last executing test programs: 4m7.762212591s ago: executing program 32 (id=447): prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000001000/0x3000)=nil) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00') preadv(r0, &(0x7f0000010440)=[{&(0x7f0000000040)=""/160, 0x3fd}], 0x1, 0xc03, 0x0) 4m2.995154218s ago: executing program 33 (id=631): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000001c0)={'wg0\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="e0100000", @ANYRES16=r1, @ANYBLOB="0500000000000000000001000000060006004e240000901008809005008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000200fcbefe9641719404cc5c9ab2766dd4793e367b0ea55e65e2e3416ac9d4e68841240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691cb40409807c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030000000000f4000080060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000a00000014000200fc0200000000000000000000000000010500030000000000060001000200000008000200e00000020500030003000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ac1414bb0500030000000000060001000a00000014000200000000000000000000000000000000010500030002000000060001000a00000014000200fc0200000000000000000000000000000500030003000000340000800600010002000000080002000a0101010500030004000000060001000200000008000200ac1414aa050003000300000064000080060001000a00000014000200200100000000000000000000000000000500030002000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200ff010000000000000000000000000001050003000200000094000080060001000200000008000200ac1e00010500030002000000060001000200000008000200e00000010500030002000000060001000a00000014000200fc0000000000000000000000000000000500030002000000060001000200000008000200000000000500030003000000060001000a00000014000200fe80000000000000000000000000000e050003000000000040000080060001000a00000014000200fc0200000000000000000000000000000500030002000000060001000200000008000200ac1414aa050003000000000064000080060001000a00000014000200200100000000000000000000000000020500030001000000060001000a00000014000200fc02000000000000000000000000000105000300020000000600010002000000080002000a010100050003000200000070000080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200000000000000000000000000000000000500030002000000060001000a0000001400020000000000000000000000000000000001050003000000000000010080060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000200000008000200000000000500030003000000060001000200000008000200640101000500030002000000060001000200000008000200640101010500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8000000000000000000000000000bb05000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000200000008000200640101010500030001000000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e1803008024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39220600050005000000e802098058000080060001000200000008000200ac1e00010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200ffffffff05000300010000007c000080060001000a00000014000200000000000000000000000000000000010500030002000000060001000200000008000200ac1414bb0500030002000000060001000a000000140002000000000000000000000000000000000105000300020000000600010002000000080002000a0101010500030003000000f4000080060001000a0000001400020000000000000000000000ffffac1414aa0500030003000000060001000200000008000200ac1414aa05000300000000000600010002000000080002000a01010205000300020000000600010002000000080002007f00000105000300000000000600010002000000080002000a0101010500030003000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc01000000000000000000000000000005000300010000000600010002000000080002000a0101000500030000000000060001000200000008000200ac1e0101050003000200000094000080060001000a00000014000200fc0200000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030001000000060001000200000008000200e00000010500030002000000060001000200000008000200ac1414bb0500030001000000060001000200000008000200ffffffff050003000200000088000080060001000a00000014000200fe8000000000000000000000000000aa0500030001000000060001000200000008000200ac1414aa0500030002000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200ff02000000000000000000000000000105000300020000007c000080200004000a004e2100000006fc0100000000000000000000000000010400000008000a000100000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000300000024000200379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549780000800800030001000000080003000400000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b3922080003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e22000000000000000000000000e4060080dc020980f4000080060001000a00000014000200000000000000000000000000000000000500030002000000060001000a00000014000200fc0000000000000000000000000000000500030001000000060001000200000008000200ffffffff050003000100000006d4e23d7500000008000200ac1e00010500030001000000060001000200000008000200e000000105000300020000000600010002000000080002007f0000010500030002000000060001000a00000014000200000000000000000000000000000000010500030001000000060001000a00000014000200fc010000000000000000000000000001050003000300000034000080060001000200000008000200640101000500030001000000060001000200000008000200ac1414bb050003000200000000010080060001000a00000014000200200100000000000000000000000000010500030000000000060001000200000008000200e000000205000300020000000600010002000000080002006401010005000300020000000600010002000000080002007f00000105000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ffffffff0500030000000000060001000200000008000200e00000010500030003000000060001000a00000014000200fc0100000000000000000000000000010500030000000000940000800600010002000000080002006401010005000300010000000600010002000000080002006401010205000300000000000600010002000000080002007f0000010500030003000000060001000200000008000200e00000020500030003000000060001000200000008000200ac1414120500030002000000060001000200000008000200ac14142d05000300020000001c000080060001000200000008000200ffffffff05000300030000000800030002000000200004000a004e2000000005fc010000000000000000000000000001000000009403098094000080060001000a0000001400020000000000000000000000ffffac1414bb0500030003000000060001000a00000014000200fe8800000000000000000000000000010500030002000000060001000a00000014000200ff0100000000000000000000000000010500030003000000060001000a00000014000200fe880000000000000000000000000101050003000100000064000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414bb0500030001000000060001000a0000001400020000000000000000000000ffffe00000020500030003000000f4000080060001000200000008000200000000000500030001000000060001000a00000014000200000000000000000000000000000000010500030003000000060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe80000000000000000000000000003e05000300010000000600010002000000080002007f0000010500030001000000060001000a00000014000200ff0200000000000000000000000000010500030001000000060001000a00000014000200000000000000000000000000000000010500030000000000060001000200000008000200e0000001050003000000000058000080060001000a00000014000200fe8000000000000000000000000000bb0500030000000000060001000200000008000200ac1414410500030010000000060001000200000008000200ac1e00010500030001000000f4000080060001000200000008000200640101000500030002000000060001000a00000014000200200100000000000000000000000000000500030000000000060001000a00000014000200fc0200000000000000000000000000010500030003000000060001000a00000014000200fe8000000000000000000000000000aa0500030003000000060001000200000008000200ac1414aa0500030000000000060001000200000008000200000000000500030000000000060001000200000008000200ac1414270500030000000000060001000a0000001400020020010000000000000000000000000002050003000100000058000080060001000200000008000200ac1414aa0500030001000000060001000a00000014000200fe8000000000000000000000000000140500030000000000060001000200000008000200e0000001050003000000000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r2, @ANYBLOB="240003"], 0x10e0}}, 0x0) 3m10.213475737s ago: executing program 34 (id=2044): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000012003b77"], 0x4c}}, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000005200010001000000fcdbdf250a00000008000100", @ANYRES64], 0x1c}, 0x1, 0x0, 0x0, 0x2800c815}, 0x40084) 3m5.808973564s ago: executing program 35 (id=2138): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f00000002c0)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x4}, {0x6, 0x0, 0x0, 0x3}]}, 0x10) syz_emit_ethernet(0x4a, &(0x7f0000000380)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x17}, @empty, @void, {@ipv6={0x86dd, @tcp={0x3, 0x6, "949b1d", 0x14, 0x6, 0x1, @mcast2, @private1, {[], {{0x4e22, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0xc2, 0x8, 0x0, 0x4}}}}}}}, 0x0) 2m39.773698949s ago: executing program 36 (id=2474): openat$binderfs_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) syz_usb_connect(0x0, 0x64, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000cb8be7406d04230807000102030109025200010000000009044000000e0100390a240108000b020102082407010500070e11240606060509000600040007000300390c2402050302060254df000a092402050001031f04092403"], 0x0) 2m28.744005025s ago: executing program 37 (id=3174): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0x100, &(0x7f0000000000)={[0x8]}, 0x8) 2m15.566170326s ago: executing program 38 (id=3530): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@deltaction={0x14, 0x18, 0x1, 0x0, 0x25dfdbfe, {0xa}}, 0x14}}, 0x0) 1m57.030381472s ago: executing program 39 (id=3628): ptrace(0x10, 0x1) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x6, 0x0, 0x0, 0x0, 0x8000000009917, 0x400000000000fffd}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x0, 0xffffffffffffffff}, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x0, 0x0, 0x1}, 0x0) 1m24.423726701s ago: executing program 40 (id=5089): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r0}, 0x10) r1 = syz_io_uring_setup(0x371d, &(0x7f0000000440)={0x0, 0x0, 0x400, 0xa, 0xffffff}, &(0x7f0000000380), &(0x7f0000000400)) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) 1m19.860747921s ago: executing program 41 (id=5222): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x2a, 0x5}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) fstatfs(r2, &(0x7f0000000740)=""/199) 1m11.658538668s ago: executing program 42 (id=5498): r0 = epoll_create1(0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) pselect6(0x40, &(0x7f0000000100)={0x2a, 0x803, 0x14, 0x575, 0x7fffffff, 0x2c0, 0x4baf, 0xd22}, 0x0, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)) shutdown(r1, 0x1) 1m6.664755054s ago: executing program 1 (id=5607): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x1210010, &(0x7f0000000000)={[{@max_batch_time={'max_batch_time', 0x3d, 0xff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000000}}]}, 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 1m6.505886027s ago: executing program 1 (id=5614): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x22401, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, 0x0) 1m6.353715679s ago: executing program 1 (id=5620): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46040700030d0000000000000003000300060000000903000038000000000000000e00000000002000030005000000ff0f0000000002000000000000800900000000000100010000002d09000004000000fa00000000000068144f5b0003000000000400000700000002000000000000000d00000003"], 0x98) close(r0) execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) 1m6.346620179s ago: executing program 43 (id=5620): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_elf32(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46040700030d0000000000000003000300060000000903000038000000000000000e00000000002000030005000000ff0f0000000002000000000000800900000000000100010000002d09000004000000fa00000000000068144f5b0003000000000400000700000002000000000000000d00000003"], 0x98) close(r0) execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) 46.366445193s ago: executing program 2 (id=6101): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x204410, &(0x7f0000000740), 0xfe, 0x4a1, &(0x7f00000001c0)="$eJzs3M1vVFUbAPDn3mnLN+3Li6h8SBWNjR8tLags3Gh0p4mJLnBjUttCKgM1tCRCiFZjcGlI3BvdGKJ/gSvdGHVl4lb3hoQoMQFdmDF35t4yU2ZKW6YdcH6/5JZz5p7pOc+ce+499x6mAXStwexHErE1In6JiP5atrHAYO2f61fPT/x19fxEEpXKq78n1XLXrp6fKIoW79uSZ4bSiPTDJK+k0ezZcyfGy+Wp03l+ZO7k2yOzZ889OX1y/PjU8alTY0eOHD40+szTY0+1Jc4srmu7353Zm/S8fvHliaMX3/zhqzQidu2r7a+P47akWxaSg1ngf1SqFhd7pC2V3Tm21aWTng42hBUpRUTWXb3V8d8fpbjRef3x4gcdbRywprJr04bWu+crwH9YEp1uAdAZxYU+u/8ttnWaetwRrjxXuwHK4r6eb7U9PZHmZXrXsP77IuLo/N+fZlvk/fDP1jWsEADoet9k858nms3/0thVV257voYyEBH/i4gdEfH/iNgZEfdEVMvem89nVqK2NFRayN88/0wvrzq4Zcjmf8/ma1uN879i9hcDpTy3rRp/b3Jsujx1MP9MhqJ3Q5YfXaKOb1/4+eNW+wbr5n/ZltVfzAXzdlzuWfSAbnJ8brxdk9Ir70fs7mkWf7KwEpBExP0RsXtlv3p7kZh+7NLeVoVuHf8S2rDOVPks4tFa/8/HovgLydLrkyMbozx1cKQ4Km72408XXmle+8bbi78Nsv7f3Hj8LyrR/2dSv147u/I6Lvz6Uct7ytUe/33Ja9Ux2Ze/9s743Nzp0Yi+5KVqvuH1sRvvLfJF+Sz+oQPNx/+O/D1Z/HsiIjuI90XEAxGxP2/7gxHxUEQcWCL+759/+K0VxT+9vv0/2fT8t3D8DzT2/8oTpRPffd2q/jz+4mTbov8PV1ND+SvV898ttG5OlKciKpVVH80AAABw98luvLdGkg4vpNN0eLj2f/h3xua0PDM79/ixmTOnJmvfERiI3rR40tWfPw/N7rZHk/n8N9aej47lz4qL56WH8ufGn5Q2VfPDEzPlyQ7HDt1uS4vxn/mt1OnWAWvO97Wgey0e/2mH2gGsP9d/6F7GP3Qv4x+6V934//LMhT3VxHvVn/sXdjRdC1jiL4cAd4dF1/9Ln3eqIcC6M/+H7mX8Q/cy/qEr3c73+juT2JS3/FaF+zrf1NUlvuidLWXx1e1KeiI637DGRKRLlXkjmu8ajIg1aljcER9LuxPJMg715SaOHc+HznIKd/KsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0D7/BgAA//9ajd4t") ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)) ptrace$getregset(0x4205, r0, 0x1, &(0x7f0000000080)={&(0x7f0000001580)=""/112, 0x70}) 46.248987142s ago: executing program 2 (id=6103): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001e00)={'vlan1\x00', 0x0}) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000006c0)={r2, 0x3, 0x6, @local}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 46.236325083s ago: executing program 2 (id=6105): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) readahead(0xffffffffffffffff, 0xff, 0x3) 46.224561494s ago: executing program 2 (id=6106): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000040000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000006c0), &(0x7f0000000000), 0x2}, 0x20) 46.143749901s ago: executing program 2 (id=6110): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$cgroup2(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800010, 0x0) chroot(&(0x7f0000000100)='./file0\x00') mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000300)='./file0/../file0/file0\x00') 46.124201612s ago: executing program 2 (id=6112): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r1}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c0000001a00011300000029004000000a00a6"], 0x2c}}, 0x0) 35.268015215s ago: executing program 5 (id=6382): r0 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f00000001c0)={0x8000042}, 0x10) sendmsg$tipc(r0, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4) 35.226438968s ago: executing program 5 (id=6387): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000004c0)='sched_switch\x00', r0}, 0x18) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x3, 0xc, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x80000001}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x45}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x0, 0xe, 0x0, &(0x7f00000002c0)="e02742e86c0d85ff9782762f0800", 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 35.034034063s ago: executing program 5 (id=6395): r0 = socket(0xa, 0x3, 0x87) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={@private1, 0x18, r2}) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x8936, &(0x7f0000000000)) 34.965027759s ago: executing program 5 (id=6401): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk") r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0) mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0) write$binfmt_register(r0, &(0x7f0000000140)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x2007, 0x3a, '\r', 0x3a, '\x84\xa3\xea\xd6O\x89|\xeb\x80\xf0\xe96\xf4`&\xd4E\xe7L\x82n;H\xd8\xdf\x9a, \\E\xd4\xab\x1ed', 0x3a, './file2', 0x3a, [0x46]}, 0x4b) syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000)) 34.358268088s ago: executing program 5 (id=6405): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = epoll_create1(0x0) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x1003ffffffc]}, 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0x20002008}) epoll_pwait(r0, &(0x7f0000000280)=[{}], 0x1, 0x8, &(0x7f0000000180)={[0x3]}, 0x8) 34.072942082s ago: executing program 5 (id=6408): r0 = io_uring_setup(0x354a, &(0x7f00000004c0)={0x0, 0xfffffffc, 0x80}) r1 = syz_io_uring_setup(0x94f, &(0x7f0000000300)={0x0, 0xd27d, 0x100}, &(0x7f0000000080)=0x0, &(0x7f0000000040)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r1, 0xcb, 0x44464f, 0x1, 0x0, 0x0) close(r0) 34.009850097s ago: executing program 44 (id=6408): r0 = io_uring_setup(0x354a, &(0x7f00000004c0)={0x0, 0xfffffffc, 0x80}) r1 = syz_io_uring_setup(0x94f, &(0x7f0000000300)={0x0, 0xd27d, 0x100}, &(0x7f0000000080)=0x0, &(0x7f0000000040)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r1, 0xcb, 0x44464f, 0x1, 0x0, 0x0) close(r0) 32.075575024s ago: executing program 45 (id=6112): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r1}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c0000001a00011300000029004000000a00a6"], 0x2c}}, 0x0) 30.202645166s ago: executing program 4 (id=6502): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="00000000a0"], 0x48) 30.15170005s ago: executing program 4 (id=6506): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xc606}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x14}]}}}]}, 0x3c}}, 0x4044) 30.001817542s ago: executing program 4 (id=6513): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_VERDICT_BATCH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x14, 0x3, 0x3, 0x101, 0x0, 0x0, {0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0x8008800) 29.954262726s ago: executing program 4 (id=6516): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x2a08000, &(0x7f0000000140)={[{@barrier}, {@resuid={'resuid', 0x3d, 0xee00}}]}, 0xfc, 0x474, &(0x7f00000003c0)="$eJzs3MtrXFUYAPBv7mTSpM/4qNqHGl9YfDRN+rALN4qCCwVBF9VdTNNSm1ppIthSTBSpSym4F5eCf4Er3Yi6EtzqXgpBsml8gFfunXvzfk0yyUTn94MJ59x7Zu75zrlncu65MxNA2+rN/lQidkfEL1k6ybMz0qJQVm566vrQH1PXhyqRpq/9Xsn33Z66PlSWLZ+3u8gcSSKSjytxaInjjl69dnFwZGT4SpHvG7v0bt/o1WtPX7g0eH74/PA7A6dPnzje/8ypgZNNiXNPVteDH1w+fOClN26+MnTm5ls/fNVR1nVBHM3SG73z2nKux5p9sBbbMydd6WhhRWhINSKy7qrl439fVGO28/bFix+1tHLApkrTNN27/O6JFPgfq0SrawC0RvmP/vZUd3Rt0nXwdjb5XP0CKIt7unjU93REUpSpLbi+baauYt3kzMSfn0fe/jvaqv0BgK33TTb/eao+/ykf9T09cc+ccnvz9eBsa8QdEXFnRNwVEXdHxP6IvOy9EXFfg8fvXZBfPP9Mbq0rsDXK5n/PFve25s//itnfP2lPtcjtie7oiVrl3IWR4WNFmxyJ2o4s37/CMb594edPl9vXW8z9ykd2/HIuWNTjVseO+c85Ozg2uLGoZ01+mK8Bji+Of/bOVZY6EBEH1/H62bz5whNfHl5u/+rxr6AJ95nSLyIer/f/RKwQ/8L7k93FvlMDJ/u6YmT4WF95Viz24083Xl3u+BuKvwmy/t+55Pk/E39PZe792tHGj3Hj10+WvaZp4Px/s9ySnf+dldfzdGex7f3BsbEr/RGdlZcXbx+YfbUyX5af3L0/4pGlx3/2HpedY1n8hyIiO4nvj4gHIuLBou4PRcTDkb/EUsanI+L75x99ez3xJ6s1bBNk/X92Xv/HKv3feKJ68buv1xN/Xdb/J/LUkWLLWt7/1lrBjbQdAAAA/Fck+WfgK8nRmXSSHD0asStf292ZjFweHXvy3OX3/jpb/6x8T9SScqWrvh5cXw/tL9aGy/zAgvzxYt34s2p3nt9Z3PsGWmfX3PGfLzjWx3/mt2qLKwdsPt/XgvZl/EP7Mv6hfRn/0L7WOv7TTa4HsPWWGv/jLagHsPXM/6F9Gf/Qvox/aF/GP7SljXyvX2KVxHjDzdsVK5Xp3CZx5YlI8kQ63sJq/F38DMvaCm9efcpfy1i9cK0Yd9uhB1dOtO49CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJn+DQAA//85XdxN") creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x185641, 0x0) r0 = open(&(0x7f00000003c0)='./bus\x00', 0x84902, 0x0) write$FUSE_DIRENT(r0, 0x0, 0x50) 29.649575041s ago: executing program 4 (id=6524): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000000)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f0000000140)="820e1380a7000000000000a33e0c22c9e636778ca88000b3", 0x18) 29.501616743s ago: executing program 4 (id=6527): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x20) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r0, r1, 0x6, 0x0, @void}, 0x10) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r0, r1, 0x6, 0x0, @val=@tracing}, 