last executing test programs: 1m21.264180806s ago: executing program 32 (id=616): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000040), 0x4) sendmsg$unix(r0, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x24004044) sendmsg$unix(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000c1}, 0x20000004) 1m12.146695397s ago: executing program 3 (id=964): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000400000000022838bb018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc15, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m12.118788087s ago: executing program 3 (id=968): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='mm_page_alloc\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20c9, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000440)={0x0, r1}, 0x10) 1m12.036124247s ago: executing program 3 (id=986): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) capget(0x0, 0x0) 1m11.789156039s ago: executing program 3 (id=988): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x804000, &(0x7f0000000040)={[{@errors_remount}, {@oldalloc}, {@delalloc}, {@nobh}, {@dioread_lock}]}, 0x3, 0x4c0, &(0x7f0000000540)="$eJzs3VFrXFkdAPD/vUlq2qYmVR9qwRq0khbtTNLYNvjQVhB9Kqj1PcZkEkImmZCZtE0okuIHEERU9MknXwQ/gCD9CCIU9F2WZZey23Yf9mF3Z7kzd9psmCTtNpnpZn4/OLnn3Hsz//+ZYc7MmXu5N4CeNRoRNyOiLyIuRsRwvj7NS2w1S7bf0yf3Z7OSRL1++70kknxd67GSfHky/7fBiPj5TyJ+lSTNFdtUNzaXZsrl0lreLtaWV4vVjc1Li8szC6WF0srk5MTVqWtTV6bGD6yv13/09h9++7cfX//X9+7+f/rdC7/O8h3Kt23vx0FqPicDjeeipT8i1g4jWBf05f0Z6HYiAAC8lOw7/lci4lsR8ezP3c4GAAAAOAz1G0PxURJRBwAAAI6stHEObJIW8nMBhiJNC4XmObxfixtRrlRr352vrK/MNc+VHYmBdH6xXBrPzxUeiYEka0806i/al3e0JyPidET8fvh4o12YrZTnuv3jBwAAAPSIbJ4/lDbr2eKD4eb8HwAAADhiRrqdAAAAAHDozP8BAADg6Nt1/p/0dzYRAAAA4DD89NatrNRb97+eu7OxvlS5c2muVF0qLK/PFmYra6uFhUploXHNvuX9Hq9cqax+P1bW7xVrpWqtWN3YnF6urK/Uphv39Z4uuU80AAAAdN7pbz78XxIRWz843iiZY/k2c3U42tJX2z05rDyAzuvrdgJA1zjBF3qXOT6w38R+sEN5AAAAh2fs647/Q696xeP/wBHi+D/0Lsf/oXeZ4wOf+/j/vw8+FwAA4HAMNUqSFvJjgUORpoVCxKnGbQEGkvnFcmk8Ir4cEf8dHvhS1p7odtIAAAAAAAAAAAAAAAAAAAAAAAAA8AVTrydRBwAAAI60iPSdJL//19jw+aGdvw8cSz4cbiwj4u5fbv/x3kyttjaRrX//+fran/L1l7vxCwYAAACwU2ue3prHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBBevrk/myrdDLu4x9GxEi7+P0x2FgOxkBEnHiWRP+2/0siou8A4m89iIgz7eInWVoxkmexM34aEcc7FL9d/7P4Jw8gPvSyh9n4c7Pd+y+N0cay/fu/Py+v6/HobuNf+nz869tl/Du1z2Mfy5dnH/2juGv8BxFn+9uPP634yWuOv7/8xebmbtvqf40Ya/v5k3wmVrG2vFqsbmxeWlyeWSgtlFYmJyeuTl2bujI1XpxfLJfyv21j/O4b//xkr/6f2CX+yD79P7+tvddz8fGje0++ukf8C99u//qf2SN+Fu87+edAtn2sVd9q1rc79/f/nNur/3O79H+/1//CHn3e7uLPfvPWS+4KAHRAdWNzaaZcLq29TCWNV9hZ5TUro29GGiq9WckHiMEuD1AAAMCBefGlv9uZAAAAAAAAAAAAAAAAAAAAQO/qxOXEtsdzOTEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4E31aQAAAP//YGHTsw==") r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="260000000400"/16], 0x26) 1m11.664761519s ago: executing program 3 (id=993): syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x200000, &(0x7f0000000140)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+BJTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKmPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oTHBUH9XH9DF9XB/XJ/RJ/YP+Tp/W3+sz+qw+q3/Q5/V5feHXnwEYNMpoY0xgMpnMJsFkMYnmKpPVZDPZTQ4TM1ebnOYak8tca3KbPCavyWfymwKmoAkNGWvYRKaQKWzi5jpTxFxvippiprgpYZwpaUqZG/7H+Zerr6VpaVqZVqa1aW3amramnWln2pv2poPpYDqajqaT6WQ6m86mi+liupquppvpZrqb7qaH6WF6mp4mySSZPuZF09f0M/3NADPQvGQGmUFmsBlshpghZpgZZoab4WaEGWFGmpFmtBltxpgxZpwZZyaYCSbZ5zCTzCQz2Uw2U8wUM21gDjPDzDCzzCwz28w2c81cM8/MMwvMArPILDJLzBKz1Cw1KSbFLDPLTKpZbpablWalWW1Wm7VmrVlv1puNZqPZbDabVLPNbDPbzXaz0+w0u81us9fsNfvMPrPf7DdpJs0cMAfMQXPQHDKHzGFz2BwxR8xRc9QcM8fMcXPcnDAnzClzypw2p80Zc8acM+fMeXPeXDAXzEVzMf22L1CBCkxggkxBpiAhSAgSg8Qga5A1yB5kD2JBLMgZ5AxyBdcGuYM8Qd4gX5A/KBAUDMKAAhtwEAWFgsJBPLguKBJcHxQNigXFgxKBC0oGpYIbgtLBjUGZ4KagbHBzUC64JSgfVAgqBrcGtwWVgtuDysEdQZXgzqBqUC2oHtQI7gpqBncHtYJ7gtrBvUGd4L6gbnB/UC94IKgfNAgaBg8GjYKHgsZBk6Bp0CxoHrSAln/o/N6fyfOI6xn2CpPC3mGf8MWwb9gv7B8OCAeGL4WDwpfDweEr4ZBwaDgsfDUcHr4WjghfD0eGo8LR4RvhmHBsOC4cH04IJ4bJ4ZvhpPCtcHL4djglnBpOC6aHM8KZ4azwnXB2OCecG74bzgvnhwvCheGicHGIv9wSQ0r4Qbgs/DBMDZeHK8KV4apwdbgmXBuuC9eHG8KN4aZwc9lBvxwabg93hDvDXeHucE+4N/w43Bd+Eu4PPw3Tws/CA+FfwoPh5+Gh8IvwcPhleCT8Kjwafh0eC78Jj4ffhifCk+Gp8LvwdPh9eCY8G54LfwjPhz+GF8KfwouhT7+5T7+8kyFDmSgTJVACJVIiZaWslJ2yU4xilJNyUi7KRbkpN+WlvJSf8lNBKkjpmJgKUSGKU5yKUBEqSkWpOBUnR45KUSkqTaWpDJWhslSWylE5Kk/lqSJVpNvoNrqdbqc76A66k+6kalSNalANqkk1qRbVotpUm+pQHapLdake1aP6VJ8aUkNqRI2oMTWmptSUmlNzakktqRW1otbUmtpSW2pH7ag9tacO1IE6UkfqRJ2oM3WmLtSFulJX6kbdqDt1px7Ug3pST0qiJOpDfagv9aX+1J8G0kAaRINoMA2mITSEhtEwGk7DaQSNoJE0ikbTGzSGxtI4Gk8TaCIlUzJNokk0mSbTFJpC02gazaAZNItm0WyaTXNpLs2jebSAFtAiWkRLaAktpaWUQim0jJZRKqXSClpBq2gVraE1tI7W0QbaQJtoE22hLbSNttF22k47aSftpt20l/bSPtpH+2k/pVEaHaADdJAO0iE6RIfpMB2hI3SUjtIxOkbH6TidoBN0ik7RaTpNZ+gMnaNzdJ5+pAv0E10kTwk2i020V9msNpvNbnPYv47z2nw2vy1gC9rQ5rZ5fheTtbaoLWaL2xLW2ZK2lL3hb+LytoKtaG+1t9lK9nZb2Za3WeC/xjXt3baWvcfWtvfaGvau38V17H22rn3I1rNNbH3bzDa0LWwj+5BtbJvYpraZbW5b2Hb2MdvePm472CdsR/vk38RL7ft2nV1vN9iNdp/9xJ6zP9ij9mt73v5oe9pedqB9yQ6yL9vB9hU7xA79fQxgR9s37Bg71o6z4+0EO/Fv4ml2up1hZ9pZ9h072875m3iJfc/Osyl2gV1oF9nFP8fpNaXYD+wy+6FNtcvtCrvSrrKr7Rq79v/WutJutlvsVrvXfmy32x12p91ld9s9P8fp69hvP7Vp9jN7xH5lD9rP7SF7zB62X/4cp6/vmP3GHrff2hP2pD1lv7On7ff2jD378/rT1/6d/cletN4CIyvWbDjgTJyZEzgLJ/JVnJWzcXbOwTG+mnPyNZyLr+XcnIfzcj7OzwW4IIdMbJk54kJcmON8HRfh67koF+PiXIIdl+RSfAOX5hu5DN/EZflmLse3cHmuwBX5Vr6NK/HtXJnv4Cp8J1flalyda/BdXJPv5lp8D9fme7kO38d1+X6uxw9wfW7ADflBbsQPcWNuwk25GTfnFtySH+ZW/Ai35jbclh/ldvwYt+fHuQM/wR35Se7ET3Fnfpq78DPclZ/lbvwcd+fnuQe/wD25Fydxb+7DL3Jf7sf9eQAP5Jd4EL/Mg/kVHsJDeRi/ysP5NR7Br/NIHsWj+Q0ew2N5HI/nCTyRk/lNnsRv8WR+m6fwVJ7G03kGz+RZ/A7P5jk8l9/leTyfF/BCXsSLeQm/x0v5fU7hD3gZf8ipvJxX8Epexat5Da/ldbyeN/BG3sSbeQtv5W38EW/nHbyTd/Fu3sN7+WPex5/wfv6U0/gzPsB/4YP8OR/iL/gwf8lH+Cs+yl/zMf6Gj/O3fIJP8in+jk/z93yGz/I5/oHP8498gX/ii+wZIoxUpCMTBVGmKHOUEGWJEqOroqxRtih7lCOKRVdHOaNrolzRtVHuKE+UN8oX5Y8KRAWjMKLIRhxFUaGocBSProuKRNdHRaNiUfGoROSiklGp6IaodHRjVCa6KSob3RyVi26JykcVoorRrdFtUaXo9qhydEdUJbozqhpVi6pHNaK7oprR3VGt6J6odnRvVCa6L6ob3R/Vix6I6kcNoobRg1Gj6KGocdQkaho1i5pHLaKW0cNRq+iRqHXUJmobPRq1ix6L2kePRx2iJ6KO0ZOX9hcLfrma/tX+pKh3pH99Q3aPXhRfHF8Sfy++NP5+PCX+QXxZ/MN4anx5fEV8ZXxVfHV8TXxtfF18fXxDfGN8U3xzfEt8a9z7GpnBYfqDMBgXuEwus0twWVyiu8plddlcdpfDxdzVLqe7xuVy17rcLo/L6/K5/K6AK+hCR846dpEr5Aq7uLvOFXHXu6KumCvuSjjnSrpSroVr6Vq6Vu4R19q1cW3do+5R95h7zD2e8GvhrpN7ynV2T7su7hn3jHvWdXPPue7uedfDveB6ul4uySW5Pq6P6+v6uv6uvxvoBrpBbpAb7Aa7IW6IG+aGueFuuBvhRriRbqQb7Ua7MW6MG+fGuQlugkt2yW6Sm+Qmu8luipviprlpboab4Wa5WW62m+3murlunpvnFrgFbpFb5Ja4JW6pW+pSXIpb5pa5VJfqVrgVbpVb5da4NW6dW+c2uA1uk9vktrgtbpvb5ra77W6n2+l2u91ur9vr9rl9br/b79JcmjvgDriD7qA75L5wh92X7oj7yh11X7tj7ht33H3rTriT7pTz+rT73p1xZ90594M77350F9xP7qLzLjn2ZmxS7K3Y5NjbsSmxqbFpsemxGbGZsVmxd2KzY3Nic2PvxubF5scWxBbGFsUWx5bE3ostjb0fS4l9EFsW+zCWGlseWxFbGVsVWx3zvsD2yBfyhX3cX+eL+Ot9UV/MF/clvPMlfSl/gy/tb/Rl/E2+rL/Zl/O3+PK+gq/om/imvplv7lv4lv5h38o/4lv7Nr6tf9S384/59v5x38E/4Tv6J30n/5Tv7J/2Xfwzvqt/dv6vXfY9/Au+p+/lk3xv38e/6Pv6fr6/H+AH+pf8IP+yH+xf8UP8UD/Mv+qH+9f8CP+6H+lH+dH+DT/Gj/Xj/Hg/wU/0yf5NP8m/5Sf7t/0UP9VP89P9DD/Tz/Lv+Nl+jp/r3/Xz/Hy/wC/0i/xiv8S/55f6932K/8Av8x/6VL/cr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Tb/kd/ud/idfpff7ff4vf5jv89/4vf7T32a/8wf8H/xB/3n/pD/wh/2X/oj/it/1H/tj/lv/HH/rT/hT/pT/jt/2n/vz/iz/pz/wZ/3P/oL/id/Uf5mTQghhBDin6Ivs7/33/k/9euWrg8AZNuR7/Bfz7kp9y/jfmpfxxgAPNGra4PftgYNkpKSfj02VUNQeCEAxC7l//z9A7/Gy6EtPAYdoA2U/rv19VMVf77v++/mj98MkAiQ5bec9MejRPjr+W/8B/M3eY8vN/9CgKKFL+Wkn+i3+NL8Zf7B/HvaXWb+LJ8nA7T+LzlZ4VJ8af5S8Ag8CR1+d6QQQgghhBBCCPGLfup8t8s936Y/n+c3l3Iyw6X4cs/nl1H5j1iDEEIIIYQQQggh/ntPP9f98Yc7dGjT+T95kPnPUcafYIAA8CcoQwZ//sGV/s0khBBCCCGE+KNduum/0pUIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBAZ17//DWHqnz74Sq9RCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEuNL+TwAAAP//OndVTg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0) rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000200)='./file2\x00') 1m11.55101425s ago: executing program 3 (id=995): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000680)='./file1\x00', 0x1018ed8, &(0x7f0000000780)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nobarrier}, {@nodelalloc}, {@usrquota}, {@nolazytime}, {@noblock_validity}, {@block_validity}, {@grpjquota}]}, 0x7, 0x64e, &(0x7f0000000800)="$eJzs3c9rXFsdAPDvvZOk+eVLn4j4gmLAxXsgL03qw6ob27qwi4IFuxBx0dAkNXT6gyYFWwtNwIWCgojbIt34D7iX7t2JoO5cC1WkYkFLR+6PaSeTmcw0P2aS3M8HJnPuuWdyzjd3ztxz752TG0BlzWU/0ogPIl5fSyJmWtZNR7Fyriz34l+PrmePJBqN7/4ziaTMa5ZPyuepcmE8Iv4YEZ+u7ax3/cHDm0v1RuFxxJmNW3fPrD94+PHaraUbKzdWbi+e/don5xa+vvjJYktD926qfL50+Tuf/8VPfvjV1T/VP07ifFwd/fFytMVxUOZiLl6XIbbmj0TEuSzR4e9y3JyAECqtVr4fRyPiszETtXypMBNrPx9q44BD1ahFNHaX9CoAHFd7695j0fNzAzjimuOA5rF9f8fBVw95VDI4zy8UB0A74x8pTzmM58dGky+SliOj4tzG6QOoP6vj1aPxJ68ezT6JbechXr7ZOiMHUE83m1sR8blO8Sd5207nkWbxp9uO9ZOIWIiIsbJ939pHG5KW9GGch9lNn/HXsvhbt0MaEefL5yz/4h7rbz+tNej4AaimZxfKHflmttTc/7Ver2ju//Pxz+Nm7vT+L8nkhr3/6z7+a+7vx/NxT9o2DsvGLFc6/8rR9oy//ezSr7rVX4z/Zp80H1n9zbHgIDzfiphti/+nWbDl+CeLP+kw/s2KXDvfXx3f/vM/LnVbN+z4G08jPux4/PN2VJqldrk+eWZ1rb6yUPzsWMfv//CD33auvVlHe/ynDjzObrLtP9kl/pbtn3Zq+d3Ov3KrPeN3V57e6lb/dM/tn/59LCmON8fKnB9tbWzcW4wYSy6XRcr8pY2Ne2e3//6LU9uXizIvG/nzYhH/R1/q3P+3vf/boppofmT24e73br7otm4v7/+WD+fXjT7b0E0W/6ne239H/8/yftlnHf/5/v0vdFvXOf5kXzEBAAAAAABAVaX5NdgknX+TTtP5+WK+7GdiMq3fWd/48uqd+7eXIz7Kvw85mkaa5F8ZmSmWk9W1+spi+X3Y5vLZtuWvRMT7EfHr2kS+PH/9Tn152MEDAAAAAAAAAAAAAAAAAADAETFVzv9v3qf637Vi/j9QEb1vMLfj/g/ACXGYN5gEjra8/++2i39vcG0BBsv+H6pL/4fq0v+huvR/qC79H6pL/4fq0v+huvR/AAAAADiR3v/is78mEbH5jYn8kRkr15n0Cyfb6DuVrh1aO4DB06Ohut5c+jfYh8rpa/z/34ZhApxgSafMfHBQ/mPQRpcXPuv4yre29t82AAAAAAAAAAAAAKDw4Qfd5/+/29xg4Lgx7Q+qax8T+8wJhGPOv/6H6nKMD/SYxR/j3Vb0mv8PAAAAAAAAAAAAAByY6fyRpPPlXODpSNP5+YhPRcTpGE1W1+orCxHxXkT8pTZ6KlteHHajAQAAAAAAAAAAAAAAAAAA4IRZf/Dw5lK9vnKvNfG/HTknO9G8C2rvwo0+yuya+Ga846siGfyfZSIihr5RDj4xXiRGWlYlEZvZlj8iLYyj0Yw8MeQPJgAAAAAAAAAAAAAAAAAAqKCWucedzf5mwC0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMF7e///HonlyeIFfRXenhh2jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8fT/AAAA//+onC+S") mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) 1m11.49296809s ago: executing program 33 (id=995): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000680)='./file1\x00', 0x1018ed8, &(0x7f0000000780)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nobarrier}, {@nodelalloc}, {@usrquota}, {@nolazytime}, {@noblock_validity}, {@block_validity}, {@grpjquota}]}, 0x7, 0x64e, &(0x7f0000000800)="$eJzs3c9rXFsdAPDvvZOk+eVLn4j4gmLAxXsgL03qw6ob27qwi4IFuxBx0dAkNXT6gyYFWwtNwIWCgojbIt34D7iX7t2JoO5cC1WkYkFLR+6PaSeTmcw0P2aS3M8HJnPuuWdyzjd3ztxz752TG0BlzWU/0ogPIl5fSyJmWtZNR7Fyriz34l+PrmePJBqN7/4ziaTMa5ZPyuepcmE8Iv4YEZ+u7ax3/cHDm0v1RuFxxJmNW3fPrD94+PHaraUbKzdWbi+e/don5xa+vvjJYktD926qfL50+Tuf/8VPfvjV1T/VP07ifFwd/fFytMVxUOZiLl6XIbbmj0TEuSzR4e9y3JyAECqtVr4fRyPiszETtXypMBNrPx9q44BD1ahFNHaX9CoAHFd7695j0fNzAzjimuOA5rF9f8fBVw95VDI4zy8UB0A74x8pTzmM58dGky+SliOj4tzG6QOoP6vj1aPxJ68ezT6JbechXr7ZOiMHUE83m1sR8blO8Sd5207nkWbxp9uO9ZOIWIiIsbJ939pHG5KW9GGch9lNn/HXsvhbt0MaEefL5yz/4h7rbz+tNej4AaimZxfKHflmttTc/7Ver2ju//Pxz+Nm7vT+L8nkhr3/6z7+a+7vx/NxT9o2DsvGLFc6/8rR9oy//ezSr7rVX4z/Zp80H1n9zbHgIDzfiphti/+nWbDl+CeLP+kw/s2KXDvfXx3f/vM/LnVbN+z4G08jPux4/PN2VJqldrk+eWZ1rb6yUPzsWMfv//CD33auvVlHe/ynDjzObrLtP9kl/pbtn3Zq+d3Ov3KrPeN3V57e6lb/dM/tn/59LCmON8fKnB9tbWzcW4wYSy6XRcr8pY2Ne2e3//6LU9uXizIvG/nzYhH/R1/q3P+3vf/boppofmT24e73br7otm4v7/+WD+fXjT7b0E0W/6ne239H/8/yftlnHf/5/v0vdFvXOf5kXzEBAAAAAABAVaX5NdgknX+TTtP5+WK+7GdiMq3fWd/48uqd+7eXIz7Kvw85mkaa5F8ZmSmWk9W1+spi+X3Y5vLZtuWvRMT7EfHr2kS+PH/9Tn152MEDAAAAAAAAAAAAAAAAAADAETFVzv9v3qf637Vi/j9QEb1vMLfj/g/ACXGYN5gEjra8/++2i39vcG0BBsv+H6pL/4fq0v+huvR/qC79H6pL/4fq0v+huvR/AAAAADiR3v/is78mEbH5jYn8kRkr15n0Cyfb6DuVrh1aO4DB06Ohut5c+jfYh8rpa/z/34ZhApxgSafMfHBQ/mPQRpcXPuv4yre29t82AAAAAAAAAAAAAKDw4Qfd5/+/29xg4Lgx7Q+qax8T+8wJhGPOv/6H6nKMD/SYxR/j3Vb0mv8PAAAAAAAAAAAAAByY6fyRpPPlXODpSNP5+YhPRcTpGE1W1+orCxHxXkT8pTZ6KlteHHajAQAAAAAAAAAAAAAAAAAA4IRZf/Dw5lK9vnKvNfG/HTknO9G8C2rvwo0+yuya+Ga846siGfyfZSIihr5RDj4xXiRGWlYlEZvZlj8iLYyj0Yw8MeQPJgAAAAAAAAAAAAAAAAAAqKCWucedzf5mwC0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMF7e///HonlyeIFfRXenhh2jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8fT/AAAA//+onC+S") mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) 52.973478104s ago: executing program 2 (id=1423): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000340)={r1, r0}, 0xc) 52.944754904s ago: executing program 2 (id=1424): r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000480)=0x102, 0x4) 52.894161004s ago: executing program 2 (id=1428): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[], 0x14}}, 0x0) r0 = socket(0x11, 0xa, 0x0) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7) sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000000), 0x10, &(0x7f0000000080)={0x0}, 0x8}, 0x0) 52.864278995s ago: executing program 2 (id=1439): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0xe, &(0x7f0000000140)={[{@test_dummy_encryption}, {@test_dummy_encryption}, {@noauto_da_alloc}, {@minixdf}, {@errors_remount}, {@quota}]}, 0x3, 0x455, &(0x7f0000000f00)="$eJzs3MtvG0UYAPBv10n6pDGlPPoAAgUR8UiatEAPXEAgcQAJCQ7lGJK0KnUb1ASJVhUYhMoRVeKOOCLxF3CCCwJOSFzhjipVqJcWTkZr7yaOY6dxmsSl/v2kTWZ2Zz3zeXfs2Z1sAuhbI9mPJGJ3RPwREcON7PICI41fN69fmv7n+qXtEVF7+++kXu7G9UvTRdFiv115ZjSNSD9P4mCbeucvXDwzVanMns/z4wtnPxifv3DxudNnp07Nnpo9N3n8+LGjEy++MPn8in0vD3cfZ7bLjQMfzx3a//q7V96cPnHlvV++S4r4W+Jor9xtlSOrbXyyVuv29e5o9zSlk4EeNoSulCIiO1yD9f4/HKVYOnjD8dpnPW0csKlquQ6bqzXgLpZEr1sA9EbxRZ9d/xbL1o0+eu/ay40LoCzum/nS2DIQaV5msOX6diONRMSJ6r9fZ0us6T4EAMDt+SEb/zzbbvyXxgNN5fbkcyjliLg3IvZGxH0RsS8i7o+ol30wIh7qsv7WSZKV45/06roCW6Ns/PdSPre1fPyXRrWRKJfqucYYsByDycnTldkj+XsyGoPbsvzEKnX8+OrvX3ba1jz+y5as/mIsmLfj6sC25fvMTC1M3V7US659GnFgoF38yeJMQBIR+yPiwDrrOP30t4c6bRuJ6i3i72RjJplq30Q81Tj+1WiJv5CsPj85vj0qs0fGi7NipV9/u/xWp/pvffw3V3b8d7Y9/xfjLyfN87Xz3ddx+c8vOl7TrPf8H0reqaeH8nUfTS0snJ+IGEreaDS6ef3k0r5FviifxT96uH3/3xtL78TBiMhO4ocj4pGIeDRv+2MR8XhEHF4l/p9feeL99ce/ubL4Z7o6/kuJoWhd0z5ROvPT98sqLXcTf3b8j9VTo/matXz+raVd6zubAQAA4P8njYjdkaRji+k0HRtr/A3/vtiZVubmF545OffhuZnGMwLlGEyLO13DTfdDJxYv6xv5yTxfbD+a3zf+qrSjnh+bnqvM9Dp46HO7OvT/zF+ltrts29oWApvK81rQv/R/6F/6P/Qv/R/6V5v+v6MX7QC2Xrvv/0960A5g67X0//bTfsBdyfU/9C/9H/qX/g99aX5HrPqQfFT31Mut7Ul/iTsqEbERr1P8I4iWTZH2PkCJzUv09GMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgw/wXAAD//7Jx47M=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x44021, &(0x7f0000000140)='usrjquota=') 52.611776136s ago: executing program 2 (id=1432): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./file0\x00', &(0x7f0000000040)='vfat\x00', 0x0, 0x0) 52.205462798s ago: executing program 2 (id=1441): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x0, 0x0, 0x204}}) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0x20, 0x101}}) 52.205380618s ago: executing program 34 (id=1441): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x0, 0x0, 0x204}}) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x300, 0x20, 0x101}}) 37.176740672s ago: executing program 6 (id=1854): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="000000000087fb00b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='sys_enter\x00', r0}, 0x18) syz_read_part_table(0x59d, &(0x7f0000000000)="$eJzs0r1Ls1cYB+CTwEsoVCIiONhBMLg0KsRBh2SwEtMsRsSKFGfBQQfBwUFSorMf/4DiF4iL2NlRjCAKcZKM4lxQXDKltD6FtnZpiyl9ua4lnHPf59w5/J7A/1o8/NRsNmMhhGbi75/+7jQ/XuyZHJ2aDiEW5kII+a++/LUSizp+u/U8WpeidTGRqe3fjL2ctt/23ldTh/GofhEP4YcQwuLjUfLfvo3P31nuKrm+sVzYXM0tPBTWnobm+/PdW/mlneGDbHmmKzsbfVgX8dbMT9VGju+apefdtoFP1Vojcx31pWMfM5//1p/z3+us1CuNib6TlcF0R/2yvB3l/ip/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgg53lrpLrG8uFzdXcwkNh7Wlovj/fvZVf2hk+yJZnurKz8be+i3hr5qdqI8d3zdLzbtvAp2qtkbmO+tKxd0e/+fFj/hIt9HX4Y/57nZV6pTHRd7IymO6oX5a3o9xf3+cPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCX8uPFnsnRqekQYmEuhPDt/fe9v+w3E2/1WNR3Hv2Wov1iIlPbvxl7OW2/7b2vpg4nEyEkfnfv4uNR8otWPoR/5OcAAAD//2wlhu4=") syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x2010050, &(0x7f00000001c0)=ANY=[@ANYRES16, @ANYRESDEC, @ANYRES64=0x0, @ANYRES8=0x0, @ANYRESHEX, @ANYRES16], 0xff, 0x2f0, &(0x7f0000000900)="$eJzs3M9LFG8cwPGPuu6uis4evny/fIvooS5FMOh26xAsoRQtFKsbWRCMOlvLTruyMxgboXbqGv0RBeLRTkJ16BZeunnq0s1DQYeEfkzM7Kw72opG7q4/3i/Q+fg88/F5HmeUzyPMrN18er+Qs/Wc4UhnvFs6ReZlXSThRSIV71OHiMSlqkOiEjYvZ/u+rJ4YHb91NZVOD2eUGkmNnU8qpQZOvnrwaPHUG6fvRlyWY7KSuLP2Oflx5d+V/9d+jt3L2ypvq2LJUYaaKH1wohOWqabydkFX6rrrGrap8sW34yJ+f8kxvP6cVZqeriijONXfO102bVsZxYoqmBUlEZFyRRl3jXxR6bqu+nsFO4ktZDJGyg/jf5w82YQJ4a9d/u3GL5dTRpeI9IjIhXfhnuxCS6cGAAD2hc31v9pa//s6gqPX8sN13XD+rur/pYGg/l+OblP/B/V9rf63zGr9b5tlZ3f1v1NSjlf/R3aq/7tqgdusH+kBkq3X/zi0vPrf+23IrL546Tc8vr046AfU/wAAAAAAAAAAAAAAAAAAAAAAHATrrqu5rqvVjrWPWPBIeO3rds8TzcH1P9pGVRAoFRexnsxkZ7IiVne1ceO6mzIomnz374dANR65kh4eVL6EvLbmgvy5mWz1QbtUTvJiiSlDokmicf5QNV9tzu+W3nB+UjT5p3F+smF+VM6cDuXrosn7SSmJJVP+fV3Pnx1S6tK19Jb8Hv88AAAAAAAOA11tqO/fe0L9eoN+f39c7U/lRPz99c7/H9iyv47IsUjblg0AAAAAwJFiVx4WDMsyyy0M4iKyqcXVRPZ8LG91rV1Xg2D2XDtHb3eghVpqL5Fu+TQi4UFjwSyaNNZ/z55/3btveHHp+Lf2XcH2/U0CAAAA0Bz1on/7c9xPrZwRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABHTyteJ9buNQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7xa8AAAD///vcJ60=") 36.904841043s ago: executing program 6 (id=1864): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r1}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 35.095433264s ago: executing program 6 (id=1869): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00222200000096231306010003603e04002a90a027b5b00000b3813e250383de4e06526bdc123ddad5e0b5ce2d289af30ee20bd25a3b18fbdef08122c59e0cbf13daf6"], 0x0}, 0x0) syz_open_dev$hiddev(&(0x7f0000000140), 0x4000007ff, 0x200002) 33.777957981s ago: executing program 5 (id=1892): bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000800)=ANY=[@ANYRES64, @ANYBLOB="2bfdbd6d5c5f873c224c093618e2e022f77301e852f731e21338772479c7a37cceebf1068180961c196b9951d01f5f887b9f3c7ad6996706a17c5a96afa08ff83a510de36f043db5e466aa700cd4d173e51ea79963db6c30628d06a53ac729f098bdeb3e28a7faab618432af0e1c47b131fb38cd5f4b00ca"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0x0, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b80cdd64bdf00000000000869045aac0000659f55df08f9b90788ff7f00000010000029c21ebbcde61d8ab5920aef6c3e007fe61241638962cf0b89ef506cfd3f1d4163d3cfca3733b30070a7cf53021a9554328a702688f92b6b71569d65e33d46f8d8ae24ba69c657afac04379cb536008c219991704f11c5a01ba62ed8f2c6a503dd1b1d076f03b0f917c766f3a7598bbc00feb3bc8e88f79df517b37b56bcbc290080000000000000e675458a43b8a8935bf9cf0be7d0aeaac41405e341cd0ba0d6fd562489dad595712a4051bb6cf826ab757193fc093b8b3353fbbb278d19000000000000007b61805ed430ef06000000000000001e93f640f159320c8b088f4d64977b2eb312d4967aff9e4c14c66c90000054ed82c7cba4c81f91d6dfed18767bf0df584b4b6c4204df411f921e3aa02a67dd324b8176020e9c024751df38c05727f82c92046bfe64babb6d7ba86526b7886a0c2481c5812812a6fa3fca3758cbd8c32b25c28be225bd1f16297baa065f5bf96330fad0aaa4388c06c0eb2ecdf829af9577fcd868cc269b740000b777d73a63246ce6f0467167626329ab91df7a13d9ec9a64e7f6b56aeab8c38f69a213c96e2d2ad7978c9d721c270f27e7025d576535198742d403ec43572d7d0baf00e882617b260627805ca44200335ea4363066944d0aa6feb9705b09ba40d4642519281151f875cbf13a582f90ad719f0eccf02a473dd508a16138904933689ea6ee02412064730700aeff2b69c2f2bf6f691c3560e068743ae8e8771280da61fd8fdc3f7a35ea352e35753c59ebc1bd27ab6603e6afb1b3f057fbb7ed3aabe702b3c6301d3f5c295d1d69d1541d0e64631c95d6c0999e27e8d1a58f6a00f19102d2bfaf53f25a45637b1c577ae50c4c56d9abc40c64a20c14ff0b1bf4d23fe07ae90f503ba9c64bf89b26e7d8d70710b04f9ece69023acadbb4582272e5b3a0429a5675e5a9554de54945d9a270180e0545b0c824ad36f7cc8be12b3874d5a19349b0ede845e9ece24d546d3a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00ee0000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c000c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05af3a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e4e4e29d8b33fbdd02e86a6432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3ce8f530ffff19a6471bf5abc742d9cbcfb964b13831034694a6aad84cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df871a8e782339bc424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb78183e7e68de9dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbefd9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d85618ba2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009de2323f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978addf2f2a29a387c6f0576b36038f819286eea99a6a434811cf2a117d775fe986a49fb82cf5f15972d55185ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e671d305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a540f64000000000000fbb4c256409e54daefbb107c381fa729ff5fe607d93430da178d685d7730f5e129438a5214f722096d2986334c25e454474f92e65828b018174a9f4738b8c71fbdead06ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a379ed4c6267965af78b861bd335312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