last executing test programs: 9.638758091s ago: executing program 4 (id=4647): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10) syz_emit_ethernet(0x3e, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0xa8}}, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x1000, 0x8, 0x8, 0x224, 0xffffffffffffffff, 0xe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0xfffffc27) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e8500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r10 = openat$cgroup_procs(r9, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) sendfile(r10, r10, 0x0, 0x401) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 8.726547726s ago: executing program 4 (id=4652): dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) socketpair$unix(0x1, 0x2, 0x0, 0x0) r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.pending_reads\x00', 0x12140, 0x0) mlockall(0x1) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x0, 0x0, 0xffffffffffffff66, 0x0, 0x0, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000080)={0x2}, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) ioctl$TIOCGICOUNT(r0, 0x545d, 0x0) 6.819978252s ago: executing program 4 (id=4672): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) r0 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$selinux_access(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="73797374656d5f753a6f626af7db745f723a6c6f67696e5f657865635f743a7330202f7573728b944cefe3332f6c69622f74656c6570617468792f6d697373696f6e2d636f6e747f6f6c2d352030"], 0x5c) 6.705702921s ago: executing program 4 (id=4665): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1b96, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000d40)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff3ae644850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000700)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x0}) 5.699901804s ago: executing program 2 (id=4668): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syslog(0x9, 0x0, 0x0) 5.685826415s ago: executing program 2 (id=4669): r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) readv(r0, &(0x7f0000000600)=[{&(0x7f0000000400)=""/44, 0x2c}], 0x1) 5.676627866s ago: executing program 2 (id=4671): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000404c05f20d00000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000015c0)={0x2c, &(0x7f0000000200)={0x0, 0xf, 0x24, {0x24, 0x4, "7abc2647b8d0b77c9bc0c74afbadc9f8ed5fd3eb2d389f8fc617b955c67902a026bd"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 4.244096233s ago: executing program 1 (id=4681): r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000020"], 0xfe44, 0x0) 4.243774403s ago: executing program 1 (id=4682): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syslog(0x9, 0x0, 0x0) 4.243596533s ago: executing program 1 (id=4683): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) close(r0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1, 0x8, 0x4, 0xff, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001ac0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) readv(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f0000000400)=""/44, 0x2c}], 0x1) 4.243052183s ago: executing program 1 (id=4685): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x4e, &(0x7f0000000040)=0x5) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) r5 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r5, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1) getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x40, r6}) 3.333368487s ago: executing program 1 (id=4687): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0xffff0002, 0x0, 0x0, 0x0, 0x0, 0x57b3, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x19, &(0x7f0000000000)={0x1, &(0x7f0000000480)=[{0x16, 0x0, 0x0, 0x1}]}) 2.280768153s ago: executing program 4 (id=4702): syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000500)='./file0\x00', 0x200201a, &(0x7f0000000300)={[{@bsdgroups}]}, 0x1, 0x53a, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82desEeoAKSIFCQFF2400bVb00uYBQVQlRcUAcUmNvLJPdrPGuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IBixQjATSopkdu1t7XW/j9S71fj7SaObN23nf9+LMvJm39rwAxtZzEbETEdMR8UZEzBf7k2KJO50l+9yjve2l/b3tpSTa7df/nuT52b7oOibzZFHmbER846sR30mOx21ubj1YrNWq60W63KqvlZubWzdW64sr1ZXqw0rl9sLtmy/derEysLZerf9y9yurr37zN7/+9Lu/3/nyD7JqzRV53e0YpE7Tpw7jZCYj4tXzCDYCE8V6esT14PGkEfGxiPhcfv7Px0T+vxMAuMja7floz3enAYCLLs3HwJK0VIwFzEWalkqdMbxn4lJaazRb1+83Nh4ud8bKLsdUen+1Vr15ZeaP38vvGKaSLL2Q5+X5ebpyJH0rIq5ExI9nnsjTpaVGbXl0tz0AMNaePNL//2um0//3oce3egDAR8bsqCsAAAyd/h8Axo/+HwDGTx/9f/Fl/8651wUAGA7P/wAwfvT/ADB+9P8AMFa+/tpr2dLeL95/vfzm5saDxps3lqvNB6X6xlJpqbG+VlppNFbyd/bUTyuv1misLbwQG2+VW9Vmq9zc3LpXb2w8bN3L3+t9rzo1lFYBAB/kytV3/pBExM7LT+RLdM3loK+Giy0ddQWAkZkYdQWAkTHbF4yv/p/xf3eu9QBGp+fLvGd7br7fTz9EEL9nBP9Xrn2y//F/czzDxWL8H8bX443/vzLwegDDZ/wfxle7nRyd83/6MAsAuJDO8Dv+7R8O6iYEGKnTJvMeyPf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMHMRcR3I0lLxVzgc5GmpVLEUxFxOaaS+6u16s2IeDquRsTUTJZeGHWlAYAzSv+aFPN/XZt/fu5o7nTy75l8HRHf/9nrP3lrsdVaX8j2/+Nw/8zB9GGV9447w7yCAECfnuvzc3n/XSnWXQ/yj/a2lw6W7s+nA67nUbt347/FVMRL+3vb+dLJmYzJfD2b30tc+mdSpDtzkT4bERMDiL/zdkR8olf7k3xs5HIx82l3/ChiPzXU+On74qd5Xmed3Xx9fAB1gXHzzt2IuNPr/EuLa2rv8382v0Kd3e7dTmEH1779rvgH17+JHvGTD3HN333ht187trM938l7O+LZyV7xk8P4yQnxn+8z/p8+9ZkfvXJCXvvnEdeid/zuWOVWfa3c3Ny6sVpfXKmuVB9WKrcXbt986daLlXI+Rl0+GKk+7m8vX3/6pLpl7b90QvzZnu2fPjz2C322/xf/eePbn/2A+F/6fO+f/zM943dkfeIX+4y/eOlXJ07fncVfPqH9p/38r/cZ/92/bC33+VEAYAiam1sPFmu16vqZNrKn0EGUc2wjq+JACzxl488xyALvnO3wqfP6Vz33jcnDe8XBlvytrMQhNycdeCvOtPGosxHnHmu01yXg/L130o+6JgAAAAAAAAAAAAAAwEmG8adLo24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9f/AgAA//91qMwl") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff) add_key$fscrypt_v1(0x0, &(0x7f0000000180)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x5}]}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000280), 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP") listxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000400)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x10, r7, 0x8452a000) socket$inet_udp(0x2, 0x2, 0x0) r8 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r8, 0x8982, &(0x7f0000000680)={0x0, 'veth0_to_team\x00', {}, 0x23ff}) 1.757183856s ago: executing program 2 (id=4703): sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)={0x38, 0x2, 0x2, 0x801, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}]}]}, 0x38}}, 0x0) 1.740552347s ago: executing program 2 (id=4704): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$selinux_access(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="73797374656d5f753a6f626af7db745f723a6c6f67696e5f657865635f743a7330202f7573728b944cefe3332f6c69622f74656c6570617468792f6d697373696f6e2d636f6e747f6f6c2d352030"], 0x5c) 1.738894757s ago: executing program 2 (id=4705): socket$netlink(0x10, 0x3, 0x0) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) ioctl$RTC_AIE_ON(r0, 0x7001) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000007, 0x2172, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000090003206d0414c340000000000109022400010000a000090400000103010100092100080001220100090581", @ANYRES64], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0) close(r2) socketpair$unix(0x1, 0xb19b8c86f713fd4e, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r2, 0x8b2b, &(0x7f0000000000)={'wlan0\x00'}) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) prlimit64(0x0, 0x8, &(0x7f0000000140)={0x800000008, 0x8b}, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, 0x0, &(0x7f0000000840)=0x1e) 1.34765572s ago: executing program 4 (id=4708): r0 = syz_usb_connect$cdc_ncm(0x0, 0x81, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109026f0002010000000904000001020d0000052406000105240001000d240f0100000000000000000006241a0000000724140100000008241c0800e8d9000424020f090581030002ff00000904010000020d00000904010102020d0000090582020002000000090503020002"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10) syz_emit_ethernet(0x32, &(0x7f00000002c0)={@broadcast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$unix(0x1, 0x1, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000040)=0xc) listen(r2, 0x1) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r3, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r4 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0) 1.311472223s ago: executing program 0 (id=4712): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@volatile={0x0, 0x0, 0x0, 0x2}]}}, 0x0, 0x26}, 0x20) 1.270912196s ago: executing program 0 (id=4714): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, 0x0, 0x0) 1.270850886s ago: executing program 0 (id=4715): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ioctl$SIOCSIFHWADDR(r0, 0x8922, &(0x7f00000001c0)={'ip_vti0\x00', @random="7fff01004ec6"}) 1.270797616s ago: executing program 0 (id=4716): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$selinux_access(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="73797374656d5f753a6f626af7db745f723a6c6f67696e5f657865635f743a7330202f7573728b944cefe3332f6c69622f74656c6570617468792f6d697373696f6e2d636f6e747f6f6c2d352030"], 0x5c) 1.261367277s ago: executing program 0 (id=4717): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000000002}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4}, 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000540)={[], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}) 392.109388ms ago: executing program 0 (id=4719): syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000500)='./file0\x00', 0x200201a, &(0x7f0000000300)={[{@bsdgroups}]}, 0x1, 0x53a, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82desEeoAKSIFCQFF2400bVb00uYBQVQlRcUAcUmNvLJPdrPGuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IBixQjATSopkdu1t7XW/j9S71fj7SaObN23nf9+LMvJm39rwAxtZzEbETEdMR8UZEzBf7k2KJO50l+9yjve2l/b3tpSTa7df/nuT52b7oOibzZFHmbER846sR30mOx21ubj1YrNWq60W63KqvlZubWzdW64sr1ZXqw0rl9sLtmy/derEysLZerf9y9yurr37zN7/+9Lu/3/nyD7JqzRV53e0YpE7Tpw7jZCYj4tXzCDYCE8V6esT14PGkEfGxiPhcfv7Px0T+vxMAuMja7floz3enAYCLLs3HwJK0VIwFzEWalkqdMbxn4lJaazRb1+83Nh4ud8bKLsdUen+1Vr15ZeaP38vvGKaSLL2Q5+X5ebpyJH0rIq5ExI9nnsjTpaVGbXl0tz0AMNaePNL//2um0//3oce3egDAR8bsqCsAAAyd/h8Axo/+HwDGTx/9f/Fl/8651wUAGA7P/wAwfvT/ADB+9P8AMFa+/tpr2dLeL95/vfzm5saDxps3lqvNB6X6xlJpqbG+VlppNFbyd/bUTyuv1misLbwQG2+VW9Vmq9zc3LpXb2w8bN3L3+t9rzo1lFYBAB/kytV3/pBExM7LT+RLdM3loK+Giy0ddQWAkZkYdQWAkTHbF4yv/p/xf3eu9QBGp+fLvGd7br7fTz9EEL9nBP9Xrn2y//F/czzDxWL8H8bX443/vzLwegDDZ/wfxle7nRyd83/6MAsAuJDO8Dv+7R8O6iYEGKnTJvMeyPf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMHMRcR3I0lLxVzgc5GmpVLEUxFxOaaS+6u16s2IeDquRsTUTJZeGHWlAYAzSv+aFPN/XZt/fu5o7nTy75l8HRHf/9nrP3lrsdVaX8j2/+Nw/8zB9GGV9447w7yCAECfnuvzc3n/XSnWXQ/yj/a2lw6W7s+nA67nUbt347/FVMRL+3vb+dLJmYzJfD2b30tc+mdSpDtzkT4bERMDiL/zdkR8olf7k3xs5HIx82l3/ChiPzXU+On74qd5Xmed3Xx9fAB1gXHzzt2IuNPr/EuLa2rv8382v0Kd3e7dTmEH1779rvgH17+JHvGTD3HN333ht187trM938l7O+LZyV7xk8P4yQnxn+8z/p8+9ZkfvXJCXvvnEdeid/zuWOVWfa3c3Ny6sVpfXKmuVB9WKrcXbt986daLlXI+Rl0+GKk+7m8vX3/6pLpl7b90QvzZnu2fPjz2C322/xf/eePbn/2A+F/6fO+f/zM943dkfeIX+4y/eOlXJ07fncVfPqH9p/38r/cZ/92/bC33+VEAYAiam1sPFmu16vqZNrKn0EGUc2wjq+JACzxl488xyALvnO3wqfP6Vz33jcnDe8XBlvytrMQhNycdeCvOtPGosxHnHmu01yXg/L130o+6JgAAAAAAAAAAAAAAwEmG8adLo24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9f/AgAA//91qMwl") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff) add_key$fscrypt_v1(0x0, &(0x7f0000000180)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x5}]}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000280), 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP") listxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000400)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu\x00', 0x275a, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r7 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r7, 0x8982, &(0x7f0000000680)={0x0, 'veth0_to_team\x00', {}, 0x23ff}) 337.195962ms ago: executing program 3 (id=4723): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000001600)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, 0x0, 0x0) write$FUSE_INIT(r2, &(0x7f0000000380)={0x50}, 0x50) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x6}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) creat(&(0x7f0000000200)='./file0/file0\x00', 0x0) 297.026456ms ago: executing program 3 (id=4724): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001640)={&(0x7f00000015c0)=ANY=[@ANYBLOB="9feb01001800000000000000100000001000000008000000060000000000008e"], 0x0, 0x30, 0x0, 0x1}, 0x20) 283.437857ms ago: executing program 1 (id=4725): r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$binder(&(0x7f0000000000/0x4000)=nil, 0x1fffff, 0x1, 0x11, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0xe) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x19) 159.823197ms ago: executing program 3 (id=4726): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, 0x0, 0x0) 159.517507ms ago: executing program 3 (id=4727): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c0000001200010003950000000000000a0900000001000000000000000000000000ffff"], 0x4c}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) 141.782468ms ago: executing program 3 (id=4728): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) close(r0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1, 0x8, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000001ac0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) readv(r1, &(0x7f0000000600)=[{&(0x7f0000000400)=""/44, 0x2c}], 0x1) 0s ago: executing program 3 (id=4729): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@nobh}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==") syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x3808008, &(0x7f0000000540)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e39352c757466383d312c757466383d302c636865636b3d7374726963742c73686f72746e616d653d6c6f7765722c756e695f786c6174653d312c696f636861727365743d6d616363726f617469616e2c636f6465706167653d3836362c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c646d61736b3d30303030303030303030303030303030303030303130302c757466383d312c757466383d312c757466383d302c756e695f786c6174653d312c6e6e6f6e756d7461696c3d312c73686f72746e616d653d77696e39352c726f6469722c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c757466383d302c726f6f74636f6e746578743d73797374656d5f752c00e0035aa2cd29c600891cd4d693993d07e9df4154c218b442a453"], 0x0, 0x2df, &(0x7f0000003740)="$eJzs3b1rJGUcB/DfbGZ3R5tNYSXCDWhhdVyutUmQOxBTeaQ4LTR4OZBMEC4Q8QXXq8TOxtK/QBAE/w0bO0vBVrDzhIORectk98Y1OdyI5vMpkiczv+88z7wkWRbyyzsvHB3ey+P+w09+jixLYrQ9jXiUxGaMovNZLNj+MgCA/7JHZRm/lY2B3T99sSKbrXFdAMD69L//xyuq0vrj3eoVwneXtjQAYE3u3H3z9Z3d3Vtv5HkWt48+P9lLIqL63OzfuR/vRREHcSNm8TiifalQv1tQDW+XZTlP8+/zPN+Ml47mJ3tV8ujtH9rj7/waUee3Yhab9abTdxvq/Gu7t7byxpn8vFrHs+3821X+ZsziudPwQv7mQD72JvHyi2fWfz1m8eO78X4Uca9eRJ//dCvPXy2/+v3jt6rlVflkfrI3ret65UY3+fyS7xEAAAAAAAAAAAAAAAAAAAAAAP8/19veOdOo+/dUm9r+OxuPqy/GkXc2F/vzNPmkO1DfHyhGZVnOy/i6669zI8/zsi3s82k8n7aNBQEAAAAAAAAAAAAAAAAAAOCKO/7wo8P9ojh48I8Mum4AaUT8cSfiaY+zfWbLtVhdPG3n3C+KUTtcrEnPbomNriaJWLmM6iSe8mpcu2DqmSfW3A6++XYwVZ3RcRpDu7K/n3Q8PNcFBx+Mm+s4WNM9XYf7yfA1nJ4uPqtuXCzfuEkMzz6OpS2T7n4uF3eP4vlOZzK4a3ahy9I1wyiKg/mK4qrqr4/zyi8Lp5PEUvGknmQwPm4HQ1ejeTb6e5ENfqc08ayJP/mzItGtAwAAAAAAAAAAAAAAAAAA1qr/69+BnQ9XRkfldG3LAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBL1f////MM0sXwOVKTeHD8b50bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAV8efAQAA///bPknz") bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="ddaa2e6f4d092924727e00000000000071101100000000009500000000000000"], &(0x7f0000000480)='syzkaller\x00'}, 0x80) socket$netlink(0x10, 0x3, 0x0) openat(0xffffffffffffff9c, 0x0, 0x10042, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00'}, 0x10) r4 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r4, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) kernel console output (not intermixed with test programs): 1197.567899][T18325] device veth0_vlan entered promiscuous mode [ 1197.575381][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1197.583825][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1197.591754][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1197.598948][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1197.914660][T16732] EXT4-fs (loop2): unmounting filesystem. [ 1197.931869][T18352] loop1: detected capacity change from 0 to 256 [ 1197.938281][T18352] FAT-fs (loop1): Unrecognized mount option "shortname=win95+nonumtail=0" or missing value [ 1197.950826][ T352] device bridge_slave_1 left promiscuous mode [ 1197.967064][ T352] bridge0: port 2(bridge_slave_1) entered disabled state [ 1197.979716][ T6856] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1197.990518][ T352] device bridge_slave_0 left promiscuous mode [ 1198.011428][ T352] bridge0: port 1(bridge_slave_0) entered