0x40) syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000001c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x2, 0x20, 0xff, [{{0x9, 0x4, 0x0, 0xfc, 0x2, 0x7, 0x1, 0x2, 0x7f, "", {{{0x9, 0x5, 0x1, 0x2, 0x40, 0x1, 0x81, 0x8a}}}}}]}}]}}, 0x0) 29.494237944s ago: executing program 46 (id=6527): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x20) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r0, r1, 0x6, 0x0, @void}, 0x10) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r0, r1, 0x6, 0x0, @val=@tracing}, 0x40) syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000001c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x2, 0x20, 0xff, [{{0x9, 0x4, 0x0, 0xfc, 0x2, 0x7, 0x1, 0x2, 0x7f, "", {{{0x9, 0x5, 0x1, 0x2, 0x40, 0x1, 0x81, 0x8a}}}}}]}}]}}, 0x0) 28.136012414s ago: executing program 3 (id=6559): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ptrace$peeksig(0x4209, r0, &(0x7f0000000200)={0x80000000, 0x1}, 0x0) 28.084577948s ago: executing program 3 (id=6560): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, [@call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000180002801400038010"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x0) 28.072412629s ago: executing program 3 (id=6561): add_key$fscrypt_provisioning(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x4008840) r0 = io_uring_setup(0x71b9, &(0x7f00000000c0)={0x0, 0xc63b}) io_uring_register$IORING_REGISTER_CLOCK(r0, 0x1d, &(0x7f0000000040)={0x7}, 0x0) io_uring_enter(r0, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18) 28.040885451s ago: executing program 3 (id=6563): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1010012, &(0x7f0000000080)={[{@nobh}, {@bsdgroups}, {@data_err_ignore}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x125) getdents64(r0, 0xfffffffffffffffe, 0x53) 27.856281637s ago: executing program 3 (id=6566): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r0}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 27.757603575s ago: executing program 3 (id=6567): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000001000/0x400000)=nil) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) 27.69250803s ago: executing program 47 (id=6567): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000001000/0x400000)=nil) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) 2.385530026s ago: executing program 6 (id=7362): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) listen(r0, 0x4) r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/3\x00') read$FUSE(r1, &(0x7f0000002080)={0x2020}, 0x202d) 2.361810288s ago: executing program 6 (id=7363): bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000000)=0x800, 0x4) 2.361269678s ago: executing program 6 (id=7365): mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) r1 = openat$incfs(r0, &(0x7f00000001c0)='.pending_reads\x00', 0x0, 0x181) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x80106725, &(0x7f00000000c0)) 2.345062899s ago: executing program 6 (id=7367): r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) recvmmsg(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)=""/9, 0x9}], 0x1, 0x0, 0x18}, 0xb7}], 0x1, 0x40002021, 0x0) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f0000000240)={&(0x7f00000003c0)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)='/', 0x1}], 0x1, 0x0, 0x0, 0x1000a8d0}, 0x0) 1.931760793s ago: executing program 8 (id=7385): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000540)='/proc/asound/timers\x00', 0x0, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) close_range(r0, r0, 0x0) ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000480)={0x1, r0}) 1.913845194s ago: executing program 8 (id=7386): r0 = socket$inet6(0xa, 0x3, 0x6) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) setsockopt$inet6_buf(r0, 0x29, 0x39, 0x0, 0x0) 1.863683678s ago: executing program 8 (id=7389): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) recvmsg(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x100) 1.83892123s ago: executing program 9 (id=7391): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8080, 0x0) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0x3) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0xa) ioctl$TCFLSH(r1, 0x540b, 0x0) 1.785374704s ago: executing program 9 (id=7394): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1b1c, 0x1b34, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xd, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0) syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x0) syz_usb_disconnect(r0) 1.697480102s ago: executing program 0 (id=7406): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c) sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000240)=0x1ff, 0x4) shutdown(r0, 0x1) 1.681059173s ago: executing program 0 (id=7407): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) fcntl$lock(r1, 0x26, &(0x7f0000000000)) 1.637442427s ago: executing program 0 (id=7409): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10) r1 = io_uring_setup(0x6f94, &(0x7f0000001240)={0x0, 0xfffffffd, 0x0, 0x2}) pause() close_range(r1, 0xffffffffffffffff, 0x0) 1.553887934s ago: executing program 6 (id=7412): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1}) fcntl$lock(r0, 0x26, &(0x7f00000031c0)={0x1, 0x0, 0x0, 0x1000000}) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='io\x00') read$FUSE(r1, &(0x7f0000002dc0)={0x2020}, 0x2020) 1.066775553s ago: executing program 8 (id=7413): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x0) 1.066408583s ago: executing program 8 (id=7414): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) alarm(0x99b) 985.58946ms ago: executing program 8 (id=7415): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xee8f010b3d1e850f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1e423ceb0ab4912f9f6a3af992968e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xfffffffb}, 0x48, 0xffffffffffffffff) 985.44448ms ago: executing program 48 (id=7415): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xee8f010b3d1e850f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1e423ceb0ab4912f9f6a3af992968e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xfffffffb}, 0x48, 0xffffffffffffffff) 871.095309ms ago: executing program 0 (id=7417): r0 = creat(&(0x7f0000000280)='./file0\x00', 0x5b3393367dc26357) close(r0) socket$tipc(0x1e, 0x5, 0x0) r1 = socket(0x18, 0x0, 0x2) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 754.272568ms ago: executing program 6 (id=7420): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10) sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x3, 0x2, 0x6, 0xfffa}, 0xa, [0x3, 0x3, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x806, 0x3ff, 0x8000009, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x10000, 0x800, 0x3, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x82, 0xc, 0x4, 0x80000000, 0x242, 0x7, 0xe, 0x0, 0x8000806d, 0x407, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0xc57, 0x5, 0x4, 0x2, 0x83ff, 0x80, 0x0, 0x5, 0x6, 0xc, 0x4, 0x10001, 0x40], [0x10000009, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff5, 0x10001, 0xc8, 0xf9, 0xe, 0x2bf, 0x6ca, 0x9, 0xfffffffc, 0x100000, 0x8, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x7c, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0x1, 0x1, 0x10001, 0x5f31, 0xd, 0x4dd, 0x2, 0x4, 0xb, 0x0, 0xb, 0x9, 0xa, 0x4, 0x47, 0x8000, 0x1, 0xfe000000, 0x8a4a, 0x2, 0x4, 0xd, 0x3, 0x5, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x0, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x5, 0x4, 0x5, 0x0, 0x1ec, 0x5, 0x8, 0x86, 0x4, 0x303c, 0x1, 0xb, 0x5, 0x2, 0x2, 0x1, 0x20000008, 0x4, 0x2, 0xd74, 0x38, 0x800003, 0x200, 0x9, 0x3, 0x4, 0x2950bfaf, 0x1000, 0x9f, 0x6, 0x0, 0x5, 0x6, 0xac8, 0xc3, 0xb, 0x803, 0x7ff, 0x12b, 0x4, 0x2, 0xa, 0x0, 0x405, 0x1c, 0x120000, 0x2, 0x2006, 0x80a2ed, 0x4, 0x25], [0x8, 0xbb31, 0x7fff, 0xb, 0x5, 0x938, 0x6, 0xb, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x56, 0xffffffef, 0x6bd8490e, 0x100, 0x10000, 0x5, 0x7fff, 0x40, 0xa61e, 0x6, 0x5, 0x1, 0xfffffffe, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0x5, 0x10000, 0x3, 0x8, 0x100, 0x9602, 0x200007, 0xaf, 0xb, 0x6, 0x229, 0x5, 0x5, 0x7, 0x30b1d693, 0xa1f, 0x40000f40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0xe, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 375.557119ms ago: executing program 7 (id=7426): r0 = memfd_create(&(0x7f0000000180)='\b\x9dF\xd8\b\xb3~u\xa5\"\xdc\xfdq\xf6c\r;\xfcO\x8c=\x81\xb1\x8aWpA\xd4\x98\x85K\x89>N\x8ar\x17O\x0fKR\xe2{mn\xcc\xbf2\xc0\xa7\x14\xd0\xd4\xfe/m\xdf\xb6]\xc2\xaa\x86\xec(\xf7\xcd\xa6\xd9n^.\x13*\xd4\xb8\xe8\xc4\xefb\x14Vx\xc6\xfe\x9e\xee\xe7\xd7E\xe9\t\x83\xdeNX\xec\xe66\x1b\x97$\xee\x84\x14n,B\xd5?\xe5E:+Pm\x1d\xb4\xb8\xeb\xe8Op2\x82\xc7\x0e\x97\x03\xef\x1a\xa5\x00.\x89\b!m\f\xd9\x8b$}\x9f\fX\x81\xa8\xf6\x94\xbc\xed\x80|l]\xe9\xca\xd3\xc9\xa3\x9e\x9cJI\xf1\xa2\xa0\xc4:\x00\x00\x00\x00\x00\x00\b\x00\x00', 0x0) pipe2(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) write$binfmt_misc(r2, &(0x7f0000000340)="ed", 0x1) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) splice(r1, 0x0, r0, &(0x7f0000000140)=0x8008, 0x4, 0x0) 357.032621ms ago: executing program 7 (id=7427): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) syz_clone(0x42a00180, 0x0, 0x0, 0x0, 0x0, 0x0) 310.937354ms ago: executing program 7 (id=7428): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x1000c16, &(0x7f0000000500), 0xff, 0x260, &(0x7f0000000980)="$eJzs3U9IHFccB/DfzO7Wqkux7aVQ+gdKKa0g9lboxV5aEIpIKYW2YCmllxYtWKU37SmXHJJjSIKnXCTkFpNj8CK5JARyMokHcwkkkkMkhySwYXcU/LOJxl13gvP5wDoz+ub93jDzfSPiMAEUVl9EDEVEKSL6I6ISEcnWBh9nn76NzbnupbGIWu2Hh0mjXbad2dyvNyJmI+KriFhMk/irHDG98Mvq4+XvPjs+Vfn03MLP3R09yA1rqyvfr58dOXZx+Mvp6zfvjyQxFNVtx9V+SZPvlZOIdw6j2GsiKec9AvZj9L8Lt+q5fzciPmnkvxJpZCfvxOQbi5X44syL9j354Mb7nRwr0H61WqV+D5ytAYWTRkQ1knQgIrL1NB0YyH6Hv13qSf+emPy3/8+JqfE/8p6pgHapRqx8e7nrUu+O/N8rZfkHjqjsj1IrP47O36mvrJfyHhDQER9ki/r9v/+3mc9D/qFw5B+KS/6huOQfikv+4ehp9v+mzcg/FJf8Q3HJPxSX/ENxHTj/p54d3qCAjtiafwCgWGpdB3pquP0PIgMdl/f8AwAAAAAAAAAAAAAAAAAA7DbXvTS2+WlPj+U9W1w9HbH2TdZ0d/1S433EEW82vvY8Srb1mOyrwsv9+lGLHbTofM5PX791N9/61z7Mt/7MeMTs/xExWC43rr1tF1Sycf0d3Nt7/Lzye4sFXtHOdwN8/VNn6+/0dD7f+sPLEVfq889gs/knjfcay+bzT7V+/lqs/8+TFjsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgY54HAAD//7UiauA=") mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x0) mkdir(&(0x7f0000000240)='./file1/file1\x00', 0x0) 257.903099ms ago: executing program 1 (id=7416): mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000040000000900000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000f9ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) setgid(0x0) 219.149652ms ago: executing program 1 (id=7429): r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x4c) setresuid(0x0, r1, r1) r2 = socket(0xa, 0x1, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000280)={'tunl0\x00', &(0x7f0000000200)={'gre0\x00', 0x0, 0x700, 0x700, 0x8, 0x8, {{0x5, 0x4, 0x1, 0x0, 0x14, 0x67, 0x0, 0xff, 0x29, 0x0, @empty, @empty}}}}) 218.770832ms ago: executing program 1 (id=7430): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x267, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0xd, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x40}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB=' \v@'], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041) ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"}) 212.290702ms ago: executing program 7 (id=7431): syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0) ftruncate(r0, 0x8800000) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0) sendfile(r1, r0, 0x0, 0x558410e9) 95.367752ms ago: executing program 9 (id=7432): bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'erspan0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0x6, 0x1d) sendto$packet(r0, &(0x7f00000000c0)="3f031a00260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c152bfdf9435e3ffe46", 0x3840, 0xa0c4, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 94.804242ms ago: executing program 9 (id=7433): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000006140)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x20010080, &(0x7f0000000480)=ANY=[@ANYBLOB='allow_utime=00000000000000000000007,dmask=00000000000000001,iocharset=macroman,allow_utime=00000000000000000000002,uid=', @ANYRES64=r3, @ANYRESOCT=r1, @ANYBLOB="2a3a6dc4d70cd8504afe4f20df34ad3cf37d706dd73fd000", @ANYRESDEC=r3, @ANYRESHEX=r2], 0x1, 0x14ee, &(0x7f0000002400)="$eJzs3Au0jtX2MPA511qPW9Kb5L7mmg9v2lgkSS5JckmSJElyS0iSJAmJTW5JSELuSe4hucVO7vdb7klyJEkSEpKsb+ic89ep842+b5y+z/8/9vyNscZecz97rneud77jfZ/n2WPvbzsOrlq/WqW6zAz/Efz7l1QAyAQA/QDgGgCIAKBU9lLZLx3PrDH1P3sQ8dd6aNqVrkBcSdL/9E36n75J/9M36X/6Jv1P36T/6Zv0P32T/guRnm2dnudaGel3yP3/9Ew+/9M36X/6Jv1P36T/6Zv0P32T/qdv0v/0Tfqfvkn/hUjPrvT95/85I+M/nrErXcdfO67wy08IIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghRDpxLlxmAOCf8ytdlxBCCCGEEEIIIf46IeOVrkAIIYQQQgghhBD/7yEo0GAgggyQETJBZsgCV0FWuBqywTWQgGshO1wHOeB6yAm5IDfkgbyQD/KDBQIHDDEUgIKQhBugENwIKVAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6Ai3AmV4C6oDFWgKlSDu6E63AM14F6oCfdBLbgfzpX5e5V14SGoBw9DfXgEGsCj0BAaQWNoAk1/n48I8Jv82vAA1IEHf5f/InSFl6AbdIdU6AE94WXoBb2hD/SFfvAK9IdXYQC8BgNhEAyG12EIvAFD4U0YBsNhBLwFI2EUjIYxMBbGwXh4GybAOzAR3oVJMBmmwFSYBtNhBrwHM2EWzIb3YQ58AHNhHsyHBbAQPoRFsBjS4CNYAh/DUlgGy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW+AS2wXbYATthF+yGPfAp7IXPYB98Dvvhi//L/LO/y++EgIAKFRo0mAEzYCbMhFkwC2bFrJgNs2ECE5gds//XiyU35sa8mBfzY34kJGRkLIAFMIlJLISFMAVTsAgWQY8ei2NxLIE3Y0ksiaWwFJbG0lgGy2JZLI/lsQJWwIpYESthJayMlbEqVsW78W68B2tgDayJNbEW1sLaWBvrYB2si3WxHtbD+lgfG2ADbIgNsTE2xqbYFJthM2yOzbEltsRW2ApbY2tsg22wLbbFdtgO22N77IAdsCN2xE7YGTvji/givoQvYXesrHpgT+yJvbAX9sG+2Bdfwf74Kr6Kr+FAHISD8XV8Hd/AoXgGh+FwHIEjsIIahaNxDLIah+NxPE7ACTgRJ+IknIyTcSpOw+k4A2fgTJyFs/B9nIMf4Ac4D+fhAlyIC3ERLsY0TMMleBaX4jJcjitwJa7ClbgG1+IaXI8bcD1uwk24BbfgJ/gJbsftuBN34m7cjZ/ip/gZfoYDcT/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOB7HE3gST+FJPI2n8QyexXN4Ds/jebyAz+f9ut7uwusGgrrEKKMyqAwqk8qksqgsKqvKqrKpbCqhEiq7yq5yqBwqp8qpcqvcKq/Kq/Kr/IoUKVaxKqAKqKRKqkKqkEpRKaqIKqK88qq4Kq5KqBKqpCqpSqlbVWl1myqjyqoWvrwqryqolr6iulNVUpVUZVVFVVXVVDVVXVVXNVQNVVPVVLVULVVbPaDqqB7YBx9SlzpTXw3CBmowNlSNVGPVRL2Bj6lmaig2Vy1US/WEGo7DsLVq5tuop1VbNRrbqWfVGHxOdVDjsKN6QXVSnVUX9aLqqpr7bqq7moQ9VE81FXup3qqP6qtmYhV1qWNV1WtqoBqkBqvX1QJ8Qw1Vb6phargaod5SI9UoNVqNUWPVODVeva0mqHfURPWumqQmqylqqpqmpqsZ6j01U81Ss9X7ao76QM1V89R8tUAtVB+qRWqxSlMfqSXqY7VULVPL1Qq1Uq1Sq9UatVatU+vVBrVRbVKb1Ra1VX2itqntaofaqXap3WqP+lTtVZ+pfepztV99oQ4oTAX4Uh1SX6nD6mt1RH2jjqpv1TH1nTquvlcn1El1Sv2gTqsf1Zlf3xsBQP2sLqhf1EUVFGjUSmttdKQz6Iw6k86ss+irdFZ9tc6mr9EJfa3Orq/TOfT1OqfOpXPrPDqvzqfza6tJO8061gV0QZ3UN+hC+kadogvrIrqo9rqYLq5v0iX0zbqkvkWX0rfq0vo2XUaX1eV0eX27rqDv0BX1nbqSvktX1lV0VV1N362r63t0DX2vrqnv07X0/bq2fkDX0Q/quvohXU8/rOvrR3QD/ahuqBvpxrqJbqof083047q5bqFb6id0K/2kbq2f0m3007qtfka308/q9vo53UE/rzvqF3Qn3Vl30b/oizrobrq7TtU9dE/9su6le+s+uq/up1/R/fWreoB+TQ/Ug/Rg/boeot/QQ/Wbepgerkfot/RIPUqP1mP0WD1Oj9dv6wn6HT1Rv6sn6cl6ip6qp+npus8/Vpr9f5D/zr/JH/Dro2/RW/UnepvernfonXqX3q336D16r96r9+l9er/erw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4Pq5P6JP6J/2DPq1/1Gf0WX1W/6TP6/P6wj+eAzBolNHGmMhkMBlNJpPZZDFXmazmapPNXGMS5lqT3VxncpjrTU6Ty+Q2eUxek8/kN9aQcYZNbAqYgiZpbjCFzI0mxRQ2RUxR400xU9zc9B/n/1l9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL532RSpSkYlMlCHKEGWKMkVZoixR1ihrlC3KFiWiRJQ9yh7liK6Pcka5otxRnihvlC/KH9mIIhdxFEcFooJRMrohKhTdGKVEhaMiUdHIR8Wi4tFNUYno5qhkdEtUKro1Kh3dFpWJykblovLR7VGF6I6oYnRnVCm6K6ocVYmqRtWiu6Pq0T1RjejeqGZ0X1Qruj+qHT0Q1YkejOpGD0X1ooej+tEjUYPo0ahh1ChqHDWJmv6l64dwJtfjvpvtblNtD9vTvmx72d62j+1r+9lXbH/7qh1gX7MD7SA72L5uh9g37FD7ph1mh9sR9i070o6yo+0YO9aOs+Pt23aCfcdOtO/aSXaynWKn2ml2up1h37Mz7Sw7275v59gP7Fw7z863C+xC+6FdZBfbNPuRXWI/tkvtMrvcrrAr7Sq72q6xa+06u95usBvtJrvZbrFb7Sd2m91ud9iddpfdbffYT+1e+5ndZz+3++0X9oD9m1XwpT1kv7KH7df2iP3GHrXf2mP2O3vcfm9P2JP2lP3BnrY/2jP2rD1nf7Ln7c/2gv3FXrTh0sn9pY93MmQoA2WgTJSJslAWykpZKRtlowQlKDtlpxyUg3JSTspNuSkv5aX8lJ8uYWIqQAUoSUkqRIUohVKoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qA76U66i+6iKlSFqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVAml9llcVe5rO5ql81d434f53Z5XF6Xz+V31uV0uf4lJudciivsiriizrtirri76Q9xGVfWlXPl3e2ugrvDVfxDXN3d42q4e11Nd5+r5u7+l7iWu9/Vdo+4Ou5RV9c1cvVcE1ffPeIauEddQ9fINXZNXCv3pGvtnnJt3NOurXvmD/Eit9itdevcerfB7XWfuXPuJ3fUfevOu59dN9fd9XOvuP7uVTfAveYGukF/iEe4t9xIN8qNdmPcWDfuD/EUN9VNc9PdDPeem+lm/SFe6D50c1yam+vmufluwa/xpZrS3EduifvYLXXL3HK3wq10q9xqt+a/al3hNrnNbovb4z5129x2t8PtdLvc7l/jS/vY5z53+90X7oj7xh10X7pD7pg77L7+Nb60v2PuO3fcfe9OuJPulPvBnXY/ujPu7K/7v7T3H9wv7qILDhhZsWbDEWfgjJyJM3MWvoqz8tWcja/hBF/L2fk6zsHXc07Oxbk5D+flfJyfLRM7Zo65ABfkJN/AhfhGTuHCXISLsudiXJxv4hJ8M5fkW7gU38ql+TYuw2W5HJfn27kC38EV+U6uxHdxZa7CVbka383V+R6uwfdyTb6Pa/H9XJsf4Dr8INflh7geP8z1+RFuwI9yQ27EjbkJN+XHuBk/zs25BbfkJ7gVP8mt+Sluw09zW36G2/Gz3J6f4w78PHfkF7gTd+Yu/CJ35Ze4G3fnVO7BPfll7sW9uQ/35X78CvfnV3kAv8YDeRAP5td5CL/BQ/lNHsbDeQS/xSN5FI/mMTyWx/F4fpsn8Ds8kd/lSTyZp/BUnsbTeQa/xzN5Fs/m93kOf8BzeR7P5wW8kD/kRbyY0/gjXsIf81Jexst5Ba/kVbya1/BaXsfreQNv5E28mbfwVv6Et/F23sE7eRfv5j38Ke/lz3gff877+Qs+wH/jg/wlH+Kv+DB/zUf4Gz7K3/Ix/o6P8/d8gk/yKf6BT/OPfIbP8jn+ic/zz3yBf+GLHBhijFWsYxNHcYY4Y5wpzhxnia+Ks8ZXx9nia+JEfG2cPb4uzhFfH+eMc8W54zxx3jhfnD+2McUu5jiOC8QF42R8Q1wovjFOiQvHReKisY+LxcXjm+IS8c1xyfiWuFR8a1w6vi0uE5eNH7mvfHx7XCG+I64Y3xlXiu+KK8dV4qpxtfjuuHp8T1wjvjeuGd8Xl4zvj2vHD8R14gfjuvFDcb344bh+/EjcIH40bhg3ihvHTeKm8WNxs/jxuHncIm4ZPxG3ip+MW8dPxW3ip+O28TN/ejw17hH3jF+OX45DuFfPTy5ILkx+mFyUXJxMS36UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGUK1jODRK6+98ZHP4DP6TD6zz+Kv8ln91T6bv8Yn/LU+u7/O5/DX+5w+l8/t8/i8Pp/P760n7zz72BfwBX3S3+AL+Rt9ii/si/ii3vtivrhv4pv6pr6Zf9w39y18S/+Ef8I/6Z/0T/mn/NO+rX/Gt/PP+vb+Od/BP++f9y/4Tr6z7+Jf9F39S76b7+5Tfarv6Xv6Xr6X7xOB7+f7+f6+vx/gB/iBfqAf7Af7IX6IH+qH+mF+mB/hR/iRfqQf7Uf7sX6sH+/H+wl+gp/oJ/pJfpKf4qf4aX6an+Fn+Jl+pp/tZ/s5KXP8XD/Xz/fz/UK/0C/yi3yaT/NL/BK/1C/1y/1yv9Kv9Kv9ar/Wr/Xr/Xq/0W/0m/1mv9Vv9dv8Nr/D7/C7/C6/x+/xe/1ev8/v8/v9fn/AH/AH/UF/yH/lD/uv/RH/jT/qv/XH/Hf+uP/en/An/Sn/gz/tf/Rn/Fl/zv/kz/uf/QX/i7/ogx+feDsxIfFOYmLi3cSkzJMTUxJTE9MS0xMzEu8lZiZmJWYn3k/MSXyQmJuYl5ifWJBYmPgwsSixOJGW+CixJPFxYmliWWJ5YkViZWJVIoR82+JQIBQMyXBDKBRuDCmhcCgSigYfioXi4aZQItwcSoZbQqlwaygdbgtlQtlQLjwaGoZGoXFoEpqGx0Kz8HhoHlqEluGJ0Co8GVqHp0Kb8HRoG54J7cKzoX14LnQIz4eO4YXQKXQOXcKLoWt4KXQL3UNq6BF6hpdDr9A79Al9Q7/wSugfXg0DwmthYBgUBofXw5DwRhga3gzDwvAwIrwVRoZRYXQYE8aGcWF8eDtMCO+EieHdMClMDlPC1DAtTA8zwnthZpgVZof3w5zwQZgb5oX5YUFYGD4Mi8LikBY+CkvCx2FpWBaWhxVhZVgVVoc1YW1YF9aHDWFj2BQ2hy1ha/gkbAvbw46wM+wKu8Oe8GnYGz4L+8LnYX/4IhwIfwsHw5fhUPgqHA5fhyPhm3A0fBuOhe/C8fB9OBFOhlPhh3A6/BjOhLPhXPgpnA8/hwvhl3Dx179Z636lbqILIYQQQvyPkfonx3v8m++pf4xLegLA1dvzHP7tcQ0AG3P+fd5b5W2VAICnu3d86J+jcuXU1H8+7lINUcF5AJC4nJ8BLsfLoCU8CW2gBZSAf/766rd6q87n+U/WT94KkOU3OZngcnx5/Zv/7f57q1Fz/nT9eQApBS/nZIbL8eX1S/5v1s/V7E/Wz/zleIDmv8nJCpfjy+sXh8fhGWjzLz8phBBCCCGEEEL8XW9Vrv2fXd9euj7Pay7nZITL8W+vz4UQQgghhBBCCPHf03Oduzz1WJs2LdrL5L/jZLe0SSZXZnKF35iEEEIIIYQQf7nLJ/1XuhIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+v/x78Su9B6FEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKIK+1/BQAA///apiom") link(&(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) 84.343473ms ago: executing program 0 (id=7434): r0 = socket$inet6(0xa, 0x80803, 0x87) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0x2, 0x7, @local, 0x7}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd, 0x10012, r1, 0x0) write$binfmt_script(r0, &(0x7f0000000500)={'#! ', '\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/'}, 0x51) 49.011246ms ago: executing program 0 (id=7435): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e21, 0x0, 0x0, 0x0, 0x2, 0x20}, {0x0, 0x2, 0x0, 0x0, 0x10001, 0x0, 0x2, 0x7f}, {0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe}}}, 0xb8}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0) syz_usb_connect$hid(0x4, 0x36, 0x0, 0x0) 27.685537ms ago: executing program 7 (id=7436): connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}]}, 0x3c}, 0x1, 0xba01}, 0x1) r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000d00), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="030700000000000000000800000068000480040007801300010062726f6164636173742d6c696e6b00001900078008000300000000000800020000000000080003000000000008000200000000000800030000000000040004"], 