68ffce8d141e8960ef790fb0078215d65f96eb55db8cbcb060000000d988374e45451a694ffe38a1d03912b31c98d42e1a1bda1290de1a499a5d6849914c1788a7aca37177cc34102f44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553ecece78d4c1541c70f5d81e0725d5b273755c0000000000000000aa4234e282182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a7d72fcdb0a11993d54d97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a9236558fea2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574ea68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa1ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8edc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f24bb68f486e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e8d5bc5642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f0cf74f845d1cc9ec4eee79c290fb0ba939b13707004e2e9cc0d350538c1c8c6bb9a38c6ac5ca07df32601240ea3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4055f05558ab31f339f6a4caf2ee2fd01f34dca330000000000000000000000000000000000000000000000000000000000000000000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd6f7fd7f8898c70b5c65f2e28f22e983892c383882809f557affbda5e1850d66a4a1ee73b2084681f880a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae9052be8eec1e95f6ad8d41dd34829504ba4b66e27154cb6e34aa13450522df1723130b6fe347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbdd3f188eec7da7bccafbd5bf28a46f0eecc6b550471b06a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd31091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a474bd16b8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f391906000000cc03bbfb8c698ecc137d96711100e01031aa74fad86b99eebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc86784c9f940d9fb0464a72ce635e14b80dc5c1c64e8f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de1b3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f938ad16eeb8342278f1c1cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706e587f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2cc0e7c207b8942fafd70530a0fc4622ecf132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af999dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2be0d1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bff348229fa84034faf8421a22c4b4c17a3d24a4aeee0d0850371feefd77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2b59654d49a11c6736ac63e8eb383760fc2b5c976dacf3dda7191c757f28e44f6a5f95db7055f7ed983f5665210f20a494fabb0dbcd335700000000000000000000000000000086666201251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a5826fdbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193ad0438cdef7a98a1671a1918df310dc4bfd61c3db3c22673884dca370558936b85737e14819ab1c57b348a8ff16d36364a20fe846d11d045de81f069bac8425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb251ab9eefc8e400191f0f0f8c679b0000000000000000000000b41b0ae67d9351c49e1ff285d05a3cc39a5b0cd20afe0a00086650f8fad20c0e1e7131836c85b2cbacd41593928207312189fdd66abc45a139f0c9dbcc58237cec5bd56ffe0c6de23254a7951a298501ca04ab30b5723df6dd01d0b1a87c197b83b286374ba9a9dd1bd09ea1b71b24a1f527bf59d9633e3d15ed3757acc494f464482e49884c13780cc392bfe67b5d91e5b513daea48cac7645db35f07ba41aa187f65c5344717d7a0ee353a7e36b14fdce5898a613cef224d3addb3d2de74cef73f7520dc8cc8ffaa62cbd25e691ef4c45fdd25675b32c129a8464f08c4da9c08713b54416f3b56a04086dab1d196884e062287ad4758e883d2f99833d8aaf0c56718f6b0434740900faf4ab824662a719bf370fd0b2de04c1455ec14908ce5cbec79466f2f2cc337c53437d626254e00000000000000000000000000000000c34646f8ae68c095e7298300feab8a3dfe2c43fc971385b13b4f3b61ddbf5044ff572defcc67930f0e715774e1e970751534398faf79350255cfa9021378f10c2043e7ecd5649c9720530da7ea227b792f31cb5d688b5f1eba9ff5f85c97b35e00ecf76282912b483e31c76e303e527e98a9ca14f718d495ad45db16c4500011de506f0ca35f7ea96ed1831e3c1219f985b26cb8a70e7c8efcb287984871e0fed3f1985cf63f00289292b378188ad0dfae12c265b88961a9223b48cf7055d641595e0cb926d63c1f8a207f48bd482290b79867285c2155e655e017bca6cbba43f9b49042fb2fb390c436b3306e8a0800000090d159004da838a50235b91f5273c1fe083067ce1e2d8011c9e2b6d3ea69dfc3712e5ce440432fbd29ffd004000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x20e, 0x5ee, 0xfd000004, &(0x7f00000004c0)="b9180bb7600a070c009e40f086dd1fff310005e03300fd010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7473ce0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x31, 0x6000000000000000, 0xfffffffffffffe7e, 0x1d4}, 0x28) 33.731172091s ago: executing program 5 (id=1893): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='percpu_free_percpu\x00', r0}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5d, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 33.730793611s ago: executing program 5 (id=1895): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x74) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xe, 0x4, 0x8, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 33.721208241s ago: executing program 5 (id=1896): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0xfd, 0x1eb, &(0x7f00000008c0)="$eJzsmb9v00AUx793dmK3QkgsDCwgUYkitY7tAOrCUP4BkFp+bUT0qApugxwPbSUkIhYW/gz+BYZODGxsrDAAEhIDGZkP3fnFPtIfBEgEUt9H6vP37t69u/fqvCEBwzDHls+fvn98cW1pdQHACcwhoPmvXu0jHf8PIYn3L99snXyyNxpPANDaytfjnO8bx2UPBY21pt3EHD1XISt9ExIXSd+GQET6HiRukVYQuEv6oaO7MyQyFd3vZmsPNjIVG5MYkxrTHr3foC+wBiCk+wlnvbez+6iTZSofFQ09PGff0thCB4DKe7+onz9Ylrjq1M/8v+48f9Y342FtYqd+CSQS0m0IrJBeQoAoiswrUJbEyf+MX8f3xsn/T8T1xmTiDMWpxaN8FiZ61tTFDP7h6f3/pAgTEcKtqhHmA13NnB7svc1UHv6868s0L3ZuuimDeva+pXezfxe5SU3gQJ+6f5qWe8HpTz78qn+0is3Hrd7O7uLGZmddrautNG1fiS/F8eW0ZXtzaY/of6HtT7NO/MYhvk3RxHanKPJkGyjypBqnpa0TwMqr7je7R5KdP1/GMK+KTTs4+AxBf9I+jZr3Dr08wzAMwzAMwzAMwzAMwzDMb3EWwn4LSj9Uaa3xtFzRLukNO/cjAAD//5ivWKc=") sched_setscheduler(0x0, 0x1, 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0) 33.653016862s ago: executing program 5 (id=1897): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000002c0)='mm_page_alloc\x00', r0}, 0x10) mincore(&(0x7f0000fff000/0x1000)=nil, 0x1000, &(0x7f0000000000)=""/70) 33.215153614s ago: executing program 6 (id=1900): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x100040e, &(0x7f00000000c0)={[{@norecovery}, {@mblk_io_submit}, {@lazytime}, {}, {@block_validity}, {@user_xattr}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@init_itable_val={'init_itable', 0x3d, 0x3ed}}]}, 0x3, 0x449, &(0x7f0000000740)="$eJzs28trXNUfAPDvnSR995f8Sn30oUarGHwkTfqwCzeKggsLgi7qMiZpqZ020kSwpWgVqUspuC8uBf8CV7oRdSW41b0UimTTKghX7sy9ycxkJp2Jk0zrfD5wk3PuPZNzvnPvuXPOPZkA+tZo9iOJ2BURv0bEcDVbX2C0+uvO0pWZP5euzCSRpm/+kVTK3V66MlMULV63s8gMRpQ+TeJAk3oXLl0+N10uz13M8xOL59+bWLh0+fmz56fPzJ2ZuzB14sTRI5MvHJ861pU4s7hu7/9w/uC+196+fnLm1PV3fvw6KeJviKNLRtc6+FSadrm63tpdk04GVx/ftpmNoW0D1W4aQ5X+PxwDsXLyhuPVT3raOGBDpWmaPtj68NUU+A9LotctAHqj+KDP5r/FtklDj3vCrZeqE6As7jv5Vj0yGKW8zFDD/LabRiPi1NW/bmRbbMxzCACAOt9m45/nmo3/SlH7XOh/+RrKSET8PyL2RMTxiNgbEQ9EVMo+FBEPd1h/4yLJ6vFP6ea6AmtTNv57MV/bqh//FaO/GBnIc7sr8Q8lp8+W5w7n78lYDG3N8pNr1PHdK7983upY7fgv27L6i7Fg3o6bg1vrXzM7vTj9b2KudevjiP2DzeJPllcCkojYFxH711nH2We+OtjqWJP4/07T9EZbf7jJOlOn0i8jnq6e/6vREH8hWXt9cmJblOcOTxRXxWo//XztjVb13/38b6zs/O9oev0vxz+S1K7XLnRex7XfPms5p1nv9b8leatu3wfTi4sXJyO2JK8PRX6fWt4/1VBuaqV8Fv/Yoeb9f0+svBMHIiK7iB+JiEcj4rG87Y9HxBMRcWiN+H94+cl363aM7eog/o2VxT/b0flfSWyJxj3NEwPnvv+mrtKR6CD+7PwfraTG8j3t3P/aadf6rmYAAAC4/5QiYlckpfHldKk0Pl79H/69saNUnl9YfPb0/PsXZqvfERiJoVLxpGu45nnoZD6tL/JTDfkj+XPjLwa2V/LjM/Pl2V4HD31uZ4v+n/l9oNetAzZcF9bRgPuU/g/9S/+H/qX/Q/9q0v+396IdwOZr9vn/UQ/aAWy+hv5v2Q/6iPk/9C/9H/qX/g99aWF73P1L8hISqxJRuieaIdFJ4uSxtgv3+s4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHf8EAAD//yeb6Hg=") creat(&(0x7f0000000080)='./bus\x00', 0x10) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x801000, 0x0) quotactl$Q_SETINFO(0xffffffff80000600, &(0x7f00000001c0)=@filename='./bus\x00', 0x0, 0x0) 33.019969535s ago: executing program 6 (id=1905): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/tty/drivers\x00', 0x0, 0x0) read$char_usb(r0, &(0x7f0000001840)=""/4090, 0xffa) preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000180)=""/128, 0x80}], 0x1, 0x0, 0x0) read$char_usb(r0, &(0x7f0000000080)=""/43, 0x2b) 32.428606618s ago: executing program 6 (id=1915): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x4}]}, 0x68}}, 0x0) 32.390020919s ago: executing program 35 (id=1915): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x4}]}, 0x68}}, 0x0) 30.017403242s ago: executing program 5 (id=1957): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000001280)=@raw={'raw\x00', 0x3c1, 0x3, 0x608, 0x0, 0x8, 0x7f02ae, 0x0, 0x200, 0x538, 0x2e8, 0x2e8, 0x538, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x300, 0x428, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @fd={0x2, 0x0, r1}}, @common=@hl={{0x28}, {0xe886935d41b2f60, 0x8}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:syslogd_initrc_exec_t:s0\x00'}}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x4, 0x8, 0xfffffff9, 0x4ff3, 'pptp\x00', 'syz0\x00', {0x826}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x668) 29.910619063s ago: executing program 36 (id=1957): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = socket$inet6(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000001280)=@raw={'raw\x00', 0x3c1, 0x3, 0x608, 0x0, 0x8, 0x7f02ae, 0x0, 0x200, 0x538, 0x2e8, 0x2e8, 0x538, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x300, 0x428, 0x0, {}, [@common=@unspec=@bpf1={{0x230}, @fd={0x2, 0x0, r1}}, @common=@hl={{0x28}, {0xe886935d41b2f60, 0x8}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:syslogd_initrc_exec_t:s0\x00'}}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x4, 0x8, 0xfffffff9, 0x4ff3, 'pptp\x00', 'syz0\x00', {0x826}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x668) 26.304478553s ago: executing program 4 (id=2030): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000407d1e9c3100000000000109022400010000000009040000010300800009210000000122070009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0) 24.402586323s ago: executing program 4 (id=2068): bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0) 22.729010892s ago: executing program 4 (id=2118): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) 22.719376743s ago: executing program 4 (id=2119): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x200002, &(0x7f0000000340)={[{@noblock_validity}, {@dioread_nolock}, {@noinit_itable}, {@orlov}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2c}, 0x84, 0x452, &(0x7f0000000480)="$eJzs20tvG1UUAOAz46bvklDKow/AUBARj6RJC3TBBgRSN0hIsCjLkKZVqdugJki0qmhAqCxRfwGwROIXsIINAlYgtrBHSBXqhsICDRp7nBrHDnbs1Gn9fdIk986Mfc/xzLXvzLUDGFrl/E8SsTMifomI0YgoNe9Qrv27cf3S7F/XL80mkWWv/5HkD4s/r1+are+aFP93FJXxNCL9KIn9LdpduHDxzEylMne+qE8unn1ncuHCxWdOn505NXdq7tz00aNHDk89/9z0s33Jc1ce67735w/sPfbm1Vdnj1996/sv83h3Ftsb86gZ67nNcpSXX5Nmj/f87BvLroZysmmAgdCVvK/nh2uk2v9HoxQ3D95ovPLhQIMD1lWWZdmWFWuXRwBLGXAHS2LQEQCDUf+gz69/68stHH4M3LUXaxdAed43iqW2ZVOkxT4jTde3/VSOiONLf3+aL9HyPgQAQH99nY9/nm41/kvjvob97irmhsYi4u6I2B0R90TEnoi4N6K67/0R8UCX7Zeb6ivHPz9tW1NiHcrHfy8Uc1v/Hf/VR38xVipqu6r5jyQnT1fmDhWvyXiMbMnrU6u08c3LP3/Sblvj+C9f8vbrY8Eijt83Nd2gOzGzONNLzo2ufVC9B3h5Zf7J8kxAEhF7I2LfGp5/a0ScfvKLA+22/3/+q+jDPFP2ecQTteO/FE351yWrz09Obo3K3KHJ+lmx0g8/XnmtXfs95d8H+fHf3vL8X85/LGmcr13ovo0rv37c9ppmref/5uSNanlzse69mcXF81MRm5Olleunbz62Xq/vn+c/frB1/98d8c9nxeP2R0R+Ej8YEQ9FxMNF7I9ExKMRcXCV/L976bG3157/+srzP9HV8e++UDrz7Vft2u/s+B+plsaLNZ28/3UaYC+vHQAAANwu0up34JN0YrmcphMTte/w74ntaWV+YfGpk/PvnjtR+678WIyk9Ttdow33Q6eKe8P1+nRT/XD1vnGWZdm2an1idr6yXnPqQGd2tOn/ud9Kg44OWHddzaO1+0UbcFvye00YXvo/DC/9H4aX/g/Dq1X/vxxxYwChALeYz38YXvo/DC/9H4aX/g9DqZff9a9W2H1svZ75TiuUNkYYXRci3RBhrK2QbowwaoUtEdHpzpfjVgU26HcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg3AAD//zLQ7Dk=") bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x20, &(0x7f0000000140)='usrjquota=') 22.588581003s ago: executing program 4 (id=2120): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_VFINFO_LIST={0x8, 0x16, 0x0, 0x1, [{0x4}]}, @IFLA_LINKMODE={0x5, 0x11, 0xc5}]}, 0x30}}, 0x0) 22.374912944s ago: executing program 4 (id=2123): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU") mkdir(&(0x7f0000000140)='./file\x00', 0x0) mkdir(&(0x7f00000000c0)='./file/file0\x00', 0x0) open(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x0) 22.343352215s ago: executing program 37 (id=2123): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU") mkdir(&(0x7f0000000140)='./file\x00', 0x0) mkdir(&(0x7f00000000c0)='./file/file0\x00', 0x0) open(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x0) 1.245543153s ago: executing program 0 (id=2812): openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1e1001, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = dup(r0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 708.887576ms ago: executing program 1 (id=2832): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000f57005"]) 624.294066ms ago: executing program 1 (id=2835): r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x2}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000040)='asymmetric\x00', &(0x7f00000001c0)=@secondary) keyctl$link(0x8, r1, r0) 593.797266ms ago: executing program 1 (id=2846): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x21000000, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xf}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x4}, @TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x12800000}]}}]}, 0x44}}, 0x0) 418.127867ms ago: executing program 0 (id=2837): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x200000f, 0x4031, 0xffffffffffffffff, 0xffffd000) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x9) 417.650317ms ago: executing program 1 (id=2841): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000f20b00000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r1}, 0x10) process_mrelease(0xffffffffffffffff, 0x0) 393.313537ms ago: executing program 1 (id=2844): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000840)=@ipv6_newrule={0x30, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x12}, [@FIB_RULE_POLICY=@FRA_IIFNAME={0x14, 0x3, 'bridge_slave_1\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x6000}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}]}}}]}, 0x5c}}, 0x0) 381.228197ms ago: executing program 7 (id=2845): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f00000036c0)="$eJzs3M9r22UcB/D3utnWzv5Q59wG4oNe9BLWHrzopUgHsoCwrcImCJlNNTQmpQmFiDg9edS/QwQRvAniTS+9+B8I3nrxOEH8SpPZrlrZFGl0vF6XfOD7eT95noQEnpDnu/vSJ+9srPdq641+Jk6cyMRmUm6XlEzkdx/k+Re//e6pq9dvXF6u11eulHJp+driC6WUuae/fv29z575pn/6tS/nvprKzsIbuz8t/bhzduf87q/X3m71SqtXOt1+aZSb3W6/cbPdLGut3katTCVp9Jql1ek1tw5dX293NzcHpdFZm53Z3Gr2eqXRGZSN5qD0u6W/NSiNtxqtTqnVamV2Jvx9p/ar1U9vV1WVVNVDmUxVVdXDmcnpPJLZzGU+C3k0j+XxfHxy1H8uX/zw+WAvAQAAAAAAAAAAAAAAAAAAAPx77u/8/5k8kbN5Mudyftg17lkDAAAAAAAAAAAAAAAAAADAg+Xq9RuXl+v1lSulTCftj7ZXt1dHj8lkkuWJtNJOMxczn18yPP0/MqovvVJfuViGFvJh+9ad/K3t1ZPD8ZfX7+QXh7cTODK/OMqXw/mpzNydX8p8zhydXzoyP53nnr0rX8t8vn8z3bSzlr3sQf79xVJefrX+h/yFYR8AAAA8CGpl35H799pBw8L0oeuj/P7++t6/DxzaX+9lL5wa69JJ0hu8u9Fot5tb4ygWkozv2f93xeR4p/FzVVXjfxHGVPz1J2UqyT8e+USS/8YC/1SM+5uJ43Dwpt+7d+o4JgQAAAAAAAAAAMB9OY6/E457jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAbO3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+CoAAP//A5PQCA==") truncate(&(0x7f0000000040)='./file2\x00', 0x1001bfd) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40047211, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x2401}) 309.492828ms ago: executing program 1 (id=2847): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000020bd28940000000000000109022400010000000009040100010300000009210000000122070009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000009c0)={0x2c, &(0x7f0000000980)={0x0, 0x0, 0x7, {0x7, 0x0, "12279dfa7e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0, 0x0}, 0x0) 283.383458ms ago: executing program 8 (id=2850): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=@newlink={0x34, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0) 228.809188ms ago: executing program 8 (id=2851): munmap(&(0x7f0000001000/0x1000)=nil, 0x1000) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={r1, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000001200)=[{}], 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 197.986818ms ago: executing program 8 (id=2853): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202070250000000000202d437b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='mm_page_alloc\x00', r0}, 0x10) syz_emit_ethernet(0x0, 0x0, 0x0) syz_emit_ethernet(0x82, &(0x7f0000000040)={@link_local, @dev, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8}]}]}}}}}}}, 0x0) 173.696639ms ago: executing program 9 (id=2854): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) iopl(0x3) r0 = inotify_init1(0x800) inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x50007a2) 173.243639ms ago: executing program 8 (id=2855): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x2, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x8001}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 153.069719ms ago: executing program 7 (id=2856): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000f20b00000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r1}, 0x10) process_mrelease(0xffffffffffffffff, 0x0) 152.921468ms ago: executing program 9 (id=2857): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x10001) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x53, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e) 152.614039ms ago: executing program 0 (id=2858): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000390400"/20, @ANYRES32=r1, @ANYBLOB="000000008240040014001680100001800c00040000000080"], 0x3c}}, 0x0) 104.531369ms ago: executing program 8 (id=2859): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) keyctl$set_reqkey_keyring(0xe, 0x3) write$UHID_CREATE2(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) writev(r0, &(0x7f0000000240)=[{&(0x7f00000001c0)='\b\x00\x00\x00', 0x4}, {&(0x7f0000005940), 0x2000000}], 0x2) 104.367569ms ago: executing program 9 (id=2860): r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x3, 0x9}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0xffffffbd, 0x4) sendmmsg(r0, &(0x7f0000002b00)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @mcast1, 0x1}, 0x80, 0x0}, 0x5b4}], 0x1, 0x40884) 104.263609ms ago: executing program 0 (id=2861): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x7}}]}, 0x38}}, 0x0) 103.944229ms ago: executing program 7 (id=2862): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x16c, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xffe0}}, [@TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x104, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0xf0, 0x6, [@m_ife={0x9c, 0xb, 0x0, 0x0, {{0x8}, {0x74, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @broadcast}, @TCA_IFE_DMAC={0xa, 0x3, @remote}, @TCA_IFE_SMAC={0xa, 0x4, @random="03413659759d"}, @TCA_IFE_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, @TCA_IFE_SMAC={0xa, 0x4, @remote}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_PRIO={0x8, 0x3, @val=0x4}]}, @TCA_IFE_DMAC={0xa}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x3e02, 0xee3b, 0x0, 0x7, 0x2}, 0x1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_connmark={0x50, 0x3ffd, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x8000}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}}, @filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_IIF={0x8}]}}, @TCA_CHAIN={0x8, 0xb, 0xfffffffd}, @TCA_RATE={0x6, 0x5, {0x0, 0x40}}, @TCA_RATE={0x6, 0x5, {0x8, 0x6}}]}, 0x16c}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 56.976469ms ago: executing program 0 (id=2863): pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000040)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xa}, 0x1c) close_range(r0, 0xffffffffffffffff, 0x0) 56.763599ms ago: executing program 8 (id=2864): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='task\x00') getdents64(r0, &(0x7f0000000480)=""/4081, 0x103a) poll(0x0, 0x0, 0x80) getdents64(r0, &(0x7f00000001c0)=""/33, 0x21) 56.564169ms ago: executing program 7 (id=2865): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) ustat(0x4, &(0x7f0000000180)) 56.410019ms ago: executing program 9 (id=2866): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0x82, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000200)="68008b7f9cb0507b64ea9d3d03e3", 0xe, 0x0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0xd, 0x6, @random="bf73a9e561c5"}, 0x14) 56.257459ms ago: executing program 9 (id=2867): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=ANY=[@ANYBLOB="640300001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000008000c80040007"], 