last executing test programs: 46.264564737s ago: executing program 1 (id=837): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in=@broadcast, @in=@remote, 0x0, 0x2400, 0x1000, 0x0, 0x2, 0x0, 0x20, 0x84, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x85}, {0x0, 0x5}}}, 0xb8}}, 0x20000100) syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0) 46.222977797s ago: executing program 1 (id=839): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c00000010003904fcffffff0000000000000000", @ANYRES32=r2, @ANYBLOB="00000000422200042c00128008000100677265002000028008000500bb7e00000800040006"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x844) 46.146591679s ago: executing program 1 (id=843): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f00000001c0)="580000001400192340834b80040d8c560a067f0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c10000000010000000000", 0x58}], 0x1) 46.02130834s ago: executing program 1 (id=853): syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x4400, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54dabaa5206d4a2a060b5ccc774b3ec4c81a1a9852327ff871d16d0d9344e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9aeb8576d329be6e4bb168f1434000000", @ANYRES32], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=") readv(0xffffffffffffffff, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0xd0060, &(0x7f0000000180)=ANY=[@ANYBLOB='uid=', @ANYRESHEX]) 45.940465591s ago: executing program 1 (id=856): syz_mount_image$msdos(&(0x7f0000000200), &(0x7f00000000c0)='./file1\x00', 0x10088, &(0x7f0000000580)=ANY=[], 0x1, 0x1ff, &(0x7f0000000a80)="$eJzs3MtqU1scBvB12p5ecuhldEAnLnSik02tTxCkBTGg1EbUgbBLUw2JSckOmoiDjh35HMWhM0F8gb6FsyJIRx0ZaZNerTqxjZLfD8L6wkdgLULCfweytx68eVZZzZLVtBmGxmMYCmE97IQws5t6/umtQ3t5NBy1Hq7NPt9+fe/ho9v5QmF+McaF/NKNuRjj1KUPL169vfyx+d/9d1Pvx8LmzOOtL3OfNv/fvLD1delpOYvlLNbqzZjG5Xq9mS5XS3GlnFWSGO9WS2lWiuVaVmoc61er9bW1dkxrK5O5tUYpy2Jaa8dKqR2b9dhstGP6JC3XYpIkcTIX+JXixuJimu/3LjhbjUY+HQ4hTHzXFDf6siEAoK/M/4PM/D8Iduf/XO/ze5z5HwAAAAAAAAAAAAAA/gY7nc50p9OZ3l/3H2MhhPEQwv7zfu+Ts+H9H2xH/rg3HsLn9VaxVeyu3X7hVmF+Nu6ZOXzVdqtVHD7or3f7eLz/N+R6/dyp/Wi4eqXb73Y37xRO9BNh5eyPDwAAAAMhiQdOvb5Pkh/13XTk94ET1+8j4eLIuR0DAAAA+Ims/bKSVqulhiAIwkHo9zcTAADwux0O/f3eCQAAAAAAAAAAAAAAAAAAAAyu87idWL/PCAAAAAAAAAAAAAAAAAAAAAAAAH+KbwEAAP//VuHQrA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000500)=""/45, 0x2d) getdents64(r0, 0x0, 0x18) 45.750149214s ago: executing program 1 (id=862): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000140)='./file1\x00', 0x300001a, &(0x7f0000000500)=ANY=[], 0xf8, 0x2b9, &(0x7f00000009c0)="$eJzs3T+LY1UUAPDz8m+yWiSIjSL4QAurYcfWZqKsIE6lRFAbgzsLkgwLsxBwC2e32k8hfg1bO2u/gWAr2LnCyJWX994kcZNsdP7Bzu/XzJ1777nv5J1HUuXkqzeOxnfvZ/H4z1+j282isR/78TSLfjSi9ihaAQC8OJ6mFH+kiGiX/2dbR7Yal5cVAHCZys//0nXnAgBcjU8//+LjwcHBnU/yvBuv9Z5Mh1lEHD2ZDsv1wb34JiZxGLejF6cR6Uw5/vCjgzvRygv9ePvoZDqcLp0/+D1uzeL3ohf91fF7eamKH0YUf9vxUuQxuNeuj+rFq6vj310RH8NOvPPWQv670Ytfvo77MYm7UcTO47/by/MP4lHEl8VlivisEcOd2b651LyaigAAAAAAAAAAAAAAAAAAAAAAcBPs5nlWtu+Z9e8ppqr+O83T2fpuXusv9+cp48/6BZf9gVJULXpOUnxf99e5ned5qjbO41vxessPCwAAAAAAAAAAAAAAAAAAAEDhwbcPx6PJ5PD43IPmeDSpuwHUX+v/vwfuL8y8GQ/Ho+b6A3e2v9Zit4Ei142bo9WKC7gtzx/ET7eKfNbs+aHK97+fvDMv7mdVeF2YC30Vr7x/lmFeLdU3eTzKnnetbl24HxeXOrF1Glm2NDOr7eTwOM0eidO0XNPumpvZuYC7UTyjnZdXLv2dUioGf6WUNp/z3m9ljaqZbNZiY7s02tVg7dPSfbYWP68/cO1bRvO87zkAAAAAAAAAAAAAAAAAAMBqy1+c/pfHG0Mbl5YUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyx+e//14NuRCzPPDM4qYI37akGnTh+cM0vEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBvgnwAAAP//eWFGQg==") syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x47) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc4}}) 45.698528655s ago: executing program 32 (id=862): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000140)='./file1\x00', 0x300001a, &(0x7f0000000500)=ANY=[], 0xf8, 0x2b9, &(0x7f00000009c0)="$eJzs3T+LY1UUAPDz8m+yWiSIjSL4QAurYcfWZqKsIE6lRFAbgzsLkgwLsxBwC2e32k8hfg1bO2u/gWAr2LnCyJWX994kcZNsdP7Bzu/XzJ1777nv5J1HUuXkqzeOxnfvZ/H4z1+j282isR/78TSLfjSi9ihaAQC8OJ6mFH+kiGiX/2dbR7Yal5cVAHCZys//0nXnAgBcjU8//+LjwcHBnU/yvBuv9Z5Mh1lEHD2ZDsv1wb34JiZxGLejF6cR6Uw5/vCjgzvRygv9ePvoZDqcLp0/+D1uzeL3ohf91fF7eamKH0YUf9vxUuQxuNeuj+rFq6vj310RH8NOvPPWQv670Ytfvo77MYm7UcTO47/by/MP4lHEl8VlivisEcOd2b651LyaigAAAAAAAAAAAAAAAAAAAAAAcBPs5nlWtu+Z9e8ppqr+O83T2fpuXusv9+cp48/6BZf9gVJULXpOUnxf99e5ned5qjbO41vxessPCwAAAAAAAAAAAAAAAAAAAEDhwbcPx6PJ5PD43IPmeDSpuwHUX+v/vwfuL8y8GQ/Ho+b6A3e2v9Zit4Ei142bo9WKC7gtzx/ET7eKfNbs+aHK97+fvDMv7mdVeF2YC30Vr7x/lmFeLdU3eTzKnnetbl24HxeXOrF1Glm2NDOr7eTwOM0eidO0XNPumpvZuYC7UTyjnZdXLv2dUioGf6WUNp/z3m9ljaqZbNZiY7s02tVg7dPSfbYWP68/cO1bRvO87zkAAAAAAAAAAAAAAAAAAMBqy1+c/pfHG0Mbl5YUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyx+e//14NuRCzPPDM4qYI37akGnTh+cM0vEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBvgnwAAAP//eWFGQg==") syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x47) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc4}}) 43.184964609s ago: executing program 2 (id=951): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@updsa={0x104, 0x1a, 0x1, 0x0, 0x0, {{@in6=@private0, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x2}, {@in6=@local, 0xa00, 0x2b}, @in=@rand_addr=0x64010101, {}, {}, {}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x40}, [@coaddr={0x14}]}, 0x104}}, 0x0) 43.151851279s ago: executing program 2 (id=953): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000040000000000080000100850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@ipv4_newnexthop={0x18, 0x68, 0x337, 0x0, 0x0, {0x2, 0x2}}, 0x18}}, 0x0) 43.12093076s ago: executing program 2 (id=957): sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="380000001a000100000000000000000002"], 0x38}, 0x1, 0x0, 0x0, 0x24008854}, 0x0) 43.09442013s ago: executing program 2 (id=959): syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000000), 0xfd, 0x46e, &(0x7f0000000400)="$eJzs3M9vFFUcAPDvbH8gv2xF/AGioGgkGltaUDl4AKOJB01M9IDH2haCLNTQaoQQXT3g0ZB4Nx5N/As86cWoJxOvejckxHAB9TJmdmfa3WV3bcvWAffzSbb73sxs3/v2zdt9b15nAxhY+7IfScS2iPg1IsYa2dYD9jWebly7OPvntYuzSaTpG38k9eOuX7s4WxxavG5rkam1bm+2eP7C6Zlqdf5cnp9cOvPu5OL5C8+cOjNzcv7k/NnpI0cOH5p6/rnpZ/sSZ1an67s/XNiz65W3Lr82e/zy2z9+nRTxt8Txfl/Ka/rVzYaKxBP9KuU2sb0pnQyXWBHWJDshs+Yaqff/sRiKlcYbi5c/KbVywIZK0zTd1H13LQX+x5IouwZAOfLP+SSiNpvNgZvn84Pg6rHGBCiL+0b+aOwZjkp+zEjb/LafstnW8dpfX2SPaLueAgCwEb491nguxn4r449Ky1X8o/na0HhE3BMROyLi3ojYGRH3RcT9EfFARDzY9JpO6z7t2hdJbh7/VK6sK7BVysZ/L+RrW63jv2L0F+NDeW57Pf6R5MSp6vzBiLg7Ig7EyKYsP9WjjO9e+uWzbvv2NY3/skdWfjEWzOtxZbjtAt3czNLMrcTc7OrHEbuHO8WfLK8EZO24KyJ2711fGaee+mpPt33/Hn8PfVhnSr+MeLLR/rVoi7+Q9F6fnLwrqvMHJ4uz4mY//Xzp9W7l31L8fZC1/5aO5/9y/ONJ83rt4trLuPTbp13nNKs8/0ebX5Od/6PJm/V0seODmaWlc1MRo8mr+faj+fbW8urHTa8cn8V/YH/n/r8jVv4SD0VEdhI/HBGPRMTevO6PRsRjEbG/R/w/vPj4O+uPf2Nl8c+tqf27Joq17Zt2DZ3+/pv6nqKxxnvEn0SH9j9cTx3It6zm/a9nTc/dytkMAAAAd55KRGyLpDKxnK5UJiYa/y+/M7ZUqguLS0+fWHjv7FzjHoHxGKkUV7rGlq+HRm0qn9YX10en2/KH8uvGnw9trucnZheqc2UHDwNua5f+n/l9qOzaARvO/VowuNbb/9M0/ajPVQH+Yz7/YXDp/zC4OvT/zW35Ht8RANzJOn3+m9jDYDD+h8Gl/8Pg0v9hcOn/MJDyO+GHV3OD/4Ylsvef8kpfeyJNSyp9tPzYlxNRKa30KDv2NSb+zr9s83apz6oSZb8zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Mc/AQAA//+4C+Qb") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000940)=""/28, 0x1c) 42.624603457s ago: executing program 2 (id=971): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth1_macvtap\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x100, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x14615, 0xef}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x19}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0) 42.092078464s ago: executing program 2 (id=984): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20) r1 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000140)={[{@nobarrier}, {@delalloc}, {@norecovery}, {@journal_dev={'journal_dev', 0x3d, 0x256}}]}, 0x0, 0x48d, &(0x7f0000002540)="$eJzs3MtvVNUfAPDvvX3wpv3xQxQEraKR+GhpQWXhQo0mLjQx0QUua1sQGaihNRHSaDUGl4bEvXFp4l/gzo1RF8bErSYuDQnRxoTixpr7gmE6LW1pO9L5fJJhzpl7Zs753nvPzLnncBtA2+rL/kkitkfELxHRU2RvLtBXPM3OTI1cm5kaSWJu7rU/krzc1Zmpkapo9b5tZeZQGpF+nMSzyfx6J85fOD1cq42dK/MDk2feGZg4f+GJU2eGT46dHDs7dOzY0SODTz819OSqxJnFdXXf++P79770xqVXRo5fevP7r7Jm7TlQbK+P45auNQmoib5sr/05l2vc9vAy2n4n2FGXTjpb2BCWpSMissPVlff/nuiIGwevJ178qKWNA9ZU9tu0aeHN03PABpZEq1sAtEb1Q59d/1aPdRp6/CdceS6iu0zPzkyNzF6PvzPS8vWuNay/LyKOT//9efaI5c5DAACsQD62ebzZ+C+NPflzsdaxs1xD6Y2I/0XEroj4f0Tsjoi7IvKyd0fEPcWb53qWWH9fQ37++Ce93LTNqyQb/z1TN/abrYu/fOrtKHM78vi7khOnamOHy31yKLo2ZfnBRer45oWfP11oW/34L3tk9VdjwbIBlzsbJuhGhyeHV2snXPkwYl9ns/iT6ysB2RmwNyL2Le+jd1aJU49+uX+hQreOfxGrsM4090XEI8Xxn46G+CvJ4uuTA5ujNnZ4oDor5vvhp4uvLlT/bcW/CrLjv/Xm87+hRM9fSbFe2xW12ti5ieXXcfHXTxa8plnp+d+dvJ6vWf/4VvHae8OTk+cGI7qTl/N8dU2Xvz50471VviqfxX/oYPP+v6t8Txb/vRGRncQHIuK+iLi/bPsDEfFgRBxcJP7vnn/o7UXiTyKJlh7/0abff9fP/96kfr1+BYmO099+vdCK+dKO/9GYzr9rC/n33y0stYG3ufsAAADgjpBGxPZI0v4i3bc90rS/v/g//Ltja1obn5h87MT4u2dHi3sEeqMrrWa6eurmQweT6fITi/xQOVdcbT9Szht/1rElz/ePjNdGWxw7tLttN/f/qPp/5veOVrcOWHPu14L21dj/0xa1A1h/S/n9dy0AG1OT/r+lFe0A1p/rf2hfzfr/Bw1543/YmOb3/9+a/Mm6ebrXqDnAOjL+h/al/0P70v+hLd3Off0rT1Q3C6z8czYv+Q7/dklUszFrUcU/ZWJL3NgUactDbqNE1mPWt1LzewAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMbwbwAAAP//DXDnZg==") ioctl$EXT4_IOC_GETFSUUID(r1, 0x8008662c, &(0x7f0000000080)) 41.965557036s ago: executing program 33 (id=984): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0x2, 0x0, 0x6, 0x1}}, 0x20) r1 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000140)={[{@nobarrier}, {@delalloc}, {@norecovery}, {@journal_dev={'journal_dev', 0x3d, 0x256}}]}, 0x0, 0x48d, &(0x7f0000002540)="$eJzs3MtvVNUfAPDvvX3wpv3xQxQEraKR+GhpQWXhQo0mLjQx0QUua1sQGaihNRHSaDUGl4bEvXFp4l/gzo1RF8bErSYuDQnRxoTixpr7gmE6LW1pO9L5fJJhzpl7Zs753nvPzLnncBtA2+rL/kkitkfELxHRU2RvLtBXPM3OTI1cm5kaSWJu7rU/krzc1Zmpkapo9b5tZeZQGpF+nMSzyfx6J85fOD1cq42dK/MDk2feGZg4f+GJU2eGT46dHDs7dOzY0SODTz819OSqxJnFdXXf++P79770xqVXRo5fevP7r7Jm7TlQbK+P45auNQmoib5sr/05l2vc9vAy2n4n2FGXTjpb2BCWpSMissPVlff/nuiIGwevJ178qKWNA9ZU9tu0aeHN03PABpZEq1sAtEb1Q59d/1aPdRp6/CdceS6iu0zPzkyNzF6PvzPS8vWuNay/LyKOT//9efaI5c5DAACsQD62ebzZ+C+NPflzsdaxs1xD6Y2I/0XEroj4f0Tsjoi7IvKyd0fEPcWb53qWWH9fQ37++Ce93LTNqyQb/z1TN/abrYu/fOrtKHM78vi7khOnamOHy31yKLo2ZfnBRer45oWfP11oW/34L3tk9VdjwbIBlzsbJuhGhyeHV2snXPkwYl9ns/iT6ysB2RmwNyL2Le+jd1aJU49+uX+hQreOfxGrsM4090XEI8Xxn46G+CvJ4uuTA5ujNnZ4oDor5vvhp4uvLlT/bcW/CrLjv/Xm87+hRM9fSbFe2xW12ti5ieXXcfHXTxa8plnp+d+dvJ6vWf/4VvHae8OTk+cGI7qTl/N8dU2Xvz50471VviqfxX/oYPP+v6t8Txb/vRGRncQHIuK+iLi/bPsDEfFgRBxcJP7vnn/o7UXiTyKJlh7/0abff9fP/96kfr1+BYmO099+vdCK+dKO/9GYzr9rC/n33y0stYG3ufsAAADgjpBGxPZI0v4i3bc90rS/v/g//Ltja1obn5h87MT4u2dHi3sEeqMrrWa6eurmQweT6fITi/xQOVdcbT9Szht/1rElz/ePjNdGWxw7tLttN/f/qPp/5veOVrcOWHPu14L21dj/0xa1A1h/S/n9dy0AG1OT/r+lFe0A1p/rf2hfzfr/Bw1543/YmOb3/9+a/Mm6ebrXqDnAOjL+h/al/0P70v+hLd3Off0rT1Q3C6z8czYv+Q7/dklUszFrUcU/ZWJL3NgUactDbqNE1mPWt1LzewAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMbwbwAAAP//DXDnZg==") ioctl$EXT4_IOC_GETFSUUID(r1, 0x8008662c, &(0x7f0000000080)) 8.347858776s ago: executing program 0 (id=1832): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x9}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) shutdown(r0, 0x1) recvmmsg(r0, &(0x7f00000003c0)=[{{&(0x7f0000000040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, 0x80, 0x0}, 0x3}], 0x1, 0x2, 0x0) 8.324694306s ago: executing program 0 (id=1833): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) remap_file_pages(&(0x7f000057a000/0x1000)=nil, 0x1000, 0x0, 0x3fe, 0x1c0000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) 8.192019218s ago: executing program 0 (id=1838): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x4, "fdd69d63"}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0x9, "00008000"}]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGNAME(r1, 0x80404806, &(0x7f00000000c0)) 6.482562682s ago: executing program 0 (id=1863): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x10, &(0x7f00000004c0)={[{@i_version}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x3ff}}]}, 0x1, 0x3f7, &(0x7f0000003080)="$eJzs3c1uG0UcAPD/bj6bliaVOPBxiQCJSIikSVugEkhEXDjQEz1wJIrdEtVpUGIkWkV8CMQNJBAPAAfgETjCgXeAM3CAShHKgZSb0dq7jhvbaZPadZX8ftLIMztrz6zHs15PZicBHFvTEfFqRAxFxNmImMy3p3mIjxoh229ne3P5v+3N5SRqtTf/SSLJtxWvleSPJ/MXmEkj0k+TeLJDuRs3bl5bqlTK63l6rrr67tzGjZvPr6wuXS1fLV9feOHc+QsXXrq48GLPjnVrNfn8me/f+PPLz0pf/fr3T1NZfU/lea3H0SvTMd18T/a62OvCBmy8JZ4MD7AiAADsK82v/Yfr1/+TMRS7F2+T8cUvA60cAAAA0BO1WvEIAAAAHF2J3/4AAABwxBXzAHa2N5eLMMDpCDxgW4sRMdVo/9t5aOQMN+/pHYkYGe9T+dMR8fr4pYUsRJ/uwwYAAAA4zn5ebCz81z7+l8ZjLfudiIiJYm2/Hprek24f/0lv9bhIWmwtRrwcEbfbxv/SYpepoTz1SH2ocCS5slIpn42I0xExEyNjWXp+nzI+eOraD93yWsf/vvnjrfms/Oxxd4/01vDYnc8pLVWX7ueY2bX1ccQTw53aP2mO/7auk3kYb6/svNItL2v/rL2L0N7+9FPt24hnO/b/3ZVLk/3XZ52rnw/m8rPCWHsZv5/67pNu5bf2/yxk5Rd/C6D/sv4/sX/719fJba7Xu3HwMn7899Jv3fLu3v6dz/+jyeV6BUfzbe8vVavr8xGjSWPLHdt9mpqK96N4v7L2n3m68/d/cf2X5N/9p1vWhz6I1z48c7lbnv4/WFn7lw7U/w8eeWfi8Zlu5d9b/z9fr0zxIq7/7u5eG2jQ9QQAAAAAAACgN9L63L4knW3G03R2tjHP99GYSCtrG9Xnrqy9d73UmAM4FSNpMf9zsmU+6HzjNvJmemFP+lxEnImIrydP1NOzy2uV0qAPHgAAAI6Jk11+/2f+OszNHgAAAMDDaWrQFQAAAAD6zu9/AAAAONLuZ13/Snm9+BdBh3y6iMjhIkP5B+9hqc/RiwzwpAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/B8AAP//91C79Q==") syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080)) mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c}) chdir(&(0x7f00000001c0)='./file0\x00') unlink(&(0x7f0000000040)='./file1\x00') 6.375725853s ago: executing program 0 (id=1865): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000001095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@cgroup=r1, 0x1, 0x1, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 6.130093436s ago: executing program 0 (id=1867): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd70000000000021040000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880) 6.129931627s ago: executing program 34 (id=1867): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010026bd70000000000021040000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x2008040}, 0x880) 3.353669865s ago: executing program 7 (id=1938): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000009c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@data_err_ignore}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080), &(0x7f0000001400)=ANY=[], 0x835, 0x1) truncate(&(0x7f00000000c0)='./file1\x00', 0x0) sync() setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) 3.103481908s ago: executing program 7 (id=1939): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0xc}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x2b}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040}, 0x104) r1 = socket$netlink(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}}, 0x0) close(r1) 3.075962858s ago: executing program 7 (id=1940): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r1, 0x400448de, &(0x7f00000007c0)) 1.408707261s ago: executing program 5 (id=1966): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfffffffffffffdd0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) time(0x0) 1.397544421s ago: executing program 5 (id=1967): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x80, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x10004, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 1.037305466s ago: executing program 7 (id=1968): r0 = gettid() timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0x2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000380)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) 1.037117556s ago: executing program 5 (id=1969): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) shutdown(r2, 0x1) splice(r0, 0x0, r2, 0x0, 0x25a5, 0x0) 1.027355507s ago: executing program 5 (id=1970): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x1, 0x8, 0x9602, 0x85, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 1.012214827s ago: executing program 5 (id=1971): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 974.994497ms ago: executing program 5 (id=1972): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=") r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="002222000000177bea6fedb30e906ef7870c000000409000070900be00b0"], 0x0}, 0x0) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x22, 0x0, 0x0) 293.221786ms ago: executing program 3 (id=1987): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000580)=0x281) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0xfffffffe, 0x0, 0x0, "df3f0400000000000000020000000609000040"}) r1 = syz_open_pts(r0, 0x0) ioctl$TCFLSH(r1, 0x540b, 0x2) 293.008317ms ago: executing program 6 (id=1988): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8) 292.632277ms ago: executing program 3 (id=1989): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x40400, 0x0) 270.646807ms ago: executing program 6 (id=1990): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', 0x0}) bind$xdp(r0, &(0x7f00000001c0)={0x2c, 0x8, r2}, 0x10) 258.304077ms ago: executing program 3 (id=1991): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f0000000200)=[{&(0x7f0000000240)='\x00', 0x1}, {&(0x7f0000000080)="96", 0x1}, {&(0x7f0000000180)='\b', 0x1}], 0x3, 0x2) close(r1) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0) splice(r0, 0x0, r1, 0x0, 0x10500, 0x0) 258.045717ms ago: executing program 6 (id=1992): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r1}, 0x18) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e) 244.870027ms ago: executing program 6 (id=1993): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ff7fffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='sys_enter\x00', r1}, 0x10) setgroups(0x0, 0x0) 233.318057ms ago: executing program 6 (id=1994): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x52, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) time(0x0) 217.672727ms ago: executing program 3 (id=1995): unshare(0x20040600) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="b70000000000000007000000000000009500e200000000001e5286574356940658273ad1326fc65be4b1037a74cfb5af100fc4e94d123d9b22a7561b8850821bc1f8b5b0a3e3b79b0d96ab7cc60e0e144f0f04bfffe68fe46421a161eedd1a5cee316f68f7617859f06c8efd5da6abe446649c322209b1af93c6c999058168ad0a70992124d19c7c9cc22ff9a6b1a058039ab938480e8697f8715bcb18e1fd0773909464a783148e0e7b604a6c47b33c43a3ffff92ec8bbde1af40f29cfcf0836a70a2f6b1192ab8f24ca363492393e1c2a3b190180caafbf8cfca720074bdcc7cbd978efd8404a1c700000000d97899514e64e36cad5eba82010b2d149ac02e5f07000000000000000000000000000000000000000000009d5df0e0dbb9821d9c5402474d5866ce5eb60188d83ac741b45aeacac594cf09de9b460f48b96ae8a0eead478e46c8ca3e4c5d2b3cb4ad48c830e8003c45f5b2dcbf36b7e8be59ca4b46266cf75bea8a22ab71895d954dc6d28864144c73391770690a9301cde97565d509effc252599b26555355d7955f551df82ea475a711ec56d00000000a89c7533c9955fd63cd00cb83d1228"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x57bb, 0x3c) setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f00000000c0)=r0, 0x4) 210.636558ms ago: executing program 6 (id=1996): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r0}, 0x18) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x111, 0x0, 0x0, 0x0, 0x20, 0x5543, 0x781, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x9, [{{0x9, 0x4, 0x0, 0x4, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7, 0x84, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x5, 0x51, 0x5}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f00000000c0)={0x24, 0x0, 0x0, &(0x7f0000000b40)={0x0, 0x22, 0xa, {[@global=@item_4={0x3, 0x1, 0x9, "cf00"}, @local=@item_4={0x3, 0x2, 0x4, "4bd20ada"}]}}, 0x0}, 0x0) 193.238868ms ago: executing program 3 (id=1998): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 174.531728ms ago: executing program 7 (id=2000): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000001809"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) alarm(0x2) 122.283059ms ago: executing program 4 (id=2001): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) r2 = epoll_create(0xeed) epoll_wait(r2, &(0x7f0000001180)=[{}], 0x1, 0x7) 121.903599ms ago: executing program 7 (id=2002): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x8, "cca1c1d6"}, @main=@item_4={0x3, 0x0, 0x9, "7e49ed50"}, @global=@item_012={0x1, 0x1, 0x4, "b8"}, @local=@item_012={0x2, 0x2, 0x4, 'uQ'}]}}, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) poll(&(0x7f0000000080)=[{r1, 0xc124}], 0x1, 0x4e) 121.647819ms ago: executing program 3 (id=2003): sched_setscheduler(0x0, 0x1, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = timerfd_create(0x9, 0x0) timerfd_settime(r0, 0x1, &(0x7f0000000100)={{0x77359400}, {0x0, 0x3938700}}, 0x0) 121.464359ms ago: executing program 4 (id=2004): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000040)='./file0\x00') chdir(&(0x7f00000001c0)='./file0\x00') 64.45557ms ago: executing program 4 (id=2005): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000005000000080000000f"], 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000840)={r1}, 0xc) 27.83552ms ago: executing program 4 (id=2006): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @remote}, 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@sack_perm, @window, @sack_perm, @sack_perm, @timestamp, @timestamp, @timestamp, @timestamp], 0x20000149) 12.62795ms ago: executing program 4 (id=2007): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800", @ANYRES32, @ANYBLOB="000000000000cd65b6794e49411400", @ANYRES32], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x10, 0x4e}, [@ldst={0x3, 0x0, 0xb}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 0s ago: executing program 4 (id=2008): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x3a9, 0x3, 0x0, {{}, {@val={0x8, 0x140}, @void}}}, 0x1c}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) ptrace(0x10, r0) ptrace$peeksig(0x4209, r0, &(0x7f0000000140)={0x0, 0x1}, 0x0) kernel console output (not intermixed with test programs): IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 53.118886][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 53.127452][ T2629] F2FS-fs (loop5): heap/no_heap options were deprecated [ 53.137389][ T2629] F2FS-fs (loop5): Image doesn't support compression [ 53.140024][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 53.146065][ T2629] F2FS-fs (loop5): invalid crc value [ 53.161385][ T2629] F2FS-fs (loop5): Found nat_bits in checkpoint [ 53.165101][ T1073] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 53.196867][ T2629] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 53.200818][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 53.230378][ T1073] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 53.239593][ T6] usb 1-1: SerialNumber: syz [ 53.252960][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 53.263478][ T1073] usb 4-1: SerialNumber: syz [ 53.273583][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 53.282683][ T2317] syz-executor: attempt to access beyond end of device [ 53.282683][ T2317] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 53.298022][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 53.322153][ T2584] device veth0_vlan entered promiscuous mode [ 53.345563][ T2636] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 53.365069][ T2584] device veth1_macvtap entered promiscuous mode [ 53.396771][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 53.410937][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 53.451532][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 53.465044][ T6] usb 1-1: 0:2 : does not exist [ 53.470777][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 53.482293][ T2649] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1012'. [ 53.506621][ T28] audit: type=1400 audit(1747959784.453:384): avc: denied { mounton } for pid=2646 comm="syz.4.1011" path="/193/bus" dev="tmpfs" ino=1025 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 53.511695][ T6] usb 1-1: USB disconnect, device number 6 [ 53.672788][ T28] audit: type=1400 audit(1747959784.623:385): avc: denied { connect } for pid=2658 comm="syz.6.1016" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 53.775025][ T2664] tipc: Started in network mode [ 53.783052][ T2664] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 53.796469][ T2664] tipc: Enabling of bearer rejected, failed to enable media [ 53.851452][ T2668] loop6: detected capacity change from 0 to 128 [ 53.874523][ T2668] EXT4-fs (loop6): Test dummy encryption mode enabled [ 53.893457][ T2668] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 53.905511][ T2668] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 53.926064][ T28] audit: type=1400 audit(1747959784.873:386): avc: denied { create } for pid=2667 comm="syz.6.1020" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1 [ 53.968131][ T28] audit: type=1400 audit(1747959784.873:387): avc: denied { rename } for pid=2667 comm="syz.6.1020" name="file0" dev="loop6" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=blk_file permissive=1 [ 53.984100][ T2584] EXT4-fs (loop6): unmounting filesystem. [ 54.107869][ T1073] cdc_ether: probe of 4-1:1.0 failed with error -71 [ 54.128457][ T1073] usb 4-1: USB disconnect, device number 7 [ 54.249911][ T2692] loop0: detected capacity change from 0 to 2048 [ 54.296001][ T2692] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 54.436927][ T2708] loop5: detected capacity change from 0 to 512 [ 54.509558][ T2708] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 54.513572][ T2712] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1035'. [ 54.535212][ T2708] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.576906][ T2708] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1034: bg 0: block 248: padding at end of block bitmap is not set [ 54.625576][ T2708] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 54.674956][ T2721] device bridge0 entered promiscuous mode [ 54.691157][ T2317] EXT4-fs (loop5): unmounting filesystem. [ 54.758778][ T28] audit: type=1400 audit(1747959785.703:388): avc: denied { ioctl } for pid=2728 comm="syz.5.1041" path="socket:[26932]" dev="sockfs" ino=26932 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 54.787411][ T2730] veth0_macvtap: mtu greater than device maximum [ 55.159913][ T1073] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 55.247952][ T2759] loop6: detected capacity change from 0 to 2048 [ 55.255807][ T19] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 55.305544][ T284] EXT4-fs (loop0): unmounting filesystem. [ 55.351913][ T2769] input: syz0 as /devices/virtual/input/input8 [ 55.368203][ T1073] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 55.374224][ T2759] loop6: unable to read partition table [ 55.381381][ T1073] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 55.387473][ T2759] loop6: partition table beyond EOD, truncated [ 55.404068][ T1073] usb 5-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00 [ 55.415996][ T2759] loop_reread_partitions: partition scan of loop6 () failed (rc=-5) [ 55.426214][ T2771] binder: 2770:2771 ioctl c018620b 0 returned -14 [ 55.449170][ T1073] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.459568][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 55.477291][ T2775] loop5: detected capacity change from 0 to 256 [ 55.485674][ T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.497048][ T2775] exfat: Deprecated parameter 'utf8' [ 55.506338][ T1073] usb 5-1: config 0 descriptor?? [ 55.509027][ T2775] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 55.519970][ T19] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 55.543749][ T2740] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 55.552091][ T19] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 55.566820][ T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.586331][ T19] usb 4-1: config 0 descriptor?? [ 55.620468][ T103] loop6: unable to read partition table [ 55.633963][ T103] loop6: partition table beyond EOD, truncated [ 55.769389][ T2779] loop0: detected capacity change from 0 to 40427 [ 55.798090][ T2779] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 55.807512][ T2779] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 55.825329][ T2799] loop6: detected capacity change from 0 to 256 [ 55.866236][ T2799] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 55.880619][ T2779] F2FS-fs (loop0): Found nat_bits in checkpoint [ 55.956591][ T1073] greenasia 0003:0E8F:0012.000B: unknown main item tag 0x0 [ 55.967719][ T1073] greenasia 0003:0E8F:0012.000B: unknown main item tag 0x0 [ 55.970936][ T2805] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1078'. [ 55.976133][ T2779] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 55.995803][ T19] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 56.004987][ T19] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 56.013892][ T1073] greenasia 0003:0E8F:0012.000B: hidraw0: USB HID v0.04 Device [HID 0e8f:0012] on usb-dummy_hcd.4-1/input0 [ 56.025973][ T2779] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 56.031362][ T2797] loop5: detected capacity change from 0 to 40427 [ 56.037427][ T19] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 56.059055][ T1073] greenasia 0003:0E8F:0012.000B: no inputs found [ 56.066420][ T2797] F2FS-fs (loop5): Not support 9007199254740992, larger than 256 [ 56.077333][ T19] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 56.118169][ T19] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 56.136787][ T19] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 56.151209][ T19] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 56.181909][ T19] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 56.190560][ T19] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 56.198987][ T19] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving [ 56.262919][ T19] plantronics 0003:047F:FFFF.000C: hiddev96,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 56.263414][ T24] usb 5-1: USB disconnect, device number 6 [ 56.291772][ T19] usb 4-1: USB disconnect, device number 8 [ 56.328597][ T2815] fido_id[2815]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 56.340514][ T2819] loop0: detected capacity change from 0 to 2048 [ 56.393392][ T2819] loop0: unable to read partition table [ 56.399438][ T2819] loop0: partition table beyond EOD, truncated [ 56.405862][ T2819] loop_reread_partitions: partition scan of loop0 () failed (rc=-5) [ 56.408853][ T2827] loop6: detected capacity change from 0 to 2048 [ 56.441233][ T103] loop0: unable to read partition table [ 56.447508][ T103] loop0: partition table beyond EOD, truncated [ 56.474900][ T2827] Alternate GPT is invalid, using primary GPT. [ 56.481915][ T2827] loop6: p2 p3 p7 [ 56.514810][ T103] Alternate GPT is invalid, using primary GPT. [ 56.521401][ T103] loop6: p2 p3 p7 [ 56.572657][ T337] udevd[337]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 56.584978][ T348] udevd[348]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 56.584985][ T1057] udevd[1057]: inotify_add_watch(7, /dev/loop6p7, 10) failed: No such file or directory [ 56.651721][ T2841] loop6: detected capacity change from 0 to 512 [ 56.658771][ T2841] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 56.681578][ T2841] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.1095: invalid indirect mapped block 4294967295 (level 1) [ 56.697125][ T2841] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.1095: invalid indirect mapped block 4294967295 (level 1) [ 56.712160][ T2841] EXT4-fs (loop6): 2 truncates cleaned up [ 56.718107][ T2841] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 56.729277][ T2849] loop3: detected capacity change from 0 to 512 [ 56.755965][ T2584] EXT4-fs (loop6): unmounting filesystem. [ 56.776773][ T2849] EXT4-fs (loop3): orphan cleanup on readonly fs [ 56.787411][ T28] kauditd_printk_skb: 7 callbacks suppressed [ 56.787429][ T28] audit: type=1400 audit(1747959787.733:396): avc: denied { read } for pid=2853 comm="syz.0.1101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 56.794397][ T2849] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1098: bg 0: block 248: padding at end of block bitmap is not set [ 56.842368][ T2849] Quota error (device loop3): write_blk: dquota write failed [ 56.860010][ T2849] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 56.893798][ T2849] EXT4-fs error (device loop3): ext4_acquire_dquot:6789: comm syz.3.1098: Failed to acquire dquot type 1 [ 56.906779][ T2849] EXT4-fs (loop3): 1 truncate cleaned up [ 56.940066][ T2849] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 56.990611][ T286] EXT4-fs (loop3): unmounting filesystem. [ 57.013269][ T2864] loop5: detected capacity change from 0 to 512 [ 57.061286][ T2864] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.1107: iget: bad extended attribute block 1 [ 57.075321][ T2877] loop3: detected capacity change from 0 to 512 [ 57.082697][ T2864] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.1107: couldn't read orphan inode 15 (err -117) [ 57.090062][ T2877] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 57.113310][ T2864] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 57.120251][ T2880] netlink: 308 bytes leftover after parsing attributes in process `syz.4.1112'. [ 57.201102][ T2877] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1111: invalid indirect mapped block 4294967295 (level 1) [ 57.233670][ T2877] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1111: invalid indirect mapped block 4294967295 (level 1) [ 57.248290][ T2877] EXT4-fs (loop3): 2 truncates cleaned up [ 57.270054][ T1073] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 57.286491][ T2899] loop4: detected capacity change from 0 to 512 [ 57.338162][ T2899] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 57.388986][ T2899] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 57.448256][ T2899] EXT4-fs (loop4): 1 truncate cleaned up [ 57.459933][ T1073] usb 1-1: Using ep0 maxpacket: 16 [ 57.466546][ T1073] usb 1-1: config 0 has an invalid interface number: 109 but max is 0 [ 57.486751][ T1073] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 57.507456][ T1073] usb 1-1: config 0 has no interface number 0 [ 57.519045][ T1073] usb 1-1: New USB device found, idVendor=0421, idProduct=0094, bcdDevice=28.8e [ 57.539883][ T1073] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.567259][ T1073] usb 1-1: Product: syz [ 57.574098][ T2913] Zero length message leads to an empty skb [ 57.580776][ T1073] usb 1-1: Manufacturer: syz [ 57.587013][ T1073] usb 1-1: SerialNumber: syz [ 57.620010][ T1073] usb 1-1: config 0 descriptor?? [ 57.769688][ T2930] loop3: detected capacity change from 0 to 2048 [ 57.829497][ T2868] loop0: detected capacity change from 0 to 512 [ 57.836526][ T2868] EXT4-fs: Ignoring removed nomblk_io_submit option [ 57.866650][ T2930] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 57.885370][ T2868] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #2: comm syz.0.1108: missing EA_INODE flag [ 57.925837][ T2868] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1108: error while reading EA inode 2 err=-117 [ 57.941214][ T2937] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 57.946151][ T2930] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 28 [ 57.947154][ T2937] pim6reg0: linktype set to 1 [ 57.972155][ T2868] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: inode #2: comm syz.0.1108: missing EA_INODE flag [ 58.006688][ T2868] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1108: error while reading EA inode 2 err=-117 [ 58.020965][ T2930] EXT4-fs (loop3): This should not happen!! Data will be lost [ 58.020965][ T2930] [ 58.031315][ T2930] EXT4-fs (loop3): Total free blocks count 0 [ 58.037556][ T2930] EXT4-fs (loop3): Free/Dirty block details [ 58.044252][ T2868] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.1108: inode #65536: comm syz.0.1108: iget: illegal inode # [ 58.059533][ T2930] EXT4-fs (loop3): free_blocks=2415919504 [ 58.065837][ T2930] EXT4-fs (loop3): dirty_blocks=32 [ 58.071801][ T2868] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.1108: error while reading EA inode 65536 err=-117 [ 58.084715][ T2930] EXT4-fs (loop3): Block reservation details [ 58.091182][ T2930] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 58.098212][ T2868] EXT4-fs (loop0): 1 orphan inode deleted [ 58.121081][ T1073] usb 1-1: bad CDC descriptors [ 58.129443][ T1073] usb 1-1: USB disconnect, device number 7 [ 58.145629][ T2894] loop6: detected capacity change from 0 to 131072 [ 58.170964][ T2894] F2FS-fs (loop6): Test dummy encryption mode enabled [ 58.189491][ T2950] loop3: detected capacity change from 0 to 512 [ 58.198502][ T2894] F2FS-fs (loop6): invalid crc value [ 58.206645][ T2950] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 58.230596][ T2950] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 58.247211][ T2894] F2FS-fs (loop6): Found nat_bits in checkpoint [ 58.249211][ T2950] EXT4-fs (loop3): 1 truncate cleaned up [ 58.296593][ T2950] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.3.1142: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 58.323958][ T2894] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 58.324246][ T2950] EXT4-fs error (device loop3) in ext4_delete_entry:2800: Corrupt filesystem [ 58.528547][ T2975] loop4: detected capacity change from 0 to 256 [ 58.606375][ T2975] syz.4.1152: attempt to access beyond end of device [ 58.606375][ T2975] loop4: rw=2049, sector=256, nr_sectors = 288 limit=256 [ 58.630193][ T2975] syz.4.1152: attempt to access beyond end of device [ 58.630193][ T2975] loop4: rw=2049, sector=608, nr_sectors = 192 limit=256 [ 58.659145][ T2975] syz.4.1152: attempt to access beyond end of device [ 58.659145][ T2975] loop4: rw=2049, sector=832, nr_sectors = 192 limit=256 [ 58.718829][ T2976] syz.4.1152: attempt to access beyond end of device [ 58.718829][ T2976] loop4: rw=2049, sector=1104, nr_sectors = 1332 limit=256 [ 58.719002][ T2975] syz.4.1152: attempt to access beyond end of device [ 58.719002][ T2975] loop4: rw=2049, sector=1056, nr_sectors = 48 limit=256 [ 58.767236][ T2973] loop3: detected capacity change from 0 to 40427 [ 58.774805][ T2973] F2FS-fs (loop3): fault_injection options not supported [ 58.788067][ T2973] F2FS-fs (loop3): invalid crc value [ 58.794391][ T28] audit: type=1400 audit(1747959789.743:397): avc: denied { execute } for pid=2980 comm="syz.6.1149" path="/35/devices.list" dev="tmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 58.829673][ T28] audit: type=1400 audit(1747959789.773:398): avc: denied { setopt } for pid=2980 comm="syz.6.1149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 58.880776][ T2973] F2FS-fs (loop3): Found nat_bits in checkpoint [ 58.931128][ T2991] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1157'. [ 59.010049][ T2973] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 59.103346][ T3005] loop0: detected capacity change from 0 to 256 [ 59.130309][ T3005] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 59.150664][ T286] syz-executor: attempt to access beyond end of device [ 59.150664][ T286] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 59.169866][ T3005] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 59.179950][ T3008] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1165'. [ 59.190761][ T3005] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 59.191379][ T3010] loop4: detected capacity change from 0 to 512 [ 59.281397][ T1073] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.287120][ T2987] loop6: detected capacity change from 0 to 40427 [ 59.296208][ T2987] F2FS-fs (loop6): Invalid log blocks per segment (4278190089) [ 59.324588][ T3013] netlink: 'syz.0.1168': attribute type 4 has an invalid length. [ 59.340052][ T2987] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 59.341049][ T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.361484][ T3013] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1168'. [ 59.362648][ T2987] F2FS-fs (loop6): invalid crc value [ 59.386865][ T3017] loop5: detected capacity change from 0 to 256 [ 59.419234][ T2987] F2FS-fs (loop6): Found nat_bits in checkpoint [ 59.424590][ T1073] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.498729][ T2987] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 59.499958][ T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.516174][ T2987] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 59.520811][ T3017] syz.5.1169: attempt to access beyond end of device [ 59.520811][ T3017] loop5: rw=2049, sector=256, nr_sectors = 288 limit=256 [ 59.576364][ T3017] syz.5.1169: attempt to access beyond end of device [ 59.576364][ T3017] loop5: rw=2049, sector=608, nr_sectors = 192 limit=256 [ 59.604408][ T3035] binder: BC_ACQUIRE_RESULT not supported [ 59.613568][ T3017] syz.5.1169: attempt to access beyond end of device [ 59.613568][ T3017] loop5: rw=2049, sector=832, nr_sectors = 192 limit=256 [ 59.620025][ T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.632459][ T3035] binder: 3034:3035 ioctl c0306201 200000000c40 returned -22 [ 59.654543][ T3029] syz.5.1169: attempt to access beyond end of device [ 59.654543][ T3029] loop5: rw=2049, sector=1064, nr_sectors = 1372 limit=256 [ 59.699951][ T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.771562][ T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.810348][ T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.822792][ T3045] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1180'. [ 59.840064][ T1073] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.879951][ T19] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 59.955060][ T3052] loop6: detected capacity change from 0 to 2048 [ 59.976396][ T3023] loop3: detected capacity change from 0 to 40427 [ 60.021575][ T3023] F2FS-fs (loop3): Found nat_bits in checkpoint [ 60.060589][ T28] audit: type=1400 audit(1747959791.013:399): avc: denied { bind } for pid=3066 comm="syz.0.1188" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 60.098101][ T3070] loop4: detected capacity change from 0 to 512 [ 60.142126][ T3070] ext4 filesystem being mounted at /233/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 60.164836][ T3023] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 60.273895][ T3078] loop4: detected capacity change from 0 to 1024 [ 60.300788][ T3078] EXT4-fs: Ignoring removed nobh option [ 60.324968][ T3078] EXT4-fs: Ignoring removed bh option [ 60.351780][ T3078] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 60.427096][ T3078] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.1192: Allocating blocks 497-513 which overlap fs metadata [ 60.493159][ T3077] EXT4-fs (loop4): pa ffff888114927b28: logic 16, phys. 145, len 23 [ 60.501676][ T3077] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 60.504697][ T3072] loop0: detected capacity change from 0 to 40427 [ 60.528227][ T3072] F2FS-fs (loop0): fault_injection options not supported [ 60.548664][ T3072] F2FS-fs (loop0): invalid crc value [ 60.549613][ T3097] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1201'. [ 60.572436][ T3099] loop5: detected capacity change from 0 to 512 [ 60.582020][ T3072] F2FS-fs (loop0): Found nat_bits in checkpoint [ 60.587533][ T3097] device xfrm1 entered promiscuous mode [ 60.613783][ T3099] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.617508][ T3105] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1201'. [ 60.673765][ T3072] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 60.794566][ T3118] loop4: detected capacity change from 0 to 512 [ 60.877346][ T3118] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.004452][ T3138] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0 [ 61.167499][ T3154] loop3: detected capacity change from 0 to 512 [ 61.175066][ T3156] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.182689][ T3156] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.209531][ T3154] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 61.214984][ T3161] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1217'. [ 61.248734][ T28] audit: type=1400 audit(1747959792.193:400): avc: denied { map } for pid=3157 comm="syz.0.1227" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=179 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 61.261145][ T3166] tmpfs: Bad value for 'uid' [ 61.323089][ T3172] loop3: detected capacity change from 0 to 1024 [ 61.355059][ T3172] EXT4-fs: Ignoring removed nobh option [ 61.415329][ T3172] EXT4-fs: Ignoring removed bh option [ 61.429726][ T3172] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 61.435472][ T3188] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1237'. [ 61.455763][ T3188] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1237'. [ 61.509186][ T3172] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.1230: Allocating blocks 497-513 which overlap fs metadata [ 61.545283][ T3168] EXT4-fs (loop3): pa ffff888114927690: logic 16, phys. 145, len 23 [ 61.554247][ T3168] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 61.589158][ T3206] loop3: detected capacity change from 0 to 1024 [ 61.597224][ T3206] EXT4-fs: Ignoring removed nomblk_io_submit option [ 61.723845][ T3220] loop3: detected capacity change from 0 to 256 [ 61.734342][ T3220] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xff532d92, utbl_chksum : 0xe619d30d) [ 61.779874][ T19] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 61.779896][ T288] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 61.796652][ T3224] syzkaller0: tun_chr_ioctl cmd 2148553947 [ 61.819945][ T1073] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 61.899561][ T3234] loop6: detected capacity change from 0 to 1024 [ 61.906961][ T3234] EXT4-fs: Ignoring removed nobh option [ 61.913990][ T3234] EXT4-fs: Ignoring removed bh option [ 61.920845][ T3234] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 61.959262][ T3234] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3841: comm syz.6.1257: Allocating blocks 497-513 which overlap fs metadata [ 61.977984][ T19] usb 1-1: config 0 has an invalid interface number: 31 but max is 0 [ 61.980008][ T288] usb 5-1: Using ep0 maxpacket: 32 [ 61.989697][ T3233] EXT4-fs (loop6): pa ffff888114927d20: logic 16, phys. 145, len 23 [ 62.002646][ T3233] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 62.013585][ T1073] usb 6-1: Using ep0 maxpacket: 16 [ 62.024079][ T288] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 62.027184][ T19] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 62.035581][ T288] usb 5-1: config 0 interface 0 has no altsetting 0 [ 62.050412][ T1073] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 62.056491][ T288] usb 5-1: New USB device found, idVendor=056a, idProduct=00f4, bcdDevice= 0.00 [ 62.076233][ T288] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.076902][ T1073] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 62.093641][ T3248] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 62.111584][ T19] usb 1-1: config 0 has no interface number 0 [ 62.112066][ T288] usb 5-1: config 0 descriptor?? [ 62.122327][ T1073] usb 6-1: Product: syz [ 62.135259][ T19] usb 1-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 62.146821][ T1073] usb 6-1: Manufacturer: syz [ 62.151990][ T19] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 62.163078][ T1073] usb 6-1: SerialNumber: syz [ 62.169709][ T1073] r8152-cfgselector 6-1: config 0 descriptor?? [ 62.180698][ T19] usb 1-1: Product: syz [ 62.186221][ T19] usb 1-1: Manufacturer: syz [ 62.192002][ T19] usb 1-1: SerialNumber: syz [ 62.202970][ T19] usb 1-1: config 0 descriptor?? [ 62.211552][ T19] hub 1-1:0.31: bad descriptor, ignoring hub [ 62.220871][ T19] hub: probe of 1-1:0.31 failed with error -5 [ 62.229411][ T19] usb 1-1: Found UVC 0.00 device syz (046d:08c3) [ 62.237766][ T19] usb 1-1: No valid video chain found. [ 62.268727][ T3253] loop6: detected capacity change from 0 to 2048 [ 62.287283][ T3253] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 62.304968][ T3253] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 28 [ 62.319542][ T3253] EXT4-fs (loop6): This should not happen!! Data will be lost [ 62.319542][ T3253] [ 62.331693][ T3253] EXT4-fs (loop6): Total free blocks count 0 [ 62.338572][ T3253] EXT4-fs (loop6): Free/Dirty block details [ 62.345987][ T3253] EXT4-fs (loop6): free_blocks=2415919504 [ 62.352752][ T3253] EXT4-fs (loop6): dirty_blocks=32 [ 62.358683][ T3253] EXT4-fs (loop6): Block reservation details [ 62.365421][ T3253] EXT4-fs (loop6): i_reserved_data_blocks=2 [ 62.491477][ T3264] loop6: detected capacity change from 0 to 256 [ 62.509344][ T3264] FAT-fs (loop6): "posix" option is obsolete, not supported now [ 62.528332][ T288] wacom 0003:056A:00F4.000D: item fetching failed at offset 0/1 [ 62.537173][ T288] wacom 0003:056A:00F4.000D: parse failed [ 62.543202][ T288] wacom: probe of 0003:056A:00F4.000D failed with error -22 [ 62.559999][ T19] usb 1-1: USB disconnect, device number 8 [ 62.592228][ T3258] loop3: detected capacity change from 0 to 40427 [ 62.601166][ T3258] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 62.601283][ T1073] r8152-cfgselector 6-1: Unknown version 0x0000 [ 62.609447][ T3258] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 62.620894][ T1073] r8152-cfgselector 6-1: bad CDC descriptors [ 62.644084][ T3258] F2FS-fs (loop3): invalid crc value [ 62.652256][ T3258] F2FS-fs (loop3): Found nat_bits in checkpoint [ 62.658896][ T1073] r8152-cfgselector 6-1: Unknown version 0x0000 [ 62.675263][ T1073] r8152-cfgselector 6-1: USB disconnect, device number 2 [ 62.684359][ T3258] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 62.685227][ T3270] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1272'. [ 62.692718][ T3258] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 62.809003][ T2321] usb 5-1: USB disconnect, device number 7 [ 62.892599][ T3277] xt_hashlimit: max too large, truncated to 1048576 [ 62.948200][ T3284] loop3: detected capacity change from 0 to 256 [ 63.052717][ T3295] loop0: detected capacity change from 0 to 1024 [ 63.139587][ T28] audit: type=1400 audit(1747959794.083:401): avc: denied { create } for pid=3306 comm="syz.0.1287" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 63.160367][ T28] audit: type=1400 audit(1747959794.083:402): avc: denied { mount } for pid=3309 comm="syz.3.1289" name="/" dev="bdev" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bdev_t tclass=filesystem permissive=1 [ 63.199873][ T313] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 63.282663][ T3327] loop3: detected capacity change from 0 to 256 [ 63.378870][ T3335] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1300'. [ 63.401572][ T313] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 63.423979][ T3342] tmpfs: Unknown parameter 'g' [ 63.439542][ T313] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 63.442708][ T3346] loop0: detected capacity change from 0 to 128 [ 63.464562][ T313] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 63.493819][ T3346] EXT4-fs mount: 36 callbacks suppressed [ 63.493837][ T3346] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 63.500088][ T313] usb 7-1: Product: syz [ 63.500111][ T313] usb 7-1: Manufacturer: syz [ 63.500124][ T313] usb 7-1: SerialNumber: syz [ 63.500877][ T313] usb 7-1: config 0 descriptor?? [ 63.528658][ T3353] tap0: tun_chr_ioctl cmd 1074025677 [ 63.530516][ T3346] ext4 filesystem being mounted at /234/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 63.536632][ T3353] tap0: linktype set to 769 [ 63.589273][ T313] snd-usb-audio: probe of 7-1:0.0 failed with error -22 [ 63.597713][ T284] EXT4-fs (loop0): unmounting filesystem. [ 63.606078][ T3355] loop3: detected capacity change from 0 to 4096 [ 63.646719][ T3355] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 63.651457][ T3362] loop4: detected capacity change from 0 to 512 [ 63.665920][ T337] udevd[337]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 63.690272][ T28] audit: type=1400 audit(1747959794.633:403): avc: denied { write } for pid=3365 comm="syz.0.1315" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 63.710170][ T3366] random: crng reseeded on system resumption [ 63.714907][ T28] audit: type=1400 audit(1747959794.663:404): avc: denied { open } for pid=3365 comm="syz.0.1315" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 63.722589][ T3362] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 63.755315][ T3362] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.785172][ T286] EXT4-fs (loop3): unmounting filesystem. [ 63.807791][ T28] audit: type=1400 audit(1747959794.753:405): avc: denied { ioctl } for pid=3365 comm="syz.0.1315" path="/dev/snapshot" dev="devtmpfs" ino=91 ioctlcmd=0x330d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 63.818646][ T1073] usb 7-1: USB disconnect, device number 2 [ 63.842361][ T285] EXT4-fs (loop4): unmounting filesystem. [ 63.909883][ T19] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 64.091635][ T19] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 64.105237][ T19] usb 6-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00 [ 64.115889][ T19] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.127051][ T19] usb 6-1: config 0 descriptor?? [ 64.134116][ T3359] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 64.309948][ T2321] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 64.375491][ T3385] loop6: detected capacity change from 0 to 256 [ 64.446653][ T3385] bio_check_eod: 10 callbacks suppressed [ 64.446671][ T3385] syz.6.1321: attempt to access beyond end of device [ 64.446671][ T3385] loop6: rw=2049, sector=256, nr_sectors = 288 limit=256 [ 64.469204][ T3385] syz.6.1321: attempt to access beyond end of device [ 64.469204][ T3385] loop6: rw=2049, sector=608, nr_sectors = 72 limit=256 [ 64.487021][ T3385] syz.6.1321: attempt to access beyond end of device [ 64.487021][ T3385] loop6: rw=2049, sector=728, nr_sectors = 72 limit=256 [ 64.502219][ T2321] usb 4-1: Using ep0 maxpacket: 16 [ 64.502450][ T3391] syz.6.1321: attempt to access beyond end of device [ 64.502450][ T3391] loop6: rw=2049, sector=680, nr_sectors = 48 limit=256 [ 64.508914][ T2321] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 64.522252][ T3391] syz.6.1321: attempt to access beyond end of device [ 64.522252][ T3391] loop6: rw=2049, sector=952, nr_sectors = 72 limit=256 [ 64.533231][ T2321] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 64.548179][ T3391] syz.6.1321: attempt to access beyond end of device [ 64.548179][ T3391] loop6: rw=2049, sector=1056, nr_sectors = 1380 limit=256 [ 64.558466][ T3385] syz.6.1321: attempt to access beyond end of device [ 64.558466][ T3385] loop6: rw=2049, sector=832, nr_sectors = 120 limit=256 [ 64.558748][ T2321] usb 4-1: config 0 interface 0 has no altsetting 0 [ 64.599367][ T19] uclogic 0003:5543:0005.000E: No inputs registered, leaving [ 64.607597][ T2321] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 64.617794][ T2321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.626050][ T19] uclogic 0003:5543:0005.000E: hidraw0: USB HID v1.04 Device [HID 5543:0005] on usb-dummy_hcd.5-1/input0 [ 64.644559][ T2321] usb 4-1: config 0 descriptor?? [ 64.679981][ T313] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 64.859902][ T313] usb 5-1: Using ep0 maxpacket: 32 [ 64.866917][ T313] usb 5-1: too many endpoints for config 0 interface 0 altsetting 32: 253, using maximum allowed: 30 [ 64.880178][ T313] usb 5-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 64.884184][ T19] usb 6-1: USB disconnect, device number 3 [ 64.893739][ T313] usb 5-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 64.914553][ T313] usb 5-1: config 0 interface 0 has no altsetting 0 [ 64.921472][ T313] usb 5-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00 [ 64.932070][ T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.941493][ T313] usb 5-1: config 0 descriptor?? [ 64.960024][ T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 65.066744][ T2321] hid (null): invalid report_size 3136 [ 65.150280][ T24] usb 7-1: Using ep0 maxpacket: 8 [ 65.157494][ T24] usb 7-1: config 0 has an invalid interface number: 31 but max is 0 [ 65.166732][ T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 65.177428][ T24] usb 7-1: config 0 has no interface number 0 [ 65.185300][ T24] usb 7-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 65.194842][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 65.203470][ T24] usb 7-1: Product: syz [ 65.207785][ T24] usb 7-1: Manufacturer: syz [ 65.213204][ T24] usb 7-1: SerialNumber: syz [ 65.218821][ T24] usb 7-1: config 0 descriptor?? [ 65.225157][ T24] usb 7-1: Found UVC 0.04 device syz (046d:08c3) [ 65.232176][ T24] uvcvideo 7-1:0.31: Entity type for entity Output 6 was not initialized! [ 65.240861][ T24] usb 7-1: Failed to create links for entity 6 [ 65.247393][ T24] usb 7-1: Failed to register entities (-22). [ 65.282642][ T19] usb 4-1: USB disconnect, device number 9 [ 65.350512][ T313] zeroplus 0003:0C12:0030.0010: item 0 1 0 9 parsing failed [ 65.359787][ T313] zeroplus 0003:0C12:0030.0010: parse failed [ 65.366838][ T313] zeroplus: probe of 0003:0C12:0030.0010 failed with error -22 [ 65.405299][ T3399] loop0: detected capacity change from 0 to 40427 [ 65.413002][ T3399] F2FS-fs (loop0): Invalid log blocks per segment (4278190089) [ 65.421460][ T3399] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 65.431242][ T3399] F2FS-fs (loop0): invalid crc value [ 65.438230][ T3399] F2FS-fs (loop0): Found nat_bits in checkpoint [ 65.440534][ T313] usb 7-1: USB disconnect, device number 3 [ 65.476726][ T3399] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 65.484845][ T3399] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 65.530475][ T284] syz-executor: attempt to access beyond end of device [ 65.530475][ T284] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 65.568523][ T19] usb 5-1: USB disconnect, device number 8 [ 65.592576][ T3411] loop5: detected capacity change from 0 to 256 [ 65.600995][ T3411] exfat: Deprecated parameter 'namecase' [ 65.607478][ T3411] exfat: Deprecated parameter 'utf8' [ 65.624498][ T3411] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x68ba9255, utbl_chksum : 0xe619d30d) [ 65.725651][ T3424] device bridge2 entered promiscuous mode [ 65.725696][ T28] audit: type=1400 audit(1747959796.673:406): avc: denied { execmem } for pid=3425 comm="syz.5.1337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 66.019302][ T3449] loop5: detected capacity change from 0 to 1024 [ 66.060732][ T3458] loop3: detected capacity change from 0 to 512 [ 66.078806][ T3449] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 66.093539][ T3458] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 66.103331][ T3461] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1353'. [ 66.131515][ T3458] EXT4-fs error (device loop3): __ext4_iget:5057: inode #11: block 16777237: comm syz.3.1352: invalid block [ 66.156480][ T3458] EXT4-fs (loop3): Remounting filesystem read-only [ 66.171288][ T2317] EXT4-fs (loop5): unmounting filesystem. [ 66.175028][ T3458] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1352: couldn't read orphan inode 11 (err -117) [ 66.192520][ T3458] EXT4-fs (loop3): Remounting filesystem read-only [ 66.215099][ T3458] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 66.234450][ T3471] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1356'. [ 66.296486][ T286] EXT4-fs (loop3): unmounting filesystem. [ 66.302593][ T28] audit: type=1400 audit(1747959797.253:407): avc: denied { create } for pid=3479 comm="syz.5.1361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 66.353197][ T3480] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1361'. [ 66.360331][ T28] audit: type=1400 audit(1747959797.303:408): avc: denied { write } for pid=3479 comm="syz.5.1361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 66.399959][ T2321] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 66.430625][ T28] audit: type=1400 audit(1747959797.303:409): avc: denied { nlmsg_write } for pid=3479 comm="syz.5.1361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 66.582677][ T3507] loop0: detected capacity change from 0 to 512 [ 66.600432][ T3507] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 66.612873][ T2321] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 66.630472][ T2321] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 66.652509][ T2321] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 66.668110][ T3507] EXT4-fs (loop0): 1 truncate cleaned up [ 66.675005][ T3507] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 66.685027][ T2321] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 66.700998][ T2321] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.709976][ T3507] EXT4-fs error (device loop0): mb_free_blocks:1815: group 0, inode 16: block 33:freeing already freed block (bit 32); block bitmap corrupt. [ 66.710862][ T2321] usb 5-1: config 0 descriptor?? [ 66.761045][ T3521] loop5: detected capacity change from 0 to 512 [ 66.772455][ T284] EXT4-fs (loop0): unmounting filesystem. [ 66.779305][ T3521] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349) [ 66.797951][ T3521] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 66.818628][ T3521] System zones: 1-12 [ 66.825247][ T3521] EXT4-fs (loop5): orphan cleanup on readonly fs [ 66.833297][ T3521] EXT4-fs error (device loop5): ext4_read_inode_bitmap:168: comm syz.5.1380: Inode bitmap for bg 0 marked uninitialized [ 66.856318][ T3521] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 66.873380][ T3536] loop6: detected capacity change from 0 to 512 [ 66.899580][ T2317] EXT4-fs (loop5): unmounting filesystem. [ 66.924670][ T3536] EXT4-fs: Ignoring removed bh option [ 66.944970][ T3536] EXT4-fs: Ignoring removed i_version option [ 66.957503][ T3536] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 66.963248][ T3543] loop3: detected capacity change from 0 to 256 [ 66.976966][ T3536] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 2)! [ 66.995480][ T3536] EXT4-fs (loop6): group descriptors corrupted! [ 66.998730][ T3545] loop5: detected capacity change from 0 to 2048 [ 67.012319][ T3543] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 67.036909][ T3548] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1393'. [ 67.047952][ T28] audit: type=1400 audit(1747959798.003:410): avc: denied { setattr } for pid=3541 comm="syz.3.1391" name="file0" dev="loop3" ino=1048672 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 67.049030][ T3548] bridge0: port 3(vlan3) entered blocking state [ 67.107149][ T3545] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 67.115260][ T3548] bridge0: port 3(vlan3) entered disabled state [ 67.138798][ T2321] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 67.155513][ T2321] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 67.165905][ T2321] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 67.176335][ T2321] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 67.187574][ T2321] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 67.195981][ T2321] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 67.203933][ T2321] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 67.212255][ T2321] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 67.220335][ T2321] plantronics 0003:047F:FFFF.0011: unknown main item tag 0x0 [ 67.230091][ T2321] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving [ 67.239867][ T2321] plantronics 0003:047F:FFFF.0011: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 67.324451][ T3558] loop3: detected capacity change from 0 to 512 [ 67.359646][ T3558] EXT4-fs warning (device loop3): ext4_enable_quotas:7024: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 67.383276][ T3558] EXT4-fs (loop3): mount failed [ 67.460844][ T1073] usb 5-1: USB disconnect, device number 9 [ 67.508651][ T3582] loop6: detected capacity change from 0 to 1024 [ 67.536044][ T3582] EXT4-fs: Ignoring removed bh option [ 67.586206][ T3582] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 67.610768][ T2584] EXT4-fs (loop6): unmounting filesystem. [ 67.759883][ T2321] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 67.849906][ T19] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 67.954624][ T2317] EXT4-fs (loop5): unmounting filesystem. [ 67.970106][ T2321] usb 4-1: Using ep0 maxpacket: 32 [ 67.985117][ T2321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 68.000381][ T2321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 68.012311][ T2321] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 68.022709][ T2321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.039878][ T19] usb 1-1: Using ep0 maxpacket: 16 [ 68.054196][ T2321] usb 4-1: config 0 descriptor?? [ 68.061813][ T3614] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge_slave_0 [ 68.063667][ T19] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 68.081242][ T2321] hub 4-1:0.0: USB hub found [ 68.086521][ T19] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.100971][ T19] usb 1-1: Product: syz [ 68.106435][ T19] usb 1-1: Manufacturer: syz [ 68.113483][ T19] usb 1-1: SerialNumber: syz [ 68.120100][ T19] r8152-cfgselector 1-1: config 0 descriptor?? [ 68.129886][ T313] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 68.227204][ T3610] loop5: detected capacity change from 0 to 40427 [ 68.250064][ T3610] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 68.258831][ T3610] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 68.269058][ T3610] F2FS-fs (loop5): invalid crc value [ 68.277022][ T3610] F2FS-fs (loop5): Found nat_bits in checkpoint [ 68.277704][ T2321] hub 4-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 68.316646][ T3610] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 68.325411][ T313] usb 7-1: Using ep0 maxpacket: 8 [ 68.331284][ T3610] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 68.340443][ T313] usb 7-1: config 0 has an invalid interface number: 31 but max is 0 [ 68.369985][ T313] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 68.389912][ T313] usb 7-1: config 0 has no interface number 0 [ 68.402395][ T313] usb 7-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 68.423169][ T313] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.435733][ T313] usb 7-1: Product: syz [ 68.440522][ T313] usb 7-1: Manufacturer: syz [ 68.445894][ T313] usb 7-1: SerialNumber: syz [ 68.467224][ T313] usb 7-1: config 0 descriptor?? [ 68.530649][ T19] r8152-cfgselector 1-1: Unknown version 0x0000 [ 68.537038][ T19] r8152-cfgselector 1-1: bad CDC descriptors [ 68.547347][ T19] r8152-cfgselector 1-1: Unknown version 0x0000 [ 68.562899][ T19] r8152-cfgselector 1-1: USB disconnect, device number 9 [ 68.677545][ T2321] hid-generic 0003:046D:C31C.0012: item fetching failed at offset 0/1 [ 68.677554][ T313] usb 7-1: Found UVC 0.04 device syz (046d:08c3) [ 68.677595][ T313] usb 7-1: No valid video chain found. [ 68.701491][ T2321] hid-generic: probe of 0003:046D:C31C.0012 failed with error -22 [ 68.834580][ T3620] loop4: detected capacity change from 0 to 131072 [ 68.853302][ T3620] F2FS-fs (loop4): Test dummy encryption mode enabled [ 68.880329][ T3620] F2FS-fs (loop4): invalid crc value [ 68.893549][ T3620] F2FS-fs (loop4): Found nat_bits in checkpoint [ 68.939168][ T313] usb 7-1: USB disconnect, device number 4 [ 68.958509][ T3620] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 69.000071][ T24] usb 4-1: USB disconnect, device number 10 [ 69.009625][ T3620] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 69.198756][ T3642] loop5: detected capacity change from 0 to 40427 [ 69.218436][ T3642] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 69.235328][ T3642] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 69.245551][ T3642] F2FS-fs (loop5): invalid crc value [ 69.254149][ T3642] F2FS-fs (loop5): Found nat_bits in checkpoint [ 69.294812][ T3642] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 69.303303][ T3642] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 69.342230][ T3653] SELinux: Context system_u:object_r:tzdata_exec_t:s0 is not valid (left unmapped). [ 69.349458][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 69.349472][ T28] audit: type=1400 audit(1747960056.326:412): avc: denied { create } for pid=3640 comm="syz.5.1429" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1 [ 69.391530][ T28] audit: type=1400 audit(1747960056.346:413): avc: denied { relabelto } for pid=3652 comm="syz.4.1430" name="cgroup.procs" dev="cgroup" ino=265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:tzdata_exec_t:s0" [ 69.440999][ T28] audit: type=1400 audit(1747960056.346:414): avc: denied { associate } for pid=3652 comm="syz.4.1430" name="cgroup.procs" dev="cgroup" ino=265 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:tzdata_exec_t:s0" [ 69.473920][ T28] audit: type=1400 audit(1747960056.366:415): avc: denied { write } for pid=3640 comm="syz.5.1429" name="file2" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=sock_file permissive=1 [ 69.708382][ T28] audit: type=1400 audit(1747960056.686:416): avc: denied { lock } for pid=3690 comm="syz.4.1451" path="socket:[29525]" dev="sockfs" ino=29525 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 69.767951][ T3697] tap0: tun_chr_ioctl cmd 1074025677 [ 69.796777][ T3697] tap0: linktype set to 780 [ 69.992459][ T28] audit: type=1400 audit(1747960056.976:417): avc: denied { read write } for pid=3722 comm="syz.0.1467" name="loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 70.088818][ T28] audit: type=1400 audit(1747960056.976:418): avc: denied { open } for pid=3722 comm="syz.0.1467" path="/dev/loop-control" dev="devtmpfs" ino=117 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 70.103807][ T3736] loop5: detected capacity change from 0 to 4096 [ 70.135385][ T28] audit: type=1400 audit(1747960057.006:419): avc: denied { ioctl } for pid=3722 comm="syz.0.1467" path="/dev/loop-control" dev="devtmpfs" ino=117 ioctlcmd=0x4c80 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 70.166640][ T3736] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 70.219346][ T3736] EXT4-fs error (device loop5): ext4_get_first_dir_block:3603: inode #12: block 80: comm syz.5.1472: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 70.240915][ T3736] EXT4-fs error (device loop5): ext4_get_first_dir_block:3605: inode #12: comm syz.5.1472: directory missing '..' [ 70.294464][ T2317] EXT4-fs (loop5): unmounting filesystem. [ 70.296389][ T3754] loop6: detected capacity change from 0 to 256 [ 70.315974][ T3754] FAT-fs (loop6): bogus logical sector size 128 [ 70.326733][ T3754] FAT-fs (loop6): Can't find a valid FAT filesystem [ 70.365040][ T3762] loop5: detected capacity change from 0 to 512 [ 70.409892][ T19] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 70.413363][ T3770] loop4: detected capacity change from 0 to 256 [ 70.439347][ T3762] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 70.490103][ T3770] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 70.504320][ T3762] ext4 filesystem being mounted at /137/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 70.522746][ T3770] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 70.567362][ T2317] EXT4-fs (loop5): unmounting filesystem. [ 70.589940][ T19] usb 1-1: Using ep0 maxpacket: 8 [ 70.597542][ T19] usb 1-1: config 135 has an invalid interface number: 230 but max is 0 [ 70.635437][ T19] usb 1-1: config 135 has an invalid descriptor of length 97, skipping remainder of the config [ 70.667042][ T19] usb 1-1: config 135 has no interface number 0 [ 70.673570][ T19] usb 1-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 70.696175][ T19] usb 1-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 70.711514][ T19] usb 1-1: config 135 interface 230 has no altsetting 0 [ 70.726462][ T19] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 70.746422][ T19] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 70.756556][ T19] usb 1-1: Product: syz [ 70.760847][ T19] usb 1-1: Manufacturer: syz [ 70.774098][ T19] usb 1-1: SerialNumber: syz [ 70.839950][ T313] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 70.854454][ T3782] loop6: detected capacity change from 0 to 40427 [ 70.890947][ T3782] F2FS-fs (loop6): Found nat_bits in checkpoint [ 70.949024][ T3815] random: crng reseeded on system resumption [ 70.955878][ T28] audit: type=1400 audit(1747960058.932:420): avc: denied { append } for pid=3814 comm="syz.4.1505" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 70.981980][ T3782] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 70.991874][ T19] usb 1-1: Found UVC 0.00 device syz (18ec:3288) [ 70.999161][ T19] usb 1-1: No valid video chain found. [ 71.041003][ T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 71.061976][ T313] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 71.074688][ T313] usb 4-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00 [ 71.084726][ T313] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.095814][ T2584] syz-executor: attempt to access beyond end of device [ 71.095814][ T2584] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 71.113669][ T313] usb 4-1: config 0 descriptor?? [ 71.120108][ T3780] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 71.160136][ T3821] kvm [3820]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010007 data 0x0 [ 71.218502][ T19] usb 1-1: USB disconnect, device number 10 [ 71.300912][ T3831] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1511'. [ 71.318464][ T3831] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1511'. [ 71.358024][ T3839] loop6: detected capacity change from 0 to 256 [ 71.401540][ T3843] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1517'. [ 71.478784][ T3854] loop6: detected capacity change from 0 to 2048 [ 71.485699][ T3856] loop5: detected capacity change from 0 to 256 [ 71.493694][ T3854] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 71.501772][ T3856] exfat: Deprecated parameter 'utf8' [ 71.513030][ T3856] exfat: Deprecated parameter 'utf8' [ 71.522704][ T3856] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d) [ 71.524319][ T3854] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 71.546162][ T313] greenasia 0003:0E8F:0012.0013: unknown main item tag 0x0 [ 71.560233][ T313] greenasia 0003:0E8F:0012.0013: unknown main item tag 0x0 [ 71.580193][ T313] greenasia 0003:0E8F:0012.0013: hidraw0: USB HID v0.04 Device [HID 0e8f:0012] on usb-dummy_hcd.3-1/input0 [ 71.580584][ T3859] device sit0 entered promiscuous mode [ 71.595470][ T313] greenasia 0003:0E8F:0012.0013: no inputs found [ 71.629557][ T3859] netlink: 'syz.5.1524': attribute type 1 has an invalid length. [ 71.639741][ T3859] netlink: 1 bytes leftover after parsing attributes in process `syz.5.1524'. [ 71.658144][ T3861] loop4: detected capacity change from 0 to 4096 [ 71.659672][ T3854] EXT4-fs error (device loop6): empty_inline_dir:1877: inode #12: block 9: comm syz.6.1523: bad entry in directory: rec_len % 4 != 0 - offset=4, inode=13, rec_len=21, size=60 fake=0 [ 71.685001][ T3854] EXT4-fs (loop6): Remounting filesystem read-only [ 71.695401][ T3861] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 71.699971][ T3854] EXT4-fs warning (device loop6): empty_inline_dir:1884: bad inline directory (dir #12) - inode 13, rec_len 21, name_len 5inline size 60 [ 71.742175][ T3861] fs-verity: sha512 using implementation "sha512-avx2" [ 71.772069][ T285] EXT4-fs (loop4): unmounting filesystem. [ 71.780250][ T3854] EXT4-fs error (device loop6): ext4_search_dir:1549: inode #12: block 9: comm syz.6.1523: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0 [ 71.801391][ T3854] EXT4-fs (loop6): Remounting filesystem read-only [ 71.816316][ T2584] EXT4-fs (loop6): unmounting filesystem. [ 71.836292][ T3871] device veth1_to_bond entered promiscuous mode [ 71.864305][ T3870] device veth1_to_bond left promiscuous mode [ 71.874216][ T2321] usb 4-1: USB disconnect, device number 11 [ 72.253091][ T3905] SELinux: Context system_u:object_r:systemd_unit_file_t:s0 is not valid (left unmapped). [ 72.279426][ T3884] loop4: detected capacity change from 0 to 40427 [ 72.287303][ T28] audit: type=1400 audit(1747960060.272:421): avc: denied { relabelto } for pid=3904 comm="syz.5.1545" name="" dev="pipefs" ino=30391 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=fifo_file permissive=1 trawcon="system_u:object_r:systemd_unit_file_t:s0" [ 72.324157][ T3884] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 72.338203][ T3884] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 72.544162][ T3914] loop5: detected capacity change from 0 to 256 [ 72.560752][ T3884] F2FS-fs (loop4): Found nat_bits in checkpoint [ 73.329828][ C0] sched: RT throttling activated [ 73.701783][ T3918] loop3: detected capacity change from 0 to 262144 [ 73.738426][ T3918] F2FS-fs (loop3): invalid crc value [ 73.956108][ T3918] F2FS-fs (loop3): Found nat_bits in checkpoint [ 74.068852][ T3918] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 74.330789][ T3884] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 74.338959][ T3884] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 74.412756][ T28] audit: type=1400 audit(1747960062.402:422): avc: denied { rename } for pid=3883 comm="syz.4.1536" name="file1" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 74.589925][ T6] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 74.782211][ T6] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 74.798828][ T3946] loop4: detected capacity change from 0 to 16 [ 74.819968][ T6] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 74.833119][ T3946] erofs: (device loop4): mounted with root inode @ nid 36. [ 74.843466][ T6] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 74.861517][ T3952] syz.5.1562[3952] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.861598][ T3952] syz.5.1562[3952] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 74.884057][ T3946] syz.4.1560: attempt to access beyond end of device [ 74.884057][ T3946] loop4: rw=0, sector=8, nr_sectors = 32 limit=16 [ 74.889531][ T6] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 74.925385][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 74.934307][ T6] usb 1-1: Product: syz [ 74.938818][ T6] usb 1-1: Manufacturer: syz [ 74.944545][ T6] usb 1-1: SerialNumber: syz [ 74.952038][ T28] audit: type=1400 audit(1747960062.942:423): avc: denied { append } for pid=3951 comm="syz.5.1562" name="001" dev="devtmpfs" ino=188 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 74.952631][ T3952] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 75.039550][ T3961] loop4: detected capacity change from 0 to 2048 [ 75.101325][ T3961] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 75.144302][ T3961] ext4 filesystem being mounted at /297/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 75.167563][ T3954] loop3: detected capacity change from 0 to 40427 [ 75.185004][ T3954] F2FS-fs (loop3): invalid crc value [ 75.191147][ T6] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 75.208883][ T285] EXT4-fs (loop4): unmounting filesystem. [ 75.215883][ T3954] F2FS-fs (loop3): Found nat_bits in checkpoint [ 75.281061][ T3954] F2FS-fs (loop3): Start checkpoint disabled! [ 75.298589][ T3954] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 75.445672][ T355] kworker/u4:4: attempt to access beyond end of device [ 75.445672][ T355] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 75.472501][ T24] usb 1-1: USB disconnect, device number 11 [ 75.478650][ T3977] loop4: detected capacity change from 0 to 40427 [ 75.490285][ T24] usblp0: removed [ 75.542560][ T3986] loop6: detected capacity change from 0 to 1024 [ 75.552411][ T3986] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 75.589025][ T3977] F2FS-fs (loop4): Found nat_bits in checkpoint [ 75.604532][ T3991] random: crng reseeded on system resumption [ 75.628888][ T3977] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 75.667258][ T3986] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 75.677204][ T285] syz-executor: attempt to access beyond end of device [ 75.677204][ T285] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 75.691168][ T3986] EXT4-fs (loop6): shut down requested (1) [ 75.700648][ T28] audit: type=1400 audit(1747960063.692:424): avc: denied { search } for pid=85 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 75.719862][ T39] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 75.724118][ T3986] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=15 [ 75.740981][ T3986] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=15 [ 75.741066][ T28] audit: type=1400 audit(1747960063.732:425): avc: denied { ioctl } for pid=3983 comm="syz.5.1575" path="/dev/raw-gadget" dev="devtmpfs" ino=258 ioctlcmd=0x5503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 75.798900][ T2584] EXT4-fs (loop6): unmounting filesystem. [ 75.919939][ T39] usb 6-1: Using ep0 maxpacket: 8 [ 75.926608][ T39] usb 6-1: config 135 has an invalid interface number: 230 but max is 0 [ 75.935423][ T39] usb 6-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 75.952926][ T39] usb 6-1: config 135 has no interface number 0 [ 75.960559][ T39] usb 6-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30 [ 75.974360][ T39] usb 6-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53 [ 75.976095][ T28] audit: type=1326 audit(1747960063.962:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4005 comm="syz.6.1583" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f06d2f8e969 code=0x0 [ 75.998619][ T39] usb 6-1: config 135 interface 230 has no altsetting 0 [ 76.029200][ T39] usb 6-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 76.047363][ T39] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.057081][ T39] usb 6-1: Product: syz [ 76.062378][ T39] usb 6-1: Manufacturer: syz [ 76.067345][ T39] usb 6-1: SerialNumber: syz [ 76.074991][ T4015] 9pnet: p9_errstr2errno: server reported unknown error @ÿ0x0000000000000004 [ 76.085310][ T39] usb 6-1: Found UVC 0.00 device syz (18ec:3288) [ 76.108523][ T39] usb 6-1: No valid video chain found. [ 76.139586][ T4019] loop0: detected capacity change from 0 to 2048 [ 76.160825][ T4019] Alternate GPT is invalid, using primary GPT. [ 76.167290][ T4019] loop0: p1 p2 p3 [ 76.229507][ T28] audit: type=1326 audit(1747960064.212:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4029 comm="syz.0.1590" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6f0398e969 code=0x0 [ 76.283347][ T4033] loop0: detected capacity change from 0 to 512 [ 76.329152][ T39] usb 6-1: USB disconnect, device number 4 [ 76.559455][ T4037] binder: 4036:4037 ioctl c0306201 200000001a80 returned -14 [ 76.630920][ T4041] loop3: detected capacity change from 0 to 4096 [ 76.641383][ T4026] loop4: detected capacity change from 0 to 131072 [ 76.649697][ T4026] F2FS-fs (loop4): Wrong NAT boundary, start(2560) end(3584) blocks(0) [ 76.651147][ T4041] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 76.660827][ T4026] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 76.683584][ T4026] F2FS-fs (loop4): invalid crc value [ 76.691769][ T4026] F2FS-fs (loop4): Found nat_bits in checkpoint [ 76.695260][ T4041] fs-verity: sha256 using implementation "sha256-avx2" [ 76.726164][ T4026] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 76.734413][ T4026] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 76.736314][ T286] EXT4-fs (loop3): unmounting filesystem. [ 77.026944][ T4055] loop3: detected capacity change from 0 to 40427 [ 77.035821][ T4055] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(0) root(83886083) [ 77.044814][ T4055] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 77.054297][ T4055] F2FS-fs (loop3): fault_injection options not supported [ 77.062192][ T4055] F2FS-fs (loop3): heap/no_heap options were deprecated [ 77.069596][ T4055] F2FS-fs (loop3): Image doesn't support compression [ 77.079428][ T4055] F2FS-fs (loop3): invalid crc value [ 77.096927][ T4055] F2FS-fs (loop3): Found nat_bits in checkpoint [ 77.137914][ T4055] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 77.146095][ T4055] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 77.148147][ T28] audit: type=1400 audit(1747960065.132:428): avc: denied { remount } for pid=4072 comm="syz.0.1608" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 77.313231][ T4098] overlayfs: missing 'lowerdir' [ 77.360831][ T39] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 77.370314][ T39] hid-generic 0000:0000:0000.0014: hidraw0: HID v0.00 Device [syz1] on syz0 [ 77.402937][ T4114] tun0: tun_chr_ioctl cmd 1074025675 [ 77.409591][ T4114] tun0: persist enabled [ 77.415206][ T4114] tun0: tun_chr_ioctl cmd 1074025675 [ 77.415679][ T4116] SELinux: Context Ž is not valid (left unmapped). [ 77.421945][ T4114] tun0: persist disabled [ 77.468860][ T4123] loop3: detected capacity change from 0 to 1024 [ 77.488406][ T4123] EXT4-fs: dax option not supported [ 77.511735][ T4128] loop0: detected capacity change from 0 to 512 [ 77.519555][ T4128] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 77.546873][ T4132] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1632'. [ 77.558404][ T4128] EXT4-fs (loop0): 1 truncate cleaned up [ 77.569976][ T4128] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 77.578615][ T4136] loop4: detected capacity change from 0 to 128 [ 77.603066][ T4136] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 77.620102][ T4136] ext4 filesystem being mounted at /312/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 77.663568][ T285] EXT4-fs (loop4): unmounting filesystem. [ 77.817189][ T4138] loop3: detected capacity change from 0 to 40427 [ 77.832303][ T4138] F2FS-fs (loop3): invalid crc value [ 77.856521][ T4138] F2FS-fs (loop3): Found nat_bits in checkpoint [ 77.895307][ T284] EXT4-fs (loop0): unmounting filesystem. [ 77.922323][ T4138] F2FS-fs (loop3): Start checkpoint disabled! [ 77.931619][ T28] audit: type=1400 audit(1747960065.922:429): avc: denied { read write } for pid=4158 comm="syz.4.1644" name="raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 77.937170][ T4138] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 77.976936][ T4138] syz.3.1635: attempt to access beyond end of device [ 77.976936][ T4138] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 77.999886][ T28] audit: type=1400 audit(1747960065.922:430): avc: denied { open } for pid=4158 comm="syz.4.1644" path="/dev/raw-gadget" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 78.019974][ T4138] F2FS-fs (loop3): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled [ 78.072051][ T355] kworker/u4:4: attempt to access beyond end of device [ 78.072051][ T355] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 78.120079][ T4147] loop6: detected capacity change from 0 to 40427 [ 78.138830][ T4147] F2FS-fs (loop6): fault_injection options not supported [ 78.149932][ T4147] F2FS-fs (loop6): Image doesn't support compression [ 78.159938][ T4147] F2FS-fs (loop6): Image doesn't support compression [ 78.171221][ T4147] F2FS-fs (loop6): fault_type options not supported [ 78.190798][ T4147] F2FS-fs (loop6): invalid crc value [ 78.199862][ T313] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 78.213140][ T4147] F2FS-fs (loop6): Found nat_bits in checkpoint [ 78.270557][ T4147] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 78.310474][ T4147] F2FS-fs (loop6): access invalid blkaddr:3 [ 78.316918][ T4147] CPU: 1 PID: 4147 Comm: syz.6.1638 Not tainted 6.1.134-syzkaller-00039-g3c6d0251e1fb #0 [ 78.327197][ T4147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 78.337718][ T4147] Call Trace: [ 78.341369][ T4147] [ 78.344479][ T4147] __dump_stack+0x21/0x24 [ 78.348990][ T4147] dump_stack_lvl+0xee/0x150 [ 78.353799][ T4147] ? __cfi_dump_stack_lvl+0x8/0x8 [ 78.359178][ T4147] ? __cfi_f2fs_get_dnode_of_data+0x10/0x10 [ 78.365688][ T4147] dump_stack+0x15/0x24 [ 78.369859][ T4147] __f2fs_is_valid_blkaddr+0xda6/0x1460 [ 78.375683][ T4147] f2fs_is_valid_blkaddr+0x23/0x30 [ 78.381093][ T4147] f2fs_map_blocks+0xc93/0x3a60 [ 78.385967][ T4147] ? __cfi_f2fs_map_blocks+0x10/0x10 [ 78.391361][ T4147] ? _raw_spin_unlock_irqrestore+0x5a/0x80 [ 78.399184][ T4147] ? rwsem_write_trylock+0x130/0x300 [ 78.404818][ T4147] ? __cfi___wake_up+0x10/0x10 [ 78.409909][ T4147] f2fs_precache_extents+0x18c/0x260 [ 78.416116][ T4147] ? __cfi_f2fs_precache_extents+0x10/0x10 [ 78.422732][ T4147] ? save_fpregs_to_fpstate+0x192/0x220 [ 78.430096][ T4147] ? __kasan_check_write+0x14/0x20 [ 78.436152][ T4147] ? __switch_to+0x51f/0xe30 [ 78.440943][ T4147] f2fs_fiemap+0x136/0x1940 [ 78.445748][ T4147] ? __cfi_f2fs_fiemap+0x10/0x10 [ 78.451670][ T4147] ? avc_has_extended_perms+0x95f/0xdc0 [ 78.457464][ T4147] ? __kasan_check_write+0x14/0x20 [ 78.462618][ T4147] do_vfs_ioctl+0x13c2/0x1c80 [ 78.467379][ T4147] ? __ia32_compat_sys_ioctl+0x790/0x790 [ 78.473322][ T4147] ? futex_unqueue+0x132/0x160 [ 78.478391][ T4147] ? wake_up_q+0x105/0x1b0 [ 78.483442][ T4147] ? __cfi_futex_wait+0x10/0x10 [ 78.488774][ T4147] ? ioctl_has_perm+0x391/0x4c0 [ 78.493702][ T4147] ? has_cap_mac_admin+0x330/0x330 [ 78.498827][ T4147] ? slab_free_freelist_hook+0xc2/0x190 [ 78.504497][ T4147] ? do_futex+0x2dc/0x420 [ 78.509217][ T4147] ? selinux_file_ioctl+0x377/0x480 [ 78.514967][ T4147] ? __cfi_do_futex+0x10/0x10 [ 78.519928][ T4147] ? __cfi_selinux_file_ioctl+0x10/0x10 [ 78.525490][ T4147] ? __fget_files+0x2d5/0x330 [ 78.530173][ T4147] ? security_file_ioctl+0x95/0xc0 [ 78.535292][ T4147] __se_sys_ioctl+0x9f/0x1b0 [ 78.539956][ T4147] __x64_sys_ioctl+0x7b/0x90 [ 78.544745][ T4147] x64_sys_call+0x58b/0x9a0 [ 78.549356][ T4147] do_syscall_64+0x4c/0xa0 [ 78.554611][ T4147] ? clear_bhb_loop+0x15/0x70 [ 78.559306][ T4147] ? clear_bhb_loop+0x15/0x70 [ 78.564071][ T4147] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 78.570181][ T4147] RIP: 0033:0x7f06d2f8e969 [ 78.574801][ T4147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.594944][ T4147] RSP: 002b:00007f06d3e92038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 78.603740][ T4147] RAX: ffffffffffffffda RBX: 00007f06d31b5fa0 RCX: 00007f06d2f8e969 [ 78.612281][ T4147] RDX: 0000200000000880 RSI: 00000000c020660b RDI: 0000000000000004 [ 78.620463][ T4147] RBP: 00007f06d3010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 78.629150][ T4147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 78.637144][ T4147] R13: 0000000000000000 R14: 00007f06d31b5fa0 R15: 00007fff6ba96cc8 [ 78.645660][ T4147] [ 78.689966][ T313] usb 5-1: Using ep0 maxpacket: 8 [ 78.696413][ T313] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 78.718628][ T313] usb 5-1: config 0 has no interfaces? [ 78.732799][ T313] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=9e.7e [ 78.748872][ T2584] syz-executor: attempt to access beyond end of device [ 78.748872][ T2584] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 78.750046][ T313] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.773481][ T313] usb 5-1: Product: syz [ 78.778493][ T313] usb 5-1: Manufacturer: syz [ 78.783796][ T313] usb 5-1: SerialNumber: syz [ 78.797129][ T313] usb 5-1: config 0 descriptor?? [ 78.974485][ T4190] tipc: Enabling of bearer rejected, media not registered [ 79.017260][ T4194] loop5: detected capacity change from 0 to 256 [ 79.037850][ T4169] loop0: detected capacity change from 0 to 131072 [ 79.050248][ T2321] usb 5-1: USB disconnect, device number 10 [ 79.056489][ T4169] F2FS-fs (loop0): invalid crc value [ 79.069251][ T4169] F2FS-fs (loop0): Found nat_bits in checkpoint [ 79.113708][ T4211] syz.3.1665[4211] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 79.113795][ T4211] syz.3.1665[4211] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 79.142258][ T4169] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 79.634376][ T28] audit: type=1400 audit(1747960067.622:431): avc: denied { write } for pid=4282 comm="syz.6.1701" name="usbmon0" dev="devtmpfs" ino=159 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 79.925933][ T28] audit: type=1400 audit(1747960067.912:432): avc: denied { setattr } for pid=4309 comm="syz.3.1711" name="vsock" dev="devtmpfs" ino=275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 79.952395][ T2321] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 80.030046][ T6] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 80.078729][ T4322] loop3: detected capacity change from 0 to 1024 [ 80.086771][ T4322] EXT4-fs: Ignoring removed nomblk_io_submit option [ 80.094577][ T4322] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 80.094726][ T4324] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 80.107799][ T4322] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 80.118562][ T4324] SELinux: failed to load policy [ 80.129147][ T4322] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 80.149880][ T2321] usb 7-1: Using ep0 maxpacket: 8 [ 80.156652][ T2321] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 80.167256][ T2321] usb 7-1: config 179 has no interface number 0 [ 80.173732][ T2321] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 80.184865][ T2321] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 80.196544][ T2321] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 80.207984][ T2321] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 80.219722][ T2321] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 80.233745][ T6] usb 1-1: Using ep0 maxpacket: 32 [ 80.239293][ T2321] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 80.248722][ T2321] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.257815][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 80.269165][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.279037][ T4285] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 80.286293][ T6] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 80.295992][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.306748][ T6] usb 1-1: config 0 descriptor?? [ 80.311462][ T4330] loop5: detected capacity change from 0 to 1024 [ 80.318930][ T6] hub 1-1:0.0: USB hub found [ 80.323374][ T4330] EXT4-fs: dax option not supported [ 80.421962][ T4335] loop5: detected capacity change from 0 to 1024 [ 80.428596][ T4335] EXT4-fs: dax option not supported [ 80.434554][ C1] operation not supported error, dev loop5, sector 0 op 0x9:(WRITE_ZEROES) flags 0x8000800 phys_seg 0 prio class 2 [ 80.446855][ T39] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 80.507657][ T2321] usb 7-1: USB disconnect, device number 5 [ 80.513781][ C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 80.513801][ C0] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 80.531310][ T6] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 80.579965][ T313] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 80.639860][ T39] usb 4-1: Using ep0 maxpacket: 16 [ 80.646639][ T39] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 80.655581][ T39] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 80.666100][ T39] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 80.680138][ T39] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 80.690500][ T39] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.698702][ T39] usb 4-1: Product: syz [ 80.703172][ T39] usb 4-1: Manufacturer: syz [ 80.708062][ T39] usb 4-1: SerialNumber: syz [ 80.771233][ T313] usb 5-1: config 0 has an invalid interface number: 156 but max is 0 [ 80.780190][ T313] usb 5-1: config 0 has no interface number 0 [ 80.787144][ T313] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 80.799957][ T313] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 80.810281][ T313] usb 5-1: config 0 interface 156 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 80.821233][ T313] usb 5-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 80.830430][ T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.838570][ T28] audit: type=1400 audit(1747960068.822:433): avc: denied { module_request } for pid=4351 comm="syz.5.1729" kmod="net-pf-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 80.870097][ T313] usb 5-1: config 0 descriptor?? [ 80.924410][ T6] hid-generic 0003:046D:C31C.0015: item fetching failed at offset 0/1 [ 80.934207][ T6] hid-generic: probe of 0003:046D:C31C.0015 failed with error -22 [ 81.118939][ T39] usb 4-1: 0:2 : does not exist [ 81.138085][ T313] usb 5-1: MIDIStreaming interface descriptor not found [ 81.146850][ T39] usb 4-1: USB disconnect, device number 12 [ 81.162533][ T313] snd-usb-audio: probe of 5-1:0.156 failed with error -12 [ 81.172921][ T4373] syz.5.1739[4373] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 81.172999][ T4373] syz.5.1739[4373] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 81.173386][ T313] usb 5-1: USB disconnect, device number 11 [ 81.250023][ T24] usb 1-1: USB disconnect, device number 12 [ 81.369440][ T28] audit: type=1400 audit(1747960069.352:434): avc: denied { read } for pid=4383 comm="syz.6.1744" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 81.509984][ T6] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 81.628692][ T286] EXT4-fs (loop3): unmounting filesystem. [ 81.666048][ T4392] loop3: detected capacity change from 0 to 512 [ 81.675304][ T4392] EXT4-fs: Ignoring removed orlov option [ 81.682202][ T4392] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 81.701163][ T6] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 81.728918][ T6] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 55360, setting to 64 [ 81.755490][ T6] usb 6-1: New USB device found, idVendor=0125, idProduct=a4a1, bcdDevice= 0.40 [ 81.767424][ T4392] EXT4-fs (loop3): 1 orphan inode deleted [ 81.774984][ T4392] EXT4-fs (loop3): 1 truncate cleaned up [ 81.782242][ T6] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.799765][ T6] usb 6-1: Product: syz [ 81.811110][ T6] usb 6-1: Manufacturer: syz [ 81.816602][ T6] usb 6-1: SerialNumber: syz [ 81.824394][ T4392] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 81.837085][ T6] cdc_ncm 6-1:1.0: skipping garbage [ 82.544410][ T4393] loop0: detected capacity change from 0 to 262144 [ 82.557992][ T4393] F2FS-fs (loop0): invalid crc value [ 82.577367][ T4392] EXT4-fs error (device loop3): ext4_check_all_de:666: inode #12: block 7: comm syz.3.1748: bad entry in directory: rec_len is too small for name_len - offset=0, inode=13, rec_len=16, size=124 fake=0 [ 82.600109][ T4393] F2FS-fs (loop0): Found nat_bits in checkpoint [ 82.602463][ T4407] loop4: detected capacity change from 0 to 16 [ 82.616164][ T4407] erofs: (device loop4): mounted with root inode @ nid 36. [ 82.626336][ T4392] EXT4-fs (loop3): Remounting filesystem read-only [ 82.642310][ T4393] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 82.644439][ T4408] EXT4-fs error (device loop3): ext4_generic_delete_entry:2729: inode #12: block 7: comm syz.3.1748: bad entry in directory: rec_len is too small for name_len - offset=0, inode=13, rec_len=16, size=56 fake=0 [ 82.684691][ T4408] EXT4-fs (loop3): Remounting filesystem read-only [ 82.691592][ T4408] EXT4-fs error (device loop3) in ext4_delete_inline_entry:1804: Corrupt filesystem [ 82.706347][ T4408] EXT4-fs (loop3): Remounting filesystem read-only [ 82.753306][ T286] EXT4-fs (loop3): unmounting filesystem. [ 82.898332][ T4423] SELinux: security_context_str_to_sid (s) failed with errno=-22 [ 82.949110][ T4429] SELinux: security_context_str_to_sid (user_u) failed with errno=-22 [ 83.040992][ T28] audit: type=1400 audit(1747960071.032:435): avc: denied { create } for pid=4437 comm="syz.0.1765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 83.061472][ T39] usb 4-1: new full-speed USB device number 13 using dummy_hcd [ 83.099041][ T4442] loop0: detected capacity change from 0 to 512 [ 83.111819][ T4442] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 83.123377][ T4442] ext4 filesystem being mounted at /301/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.149536][ T284] EXT4-fs (loop0): unmounting filesystem. [ 83.191071][ T4450] SELinux: policydb version 0 does not match my version range 15-33 [ 83.199896][ T4450] SELinux: failed to load policy [ 83.249999][ T313] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 83.259959][ T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 83.271271][ T39] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 83.281760][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.296548][ T39] usb 4-1: config 0 descriptor?? [ 83.303362][ T4419] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 83.363003][ T6] cdc_ncm 6-1:1.0: bind() failure [ 83.369339][ T6] cdc_ncm: probe of 6-1:1.1 failed with error -71 [ 83.376807][ T6] cdc_mbim: probe of 6-1:1.1 failed with error -71 [ 83.385184][ T6] usb 6-1: USB disconnect, device number 5 [ 83.431460][ T313] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 83.442074][ T313] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 83.453158][ T313] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 83.469725][ T313] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 83.480998][ T313] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.484587][ T4469] loop6: detected capacity change from 0 to 512 [ 83.489878][ T313] usb 5-1: Product: syz [ 83.502030][ T313] usb 5-1: Manufacturer: syz [ 83.502539][ T4469] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 83.507484][ T313] usb 5-1: SerialNumber: syz [ 83.517409][ T4469] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 83.533125][ T4469] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended [ 83.542921][ T4469] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 83.551672][ T4469] System zones: 0-2, 18-18, 34-34 [ 83.557617][ T4469] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 83.573416][ T4469] EXT4-fs (loop6): 1 truncate cleaned up [ 83.579204][ T4469] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 83.609100][ T2584] EXT4-fs (loop6): unmounting filesystem. [ 83.622640][ T28] audit: type=1400 audit(1747960071.612:436): avc: denied { name_bind } for pid=4471 comm="syz.6.1779" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 83.732492][ T39] hid-generic 0003:04F3:0755.0016: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.3-1/input0 [ 83.745631][ T313] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 12 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 83.745772][ T4486] netem: change failed [ 83.958351][ T39] usb 5-1: USB disconnect, device number 12 [ 83.966961][ T39] usblp0: removed [ 84.079181][ T28] audit: type=1400 audit(1747960072.062:437): avc: denied { bind } for pid=4489 comm="syz.5.1787" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 84.118438][ T4496] 9pnet: p9_errstr2errno: server reported unknown error @í΂Í(ááí«Qÿ0x0000000000000004 [ 84.151807][ T4498] loop6: detected capacity change from 0 to 1024 [ 84.160623][ T4498] EXT4-fs: dax option not supported [ 84.170061][ C0] operation not supported error, dev loop6, sector 0 op 0x9:(WRITE_ZEROES) flags 0x8000800 phys_seg 0 prio class 2 [ 84.204221][ T4502] loop6: detected capacity change from 0 to 512 [ 84.222323][ T4502] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 84.232995][ T4502] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 84.257577][ T2584] EXT4-fs (loop6): unmounting filesystem. [ 84.392083][ T4515] loop6: detected capacity change from 0 to 40427 [ 84.401743][ T4515] F2FS-fs (loop6): fault_injection options not supported [ 84.409429][ T4515] F2FS-fs (loop6): Image doesn't support compression [ 84.417011][ T4515] F2FS-fs (loop6): Image doesn't support compression [ 84.425479][ T4515] F2FS-fs (loop6): invalid crc value [ 84.434145][ T4515] F2FS-fs (loop6): Found nat_bits in checkpoint [ 84.471232][ T4515] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 84.497164][ T39] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0 [ 84.527932][ T2584] syz-executor: attempt to access beyond end of device [ 84.527932][ T2584] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 84.749997][ T313] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 84.758721][ T39] hid-generic 0000:0000:0000.0017: hidraw1: HID v0.00 Device [syz0] on syz0 [ 84.786099][ T28] audit: type=1400 audit(1747960072.772:438): avc: denied { getopt } for pid=4537 comm="syz.6.1807" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 84.939979][ T313] usb 5-1: Using ep0 maxpacket: 32 [ 84.947461][ T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.959508][ T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.971092][ T313] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 84.980688][ T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.980979][ T4563] loop5: detected capacity change from 0 to 512 [ 84.989758][ T313] usb 5-1: config 0 descriptor?? [ 84.996288][ T4563] EXT4-fs: Ignoring removed orlov option [ 85.001706][ T313] hub 5-1:0.0: USB hub found [ 85.006985][ T4563] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 85.024043][ T4563] EXT4-fs (loop5): 1 orphan inode deleted [ 85.029943][ T4563] EXT4-fs (loop5): 1 truncate cleaned up [ 85.036186][ T4563] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 85.056182][ T4563] EXT4-fs error (device loop5): ext4_check_all_de:666: inode #12: block 7: comm syz.5.1818: bad entry in directory: rec_len is too small for name_len - offset=0, inode=13, rec_len=16, size=124 fake=0 [ 85.076901][ T4563] EXT4-fs (loop5): Remounting filesystem read-only [ 85.085729][ T4563] EXT4-fs error (device loop5): ext4_generic_delete_entry:2729: inode #12: block 7: comm syz.5.1818: bad entry in directory: rec_len is too small for name_len - offset=0, inode=13, rec_len=16, size=56 fake=0 [ 85.107855][ T4563] EXT4-fs (loop5): Remounting filesystem read-only [ 85.117924][ T4563] EXT4-fs error (device loop5) in ext4_delete_inline_entry:1804: Corrupt filesystem [ 85.129063][ T4563] EXT4-fs (loop5): Remounting filesystem read-only [ 85.137716][ T28] audit: type=1400 audit(1747960073.122:439): avc: denied { ioctl } for pid=4566 comm="syz.0.1820" path="/dev/usbmon7" dev="devtmpfs" ino=180 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 85.179184][ T2317] EXT4-fs (loop5): unmounting filesystem. [ 85.203474][ T313] hub 5-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 85.347719][ T4589] loop3: detected capacity change from 0 to 512 [ 85.360070][ T2636] Bluetooth: hci0: Frame reassembly failed (-84) [ 85.376653][ T4589] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.1828: casefold flag without casefold feature [ 85.389835][ T4572] loop5: detected capacity change from 0 to 40427 [ 85.398202][ T4589] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.1828: couldn't read orphan inode 15 (err -117) [ 85.411029][ T4572] F2FS-fs (loop5): fault_type options not supported [ 85.419057][ T4589] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 85.419922][ T4572] F2FS-fs (loop5): invalid crc value [ 85.444087][ T4572] F2FS-fs (loop5): Found nat_bits in checkpoint [ 85.452339][ T286] EXT4-fs (loop3): unmounting filesystem. [ 85.484793][ T4572] F2FS-fs (loop5): Start checkpoint disabled! [ 85.492036][ T4572] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 85.521814][ T4572] syz.5.1821: attempt to access beyond end of device [ 85.521814][ T4572] loop5: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 85.564540][ T355] kworker/u4:4: attempt to access beyond end of device [ 85.564540][ T355] loop5: rw=1, sector=77936, nr_sectors = 8 limit=40427 [ 85.579221][ T355] kworker/u4:4: attempt to access beyond end of device [ 85.579221][ T355] loop5: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 85.593956][ T1073] usb 4-1: USB disconnect, device number 13 [ 85.612496][ T313] hid-generic 0003:046D:C31C.0018: item fetching failed at offset 0/1 [ 85.625862][ T313] hid-generic: probe of 0003:046D:C31C.0018 failed with error -22 [ 85.776104][ T4617] loop3: detected capacity change from 0 to 40427 [ 85.784494][ T4617] F2FS-fs (loop3): fault_injection options not supported [ 85.793471][ T4617] F2FS-fs (loop3): Image doesn't support compression [ 85.800858][ T4617] F2FS-fs (loop3): Image doesn't support compression [ 85.809248][ T4617] F2FS-fs (loop3): invalid crc value [ 85.817516][ T4617] F2FS-fs (loop3): Found nat_bits in checkpoint [ 85.843229][ T4617] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 85.870009][ T286] syz-executor: attempt to access beyond end of device [ 85.870009][ T286] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 85.899877][ T6] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 85.950529][ T1073] usb 5-1: USB disconnect, device number 13 [ 85.990003][ T313] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 86.081547][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 86.094471][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 86.106558][ T6] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 86.121184][ T6] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 86.130952][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.139988][ T6] usb 1-1: config 0 descriptor?? [ 86.171254][ T313] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 86.183600][ T313] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 86.194289][ T313] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 86.207738][ T313] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 86.217284][ T313] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.226269][ T313] usb 6-1: config 0 descriptor?? [ 86.443498][ T4630] loop4: detected capacity change from 0 to 256 [ 86.473573][ T4630] FAT-fs (loop4): Directory bread(block 64) failed [ 86.483908][ T4630] FAT-fs (loop4): Directory bread(block 65) failed [ 86.491839][ T4630] FAT-fs (loop4): Directory bread(block 66) failed [ 86.499217][ T4630] FAT-fs (loop4): Directory bread(block 67) failed [ 86.506395][ T4630] FAT-fs (loop4): Directory bread(block 68) failed [ 86.513468][ T4630] FAT-fs (loop4): Directory bread(block 69) failed [ 86.520695][ T4630] FAT-fs (loop4): Directory bread(block 70) failed [ 86.528080][ T4630] FAT-fs (loop4): Directory bread(block 71) failed [ 86.536133][ T4630] FAT-fs (loop4): Directory bread(block 72) failed [ 86.543084][ T4630] FAT-fs (loop4): Directory bread(block 73) failed [ 86.551854][ T6] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving [ 86.561905][ T6] plantronics 0003:047F:FFFF.0019: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 86.635666][ T313] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 86.643328][ T313] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 86.651026][ T313] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 86.659160][ T313] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 86.667660][ T313] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 86.676124][ T313] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0 [ 86.684898][ T313] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving [ 86.696849][ T313] plantronics 0003:047F:FFFF.001A: hiddev97,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 86.821507][ T1073] usb 1-1: USB disconnect, device number 13 [ 86.859289][ T6] usb 6-1: USB disconnect, device number 6 [ 86.965904][ T4656] loop4: detected capacity change from 0 to 40427 [ 86.980117][ T4656] F2FS-fs (loop4): fault_type options not supported [ 86.988379][ T4656] F2FS-fs (loop4): invalid crc value [ 87.001175][ T4656] F2FS-fs (loop4): Found nat_bits in checkpoint [ 87.039170][ T4656] F2FS-fs (loop4): Start checkpoint disabled! [ 87.046595][ T4656] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 87.147602][ T4668] tun0: tun_chr_ioctl cmd 1074025675 [ 87.153486][ T4668] tun0: persist enabled [ 87.158140][ T4668] tun0: tun_chr_ioctl cmd 1074025675 [ 87.163656][ T4668] tun0: persist enabled [ 87.178080][ T28] audit: type=1400 audit(1747960075.162:440): avc: denied { append } for pid=4669 comm="syz.3.1862" name="rtc0" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 87.339150][ T4674] loop0: detected capacity change from 0 to 512 [ 87.346168][ T4674] EXT4-fs: Ignoring removed i_version option [ 87.354553][ T4674] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 87.366465][ T28] audit: type=1400 audit(1747960075.352:441): avc: denied { remove_name } for pid=4673 comm="syz.0.1863" name="#7" dev="loop0" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 87.368450][ T4674] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2186: inode #15: comm syz.0.1863: corrupted in-inode xattr [ 87.402085][ T45] Bluetooth: hci0: command 0x1003 tx timeout [ 87.409223][ T3957] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 87.416052][ T4590] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 87.434950][ T284] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2186: inode #15: comm syz-executor: corrupted in-inode xattr [ 87.449338][ T28] audit: type=1400 audit(1747960075.352:442): avc: denied { unlink } for pid=4673 comm="syz.0.1863" name="#7" dev="loop0" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1 [ 87.453896][ T284] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2186: inode #15: comm syz-executor: corrupted in-inode xattr [ 87.501934][ T28] audit: type=1400 audit(1747960075.352:443): avc: denied { unlink } for pid=4673 comm="syz.0.1863" name="#8" dev="loop0" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 87.523742][ T28] audit: type=1400 audit(1747960075.352:444): avc: denied { write } for pid=4673 comm="syz.0.1863" name="/" dev="overlay" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 87.547207][ T28] audit: type=1400 audit(1747960075.352:445): avc: denied { remove_name } for pid=4673 comm="syz.0.1863" name="file1" dev="overlay" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 87.570855][ T28] audit: type=1400 audit(1747960075.352:446): avc: denied { unlink } for pid=4673 comm="syz.0.1863" name="file1" dev="overlay" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 87.594630][ T28] audit: type=1400 audit(1747960075.392:447): avc: denied { mounton } for pid=4676 comm="syz.5.1864" path="/232/file0" dev="tmpfs" ino=1227 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 87.600754][ T284] EXT4-fs (loop0): unmounting filesystem. [ 87.626664][ T8] tipc: Disabling bearer [ 87.633550][ T8] tipc: Left network mode [ 87.739327][ T4684] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.746660][ T4684] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.754573][ T4684] device bridge_slave_0 entered promiscuous mode [ 87.764287][ T4684] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.771633][ T4684] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.779684][ T4684] device bridge_slave_1 entered promiscuous mode [ 87.820340][ T4684] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.827383][ T4684] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.835083][ T4684] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.842396][ T4684] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.863222][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 87.871472][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.880059][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.891516][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 87.900311][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.908298][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.920762][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 87.929703][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.937835][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.951603][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 87.962163][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 87.983241][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 87.994777][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 88.003808][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 88.016569][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 88.042723][ T4684] device veth0_vlan entered promiscuous mode [ 88.067288][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 88.078848][ T4684] device veth1_macvtap entered promiscuous mode [ 88.101531][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 88.122002][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 88.172220][ T8] device bridge_slave_1 left promiscuous mode [ 88.179095][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.187572][ T8] device bridge_slave_0 left promiscuous mode [ 88.202122][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.214224][ T8] device veth1_macvtap left promiscuous mode [ 88.220782][ T8] device veth0_vlan left promiscuous mode [ 88.228178][ T2321] hid-generic 0000:0000:0000.001B: unknown main item tag 0x0 [ 88.254276][ T2321] hid-generic 0000:0000:0000.001B: hidraw0: HID v0.00 Device [syz0] on syz0 [ 88.470239][ T4728] loop6: detected capacity change from 0 to 8192 [ 88.528630][ T4733] device bridge0 entered promiscuous mode [ 88.534763][ T4728] loop6: p2 p3 p4[EZD] [ 88.535353][ T4732] device bridge0 left promiscuous mode [ 88.545461][ T4728] loop6: p3 start 458783 is beyond EOD, truncated [ 88.552691][ T4728] loop6: p4 size 65536 extends beyond EOD, truncated [ 88.619866][ T1108] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 88.630895][ T4739] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 88.636266][ T4726] loop4: detected capacity change from 0 to 40427 [ 88.736747][ T4726] F2FS-fs (loop4): fault_injection options not supported [ 88.758067][ T4726] F2FS-fs (loop4): invalid crc value [ 88.767960][ T4726] F2FS-fs (loop4): Found nat_bits in checkpoint [ 88.783419][ T4746] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1895'. [ 88.811432][ T4726] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 88.832030][ T1108] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.849845][ T1108] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 88.869909][ T1108] usb 8-1: New USB device found, idVendor=0416, idProduct=c168, bcdDevice= 0.00 [ 88.889914][ T1108] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.909662][ T1108] usb 8-1: config 0 descriptor?? [ 89.039019][ T4751] loop6: detected capacity change from 0 to 40427 [ 89.047613][ T4751] F2FS-fs (loop6): invalid crc value [ 89.055153][ T4751] F2FS-fs (loop6): Found nat_bits in checkpoint [ 89.080624][ T4751] F2FS-fs (loop6): Start checkpoint disabled! [ 89.087447][ T4751] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 89.117931][ T4751] syz.6.1905: attempt to access beyond end of device [ 89.117931][ T4751] loop6: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 89.142555][ T4751] F2FS-fs (loop6): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled [ 89.190306][ T8] kworker/u4:0: attempt to access beyond end of device [ 89.190306][ T8] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 89.309940][ T2321] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 89.330721][ T4766] loop6: detected capacity change from 0 to 16 [ 89.337577][ T1108] hid-generic 0003:0416:C168.001C: unknown main item tag 0x0 [ 89.340322][ T4766] erofs: (device loop6): mounted with root inode @ nid 36. [ 89.345807][ T1108] hid-generic 0003:0416:C168.001C: hidraw0: USB HID v0.00 Device [HID 0416:c168] on usb-dummy_hcd.7-1/input0 [ 89.371240][ T4768] netlink: 'syz.6.1901': attribute type 2 has an invalid length. [ 89.527935][ T2321] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.549770][ T2321] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.559137][ T1108] usb 8-1: USB disconnect, device number 2 [ 89.560991][ T2321] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 89.581154][ T2321] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 89.590895][ T2321] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.601271][ T2321] usb 5-1: config 0 descriptor?? [ 89.691071][ T4781] loop3: detected capacity change from 0 to 1024 [ 89.701834][ T4781] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 89.715210][ T4781] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1908: bg 0: block 88: padding at end of block bitmap is not set [ 89.738880][ T286] EXT4-fs (loop3): unmounting filesystem. [ 89.759917][ T1073] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 89.858928][ T4800] loop3: detected capacity change from 0 to 512 [ 89.873798][ T4800] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 89.883447][ T4800] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.903525][ T28] kauditd_printk_skb: 4 callbacks suppressed [ 89.903539][ T28] audit: type=1400 audit(1747960077.892:452): avc: denied { append } for pid=4799 comm="syz.3.1916" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 89.934690][ T286] EXT4-fs (loop3): unmounting filesystem. [ 89.959848][ T1073] usb 7-1: Using ep0 maxpacket: 32 [ 89.966979][ T1073] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 89.979689][ T1073] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 89.990956][ T1073] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 90.001383][ T1073] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.011341][ T2321] plantronics 0003:047F:FFFF.001D: No inputs registered, leaving [ 90.020457][ T1073] usb 7-1: config 0 descriptor?? [ 90.033784][ T2321] plantronics 0003:047F:FFFF.001D: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 90.048158][ T1073] hub 7-1:0.0: USB hub found [ 90.103506][ T4813] tipc: Started in network mode [ 90.119936][ T4813] tipc: Node identity 7, cluster identity 4711 [ 90.129353][ T4818] input: syz1 as /devices/virtual/input/input12 [ 90.137720][ T4813] tipc: Node number set to 7 [ 90.183109][ T4824] loop7: detected capacity change from 0 to 128 [ 90.209951][ T4824] EXT4-fs (loop7): VFS: Found ext4 filesystem with unknown checksum algorithm. [ 90.250197][ T1073] hub 7-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 90.269207][ T28] audit: type=1400 audit(1747960078.252:453): avc: denied { mounton } for pid=4831 comm="syz.5.1930" path="/246/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 90.315981][ T19] usb 5-1: USB disconnect, device number 14 [ 90.387995][ T4843] loop3: detected capacity change from 0 to 512 [ 90.397649][ T4843] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 90.410058][ T4843] EXT4-fs warning (device loop3): dx_probe:869: inode #2: comm syz.3.1935: Unimplemented hash flags: 0x0001 [ 90.422710][ T4843] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.1935: Corrupt directory, running e2fsck is recommended [ 90.437581][ T28] audit: type=1400 audit(1747960078.422:454): avc: denied { shutdown } for pid=4847 comm="syz.7.1937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 90.448681][ T4850] loop7: detected capacity change from 0 to 1024 [ 90.459665][ T4843] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.1935: path /386/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0 [ 90.466136][ T28] audit: type=1400 audit(1747960078.422:455): avc: denied { write } for pid=4847 comm="syz.7.1937" path="socket:[35862]" dev="sockfs" ino=35862 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 90.499124][ T4850] EXT4-fs: Ignoring removed orlov option [ 90.520067][ T4850] EXT4-fs: Ignoring removed nomblk_io_submit option [ 90.542546][ T4850] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 90.599889][ T2321] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 90.710033][ T4684] EXT4-fs (loop7): unmounting filesystem. [ 90.718592][ T1073] hid-generic 0003:046D:C31C.001E: item fetching failed at offset 0/1 [ 90.727278][ T1073] hid-generic: probe of 0003:046D:C31C.001E failed with error -22 [ 90.740556][ T8] Bluetooth: hci0: Frame reassembly failed (-84) [ 90.781768][ T2321] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 90.794165][ T2321] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 90.804080][ T2321] usb 6-1: New USB device found, idVendor=0416, idProduct=c168, bcdDevice= 0.00 [ 90.813366][ T2321] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.821919][ T2321] usb 6-1: config 0 descriptor?? [ 91.026360][ T286] EXT4-fs (loop3): unmounting filesystem. [ 91.039977][ T39] usb 7-1: USB disconnect, device number 6 [ 91.063905][ T4875] loop4: detected capacity change from 0 to 1024 [ 91.071644][ T4875] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 91.080569][ T4875] EXT4-fs (loop4): Test dummy encryption mode enabled [ 91.089479][ T4875] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 91.112039][ T285] EXT4-fs (loop4): unmounting filesystem. [ 91.231478][ T2321] hid-generic 0003:0416:C168.001F: unknown main item tag 0x0 [ 91.240862][ T2321] hid-generic 0003:0416:C168.001F: hidraw0: USB HID v0.00 Device [HID 0416:c168] on usb-dummy_hcd.5-1/input0 [ 91.448769][ T2321] usb 6-1: USB disconnect, device number 7 [ 91.553511][ T4899] loop6: detected capacity change from 0 to 256 [ 91.567225][ T4899] FAT-fs (loop6): Directory bread(block 64) failed [ 91.574410][ T4899] FAT-fs (loop6): Directory bread(block 65) failed [ 91.581969][ T4899] FAT-fs (loop6): Directory bread(block 66) failed [ 91.590040][ T4899] FAT-fs (loop6): Directory bread(block 67) failed [ 91.596927][ T4899] FAT-fs (loop6): Directory bread(block 68) failed [ 91.605426][ T4899] FAT-fs (loop6): Directory bread(block 69) failed [ 91.613593][ T4899] FAT-fs (loop6): Directory bread(block 70) failed [ 91.621135][ T4899] FAT-fs (loop6): Directory bread(block 71) failed [ 91.629705][ T4899] FAT-fs (loop6): Directory bread(block 72) failed [ 91.636421][ T4899] FAT-fs (loop6): Directory bread(block 73) failed [ 91.680016][ T1073] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 91.869950][ T1073] usb 4-1: Using ep0 maxpacket: 16 [ 91.878805][ T1073] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00 [ 91.888478][ T1073] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.900244][ T1073] usb 4-1: Product: syz [ 91.904863][ T1073] usb 4-1: Manufacturer: syz [ 91.910365][ T1073] usb 4-1: SerialNumber: syz [ 91.915946][ T1073] usb 4-1: config 0 descriptor?? [ 91.922347][ T1073] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 91.930935][ T1073] usb 4-1: Detected FT-X [ 91.939883][ T39] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 91.980363][ T4905] SELinux: Context system_u:object_r:systemd_passwd_var_run_t:s0 is not valid (left unmapped). [ 91.993813][ T28] audit: type=1400 audit(1747960079.982:456): avc: denied { relabelto } for pid=4904 comm="syz.5.1961" name="248" dev="tmpfs" ino=1304 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0" [ 92.024942][ T28] audit: type=1400 audit(1747960079.982:457): avc: denied { associate } for pid=4904 comm="syz.5.1961" name="248" dev="tmpfs" ino=1304 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:systemd_passwd_var_run_t:s0" [ 92.035471][ T313] hid-generic 0000:0004:0000.0020: unknown main item tag 0x0 [ 92.061359][ T28] audit: type=1400 