tag 0x0 [ 116.807514][ T2707] logitech-hidpp-device 0003:046D:C086.003F: unknown global tag 0xe [ 116.821878][ T2707] logitech-hidpp-device 0003:046D:C086.003F: item 0 1 1 14 parsing failed [ 116.836974][ T2707] logitech-hidpp-device 0003:046D:C086.003F: hidpp_probe:parse failed [ 116.851588][ T2707] logitech-hidpp-device: probe of 0003:046D:C086.003F failed with error -22 [ 116.864930][ T3656] loop1: detected capacity change from 0 to 16 [ 116.913623][ T3656] erofs: (device loop1): mounted with root inode @ nid 36. [ 116.959646][ T378] Bluetooth: hci1: command 0x1001 tx timeout [ 116.965637][ T471] Bluetooth: hci1: sending frame failed (-49) [ 116.979521][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 116.997875][ T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.007740][ T2707] usb 5-1: USB disconnect, device number 23 [ 117.017473][ T20] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 117.031152][ T20] usb 4-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00 [ 117.051353][ T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.069579][ T20] usb 4-1: config 0 descriptor?? [ 117.108644][ T3669] loop1: detected capacity change from 0 to 512 [ 117.130719][ T3669] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002] [ 117.138642][ T3669] System zones: 0-2, 18-18, 34-35 [ 117.144747][ T3669] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 117.155722][ T3669] ext4 filesystem being mounted at /279/file0 supports timestamps until 2038 (0x7fffffff) [ 117.166673][ T3665] SELinux: security_context_str_to_sid(E) failed for (dev ?, type ?) errno=-22 [ 117.176094][ T3665] SELinux: security_context_str_to_sid(E) failed for (dev proc, type proc) errno=-22 [ 117.253183][ T3681] loop2: detected capacity change from 0 to 512 [ 117.282972][ T3681] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #15: comm syz.2.1308: casefold flag without casefold feature [ 117.295648][ T3681] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1308: couldn't read orphan inode 15 (err -117) [ 117.307835][ T3681] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 117.346527][ T3693] input: syz0 as /devices/virtual/input/input38 [ 117.380809][ T3697] incfs: mount failed -22 [ 117.474366][ T3708] blk_update_request: I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 117.485211][ T3708] FAT-fs (loop2): unable to read boot sector [ 117.560311][ T20] gt683r_led 0003:1770:FF00.0040: item fetching failed at offset 1/5 [ 117.579831][ T20] gt683r_led 0003:1770:FF00.0040: hid parsing failed [ 117.599435][ T20] gt683r_led: probe of 0003:1770:FF00.0040 failed with error -22 [ 117.709458][ T60] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 117.763588][ T2707] usb 4-1: USB disconnect, device number 24 [ 117.959408][ T60] usb 2-1: Using ep0 maxpacket: 16 [ 118.109486][ T60] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 118.118295][ T60] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 118.119410][ T378] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 118.128113][ T60] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 118.144553][ T60] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 118.154105][ T60] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 118.163680][ T60] usb 2-1: config 1 interface 0 has no altsetting 0 [ 118.170087][ T60] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 118.178907][ T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.229796][ T60] ums-sddr09 2-1:1.0: USB Mass Storage device detected [ 118.369418][ T378] usb 3-1: Using ep0 maxpacket: 16 [ 118.439860][ T60] scsi host1: usb-storage 2-1:1.0 [ 118.489451][ T378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 118.500480][ T378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 118.510444][ T378] usb 3-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00 [ 118.519706][ T378] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.528773][ T378] usb 3-1: config 0 descriptor?? [ 118.651129][ T1323] usb 2-1: USB disconnect, device number 30 [ 119.010309][ T378] hid-rmi 0003:17EF:6085.0041: item fetching failed at offset 1/5 [ 119.020044][ T378] hid-rmi 0003:17EF:6085.0041: parse failed [ 119.025801][ T378] hid-rmi: probe of 0003:17EF:6085.0041 failed with error -22 [ 119.039877][ T60] Bluetooth: hci1: command 0x1009 tx timeout [ 119.189858][ T30] kauditd_printk_skb: 74 callbacks suppressed [ 119.189874][ T30] audit: type=1400 audit(1728577972.217:1197): avc: denied { getopt } for pid=3754 comm="syz.1.1337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 119.234112][ T3736] loop2: detected capacity change from 0 to 512 [ 119.247229][ T30] audit: type=1326 audit(1728577972.267:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3758 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd023559ff9 code=0x7ffc0000 [ 119.271177][ T30] audit: type=1326 audit(1728577972.267:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3758 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd023559ff9 code=0x7ffc0000 [ 119.296290][ T30] audit: type=1326 audit(1728577972.297:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3758 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7fd023559ff9 code=0x7ffc0000 [ 119.323069][ T30] audit: type=1326 audit(1728577972.297:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3758 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd023559ff9 code=0x7ffc0000 [ 119.369126][ T30] audit: type=1326 audit(1728577972.297:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3758 comm="syz.1.1339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd023559ff9 code=0x7ffc0000 [ 119.375008][ T3736] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 119.439627][ T3736] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038 (0x7fffffff) [ 119.475424][ T1323] usb 3-1: USB disconnect, device number 18 [ 119.623058][ T3785] netlink: 'syz.4.1349': attribute type 25 has an invalid length. [ 119.631660][ T3785] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1349'. [ 119.636219][ T3765] loop1: detected capacity change from 0 to 40427 [ 119.641495][ T3785] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1349'. [ 119.650919][ T3786] input: syz1 as /devices/virtual/input/input39 [ 119.655873][ T3785] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1349'. [ 119.664079][ T3765] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 119.693317][ T3765] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 119.734595][ T3765] F2FS-fs (loop1): Found nat_bits in checkpoint [ 119.747223][ T3796] xt_bpf: check failed: parse error [ 119.791203][ T3765] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 119.798063][ T3765] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 120.063653][ T30] audit: type=1400 audit(1728577973.087:1203): avc: denied { wake_alarm } for pid=3828 comm="syz.2.1368" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 120.065844][ T3835] loop1: detected capacity change from 0 to 1024 [ 120.091375][ T3833] devtmpfs: Unknown parameter 'di' [ 120.109441][ T378] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 120.143635][ T3835] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 120.166476][ T30] audit: type=1400 audit(1728577973.187:1204): avc: denied { unlink } for pid=299 comm="syz-executor" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 120.166702][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.201157][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.211744][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.222435][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.233167][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.243908][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.254521][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.265079][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.275861][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.286419][ T299] EXT4-fs error (device loop1): ext4_empty_dir:3134: inode #11: comm syz-executor: invalid size [ 120.359413][ T378] usb 5-1: Using ep0 maxpacket: 16 [ 120.419441][ T60] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 120.451377][ T3845] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.458229][ T3845] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.465574][ T3845] device bridge_slave_0 entered promiscuous mode [ 120.472382][ T3845] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.479202][ T3845] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.486737][ T378] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 120.486925][ T3845] device bridge_slave_1 entered promiscuous mode [ 120.494584][ T378] usb 5-1: config 0 has no interface number 0 [ 120.506633][ T378] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 120.517351][ T378] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 120.526885][ T378] usb 5-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 120.539507][ T378] usb 5-1: New USB device found, idVendor=04d9, idProduct=a072, bcdDevice= 0.00 [ 120.548281][ T378] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.556803][ T378] usb 5-1: config 0 descriptor?? [ 120.596363][ T3845] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.603213][ T3845] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.610324][ T3845] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.617085][ T3845] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.636908][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 120.645456][ T382] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.652637][ T382] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.662752][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 120.670776][ T382] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.677608][ T382] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.692253][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 120.700346][ T382] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.707172][ T382] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.714446][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 120.729916][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 120.744617][ T3845] device veth0_vlan entered promiscuous mode [ 120.751050][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 120.759739][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 120.767899][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 120.776453][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 120.790648][ T3845] device veth1_macvtap entered promiscuous mode [ 120.797353][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 120.810013][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 120.827900][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 120.845075][ T3858] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 120.867603][ T30] audit: type=1400 audit(1728577973.887:1205): avc: denied { append } for pid=3861 comm="syz.2.1383" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 120.962241][ T3873] loop2: detected capacity change from 0 to 256 [ 121.009506][ T60] usb 4-1: New USB device found, idVendor=08dd, idProduct=90ff, bcdDevice=5d.5a [ 121.018358][ T60] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.026226][ T60] usb 4-1: Product: syz [ 121.030191][ T60] usb 4-1: Manufacturer: syz [ 121.034572][ T60] usb 4-1: SerialNumber: syz [ 121.039942][ T3873] FAT-fs (loop2): bogus number of FAT sectors [ 121.042172][ T60] usb 4-1: config 0 descriptor?? [ 121.051086][ T3873] FAT-fs (loop2): Can't find a valid FAT filesystem [ 121.070476][ T378] holtek_mouse 0003:04D9:A072.0042: item fetching failed at offset 1/4 [ 121.078649][ T378] holtek_mouse 0003:04D9:A072.0042: hid parse failed: -22 [ 121.085849][ T378] holtek_mouse: probe of 0003:04D9:A072.0042 failed with error -22 [ 121.119616][ T20] usb 2-1: new full-speed USB device number 31 using dummy_hcd [ 121.228455][ T3875] loop2: detected capacity change from 0 to 512 [ 121.276824][ T378] usb 5-1: USB disconnect, device number 24 [ 121.287545][ T3875] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.1389: bad orphan inode 17 [ 121.297695][ T3875] ext4_test_bit(bit=16, block=4) = 1 [ 121.303026][ T3875] is_bad_inode(inode)=0 [ 121.307000][ T3875] NEXT_ORPHAN(inode)=0 [ 121.311015][ T3875] max_ino=32 [ 121.313938][ T3875] i_nlink=1 [ 121.316900][ T3875] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 121.332214][ T3875] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.1389: bg 0: block 7: invalid block bitmap [ 121.386559][ T3878] loop2: detected capacity change from 0 to 512 [ 121.471527][ T3878] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 121.479846][ T3878] EXT4-fs (loop2): 1 truncate cleaned up [ 121.485286][ T3878] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota="errors=continue,noload,data_err=ignore,usrjquota="errors=continue,errors=remount-ro,noblock_validity,. Quota mode: writeback. [ 121.505626][ T20] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 121.510825][ T3878] EXT4-fs error (device loop2): ext4_append:79: inode #2: comm syz.2.1390: Logical block already allocated [ 121.516280][ T20] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4 [ 121.526052][ T3878] EXT4-fs (loop2): Remounting filesystem read-only [ 121.536268][ T20] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 121.557604][ T3878] EXT4-fs error (device loop2): ext4_remount:5845: comm syz.2.1390: Abort forced by user [ 121.567572][ T3878] EXT4-fs (loop2): re-mounted. Opts: quota,noload,block_validity,. Quota mode: writeback. [ 121.635691][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 2. Sending cookies. Check SNMP counters. [ 121.656813][ T3884] loop2: detected capacity change from 0 to 1024 [ 121.709470][ T20] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 121.718346][ T20] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.726150][ T20] usb 2-1: Product: syz [ 121.730173][ T20] usb 2-1: Manufacturer: syz [ 121.734553][ T20] usb 2-1: SerialNumber: syz [ 121.737721][ T3884] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 121.867497][ T30] audit: type=1400 audit(1728577974.887:1206): avc: denied { setopt } for pid=3895 comm="syz.2.1397" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 121.897523][ T3899] loop2: detected capacity change from 0 to 1024 [ 121.921480][ T3899] JBD2: no valid journal superblock found [ 121.927045][ T3899] EXT4-fs (loop2): error loading journal [ 122.050641][ T3905] loop2: detected capacity change from 0 to 512 [ 122.059584][ T20] usb 2-1: 2:1 : unknown format tag 0x0 is detected. processed as MPEG. [ 122.067829][ T20] usb 2-1: found format II with max.bitrate = 0, frame size=0 [ 122.075244][ T20] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 122.102797][ T20] usb 2-1: USB disconnect, device number 31 [ 122.123748][ T1107] udevd[1107]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 122.141533][ T3905] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback. [ 122.158373][ T3905] ext4 filesystem being mounted at /244/file1 supports timestamps until 2038 (0x7fffffff) [ 122.172699][ T3905] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 122.187148][ T3905] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 17 with error 28 [ 122.197339][ T60] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 122.199621][ T3905] EXT4-fs (loop2): This should not happen!! Data will be lost [ 122.199621][ T3905] [ 122.218527][ T3905] EXT4-fs (loop2): Total free blocks count 0 [ 122.224573][ T3905] EXT4-fs (loop2): Free/Dirty block details [ 122.230323][ T3905] EXT4-fs (loop2): free_blocks=39626 [ 122.235383][ T3905] EXT4-fs (loop2): dirty_blocks=31 [ 122.240846][ T3905] EXT4-fs (loop2): Block reservation details [ 122.246630][ T3905] EXT4-fs (loop2): i_reserved_data_blocks=31 [ 122.336776][ T3909] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2048 with error 28 [ 122.349190][ T3909] EXT4-fs (loop2): This should not happen!! Data will be lost [ 122.349190][ T3909] [ 122.409490][ T60] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 122.419213][ T60] asix 4-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 122.429281][ T60] asix: probe of 4-1:0.0 failed with error -71 [ 122.436473][ T60] usb 4-1: USB disconnect, device number 25 [ 122.557733][ T3919] binder: 3918:3919 ioctl c0306201 0 returned -14 [ 122.564428][ T3919] binder: 3918:3919 ioctl c0306201 20000480 returned -22 [ 122.755767][ T3937] loop4: detected capacity change from 0 to 512 [ 122.770465][ T3937] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 122.816285][ T3937] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1053: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 122.844800][ T3937] EXT4-fs (loop4): 1 truncate cleaned up [ 122.856878][ T3937] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 122.917171][ T3937] device vlan2 entered promiscuous mode [ 122.922600][ T3937] device vlan0 entered promiscuous mode [ 122.955461][ T3947] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.972582][ T3947] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.986382][ T3947] device bridge_slave_0 entered promiscuous mode [ 123.000559][ T3947] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.024929][ T3947] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.047596][ T3947] device bridge_slave_1 entered promiscuous mode [ 123.235463][ T343] hid-generic 0000:0000:0000.0043: unknown main item tag 0x0 [ 123.246810][ T343] hid-generic 0000:0000:0000.0043: hidraw0: HID v0.00 Device [syz0] on syz0 [ 123.252249][ T3947] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.263062][ T3947] bridge0: port 2(bridge_slave_1) entered forwarding state [ 123.270145][ T3947] bridge0: port 1(bridge_slave_0) entered blocking state [ 123.276919][ T3947] bridge0: port 1(bridge_slave_0) entered forwarding state [ 123.344547][ T3980] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:00, vlan:0) [ 123.356884][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.365788][ T839] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.387291][ T839] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.417678][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 123.435473][ T3984] loop2: detected capacity change from 0 to 512 [ 123.442553][ T839] bridge0: port 1(bridge_slave_0) entered blocking state [ 123.449400][ T839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 123.480142][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 123.492906][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.499778][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 123.526512][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 123.544006][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 123.562049][ T3984] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 123.579549][ T6] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 123.593289][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 123.613519][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 123.630035][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 123.630469][ T4000] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 123.639947][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 123.646717][ T4000] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev tmpfs, type tmpfs) errno=-22 [ 123.655833][ T3984] EXT4-fs (loop2): 1 orphan inode deleted [ 123.669158][ T3984] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobarrier,noblock_validity,lazytime,barrier=0x0000000000000003,errors=remount-ro,resgid=0x000000000000ee01,errors=remount-ro,resgid=0x000000000000ee01,resgid=0x000000000000ee002. Quota mode: writeback. [ 123.696918][ T3947] device veth0_vlan entered promiscuous mode [ 123.706851][ T45] EXT4-fs error (device loop2): ext4_release_dquot:6210: comm kworker/u4:2: Failed to release dquot type 1 [ 123.725441][ T3947] device veth1_macvtap entered promiscuous mode [ 123.733884][ T45] EXT4-fs (loop2): Remounting filesystem read-only [ 123.743276][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 123.754428][ T382] device bridge_slave_1 left promiscuous mode [ 123.761229][ T382] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.778954][ T382] device bridge_slave_0 left promiscuous mode [ 123.787249][ T382] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.831760][ T382] device veth1_macvtap left promiscuous mode [ 123.847773][ T382] device veth0_vlan left promiscuous mode [ 123.859416][ T6] usb 5-1: Using ep0 maxpacket: 32 [ 125.403813][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 125.424606][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 125.458558][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 125.468570][ T30] kauditd_printk_skb: 31 callbacks suppressed [ 125.468585][ T30] audit: type=1326 audit(1728577978.487:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.506486][ T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 125.523162][ T30] audit: type=1326 audit(1728577978.487:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.547758][ T30] audit: type=1326 audit(1728577978.487:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.579680][ T6] usb 5-1: unable to read config index 0 descriptor/all [ 125.589472][ T6] usb 5-1: can't read configurations, error -71 [ 125.614730][ T30] audit: type=1326 audit(1728577978.487:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.655857][ T30] audit: type=1326 audit(1728577978.487:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.690185][ T30] audit: type=1326 audit(1728577978.487:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.714728][ T30] audit: type=1326 audit(1728577978.597:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.740375][ T30] audit: type=1326 audit(1728577978.597:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.790975][ T30] audit: type=1326 audit(1728577978.627:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.817016][ T30] audit: type=1326 audit(1728577978.627:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4021 comm="syz.3.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19cae7bff9 code=0x7ffc0000 [ 125.886602][ T4047] loop2: detected capacity change from 0 to 8192 [ 125.950242][ T4047] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 125.982415][ T4047] overlayfs: upper fs does not support tmpfile. [ 125.997040][ T1468] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 126.014788][ T1468] FAT-fs (loop2): Filesystem has been set read-only [ 126.143871][ T4085] syz.2.1476[4085] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 126.143934][ T4085] syz.2.1476[4085] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 126.189443][ T664] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 126.476417][ T4118] loop4: detected capacity change from 0 to 512 [ 126.507290][ T4125] xt_hashlimit: size too large, truncated to 1048576 [ 126.538408][ T4118] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 126.560978][ T4118] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002] [ 126.571425][ T664] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 126.593416][ T4118] System zones: 1-12 [ 126.597195][ T664] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16 [ 126.615111][ T4118] EXT4-fs (loop4): 1 truncate cleaned up [ 126.628826][ T4118] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug,lazytime,nombcache,noload,,errors=continue. Quota mode: none. [ 126.672913][ T4118] syz.4.1490 (pid 4118) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 126.782555][ T4140] loop4: detected capacity change from 0 to 128 [ 126.790551][ T4140] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 126.800964][ T664] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 126.801770][ T4140] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038 (0x7fffffff) [ 126.820158][ T664] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.827979][ T664] usb 4-1: Product: syz [ 126.832245][ T664] usb 4-1: Manufacturer: syz [ 126.836648][ T664] usb 4-1: SerialNumber: syz [ 126.848260][ T4145] loop2: detected capacity change from 0 to 128 [ 126.909775][ T4145] EXT4-fs (loop2): Ignoring removed bh option [ 126.928973][ T4145] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 126.944948][ T4145] EXT4-fs (loop2): mounted filesystem without journal. Opts: auto_da_alloc,bh,,errors=continue. Quota mode: none. [ 126.959255][ T4145] ext2 filesystem being mounted at /262/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 127.080337][ T4063] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 127.269432][ T2707] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 127.296603][ T4186] loop1: detected capacity change from 0 to 512 [ 127.372371][ T4186] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1518: inode #1: comm syz.1.1518: iget: illegal inode # [ 127.385468][ T4186] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1518: error while reading EA inode 1 err=-117 [ 127.398072][ T4186] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1518: inode #1: comm syz.1.1518: iget: illegal inode # [ 127.411282][ T4186] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1518: error while reading EA inode 1 err=-117 [ 127.423603][ T4186] EXT4-fs (loop1): 1 orphan inode deleted [ 127.429194][ T4186] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrjquota=,journal_dev=0x0000000000008000,debug_want_extra_isize=0x000000000000005c,minixdf,resgid=0x0000000000000000,grpquota,usrjquota=,journal_dev=0x0000000000000dcc,,errors=continue. Quota mode: writeback. [ 127.509466][ T2707] usb 5-1: Using ep0 maxpacket: 16 [ 127.629646][ T2707] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.632397][ T4213] loop2: detected capacity change from 0 to 256 [ 127.640793][ T2707] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.656714][ T2707] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 127.669648][ T2707] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 127.678484][ T2707] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.686956][ T2707] usb 5-1: config 0 descriptor?? [ 127.689644][ T6] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 127.704513][ T4213] FAT-fs (loop2): Directory bread(block 64) failed [ 127.710983][ T4213] FAT-fs (loop2): Directory bread(block 65) failed [ 127.717371][ T4213] FAT-fs (loop2): Directory bread(block 66) failed [ 127.723671][ T4213] FAT-fs (loop2): Directory bread(block 67) failed [ 127.730768][ T4213] FAT-fs (loop2): Directory bread(block 68) failed [ 127.737104][ T4213] FAT-fs (loop2): Directory bread(block 69) failed [ 127.743488][ T4213] FAT-fs (loop2): Directory bread(block 70) failed [ 127.749634][ T4063] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 127.749843][ T4213] FAT-fs (loop2): Directory bread(block 71) failed [ 127.762942][ T4213] FAT-fs (loop2): Directory bread(block 72) failed [ 127.769197][ T4213] FAT-fs (loop2): Directory bread(block 73) failed [ 127.779426][ T300] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 127.989481][ T664] cdc_ncm 4-1:1.0: failed to get mac address [ 128.069519][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 128.080595][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 128.091525][ T6] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 128.104224][ T6] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 128.113063][ T378] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 128.120507][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.129010][ T6] usb 1-1: config 0 descriptor?? [ 128.149516][ T4190] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 128.159543][ T300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.171062][ T300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 128.171223][ T2707] microsoft 0003:045E:07DA.0044: No inputs registered, leaving [ 128.180703][ T300] usb 2-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00 [ 128.192544][ T2707] microsoft 0003:045E:07DA.0044: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 128.198239][ T300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.209473][ T664] cdc_ncm 4-1:1.0: bind() failure [ 128.216681][ T300] usb 2-1: config 0 descriptor?? [ 128.223983][ T2707] microsoft 0003:045E:07DA.0044: no inputs found [ 128.231762][ T2707] microsoft 0003:045E:07DA.0044: could not initialize ff, continuing anyway [ 128.240205][ T664] cdc_ncm: probe of 4-1:1.1 failed with error -71 [ 128.259711][ T664] cdc_mbim: probe of 4-1:1.1 failed with error -71 [ 128.267258][ T664] usb 4-1: USB disconnect, device number 26 [ 128.390325][ T2707] usb 5-1: USB disconnect, device number 27 [ 128.499498][ T378] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 128.600276][ T6] plantronics 0003:047F:FFFF.0045: unknown main item tag 0xd [ 128.608131][ T6] plantronics 0003:047F:FFFF.0045: No inputs registered, leaving [ 128.616922][ T6] plantronics 0003:047F:FFFF.0045: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 128.689492][ T378] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 128.698348][ T378] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 128.706207][ T378] usb 3-1: Product: syz [ 128.710158][ T378] usb 3-1: Manufacturer: syz [ 128.714722][ T378] usb 3-1: SerialNumber: syz [ 128.740194][ T300] elo 0003:04E7:0030.0046: item fetching failed at offset 5/7 [ 128.747570][ T300] elo 0003:04E7:0030.0046: parse failed [ 128.752925][ T300] elo: probe of 0003:04E7:0030.0046 failed with error -22 [ 128.870189][ T2707] usb 1-1: USB disconnect, device number 27 [ 128.964574][ T6] usb 2-1: USB disconnect, device number 32 [ 129.189426][ T300] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 129.380585][ T4224] loop0: detected capacity change from 0 to 256 [ 129.391502][ T4224] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 129.403518][ T4224] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 129.449440][ T300] usb 5-1: Using ep0 maxpacket: 16 [ 129.491793][ T4231] loop0: detected capacity change from 0 to 1024 [ 129.519976][ T4231] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 129.530656][ T4231] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,max_dir_size_kb=0x0000000000000003,sysvgroups,grpquota,debug_want_extra_isize=0x0000000000000080,user_xattr,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: writeback. [ 129.589484][ T300] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 129.598350][ T300] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 129.608213][ T300] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 129.618012][ T300] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 129.631323][ T300] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 129.641462][ T300] usb 5-1: config 1 interface 0 has no altsetting 0 [ 129.647877][ T300] usb 5-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 129.656908][ T300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.688170][ T4247] loop0: detected capacity change from 0 to 128 [ 129.700129][ T300] ums-sddr09 5-1:1.0: USB Mass Storage device detected [ 129.761122][ T4247] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 129.771604][ T4247] ext4 filesystem being mounted at /31/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 129.850027][ T378] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 129.857564][ T378] cdc_ncm 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 129.864998][ T378] cdc_ncm 3-1:1.0: setting rx_max = 2048 [ 129.920578][ T300] scsi host1: usb-storage 5-1:1.0 [ 130.001725][ T4260] loop0: detected capacity change from 0 to 2048 [ 130.079481][ T378] cdc_ncm 3-1:1.0: setting tx_max = 36 [ 130.085312][ T4260] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 130.093945][ T378] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM, 42:42:42:42:42:42 [ 130.100642][ T4260] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,mblk_io_submit,minixdf,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none. [ 130.105129][ T378] usb 3-1: USB disconnect, device number 19 [ 130.138295][ T664] usb 5-1: USB disconnect, device number 28 [ 130.148789][ T378] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM [ 130.330400][ T4301] syz.0.1552[4301] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.330462][ T4301] syz.0.1552[4301] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.484918][ T30] kauditd_printk_skb: 94 callbacks suppressed [ 130.484933][ T30] audit: type=1400 audit(1728577983.507:1341): avc: denied { remount } for pid=4313 comm="syz.0.1558" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 130.504704][ T4314] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22 [ 130.531307][ T4314] SELinux: security_context_str_to_sid(staff_u) failed for (dev fuse, type fuse) errno=-22 [ 130.577447][ T4322] syz.1.1562[4322] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.577513][ T4322] syz.1.1562[4322] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 130.612570][ T30] audit: type=1326 audit(1728577983.637:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4323 comm="syz.2.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 130.647063][ T30] audit: type=1326 audit(1728577983.637:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4323 comm="syz.2.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 130.671594][ T30] audit: type=1326 audit(1728577983.637:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4323 comm="syz.2.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 130.710551][ T30] audit: type=1326 audit(1728577983.637:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4323 comm="syz.2.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 130.735785][ T30] audit: type=1326 audit(1728577983.637:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4323 comm="syz.2.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 130.759156][ T30] audit: type=1326 audit(1728577983.637:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4323 comm="syz.2.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 130.782586][ T30] audit: type=1326 audit(1728577983.697:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4323 comm="syz.2.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 130.806878][ T30] audit: type=1326 audit(1728577983.697:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4323 comm="syz.2.1563" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 130.834909][ T4333] netlink: 'syz.2.1566': attribute type 6 has an invalid length. [ 130.858220][ T4335] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 130.869519][ T300] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 130.880596][ T30] audit: type=1326 audit(1728577983.897:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4336 comm="syz.4.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 130.959826][ T664] Bluetooth: hci0: command 0x1003 tx timeout [ 130.965679][ T471] Bluetooth: hci0: sending frame failed (-49) [ 130.974554][ T4351] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 131.085350][ T4362] loop4: detected capacity change from 0 to 512 [ 131.119685][ T300] usb 1-1: Using ep0 maxpacket: 32 [ 131.121432][ T4362] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 131.138774][ T4362] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038 (0x7fffffff) [ 131.215118][ T4368] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1581'. [ 131.225035][ T4368] device vlan3 entered promiscuous mode [ 131.230653][ T4368] device team_slave_0 entered promiscuous mode [ 131.237364][ T4368] device team_slave_0 left promiscuous mode [ 131.269467][ T2707] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 131.269484][ T300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 131.287721][ T300] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 131.296841][ T300] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.305653][ T300] usb 1-1: config 0 descriptor?? [ 131.324778][ T4372] tipc: Started in network mode [ 131.329646][ T4372] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 131.338372][ T4372] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 131.346654][ T4372] tipc: Enabled bearer , priority 0 [ 131.353218][ T300] hub 1-1:0.0: USB hub found [ 131.559461][ T300] hub 1-1:0.0: 2 ports detected [ 131.629506][ T2707] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 131.640237][ T343] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 131.647579][ T2707] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 131.657421][ T2707] usb 3-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 131.666369][ T2707] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.675042][ T2707] usb 3-1: config 0 descriptor?? [ 131.689463][ T378] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 131.999478][ T343] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 132.010210][ T343] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 132.019773][ T343] usb 5-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 132.028584][ T343] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.037061][ T343] usb 5-1: config 0 descriptor?? [ 132.039444][ T300] hub 1-1:0.0: set hub depth failed [ 132.069547][ T378] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 132.081839][ T300] usb 1-1: USB disconnect, device number 28 [ 132.088421][ T378] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 132.097821][ T378] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 132.106171][ T378] usb 2-1: config 0 descriptor?? [ 132.160101][ T2707] zydacron 0003:13EC:0006.0047: unknown main item tag 0x0 [ 132.167144][ T2707] zydacron 0003:13EC:0006.0047: unknown main item tag 0x0 [ 132.174103][ T2707] zydacron 0003:13EC:0006.0047: unknown main item tag 0x0 [ 132.181115][ T2707] zydacron 0003:13EC:0006.0047: unknown main item tag 0x0 [ 132.187977][ T2707] zydacron 0003:13EC:0006.0047: item fetching failed at offset 4/5 [ 132.195899][ T2707] zydacron 0003:13EC:0006.0047: parse failed [ 132.201801][ T2707] zydacron: probe of 0003:13EC:0006.0047 failed with error -22 [ 132.362842][ T300] usb 3-1: USB disconnect, device number 20 [ 132.400177][ T378] usb 2-1: string descriptor 0 read error: -71 [ 132.406180][ T378] usb 2-1: Found UVC 0.00 device (046d:08c1) [ 132.412906][ T378] usb 2-1: No valid video chain found. [ 132.418813][ T378] usb 2-1: USB disconnect, device number 33 [ 132.469687][ T20] tipc: Node number set to 1 [ 132.520371][ T343] hid-led 0003:1D34:000A.0048: unknown main item tag 0x0 [ 132.589851][ T4383] loop0: detected capacity change from 0 to 512 [ 132.661398][ T4383] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #2: comm syz.0.1588: corrupted xattr block 255 [ 132.673309][ T4383] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 132.681353][ T4383] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=abort,noblock_validity,dioread_lock,init_itable,auto_da_alloc,grpjquota=.noload,barrier=0x0000000000000007,jqfmt=vfsv1,grpid,,,errors=continue. Quota mode: writeback. [ 132.703932][ T4383] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #2: comm syz.0.1588: corrupted xattr block 255 [ 132.715695][ T4383] SELinux: (dev loop0, type ext4) getxattr errno 117 [ 132.739934][ T343] hid-led 0003:1D34:000A.0048: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.4-1/input0 [ 132.751820][ T343] hid-led 0003:1D34:000A.0048: Dream Cheeky Webmail Notifier initialized [ 132.882970][ T4398] binder: 4397:4398 ioctl c0306201 20000180 returned -22 [ 132.940683][ T343] usb 5-1: USB disconnect, device number 29 [ 132.977861][ T4412] SELinux: failed to load policy [ 133.039506][ T60] Bluetooth: hci0: command 0x1001 tx timeout [ 133.045695][ T471] Bluetooth: hci0: sending frame failed (-49) [ 133.100015][ T4422] device veth0_vlan left promiscuous mode [ 133.105903][ T4422] device veth0_vlan entered promiscuous mode [ 133.179423][ T378] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 133.229963][ T20] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 133.458210][ T4447] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22 [ 133.467613][ T4447] SELinux: security_context_str_to_sid(staff_u) failed for (dev fuse, type fuse) errno=-22 [ 133.500882][ T4454] xt_hashlimit: size too large, truncated to 1048576 [ 133.508571][ T4455] loop0: detected capacity change from 0 to 256 [ 133.569515][ T378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 133.583861][ T378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 133.594182][ T378] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 133.604762][ T378] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.618042][ T378] usb 3-1: config 0 descriptor?? [ 133.623018][ T20] usb 2-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 133.632225][ T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.646220][ T20] usb 2-1: config 0 descriptor?? [ 133.939455][ T300] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 134.109681][ T378] hid (null): report_id 1388856143 is invalid [ 134.117070][ T378] hid-led 0003:27B8:01ED.0049: report_id 1388856143 is invalid [ 134.124558][ T378] hid-led 0003:27B8:01ED.0049: item 0 4 1 8 parsing failed [ 134.131746][ T378] hid-led: probe of 0003:27B8:01ED.0049 failed with error -22 [ 134.299505][ T300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 134.310265][ T300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 134.319998][ T300] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice= 0.00 [ 134.320052][ T343] usb 3-1: USB disconnect, device number 21 [ 134.328906][ T300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.342940][ T300] usb 5-1: config 0 descriptor?? [ 134.559460][ T20] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 134.569312][ T20] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9 [ 134.580086][ T20] asix: probe of 2-1:0.0 failed with error -71 [ 134.587007][ T20] usb 2-1: USB disconnect, device number 34 [ 134.820261][ T300] appleir 0003:05AC:8243.004A: report_id 0 is invalid [ 134.826892][ T300] appleir 0003:05AC:8243.004A: item 0 0 1 8 parsing failed [ 134.834324][ T300] appleir 0003:05AC:8243.004A: parse failed [ 134.840057][ T300] appleir: probe of 0003:05AC:8243.004A failed