last executing test programs: 39.848222926s ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_int(r1, 0x29, 0x1, 0x0, &(0x7f00000000c0)) 39.82586909s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x6c, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x800, [0x0]}}}}}}, 0x0) 39.784553436s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ptrace(0x10, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) fcntl$getownex(r4, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$getenv(0x420b, r5, 0x8, 0x0) 14.714690878s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000087b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r3}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) 14.149274935s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000087b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r3}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x0, @local}, 0x10) 14.038540012s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ptrace(0x10, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) fcntl$getownex(r4, 0x10, &(0x7f0000000380)={0x0, 0x0}) ptrace$getenv(0x420b, r5, 0x8, 0x0) 10.530268704s ago: executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) socket$nl_route(0x10, 0x3, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, 0x0) io_setup(0x4, &(0x7f00000004c0)=0x0) r1 = signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000040)={0xfffffffffffffdef, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f00000003c0)={0xfffd}) syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000003c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) utime(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000280)={[{@noquota}, {@noblock_validity}, {@nombcache}, {@grpquota}, {@debug}, {@debug}, {@grpid}]}, 0x80, 0x536, &(0x7f0000000680)="$eJzs3c9rJFkdAPBv9XRn50dmO6sedMF1dVdmFp3uycbdDR7WEURPC+J6H2PSE8J00iHd2Z2EgJm/QBBR0ZNevAj+AYIMePEowoCeFVYU0YweBHVKqrqSyWa6k56xtzs/Ph+oqVevqvr7Xg2vUq/qURXAmfViRNyIiIdpmr4SEdUiv1RMsd2dsu0e7GzNZ1MSafr235JIirzd30qK+aVit/MR8bWvRHwzeTxue2Pz9lyz2Vgrluud5dV6e2Pz2tLy3GJjsbEyMzP9+uwbs6/NXh9KPS9HxJtf+tP3vv3TL7/5y8+++8ebf7maVTsmi/X76/EEskNUPmyDbtUr+bHYle2w9hTBjqtyXsPChV5bpGmaPkyr+3LujqRkAAAclF3AfigiPhURr0Q1zh1+OQsAAACcQOkXJuM/SfcJTQ8TffIBAACAE6SUj4FNSrViLMBklEq1WncM70fiYqnZanc+c6u1vrJw/4eTETEVldKtpWbjejFWeCoqSbY8nacfLb96YHkmIp6LiO9WL+TLtflWc2HcNz8AAADgjLh0oP//z2q3/w8AAACcMlOPZ5XGUQ4AAADgg9Oj/w8AAACcMvr/AAAAcKp99a23sind/f71wjsb67db71xbaLRv15bX52vzrbXV2mKrtZi/s2/5qN9rtlqrn4uV9Tv1TqPdqbc3Nm8ut9ZXOjeX3vcJbAAAAGCEnvvEvd8nEbH9+Qv5lJkYd6GAkSjvpZJi3qP1/+HZ7vy9ERUKGIlzA2zz3jMjKAgwcuVxFwAYm8q4CwCMXXLE+r6Dd35TzD853PIAAADDd+Vj/Z//H/4NgG2fCIATTiOGs+vA8/+0Oq6CACOXP/8fdMCviwU4VSoDjQAETrP/+/n/kdL0iQoEAAAM3WQ+JaVacXtvMkqlWi3icv5ZgEpya6nZuB4Rz0bE76qVZ7Ll6XzP5Mg+AwAAAAAAAAAAAAAAAAAAAAAAAADQlaZJpIe5cehaAAAA4ASIKP05+VX3Xf5Xqi9PHrw/MJH8K/8k8EREvPujt79/Z67TWZvO8v++l9/5QZH/6jjuYAAAAAAH7fbTd/vxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBMD3a25h/sbKX/3tmaH2Xcv34xIqb24udTd005zufz81GJiIv/SKK8b78kIs4NIf723Yj4aK/4SVasvZC94l/44OPHVHEUesW/NIT4cJbdy84/N3q1v1K8mM97t79yxPuWn1b/81/snf/O9Wn/lweM8fz9n9f7xr8b8Xy59/lnN37SJ/5LURoo/je+vrnZb13644gr0Tv+/lj1zvJqvb2xeW1peW6xsdhYmZmZfn32jdnXZq/Xby01G8W/PWN85+O/eHhY/S/2iT91RP1fHqj2Ef+9f2fnw91kpVf8qy/1iP/rnxRbPB6/VPzt+3SRztZf2U1vd9P7vfCz375wWP0XHtW/8iT//1cHrP9QGgoAMDTtjc3bc81mY+0kJCpPs1fWSz8OhZc4folvDfUH0zRNszbVY9W9iBjkd5I4DoclT4z7zAQAAAzbo4v+cZcEAAAAAAAAAAAAAAAAAAAAzq4hvjNsot9r9g7G3N5LJd4MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcG/8LAAD//3uY3uY=") munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(0xffffffffffffffff, 0x0, 0x0) getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8) 10.262222855s ago: executing program 1: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000080)={0x0, 0x0, {0x0, 0xfffffffc}}) 10.003599735s ago: executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', 0x0}) r2 = socket$packet(0x11, 0x2, 0x300) sendto$packet(r2, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, 0x14) 9.97236438s ago: executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0) chdir(&(0x7f0000000100)='./file0\x00') mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00') 9.963205542s ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000500)=[@textreal={0x8, 0x0}], 0x1, 0x20, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 9.928497616s ago: executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x40000000004) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000080), 0xfd32) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffff, 0x2}, 0x6) 2.171144355s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00001900bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$igmp(0x2, 0x3, 0x2) sendmmsg$inet(r2, &(0x7f0000004840)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000800)="271cc5b5f460eb24a9de680c28e524ff7c154ecf88313430686d0863667355415efcc659d393268d4da0f372159c7eccc8f59808c4fe273ff01da0b4952d022599a90f22e40a592eb8d5efd02a229df610b4bfc733fb063b3574c79519d0a3a516a11eef963e301674542b27ba63d97bd78b5f0d52adfbedf7f519ce5457688e4fa332f6bf0d246559c1ae09cc0c769bad4f81774907871fb069046d47c36eb3f8d54259d988e0d7e650423b4bde293ed6a4903d7dce23a887b990ddaf51a46569d2c977338e9fc82b07dc104b790661afe19a0695deeebc742c7cf71d3d7651facf0ec08fd715fbcd3ff4fb129d4c23d0d857273bb620fd21ac5f080313a0f0ae77e45c86473e06c48719db3818b3993c88234fb0263148ab668fb4ef565c25319044fe46c3", 0x126}, {&(0x7f00000000c0)="15654d91fd691c85513e1dff9a607c8217479a71a5477af6dc523937c362c891afad759d937a08ca51d28419513cfb2df6efeaf3fc1b3b3a7c6403c4dcaead7eec60576bf60e65ef13a17fdb13fed40d65bd28b50a91ae2edc949328be69b2fac09c2cd5b8c36a0cc78ff862add091c2a40610e313fe192ecb054b57445696a4c6f9c2f8f201920480d6d5e8621d77a88d2087244fd50eee2d6ccfd03b713f3401890c1239064dfae7223cdbedf4edb3f38d590983d394", 0xb7}, {&(0x7f0000006a40)="21aac44f47fbf4f6496ce4e4b9a4d822b78eb9b455598c8b61d8495f74a4a25b52ff51750300f4c4ca6f376903868f6c4549a9614f3fe4b30498a27b658ee69fefa3edb52ed47b2ee8c004e5582c9bec82b153e8cf7f91e72d9054ffffbdbaf0fcd1c048ed3ee937b93ad633ad5a01d52d820466d46fbc4409535896a59dd1d94279d9c4df720e1871a57830a078e3c058ec6a5e0d2b233827600000000000000000ca00"/182, 0xb6}, {&(0x7f0000000180)="47b7ae525821a239fc7a10a2f198314f675756667db1e87b8453f3b2e6864abbac55304b04db64070368248b9b3d488fc59bc48e88b14f23a271edbd512b71e3d47f7f3885bb27e665e04225088a0f126d14ad611079f1fffffffffffffff94141486ed92c2044d31c44b77f94598161dc688a843a0b8fb4ed79cc3c5868cd25c4b1022527ef18f57c4badcf188e8e0f9b068464c66eebd146280afa02cf2a8bf5a08dabe729a88685a8c4e0b6b7157ae487c9e48618ecb59e1d4482ee80cbeaf965158d8fe068f8b6b717a6e3cdf43cb4ac3ea83cf81dc54cd8ac5d217600eb5b7b90fd85a70c1ab6d55ea72dd2dfd49ebce26f30f2fb1c76", 0xf9}, {&(0x7f0000000940)="6e027ae49544c38d0237e5c42138fdaf6115c76df5f52a072b488cec0bfa70182753983b8c0e5e7562ea44da6a850f945b52d76a55e44083ab7b10779b7aaaa7d0fe0e9311044ab003e439d96bc679b653e8650d557945bcaa35ece5901b8e7e7336949ed24d255082669463258aaa72ea97c4a8aaea962e5bffabf911d800a309da1e86a1bed84d250f09511872d39ed896817325fe8cd061616c7df941275b7c977aee6707fd92cab5818d51223c09ce0f34e8b3abab1f5916053c19948cfcd0d9055611ad662d92b077b1a6ba3f8d4f93e07cad00cb1514b124d1fbdd7914a7cbab6d430efb6e3d8894eeffac9f403b4079f49a343bcad4c90420737fca660c74d4df1f4a1ee6e8cf6a5e362ef2d60f2c87d416bd2dee31e6cbfc4cf65d09bdb762da0ec1cf20aea399b3256e81df249c6557bee9078da3703c3fa47a7d9b74bd5535b688dd6fd4410ab114aa578d7b0008000000000000de0468f41be2ce04f7f83f2ca51da575497e63462cc58eb6400b499f6125572c9574f101c951157591256fea210de53243cd8456d455def9eba8c24172b0aa4799a8386e63671f32c349a1febe1fb297eedd15a6dab51c35164e6cded4efbe0c9c639051b63020adda9a8cb4ef00eea57a5aefaf9c6bdd98f67ad68445ce2839fd0fdd349f99eb2f61b002a004c0b428b8f0dd14fcd7982ff5831165ae2612c01ca52f3d9aff54f9c1012bb28fb4fa5a21af981522cfe1beb375435482c4df6a0c381f9fa47cbd69621377d7339efc50", 0x229}], 0x5, &(0x7f0000000740)=ANY=[@ANYBLOB="2400000000000000000000000700000001071336ac1414aaac1414aaac1e080100000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac14141d"], 0x48}}], 0x1, 0x0) 2.170316255s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e) 2.13855622s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000003a7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) getpeername$packet(0xffffffffffffffff, 0x0, 0x0) 2.120431913s ago: executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20040, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) 864.835966ms ago: executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGLED(r0, 0x80404519, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000240)=0x7) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f00000000c0)) 820.928193ms ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18070000000000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0) 791.387608ms ago: executing program 0: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r2, &(0x7f000000e280)={0x2020, 0x0, 0x0}, 0x2020) mknod$loop(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0x0, 0x0) write$FUSE_INIT(r2, &(0x7f0000000380)={0x50, 0x0, r3, {0x7, 0x27}}, 0x50) syz_fuse_handle_req(r2, &(0x7f00000041c0)="3ed9e61a56c808e5b9b93ba8b4f962a89463731128f3c66a19eb6c151bd431bca9464ad646717e1bdaa1189ea48a253bc16aa90182396226b965ad3d00d25625ada2ece4eb6552d3004b5ac7a76a0ba72ff572e9b35979d539ba0713768131f2b5b15a3a9da0ccd9688578a924a25fc668034e926e2767ed4733405fc481f9073497aa7ac129874ada5f5c26d0cf6be483a927a73d319bca9b44a95e4ab9ecbe6e389fdf9dea6faa57fd5fada03f7aeb1ac06abfb3fc3302b4d550db4fb7b010d38b61b61e6c6b84960b1c14b7b502106b67d8e6649042392dd043fe433dbbf4c67ffd9297a8b0d8acf91881d252a56a04fce66082a718f96e2e39165fa90d11b62346e19c089178b233f4afc32d0ea670e9214a627955bed6c23fa8eac69f59eff2890efeba4e3f5e0f07e83fb63d8f2e78c7b16fc91a08c52af90de4e092d8634ca6d04318d9746006e5e4b6751620a44b6043d4f0edfd1b41c304cecd4ea32f5ecf8e1c47f31b4615fdab752837c7b01f63e1a78ca6150e10f4460ad387b3ab7e36b20b07958fff41e4761c18057146ac4b3da65c0f91074681864e8ee77dcee66a347fd21f6e1030819ccf82f3fc5a7e3da65014c950e677bef86c7d21d46f0bdf18c887efae1946147328a2d3c8d9c607618ac4861f5f752d16640555208f9d482654d2c6a7ba11e15fb0cee3acd5cab74bf1ebe44837792c5a0bf3e3956f161802eaa4f09c028d1d9feb44b8dfe25cc4c145007f2e8d747805551d2f261cc25064882f56d77b79c68602687277d9fc9ffb4154ec26d01de6660676cc8294c725d7b5d7f948c4794e096bd72fbfe79b339e8b2fc70abd3df8ef8c56be55fa8b66b60bddd6a6b756e978fe3176e307a36ff782e2b20d07b32a1980a6e4e10efaf5aa5226a881b627af98d1300f481d557fb9ec6d2d4ff5ac7fe448723db213329137a3f92f0fdd620d28f05936177340cf1d8ef8a759281844f81e0075a8aeb5b8db471dee32d65e20e39acb438ad8bd9e4e402f7436e159a5d8f522a9085f8440c88a120f607fbc9cfde5cfead8cab7448558ef9c61ec636f2b199c8c52e575aa553560953b459727cc9985defe56dad6cbfe1ea7a47252696c579c548b6b4313e22db084153aaa8830bb582e9b8ef5a8b4f5ca6984a8be7709c4be5c39f6d68f36a4f22d9820e99fb9b8abe0d07e7a28a77fced16876fd8faeb378e9e5e32d7cd0a71da87a3eb1edbb1c9afc2f3e1bd6c930619bac69f6fed43f9e8b66d590b16eb2d022111d0e9b6acfbd36135ad5ac65736d2e6dacb034937863087395c425c2d1c5e28d55da90355a5f93e2fe7375662790f74b51a066dcf63ffc667542ceec658213ee6e26c3ba2055c826c711976068ee33fc42caa42bb7227eef080e6faa55d5bf7478c6cfc1f1fa93efb5aac1e72599a417a60042ea8bcd4db8bf34ecc357785dad926eff3fae0c98e7d0221cfb6afeb17bb204909349bb5a4e0935f39e53eecdc0ea86c5920f2b642e5272a49ea7b3d0e38b67c0ec351079bd39d61cfd86bb722395891e28d7a86a3204ae228021883a64124c44abac9c4150e6977c134c6f6ad4f5939d7bf26b58cb42a7eec2d0264b35efb6b743d84cc119f18e805ef8873817262f7d013cb1156462748cf2c39ef6f22e0375a2e09c40cadb7fac623d6cb6f3e7fbb9a06ba822ef0ec863b1f299cf9fcb4dca1d8c19b48d6d652a8143fe36afa23a19650d6d220409e53a50ce178f1aa1993f43600437d621bdbbea86106fe923f162755bc66a9c4488c85b178224b420f8ab18342eaca72246e164e155a98179b4283343c1e4c1f88f527abcffd185c5d7661e3f24b4479c89fd6319583088dad3e72a5f8c45320ba88433cec724af19905fbbb4b933c3b2933b2fb0b6134fa02764a5bc20e843757e5b75ec231d5f8605b537c463fb50a8af0357e1b7c380fc3a18de318b9b972bbd637b32f314dc265f00f51747f6c30e558a1c72543c85df77e7729b07e74f0f9a437529610be1d69e3842bf99eb0c3bf2ab30e5f03717dbcebd2e4ec16cbf4503272b300fd52cf177a96c19548e051d8a980acf9a130d51b908e7b78848f3a9442e5be2deaa9fa6a10f580399d3f894ba53ed20f028ac293d030f01961891abcd222e57b57e1c9a5884dbd86339ff616a4b9920fa10798eb12d0577c710ab1b98ad09f4d8a0fa22df901f7240285a03c77bb7fcd0ee40ab89918674084a7c5834e965514c5473527efe9e4cde7c4e417b52d9088d3c9d75e95250b547a9e86e747a61c954cdba4fe212ef730ad9a8786141b3ed49d0b0cd864463445d4acb72c4aa6d56933376858ccd62998bd9a5cd1e5cb66900b3fe63ecf110207b764836b3f331d04338c8eca0641c8315c520252b98ca319b84a06bf4c60fea2acbf0ba5d72cdb91f544a631f7969cb8f115356c217739b9be3cbc08ff29bd7711fd0ad0c4c68311ad002c409fce13379a23a8229a226e21bf6d1ce23a24b0a18fd366c21ad168c17e357b09edfe4ab4261f3105830609b0da8661753f9ef84fb5347c8c41b3d32f09adbc759ceb91e2c557e104519f0072b8843353b459e8c9544313f3e174acf8beb8fd9ebccf18babde6b39141e6f76c1357864b5f35a64b77ac0d609d66a5c2d425c952001867e62efcb2f50d85cb672d5466e781555b158cbd137cbdbfeb2becf958733a58487f9a4e7557027c3c5861b0d496cb72defdfbee54d51522b7e8eafcd8fc2a7a5c9543e28db72e2a3e7e392d9ef5145203d6c583a9e81a084ed4efb0ba5202c8a73e57a739fbdb553857da051847cfdaaf566273c10b93e4a67af78092ac08409e3ce352e253828bfbd6ea0af7aab7c98e81bc8b1d5c69fcc88edfdcc6f066561e5f525392818519206c42ebf256dcd2da61701a6f73884606f713a9addc0c01244120171d261cfead846feeb94d0408642671fffc23ea1fccfb2ca2ee4449349375f8dd9ec932b383af73815cdddface88a33c8a395c437625f5ddd0d0e991ccbe9eb7db2a21a3f7646ca7d00ec326794d8f0d0a64dc59cd34576df726fe978795d9b2cf98b282d8cfa1ff7b1e19ba198cd275fd1b3ed6780f1afa6d8c480a030b6b2d00609f2b5bb9ba2c25b7e1125ded723cad9c56d3acf7b59de2bb0241b92a1614d19ce0348ecebdfec892ea8370e7bdb1ec37492a0be6b8f325dd52de9736cf0bf45b6d70a84a1baedbf61bd0a58459166be21869f802f6368d50dec8ffadad3ceedc6d90d0670d8e68c13516508cb0e6df979be50bb25b0e92de9fd798bdb86b58690eac20fc523cfa29cf5c988363e2af7d1ec90005a849c2f590b173ffe4a1a22965648318c584995286909d623596f9fa9aaab84f1e4ee8b3acc2a611e9974de269bddf84cd5bf424c9d915c711e57fa0465ed5e7ff476e2adc7c44a5a30d1d4f7dcd61f8bd9aa2326c9d241dda0bf20db0fc5164ba30d866eb0b45c46a3daf113aae4c3945925e237fa36fbb862c030a370a8888fb16c245b86890bfdc3e6cfd75b2891eccfb0c5bd057f211f6e84b9c78dfe74d9d5286fc376e0b698ca5065d5f0df09202c63d92947fce76f4b45846ad98ee37f9e83d9d9ec19af9c382f2dec4bb51dc95cf26de95ff056b06e8da707df27d1f63183488edc089350624859c4cee6b8853ac920edc49ccfee4f57c12a75813cf745c67bbaed93f66b89207e7a6de876ea558c36e71299a8fc8957768c831ed711592f3a0b8e87593876fbf124c2cb07c7edd745680da68be13908e8567ca2c50be6738b4e4dc1d28c982b8e06f30361be5ebdc3e6a62bfacc5a2d05bf17a9c14c2eb7ee6c6b5d484aab4f78539e837499ccffdb661ba93e900f4760c55b0d34116166348b54c610d72625625ad2e6ff52fcc25856c32b520cce6a2495742e7e18cc4220bf358edccc3c581fd1f50ae884c1871a0b651fadddf89c14433d71d0a8c7052869d988b3aa3f515f8720852a8631e9f1fb0fbae0c36711f49b171b3077a788b281f4f2a1c80d784bba50cc03a1e2bab1e0c5ea847e7f35ccfc758d5237c798ae5ed73809b09d950e9824fa32e7d5053828b535e997d247420519ee17ea532a8a23671d648cbb772e4f89899fa007d5329b60874257966065af857df0c8b10bb132d199820296bf99d3287c67f8db99108117d5f810a7800d7aa7035df64a8e06cf0de62a34d68cb36c0749262985c3d057663170a1aa4ae922ff23855988583aa7807cb7d804ed7e0c93435a19d0b3a2d21ca1473f3f1029c8482166e3c9ef60102b1d8592ee9362016b83aa47b2ef78ea81775c8d8b6d331fa71b469b9257f5dabfc15651b8f9bfbf37f11639deb93d2290c531166a7ff4c02fa914dbf2564588741ba8a4ba26e94fb3b8f800386d45b7f12602004cb74fc9a8c5a5e8da428e38d17c834eded50bbddb8ead7eab90b1f64bcea75506220fe8271879c17bbedf143254c221b700339dca27b774ecb113ea13cdddc30a627f0d675b7fd12350541e9403e7b4aff03534963e033b91e1f985dfa177c15a67ea1f645573adcf4743fe250e31813125fa6b532dfdb37281652968b6d2a39c5d09368ade6a7f48cfcf6eeebf79e79dab6fbbfe06eb7320cdb0485e0c6de0e0ed33faaf685f409d5c01e093ff3ddf6abd272cdbb9efc5919dd6064c15d9dfbfe45279ab3cdfd90fa15bd437d9b1f7cd03c0c1a31ba5138b7dbe0173fe51659929cf0acc6c128790033481e8a1ac573bdccac7a71efc019e4abd08a3d618671edecc5d7e31c1b442591c7b46ddf24e585c9944d4915a677fe44de3587f5a8bdae328393fac377483c3fa9b7f0f68e6a655b9206d419eabbb7da9eecf23282933ab9b4aa8faaf5f0d9f4308dcc585db4b561ccfd97b0d528be53119f9287256ea6cfcaab1f875cac43030d0cdd952156668f01f19974d58b2f77009240e9613d8833b04597b1840edfca4dc36cd338e1acaac92c02a7e72447b5b3fe631170047f34ae529eecf9c8ee20081d1d01f04a08ac05c7717512ad9aded19c68c0fd56f6837de2039a03a43a86cd3ec765ab06c735069c2d15655acd008c215a87b6c32a626cfe528753d6bc6253e8e3bd666431726525e1675e33b32d551333fd0eb7765a502f90e02c5f0fe6ad8262968f70a70d027e1287984a3cb33adf2a35b7dab8b7c30502b2cfccf65cf0da4aec103759aa2503a45d6063db0f69b60a015c3569b15d8d9722d910200f62dfa77c7d2501cfb5f03a0fad7cc4357343edec5d2829b2fc5957f53d7a51a2e12968c67513be62ac8396f77115b86268c9f652e6837664127278368c907920bb26df6205d140c20f53c00eff4f201d6c8aa04904de099d813fe4ffba1c2a889ff33dde5c7007d27e1132d2a618e7877d02359a1696c8a9a24b1eac510722d9c0227f81d410b59c38afc1dfd12bbb8c1c59abf19f70d75a9db383d409f256c3ee7818f801907a25214d6d0ab95fb1c0e734aec1cb7538711d5cabd57034f3d236940610f4ba89e8270bce8d39453c704b6fdf00918eb6cea8b54b1018935ffaf7b77b4ab18717c5d1f5c053eb87a7d7742fc06146a2d34a56ecc4ccd66197242ef3d0d0751902162ccf7c583bbdbcf19a9f402eee6b11c7a6980d5654d20e8beae12211d2e3f1bdff456ffd6c3cbf2fd7681e1084234542f5a7460d3fae55611a58bf84bc4cde086be78c63f1436b170dad5961f63f8bf56c9efdb6fed94351ab39e3fefeb940d59a18efb92779703b28317b634d023fd27e9d998e7ee91bf4935a9856f07c26ca9b3bc0f337817e226c010ce1be5c4366e2d06045edb1f60950882ce4d34c1aa0879f5b6af951a709c2518989fd81c52878bf3a67d2a87fbade05359e0cd3213e388ed2be830b12c46e9f550467ea3d06cb2ba6d13273cc0aae12d48a0658c3bc6bd6cbb16ae593eb1b513f310edce983c4237c1329a7e9fbbf57ec26c67815396f385322ff898fec3761f1df87ec735346bdafa9b84ba36973fd35d09e95791445b820a5a09086486b1417d9ec8b9ab5c201f83fc96398af0a22552f48ddcd6b459904a7701abdbe17245a1cba26fe3c96030965741153cdf6b42ad687f70e40e5a7aeaa32c30eb79498254026276b3c2ff10e2d34791b516590f8f0760c65ec5514950aa4374c83be8aad7fd967e1383d14724c84b0a239484b6311b3ff1e53baa2de60950dcf6393f1d230c2dde99be06b9e168623da47fc0030e6f90454433aab91e07fba2ffdbd139f4c35d57dc489563a24c5a5e4d3e6ee2129151d8776b68c0a77fced00e8635a0474fbdeb36170eeaad4a3c0a98263334a41c288020ad0312d3673db67d1306e19b89cffe932951b0ec457f25cc6813e72e59a11d59b5f144ae9eff5bbefd952fec75e556422ca91c83839008a7d00e65ec96103506baa8355e3c6713a0cdfcb839cd21b2724570965db08073febb2e8f5cf36bd3d2a0c125c45223002ee6c36e3184298beb5d8f2fd027d414ef999b7aaf82318e46b829eef7a69f3a8f2b983a17c14bb4e5a939c21d4b8fa9866dc7d0f69cbb8704c20c9776390efc7afe7a1ad5a513ef48bf1b859dd39d95e7a9c76efd0ea02b384b4cf25c68ff65f027878637de939d6d2e1d43a10c99aafc357566990c95b9f19ff4a4a71a544c851d4f2cfdf865983694617d1f729f3f75071903ed8c0157e3a01cb58a4254bca6cd4edbd47c287b17bca0b9800def29645d6650d258cbd3d21c168d991cf6ab7ca65d643d9d0d718a0c605e57c5dbb006a01addd05202211cff89543331ecdeca6ce40176ca54a87158f26967f8ab06cf963ccf24a15e755975cab2c656597f4764ca3c87dbcaa1083e8bcbc1490c69a76eca20781adbbad046df8989e930389ba0db0909683bdcda76d7addb9dd01a3b3150fb3e95ae12793f3984392ef76b8b08b3699ca90c9f5064f2a2eec75e3bdbd6411783451607ed932a0638ca04891f312c2b715f7563fe275c2fc593faa47c5937068d9894e262ce676dede47151e6d4e04d543f7aa93dc2d7296ce21477e119c380482dfa4ac3e0c25776705f8568a4143c101b5a9b15fa69fe1dfc8ff92c76c05d4b74b16cbec265ceb18ba0eef535875b242fa0981c778fb8c9f37b43d9db887ff58f6584ece2cd07de26a5da464c40521d8e3d48381bda36ae7f4c75050da1981daf5a8555846bd5c0a5bf2819c687c858e49fe1aeab36a6f8457c15d75b5bf89628e9145709732a5ac0a4cb673c8ea6965d712dd77953631d19f1e808aa06c79f29ad429782ac25ea42b180d837f98ac850582067e9d59734b9a2e616a998006cf87cdf40219ab6f511c78d12af44729bacd101557cb30a3e0cdef412aaabcbadb2edcc1c181653c664de89d014935ed7c95d8a8b9c8084b97d8e07bfaeb5d6ea0fb67f6b4a6a5d526bee9f765b3499255c1d3309ef66503b1406472f3013014ab04682d652fcb6671d528020b3fcf82bdf022e8adc0606db4b26ad247a9c2057b9d99238111c36d32e3ff051290886685b17ac194e5fec8a6d561ad15f403dde1ee620f844d16478f32be34243e97604362a6231f63dfbd3bfdf138580275a2114c8620db538cfc3fee0f8bc34cf8985a3aa6310c757daf03680ab6b721a6f08a88e8e1d50dd8694f9f8bc44fcab7d91f3c22e9b89ec142e9549712715071e3c16c5a196229cabed9e28ea5ae0e61fdc2799851dcbed5c00018b7eebeccfbc9d6767a15825064ce36e457a94fdb3b533e99fc842f3c5f1e1a67f19cb211fc1e475ebc6c9b520b9a3a0d919106308427fe6af16d45ded4914a0a7ca65c762b7de4b540ac623e59f1a3fad25785b6b9460c01434aa3272b24a61