audit(1747960080.012:458): avc: denied { write } for pid=2317 comm="syz-executor" name="248" dev="tmpfs" ino=1304 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0" [ 92.069147][ T313] hid-generic 0000:0004:0000.0020: unknown main item tag 0x0 [ 92.100810][ T28] audit: type=1400 audit(1747960080.012:459): avc: denied { remove_name } for pid=2317 comm="syz-executor" name="binderfs" dev="tmpfs" ino=1308 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0" [ 92.111443][ T313] hid-generic 0000:0004:0000.0020: unknown main item tag 0x0 [ 92.142823][ T28] audit: type=1400 audit(1747960080.012:460): avc: denied { rmdir } for pid=2317 comm="syz-executor" name="248" dev="tmpfs" ino=1304 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_passwd_var_run_t:s0" [ 92.183113][ T1073] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 92.183678][ T313] hid-generic 0000:0004:0000.0020: hidraw0: HID v0.00 Device [syz0] on syz1 [ 92.203784][ T39] usb 7-1: config 0 has an invalid interface number: 156 but max is 0 [ 92.213456][ T39] usb 7-1: config 0 has no interface number 0 [ 92.221015][ T39] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 92.235812][ T39] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 92.236046][ T4909] loop5: detected capacity change from 0 to 256 [ 92.247972][ T39] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 92.248014][ T39] usb 7-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 92.276821][ T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.288782][ T39] usb 7-1: config 0 descriptor?? [ 92.295873][ T39] usb 7-1: MIDIStreaming interface descriptor not found [ 92.311545][ T39] snd-usb-audio: probe of 7-1:0.156 failed with error -12 [ 92.429941][ T313] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 92.511295][ T24] usb 7-1: USB disconnect, device number 7 [ 92.605456][ T1073] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 92.621102][ T313] usb 5-1: config 0 has no interfaces? [ 92.628923][ T313] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 92.638743][ T313] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.646975][ T313] usb 5-1: Product: syz [ 92.651589][ T313] usb 5-1: Manufacturer: syz [ 92.656607][ T313] usb 5-1: SerialNumber: syz [ 92.661610][ T313] r8152-cfgselector 5-1: config 0 descriptor?? [ 92.749906][ T4592] Bluetooth: hci0: command 0x1003 tx timeout [ 92.749969][ T3957] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 92.763689][ T4858] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 92.806221][ T24] usb 4-1: USB disconnect, device number 14 [ 92.813327][ T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 92.823757][ T24] ftdi_sio 4-1:0.0: device disconnected [ 92.844619][ T4929] loop5: detected capacity change from 0 to 512 [ 92.863285][ T4929] EXT4-fs (loop5): 1 orphan inode deleted [ 92.869671][ T4929] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 92.879290][ T4929] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.892154][ T8] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 92.898278][ T2636] usb 5-1: config 0 descriptor?? [ 92.903120][ T8] EXT4-fs error (device loop5): ext4_release_dquot:6812: comm kworker/u4:0: Failed to release dquot type 1 [ 93.085124][ T2321] usb 5-1: USB disconnect, device number 15 [ 93.085124][ T2636] usb 5-1: can't set config #0, error -71 [ 93.100888][ T4937] loop6: detected capacity change from 0 to 8192 [ 93.109904][ T4937] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 93.169898][ T313] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 93.340601][ T4949] incfs: Backing dir is not set, filesystem can't be mounted. [ 93.348804][ T4949] incfs: mount failed -2 [ 93.353720][ T313] usb 6-1: Using ep0 maxpacket: 16 [ 93.361130][ T313] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 93.373954][ T313] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 93.384037][ T313] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 93.397661][ T313] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 93.398112][ T4953] overlayfs: missing 'lowerdir' [ 93.408463][ T313] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.409162][ T313] usb 6-1: config 0 descriptor?? [ 93.527289][ T4969] SELinux: Context Ü is not valid (left unmapped). [ 93.698879][ T5000] loop4: detected capacity change from 0 to 4096 [ 93.721391][ T5000] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 93.757852][ T285] EXT4-fs (loop4): unmounting filesystem. [ 93.819977][ T2321] ================================================================== [ 93.828494][ T2321] BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480 [ 93.835726][ T2321] Write of size 8 at addr ffff888117290a00 by task kworker/0:5/2321 [ 93.837362][ T313] microsoft 0003:045E:07DA.0021: unknown main item tag 0x4 [ 93.843818][ T2321] [ 93.843831][ T2321] CPU: 0 PID: 2321 Comm: kworker/0:5 Not tainted 6.1.134-syzkaller-00039-g3c6d0251e1fb #0 [ 93.843857][ T2321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 93.843869][ T2321] Workqueue: usb_hub_wq hub_event [ 93.843901][ T2321] Call Trace: [ 93.843908][ T2321] [ 93.870271][ T313] microsoft 0003:045E:07DA.0021: unknown main item tag 0x0 [ 93.875906][ T2321] __dump_stack+0x21/0x24 [ 93.875949][ T2321] dump_stack_lvl+0xee/0x150 [ 93.899897][ T313] microsoft 0003:045E:07DA.0021: unknown main item tag 0x0 [ 93.900623][ T2321] ? __cfi_dump_stack_lvl+0x8/0x8 [ 93.909890][ T313] microsoft 0003:045E:07DA.0021: unknown main item tag 0x0 [ 93.913501][ T2321] ? enqueue_timer+0xae/0x480 [ 93.929916][ T313] microsoft 0003:045E:07DA.0021: unknown main item tag 0x0 [ 93.931770][ T2321] print_address_description+0x71/0x210 [ 93.939858][ T1108] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 93.945051][ T2321] print_report+0x4a/0x60 [ 93.957989][ T2321] kasan_report+0x122/0x150 [ 93.963045][ T2321] ? enqueue_timer+0xae/0x480 [ 93.968133][ T2321] __asan_report_store8_noabort+0x17/0x20 [ 93.975118][ T2321] enqueue_timer+0xae/0x480 [ 93.980003][ T2321] __mod_timer+0x79f/0xb30 [ 93.985468][ T2321] schedule_timeout+0x127/0x2e0 [ 93.990685][ T2321] ? __cfi_schedule_timeout+0x10/0x10 [ 93.996180][ T2321] ? __cfi_process_timeout+0x10/0x10 [ 94.001606][ T2321] ? __cfi__raw_spin_lock+0x10/0x10 [ 94.007051][ T2321] ? _raw_spin_lock+0x8e/0xe0 [ 94.012961][ T2321] wait_for_common+0x354/0x620 [ 94.017844][ T2321] ? usb_hcd_giveback_urb+0x351/0x410 [ 94.023642][ T2321] ? wait_for_completion+0x20/0x20 [ 94.028792][ T2321] ? usb_submit_urb+0x122d/0x1900 [ 94.033857][ T2321] wait_for_completion_timeout+0xe/0x10 [ 94.040688][ T2321] usb_start_wait_urb+0x166/0x2f0 [ 94.047105][ T2321] ? usb_api_blocking_completion+0xb0/0xb0 [ 94.053729][ T2321] ? usb_alloc_urb+0x44/0x140 [ 94.058710][ T2321] ? __kasan_check_write+0x14/0x20 [ 94.064134][ T2321] usb_control_msg+0x241/0x3f0 [ 94.069008][ T2321] hub_ext_port_status+0x100/0x6b0 [ 94.074607][ T2321] hub_port_reset+0x652/0x16e0 [ 94.080097][ T2321] hub_port_init+0x2ad/0x2880 [ 94.085236][ T2321] ? __cfi_queue_work_on+0x10/0x10 [ 94.091568][ T2321] ? __kasan_check_write+0x14/0x20 [ 94.097751][ T2321] ? __cfi_mutex_unlock+0x10/0x10 [ 94.103215][ T2321] ? _find_next_zero_bit+0x8d/0x140 [ 94.109678][ T2321] hub_event+0x2643/0x4680 [ 94.114694][ T2321] ? __cfi_hub_event+0x10/0x10 [ 94.119946][ T2321] ? __kasan_check_write+0x14/0x20 [ 94.125275][ T2321] ? _raw_spin_lock_irq+0x8f/0xe0 [ 94.130582][ T2321] ? __kasan_check_read+0x11/0x20 [ 94.135806][ T2321] ? read_word_at_a_time+0x12/0x20 [ 94.141044][ T2321] ? strscpy+0x9b/0x290 [ 94.146265][ T2321] process_one_work+0x71f/0xc40 [ 94.151719][ T2321] worker_thread+0xa29/0x11f0 [ 94.156416][ T2321] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 94.162000][ T2321] kthread+0x281/0x320 [ 94.167125][ T2321] ? __cfi_worker_thread+0x10/0x10 [ 94.172749][ T2321] ? __cfi_kthread+0x10/0x10 [ 94.178251][ T2321] ret_from_fork+0x1f/0x30 [ 94.183574][ T2321] [ 94.186701][ T2321] [ 94.189209][ T2321] Allocated by task 4858: [ 94.193623][ T2321] kasan_set_track+0x4b/0x70 [ 94.199021][ T2321] kasan_save_alloc_info+0x25/0x30 [ 94.205121][ T2321] __kasan_kmalloc+0x95/0xb0 [ 94.210339][ T2321] __kmalloc+0xb1/0x1e0 [ 94.214691][ T2321] hci_alloc_dev_priv+0x27/0x1bd0 [ 94.220286][ T2321] hci_uart_tty_ioctl+0x3c8/0xa00 [ 94.226729][ T2321] tty_ioctl+0x8ef/0xc60 [ 94.231549][ T2321] __se_sys_ioctl+0x12f/0x1b0 [ 94.236711][ T2321] __x64_sys_ioctl+0x7b/0x90 [ 94.241853][ T2321] x64_sys_call+0x58b/0x9a0 [ 94.246808][ T2321] do_syscall_64+0x4c/0xa0 [ 94.251378][ T2321] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 94.257825][ T2321] [ 94.260512][ T2321] Freed by task 4858: [ 94.265279][ T2321] kasan_set_track+0x4b/0x70 [ 94.270155][ T2321] kasan_save_free_info+0x31/0x50 [ 94.275802][ T2321] ____kasan_slab_free+0x132/0x180 [ 94.281829][ T2321] __kasan_slab_free+0x11/0x20 [ 94.287389][ T2321] slab_free_freelist_hook+0xc2/0x190 [ 94.294303][ T2321] __kmem_cache_free+0xb7/0x1b0 [ 94.299881][ T2321] kfree+0x6f/0xf0 [ 94.304062][ T2321] hci_release_dev+0x13ad/0x1500 [ 94.309100][ T2321] bt_host_release+0x82/0x90 [ 94.313802][ T2321] device_release+0xa4/0x1d0 [ 94.318508][ T2321] kobject_put+0x19d/0x280 [ 94.323053][ T2321] put_device+0x1f/0x30 [ 94.328004][ T2321] hci_dev_cmd+0x265/0x720 [ 94.333491][ T2321] hci_sock_ioctl+0x41e/0x7f0 [ 94.339072][ T2321] sock_do_ioctl+0x101/0x310 [ 94.343951][ T2321] sock_ioctl+0x4d8/0x6e0 [ 94.348289][ T2321] __se_sys_ioctl+0x12f/0x1b0 [ 94.353932][ T2321] __x64_sys_ioctl+0x7b/0x90 [ 94.358642][ T2321] x64_sys_call+0x58b/0x9a0 [ 94.375907][ T2321] do_syscall_64+0x4c/0xa0 [ 94.380404][ T2321] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 94.386324][ T2321] [ 94.388653][ T2321] Last potentially related work creation: [ 94.394369][ T2321] kasan_save_stack+0x3a/0x60 [ 94.399330][ T2321] __kasan_record_aux_stack+0xb6/0xc0 [ 94.404799][ T2321] kasan_record_aux_stack_noalloc+0xb/0x10 [ 94.410630][ T2321] insert_work+0x51/0x300 [ 94.415059][ T2321] __queue_work+0x9b1/0xd30 [ 94.424370][ T2321] queue_work_on+0xd2/0x140 [ 94.429800][ T2321] __hci_cmd_sync_sk+0xa3e/0xcf0 [ 94.435784][ T2321] hci_cmd_sync_status+0x53/0x120 [ 94.442275][ T2321] hci_dev_cmd+0x628/0x720 [ 94.449137][ T2321] hci_sock_ioctl+0x41e/0x7f0 [ 94.453842][ T2321] sock_do_ioctl+0x101/0x310 [ 94.458635][ T2321] sock_ioctl+0x4d8/0x6e0 [ 94.464034][ T2321] __se_sys_ioctl+0x12f/0x1b0 [ 94.469446][ T2321] __x64_sys_ioctl+0x7b/0x90 [ 94.474163][ T2321] x64_sys_call+0x58b/0x9a0 [ 94.479391][ T2321] do_syscall_64+0x4c/0xa0 [ 94.484007][ T2321] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 94.489910][ T2321] [ 94.492233][ T2321] Second to last potentially related work creation: [ 94.498807][ T2321] kasan_save_stack+0x3a/0x60 [ 94.503484][ T2321] __kasan_record_aux_stack+0xb6/0xc0 [ 94.509125][ T2321] kasan_record_aux_stack_noalloc+0xb/0x10 [ 94.514934][ T2321] insert_work+0x51/0x300 [ 94.519265][ T2321] __queue_work+0x9b1/0xd30 [ 94.523796][ T2321] queue_work_on+0xd2/0x140 [ 94.528643][ T2321] hci_cmd_timeout+0x191/0x200 [ 94.533533][ T2321] process_one_work+0x71f/0xc40 [ 94.538953][ T2321] worker_thread+0xa29/0x11f0 [ 94.543824][ T2321] kthread+0x281/0x320 [ 94.547989][ T2321] ret_from_fork+0x1f/0x30 [ 94.552439][ T2321] [ 94.554939][ T2321] The buggy address belongs to the object at ffff888117290000 [ 94.554939][ T2321] which belongs to the cache kmalloc-8k of size 8192 [ 94.569515][ T2321] The buggy address is located 2560 bytes inside of [ 94.569515][ T2321] 8192-byte region [ffff888117290000, ffff888117292000) [ 94.583142][ T2321] [ 94.585651][ T2321] The buggy address belongs to the physical page: [ 94.592606][ T2321] page:ffffea00045ca400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x117290 [ 94.603074][ T2321] head:ffffea00045ca400 order:3 compound_mapcount:0 compound_pincount:0 [ 94.612198][ T2321] flags: 0x4000000000010200(slab|head|zone=1) [ 94.618495][ T2321] raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043500 [ 94.627670][ T2321] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000 [ 94.636805][ T2321] page dumped because: kasan: bad access detected [ 94.643415][ T2321] page_owner tracks the page as allocated [ 94.649584][ T2321] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 4848, tgid 4847 (syz.7.1937), ts 90434580781, free_ts 90074869056 [ 94.671386][ T2321] post_alloc_hook+0x1f5/0x210 [ 94.676260][ T2321] prep_new_page+0x1c/0x110 [ 94.680967][ T2321] get_page_from_freelist+0x2c6e/0x2ce0 [ 94.687962][ T2321] __alloc_pages+0x19e/0x3a0 [ 94.693020][ T2321] alloc_slab_page+0x6e/0xf0 [ 94.697816][ T2321] new_slab+0x98/0x3d0 [ 94.701897][ T2321] ___slab_alloc+0x6f6/0xb50 [ 94.707042][ T2321] __slab_alloc+0x5e/0xa0 [ 94.711376][ T2321] __kmem_cache_alloc_node+0x203/0x2c0 [ 94.716861][ T2321] kmalloc_trace+0x29/0xb0 [ 94.721291][ T2321] audit_log_d_path+0xc6/0x240 [ 94.726261][ T2321] common_lsm_audit+0x327/0x16d0 [ 94.731212][ T2321] slow_avc_audit+0x1ac/0x220 [ 94.735925][ T2321] avc_has_perm+0x1e6/0x240 [ 94.740797][ T2321] file_has_perm+0x4a1/0x640 [ 94.745538][ T2321] selinux_file_permission+0x3ef/0x510 [ 94.751349][ T2321] page last free stack trace: [ 94.756274][ T2321] free_unref_page_prepare+0x742/0x750 [ 94.761782][ T2321] free_unref_page+0x8f/0x530 [ 94.766660][ T2321] __free_pages+0x67/0x100 [ 94.771625][ T2321] __free_slab+0xca/0x1a0 [ 94.776184][ T2321] __unfreeze_partials+0x160/0x190 [ 94.783258][ T2321] put_cpu_partial+0xa9/0x100 [ 94.788669][ T2321] __slab_free+0x1c4/0x280 [ 94.794444][ T2321] ___cache_free+0xbf/0xd0 [ 94.799413][ T2321] qlist_free_all+0xc6/0x140 [ 94.804315][ T2321] kasan_quarantine_reduce+0x14a/0x170 [ 94.810559][ T2321] __kasan_slab_alloc+0x24/0x80 [ 94.816047][ T2321] slab_post_alloc_hook+0x4f/0x2d0 [ 94.821983][ T2321] kmem_cache_alloc+0x16e/0x330 [ 94.826941][ T2321] getname_flags+0xb9/0x500 [ 94.832091][ T2321] user_path_at_empty+0x30/0x1c0 [ 94.837156][ T2321] __x64_sys_umount+0xf1/0x160 [ 94.842039][ T2321] [ 94.844546][ T2321] Memory state around the buggy address: [ 94.850264][ T2321] ffff888117290900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.858439][ T2321] ffff888117290980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.866860][ T2321] >ffff888117290a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.875216][ T2321] ^ [ 94.879385][ T2321] ffff888117290a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.887444][ T2321] ffff888117290b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 94.895852][ T2321] ================================================================== [ 94.904205][ T2321] Disabling lock debugging due to kernel taint [ 94.911225][ C0] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN [ 94.923839][ C0] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 94.933394][ C0] CPU: 0 PID: 13 Comm: ksoftirqd/0 Tainted: G B 6.1.134-syzkaller-00039-g3c6d0251e1fb #0 [ 94.945217][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 94.956663][ C0] RIP: 0010:__queue_work+0x575/0xd30 [ 94.962854][ C0] Code: 39 2b 0f 84 b9 00 00 00 e8 28 d0 28 00 4c 89 ff e8 30 8d a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 7c 21 6d 00 49 8b 7d 00 e8 13 89 [ 94.983891][ C0] RSP: 0018:ffffc900000d7b10 EFLAGS: 00010046 [ 94.990851][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88810039a880 [ 95.000848][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 95.009996][ C0] RBP: ffffc900000d7ba8 R08: fffffffffffffffb R09: 0000000000000007 [ 95.019209][ C0] R10: ffffed1022e52139 R11: 1ffff11022e52139 R12: dffffc0000000000 [ 95.027483][ C0] R13: 0000000000000000 R14: ffff8881172909c8 R15: 0000000000000008 [ 95.036880][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 95.046786][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.055389][ C0] CR2: 00007f9f89ea8f98 CR3: 0000000006e0f000 CR4: 00000000003506b0 [ 95.064010][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 95.072266][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 95.080533][ C0] Call Trace: [ 95.083826][ C0] [ 95.086848][ C0] delayed_work_timer_fn+0x61/0x80 [ 95.092162][ C0] ? __cfi_delayed_work_timer_fn+0x10/0x10 [ 95.099123][ C0] call_timer_fn+0x46/0x2a0 [ 95.103655][ C0] ? __cfi_delayed_work_timer_fn+0x10/0x10 [ 95.109715][ C0] __run_timers+0x667/0x9a0 [ 95.114875][ C0] ? calc_index+0x200/0x200 [ 95.119535][ C0] ? finish_task_switch+0x16b/0x7b0 [ 95.125031][ C0] ? __schedule+0xb8f/0x14e0 [ 95.129727][ C0] run_timer_softirq+0x6a/0xf0 [ 95.134864][ C0] handle_softirqs+0x1d7/0x600 [ 95.139748][ C0] ? __cfi_run_ksoftirqd+0x10/0x10 [ 95.145182][ C0] run_ksoftirqd+0x28/0x30 [ 95.149787][ C0] smpboot_thread_fn+0x4a0/0x910 [ 95.154755][ C0] kthread+0x281/0x320 [ 95.158864][ C0] ? __cfi_smpboot_thread_fn+0x10/0x10 [ 95.164439][ C0] ? __cfi_kthread+0x10/0x10 [ 95.169404][ C0] ret_from_fork+0x1f/0x30 [ 95.174069][ C0] [ 95.177197][ C0] Modules linked in: [ 95.181202][ C0] ---[ end trace 0000000000000000 ]--- [ 95.186746][ C0] RIP: 0010:__queue_work+0x575/0xd30 [ 95.192042][ C0] Code: 39 2b 0f 84 b9 00 00 00 e8 28 d0 28 00 4c 89 ff e8 30 8d a8 03 49 bc 00 00 00 00 00 fc ff df 4c 8b 6d d0 4c 89 e8 48 c1 e8 03 <42> 80 3c 20 00 74 08 4c 89 ef e8 7c 21 6d 00 49 8b 7d 00 e8 13 89 [ 95.211785][ C0] RSP: 0018:ffffc900000d7b10 EFLAGS: 00010046 [ 95.218653][ C0] RAX: 0000000000000000 RBX: 000000007fffffff RCX: ffff88810039a880 [ 95.226655][ C0] RDX: 0000000000000100 RSI: 000000007fffffff RDI: 000000007fffffff [ 95.234675][ C0] RBP: ffffc900000d7ba8 R08: fffffffffffffffb R09: 0000000000000007 [ 95.243122][ C0] R10: ffffed1022e52139 R11: 1ffff11022e52139 R12: dffffc0000000000 [ 95.251464][ C0] R13: 0000000000000000 R14: ffff8881172909c8 R15: 0000000000000008 [ 95.259921][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 95.270121][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 95.277188][ C0] CR2: 00007f9f89ea8f98 CR3: 0000000006e0f000 CR4: 00000000003506b0 [ 95.285652][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 95.294252][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 95.302581][ C0] Kernel panic - not syncing: Fatal exception in interrupt [ 95.310298][ C0] Kernel Offset: disabled [ 95.314656][ C0] Rebooting in 86400 seconds..