disabled state [ 1198.021148][ T352] device veth1_macvtap left promiscuous mode [ 1198.028842][ T352] device veth0_vlan left promiscuous mode [ 1198.247655][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1198.256506][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1198.266427][T18325] device veth1_macvtap entered promiscuous mode [ 1198.278045][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1198.286988][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1198.296202][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1198.315572][T10400] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1198.324274][T10400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1198.403834][T18367] loop0: detected capacity change from 0 to 2048 [ 1198.420299][T18367] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1199.022784][T18374] loop2: detected capacity change from 0 to 512 [ 1199.033729][T18374] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1199.087829][T18374] EXT4-fs (loop2): 1 truncate cleaned up [ 1199.093410][T18374] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1199.217316][T18378] loop1: detected capacity change from 0 to 256 [ 1199.264006][T18325] EXT4-fs (loop0): unmounting filesystem. [ 1199.280971][T18380] loop0: detected capacity change from 0 to 256 [ 1200.563348][T16732] EXT4-fs (loop2): unmounting filesystem. [ 1200.983823][T18400] loop3: detected capacity change from 0 to 512 [ 1201.010500][T18400] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1201.050679][T18400] EXT4-fs (loop3): 1 truncate cleaned up [ 1201.065895][T18400] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1201.539171][T18403] loop1: detected capacity change from 0 to 256 [ 1201.686126][T17220] EXT4-fs (loop3): unmounting filesystem. [ 1202.130315][T18415] loop0: detected capacity change from 0 to 256 [ 1202.137272][T18415] FAT-fs (loop0): Unrecognized mount option "shortname=win95+nonumtail=0" or missing value [ 1202.311934][ T6888] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1202.325161][T18417] loop3: detected capacity change from 0 to 512 [ 1202.340904][T18417] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1202.349813][T18417] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038 (0x7fffffff) [ 1202.415368][T18421] loop2: detected capacity change from 0 to 2048 [ 1202.430656][T18421] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1202.694781][T18425] overlayfs: './file2' not a directory [ 1202.843906][T18429] loop0: detected capacity change from 0 to 2048 [ 1202.894196][T18429] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1203.309390][T17220] EXT4-fs (loop3): unmounting filesystem. [ 1203.309626][T16732] EXT4-fs (loop2): unmounting filesystem. [ 1203.401777][T18438] loop3: detected capacity change from 0 to 256 [ 1204.446071][T18325] EXT4-fs (loop0): unmounting filesystem. [ 1204.741192][T18455] loop0: detected capacity change from 0 to 512 [ 1204.799753][T18455] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1204.846795][T18455] EXT4-fs (loop0): 1 truncate cleaned up [ 1204.852446][T18455] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1205.279549][T18458] loop1: detected capacity change from 0 to 2048 [ 1205.290681][T18458] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1205.372772][T18325] EXT4-fs (loop0): unmounting filesystem. [ 1205.485414][T18467] EXT4-fs error (device loop1): ext4_lookup:1855: inode #15: comm syz.1.4112: iget: bad extra_isize 512 (inode size 256) [ 1205.793898][T18472] loop0: detected capacity change from 0 to 512 [ 1205.800908][T18472] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1205.814399][T18472] EXT4-fs (loop0): 1 truncate cleaned up [ 1205.820309][T18472] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1206.166814][T17168] EXT4-fs (loop1): unmounting filesystem. [ 1206.229037][T18477] loop3: detected capacity change from 0 to 256 [ 1206.259385][T18479] loop3: detected capacity change from 0 to 512 [ 1206.278595][T18325] EXT4-fs (loop0): unmounting filesystem. [ 1206.286460][T18479] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1206.296308][T18479] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038 (0x7fffffff) [ 1206.746805][T18486] overlayfs: './file2' not a directory [ 1206.910511][T18491] loop2: detected capacity change from 0 to 2048 [ 1206.994098][T18491] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1207.185008][T17220] EXT4-fs (loop3): unmounting filesystem. [ 1207.204248][T18498] loop3: detected capacity change from 0 to 2048 [ 1207.220347][T18498] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1207.736803][T16732] EXT4-fs (loop2): unmounting filesystem. [ 1207.951266][T18512] loop1: detected capacity change from 0 to 256 [ 1208.151936][T17220] EXT4-fs (loop3): unmounting filesystem. [ 1208.384741][T18516] loop0: detected capacity change from 0 to 2048 [ 1208.400766][T18516] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1209.068913][T18521] loop3: detected capacity change from 0 to 512 [ 1209.076950][T18524] EXT4-fs error (device loop0): ext4_lookup:1855: inode #15: comm syz.0.4126: iget: bad extra_isize 512 (inode size 256) [ 1209.566599][T18521] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1209.651055][T18531] loop2: detected capacity change from 0 to 256 [ 1209.660050][T18325] EXT4-fs (loop0): unmounting filesystem. [ 1209.666807][T18521] EXT4-fs (loop3): 1 truncate cleaned up [ 1209.672339][T18521] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 1210.438463][T17220] EXT4-fs (loop3): unmounting filesystem. [ 1210.573927][T18548] loop2: detected capacity change from 0 to 512 [ 1210.590293][T18534] bridge0: port 1(bridge_slave_0) entered blocking state [ 1210.597162][T18534] bridge0: port 1(bridge_slave_0) entered disabled state [ 1210.614976][T18534] device bridge_slave_0 entered promiscuous mode [ 1210.636856][T18534] bridge0: port 2(bridge_slave_1) entered blocking state [ 1210.650408][T18534] bridge0: port 2(bridge_slave_1) entered disabled state [ 1210.666164][T18548] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 1210.675052][T18548] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038 (0x7fffffff) [ 1210.955457][T18534] device bridge_slave_1 entered promiscuous mode [ 1210.978236][T18555] loop0: detected capacity change from 0 to 512 [ 1210.995676][T18555] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1211.235143][T18555] EXT4-fs (loop0): 1 truncate cleaned up [ 1211.268588][T18555] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1211.298198][T18534] bridge0: port 2(bridge_slave_1) entered blocking state [ 1211.298869][T18560] loop1: detected capacity change from 0 to 2048 [ 1211.305098][T18534] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1211.338750][T18560] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1211.348222][ T3297] bridge0: port 2(bridge_slave_1) entered disabled state [ 1211.361254][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1211.368539][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1211.390119][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1211.426199][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1211.434527][ T3297] bridge0: port 1(bridge_slave_0) entered blocking state [ 1211.441395][ T3297] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1211.456726][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1211.465236][ T3297] bridge0: port 2(bridge_slave_1) entered blocking state [ 1211.472120][ T3297] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1211.479512][T18325] EXT4-fs (loop0): unmounting filesystem. [ 1211.479622][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1211.546416][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1211.549496][T16732] EXT4-fs (loop2): unmounting filesystem. [ 1211.570065][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1211.583427][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1211.592163][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1211.603400][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1211.794038][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1211.801880][T18534] device veth0_vlan entered promiscuous mode [ 1211.817609][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1211.825919][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1211.836006][T18534] device veth1_macvtap entered promiscuous mode [ 1211.847494][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1211.856154][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1211.865048][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1211.874892][ T352] device bridge_slave_1 left promiscuous mode [ 1211.881260][ T352] bridge0: port 2(bridge_slave_1) entered disabled state [ 1211.889613][ T352] device bridge_slave_0 left promiscuous mode [ 1211.895740][ T352] bridge0: port 1(bridge_slave_0) entered disabled state [ 1211.904609][ T352] device veth1_macvtap left promiscuous mode [ 1211.910825][ T352] device veth0_vlan left promiscuous mode [ 1212.034717][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1212.042903][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1212.122471][T17168] EXT4-fs (loop1): unmounting filesystem. [ 1212.143066][T18577] loop1: detected capacity change from 0 to 256 [ 1213.210798][T18596] loop1: detected capacity change from 0 to 512 [ 1213.259570][T18596] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1213.275236][T18596] EXT4-fs (loop1): 1 truncate cleaned up [ 1213.280848][T18596] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1213.570463][T18604] loop3: detected capacity change from 0 to 256 [ 1213.578459][T18604] FAT-fs (loop3): Unrecognized mount option "shortname=win95+nonumtail=0" or missing value [ 1213.852638][T17168] EXT4-fs (loop1): unmounting filesystem. [ 1214.255435][T18612] loop3: detected capacity change from 0 to 512 [ 1214.270728][T18612] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1214.279579][T18612] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038 (0x7fffffff) [ 1214.334588][T18616] loop2: detected capacity change from 0 to 256 [ 1214.346292][T18616] FAT-fs (loop2): Unrecognized mount option "shoŠtname=mixed" or missing value [ 1214.683464][T18621] syz.2.4146[18621] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1214.683706][T18621] syz.2.4146[18621] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1214.700766][T18621] netlink: 165 bytes leftover after parsing attributes in process `syz.2.4146'. [ 1214.754107][ T28] audit: type=1400 audit(2000001163.339:327): avc: denied { getopt } for pid=18615 comm="syz.2.4146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 1214.776477][ T28] audit: type=1400 audit(2000001163.389:328): avc: denied { write } for pid=18615 comm="syz.2.4146" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 1214.966847][T18625] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 1215.165177][T17220] EXT4-fs (loop3): unmounting filesystem. [ 1215.352625][T18637] fuse: Bad value for 'fd' [ 1215.494279][T18638] syz.2.4151[18638] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1215.500011][T18638] syz.2.4151[18638] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1215.512654][T18638] netlink: 165 bytes leftover after parsing attributes in process `syz.2.4151'. [ 1215.785515][T18641] netlink: 'syz.1.4152': attribute type 4 has an invalid length. [ 1216.199442][T18651] loop2: detected capacity change from 0 to 512 [ 1216.205768][T18651] EXT4-fs: Ignoring removed nobh option [ 1216.221560][T18651] EXT4-fs (loop2): 1 orphan inode deleted [ 1216.227188][T18651] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038 (0x7fffffff) [ 1216.429129][ T28] audit: type=1400 audit(2000001165.019:329): avc: denied { map } for pid=18650 comm="syz.2.4156" path="/96/file1/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 1216.457063][ T28] audit: type=1400 audit(2000001165.019:330): avc: denied { execute } for pid=18650 comm="syz.2.4156" path="/96/file1/bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 1216.519112][ T446] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 1216.639117][ T294] usb 5-1: new high-speed USB device number 79 using dummy_hcd [ 1216.759105][ T446] usb 4-1: Using ep0 maxpacket: 16 [ 1216.815606][ T28] audit: type=1400 audit(2000001165.449:331): avc: denied { setattr } for pid=18658 comm="syz.1.4158" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 1216.889378][ T446] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1216.900457][ T446] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1216.910219][ T446] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1216.924712][ T446] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 1216.933634][ T446] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1216.941933][ T446] usb 4-1: config 0 descriptor?? [ 1217.019219][ T294] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1217.046896][ T294] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1217.056866][ T294] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00 [ 1217.057528][T16732] EXT4-fs unmount: 1 callbacks suppressed [ 1217.057541][T16732] EXT4-fs (loop2): unmounting filesystem. [ 1217.065957][ T294] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1217.091941][ T294] usb 5-1: config 0 descriptor?? [ 1217.409868][ T446] koneplus 0003:1E7D:2E22.0060: unknown main item tag 0x0 [ 1217.416903][ T446] koneplus 0003:1E7D:2E22.0060: unknown main item tag 0x0 [ 1217.424458][ T446] koneplus 0003:1E7D:2E22.0060: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.3-1/input0 [ 1217.525895][T18668] syz.1.4160[18668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1217.525943][T18668] syz.1.4160[18668] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1217.538285][T18668] ------------[ cut here ]------------ [ 1217.554867][T18668] WARNING: CPU: 1 PID: 18668 at mm/page_alloc.c:5690 __alloc_pages+0xc0/0x780 [ 1217.563666][T18668] Modules linked in: [ 1217.567283][T18668] CPU: 1 PID: 18668 Comm: syz.1.4160 Not tainted 6.1.90-syzkaller-00023-gedca080b95df #0 [ 1217.576993][T18668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1217.584600][ T294] playstation 0003:054C:0DF2.0061: hidraw1: USB HID v0.00 Device [HID 054c:0df2] on usb-dummy_hcd.4-1/input0 [ 1217.586844][T18668] RIP: 0010:__alloc_pages+0xc0/0x780 [ 1217.603326][T18668] Code: 0b 72 13 44 89 e8 25 00 20 00 00 75 09 80 3d cb 94 b7 05 00 74 0d 83 fb 0a 76 16 45 31 e4 e9 4e 03 00 00 c6 05 b5 94 b7 05 01 <0f> 0b 83 fb 0a 77 ea 89 1c 24 44 23 2d d7 bd ba 05 65 48 8b 05 27 [ 1217.622941][T18668] RSP: 0018:ffffc90003b47a40 EFLAGS: 00010246 [ 1217.628935][T18668] RAX: 0000000000000000 RBX: 000000000000001a RCX: 0000000000000000 [ 1217.636676][T18668] RDX: 0000000000000018 RSI: 0000000000000000 RDI: ffffc90003b47ae8 [ 1217.644508][T18668] RBP: ffffc90003b47b78 R08: dffffc0000000000 R09: ffffc90003b47ad0 [ 1217.652284][T18668] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 1217.660094][T18668] R13: 0000000000040dc0 R14: dffffc0000000000 R15: 1ffff92000768f54 [ 1217.667878][T18668] FS: 00007fa8aa4936c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1217.676681][T18668] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1217.683093][T18668] CR2: 0000001b2cc1fffc CR3: 000000012d30c000 CR4: 00000000003506a0 [ 1217.690904][T18668] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1217.698692][T18668] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1217.706620][T18668] Call Trace: [ 1217.709729][T18668] [ 1217.712490][T18668] ? show_regs+0x58/0x60 [ 1217.716570][T18668] ? __warn+0x160/0x3d0 [ 1217.720676][T18668] ? __alloc_pages+0xc0/0x780 [ 1217.725163][T18668] ? report_bug+0x4d5/0x7d0 [ 1217.729534][T18668] ? __alloc_pages+0xc0/0x780 [ 1217.734145][T18668] ? handle_bug+0x41/0x70 [ 1217.738312][T18668] ? exc_invalid_op+0x1b/0x50 [ 1217.742875][T18668] ? asm_exc_invalid_op+0x1b/0x20 [ 1217.747687][T18668] ? __alloc_pages+0xc0/0x780 [ 1217.752226][T18668] ? do_vfs_ioctl+0xba7/0x29a0 [ 1217.756798][T18668] ? schedule+0xda/0x180 [ 1217.760912][T18668] ? prep_new_page+0x110/0x110 [ 1217.765475][T18668] ? futex_unqueue+0x110/0x140 [ 1217.770108][T18668] __kmalloc_large_node+0x9e/0x1b0 [ 1217.775022][T18668] ? ioctl_has_perm+0x1f8/0x560 [ 1217.779739][T18668] ? input_mt_init_slots+0xcf/0xa50 [ 1217.784744][T18668] __kmalloc+0xef/0x1e0 [ 1217.788730][T18668] ? ioctl_has_perm+0x3f0/0x560 [ 1217.789151][ T294] playstation 0003:054C:0DF2.0061: Failed to retrieve feature with reportID 9: -71 [ 1217.793461][T18668] input_mt_init_slots+0xcf/0xa50 [ 1217.807398][T18668] ? mutex_lock_interruptible+0xb1/0x1e0 [ 1217.812884][T18668] uinput_create_device+0x522/0x630 [ 1217.817897][T18668] uinput_ioctl_handler+0xa63/0x16a0 [ 1217.823044][T18668] ? selinux_file_ioctl+0x3cc/0x540 [ 1217.828051][T18668] ? uinput_release+0x50/0x50 [ 1217.828134][ T294] playstation 0003:054C:0DF2.0061: Failed to retrieve DualSense pairing info: -71 [ 1217.832597][T18668] ? __fget_files+0x2cb/0x330 [ 1217.841998][ T294] playstation 0003:054C:0DF2.0061: Failed to get MAC address from DualSense [ 1217.846107][T18668] uinput_ioctl+0x28/0x30 [ 1217.846131][T18668] ? uinput_poll+0x120/0x120 [ 1217.863343][T18668] __se_sys_ioctl+0x114/0x190 [ 1217.865900][ T294] playstation 0003:054C:0DF2.0061: Failed to create dualsense. [ 1217.867901][T18668] __x64_sys_ioctl+0x7b/0x90 [ 1217.876904][ T294] playstation: probe of 0003:054C:0DF2.0061 failed with error -71 [ 1217.879733][T18668] x64_sys_call+0x98/0x9a0 [ 1217.891638][T18668] do_syscall_64+0x3b/0xb0 [ 1217.893191][ T294] usb 5-1: USB disconnect, device number 79 [ 1217.895844][T18668] ? clear_bhb_loop+0x55/0xb0 [ 1217.906095][T18668] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1217.911848][T18668] RIP: 0033:0x7fa8a9779e79 [ 1217.916068][T18668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1217.935550][T18668] RSP: 002b:00007fa8aa493038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1217.943950][T18668] RAX: ffffffffffffffda RBX: 00007fa8a9915f80 RCX: 00007fa8a9779e79 [ 1217.951759][T18668] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005 [ 1217.959569][T18668] RBP: 00007fa8a97e7916 R08: 0000000000000000 R09: 0000000000000000 [ 1217.967358][T18668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1217.975200][T18668] R13: 0000000000000000 R14: 00007fa8a9915f80 R15: 00007ffe6e718e48 [ 1217.983002][T18668] [ 1217.985843][T18668] ---[ end trace 0000000000000000 ]--- [ 1217.994261][ T446] koneplus 0003:1E7D:2E22.0060: couldn't init struct koneplus_device [ 1218.002512][ T446] koneplus 0003:1E7D:2E22.0060: couldn't install mouse [ 1218.016450][ T446] koneplus: probe of 0003:1E7D:2E22.0060 failed with error -5 [ 1218.028658][ T446] usb 4-1: USB disconnect, device number 92 [ 1218.196875][T18675] fuse: Bad value for 'fd' [ 1218.359558][T18674] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 1218.389288][ T28] audit: type=1400 audit(2000001166.989:332): avc: denied { remount } for pid=18672 comm="syz.1.4162" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 1218.424464][ T28] audit: type=1400 audit(2000001166.989:333): avc: denied { write } for pid=18672 comm="syz.1.4162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 1218.809123][ T364] usb 4-1: new high-speed USB device number 93 using dummy_hcd [ 1219.286387][T18696] input: syz1 as /devices/virtual/input/input12 [ 1219.517889][ T364] usb 4-1: Using ep0 maxpacket: 16 [ 1219.723720][T18702] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 1219.883084][ T364] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1219.894018][ T364] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1219.907768][ T364] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1219.915492][T18707] loop1: detected capacity change from 0 to 512 [ 1219.920690][ T364] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 1219.935571][ T364] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1219.941304][T18707] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1219.944859][ T364] usb 4-1: config 0 descriptor?? [ 1219.955110][T18707] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038 (0x7fffffff) [ 1220.036696][T17168] EXT4-fs error (device loop1): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /83/file1/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 1220.420006][ T364] koneplus 0003:1E7D:2E22.0062: unknown main item tag 0x0 [ 1220.427700][ T364] koneplus 0003:1E7D:2E22.0062: unknown main item tag 0x0 [ 1220.435724][T18713] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4175'. [ 1220.436388][ T364] koneplus 0003:1E7D:2E22.0062: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.3-1/input0 [ 1220.456014][T18713] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4175'. [ 1220.464817][T18713] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4175'. [ 1220.638978][ T364] koneplus 0003:1E7D:2E22.0062: couldn't init struct koneplus_device [ 1220.648962][ T364] koneplus 0003:1E7D:2E22.0062: couldn't install mouse [ 1220.967677][ T364] koneplus: probe of 0003:1E7D:2E22.0062 failed with error -5 [ 1220.977250][ T364] usb 4-1: USB disconnect, device number 93 [ 1221.194030][ T28] audit: type=1400 audit(2000001169.829:334): avc: denied { map } for pid=18725 comm="syz.2.4179" path="socket:[98801]" dev="sockfs" ino=98801 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 1221.233956][T18728] SELinux: Context system_u:object_r:man_t:s0 is not valid (left unmapped). [ 1221.237411][ T28] audit: type=1400 audit(2000001169.829:335): avc: denied { read } for pid=18725 comm="syz.2.4179" path="socket:[98801]" dev="sockfs" ino=98801 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 1221.266257][ T28] audit: type=1400 audit(2000001169.889:336): avc: denied { relabelto } for pid=18727 comm="syz.2.4180" name="file0" dev="tmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:man_t:s0" [ 1221.292567][ T28] audit: type=1400 audit(2000001169.889:337): avc: denied { associate } for pid=18727 comm="syz.2.4180" name="file0" dev="tmpfs" ino=707 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:man_t:s0" [ 1221.319761][ T28] audit: type=1400 audit(2000001169.889:338): avc: denied { unlink } for pid=16732 comm="syz-executor" name="file0" dev="tmpfs" ino=707 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:man_t:s0" [ 1221.413635][T18736] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 1221.422200][T18734] loop4: detected capacity change from 0 to 2048 [ 1221.422326][T18736] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1221.470475][T18734] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1221.487741][T18734] EXT4-fs (loop4): re-mounted. Quota mode: none. [ 1221.504560][T18736] bridge0: port 2(bridge_slave_1) entered disabled state [ 1221.511575][T18736] bridge0: port 1(bridge_slave_0) entered disabled state [ 1221.524194][T18734] EXT4-fs (loop4): re-mounted. Quota mode: none. [ 1221.544322][T18534] EXT4-fs (loop4): unmounting filesystem. [ 1221.644241][T18751] loop4: detected capacity change from 0 to 2048 [ 1221.670561][T18751] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1221.680544][ T28] audit: type=1400 audit(2000001170.319:339): avc: denied { rename } for pid=18750 comm="syz.4.4189" name="file2" dev="loop4" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 1221.703128][T18751] EXT4-fs error (device loop4): ext4_free_inode:355: comm syz.4.4189: bit already cleared for inode 15 [ 1221.739094][ T364] usb 3-1: new high-speed USB device number 74 using dummy_hcd [ 1221.747418][T18534] EXT4-fs (loop4): unmounting filesystem. [ 1221.803896][T18763] loop4: detected capacity change from 0 to 1024 [ 1221.828207][T18763] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869) [ 1221.834029][T18765] loop3: detected capacity change from 0 to 1024 [ 1221.844570][T18763] EXT4-fs (loop4): invalid journal inode [ 1221.850582][T18763] EXT4-fs (loop4): can't get journal size [ 1221.856195][T18765] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869) [ 1221.866222][T18765] EXT4-fs (loop3): invalid journal inode [ 1221.871944][T18763] EXT4-fs error (device loop4): ext4_protect_reserved_inode:182: inode #2: comm syz.4.4192: blocks 48-48 from inode overlap system zone [ 1221.885842][T18765] EXT4-fs (loop3): can't get journal size [ 1221.891875][T18763] EXT4-fs (loop4): failed to initialize system zone (-117) [ 1221.895992][T18765] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #2: comm syz.3.4194: blocks 48-48 from inode overlap system zone [ 1221.898993][T18763] EXT4-fs (loop4): mount failed [ 1221.917801][T18765] EXT4-fs (loop3): failed to initialize system zone (-117) [ 1221.925311][T18765] EXT4-fs (loop3): mount failed [ 1221.984188][T18765] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check. [ 1222.007358][T18765] fuse: Unknown parameter 'grou00000000000000000000' [ 1222.014101][ T364] usb 3-1: Using ep0 maxpacket: 16 [ 1222.043857][T18769] loop4: detected capacity change from 0 to 1024 [ 1222.073082][T18773] loop3: detected capacity change from 0 to 1024 [ 1222.080482][T18769] EXT4-fs error (device loop4): __ext4_fill_super:5386: inode #2: comm syz.4.4195: casefold flag without casefold feature [ 1222.085916][T18773] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (29950!=20869) [ 1222.102996][T18769] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 1222.103390][T18773] EXT4-fs (loop3): invalid journal inode [ 1222.117647][T18773] EXT4-fs (loop3): can't get journal size [ 1222.123910][T18773] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #2: comm syz.3.4197: blocks 48-48 from inode overlap system zone [ 1222.124032][T18769] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1222.138047][T18773] EXT4-fs (loop3): failed to initialize system zone (-117) [ 1222.153450][T18773] EXT4-fs (loop3): mount failed [ 1222.169162][ T364] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1222.186774][T18534] EXT4-fs (loop4): unmounting filesystem. [ 1222.203217][ T364] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1222.217168][T18773] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check. [ 1222.233715][ T364] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1222.249092][ T364] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1222.269745][ T364] usb 3-1: config 0 descriptor?? [ 1222.442830][ T28] audit: type=1400 audit(2000001171.079:340): avc: denied { module_load } for pid=18781 comm="syz.4.4200" path=2F6D656D66643A1037202864656C6574656429 dev="tmpfs" ino=4424 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 1222.442873][T18785] Invalid ELF section header size [ 1222.745184][ T364] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0063/input/input13 [ 1222.820697][ T364] microsoft 0003:045E:07DA.0063: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 1223.159437][ T5308] usb 3-1: USB disconnect, device number 74 [ 1223.202794][T18792] netlink: 'syz.4.4203': attribute type 10 has an invalid length. [ 1223.294972][T18796] loop4: detected capacity change from 0 to 8192 [ 1223.329744][T18793] bridge0: port 1(bridge_slave_0) entered blocking state [ 1223.336824][T18793] bridge0: port 1(bridge_slave_0) entered disabled state [ 1223.345676][T18793] device bridge_slave_0 entered promiscuous mode [ 1223.354245][T18793] bridge0: port 2(bridge_slave_1) entered blocking state [ 1223.362264][T18793] bridge0: port 2(bridge_slave_1) entered disabled state [ 1223.386239][T18793] device bridge_slave_1 entered promiscuous mode [ 1223.488301][T18793] bridge0: port 2(bridge_slave_1) entered blocking state [ 1223.495186][T18793] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1223.502279][T18793] bridge0: port 1(bridge_slave_0) entered blocking state [ 1223.509063][T18793] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1223.517972][ T5308] bridge0: port 1(bridge_slave_0) entered disabled state [ 1223.525748][ T5308] bridge0: port 2(bridge_slave_1) entered disabled state [ 1223.543472][ T28] audit: type=1326 audit(2000001172.179:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18800 comm="syz.4.4205" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ae1f79e79 code=0x0 [ 1223.576972][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1223.584495][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1223.605853][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1223.614262][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1223.625205][ T3297] bridge0: port 1(bridge_slave_0) entered blocking state [ 1223.632158][ T3297] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1223.639593][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1223.647743][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1223.656367][ T3297] bridge0: port 2(bridge_slave_1) entered blocking state [ 1223.663312][ T3297] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1223.692420][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1223.704349][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1223.712512][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1223.721610][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1223.735425][T18793] device veth0_vlan entered promiscuous mode [ 1223.745745][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1223.754210][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1223.762729][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1223.770762][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1223.785003][T18793] device veth1_macvtap entered promiscuous mode [ 1223.797174][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1223.804838][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1223.806061][ T28] audit: type=1400 audit(2000001172.439:342): avc: denied { ioctl } for pid=18810 comm="syz.2.4209" path="socket:[98933]" dev="sockfs" ino=98933 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1223.812142][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1223.846138][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1223.854162][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1223.874794][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1223.882972][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1223.891108][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1223.899558][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1223.956539][T18816] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4209'. [ 1223.968619][T18816] loop2: detected capacity change from 0 to 512 [ 1224.002861][ T43] device bridge_slave_1 left promiscuous mode [ 1224.017160][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 1224.024717][ T5308] usb 5-1: new high-speed USB device number 80 using dummy_hcd [ 1224.032876][ T43] device bridge_slave_0 left promiscuous mode [ 1224.038921][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 1224.050814][ T28] audit: type=1400 audit(2000001172.639:343): avc: denied { ioctl } for pid=18810 comm="syz.2.4209" path="socket:[100212]" dev="sockfs" ino=100212 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1224.077425][ T43] device veth1_macvtap left promiscuous mode [ 1224.087553][ T43] device veth0_vlan left promiscuous mode [ 1224.269082][ T5308] usb 5-1: Using ep0 maxpacket: 32 [ 1224.389151][ T5308] usb 5-1: config 0 has an invalid descriptor of length 124, skipping remainder of the config [ 1224.419101][ T5308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1224.440105][ T5308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1224.453212][ T5308] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1224.479089][ T5308] usb 5-1: New USB device found, idVendor=1b96, idProduct=9f0a, bcdDevice= 0.15 [ 1224.498053][ T5308] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1224.674017][ T5308] usb 5-1: config 0 descriptor?? [ 1225.146132][ T5308] hid-generic 0003:1B96:9F0A.0064: hidraw0: USB HID v0.00 Device [HID 1b96:9f0a] on usb-dummy_hcd.4-1/input0 [ 1225.366868][T18842] loop3: detected capacity change from 0 to 1024 [ 1225.410303][T15770] usb 5-1: USB disconnect, device number 80 [ 1225.432049][ T6888] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1225.799129][ T5308] usb 4-1: new high-speed USB device number 94 using dummy_hcd [ 1225.941004][T18859] loop4: detected capacity change from 0 to 128 [ 1226.019815][T18863] loop4: detected capacity change from 0 to 512 [ 1226.039088][ T5308] usb 4-1: Using ep0 maxpacket: 32 [ 1226.085261][T18863] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1226.098630][T18863] ext4 filesystem being mounted at /22/bus supports timestamps until 2038 (0x7fffffff) [ 1226.159123][ T5308] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1226.180249][ T5308] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1226.189869][ T5308] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1226.198663][ T5308] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1226.239581][ T5308] hub 4-1:4.0: USB hub found [ 1226.382049][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 1226.382066][ T28] audit: type=1400 audit(2000001175.019:348): avc: denied { setopt } for pid=18874 comm="syz.2.4232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 1226.569179][ T5308] hub 4-1:4.0: 2 ports detected [ 1226.789162][ T5308] hub 4-1:4.0: hub_hub_status failed (err = -71) [ 1226.795352][ T5308] hub 4-1:4.0: config failed, can't get hub status (err -71) [ 1226.852155][ T5308] usb 4-1: USB disconnect, device number 94 [ 1226.901822][T18534] EXT4-fs (loop4): unmounting filesystem. [ 1227.169619][ T28] audit: type=1400 audit(2000001175.799:349): avc: denied { ioctl } for pid=18887 comm="syz.4.4237" path="socket:[100450]" dev="sockfs" ino=100450 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 