c1ded967ca8a90c0b174fcf239f3fb4cad1d7204c7f05fd25317650f3a7928f7a6210a24a950b462a5eb8ceba5d65ce9f2cecee59b505928b9fc1b5242ff5108fc586a129124eac5a2d924a7c4ef7784aed4591cdb4b79c1bce4e99d7e02b33f42bac444a4b518eb288755eddf3601a600c6e7bbd427ed35e0b6a9f7877bf5d17efdc9f684b92cec7927a3075fbcc9ddcd6347aeed5002cc08645cccd994e169a40045a6d98c38b54bf08e90f6482ca4cce2ab6a83661a0e953f2abb981356e5564e149bb552dee13c274aef29a03493275741b4bbd8123c9653a09f5c55735696ffc2a873654afcc5ff386f14d26adc2dca69ba39fe64af5ca977892e13abf933bfc0242709474e8c304cb086492718fba1f36cc69253ee4b4d017d76e36179546cbc27ebb2001641be51cf5c9ce507871c7c3ebdceacc195afcaf34bd0fa6331120ed1f6d6109fbb905f0808ba0cb3892d0c670accf3fcf42db53aae903aae21c34ef53d33055363e4f5f5c44120f32f93d3dccb1d10209741d5b5ca699357b0e21637f9a246d366d90b7b6c007f21c4b141a37c98ff474ebb1de0f3237c98f142e37f090e74cb3e1629859cad93c252603505305f2fd3285cb7e66bf67ead403864b5d98c0e989ca29ff8423d0d4f91ab4ab0195746a10fd7a1370348458e144e6c58d2f7fee7de3c864d4b39e3ac30e1d0a8c84f9ce471d3bb15cb14d3f64b09a73966d765cc50a4de8dc61181e163d8bd83d95af2d706cf3412b277ff9622b6d3033eab184fa504f232372a944a9274dfc47a5ba8bf2d261c3f18614d9cd1ece3eee69c1a00dc5bd3b09256109788b96d6a66579634c455d2c1ca531bde926294d6e19b8db561e12fef2ea9ece7bb93d816e59d05586ac8e4306eed38d71429b88d2d7f7fc61c242d7b9c274386267fc7a19842db00df723b5e7abd197b7a2ec3d2c8575e92207352e2d07aa82b6d4a6fceca72c021a017a397885fdcd68d26a4e9ca494a586a8e4a971c6d9c8f6437f438edc6c1ff5f36aa1774480e7c4d6b91df793633cfc8b2def0f3cd2602f16bfd49a8d5c3f75c2b096fd22ca397ac8698ba34f104d8e50064b16de7b9a0e8f6743a9f80d60b0b7b5076912cf6d83f787472d6a84c2efe41be5dc2e70b16ed747b9eeb40e7be9355a45e87aa712b3a551d4339c5586eae65952111834d7b573ba71ded5b3b66ba53e501c43e5f445758dd8473bd9622651116591ae17c077085df5b794589d8f2736e96d28023314477cbb3c8f5a35716bc9840cd53f4bff39058765bda410565d717694c868a84a83551ce87a8d286a12e7a44088770a2a88685deafcc5452cfd5ae01731b18d9febc4f9d01cfd62416a61d77e8b9430c7a61037ff6ea79e19a303404f0bfc54d618a7feddb349a28d85ab20627e369d33d8f0f0e68688d827ae6a3d22460561745d4eaf6582da1020d75b0960d75fef607e19bc91954d43d35ace6d0a7ec9509d94dac4db6ae1962ad9b73a2a3ae7c98837a389dca1d494c06af78c1a608752f6559cd5e86da38c5fb1992ef987b56b21d1afdd592c6b9da42597b5035e57998850e750df553279c1b98d1ab23562fb32d04dca6ef7684acf19923c8c10a87aece43990e0681852eddf4a5a5b176dab5b6243c461f61a4c08d22fba0b21ae0d6acd78f4f0265eb1d614987a9cf5d1e033e159fc8161ded96ec73f04497245603053d5d777a2d71c633efc4ccbb5ff2d46dc6c3252a072830fd0ae68c652180672632ee20ff66a08605b7abc03c4445fbcd393c0820b635699b03b92cc3316ee3f20161d765b70aadf5ddc9744cdc9bc361a5a3a579184f5129a11d38f5da4c8c2caccb561263ad3ebb7033f34e346c0931cd869a0488ad68a957b2e7eab22aba041549a1d3fded120ed5906c9ecc0b668b52a376344ac184f0f479751c3c12f338a5d532d697af9edab71ae947ff96628ef939148edb5e23077c1f72c82a3e5f2b9177a35f2ba572eebff6e6bfdc21651349d2745efe40287482433d503292150ac367760b67d0432612540d340f86480243f57caa4ddca561464b5be81ea1656c0b9a1375bc4042b802cd0b26133bc688e498d6ccf4067439a286a75cde91474c397a8c2add6e4efd854ba3d059e174078ea94a0b407c165d1d20e846b6c8ee212ef7b3b1034ce6981557c1a433d4077a87e00193ca09ca73a3ef3c8f65a68a7fa142a5754f4c66073728f5f238d6c6ed202cb2408c45476eef8524b30381cd83a1bb51ceaea175c35b6ddacb448568390323a21a518057f8b2a7c4dcf4d3514b7658fba3d55ccefaa19a86eb1b321ae4d47eee87aac4e53bb187c2c5ecf97fa03b46ffc2a83e0bbe7b1eb31134c2b1d9543f41c09877ac1267819cef24fb86cee098694e87b43b421771dbb8a6e4af3008a90a4cb54212aca17299f2ad980b568751eacfc1d9e84e42e17eb217c1de6a38a2898a0a5941ebdbcb9e15bdb20a1a11e29f584222d468ef58481e3784476b887f99fdcf9deb61f9360dbec1208e4b96cdbbaff65ddd6fe4c6f04554c9f6f3c0f70dd19eaa295a9869eee5fa36e934d80f5a3f15804dba48709a8c823a144132d67cacad804960edb38e1772a00cf9db512c28e1024aff0abfc178f90f5ef6bfb9ec1804184c898c78211c3a3887699aea996914ff8635b226f49168b834f6ef1bc213e336767017ea805137a75ec7a03a814234e970656fb4c5f721e63b4d26d55b886000e7536162f9654beec6d72306034fadaa8671b2d41058fa8b86e96266ccb4001ca53fcb8c8e17cbaa2d55053b8f91ec441cc9b79aba89891027049f9be0b61de4e1645db5b998e076fd7fe1ec01b53f8d47f1d2b28b6a3712d543fc86419da87a9766bc2ca87aa04c9f1ad2fe8b01ce02c40dc5f66a0d451932d2310367f98c9bcf23ab40bf0ef6ca26029dd46cba11e1522c27939ff221c0cfcdddaecc5e3599c9f030efdd792dc9864dcbcef14a1aec8ddeac9193e7f8e6b79ba3256c6c95076f682ff3067831d7207dee637aff54eaa061d14e2c54f031a31f49ac8e5372df732a24eeb65a37e337e64984911160493dada90ddcc937fe948ef4627b1d877c486fea9467d988ff69ecf888a40a29e5d432c14c3e4dfaa427d9fad51054c005a3392987b1153c4bc6fd425e0a9200df0756ca4277a949e68ef1c3e3c32a66d18fde517a50977308b0625b9f5e98f429935c7300d6fe5ba24051af33bcaa2cdb9fbf737fa1a065cde1b5dc55d4d941d3ccbed897d55f6f5f7ca7c3dd4b4043e0af75705ff91795407fca341bc339d374ea120529f2c6d0c5346eb5276e671353dd2df7b5a94db42beae1b07d071e7119f2b94878fe050d65251ecd55ccb0e8065e7714aa50551887324e695ed552ca7267542f10485b4238daf164fc3519998e3538cbc034269bd9768b1ea3dba3d3c099bb9abf7b38945c346abcb6314e91a9ba1b6127255f7944e86fd0108b5c2fd27b531fac0d50d8d7e62996e4a0a812767f50bae2586886721dc2b4844e2544464b55602e1919cd7142a6190471fdd8775f2f415aa3af40a8ae2f2c55260803e736ef831771827dae45e737a717cea9db8d04bf7c7622dd12797367a2736a54b35d528393c89c3becb7442c9919d4e5f703884b66afa0f98ca471e3436f379450aa67102ad97227cc450f5624d1e11eb4d937c7ceb2e33dde35265ab6dc9df45b55bfe0731", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x90, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, 0x0, 0x0, 0x0, 0x0}) 725.463448ms ago: executing program 0: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c85000)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000140)) 714.00044ms ago: executing program 0: syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]}) chdir(&(0x7f0000000140)='./file0\x00') bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000e27b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0) 653.123199ms ago: executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x0, 0x9) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) lseek(r1, 0x0, 0x0) r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@o_path={&(0x7f00000004c0)='./file0\x00', 0x0, 0x4000}, 0x18) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000540), 0x10040, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x10, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}}, &(0x7f0000000300)='syzkaller\x00', 0x100, 0x0, 0x0, 0x41100, 0x25, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000400)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000440)={0x3, 0xd, 0xf68f, 0x80000000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000580)=[0x1, r2, r3, r0, r3], 0x0, 0x10, 0xd414}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$sock_linger(r8, 0x1, 0xd, &(0x7f0000000040)={0x1}, 0x8) shutdown(0xffffffffffffffff, 0x0) close_range(r7, 0xffffffffffffffff, 0x0) r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r9, &(0x7f0000000100)={0x1f, 0x0, 0x3}, 0x6) write$P9_RSTAT(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYBLOB="501000007d01000000490008000400000020010000000700000000070000000000000010006b6d656d5f5a096afbf561b10c0047504c00f2057402000008ff4720b7f2a1090000000000000001000000000000f4c73aefffffbd6e74e49facb9dfdc2949dcc67e2ea9b8067f7afec6eda4e11be809ab40000000a02d6e11b4317912ab579a7868496b6ccad27420d61d"], 0x50) write$binfmt_misc(r9, &(0x7f0000000200)=ANY=[@ANYBLOB="72b9800007"], 0xd) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_lsm={0x4, 0x7, &(0x7f0000000040)=@framed={{}, [@jmp={0x5, 0x0, 0x0, 0x0, 0x0, 0x2}, @call, @call, @jmp={0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f00000003c0)='GPL\x00', 0x5, 0xff9, &(0x7f0000000a80)=""/4089}, 0x21) 391.68822ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = dup(r3) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000380)=ANY=[]) 198.799299ms ago: executing program 2: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000), 0x0, 0x8) 156.901596ms ago: executing program 2: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x100002, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='block_bio_remap\x00', r2}, 0x10) write$cgroup_type(r0, &(0x7f0000000500), 0x9) 150.391617ms ago: executing program 4: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) 121.233381ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e) 103.237934ms ago: executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18070000000000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0) 35.428985ms ago: executing program 2: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r2, &(0x7f000000e280)={0x2020, 0x0, 0x0}, 0x2020) mknod$loop(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0x0, 0x0) write$FUSE_INIT(r2, &(0x7f0000000380)={0x50, 0x0, r3, {0x7, 0x27}}, 0x50) syz_fuse_handle_req(r2, &(0x7f00000041c0)="3ed9e61a56c808e5b9b93ba8b4f962a89463731128f3c66a19eb6c151bd431bca9464ad646717e1bdaa1189ea48a253bc16aa90182396226b965ad3d00d25625ada2ece4eb6552d3004b5ac7a76a0ba72ff572e9b35979d539ba0713768131f2b5b15a3a9da0ccd9688578a924a25fc668034e926e2767ed4733405fc481f9073497aa7ac129874ada5f5c26d0cf6be483a927a73d319bca9b44a95e4ab9ecbe6e389fdf9dea6faa57fd5fada03f7aeb1ac06abfb3fc3302b4d550db4fb7b010d38b61b61e6c6b84960b1c14b7b502106b67d8e6649042392dd043fe433dbbf4c67ffd9297a8b0d8acf91881d252a56a04fce66082a718f96e2e39165fa90d11b62346e19c089178b233f4afc32d0ea670e9214a627955bed6c23fa8eac69f59eff2890efeba4e3f5e0f07e83fb63d8f2e78c7b16fc91a08c52af90de4e092d8634ca6d04318d9746006e5e4b6751620a44b6043d4f0edfd1b41c304cecd4ea32f5ecf8e1c47f31b4615fdab752837c7b01f63e1a78ca6150e10f4460ad387b3ab7e36b20b07958fff41e4761c18057146ac4b3da65c0f91074681864e8ee77dcee66a347fd21f6e1030819ccf82f3fc5a7e3da65014c950e677bef86c7d21d46f0bdf18c887efae1946147328a2d3c8d9c607618ac4861f5f752d16640555208f9d482654d2c6a7ba11e15fb0cee3acd5cab74bf1ebe44837792c5a0bf3e3956f161802eaa4f09c028d1d9feb44b8dfe25cc4c145007f2e8d747805551d2f261cc25064882f56d77b79c68602687277d9fc9ffb4154ec26d01de6660676cc8294c725d7b5d7f948c4794e096bd72fbfe79b339e8b2fc70abd3df8ef8c56be55fa8b66b60bddd6a6b756e978fe3176e307a36ff782e2b20d07b32a1980a6e4e10efaf5aa5226a881b627af98d1300f481d557fb9ec6d2d4ff5ac7fe448723db213329137a3f92f0fdd620d28f05936177340cf1d8ef8a759281844f81e0075a8aeb5b8db471dee32d65e20e39acb438ad8bd9e4e402f7436e159a5d8f522a9085f8440c88a120f607fbc9cfde5cfead8cab7448558ef9c61ec636f2b199c8c52e575aa553560953b459727cc9985defe56dad6cbfe1ea7a47252696c579c548b6b4313e22db084153aaa8830bb582e9b8ef5a8b4f5ca6984a8be7709c4be5c39f6d68f36a4f22d9820e99fb9b8abe0d07e7a28a77fced16876fd8faeb378e9e5e32d7cd0a71da87a3eb1edbb1c9afc2f3e1bd6c930619bac69f6fed43f9e8b66d590b16eb2d022111d0e9b6acfbd36135ad5ac65736d2e6dacb034937863087395c425c2d1c5e28d55da90355a5f93e2fe7375662790f74b51a066dcf63ffc667542ceec658213ee6e26c3ba2055c826c711976068ee33fc42caa42bb7227eef080e6faa55d5bf7478c6cfc1f1fa93efb5aac1e72599a417a60042ea8bcd4db8bf34ecc357785dad926eff3fae0c98e7d0221cfb6afeb17bb204909349bb5a4e0935f39e53eecdc0ea86c5920f2b642e5272a49ea7b3d0e38b67c0ec351079bd39d61cfd86bb722395891e28d7a86a3204ae228021883a64124c44abac9c4150e6977c134c6f6ad4f5939d7bf26b58cb42a7eec2d0264b35efb6b743d84cc119f18e805ef8873817262f7d013cb1156462748cf2c39ef6f22e0375a2e09c40cadb7fac623d6cb6f3e7fbb9a06ba822ef0ec863b1f299cf9fcb4dca1d8c19b48d6d652a8143fe36afa23a19650d6d220409e53a50ce178f1aa1993f43600437d621bdbbea86106fe923f162755bc66a9c4488c85b178224b420f8ab18342eaca72246e164e155a98179b4283343c1e4c1f88f527abcffd185c5d7661e3f24b4479c89fd6319583088dad3e72a5f8c45320ba88433cec724af19905fbbb4b933c3b2933b2fb0b6134fa02764a5bc20e843757e5b75ec231d5f8605b537c463fb50a8af0357e1b7c380fc3a18de318b9b972bbd637b32f314dc265f00f51747f6c30e558a1c72543c85df77e7729b07e74f0f9a437529610be1d69e3842bf99eb0c3bf2ab30e5f03717dbcebd2e4ec16cbf4503272b300fd52cf177a96c19548e051d8a980acf9a130d51b908e7b78848f3a9442e5be2deaa9fa6a10f580399d3f894ba53ed20f028ac293d030f01961891abcd222e57b57e1c9a5884dbd86339ff616a4b9920fa10798eb12d0577c710ab1b98ad09f4d8a0fa22df901f7240285a03c77bb7fcd0ee40ab89918674084a7c5834e965514c5473527efe9e4cde7c4e417b52d9088d3c9d75e95250b547a9e86e747a61c954cdba4fe212ef730ad9a8786141b3ed49d0b0cd864463445d4acb72c4aa6d56933376858ccd62998bd9a5cd1e5cb66900b3fe63ecf110207b764836b3f331d04338c8eca0641c8315c520252b98ca319b84a06bf4c60fea2acbf0ba5d72cdb91f544a631f7969cb8f115356c217739b9be3cbc08ff29bd7711fd0ad0c4c68311ad002c409fce13379a23a8229a226e21bf6d1ce23a24b0a18fd366c21ad168c17e357b09edfe4ab4261f3105830609b0da8661753f9ef84fb5347c8c41b3d32f09adbc759ceb91e2c557e104519f0072b8843353b459e8c9544313f3e174acf8beb8fd9ebccf18babde6b39141e6f76c1357864b5f35a64b77ac0d609d66a5c2d425c952001867e62efcb2f50d85cb672d5466e781555b158cbd137cbdbfeb2becf958733a58487f9a4e7557027c3c5861b0d496cb72defdfbee54d51522b7e8eafcd8fc2a7a5c9543e28db72e2a3e7e392d9ef5145203d6c583a9e81a084ed4efb0ba5202c8a73e57a739fbdb553857da051847cfdaaf566273c10b93e4a67af78092ac08409e3ce352e253828bfbd6ea0af7aab7c98e81bc8b1d5c69fcc88edfdcc6f066561e5f525392818519206c42ebf256dcd2da61701a6f73884606f713a9addc0c01244120171d261cfead846feeb94d0408642671fffc23ea1fccfb2ca2ee4449349375f8dd9ec932b383af73815cdddface88a33c8a395c437625f5ddd0d0e991ccbe9eb7db2a21a3f7646ca7d00ec326794d8f0d0a64dc59cd34576df726fe978795d9b2cf98b282d8cfa1ff7b1e19ba198cd275fd1b3ed6780f1afa6d8c480a030b6b2d00609f2b5bb9ba2c25b7e1125ded723cad9c56d3acf7b59de2bb0241b92a1614d19ce0348ecebdfec892ea8370e7bdb1ec37492a0be6b8f325dd52de9736cf0bf45b6d70a84a1baedbf61bd0a58459166be21869f802f6368d50dec8ffadad3ceedc6d90d0670d8e68c13516508cb0e6df979be50bb25b0e92de9fd798bdb86b58690eac20fc523cfa29cf5c988363e2af7d1ec90005a849c2f590b173ffe4a1a22965648318c584995286909d623596f9fa9aaab84f1e4ee8b3acc2a611e9974de269bddf84cd5bf424c9d915c711e57fa0465ed5e7ff476e2adc7c44a5a30d1d4f7dcd61f8bd9aa2326c9d241dda0bf20db0fc5164ba30d866eb0b45c46a3daf113aae4c3945925e237fa36fbb862c030a370a8888fb16c245b86890bfdc3e6cfd75b2891eccfb0c5bd057f211f6e84b9c78dfe74d9d5286fc376e0b698ca5065d5f0df09202c63d92947fce76f4b45846ad98ee37f9e83d9d9ec19af9c382f2dec4bb51dc95cf26de95ff056b06e8da707df27d1f63183488edc089350624859c4cee6b8853ac920edc49ccfee4f57c12a75813cf745c67bbaed93f66b89207e7a6de876ea558c36e71299a8fc8957768c831ed711592f3a0b8e87593876fbf124c2cb07c7edd745680da68be13908e8567ca2c50be6738b4e4dc1d28c982b8e06f30361be5ebdc3e6a62bfacc5a2d05bf17a9c14c2eb7ee6c6b5d484aab4f78539e837499ccffdb661ba93e900f4760c55b0d34116166348b54c610d72625625ad2e6ff52fcc25856c32b520cce6a2495742e7e18cc4220bf358edccc3c581fd1f50ae884c1871a0b651fadddf89c14433d71d0a8c7052869d988b3aa3f515f8720852a8631e9f1fb0fbae0c36711f49b171b3077a788b281f4f2a1c80d784bba50cc03a1e2bab1e0c5ea847e7f35ccfc758d5237c798ae5ed73809b09d950e9824fa32e7d5053828b535e997d247420519ee17ea532a8a23671d648cbb772e4f89899fa007d5329b60874257966065af857df0c8b10bb132d199820296bf99d3287c67f8db99108117d5f810a7800d7aa7035df64a8e06cf0de62a34d68cb36c0749262985c3d057663170a1aa4ae922ff23855988583aa7807cb7d804ed7e0c93435a19d0b3a2d21ca1473f3f1029c8482166e3c9ef60102b1d8592ee9362016b83aa47b2ef78ea81775c8d8b6d331fa71b469b9257f5dabfc15651b8f9bfbf37f11639deb93d2290c531166a7ff4c02fa914dbf2564588741ba8a4ba26e94fb3b8f800386d45b7f12602004cb74fc9a8c5a5e8da428e38d17c834eded50bbddb8ead7eab90b1f64bcea75506220fe8271879c17bbedf143254c221b700339dca27b774ecb113ea13cdddc30a627f0d675b7fd12350541e9403e7b4aff03534963e033b91e1f985dfa177c15a67ea1f645573adcf4743fe250e31813125fa6b532dfdb37281652968b6d2a39c5d09368ade6a7f48cfcf6eeebf79e79dab6fbbfe06eb7320cdb0485e0c6de0e0ed33faaf685f409d5c01e093ff3ddf6abd272cdbb9efc5919dd6064c15d9dfbfe45279ab3cdfd90fa15bd437d9b1f7cd03c0c1a31ba5138b7dbe0173fe51659929cf0acc6c128790033481e8a1ac573bdccac7a71efc019e4abd08a3d618671edecc5d7e31c1b442591c7b46ddf24e585c9944d4915a677fe44de3587f5a8bdae328393fac377483c3fa9b7f0f68e6a655b9206d419eabbb7da9eecf23282933ab9b4aa8faaf5f0d9f4308dcc585db4b561ccfd97b0d528be53119f9287256ea6cfcaab1f875cac43030d0cdd952156668f01f19974d58b2f77009240e9613d8833b04597b1840edfca4dc36cd338e1acaac92c02a7e72447b5b3fe631170047f34ae529eecf9c8ee20081d1d01f04a08ac05c7717512ad9aded19c68c0fd56f6837de2039a03a43a86cd3ec765ab06c735069c2d15655acd008c215a87b6c32a626cfe528753d6bc6253e8e3bd666431726525e1675e33b32d551333fd0eb7765a502f90e02c5f0fe6ad8262968f70a70d027e1287984a3cb33adf2a35b7dab8b7c30502b2cfccf65cf0da4aec103759aa2503a45d6063db0f69b60a015c3569b15d8d9722d910200f62dfa77c7d2501cfb5f03a0fad7cc4357343edec5d2829b2fc5957f53d7a51a2e12968c67513be62ac8396f77115b86268c9f652e6837664127278368c907920bb26df6205d140c20f53c00eff4f201d6c8aa04904de099d813fe4ffba1c2a889ff33dde5c7007d27e1132d2a618e7877d02359a1696c8a9a24b1eac510722d9c0227f81d410b59c38afc1dfd12bbb8c1c59abf19f70d75a9db383d409f256c3ee7818f801907a25214d6d0ab95fb1c0e734aec1cb7538711d5cabd57034f3d236940610f4ba89e8270bce8d39453c704b6fdf00918eb6cea8b54b1018935ffaf7b77b4ab18717c5d1f5c053eb87a7d7742fc06146a2d34a56ecc4ccd66197242ef3d0d0751902162ccf7c583bbdbcf19a9f402eee6b11c7a6980d5654d20e8beae12211d2e3f1bdff456ffd6c3cbf2fd7681e1084234542f5a7460d3fae55611a58bf84bc4cde086be78c63f1436b170dad5961f63f8bf56c9efdb6fed94351ab39e3fefeb940d59a18efb92779703b28317b634d023fd27e9d998e7ee91bf4935a9856f07c26ca9b3bc0f337817e226c010ce1be5c4366e2d06045edb1f60950882ce4d34c1aa0879f5b6af951a709c2518989fd81c52878bf3a67d2a87fbade05359e0cd3213e388ed2be830b12c46e9f550467ea3d06cb2ba6d13273cc0aae12d48a0658c3bc6bd6cbb16ae593eb1b513f310edce983c4237c1329a7e9fbbf57ec26c67815396f385322ff898fec3761f1df87ec735346bdafa9b84ba36973fd35d09e95791445b820a5a09086486b1417d9ec8b9ab5c201f83fc96398af0a22552f48ddcd6b459904a7701abdbe17245a1cba26fe3c96030965741153cdf6b42ad687f70e40e5a7aeaa32c30eb79498254026276b3c2ff10e2d34791b516590f8f0760c65ec5514950aa4374c83be8aad7fd967e1383d14724c84b0a239484b6311b3ff1e53baa2de60950dcf6393f1d230c2dde99be06b9e168623da47fc0030e6f90454433aab91e07fba2ffdbd139f4c35d57dc489563a24c5a5e4d3e6ee2129151d8776b68c0a77fced00e8635a0474fbdeb36170eeaad4a3c0a98263334a41c288020ad0312d3673db67d1306e19b89cffe932951b0ec457f25cc6813e72e59a11d59b5f144ae9eff5bbefd952fec75e556422ca91c83839008a7d00e65ec96103506baa8355e3c6713a0cdfcb839cd21b2724570965db08073febb2e8f5cf36bd3d2a0c125c45223002ee6c36e3184298beb5d8f2fd027d414ef999b7aaf82318e46b829eef7a69f3a8f2b983a17c14bb4e5a939c21d4b8fa9866dc7d0f69cbb8704c20c9776390efc7afe7a1ad5a513ef48bf1b859dd39d95e7a9c76efd0ea02b384b4cf25c68ff65f027878637de939d6d2e1d43a10c99aafc357566990c95b9f19ff4a4a71a544c851d4f2cfdf865983694617d1f729f3f75071903ed8c0157e3a01cb58a4254bca6cd4edbd47c287b17bca0b9800def29645d6650d258cbd3d21c168d991cf6ab7ca65d643d9d0d718a0c605e57c5dbb006a01addd05202211cff89543331ecdeca6ce40176ca54a87158f26967f8ab06cf963ccf24a15e755975cab2c656597f4764ca3c87dbcaa1083e8bcbc1490c69a76eca20781adbbad046df8989e930389ba0db0909683bdcda76d7addb9dd01a3b3150fb3e95ae12793f3984392ef76b8b08b3699ca90c9f5064f2a2eec75e3bdbd6411783451607ed932a0638ca04891f312c2b715f7563fe275c2fc593faa47c5937068d9894e262ce676dede47151e6d4e04d543f7aa93dc2d7296ce21477e119c380482dfa4ac3e0c25776705f8568a4143c101b5a9b15fa69fe1dfc8ff92c76c05d4b74b16cbec265ceb18ba0eef535875b242fa0981c778fb8c9f37b43d9db887ff58f6584ece2cd07de26a5da464c40521d8e3d48381bda36ae7f4c75050da1981daf5a8555846bd5c0a5bf2819c687c858e49fe1aeab36a6f8457c15d75b5bf89628e9145709732a5ac0a4cb673c8ea6965d712dd77953631d19f1e808aa06c79f29ad429782ac25ea42b180d837f98ac850582067e9d59734b9a2e616a998006cf87cdf40219ab6f511c78d12af44729bacd101557cb30a3e0cdef412aaabcbadb2edcc1c181653c664de89d014935ed7c95d8a8b9c8084b97d8e07bfaeb5d6ea0fb67f6b4a6a5d526bee9f765b3499255c1d3309ef66503b1406472f3013014ab04682d652fcb6671d528020b3fcf82bdf022e8adc0606db4b26ad247a9c2057b9d99238111c36d32e3ff051290886685b17ac194e5fec8a6d561ad15f403dde1ee620f844d16478f32be34243e97604362a6231f63dfbd3bfdf138580275a2114c8620db538cfc3fee0f8bc34cf8985a3aa6310c757daf03680ab6b721a6f08a88e8e1d50dd8694f9f8bc44fcab7d91f3c22e9b89ec142e9549712715071e3c16c5a196229cabed9e28ea5ae0e61fdc2799851dcbed5c00018b7eebeccfbc9d6767a15825064ce36e457a94fdb3b533e99fc842f3c5f1e1a67f19cb211fc1e475ebc6c9b520b9a3a0d919106308427fe6af16d45ded4914a0a7ca65c762b7de4b540ac623e59f1a3fad25785b6b9460c01434aa3272b24a61c1ded967ca8a90c0b174fcf239f3fb4cad1d7204c7f05fd25317650f3a7928f7a6210a24a950b462a5eb8ceba5d65ce9f2cecee59b505928b9fc1b5242ff5108fc586a129124eac5a2d924a7c4ef7784aed4591cdb4b79c1bce4e99d7e02b33f42bac444a4b518eb288755eddf3601a600c6e7bbd427ed35e0b6a9f7877bf5d17efdc9f684b92cec7927a3075fbcc9ddcd6347aeed5002cc08645cccd994e169a40045a6d98c38b54bf08e90f6482ca4cce2