0x364}}, 0x0) 1.442819ms ago: executing program 7 (id=2868): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="180000006800010000000069cd4600fddbdf2502"], 0x18}, 0x1, 0x0, 0x0, 0x4402}, 0x0) 992.989µs ago: executing program 0 (id=2878): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) timerfd_create(0x0, 0x0) 441.32µs ago: executing program 9 (id=2879): unshare(0x64000600) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_emit_ethernet(0x6e, &(0x7f0000000080)={@random="9de05b7bd0c8", @random="2b89a1b7a248", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x1, 0x0, 0x3, 0x0, 0x0, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, {[@timestamp_addr={0x44, 0x1c, 0x0, 0x1, 0x0, [{@local}, {@empty}, {@loopback}]}, @timestamp_prespec={0x44, 0x14, 0x66, 0x3, 0x0, [{@local, 0x10}, {@multicast2}]}]}}}}}}}, 0x0) 0s ago: executing program 7 (id=2880): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000008b0000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='itimer_state\x00', r1}, 0x10) setitimer(0x2, 0x0, 0x0) kernel console output (not intermixed with test programs): 87493][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 55.803484][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 55.811856][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 55.820064][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 55.830665][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 55.908347][ T2753] loop5: detected capacity change from 0 to 1024 [ 55.914830][ T2753] EXT4-fs: Ignoring removed bh option [ 55.921758][ T315] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 55.930291][ T2753] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a000c118, mo2=0002] [ 55.938534][ T2753] System zones: 0-1, 3-12 [ 55.980947][ T789] usb 5-1: Using ep0 maxpacket: 32 [ 56.049621][ T2764] syzkaller1: tun_chr_ioctl cmd 1074812118 [ 56.062190][ T2770] loop0: detected capacity change from 0 to 256 [ 56.071782][ T2768] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1037'. [ 56.074475][ T2770] FAT-fs (loop0): Directory bread(block 64) failed [ 56.087218][ T2770] FAT-fs (loop0): Directory bread(block 65) failed [ 56.094124][ T2770] FAT-fs (loop0): Directory bread(block 66) failed [ 56.100857][ T2770] FAT-fs (loop0): Directory bread(block 67) failed [ 56.109522][ T2770] FAT-fs (loop0): Directory bread(block 68) failed [ 56.117209][ T2772] serio: Serial port ptm0 [ 56.117207][ T2770] FAT-fs (loop0): Directory bread(block 69) failed [ 56.117256][ T2770] FAT-fs (loop0): Directory bread(block 70) failed [ 56.134338][ T2770] FAT-fs (loop0): Directory bread(block 71) failed [ 56.134420][ T789] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 0, changing to 7 [ 56.140734][ T2770] FAT-fs (loop0): Directory bread(block 72) failed [ 56.151455][ T789] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 56.157734][ T2770] FAT-fs (loop0): Directory bread(block 73) failed [ 56.167093][ T789] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 56.340892][ T315] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 56.350897][ T789] usb 5-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68 [ 56.351058][ T2788] loop0: detected capacity change from 0 to 256 [ 56.359751][ T789] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.359775][ T789] usb 5-1: Product: syz [ 56.377897][ T315] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 56.387249][ T315] usb 3-1: config 1 has no interface number 0 [ 56.393374][ T315] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 56.404315][ T789] usb 5-1: Manufacturer: syz [ 56.408727][ T789] usb 5-1: SerialNumber: syz [ 56.413642][ T315] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 56.422927][ T789] usb 5-1: config 0 descriptor?? [ 56.620918][ T315] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 56.629794][ T315] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.637618][ T315] usb 3-1: Product: syz [ 56.641607][ T315] usb 3-1: Manufacturer: syz [ 56.645996][ T315] usb 3-1: SerialNumber: syz [ 56.688474][ T1791] usb 5-1: USB disconnect, device number 9 [ 57.192962][ T2793] loop6: detected capacity change from 0 to 1024 [ 57.214418][ T2793] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 57.241552][ T2801] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 57.288309][ T2808] loop6: detected capacity change from 0 to 1024 [ 57.295659][ T2808] EXT4-fs: Ignoring removed orlov option [ 57.302992][ T2808] EXT4-fs: Ignoring removed nomblk_io_submit option [ 57.360985][ T315] cdc_ncm 3-1:1.1: failed GET_NTB_PARAMETERS [ 57.367327][ T315] cdc_ncm 3-1:1.1: bind() failure [ 57.373363][ T315] usb 3-1: USB disconnect, device number 6 [ 57.660930][ T530] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 57.900876][ T530] usb 6-1: Using ep0 maxpacket: 8 [ 57.926581][ T2843] loop2: detected capacity change from 0 to 512 [ 57.952843][ T2843] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038 (0x7fffffff) [ 58.020854][ T530] usb 6-1: config 1 interface 0 altsetting 5 bulk endpoint 0x82 has invalid maxpacket 1023 [ 58.030865][ T530] usb 6-1: config 1 interface 0 altsetting 5 bulk endpoint 0x3 has invalid maxpacket 32 [ 58.040473][ T530] usb 6-1: config 1 interface 0 altsetting 5 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 58.053866][ T530] usb 6-1: config 1 interface 0 has no altsetting 0 [ 58.130906][ T789] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 58.209879][ T2861] overlayfs: empty lowerdir [ 58.214306][ T530] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 58.223820][ T530] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.231855][ T530] usb 6-1: Product: syz [ 58.236029][ T530] usb 6-1: Manufacturer: syz [ 58.240505][ T530] usb 6-1: SerialNumber: syz [ 58.260888][ T2792] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 58.267925][ T2792] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 58.331642][ T2870] loop0: detected capacity change from 0 to 4096 [ 58.338030][ T2870] EXT4-fs: Ignoring removed nomblk_io_submit option [ 58.349571][ T2870] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #15: comm syz.0.1077: corrupted inode contents [ 58.361639][ T2870] EXT4-fs error (device loop0): ext4_dirty_inode:6088: inode #15: comm syz.0.1077: mark_inode_dirty error [ 58.373085][ T2870] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #15: comm syz.0.1077: corrupted inode contents [ 58.385038][ T2870] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #15: comm syz.0.1077: mark_inode_dirty error [ 58.396337][ T2870] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #15: comm syz.0.1077: corrupted inode contents [ 58.408110][ T789] usb 5-1: Using ep0 maxpacket: 16 [ 58.408336][ T2870] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #15: comm syz.0.1077: mark_inode_dirty error [ 58.424467][ T2870] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #15: comm syz.0.1077: corrupted inode contents [ 58.436438][ T2870] EXT4-fs error (device loop0): ext4_truncate:4313: inode #15: comm syz.0.1077: mark_inode_dirty error [ 58.447622][ T2870] EXT4-fs error (device loop0) in ext4_setattr:5627: Corrupt filesystem [ 58.456731][ T2872] EXT4-fs error (device loop0): ext4_do_update_inode:5226: inode #15: comm syz.0.1077: corrupted inode contents [ 58.541062][ T789] usb 5-1: config 0 has an invalid interface number: 105 but max is 0 [ 58.549160][ T789] usb 5-1: config 0 has an invalid descriptor of length 32, skipping remainder of the config [ 58.560863][ T789] usb 5-1: config 0 has no interface number 0 [ 58.570360][ T2881] loop6: detected capacity change from 0 to 512 [ 58.580875][ T530] cdc_ether: probe of 6-1:1.0 failed with error -71 [ 58.582704][ T2881] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038 (0x7fffffff) [ 58.588550][ T530] usb 6-1: USB disconnect, device number 3 [ 58.671920][ T2887] loop2: detected capacity change from 0 to 512 [ 58.702212][ T2887] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038 (0x7fffffff) [ 58.740943][ T789] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 58.755090][ T789] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.763765][ T789] usb 5-1: Product: syz [ 58.768288][ T789] usb 5-1: Manufacturer: syz [ 58.773271][ T789] usb 5-1: SerialNumber: syz [ 58.778464][ T789] usb 5-1: config 0 descriptor?? [ 58.876078][ T2895] loop0: detected capacity change from 0 to 40427 [ 58.883433][ T2895] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 58.891764][ T2895] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 58.900642][ T2895] F2FS-fs (loop0): invalid crc value [ 58.907158][ T2895] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669) [ 58.932222][ T2895] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 58.939349][ T2895] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 58.980807][ T315] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 59.070939][ T789] usb 5-1: Found UVC 0.00 device syz (046d:08f3) [ 59.077243][ T789] usb 5-1: No valid video chain found. [ 59.083824][ T789] usb 5-1: USB disconnect, device number 10 [ 59.500993][ T315] usb 7-1: New USB device found, idVendor=0f19, idProduct=0105, bcdDevice= 1.00 [ 59.509877][ T315] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 59.517781][ T315] usb 7-1: Product: syz [ 59.521771][ T315] usb 7-1: Manufacturer: syz [ 59.526184][ T315] usb 7-1: SerialNumber: syz [ 59.531867][ T315] usb 7-1: config 0 descriptor?? [ 59.554709][ T2915] loop5: detected capacity change from 0 to 512 [ 59.562193][ T2915] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 59.571371][ T315] usb-storage 7-1:0.0: USB Mass Storage device detected [ 59.580362][ T2915] EXT4-fs (loop5): invalid journal inode [ 59.581434][ T315] usb-storage 7-1:0.0: Quirks match for vid 0f19 pid 0105: 20 [ 59.593396][ T2915] EXT4-fs (loop5): can't get journal size [ 59.610220][ T2915] EXT4-fs (loop5): 1 truncate cleaned up [ 59.610280][ T2918] loop4: detected capacity change from 0 to 4096 [ 59.622370][ T2918] EXT4-fs: Ignoring removed nomblk_io_submit option [ 59.639171][ T2918] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #15: comm syz.4.1093: corrupted inode contents [ 59.658631][ T2918] EXT4-fs error (device loop4): ext4_dirty_inode:6088: inode #15: comm syz.4.1093: mark_inode_dirty error [ 59.670872][ T2918] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #15: comm syz.4.1093: corrupted inode contents [ 59.682829][ T2918] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #15: comm syz.4.1093: mark_inode_dirty error [ 59.683940][ T2925] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 59.695428][ T2918] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #15: comm syz.4.1093: corrupted inode contents [ 59.722141][ T2918] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #15: comm syz.4.1093: mark_inode_dirty error [ 59.733435][ T2918] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #15: comm syz.4.1093: corrupted inode contents [ 59.745593][ T2918] EXT4-fs error (device loop4): ext4_truncate:4313: inode #15: comm syz.4.1093: mark_inode_dirty error [ 59.758864][ T2918] EXT4-fs error (device loop4) in ext4_setattr:5627: Corrupt filesystem [ 59.779361][ T1791] usb 7-1: USB disconnect, device number 2 [ 59.791186][ T2928] EXT4-fs error (device loop4): ext4_do_update_inode:5226: inode #15: comm syz.4.1093: corrupted inode contents [ 59.792921][ T2930] loop5: detected capacity change from 0 to 512 [ 59.841078][ T2930] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038 (0x7fffffff) [ 59.883157][ T2945] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.890537][ T2945] device bridge_slave_0 left promiscuous mode [ 59.896633][ T2945] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.903906][ T2945] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 60.057026][ T2956] loop4: detected capacity change from 0 to 512 [ 60.063976][ T2956] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 60.073171][ T2956] EXT4-fs (loop4): invalid journal inode [ 60.078664][ T2956] EXT4-fs (loop4): can't get journal size [ 60.085851][ T2956] EXT4-fs (loop4): 1 truncate cleaned up [ 60.100854][ T849] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 60.140834][ T24] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 60.305015][ T2970] loop4: detected capacity change from 0 to 512 [ 60.326318][ T2974] loop6: detected capacity change from 0 to 4096 [ 60.333086][ T2974] EXT4-fs: Ignoring removed nomblk_io_submit option [ 60.345879][ T2974] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #15: comm syz.6.1116: corrupted inode contents [ 60.351840][ T2973] loop5: detected capacity change from 0 to 8192 [ 60.359215][ T2970] ext4 filesystem being mounted at /212/file0 supports timestamps until 2038 (0x7fffffff) [ 60.364698][ T2974] EXT4-fs error (device loop6): ext4_dirty_inode:6088: inode #15: comm syz.6.1116: mark_inode_dirty error [ 60.389469][ T2974] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #15: comm syz.6.1116: corrupted inode contents [ 60.402820][ T2974] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #15: comm syz.6.1116: mark_inode_dirty error [ 60.420396][ T2974] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #15: comm syz.6.1116: corrupted inode contents [ 60.432626][ T2974] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #15: comm syz.6.1116: mark_inode_dirty error [ 60.444438][ T2974] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #15: comm syz.6.1116: corrupted inode contents [ 60.456754][ T2974] EXT4-fs error (device loop6): ext4_truncate:4313: inode #15: comm syz.6.1116: mark_inode_dirty error [ 60.468441][ T2974] EXT4-fs error (device loop6) in ext4_setattr:5627: Corrupt filesystem [ 60.477714][ T2978] EXT4-fs error (device loop6): ext4_do_update_inode:5226: inode #15: comm syz.6.1116: corrupted inode contents [ 60.495281][ T849] usb 1-1: config 20 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 60.516264][ T849] usb 1-1: config 20 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.531805][ T849] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 60.541630][ T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 60.551613][ T849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.559833][ T24] usb 3-1: config 0 has no interfaces? [ 60.592290][ T2987] SELinux: Context Ü is not valid (left unmapped). [ 60.637390][ T2991] loop5: detected capacity change from 0 to 512 [ 60.654504][ T2991] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 60.665004][ T2991] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 60.674614][ T2991] EXT4-fs error (device loop5): ext4_acquire_dquot:6787: comm syz.5.1123: Failed to acquire dquot type 0 [ 60.686360][ T2991] EXT4-fs (loop5): Remounting filesystem read-only [ 60.692882][ T2991] EXT4-fs (loop5): 1 orphan inode deleted [ 60.698579][ T2991] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038 (0x7fffffff) [ 60.714879][ T2991] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0 [ 60.725369][ T2991] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0 [ 60.725392][ T2991] EXT4-fs error (device loop5): ext4_acquire_dquot:6787: comm syz.5.1123: Failed to acquire dquot type 0 [ 60.725604][ T2991] EXT4-fs (loop5): Remounting filesystem read-only [ 60.747161][ T24] usb 3-1: New USB device found, idVendor=0c45, idProduct=608f, bcdDevice=b5.55 [ 60.747193][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.747213][ T24] usb 3-1: Product: syz [ 60.747225][ T24] usb 3-1: Manufacturer: syz [ 60.747239][ T24] usb 3-1: SerialNumber: syz [ 60.747923][ T24] usb 3-1: config 0 descriptor?? [ 60.769571][ T3006] loop4: detected capacity change from 0 to 256 [ 60.802460][ T3006] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 60.828417][ T3011] loop4: detected capacity change from 0 to 16 [ 60.834838][ T3011] erofs: (device loop4): EXPERIMENTAL compressed fragments feature in use. Use at your own risk! [ 60.845264][ T3011] erofs: (device loop4): EXPERIMENTAL global deduplication feature in use. Use at your own risk! [ 60.856195][ T3011] erofs: (device loop4): mounted with root inode @ nid 36. [ 60.864284][ T3011] syz.4.1133: attempt to access beyond end of device [ 60.864284][ T3011] loop4: rw=0, sector=131157, nr_sectors = 1 limit=16 [ 60.993809][ T314] usb 3-1: USB disconnect, device number 7 [ 61.020859][ T789] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 61.051636][ T849] hid-thrustmaster 0003:044F:B65D.0008: unknown main item tag 0x0 [ 61.060089][ T849] hid-thrustmaster 0003:044F:B65D.0008: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.0-1/input0 [ 61.072034][ T849] hid-thrustmaster 0003:044F:B65D.0008: Wrong number of endpoints? [ 61.080857][ T1791] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 61.270865][ C1] hid-thrustmaster 0003:044F:B65D.0008: Unknown packet type 0x0, unable to proceed further with wheel init [ 61.321051][ T1791] usb 7-1: Using ep0 maxpacket: 16 [ 61.440963][ T1791] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 61.482947][ T849] usb 1-1: USB disconnect, device number 7 [ 61.560947][ T789] usb 6-1: New USB device found, idVendor=0f19, idProduct=0105, bcdDevice= 1.00 [ 61.569904][ T789] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 61.577960][ T789] usb 6-1: Product: syz [ 61.582238][ T789] usb 6-1: Manufacturer: syz [ 61.586802][ T789] usb 6-1: SerialNumber: syz [ 61.592289][ T789] usb 6-1: config 0 descriptor?? [ 61.601200][ T3021] loop2: detected capacity change from 0 to 2048 [ 61.607546][ T3021] EXT4-fs: Ignoring removed nobh option [ 61.630948][ T1791] usb 7-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 61.640356][ T789] usb-storage 6-1:0.0: USB Mass Storage device detected [ 61.647606][ T1791] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 61.657612][ T1791] usb 7-1: Product: syz [ 61.658729][ T3021] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, [ 61.661640][ T1791] usb 7-1: Manufacturer: syz [ 61.661658][ T1791] usb 7-1: SerialNumber: syz [ 61.662052][ T789] usb-storage 6-1:0.0: Quirks match for vid 0f19 pid 0105: 20 [ 61.669663][ T3021] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 61.674981][ T1791] usb 7-1: config 0 descriptor?? [ 61.679603][ T3021] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 1 with error 28 [ 61.712441][ T3021] EXT4-fs (loop2): This should not happen!! Data will be lost [ 61.712441][ T3021] [ 61.722364][ T3021] EXT4-fs (loop2): Total free blocks count 0 [ 61.728681][ T3021] EXT4-fs (loop2): Free/Dirty block details [ 61.734489][ T3021] EXT4-fs (loop2): free_blocks=2415919104 [ 61.740222][ T3021] EXT4-fs (loop2): dirty_blocks=16 [ 61.745251][ T3021] EXT4-fs (loop2): Block reservation details [ 61.751409][ T3021] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 61.837789][ T789] usb 6-1: USB disconnect, device number 4 [ 62.050843][ T849] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 62.262170][ T1791] usb 7-1: Found UVC 0.00 device syz (045e:0721) [ 62.268379][ T1791] usb 7-1: No valid video chain found. [ 62.274345][ T1791] usb 7-1: USB disconnect, device number 3 [ 62.290805][ T849] usb 3-1: Using ep0 maxpacket: 32 [ 62.361241][ T3039] loop0: detected capacity change from 0 to 512 [ 62.381131][ T3039] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 62.410855][ T849] usb 3-1: config index 0 descriptor too short (expected 164, got 36) [ 62.419108][ T849] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 62.419201][ T3039] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002] [ 62.438005][ T849] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 62.456463][ T849] usb 3-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 62.467645][ T3039] System zones: 1-12 [ 62.476974][ T3039] EXT4-fs (loop0): 1 truncate cleaned up [ 62.484691][ T849] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.508150][ T849] usb 3-1: config 0 descriptor?? [ 62.523820][ T290] EXT4-fs error (device loop0): mb_free_blocks:1815: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt. [ 62.774328][ T3056] loop6: detected capacity change from 0 to 1024 [ 62.854574][ T3052] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 62.869415][ T3052] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 62.881580][ T3052] EXT4-fs (loop6): This should not happen!! Data will be lost [ 62.881580][ T3052] [ 62.891009][ T3052] EXT4-fs (loop6): Total free blocks count 0 [ 62.896912][ T3052] EXT4-fs (loop6): Free/Dirty block details [ 62.902606][ T3052] EXT4-fs (loop6): free_blocks=68451041280 [ 62.908241][ T3052] EXT4-fs (loop6): dirty_blocks=32 [ 62.913204][ T3052] EXT4-fs (loop6): Block reservation details [ 