1227.347603][T18900] input: syz1 as /devices/virtual/input/input14 [ 1227.360816][ T28] audit: type=1400 audit(2000001175.999:350): avc: denied { nlmsg_read } for pid=18901 comm="syz.2.4244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 1227.461787][ T28] audit: type=1400 audit(2000001176.099:351): avc: denied { set_context_mgr } for pid=18911 comm="syz.3.4249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 1227.513693][ T28] audit: type=1400 audit(2000001176.129:352): avc: denied { map } for pid=18911 comm="syz.3.4249" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 1227.573345][ T28] audit: type=1400 audit(2000001176.129:353): avc: denied { call } for pid=18911 comm="syz.3.4249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 1227.631279][ T28] audit: type=1400 audit(2000001176.129:354): avc: denied { transfer } for pid=18911 comm="syz.3.4249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 1227.756106][ T28] audit: type=1400 audit(2000001176.389:355): avc: denied { create } for pid=18934 comm="syz.3.4258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 1228.059680][ T28] audit: type=1400 audit(2000001176.659:356): avc: denied { nlmsg_write } for pid=18930 comm="syz.4.4257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 1228.086302][T18942] loop2: detected capacity change from 0 to 1024 [ 1228.159267][T18942] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 1228.216544][T18942] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869) [ 1228.270376][T18942] EXT4-fs (loop2): barriers disabled [ 1228.313728][T18942] JBD2: no valid journal superblock found [ 1228.327461][T18942] EXT4-fs (loop2): error loading journal [ 1228.482487][T18936] syz.4.4257 (18936) used greatest stack depth: 19936 bytes left [ 1228.727982][T18976] loop2: detected capacity change from 0 to 256 [ 1228.763911][T18976] exfat: Deprecated parameter 'namecase' [ 1228.808625][T18967] loop3: detected capacity change from 0 to 40427 [ 1228.816931][T18976] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1228.875255][T18967] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1228.979854][T18967] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1228.992766][T18970] loop4: detected capacity change from 0 to 40427 [ 1229.011033][T18970] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 1229.020976][T18970] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 1229.037227][T18970] F2FS-fs (loop4): invalid crc value [ 1229.058251][T18985] input: syz0 as /devices/virtual/input/input15 [ 1229.088148][T18970] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1229.116522][ T28] audit: type=1400 audit(2000001177.749:357): avc: denied { write } for pid=18966 comm="syz.3.4268" name="bus" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 1229.141044][T18985] overlayfs: failed to resolve './file0': -2 [ 1229.229493][T18970] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 1229.236414][T18970] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1229.277560][ T43] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1229.299831][ T43] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 1229.623806][T17220] syz-executor: attempt to access beyond end of device [ 1229.623806][T17220] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 1229.779126][T19003] fuse: Unknown parameter 'fPć0x0000000000000007' [ 1230.433266][T19014] input: syz1 as /devices/virtual/input/input16 [ 1230.999915][T17168] EXT4-fs (loop1): unmounting filesystem. [ 1231.279610][T19017] bridge0: port 1(bridge_slave_0) entered blocking state [ 1231.309890][T19017] bridge0: port 1(bridge_slave_0) entered disabled state [ 1231.329699][T19017] device bridge_slave_0 entered promiscuous mode [ 1231.353888][T19017] bridge0: port 2(bridge_slave_1) entered blocking state [ 1231.378531][T19017] bridge0: port 2(bridge_slave_1) entered disabled state [ 1231.399557][T19017] device bridge_slave_1 entered promiscuous mode [ 1231.406037][T19037] netlink: 288 bytes leftover after parsing attributes in process `syz.3.4291'. [ 1231.457196][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 1231.457211][ T28] audit: type=1400 audit(2000001180.089:366): avc: denied { ioctl } for pid=19040 comm="syz.3.4293" path="socket:[101381]" dev="sockfs" ino=101381 ioctlcmd=0x8936 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 1231.549831][T19045] tipc: Started in network mode [ 1231.554621][T19045] tipc: Node identity ffffffff, cluster identity 4711 [ 1231.565047][T19016] loop4: detected capacity change from 0 to 40427 [ 1231.571731][T19045] tipc: Node number set to 4294967295 [ 1231.593639][T19017] bridge0: port 2(bridge_slave_1) entered blocking state [ 1231.600517][T19017] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1231.607604][T19017] bridge0: port 1(bridge_slave_0) entered blocking state [ 1231.614421][T19017] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1231.622394][T19016] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1231.669990][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1231.677657][ T5308] bridge0: port 1(bridge_slave_0) entered disabled state [ 1231.689093][ T364] usb 3-1: new high-speed USB device number 75 using dummy_hcd [ 1231.696658][ T5308] bridge0: port 2(bridge_slave_1) entered disabled state [ 1231.719192][T19016] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1231.727873][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1231.749322][ T5308] bridge0: port 1(bridge_slave_0) entered blocking state [ 1231.756269][ T5308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1231.765132][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1231.789707][ T5308] bridge0: port 2(bridge_slave_1) entered blocking state [ 1231.796562][ T5308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1231.825183][T19053] input: syz0 as /devices/virtual/input/input17 [ 1231.833609][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1231.842216][T19053] input: failed to attach handler leds to device input17, error: -6 [ 1231.849788][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1231.857900][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1231.870695][ T43] device bridge_slave_1 left promiscuous mode [ 1231.876679][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 1231.889492][ T43] device bridge_slave_0 left promiscuous mode [ 1231.895437][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 1231.922147][ T43] device veth1_macvtap left promiscuous mode [ 1231.929310][ T43] device veth0_vlan left promiscuous mode [ 1232.079157][ T364] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 1232.103710][ T364] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0 [ 1232.118372][ T364] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 1232.132486][ T364] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 1232.162397][T19017] device veth0_vlan entered promiscuous mode [ 1232.170289][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1232.185487][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1232.206699][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1232.212312][T19051] loop3: detected capacity change from 0 to 40427 [ 1232.214531][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1232.228214][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1232.237190][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1232.246798][T19017] device veth1_macvtap entered promiscuous mode [ 1232.259724][T19061] binder: BINDER_SET_CONTEXT_MGR already set [ 1232.265446][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1232.265792][T19061] binder: 19060:19061 ioctl 4018620d 200002c0 returned -16 [ 1232.273532][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1232.289067][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1232.305286][ T364] usb 3-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00 [ 1232.315195][ T364] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1232.318462][T19051] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1232.335200][ T364] usb 3-1: Product: syz [ 1232.344367][ T364] usb 3-1: Manufacturer: syz [ 1232.359093][ T364] usb 3-1: SerialNumber: syz [ 1232.373455][ T364] usb 3-1: config 0 descriptor?? [ 1232.388630][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1232.397325][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1232.416409][ T28] audit: type=1400 audit(2000001181.049:367): avc: denied { write } for pid=19066 comm="syz.0.4302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 1232.419543][ T364] ums-isd200 3-1:0.0: USB Mass Storage device detected [ 1232.469150][T19051] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1232.534831][T18534] syz-executor: attempt to access beyond end of device [ 1232.534831][T18534] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 1232.560730][T19074] input: syz0 as /devices/virtual/input/input18 [ 1232.562785][T18534] syz-executor: attempt to access beyond end of device [ 1232.562785][T18534] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 1232.639562][ T43] kworker/u4:2: attempt to access beyond end of device [ 1232.639562][ T43] loop4: rw=2049, sector=40960, nr_sectors = 96 limit=40427 [ 1232.659146][ T364] scsi host1: usb-storage 3-1:0.0 [ 1232.667154][ T364] usb 3-1: USB disconnect, device number 75 [ 1232.947304][T19069] loop1: detected capacity change from 0 to 40427 [ 1232.953137][T19082] loop0: detected capacity change from 0 to 2048 [ 1232.972779][T19069] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 1233.000774][T19082] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1233.018296][T19069] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1233.023605][T17220] syz-executor: attempt to access beyond end of device [ 1233.023605][T17220] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 1233.041672][T18793] EXT4-fs (loop0): unmounting filesystem. [ 1233.047382][T19069] F2FS-fs (loop1): invalid crc value [ 1233.047442][T17220] syz-executor: attempt to access beyond end of device [ 1233.047442][T17220] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 1233.094093][T19069] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1233.095835][ T1051] kworker/u4:5: attempt to access beyond end of device [ 1233.095835][ T1051] loop3: rw=2049, sector=40960, nr_sectors = 96 limit=40427 [ 1233.179400][T19069] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1233.186266][T19069] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 1233.227537][ T28] audit: type=1400 audit(2000001181.859:368): avc: denied { create } for pid=19068 comm="syz.1.4282" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 1233.269800][T19069] syz.1.4282: attempt to access beyond end of device [ 1233.269800][T19069] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1233.340865][T19097] bridge0: port 1(bridge_slave_0) entered blocking state [ 1233.347727][T19097] bridge0: port 1(bridge_slave_0) entered disabled state [ 1233.355668][T19097] device bridge_slave_0 entered promiscuous mode [ 1233.375611][T19097] bridge0: port 2(bridge_slave_1) entered blocking state [ 1233.395229][T19097] bridge0: port 2(bridge_slave_1) entered disabled state [ 1233.403801][T19097] device bridge_slave_1 entered promiscuous mode [ 1233.419144][ T364] usb 1-1: new high-speed USB device number 78 using dummy_hcd [ 1233.426739][ T43] device bridge_slave_1 left promiscuous mode [ 1233.443702][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 1233.473246][ T43] device bridge_slave_0 left promiscuous mode [ 1233.479492][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 1233.488259][ T43] device veth1_macvtap left promiscuous mode [ 1233.494211][ T43] device veth0_vlan left promiscuous mode [ 1233.832182][ T28] audit: type=1400 audit(2000001182.469:369): avc: denied { create } for pid=19114 comm="syz.1.4319" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 1234.109136][ T364] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1234.120134][ T364] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1234.129918][ T364] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1234.142795][ T364] usb 1-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00 [ 1234.151795][ T364] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1234.160491][ T364] usb 1-1: config 0 descriptor?? [ 1234.179013][T19109] bridge0: port 1(bridge_slave_0) entered blocking state [ 1234.185991][T19109] bridge0: port 1(bridge_slave_0) entered disabled state [ 1234.193388][T19109] device bridge_slave_0 entered promiscuous mode [ 1234.203172][T19109] bridge0: port 2(bridge_slave_1) entered blocking state [ 1234.210198][T19109] bridge0: port 2(bridge_slave_1) entered disabled state [ 1234.217477][T19109] device bridge_slave_1 entered promiscuous mode [ 1234.285522][T19109] bridge0: port 2(bridge_slave_1) entered blocking state [ 1234.292394][T19109] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1234.306585][ T3297] bridge0: port 2(bridge_slave_1) entered disabled state [ 1234.314627][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1234.322231][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1234.331896][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1234.339991][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1234.347972][ T3297] bridge0: port 1(bridge_slave_0) entered blocking state [ 1234.354819][ T3297] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1234.362153][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 1234.369641][ T43] tipc: Left network mode [ 1234.374663][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1234.382879][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1234.391146][ T3297] bridge0: port 2(bridge_slave_1) entered blocking state [ 1234.397978][ T3297] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1234.412669][ T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1234.420821][ T409] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1234.430961][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1234.439365][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1234.452304][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1234.465629][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1234.477791][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1234.486428][ T5308] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1234.494550][ T5308] bridge0: port 1(bridge_slave_0) entered blocking state [ 1234.501512][ T5308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1234.520621][ T28] audit: type=1400 audit(2000001183.159:370): avc: denied { unlink } for pid=19017 comm="syz-executor" name="bus" dev="tmpfs" ino=32 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 1234.531913][T19097] device veth0_vlan entered promiscuous mode [ 1234.551374][T19126] loop1: detected capacity change from 0 to 512 [ 1234.566044][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1234.575095][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1234.584701][T19126] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.4321: inode #1: comm syz.1.4321: iget: illegal inode # [ 1234.598190][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1234.605563][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1234.626189][T19097] device veth1_macvtap entered promiscuous mode [ 1234.632549][T19126] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.4321: error while reading EA inode 1 err=-117 [ 1234.647030][ T364] waltop 0003:172F:0038.0065: hidraw0: USB HID v0.00 Device [HID 172f:0038] on usb-dummy_hcd.0-1/input0 [ 1234.665074][T19126] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2810: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 1234.678299][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1234.678809][T19126] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.4321: inode #1: comm syz.1.4321: iget: illegal inode # [ 1234.699749][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1234.707759][ T446] bridge0: port 2(bridge_slave_1) entered blocking state [ 1234.714633][ T446] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1234.722193][T19126] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.4321: error while reading EA inode 1 err=-117 [ 1234.734838][T19126] EXT4-fs (loop1): 1 orphan inode deleted [ 1234.741045][T19126] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1234.750099][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1234.758279][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1234.770908][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1234.781401][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1234.797281][T19017] EXT4-fs (loop1): unmounting filesystem. [ 1234.803373][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1234.827623][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1234.867321][ T446] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1234.880379][T19109] device veth0_vlan entered promiscuous mode [ 1234.887208][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1234.896471][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1234.906928][ T3297] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1234.920205][ T446] usb 1-1: USB disconnect, device number 78 [ 1234.925355][T19109] device veth1_macvtap entered promiscuous mode [ 1234.943432][T19138] loop1: detected capacity change from 0 to 1024 [ 1234.951293][T15770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1234.972156][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1234.981585][T19138] EXT4-fs: Ignoring removed orlov option [ 1234.983883][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1234.987388][T19138] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 1235.060810][ T43] device bridge_slave_1 left promiscuous mode [ 1235.066893][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 1235.076772][ T43] device bridge_slave_0 left promiscuous mode [ 1235.084086][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 1235.466493][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request. Check SNMP counters. [ 1235.552565][T19172] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4336'. [ 1235.967738][ T28] audit: type=1400 audit(2000001184.599:371): avc: denied { connect } for pid=19177 comm="syz.2.4338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 1236.120379][T19182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4340'. [ 1236.279119][ T5308] usb 3-1: new high-speed USB device number 76 using dummy_hcd [ 1236.417342][T19207] loop1: detected capacity change from 0 to 1024 [ 1236.429275][ T310] usb 4-1: new full-speed USB device number 95 using dummy_hcd [ 1236.430720][T19207] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1236.529296][ T5308] usb 3-1: Using ep0 maxpacket: 16 [ 1236.669235][ T5308] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1236.680431][ T5308] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1236.690070][ T5308] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 1236.698986][ T5308] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1236.718735][ T5308] usb 3-1: config 0 descriptor?? [ 1236.869120][ T310] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1236.879722][ T310] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1236.888665][ T310] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 1236.900056][ T310] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 1236.909111][ T310] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1236.949158][T19184] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 1236.978479][ T310] hub 4-1:1.0: bad descriptor, ignoring hub [ 1236.979134][T19211] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4032167445 (64514679120 ns) > initial count (63607699792 ns). Using initial count to start timer. [ 1237.009364][ T310] hub: probe of 4-1:1.0 failed with error -5 [ 1237.015972][ T310] cdc_wdm 4-1:1.0: skipping garbage [ 1237.021082][ T310] cdc_wdm 4-1:1.0: skipping garbage [ 1237.038987][ T310] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 1237.152621][ T28] audit: type=1400 audit(2000001185.789:372): avc: denied { getopt } for pid=19215 comm="syz.0.4353" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 1237.191001][ T5308] savu 0003:1E7D:2D5A.0066: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0 [ 1237.195249][T19017] EXT4-fs (loop1): unmounting filesystem. [ 1237.282863][ T28] audit: type=1400 audit(2000001185.919:373): avc: denied { read } for pid=19228 comm="syz.4.4358" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 1237.339514][ T294] usb 4-1: USB disconnect, device number 95 [ 1237.342345][T19236] loop4: detected capacity change from 0 to 512 [ 1237.351982][T19236] EXT4-fs: Ignoring removed nobh option [ 1237.357385][T19236] EXT4-fs: Ignoring removed i_version option [ 1237.365003][T19236] EXT4-fs: Ignoring removed nobh option [ 1237.376360][T19236] EXT4-fs: Mount option(s) incompatible with ext3 [ 1237.389359][ T5308] usb 3-1: USB disconnect, device number 76 [ 1237.629124][T19242] loop4: detected capacity change from 0 to 256 [ 1237.637162][T19242] FAT-fs (loop4): Unrecognized mount option "nnonumtail=1" or missing value [ 1237.674690][T19242] netlink: 140 bytes leftover after parsing attributes in process `syz.4.4361'. [ 1237.779117][ T294] usb 4-1: new high-speed USB device number 96 using dummy_hcd [ 1237.931204][T19244] loop2: detected capacity change from 0 to 2048 [ 1237.941784][T19244] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1237.950227][T19244] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038 (0x7fffffff) [ 1237.962097][T19244] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.4363: bg 0: block 345: padding at end of block bitmap is not set [ 1237.980096][T16732] EXT4-fs (loop2): unmounting filesystem. [ 1237.995234][T19248] x_tables: duplicate underflow at hook 3 [ 1238.019115][ T294] usb 4-1: Using ep0 maxpacket: 8 [ 1238.855653][ T294] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1238.865694][ T294] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 1238.874745][ T294] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 1238.886130][ T294] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 1238.944318][T19263] loop1: detected capacity change from 0 to 512 [ 1238.945775][ T294] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 1238.955703][T19257] loop0: detected capacity change from 0 to 2048 [ 1238.960040][ T294] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1238.992635][T19263] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.4369: invalid indirect mapped block 256 (level 2) [ 1239.006196][T19263] EXT4-fs (loop1): 2 truncates cleaned up [ 1239.011973][T19263] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1239.044008][T19257] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 1239.056828][T19257] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038 (0x7fffffff) [ 1239.057141][T19017] EXT4-fs (loop1): unmounting filesystem. [ 1239.067080][ T294] hub 4-1:1.0: bad descriptor, ignoring hub [ 1239.165924][T19273] loop2: detected capacity change from 0 to 16 [ 1239.243783][T19273] erofs: Unknown parameter '˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙0xffffffffffffffff01777777777777777777777' [ 1239.315913][ T294] hub: probe of 4-1:1.0 failed with error -5 [ 1239.316305][T19274] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.4366: bg 0: block 345: padding at end of block bitmap is not set [ 1239.322034][ T294] cdc_wdm 4-1:1.0: skipping garbage [ 1239.341041][ T294] cdc_wdm 4-1:1.0: skipping garbage [ 1239.355155][T18793] EXT4-fs (loop0): unmounting filesystem. [ 1239.363322][ T294] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 1239.388165][T19284] loop0: detected capacity change from 0 to 512 [ 1239.394665][T19284] ext4: Unknown parameter 'noacl' [ 1239.732128][ T28] audit: type=1400 audit(2000001188.369:374): avc: denied { append } for pid=19288 comm="syz.1.4377" name="ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 1239.802188][ T294] usb 4-1: reset high-speed USB device number 96 using dummy_hcd [ 1239.869186][ T294] usb 4-1: device reset changed ep0 maxpacket size! [ 1239.880258][ T294] usb 4-1: USB disconnect, device number 96 [ 1240.258197][T19302] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4380'. [ 1240.440518][T19302] loop2: detected capacity change from 0 to 40427 [ 1240.451004][T19302] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1240.460661][T19302] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1240.476899][T19302] F2FS-fs (loop2): invalid crc value [ 1240.488794][T19302] F2FS-fs (loop2): invalid crc value [ 1240.494189][ T294] usb 4-1: new high-speed USB device number 97 using dummy_hcd [ 1240.501875][T19302] F2FS-fs (loop2): Failed to get valid F2FS checkpoint [ 1240.646361][T19292] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1241.011712][T15770] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1241.019376][T15770] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1241.031568][T15770] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1241.038889][T15770] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1241.046213][T15770] rtc rtc0: __rtc_set_alarm: err=-22 [ 1242.889405][T19319] loop1: detected capacity change from 0 to 1024 [ 1242.896331][T19319] EXT4-fs: Ignoring removed orlov option [ 1242.901896][T19319] EXT4-fs: quotafile must be on filesystem root [ 1243.093121][ T294] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1243.105388][ T28] audit: type=1400 audit(2000001191.749:375): avc: denied { setopt } for pid=19316 comm="syz.1.4384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 1243.107232][ T294] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1243.137462][ T294] usb 4-1: New USB device found, idVendor=1a7d, idProduct=30d4, bcdDevice= 0.00 [ 1243.147765][ T294] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1243.166790][T19333] loop0: detected capacity change from 0 to 256 [ 1243.176017][T19335] loop3: detected capacity change from 0 to 16 [ 1243.179714][T19338] loop4: detected capacity change from 0 to 256 [ 1243.187422][ T294] usb 4-1: config 0 descriptor?? [ 1243.188448][T19338] exfat: Deprecated parameter 'namecase' [ 1243.198278][T19335] erofs: Unknown parameter '˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙0xffffffffffffffff01777777777777777777777' [ 1243.198765][T19333] exfat: Unknown parameter '˙˙˙˙˙˙˙˙00000000000000000000' [ 1243.216544][T19338] exfat: Deprecated parameter 'utf8' [ 1243.226417][T19338] exfat: Deprecated parameter 'namecase' [ 1243.230372][ T294] usb 4-1: can't set config #0, error -71 [ 1243.241770][ T28] audit: type=1400 audit(2000001191.879:376): avc: denied { accept } for pid=19340 comm="syz.1.4389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 1243.282749][ T294] usb 4-1: USB disconnect, device number 97 [ 1243.309175][T19338] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 1243.438191][T19333] loop0: detected capacity change from 0 to 40427 [ 1243.451636][T19333] F2FS-fs (loop0): Unrecognized mount option "0xffffffffffffffff˙˙˙˙˙˙˙˙0x0000000000000004˙˙˙˙" or missing value [ 1244.062338][T19353] loop3: detected capacity change from 0 to 128 [ 1244.070275][T19353] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1244.083153][T19353] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1244.329110][T15770] usb 1-1: new high-speed USB device number 79 using dummy_hcd [ 1244.354946][T19369] loop2: detected capacity change from 0 to 1024 [ 1244.356494][T19368] loop4: detected capacity change from 0 to 512 [ 1244.378767][T19369] EXT4-fs: Ignoring removed orlov option [ 1244.398484][T19369] EXT4-fs: quotafile must be on filesystem root [ 1244.667164][T19328] usb 4-1: new high-speed USB device number 98 using dummy_hcd [ 1245.119157][T19328] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1245.144391][T19328] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1245.175945][T19328] usb 4-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00 [ 1245.185203][T19328] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1245.210042][T15770] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1245.211912][T19328] usb 4-1: config 0 descriptor?? [ 1245.225809][T15770] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1245.237558][T19383] loop4: detected capacity change from 0 to 256 [ 1245.238690][T15770] usb 1-1: New USB device found, idVendor=1a7d, idProduct=30d4, bcdDevice= 0.00 [ 1245.253791][T15770] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1245.262128][T19383] FAT-fs (loop4): Unrecognized mount option "shoŠtname=mixed" or missing value [ 1245.272705][T15770] usb 1-1: config 0 descriptor?? [ 1245.275166][T19384] loop2: detected capacity change from 0 to 256 [ 1245.286434][T19384] FAT-fs (loop2): Unrecognized mount option "shoŠtname=mixed" or missing value [ 1245.309843][T15770] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 1245.377723][ T6888] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1245.508422][T19389] syz.4.4401[19389] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1245.508494][T19389] syz.4.4401[19389] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1245.548978][T19389] netlink: 165 bytes leftover after parsing attributes in process `syz.4.4401'. [ 1245.621740][T19391] syz.2.4399[19391] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1245.621817][T19391] syz.2.4399[19391] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1245.635155][T19391] netlink: 165 bytes leftover after parsing attributes in process `syz.2.4399'. [ 1246.260083][T19328] elo 0003:04E7:0030.0067: item fetching failed at offset 5/7 [ 1246.280666][T19328] elo 0003:04E7:0030.0067: parse failed [ 1246.286073][T19328] elo: probe of 0003:04E7:0030.0067 failed with error -22 [ 1246.341612][T19398] loop4: detected capacity change from 0 to 512 [ 1246.347900][T19398] EXT4-fs: Ignoring removed i_version option [ 1246.365611][T19400] loop1: detected capacity change from 0 to 128 [ 1246.373170][T19398] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a016c018, mo2=0002] [ 1246.381594][T19398] System zones: 1-12 [ 1246.386302][T19398] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.4403: bg 0: block 131: padding at end of block bitmap is not set [ 1246.429436][T19398] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6171: Corrupt filesystem [ 1246.442390][T19398] EXT4-fs (loop4): 1 truncate cleaned up [ 1246.453501][T19398] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 1246.471925][ T28] audit: type=1400 audit(2000001195.109:377): avc: denied { mount } for pid=19397 comm="syz.4.4403" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 1246.494857][T19328] usb 4-1: USB disconnect, device number 98 [ 1246.501210][ T28] audit: type=1400 audit(2000001195.129:378): avc: denied { watch watch_reads } for pid=19397 comm="syz.4.4403" path="/20/file0/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1 [ 1246.531601][T19404] loop2: detected capacity change from 0 to 256 [ 1246.532296][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.554532][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.566053][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.582701][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.594496][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.605204][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.618945][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.636918][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.651481][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.667147][T19097] EXT4-fs error (device loop4): ext4_empty_dir:3087: inode #11: comm syz-executor: invalid size [ 1246.751622][T19203] EXT4-fs (loop4): unmounting filesystem. [ 1247.265825][T19415] bridge0: port 1(bridge_slave_0) entered blocking state [ 1247.277676][T19415] bridge0: port 1(bridge_slave_0) entered disabled state [ 1247.288615][T19415] device bridge_slave_0 entered promiscuous mode [ 1247.304413][T19415] bridge0: port 2(bridge_slave_1) entered blocking state [ 1247.317522][T19415] bridge0: port 2(bridge_slave_1) entered disabled state [ 1247.318916][T19328] usb 1-1: USB disconnect, device number 79 [ 1247.333373][T19415] device bridge_slave_1 entered promiscuous mode [ 1247.424139][T19415] bridge0: port 2(bridge_slave_1) entered blocking state [ 1247.431047][T19415] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1247.438134][T19415] bridge0: port 1(bridge_slave_0) entered blocking state [ 1247.444913][T19415] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1247.471931][T11364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1247.485477][T11364] bridge0: port 1(bridge_slave_0) entered disabled state [ 1247.493058][T11364] bridge0: port 2(bridge_slave_1) entered disabled state [ 1247.520100][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1247.528530][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 1247.535432][ T294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1247.611082][T19441] loop1: detected capacity change from 0 to 256 [ 1247.617709][T19441] exfat: Deprecated parameter 'utf8' [ 1247.622940][T19441] exfat: Deprecated parameter 'utf8' [ 1247.633084][T19441] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d) [ 1247.707591][T19328] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1247.721844][T19328] bridge0: port 2(bridge_slave_1) entered blocking state [ 