0x7c}}, 0x0) 17.638788ms ago: executing program 9 (id=7437): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r2, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd') 2.518879ms ago: executing program 7 (id=7438): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x1a, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x10001, 0x80, 0x5, 0x4, 0xffffff80}, 0x9, 0x1, 0x1, 0x4, 0x4, 0x5, 0x7, 0xf, 0x4, 0x6, {0x5, 0x80000001, 0x2, 0x0, 0xa0dd, 0x4}}}}]}, 0x78}}, 0x44080) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffe0, 0xa}, {0xf, 0x10}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0x4000) 0s ago: executing program 9 (id=7439): socket$tipc(0x1e, 0x5, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x101842, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSACTIVE(r0, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0}) readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000300)=""/61, 0x3d}], 0x1) kernel console output (not intermixed with test programs): 85439][T15392] syz.9.6296[15392] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 245.515811][T15388] EXT4-fs error (device loop5): __ext4_remount:6610: comm syz.5.6295: Abort forced by user [ 245.590144][T15388] EXT4-fs (loop5): re-mounted. Quota mode: writeback. [ 245.632300][ T1406] EXT4-fs (loop5): unmounting filesystem. [ 245.678226][T15401] syz.5.6300[15401] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 245.678295][T15401] syz.5.6300[15401] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 245.702257][T15401] x_tables: duplicate underflow at hook 4 [ 245.785864][T15408] loop5: detected capacity change from 0 to 512 [ 245.822979][T15408] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.6303: casefold flag without casefold feature [ 245.824046][T15398] loop9: detected capacity change from 0 to 40427 [ 245.844875][T15398] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12 [ 245.853138][T15398] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock [ 245.860782][T15408] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.6303: couldn't read orphan inode 15 (err -117) [ 245.873803][T15408] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 245.883373][T15398] F2FS-fs (loop9): invalid crc value [ 245.911876][ T1406] EXT4-fs (loop5): unmounting filesystem. [ 245.929079][T15418] loop5: detected capacity change from 0 to 1024 [ 245.935726][T15398] F2FS-fs (loop9): Found nat_bits in checkpoint [ 245.947307][T15418] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 245.956525][T15418] ext4 filesystem being mounted at /1317/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 245.984813][ T43] EXT4-fs error (device loop5): ext4_map_blocks:745: inode #15: comm kworker/u4:2: lblock 0 mapped to illegal pblock 0 (length 1) [ 245.998824][ T43] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 246.022708][ T43] EXT4-fs (loop5): This should not happen!! Data will be lost [ 246.022708][ T43] [ 246.032924][T15398] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0 [ 246.033533][ T1406] EXT4-fs (loop5): unmounting filesystem. [ 246.041493][T15398] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 246.118568][T15428] input: syz0 as /devices/virtual/input/input46 [ 246.122323][T15429] loop5: detected capacity change from 0 to 128 [ 246.142417][T15429] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 246.171934][T15429] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 246.364259][T15436] loop9: detected capacity change from 0 to 256 [ 246.380557][T15436] exfat: Deprecated parameter 'utf8' [ 246.404895][T15436] exfat: Unexpected value for 'utf8' [ 246.634330][ T8] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 246.702433][T15456] loop5: detected capacity change from 0 to 128 [ 246.791139][T15467] loop9: detected capacity change from 0 to 256 [ 246.817323][T15467] exfat: Deprecated parameter 'namecase' [ 246.836772][T15467] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d) [ 246.874403][ T28] kauditd_printk_skb: 20 callbacks suppressed [ 246.874417][ T28] audit: type=1400 audit(2000000309.011:5115): avc: denied { write } for pid=15466 comm="syz.9.6326" name="file1" dev="loop9" ino=1049019 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 246.904066][T15467] syz.9.6326: attempt to access beyond end of device [ 246.904066][T15467] loop9: rw=0, sector=34359738488, nr_sectors = 8 limit=256 [ 246.971164][T15462] loop5: detected capacity change from 0 to 40427 [ 246.988116][T15462] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 247.010424][T15462] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 247.034922][T15462] F2FS-fs (loop5): invalid crc value [ 247.060545][T15462] F2FS-fs (loop5): Found nat_bits in checkpoint [ 247.087212][T15477] netlink: 20 bytes leftover after parsing attributes in process `syz.9.6331'. [ 247.096481][T15477] netlink: 24 bytes leftover after parsing attributes in process `syz.9.6331'. [ 247.146446][T15462] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 247.156211][T15462] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 247.244685][ T28] audit: type=1400 audit(2000000309.397:5116): avc: denied { map } for pid=15461 comm="syz.5.6324" path="/1321/bus/memory.swap.events" dev="loop5" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 247.287204][T15492] loop3: detected capacity change from 0 to 512 [ 247.317352][ T28] audit: type=1400 audit(2000000309.462:5117): avc: denied { ioctl } for pid=15496 comm="syz.7.6340" path="socket:[87268]" dev="sockfs" ino=87268 ioctlcmd=0x48d3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 247.383600][T15492] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 247.397291][T15492] ext4 filesystem being mounted at /668/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 247.458001][ T28] audit: type=1400 audit(2000000309.633:5118): avc: denied { rename } for pid=15488 comm="syz.3.6335" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 247.500224][ T8787] EXT4-fs (loop3): unmounting filesystem. [ 247.570009][ T28] audit: type=1400 audit(2000000309.751:5119): avc: denied { bind } for pid=15512 comm="syz.5.6339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 247.593421][T15513] loop5: detected capacity change from 0 to 512 [ 247.618056][T15513] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 247.656319][ T60] usb 10-1: new high-speed USB device number 7 using dummy_hcd [ 247.664932][T15513] EXT4-fs (loop5): can't mount with data=, fs mounted w/o journal [ 247.673243][T15508] loop7: detected capacity change from 0 to 40427 [ 247.690887][T15508] F2FS-fs (loop7): heap/no_heap options were deprecated [ 247.698905][T15508] F2FS-fs (loop7): invalid crc value [ 247.705650][T15508] F2FS-fs (loop7): Found nat_bits in checkpoint [ 247.740007][ T28] audit: type=1400 audit(2000000309.934:5120): avc: denied { setopt } for pid=15512 comm="syz.5.6339" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 247.814337][T15508] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 247.853066][ T60] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 247.864670][T13474] syz-executor: attempt to access beyond end of device [ 247.864670][T13474] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 247.872793][ T60] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 247.908227][ T60] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 247.926468][ T60] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 247.945095][ T60] usb 10-1: SerialNumber: syz [ 248.068105][ T28] audit: type=1400 audit(2000000310.277:5121): avc: denied { read write } for pid=1406 comm="syz-executor" name="loop5" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 248.130775][ T28] audit: type=1400 audit(2000000310.277:5122): avc: denied { open } for pid=1406 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=123 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 248.157408][ T60] usb 10-1: 0:2 : does not exist [ 248.179723][ T60] usb 10-1: USB disconnect, device number 7 [ 248.191865][T15534] loop3: detected capacity change from 0 to 40427 [ 248.231373][ T28] audit: type=1400 audit(2000000310.277:5123): avc: denied { ioctl } for pid=1406 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=123 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 248.237234][T15534] F2FS-fs (loop3): invalid crc value [ 248.305813][T15534] F2FS-fs (loop3): Found nat_bits in checkpoint [ 248.315557][ T28] audit: type=1400 audit(2000000310.309:5124): avc: denied { bpf } for pid=15543 comm="syz.5.6359" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 248.339438][T15534] F2FS-fs (loop3): Start checkpoint disabled! [ 248.347007][T15534] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 248.403690][ T3350] kernel write not supported for file /vcsa1 (pid: 3350 comm: kworker/1:4) [ 248.418427][T15546] loop5: detected capacity change from 0 to 40427 [ 248.429407][T15534] F2FS-fs (loop3): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled [ 248.463170][T15546] F2FS-fs (loop5): invalid crc value [ 248.473939][T15546] F2FS-fs (loop5): Found nat_bits in checkpoint [ 248.496435][T15558] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 248.510146][T15546] F2FS-fs (loop5): Start checkpoint disabled! [ 248.517025][T15546] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 248.525343][ T662] kworker/u4:5: attempt to access beyond end of device [ 248.525343][ T662] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 248.545964][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 248.556853][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 248.565277][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 248.574935][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 248.583258][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 248.601016][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 248.620416][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 248.628680][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 248.859704][T15588] netlink: 92 bytes leftover after parsing attributes in process `syz.7.6375'. [ 248.970661][T15609] netlink: 'syz.9.6386': attribute type 28 has an invalid length. [ 248.983248][T15609] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6386'. [ 249.088735][T15615] loop9: detected capacity change from 0 to 8192 [ 249.253011][T15640] loop5: detected capacity change from 0 to 1024 [ 249.263909][T15642] loop7: detected capacity change from 0 to 256 [ 249.280331][T15642] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 249.301178][T15642] exFAT-fs (loop7): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 249.322495][T15640] EXT4-fs error (device loop5): ext4_acquire_dquot:6801: comm syz.5.6401: Failed to acquire dquot type 0 [ 249.353553][T15640] EXT4-fs error (device loop5): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 249.389410][T15640] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #13: comm syz.5.6401: corrupted inode contents [ 249.406940][T15640] EXT4-fs error (device loop5): ext4_dirty_inode:6121: inode #13: comm syz.5.6401: mark_inode_dirty error [ 249.432575][T15640] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #13: comm syz.5.6401: corrupted inode contents [ 249.445662][T15634] loop3: detected capacity change from 0 to 40427 [ 249.456755][T15634] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 249.458604][T15640] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #13: comm syz.5.6401: mark_inode_dirty error [ 249.465045][T15634] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 249.491378][ T3350] usb 10-1: new high-speed USB device number 8 using dummy_hcd [ 249.509509][T15640] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #13: comm syz.5.6401: corrupted inode contents [ 249.529610][T15640] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 249.539290][T15634] F2FS-fs (loop3): Found nat_bits in checkpoint [ 249.552301][T15640] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #13: comm syz.5.6401: corrupted inode contents [ 249.577543][T15640] EXT4-fs error (device loop5): ext4_truncate:4314: inode #13: comm syz.5.6401: mark_inode_dirty error [ 249.595646][T15634] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 249.602890][T15634] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 249.609459][T15640] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 249.629800][T15640] EXT4-fs (loop5): 1 truncate cleaned up [ 249.639042][T15640] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 249.698191][ T3350] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 249.724426][ T3350] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 249.737607][T15640] EXT4-fs (loop5): re-mounted. Quota mode: writeback. [ 249.753566][ T3350] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 249.767097][T15640] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 249.776646][ T3350] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 249.778635][T15640] EXT4-fs error (device loop5): ext4_acquire_dquot:6801: comm syz.5.6401: Failed to acquire dquot type 0 [ 249.801990][T15640] EXT4-fs (loop5): re-mounted. Quota mode: writeback. [ 249.822288][ T3350] usb 10-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 249.831888][ T1406] EXT4-fs error (device loop5): ext4_readdir:263: inode #11: block 74: comm syz-executor: path /1336/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=768, inode=0, rec_len=0, size=1024 fake=0 [ 249.845995][ T3350] usb 10-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 249.862232][ T1406] EXT4-fs error (device loop5): ext4_empty_dir:3177: inode #11: block 74: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=11008, inode=0, rec_len=0, size=1024 fake=0 [ 249.875258][ T3350] usb 10-1: Manufacturer: syz [ 249.883109][ T1406] EXT4-fs error (device loop5): ext4_readdir:263: inode #11: block 74: comm syz-executor: path /1336/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=768, inode=0, rec_len=0, size=1024 fake=0 [ 249.909509][ T3350] usb 10-1: config 0 descriptor?? [ 249.914916][ T1406] EXT4-fs error (device loop5): ext4_empty_dir:3177: inode #11: block 74: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=11008, inode=0, rec_len=0, size=1024 fake=0 [ 249.947808][ T1406] EXT4-fs error (device loop5): ext4_readdir:263: inode #11: block 74: comm syz-executor: path /1336/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=768, inode=0, rec_len=0, size=1024 fake=0 [ 249.970699][ T1406] EXT4-fs error (device loop5): ext4_empty_dir:3177: inode #11: block 74: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=11008, inode=0, rec_len=0, size=1024 fake=0 [ 249.994137][ T1406] EXT4-fs error (device loop5): ext4_readdir:263: inode #11: block 74: comm syz-executor: path /1336/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=768, inode=0, rec_len=0, size=1024 fake=0 [ 250.016762][ T1406] EXT4-fs error (device loop5): ext4_empty_dir:3177: inode #11: block 74: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=11008, inode=0, rec_len=0, size=1024 fake=0 [ 250.037071][ T1406] EXT4-fs error (device loop5): ext4_readdir:263: inode #11: block 74: comm syz-executor: path /1336/file0/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=768, inode=0, rec_len=0, size=1024 fake=0 [ 250.117110][ T662] tipc: Disabling bearer [ 250.122716][ T662] tipc: Left network mode [ 250.299923][ T3350] appleir 0003:05AC:8243.0036: unknown main item tag 0x0 [ 250.312247][ T3350] appleir 0003:05AC:8243.0036: No inputs registered, leaving [ 250.322964][ T3350] appleir 0003:05AC:8243.0036: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.9-1/input0 [ 250.401039][T15665] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.409988][T15665] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.417486][T15665] device bridge_slave_0 entered promiscuous mode [ 250.424609][T15675] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6414'. [ 250.438803][T15665] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.451959][T15665] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.459678][T15665] device bridge_slave_1 entered promiscuous mode [ 250.518346][ T662] device bridge_slave_1 left promiscuous mode [ 250.534611][ T662] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.563829][ T662] device bridge_slave_0 left promiscuous mode [ 250.569941][ T662] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.602043][ T662] device veth1_macvtap left promiscuous mode [ 250.608167][ T662] device veth0_vlan left promiscuous mode [ 250.648555][ T744] usb 10-1: USB disconnect, device number 8 [ 250.678627][T15682] SELinux: ebitmap start bit (1742571008) is beyond the end of the bitmap (1472) [ 250.690344][T15682] SELinux: failed to load policy [ 250.936794][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 250.944343][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 250.956354][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 250.973833][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 250.992533][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.999592][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 251.020186][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 251.039029][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 251.047419][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 251.056331][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.063503][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.077700][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 251.080988][T15690] loop3: detected capacity change from 0 to 40427 [ 251.092227][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 251.113893][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 251.139179][T15690] F2FS-fs (loop3): heap/no_heap options were deprecated [ 251.147764][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 251.150988][T15690] F2FS-fs (loop3): fault_injection options not supported [ 251.163180][T15690] F2FS-fs (loop3): fault_type options not supported [ 251.165817][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 251.177909][T15690] F2FS-fs (loop3): invalid crc value [ 251.186156][T15690] F2FS-fs (loop3): Found nat_bits in checkpoint [ 251.204788][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 251.216941][T15665] device veth0_vlan entered promiscuous mode [ 251.235994][T15690] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 251.244450][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 251.265204][T15665] device veth1_macvtap entered promiscuous mode [ 251.292077][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 251.306117][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 251.337491][T15708] I/O error, dev loop19, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 251.371895][T15712] ip_tunnel: non-ECT from 100.1.1.1 with TOS=0x92 [ 251.374145][T15708] FAT-fs (loop19): unable to read boot sector [ 251.449905][T15716] loop9: detected capacity change from 0 to 128 [ 251.482585][T15716] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 251.504990][T15716] ext4 filesystem being mounted at /158/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 251.562179][T14158] EXT4-fs (loop9): unmounting filesystem. [ 251.626265][ T28] kauditd_printk_skb: 92 callbacks suppressed [ 251.626279][ T28] audit: type=1400 audit(2000000314.108:5213): avc: denied { create } for pid=15721 comm="syz.9.6431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 251.694739][ T28] audit: type=1400 audit(2000000314.141:5214): avc: denied { setopt } for pid=15721 comm="syz.9.6431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 251.715158][ T8787] syz-executor: attempt to access beyond end of device [ 251.715158][ T8787] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 251.755855][ T28] audit: type=1400 audit(2000000314.141:5215): avc: denied { map } for pid=15721 comm="syz.9.6431" path="socket:[87880]" dev="sockfs" ino=87880 