ab6a83661a0e953f2abb981356e5564e149bb552dee13c274aef29a03493275741b4bbd8123c9653a09f5c55735696ffc2a873654afcc5ff386f14d26adc2dca69ba39fe64af5ca977892e13abf933bfc0242709474e8c304cb086492718fba1f36cc69253ee4b4d017d76e36179546cbc27ebb2001641be51cf5c9ce507871c7c3ebdceacc195afcaf34bd0fa6331120ed1f6d6109fbb905f0808ba0cb3892d0c670accf3fcf42db53aae903aae21c34ef53d33055363e4f5f5c44120f32f93d3dccb1d10209741d5b5ca699357b0e21637f9a246d366d90b7b6c007f21c4b141a37c98ff474ebb1de0f3237c98f142e37f090e74cb3e1629859cad93c252603505305f2fd3285cb7e66bf67ead403864b5d98c0e989ca29ff8423d0d4f91ab4ab0195746a10fd7a1370348458e144e6c58d2f7fee7de3c864d4b39e3ac30e1d0a8c84f9ce471d3bb15cb14d3f64b09a73966d765cc50a4de8dc61181e163d8bd83d95af2d706cf3412b277ff9622b6d3033eab184fa504f232372a944a9274dfc47a5ba8bf2d261c3f18614d9cd1ece3eee69c1a00dc5bd3b09256109788b96d6a66579634c455d2c1ca531bde926294d6e19b8db561e12fef2ea9ece7bb93d816e59d05586ac8e4306eed38d71429b88d2d7f7fc61c242d7b9c274386267fc7a19842db00df723b5e7abd197b7a2ec3d2c8575e92207352e2d07aa82b6d4a6fceca72c021a017a397885fdcd68d26a4e9ca494a586a8e4a971c6d9c8f6437f438edc6c1ff5f36aa1774480e7c4d6b91df793633cfc8b2def0f3cd2602f16bfd49a8d5c3f75c2b096fd22ca397ac8698ba34f104d8e50064b16de7b9a0e8f6743a9f80d60b0b7b5076912cf6d83f787472d6a84c2efe41be5dc2e70b16ed747b9eeb40e7be9355a45e87aa712b3a551d4339c5586eae65952111834d7b573ba71ded5b3b66ba53e501c43e5f445758dd8473bd9622651116591ae17c077085df5b794589d8f2736e96d28023314477cbb3c8f5a35716bc9840cd53f4bff39058765bda410565d717694c868a84a83551ce87a8d286a12e7a44088770a2a88685deafcc5452cfd5ae01731b18d9febc4f9d01cfd62416a61d77e8b9430c7a61037ff6ea79e19a303404f0bfc54d618a7feddb349a28d85ab20627e369d33d8f0f0e68688d827ae6a3d22460561745d4eaf6582da1020d75b0960d75fef607e19bc91954d43d35ace6d0a7ec9509d94dac4db6ae1962ad9b73a2a3ae7c98837a389dca1d494c06af78c1a608752f6559cd5e86da38c5fb1992ef987b56b21d1afdd592c6b9da42597b5035e57998850e750df553279c1b98d1ab23562fb32d04dca6ef7684acf19923c8c10a87aece43990e0681852eddf4a5a5b176dab5b6243c461f61a4c08d22fba0b21ae0d6acd78f4f0265eb1d614987a9cf5d1e033e159fc8161ded96ec73f04497245603053d5d777a2d71c633efc4ccbb5ff2d46dc6c3252a072830fd0ae68c652180672632ee20ff66a08605b7abc03c4445fbcd393c0820b635699b03b92cc3316ee3f20161d765b70aadf5ddc9744cdc9bc361a5a3a579184f5129a11d38f5da4c8c2caccb561263ad3ebb7033f34e346c0931cd869a0488ad68a957b2e7eab22aba041549a1d3fded120ed5906c9ecc0b668b52a376344ac184f0f479751c3c12f338a5d532d697af9edab71ae947ff96628ef939148edb5e23077c1f72c82a3e5f2b9177a35f2ba572eebff6e6bfdc21651349d2745efe40287482433d503292150ac367760b67d0432612540d340f86480243f57caa4ddca561464b5be81ea1656c0b9a1375bc4042b802cd0b26133bc688e498d6ccf4067439a286a75cde91474c397a8c2add6e4efd854ba3d059e174078ea94a0b407c165d1d20e846b6c8ee212ef7b3b1034ce6981557c1a433d4077a87e00193ca09ca73a3ef3c8f65a68a7fa142a5754f4c66073728f5f238d6c6ed202cb2408c45476eef8524b30381cd83a1bb51ceaea175c35b6ddacb448568390323a21a518057f8b2a7c4dcf4d3514b7658fba3d55ccefaa19a86eb1b321ae4d47eee87aac4e53bb187c2c5ecf97fa03b46ffc2a83e0bbe7b1eb31134c2b1d9543f41c09877ac1267819cef24fb86cee098694e87b43b421771dbb8a6e4af3008a90a4cb54212aca17299f2ad980b568751eacfc1d9e84e42e17eb217c1de6a38a2898a0a5941ebdbcb9e15bdb20a1a11e29f584222d468ef58481e3784476b887f99fdcf9deb61f9360dbec1208e4b96cdbbaff65ddd6fe4c6f04554c9f6f3c0f70dd19eaa295a9869eee5fa36e934d80f5a3f15804dba48709a8c823a144132d67cacad804960edb38e1772a00cf9db512c28e1024aff0abfc178f90f5ef6bfb9ec1804184c898c78211c3a3887699aea996914ff8635b226f49168b834f6ef1bc213e336767017ea805137a75ec7a03a814234e970656fb4c5f721e63b4d26d55b886000e7536162f9654beec6d72306034fadaa8671b2d41058fa8b86e96266ccb4001ca53fcb8c8e17cbaa2d55053b8f91ec441cc9b79aba89891027049f9be0b61de4e1645db5b998e076fd7fe1ec01b53f8d47f1d2b28b6a3712d543fc86419da87a9766bc2ca87aa04c9f1ad2fe8b01ce02c40dc5f66a0d451932d2310367f98c9bcf23ab40bf0ef6ca26029dd46cba11e1522c27939ff221c0cfcdddaecc5e3599c9f030efdd792dc9864dcbcef14a1aec8ddeac9193e7f8e6b79ba3256c6c95076f682ff3067831d7207dee637aff54eaa061d14e2c54f031a31f49ac8e5372df732a24eeb65a37e337e64984911160493dada90ddcc937fe948ef4627b1d877c486fea9467d988ff69ecf888a40a29e5d432c14c3e4dfaa427d9fad51054c005a3392987b1153c4bc6fd425e0a9200df0756ca4277a949e68ef1c3e3c32a66d18fde517a50977308b0625b9f5e98f429935c7300d6fe5ba24051af33bcaa2cdb9fbf737fa1a065cde1b5dc55d4d941d3ccbed897d55f6f5f7ca7c3dd4b4043e0af75705ff91795407fca341bc339d374ea120529f2c6d0c5346eb5276e671353dd2df7b5a94db42beae1b07d071e7119f2b94878fe050d65251ecd55ccb0e8065e7714aa50551887324e695ed552ca7267542f10485b4238daf164fc3519998e3538cbc034269bd9768b1ea3dba3d3c099bb9abf7b38945c346abcb6314e91a9ba1b6127255f7944e86fd0108b5c2fd27b531fac0d50d8d7e62996e4a0a812767f50bae2586886721dc2b4844e2544464b55602e1919cd7142a6190471fdd8775f2f415aa3af40a8ae2f2c55260803e736ef831771827dae45e737a717cea9db8d04bf7c7622dd12797367a2736a54b35d528393c89c3becb7442c9919d4e5f703884b66afa0f98ca471e3436f379450aa67102ad97227cc450f5624d1e11eb4d937c7ceb2e33dde35265ab6dc9df45b55bfe0731", 0x2000, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x90, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, 0x0, 0x0, 0x0, 0x0}) 0s ago: executing program 4: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) close(r0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c85000)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000140)) kernel console output (not intermixed with test programs): n entered promiscuous mode [ 481.093818][T13183] bridge0: port 3(syz_tun) entered blocking state [ 481.100090][T13183] bridge0: port 3(syz_tun) entered forwarding state [ 481.107788][T13183] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 481.135457][T13187] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 481.236321][T13195] loop3: detected capacity change from 0 to 256 [ 481.472650][T13200] loop1: detected capacity change from 0 to 128 [ 481.561378][T13213] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 481.588617][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 481.588633][ T30] audit: type=1326 audit(1718532470.589:8396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.630525][ T30] audit: type=1326 audit(1718532470.629:8397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.655318][ T30] audit: type=1326 audit(1718532470.629:8398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.683271][ T30] audit: type=1326 audit(1718532470.629:8399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.715988][ T30] audit: type=1326 audit(1718532470.629:8400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.735312][T13224] loop2: detected capacity change from 0 to 512 [ 481.740593][ T30] audit: type=1326 audit(1718532470.629:8401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.769974][ T30] audit: type=1326 audit(1718532470.629:8402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.794231][ T30] audit: type=1326 audit(1718532470.629:8403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.818053][ T30] audit: type=1326 audit(1718532470.629:8404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.842130][ T8296] usb 1-1: new high-speed USB device number 54 using dummy_hcd [ 481.842589][T13216] bridge0: port 1(bridge_slave_0) entered blocking state [ 481.856470][ T30] audit: type=1326 audit(1718532470.629:8405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13196 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f0fd2bfcea9 code=0x7ffc0000 [ 481.856628][T13216] bridge0: port 1(bridge_slave_0) entered disabled state [ 481.887860][T13216] device bridge_slave_0 entered promiscuous mode [ 481.897814][T13216] bridge0: port 2(bridge_slave_1) entered blocking state [ 481.905124][T13216] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.907912][T13224] EXT4-fs (loop2): 1 orphan inode deleted [ 481.912757][T13216] device bridge_slave_1 entered promiscuous mode [ 481.917875][T13224] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 481.944568][T13224] ext4 filesystem being mounted at /root/syzkaller-testdir1259369239/syzkaller.BcuHNj/118/file1 supports timestamps until 2038 (0x7fffffff) [ 481.968896][T13224] EXT4-fs error (device loop2): ext4_map_blocks:602: inode #16: block 41: comm syz-executor.2: lblock 0 mapped to illegal pblock 41 (length 1) [ 481.983672][T13224] EXT4-fs (loop2): Remounting filesystem read-only [ 481.990032][T13224] EXT4-fs error (device loop2): __ext4_get_inode_loc:4340: comm syz-executor.2: Invalid inode table block 0 in block_group 0 [ 482.003125][T13224] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 482.013590][T13224] EXT4-fs error (device loop2): ext4_alloc_file_blocks:4509: inode #16: comm syz-executor.2: mark_inode_dirty error [ 482.030958][T11975] EXT4-fs error (device loop2): ext4_map_blocks:602: inode #2: block 3: comm syz-executor.2: lblock 0 mapped to illegal pblock 3 (length 1) [ 482.073043][T11975] bridge0: port 3(syz_tun) entered disabled state [ 482.080169][T11975] device syz_tun left promiscuous mode [ 482.085507][T11975] bridge0: port 3(syz_tun) entered disabled state [ 482.099587][T13216] bridge0: port 2(bridge_slave_1) entered blocking state [ 482.106664][T13216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 482.113757][T13216] bridge0: port 1(bridge_slave_0) entered blocking state [ 482.120626][T13216] bridge0: port 1(bridge_slave_0) entered forwarding state [ 482.143941][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 482.151635][ T8538] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.158675][ T8538] bridge0: port 2(bridge_slave_1) entered disabled state [ 482.167752][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 482.175811][ T423] bridge0: port 1(bridge_slave_0) entered blocking state [ 482.182834][ T423] bridge0: port 1(bridge_slave_0) entered forwarding state [ 482.193419][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 482.201971][ T8538] bridge0: port 2(bridge_slave_1) entered blocking state [ 482.208827][ T8538] bridge0: port 2(bridge_slave_1) entered forwarding state [ 482.219660][ T8296] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 482.240748][ T8296] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 482.252491][ T8296] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 482.265191][ T8296] usb 1-1: New USB device found, idVendor=056a, idProduct=4004, bcdDevice= 0.00 [ 482.274254][ T8296] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 482.277547][T13216] device veth0_vlan entered promiscuous mode [ 482.288346][ T8296] usb 1-1: config 0 descriptor?? [ 482.294233][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 482.302380][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 482.310853][T10447] FAT-fs (loop1): error, invalid access to FAT (entry 0xffff0000) [ 482.318689][T10447] FAT-fs (loop1): Filesystem has been set read-only [ 482.325718][T10447] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 482.326012][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 482.333928][T10447] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 482.341388][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 482.355103][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 482.362998][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 482.386414][T13216] device veth1_macvtap entered promiscuous mode [ 482.394710][ T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 482.409303][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 482.417509][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 482.460390][ T499] device bridge_slave_1 left promiscuous mode [ 482.466406][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 482.474404][ T499] device bridge_slave_0 left promiscuous mode [ 482.481005][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.507112][ T499] device veth0_vlan left promiscuous mode [ 482.580063][T13246] syz-executor.3[13246] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 482.580140][T13246] syz-executor.3[13246] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 482.744996][T13229] bridge0: port 1(bridge_slave_0) entered blocking state [ 483.496511][T13262] loop3: detected capacity change from 0 to 256 [ 483.526745][ T8296] wacom 0003:056A:4004.005D: unknown main item tag 0x0 [ 483.538323][ T8296] wacom 0003:056A:4004.005D: unknown main item tag 0x0 [ 483.644266][ T8296] wacom 0003:056A:4004.005D: unknown main item tag 0x0 [ 483.651402][ T8296] wacom 0003:056A:4004.005D: unknown main item tag 0x0 [ 483.658400][T13229] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.665851][ T8296] wacom 0003:056A:4004.005D: unknown main item tag 0x0 [ 483.675808][T13229] device bridge_slave_0 entered promiscuous mode [ 483.682211][ T8296] wacom 0003:056A:4004.005D: unknown main item tag 0x0 [ 483.734511][T13229] bridge0: port 2(bridge_slave_1) entered blocking state [ 483.741602][T13229] bridge0: port 2(bridge_slave_1) entered disabled state [ 483.746138][ T8296] wacom 0003:056A:4004.005D: hidraw0: USB HID v0.00 Device [HID 056a:4004] on usb-dummy_hcd.0-1/input0 [ 483.760393][ T8296] usb 1-1: USB disconnect, device number 54 [ 483.766937][T13229] device bridge_slave_1 entered promiscuous mode [ 483.877052][T13247] bridge0: port 1(bridge_slave_0) entered blocking state [ 483.884126][T13247] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.891617][T13247] device bridge_slave_0 entered promiscuous mode [ 483.906471][T13247] bridge0: port 2(bridge_slave_1) entered blocking state [ 483.913405][T13247] bridge0: port 2(bridge_slave_1) entered disabled state [ 483.920845][T13247] device bridge_slave_1 entered promiscuous mode [ 483.976773][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 483.984577][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 483.992068][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 484.000364][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 484.008281][ T436] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.015312][ T436] bridge0: port 1(bridge_slave_0) entered forwarding state [ 484.025212][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 484.103357][T13269] device wg2 entered promiscuous mode [ 484.158149][ T8296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 484.169196][ T8296] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 484.177818][ T8296] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.184681][ T8296] bridge0: port 2(bridge_slave_1) entered forwarding state [ 484.242249][ T8296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 484.253493][ T8296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 484.261622][ T8296] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 484.300390][ T8296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 484.319591][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 484.339770][ T8296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 484.348109][T13229] device veth0_vlan entered promiscuous mode [ 484.370487][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 484.378778][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 484.422601][ T8296] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 484.433471][T13229] device veth1_macvtap entered promiscuous mode [ 484.459409][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 484.468430][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 484.490359][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 484.502572][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 484.551447][T13290] tmpfs: Unknown parameter 'nolazytimeÿÿ' [ 484.563846][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 484.577350][ T437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 484.587628][ T437] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.594492][ T437] bridge0: port 1(bridge_slave_0) entered forwarding state [ 484.630777][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 484.645686][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 484.671449][ T1500] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.678321][ T1500] bridge0: port 2(bridge_slave_1) entered forwarding state [ 484.689282][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 484.742484][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 484.918937][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 485.012119][T13307] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 485.035325][T13247] device veth0_vlan entered promiscuous mode [ 485.041804][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 485.049787][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 485.070720][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 485.085366][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 485.142259][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 485.149625][ T436] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 485.152316][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 485.165825][T13247] device veth1_macvtap entered promiscuous mode [ 485.183406][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 485.189650][T13317] loop0: detected capacity change from 0 to 512 [ 485.191375][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 485.273295][T13318] overlayfs: failed to resolve './file0': -2 [ 485.402947][T13317] EXT4-fs (loop0): 1 orphan inode deleted [ 485.408639][T13317] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 485.422883][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 485.430138][T13317] ext4 filesystem being mounted at /root/syzkaller-testdir1838329010/syzkaller.81M1G4/307/file1 supports timestamps until 2038 (0x7fffffff) [ 485.474582][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 485.479038][T13317] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #16: block 41: comm syz-executor.0: lblock 0 mapped to illegal pblock 41 (length 1) [ 485.487901][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 485.497786][T13317] EXT4-fs (loop0): Remounting filesystem read-only [ 485.511020][T13322] loop1: detected capacity change from 0 to 256 [ 485.511672][T13317] EXT4-fs error (device loop0): __ext4_get_inode_loc:4340: comm syz-executor.0: Invalid inode table block 0 in block_group 0 [ 485.533326][T13317] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 485.548142][T13317] EXT4-fs error (device loop0): ext4_alloc_file_blocks:4509: inode #16: comm syz-executor.0: mark_inode_dirty error [ 485.572614][T10619] EXT4-fs error (device loop0): ext4_map_blocks:602: inode #2: block 3: comm syz-executor.0: lblock 0 mapped to illegal pblock 3 (length 1) [ 485.599563][ T436] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 485.610295][ T436] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 485.620182][ T436] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 485.632850][ T436] usb 4-1: New USB device found, idVendor=056a, idProduct=4004, bcdDevice= 0.00 [ 485.632890][ T499] device bridge_slave_1 left promiscuous mode [ 485.641684][ T436] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 485.642387][ T436] usb 4-1: config 0 descriptor?? [ 485.648344][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.668176][ T499] device bridge_slave_0 left promiscuous mode [ 485.674509][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 485.682655][ T499] device bridge_slave_1 left promiscuous mode [ 485.688716][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.696698][ T499] device bridge_slave_0 left promiscuous mode [ 485.702864][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 485.712163][ T499] device veth1_macvtap left promiscuous mode [ 485.718233][ T499] device veth1_macvtap left promiscuous mode [ 486.090359][ T423] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 486.331381][ T436] wacom 0003:056A:4004.005E: unknown main item tag 0x0 [ 486.338082][ T436] wacom 0003:056A:4004.005E: unknown main item tag 0x0 [ 486.344795][ T436] wacom 0003:056A:4004.005E: unknown main item tag 0x0 [ 486.351507][ T436] wacom 0003:056A:4004.005E: unknown main item tag 0x0 [ 486.358121][ T436] wacom 0003:056A:4004.005E: unknown main item tag 0x0 [ 486.366118][ T436] wacom 0003:056A:4004.005E: unknown main item tag 0x0 [ 486.374214][ T436] wacom 0003:056A:4004.005E: hidraw0: USB HID v0.00 Device [HID 056a:4004] on usb-dummy_hcd.3-1/input0 [ 486.397050][T13343] bridge0: port 1(bridge_slave_0) entered blocking state [ 