1247.728722][T19328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1247.841954][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1247.860994][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1247.917347][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1247.932833][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1247.977062][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1247.986321][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1248.014854][T11364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1248.026647][T11364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1248.048375][T19415] device veth0_vlan entered promiscuous mode [ 1248.055342][T19328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1248.063319][T19328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1248.118264][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1248.134419][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1248.161331][T19415] device veth1_macvtap entered promiscuous mode [ 1248.217842][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1248.227224][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1248.227769][T19469] loop0: detected capacity change from 0 to 512 [ 1248.335908][T19477] loop3: detected capacity change from 0 to 2048 [ 1248.343850][T19469] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1248.352839][T19469] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038 (0x7fffffff) [ 1248.368797][T18793] EXT4-fs (loop0): unmounting filesystem. [ 1248.380441][T19477] Alternate GPT is invalid, using primary GPT. [ 1248.384557][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1248.388799][T19477] loop3: p1 p2 p3 [ 1248.405361][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1248.413906][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1248.769136][T11364] usb 4-1: new high-speed USB device number 99 using dummy_hcd [ 1248.860398][ T1051] device bridge_slave_1 left promiscuous mode [ 1248.868047][ T1051] bridge0: port 2(bridge_slave_1) entered disabled state [ 1248.890157][ T1051] device bridge_slave_0 left promiscuous mode [ 1248.903328][ T1051] bridge0: port 1(bridge_slave_0) entered disabled state [ 1248.919826][ T1051] device veth1_macvtap left promiscuous mode [ 1248.933918][ T1051] device veth0_vlan left promiscuous mode [ 1248.966627][T19499] loop0: detected capacity change from 0 to 40427 [ 1248.977979][T19499] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 1248.990357][T19499] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 1249.019969][T19499] F2FS-fs (loop0): Found nat_bits in checkpoint [ 1249.064584][T19499] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 1249.071699][T19499] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 1249.105921][T18793] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 1249.105946][T18793] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 1249.113706][T18793] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 1249.121234][T18793] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 1249.128727][T18793] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 1249.136834][T18793] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 1249.144682][T18793] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 1249.169139][T11364] usb 4-1: config index 0 descriptor too short (expected 45, got 36) [ 1249.186292][T11364] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1249.197112][T11364] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1249.209841][T11364] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1249.218780][T11364] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1249.227090][T11364] usb 4-1: config 0 descriptor?? [ 1249.310428][T19514] loop0: detected capacity change from 0 to 512 [ 1249.317257][T19514] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1249.325621][T19514] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 1249.338256][T19514] EXT4-fs (loop0): orphan cleanup on readonly fs [ 1249.345166][T19514] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3845: comm syz.0.4446: Allocating blocks 41-42 which overlap fs metadata [ 1249.359860][T19514] EXT4-fs (loop0): Remounting filesystem read-only [ 1249.366553][T19514] Quota error (device loop0): write_blk: dquota write failed [ 1249.374219][T19514] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 1249.383723][ T28] audit: type=1326 audit(2000001198.019:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19520 comm="syz.4.4449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbac1d79e79 code=0x7ffc0000 [ 1249.384203][T19514] EXT4-fs error (device loop0): ext4_acquire_dquot:6764: comm syz.0.4446: Failed to acquire dquot type 0 [ 1249.410148][ T28] audit: type=1326 audit(2000001198.049:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19520 comm="syz.4.4449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbac1d79e79 code=0x7ffc0000 [ 1249.418885][T19514] EXT4-fs (loop0): 1 truncate cleaned up [ 1249.447129][ T28] audit: type=1326 audit(2000001198.049:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19520 comm="syz.4.4449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbac1d79e79 code=0x7ffc0000 [ 1249.472510][T19514] EXT4-fs (loop0): pa ffff8881116f7348: logic 1, phys. 41, len 23 [ 1249.480213][T19514] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4885: group 0, free 22, pa_free 23 [ 1249.491109][ T28] audit: type=1326 audit(2000001198.049:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19520 comm="syz.4.4449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbac1d79e79 code=0x7ffc0000 [ 1249.514736][T19514] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 1249.514832][ T28] audit: type=1326 audit(2000001198.049:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19520 comm="syz.4.4449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbac1d79e79 code=0x7ffc0000 [ 1249.547384][ T28] audit: type=1326 audit(2000001198.049:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19520 comm="syz.4.4449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbac1d79e79 code=0x7ffc0000 [ 1249.587641][ T28] audit: type=1326 audit(2000001198.049:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19520 comm="syz.4.4449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbac1d79e79 code=0x7ffc0000 [ 1249.624223][ T28] audit: type=1326 audit(2000001198.049:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19520 comm="syz.4.4449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbac1d79e79 code=0x7ffc0000 [ 1249.647758][T19328] usb 2-1: new high-speed USB device number 94 using dummy_hcd [ 1249.819658][T11364] plantronics 0003:047F:FFFF.0068: unknown main item tag 0xd [ 1249.827656][T11364] plantronics 0003:047F:FFFF.0068: No inputs registered, leaving [ 1249.836437][T11364] plantronics 0003:047F:FFFF.0068: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 1250.021185][ T294] usb 4-1: USB disconnect, device number 99 [ 1250.059148][T19328] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1250.069985][T19328] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1250.079590][T19328] usb 2-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00 [ 1250.088449][T19328] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1250.096580][T19328] usb 2-1: config 0 descriptor?? [ 1250.143582][T18793] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1250.161989][T18793] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 1250.187117][T19176] EXT4-fs (loop0): unmounting filesystem. [ 1250.276145][T19536] loop4: detected capacity change from 0 to 256 [ 1250.678507][T19541] bridge0: port 1(bridge_slave_0) entered blocking state [ 1250.685713][T19541] bridge0: port 1(bridge_slave_0) entered disabled state [ 1250.692995][T19541] device bridge_slave_0 entered promiscuous mode [ 1250.701725][T19541] bridge0: port 2(bridge_slave_1) entered blocking state [ 1250.708640][T19541] bridge0: port 2(bridge_slave_1) entered disabled state [ 1250.715831][T19541] device bridge_slave_1 entered promiscuous mode [ 1250.758279][T19541] bridge0: port 2(bridge_slave_1) entered blocking state [ 1250.765175][T19541] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1250.772234][T19541] bridge0: port 1(bridge_slave_0) entered blocking state [ 1250.779009][T19541] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1250.797925][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1250.805406][ T310] bridge0: port 1(bridge_slave_0) entered disabled state [ 1250.812908][ T310] bridge0: port 2(bridge_slave_1) entered disabled state [ 1250.819877][T19328] usbhid 2-1:0.0: can't add hid device: -71 [ 1250.825624][T19328] usbhid: probe of 2-1:0.0 failed with error -71 [ 1250.833444][T19328] usb 2-1: USB disconnect, device number 94 [ 1250.841732][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1250.849761][ T364] bridge0: port 1(bridge_slave_0) entered blocking state [ 1250.856595][ T364] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1250.865378][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1250.873972][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1250.882080][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 1250.888940][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1250.901851][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1250.909751][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1250.918798][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1250.926717][ T310] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1250.941344][T19541] device veth0_vlan entered promiscuous mode [ 1250.947976][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1250.955990][T11364] usb 4-1: new high-speed USB device number 100 using dummy_hcd [ 1250.964093][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1250.972234][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1250.979879][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1250.989984][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1250.997230][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1251.008721][T19541] device veth1_macvtap entered promiscuous mode [ 1251.015338][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1251.023332][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1251.031666][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 1251.043177][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1251.051251][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1251.061315][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1251.069490][ T364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1251.090139][ T1051] device bridge_slave_1 left promiscuous mode [ 1251.096303][ T1051] bridge0: port 2(bridge_slave_1) entered disabled state [ 1251.103858][ T1051] device bridge_slave_0 left promiscuous mode [ 1251.111078][ T1051] bridge0: port 1(bridge_slave_0) entered disabled state [ 1251.120392][ T1051] device veth1_macvtap left promiscuous mode [ 1251.126304][ T1051] device veth0_vlan left promiscuous mode [ 1251.219111][T11364] usb 4-1: Using ep0 maxpacket: 32 [ 1251.359349][T11364] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1251.370178][T11364] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1251.379877][T11364] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1251.392442][T11364] usb 4-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 1251.401275][T11364] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1251.409472][T11364] usb 4-1: config 0 descriptor?? [ 1251.429174][ T294] usb 5-1: new high-speed USB device number 81 using dummy_hcd [ 1251.669119][ T294] usb 5-1: Using ep0 maxpacket: 8 [ 1251.789145][ T294] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 1251.798067][ T294] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1251.806320][ T294] usb 5-1: config 0 descriptor?? [ 1251.879750][T11364] ntrig 0003:1B96:000A.0069: unknown main item tag 0x0 [ 1251.886527][T11364] ntrig 0003:1B96:000A.0069: unknown main item tag 0x0 [ 1251.893321][T11364] ntrig 0003:1B96:000A.0069: unknown main item tag 0x0 [ 1251.900126][T11364] ntrig 0003:1B96:000A.0069: unknown main item tag 0x0 [ 1251.906801][T11364] ntrig 0003:1B96:000A.0069: unknown main item tag 0x0 [ 1251.913910][T11364] ntrig 0003:1B96:000A.0069: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.3-1/input0 [ 1252.300639][ T39] usb 4-1: USB disconnect, device number 100 [ 1252.324228][T19577] fuse: Unknown parameter '000000000000000000050x0000000000000005' [ 1252.369111][T19328] usb 1-1: new high-speed USB device number 80 using dummy_hcd [ 1252.619089][T19328] usb 1-1: Using ep0 maxpacket: 32 [ 1252.749324][T19328] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1252.939148][ T294] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 1252.939154][T19328] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1252.939212][ T294] asix: probe of 5-1:0.0 failed with error -71 [ 1252.949203][T19328] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1252.959277][ T294] usb 5-1: USB disconnect, device number 81 [ 1252.964028][T19328] usb 1-1: Product: syz [ 1252.964047][T19328] usb 1-1: Manufacturer: syz [ 1252.964059][T19328] usb 1-1: SerialNumber: syz [ 1252.964629][T19328] usb 1-1: config 0 descriptor?? [ 1253.083241][T19328] usb 1-1: bad CDC descriptors [ 1253.092850][T19328] usb 1-1: unsupported MDLM descriptors [ 1253.386027][T19590] loop1: detected capacity change from 0 to 40427 [ 1253.392722][T19590] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 1253.400476][T19590] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1253.410717][T19590] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1253.443899][T19590] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 1253.660247][T19590] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 1253.674510][T19590] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1253.762380][T19602] loop2: detected capacity change from 0 to 512 [ 1253.795146][T19602] loop2: detected capacity change from 0 to 512 [ 1253.816859][T19602] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 1253.828686][T19602] EXT4-fs (loop2): 1 orphan inode deleted [ 1253.834335][T19602] EXT4-fs (loop2): 1 truncate cleaned up [ 1253.839861][T19602] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1254.459101][T15770] usb 5-1: new high-speed USB device number 82 using dummy_hcd [ 1254.459106][T10400] usb 2-1: new high-speed USB device number 95 using dummy_hcd [ 1254.623985][T16732] EXT4-fs (loop2): unmounting filesystem. [ 1254.869167][ T294] usb 1-1: USB disconnect, device number 80 [ 1254.909078][T15770] usb 5-1: Using ep0 maxpacket: 8 [ 1255.584112][ T28] kauditd_printk_skb: 34 callbacks suppressed [ 1255.584128][ T28] audit: type=1400 audit(2000001204.219:421): avc: denied { bind } for pid=19615 comm="syz.1.4480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1255.669119][T15770] usb 5-1: device descriptor read/all, error -71 [ 1255.712811][T19640] input: syz0 as /devices/virtual/input/input20 [ 1255.779118][T10400] usb 2-1: device descriptor read/all, error -71 [ 1255.972504][ T28] audit: type=1326 audit(2000001204.509:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19633 comm="syz.2.4486" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7512179e79 code=0x0 [ 1256.212207][ T28] audit: type=1326 audit(2000001204.569:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19633 comm="syz.2.4486" exe="/root/syz-executor" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f75121abf65 code=0x0 [ 1256.229705][T19653] loop3: detected capacity change from 0 to 16 [ 1256.258594][ T28] audit: type=1326 audit(2000001204.889:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19633 comm="syz.2.4486" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7512179e79 code=0x0 [ 1256.266833][T19653] erofs: (device loop3): mounted with root inode @ nid 36. [ 1256.789113][T15770] usb 5-1: new high-speed USB device number 83 using dummy_hcd [ 1256.979135][ T39] usb 1-1: new high-speed USB device number 81 using dummy_hcd [ 1257.029105][T15770] usb 5-1: Using ep0 maxpacket: 32 [ 1257.149138][T15770] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1257.304722][T19690] loop1: detected capacity change from 0 to 16 [ 1257.311287][T19690] erofs: (device loop1): mounted with root inode @ nid 36. [ 1257.319217][T15770] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1257.328070][T15770] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1257.338712][T15770] usb 5-1: Product: syz [ 1257.342955][T15770] usb 5-1: Manufacturer: syz [ 1257.347364][T15770] usb 5-1: SerialNumber: syz [ 1257.352664][T15770] usb 5-1: config 0 descriptor?? [ 1257.383457][T19696] loop1: detected capacity change from 0 to 256 [ 1257.389451][T15770] usb 5-1: bad CDC descriptors [ 1257.389621][ T39] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1257.394410][T15770] usb 5-1: unsupported MDLM descriptors [ 1257.436269][T19698] Invalid ELF section header size [ 1257.556150][T19708] loop1: detected capacity change from 0 to 512 [ 