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 251.820687][ T28] audit: type=1400 audit(2000000314.141:5216): avc: denied { read } for pid=15721 comm="syz.9.6431" path="socket:[87880]" dev="sockfs" ino=87880 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 251.846308][T15728] tmpfs: Unknown parameter 'q' [ 251.904422][ T28] audit: type=1400 audit(2000000314.398:5217): avc: denied { ioctl } for pid=15732 comm="syz.4.6438" path="socket:[87907]" dev="sockfs" ino=87907 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 251.959354][ T28] audit: type=1400 audit(2000000314.398:5218): avc: denied { write } for pid=15732 comm="syz.4.6438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 252.021816][T15738] loop4: detected capacity change from 0 to 8192 [ 252.056178][ T28] audit: type=1400 audit(2000000314.570:5219): avc: denied { mount } for pid=15737 comm="syz.4.6439" name="/" dev="loop4" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 252.088451][ T28] audit: type=1400 audit(2000000314.591:5220): avc: denied { mounton } for pid=15737 comm="syz.4.6439" path="/7/file2/file0" dev="loop4" ino=1049030 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 252.127834][T15665] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 252.149495][T15665] FAT-fs (loop4): Filesystem has been set read-only [ 252.156481][ T28] audit: type=1400 audit(2000000314.602:5221): avc: denied { mounton } for pid=15737 comm="syz.4.6439" path="/7/file2/file0" dev="incremental-fs" ino=1049030 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 252.209820][ T28] audit: type=1400 audit(2000000314.602:5222): avc: denied { getattr } for pid=15737 comm="syz.4.6439" name="/" dev="incremental-fs" ino=1049030 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 252.377503][T15753] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.388285][T15753] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.398249][T15753] device bridge_slave_0 entered promiscuous mode [ 252.406702][T15753] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.414668][T15753] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.427851][T15753] device bridge_slave_1 entered promiscuous mode [ 252.444548][T15777] netlink: 'syz.4.6456': attribute type 1 has an invalid length. [ 252.449042][T15775] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 252.459832][T15777] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6456'. [ 252.598158][T15785] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6460'. [ 252.627614][T15793] loop4: detected capacity change from 0 to 1024 [ 252.628322][T15753] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.641063][T15753] bridge0: port 2(bridge_slave_1) entered forwarding state [ 252.648370][T15753] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.655493][T15753] bridge0: port 1(bridge_slave_0) entered forwarding state [ 252.664523][T15793] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 252.698599][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 252.707342][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 252.719827][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.727211][T15665] EXT4-fs (loop4): unmounting filesystem. [ 252.762905][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 252.768291][T15806] loop4: detected capacity change from 0 to 1024 [ 252.772010][ T342] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.784422][ T342] bridge0: port 2(bridge_slave_1) entered forwarding state [ 252.794034][T15805] loop3: detected capacity change from 0 to 128 [ 252.809323][T15805] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 252.819805][T15806] EXT4-fs error (device loop4): ext4_acquire_dquot:6801: comm syz.4.6465: Failed to acquire dquot type 0 [ 252.825939][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 252.840484][T15805] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 252.840718][T15806] EXT4-fs error (device loop4): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 252.867043][T15806] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #13: comm syz.4.6465: corrupted inode contents [ 252.881717][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 252.889717][T15806] EXT4-fs error (device loop4): ext4_dirty_inode:6121: inode #13: comm syz.4.6465: mark_inode_dirty error [ 252.901366][T15806] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #13: comm syz.4.6465: corrupted inode contents [ 252.921518][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 252.930703][T15806] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #13: comm syz.4.6465: mark_inode_dirty error [ 252.942996][T15806] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #13: comm syz.4.6465: corrupted inode contents [ 252.946642][T15753] device veth0_vlan entered promiscuous mode [ 252.961756][T15806] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 252.972169][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 252.980566][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 252.988276][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 253.002620][T15753] device veth1_macvtap entered promiscuous mode [ 253.007505][T15806] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #13: comm syz.4.6465: corrupted inode contents [ 253.011785][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 253.031581][T15810] loop7: detected capacity change from 0 to 512 [ 253.043767][ T662] device bridge_slave_1 left promiscuous mode [ 253.050032][ T662] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.058154][T15806] EXT4-fs error (device loop4): ext4_truncate:4314: inode #13: comm syz.4.6465: mark_inode_dirty error [ 253.069481][ T662] device bridge_slave_0 left promiscuous mode [ 253.074163][T15806] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 253.076070][ T662] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.086093][T15810] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 253.102243][T15806] EXT4-fs (loop4): 1 truncate cleaned up [ 253.102269][ T662] device veth1_macvtap left promiscuous mode [ 253.108156][ T662] device veth0_vlan left promiscuous mode [ 253.114046][T15810] ext4 filesystem being mounted at /182/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.151734][T15806] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 253.170775][T13474] EXT4-fs (loop7): unmounting filesystem. [ 253.254645][T15806] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 253.267996][T15806] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 253.282780][T15806] EXT4-fs error (device loop4): ext4_acquire_dquot:6801: comm syz.4.6465: Failed to acquire dquot type 0 [ 253.306929][T15806] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 253.331925][T15665] EXT4-fs (loop4): unmounting filesystem. [ 253.376832][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 253.405445][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 253.420820][ T8] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 253.552799][T15846] loop0: detected capacity change from 0 to 512 [ 253.568689][T15846] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 253.580260][T15846] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 253.597479][T15846] EXT4-fs (loop0): 1 truncate cleaned up [ 253.603401][T15846] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 253.620307][T15851] loop4: detected capacity change from 0 to 128 [ 253.673756][T15753] EXT4-fs (loop0): unmounting filesystem. [ 253.766715][T15861] kvm: MONITOR instruction emulated as NOP! [ 253.876819][T15885] SELinux: Context system_u:object_r:man_t:s0 is not valid (left unmapped). [ 253.908117][T15887] tipc: Started in network mode [ 253.914412][T15887] tipc: Node identity 7365725f69643d3, cluster identity 4711 [ 253.923317][T15887] tipc: Enabling of bearer rejected, failed to enable media [ 253.924105][T15890] loop0: detected capacity change from 0 to 512 [ 253.955592][T15890] EXT4-fs: Ignoring removed mblk_io_submit option [ 253.964504][T15891] netem: change failed [ 253.968846][T15890] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 254.004696][T15890] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.6500: iget: bad extended attribute block 1 [ 254.047983][T15890] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.6500: couldn't read orphan inode 15 (err -117) [ 254.092846][T15909] /dev/loop0: Can't open blockdev [ 254.095098][T15890] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 254.155270][T15890] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7905 vs 220 free clusters [ 254.209926][T15753] EXT4-fs (loop0): unmounting filesystem. [ 254.244949][T15920] device batadv_slave_0 entered promiscuous mode [ 254.260037][T15922] loop4: detected capacity change from 0 to 512 [ 254.282680][T15922] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.6516: invalid indirect mapped block 10 (level 1) [ 254.313383][T15918] device batadv_slave_0 left promiscuous mode [ 254.350728][T15922] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.6516: invalid indirect mapped block 8 (level 1) [ 254.397101][T15922] EXT4-fs (loop4): 1 truncate cleaned up [ 254.410557][T15927] loop3: detected capacity change from 0 to 40427 [ 254.416892][T15922] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 254.433998][T15927] F2FS-fs (loop3): fault_injection options not supported [ 254.453244][T15927] F2FS-fs (loop3): invalid crc value [ 254.457701][T15939] loop7: detected capacity change from 0 to 512 [ 254.489555][T15939] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 254.499444][T15665] EXT4-fs error (device loop4): ext4_lookup:1858: inode #16: comm syz-executor: iget: bogus i_mode (6355) [ 254.511386][T15939] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 254.515248][T15927] F2FS-fs (loop3): Found nat_bits in checkpoint [ 254.531991][T15665] EXT4-fs error (device loop4): ext4_lookup:1858: inode #16: comm syz-executor: iget: bogus i_mode (6355) [ 254.564942][T13474] EXT4-fs (loop7): unmounting filesystem. [ 254.585677][T15927] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 254.609790][ T8787] syz-executor: attempt to access beyond end of device [ 254.609790][ T8787] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 254.633508][T15665] EXT4-fs (loop4): unmounting filesystem. [ 254.756830][T15952] loop3: detected capacity change from 0 to 512 [ 254.764343][T15952] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 254.785270][T15952] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.6529: invalid indirect mapped block 4294967295 (level 1) [ 254.799782][T15952] EXT4-fs (loop3): Remounting filesystem read-only [ 254.806448][T15952] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.6529: invalid indirect mapped block 4294967295 (level 1) [ 254.820690][T15952] EXT4-fs (loop3): Remounting filesystem read-only [ 254.827702][T15952] EXT4-fs (loop3): 2 truncates cleaned up [ 254.833954][T15952] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 254.855306][T15951] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.862643][T15951] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.863126][ T8787] EXT4-fs (loop3): unmounting filesystem. [ 254.870357][T15951] device bridge_slave_0 entered promiscuous mode [ 254.883045][T15951] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.890283][T15951] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.898051][T15951] device bridge_slave_1 entered promiscuous mode [ 254.947134][ T662] tipc: Left network mode [ 254.997599][T15951] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.004888][T15951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 255.012314][T15951] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.019741][T15951] bridge0: port 1(bridge_slave_0) entered forwarding state [ 255.051592][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 255.055413][T15974] loop9: detected capacity change from 0 to 1024 [ 255.065725][ T342] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.073327][ T342] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.083630][T15974] EXT4-fs: Ignoring removed nomblk_io_submit option [ 255.103750][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 255.113345][ T342] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.113440][T15974] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 255.120426][ T342] bridge0: port 1(bridge_slave_0) entered forwarding state [ 255.121428][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 255.152976][T15966] loop3: detected capacity change from 0 to 40427 [ 255.162601][ T342] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.169676][ T342] bridge0: port 2(bridge_slave_1) entered forwarding state [ 255.177619][T15966] F2FS-fs (loop3): invalid crc value [ 255.183916][T14158] EXT4-fs (loop9): unmounting filesystem. [ 255.191555][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 255.213574][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 255.222459][T15966] F2FS-fs (loop3): Found nat_bits in checkpoint [ 255.253305][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 255.288778][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 255.295784][T15991] Bluetooth: hci0: Frame reassembly failed (-84) [ 255.307127][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 255.308018][T15966] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 255.319435][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 255.329976][T15951] device veth0_vlan entered promiscuous mode [ 255.338948][ T342] Bluetooth: hci0: Frame reassembly failed (-84) [ 255.357313][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 255.379939][T15966] syz.3.6534: attempt to access beyond end of device [ 255.379939][T15966] loop3: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 255.380302][T15951] device veth1_macvtap entered promiscuous mode [ 255.400601][ T8787] syz-executor: attempt to access beyond end of device [ 255.400601][ T8787] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 255.406894][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 255.456464][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 255.559062][ T662] device bridge_slave_1 left promiscuous mode [ 255.567656][ T662] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.569025][T16002] loop6: detected capacity change from 0 to 512 [ 255.585709][ T662] device bridge_slave_0 left promiscuous mode [ 255.594987][ T662] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.625430][T16002] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 255.635306][ T662] device veth1_macvtap left promiscuous mode [ 255.641349][ T662] device veth0_vlan left promiscuous mode [ 255.670034][T16002] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 255.679164][T16002] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 255.735136][T15951] EXT4-fs (loop6): unmounting filesystem. [ 256.176021][T16046] loop3: detected capacity change from 0 to 512 [ 256.201529][T16046] EXT4-fs: Ignoring removed nobh option [ 256.230760][T16046] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.6563: iget: bad i_size value: 38620345925642 [ 256.243747][T16046] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.6563: couldn't read orphan inode 15 (err -117) [ 256.256232][T16046] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 256.284829][T16046] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz.3.6563: bg 0: block 5: invalid block bitmap [ 256.298078][T16046] overlayfs: failed to set xattr on upper [ 256.306627][T16046] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1432: inode #12: block 7: comm syz.3.6563: path /: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0 [ 256.351013][ T8] tipc: Left network mode [ 256.356078][T16037] EXT4-fs (loop3): unmounting filesystem. [ 256.770326][T16063] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.791417][T16063] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.799045][T16063] device bridge_slave_0 entered promiscuous mode [ 256.807830][ T8] device bridge_slave_1 left promiscuous mode [ 256.813964][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.823638][ T8] device bridge_slave_0 left promiscuous mode [ 256.858919][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.888709][T16075] loop6: detected capacity change from 0 to 1024 [ 256.897846][ T8] device veth1_macvtap left promiscuous mode [ 256.908880][T16075] EXT4-fs (loop6): Test dummy encryption mode enabled [ 256.918181][ T8] device veth0_vlan left promiscuous mode [ 256.925064][T16075] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 256.959172][T15951] EXT4-fs (loop6): unmounting filesystem. [ 256.998559][ T28] kauditd_printk_skb: 60 callbacks suppressed [ 256.998575][ T28] audit: type=1400 audit(2000000319.871:5279): avc: denied { append } for pid=16078 comm="syz.6.6577" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1 [ 257.085379][T16087] loop6: detected capacity change from 0 to 1024 [ 257.105643][T16087] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 257.127068][T15951] EXT4-fs (loop6): unmounting filesystem. [ 257.188675][ T2089] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 257.228613][T16063] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.235996][T16063] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.243479][T16063] device bridge_slave_1 entered promiscuous mode [ 257.405997][T16063] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.413089][T16063] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.420365][T16063] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.427428][T16063] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.493979][ T28] audit: type=1400 audit(2000000320.397:5280): avc: denied { read write } for pid=16114 comm="syz.0.6590" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 257.518994][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.526800][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.534560][ T28] audit: type=1400 audit(2000000320.429:5281): avc: denied { open } for pid=16114 comm="syz.0.6590" path="/dev/ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 257.571072][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 257.579186][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 257.586785][ T28] audit: type=1400 audit(2000000320.440:5282): avc: denied { ioctl } for pid=16114 comm="syz.0.6590" path="/dev/ppp" dev="devtmpfs" ino=158 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 257.616963][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 257.625632][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 257.633889][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.640957][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.648408][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 257.661713][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 257.675276][T16098] loop6: detected capacity change from 0 to 40427 [ 257.683441][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.690486][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.708019][T16098] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12 [ 257.726817][T16098] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 257.745606][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 257.754706][T16098] F2FS-fs (loop6): invalid crc value [ 257.761145][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 257.770334][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 257.778653][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 257.788162][T16120] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6592'. [ 257.798084][T16098] F2FS-fs (loop6): Found nat_bits in checkpoint [ 257.806649][T16120] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6592'. [ 257.830820][T16098] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 257.837971][T16098] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 257.864788][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 257.873784][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 257.920252][ T28] audit: type=1400 audit(2000000320.858:5283): avc: denied { setopt } for pid=16125 comm="syz.0.6593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 257.944714][T16063] device veth0_vlan entered promiscuous mode [ 257.951230][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 257.959496][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 257.977545][T16063] device veth1_macvtap entered promiscuous mode [ 257.984449][T16098] syz.6.6585: attempt to access beyond end of device [ 257.984449][T16098] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 257.998804][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 258.006571][ T28] audit: type=1400 audit(2000000320.880:5284): avc: denied { read } for pid=16125 comm="syz.0.6593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 258.040873][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 258.055437][T16128] syz.6.6585: attempt to access beyond end of device [ 258.055437][T16128] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 258.055607][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 258.088874][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 258.097221][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 258.142574][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 258.157696][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 258.167016][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 258.184670][T15951] syz-executor: attempt to access beyond end of device [ 258.184670][T15951] loop6: rw=2051, sector=45096, nr_sectors = 16 limit=40427 [ 258.186288][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 258.224611][T15951] F2FS-fs (loop6): Issue discard(5637, 5637, 2) failed, ret: -5 [ 258.339564][T16146] loop9: detected capacity change from 0 to 512 [ 258.372481][T16146] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem [ 258.383672][T16146] EXT4-fs error (device loop9): ext4_orphan_get:1400: inode #15: comm syz.9.6602: iget: bogus i_mode (5) [ 258.395051][ T28] audit: type=1400 audit(2000000321.363:5285): avc: denied { mounton } for pid=16149 comm="syz.8.6603" path="/2/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1 [ 258.425890][T16146] EXT4-fs error (device loop9): ext4_orphan_get:1405: comm syz.9.6602: couldn't read orphan inode 15 (err -117) [ 258.444376][T16146] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 258.455358][T16146] ext2 filesystem being mounted at /187/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 258.492947][ T28] audit: type=1400 audit(2000000321.395:5286): avc: denied { unmount } for pid=16063 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 258.531512][T14158] EXT4-fs (loop9): unmounting filesystem. [ 258.546875][ T28] audit: type=1400 audit(2000000321.406:5287): avc: denied { getopt } for pid=16152 comm="syz.8.6604" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 258.589795][ T28] audit: type=1400 audit(2000000321.449:5288): avc: denied { write } for pid=16145 comm="syz.9.6602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 258.753987][T16151] loop6: detected capacity change from 0 to 40427 [ 258.785984][T16151] F2FS-fs (loop6): invalid crc value [ 258.831337][T16151] F2FS-fs (loop6): Found nat_bits in checkpoint [ 258.869920][T16158] loop8: detected capacity change from 0 to 131072 [ 258.880614][T16158] F2FS-fs (loop8): Test dummy encryption mode enabled [ 258.888397][T16158] F2FS-fs (loop8): invalid crc value [ 258.906717][T16151] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 258.932453][T16174] loop9: detected capacity change from 0 to 128 [ 258.939519][T16158] F2FS-fs (loop8): Found nat_bits in checkpoint [ 258.946344][T16174] EXT4-fs (loop9): Test dummy encryption mode enabled [ 258.976746][T16158] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 258.977059][T16174] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 259.018874][T16174] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.053586][T15951] syz-executor: attempt to access beyond end of device [ 259.053586][T15951] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 259.122276][T14158] EXT4-fs (loop9): unmounting filesystem. [ 259.528238][T16230] loop6: detected capacity change from 0 to 512 [ 259.564442][T16230] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 259.589675][T16230] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.606057][T16238] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 259.657009][T15951] EXT4-fs (loop6): unmounting filesystem. [ 259.725044][T16253] netlink: 'syz.8.6644': attribute type 4 has an invalid length. [ 259.733427][T16253] netlink: 32 bytes leftover after parsing attributes in process `syz.8.6644'. [ 259.819227][T16268] loop0: detected capacity change from 0 to 256 [ 259.833396][T16271] loop8: detected capacity change from 0 to 128 [ 259.844143][T16268] FAT-fs (loop0): Unrecognized mount option "˙˙˙˙˙˙˙˙" or missing value [ 259.868556][T16271] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 259.877684][T16271] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.913387][T16063] EXT4-fs (loop8): unmounting filesystem. [ 259.942615][T16284] Invalid ELF header len 16 [ 259.961396][T16287] netlink: 'syz.8.6660': attribute type 15 has an invalid length. [ 259.993962][T16292] loop0: detected capacity change from 0 to 1024 [ 260.015881][T16292] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 260.026476][T16292] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 260.037163][ T6] usb 10-1: new high-speed USB device number 9 using dummy_hcd [ 260.050673][T16291] EXT4-fs error (device loop0): ext4_free_blocks:6210: comm syz.0.6663: Freeing blocks not in datazone - block = 0, count = 16 [ 260.062317][T16301] loop8: detected capacity change from 0 to 128 [ 260.070269][T16291] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 260.090565][T15753] EXT4-fs (loop0): unmounting filesystem. [ 260.096722][T16303] loop6: detected capacity change from 0 to 512 [ 260.103309][T16303] EXT4-fs: Ignoring removed oldalloc option [ 260.139173][T16303] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 260.166987][T16303] EXT4-fs error (device loop6): ext4_xattr_inode_iget:400: comm syz.6.6667: Parent and EA inode have the same ino 15 [ 260.179192][T16312] loop0: detected capacity change from 0 to 2048 [ 260.186072][T16303] EXT4-fs error (device loop6): ext4_xattr_inode_iget:400: comm syz.6.6667: Parent and EA inode have the same ino 15 [ 260.206495][T16303] EXT4-fs (loop6): 1 orphan inode deleted [ 260.208054][ T6] usb 10-1: Using ep0 maxpacket: 16 [ 260.212334][T16303] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 260.253591][T15951] EXT4-fs (loop6): unmounting filesystem. [ 260.260387][ T6] usb 10-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 260.275745][T16312] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 260.286905][ T6] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.306343][T16312] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 260.330963][ T6] usb 10-1: Product: syz [ 260.358104][ T6] usb 10-1: Manufacturer: syz [ 260.362881][ T6] usb 10-1: SerialNumber: syz [ 260.363076][T16327] loop8: detected capacity change from 0 to 512 [ 260.375699][T16312] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 28 [ 260.403011][ T6] r8152-cfgselector 10-1: config 0 descriptor?? [ 260.411472][T16312] EXT4-fs (loop0): This should not happen!! Data will be lost [ 260.411472][T16312] [ 260.429708][T16312] EXT4-fs (loop0): Total free blocks count 0 [ 260.437026][T16327] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 260.446234][T16312] EXT4-fs (loop0): Free/Dirty block details [ 260.452447][T16327] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 260.463114][T16312] EXT4-fs (loop0): free_blocks=2415919104 [ 260.469164][T16312] EXT4-fs (loop0): dirty_blocks=32 [ 260.474538][T16312] EXT4-fs (loop0): Block reservation details [ 260.480760][T16312] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 260.488439][T16327] EXT4-fs (loop8): shut down requested (2) [ 260.512150][T16063] EXT4-fs (loop8): unmounting filesystem. [ 260.520253][T16326] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 33 with error 28 [ 260.598161][T16338] loop8: detected capacity change from 0 to 8192 [ 260.648364][T16349] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6685'. [ 260.804655][ T6] r8152-cfgselector 10-1: Unknown version 0x0000 [ 260.812371][ T6] r8152-cfgselector 10-1: bad CDC descriptors [ 260.825639][ T6] r8152-cfgselector 10-1: Unknown version 0x0000 [ 260.838976][ T6] r8152-cfgselector 10-1: USB disconnect, device number 9 [ 260.990198][T16402] loop0: detected capacity change from 0 to 256 [ 260.997162][T16402] exfat: Bad value for 'gid' [ 261.018108][T16404] loop0: detected capacity change from 0 to 512 [ 261.028886][T16404] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 261.046416][T16404] EXT4-fs (loop0): Remounting filesystem read-only [ 261.053107][T16404] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.6709: invalid indirect mapped block 4278190080 (level 0) [ 261.067324][T16404] EXT4-fs (loop0): Remounting filesystem read-only [ 261.073863][T16404] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.6709: invalid indirect mapped block 1 (level 1) [ 261.087311][T16404] EXT4-fs (loop0): Remounting filesystem read-only [ 261.094352][T16404] EXT4-fs (loop0): 1 truncate cleaned up [ 261.101135][T16404] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 261.112146][T16404] EXT4-fs (loop0): shut down requested (2) [ 261.129330][T15753] EXT4-fs (loop0): unmounting filesystem. [ 261.157627][T16408] loop7: detected capacity change from 0 to 2048 [ 261.188132][T16415] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 261.196932][T16408] loop7: p1 < > p3 p4 < > [ 261.202683][T16408] loop7: p3 start 4284289 is beyond EOD, truncated [ 261.209546][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 261.226093][ C1] operation not supported error, dev loop7, sector 0 op 0x9:(WRITE_ZEROES) flags 0x8000800 phys_seg 0 prio class 2 [ 261.228249][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 261.264404][ T3542] udevd[3542]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory [ 261.264672][ T346] udevd[346]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory [ 261.284907][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 261.302054][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 261.320402][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 261.329180][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 261.341635][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 261.350632][ T901] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 261.409321][T16434] loop6: detected capacity change from 0 to 512 [ 261.416590][T16434] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 261.450427][T16434] EXT4-fs error (device loop6): ext4_orphan_get:1400: inode #17: comm syz.6.6722: iget: bad i_size value: -6917529027641081756 [ 261.450585][T16434] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.6722: couldn't read orphan inode 17 (err -117) [ 261.494333][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 261.536190][T16448] input: syz0 as /devices/virtual/input/input47 [ 261.806065][T16457] loop9: detected capacity change from 0 to 40427 [ 261.818547][T16457] F2FS-fs (loop9): fault_injection options not supported [ 261.827638][T16457] F2FS-fs (loop9): invalid crc value [ 261.845114][T16457] F2FS-fs (loop9): Found nat_bits in checkpoint [ 261.900474][T16457] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 261.937932][T14158] syz-executor: attempt to access beyond end of device [ 261.937932][T14158] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 261.981299][ T28] kauditd_printk_skb: 134 callbacks suppressed [ 261.981314][ T28] audit: type=1400 audit(2000000325.215:5423): avc: denied { create } for pid=16481 comm="syz.6.6742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 261.987785][ T28] audit: type=1400 audit(2000000325.226:5424): avc: denied { connect } for pid=16481 comm="syz.6.6742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 262.007787][ T28] audit: type=1400 audit(2000000325.248:5425): avc: denied { write } for pid=16481 comm="syz.6.6742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 262.030052][T16473] loop8: detected capacity change from 0 to 40427 [ 262.036257][T16473] F2FS-fs (loop8): Insane cp_payload (553648128 >= 504) [ 262.036292][T16473] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock [ 262.038587][T16473] F2FS-fs (loop8): invalid crc value [ 262.085347][T16473] F2FS-fs (loop8): Found nat_bits in checkpoint [ 262.149380][T16473] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0 [ 262.149403][T16473] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 262.171997][T16496] loop9: detected capacity change from 0 to 512 [ 262.172298][T16496] EXT4-fs: Ignoring removed oldalloc option [ 262.178892][T16496] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 262.189107][T16496] EXT4-fs error (device loop9): ext4_xattr_inode_iget:400: comm syz.9.6745: Parent and EA inode have the same ino 15 [ 262.189466][T16496] EXT4-fs error (device loop9): ext4_xattr_inode_iget:400: comm syz.9.6745: Parent and EA inode have the same ino 15 [ 262.190627][T16496] EXT4-fs (loop9): 1 orphan inode deleted [ 262.240690][ T28] audit: type=1400 audit(2000000325.494:5426): avc: denied { append } for pid=16471 comm="syz.8.6739" path="/30/file0/pids.current" dev="loop8" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 262.241700][T16473] syz.8.6739: attempt to access beyond end of device [ 262.241700][T16473] loop8: rw=2049, sector=53248, nr_sectors = 16 limit=40427 [ 262.255583][T16063] syz-executor: attempt to access beyond end of device [ 262.255583][T16063] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 262.274939][T16502] loop9: detected capacity change from 0 to 128 [ 262.305863][T16502] EXT4-fs (loop9): Test dummy encryption mode enabled [ 262.319189][T16502] ext4 filesystem being mounted at /204/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 262.321418][ T28] audit: type=1400 audit(2000000325.580:5427): avc: denied { create } for pid=16501 comm="syz.9.6748" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 262.326551][ T28] audit: type=1400 audit(2000000325.580:5428): avc: denied { create } for pid=16501 comm="syz.9.6748" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 262.326578][ T28] audit: type=1400 audit(2000000325.591:5429): avc: denied { mounton } for pid=16501 comm="syz.9.6748" path="/204/mnt/bus" dev="loop9" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 262.326599][ T28] audit: type=1400 audit(2000000325.591:5430): avc: denied { write } for pid=16501 comm="syz.9.6748" name="bus" dev="loop9" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 262.326619][ T28] audit: type=1400 audit(2000000325.591:5431): avc: denied { add_name } for pid=16501 comm="syz.9.6748" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 262.326639][ T28] audit: type=1400 audit(2000000325.591:5432): avc: denied { setattr } for pid=16501 comm="syz.9.6748" name="work" dev="loop9" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 262.417506][T16508] loop9: detected capacity change from 0 to 1024 [ 262.582917][T16510] input: syz1 as /devices/virtual/input/input48 [ 262.589425][T16510] input: failed to attach handler leds to device input48, error: -6 [ 262.600042][T16508] EXT4-fs: Ignoring removed i_version option [ 262.632535][T16508] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:477: comm syz.9.6750: Invalid block bitmap block 0 in block_group 0 [ 262.651579][T16508] EXT4-fs error (device loop9): ext4_acquire_dquot:6801: comm syz.9.6750: Failed to acquire dquot type 0 [ 262.670880][T16518] loop7: detected capacity change from 0 to 256 [ 262.679216][T16508] EXT4-fs error (device loop9): ext4_free_blocks:6210: comm syz.9.6750: Freeing blocks not in datazone - block = 0, count = 4096 [ 262.717528][T16508] EXT4-fs error (device loop9): ext4_read_inode_bitmap:140: comm syz.9.6750: Invalid inode bitmap blk 0 in block_group 0 [ 262.731113][T16508] EXT4-fs error (device loop9) in ext4_free_inode:362: Corrupt filesystem [ 262.741221][ T10] EXT4-fs error (device loop9): ext4_release_dquot:6837: comm kworker/u4:1: Failed to release dquot type 0 [ 262.753761][T16508] EXT4-fs (loop9): 1 orphan inode deleted [ 262.802337][ T756] hid-generic 0003:0004:0000.0037: unknown main item tag 0x0 [ 262.810030][ T756] hid-generic 0003:0004:0000.0037: unknown main item tag 0x0 [ 262.817465][ T756] hid-generic 0003:0004:0000.0037: unknown main item tag 0x0 [ 262.825627][ T756] hid-generic 0003:0004:0000.0037: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 262.892513][T16526] fido_id[16526]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 262.934392][T16491] loop6: detected capacity change from 0 to 131072 [ 262.966775][T16491] F2FS-fs (loop6): Found nat_bits in checkpoint [ 263.020627][T16491] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 263.376470][ T2089] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 263.459489][T16560] loop0: detected capacity change from 0 to 512 [ 263.470430][T16560] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 263.533765][T16566] loop0: detected capacity change from 0 to 512 [ 263.540794][T16566] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 263.548579][T16566] EXT4-fs (loop0): orphan cleanup on readonly fs [ 263.559996][T16566] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #3: comm syz.0.6771: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 263.560241][T16566] EXT4-fs error (device loop0): ext4_quota_enable:7012: comm syz.0.6771: Bad quota inode: 3, type: 0 [ 263.560399][T16566] EXT4-fs warning (device loop0): ext4_enable_quotas:7053: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 263.560423][T16566] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 263.665439][T16571] binder: 16570:16571 ioctl c0306201 200000000300 returned -22 [ 263.701235][T16576] device vlan2 entered promiscuous mode [ 263.707101][T16576] device veth0 entered promiscuous mode [ 263.713828][T16575] loop9: detected capacity change from 0 to 4096 [ 263.796463][T16586] loop8: detected capacity change from 0 to 512 [ 263.814886][T16586] EXT4-fs error (device loop8): ext4_orphan_get:1400: inode #15: comm syz.8.6780: casefold flag without casefold feature [ 263.828131][T16586] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.6780: couldn't read orphan inode 15 (err -117) [ 263.914504][T16599] device bridge0 entered promiscuous mode [ 263.923254][T16599] device macsec1 entered promiscuous mode [ 263.930849][T16599] bridge0: port 3(macsec1) entered blocking state [ 263.938634][T16599] bridge0: port 3(macsec1) entered disabled state [ 264.031494][T16599] device bridge0 left promiscuous mode [ 264.043772][T16603] loop9: detected capacity change from 0 to 128 [ 264.088204][T16603] EXT4-fs: Ignoring removed nomblk_io_submit option [ 264.102962][T16603] EXT4-fs: Ignoring removed nomblk_io_submit option [ 264.119886][T16603] EXT4-fs (loop9): Test dummy encryption mode enabled [ 264.129634][T16609] loop6: detected capacity change from 0 to 512 [ 264.138203][T16609] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 264.147811][T16603] ext4 filesystem being mounted at /211/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 264.187826][T16609] EXT4-fs (loop6): orphan cleanup on readonly fs [ 264.194812][T16609] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.6788: bg 0: block 248: padding at end of block bitmap is not set [ 264.210215][T16609] EXT4-fs error (device loop6): ext4_acquire_dquot:6801: comm syz.6.6788: Failed to acquire dquot type 1 [ 264.223029][T16609] EXT4-fs (loop6): 1 truncate cleaned up [ 264.443713][T16611] loop7: detected capacity change from 0 to 40427 [ 264.457556][T16611] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 264.475443][T16611] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 264.501453][T16611] F2FS-fs (loop7): invalid crc value [ 