62.918983][ T3052] EXT4-fs (loop6): i_reserved_data_blocks=2 [ 62.959463][ T3071] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1155'. [ 62.972527][ T849] logitech 0003:046D:C29C.0009: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.2-1/input0 [ 63.070627][ T3081] loop6: detected capacity change from 0 to 2048 [ 63.085920][ T3081] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 63.200854][ T789] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 63.220903][ T1791] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 63.410895][ T849] logitech 0003:046D:C29C.0009: no inputs found [ 63.418142][ T849] usb 3-1: USB disconnect, device number 8 [ 63.440994][ T789] usb 1-1: Using ep0 maxpacket: 16 [ 63.560970][ T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.571705][ T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 63.581336][ T1791] usb 5-1: config 20 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.592195][ T1791] usb 5-1: config 20 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 63.601986][ T1791] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 63.610934][ T1791] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.671166][ T315] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 63.710967][ T789] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 63.719908][ T789] usb 1-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 63.728209][ T789] usb 1-1: Product: syz [ 63.732264][ T789] usb 1-1: Manufacturer: syz [ 63.737163][ T789] usb 1-1: config 0 descriptor?? [ 63.902700][ T3112] loop2: detected capacity change from 0 to 512 [ 63.909082][ T3112] EXT4-fs: Ignoring removed orlov option [ 63.920815][ T315] usb 6-1: Using ep0 maxpacket: 8 [ 63.927521][ T3112] EXT4-fs mount: 68 callbacks suppressed [ 63.927538][ T3112] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 63.942127][ T3112] ext4 filesystem being mounted at /212/bus supports timestamps until 2038 (0x7fffffff) [ 63.962952][ T291] EXT4-fs (loop2): unmounting filesystem. [ 64.063338][ T3114] loop6: detected capacity change from 0 to 40427 [ 64.071050][ T3114] F2FS-fs (loop6): invalid crc value [ 64.077496][ T3114] F2FS-fs (loop6): Found nat_bits in checkpoint [ 64.084684][ T1791] hid-thrustmaster 0003:044F:B65D.000A: unknown main item tag 0x0 [ 64.092401][ T315] usb 6-1: unable to get BOS descriptor or descriptor too short [ 64.100602][ T1791] hid-thrustmaster 0003:044F:B65D.000A: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.4-1/input0 [ 64.112655][ T1791] hid-thrustmaster 0003:044F:B65D.000A: Wrong number of endpoints? [ 64.125799][ T3114] F2FS-fs (loop6): Start checkpoint disabled! [ 64.132549][ T3114] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 64.165389][ T328] kworker/u4:4: attempt to access beyond end of device [ 64.165389][ T328] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 64.201338][ T315] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 64.211528][ T315] usb 6-1: config 0 has no interfaces? [ 64.231880][ T789] kovaplus 0003:1E7D:2D50.000B: unknown main item tag 0x0 [ 64.238857][ T789] kovaplus 0003:1E7D:2D50.000B: unknown main item tag 0x0 [ 64.246504][ T789] kovaplus 0003:1E7D:2D50.000B: hidraw1: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.0-1/input0 [ 64.290841][ C0] hid-thrustmaster 0003:044F:B65D.000A: Unknown packet type 0x0, unable to proceed further with wheel init [ 64.331502][ T28] audit: type=1326 audit(1731961067.692:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3129 comm="syz.6.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15add7e719 code=0x7ffc0000 [ 64.356012][ T28] audit: type=1326 audit(1731961067.692:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3129 comm="syz.6.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15add7e719 code=0x7ffc0000 [ 64.362609][ T3133] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1180'. [ 64.379802][ T28] audit: type=1326 audit(1731961067.692:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3129 comm="syz.6.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f15add7e719 code=0x7ffc0000 [ 64.411977][ T28] audit: type=1326 audit(1731961067.692:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3129 comm="syz.6.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15add7e719 code=0x7ffc0000 [ 64.435565][ T315] usb 6-1: New USB device found, idVendor=0557, idProduct=2022, bcdDevice=81.ae [ 64.435914][ T28] audit: type=1326 audit(1731961067.692:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3129 comm="syz.6.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f15add1a099 code=0x7ffc0000 [ 64.467645][ T315] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.468282][ T28] audit: type=1326 audit(1731961067.692:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3129 comm="syz.6.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f15add7e719 code=0x7ffc0000 [ 64.475684][ T315] usb 6-1: Product: syz [ 64.502990][ T315] usb 6-1: Manufacturer: syz [ 64.507461][ T315] usb 6-1: SerialNumber: syz [ 64.512813][ T315] usb 6-1: config 0 descriptor?? [ 64.517787][ T301] usb 5-1: USB disconnect, device number 11 [ 64.680862][ T789] kovaplus 0003:1E7D:2D50.000B: couldn't init struct kovaplus_device [ 64.688880][ T789] kovaplus 0003:1E7D:2D50.000B: couldn't install mouse [ 64.696179][ T789] kovaplus: probe of 0003:1E7D:2D50.000B failed with error -71 [ 64.705163][ T789] usb 1-1: USB disconnect, device number 8 [ 64.769220][ T301] usb 6-1: USB disconnect, device number 5 [ 65.054270][ T3152] loop2: detected capacity change from 0 to 512 [ 65.099393][ T3152] EXT4-fs error (device loop2): ext4_acquire_dquot:6787: comm syz.2.1189: Failed to acquire dquot type 0 [ 65.131148][ T3152] EXT4-fs (loop2): Remounting filesystem read-only [ 65.137552][ T3152] EXT4-fs (loop2): 1 orphan inode deleted [ 65.160794][ T3152] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 65.171600][ T3152] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038 (0x7fffffff) [ 65.198063][ T3166] loop0: detected capacity change from 0 to 1024 [ 65.204765][ T3152] EXT4-fs error (device loop2): ext4_acquire_dquot:6787: comm syz.2.1189: Failed to acquire dquot type 0 [ 65.207328][ T3164] loop4: detected capacity change from 0 to 2048 [ 65.222487][ T3152] EXT4-fs (loop2): Remounting filesystem read-only [ 65.238176][ T291] EXT4-fs (loop2): unmounting filesystem. [ 65.261867][ T3164] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 65.303212][ T3164] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1193: bg 0: block 234: padding at end of block bitmap is not set [ 65.380980][ T3164] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 25 with max blocks 1 with error 117 [ 65.402173][ T3164] EXT4-fs (loop4): This should not happen!! Data will be lost [ 65.402173][ T3164] [ 65.440990][ T294] EXT4-fs (loop4): unmounting filesystem. [ 65.459873][ T3164] syz.4.1193 (3164) used greatest stack depth: 20264 bytes left [ 65.492409][ T3189] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 65.542847][ T3195] loop0: detected capacity change from 0 to 512 [ 65.549146][ T3195] EXT4-fs: Ignoring removed orlov option [ 65.610146][ T3195] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 65.618228][ T3177] loop5: detected capacity change from 0 to 40427 [ 65.625852][ T3195] ext4 filesystem being mounted at /269/bus supports timestamps until 2038 (0x7fffffff) [ 65.662715][ T3177] F2FS-fs (loop5): Found nat_bits in checkpoint [ 65.669906][ T290] EXT4-fs (loop0): unmounting filesystem. [ 65.700725][ T3208] tun0: tun_chr_ioctl cmd 1074812117 [ 65.721475][ T3177] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 65.771245][ T1788] syz-executor: attempt to access beyond end of device [ 65.771245][ T1788] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 65.820867][ T301] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 65.874329][ T3219] loop0: detected capacity change from 0 to 1024 [ 65.876713][ T3147] loop6: detected capacity change from 0 to 131072 [ 65.887564][ T3147] F2FS-fs (loop6): Test dummy encryption mode enabled [ 65.895269][ T3147] F2FS-fs (loop6): invalid crc value [ 65.902177][ T3147] F2FS-fs (loop6): Found nat_bits in checkpoint [ 65.915152][ T3225] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1214'. [ 65.925359][ T3219] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 65.961553][ T290] EXT4-fs (loop0): unmounting filesystem. [ 65.969889][ T3233] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1220'. [ 65.974618][ T3147] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 66.039406][ T3244] loop0: detected capacity change from 0 to 512 [ 66.046125][ T3244] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 66.058426][ T3244] EXT4-fs (loop0): 1 truncate cleaned up [ 66.063937][ T3244] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 66.080978][ T301] usb 5-1: Using ep0 maxpacket: 16 [ 66.081626][ T290] EXT4-fs (loop0): unmounting filesystem. [ 66.098564][ T3247] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 66.136522][ T28] kauditd_printk_skb: 5 callbacks suppressed [ 66.136540][ T28] audit: type=1400 audit(1731961069.492:483): avc: denied { append } for pid=3251 comm="syz.5.1229" name="loop2" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 66.230906][ T301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 66.242089][ T301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 66.269409][ T3262] loop5: detected capacity change from 0 to 512 [ 66.282937][ T3262] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 66.292007][ T3262] ext4 filesystem being mounted at /110/bus supports timestamps until 2038 (0x7fffffff) [ 66.305282][ T28] audit: type=1400 audit(1731961069.662:484): avc: denied { bind } for pid=3261 comm="syz.5.1233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 66.325708][ T28] audit: type=1400 audit(1731961069.662:485): avc: denied { name_bind } for pid=3261 comm="syz.5.1233" src=625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 66.326149][ T1788] EXT4-fs (loop5): unmounting filesystem. [ 66.352685][ T28] audit: type=1400 audit(1731961069.662:486): avc: denied { node_bind } for pid=3261 comm="syz.5.1233" saddr=2c69:6e6f:6465:5f72:6561:6461:6865:6164 src=625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 66.390933][ T301] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 66.399947][ T301] usb 5-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 66.408401][ T301] usb 5-1: Product: syz [ 66.412480][ T301] usb 5-1: Manufacturer: syz [ 66.417523][ T301] usb 5-1: config 0 descriptor?? [ 66.431688][ T3283] loop5: detected capacity change from 0 to 512 [ 66.438394][ T3283] EXT4-fs (loop5): can't mount with both data=journal and delalloc [ 66.556634][ T3297] loop6: detected capacity change from 0 to 512 [ 66.563136][ T3297] EXT4-fs: Ignoring removed orlov option [ 66.574573][ T3301] loop5: detected capacity change from 0 to 1024 [ 66.590125][ T3303] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1251'. [ 66.600878][ T3301] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 66.613867][ T28] audit: type=1400 audit(1731961069.972:487): avc: denied { watch } for pid=3300 comm="syz.5.1249" path="/115/file1/file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 66.614340][ T3297] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 66.645816][ T3297] ext4 filesystem being mounted at /56/bus supports timestamps until 2038 (0x7fffffff) [ 66.666059][ T1788] EXT4-fs (loop5): unmounting filesystem. [ 66.675022][ T3311] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1254'. [ 66.692012][ T2679] EXT4-fs (loop6): unmounting filesystem. [ 66.749946][ T3328] loop6: detected capacity change from 0 to 512 [ 66.759039][ T3328] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 66.767458][ T3328] EXT4-fs (loop6): 1 truncate cleaned up [ 66.773205][ T3328] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 66.785393][ T3333] loop5: detected capacity change from 0 to 16 [ 66.793289][ T3333] erofs: (device loop5): mounted with root inode @ nid 36. [ 66.801318][ T2679] EXT4-fs (loop6): unmounting filesystem. [ 66.866796][ T28] audit: type=1400 audit(1731961070.222:488): avc: denied { mount } for pid=3348 comm="syz.6.1271" name="/" dev="configfs" ino=12865 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 66.901798][ T301] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x0 [ 66.908791][ T301] kovaplus 0003:1E7D:2D50.000C: unknown main item tag 0x0 [ 66.931659][ T301] kovaplus 0003:1E7D:2D50.000C: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.4-1/input0 [ 67.218929][ T3359] loop6: detected capacity change from 0 to 40427 [ 67.227176][ T3359] F2FS-fs (loop6): invalid crc value [ 67.233591][ T3359] F2FS-fs (loop6): Found nat_bits in checkpoint [ 67.259490][ T3386] loop5: detected capacity change from 0 to 512 [ 67.283780][ T3359] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 67.304575][ T3386] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 67.318579][ T3386] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038 (0x7fffffff) [ 67.328478][ T301] kovaplus 0003:1E7D:2D50.000C: couldn't init struct kovaplus_device [ 67.338642][ T301] kovaplus 0003:1E7D:2D50.000C: couldn't install mouse [ 67.348813][ T2679] syz-executor: attempt to access beyond end of device [ 67.348813][ T2679] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 67.364529][ T301] kovaplus: probe of 0003:1E7D:2D50.000C failed with error -71 [ 67.381137][ T301] usb 5-1: USB disconnect, device number 12 [ 67.390119][ T1788] EXT4-fs (loop5): unmounting filesystem. [ 67.730079][ T3407] usb usb8: usbfs: process 3407 (syz.6.1295) did not claim interface 0 before use [ 68.243395][ T3418] loop4: detected capacity change from 0 to 40427 [ 68.294684][ T3418] F2FS-fs (loop4): Found nat_bits in checkpoint [ 68.355559][ T28] audit: type=1400 audit(1731961071.712:489): avc: denied { mounton } for pid=3432 comm="syz.2.1305" path="/251/file0" dev="tmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 68.423189][ T3418] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 68.475845][ T294] syz-executor: attempt to access beyond end of device [ 68.475845][ T294] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 68.632962][ T28] audit: type=1400 audit(1731961071.992:490): avc: denied { bind } for pid=3439 comm="syz.6.1308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 68.666056][ T3442] bridge0: port 3(syz_tun) entered blocking state [ 68.678788][ T3442] bridge0: port 3(syz_tun) entered disabled state [ 68.693208][ T3442] device syz_tun entered promiscuous mode [ 68.721985][ T3442] bridge0: port 3(syz_tun) entered blocking state [ 68.728487][ T3442] bridge0: port 3(syz_tun) entered forwarding state [ 68.763305][ T3447] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 68.827058][ T3452] loop4: detected capacity change from 0 to 2048 [ 68.847554][ T3453] loop0: detected capacity change from 0 to 2048 [ 68.879002][ T3452] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 68.890625][ T3453] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 68.894347][ T3452] EXT4-fs error (device loop4): ext4_ext_precache:627: inode #2: comm syz.4.1312: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 68.923386][ T3453] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1313: bg 0: block 234: padding at end of block bitmap is not set [ 68.978570][ T3453] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 117 [ 69.024727][ T3453] EXT4-fs (loop0): This should not happen!! Data will be lost [ 69.024727][ T3453] [ 69.044882][ T294] EXT4-fs (loop4): unmounting filesystem. [ 69.093808][ T290] EXT4-fs (loop0): unmounting filesystem. [ 69.134172][ T3468] loop4: detected capacity change from 0 to 512 [ 69.146391][ T3468] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 69.164301][ T3468] EXT4-fs (loop4): 1 truncate cleaned up [ 69.171715][ T3468] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 69.203007][ T294] EXT4-fs (loop4): unmounting filesystem. [ 69.369642][ T3478] loop4: detected capacity change from 0 to 128 [ 69.421551][ T3478] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 69.450247][ T3478] ext4 filesystem being mounted at /245/mnt supports timestamps until 2038 (0x7fffffff) [ 69.532444][ T3478] fscrypt (loop4, inode 12): Direct key flag not allowed with different contents and filenames modes [ 69.616227][ T294] EXT4-fs (loop4): unmounting filesystem. [ 69.655567][ T3471] loop0: detected capacity change from 0 to 40427 [ 69.675416][ T3471] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 69.710933][ T3471] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 69.729732][ T3471] F2FS-fs (loop0): invalid crc value [ 69.751912][ T3471] F2FS-fs (loop0): Found nat_bits in checkpoint [ 69.860564][ T3471] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 69.870338][ T3471] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 69.898494][ T28] audit: type=1400 audit(1731961073.252:491): avc: denied { map } for pid=3470 comm="syz.0.1318" path="/289/bus/cpu.stat" dev="loop0" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 69.940954][ T290] syz-executor: attempt to access beyond end of device [ 69.940954][ T290] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 70.110796][ T315] usb 3-1: new full-speed USB device number 9 using dummy_hcd [ 70.268497][ T3516] syz.0.1332 (3516) used greatest stack depth: 19792 bytes left [ 70.500873][ T315] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 70.517210][ T315] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 70.533777][ T315] usb 3-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 70.546731][ T315] usb 3-1: config 0 interface 0 has no altsetting 0 [ 70.553572][ T3532] loop5: detected capacity change from 0 to 128 [ 70.559842][ T315] usb 3-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 70.570247][ T315] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.579218][ T315] usb 3-1: config 0 descriptor?? [ 70.586672][ T3532] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 70.600959][ T3532] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038 (0x7fffffff) [ 70.622712][ T28] audit: type=1400 audit(1731961073.982:492): avc: denied { lock } for pid=3531 comm="syz.5.1344" path="/128/file0/file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 70.648217][ T1788] EXT4-fs (loop5): unmounting filesystem. [ 71.063206][ T3550] loop4: detected capacity change from 0 to 1024 [ 71.070360][ T3550] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 71.081751][ T315] cherry 0003:046A:0027.000D: unexpected long global item [ 71.088889][ T315] cherry: probe of 0003:046A:0027.000D failed with error -22 [ 71.106947][ T3550] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 71.134762][ T294] EXT4-fs (loop4): unmounting filesystem. [ 71.282790][ T315] usb 3-1: USB disconnect, device number 9 [ 71.367198][ T3575] loop4: detected capacity change from 0 to 256 [ 71.383180][ T3575] FAT-fs (loop4): Directory bread(block 64) failed [ 71.387443][ T3554] loop6: detected capacity change from 0 to 40427 [ 71.390068][ T3575] FAT-fs (loop4): Directory bread(block 65) failed [ 71.402895][ T3575] FAT-fs (loop4): Directory bread(block 66) failed [ 71.409238][ T3575] FAT-fs (loop4): Directory bread(block 67) failed [ 71.415955][ T3575] FAT-fs (loop4): Directory bread(block 68) failed [ 71.422482][ T3554] F2FS-fs (loop6): invalid crc value [ 71.422959][ T3575] FAT-fs (loop4): Directory bread(block 69) failed [ 71.434577][ T3575] FAT-fs (loop4): Directory bread(block 70) failed [ 71.435811][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 71.435826][ T28] audit: type=1400 audit(1731961074.792:494): avc: denied { shutdown } for pid=3578 comm="syz.0.1365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 71.441006][ T3575] FAT-fs (loop4): Directory bread(block 71) failed [ 71.471860][ T3554] F2FS-fs (loop6): Found nat_bits in checkpoint [ 71.500856][ T3575] FAT-fs (loop4): Directory bread(block 72) failed [ 71.507209][ T3575] FAT-fs (loop4): Directory bread(block 73) failed [ 71.530830][ T3554] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4 [ 71.573573][ T28] audit: type=1400 audit(1731961074.932:495): avc: denied { rename } for pid=3553 comm="syz.6.1353" name="bus" dev="loop6" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 71.601142][ T2679] syz-executor: attempt to access beyond end of device [ 71.601142][ T2679] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 71.706825][ T3586] loop0: detected capacity change from 0 to 40427 [ 71.736822][ T3586] F2FS-fs (loop0): Found nat_bits