1257.562883][T19708] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1257.575612][T19708] EXT4-fs error (device loop1): __ext4_iget:5046: inode #11: block 16: comm syz.1.4520: invalid block [ 1257.586756][T19708] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.4520: couldn't read orphan inode 11 (err -117) [ 1257.599015][T19708] EXT4-fs (loop1): 1 truncate cleaned up [ 1257.604664][T19708] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 1257.620709][T19017] EXT4-fs (loop1): unmounting filesystem. [ 1257.651019][ T39] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1257.660055][ T39] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1257.668017][ T39] usb 1-1: Product: syz [ 1257.672109][ T39] usb 1-1: Manufacturer: syz [ 1257.676695][ T39] usb 1-1: SerialNumber: syz [ 1258.674888][T19725] loop2: detected capacity change from 0 to 16 [ 1258.681552][T19725] erofs: (device loop2): mounted with root inode @ nid 36. [ 1258.705468][T19731] input: syz0 as /devices/virtual/input/input22 [ 1258.801706][T19736] input: syz0 as /devices/virtual/input/input21 [ 1258.812642][T19736] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4527'. [ 1258.822754][T19736] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4527'. [ 1258.842557][T19736] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4527'. [ 1258.909145][ T39] cdc_ncm 1-1:1.0: failed to get mac address [ 1258.939273][ T39] cdc_ncm 1-1:1.0: bind() failure [ 1258.959200][ T39] cdc_ncm: probe of 1-1:1.1 failed with error -71 [ 1258.966019][T19743] loop2: detected capacity change from 0 to 2048 [ 1258.979934][ T39] cdc_mbim: probe of 1-1:1.1 failed with error -71 [ 1258.981783][T19743] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 1258.995646][T19743] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038 (0x7fffffff) [ 1258.996783][ T39] usb 1-1: USB disconnect, device number 81 [ 1259.078122][T16732] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /190/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 1259.116600][T16732] EXT4-fs (loop2): unmounting filesystem. [ 1259.376211][ T39] usb 5-1: USB disconnect, device number 83 [ 1259.472017][T19752] loop4: detected capacity change from 0 to 512 [ 1259.479003][T19752] ext4: Unknown parameter 'subj_role' [ 1260.183223][ T28] audit: type=1326 audit(2000001208.719:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19753 comm="syz.0.4536" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c70d79e79 code=0x0 [ 1260.209829][ T28] audit: type=1326 audit(2000001208.779:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19753 comm="syz.0.4536" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c70d79e79 code=0x0 [ 1260.233059][ T28] audit: type=1326 audit(2000001208.799:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19753 comm="syz.0.4536" exe="/root/syz-executor" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f4c70dabf65 code=0x0 [ 1260.255923][ T28] audit: type=1400 audit(2000001208.859:428): avc: denied { read } for pid=19766 comm="syz.2.4540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 1260.349119][T10400] usb 2-1: new high-speed USB device number 97 using dummy_hcd [ 1260.569150][T15770] usb 4-1: new high-speed USB device number 101 using dummy_hcd [ 1260.609142][T10400] usb 2-1: Using ep0 maxpacket: 16 [ 1260.759139][ T294] usb 5-1: new high-speed USB device number 84 using dummy_hcd [ 1260.766960][T12326] usb 3-1: new high-speed USB device number 77 using dummy_hcd [ 1260.779156][T10400] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1260.789172][T10400] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1260.798623][T10400] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1260.819107][T15770] usb 4-1: Using ep0 maxpacket: 32 [ 1260.939232][T15770] usb 4-1: config 0 has no interfaces? [ 1260.989173][T10400] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1260.998102][T10400] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1261.005851][T10400] usb 2-1: Product: syz [ 1261.009086][T12326] usb 3-1: Using ep0 maxpacket: 32 [ 1261.009878][T10400] usb 2-1: Manufacturer: syz [ 1261.014842][ T294] usb 5-1: Using ep0 maxpacket: 8 [ 1261.019210][T10400] usb 2-1: SerialNumber: syz [ 1261.099271][T15770] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 1261.108230][T15770] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1261.115963][T15770] usb 4-1: Product: syz [ 1261.119986][T15770] usb 4-1: Manufacturer: syz [ 1261.124357][T15770] usb 4-1: SerialNumber: syz [ 1261.129272][T15770] usb 4-1: config 0 descriptor?? [ 1261.139195][T12326] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1261.199150][ T294] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1261.270382][T19759] loop1: detected capacity change from 0 to 128 [ 1261.279206][ T294] usb 5-1: config 16 has an invalid interface number: 216 but max is 0 [ 1261.287262][ T294] usb 5-1: config 16 has no interface number 0 [ 1261.293306][ T294] usb 5-1: config 16 interface 216 has no altsetting 0 [ 1261.319230][T12326] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1261.328068][T12326] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1261.335899][T12326] usb 3-1: Product: syz [ 1261.339950][T12326] usb 3-1: Manufacturer: syz [ 1261.344294][T12326] usb 3-1: SerialNumber: syz [ 1261.349180][T12326] usb 3-1: config 0 descriptor?? [ 1261.360532][T10400] usb 2-1: USB disconnect, device number 97 [ 1261.399434][T12326] usb 3-1: bad CDC descriptors [ 1261.404147][T12326] usb 3-1: unsupported MDLM descriptors [ 1261.469194][ T294] usb 5-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=3d.45 [ 1261.478514][ T294] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1261.486463][ T294] usb 5-1: Product: syz [ 1261.490483][ T294] usb 5-1: Manufacturer: syz [ 1261.494848][ T294] usb 5-1: SerialNumber: syz [ 1261.969970][ T294] usb 5-1: USB disconnect, device number 84 [ 1262.659129][T10400] usb 2-1: new high-speed USB device number 98 using dummy_hcd [ 1262.899134][T10400] usb 2-1: Using ep0 maxpacket: 32 [ 1263.019178][T10400] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1263.030342][T10400] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 1263.041438][T10400] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1263.050446][T10400] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1263.058871][T10400] usb 2-1: config 0 descriptor?? [ 1263.079129][T19794] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1263.099544][T10400] hub 2-1:0.0: USB hub found [ 1263.243590][T19328] usb 4-1: USB disconnect, device number 101 [ 1263.323849][T19823] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4562'. [ 1263.449500][T10400] hub 2-1:0.0: config failed, can't read hub descriptor (err -22) [ 1264.443054][ T28] audit: type=1326 audit(2000001213.049:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19826 comm="syz.3.4564" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9bad979e79 code=0x0 [ 1264.472694][T11364] usb 3-1: USB disconnect, device number 77 [ 1264.500923][ T28] audit: type=1326 audit(2000001213.109:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19826 comm="syz.3.4564" exe="/root/syz-executor" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f9bad9abf65 code=0x0 [ 1264.525690][T10400] hid-generic 0003:046D:C314.006A: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.1-1/input0 [ 1264.808098][ T28] audit: type=1400 audit(2000001213.439:431): avc: denied { mount } for pid=19843 comm="syz.4.4569" name="/" dev="configfs" ino=1943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 1264.848920][T19847] input: syz0 as /devices/virtual/input/input23 [ 1264.861565][T19847] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4567'. [ 1264.872295][T19847] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4567'. [ 1264.882644][T19847] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4567'. [ 1264.959693][ T294] usb 2-1: USB disconnect, device number 98 [ 1264.996793][ T28] audit: type=1400 audit(2000001213.629:432): avc: denied { unmount } for pid=19415 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 1265.307272][ T28] audit: type=1400 audit(2000001213.939:433): avc: denied { getopt } for pid=19856 comm="syz.0.4574" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1266.054360][T19866] loop4: detected capacity change from 0 to 40427 [ 1266.090433][T19866] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1266.134442][T19866] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1266.170075][T19328] usb 2-1: new high-speed USB device number 99 using dummy_hcd [ 1266.200010][T19882] input: syz0 as /devices/virtual/input/input24 [ 1266.409068][T19328] usb 2-1: Using ep0 maxpacket: 32 [ 1266.430714][T19415] syz-executor: attempt to access beyond end of device [ 1266.430714][T19415] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427 [ 1266.444729][T19415] syz-executor: attempt to access beyond end of device [ 1266.444729][T19415] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 1266.475890][ T43] kworker/u4:2: attempt to access beyond end of device [ 1266.475890][ T43] loop4: rw=2049, sector=40960, nr_sectors = 96 limit=40427 [ 1266.529196][T19328] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1266.699140][T19328] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80 [ 1266.708092][T19328] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1266.715927][T19328] usb 2-1: Product: syz [ 1266.721088][T19328] usb 2-1: Manufacturer: syz [ 1266.725547][T19328] usb 2-1: SerialNumber: syz [ 1266.725623][T19893] bridge0: port 1(bridge_slave_0) entered blocking state [ 1266.730665][T19328] usb 2-1: config 0 descriptor?? [ 1266.736942][T19893] bridge0: port 1(bridge_slave_0) entered disabled state [ 1266.748815][T19893] device bridge_slave_0 entered promiscuous mode [ 1266.755533][T19893] bridge0: port 2(bridge_slave_1) entered blocking state [ 1266.762536][T19893] bridge0: port 2(bridge_slave_1) entered disabled state [ 1266.769771][T19893] device bridge_slave_1 entered promiscuous mode [ 1266.779416][T19328] usb 2-1: bad CDC descriptors [ 1266.784345][T19328] usb 2-1: unsupported MDLM descriptors [ 1266.824793][T19893] bridge0: port 2(bridge_slave_1) entered blocking state [ 1266.831753][T19893] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1266.838812][T19893] bridge0: port 1(bridge_slave_0) entered blocking state [ 1266.845652][T19893] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1266.871341][T19328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1266.879004][T19328] bridge0: port 1(bridge_slave_0) entered disabled state [ 1266.887327][T19328] bridge0: port 2(bridge_slave_1) entered disabled state [ 1266.901581][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1266.910216][ T294] bridge0: port 1(bridge_slave_0) entered blocking state [ 1266.917066][ T294] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1266.924346][ T28] audit: type=1400 audit(2000001215.549:434): avc: denied { audit_read } for pid=19905 comm="syz.0.4592" capability=37 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 1266.945618][ T294] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1266.946719][ T28] audit: type=1326 audit(2000001215.559:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.0.4593" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c70d79e79 code=0x0 [ 1266.953866][ T294] bridge0: port 2(bridge_slave_1) entered blocking state [ 1266.983390][ T294] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1267.002483][ T28] audit: type=1326 audit(2000001215.619:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19907 comm="syz.0.4593" exe="/root/syz-executor" sig=31 arch=c000003e syscall=436 compat=0 ip=0x7f4c70d79e79 code=0x0 [ 1267.071830][ T409] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1267.089707][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1267.097976][T12326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1267.113174][T19893] device veth0_vlan entered promiscuous mode [ 1267.400863][ T294] usb 3-1: new high-speed USB device number 78 using dummy_hcd [ 1267.409269][T19328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1267.419113][T19328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1267.426670][T19328] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1267.443094][T19328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1267.453435][T19893] device veth1_macvtap entered promiscuous mode [ 1267.468477][T19328] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1267.490996][T10242] device bridge_slave_1 left promiscuous mode [ 1267.496956][T10242] bridge0: port 2(bridge_slave_1) entered disabled state [ 1267.509755][T10242] device bridge_slave_0 left promiscuous mode [ 1267.515777][T10242] bridge0: port 1(bridge_slave_0) entered disabled state [ 1267.526127][T10242] device veth1_macvtap left promiscuous mode [ 1267.532430][T10242] device veth0_vlan left promiscuous mode [ 1267.635664][T11364] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1267.659097][ T294] usb 3-1: Using ep0 maxpacket: 32 [ 1267.768039][T19936] input: syz0 as /devices/virtual/input/input25 [ 1267.781497][T19936] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4586'. [ 1267.793322][T19936] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4586'. [ 1267.804030][T19936] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4586'. [ 1267.813874][ T294] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1267.856614][ T294] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 1267.879604][ T294] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1267.888762][ T294] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1267.898909][ T294] usb 3-1: config 0 descriptor?? [ 1267.929157][T19900] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 1267.950482][ T294] hub 3-1:0.0: USB hub found [ 1268.269189][ T294] hub 3-1:0.0: config failed, can't read hub descriptor (err -22) [ 1268.597028][ T294] hid-generic 0003:046D:C314.006B: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.2-1/input0 [ 1268.642583][ T28] audit: type=1400 audit(2000001217.279:437): avc: denied { setopt } for pid=19947 comm="syz.4.4607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 1268.669652][ T28] audit: type=1326 audit(2000001217.289:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19950 comm="syz.4.4608" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcccbf79e79 code=0x0 [ 1268.839248][T10400] usb 2-1: USB disconnect, device number 99 [ 1268.965757][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request. Check SNMP counters. [ 1268.989405][T11364] usb 3-1: USB disconnect, device number 78 [ 1269.567110][T19981] input: syz0 as /devices/virtual/input/input26 [ 1269.578831][T19981] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4618'. [ 1269.590015][T19981] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4618'. [ 1269.600235][T19981] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4618'. [ 1269.860896][T19990] loop3: detected capacity change from 0 to 256 [ 1269.867115][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 1269.867308][ T28] audit: type=1326 audit(2000001218.499:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.2.4623" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7512179e79 code=0x0 [ 1269.867610][T19990] FAT-fs (loop3): Unrecognized mount option "shoŠtname=mixed" or missing value [ 1269.930100][ T28] audit: type=1326 audit(2000001218.549:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.2.4623" exe="/root/syz-executor" sig=31 arch=c000003e syscall=436 compat=0 ip=0x7f7512179e79 code=0x0 [ 1270.484885][T19997] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 1271.082124][T19998] syz.3.4622[19998] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1271.082201][T19998] syz.3.4622[19998] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1271.095662][T19998] netlink: 165 bytes leftover after parsing attributes in process `syz.3.4622'. [ 1272.326708][T20018] fuse: Bad value for 'fd' [ 1273.032618][ T409] usb 1-1: new high-speed USB device number 82 using dummy_hcd [ 1273.460907][T20034] loop3: detected capacity change from 0 to 512 [ 1273.467773][T20034] EXT4-fs: Ignoring removed nobh option [ 1273.498934][T20034] EXT4-fs (loop3): 1 orphan inode deleted [ 1273.509137][T20034] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1273.529550][T20034] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038 (0x7fffffff) [ 1273.549066][ T409] usb 1-1: Using ep0 maxpacket: 32 [ 1273.679149][ T409] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1273.693673][ T409] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 1273.719133][ T3297] usb 3-1: new high-speed USB device number 79 using dummy_hcd [ 1273.963550][ T409] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1273.972493][ T409] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1273.981263][ T409] usb 1-1: config 0 descriptor?? [ 1273.999137][T20010] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1274.019557][ T409] hub 1-1:0.0: USB hub found [ 1274.099060][ T3297] usb 3-1: Using ep0 maxpacket: 32 [ 1274.219114][ T3297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1274.230048][ T3297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1274.239681][ T3297] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1274.252359][ T3297] usb 3-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 1274.261283][ T3297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1274.269788][ T3297] usb 3-1: config 0 descriptor?? [ 1274.332948][T19109] EXT4-fs (loop3): unmounting filesystem. [ 1274.339255][ T409] hub 1-1:0.0: config failed, can't read hub descriptor (err -22) [ 1274.455909][T20055] loop1: detected capacity change from 0 to 256 [ 1274.462332][T20055] FAT-fs (loop1): Unrecognized mount option "shoŠtname=mixed" or missing value [ 1274.601057][ T409] hid-generic 0003:046D:C314.006C: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.0-1/input0 [ 1274.695215][T20058] syz.1.4639[20058] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1274.695627][T20058] syz.1.4639[20058] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1274.755692][T20058] netlink: 165 bytes leftover after parsing attributes in process `syz.1.4639'. [ 1274.840678][ T3297] ntrig 0003:1B96:000A.006D: unknown main item tag 0x0 [ 1274.849068][ T3297] ntrig 0003:1B96:000A.006D: unknown main item tag 0x0 [ 1274.857541][ T3297] ntrig 0003:1B96:000A.006D: unknown main item tag 0x0 [ 1274.864331][ T3297] ntrig 0003:1B96:000A.006D: unknown main item tag 0x0 [ 1274.871078][ T3297] ntrig 0003:1B96:000A.006D: unknown main item tag 0x0 [ 1275.249548][ T3297] ntrig 0003:1B96:000A.006D: hidraw1: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.2-1/input0 [ 1275.303379][ T409] usb 1-1: USB disconnect, device number 82 [ 1275.522552][ T3297] usb 3-1: USB disconnect, device number 79 [ 1275.835558][T20086] loop1: detected capacity change from 0 to 512 [ 1275.909128][T20086] loop1: detected capacity change from 0 to 512 [ 1275.915824][T20086] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1275.928061][T20086] EXT4-fs (loop1): 1 orphan inode deleted [ 1275.933738][T20086] EXT4-fs (loop1): 1 truncate cleaned up [ 1275.939409][T20086] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 1276.404696][T20087] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 1276.747373][T19017] EXT4-fs (loop1): unmounting filesystem. [ 1277.044632][T20116] syz.0.4660[20116] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1277.044904][T20116] syz.0.4660[20116] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1277.088359][T20116] netlink: 165 bytes leftover after parsing attributes in process `syz.0.4660'. [ 1277.852633][T20131] loop1: detected capacity change from 0 to 256 [ 1278.299225][T20131] FAT-fs (loop1): Unrecognized mount option "shoŠtname=mixed" or missing value [ 1278.842068][T15770] usb 4-1: new high-speed USB device number 102 using dummy_hcd [ 1278.928744][T20148] syz.1.4676[20148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1278.929101][T20148] syz.1.4676[20148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1279.241603][ T409] usb 5-1: new high-speed USB device number 85 using dummy_hcd [ 1279.247953][ T28] audit: type=1400 audit(2000001227.879:442): avc: denied { nlmsg_read } for pid=20152 comm="syz.1.4673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1279.253285][T20153] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4673'. [ 1279.459100][ T39] usb 3-1: new high-speed USB device number 80 using dummy_hcd [ 1279.479108][T15770] usb 4-1: Using ep0 maxpacket: 32 [ 1279.519128][ T409] usb 5-1: Using ep0 maxpacket: 32 [ 1279.619143][T15770] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1279.630203][T15770] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 1279.641180][T15770] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1279.650027][T15770] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1279.658240][T15770] usb 4-1: config 0 descriptor?? [ 1279.669117][ T409] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1279.679961][ T409] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1279.689573][ T409] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1279.694990][T20121] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1279.702461][ T409] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 1279.718008][ T409] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1279.726357][ T409] usb 5-1: config 0 descriptor?? [ 1279.731421][T15770] hub 4-1:0.0: USB hub found [ 1279.859199][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1279.870012][ T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1279.879477][ T39] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00 [ 1279.888293][ T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1279.896522][ T39] usb 3-1: config 0 descriptor?? [ 1280.049135][T15770] hub 4-1:0.0: config failed, can't read hub descriptor (err -22) [ 1280.267980][ T409] ntrig 0003:1B96:000A.006E: unknown main item tag 0x0 [ 1280.274713][ T409] ntrig 0003:1B96:000A.006E: unknown main item tag 0x0 [ 1280.281669][ T409] ntrig 0003:1B96:000A.006E: unknown main item tag 0x0 [ 1280.288328][ T409] ntrig 0003:1B96:000A.006E: unknown main item tag 0x0 [ 1280.295043][ T409] ntrig 0003:1B96:000A.006E: unknown main item tag 0x0 [ 1280.302191][ T409] ntrig 0003:1B96:000A.006E: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0 [ 1280.314411][T15770] hid-generic 0003:046D:C314.006F: hidraw1: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.3-1/input0 [ 1280.533723][T20180] syz.0.4684[20180] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1280.534793][T20180] syz.0.4684[20180] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1281.139426][ T39] playstation 0003:054C:0DF2.0070: hidraw2: USB HID v0.00 Device [HID 054c:0df2] on usb-dummy_hcd.2-1/input0 [ 1281.259194][ T409] usb 4-1: USB disconnect, device number 102 [ 1281.299110][ T39] playstation 0003:054C:0DF2.0070: Failed to retrieve feature with reportID 9: -71 [ 1281.302518][ T409] usb 5-1: USB disconnect, device number 85 [ 1281.308297][ T39] playstation 0003:054C:0DF2.0070: Failed to retrieve DualSense pairing info: -71 [ 1281.308326][ T39] playstation 0003:054C:0DF2.0070: Failed to get MAC address from DualSense [ 1281.308338][ T39] playstation 0003:054C:0DF2.0070: Failed to create dualsense. [ 1281.309138][ T39] playstation: probe of 0003:054C:0DF2.0070 failed with error -71 [ 1281.864429][ T39] usb 3-1: USB disconnect, device number 80 [ 1281.870778][ T28] audit: type=1326 audit(2000001230.489:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20187 comm="syz.1.4687" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8459779e79 code=0x0 [ 1281.990264][ T28] audit: type=1326 audit(2000001230.539:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20187 comm="syz.1.4687" exe="/root/syz-executor" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f84597abf65 code=0x0 [ 1282.013480][ T28] audit: type=1326 audit(2000001230.629:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20187 comm="syz.1.4687" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8459779e79 code=0x0 [ 1282.055902][T20195] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 1282.139180][T20215] loop3: detected capacity change from 0 to 256 [ 1282.145420][T20215] FAT-fs (loop3): Unrecognized mount option "shoŠtname=mixed" or missing value [ 1282.179352][T20217] netlink: 164 bytes leftover after parsing attributes in process `syz.0.4698'. [ 1282.188361][T20217] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4698'. [ 1282.197302][T20217] bridge0: port 2(bridge_slave_1) entered disabled state [ 1282.204328][T20217] bridge0: port 1(bridge_slave_0) entered disabled state [ 1282.211587][T20217] device bridge0 entered promiscuous mode [ 1282.327743][T20227] syz.3.4697[20227] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1282.328200][T20227] syz.3.4697[20227] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1282.519833][T20229] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 1282.657552][T20226] loop4: detected capacity change from 0 to 512 [ 1282.795758][T20226] loop4: detected capacity change from 0 to 512 [ 1282.802401][T20226] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1282.815355][T20226] EXT4-fs (loop4): 1 orphan inode deleted [ 1282.821090][T20226] EXT4-fs (loop4): 1 truncate cleaned up [ 1282.826612][T20226] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 1283.203448][T19893] EXT4-fs (loop4): unmounting filesystem. [ 1283.261259][T20258] loop3: detected capacity change from 0 to 512 [ 1283.267670][T20258] EXT4-fs: Ignoring removed nobh option [ 1283.329115][ T409] usb 3-1: new high-speed USB device number 81 using dummy_hcd [ 1283.350292][T20258] EXT4-fs (loop3): 1 orphan inode deleted [ 1283.356109][T20258] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1283.365185][T20258] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038 (0x7fffffff) [ 1283.747312][T20268] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22 [ 1284.099106][ T364] usb 5-1: new high-speed USB device number 86 using dummy_hcd [ 1284.122458][T19109] EXT4-fs (loop3): unmounting filesystem. [ 1284.159111][ T409] usb 3-1: Using ep0 maxpacket: 32 [ 1284.271594][ T28] audit: type=1400 audit(2000001232.909:446): avc: denied { map } for pid=20289 comm="syz.1.4725" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1 [ 1284.294675][ T409] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 1284.522683][T20299] loop3: detected capacity change from 0 to 512 [ 1284.535187][T20299] EXT4-fs: Ignoring removed nobh option [ 1284.550776][ T409] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 1284.554952][T20299] EXT4-fs (loop3): 1 orphan inode deleted [ 1284.562076][ T409] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1284.567473][T20299] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 1284.576170][ T409] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1284.585349][T20299] ext4 filesystem being mounted at /92/file1 supports timestamps until 2038 (0x7fffffff) [ 1284.593858][ T409] usb 3-1: config 0 descriptor?? [ 1284.608138][T20290] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 1284.615763][T20290] #PF: supervisor instruction fetch in kernel mode [ 1284.622093][T20290] #PF: error_code(0x0010) - not-present page [ 1284.627920][T20290] PGD 18a892067 P4D 18a892067 PUD 127bae067 PMD 0 [ 1284.634245][T20290] Oops: 0010 [#1] PREEMPT SMP KASAN [ 1284.639301][T20290] CPU: 0 PID: 20290 Comm: syz.1.4725 Tainted: G W 6.1.90-syzkaller-00023-gedca080b95df #0 [ 1284.650389][T20290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 1284.660290][T20290] RIP: 0010:0x0 [ 1284.663584][T20290] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 1284.670782][T20290] RSP: 0018:ffffc9000446eff8 EFLAGS: 00010246 [ 1284.676684][T20290] RAX: 1ffff9200088deb8 RBX: dffffc0000000000 RCX: 0000000000040000 [ 1284.684495][T20290] RDX: ffffc9000ab11000 RSI: ffffea0007162e00 RDI: ffff88812db2b080 [ 1284.692313][T20290] RBP: ffffc9000446f150 R08: ffffffff81a46b68 R09: fffff94000e2c5c7 [ 1284.700117][T20290] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc9000446f5c0 [ 1284.707928][T20290] R13: ffffea0007162e00 R14: ffffc9000446f5d8 R15: 0000000000000000 [ 1284.715743][T20290] FS: 00007f845a5706c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1284.724508][T20290] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1284.730932][T20290] CR2: ffffffffffffffd6 CR3: 000000010f94a000 CR4: 00000000003506b0 [ 1284.738743][T20290] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1284.746570][T20290] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1284.754366][T20290] Call Trace: [ 1284.757488][T20290] [ 1284.760270][T20290] ? __die_body+0x62/0xb0 [ 1284.764429][T20290] ? __die+0x7e/0x90 [ 1284.768165][T20290] ? page_fault_oops+0x7f9/0xa90 [ 1284.772938][T20290] ? kernelmode_fixup_or_oops+0x270/0x270 [ 1284.778492][T20290] ? cgroup_rstat_updated+0xe5/0x370 [ 1284.783614][T20290] ? is_errata93+0xc7/0x240 [ 1284.788123][T20290] ? exc_page_fault+0x537/0x700 [ 1284.792812][T20290] ? asm_exc_page_fault+0x27/0x30 [ 1284.797674][T20290] ? read_pages+0x838/0xd40 [ 1284.802012][T20290] read_pages+0x89c/0xd40 [ 1284.806181][T20290] ? workingset_activation+0x430/0x430 [ 1284.811475][T20290] ? folio_add_lru+0x280/0x3f0 [ 1284.816073][T20290] ? page_cache_ra_unbounded+0x690/0x690 [ 1284.821542][T20290] ? filemap_add_folio+0x18f/0x200 [ 1284.826487][T20290] ? __filemap_add_folio+0xd10/0xd10 [ 1284.831611][T20290] page_cache_ra_order+0x7fd/0xb30 [ 1284.836557][T20290] ? do_page_cache_ra+0x110/0x110 [ 1284.841425][T20290] ? xas_create+0xf3a/0x1630 [ 1284.845843][T20290] ondemand_readahead+0x91a/0xee0 [ 1284.850707][T20290] ? cgroup_rstat_updated+0xe5/0x370 [ 1284.855824][T20290] ? page_cache_sync_ra+0x450/0x450 [ 1284.860859][T20290] ? blk_cgroup_congested+0x132/0x150 [ 1284.866062][T20290] page_cache_sync_ra+0x3d6/0x450 [ 1284.870925][T20290] hpage_collapse_scan_file+0x19ba/0x46e0 [ 1284.876480][T20290] ? __kasan_check_write+0x14/0x20 [ 1284.881424][T20290] ? wake_up_q+0x11c/0x1d0 [ 1284.885678][T20290] ? hugepage_vma_revalidate+0x310/0x310 [ 1284.891148][T20290] ? mutex_unlock+0x17b/0x260 [ 1284.895660][T20290] ? __lru_add_drain_all+0x714/0x770 [ 1284.900782][T20290] madvise_collapse+0x639/0xcf0 [ 1284.905470][T20290] ? khugepaged_min_free_kbytes_update+0x90/0x90 [ 1284.911628][T20290] ? memset+0x35/0x40 [ 1284.915445][T20290] ? blk_start_plug+0x9c/0x130 [ 1284.920045][T20290] do_madvise+0x1604/0x40b0 [ 1284.924384][T20290] ? _raw_spin_unlock+0x4c/0x70 [ 1284.929081][T20290] ? madvise_set_anon_name+0x4c0/0x4c0 [ 1284.934633][T20290] ? __kasan_check_read+0x11/0x20 [ 1284.939494][T20290] ? schedule+0xda/0x180 [ 1284.943579][T20290] ? futex_unqueue+0x110/0x140 [ 1284.948174][T20290] ? futex_wait+0x4b7/0x7e0 [ 1284.952623][T20290] ? futex_wait_setup+0x330/0x330 [ 1284.957485][T20290] ? __kasan_slab_free+0x11/0x20 [ 1284.962271][T20290] ? getname_flags+0x3a2/0x520 [ 1284.966855][T20290] ? do_futex+0x55a/0x9a0 [ 1284.971024][T20290] ? __this_cpu_preempt_check+0x13/0x20 [ 1284.976401][T20290] ? xfd_validate_state+0x6f/0x170 [ 1284.981350][T20290] ? restore_fpregs_from_fpstate+0xfc/0x230 [ 1284.987076][T20290] ? save_fpregs_to_fpstate+0x220/0x220 [ 1284.992458][T20290] ? fpregs_restore_userregs+0x130/0x290 [ 1284.997927][T20290] __x64_sys_madvise+0xa8/0xc0 [ 1285.002526][T20290] x64_sys_call+0xec/0x9a0 [ 1285.006779][T20290] do_syscall_64+0x3b/0xb0 [ 1285.011029][T20290] ? clear_bhb_loop+0x55/0xb0 [ 1285.015543][T20290] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1285.021272][T20290] RIP: 0033:0x7f8459779e79 [ 1285.025524][T20290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1285.044966][T20290] RSP: 002b:00007f845a570038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1285.053212][T20290] RAX: ffffffffffffffda RBX: 00007f8459915f80 RCX: 00007f8459779e79 [ 1285.061029][T20290] RDX: 0000000000000019 RSI: 0000000000600707 RDI: 0000000020000000 [ 1285.068834][T20290] RBP: 00007f84597e7916 R08: 0000000000000000 R09: 0000000000000000 [ 1285.076648][T20290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1285.084637][T20290] R13: 0000000000000000 R14: 00007f8459915f80 R15: 00007ffe592f4cb8 [ 1285.092453][T20290] [ 1285.095321][T20290] Modules linked in: [ 1285.099057][T20290] CR2: 0000000000000000 [ 1285.103038][T20290] ---[ end trace 0000000000000000 ]--- [ 1285.108332][T20290] RIP: 0010:0x0 [ 1285.111637][T20290] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 1285.118832][T20290] RSP: 0018:ffffc9000446eff8 EFLAGS: 00010246 [ 1285.124734][T20290] RAX: 1ffff9200088deb8 RBX: dffffc0000000000 RCX: 0000000000040000 [ 1285.132547][T20290] RDX: ffffc9000ab11000 RSI: ffffea0007162e00 RDI: ffff88812db2b080 [ 1285.140361][T20290] RBP: ffffc9000446f150 R08: ffffffff81a46b68 R09: fffff94000e2c5c7 [ 1285.148168][T20290] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc9000446f5c0 [ 1285.155980][T20290] R13: ffffea0007162e00 R14: ffffc9000446f5d8 R15: 0000000000000000 [ 1285.163791][T20290] FS: 00007f845a5706c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1285.172556][T20290] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1285.178982][T20290] CR2: ffffffffffffffd6 CR3: 000000010f94a000 CR4: 00000000003506b0 [ 1285.186793][T20290] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1285.194601][T20290] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1285.202420][T20290] Kernel panic - not syncing: Fatal exception [ 1285.208529][T20290] Kernel Offset: disabled [ 1285.212655][T20290] Rebooting in 86400 seconds..