264.541090][T16611] F2FS-fs (loop7): Found nat_bits in checkpoint [ 264.573255][T16611] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 264.580429][T16611] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 264.701340][T16636] netlink: 28 bytes leftover after parsing attributes in process `syz.9.6801'. [ 264.794733][T16597] loop8: detected capacity change from 0 to 131072 [ 264.820903][T16597] F2FS-fs (loop8): Found nat_bits in checkpoint [ 264.862511][T16653] loop6: detected capacity change from 0 to 1024 [ 264.875644][T16597] F2FS-fs (loop8): Mounted with checkpoint version = 753bd00b [ 264.876138][T16653] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 264.970871][T16653] ext4 filesystem being mounted at /77/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 265.006722][ T6] usb 10-1: new high-speed USB device number 10 using dummy_hcd [ 265.175816][ T6] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 265.190148][ T6] usb 10-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 265.217307][ T6] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.229044][T16677] loop6: detected capacity change from 0 to 40427 [ 265.236682][ T6] usb 10-1: config 0 descriptor?? [ 265.246202][T16688] xt_bpf: check failed: parse error [ 265.254881][T16677] F2FS-fs (loop6): invalid crc value [ 265.280847][T16677] F2FS-fs (loop6): Found nat_bits in checkpoint [ 265.338945][T16677] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 265.348786][T16699] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 265.400821][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 265.409103][T15951] syz-executor: attempt to access beyond end of device [ 265.409103][T15951] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 265.419854][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 265.454366][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 265.462852][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 265.472678][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 265.485214][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 265.499251][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 265.513179][ T342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 265.575713][T16719] loop8: detected capacity change from 0 to 256 [ 265.589327][T16719] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 265.602872][T16719] exFAT-fs (loop8): Medium has reported failures. Some data may be lost. [ 265.612810][T16721] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6836'. [ 265.620350][T16719] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 265.635812][ T6] lenovo 0003:17EF:6047.0038: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.9-1/input0 [ 265.650796][T16725] loop7: detected capacity change from 0 to 512 [ 265.749872][T16737] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 265.768204][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 265.795706][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 265.805179][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 265.810852][T16743] loop7: detected capacity change from 0 to 1024 [ 265.826376][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 265.843847][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 265.852907][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 265.861911][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 265.877270][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 265.907837][T16743] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:3841: comm syz.7.6844: Allocating blocks 497-513 which overlap fs metadata [ 265.926318][T16743] EXT4-fs (loop7): pa ffff88813295ce70: logic 256, phys. 385, len 8 [ 265.934548][T16743] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 265.971715][T16754] loop8: detected capacity change from 0 to 16 [ 265.986590][T16754] erofs: (device loop8): mounted with root inode @ nid 36. [ 266.044646][T16754] erofs: (device loop8): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 266.061485][T16760] loop0: detected capacity change from 0 to 256 [ 266.068455][T16754] erofs: (device loop8): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851] [ 266.092339][T16760] FAT-fs (loop0): Directory bread(block 64) failed [ 266.100096][T16760] FAT-fs (loop0): Directory bread(block 65) failed [ 266.106727][T16754] erofs: (device loop8): z_erofs_read_folio: failed to read, err [-117] [ 266.115178][T16760] FAT-fs (loop0): Directory bread(block 66) failed [ 266.121813][T16760] FAT-fs (loop0): Directory bread(block 67) failed [ 266.128589][T16760] FAT-fs (loop0): Directory bread(block 68) failed [ 266.134225][T16756] loop6: detected capacity change from 0 to 40427 [ 266.135274][T16760] FAT-fs (loop0): Directory bread(block 69) failed [ 266.148627][T16760] FAT-fs (loop0): Directory bread(block 70) failed [ 266.161476][T16756] F2FS-fs (loop6): Unrecognized mount option "Pů9„7" or missing value [ 266.164074][T16760] FAT-fs (loop0): Directory bread(block 71) failed [ 266.176469][T16760] FAT-fs (loop0): Directory bread(block 72) failed [ 266.184162][T16760] FAT-fs (loop0): Directory bread(block 73) failed [ 266.195078][ T6] lenovo 0003:17EF:6047.0038: Fn-lock setting failed: -71 [ 266.208901][ T6] lenovo 0003:17EF:6047.0038: Sensitivity setting failed: -71 [ 266.234642][ T6] usb 10-1: USB disconnect, device number 10 [ 266.294202][T16767] fido_id[16767]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory [ 266.443114][T16774] loop0: detected capacity change from 0 to 40427 [ 266.452310][T16774] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 266.460065][T16774] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 266.472511][T16774] F2FS-fs (loop0): invalid crc value [ 266.484732][T16774] F2FS-fs (loop0): Found nat_bits in checkpoint [ 266.527737][T16774] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 266.534885][T16774] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 266.566118][ T662] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 266.592518][ T662] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 266.750703][T16817] loop6: detected capacity change from 0 to 512 [ 266.799181][T16817] ext4 filesystem being mounted at /95/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 266.800637][T16822] netlink: 'syz.0.6878': attribute type 12 has an invalid length. [ 266.822688][T16817] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #2: comm syz.6.6877: corrupted inode contents [ 266.842751][T16822] netlink: 'syz.0.6878': attribute type 29 has an invalid length. [ 266.850781][T16822] netlink: 148 bytes leftover after parsing attributes in process `syz.0.6878'. [ 266.859258][T16807] loop8: detected capacity change from 0 to 40427 [ 266.859972][T16817] EXT4-fs error (device loop6): ext4_dirty_inode:6121: inode #2: comm syz.6.6877: mark_inode_dirty error [ 266.870383][T16822] netlink: 59 bytes leftover after parsing attributes in process `syz.0.6878'. [ 266.898054][T16807] F2FS-fs (loop8): invalid crc value [ 266.904608][T16817] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #2: comm syz.6.6877: corrupted inode contents [ 266.948820][T16807] F2FS-fs (loop8): Found nat_bits in checkpoint [ 266.965088][T16817] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #2: comm syz.6.6877: mark_inode_dirty error [ 266.994334][T16815] loop9: detected capacity change from 0 to 40427 [ 267.001627][T16815] F2FS-fs (loop9): fault_injection options not supported [ 267.020918][T16815] F2FS-fs (loop9): invalid crc value [ 267.020921][T16835] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6883'. [ 267.037037][T16815] F2FS-fs (loop9): Found nat_bits in checkpoint [ 267.039548][ T28] kauditd_printk_skb: 64 callbacks suppressed [ 267.039561][ T28] audit: type=1400 audit(2000000586.634:5492): avc: denied { rename } for pid=16816 comm="syz.6.6877" name="file0" dev="loop6" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 267.071843][T16815] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 267.075077][ T28] audit: type=1400 audit(2000000586.634:5493): avc: denied { reparent } for pid=16816 comm="syz.6.6877" name="file0" dev="loop6" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 267.101912][T16807] F2FS-fs (loop8): Start checkpoint disabled! [ 267.143515][T16807] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6 [ 267.194264][T16815] syz.9.6876: attempt to access beyond end of device [ 267.194264][T16815] loop9: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 267.232351][T14158] syz-executor: attempt to access beyond end of device [ 267.232351][T14158] loop9: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 267.318679][ T28] audit: type=1400 audit(2000000586.945:5494): avc: denied { bind } for pid=16849 comm="syz.0.6889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 267.338467][ T901] kworker/u4:6: attempt to access beyond end of device [ 267.338467][ T901] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 267.401606][T16857] loop0: detected capacity change from 0 to 2048 [ 267.408619][ T28] audit: type=1400 audit(2000000587.010:5495): avc: denied { create } for pid=16856 comm="syz.6.6894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 267.498606][T16857] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.6893: bg 0: block 234: padding at end of block bitmap is not set [ 267.514752][ T28] audit: type=1400 audit(2000000587.010:5496): avc: denied { sys_admin } for pid=16856 comm="syz.6.6894" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 267.700794][T16889] loop0: detected capacity change from 0 to 128 [ 267.801058][ T28] audit: type=1400 audit(2000000587.460:5497): avc: denied { create } for pid=16897 comm="syz.6.6908" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 267.801742][T16900] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 267.855350][ T28] audit: type=1400 audit(2000000587.460:5498): avc: denied { mounton } for pid=16897 comm="syz.6.6908" path="/104/file0" dev="tmpfs" ino=572 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 267.896895][T16900] FAT-fs (loop13): unable to read boot sector [ 267.941723][ T28] audit: type=1400 audit(2000000587.610:5499): avc: denied { unlink } for pid=15951 comm="syz-executor" name="file0" dev="tmpfs" ino=572 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 268.012112][T16917] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 268.109849][ T28] audit: type=1400 audit(2000000587.793:5500): avc: denied { setopt } for pid=16936 comm="syz.6.6925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 268.199754][ T28] audit: type=1400 audit(2000000587.889:5501): avc: denied { relabelto } for pid=16944 comm="syz.8.6929" name="72" dev="tmpfs" ino=397 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 268.234002][T16947] loop6: detected capacity change from 0 to 512 [ 268.429534][T16952] loop6: detected capacity change from 0 to 40427 [ 268.439566][T16952] F2FS-fs (loop6): fault_injection options not supported [ 268.446821][T16952] F2FS-fs (loop6): fault_type options not supported [ 268.454183][T16952] F2FS-fs (loop6): invalid crc value [ 268.466463][T16952] F2FS-fs (loop6): Found nat_bits in checkpoint [ 268.505898][T16952] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 268.556612][T15951] syz-executor: attempt to access beyond end of device [ 268.556612][T15951] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 268.843935][T16983] loop6: detected capacity change from 0 to 512 [ 268.863907][T16983] EXT4-fs: Ignoring removed oldalloc option [ 268.876401][T16991] loop8: detected capacity change from 0 to 1024 [ 268.894725][T16983] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 268.927851][T16991] ext4 filesystem being mounted at /81/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 268.938997][T16983] EXT4-fs (loop6): 1 truncate cleaned up [ 268.957288][T16999] loop7: detected capacity change from 0 to 256 [ 268.973345][T16063] EXT4-fs unmount: 32 callbacks suppressed [ 268.973361][T16063] EXT4-fs (loop8): unmounting filesystem. [ 268.986396][T15951] EXT4-fs (loop6): unmounting filesystem. [ 269.002149][T17001] netlink: 32 bytes leftover after parsing attributes in process `syz.9.6950'. [ 269.042295][T17006] syz.9.6953[17006] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 269.042362][T17006] syz.9.6953[17006] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 269.079861][T17013] netlink: 80 bytes leftover after parsing attributes in process `syz.9.6956'. [ 269.100665][T17013] netlink: 80 bytes leftover after parsing attributes in process `syz.9.6956'. [ 269.109862][T17013] netlink: 80 bytes leftover after parsing attributes in process `syz.9.6956'. [ 269.139947][T17017] Non-string source [ 269.172982][T17023] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6961'. [ 269.264588][T17025] loop9: detected capacity change from 0 to 40427 [ 269.273603][T17025] F2FS-fs (loop9): fault_injection options not supported [ 269.281310][T17025] F2FS-fs (loop9): invalid crc value [ 269.286676][ T744] usb 7-1: new full-speed USB device number 11 using dummy_hcd [ 269.301027][T17025] F2FS-fs (loop9): Found nat_bits in checkpoint [ 269.324570][T17025] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 269.331244][ T3350] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 269.478217][T17025] F2FS-fs (loop9): Start checkpoint disabled! [ 269.484641][T17025] syz.9.6962: attempt to access beyond end of device [ 269.484641][T17025] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 269.491032][ T744] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 269.511962][ T744] usb 7-1: New USB device found, idVendor=056a, idProduct=0317, bcdDevice= 0.00 [ 269.527228][ T3350] usb 9-1: Using ep0 maxpacket: 16 [ 269.529039][ T744] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.533621][ T3350] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 269.545452][ T744] usb 7-1: config 0 descriptor?? [ 269.551607][ T3350] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 269.566356][ T3350] usb 9-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00 [ 269.575438][ T3350] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.584146][ T3350] usb 9-1: config 0 descriptor?? [ 269.764034][ T744] usbhid 7-1:0.0: can't add hid device: -71 [ 269.770843][ T744] usbhid: probe of 7-1:0.0 failed with error -71 [ 269.783015][ T744] usb 7-1: USB disconnect, device number 11 [ 269.966264][ T3350] ntrig 0003:1B96:0008.0039: unbalanced delimiter at end of report description [ 269.975473][ T3350] ntrig 0003:1B96:0008.0039: parse failed [ 269.981217][ T3350] ntrig: probe of 0003:1B96:0008.0039 failed with error -22 [ 270.165384][ T3350] usb 9-1: USB disconnect, device number 4 [ 270.276662][T17035] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 270.416141][T17049] loop6: detected capacity change from 0 to 16 [ 270.441017][T17049] erofs: (device loop6): z_erofs_load_lz4_config: invalid lz4 cfgs, size=4 [ 270.466253][T17051] loop9: detected capacity change from 0 to 1024 [ 270.501825][T17051] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 270.510525][T17051] ext4 filesystem being mounted at /233/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 270.547428][T14158] EXT4-fs (loop9): unmounting filesystem. [ 270.555470][T17058] netlink: 277 bytes leftover after parsing attributes in process `syz.6.6975'. [ 270.596133][T17064] 9pnet: p9_errstr2errno: server reported unknown error 18446 [ 270.659444][T17071] loop8: detected capacity change from 0 to 512 [ 270.730818][T17071] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 270.743179][T17071] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 270.786732][T16063] EXT4-fs (loop8): unmounting filesystem. [ 270.816499][T17090] netlink: 32 bytes leftover after parsing attributes in process `syz.8.6987'. [ 270.859518][T17096] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=17096 comm=syz.8.6992 [ 270.872171][T17096] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=17096 comm=syz.8.6992 [ 270.968813][T17112] loop0: detected capacity change from 0 to 1024 [ 270.978448][T17112] EXT4-fs: Ignoring removed nobh option [ 270.984764][T17112] EXT4-fs: Ignoring removed bh option [ 270.991090][T17112] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 271.012840][T17112] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 271.026887][T17112] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.7000: Allocating blocks 385-513 which overlap fs metadata [ 271.044143][T17112] EXT4-fs (loop0): pa ffff88813295c2a0: logic 16, phys. 129, len 24 [ 271.052307][T17112] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 271.069858][T15753] EXT4-fs (loop0): unmounting filesystem. [ 271.187839][T17135] loop8: detected capacity change from 0 to 256 [ 271.197694][T17135] exFAT-fs (loop8): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d) [ 271.213900][ T6] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 271.293887][T17149] loop8: detected capacity change from 0 to 4096 [ 271.303012][T17149] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 271.316461][T17151] loop0: detected capacity change from 0 to 128 [ 271.364276][T16063] EXT4-fs (loop8): unmounting filesystem. [ 271.392756][ T6] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 271.412305][ T6] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 271.432453][ T6] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 271.442068][ T6] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 271.450497][ T6] usb 7-1: SerialNumber: syz [ 271.559523][T17169] fuse: Bad value for 'fd' [ 271.646303][ T6] usb 7-1: 0:2 : does not exist [ 271.653605][ T6] usb 7-1: USB disconnect, device number 12 [ 271.714685][T17186] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7033'. [ 271.727834][T17186] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7033'. [ 271.745050][T17186] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7033'. [ 271.754349][T17186] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7033'. [ 271.768727][T17178] loop0: detected capacity change from 0 to 40427 [ 271.793020][T17178] F2FS-fs (loop0): invalid crc value [ 271.799234][T17178] F2FS-fs (loop0): Found nat_bits in checkpoint [ 271.833638][T17178] F2FS-fs (loop0): Start checkpoint disabled! [ 271.852676][ T28] kauditd_printk_skb: 30 callbacks suppressed [ 271.852691][ T28] audit: type=1400 audit(2000000591.805:5532): avc: denied { listen } for pid=17195 comm="syz.9.7036" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 271.884168][T17178] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 272.017456][ T662] kworker/u4:5: attempt to access beyond end of device [ 272.017456][ T662] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 272.146598][T17218] loop0: detected capacity change from 0 to 1024 [ 272.153573][T17218] EXT4-fs: Ignoring removed i_version option [ 272.178160][ T28] audit: type=1400 audit(2000000592.159:5533): avc: denied { bind } for pid=17222 comm="syz.6.7048" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 272.183990][ T6] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 272.214435][ T28] audit: type=1400 audit(2000000592.181:5534): avc: denied { setopt } for pid=17222 comm="syz.6.7048" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 272.240134][T17218] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 272.268888][T17218] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.7045: Allocating blocks 497-513 which overlap fs metadata [ 272.270161][T17229] tipc: Started in network mode [ 272.288040][T17218] EXT4-fs (loop0): pa ffff8881177daf18: logic 256, phys. 385, len 8 [ 272.291367][T17231] loop6: detected capacity change from 0 to 1024 [ 272.296159][T17218] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1 [ 272.302777][T17229] tipc: Node identity 7f000001, cluster identity 4711 [ 272.331195][T17229] tipc: Enabled bearer , priority 10 [ 272.337101][T15753] EXT4-fs (loop0): unmounting filesystem. [ 272.371488][T17231] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 