with error -22 [ 135.026939][ T300] usb 5-1: USB disconnect, device number 30 [ 135.069448][ T378] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 135.119440][ T6] Bluetooth: hci0: command 0x1009 tx timeout [ 135.309416][ T378] usb 1-1: Using ep0 maxpacket: 16 [ 135.359465][ T2707] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 135.429462][ T378] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 135.440213][ T378] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 135.449717][ T378] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 135.462316][ T378] usb 1-1: New USB device found, idVendor=046d, idProduct=0a87, bcdDevice= 0.00 [ 135.471147][ T378] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.479773][ T378] usb 1-1: config 0 descriptor?? [ 135.602307][ T30] kauditd_printk_skb: 53 callbacks suppressed [ 135.602322][ T30] audit: type=1326 audit(1728577988.627:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.632622][ T30] audit: type=1326 audit(1728577988.627:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.656273][ T30] audit: type=1326 audit(1728577988.627:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.681144][ T30] audit: type=1326 audit(1728577988.627:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.704638][ T30] audit: type=1326 audit(1728577988.627:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.730363][ T30] audit: type=1326 audit(1728577988.627:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.748815][ T4519] loop2: detected capacity change from 0 to 512 [ 135.753829][ T2707] usb 2-1: config 0 interface 0 altsetting 249 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 135.770902][ T30] audit: type=1326 audit(1728577988.657:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.794417][ T2707] usb 2-1: config 0 interface 0 altsetting 249 endpoint 0x81 has invalid wMaxPacketSize 0 [ 135.794427][ T30] audit: type=1326 audit(1728577988.667:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.794452][ T30] audit: type=1326 audit(1728577988.667:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.804446][ T2707] usb 2-1: config 0 interface 0 has no altsetting 0 [ 135.827607][ T30] audit: type=1326 audit(1728577988.677:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4513 comm="syz.4.1645" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a73b6cff9 code=0x7ffc0000 [ 135.850822][ T2707] usb 2-1: New USB device found, idVendor=056a, idProduct=00d7, bcdDevice= 0.00 [ 135.888926][ T2707] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.890042][ T4519] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5 [ 135.890042][ T4519] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 135.890042][ T4519] [ 135.910012][ T2707] usb 2-1: config 0 descriptor?? [ 135.918973][ T4519] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1647: invalid indirect mapped block 11 (level 0) [ 135.932485][ T4519] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1647: attempt to clear invalid blocks 1024 len 1 [ 135.945848][ T4519] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters [ 135.950592][ T378] hid-generic 0003:046D:0A87.004B: unknown main item tag 0x0 [ 135.963690][ T4519] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1647: invalid indirect mapped block 1819239214 (level 0) [ 135.967215][ T378] hid-generic 0003:046D:0A87.004B: unknown main item tag 0x0 [ 135.981309][ T4519] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1647: invalid indirect mapped block 33554432 (level 2) [ 135.988042][ T300] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 136.002367][ T4519] EXT4-fs (loop2): 1 truncate cleaned up [ 136.008983][ T378] hid-generic 0003:046D:0A87.004B: unknown main item tag 0x0 [ 136.014728][ T4519] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x000000000000000e,journal_dev=0x0000000000000005,nodelalloc,noacl,max_batch_time=0x00000000000000ea,nodiscard,,errors=continue. Quota mode: none. [ 136.021722][ T378] hid-generic 0003:046D:0A87.004B: unknown main item tag 0x0 [ 136.050191][ T378] hid-generic 0003:046D:0A87.004B: unknown main item tag 0x0 [ 136.057522][ T378] hid-generic 0003:046D:0A87.004B: unknown main item tag 0x0 [ 136.064889][ T378] hid-generic 0003:046D:0A87.004B: unbalanced collection at end of report description [ 136.074432][ T378] hid-generic: probe of 0003:046D:0A87.004B failed with error -22 [ 136.229865][ T343] usb 1-1: USB disconnect, device number 29 [ 136.387006][ T4535] loop2: detected capacity change from 0 to 512 [ 136.390871][ T2707] wacom 0003:056A:00D7.004C: Unknown device_type for 'HID 056a:00d7'. Assuming pen. [ 136.402881][ T2707] wacom 0003:056A:00D7.004C: hidraw0: USB HID v0.00 Device [HID 056a:00d7] on usb-dummy_hcd.1-1/input0 [ 136.414180][ T2707] input: Wacom BambooPT 2FG Small Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00D7.004C/input/input42 [ 136.429544][ T300] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 136.460631][ T4535] EXT4-fs (loop2): corrupt root inode, run e2fsck [ 136.466989][ T4535] EXT4-fs (loop2): mount failed [ 136.543529][ T4535] loop2: detected capacity change from 0 to 128 [ 136.585600][ T4538] loop2: detected capacity change from 0 to 128 [ 136.599576][ T300] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 136.610283][ T300] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.618084][ T300] usb 5-1: Product: syz [ 136.622132][ T300] usb 5-1: Manufacturer: syz [ 136.626507][ T300] usb 5-1: SerialNumber: syz [ 136.631447][ T2707] usb 2-1: USB disconnect, device number 35 [ 136.650251][ T4538] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 136.663604][ T4538] FAT-fs (loop2): error, invalid access to FAT (entry 0x0affffff) [ 136.671395][ T4538] FAT-fs (loop2): Filesystem has been set read-only [ 136.715251][ T4541] loop2: detected capacity change from 0 to 256 [ 137.009480][ T343] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 137.087464][ T4545] SELinux: security_context_str_to_sid(staff_u) failed for (dev ?, type ?) errno=-22 [ 137.096860][ T4545] SELinux: security_context_str_to_sid(staff_u) failed for (dev tmpfs, type tmpfs) errno=-22 [ 137.249677][ T343] usb 1-1: Using ep0 maxpacket: 16 [ 137.278474][ T4551] loop2: detected capacity change from 0 to 40427 [ 137.369501][ T343] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.378645][ T4551] F2FS-fs (loop2): invalid crc value [ 137.380258][ T343] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.386271][ T4551] F2FS-fs (loop2): Found nat_bits in checkpoint [ 137.395083][ T343] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 137.414088][ T343] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 137.423053][ T343] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.427597][ T4551] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 137.434016][ T343] usb 1-1: config 0 descriptor?? [ 137.449640][ T4551] handle_bad_sector: 8 callbacks suppressed [ 137.449652][ T4551] attempt to access beyond end of device [ 137.449652][ T4551] loop2: rw=2049, want=45104, limit=40427 [ 137.470087][ T1468] attempt to access beyond end of device [ 137.470087][ T1468] loop2: rw=2049, want=45112, limit=40427 [ 137.480070][ T664] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 137.606800][ T4566] loop2: detected capacity change from 0 to 512 [ 137.671489][ T4566] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #17: comm syz.2.1667: iget: bogus i_mode (0) [ 137.682729][ T4566] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1667: couldn't read orphan inode 17 (err -117) [ 137.694676][ T4566] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 137.708078][ T4566] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.1667: bg 0: block 7: invalid block bitmap [ 137.729440][ T664] usb 2-1: Using ep0 maxpacket: 32 [ 137.739563][ T300] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 137.745806][ T300] cdc_ncm 5-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 137.753256][ T300] cdc_ncm 5-1:1.0: setting rx_max = 2048 [ 137.849520][ T664] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.860325][ T664] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.869922][ T664] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 137.882693][ T664] usb 2-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00 [ 137.891779][ T664] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.902473][ T664] usb 2-1: config 0 descriptor?? [ 137.920405][ T343] microsoft 0003:045E:07DA.004D: bogus close delimiter [ 137.927074][ T343] microsoft 0003:045E:07DA.004D: item 0 0 2 10 parsing failed [ 137.935436][ T343] microsoft 0003:045E:07DA.004D: parse failed [ 137.944603][ T343] microsoft: probe of 0003:045E:07DA.004D failed with error -22 [ 137.949437][ T300] cdc_ncm 5-1:1.0: setting tx_max = 36 [ 137.958810][ T300] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM, 42:42:42:42:42:42 [ 137.972737][ T300] usb 5-1: USB disconnect, device number 31 [ 137.978691][ T300] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM [ 138.141210][ T343] usb 1-1: USB disconnect, device number 30 [ 138.221608][ T4611] loop2: detected capacity change from 0 to 512 [ 138.311593][ T4611] EXT4-fs (loop2): 1 orphan inode deleted [ 138.317200][ T4611] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 138.328239][ T4611] ext4 filesystem being mounted at /311/file1 supports timestamps until 2038 (0x7fffffff) [ 138.380980][ T664] itetech 0003:048D:8595.004E: unknown main item tag 0x0 [ 138.387904][ T664] itetech 0003:048D:8595.004E: unknown main item tag 0x0 [ 138.394802][ T664] itetech 0003:048D:8595.004E: unknown main item tag 0x0 [ 138.401654][ T664] itetech 0003:048D:8595.004E: unknown main item tag 0x0 [ 138.408459][ T664] itetech 0003:048D:8595.004E: unknown main item tag 0x0 [ 138.416555][ T664] itetech 0003:048D:8595.004E: hidraw0: USB HID v0.00 Device [HID 048d:8595] on usb-dummy_hcd.1-1/input0 [ 138.509760][ T4622] loop2: detected capacity change from 0 to 512 [ 138.570071][ T4622] EXT4-fs (loop2): dax option not supported [ 138.585208][ T378] usb 2-1: USB disconnect, device number 36 [ 138.648447][ T4632] loop4: detected capacity change from 0 to 256 [ 138.681474][ T4632] FAT-fs (loop4): Directory bread(block 64) failed [ 138.683163][ T4638] loop0: detected capacity change from 0 to 2048 [ 138.688729][ T4632] FAT-fs (loop4): Directory bread(block 65) failed [ 138.702745][ T4632] FAT-fs (loop4): Directory bread(block 66) failed [ 138.709071][ T4632] FAT-fs (loop4): Directory bread(block 67) failed [ 138.715527][ T4632] FAT-fs (loop4): Directory bread(block 68) failed [ 138.722091][ T4632] FAT-fs (loop4): Directory bread(block 69) failed [ 138.728464][ T4632] FAT-fs (loop4): Directory bread(block 70) failed [ 138.735038][ T4632] FAT-fs (loop4): Directory bread(block 71) failed [ 138.741805][ T4632] FAT-fs (loop4): Directory bread(block 72) failed [ 138.748138][ T4632] FAT-fs (loop4): Directory bread(block 73) failed [ 138.755957][ T4638] EXT4-fs (loop0): mounted filesystem without journal. Opts: commit=0x0000000000000005,noload,,errors=continue. Quota mode: none. [ 138.907033][ T4655] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1693'. [ 139.068769][ T4661] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.093118][ T4661] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.137690][ T4661] device bridge_slave_0 entered promiscuous mode [ 139.146355][ T4677] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 139.153415][ T4677] IPv6: NLM_F_CREATE should be set when creating new route [ 139.162039][ T4661] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.170009][ T4661] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.195703][ T4661] device bridge_slave_1 entered promiscuous mode [ 139.310183][ T4661] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.317037][ T4661] bridge0: port 2(bridge_slave_1) entered forwarding state [ 139.324173][ T4661] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.330954][ T4661] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.397454][ T839] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.406854][ T839] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.413930][ T378] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 139.429937][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 139.444866][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 139.462052][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 139.477669][ T839] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.484556][ T839] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.487528][ T4681] loop1: detected capacity change from 0 to 40427 [ 139.502855][ T4681] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 139.520583][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 139.528468][ T4681] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 139.541591][ T839] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.548474][ T839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 139.556522][ T4681] F2FS-fs (loop1): invalid crc_offset: 33558524 [ 139.556636][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 139.570674][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 139.592053][ T4661] device veth0_vlan entered promiscuous mode [ 139.597119][ T4683] loop4: detected capacity change from 0 to 40427 [ 139.604984][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 139.610042][ T4681] F2FS-fs (loop1): Found nat_bits in checkpoint [ 139.613270][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 139.627363][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 139.634944][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 139.642715][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 139.643000][ T4683] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 139.658774][ T4661] device veth1_macvtap entered promiscuous mode [ 139.666028][ T4683] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 139.677549][ T4681] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 139.682367][ T4683] F2FS-fs (loop4): Found nat_bits in checkpoint [ 139.685106][ T4681] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 139.698810][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 139.715354][ T45] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 139.725807][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.725847][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.732732][ T4683] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 139.734015][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.741978][ T4683] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 139.747842][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.781595][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.789013][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.797951][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.809720][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.809766][ T378] usb 3-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 139.817354][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.833781][ T378] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.835854][ T4681] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix. [ 139.879906][ T378] usb 3-1: config 0 descriptor?? [ 139.959850][ T378] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 139.967531][ T378] usb 3-1: Detected FT-X [ 140.018701][ T4712] loop4: detected capacity change from 0 to 512 [ 140.050485][ T4712] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 140.061918][ T4712] EXT4-fs (loop4): 1 truncate cleaned up [ 140.067363][ T4712] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,sysvgroups,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback. [ 140.189456][ T378] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 140.196705][ T8] device bridge_slave_1 left promiscuous mode [ 140.203282][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.210777][ T8] device bridge_slave_0 left promiscuous mode [ 140.216775][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.223770][ T378] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 140.231057][ T8] device veth1_macvtap left promiscuous mode [ 140.236952][ T8] device veth0_vlan left promiscuous mode [ 140.249472][ T378] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71 [ 140.261315][ T378] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 140.275408][ T378] usb 3-1: USB disconnect, device number 22 [ 140.291476][ T378] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 140.310436][ T378] ftdi_sio 3-1:0.0: device disconnected [ 140.319523][ T343] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 140.407387][ T4757] syz.3.1732[4757] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 140.407453][ T4757] syz.3.1732[4757] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 140.689523][ T343] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 140.711896][ T343] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 140.721545][ T343] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 140.730342][ T343] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.738543][ T343] usb 2-1: config 0 descriptor?? [ 140.797075][ T4801] loop2: detected capacity change from 0 to 256 [ 140.803672][ T300] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 140.912467][ T30] kauditd_printk_skb: 28 callbacks suppressed [ 140.912480][ T30] audit: type=1400 audit(1728577993.937:1442): avc: denied { read } for pid=4808 comm="syz.2.1758" name="file0" dev="tmpfs" ino=1750 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 141.024840][ T30] audit: type=1326 audit(1728577994.047:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4812 comm="syz.2.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 141.037656][ T4815] loop4: detected capacity change from 0 to 256 [ 141.054190][ T60] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 141.063976][ T30] audit: type=1326 audit(1728577994.077:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4812 comm="syz.2.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 141.087707][ T30] audit: type=1326 audit(1728577994.077:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4812 comm="syz.2.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 141.112913][ T30] audit: type=1326 audit(1728577994.077:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4812 comm="syz.2.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 141.150382][ T30] audit: type=1326 audit(1728577994.077:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4812 comm="syz.2.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 141.173891][ T30] audit: type=1326 audit(1728577994.077:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4812 comm="syz.2.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 141.197752][ T30] audit: type=1326 audit(1728577994.097:1449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4812 comm="syz.2.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 141.237357][ T30] audit: type=1326 audit(1728577994.097:1450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4812 comm="syz.2.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 141.261122][ T300] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30 [ 141.261794][ T343] lg-g15 0003:046D:C222.004F: unknown main item tag 0x0 [ 141.278881][ T30] audit: type=1326 audit(1728577994.117:1451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4812 comm="syz.2.1760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 141.302530][ T300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.307539][ T343] lg-g15 0003:046D:C222.004F: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.1-1/input0 [ 141.313748][ T300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 141.324440][ T60] usb 4-1: Using ep0 maxpacket: 16 [ 141.374423][ T300] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 141.387287][ T300] usb 1-1: New USB device found, idVendor=0458, idProduct=501a, bcdDevice= 0.00 [ 141.397613][ T4822] loop4: detected capacity change from 0 to 128 [ 141.404734][ T300] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.421082][ T300] usb 1-1: config 0 descriptor?? [ 141.450394][ T4822] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 141.459692][ T60] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 141.497003][ T60] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 141.506842][ T60] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 141.506853][ T378] usb 2-1: USB disconnect, device number 37 [ 141.525481][ T60] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 141.535982][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 141.559529][ T4795] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 141.579859][ T60] cdc_acm 4-1:1.0: Control and data interfaces are not separated! [ 141.596482][ T4833] loop2: detected capacity change from 0 to 128 [ 141.799841][ T60] cdc_acm 4-1:1.0: ttyACM0: USB ACM device [ 141.807137][ T60] usb 4-1: USB disconnect, device number 27 [ 141.812909][ T343] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 141.900223][ T300] kye 0003:0458:501A.0050: unbalanced delimiter at end of report description [ 141.908920][ T300] kye 0003:0458:501A.0050: parse failed [ 141.914254][ T300] kye: probe of 0003:0458:501A.0050 failed with error -22 [ 141.939474][ T2707] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 142.102657][ T300] usb 1-1: USB disconnect, device number 31 [ 142.179496][ T343] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.190244][ T2707] usb 3-1: Using ep0 maxpacket: 16 [ 142.195174][ T343] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.204719][ T343] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 142.213560][ T343] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.222231][ T343] usb 5-1: config 0 descriptor?? [ 142.309538][ T2707] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.320391][ T2707] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 142.329944][ T2707] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 142.339528][ T2707] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 142.348999][ T2707] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 142.358484][ T2707] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 142.519548][ T2707] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 142.528383][ T2707] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.536263][ T2707] usb 3-1: Product: syz [ 142.540219][ T2707] usb 3-1: Manufacturer: syz [ 142.544609][ T2707] usb 3-1: SerialNumber: syz [ 142.569430][ T60] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 142.587212][ T4846] netem: change failed [ 142.650342][ T4853] loop1: detected capacity change from 0 to 8192 [ 142.701013][ T343] cp2112 0003:10C4:EA90.0051: unknown main item tag 0x0 [ 142.710155][ T343] cp2112 0003:10C4:EA90.0051: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0 [ 142.809437][ T60] usb 4-1: Using ep0 maxpacket: 8 [ 142.862644][ T4864] loop0: detected capacity change from 0 to 40427 [ 142.909485][ T343] cp2112 0003:10C4:EA90.0051: error requesting version [ 142.916560][ T343] cp2112: probe of 0003:10C4:EA90.0051 failed with error -5 [ 142.928812][ T4864] F2FS-fs (loop0): invalid crc value [ 142.934024][ T60] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 142.935326][ T4864] F2FS-fs (loop0): Found nat_bits in checkpoint [ 142.943940][ T60] usb 4-1: New USB device found, idVendor=05a9, idProduct=2640, bcdDevice=55.12 [ 142.958811][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.969150][ T60] usb 4-1: config 0 descriptor?? [ 142.978745][ T4864] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1 [ 142.985386][ T4864] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 142.992788][ T2707] cdc_ncm 3-1:1.0: bind() failure [ 142.998629][ T2707] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found [ 143.005290][ T2707] cdc_ncm 3-1:1.1: bind() failure [ 143.014713][ T2707] usb 3-1: USB disconnect, device number 23 [ 143.112964][ T39] usb 5-1: USB disconnect, device number 32 [ 143.119598][ T664] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 143.249462][ T60] usb 4-1: string descriptor 0 read error: -71 [ 143.255770][ T60] usb 4-1: Found UVC 0.00 device (05a9:2640) [ 143.262518][ T60] usb 4-1: No valid video chain found. [ 143.268651][ T60] usb 4-1: USB disconnect, device number 28 [ 143.315001][ T4876] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1786'. [ 143.349471][ T343] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 143.359746][ T664] usb 2-1: Using ep0 maxpacket: 8 [ 143.479477][ T664] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.490268][ T664] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 143.499762][ T664] usb 2-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00 [ 143.508557][ T664] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.517021][ T664] usb 2-1: config 0 descriptor?? [ 143.589445][ T343] usb 1-1: Using ep0 maxpacket: 16 [ 143.697824][ T4891] input: syz1 as /devices/virtual/input/input45 [ 143.709521][ T343] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.720357][ T343] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 143.759566][ T4896] syz.4.1793[4896] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 143.759635][ T4896] syz.4.1793[4896] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 143.772397][ T4898] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1794'. [ 143.859627][ T343] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 143.871955][ T343] usb 1-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 143.883734][ T343] usb 1-1: Product: syz [ 143.887756][ T343] usb 1-1: Manufacturer: syz [ 143.893244][ T4908] loop4: detected capacity change from 0 to 128 [ 143.901164][ T343] usb 1-1: config 0 descriptor?? [ 144.001190][ T664] saitek 0003:06A3:0CCD.0052: unknown main item tag 0x0 [ 144.007997][ T664] saitek 0003:06A3:0CCD.0052: unknown main item tag 0x0 [ 144.015230][ T664] saitek 0003:06A3:0CCD.0052: item fetching failed at offset 2/11 [ 144.023082][ T664] saitek 0003:06A3:0CCD.0052: parse failed [ 144.028702][ T664] saitek: probe of 0003:06A3:0CCD.0052 failed with error -22 [ 144.031653][ T4908] EXT4-fs (loop4): mounted filesystem without journal. Opts: minixdf,nodelalloc,,errors=continue. Quota mode: none. [ 144.048208][ T4908] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038 (0x7fffffff) [ 144.186129][ T4916] input: syz1 as /devices/virtual/input/input46 [ 144.196247][ T368] udevd[368]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: No such file or directory [ 144.209881][ T300] usb 2-1: USB disconnect, device number 38 [ 144.379414][ T378] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 144.380373][ T343] kovaplus 0003:1E7D:2D50.0053: unknown main item tag 0xd [ 144.394384][ T343] kovaplus 0003:1E7D:2D50.0053: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.0-1/input0 [ 144.489419][ T39] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 144.639633][ T378] usb 5-1: Using ep0 maxpacket: 8 [ 144.759483][ T378] usb 5-1: New USB device found, idVendor=0403, idProduct=f0c8, bcdDevice= 2.56 [ 144.768396][ T378] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.776316][ T4934] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 144.788094][ T378] usb 5-1: config 0 descriptor?? [ 144.829802][ T378] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected [ 144.869545][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.880383][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 144.890039][ T39] usb 3-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 144.898872][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.907565][ T39] usb 3-1: config 0 descriptor?? [ 145.019528][ T343] kovaplus 0003:1E7D:2D50.0053: couldn't init struct kovaplus_device [ 145.027482][ T343] kovaplus 0003:1E7D:2D50.0053: couldn't install mouse [ 145.035079][ T343] kovaplus: probe of 0003:1E7D:2D50.0053 failed with error -71 [ 145.044203][ T343] usb 1-1: USB disconnect, device number 32 [ 145.069474][ T378] usb 5-1: Detected FT232BM [ 145.099483][ T664] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 145.370592][ T39] magicmouse 0003:05AC:0265.0054: unknown main item tag 0x0 [ 145.377721][ T39] magicmouse 0003:05AC:0265.0054: unknown main item tag 0x0 [ 145.385052][ T39] magicmouse 0003:05AC:0265.0054: item fetching failed at offset 2/3 [ 145.393327][ T39] magicmouse 0003:05AC:0265.0054: magicmouse hid parse failed [ 145.400702][ T39] magicmouse: probe of 0003:05AC:0265.0054 failed with error -22 [ 145.529538][ T664] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 145.530564][ T378] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 145.543663][ T664] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 145.556116][ T378] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 145.559000][ T664] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 145.572067][ T378] usb 5-1: USB disconnect, device number 33 [ 145.584671][ T664] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 145.587251][ T378] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 145.593814][ T664] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.604517][ T378] ftdi_sio 5-1:0.0: device disconnected [ 145.616515][ T2707] usb 3-1: USB disconnect, device number 24 [ 145.627557][ T664] usb 4-1: config 0 descriptor?? [ 145.659523][ T4943] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 145.889525][ T39] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 146.057381][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 146.057396][ T30] audit: type=1326 audit(1728577999.077:1458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.1.