in checkpoint [ 71.829592][ T3586] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 71.839259][ T3606] loop6: detected capacity change from 0 to 2048 [ 71.865189][ T3611] tun0: tun_chr_ioctl cmd 35108 [ 71.871275][ T3599] f2fs_ckpt-7:0: attempt to access beyond end of device [ 71.871275][ T3599] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 71.888055][ T3606] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 71.903334][ T3606] EXT4-fs error (device loop6): ext4_ext_precache:627: inode #2: comm syz.6.1369: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 71.936657][ T2679] EXT4-fs (loop6): unmounting filesystem. [ 71.948084][ T3617] loop4: detected capacity change from 0 to 128 [ 71.965049][ T28] audit: type=1400 audit(1731961075.322:496): avc: denied { ioctl } for pid=3618 comm="syz.2.1381" path="socket:[29631]" dev="sockfs" ino=29631 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 71.991452][ T3619] A link change request failed with some changes committed already. Interface veth0_to_bridge may have been left with an inconsistent configuration, please check. [ 72.075174][ T3630] loop6: detected capacity change from 0 to 512 [ 72.101538][ T3630] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 72.110289][ T3630] ext4 filesystem being mounted at /85/bus supports timestamps until 2038 (0x7fffffff) [ 72.143359][ T2679] EXT4-fs (loop6): unmounting filesystem. [ 72.235327][ T3656] usb usb4: usbfs: process 3656 (syz.6.1396) did not claim interface 0 before use [ 72.282536][ T28] audit: type=1400 audit(1731961075.642:497): avc: denied { ioctl } for pid=3665 comm="syz.4.1401" path="socket:[30733]" dev="sockfs" ino=30733 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 72.481905][ T3677] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1405'. [ 72.523657][ T28] audit: type=1400 audit(1731961075.882:498): avc: denied { write } for pid=3684 comm="syz.4.1409" path="socket:[30787]" dev="sockfs" ino=30787 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 72.571201][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 72.580306][ T3689] device veth0_to_team entered promiscuous mode [ 72.582803][ T3691] loop5: detected capacity change from 0 to 2048 [ 72.602525][ T3691] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 72.622122][ T1788] EXT4-fs (loop5): unmounting filesystem. [ 72.639259][ T3698] loop5: detected capacity change from 0 to 128 [ 72.647105][ T3698] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 72.655792][ T3698] ext4 filesystem being mounted at /137/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 72.691268][ T3698] fscrypt (loop5, inode 12): Mutually exclusive encryption flags (0x15) [ 72.704576][ T1788] EXT4-fs (loop5): unmounting filesystem. [ 72.910850][ T849] usb 5-1: new full-speed USB device number 13 using dummy_hcd [ 73.073555][ T28] audit: type=1400 audit(1731961076.432:499): avc: denied { create } for pid=3703 comm="syz.5.1417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 73.108713][ T28] audit: type=1400 audit(1731961076.452:500): avc: denied { setopt } for pid=3703 comm="syz.5.1417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 73.136582][ T28] audit: type=1400 audit(1731961076.492:501): avc: denied { ioctl } for pid=3709 comm="syz.5.1418" path="/dev/usbmon0" dev="devtmpfs" ino=155 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 73.161840][ T28] audit: type=1400 audit(1731961076.492:502): avc: denied { write } for pid=3711 comm="syz.2.1419" name="hwrng" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1 [ 73.280844][ T849] usb 5-1: config 0 has an invalid interface number: 20 but max is 0 [ 73.302859][ T849] usb 5-1: config 0 has no interface number 0 [ 73.317816][ T849] usb 5-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 73.332812][ T3725] loop5: detected capacity change from 0 to 1024 [ 73.346803][ T3725] EXT4-fs: Ignoring removed oldalloc option [ 73.377464][ T3733] loop2: detected capacity change from 0 to 512 [ 73.392235][ T3733] EXT4-fs: Ignoring removed i_version option [ 73.398227][ T3733] EXT4-fs: Ignoring removed nobh option [ 73.404794][ T3733] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 73.411185][ T3725] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 73.425686][ T3733] EXT4-fs (loop2): 1 truncate cleaned up [ 73.434860][ T28] audit: type=1400 audit(1731961076.792:503): avc: denied { watch } for pid=3724 comm="syz.5.1425" path="/141/file1/file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 73.436154][ T3733] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 73.488077][ T1788] EXT4-fs (loop5): unmounting filesystem. [ 73.510878][ T849] usb 5-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 73.524524][ T849] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.540042][ T849] usb 5-1: Product: syz [ 73.548143][ T849] usb 5-1: Manufacturer: syz [ 73.557051][ T849] usb 5-1: SerialNumber: syz [ 73.571029][ T849] usb 5-1: config 0 descriptor?? [ 73.590878][ T3700] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 73.599402][ T3733] EXT4-fs: Can't set or change test_dummy_encryption on remount [ 73.611555][ T849] usb-storage 5-1:0.20: USB Mass Storage device detected [ 73.624648][ T291] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /271/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 73.626567][ T849] usb-storage 5-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 73.661044][ T291] EXT4-fs error (device loop2): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 73.681393][ T291] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /271/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 73.715168][ T291] EXT4-fs error (device loop2): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 73.735635][ T291] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /271/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 73.757379][ T291] EXT4-fs error (device loop2): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 73.777762][ T291] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /271/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 73.799635][ T291] EXT4-fs error (device loop2): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 73.819740][ T291] EXT4-fs error (device loop2): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /271/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 73.842169][ T291] EXT4-fs error (device loop2): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 73.862511][ T849] scsi host1: usb-storage 5-1:0.20 [ 73.870069][ T849] usb 5-1: USB disconnect, device number 13 [ 73.925473][ T1924] EXT4-fs (loop2): unmounting filesystem. [ 73.973539][ T10] tipc: Left network mode [ 74.102573][ T3767] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.109424][ T3767] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.116889][ T3767] device bridge_slave_0 entered promiscuous mode [ 74.123719][ T3767] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.130564][ T3767] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.138015][ T3767] device bridge_slave_1 entered promiscuous mode [ 74.201568][ T3767] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.208434][ T3767] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.215559][ T3767] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.222336][ T3767] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.265092][ T3779] loop0: detected capacity change from 0 to 512 [ 74.274507][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 74.284039][ T325] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.290911][ T24] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 74.298309][ T325] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.306964][ T3779] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1448: invalid indirect mapped block 2185560079 (level 0) [ 74.321407][ T3779] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1448: invalid indirect mapped block 2683928664 (level 1) [ 74.335834][ T3779] EXT4-fs (loop0): 1 truncate cleaned up [ 74.341622][ T3779] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 74.350699][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 74.355995][ T3779] EXT4-fs error (device loop0): __ext4_get_inode_loc:4508: comm syz.0.1448: Invalid inode table block 0 in block_group 0 [ 74.359462][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.377773][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.379288][ T3779] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5884: Corrupt filesystem [ 74.386216][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 74.402094][ T3779] EXT4-fs error (device loop0): ext4_splice_branch:479: inode #18: comm syz.0.1448: mark_inode_dirty error [ 74.405583][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.416023][ T3779] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.1448: bg 0: block 49: invalid block bitmap [ 74.420149][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.432682][ T3779] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6172: Corrupt filesystem [ 74.448646][ T3779] EXT4-fs error (device loop0): __ext4_get_inode_loc:4508: comm syz.0.1448: Invalid inode table block 0 in block_group 0 [ 74.465538][ T3779] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5884: Corrupt filesystem [ 74.475445][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 74.484491][ T3779] EXT4-fs error (device loop0): ext4_truncate:4313: inode #18: comm syz.0.1448: mark_inode_dirty error [ 74.494208][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 74.514130][ T3790] EXT4-fs error (device loop0): __ext4_get_inode_loc:4508: comm syz.0.1448: Invalid inode table block 0 in block_group 0 [ 74.526889][ T3790] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5884: Corrupt filesystem [ 74.538798][ T3793] Zero length message leads to an empty skb [ 74.544737][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 74.561088][ T24] usb 7-1: Using ep0 maxpacket: 16 [ 74.572771][ T290] EXT4-fs (loop0): unmounting filesystem. [ 74.584584][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 74.597575][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 74.606126][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 74.616641][ T3767] device veth0_vlan entered promiscuous mode [ 74.645382][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 74.657730][ T3767] device veth1_macvtap entered promiscuous mode [ 74.681053][ T24] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 74.689984][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 74.700443][ T24] usb 7-1: config 0 has no interface number 0 [ 74.717939][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 74.728437][ T24] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 74.750427][ T24] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 74.780388][ T24] usb 7-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 74.799715][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.815170][ T10] device bridge_slave_1 left promiscuous mode [ 74.824479][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.833735][ T24] usb 7-1: config 0 descriptor?? [ 74.841209][ T10] device bridge_slave_0 left promiscuous mode [ 74.860844][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.878978][ T10] device veth1_macvtap left promiscuous mode [ 74.884857][ T10] device veth0_vlan left promiscuous mode [ 75.268690][ T3806] loop5: detected capacity change from 0 to 40427 [ 75.296303][ T3806] F2FS-fs (loop5): Found nat_bits in checkpoint [ 75.345129][ T3806] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 75.380267][ T1788] syz-executor: attempt to access beyond end of device [ 75.380267][ T1788] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 75.534052][ T24] input: HID 28bd:0071 Pen as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.1/0003:28BD:0071.000E/input/input18 [ 75.562132][ T24] input: HID 28bd:0071 Pad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.1/0003:28BD:0071.000E/input/input19 [ 75.592132][ T24] uclogic 0003:28BD:0071.000E: input,hiddev96,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.6-1/input1 [ 75.623355][ T3816] loop5: detected capacity change from 0 to 2048 [ 75.633220][ T3816] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 75.646342][ T3816] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 75.672683][ T1788] EXT4-fs (loop5): unmounting filesystem. [ 75.738282][ T314] usb 7-1: USB disconnect, device number 4 [ 75.954950][ T3826] loop4: detected capacity change from 0 to 40427 [ 75.961379][ T24] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 75.970532][ T3826] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 75.978498][ T3826] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 75.988422][ T3826] F2FS-fs (loop4): fault_injection options not supported [ 75.998583][ T3826] F2FS-fs (loop4): invalid crc value [ 76.006345][ T3826] F2FS-fs (loop4): Found nat_bits in checkpoint [ 76.054307][ T3826] F2FS-fs (loop4): Start checkpoint disabled! [ 76.061469][ T3826] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 76.068397][ T3826] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 76.114034][ T10] kworker/u4:1: attempt to access beyond end of device [ 76.114034][ T10] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 76.210589][ T3830] loop4: detected capacity change from 0 to 1024 [ 76.217334][ T3830] EXT4-fs: Ignoring removed oldalloc option [ 76.262688][ T3835] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.270391][ T3830] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 76.297214][ T294] EXT4-fs (loop4): unmounting filesystem. [ 76.320839][ T24] usb 6-1: config 0 has an invalid interface number: 20 but max is 0 [ 76.338929][ T24] usb 6-1: config 0 has no interface number 0 [ 76.347551][ T3843] bridge0: port 1(syz_tun) entered blocking state [ 76.348933][ T24] usb 6-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 76.364967][ T3843] bridge0: port 1(syz_tun) entered disabled state [ 76.385914][ T3843] device syz_tun entered promiscuous mode [ 76.402874][ T3843] bridge0: port 1(syz_tun) entered blocking state [ 76.409137][ T3843] bridge0: port 1(syz_tun) entered forwarding state [ 76.442263][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 76.442279][ T28] audit: type=1326 audit(1731961079.802:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3849 comm="syz.4.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab077e719 code=0x7ffc0000 [ 76.471679][ T3848] syz.6.1472[3848] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.471761][ T3848] syz.6.1472[3848] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 76.485072][ T28] audit: type=1326 audit(1731961079.832:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3849 comm="syz.4.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7ab077e719 code=0x7ffc0000 [ 76.488468][ T3850] loop4: detected capacity change from 0 to 512 [ 76.496677][ T28] audit: type=1400 audit(1731961079.842:508): avc: denied { unlink } for pid=84 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 76.548263][ T3850] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 76.568758][ T3850] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 76.583385][ T28] audit: type=1326 audit(1731961079.842:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3849 comm="syz.4.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7ab077e719 code=0x7ffc0000 [ 76.586836][ T3850] System zones: 1-12 [ 76.610825][ T24] usb 6-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 76.611042][ T3850] EXT4-fs (loop4): orphan cleanup on readonly fs [ 76.626214][ T3850] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1473: invalid indirect mapped block 12 (level 1) [ 76.630366][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.639590][ T3850] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1473: invalid indirect mapped block 2 (level 2) [ 76.661044][ T3850] EXT4-fs (loop4): 1 truncate cleaned up [ 76.666522][ T3850] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 76.675583][ T28] audit: type=1326 audit(1731961079.842:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3849 comm="syz.4.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7ab077e753 code=0x7ffc0000 [ 76.687878][ T24] usb 6-1: Product: syz [ 76.698646][ T28] audit: type=1326 audit(1731961079.842:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3849 comm="syz.4.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7ab077d1ff code=0x7ffc0000 [ 76.725814][ T28] audit: type=1326 audit(1731961079.842:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3849 comm="syz.4.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f7ab077e7a7 code=0x7ffc0000 [ 76.733052][ T24] usb 6-1: Manufacturer: syz [ 76.749125][ T28] audit: type=1326 audit(1731961079.842:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3849 comm="syz.4.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7ab077d0b0 code=0x7ffc0000 [ 76.782980][ T294] EXT4-fs (loop4): unmounting filesystem. [ 76.798919][ T24] usb 6-1: SerialNumber: syz [ 76.820344][ T24] usb 6-1: config 0 descriptor?? [ 76.824426][ T28] audit: type=1326 audit(1731961079.842:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3849 comm="syz.4.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7ab077e31b code=0x7ffc0000 [ 76.840935][ T3824] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22 [ 76.880541][ T3866] tun0: tun_chr_ioctl cmd 1074025677 [ 76.881241][ T24] usb-storage 6-1:0.20: USB Mass Storage device detected [ 76.885755][ T28] audit: type=1326 audit(1731961079.882:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3849 comm="syz.4.1473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f7ab077d3aa code=0x7ffc0000 [ 76.915916][ T3866] tun0: linktype set to 1 [ 76.922113][ T24] usb-storage 6-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 77.100875][ T24] scsi host1: usb-storage 6-1:0.20 [ 77.111360][ T24] usb 6-1: USB disconnect, device number 6 [ 77.170654][ T3896] usb usb8: usbfs: process 3896 (syz.0.1493) did not claim interface 4 before use [ 77.175401][ T3867] loop4: detected capacity change from 0 to 40427 [ 77.197951][ T3867] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 77.206034][ T3867] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 77.217948][ T3867] F2FS-fs (loop4): invalid crc value [ 77.224875][ T3867] F2FS-fs (loop4): Found nat_bits in checkpoint [ 77.265611][ T3867] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 77.272817][ T3867] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 77.482803][ T3928] loop4: detected capacity change from 0 to 2048 [ 77.492530][ T3928] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 77.510983][ T294] EXT4-fs (loop4): unmounting filesystem. [ 77.564288][ T3938] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 77.598662][ T3922] loop0: detected capacity change from 0 to 40427 [ 77.605697][ T3922] F2FS-fs (loop0): fault_injection options not supported [ 77.612915][ T3922] F2FS-fs (loop0): heap/no_heap options were deprecated [ 77.619794][ T3922] F2FS-fs (loop0): Image doesn't support compression [ 77.632668][ T3922] F2FS-fs (loop0): invalid crc value [ 77.648492][ T3922] F2FS-fs (loop0): Found nat_bits in checkpoint [ 77.690807][ T24] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 77.698929][ T3922] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 77.722383][ T290] syz-executor: attempt to access beyond end of device [ 77.722383][ T290] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 77.844783][ T3967] binder: 3966:3967 ioctl 400c620e 20000040 returned -22 [ 78.010041][ T3963] loop0: detected capacity change from 0 to 40427 [ 78.019230][ T3963] F2FS-fs (loop0): Found nat_bits in checkpoint [ 78.050943][ T24] usb 7-1: config 1 has an invalid descriptor of length 167, skipping remainder of the config [ 78.065552][ T24] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 78.091693][ T3963] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 78.128655][ T290] syz-executor: attempt to access beyond end of device [ 78.128655][ T290] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 78.160864][ T24] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 78.173044][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 78.181159][ T24] usb 7-1: SerialNumber: syz [ 78.197743][ T3979] loop5: detected capacity change from 0 to 40427 [ 78.208331][ T3979] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504) [ 78.215860][ T3979] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 78.233807][ T3979] F2FS-fs (loop5): invalid