272.380344][T17231] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 272.405127][T15951] EXT4-fs (loop6): unmounting filesystem. [ 272.410994][ T6] usb 10-1: Using ep0 maxpacket: 8 [ 272.419097][ T6] usb 10-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab [ 272.440778][ T6] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 272.449908][ T6] usb 10-1: Product: syz [ 272.454556][ T6] usb 10-1: Manufacturer: syz [ 272.459664][ T6] usb 10-1: SerialNumber: syz [ 272.475446][ T6] usb 10-1: config 0 descriptor?? [ 272.582554][T17242] loop6: detected capacity change from 0 to 40427 [ 272.602421][T17242] F2FS-fs (loop6): invalid crc value [ 272.614548][T17242] F2FS-fs (loop6): Found nat_bits in checkpoint [ 272.644820][T17242] F2FS-fs (loop6): Start checkpoint disabled! [ 272.653316][T17242] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 272.726881][ T10] kworker/u4:1: attempt to access beyond end of device [ 272.726881][ T10] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 272.787045][T17255] block device autoloading is deprecated and will be removed. [ 272.817259][T17258] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 272.826637][T17258] FAT-fs (loop17): unable to read boot sector [ 272.922689][T17272] device syz_tun entered promiscuous mode [ 272.929394][T17272] device syz_tun left promiscuous mode [ 273.061824][ T6] usb 10-1: USB disconnect, device number 11 [ 273.144595][T17289] I/O error, dev loop17, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 273.162906][T17289] FAT-fs (loop17): unable to read boot sector [ 273.202219][ T28] audit: type=1400 audit(2000000593.254:5535): avc: denied { ioctl } for pid=17295 comm="syz.7.7079" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=95674 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 273.241066][T17298] loop7: detected capacity change from 0 to 128 [ 273.253211][T17298] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 273.261931][T17298] ext4 filesystem being mounted at /269/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 273.297618][T17298] EXT4-fs warning (device loop7): verify_group_input:151: Cannot add at group 25 (only 1 groups) [ 273.324701][T13474] EXT4-fs (loop7): unmounting filesystem. [ 273.358723][T17307] loop7: detected capacity change from 0 to 8192 [ 273.366868][ T6] tipc: Node number set to 2130706433 [ 273.555057][ T28] audit: type=1400 audit(2000000593.640:5536): avc: denied { read } for pid=17321 comm="syz.8.7092" name="usbmon7" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 273.578664][T17324] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7091'. [ 273.589489][T17324] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7091'. [ 273.598571][ T28] audit: type=1400 audit(2000000593.640:5537): avc: denied { open } for pid=17321 comm="syz.8.7092" path="/dev/usbmon7" dev="devtmpfs" ino=180 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 273.631668][T17324] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7091'. [ 273.642192][T17324] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7091'. [ 273.652242][ T28] audit: type=1400 audit(2000000593.640:5538): avc: denied { ioctl } for pid=17321 comm="syz.8.7092" path="/dev/usbmon7" dev="devtmpfs" ino=180 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 273.705022][T17340] netlink: 'syz.9.7099': attribute type 1 has an invalid length. [ 273.713893][T17340] netlink: 'syz.9.7099': attribute type 2 has an invalid length. [ 273.723145][T17340] netlink: 'syz.9.7099': attribute type 1 has an invalid length. [ 273.732274][T17340] netlink: 'syz.9.7099': attribute type 2 has an invalid length. [ 273.734763][T17342] syz.7.7101[17342] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 273.740156][T17342] syz.7.7101[17342] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 273.761601][ T28] audit: type=1400 audit(2000000593.855:5539): avc: denied { write } for pid=17343 comm="syz.9.7102" path="socket:[94717]" dev="sockfs" ino=94717 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 273.869176][T17348] loop7: detected capacity change from 0 to 512 [ 273.902656][T17348] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 273.982439][ T6] usb 9-1: new full-speed USB device number 5 using dummy_hcd [ 273.999284][T13474] EXT4-fs (loop7): unmounting filesystem. [ 274.013525][T17355] x_tables: duplicate underflow at hook 4 [ 274.151459][ T28] audit: type=1400 audit(2000000594.273:5540): avc: denied { read } for pid=17371 comm="syz.7.7114" path="socket:[95795]" dev="sockfs" ino=95795 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 274.179441][ T6] usb 9-1: unable to get BOS descriptor or descriptor too short [ 274.196823][ T6] usb 9-1: not running at top speed; connect to a high speed hub [ 274.208731][ T6] usb 9-1: config 4 has an invalid interface number: 147 but max is 0 [ 274.216951][ T6] usb 9-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 274.246917][ T6] usb 9-1: config 4 has no interface number 0 [ 274.255560][ T6] usb 9-1: string descriptor 0 read error: -22 [ 274.264803][ T6] usb 9-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 274.273935][ T6] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.288353][ T6] usb 9-1: Found UVC 0.00 device (04f2:b746) [ 274.313105][ T6] usb 9-1: No valid video chain found. [ 274.357260][ T28] audit: type=1400 audit(2000000594.498:5541): avc: denied { map } for pid=17390 comm="syz.6.7123" path="socket:[95911]" dev="sockfs" ino=95911 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 274.481465][ T6] usb 9-1: USB disconnect, device number 5 [ 274.499770][T17404] loop9: detected capacity change from 0 to 256 [ 274.536584][T17404] FAT-fs (loop9): Directory bread(block 64) failed [ 274.543435][T17404] FAT-fs (loop9): Directory bread(block 65) failed [ 274.556318][T17404] FAT-fs (loop9): Directory bread(block 66) failed [ 274.563966][T17404] FAT-fs (loop9): Directory bread(block 67) failed [ 274.574869][T17404] FAT-fs (loop9): Directory bread(block 68) failed [ 274.578452][T17403] loop6: detected capacity change from 0 to 1024 [ 274.587775][T17404] FAT-fs (loop9): Directory bread(block 69) failed [ 274.587864][T17404] FAT-fs (loop9): Directory bread(block 70) failed [ 274.587881][T17404] FAT-fs (loop9): Directory bread(block 71) failed [ 274.587912][T17404] FAT-fs (loop9): Directory bread(block 72) failed [ 274.587929][T17404] FAT-fs (loop9): Directory bread(block 73) failed [ 274.621267][T17403] EXT4-fs: Ignoring removed nobh option [ 274.633016][T17403] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 274.643922][T17403] EXT4-fs (loop6): group descriptors corrupted! [ 274.785531][T17418] loop9: detected capacity change from 0 to 256 [ 274.795978][T17418] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 274.815204][T17418] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000008) [ 274.826497][T17418] exFAT-fs (loop9): Filesystem has been set read-only [ 274.833417][T17418] exFAT-fs (loop9): error, failed to bmap (inode : ffff88811747d990 iblock : 8, err : -5) [ 274.843581][T17418] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000008) [ 274.855112][T17418] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000008) [ 274.864304][T17418] exFAT-fs (loop9): error, failed to bmap (inode : ffff88811747d990 iblock : 8, err : -5) [ 274.874503][T17418] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000008) [ 274.883685][T17418] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000008) [ 274.905445][T17423] loop9: detected capacity change from 0 to 128 [ 274.914943][T17423] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 274.923654][T17423] ext4 filesystem being mounted at /264/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 274.979589][T14158] EXT4-fs (loop9): unmounting filesystem. [ 274.988487][ T744] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 275.012047][T17431] incfs: iterate_incfs_dir / -22 [ 275.012565][T17430] loop8: detected capacity change from 0 to 1024 [ 275.024862][T17430] EXT4-fs: Ignoring removed nobh option [ 275.031117][T17430] EXT4-fs: Ignoring removed bh option [ 275.040226][T17430] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 275.096883][T17430] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 275.125796][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 275.133797][T16063] EXT4-fs (loop8): unmounting filesystem. [ 275.158247][ T744] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 275.171927][ T744] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 275.180170][T17447] netlink: 'syz.8.7145': attribute type 1 has an invalid length. [ 275.198742][ T744] usb 7-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 275.211756][ T744] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.224729][ T744] usb 7-1: Product: syz [ 275.228920][ T744] usb 7-1: Manufacturer: syz [ 275.234059][ T744] usb 7-1: SerialNumber: syz [ 275.239420][ T744] usb 7-1: config 0 descriptor?? [ 275.244814][T17414] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 275.252202][T17414] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 275.269772][T17456] __nla_validate_parse: 3 callbacks suppressed [ 275.269789][T17456] netlink: 516 bytes leftover after parsing attributes in process `syz.8.7151'. [ 275.309167][T17461] device syz_tun entered promiscuous mode [ 275.316333][T17461] device syz_tun left promiscuous mode [ 275.388663][T17469] loop8: detected capacity change from 0 to 512 [ 275.405381][T17469] EXT4-fs warning (device loop8): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 275.424382][T17469] EXT4-fs warning (device loop8): dx_probe:881: Enable large directory feature to access it [ 275.453282][T17469] EXT4-fs warning (device loop8): dx_probe:966: inode #2: comm syz.8.7157: Corrupt directory, running e2fsck is recommended [ 275.468657][T17414] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 275.475913][T17414] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 275.483571][T17469] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117 [ 275.491808][T17469] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2195: inode #15: comm syz.8.7157: corrupted in-inode xattr [ 275.510418][T17469] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.7157: couldn't read orphan inode 15 (err -117) [ 275.522731][T17469] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 275.538403][T17469] EXT4-fs warning (device loop8): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 275.549954][T17469] EXT4-fs warning (device loop8): dx_probe:881: Enable large directory feature to access it [ 275.560143][T17469] EXT4-fs warning (device loop8): dx_probe:966: inode #2: comm syz.8.7157: Corrupt directory, running e2fsck is recommended [ 275.574696][T17469] EXT4-fs warning (device loop8): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 275.586297][T17469] EXT4-fs warning (device loop8): dx_probe:881: Enable large directory feature to access it [ 275.596418][T17469] EXT4-fs warning (device loop8): dx_probe:966: inode #2: comm syz.8.7157: Corrupt directory, running e2fsck is recommended [ 275.611180][T17469] EXT4-fs warning (device loop8): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 275.623312][T17469] EXT4-fs warning (device loop8): dx_probe:881: Enable large directory feature to access it [ 275.633703][T17469] EXT4-fs warning (device loop8): dx_probe:966: inode #2: comm syz.8.7157: Corrupt directory, running e2fsck is recommended [ 275.650845][T17469] EXT4-fs warning (device loop8): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 275.669625][T16063] EXT4-fs (loop8): unmounting filesystem. [ 275.693616][T17483] loop8: detected capacity change from 0 to 128 [ 275.704839][T17485] loop7: detected capacity change from 0 to 512 [ 275.712470][T17483] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 275.721404][T17485] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 275.722112][T17483] ext4 filesystem being mounted at /138/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 275.738229][T17485] EXT4-fs (loop7): orphan cleanup on readonly fs [ 275.753873][T16063] EXT4-fs (loop8): unmounting filesystem. [ 275.754748][T17485] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:511: comm syz.7.7164: Block bitmap for bg 0 marked uninitialized [ 275.773599][T17485] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 275.782930][T17485] EXT4-fs (loop7): 1 orphan inode deleted [ 275.788884][T17485] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 275.821653][T17485] EXT4-fs (loop7): re-mounted. Quota mode: none. [ 275.835273][T13474] EXT4-fs (loop7): unmounting filesystem. [ 275.882063][T17497] tmpfs: Unknown parameter '' [ 276.071026][T17510] loop8: detected capacity change from 0 to 40427 [ 276.086101][T17510] F2FS-fs (loop8): invalid crc value [ 276.098107][T17510] F2FS-fs (loop8): Found nat_bits in checkpoint [ 276.142282][T17510] F2FS-fs (loop8): Start checkpoint disabled! [ 276.150296][T17510] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6 [ 276.190862][T17510] syz.8.7175: attempt to access beyond end of device [ 276.190862][T17510] loop8: rw=2049, sector=77824, nr_sectors = 136 limit=40427 [ 276.219709][ T662] kworker/u4:5: attempt to access beyond end of device [ 276.219709][ T662] loop8: rw=1, sector=77824, nr_sectors = 8 limit=40427 [ 276.233899][ T662] kworker/u4:5: attempt to access beyond end of device [ 276.233899][ T662] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 276.250264][ T744] dm9601 7-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71 [ 276.261269][ T744] dm9601 7-1:0.0 eth1: register 'dm9601' at usb-dummy_hcd.6-1, Davicom DM96xx USB 10/100 Ethernet, 6e:00:00:00:00:00 [ 276.276206][ T744] usb 7-1: USB disconnect, device number 13 [ 276.282503][ T744] dm9601 7-1:0.0 eth1: unregister 'dm9601' usb-dummy_hcd.6-1, Davicom DM96xx USB 10/100 Ethernet [ 276.519101][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 276.519116][ T28] audit: type=1400 audit(2000000596.816:5550): avc: denied { read } for pid=142 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 276.649142][T17539] device pim6reg1 entered promiscuous mode [ 276.768032][T17547] loop6: detected capacity change from 0 to 512 [ 276.779974][T17547] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 276.791405][T17547] EXT4-fs (loop6): orphan cleanup on readonly fs [ 276.798111][T17547] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:511: comm syz.6.7191: Block bitmap for bg 0 marked uninitialized [ 276.811586][T17547] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 276.820540][T17547] EXT4-fs (loop6): 1 orphan inode deleted [ 276.826329][T17547] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 276.840291][T17547] EXT4-fs (loop6): re-mounted. Quota mode: none. [ 276.850311][T15951] EXT4-fs (loop6): unmounting filesystem. [ 276.872666][T17552] netlink: 28 bytes leftover after parsing attributes in process `syz.6.7193'. [ 277.020285][ T2089] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 277.020352][ T45] Bluetooth: hci0: command 0x1003 tx timeout [ 277.057051][T17521] syz.7.7180 (17521) used greatest stack depth: 20288 bytes left [ 277.161351][T17572] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7203'. [ 277.247758][T17580] loop7: detected capacity change from 0 to 512 [ 277.281387][T17580] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 277.292347][T17580] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 277.305743][T17580] EXT4-fs (loop7): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 277.316072][T17580] EXT4-fs (loop7): revision level too high, forcing read-only mode [ 277.324132][T17580] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000] [ 277.332516][T17580] EXT4-fs (loop7): orphan cleanup on readonly fs [ 277.339859][T17580] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.7207: bg 0: block 34: padding at end of block bitmap is not set [ 277.354559][T17580] Quota error (device loop7): write_blk: dquota write failed [ 277.362084][T17580] Quota error (device loop7): qtree_write_dquot: Error -28 occurred while creating quota [ 277.372400][T17580] EXT4-fs error (device loop7): ext4_acquire_dquot:6801: comm syz.7.7207: Failed to acquire dquot type 1 [ 277.383842][ T28] audit: type=1326 audit(2000000597.739:5551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc28ff8eb69 code=0x7ffc0000 [ 277.407436][T17580] EXT4-fs (loop7): 1 truncate cleaned up [ 277.413402][T17580] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 277.419634][ T28] audit: type=1326 audit(2000000597.739:5552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc28ff8eb69 code=0x7ffc0000 [ 277.455206][ T28] audit: type=1326 audit(2000000597.739:5553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc28ff8eb69 code=0x7ffc0000 [ 277.478894][ T28] audit: type=1326 audit(2000000597.749:5554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fc28ff8eb69 code=0x7ffc0000 [ 277.479043][T17580] EXT4-fs (loop7): revision level too high, forcing read-only mode [ 277.505079][ T28] audit: type=1326 audit(2000000597.749:5555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc28ff8eb69 code=0x7ffc0000 [ 277.534070][T17580] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000] [ 277.550467][ T28] audit: type=1326 audit(2000000597.771:5556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17582 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc28ff8eb69 code=0x7ffc0000 [ 277.578346][T17589] loop8: detected capacity change from 0 to 512 [ 277.607203][T17589] EXT4-fs error (device loop8): ext4_orphan_get:1400: inode #15: comm syz.8.7211: casefold flag without casefold feature [ 277.620812][T17589] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.7211: couldn't read orphan inode 15 (err -117) [ 277.641452][T13474] EXT4-fs (loop7): unmounting filesystem. [ 277.642919][T17589] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 277.650215][T17593] loop9: detected capacity change from 0 to 256 [ 277.678418][T17593] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 277.702740][T16063] EXT4-fs (loop8): unmounting filesystem. [ 277.707146][ T28] audit: type=1400 audit(2000000598.093:5557): avc: denied { append } for pid=17592 comm="syz.9.7212" path="/269/bus/memory.swap.events" dev="loop9" ino=1049073 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 277.738731][ T744] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 277.822905][T17609] loop7: detected capacity change from 0 to 1024 [ 277.829645][T17609] EXT4-fs: Ignoring removed bh option [ 277.837522][T17609] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 277.850619][T17609] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 277.861973][T17609] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (31873!