486.403987][T13343] bridge0: port 1(bridge_slave_0) entered disabled state [ 486.411188][T13343] device bridge_slave_0 entered promiscuous mode [ 486.417986][T13343] bridge0: port 2(bridge_slave_1) entered blocking state [ 486.424900][T13343] bridge0: port 2(bridge_slave_1) entered disabled state [ 486.432305][T13343] device bridge_slave_1 entered promiscuous mode [ 486.494650][T13343] bridge0: port 2(bridge_slave_1) entered blocking state [ 486.501534][T13343] bridge0: port 2(bridge_slave_1) entered forwarding state [ 486.508607][T13343] bridge0: port 1(bridge_slave_0) entered blocking state [ 486.515418][T13343] bridge0: port 1(bridge_slave_0) entered forwarding state [ 486.522700][ T423] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 486.541008][ T423] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 486.551004][ T423] usb 3-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00 [ 486.569537][ T423] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.579534][ T8538] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 486.587878][ T423] usb 3-1: config 0 descriptor?? [ 486.600304][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 486.610767][T11760] usb 4-1: USB disconnect, device number 36 [ 486.612400][ T436] bridge0: port 1(bridge_slave_0) entered disabled state [ 486.624220][ T436] bridge0: port 2(bridge_slave_1) entered disabled state [ 486.650327][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 486.658544][ T1500] bridge0: port 1(bridge_slave_0) entered blocking state [ 486.665444][ T1500] bridge0: port 1(bridge_slave_0) entered forwarding state [ 486.672644][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 486.680641][ T1500] bridge0: port 2(bridge_slave_1) entered blocking state [ 486.687467][ T1500] bridge0: port 2(bridge_slave_1) entered forwarding state [ 486.694949][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 486.702706][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 486.724367][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 486.744095][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 486.752826][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 486.760339][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 486.768400][T13343] device veth0_vlan entered promiscuous mode [ 486.782417][T13343] device veth1_macvtap entered promiscuous mode [ 486.789309][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 486.805911][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 486.811237][T13353] loop1: detected capacity change from 0 to 128 [ 486.820477][ T1500] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 486.928666][ T30] kauditd_printk_skb: 16 callbacks suppressed [ 486.928683][ T30] audit: type=1326 audit(1718532475.929:8422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 486.958515][ T30] audit: type=1326 audit(1718532475.929:8423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 486.982628][ T30] audit: type=1326 audit(1718532475.929:8424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 487.079613][ T8538] usb 5-1: language id specifier not provided by device, defaulting to English [ 487.104634][ T30] audit: type=1326 audit(1718532475.929:8425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 487.250337][ T8538] usb 5-1: New USB device found, idVendor=12d1, idProduct=e5b2, bcdDevice=bd.4a [ 487.266600][ T423] waltop 0003:172F:0501.005F: hidraw0: USB HID v0.00 Device [HID 172f:0501] on usb-dummy_hcd.2-1/input0 [ 487.278540][ T30] audit: type=1326 audit(1718532475.929:8426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 487.281034][T13360] loop3: detected capacity change from 0 to 512 [ 487.302643][ T30] audit: type=1326 audit(1718532475.929:8427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 487.308754][ T8538] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 487.332376][ T30] audit: type=1326 audit(1718532475.929:8428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 487.340374][ T8538] usb 5-1: Product: syz [ 487.364383][ T30] audit: type=1326 audit(1718532475.929:8429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 487.368590][ T8538] usb 5-1: Manufacturer: ð‡¡ [ 487.391800][ T30] audit: type=1326 audit(1718532475.929:8430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 487.419792][ T8538] usb 5-1: SerialNumber: syz [ 487.420617][ T8538] usb 5-1: config 0 descriptor?? [ 487.429837][ T423] usb 3-1: USB disconnect, device number 40 [ 487.436122][ T30] audit: type=1326 audit(1718532475.929:8431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13352 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7ff49959aea9 code=0x7ffc0000 [ 487.461770][T13360] EXT4-fs (loop3): 1 orphan inode deleted [ 487.467379][T13360] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback. [ 487.489012][T13360] ext4 filesystem being mounted at /root/syzkaller-testdir356421449/syzkaller.ZphnCy/20/file1 supports timestamps until 2038 (0x7fffffff) [ 487.514195][T13360] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #16: block 41: comm syz-executor.3: lblock 0 mapped to illegal pblock 41 (length 1) [ 487.532953][T13360] EXT4-fs (loop3): Remounting filesystem read-only [ 487.539375][T13360] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm syz-executor.3: Invalid inode table block 0 in block_group 0 [ 487.552389][T13360] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5820: Corrupt filesystem [ 487.561835][T13360] EXT4-fs error (device loop3): ext4_alloc_file_blocks:4509: inode #16: comm syz-executor.3: mark_inode_dirty error [ 487.578690][T13059] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #2: block 3: comm syz-executor.3: lblock 0 mapped to illegal pblock 3 (length 1) [ 487.648059][T13247] FAT-fs (loop1): error, invalid access to FAT (entry 0xffff0000) [ 487.655764][T13247] FAT-fs (loop1): Filesystem has been set read-only [ 487.662872][T13247] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 487.670790][T13247] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 487.698392][ T423] usb 5-1: USB disconnect, device number 37 [ 487.760485][ T499] device bridge_slave_1 left promiscuous mode [ 487.767274][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.780654][ T499] device bridge_slave_0 left promiscuous mode [ 487.786673][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 487.795015][ T499] device veth1_macvtap left promiscuous mode [ 488.038989][T13382] loop0: detected capacity change from 0 to 256 [ 488.168259][T13371] bridge0: port 1(bridge_slave_0) entered blocking state [ 488.213072][T13371] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.248652][T13371] device bridge_slave_0 entered promiscuous mode [ 488.256205][T13371] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.263112][T13371] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.270484][T13371] device bridge_slave_1 entered promiscuous mode [ 488.313079][T13375] bridge0: port 1(bridge_slave_0) entered blocking state [ 488.319997][T13375] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.327180][T13375] device bridge_slave_0 entered promiscuous mode [ 488.357674][T13375] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.364604][T13375] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.372093][T13375] device bridge_slave_1 entered promiscuous mode [ 488.392853][T13391] loop4: detected capacity change from 0 to 256 [ 488.472177][T13371] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.479046][T13371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 488.486172][T13371] bridge0: port 1(bridge_slave_0) entered blocking state [ 488.492938][T13371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 488.670999][ T60] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.678948][ T60] bridge0: port 2(bridge_slave_1) entered disabled state [ 489.033661][T13375] device veth0_vlan entered promiscuous mode [ 489.073870][T13375] device veth1_macvtap entered promiscuous mode [ 489.288089][T13390] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 489.762471][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 489.771880][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 489.779370][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 489.787021][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 489.795551][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 489.802870][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 489.810141][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 489.818592][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 489.826884][ T8538] bridge0: port 1(bridge_slave_0) entered blocking state [ 489.833762][ T8538] bridge0: port 1(bridge_slave_0) entered forwarding state [ 489.841007][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 489.849156][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 489.857298][ T8538] bridge0: port 2(bridge_slave_1) entered blocking state [ 489.864150][ T8538] bridge0: port 2(bridge_slave_1) entered forwarding state [ 489.871484][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 489.879468][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 489.887274][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 489.895136][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 489.903124][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 489.911401][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 489.919648][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 489.928127][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 489.936310][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 489.944379][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 489.952554][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 489.983401][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 489.990706][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 490.003071][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 490.011734][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 490.020619][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 490.027476][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 490.034467][T13409] syz-executor.2[13409] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 490.034548][T13409] syz-executor.2[13409] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 490.063972][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 490.084094][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 490.092129][ T8538] bridge0: port 2(bridge_slave_1) entered blocking state [ 490.098976][ T8538] bridge0: port 2(bridge_slave_1) entered forwarding state [ 490.116199][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 490.124427][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 490.132504][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 490.140480][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 490.229176][T13419] device gretap0 entered promiscuous mode [ 490.235091][T13419] device macsec1 entered promiscuous mode [ 490.243170][T13419] device gretap0 left promiscuous mode [ 490.270145][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 490.282218][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 490.313052][T13371] device veth0_vlan entered promiscuous mode [ 490.327386][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 490.372437][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 490.527813][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 490.557780][T13434] loop1: detected capacity change from 0 to 256 [ 490.565069][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 490.570273][T13437] loop2: detected capacity change from 0 to 256 [ 490.586766][T13371] device veth1_macvtap entered promiscuous mode [ 490.593910][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 490.602029][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 490.610614][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 490.625658][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 490.636767][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 490.651009][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 490.660073][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 490.746027][T13449] syz-executor.0[13449] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 490.746352][T13449] syz-executor.0[13449] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 490.884486][T13452] syz-executor.3[13452] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 491.128260][T13452] syz-executor.3[13452] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 491.238545][T13457] syz-executor.3[13457] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 491.337216][T13457] syz-executor.3[13457] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 491.581708][T13432] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 491.739738][T13459] loop0: detected capacity change from 0 to 40427 [ 491.783392][T13463] device gretap0 entered promiscuous mode [ 491.786566][T13466] SELinux: security_context_str_to_sid(system_u) failed for (dev ?, type ?) errno=-22 [ 491.788993][T13463] device macsec1 entered promiscuous mode [ 491.798433][T13466] SELinux: security_context_str_to_sid(system_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 491.805891][T13459] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 491.827359][T13463] device gretap0 left promiscuous mode [ 491.832194][T13459] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 491.842024][T13459] F2FS-fs (loop0): invalid crc value [ 491.851548][T13459] F2FS-fs (loop0): Found nat_bits in checkpoint [ 492.091609][ T499] device bridge_slave_1 left promiscuous mode [ 492.100997][T13459] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 492.112382][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 492.126145][T13459] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 492.142365][ T499] device bridge_slave_0 left promiscuous mode [ 492.148343][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 492.157784][ T499] device bridge_slave_1 left promiscuous mode [ 492.163809][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 492.179936][ T499] device bridge_slave_0 left promiscuous mode [ 492.185995][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 492.194963][T13484] loop3: detected capacity change from 0 to 256 [ 492.202339][T13459] attempt to access beyond end of device [ 492.202339][T13459] loop0: rw=2049, want=45112, limit=40427 [ 492.215608][ T499] device veth1_macvtap left promiscuous mode [ 492.221898][ T499] device veth1_macvtap left promiscuous mode [ 492.229779][T13459] attempt to access beyond end of device [ 492.229779][T13459] loop0: rw=2049, want=45224, limit=40427 [ 492.310546][T13343] attempt to access beyond end of device [ 492.310546][T13343] loop0: rw=2051, want=45224, limit=40427 [ 492.322270][T13343] F2FS-fs (loop0): Issue discard(5639, 5639, 14) failed, ret: -5 [ 492.459663][ T8538] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 492.745372][T13498] device pim6reg1 entered promiscuous mode [ 492.829544][ T8538] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 492.846677][ T8538] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 492.856581][ T8538] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 492.877589][T13517] loop0: detected capacity change from 0 to 256 [ 492.884532][ T8538] usb 3-1: New USB device found, idVendor=056a, idProduct=4004, bcdDevice= 0.00 [ 492.893956][ T8538] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.905300][ T8538] usb 3-1: config 0 descriptor?? [ 492.926360][T13521] device gretap0 entered promiscuous mode [ 492.932112][T13521] device macsec1 entered promiscuous mode [ 492.938689][T13521] device gretap0 left promiscuous mode [ 493.049515][ T39] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 493.070865][T13523] loop1: detected capacity change from 0 to 40427 [ 493.120598][T13523] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 493.128217][T13523] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 493.228279][T13523] F2FS-fs (loop1): invalid crc value [ 493.307135][T13523] F2FS-fs (loop1): Found nat_bits in checkpoint [ 493.379401][T13523] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 493.386615][T13523] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 493.405549][T13523] attempt to access beyond end of device [ 493.405549][T13523] loop1: rw=2049, want=45112, limit=40427 [ 493.419309][T13523] attempt to access beyond end of device [ 493.419309][T13523] loop1: rw=2049, want=45224, limit=40427 [ 493.422419][ T8538] wacom 0003:056A:4004.0060: unknown main item tag 0x0 [ 493.437033][ T8538] wacom 0003:056A:4004.0060: unknown main item tag 0x0 [ 493.443736][ T8538] wacom 0003:056A:4004.0060: unknown main item tag 0x0 [ 493.450480][ T8538] wacom 0003:056A:4004.0060: unknown main item tag 0x0 [ 493.457364][ T8538] wacom 0003:056A:4004.0060: unknown main item tag 0x0 [ 493.464281][ T8538] wacom 0003:056A:4004.0060: unknown main item tag 0x0 [ 493.472133][ T8538] wacom 0003:056A:4004.0060: hidraw0: USB HID v0.00 Device [HID 056a:4004] on usb-dummy_hcd.2-1/input0 [ 493.478693][T13375] attempt to access beyond end of device [ 493.478693][T13375] loop1: rw=2051, want=45224, limit=40427 [ 493.494200][T13375] F2FS-fs (loop1): Issue discard(5639, 5639, 14) failed, ret: -5 [ 493.619530][ T39] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 493.636609][ T20] usb 3-1: USB disconnect, device number 41 [ 493.637425][ T39] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 493.729587][ T39] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 493.738627][ T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 493.748678][ T39] usb 4-1: SerialNumber: syz [ 494.030423][ T39] usb 4-1: 0:2 : does not exist [ 494.035753][ T39] usb 4-1: unit 55 not found! [ 494.043210][ T39] usb 4-1: USB disconnect, device number 37 [ 494.814105][T13601] loop2: detected capacity change from 0 to 40427 [ 494.861317][T13601] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 494.869008][T13601] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 494.878297][T13601] F2FS-fs (loop2): invalid crc value [ 494.890467][T13601] F2FS-fs (loop2): Found nat_bits in checkpoint [ 494.931356][T13601] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 494.938227][T13601] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 494.953112][T13601] attempt to access beyond end of device [ 494.953112][T13601] loop2: rw=2049, want=45112, limit=40427 [ 494.966871][T13601] attempt to access beyond end of device [ 494.966871][T13601] loop2: rw=2049, want=45224, limit=40427 [ 495.537207][T13229] attempt to access beyond end of device [ 495.537207][T13229] loop2: rw=2051, want=45224, limit=40427 [ 495.548794][T13229] F2FS-fs (loop2): Issue discard(5639, 5639, 14) failed, ret: -5 [ 495.559522][T13405] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 495.601388][T13637] device pim6reg1 entered promiscuous mode [ 496.009387][T13643] loop4: detected capacity change from 0 to 512 [ 496.036132][T13643] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 496.043723][T13643] EXT4-fs (loop4): Test dummy encryption mode enabled [ 496.050753][T13643] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 496.064619][T13643] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a064e01c, mo2=0002] [ 496.072446][T13643] System zones: 1-12 [ 496.085364][T13643] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz-executor.4: casefold flag without casefold feature [ 496.092432][T13657] 9pnet: p9_errstr2errno: server reported unknown error œæøýÓ® [ 496.107702][T13643] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.4: missing EA_INODE flag [ 496.122414][T13643] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 12 err=-117 [ 496.135899][T13643] EXT4-fs (loop4): 1 orphan inode deleted [ 496.142083][T13643] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,abort,max_dir_size_kb=0x0000000000009c7c,debug,mblk_io_submit,errors=continue,test_dummy_encryption,prjquota,nodiscard,,errors=continue. Quota mode: writeback. [ 496.259816][T13405] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 496.545897][T13405] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 496.582365][T13667] device gretap0 