crc value [ 78.240083][ T3979] F2FS-fs (loop5): Found nat_bits in checkpoint [ 78.288999][ T3979] F2FS-fs (loop5): Start checkpoint disabled! [ 78.305214][ T3979] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 78.313769][ T3979] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 78.319227][ T4001] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 78.383455][ T10] kworker/u4:1: attempt to access beyond end of device [ 78.383455][ T10] loop5: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 78.471687][ T24] usb 7-1: 0:2 : does not exist [ 78.476816][ T4024] loop5: detected capacity change from 0 to 256 [ 78.512347][ T24] usb 7-1: USB disconnect, device number 5 [ 78.534222][ T4035] random: crng reseeded on system resumption [ 78.573127][ T4041] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 78.640657][ T4056] netlink: 124 bytes leftover after parsing attributes in process `syz.0.1561'. [ 78.660089][ T4058] tap0: tun_chr_ioctl cmd 1074025677 [ 78.665283][ T4058] tap0: linktype set to 778 [ 78.749742][ T4062] loop0: detected capacity change from 0 to 2048 [ 78.762271][ T4062] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 78.778037][ T290] EXT4-fs (loop0): unmounting filesystem. [ 78.870851][ T849] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 79.110903][ T24] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 79.240896][ T849] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 79.251886][ T849] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 79.260793][ T849] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.269324][ T849] usb 6-1: config 0 descriptor?? [ 79.490911][ T24] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 79.501827][ T24] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 79.511416][ T24] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 79.520240][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.540910][ T4077] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 79.687278][ T4090] loop4: detected capacity change from 0 to 1024 [ 79.702617][ T4090] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 79.715712][ T4090] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 79.730710][ T4090] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 32 with max blocks 32 with error 28 [ 79.743026][ T4090] EXT4-fs (loop4): This should not happen!! Data will be lost [ 79.743026][ T4090] [ 79.743722][ T849] keytouch 0003:0926:3333.000F: fixing up Keytouch IEC report descriptor [ 79.753133][ T4090] EXT4-fs (loop4): Total free blocks count 0 [ 79.762480][ T849] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.000F/input/input20 [ 79.767030][ T4090] EXT4-fs (loop4): Free/Dirty block details [ 79.784256][ T4090] EXT4-fs (loop4): free_blocks=68451041280 [ 79.789946][ T4090] EXT4-fs (loop4): dirty_blocks=64 [ 79.791935][ T24] usb 1-1: USB disconnect, device number 9 [ 79.795362][ T4090] EXT4-fs (loop4): Block reservation details [ 79.806457][ T4090] EXT4-fs (loop4): i_reserved_data_blocks=4 [ 79.822918][ T328] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 79.853216][ T849] keytouch 0003:0926:3333.000F: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0 [ 80.161002][ T849] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 80.171454][ T4108] loop6: detected capacity change from 0 to 40427 [ 80.180354][ T4108] F2FS-fs (loop6): Found nat_bits in checkpoint [ 80.215652][ T4108] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 80.431042][ T849] usb 5-1: Using ep0 maxpacket: 8 [ 80.518423][ T4115] netlink: 'syz.0.1584': attribute type 12 has an invalid length. [ 80.526682][ T4115] netlink: 'syz.0.1584': attribute type 4 has an invalid length. [ 80.551155][ T849] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 80.561718][ T849] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 80.571151][ T849] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.579680][ T849] usb 5-1: config 0 descriptor?? [ 80.670397][ T4126] loop0: detected capacity change from 0 to 128 [ 80.678583][ T4126] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 80.687100][ T4126] ext4 filesystem being mounted at /350/mnt supports timestamps until 2038 (0x7fffffff) [ 80.706920][ T290] EXT4-fs (loop0): unmounting filesystem. [ 80.756627][ T789] usb 6-1: USB disconnect, device number 7 [ 80.764782][ T4138] loop0: detected capacity change from 0 to 1024 [ 80.774694][ T4138] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.1594: Invalid block bitmap block 0 in block_group 0 [ 80.788286][ T4138] EXT4-fs error (device loop0): ext4_acquire_dquot:6787: comm syz.0.1594: Failed to acquire dquot type 0 [ 80.799653][ T4138] EXT4-fs error (device loop0): ext4_free_blocks:6212: comm syz.0.1594: Freeing blocks not in datazone - block = 0, count = 4096 [ 80.813220][ T4138] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.1594: Invalid inode bitmap blk 0 in block_group 0 [ 80.826204][ T4138] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem [ 80.834938][ T4138] EXT4-fs (loop0): 1 orphan inode deleted [ 80.837631][ T328] EXT4-fs error (device loop0): ext4_release_dquot:6810: comm kworker/u4:4: Failed to release dquot type 0 [ 80.840651][ T4138] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 80.852137][ T315] usb 5-1: USB disconnect, device number 14 [ 80.873996][ T290] EXT4-fs (loop0): unmounting filesystem. [ 80.896588][ T4143] netlink: 'syz.0.1596': attribute type 18 has an invalid length. [ 80.929683][ T4147] loop0: detected capacity change from 0 to 256 [ 80.938285][ T4147] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 80.983180][ T4154] loop0: detected capacity change from 0 to 256 [ 80.996857][ T4157] loop6: detected capacity change from 0 to 256 [ 81.006124][ T4157] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 81.085717][ T4171] loop0: detected capacity change from 0 to 1024 [ 81.092508][ T4171] EXT4-fs: Ignoring removed i_version option [ 81.098330][ T4171] EXT4-fs: Ignoring removed bh option [ 81.189598][ T4181] netlink: 'syz.6.1613': attribute type 12 has an invalid length. [ 81.197952][ T4181] netlink: 'syz.6.1613': attribute type 4 has an invalid length. [ 81.244699][ T4191] loop0: detected capacity change from 0 to 256 [ 81.254579][ T4191] incfs: Can't find or create .incomplete dir in ./file0 [ 81.262754][ T4191] incfs: mount failed -22 [ 81.319409][ T4206] tun0: tun_chr_ioctl cmd 2147767521 [ 81.434721][ T4229] loop6: detected capacity change from 0 to 1024 [ 81.447427][ T4229] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:477: comm syz.6.1636: Invalid block bitmap block 0 in block_group 0 [ 81.466355][ T4229] __quota_error: 35 callbacks suppressed [ 81.466374][ T4229] Quota error (device loop6): write_blk: dquota write failed [ 81.479865][ T4229] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 81.489984][ T4229] EXT4-fs error (device loop6): ext4_acquire_dquot:6787: comm syz.6.1636: Failed to acquire dquot type 0 [ 81.501787][ T4229] EXT4-fs error (device loop6): ext4_free_blocks:6212: comm syz.6.1636: Freeing blocks not in datazone - block = 0, count = 4096 [ 81.515405][ T4229] EXT4-fs error (device loop6): ext4_read_inode_bitmap:140: comm syz.6.1636: Invalid inode bitmap blk 0 in block_group 0 [ 81.528389][ T328] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-8 [ 81.537198][ T328] EXT4-fs error (device loop6): ext4_release_dquot:6810: comm kworker/u4:4: Failed to release dquot type 0 [ 81.548642][ T4229] EXT4-fs error (device loop6) in ext4_free_inode:362: Corrupt filesystem [ 81.568574][ T4229] EXT4-fs (loop6): 1 orphan inode deleted [ 81.572115][ T4246] loop7: detected capacity change from 0 to 512 [ 81.580420][ T28] audit: type=1400 audit(1731961084.932:548): avc: denied { append } for pid=4247 comm="syz.0.1642" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 81.615969][ T4246] EXT4-fs error (device loop7): ext4_orphan_get:1396: inode #15: comm syz.7.1641: casefold flag without casefold feature [ 81.643192][ T4246] EXT4-fs error (device loop7): ext4_orphan_get:1401: comm syz.7.1641: couldn't read orphan inode 15 (err -117) [ 81.671402][ T28] audit: type=1400 audit(1731961085.022:549): avc: denied { read write } for pid=4245 comm="syz.7.1641" name="file0" dev="loop7" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1 [ 81.703525][ T28] audit: type=1400 audit(1731961085.032:550): avc: denied { open } for pid=4245 comm="syz.7.1641" path="/15/file0/file0" dev="loop7" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=fifo_file permissive=1 [ 81.761493][ T4264] random: crng reseeded on system resumption [ 81.793208][ T28] audit: type=1400 audit(1731961085.152:551): avc: denied { read } for pid=4271 comm="syz.7.1653" name="loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 81.821646][ T28] audit: type=1400 audit(1731961085.172:552): avc: denied { open } for pid=4271 comm="syz.7.1653" path="/dev/loop-control" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 81.853438][ T28] audit: type=1400 audit(1731961085.172:553): avc: denied { ioctl } for pid=4271 comm="syz.7.1653" path="/newroot/dev/loop-control" dev="devtmpfs" ino=113 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 81.902130][ T4275] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1654'. [ 81.922942][ T4286] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1659'. [ 81.937581][ T4285] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1658'. [ 81.965588][ T28] audit: type=1400 audit(1731961341.319:554): avc: denied { lock } for pid=4290 comm="syz.0.1661" path="socket:[33052]" dev="sockfs" ino=33052 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1 [ 82.256598][ T4318] loop4: detected capacity change from 0 to 1024 [ 82.263171][ T789] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 82.280593][ T4318] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.1673: Invalid block bitmap block 0 in block_group 0 [ 82.294669][ T4318] EXT4-fs error (device loop4): ext4_acquire_dquot:6787: comm syz.4.1673: Failed to acquire dquot type 0 [ 82.294908][ T4318] EXT4-fs error (device loop4): ext4_free_blocks:6212: comm syz.4.1673: Freeing blocks not in datazone - block = 0, count = 4096 [ 82.319402][ T4318] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.1673: Invalid inode bitmap blk 0 in block_group 0 [ 82.321114][ T4328] serio: Serial port tty33 [ 82.336613][ T4318] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 82.346152][ T325] EXT4-fs error (device loop4): ext4_release_dquot:6810: comm kworker/u4:3: Failed to release dquot type 0 [ 82.347093][ T4318] EXT4-fs (loop4): 1 orphan inode deleted [ 82.424178][ T4345] loop4: detected capacity change from 0 to 128 [ 82.433218][ T4345] ext4 filesystem being mounted at /326/mnt supports timestamps until 2038 (0x7fffffff) [ 82.499435][ T4364] can0: slcan on ptm0. [ 82.510843][ T789] usb 6-1: Using ep0 maxpacket: 16 [ 82.550979][ T4362] can0 (unregistered): slcan off ptm0. [ 82.583991][ T4374] loop6: detected capacity change from 0 to 256 [ 82.591108][ T4374] exfat: Deprecated parameter 'utf8' [ 82.599146][ T4374] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 82.630946][ T789] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 82.790906][ T789] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 82.803109][ T789] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.805084][ T4387] loop6: detected capacity change from 0 to 40427 [ 82.817263][ T789] usb 6-1: Product: syz [ 82.818293][ T4387] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504) [ 82.823521][ T789] usb 6-1: Manufacturer: syz [ 82.828886][ T4387] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 82.839721][ T789] usb 6-1: SerialNumber: syz [ 82.840914][ T4387] F2FS-fs (loop6): heap/no_heap options were deprecated [ 82.849354][ T789] usb 6-1: config 0 descriptor?? [ 82.852672][ T4387] F2FS-fs (loop6): invalid crc value [ 82.873915][ T4387] F2FS-fs (loop6): Found nat_bits in checkpoint [ 82.901899][ T789] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected [ 82.914075][ T789] usb 6-1: Detected FT232R [ 82.931453][ T4403] Invalid ELF header magic: != ELF [ 82.935746][ T4387] F2FS-fs (loop6): Start checkpoint disabled! [ 82.943811][ T4387] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 82.950712][ T4387] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 82.993596][ T328] kworker/u4:4: attempt to access beyond end of device [ 82.993596][ T328] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 83.020824][ T315] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 83.109204][ T4414] loop6: detected capacity change from 0 to 512 [ 83.116637][ T4414] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 83.126663][ T4414] EXT4-fs (loop6): orphan cleanup on readonly fs [ 83.133511][ T4414] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #3: comm syz.6.1717: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 83.151193][ T4414] EXT4-fs error (device loop6): ext4_quota_enable:6981: comm syz.6.1717: Bad quota inode: 3, type: 0 [ 83.162336][ T4414] EXT4-fs warning (device loop6): ext4_enable_quotas:7022: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 83.176895][ T4414] EXT4-fs (loop6): Cannot turn on quotas: error -117 [ 83.183799][ T4410] loop7: detected capacity change from 0 to 40427 [ 83.190872][ T4410] F2FS-fs (loop7): heap/no_heap options were deprecated [ 83.199152][ T4410] F2FS-fs (loop7): invalid crc value [ 83.205742][ T4410] F2FS-fs (loop7): Found nat_bits in checkpoint [ 83.252742][ T4410] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 83.264188][ T4427] loop6: detected capacity change from 0 to 128 [ 83.270857][ T315] usb 1-1: Using ep0 maxpacket: 8 [ 83.278080][ T4427] ext4 filesystem being mounted at /156/mnt supports timestamps until 2038 (0x7fffffff) [ 83.288000][ T3767] syz-executor: attempt to access beyond end of device [ 83.288000][ T3767] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 83.341000][ T789] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 83.360854][ T789] ftdi_sio 6-1:0.0: GPIO initialisation failed: -71 [ 83.370902][ T789] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 83.380106][ T789] usb 6-1: USB disconnect, device number 8 [ 83.386816][ T789] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 83.396118][ T789] ftdi_sio 6-1:0.0: device disconnected [ 83.401610][ T315] usb 1-1: config 0 has an invalid interface number: 197 but max is 0 [ 83.409589][ T315] usb 1-1: config 0 has no interface number 0 [ 83.522976][ T4436] loop6: detected capacity change from 0 to 40427 [ 83.529973][ T4436] F2FS-fs (loop6): fault_injection options not supported [ 83.536957][ T4436] F2FS-fs (loop6): heap/no_heap options were deprecated [ 83.543861][ T4436] F2FS-fs (loop6): Image doesn't support compression [ 83.551361][ T4436] F2FS-fs (loop6): invalid crc value [ 83.557553][ T4436] F2FS-fs (loop6): Found nat_bits in checkpoint [ 83.570957][ T315] usb 1-1: New USB device found, idVendor=20b7, idProduct=0713, bcdDevice= 0.54 [ 83.584858][ T315] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.597906][ T315] usb 1-1: Product: syz [ 83.607667][ T4436] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 83.607920][ T315] usb 1-1: Manufacturer: syz [ 83.621317][ T315] usb 1-1: SerialNumber: syz [ 83.626423][ T315] usb 1-1: config 0 descriptor?? [ 83.636835][ T2679] syz-executor: attempt to access beyond end of device [ 83.636835][ T2679] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 83.672089][ T315] ftdi_sio 1-1:0.197: FTDI USB Serial Device converter detected [ 83.680056][ T315] usb 1-1: Detected SIO [ 83.684769][ T315] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 83.771293][ T4447] netlink: 52 bytes leftover after parsing attributes in process `syz.6.1739'. [ 83.786300][ T4450] loop4: detected capacity change from 0 to 256 [ 83.795921][ T4450] incfs: Can't find or create .incomplete dir in ./file0 [ 83.803621][ T4450] incfs: mount failed -22 [ 83.854714][ T4462] loop4: detected capacity change from 0 to 128 [ 83.862619][ T4462] ext4 filesystem being mounted at /346/mnt supports timestamps until 2038 (0x7fffffff) [ 83.880267][ T315] usb 1-1: USB disconnect, device number 10 [ 83.888066][ T315] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 83.904027][ T315] ftdi_sio 1-1:0.197: device disconnected [ 83.989242][ T4460] loop5: detected capacity change from 0 to 40427 [ 83.996101][ T4460] F2FS-fs (loop5): heap/no_heap options were deprecated [ 84.003654][ T4460] F2FS-fs (loop5): invalid crc value [ 84.009856][ T4460] F2FS-fs (loop5): Found nat_bits in checkpoint [ 84.044672][ T4460] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 84.064427][ T1788] syz-executor: attempt to access beyond end of device [ 84.064427][ T1788] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 84.245754][ T4485] loop5: detected capacity change from 0 to 256 [ 84.255365][ T4485] incfs: Can't find or create .incomplete dir in ./file0 [ 84.262922][ T4485] incfs: mount failed -22 [ 84.697375][ T4517] loop6: detected capacity change from 0 to 256 [ 84.706798][ T4517] incfs: Can't find or create .incomplete dir in ./file0 [ 84.716197][ T4517] incfs: mount failed -22 [ 84.819867][ T4538] loop6: detected capacity change from 0 to 256 [ 86.128567][ T4555] loop6: detected capacity change from 0 to 512 [ 86.170336][ T4555] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038 (0x7fffffff) [ 86.202801][ T4555] EXT4-fs warning (device loop6): ext4_group_add:1723: Can't resize non-sparse filesystem further [ 86.214506][ T4570] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 86.265820][ T4577] loop6: detected capacity change from 0 to 256 [ 86.299074][ T4577] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 86.322989][ T4552] loop4: detected capacity change from 0 to 40427 [ 86.332424][ T4552] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 86.334091][ T4577] exFAT-fs (loop6): error, invalid access to FAT free cluster (entry 0x00000008) [ 86.339957][ T4552] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 86.353359][ T4577] exFAT-fs (loop6): error, exfat_alloc_cluster: invalid used clusters(t:15,u:4294967295) [ 86.353359][ T4577] [ 86.357609][ T4552] F2FS-fs (loop4): fault_injection options not supported [ 86.369487][ T4577] exFAT-fs (loop6): error, failed to bmap (inode : ffff888118b1c0d0 iblock : 0, err : -5) [ 86.376604][ T4552] F2FS-fs (loop4): invalid crc value [ 86.393246][ T4552] F2FS-fs (loop4): Found nat_bits in checkpoint [ 86.403404][ T4587] random: crng reseeded on system resumption [ 86.464365][ T4552] F2FS-fs (loop4): Start checkpoint disabled! [ 86.481016][ T4552] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 86.488051][ T4552] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 86.514977][ T4552] syz.4.1779: attempt to access beyond end of device [ 86.514977][ T4552] loop4: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 86.535655][ T4552] syz.4.1779: attempt to access beyond end of device [ 86.535655][ T4552] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 86.603609][ T4612] loop7: detected capacity change from 0 to 1024 [ 86.611025][ T616] kworker/u4:5: attempt to access beyond end of device [ 86.611025][ T616] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 86.682618][ T4619] netlink: 'syz.0.1807': attribute type 5 has an invalid length. [ 86.709567][ T4623] netlink: 277 bytes leftover after parsing attributes in process `syz.7.1809'. [ 86.768361][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 86.768379][ T28] audit: type=1400 audit(1866179074.168:564): avc: denied { getopt } for pid=4638 comm="syz.0.1816" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 86.878850][ T4652] pim6reg0: tun_chr_ioctl cmd 21731 [ 87.111342][ T4685] loop5: detected capacity change from 0 to 512 [ 87.119503][ T4685] ext4 filesystem being mounted at /221/bus supports timestamps until 2038 (0x7fffffff) [ 87.167650][ T4692] loop5: detected capacity change from 0 to 1024 [ 87.280849][ T301] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 87.300835][ T315] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 87.322067][ T4696] loop5: detected capacity change from 0 to 40427 [ 87.328766][ T4696] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504) [ 87.335577][ T4696] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 87.344450][ T4696] F2FS-fs (loop5): invalid crc value [ 87.350819][ T4696] F2FS-fs (loop5): Found nat_bits in checkpoint [ 87.350818][ T849] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 87.396558][ T4696] F2FS-fs (loop5): Start checkpoint disabled! [ 87.403484][ T4696] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 87.410330][ T4696] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 87.593939][ T4707] loop5: detected capacity change from 0 to 2048 [ 87.600362][ T4707] EXT4-fs: Ignoring removed oldalloc option [ 87.610870][ T849] usb 7-1: Using ep0 maxpacket: 16 [ 87.616012][ T4707] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 87.640863][ T301] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00 [ 87.649775][ T301] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.658470][ T301] usb 1-1: config 0 descriptor?? [ 87.670983][ T315] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.681923][ T315] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.692175][ T315] usb 5-1: New USB device found, idVendor=04b4, idProduct=07b1, bcdDevice= 0.00 [ 87.701984][ T315] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.710413][ T315] usb 5-1: config 0 descriptor?? [ 87.760918][ T849] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.771739][ T849] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.781553][ T849] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00 [ 87.790344][ T849] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.798768][ T849] usb 7-1: config 0 descriptor?? [ 87.980856][ T530] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 88.050936][ T315] usbhid 5-1:0.0: can't add hid device: -71 [ 88.056768][ T315] usbhid: probe of 5-1:0.0 failed with error -71 [ 88.063730][ T315] usb 5-1: USB disconnect, device number 15 [ 88.142291][ T301] playstation 0003:054C:0DF2.0010: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.0-1/input0 [ 88.292151][ T849] lua 0003:1E7D:2C2E.0011: hidraw1: USB HID v0.