=20869) [ 277.871720][T17609] EXT4-fs (loop7): filesystem has both journal inode and journal device! [ 277.929627][ T744] usb 7-1: config 0 interface 0 altsetting 13 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 277.955142][ T744] usb 7-1: config 0 interface 0 has no altsetting 0 [ 277.961916][ T744] usb 7-1: New USB device found, idVendor=056a, idProduct=0319, bcdDevice= 0.00 [ 277.999690][ T744] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.023120][ T744] usb 7-1: config 0 descriptor?? [ 278.189837][T17649] loop9: detected capacity change from 0 to 256 [ 278.197012][T17649] exfat: Deprecated parameter 'namecase' [ 278.209236][T17649] exfat: Deprecated parameter 'namecase' [ 278.217954][T17649] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 278.261346][T17652] loop0: detected capacity change from 0 to 512 [ 278.275074][T17652] EXT4-fs (loop0): external journal device major/minor numbers have changed [ 278.290605][T17652] block device autoloading is deprecated and will be removed. [ 278.299173][T17652] EXT4-fs (loop0): external journal has bad superblock [ 278.362442][ T334] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 278.404781][ T744] wacom 0003:056A:0319.003A: unknown main item tag 0x0 [ 278.412175][ T744] wacom 0003:056A:0319.003A: unknown main item tag 0x0 [ 278.419059][ T744] wacom 0003:056A:0319.003A: unknown main item tag 0x0 [ 278.425928][ T744] wacom 0003:056A:0319.003A: unknown main item tag 0x0 [ 278.433435][ T744] wacom 0003:056A:0319.003A: unknown main item tag 0x0 [ 278.519759][ T3350] kernel write not supported for file bpf-prog (pid: 3350 comm: kworker/1:4) [ 278.540760][ T334] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 278.557170][ T334] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 278.566610][ T334] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 278.578304][ T334] usb 9-1: config 0 descriptor?? [ 278.601196][ T60] usb 7-1: USB disconnect, device number 14 [ 278.691809][T17687] loop9: detected capacity change from 0 to 512 [ 278.713351][T17687] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback. [ 278.722646][T17687] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.745008][T14158] EXT4-fs (loop9): unmounting filesystem. [ 278.794820][T17697] netlink: 100 bytes leftover after parsing attributes in process `syz.7.7259'. [ 278.958817][ T334] keytouch 0003:0926:3333.003B: fixing up Keytouch IEC report descriptor [ 278.969338][ T334] input: HID 0926:3333 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0926:3333.003B/input/input53 [ 279.046189][ T334] keytouch 0003:0926:3333.003B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.8-1/input0 [ 279.108720][T17714] loop6: detected capacity change from 0 to 1024 [ 279.127060][T17714] EXT4-fs: Ignoring removed nobh option [ 279.133500][T17714] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 279.172121][T17714] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 279.234539][T15951] EXT4-fs (loop6): unmounting filesystem. [ 279.468893][ T3350] usb 9-1: USB disconnect, device number 6 [ 279.523823][T17726] loop6: detected capacity change from 0 to 512 [ 279.556250][T17726] EXT4-fs (loop6): orphan cleanup on readonly fs [ 279.562798][T17726] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -13 [ 279.571409][T17726] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 279.586844][T17726] EXT4-fs error (device loop6): ext4_clear_blocks:883: inode #13: comm syz.6.7271: attempt to clear invalid blocks 2 len 1 [ 279.600060][T17726] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.7271: invalid indirect mapped block 1819239214 (level 0) [ 279.614529][T17726] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #13: comm syz.6.7271: invalid indirect mapped block 1819239214 (level 1) [ 279.629634][T17726] EXT4-fs (loop6): 1 truncate cleaned up [ 279.657836][T17726] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 279.686600][T17726] EXT4-fs: user quota file already specified [ 279.699723][T15951] EXT4-fs (loop6): unmounting filesystem. [ 279.752011][T17741] xt_bpf: check failed: parse error [ 280.007054][T17787] loop8: detected capacity change from 0 to 512 [ 280.059836][T17787] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 280.078522][T17787] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 280.099923][T17787] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #2: comm syz.8.7298: corrupted inode contents [ 280.115832][T17787] EXT4-fs error (device loop8): ext4_dirty_inode:6121: inode #2: comm syz.8.7298: mark_inode_dirty error [ 280.127469][T17787] EXT4-fs error (device loop8): ext4_do_update_inode:5256: inode #2: comm syz.8.7298: corrupted inode contents [ 280.139792][T17787] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #2: comm syz.8.7298: mark_inode_dirty error [ 280.158414][T17787] EXT4-fs error (device loop8): ext4_lookup:1855: inode #19: comm syz.8.7298: 'file0' linked to parent dir [ 280.186167][T16063] EXT4-fs (loop8): unmounting filesystem. [ 280.507003][T17835] loop6: detected capacity change from 0 to 128 [ 280.513570][T17835] EXT4-fs: Ignoring removed nobh option [ 280.536754][T17835] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 280.553111][T17835] ext4 filesystem being mounted at /209/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 280.584292][T15951] EXT4-fs (loop6): unmounting filesystem. [ 280.994092][T17861] loop7: detected capacity change from 0 to 512 [ 281.005021][T17861] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.7330: Invalid inode bitmap blk 4 in block_group 0 [ 281.018258][T17861] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 281.058199][T13474] EXT4-fs (loop7): unmounting filesystem. [ 281.118869][T17875] loop7: detected capacity change from 0 to 256 [ 281.128371][T17875] exfat: Deprecated parameter 'utf8' [ 281.139879][T17875] exfat: Deprecated parameter 'namecase' [ 281.154970][T17875] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 281.232618][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 281.232633][ T28] audit: type=1326 audit(2000000601.869:5569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.263017][ T28] audit: type=1326 audit(2000000601.880:5570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.287715][ T28] audit: type=1326 audit(2000000601.912:5571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.312001][ T28] audit: type=1326 audit(2000000601.912:5572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.335875][ T28] audit: type=1326 audit(2000000601.912:5573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.373241][ T28] audit: type=1326 audit(2000000601.934:5574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.407248][ T28] audit: type=1326 audit(2000000601.934:5575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.436160][ T28] audit: type=1326 audit(2000000601.934:5576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.460599][ T28] audit: type=1326 audit(2000000601.966:5577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.516096][ T28] audit: type=1326 audit(2000000602.009:5578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17888 comm="syz.9.7342" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87b3d8eb69 code=0x7ffc0000 [ 281.583481][T17909] loop9: detected capacity change from 0 to 128 [ 281.616678][T17909] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 281.625474][T17909] ext4 filesystem being mounted at /322/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 281.646915][T14158] EXT4-fs (loop9): unmounting filesystem. [ 281.727034][T17920] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7356'. [ 281.736165][T17920] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7356'. [ 282.057541][ T756] hid-generic 0000:0000:0000.003C: unknown main item tag 0x0 [ 282.059394][T17962] loop8: detected capacity change from 0 to 16 [ 282.071773][T17962] erofs: (device loop8): mounted with root inode @ nid 36. [ 282.076803][ T756] hid-generic 0000:0000:0000.003C: unknown main item tag 0x0 [ 282.088065][T17960] loop9: detected capacity change from 0 to 1024 [ 282.095030][T17960] EXT4-fs: Ignoring removed nomblk_io_submit option [ 282.102558][ T756] hid-generic 0000:0000:0000.003C: hidraw0: HID v0.00 Device [] on [ 282.111796][T17960] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 282.160438][T17960] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 282.163488][T17969] loop0: detected capacity change from 0 to 512 [ 282.178390][T17960] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback. [ 282.198209][ T346] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 282.215858][T14158] EXT4-fs (loop9): unmounting filesystem. [ 282.219186][T17968] fido_id[17968]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 282.307107][T17990] bridge0: port 3(vlan3) entered blocking state [ 282.317436][T17990] bridge0: port 3(vlan3) entered disabled state [ 282.328757][T17990] device vlan3 entered promiscuous mode [ 282.613137][ T744] usb 10-1: new high-speed USB device number 12 using dummy_hcd [ 282.789715][ T744] usb 10-1: Using ep0 maxpacket: 16 [ 282.796360][ T744] usb 10-1: config 0 interface 0 altsetting 13 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 282.807497][ T744] usb 10-1: config 0 interface 0 has no altsetting 0 [ 282.814279][ T744] usb 10-1: New USB device found, idVendor=1b1c, idProduct=1b34, bcdDevice= 0.00 [ 282.823455][ T744] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.831956][ T744] usb 10-1: config 0 descriptor?? [ 283.212642][ T744] hid-generic 0003:1B1C:1B34.003D: unknown main item tag 0x0 [ 283.220890][ T744] hid-generic 0003:1B1C:1B34.003D: unknown main item tag 0x0 [ 283.228403][ T744] hid-generic 0003:1B1C:1B34.003D: unknown main item tag 0x0 [ 283.235998][ T744] hid-generic 0003:1B1C:1B34.003D: unknown main item tag 0x0 [ 283.243508][ T744] hid-generic 0003:1B1C:1B34.003D: unknown main item tag 0x0 [ 283.252370][ T744] hid-generic 0003:1B1C:1B34.003D: hidraw0: USB HID v0.05 Device [HID 1b1c:1b34] on usb-dummy_hcd.9-1/input0 [ 283.304709][T18047] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.311756][T18047] bridge0: port 1(bridge_slave_0) entered disabled state [ 283.321406][T18047] device bridge_slave_0 entered promiscuous mode [ 283.330036][T18047] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.337139][T18047] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.344573][T18047] device bridge_slave_1 entered promiscuous mode [ 283.383724][T18057] loop7: detected capacity change from 0 to 512 [ 283.402610][T18057] EXT4-fs (loop7): orphan cleanup on readonly fs [ 283.409680][ T6] usb 10-1: USB disconnect, device number 12 [ 283.413872][T18057] EXT4-fs error (device loop7): ext4_orphan_get:1426: comm syz.7.7419: bad orphan inode 13 [ 283.439230][T18057] ext4_test_bit(bit=12, block=18) = 1 [ 283.446645][T18057] is_bad_inode(inode)=0 [ 283.450939][T18057] NEXT_ORPHAN(inode)=2130706432 [ 283.455885][T18057] max_ino=32 [ 283.459069][T18057] i_nlink=1 [ 283.462332][T18057] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 283.475670][T18057] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended [ 283.487504][T18047] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.494553][T18047] bridge0: port 2(bridge_slave_1) entered forwarding state [ 283.501811][T18047] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.508038][T18057] EXT4-fs (loop7): re-mounted. Quota mode: writeback. [ 283.508832][T18047] bridge0: port 1(bridge_slave_0) entered forwarding state [ 283.523275][T13474] EXT4-fs (loop7): unmounting filesystem. [ 283.540827][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 283.551322][ T662] bridge0: port 1(bridge_slave_0) entered disabled state [ 283.562859][ T662] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.571776][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 283.581413][ T662] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.588509][ T662] bridge0: port 1(bridge_slave_0) entered forwarding state [ 283.597589][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 283.605966][ T662] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.613074][ T662] bridge0: port 2(bridge_slave_1) entered forwarding state [ 283.617978][T18075] loop7: detected capacity change from 0 to 256 [ 283.635748][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 283.647365][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 283.660655][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 283.675077][T18075] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 283.678857][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 283.696697][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 283.704268][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 283.715369][T18047] device veth0_vlan entered promiscuous mode [ 283.725950][ T901] device bridge_slave_1 left promiscuous mode [ 283.732843][ T901] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.742213][ T901] device bridge_slave_0 left promiscuous mode [ 283.748381][ T901] bridge0: port 1(bridge_slave_0) entered disabled state [ 283.757623][ T901] device veth1_macvtap left promiscuous mode [ 283.763923][ T901] device veth0_vlan left promiscuous mode [ 283.864595][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 283.877886][T18047] device veth1_macvtap entered promiscuous mode [ 283.889375][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 283.890539][T18087] loop7: detected capacity change from 0 to 128 [ 283.909460][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 283.932713][T18087] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 283.944950][T18087] ext4 filesystem being mounted at /370/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 283.974560][T13474] EXT4-fs (loop7): unmounting filesystem. [ 284.107625][T18101] loop9: detected capacity change from 0 to 256 [ 284.124841][T18101] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 284.144128][T18105] netlink: 104 bytes leftover after parsing attributes in process `syz.0.7435'. [ 284.194215][T18112] general protection fault, probably for non-canonical address 0xdffffc0000000004: 0000 [#1] PREEMPT SMP KASAN [ 284.205970][T18112] KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] [ 284.214373][T18112] CPU: 0 PID: 18112 Comm: syz.7.7438 Tainted: G W 6.1.145-syzkaller-00038-g3b4ff5af8d36 #0 [ 284.225744][T18112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 284.234527][ T756] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 284.235804][T18112] RIP: 0010:qdisc_tree_reduce_backlog+0x181/0x360 [ 284.249822][T18112] Code: e8 34 9a b7 fd 4d 89 ef 83 7d d0 00 74 0a e8 d6 36 73 fd e9 a2 00 00 00 4d 8b 36 49 8d 46 20 48 89 c1 48 c1 e9 03 48 89 4d b8 <80> 3c 19 00 48 89 45 d0 74 0d 48 8b 7d d0 e8 fc 99 b7 fd 48 8b 45 [ 284.269415][T18112] RSP: 0018:ffffc90001a9ee28 EFLAGS: 00010202 [ 284.275483][T18112] RAX: 0000000000000020 RBX: dffffc0000000000 RCX: 0000000000000004 [ 284.283528][T18112] RDX: ffff8881273a3cc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 284.291599][T18112] RBP: ffffc90001a9ee70 R08: ffff8881273a3cc0 R09: 0000000000000002 [ 284.299573][T18112] R10: 00000000ffffffff R11: 0000000000000002 R12: 00000000000affe0 [ 284.307550][T18112] R13: ffff8881088fec00 R14: 0000000000000000 R15: ffff8881088fec00 [ 284.315599][T18112] FS: 00007f2bea1ec6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 284.324526][T18112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 284.331094][T18112] CR2: 0000001b2e31cff8 CR3: 0000000146f53000 CR4: 00000000003506b0 [ 284.339051][T18112] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 284.347001][T18112] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 284.354973][T18112] Call Trace: [ 284.358231][T18112] [ 284.361149][T18112] fq_codel_change+0xafd/0x1010 [ 284.366011][T18112] ? __cfi_fq_codel_change+0x10/0x10 [ 284.371278][T18112] ? netlink_sendmsg+0x8aa/0xbc0 [ 284.376287][T18112] fq_codel_init+0x384/0xa90 [ 284.380857][T18112] ? __cfi_fq_codel_init+0x10/0x10 [ 284.385943][T18112] qdisc_create+0x7f3/0x1040 [ 284.390524][T18112] ? qdisc_notify+0x360/0x360 [ 284.395202][T18112] ? qdisc_lookup+0x100/0x4e0 [ 284.399859][T18112] tc_modify_qdisc+0x8ea/0x1900 [ 284.404689][T18112] ? __cfi_tc_modify_qdisc+0x10/0x10 [ 284.409979][T18112] ? __kasan_check_write+0x14/0x20 [ 284.411525][ T756] usb 2-1: Using ep0 maxpacket: 16 [ 284.415100][T18112] ? mutex_lock+0x8d/0x1a0 [ 284.421369][ T756] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 284.424588][T18112] ? __cfi_mutex_lock+0x10/0x10 [ 284.424612][T18112] ? ns_capable+0x8c/0xf0 [ 284.435576][ T756] usb 2-1: config 0 interface 0 has no altsetting 0 [ 284.440294][T18112] ? netlink_net_capable+0x125/0x160 [ 284.440320][T18112] ? __cfi_tc_modify_qdisc+0x10/0x10 [ 284.440339][T18112] rtnetlink_rcv_msg+0x9f4/0xcf0 [ 284.444704][ T756] usb 2-1: New USB device found, idVendor=05ac, idProduct=0267, bcdDevice= 0.00 [ 284.451225][T18112] ? __cfi_rtnetlink_rcv_msg+0x10/0x10 [ 284.451249][T18112] ? kernel_text_address+0xa0/0xd0 [ 284.451268][T18112] ? __kernel_text_address+0xd/0x30 [ 284.456642][ T756] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.461795][T18112] ? unwind_get_return_address+0x4d/0x90 [ 284.461818][T18112] ? memcpy+0x56/0x70 [ 284.461844][T18112] ? avc_has_perm_noaudit+0x2f4/0x460 [ 284.470477][ T756] usb 2-1: config 0 descriptor?? [ 284.475756][T18112] ? __cfi_avc_has_perm_noaudit+0x10/0x10 [ 284.475787][T18112] ? slab_post_alloc_hook+0x4f/0x2d0 [ 284.530891][T18112] ? kmem_cache_alloc_node+0x181/0x340 [ 284.536360][T18112] ? __alloc_skb+0xea/0x4b0 [ 284.540955][T18112] ? avc_has_perm+0x158/0x240 [ 284.545645][T18112] ? __alloc_skb+0x236/0x4b0 [ 284.550233][T18112] ? netlink_sendmsg+0x626/0xbc0 [ 284.555270][T18112] ? __cfi_avc_has_perm+0x10/0x10 [ 284.560302][T18112] ? selinux_nlmsg_lookup+0x400/0x4c0 [ 284.565661][T18112] netlink_rcv_skb+0x1f2/0x440 [ 284.570405][T18112] ? __cfi_rtnetlink_rcv_msg+0x10/0x10 [ 284.575841][T18112] ? __cfi_netlink_rcv_skb+0x10/0x10 [ 284.581107][T18112] ? __netlink_lookup+0x387/0x3b0 [ 284.586105][T18112] rtnetlink_rcv+0x1c/0x20 [ 284.590514][T18112] netlink_unicast+0x8b1/0xa30 [ 284.595319][T18112] netlink_sendmsg+0x8aa/0xbc0 [ 284.600418][T18112] ? __cfi_netlink_sendmsg+0x10/0x10 [ 284.605679][T18112] ? security_socket_sendmsg+0x93/0xb0 [ 284.611125][T18112] ? __cfi_netlink_sendmsg+0x10/0x10 [ 284.616400][T18112] ____sys_sendmsg+0x5a9/0x990 [ 284.621139][T18112] ? __sys_sendmsg_sock+0x40/0x40 [ 284.626163][T18112] ? import_iovec+0x7c/0xb0 [ 284.630651][T18112] ___sys_sendmsg+0x21c/0x290 [ 284.635309][T18112] ? __sys_sendmsg+0x270/0x270 [ 284.640225][T18112] ? __fdget+0x19c/0x220 [ 284.644625][T18112] __x64_sys_sendmsg+0x1f0/0x2c0 [ 284.649561][T18112] ? __cfi___x64_sys_sendmsg+0x10/0x10 [ 284.655004][T18112] ? __kasan_check_write+0x14/0x20 [ 284.660108][T18112] ? fpregs_restore_userregs+0x128/0x260 [ 284.665738][T18112] ? switch_fpu_return+0xe/0x10 [ 284.670612][T18112] x64_sys_call+0x171/0x9a0 [ 284.675142][T18112] do_syscall_64+0x4c/0xa0 [ 284.679549][T18112] ? clear_bhb_loop+0x30/0x80 [ 284.684227][T18112] ? clear_bhb_loop+0x30/0x80 [ 284.688901][T18112] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 284.694775][T18112] RIP: 0033:0x7f2be938eb69 [ 284.699172][T18112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 284.718951][T18112] RSP: 002b:00007f2bea1ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 284.727339][T18112] RAX: ffffffffffffffda RBX: 00007f2be95b5fa0 RCX: 00007f2be938eb69 [ 284.735288][T18112] RDX: 0000000000004000 RSI: 0000200000000280 RDI: 0000000000000003 [ 284.743333][T18112] RBP: 00007f2be9411df1 R08: 0000000000000000 R09: 0000000000000000 [ 284.751281][T18112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 284.759229][T18112] R13: 0000000000000000 R14: 00007f2be95b5fa0 R15: 00007ffd56357908 [ 284.767184][T18112] [ 284.770179][T18112] Modules linked in: [ 284.774092][T18112] ---[ end trace 0000000000000000 ]--- [ 284.779544][T18112] RIP: 0010:qdisc_tree_reduce_backlog+0x181/0x360 [ 284.785949][T18112] Code: e8 34 9a b7 fd 4d 89 ef 83 7d d0 00 74 0a e8 d6 36 73 fd e9 a2 00 00 00 4d 8b 36 49 8d 46 20 48 89 c1 48 c1 e9 03 48 89 4d b8 <80> 3c 19 00 48 89 45 d0 74 0d 48 8b 7d d0 e8 fc 99 b7 fd 48 8b 45 [ 284.805639][T18112] RSP: 0018:ffffc90001a9ee28 EFLAGS: 00010202 [ 284.811686][T18112] RAX: 0000000000000020 RBX: dffffc0000000000 RCX: 0000000000000004 [ 284.819661][T18112] RDX: ffff8881273a3cc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 284.827617][T18112] RBP: ffffc90001a9ee70 R08: ffff8881273a3cc0 R09: 0000000000000002 [ 284.835577][T18112] R10: 00000000ffffffff R11: 0000000000000002 R12: 00000000000affe0 [ 284.843529][T18112] R13: ffff8881088fec00 R14: 0000000000000000 R15: ffff8881088fec00 [ 284.851485][T18112] FS: 00007f2bea1ec6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 284.860432][T18112] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 284.867000][T18112] CR2: 0000001b2e31cff8 CR3: 0000000146f53000 CR4: 00000000003506b0 [ 284.874970][T18112] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 284.882960][T18112] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 284.890921][T18112] Kernel panic - not syncing: Fatal exception in interrupt [ 284.898375][T18112] Kernel Offset: disabled [ 284.902678][T18112] Rebooting in 86400 seconds..