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590142dff9 code=0x7ffc0000 [ 146.100381][ T664] plantronics 0003:047F:FFFF.0055: unknown main item tag 0xd [ 146.105218][ T30] audit: type=1326 audit(1728577999.077:1459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.1.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f590142dff9 code=0x7ffc0000 [ 146.112000][ T664] plantronics 0003:047F:FFFF.0055: No inputs registered, leaving [ 146.135821][ T30] audit: type=1326 audit(1728577999.077:1460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.1.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590142dff9 code=0x7ffc0000 [ 146.161756][ T30] audit: type=1326 audit(1728577999.077:1461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.1.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590142dff9 code=0x7ffc0000 [ 146.187287][ T30] audit: type=1326 audit(1728577999.077:1462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.1.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f590142dff9 code=0x7ffc0000 [ 146.210800][ T664] plantronics 0003:047F:FFFF.0055: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 146.224332][ T30] audit: type=1326 audit(1728577999.077:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.1.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590142dff9 code=0x7ffc0000 [ 146.256736][ T30] audit: type=1326 audit(1728577999.077:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.1.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590142dff9 code=0x7ffc0000 [ 146.280739][ T30] audit: type=1326 audit(1728577999.077:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.1.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f590142dff9 code=0x7ffc0000 [ 146.304299][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 146.315354][ T30] audit: type=1326 audit(1728577999.117:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4954 comm="syz.1.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f590142dff9 code=0x7ffc0000 [ 146.339022][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 146.348650][ T39] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 146.357559][ T60] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 146.364985][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.372881][ T30] audit: type=1326 audit(1728577999.117:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4957 comm="syz.2.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 146.398005][ T39] usb 1-1: config 0 descriptor?? [ 147.536879][ T4966] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1823'. [ 147.555245][ T4971] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 147.579457][ T60] usb 5-1: device descriptor read/all, error -71 [ 147.619417][ T664] usb 4-1: reset high-speed USB device number 29 using dummy_hcd [ 147.633265][ T4978] loop2: detected capacity change from 0 to 512 [ 147.651192][ T4978] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,inode_readahead_blks=0x0000000000000800,quota,,errors=continue. Quota mode: writeback. [ 147.667097][ T4978] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038 (0x7fffffff) [ 147.747538][ T4986] SELinux: failed to load policy [ 148.044744][ T4996] loop4: detected capacity change from 0 to 512 [ 148.091686][ T5002] xt_bpf: check failed: parse error [ 148.121213][ T4996] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 148.137234][ T4996] ext4 filesystem being mounted at /104/bus supports timestamps until 2038 (0x7fffffff) [ 148.170399][ T5010] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1841'. [ 148.229734][ T5018] input: syz1 as /devices/virtual/input/input48 [ 148.252456][ T5021] netem: change failed [ 148.443999][ T5025] loop4: detected capacity change from 0 to 40427 [ 148.499791][ T2707] usb 4-1: USB disconnect, device number 29 [ 148.515106][ T5025] F2FS-fs (loop4): Found nat_bits in checkpoint [ 148.613831][ T5025] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2 [ 148.639466][ T39] usbhid 1-1:0.0: can't add hid device: -71 [ 148.645239][ T39] usbhid: probe of 1-1:0.0 failed with error -71 [ 148.659244][ T5025] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 148.661922][ T39] usb 1-1: USB disconnect, device number 33 [ 148.715421][ T5060] loop2: detected capacity change from 0 to 128 [ 148.727739][ T5061] raw_sendmsg: syz.0.1859 forgot to set AF_INET. Fix it! [ 148.740195][ T3556] attempt to access beyond end of device [ 148.740195][ T3556] loop4: rw=2049, want=45104, limit=40427 [ 148.804714][ T5060] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 148.815692][ T5060] ext4 filesystem being mounted at /358/mnt supports timestamps until 2038 (0x7fffffff) [ 148.832913][ T5070] loop0: detected capacity change from 0 to 128 [ 148.902983][ T5070] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 148.923870][ T5070] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038 (0x7fffffff) [ 148.996522][ T5087] loop2: detected capacity change from 0 to 256 [ 149.023731][ T5087] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 149.056118][ T5095] syzkaller0: mtu less than device minimum [ 149.080746][ T5103] syz.3.1879[5103] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 149.080813][ T5103] syz.3.1879[5103] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 149.087023][ T5099] loop2: detected capacity change from 0 to 2048 [ 149.151260][ T5099] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 149.183614][ T5099] EXT4-fs error (device loop2): ext4_free_inode:355: comm syz.2.1877: bit already cleared for inode 15 [ 149.212380][ T5117] bpf: Bad value for 'context' [ 149.262872][ T5123] loop2: detected capacity change from 0 to 16 [ 149.289552][ T378] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 149.317466][ T5123] erofs: (device loop2): mounted with root inode @ nid 36. [ 149.323611][ T5134] loop4: detected capacity change from 0 to 1024 [ 149.382466][ T5134] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,noblock_validity,usrquota,data_err=abort,,errors=continue. Quota mode: writeback. [ 149.538780][ T5156] loop4: detected capacity change from 0 to 128 [ 149.544876][ T378] usb 1-1: Using ep0 maxpacket: 8 [ 149.599449][ T300] Bluetooth: hci0: command 0x1003 tx timeout [ 149.605326][ T471] Bluetooth: hci0: sending frame failed (-49) [ 149.629795][ T5156] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 149.646772][ T5156] FAT-fs (loop4): error, invalid access to FAT (entry 0x0affffff) [ 149.659512][ T378] usb 1-1: New USB device found, idVendor=0403, idProduct=f0c8, bcdDevice= 2.56 [ 149.672688][ T378] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.674651][ T5156] FAT-fs (loop4): Filesystem has been set read-only [ 149.693276][ T378] usb 1-1: config 0 descriptor?? [ 149.739879][ T378] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 149.959474][ T378] usb 1-1: Detected FT232BM [ 150.131432][ T5165] loop2: detected capacity change from 0 to 2048 [ 150.171936][ T5165] Alternate GPT is invalid, using primary GPT. [ 150.177998][ T5165] loop2: p2 p3 p7 [ 150.271746][ T1107] udevd[1107]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 150.272940][ T1102] udevd[1102]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory [ 150.369474][ T664] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 150.389507][ T300] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 150.559488][ T378] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 150.589838][ T378] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 150.629491][ T378] usb 1-1: USB disconnect, device number 34 [ 150.669709][ T378] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 150.679011][ T378] ftdi_sio 1-1:0.0: device disconnected [ 151.680334][ T378] Bluetooth: hci0: command 0x1001 tx timeout [ 151.686213][ T471] Bluetooth: hci0: sending frame failed (-49) [ 151.864869][ T5178] loop2: detected capacity change from 0 to 256 [ 151.899779][ T5178] exfat: Unknown parameter 'Fy>!|JV5xG5klA<ⳮ#|bᄀl}3[M1_x< Ob !bEkr㊮32' [ 151.985272][ T5180] loop2: detected capacity change from 0 to 128 [ 152.271925][ T5203] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:00, vlan:0) [ 152.294234][ T5205] loop0: detected capacity change from 0 to 2048 [ 152.311436][ T5205] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 152.332853][ T30] kauditd_printk_skb: 65 callbacks suppressed [ 152.332870][ T30] audit: type=1326 audit(1728578005.357:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5211 comm="syz.2.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 152.364822][ T30] audit: type=1400 audit(1728578005.357:1534): avc: denied { mounton } for pid=5213 comm="syz.3.1927" path="/66/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1 [ 152.375537][ T5217] loop4: detected capacity change from 0 to 512 [ 152.390326][ T30] audit: type=1326 audit(1728578005.357:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5211 comm="syz.2.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 152.416691][ T30] audit: type=1326 audit(1728578005.447:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5215 comm="syz.2.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc04298f0e5 code=0x7ffc0000 [ 152.440114][ T30] audit: type=1326 audit(1728578005.447:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5211 comm="syz.2.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 152.464030][ T30] audit: type=1326 audit(1728578005.447:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5211 comm="syz.2.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 152.488261][ T30] audit: type=1326 audit(1728578005.447:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5211 comm="syz.2.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 152.511744][ T30] audit: type=1326 audit(1728578005.447:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5211 comm="syz.2.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 152.536484][ T5217] EXT4-fs (loop4): Ignoring removed oldalloc option [ 152.543214][ T5217] EXT4-fs (loop4): Journaled quota options ignored when QUOTA feature is enabled [ 152.557061][ T5217] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 152.566799][ T30] audit: type=1326 audit(1728578005.597:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5215 comm="syz.2.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fc04295cff9 code=0x7ffc0000 [ 152.595907][ T5217] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 152.615841][ T5217] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 152.627625][ T5217] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 152.636950][ T5217] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c040e01c, mo2=0000] [ 152.645058][ T5217] EXT4-fs (loop4): orphan cleanup on readonly fs [ 152.652835][ T5217] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1929: bg 0: block 34: padding at end of block bitmap is not set [ 152.667073][ T5217] Quota error (device loop4): write_blk: dquota write failed [ 152.674384][ T5217] EXT4-fs error (device loop4): ext4_acquire_dquot:6187: comm syz.4.1929: Failed to acquire dquot type 1 [ 152.686550][ T5217] EXT4-fs (loop4): 1 truncate cleaned up [ 152.692506][ T5217] EXT4-fs (loop4): mounted filesystem without journal. Opts: oldalloc,discard,usrjquota=./file0,noblock_validity,,errors=continue. Quota mode: writeback. [ 152.699721][ T5236] netem: unknown loss type 0 [ 152.712776][ T5236] netem: change failed [ 152.755443][ T5240] netlink: 45 bytes leftover after parsing attributes in process `syz.3.1936'. [ 152.779430][ T20] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 153.019414][ T20] usb 3-1: Using ep0 maxpacket: 8 [ 153.169468][ T20] usb 3-1: New USB device found, idVendor=0403, idProduct=f0c8, bcdDevice= 2.56 [ 153.178338][ T20] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.199707][ T20] usb 3-1: config 0 descriptor?? [ 153.249969][ T20] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected [ 153.489519][ T20] usb 3-1: Detected FT232BM [ 153.769420][ T300] Bluetooth: hci0: command 0x1009 tx timeout [ 153.929501][ T20] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 153.936649][ T20] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 153.945240][ T20] usb 3-1: USB disconnect, device number 25 [ 153.951687][ T20] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 153.960989][ T20] ftdi_sio 3-1:0.0: device disconnected [ 155.469424][ T6] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 155.889488][ T6] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 156.040277][ T5260] loop2: detected capacity change from 0 to 512 [ 156.054172][ T5260] EXT4-fs (loop2): Test dummy encryption mode enabled [ 156.063236][ T5260] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,stripe=0x0000000000010000,dioread_nolock,,errors=continue. Quota mode: none. [ 156.081656][ T5260] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 156.089478][ T6] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 156.098356][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.106553][ T6] usb 1-1: Product: syz [ 156.110649][ T6] usb 1-1: Manufacturer: syz [ 156.115176][ T6] usb 1-1: SerialNumber: syz [ 156.399417][ T20] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 156.819510][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 156.830216][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 156.839792][ T20] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 156.848575][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.857162][ T20] usb 5-1: config 0 descriptor?? [ 157.239612][ T6] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 157.246103][ T6] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048 [ 157.254247][ T6] cdc_ncm 1-1:1.0: setting rx_max = 2048 [ 157.262308][ T5298] netem: change failed [ 157.274764][ T5300] loop2: detected capacity change from 0 to 512 [ 157.330998][ T5300] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,nombcache,,errors=continue. Quota mode: writeback. [ 157.343378][ T5300] ext4 filesystem being mounted at /403/file0 supports timestamps until 2038 (0x7fffffff) [ 157.363620][ T20] isku 0003:1E7D:319C.0056: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.4-1/input0 [ 157.433004][ T30] kauditd_printk_skb: 27 callbacks suppressed [ 157.433019][ T30] audit: type=1400 audit(1728578010.457:1568): avc: denied { write } for pid=5309 comm="syz.2.1964" name="snmp" dev="proc" ino=4026532495 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 157.464175][ T5310] loop2: detected capacity change from 0 to 128 [ 157.470164][ T6] cdc_ncm 1-1:1.0: setting tx_max = 36 [ 157.476608][ T6] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM, 42:42:42:42:42:42 [ 157.488630][ T6] usb 1-1: USB disconnect, device number 35 [ 157.494613][ T6] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM [ 157.561649][ T5310] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 157.572954][ T5310] ext4 filesystem being mounted at /407/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 157.604290][ T20] isku 0003:1E7D:319C.0056: couldn't init struct isku_device [ 157.606301][ T664] kernel write not supported for file /878/net/snmp (pid: 664 comm: kworker/1:5) [ 157.611728][ T20] isku 0003:1E7D:319C.0056: couldn't install keyboard [ 157.623636][ T30] audit: type=1400 audit(1728578010.627:1569): avc: denied { mounton } for pid=5309 comm="syz.2.1964" path="/407/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 157.671512][ T20] isku: probe of 0003:1E7D:319C.0056 failed with error -71 [ 157.684230][ T20] usb 5-1: USB disconnect, device number 37 [ 157.726195][ T5315] loop2: detected capacity change from 0 to 128 [ 157.746179][ T5313] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.753172][ T5313] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.760544][ T5313] device bridge_slave_0 entered promiscuous mode [ 157.767443][ T5313] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.774941][ T5313] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.783144][ T5313] device bridge_slave_1 entered promiscuous mode [ 157.835332][ T5313] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.836939][ T5320] loop2: detected capacity change from 0 to 512 [ 157.842203][ T5313] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.842308][ T5313] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.862165][ T5313] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.885235][ T953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 157.892867][ T953] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 157.895643][ T5320] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 157.907672][ T5320] EXT4-fs (loop2): Ignoring removed nobh option [ 157.907719][ T953] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.913766][ T5320] EXT4-fs (loop2): Ignoring removed bh option [ 157.928170][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 157.936319][ T5320] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal [ 157.936333][ T839] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.950797][ T839] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.963333][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 157.972408][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 157.986125][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 157.999989][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 158.008360][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 158.016418][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 158.024503][ T5313] device veth0_vlan entered promiscuous mode [ 158.038750][ T839] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 158.048077][ T5313] device veth1_macvtap entered promiscuous mode [ 158.062222][ T953] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 158.072137][ T953] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 158.121603][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 158.197119][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.204468][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.211986][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.219223][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.226429][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.233767][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.241105][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.248293][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.255733][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.263229][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.270763][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.275171][ T5348] loop4: detected capacity change from 0 to 512 [ 158.277952][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.291741][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.298944][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.306492][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.313849][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.321178][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.328789][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.329517][ T2707] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 158.336352][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.344484][ T5348] EXT4-fs (loop4): error: journal path ./file0 is not a block device [ 158.350921][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.365818][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.373043][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.380241][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.387383][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.394609][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.402095][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.409270][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.416486][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.423685][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.430898][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.438085][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.445473][ T378] hid-generic 0000:0000:0000.0057: unknown main item tag 0x0 [ 158.454145][ T378] hid-generic 0000:0000:0000.0057: hidraw0: HID v0.00 Device [syz0] on syz0 [ 158.491437][ T5350] loop1: detected capacity change from 0 to 4096 [ 158.531798][ T5350] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 158.689975][ T953] device bridge_slave_1 left promiscuous mode [ 158.695926][ T953] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.703672][ T953] device bridge_slave_0 left promiscuous mode [ 158.709747][ T2707] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.709776][ T953] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.720858][ T2707] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.736900][ T2707] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 158.745743][ T2707] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.745948][ T953] device veth1_macvtap left promiscuous mode [ 158.759666][ T953] device veth0_vlan left promiscuous mode [ 158.762365][ T2707] usb 1-1: config 0 descriptor?? [ 158.789415][ T20] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 159.089415][ T20] usb 5-1: Using ep0 maxpacket: 8 [ 159.250292][ T2707] pyra 0003:1E7D:2CF6.0058: item fetching failed at offset 5/7 [ 159.257813][ T2707] pyra 0003:1E7D:2CF6.0058: parse failed [ 159.259480][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 159.263286][ T2707] pyra: probe of 0003:1E7D:2CF6.0058 failed with error -22 [ 159.274180][ T20] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 159.290574][ T20] usb 5-1: New USB device found, idVendor=056a, idProduct=4135, bcdDevice= 0.cc [ 159.299347][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.307665][ T20] usb 5-1: config 0 descriptor?? [ 159.471593][ T2707] usb 1-1: USB disconnect, device number 36 [ 159.540002][ T5367] incfs: Options parsing error. -22 [ 159.545061][ T5367] incfs: mount failed -22 [ 159.565489][ T30] audit: type=1326 audit(1728578012.587:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5370 comm="syz.1.1987" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f676ac42ff9 code=0x0 [ 159.667009][ T30] audit: type=1326 audit(1728578012.687:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5370 comm="syz.1.1987" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f676ac42ff9 code=0x0 [ 159.810376][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.817106][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.823788][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.830450][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.837100][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.843876][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.850485][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.857146][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.864019][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.870743][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.877368][ T20] wacom 0003:056A:4135.0059: unknown main item tag 0x0 [ 159.884275][ T20] wacom 0003:056A:4135.0059: Unknown device_type for 'HID 056a:4135'. Ignoring. [ 160.024857][ T2707] usb 5-1: USB disconnect, device number 38 [ 160.071424][ T30] audit: type=1326 audit(1728578013.097:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5387 comm="syz.0.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978d7fdff9 code=0x7ffc0000 [ 160.094960][ T30] audit: type=1326 audit(1728578013.097:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5387 comm="syz.0.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f978d7fdff9 code=0x7ffc0000 [ 160.118455][ T30] audit: type=1326 audit(1728578013.097:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5387 comm="syz.0.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978d7fdff9 code=0x7ffc0000 [ 160.143844][ T30] audit: type=1326 audit(1728578013.127:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5387 comm="syz.0.1994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978d7fdff9 code=0x7ffc0000 [ 160.186586][ T30] audit: type=1326 audit(1728578013.207:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5392 comm="syz.0.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978d7fdff9 code=0x7ffc0000 [ 160.210057][ T30] audit: type=1326 audit(1728578013.207:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5392 comm="syz.0.1996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978d7fdff9 code=0x7ffc0000 [ 160.699423][ T2707] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 160.719421][ T378] usb 2-1: new high-speed USB device number 39 using dummy_hcd [ 160.762553][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.770105][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.777222][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.784481][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.791657][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.798852][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.806142][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.813268][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.820461][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.827660][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.834883][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.842189][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.849359][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.856569][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.863790][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.871000][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.878174][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.885454][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.892612][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.899825][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.906992][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.914448][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.921602][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.928953][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.936235][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.943536][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.950695][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.957856][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.965127][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.972292][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.979514][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.986688][ T20] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0 [ 160.994419][ T20] hid-generic 0000:0000:0000.005A: hidraw0: HID v0.00 Device [syz0] on syz0 [ 161.029532][ T60] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 161.059465][ T2707] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.089449][ T378] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.100194][ T378] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 161.109701][ T378] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 161.118645][ T378] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.127288][ T378] usb 2-1: config 0 descriptor?? [ 161.229523][ T2707] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 161.238496][ T2707] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.246516][ T2707] usb 1-1: Product: syz [ 161.250472][ T2707] usb 1-1: Manufacturer: syz [ 161.254937][ T2707] usb 1-1: SerialNumber: syz [ 161.389474][ T60] usb 5-1: config 0 has no interfaces? [ 161.394770][ T60] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 161.403669][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.412123][ T60] usb 5-1: config 0 descriptor?? [ 161.610680][ T378] arvo 0003:1E7D:30D4.005B: collection stack underflow [ 161.617507][ T378] arvo 0003:1E7D:30D4.005B: item 0 4 0 12 parsing failed [ 161.624637][ T378] arvo 0003:1E7D:30D4.005B: parse failed [ 161.630126][ T378] arvo: probe of 0003:1E7D:30D4.005B failed with error -22 [ 161.651859][ T60] usb 5-1: USB disconnect, device number 39 [ 161.812696][ T378] usb 2-1: USB disconnect, device number 39 [ 162.879482][ T2707] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 162.890837][ T2707] cdc_ncm 1-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048 [ 162.898360][ T2707] cdc_ncm 1-1:1.0: setting rx_max = 2048 [ 162.921137][ T60] ================================================================== [ 162.929019][ T60] BUG: KASAN: use-after-free in __list_del_entry_valid+0x2f/0x120 [ 162.936656][ T60] Read of size 8 at addr ffff888122a46888 by task kworker/1:2/60 [ 162.944206][ T60] [ 162.946379][ T60] CPU: 1 PID: 60 Comm: kworker/1:2 Not tainted 5.15.167-syzkaller-02003-g5e4635681cf1 #0 [ 162.956012][ T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 162.964492][ T5463] loop4: detected capacity change from 0 to 2048 [ 162.965906][ T60] Workqueue: events binder_deferred_func [ 162.977538][ T60] Call Trace: [ 162.980668][ T60] [ 162.983434][ T60] dump_stack_lvl+0x151/0x1c0 [ 162.987948][ T60] ? io_uring_drop_tctx_refs+0x190/0x190 [ 162.993417][ T60] ? panic+0x760/0x760 [ 162.997321][ T60] ? kasan_quarantine_put+0x34/0x1a0 [ 163.002443][ T60] print_address_description+0x87/0x3b0 [ 163.007827][ T60] kasan_report+0x179/0x1c0 [ 163.012163][ T60] ? _raw_spin_lock+0xa4/0x1b0 [ 163.016852][ T60] ? __list_del_entry_valid+0x2f/0x120 [ 163.022144][ T60] ? __list_del_entry_valid+0x2f/0x120 [ 163.027528][ T60] __asan_report_load8_noabort+0x14/0x20 [ 163.032994][ T60] __list_del_entry_valid+0x2f/0x120 [ 163.038114][ T60] binder_release_work+0xcd/0x680 [ 163.042975][ T60] binder_deferred_func+0x1847/0x1bc0 [ 163.048182][ T60] ? read_word_at_a_time+0x12/0x20 [ 163.053131][ T60] process_one_work+0x6bb/0xc10 [ 163.057819][ T60] worker_thread+0xad5/0x12a0 [ 163.062331][ T60] ? _raw_spin_lock+0x1b0/0x1b0 [ 163.067022][ T60] kthread+0x421/0x510 [ 163.070929][ T60] ? worker_clr_flags+0x180/0x180 [ 163.075790][ T60] ? kthread_blkcg+0xd0/0xd0 [ 163.080211][ T60] ret_from_fork+0x1f/0x30 [ 163.084466][ T60] [ 163.087327][ T60] [ 163.089498][ T60] Allocated by task 5458: [ 163.093662][ T60] ____kasan_kmalloc+0xdb/0x110 [ 163.098347][ T60] __kasan_kmalloc+0x9/0x10 [ 163.102689][ T60] kmem_cache_alloc_trace+0x115/0x210 [ 163.107895][ T60] binder_thread_write+0x9f5/0x6ec0 [ 163.112929][ T60] binder_ioctl_write_read+0x205/0x7300 [ 163.118312][ T60] binder_ioctl+0x371/0x2640 [ 163.122738][ T60] __se_sys_ioctl+0x114/0x190 [ 163.127249][ T60] __x64_sys_ioctl+0x7b/0x90 [ 163.131679][ T60] x64_sys_call+0x98/0x9a0 [ 163.135930][ T60] do_syscall_64+0x3b/0xb0 [ 163.140182][ T60] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 163.145911][ T60] [ 163.148082][ T60] Freed by task 60: [ 163.151726][ T60] kasan_set_track+0x4b/0x70 [ 163.156153][ T60] kasan_set_free_info+0x23/0x40 [ 163.160925][ T60] ____kasan_slab_free+0x126/0x160 [ 163.165873][ T60] __kasan_slab_free+0x11/0x20 [ 163.170473][ T60] slab_free_freelist_hook+0xbd/0x190 [ 163.175680][ T60] kfree+0xc8/0x220 [ 163.179327][ T60] binder_free_ref+0x128/0x260 [ 163.183926][ T60] binder_deferred_func+0x171c/0x1bc0 [ 163.189136][ T60] process_one_work+0x6bb/0xc10 [ 163.193819][ T60] worker_thread+0xad5/0x12a0 [ 163.198336][ T60] kthread+0x421/0x510 [ 163.202238][ T60] ret_from_fork+0x1f/0x30 [ 163.206492][ T60] [ 163.208663][ T60] Last potentially related work creation: [ 163.214217][ T60] kasan_save_stack+0x3b/0x60 [ 163.218731][ T60] __kasan_record_aux_stack+0xd3/0xf0 [ 163.223939][ T60] kasan_record_aux_stack_noalloc+0xb/0x10 [ 163.229770][ T60] call_rcu+0x123/0x10b0 [ 163.234192][ T60] __percpu_ref_switch_mode+0x342/0x620 [ 163.239575][ T60] percpu_ref_kill_and_confirm+0xa3/0x220 [ 163.245127][ T60] kill_ioctx+0x237/0x2d0 [ 163.249295][ T60] exit_aio+0x202/0x3c0 [ 163.253289][ T60] __mmput+0x33/0x310 [ 163.257106][ T60] mmput+0x5b/0x170 [ 163.260755][ T60] do_exit+0xb9c/0x2ca0 [ 163.264744][ T60] do_group_exit+0x141/0x310 [ 163.269171][ T60] get_signal+0x7a3/0x1630 [ 163.273423][ T60] arch_do_signal_or_restart+0xbd/0x1680 [ 163.278892][ T60] exit_to_user_mode_loop+0xa0/0xe0 [ 163.283926][ T60] exit_to_user_mode_prepare+0x5a/0xa0 [ 163.289221][ T60] syscall_exit_to_user_mode+0x26/0x160 [ 163.294599][ T60] do_syscall_64+0x47/0xb0 [ 163.298855][ T60] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 163.304581][ T60] [ 163.306751][ T60] Second to last potentially related work creation: [ 163.313176][ T60] kasan_save_stack+0x3b/0x60 [ 163.317686][ T60] __kasan_record_aux_stack+0xd3/0xf0 [ 163.322896][ T60] kasan_record_aux_stack_noalloc+0xb/0x10 [ 163.328546][ T60] call_rcu+0x123/0x10b0 [ 163.332617][ T60] tracepoint_add_func+0x5ee/0x940 [ 163.337564][ T60] tracepoint_probe_register_prio_may_exist+0x11c/0x180 [ 163.344420][ T60] bpf_probe_register+0x152/0x1e0 [ 163.349282][ T60] bpf_raw_tracepoint_open+0x610/0x950 [ 163.354660][ T60] __sys_bpf+0x489/0x760 [ 163.358743][ T60] __x64_sys_bpf+0x7c/0x90 [ 163.362994][ T60] x64_sys_call+0x87f/0x9a0 [ 163.367334][ T60] do_syscall_64+0x3b/0xb0 [ 163.371587][ T60] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 163.377316][ T60] [ 163.379483][ T60] The buggy address belongs to the object at ffff888122a46880 [ 163.379483][ T60] which belongs to the cache kmalloc-64 of size 64 [ 163.393283][ T60] The buggy address is located 8 bytes inside of [ 163.393283][ T60] 64-byte region [ffff888122a46880, ffff888122a468c0) [ 163.406130][ T60] The buggy address belongs to the page: [ 163.411609][ T60] page:ffffea00048a9180 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x122a46 [ 163.421837][ T60] flags: 0x4000000000000200(slab|zone=1) [ 163.427314][ T60] raw: 4000000000000200 ffffea00047aaec0 0000001200000012 ffff888100042780 [ 163.435733][ T60] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000 [ 163.444145][ T60] page dumped because: kasan: bad access detected [ 163.450403][ T60] page_owner tracks the page as allocated [ 163.456035][ T60] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x12cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY), pid 296, ts 26682572670, free_ts 26682385890 [ 163.471834][ T60] post_alloc_hook+0x1a3/0x1b0 [ 163.476518][ T60] prep_new_page+0x1b/0x110 [ 163.480944][ T60] get_page_from_freelist+0x3550/0x35d0 [ 163.486327][ T60] __alloc_pages+0x27e/0x8f0 [ 163.490754][ T60] new_slab+0x9a/0x4e0 [ 163.494658][ T60] ___slab_alloc+0x39e/0x830 [ 163.499083][ T60] __slab_alloc+0x4a/0x90 [ 163.503251][ T60] kmem_cache_alloc_trace+0x142/0x210 [ 163.508467][ T60] register_netdevice+0x257/0x1390 [ 163.513408][ T60] tun_set_iff+0x816/0xdb0 [ 163.517656][ T60] __tun_chr_ioctl+0x85b/0x2290 [ 163.522345][ T60] tun_chr_ioctl+0x2a/0x40 [ 163.526597][ T60] __se_sys_ioctl+0x114/0x190 [ 163.531111][ T60] __x64_sys_ioctl+0x7b/0x90 [ 163.535537][ T60] x64_sys_call+0x98/0x9a0 [ 163.539791][ T60] do_syscall_64+0x3b/0xb0 [ 163.544042][ T60] page last free stack trace: [ 163.548557][ T60] free_unref_page_prepare+0x7c8/0x7d0 [ 163.553849][ T60] free_unref_page+0xe8/0x750 [ 163.558538][ T60] __free_pages+0x61/0xf0 [ 163.562704][ T60] free_pages+0x7c/0x90 [ 163.566868][ T60] selinux_genfs_get_sid+0x24d/0x2a0 [ 163.571991][ T60] inode_doinit_with_dentry+0x8d2/0x1070 [ 163.577458][ T60] selinux_d_instantiate+0x27/0x40 [ 163.582407][ T60] security_d_instantiate+0x9f/0x100 [ 163.587526][ T60] d_splice_alias+0x6d/0x390 [ 163.591953][ T60] proc_sys_lookup+0x6b3/0x7b0 [ 163.596554][ T60] path_openat+0x1194/0x2f40 [ 163.600979][ T60] do_filp_open+0x21c/0x460 [ 163.605318][ T60] do_sys_openat2+0x13f/0x820 [ 163.609834][ T60] __x64_sys_openat+0x243/0x290 [ 163.614520][ T60] x64_sys_call+0x6bf/0x9a0 [ 163.618856][ T60] do_syscall_64+0x3b/0xb0 [ 163.623112][ T60] [ 163.625282][ T60] Memory state around the buggy address: [ 163.630753][ T60] ffff888122a46780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 163.638650][ T60] ffff888122a46800: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 163.646549][ T60] >ffff888122a46880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 163.654443][ T60] ^ [ 163.658612][ T60] ffff888122a46900: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 163.666509][ T60] ffff888122a46980: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 163.674405][ T60] ================================================================== [ 163.682304][ T60] Disabling lock debugging due to kernel taint [ 163.689058][ T60] general protection fault, probably for non-canonical address 0xf10ffc59e0000007: 0000 [#1] PREEMPT SMP KASAN [ 163.700582][ T60] KASAN: maybe wild-memory-access in range [0x888002cf00000038-0x888002cf0000003f] [ 163.709693][ T60] CPU: 1 PID: 60 Comm: kworker/1:2 Tainted: G B 5.15.167-syzkaller-02003-g5e4635681cf1 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 163.720718][ T60] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 163.729578][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 163.729590][ T30] audit: type=1400 audit(1728578016.717:1628): avc: denied { write } for pid=286 comm="syz-executor" path="pipe:[516]" dev="pipefs" ino=516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 163.730609][ T60] Workqueue: events binder_deferred_func [ 163.764630][ T60] RIP: 0010:__list_del_entry_valid+0x75/0x120 [ 163.770530][ T60] Code: 1e 48 85 db 74 68 4d 85 ff 74 74 48 ba 00 01 00 00 00 00 ad de 48 39 d3 74 76 48 83 c2 22 49 39 d7 74 7e 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 cc 90 48 ff 49 8b 17 4c 39 f2 75 [ 163.790146][ T60] RSP: 0018:ffffc90000907c00 EFLAGS: 00010a03 [ 163.796048][ T60] RAX: 11100059e0000007 RBX: ffff8881047ac500 RCX: ffffffff826a1859 [ 163.803860][ T60] RDX: dead000000000122 RSI: 0000000000000282 RDI: ffff888122a46880 [ 163.811669][ T60] RBP: ffffc90000907c20 R08: ffffffff8141997b R09: 0000000000000003 [ 163.819480][ T60] R10: fffffbfff0e9a04c R11: dffffc0000000001 R12: dffffc0000000000 [ 163.827292][ T60] R13: ffff888122a46880 R14: ffff888122a46880 R15: 888002cf0000003c [ 163.835105][ T60] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 163.843870][ T60] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 163.850299][ T60] CR2: 00007f676b92a6c0 CR3: 000000011fd0b000 CR4: 00000000003506a0 [ 163.858108][ T60] Call Trace: [ 163.861230][ T60] [ 163.864008][ T60] ? __die_body+0x62/0xb0 [ 163.868173][ T60] ? die_addr+0x9f/0xd0 [ 163.872164][ T60] ? exc_general_protection+0x311/0x4b0 [ 163.877550][ T60] ? check_panic_on_warn+0x65/0xb0 [ 163.882492][ T60] ? asm_exc_general_protection+0x27/0x30 [ 163.888047][ T60] ? check_panic_on_warn+0x5b/0xb0 [ 163.892994][ T60] ? __list_del_entry_valid+0x49/0x120 [ 163.898289][ T60] ? __list_del_entry_valid+0x75/0x120 [ 163.903674][ T60] binder_release_work+0xcd/0x680 [ 163.908532][ T60] binder_deferred_func+0x1847/0x1bc0 [ 163.913740][ T60] ? read_word_at_a_time+0x12/0x20 [ 163.918690][ T60] process_one_work+0x6bb/0xc10 [ 163.923382][ T60] worker_thread+0xad5/0x12a0 [ 163.927888][ T60] ? _raw_spin_lock+0x1b0/0x1b0 [ 163.932574][ T60] kthread+0x421/0x510 [ 163.936477][ T60] ? worker_clr_flags+0x180/0x180 [ 163.941339][ T60] ? kthread_blkcg+0xd0/0xd0 [ 163.945765][ T60] ret_from_fork+0x1f/0x30 [ 163.950020][ T60] [ 163.952882][ T60] Modules linked in: [ 163.957447][ T60] ---[ end trace 15412e4eae67bf95 ]--- [ 163.963034][ T60] RIP: 0010:__list_del_entry_valid+0x75/0x120 [ 163.968916][ T60] Code: 1e 48 85 db 74 68 4d 85 ff 74 74 48 ba 00 01 00 00 00 00 ad de 48 39 d3 74 76 48 83 c2 22 49 39 d7 74 7e 4c 89 f8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ff e8 cc 90 48 ff 49 8b 17 4c 39 f2 75 [ 163.988460][ T60] RSP: 0018:ffffc90000907c00 EFLAGS: 00010a03 [ 163.994296][ T60] RAX: 11100059e0000007 RBX: ffff8881047ac500 RCX: ffffffff826a1859 [ 164.002183][ T60] RDX: dead000000000122 RSI: 0000000000000282 RDI: ffff888122a46880 [ 164.010103][ T60] RBP: ffffc90000907c20 R08: ffffffff8141997b R09: 0000000000000003 [ 164.017878][ T60] R10: fffffbfff0e9a04c R11: dffffc0000000001 R12: dffffc0000000000 [ 164.025720][ T60] R13: ffff888122a46880 R14: ffff888122a46880 R15: 888002cf0000003c [ 164.033514][ T60] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 164.042290][ T60] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 164.048691][ T60] CR2: 00007f676b92a6c0 CR3: 0000000006a0f000 CR4: 00000000003506a0 [ 164.056538][ T60] Kernel panic - not syncing: Fatal exception [ 164.062596][ T60] Kernel Offset: disabled [ 164.066714][ T60] Rebooting in 86400 seconds..