entered promiscuous mode [ 496.588020][T13667] device macsec1 entered promiscuous mode [ 496.594680][T13667] device gretap0 left promiscuous mode [ 496.635900][T13662] loop3: detected capacity change from 0 to 40427 [ 496.669549][T13405] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 496.678489][T13405] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 496.686297][T13405] usb 2-1: SerialNumber: syz [ 496.687047][T13662] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 496.698272][T13662] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 496.707622][T13662] F2FS-fs (loop3): invalid crc value [ 496.714479][T13662] F2FS-fs (loop3): Found nat_bits in checkpoint [ 496.752541][T13662] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 496.759560][T13662] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 496.774433][T13662] attempt to access beyond end of device [ 496.774433][T13662] loop3: rw=2049, want=45112, limit=40427 [ 496.807395][T13371] F2FS-fs (loop3): Issue discard(5639, 5639, 14) failed, ret: -5 [ 496.909152][T13682] bridge0: port 2(bridge_slave_1) entered disabled state [ 496.926056][T13682] device bridge_slave_1 left promiscuous mode [ 496.932093][T13682] bridge0: port 2(bridge_slave_1) entered disabled state [ 496.960107][T13405] usb 2-1: 0:2 : does not exist [ 496.964851][T13405] usb 2-1: unit 55 not found! [ 496.970455][T13405] usb 2-1: USB disconnect, device number 44 [ 497.009489][ T60] usb 1-1: new high-speed USB device number 55 using dummy_hcd [ 497.056608][T13688] 9pnet: p9_errstr2errno: server reported unknown error œæøýÓ® [ 497.119092][T13693] loop3: detected capacity change from 0 to 256 [ 497.148289][T13697] loop2: detected capacity change from 0 to 128 [ 497.162209][T13693] FAT-fs (loop3): Directory bread(block 64) failed [ 497.168578][T13693] FAT-fs (loop3): Directory bread(block 65) failed [ 497.175232][T13693] FAT-fs (loop3): Directory bread(block 66) failed [ 497.177940][T13697] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 497.181602][T13693] FAT-fs (loop3): Directory bread(block 67) failed [ 497.181643][T13693] FAT-fs (loop3): Directory bread(block 68) failed [ 497.181663][T13693] FAT-fs (loop3): Directory bread(block 69) failed [ 497.181696][T13693] FAT-fs (loop3): Directory bread(block 70) failed [ 497.181717][T13693] FAT-fs (loop3): Directory bread(block 71) failed [ 497.192315][T13697] ext4 filesystem being mounted at /root/syzkaller-testdir984337976/syzkaller.Swgu0z/30/mnt supports timestamps until 2038 (0x7fffffff) [ 497.198650][T13693] FAT-fs (loop3): Directory bread(block 72) failed [ 497.243902][T13693] FAT-fs (loop3): Directory bread(block 73) failed [ 497.250193][ T60] usb 1-1: Using ep0 maxpacket: 16 [ 497.295050][T13702] cgroup: none used incorrectly [ 497.318013][T13706] bridge0: port 2(bridge_slave_1) entered disabled state [ 497.330128][T13706] device bridge_slave_1 left promiscuous mode [ 497.336031][T13706] bridge0: port 2(bridge_slave_1) entered disabled state [ 497.369616][ T60] usb 1-1: config 0 has no interfaces? [ 497.777794][T13721] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 497.829587][ T60] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 497.844568][ T60] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 497.871418][ T60] usb 1-1: Product: syz [ 497.886129][ T60] usb 1-1: Manufacturer: syz [ 497.952171][ T60] r8152-cfgselector 1-1: config 0 descriptor?? [ 498.137853][T13730] bridge0: port 1(bridge_slave_0) entered disabled state [ 498.156352][T13735] cgroup: none used incorrectly [ 498.198454][T13740] loop2: detected capacity change from 0 to 512 [ 498.230341][T13740] EXT4-fs (loop2): Ignoring removed nobh option [ 498.236541][T13740] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 498.462812][ T60] usb 1-1: USB disconnect, device number 55 [ 498.499484][T13405] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 499.139524][T13405] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 499.159769][T13405] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 499.211051][T13760] bridge0: port 1(bridge_slave_0) entered disabled state [ 499.239616][T13405] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 499.256018][T13405] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 499.268420][T13405] usb 2-1: SerialNumber: syz [ 499.448185][T13769] loop0: detected capacity change from 0 to 40427 [ 499.510716][T13769] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 499.518295][T13769] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 499.631282][T13405] usb 2-1: 0:2 : does not exist [ 499.638495][T13405] usb 2-1: unit 55 not found! [ 499.659540][ T449] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 499.677997][T13405] usb 2-1: USB disconnect, device number 45 [ 499.747132][T13769] F2FS-fs (loop0): Found nat_bits in checkpoint [ 499.784889][T13769] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 499.866831][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 499.866850][ T30] audit: type=1400 audit(1718532488.829:8438): avc: denied { wake_alarm } for pid=13781 comm="syz-executor.4" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 499.895013][T13769] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 499.901895][T13769] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 500.029603][ T449] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 500.040383][ T449] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 500.050163][ T449] usb 4-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00 [ 500.329959][ T449] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 500.338601][ T449] usb 4-1: config 0 descriptor?? [ 500.368609][T13795] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.388502][T13793] overlayfs: statfs failed on './file0' [ 500.542047][T13343] f2fs_fill_dentries: 4 callbacks suppressed [ 500.542064][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 500.548219][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 500.569485][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 500.581661][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 500.590141][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 500.597511][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 500.609188][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 500.632489][T13809] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.646777][T13809] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.654401][T13809] device bridge_slave_0 entered promiscuous mode [ 500.662948][T13809] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.669849][T13809] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.677106][T13809] device bridge_slave_1 entered promiscuous mode [ 500.747105][T13809] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.753979][T13809] bridge0: port 2(bridge_slave_1) entered forwarding state [ 500.761108][T13809] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.768043][T13809] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.797671][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 500.805673][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.813226][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.834367][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 500.842502][ T449] waltop 0003:172F:0501.0061: hidraw0: USB HID v0.00 Device [HID 172f:0501] on usb-dummy_hcd.3-1/input0 [ 500.854003][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.861049][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.868513][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 500.876592][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.883478][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 500.985716][T13817] loop0: detected capacity change from 0 to 256 [ 500.998715][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 501.020883][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 501.028856][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 501.037912][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 501.045864][ T449] usb 4-1: USB disconnect, device number 38 [ 501.212327][T13817] FAT-fs (loop0): Directory bread(block 64) failed [ 501.235472][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 501.257836][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 501.273629][T13817] FAT-fs (loop0): Directory bread(block 65) failed [ 501.303275][T13817] FAT-fs (loop0): Directory bread(block 66) failed [ 501.309690][T13817] FAT-fs (loop0): Directory bread(block 67) failed [ 501.315982][T13817] FAT-fs (loop0): Directory bread(block 68) failed [ 501.322356][T13817] FAT-fs (loop0): Directory bread(block 69) failed [ 501.328647][T13817] FAT-fs (loop0): Directory bread(block 70) failed [ 501.330386][T13809] device veth0_vlan entered promiscuous mode [ 501.335004][T13817] FAT-fs (loop0): Directory bread(block 71) failed [ 501.349312][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 501.356916][T13817] FAT-fs (loop0): Directory bread(block 72) failed [ 501.357521][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 501.370775][T13817] FAT-fs (loop0): Directory bread(block 73) failed [ 501.386801][T13809] device veth1_macvtap entered promiscuous mode [ 501.393489][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 501.400976][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 501.408255][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 501.416686][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 501.424763][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 501.442333][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 501.450578][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 501.458764][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 501.470518][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 501.751041][T13850] loop0: detected capacity change from 0 to 256 [ 501.779482][T13405] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 501.788716][T13850] FAT-fs (loop0): Directory bread(block 64) failed [ 501.805794][T13850] FAT-fs (loop0): Directory bread(block 65) failed [ 501.825091][T13850] FAT-fs (loop0): Directory bread(block 66) failed [ 501.839363][T13850] FAT-fs (loop0): Directory bread(block 67) failed [ 501.866618][T13850] FAT-fs (loop0): Directory bread(block 68) failed [ 501.889520][T13850] FAT-fs (loop0): Directory bread(block 69) failed [ 501.895897][T13850] FAT-fs (loop0): Directory bread(block 70) failed [ 501.919499][T13850] FAT-fs (loop0): Directory bread(block 71) failed [ 501.925882][T13850] FAT-fs (loop0): Directory bread(block 72) failed [ 501.949518][T13850] FAT-fs (loop0): Directory bread(block 73) failed [ 501.961884][T13865] loop4: detected capacity change from 0 to 512 [ 502.011583][T13865] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 502.030362][ T8] device bridge_slave_1 left promiscuous mode [ 502.039813][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 502.047065][T13865] ext4 filesystem being mounted at /root/syzkaller-testdir3603414873/syzkaller.e94gUt/60/file0 supports timestamps until 2038 (0x7fffffff) [ 502.069878][ T8] device bridge_slave_0 left promiscuous mode [ 502.089546][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.103464][ T30] audit: type=1400 audit(1718532491.109:8439): avc: denied { mounton } for pid=13864 comm="syz-executor.4" path="/root/syzkaller-testdir3603414873/syzkaller.e94gUt/60/file0/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 502.145743][ T8] device veth1_macvtap left promiscuous mode [ 502.167670][ T8] device veth0_vlan left promiscuous mode [ 502.173408][T13405] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 502.193889][T13405] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 502.299510][T13405] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 502.318562][T13405] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 502.340461][T13405] usb 3-1: SerialNumber: syz [ 502.400766][T13825] loop1: detected capacity change from 0 to 131072 [ 502.421944][T13825] F2FS-fs (loop1): invalid crc value [ 502.429081][T13825] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 502.430290][ T6] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 502.750251][T13405] usb 3-1: 0:2 : does not exist [ 502.754978][T13405] usb 3-1: unit 55 not found! [ 502.755590][T13825] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b [ 502.768133][T13405] usb 3-1: USB disconnect, device number 42 [ 502.795417][T13825] SELinux: Context @ is not valid (left unmapped). [ 502.802139][ T30] audit: type=1400 audit(1718532491.809:8440): avc: denied { relabelto } for pid=13824 comm="syz-executor.1" name="cgroup.controllers" dev="loop1" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@" [ 502.832571][ T30] audit: type=1400 audit(1718532491.829:8441): avc: denied { read append } for pid=13824 comm="syz-executor.1" name="cgroup.controllers" dev="loop1" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@" [ 502.858847][ T30] audit: type=1400 audit(1718532491.829:8442): avc: denied { open } for pid=13824 comm="syz-executor.1" path="/root/syzkaller-testdir362467201/syzkaller.OGKQgG/1/mnt/cgroup.controllers" dev="loop1" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@" [ 502.891808][ T30] audit: type=1400 audit(1718532491.829:8443): avc: denied { write } for pid=13824 comm="syz-executor.1" name="cgroup.controllers" dev="loop1" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="@" [ 502.969655][ T6] usb 5-1: Using ep0 maxpacket: 32 [ 502.977192][T13889] overlayfs: statfs failed on './file0' [ 503.069188][T13895] overlayfs: statfs failed on './file0' [ 503.089527][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 503.101916][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 503.111654][ T6] usb 5-1: New USB device found, idVendor=046d, idProduct=011c, bcdDevice= 0.40 [ 503.120834][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 503.129798][ T6] usb 5-1: config 0 descriptor?? [ 503.170122][ T6] hub 5-1:0.0: USB hub found [ 504.060446][T13868] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 504.311487][ T6] hub 5-1:0.0: 1 port detected [ 504.352720][T13917] xt_TPROXY: Can be used only with -p tcp or -p udp [ 504.749481][ T39] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 504.757565][T13924] loop2: detected capacity change from 0 to 40427 [ 504.811416][T13924] F2FS-fs (loop2): invalid crc value [ 504.974061][T13924] F2FS-fs (loop2): Found nat_bits in checkpoint [ 505.048776][T13924] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1 [ 505.057973][T13924] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 505.095160][T13229] handle_bad_sector: 2 callbacks suppressed [ 505.095179][T13229] attempt to access beyond end of device [ 505.095179][T13229] loop2: rw=524288, want=45072, limit=40427 [ 505.112751][T13229] attempt to access beyond end of device [ 505.112751][T13229] loop2: rw=0, want=45072, limit=40427 [ 505.141600][ T8] attempt to access beyond end of device [ 505.141600][ T8] loop2: rw=2049, want=40992, limit=40427 [ 505.152858][ T6] hub 5-1:0.0: activate --> -90 [ 505.164815][T13910] loop0: detected capacity change from 0 to 131072 [ 505.209640][ T39] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 505.219834][ T39] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 505.224362][T13910] F2FS-fs (loop0): invalid crc value [ 505.236280][T13910] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 505.264145][T13910] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b [ 505.299643][ T39] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 505.321364][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 505.329221][ T39] usb 2-1: SerialNumber: syz [ 505.414456][ T60] usb 5-1: USB disconnect, device number 38 [ 505.473158][T13944] bridge0: port 1(bridge_slave_0) entered blocking state [ 505.480081][T13944] bridge0: port 1(bridge_slave_0) entered disabled state [ 505.487312][T13944] device bridge_slave_0 entered promiscuous mode [ 505.494304][T13944] bridge0: port 2(bridge_slave_1) entered blocking state [ 505.501323][T13944] bridge0: port 2(bridge_slave_1) entered disabled state [ 505.508602][T13944] device bridge_slave_1 entered promiscuous mode [ 505.619306][T13944] bridge0: port 2(bridge_slave_1) entered blocking state [ 505.626183][T13944] bridge0: port 2(bridge_slave_1) entered forwarding state [ 505.633318][T13944] bridge0: port 1(bridge_slave_0) entered blocking state [ 505.640166][T13944] bridge0: port 1(bridge_slave_0) entered forwarding state [ 505.673502][ T39] usb 2-1: 0:2 : does not exist [ 505.678382][ T39] usb 2-1: unit 55 not found! [ 505.687437][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 505.765153][ T39] usb 2-1: USB disconnect, device number 46 [ 505.784140][ T436] bridge0: port 1(bridge_slave_0) entered disabled state [ 505.817531][ T436] bridge0: port 2(bridge_slave_1) entered disabled state [ 505.942142][T13956] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 505.953558][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 505.961598][ T436] bridge0: port 1(bridge_slave_0) entered blocking state [ 505.968471][ T436] bridge0: port 1(bridge_slave_0) entered forwarding state [ 505.976118][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 505.984226][ T436] bridge0: port 2(bridge_slave_1) entered blocking state [ 505.991132][ T436] bridge0: port 2(bridge_slave_1) entered forwarding state [ 505.998428][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 506.006323][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 506.015831][ T499] device bridge_slave_0 left promiscuous mode [ 506.021877][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 506.029359][ T499] device veth1_macvtap left promiscuous mode [ 506.116046][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 506.130218][T13944] device veth0_vlan entered promiscuous mode [ 506.138032][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 506.146294][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 506.153761][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 506.165241][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 506.173838][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 506.183413][T13944] device veth1_macvtap entered promiscuous mode [ 506.198443][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 506.207561][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 506.215722][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 506.223850][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 506.231913][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 506.244347][T13968] device gretap0 entered promiscuous mode [ 506.250014][T13968] device macsec1 entered promiscuous mode [ 506.258528][T13968] device gretap0 left promiscuous mode [ 506.318302][T13972] overlayfs: statfs failed on './file0' [ 506.400635][T13982] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 506.421192][ T30] audit: type=1326 audit(1718532495.429:8444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7068faeea9 code=0x0 [ 506.479032][ T30] audit: type=1400 audit(1718532495.479:8445): avc: denied { mount } for pid=13998 comm="syz-executor.0" name="/" dev="configfs" ino=12148 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 506.521702][ T30] audit: type=1400 audit(1718532495.509:8446): avc: denied { read } for pid=13998 comm="syz-executor.0" name="/" dev="configfs" ino=12148 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 506.556498][ T30] audit: type=1400 audit(1718532495.509:8447): avc: denied { open } for pid=13998 comm="syz-executor.0" path="/root/syzkaller-testdir2079355774/syzkaller.IGR4W9/57/file0" dev="configfs" ino=12148 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 506.585159][ T30] audit: type=1400 audit(1718532495.509:8448): avc: denied { unmount } for pid=13343 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 506.616869][T13995] loop4: detected capacity change from 0 to 40427 [ 506.657247][T14005] overlayfs: statfs failed on './file0' [ 506.663745][T13995] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 506.671350][T13995] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 506.685460][T13995] F2FS-fs (loop4): Found nat_bits in checkpoint [ 506.720225][T13995] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 506.732063][T13995] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 506.739061][T13995] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 506.774570][T14019] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 507.352408][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 507.352431][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 507.399495][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 507.413237][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 507.470932][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 507.535731][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 507.594838][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 507.797592][T14049] fscrypt: AES-128-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 508.018904][T14066] loop4: detected capacity change from 0 to 40427 [ 508.060200][T14066] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 508.066273][T14068] loop1: detected capacity change from 0 to 40427 [ 508.067748][T14066] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 508.084643][T14066] F2FS-fs (loop4): Found nat_bits in checkpoint [ 508.122605][T14066] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 508.134876][T14066] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 508.141949][T14066] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 508.160593][T14068] F2FS-fs (loop1): invalid crc value [ 508.181039][T14074] loop0: detected capacity change from 0 to 8192 [ 508.188120][T14068] F2FS-fs (loop1): Found nat_bits in checkpoint [ 508.230986][T14068] F2FS-fs (loop1): Cannot turn on quotas: -2 on 1 [ 508.238013][T14068] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 508.257542][ T39] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 508.274348][T13809] attempt to access beyond end of device [ 508.274348][T13809] loop1: rw=524288, want=45072, limit=40427 [ 508.285773][T13809] attempt to access beyond end of device [ 508.285773][T13809] loop1: rw=0, want=45072, limit=40427 [ 508.286268][T14074] loop0: p2 p3 p4 [ 508.300407][T14074] loop0: p2 start 14935 is beyond EOD, truncated [ 508.306572][T14074] loop0: p3 size 196608 extends beyond EOD, truncated [ 508.314232][T14074] loop0: p4 start 4026530307 is beyond EOD, truncated [ 508.326640][ T492] attempt to access beyond end of device [ 508.326640][ T492] loop1: rw=2049, want=40992, limit=40427 [ 508.509640][ T39] usb 3-1: Using ep0 maxpacket: 16 [ 508.653753][T14074] overlayfs: missing 'lowerdir' [ 508.662069][ T30] audit: type=1400 audit(1718532497.669:8449): avc: denied { mounton } for pid=14073 comm="syz-executor.0" path="/dev/loop0p3" dev="devtmpfs" ino=843 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 508.685991][ T39] usb 3-1: config 0 has no interfaces? [ 508.786386][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 508.786407][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 508.794500][T13216] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix. [ 508.829558][ T39] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 508.859779][ T39] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 508.867624][ T39] usb 3-1: Product: syz [ 508.874332][ T39] usb 3-1: Manufacturer: syz [ 508.880113][ T39] r8152-cfgselector 3-1: config 0 descriptor?? [ 508.905277][T14084] bridge0: port 1(bridge_slave_0) entered blocking state [ 508.912153][T14084] bridge0: port 1(bridge_slave_0) entered disabled state [ 508.919403][T14084] device bridge_slave_0 entered promiscuous mode [ 508.926758][T14084] bridge0: port 2(bridge_slave_1) entered blocking state [ 508.933638][T14084] bridge0: port 2(bridge_slave_1) entered disabled state [ 508.942910][T14084] device bridge_slave_1 entered promiscuous mode [ 509.006098][T14101] loop0: detected capacity change from 0 to 512 [ 509.031841][ T499] device bridge_slave_1 left promiscuous mode [ 509.037831][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 509.040442][T14101] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002] [ 509.052494][T14101] System zones: 0-2, 18-18, 34-35 [ 509.052772][ T499] device bridge_slave_0 left promiscuous mode [ 509.058544][T14101] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 509.063624][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 509.074338][T14101] ext4 filesystem being mounted at /root/syzkaller-testdir2079355774/syzkaller.IGR4W9/73/file0 supports timestamps until 2038 (0x7fffffff) [ 509.095873][ T499] device veth1_macvtap left promiscuous mode [ 509.101913][ T499] device veth0_vlan left promiscuous mode [ 509.194551][T14084] bridge0: port 2(bridge_slave_1) entered blocking state [ 509.201607][T14084] bridge0: port 2(bridge_slave_1) entered forwarding state [ 509.208679][T14084] bridge0: port 1(bridge_slave_0) entered blocking state [ 509.215455][T14084] bridge0: port 1(bridge_slave_0) entered forwarding state [ 509.269213][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 509.277500][T13405] bridge0: port 1(bridge_slave_0) entered disabled state [ 509.287243][T13405] bridge0: port 2(bridge_slave_1) entered disabled state [ 509.289510][ T436] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 509.308229][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 509.320856][T14113] loop0: detected capacity change from 0 to 8192 [ 509.327250][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 509.334110][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 509.341358][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 509.349515][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 509.356373][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 509.363799][ T60] usb 3-1: USB disconnect, device number 43 [ 509.370091][T14113] loop0: p2 p3 p4 [ 509.374044][T14113] loop0: p2 start 14935 is beyond EOD, truncated [ 509.385421][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 509.393308][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 509.401714][T14113] loop0: p3 size 196608 extends beyond EOD, truncated [ 509.417792][T14084] device veth0_vlan entered promiscuous mode [ 509.424688][T14113] loop0: p4 start 4026530307 is beyond EOD, truncated [ 509.432360][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 509.441575][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 509.449781][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 509.457598][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 509.476818][T14084] device veth1_macvtap entered promiscuous mode [ 509.486410][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 509.506518][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 509.519274][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 509.532468][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 509.545105][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 509.557924][T14118] overlayfs: missing 'lowerdir' [ 509.566685][T14117] loop3: detected capacity change from 0 to 40427 [ 509.573087][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 509.586181][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 509.594698][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 509.600530][T14117] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 509.602858][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 509.610144][T14117] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 509.640389][T14117] F2FS-fs (loop3): Found nat_bits in checkpoint [ 509.666099][T14123] fuse: Bad value for 'fd' [ 509.678064][T14117] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 509.689582][T14117] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 509.696434][T14117] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 509.704092][ T436] usb 5-1: Using ep0 maxpacket: 16 [ 509.753864][T14127] loop1: detected capacity change from 0 to 8192 [ 509.804580][T14132] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 510.019059][ T436] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 510.156113][ T436] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 510.165628][ T436] usb 5-1: Product: syz [ 510.170107][ T436] usb 5-1: Manufacturer: syz [ 510.178938][ T436] usb 5-1: SerialNumber: syz [ 510.310850][ T436] r8152-cfgselector 5-1: config 0 descriptor?? [ 510.589954][ T436] r8152-cfgselector 5-1: Unknown version 0x0000 [ 510.799508][ T436] r8152-cfgselector 5-1: Unknown version 0x0000 [ 510.806837][ T436] r8152-cfgselector 5-1: bad CDC descriptors [ 510.831394][ T436] r8152-cfgselector 5-1: Unknown version 0x0000 [ 510.838157][ T436] r8152-cfgselector 5-1: USB disconnect, device number 39 [ 510.846100][T14164] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 511.129469][ T449] usb 1-1: new high-speed USB device number 56 using dummy_hcd [ 511.750839][ T449] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 511.761603][ T449] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 511.783439][ T449] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.796160][ T449] usb 1-1: config 0 descriptor?? [ 512.148857][T14192] loop2: detected capacity change from 0 to 40427 [ 512.211835][T14192] F2FS-fs (loop2): Found nat_bits in checkpoint [ 512.242092][T14192] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 512.280097][ T449] keytouch 0003:0926:3333.0062: fixing up Keytouch IEC report descriptor [ 512.290426][ T449] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0062/input/input93 [ 512.372363][ T449] keytouch 0003:0926:3333.0062: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 513.328270][ T60] usb 1-1: USB disconnect, device number 56 [ 513.342809][T13405] keytouch 0003:0926:3333.0062: usb_submit_urb(ctrl) failed: -19 [ 513.409572][ T30] audit: type=1400 audit(1718532502.409:8450): avc: denied { search } for pid=82 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 513.738989][T14226] loop2: detected capacity change from 0 to 128 [ 513.790932][T14226] FAT-fs (loop2): Directory bread(block 11554) failed [ 513.797587][T14226] FAT-fs (loop2): Directory bread(block 11555) failed [ 513.804210][T14226] FAT-fs (loop2): Directory bread(block 11556) failed [ 513.810749][T14226] FAT-fs (loop2): Directory bread(block 11557) failed [ 513.817399][T14226] FAT-fs (loop2): Directory bread(block 11558) failed [ 513.824067][T14226] FAT-fs (loop2): Directory bread(block 11559) failed [ 513.830691][T14226] FAT-fs (loop2): Directory bread(block 11560) failed [ 513.837245][T14226] FAT-fs (loop2): Directory bread(block 11561) failed [ 513.843923][T14226] FAT-fs (loop2): Directory bread(block 11562) failed [ 513.850531][T14226] FAT-fs (loop2): Directory bread(block 11563) failed [ 513.889487][T13405] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 514.608505][ T436] usb 1-1: new high-speed USB device number 57 using dummy_hcd [ 514.624371][T13405] usb 5-1: Using ep0 maxpacket: 16 [ 514.878498][ T436] usb 1-1: Using ep0 maxpacket: 8 [ 514.949780][T13405] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 514.958767][T13405] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.966687][T13405] usb 5-1: Product: syz [ 514.970660][T13405] usb 5-1: Manufacturer: syz [ 514.975055][T13405] usb 5-1: SerialNumber: syz [ 514.980080][T13405] r8152-cfgselector 5-1: config 0 descriptor?? [ 514.999518][ T436] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 515.009469][ T436] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 515.018185][ T436] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 515.027171][ T436] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 515.035449][ T436] usb 1-1: config 0 descriptor?? [ 515.249510][T13405] r8152-cfgselector 5-1: Unknown version 0x0000 [ 515.479604][T13405] r8152-cfgselector 5-1: Unknown version 0x0000 [ 515.485898][T13405] r8152-cfgselector 5-1: bad CDC descriptors [ 515.509788][T13405] r8152-cfgselector 5-1: Unknown version 0x0000 [ 515.516534][T13405] r8152-cfgselector 5-1: USB disconnect, device number 40 [ 515.988283][T14257] fuse: Bad value for 'fd' [ 516.062923][T14258] loop2: detected capacity change from 0 to 8192 [ 516.239508][T13405] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 516.371338][T14264] loop1: detected capacity change from 0 to 128 [ 516.410976][T14264] FAT-fs (loop1): Directory bread(block 11554) failed [ 516.417633][T14264] FAT-fs (loop1): Directory bread(block 11555) failed [ 516.424269][T14264] FAT-fs (loop1): Directory bread(block 11556) failed [ 516.430787][T14264] FAT-fs (loop1): Directory bread(block 11557) failed [ 516.437470][T14264] FAT-fs (loop1): Directory bread(block 11558) failed [ 516.444146][T14264] FAT-fs (loop1): Directory bread(block 11559) failed [ 516.450680][T14264] FAT-fs (loop1): Directory bread(block 11560) failed [ 516.457254][T14264] FAT-fs (loop1): Directory bread(block 11561) failed [ 516.464356][T14264] FAT-fs (loop1): Directory bread(block 11562) failed [ 516.471652][T14264] FAT-fs (loop1): Directory bread(block 11563) failed [ 516.598079][T14268] loop1: detected capacity change from 0 to 512 [ 516.631147][T14268] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 516.638243][T14268] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 516.649653][T13405] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 516.660213][T14268] EXT4-fs (loop1): 1 truncate cleaned up [ 516.660576][T13405] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 516.665887][T14268] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,mblk_io_submit,debug_want_extra_isize=0x000000000000002e,auto_da_alloc,block_validity,quota,,errors=continue. Quota mode: writeback. [ 516.674826][T13405] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 516.708580][T14268] device veth0 entered promiscuous mode [ 516.714316][T14268] device macsec1 entered promiscuous mode [ 516.716919][T13405] usb 5-1: config 0 descriptor?? [ 516.725429][T14268] device veth0 left promiscuous mode [ 517.006491][ T1018] usb 1-1: USB disconnect, device number 57 [ 517.024059][T14276] loop0: detected capacity change from 0 to 512 [ 517.050698][T14276] EXT4-fs (loop0): Test dummy encryption mode enabled [ 517.058952][T14276] EXT4-fs error (device loop0): __ext4_iget:4892: inode #11: block 1: comm syz-executor.0: invalid block [ 517.070187][T14276] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 11 (err -117) [ 517.082287][T14276] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,user_xattr,max_dir_size_kb=0x0000000000000009,inode_readahead_blks=0x0000000000010000,jqfmt=vfsv0,delalloc,inode_readahead_blks=0x0000000000400000,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none. [ 517.089511][ T436] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 517.200147][T13405] keytouch 0003:0926:3333.0063: fixing up Keytouch IEC report descriptor [ 517.209696][T13405] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0063/input/input94 [ 517.301267][T13405] keytouch 0003:0926:3333.0063: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0 [ 517.469560][ T436] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 517.480285][ T436] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 517.489805][ T436] usb 2-1: New USB device found, idVendor=056a, idProduct=0016, bcdDevice= 0.00 [ 517.498646][ T436] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 517.507080][ T436] usb 2-1: config 0 descriptor?? [ 517.606025][ T6] usb 5-1: USB disconnect, device number 41 [ 517.669497][T13405] usb 1-1: new high-speed USB device number 58 using dummy_hcd [ 517.990803][ T436] wacom 0003:056A:0016.0064: Unknown device_type for 'HID 056a:0016'. Assuming pen. [ 518.000591][ T436] wacom 0003:056A:0016.0064: hidraw0: USB HID v0.00 Device [HID 056a:0016] on usb-dummy_hcd.1-1/input0 [ 518.011883][ T436] input: Wacom Graphire4 6x8 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0016.0064/input/input95 [ 518.049672][T13405] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 518.060448][T13405] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 518.070075][T13405] usb 1-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 518.078884][T13405] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.087233][T13405] usb 1-1: config 0 descriptor?? [ 518.148031][T14285] device pim6reg1 entered promiscuous mode [ 518.200642][ T436] usb 2-1: USB disconnect, device number 47 [ 518.539508][ T20] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 518.561122][T13405] hid-multitouch 0003:0EEF:72D0.0065: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.0-1/input0 [ 518.755342][T14297] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 518.765288][T14279] loop0: detected capacity change from 0 to 256 [ 518.807270][T13405] usb 1-1: USB disconnect, device number 58 [ 518.859554][ T6] Bluetooth: hci0: command 0x1003 tx timeout [ 518.865651][ T7786] Bluetooth: hci0: sending frame failed (-49) [ 518.899522][ T20] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 518.909661][ T20] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 518.989565][ T20] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 518.998528][ T20] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 519.006262][ T20] usb 5-1: SerialNumber: syz [ 519.300163][ T20] usb 5-1: 0:2 : does not exist [ 519.304906][ T20] usb 5-1: unit 55 not found! [ 519.310516][ T20] usb 5-1: USB disconnect, device number 42 [ 519.675878][ T8538] usb 1-1: new high-speed USB device number 59 using dummy_hcd [ 520.099628][ T8538] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 520.110468][ T8538] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 520.119454][ T8538] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 520.127862][ T8538] usb 1-1: config 0 descriptor?? [ 520.610419][ T8538] keytouch 0003:0926:3333.0066: fixing up Keytouch IEC report descriptor [ 520.620508][ T8538] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0066/input/input98 [ 520.701618][ T8538] keytouch 0003:0926:3333.0066: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 520.939916][ T449] Bluetooth: hci0: command 0x1001 tx timeout [ 520.945804][ T7786] Bluetooth: hci0: sending frame failed (-49) [ 521.109599][ T8538] usb 1-1: USB disconnect, device number 59 [ 521.665760][T14338] loop0: detected capacity change from 0 to 8192 [ 521.721744][T14338] loop0: p2 p3 p4 [ 521.725507][T14338] loop0: p2 start 14935 is beyond EOD, truncated [ 521.731750][T14338] loop0: p3 size 196608 extends beyond EOD, truncated [ 521.751279][T14338] loop0: p4 start 4026530307 is beyond EOD, truncated [ 521.878428][T14338] overlayfs: missing 'lowerdir' [ 522.331596][T14345] loop0: detected capacity change from 0 to 40427 [ 522.370343][T14345] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 522.378007][T14345] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 522.388828][T14345] F2FS-fs (loop0): Found nat_bits in checkpoint [ 522.421365][T14345] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 522.433103][T14345] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 522.440080][T14345] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 523.013354][T14360] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 523.019476][ T436] Bluetooth: hci0: command 0x1009 tx timeout [ 523.125141][T13343] f2fs_fill_dentries: 11 callbacks suppressed [ 523.125170][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 523.151705][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 523.159090][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 523.179028][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 523.195636][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 523.212851][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 523.224704][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 523.287844][T14369] loop4: detected capacity change from 0 to 512 [ 523.331508][T14369] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 523.342436][T14369] ext4 filesystem being mounted at /root/syzkaller-testdir3603414873/syzkaller.e94gUt/96/file0 supports timestamps until 2038 (0x7fffffff) [ 523.629534][ T8538] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 523.712991][ T449] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 523.869492][ T8538] usb 5-1: Using ep0 maxpacket: 32 [ 523.989568][ T8538] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 524.000545][ T8538] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 524.010183][ T8538] usb 5-1: New USB device found, idVendor=046d, idProduct=011c, bcdDevice= 0.40 [ 524.018996][ T8538] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 524.027404][ T8538] usb 5-1: config 0 descriptor?? [ 524.069888][ T8538] hub 5-1:0.0: USB hub found [ 524.099550][ T449] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 524.110452][ T449] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 524.119213][ T449] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 524.127660][ T449] usb 2-1: config 0 descriptor?? [ 524.333882][ T8538] hub 5-1:0.0: 1 port detected [ 524.601243][ T449] keytouch 0003:0926:3333.0067: fixing up Keytouch IEC report descriptor [ 524.610781][ T449] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0067/input/input99 [ 524.691430][ T449] keytouch 0003:0926:3333.0067: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 525.004160][ T449] usb 2-1: USB disconnect, device number 48 [ 525.329545][ T8538] hub 5-1:0.0: activate --> -90 [ 525.590155][ T1018] usb 5-1: USB disconnect, device number 43 [ 525.596261][ T8538] usb 5-1: Failed to suspend device, error -19 [ 525.604666][T14395] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 525.956752][T14400] loop0: detected capacity change from 0 to 40427 [ 525.979441][T14400] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 525.986989][T14400] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 525.997778][T14400] F2FS-fs (loop0): Found nat_bits in checkpoint [ 526.025867][T14400] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 526.037265][T14400] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 526.044130][T14400] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 526.905841][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 526.905887][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 526.913354][T13343] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix. [ 527.118545][T14415] fuse: Bad value for 'fd' [ 527.225675][T14410] loop4: detected capacity change from 0 to 8192 [ 527.979775][ T449] usb 2-1: new high-speed USB device number 49 using dummy_hcd [ 528.549566][ T449] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 528.560420][ T449] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 528.569343][ T449] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 528.580532][ T449] usb 2-1: config 0 descriptor?? [ 528.599529][ T6] usb 1-1: new high-speed USB device number 60 using dummy_hcd [ 528.894524][ T6] usb 1-1: Using ep0 maxpacket: 8 [ 529.029733][ T6] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 529.039860][ T6] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 529.048676][ T6] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 529.057619][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 529.066809][ T6] usb 1-1: config 0 descriptor?? [ 529.083682][ T449] keytouch 0003:0926:3333.0068: fixing up Keytouch IEC report descriptor [ 529.092985][ T449] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0068/input/input100 [ 529.343570][ T449] keytouch 0003:0926:3333.0068: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 529.480681][ T449] usb 2-1: USB disconnect, device number 49 [ 529.494092][T14453] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=14453 comm=syz-executor.4 [ 530.244373][ T39] usb 1-1: USB disconnect, device number 60 [ 531.579466][ T6] Bluetooth: hci0: command 0x1003 tx timeout [ 531.585350][ T7786] Bluetooth: hci0: sending frame failed (-49) [ 531.589492][ T1018] usb 1-1: new high-speed USB device number 61 using dummy_hcd [ 531.859034][T14504] bridge0: port 1(bridge_slave_0) entered blocking state [ 531.866323][T14504] bridge0: port 1(bridge_slave_0) entered disabled state [ 531.873711][T14504] device bridge_slave_0 entered promiscuous mode [ 531.880545][T14504] bridge0: port 2(bridge_slave_1) entered blocking state [ 531.887390][T14504] bridge0: port 2(bridge_slave_1) entered disabled state [ 531.894604][T14504] device bridge_slave_1 entered promiscuous mode [ 531.948665][T14504] bridge0: port 2(bridge_slave_1) entered blocking state [ 531.955607][T14504] bridge0: port 2(bridge_slave_1) entered forwarding state [ 531.962721][T14504] bridge0: port 1(bridge_slave_0) entered blocking state [ 531.969502][T14504] bridge0: port 1(bridge_slave_0) entered forwarding state [ 531.979539][ T1018] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 531.990367][ T1018] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 531.995957][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 531.999205][ T1018] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 532.014298][ T449] bridge0: port 1(bridge_slave_0) entered disabled state [ 532.022015][ T1018] usb 1-1: config 0 descriptor?? [ 532.026900][ T449] bridge0: port 2(bridge_slave_1) entered disabled state [ 532.049473][ T6] usb 2-1: new high-speed USB device number 50 using dummy_hcd [ 532.056516][T14504] device veth0_vlan entered promiscuous mode [ 532.064031][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 532.072273][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 532.080786][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 532.087939][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 532.095257][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 532.103190][ T449] bridge0: port 1(bridge_slave_0) entered blocking state [ 532.110037][ T449] bridge0: port 1(bridge_slave_0) entered forwarding state [ 532.117179][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 532.125031][ T449] bridge0: port 2(bridge_slave_1) entered blocking state [ 532.131874][ T449] bridge0: port 2(bridge_slave_1) entered forwarding state [ 532.139001][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 532.146680][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 532.161489][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 532.170328][T14504] device veth1_macvtap entered promiscuous mode [ 532.179494][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 532.191979][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 532.303062][ T6] usb 2-1: Using ep0 maxpacket: 8 [ 532.424104][ T8] device bridge_slave_1 left promiscuous mode [ 532.430763][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 532.439929][ T8] device bridge_slave_0 left promiscuous mode [ 532.446414][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 532.469790][ T8] device veth1_macvtap left promiscuous mode [ 532.475732][ T8] device veth0_vlan left promiscuous mode [ 532.533631][ T1018] keytouch 0003:0926:3333.0069: fixing up Keytouch IEC report descriptor [ 532.577551][ T1018] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0069/input/input101 [ 532.609544][ T6] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 532.619584][ T6] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 532.628376][ T6] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 532.637259][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 532.646140][ T6] usb 2-1: config 0 descriptor?? [ 532.651822][ T1018] keytouch 0003:0926:3333.0069: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 532.937417][ T449] usb 1-1: USB disconnect, device number 61 [ 533.659611][ T6] Bluetooth: hci0: command 0x1001 tx timeout [ 533.665804][ T7786] Bluetooth: hci0: sending frame failed (-49) [ 534.403482][T14546] loop2: detected capacity change from 0 to 256 [ 534.793980][ T39] usb 2-1: USB disconnect, device number 50 [ 535.712565][T14583] loop0: detected capacity change from 0 to 256 [ 535.739632][ T6] Bluetooth: hci0: command 0x1009 tx timeout [ 536.015046][T14596] bridge0: port 1(bridge_slave_0) entered blocking state [ 536.022004][T14596] bridge0: port 1(bridge_slave_0) entered disabled state [ 536.029124][T14596] device bridge_slave_0 entered promiscuous mode [ 536.036043][T14596] bridge0: port 2(bridge_slave_1) entered blocking state [ 536.043112][T14596] bridge0: port 2(bridge_slave_1) entered disabled state [ 536.050527][T14596] device bridge_slave_1 entered promiscuous mode [ 536.109463][ T6] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 536.153439][T14596] bridge0: port 2(bridge_slave_1) entered blocking state [ 536.160320][T14596] bridge0: port 2(bridge_slave_1) entered forwarding state [ 536.167442][T14596] bridge0: port 1(bridge_slave_0) entered blocking state [ 536.174477][T14596] bridge0: port 1(bridge_slave_0) entered forwarding state [ 536.202882][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 536.211242][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 536.220312][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 536.237727][T14610] loop1: detected capacity change from 0 to 1024 [ 536.254597][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 536.262889][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 536.269754][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 536.277032][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 536.285127][ T20] bridge0: port 2(bridge_slave_1) entered blocking state [ 536.291981][ T20] bridge0: port 2(bridge_slave_1) entered forwarding state [ 536.299217][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 536.309361][T14610] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 536.333299][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 536.342044][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 536.373484][T14596] device veth0_vlan entered promiscuous mode [ 536.389513][ T6] usb 3-1: Using ep0 maxpacket: 8 [ 536.395261][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 536.403256][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 536.410655][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 536.424038][T14596] device veth1_macvtap entered promiscuous mode [ 536.434439][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 536.459066][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 536.470246][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 536.529669][ T6] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 536.540502][ T492] device bridge_slave_0 left promiscuous mode [ 536.546612][ T492] bridge0: port 1(bridge_slave_0) entered disabled state [ 536.554758][ T492] device veth1_macvtap left promiscuous mode [ 536.556915][ T6] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 536.561362][ T492] device veth0_vlan left promiscuous mode [ 536.569523][ T6] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 536.583854][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 536.615840][ T6] usb 3-1: config 0 descriptor?? [ 536.739735][T14624] loop1: detected capacity change from 0 to 256 [ 538.074408][T14648] loop1: detected capacity change from 0 to 1024 [ 538.122376][T14648] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 538.911930][ T39] usb 3-1: USB disconnect, device number 44 [ 539.465554][T14693] loop0: detected capacity change from 0 to 128 [ 539.559290][T14693] ------------[ cut here ]------------ [ 539.564856][T14693] WARNING: CPU: 1 PID: 14693 at mm/page_alloc.c:5751 __alloc_pages+0x770/0x8f0 [ 539.573785][T14693] Modules linked in: [ 539.577782][T14693] CPU: 1 PID: 14693 Comm: syz-executor.0 Tainted: G W 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 539.594857][T14693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 539.606198][T14693] RIP: 0010:__alloc_pages+0x770/0x8f0 [ 539.612521][T14693] Code: df e9 aa fb ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c ba fb ff ff e8 5f 11 05 00 48 ba 00 00 00 00 00 fc ff df e9 a6 fb ff ff <0f> 0b 45 31 e4 e9 73 fc ff ff 48 8d 4c 24 40 80 e1 07 80 c1 03 38 [ 539.637503][T14693] RSP: 0018:ffffc90000e5fa20 EFLAGS: 00010246 [ 539.643540][T14693] RAX: 0000000000000004 RBX: 0000000000040dc0 RCX: ffffc90000e5fa03 [ 539.651591][T14693] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffc90000e5fab8 [ 539.659636][T14693] RBP: ffffc90000e5fb30 R08: dffffc0000000000 R09: ffffc90000e5fa90 [ 539.667479][T14693] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 539.675357][T14693] R13: 1ffff920001cbf4c R14: 1ffff920001cbf4e R15: 1ffff920001cbf48 [ 539.683261][T14693] FS: 00007f18c3c286c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 539.692029][T14693] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 539.698408][T14693] CR2: 0000001b2e338000 CR3: 0000000122b83000 CR4: 00000000003506b0 [ 539.706206][T14693] Call Trace: [ 539.709321][T14693] [ 539.712134][T14693] ? show_regs+0x58/0x60 [ 539.716191][T14693] ? __warn+0x160/0x2f0 [ 539.720181][T14693] ? __alloc_pages+0x770/0x8f0 [ 539.724787][T14693] ? report_bug+0x3d9/0x5b0 [ 539.729116][T14693] ? __alloc_pages+0x770/0x8f0 [ 539.733748][T14693] ? handle_bug+0x41/0x70 [ 539.737879][T14693] ? exc_invalid_op+0x1b/0x50 [ 539.742413][T14693] ? asm_exc_invalid_op+0x1b/0x20 [ 539.747261][T14693] ? __alloc_pages+0x770/0x8f0 [ 539.752048][T14693] ? prep_new_page+0x110/0x110 [ 539.756600][T14693] ? __kasan_check_read+0x11/0x20 [ 539.761468][T14693] ? preempt_schedule_irq+0xe7/0x140 [ 539.766581][T14693] ? uinput_write+0xc0a/0x1310 [ 539.771233][T14693] ? __x64_compat_sys_ioctl+0x90/0x90 [ 539.776387][T14693] kmalloc_order+0x4a/0x160 [ 539.780729][T14693] kmalloc_order_trace+0x1a/0xb0 [ 539.785500][T14693] __kmalloc+0x19c/0x270 [ 539.789612][T14693] input_mt_init_slots+0xcf/0xa50 [ 539.794441][T14693] ? mutex_lock_interruptible+0xb6/0x1e0 [ 539.799930][T14693] uinput_create_device+0x522/0x630 [ 539.805648][T14693] uinput_ioctl_handler+0xa63/0x16a0 [ 539.810878][T14693] ? uinput_release+0x50/0x50 [ 539.815339][T14693] ? selinux_file_ioctl+0x3cc/0x540 [ 539.820464][T14693] ? __fget_files+0x31e/0x380 [ 539.825733][T14693] uinput_ioctl+0x28/0x30 [ 539.829939][T14693] ? uinput_poll+0x120/0x120 [ 539.834326][T14693] __se_sys_ioctl+0x114/0x190 [ 539.838837][T14693] __x64_sys_ioctl+0x7b/0x90 [ 539.843321][T14693] do_syscall_64+0x3d/0xb0 [ 539.847515][T14693] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 539.853400][T14693] RIP: 0033:0x7f18c48adea9 [ 539.857643][T14693] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 539.877566][T14693] RSP: 002b:00007f18c3c280c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 539.885902][T14693] RAX: ffffffffffffffda RBX: 00007f18c49e4f80 RCX: 00007f18c48adea9 [ 539.893718][T14693] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 000000000000000c [ 539.901761][T14693] RBP: 00007f18c491cff4 R08: 0000000000000000 R09: 0000000000000000 [ 539.909660][T14693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 539.917444][T14693] R13: 000000000000000b R14: 00007f18c49e4f80 R15: 00007ffe6d39def8 [ 539.925275][T14693] [ 539.928100][T14693] ---[ end trace 5909e0444e051bd6 ]--- [ 540.118126][T14713] loop1: detected capacity change from 0 to 512 [ 540.142416][T14713] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01d, mo2=0002] [ 540.151084][T14713] EXT4-fs (loop1): orphan cleanup on readonly fs [ 540.157794][T14713] EXT4-fs warning (device loop1): ext4_enable_quotas:6410: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 540.178881][T14713] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 540.186930][T14713] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #13: comm syz-executor.1: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 540.205289][T14713] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz-executor.1: couldn't read orphan inode 13 (err -117) [ 540.218195][T14713] EXT4-fs (loop1): mounted filesystem without journal. Opts: noquota,noblock_validity,nombcache,grpquota,debug,debug,grpid,,errors=continue. Quota mode: writeback. [ 540.264899][T14725] loop4: detected capacity change from 0 to 128 [ 540.279507][T13405] usb 1-1: new high-speed USB device number 62 using dummy_hcd [ 540.693862][T14740] loop4: detected capacity change from 0 to 1024 [ 540.732231][T14740] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 540.779874][T13405] usb 1-1: Using ep0 maxpacket: 8 [ 540.871867][T14755] loop4: detected capacity change from 0 to 128 [ 540.899507][T13405] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 540.909392][T13405] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 540.918171][T13405] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 540.927050][T13405] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 540.935700][T13405] usb 1-1: config 0 descriptor?? [ 541.738620][T14788] loop2: detected capacity change from 0 to 40427 [ 541.781513][T14788] F2FS-fs (loop2): invalid crc value [ 541.819696][T14788] F2FS-fs (loop2): Found nat_bits in checkpoint [ 541.860707][T14788] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 541.876512][T14504] attempt to access beyond end of device [ 541.876512][T14504] loop2: rw=2049, want=45104, limit=40427 [ 542.098902][T14826] loop2: detected capacity change from 0 to 40427 [ 542.141668][T14826] F2FS-fs (loop2): invalid crc value [ 542.148872][T14826] F2FS-fs (loop2): Found nat_bits in checkpoint [ 542.189072][T14826] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 542.201497][T14843] tap0: tun_chr_ioctl cmd 1074025675 [ 542.206871][T14843] tap0: persist enabled [ 542.210966][T14843] tap0: tun_chr_ioctl cmd 1074025675 [ 542.216209][T14843] tap0: persist disabled [ 542.217488][T14504] attempt to access beyond end of device [ 542.217488][T14504] loop2: rw=2049, want=45104, limit=40427 [ 542.431049][T14867] loop2: detected capacity change from 0 to 512 [ 542.600048][T14867] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 542.611719][T14867] ext4 filesystem being mounted at /root/syzkaller-testdir1559468953/syzkaller.Am2kzf/40/file0 supports timestamps until 2038 (0x7fffffff) [ 542.668462][T14867] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents [ 542.680685][T14867] EXT4-fs error (device loop2): ext4_dirty_inode:6024: inode #2: comm syz-executor.2: mark_inode_dirty error [ 542.692452][T14867] EXT4-fs error (device loop2): ext4_do_update_inode:5191: inode #2: comm syz-executor.2: corrupted inode contents [ 542.704840][T14867] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #2: comm syz-executor.2: mark_inode_dirty error [ 542.722979][T14867] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 542.738510][T14867] EXT4-fs error (device loop2): ext4_add_entry:2437: inode #2: comm syz-executor.2: Directory block failed checksum [ 542.757434][T14504] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 542.773135][T14504] EXT4-fs error (device loop2): ext4_readdir:220: inode #2: comm syz-executor.2: path /root/syzkaller-testdir1559468953/syzkaller.Am2kzf/40/file0: directory fails checksum at offset 0 [ 542.791205][ T6] Bluetooth: hci0: command 0x1003 tx timeout [ 542.791513][T14504] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor.2: path /root/syzkaller-testdir1559468953/syzkaller.Am2kzf/40/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4122464895, rec_len=63823, size=2048 fake=0 [ 542.797053][ T7786] Bluetooth: hci0: sending frame failed (-49) [ 542.822017][T14504] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 542.843145][T14504] EXT4-fs error (device loop2): ext4_readdir:220: inode #2: comm syz-executor.2: path /root/syzkaller-testdir1559468953/syzkaller.Am2kzf/40/file0: directory fails checksum at offset 18432 [ 542.861886][T14504] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 542.877345][T14504] EXT4-fs error (device loop2): ext4_readdir:220: inode #2: comm syz-executor.2: path /root/syzkaller-testdir1559468953/syzkaller.Am2kzf/40/file0: directory fails checksum at offset 20480 [ 542.895819][T14504] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 542.911308][T14504] EXT4-fs error (device loop2): ext4_readdir:220: inode #2: comm syz-executor.2: path /root/syzkaller-testdir1559468953/syzkaller.Am2kzf/40/file0: directory fails checksum at offset 22528 [ 542.929805][T14504] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 542.945603][T14504] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 542.961328][T14504] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 542.977064][T14504] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 542.993044][T14504] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.2: No space for directory leaf checksum. Please run e2fsck -D. [ 543.022440][ T39] usb 1-1: USB disconnect, device number 62 [ 543.042801][T14872] loop0: detected capacity change from 0 to 128 [ 543.109134][T14874] tap0: tun_chr_ioctl cmd 1074025675 [ 543.114368][T14874] tap0: persist enabled [ 543.118532][T14874] tap0: tun_chr_ioctl cmd 1074025675 [ 543.123698][T14874] tap0: persist disabled [ 543.347387][T14889] incfs: Can't find or create .index dir in ./file0 [ 543.375699][T14889] incfs: mount failed -14 [ 543.400800][T14893] syz-executor.0[14893] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 543.400870][T14893] syz-executor.0[14893] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 543.495394][T14902] tap0: tun_chr_ioctl cmd 1074025675 [ 543.512599][T14902] tap0: persist enabled [ 543.516770][T14902] tap0: tun_chr_ioctl cmd 1074025675 [ 543.521900][T14902] tap0: persist disabled [ 544.156477][T14923] incfs: Can't find or create .index dir in ./file0 [ 544.162998][T14923] incfs: mount failed -14 [ 544.379591][T14931] loop0: detected capacity change from 0 to 40427 [ 544.431556][T14931] F2FS-fs (loop0): invalid crc value [ 544.470663][T14931] F2FS-fs (loop0): Found nat_bits in checkpoint [ 544.579533][ T499] Quota error (device loop2): remove_tree: Getting block too big (1634105445 >= 7) [ 544.588776][T14931] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 544.607975][T13343] attempt to access beyond end of device [ 544.607975][T13343] loop0: rw=2049, want=45104, limit=40427 [ 544.933285][T13405] Bluetooth: hci0: command 0x1001 tx timeout [ 544.939163][ T7786] Bluetooth: hci0: sending frame failed (-49) [ 544.985916][T14944] tap0: tun_chr_ioctl cmd 1074025675 [ 544.991240][T14944] tap0: persist enabled [ 544.995378][T14944] tap0: tun_chr_ioctl cmd 1074025675 [ 545.000556][T14944] tap0: persist disabled [ 545.041553][T14945] bridge0: port 1(bridge_slave_0) entered blocking state [ 545.048391][T14945] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.055828][T14945] device bridge_slave_0 entered promiscuous mode [ 545.062933][T14945] bridge0: port 2(bridge_slave_1) entered blocking state [ 545.069908][T14945] bridge0: port 2(bridge_slave_1) entered disabled state [ 545.077181][T14945] device bridge_slave_1 entered promiscuous mode [ 545.147610][T14945] bridge0: port 2(bridge_slave_1) entered blocking state [ 545.154598][T14945] bridge0: port 2(bridge_slave_1) entered forwarding state [ 545.161725][T14945] bridge0: port 1(bridge_slave_0) entered blocking state [ 545.168466][T14945] bridge0: port 1(bridge_slave_0) entered forwarding state [ 545.198212][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 545.206393][ T6] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.213642][ T6] bridge0: port 2(bridge_slave_1) entered disabled state [ 545.220043][T14956] incfs: Can't find or create .index dir in ./file0 [ 545.226999][T14956] incfs: mount failed -14 [ 545.244488][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 545.252471][T13405] bridge0: port 1(bridge_slave_0) entered blocking state [ 545.259306][T13405] bridge0: port 1(bridge_slave_0) entered forwarding state [ 545.266835][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 545.275168][T13405] bridge0: port 2(bridge_slave_1) entered blocking state [ 545.282018][T13405] bridge0: port 2(bridge_slave_1) entered forwarding state [ 545.299690][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 545.307546][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 545.367506][ T499] device bridge_slave_1 left promiscuous mode [ 545.373564][ T499] bridge0: port 2(bridge_slave_1) entered disabled state [ 545.382029][ T499] device bridge_slave_0 left promiscuous mode [ 545.387987][ T499] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.396168][ T499] device veth1_macvtap left promiscuous mode [ 545.402173][ T499] device veth0_vlan left promiscuous mode [ 545.496617][T13405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 545.524563][T14967] loop0: detected capacity change from 0 to 512 [ 545.698942][T14967] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 545.710447][T14967] ext4 filesystem being mounted at /root/syzkaller-testdir2079355774/syzkaller.IGR4W9/153/file0 supports timestamps until 2038 (0x7fffffff) [ 545.724269][T14945] device veth0_vlan entered promiscuous mode [ 545.730846][T14967] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents [ 545.743192][T14967] EXT4-fs error (device loop0): ext4_dirty_inode:6024: inode #2: comm syz-executor.0: mark_inode_dirty error [ 545.755029][T14967] EXT4-fs error (device loop0): ext4_do_update_inode:5191: inode #2: comm syz-executor.0: corrupted inode contents [ 545.767833][T14967] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #2: comm syz-executor.0: mark_inode_dirty error [ 545.779713][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 545.787201][ T30] audit: type=1400 audit(1718532534.789:8451): avc: denied { map } for pid=14966 comm="syz-executor.0" path="/root/syzkaller-testdir2079355774/syzkaller.IGR4W9/153/file0/bus" dev="devtmpfs" ino=814 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 545.791152][T14967] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D. [ 545.815922][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 545.830678][T14967] EXT4-fs error (device loop0): ext4_add_entry:2437: inode #2: comm syz-executor.0: Directory block failed checksum [ 545.850216][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 545.851476][T14967] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Out of memory [ 545.866633][T14967] EXT4-fs error (device loop0): ext4_add_nondir:2806: inode #19: comm syz-executor.0: mark_inode_dirty error [ 545.878394][T14967] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5820: Out of memory [ 545.882152][T14945] device veth1_macvtap entered promiscuous mode [ 545.887450][T14967] EXT4-fs error (device loop0): ext4_evict_inode:283: inode #19: comm syz-executor.0: mark_inode_dirty error [ 545.894700][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 545.910014][T14967] EXT4-fs warning (device loop0): ext4_evict_inode:286: couldn't mark inode dirty (err -12) [ 545.930305][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 545.938947][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 545.940081][T13343] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D. [ 545.962517][T13343] EXT4-fs error (device loop0): ext4_readdir:220: inode #2: comm syz-executor.0: path /root/syzkaller-testdir2079355774/syzkaller.IGR4W9/153/file0: directory fails checksum at offset 0 [ 545.981827][T13343] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D. [ 545.998242][T13343] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D. [ 546.016169][T13343] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D. [ 546.027570][T14974] syz-executor.2[14974] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 546.031918][T14974] syz-executor.2[14974] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 546.031949][T13343] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D. [ 546.070891][T13343] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D. [ 546.088493][T13343] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D. [ 546.104609][T13343] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:405: inode #2: comm syz-executor.0: No space for directory leaf checksum. Please run e2fsck -D. [ 546.198926][T14981] tap0: tun_chr_ioctl cmd 1074025675 [ 546.219258][T14981] tap0: persist enabled [ 546.223728][T14981] tap0: tun_chr_ioctl cmd 1074025675 [ 546.228846][T14981] tap0: persist disabled [ 546.266819][T14983] loop4: detected capacity change from 0 to 256 [ 546.312719][T14983] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001) [ 546.320445][T14983] FAT-fs (loop4): Filesystem has been set read-only [ 546.376769][T14988] syz-executor.4[14988] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 546.376848][T14988] syz-executor.4[14988] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 546.391152][T14988] syz-executor.4[14988] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 546.407319][T14988] syz-executor.4[14988] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 546.420772][ T30] audit: type=1400 audit(1718532535.429:8452): avc: denied { mounton } for pid=14990 comm="syz-executor.2" path="/root/syzkaller-testdir1078352866/syzkaller.wNzxCS/5/file0" dev="sda1" ino=1963 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1 [ 546.421054][T14991] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.472145][T14991] FAT-fs (loop5): unable to read boot sector [ 546.976534][T15004] syz-executor.4[15004] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 546.976625][T15004] syz-executor.4[15004] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 547.020093][ T449] Bluetooth: hci0: command 0x1009 tx timeout [ 547.281454][T15011] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 548.015197][T15019] loop4: detected capacity change from 0 to 256 [ 548.043329][T15019] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001) [ 548.051243][T15019] FAT-fs (loop4): Filesystem has been set read-only [ 548.130428][T15023] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 548.141347][T15023] FAT-fs (loop9): unable to read boot sector [ 548.235161][ T499] Quota error (device loop0): remove_tree: Getting block too big (1634105445 >= 7) [ 548.441820][T15041] bridge0: port 1(bridge_slave_0) entered blocking state [ 548.448664][T15041] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.456230][T15041] device bridge_slave_0 entered promiscuous mode [ 548.466426][T15041] bridge0: port 2(bridge_slave_1) entered blocking state [ 548.473630][T15041] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.481072][T15041] device bridge_slave_1 entered promiscuous mode [ 548.546487][T15041] bridge0: port 2(bridge_slave_1) entered blocking state [ 548.553378][T15041] bridge0: port 2(bridge_slave_1) entered forwarding state [ 548.560454][T15041] bridge0: port 1(bridge_slave_0) entered blocking state [ 548.567225][T15041] bridge0: port 1(bridge_slave_0) entered forwarding state [ 548.595328][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 548.603070][ T20] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.610347][ T20] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.613833][T15058] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 548.628370][T15058] FAT-fs (loop5): unable to read boot sector [ 548.639769][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 548.647811][ T20] bridge0: port 1(bridge_slave_0) entered blocking state [ 548.654679][ T20] bridge0: port 1(bridge_slave_0) entered forwarding state [ 548.671282][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 548.679279][ T8538] bridge0: port 2(bridge_slave_1) entered blocking state [ 548.686128][ T8538] bridge0: port 2(bridge_slave_1) entered forwarding state [ 548.693802][ T8538] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 548.714396][T15041] device veth0_vlan entered promiscuous mode [ 548.721108][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 548.729401][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 548.737487][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 548.745579][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 548.755640][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 548.775076][T15069] bpf_get_probe_write_proto: 2 callbacks suppressed [ 548.775093][T15069] syz-executor.2[15069] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 548.777111][T15041] device veth1_macvtap entered promiscuous mode [ 548.781777][T15069] syz-executor.2[15069] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 548.793227][ T1018] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 548.822391][ T436] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 548.836190][ T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 548.852537][ T449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 548.910228][ T8] device bridge_slave_1 left promiscuous mode [ 548.916299][ T8] bridge0: port 2(bridge_slave_1) entered disabled state [ 548.940069][ T8] device bridge_slave_0 left promiscuous mode [ 548.946163][ T8] bridge0: port 1(bridge_slave_0) entered disabled state [ 548.954323][ T8] device veth1_macvtap left promiscuous mode [ 548.960247][ T8] device veth0_vlan left promiscuous mode [ 549.316586][T15078] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'. [ 549.469606][ T1018] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 549.480155][ T1018] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 549.559642][ T1018] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 549.568559][ T1018] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 549.576360][ T1018] usb 5-1: SerialNumber: syz [ 549.826509][T15090] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 549.837376][T15090] FAT-fs (loop1): unable to read boot sector [ 549.860086][ T1018] usb 5-1: 0:2 : does not exist [ 549.901110][ T1018] usb 5-1: USB disconnect, device number 44 [ 549.960616][T15102] loop2: detected capacity change from 0 to 1024 [ 549.980646][T15102] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 550.055961][T15102] EXT4-fs (loop2): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000001,bsddf,nojournal_checksum,norecovery,debug_want_extra_isize=0x0000000000000080,dioread_nolock,nodelalloc,acl,auto_da_alloc=0x000000000000003f,,errors=continue. Quota mode: none. [ 550.285839][T15113] syz-executor.2[15113] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 550.286245][T15113] syz-executor.2[15113] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 550.495830][T15121] loop4: detected capacity change from 0 to 1024 [ 550.543354][T15121] EXT4-fs (loop4): Ignoring removed orlov option [ 550.550073][T15121] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 550.550479][T15125] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 550.568183][T15125] FAT-fs (loop5): unable to read boot sector [ 550.576245][T15121] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none. [ 550.606744][T15121] EXT4-fs error (device loop4): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.4: corrupt xattr in inline inode [ 550.621235][T15121] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.4: corrupted in-inode xattr [ 550.640736][T13216] ================================================================== [ 550.648694][T13216] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0 [ 550.656513][T13216] Read of size 4 at addr ffff888127eb0000 by task syz-executor.4/13216 [ 550.664579][T13216] [ 550.666750][T13216] CPU: 1 PID: 13216 Comm: syz-executor.4 Tainted: G W 5.15.149-syzkaller-00165-g85445b5a2107 #0 [ 550.678295][T13216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 550.688187][T13216] Call Trace: [ 550.691481][T13216] [ 550.694215][T13216] dump_stack_lvl+0x151/0x1b7 [ 550.698717][T13216] ? io_uring_drop_tctx_refs+0x190/0x190 [ 550.704185][T13216] ? panic+0x751/0x751 [ 550.708093][T13216] print_address_description+0x87/0x3b0 [ 550.713474][T13216] kasan_report+0x179/0x1c0 [ 550.717809][T13216] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 550.723278][T13216] ? ext4_xattr_delete_inode+0xcd0/0xce0 [ 550.728759][T13216] __asan_report_load4_noabort+0x14/0x20 [ 550.734247][T13216] ext4_xattr_delete_inode+0xcd0/0xce0 [ 550.739621][T13216] ? sb_end_intwrite+0x120/0x120 [ 550.744394][T13216] ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0 [ 550.750296][T13216] ? ext4_journal_check_start+0x16c/0x230 [ 550.755849][T13216] ? __kasan_check_read+0x11/0x20 [ 550.760710][T13216] ? ext4_inode_is_fast_symlink+0x295/0x3d0 [ 550.766436][T13216] ? ext4_evict_inode+0xb8d/0x14e0 [ 550.771388][T13216] ext4_evict_inode+0xea1/0x14e0 [ 550.776158][T13216] ? _raw_spin_unlock+0x4d/0x70 [ 550.780848][T13216] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 550.786709][T13216] ? _raw_spin_unlock+0x4d/0x70 [ 550.791389][T13216] ? inode_io_list_del+0x18b/0x1a0 [ 550.796335][T13216] ? ext4_inode_is_fast_symlink+0x3d0/0x3d0 [ 550.802062][T13216] evict+0x2a3/0x630 [ 550.805798][T13216] iput+0x63b/0x7e0 [ 550.809447][T13216] vfs_rmdir+0x359/0x470 [ 550.813520][T13216] do_rmdir+0x3ab/0x630 [ 550.817514][T13216] ? d_delete_notify+0x160/0x160 [ 550.822291][T13216] __x64_sys_unlinkat+0xdf/0xf0 [ 550.826972][T13216] do_syscall_64+0x3d/0xb0 [ 550.831223][T13216] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 550.837026][T13216] RIP: 0033:0x7f458a949687 [ 550.841212][T13216] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 550.860735][T13216] RSP: 002b:00007ffed0594cd8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 550.869125][T13216] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f458a949687 [ 550.876932][T13216] RDX: 0000000000000200 RSI: 00007ffed0595e80 RDI: 00000000ffffff9c [ 550.884734][T13216] RBP: 00007f458a9a6636 R08: 0000000000000000 R09: 0000000000000000 [ 550.892547][T13216] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffed0595e80 [ 550.900362][T13216] R13: 00007f458a9a6636 R14: 0000000000086648 R15: 0000000000000007 [ 550.908178][T13216] [ 550.911033][T13216] [ 550.913204][T13216] The buggy address belongs to the page: [ 550.918681][T13216] page:ffffea00049fac00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x127eb0 [ 550.928740][T13216] flags: 0x4000000000000000(zone=1) [ 550.933780][T13216] raw: 4000000000000000 ffffea00049fac48 ffffea0004bbe9c8 0000000000000000 [ 550.942212][T13216] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 550.950607][T13216] page dumped because: kasan: bad access detected [ 550.956866][T13216] page_owner tracks the page as freed [ 550.962067][T13216] page last allocated via order 0, migratetype Movable, gfp_mask 0x100cca(GFP_HIGHUSER_MOVABLE), pid 14931, ts 544336291602, free_ts 544950207361 [ 550.976653][T13216] post_alloc_hook+0x1a3/0x1b0 [ 550.981247][T13216] prep_new_page+0x1b/0x110 [ 550.985584][T13216] get_page_from_freelist+0x3550/0x35d0 [ 550.990965][T13216] __alloc_pages+0x27e/0x8f0 [ 550.995393][T13216] shmem_alloc_and_acct_page+0x4bd/0xa80 [ 551.000859][T13216] shmem_getpage_gfp+0x1388/0x23c0 [ 551.005807][T13216] shmem_write_begin+0xca/0x1b0 [ 551.010493][T13216] generic_perform_write+0x2bc/0x5a0 [ 551.015618][T13216] __generic_file_write_iter+0x25b/0x4b0 [ 551.021087][T13216] generic_file_write_iter+0xaf/0x1c0 [ 551.026284][T13216] vfs_write+0xd5d/0x1110 [ 551.030450][T13216] ksys_write+0x199/0x2c0 [ 551.034619][T13216] __x64_sys_write+0x7b/0x90 [ 551.039047][T13216] do_syscall_64+0x3d/0xb0 [ 551.043296][T13216] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 551.049026][T13216] page last free stack trace: [ 551.053538][T13216] free_unref_page_prepare+0x7c8/0x7d0 [ 551.058829][T13216] free_unref_page_list+0x14b/0xa60 [ 551.063866][T13216] release_pages+0x1310/0x1370 [ 551.068467][T13216] __pagevec_release+0x84/0x100 [ 551.073157][T13216] shmem_undo_range+0x604/0x1560 [ 551.077928][T13216] shmem_evict_inode+0x215/0x9d0 [ 551.082697][T13216] evict+0x2a3/0x630 [ 551.086434][T13216] iput+0x63b/0x7e0 [ 551.090080][T13216] dentry_unlink_inode+0x34f/0x440 [ 551.095021][T13216] __dentry_kill+0x447/0x660 [ 551.099450][T13216] dentry_kill+0xc0/0x2a0 [ 551.103616][T13216] dput+0x45/0x80 [ 551.107089][T13216] __fput+0x662/0x910 [ 551.110907][T13216] ____fput+0x15/0x20 [ 551.114728][T13216] task_work_run+0x129/0x190 [ 551.119151][T13216] exit_to_user_mode_loop+0xc4/0xe0 [ 551.124187][T13216] [ 551.126355][T13216] Memory state around the buggy address: [ 551.131825][T13216] ffff888127eaff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2024/06/16 10:09:00 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 551.139729][T13216] ffff888127eaff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 551.147629][T13216] >ffff888127eb0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 551.155521][T13216] ^ [ 551.159435][T13216] ffff888127eb0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 551.167341][T13216] ffff888127eb0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 551.175224][T13216] ================================================================== [ 551.183121][T13216] Disabling lock debugging due to kernel taint