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.6-1/input0 [ 88.370956][ T530] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 88.379429][ T530] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 88.389300][ T530] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 88.398075][ T530] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 88.408738][ T530] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 88.491913][ T849] usb 7-1: USB disconnect, device number 6 [ 88.540874][ T530] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 88.549915][ T530] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 88.558189][ T530] usb 6-1: Product: syz [ 88.562263][ T530] usb 6-1: Manufacturer: syz [ 88.570952][ T301] playstation 0003:054C:0DF2.0010: Failed to retrieve feature with reportID 32: -71 [ 88.580649][ T301] playstation 0003:054C:0DF2.0010: Failed to retrieve DualSense firmware info: -71 [ 88.590067][ T301] playstation 0003:054C:0DF2.0010: Failed to get firmware info from DualSense [ 88.599109][ T301] playstation 0003:054C:0DF2.0010: Failed to create dualsense. [ 88.611301][ T530] cdc_wdm 6-1:1.0: skipping garbage [ 88.616388][ T530] cdc_wdm 6-1:1.0: skipping garbage [ 88.621415][ T301] playstation: probe of 0003:054C:0DF2.0010 failed with error -71 [ 88.622701][ T301] usb 1-1: USB disconnect, device number 11 [ 88.641467][ T530] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 88.691247][ T28] audit: type=1400 audit(1866179076.098:565): avc: denied { mount } for pid=4724 comm="syz.4.1851" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 88.813796][ T849] usb 6-1: USB disconnect, device number 9 [ 89.012405][ T4728] loop4: detected capacity change from 0 to 512 [ 89.020320][ T4728] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e01c, mo2=0002] [ 89.028175][ T4728] System zones: 1-12 [ 89.032660][ T4728] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.1853: Directory hole found for htree index block 0 [ 89.045151][ T4728] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 89.053317][ T4728] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.1853: Directory hole found for htree index block 0 [ 89.061240][ T4733] syz.6.1854[4733] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.065521][ T4733] syz.6.1854[4733] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.080656][ T4728] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 89.090674][ T4733] loop6: detected capacity change from 0 to 2048 [ 89.128165][ T4733] Alternate GPT is invalid, using primary GPT. [ 89.134718][ T4733] loop6: p2 p3 p7 [ 89.139720][ T4739] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1858'. [ 89.217302][ T4733] loop6: detected capacity change from 0 to 128 [ 91.091541][ T4755] loop4: detected capacity change from 0 to 8192 [ 91.390861][ T789] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 91.630843][ T789] usb 7-1: Using ep0 maxpacket: 16 [ 91.760919][ T789] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.771753][ T789] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 91.781355][ T789] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 91.794147][ T789] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 91.803004][ T789] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.811463][ T789] usb 7-1: config 0 descriptor?? [ 92.010851][ T4795] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1881'. [ 92.230852][ T315] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 92.266910][ T4813] loop5: detected capacity change from 0 to 40427 [ 92.274032][ T4813] F2FS-fs (loop5): fault_injection options not supported [ 92.274239][ T789] microsoft 0003:045E:07DA.0012: unknown main item tag 0x0 [ 92.282208][ T4813] F2FS-fs (loop5): invalid crc value [ 92.288128][ T789] microsoft 0003:045E:07DA.0012: ignoring exceeding usage max [ 92.294638][ T4813] F2FS-fs (loop5): Found nat_bits in checkpoint [ 92.303240][ T789] microsoft 0003:045E:07DA.0012: unsupported Resolution Multiplier 0 [ 92.315693][ T789] microsoft 0003:045E:07DA.0012: unsupported Resolution Multiplier 0 [ 92.324023][ T789] microsoft 0003:045E:07DA.0012: No inputs registered, leaving [ 92.340880][ T789] microsoft 0003:045E:07DA.0012: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.6-1/input0 [ 92.347904][ T4813] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 92.352216][ T789] microsoft 0003:045E:07DA.0012: no inputs found [ 92.365724][ T789] microsoft 0003:045E:07DA.0012: could not initialize ff, continuing anyway [ 92.374698][ T1788] syz-executor: attempt to access beyond end of device [ 92.374698][ T1788] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 92.480629][ T24] usb 7-1: USB disconnect, device number 7 [ 92.515865][ T4829] loop5: detected capacity change from 0 to 16 [ 92.522455][ T4829] erofs: (device loop5): mounted with root inode @ nid 36. [ 92.531199][ T4829] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=46 [ 92.540004][ T4829] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop5 ino=46 [ 92.549122][ T28] audit: type=1400 audit(1866179079.948:566): avc: denied { mounton } for pid=4828 comm="syz.5.1896" path="/249/file0/file0" dev="loop5" ino=46 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 92.555279][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.580154][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.588935][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.597205][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.605221][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.613399][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.621388][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.629389][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.637533][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.645663][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.653647][ T315] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 92.654027][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.662322][ T315] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 92.670411][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.680001][ T315] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 92.688690][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.696717][ T315] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 92.704927][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.715155][ T315] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 92.723414][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.740518][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.748521][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.756518][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.764535][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.772486][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.780393][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.788723][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.796847][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.804943][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.813186][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.821526][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.829470][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.837492][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.845977][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.854027][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.862083][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.870021][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.870995][ T315] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 92.878044][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.886720][ T315] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 92.895242][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.902541][ T315] usb 5-1: Product: syz [ 92.910651][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.914222][ T315] usb 5-1: Manufacturer: syz [ 92.927095][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.935505][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.943666][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.951851][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.959883][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.968082][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.976373][ T315] cdc_wdm 5-1:1.0: skipping garbage [ 92.981660][ T315] cdc_wdm 5-1:1.0: skipping garbage [ 92.987200][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 92.996053][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.003994][ T315] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 93.014679][ T4835] loop6: detected capacity change from 0 to 512 [ 93.021366][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.029406][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.037507][ T4835] EXT4-fs: Ignoring removed mblk_io_submit option [ 93.044045][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.052358][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.060395][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.068930][ T4835] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 93.078963][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.086259][ T4835] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2186: inode #15: comm syz.6.1900: corrupted in-inode xattr [ 93.087153][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.099231][ T4835] EXT4-fs error (device loop6): ext4_orphan_get:1401: comm syz.6.1900: couldn't read orphan inode 15 (err -117) [ 93.106605][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.122751][ T28] audit: type=1400 audit(1866179080.528:567): avc: denied { mounton } for pid=4834 comm="syz.6.1900" path="/192/bus/bus" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 93.126361][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.156339][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.156573][ T2679] EXT4-fs error (device loop6): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /192/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 93.185549][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.191240][ T2679] EXT4-fs error (device loop6): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 93.193839][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.229434][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.237913][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.246605][ T2679] EXT4-fs error (device loop6): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /192/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 93.246685][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.276057][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.284406][ T789] usb 5-1: USB disconnect, device number 16 [ 93.284460][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.298325][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.306707][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.306943][ T2679] EXT4-fs error (device loop6): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 93.314786][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.342156][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.350268][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.352876][ T2679] EXT4-fs error (device loop6): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /192/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 93.359983][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.387369][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.387884][ T2679] EXT4-fs error (device loop6): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 93.395592][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.420203][ T2679] EXT4-fs error (device loop6): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /192/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 93.431977][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.444402][ T2679] EXT4-fs error (device loop6): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 93.456139][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.473079][ T2679] EXT4-fs error (device loop6): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /192/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 93.481367][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.507934][ T2679] EXT4-fs error (device loop6): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 93.527774][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.540903][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.548918][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.564608][ T4854] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1910'. [ 93.574027][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.582135][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.590145][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.598532][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.606628][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.614720][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.615728][ T3131] bridge0: port 3(syz_tun) entered disabled state [ 93.622875][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.637000][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.645147][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.645949][ T3131] device syz_tun left promiscuous mode [ 93.653515][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.663370][ T3131] bridge0: port 3(syz_tun) entered disabled state [ 93.669955][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.680623][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.688200][ T4860] incfs: Error accessing: ./file0. [ 93.688537][ T28] audit: type=1400 audit(1866179081.088:568): avc: denied { mounton } for pid=4859 comm="syz.0.1913" path="/451/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1 [ 93.694710][ T4860] incfs: mount failed -20 [ 93.715822][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.727977][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.736108][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.744457][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.752809][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.763482][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.772839][ T4862] device batadv_slave_0 entered promiscuous mode [ 93.779109][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.787505][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.796039][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.811042][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.819627][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.828021][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.836400][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.844882][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.856545][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.865595][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.881052][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.890692][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.902417][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.911269][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.919142][ T4869] tc_dump_action: action bad kind [ 93.924771][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.933321][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.944825][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.954606][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.963732][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.972187][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.980312][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.988650][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 93.996911][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.005363][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.013595][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.021751][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.030017][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.038143][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.054296][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.066240][ T4870] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.066497][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.080942][ T4870] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.081327][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.091539][ T4870] device bridge_slave_0 entered promiscuous mode [ 94.096512][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.109877][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.115134][ T4879] tun0: tun_chr_ioctl cmd 2147767520 [ 94.123174][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.136109][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.146707][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.146868][ T28] audit: type=1400 audit(1866179081.548:569): avc: denied { mount } for pid=4881 comm="syz.7.1923" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 94.154806][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.200536][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.209046][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.217081][ T4870] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.217288][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.224188][ T4870] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.243691][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.255790][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.263874][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.272514][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.276513][ T4870] device bridge_slave_1 entered promiscuous mode [ 94.288384][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.296635][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.305168][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.323942][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.332695][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.351435][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.360159][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.381044][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.389143][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.397773][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.411413][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.419783][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.428001][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.437670][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.462564][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.472440][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.482305][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.485790][ T4870] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.491558][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.497038][ T4870] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.509651][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.511925][ T4870] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.520166][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.526586][ T4870] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.551250][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.559685][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.570118][ T28] audit: type=1326 audit(1866179081.968:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7ab07756e7 code=0x7ffc0000 [ 94.599373][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.608411][ T616] device bridge_slave_1 left promiscuous mode [ 94.614987][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.622998][ T616] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.630375][ T616] device bridge_slave_0 left promiscuous mode [ 94.636784][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.644729][ T28] audit: type=1326 audit(1866179081.968:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7ab071a099 code=0x7ffc0000 [ 94.668200][ T616] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.675607][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.687884][ T616] device veth1_macvtap left promiscuous mode [ 94.694150][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.702189][ T616] device veth0_vlan left promiscuous mode [ 94.707832][ T28] audit: type=1326 audit(1866179081.968:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7ab07756e7 code=0x7ffc0000 [ 94.731727][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.739799][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.758678][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.770946][ T28] audit: type=1326 audit(1866179081.968:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7ab071a099 code=0x7ffc0000 [ 94.810350][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.822834][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.840573][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.858954][ T28] audit: type=1326 audit(1866179081.968:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7ab07756e7 code=0x7ffc0000 [ 94.869356][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.920492][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.927199][ T28] audit: type=1326 audit(1866179081.968:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4906 comm="syz.4.1934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7ab071a099 code=0x7ffc0000 [ 94.950646][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.959613][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.978021][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.988989][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 94.997268][ T325] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.005431][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.013583][ T325] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.020958][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.029003][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.054175][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.070282][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 95.077611][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.086248][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 95.101100][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.111179][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 95.119479][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.127697][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 95.138923][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.151277][ T325] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.158163][ T325] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.169982][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.178837][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.186909][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 95.195231][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.203862][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 95.213111][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.220819][ T849] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 95.221454][ T325] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.235268][ T325] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.243208][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.251369][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.261441][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.269566][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.290004][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 95.298650][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 95.307813][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.321380][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 95.329427][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.340933][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 95.351107][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.359121][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.370933][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 95.371084][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.386848][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 95.393910][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.405185][ T4870] device veth0_vlan entered promiscuous mode [ 95.413351][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 95.429942][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.431320][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 95.450571][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.460060][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 95.467662][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 95.479016][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.492568][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 95.506076][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.510967][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 95.523878][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.538063][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.552464][ T4870] device veth1_macvtap entered promiscuous mode [ 95.563757][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 95.571765][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.578580][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 95.588203][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.596264][ T849] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 95.598378][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 95.608068][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.629975][ T849] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 95.645363][ T849] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 95.646972][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 95.655759][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.670961][ T849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.679948][ T849] usb 1-1: config 0 descriptor?? [ 95.682766][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 95.685622][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.716299][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.724992][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.733655][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.743191][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.751504][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.762866][ T4939] kernel profiling enabled (shift: 9) [ 95.768752][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.778331][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.787195][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.800267][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.808640][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.817174][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.825365][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.833900][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.849143][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.870072][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.883084][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.897198][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.910067][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.923754][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.936450][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.950285][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.963498][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 95.984991][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 96.003913][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 96.023941][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 96.043620][ T1788] erofs: (device loop5): erofs_fill_dentries: bogus dirent @ nid 36 [ 96.181935][ T849] hid-thrustmaster 0003:044F:B65D.0013: unknown main item tag 0x0 [ 96.187815][ T4945] loop8: detected capacity change from 0 to 40427 [ 96.197315][ T4945] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12 [ 96.205109][ T4945] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock [ 96.213568][ T849] hid-thrustmaster 0003:044F:B65D.0013: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.0-1/input0 [ 96.233985][ T4945] F2FS-fs (loop8): invalid crc value [ 96.247154][ T4945] F2FS-fs (loop8): Found nat_bits in checkpoint [ 96.262613][ T849] hid-thrustmaster 0003:044F:B65D.0013: Wrong number of endpoints? [ 96.352351][ T4945] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 96.367524][ T4965] loop7: detected capacity change from 0 to 256 [ 96.385211][ T4945] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0 [ 96.391040][ T4965] exfat: Deprecated parameter 'utf8' [ 96.401756][ T4945] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 96.407426][ T4965] exfat: Deprecated parameter 'namecase' [ 96.425499][ T4965] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x1ef871c7, utbl_chksum : 0xe619d30d) [ 96.450926][ T4945] syz.8.1950: attempt to access beyond end of device [ 96.450926][ T4945] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 96.465283][ T849] usb 1-1: USB disconnect, device number 12 [ 96.480785][ C1] hid-thrustmaster 0003:044F:B65D.0013: URB to get model id failed with error -2 [ 96.500487][ T4945] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix. [ 96.500510][ T4945] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix. [ 96.515970][ T4945] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix. [ 96.540855][ T4945] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix. [ 96.548238][ T4945] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix. [ 96.562767][ T4945] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix. [ 96.572687][ T4945] F2FS-fs (loop8): invalid namelen(0), ino:0, run fsck to fix. [ 96.641694][ T4969] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.670841][ T4969] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.682152][ T4969] device bridge_slave_0 entered promiscuous mode [ 96.689077][ T4969] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.710775][ T4969] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.718137][ T4969] device bridge_slave_1 entered promiscuous mode [ 96.741737][ T616] device bridge_slave_1 left promiscuous mode [ 96.747695][ T616] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.768144][ T616] device veth1_macvtap left promiscuous mode [ 96.776562][ T616] device veth0_vlan left promiscuous mode [ 96.797294][ T4968] loop7: detected capacity change from 0 to 40427 [ 96.804167][ T4968] F2FS-fs (loop7): Insane cp_payload (553648128 >= 504) [ 96.811205][ T4968] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 96.832861][ T4968] F2FS-fs (loop7): invalid crc value [ 96.852567][ T4968] F2FS-fs (loop7): Found nat_bits in checkpoint [ 96.903117][ T4968] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 96.910004][ T4968] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 96.917429][ T789] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 96.924630][ T4994] f2fs_ckpt-7:7: attempt to access beyond end of device [ 96.924630][ T4994] loop7: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 97.005845][ T4969] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.012806][ T4969] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.019846][ T4969] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.026786][ T4969] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.086726][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 97.094793][ T325] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.121004][ T325] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.146542][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 97.154830][ T325] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.161711][ T325] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.172395][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 97.180482][ T325] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.187347][ T325] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.196029][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 97.212332][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 97.220453][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 97.250643][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 97.262063][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 97.270307][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 97.278631][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 97.279846][ T5015] loop8: detected capacity change from 0 to 256 [ 97.290180][ T5017] netlink: 312 bytes leftover after parsing attributes in process `syz.7.1979'. [ 97.302487][ T4969] device veth0_vlan entered promiscuous mode [ 97.309590][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 97.316817][ T789] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 97.327558][ T789] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 97.336712][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 97.356873][ T4969] device veth1_macvtap entered promiscuous mode [ 97.363841][ T789] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.376504][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 97.386422][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 97.394369][ T789] usb 5-1: config 0 descriptor?? [ 97.399553][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 97.428518][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 97.448233][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 97.458708][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 97.475203][ T325] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 97.704355][ T5030] loop8: detected capacity change from 0 to 40427 [ 97.712269][ T5037] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 97.719755][ T5037] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 97.720824][ T5030] F2FS-fs (loop8): Wrong NAT boundary, start(2560) end(462336) blocks(1024) [ 97.761188][ T5030] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock [ 97.771893][ T5030] F2FS-fs (loop8): Found nat_bits in checkpoint [ 97.819511][ T5030] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0 [ 97.826536][ T5030] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 97.847204][ T28] kauditd_printk_skb: 3796 callbacks suppressed [ 97.847222][ T28] audit: type=1400 audit(1866179085.248:4372): avc: denied { read write open } for pid=5029 comm="syz.8.1985" path="/15/file1/file1" dev="loop8" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 97.878297][ T5030] syz.8.1985: attempt to access beyond end of device [ 97.878297][ T5030] loop8: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 97.892925][ T789] keytouch 0003:0926:3333.0014: fixing up Keytouch IEC report descriptor [ 97.906996][ T789] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0014/input/input21 [ 97.924211][ T4870] syz-executor: attempt to access beyond end of device [ 97.924211][ T4870] loop8: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 98.002928][ T28] audit: type=1400 audit(1866179085.408:4373): avc: denied { read } for pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=745 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 98.025182][ T849] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 98.033098][ T28] audit: type=1400 audit(1866179085.408:4374): avc: denied { open } for pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=745 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 98.033118][ T789] keytouch 0003:0926:3333.0014: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0 [ 98.056680][ T28] audit: type=1400 audit(1866179085.408:4375): avc: denied { ioctl } for pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=745 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 98.099138][ T5049] loop8: detected capacity change from 0 to 2048 [ 98.141230][ T5049] loop8: p1 < > p3 [ 98.145391][ T5049] loop8: p3 size 134217728 extends beyond EOD, truncated [ 98.155030][ T28] audit: type=1400 audit(1866179085.558:4376): avc: denied { read write } for pid=5048 comm="syz.8.1989" name="loop8p3" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 98.178231][ T28] audit: type=1400 audit(1866179085.558:4377): avc: denied { open } for pid=5048 comm="syz.8.1989" path="/dev/loop8p3" dev="devtmpfs" ino=748 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 98.227497][ T28] audit: type=1400 audit(1866179085.628:4378): avc: denied { create } for pid=5056 comm="syz.8.1994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 98.246930][ T28] audit: type=1400 audit(1866179085.628:4379): avc: denied { bind } for pid=5056 comm="syz.8.1994" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 98.266284][ T28] audit: type=1400 audit(1866179085.628:4380): avc: denied { node_bind } for pid=5056 comm="syz.8.1994" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 98.411350][ T301] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 98.470877][ T849] usb 10-1: config 0 has an invalid interface number: 186 but max is 0 [ 98.479009][ T849] usb 10-1: config 0 has no interface number 0 [ 98.485057][ T849] usb 10-1: config 0 interface 186 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 98.495702][ T849] usb 10-1: config 0 interface 186 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 98.680890][ T849] usb 10-1: New USB device found, idVendor=05ac, idProduct=8600, bcdDevice=d0.28 [ 98.689898][ T849] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 98.697892][ T849] usb 10-1: Product: syz [ 98.697911][ T849] usb 10-1: Manufacturer: syz [ 98.697925][ T849] usb 10-1: SerialNumber: syz [ 98.699006][ T849] usb 10-1: config 0 descriptor?? [ 98.770920][ T301] usb 1-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config [ 98.781058][ T301] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 98.870938][ T301] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 98.879898][ T301] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 98.887662][ T301] usb 1-1: SerialNumber: syz [ 98.896139][ T24] usb 5-1: USB disconnect, device number 17 [ 98.931191][ T301] cdc_ether 1-1:1.0: skipping garbage [ 98.936524][ T301] cdc_ether: probe of 1-1:1.0 failed with error -22 [ 99.000957][ T849] usb 10-1: Found UVC 0.00 device syz (05ac:8600) [ 99.007420][ T849] usb 10-1: No valid video chain found. [ 99.013467][ T849] usb 10-1: USB disconnect, device number 2 [ 99.088270][ T28] audit: type=1326 audit(1866179086.488:4381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5058 comm="syz.8.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc6657e719 code=0x7fc00000 [ 99.130640][ T5065] loop8: detected capacity change from 0 to 2048 [ 99.138299][ T301] usb 1-1: USB disconnect, device number 13 [ 99.152799][ T5065] EXT4-fs mount: 30 callbacks suppressed [ 99.152814][ T5065] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 99.175426][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 99.241728][ T5078] syz.8.2002[5078] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 99.241805][ T5078] syz.8.2002[5078] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 99.375153][ T5080] loop8: detected capacity change from 0 to 40427 [ 99.393980][ T5080] F2FS-fs (loop8): invalid crc_offset: 16 [ 99.401109][ T5080] F2FS-fs (loop8): Found nat_bits in checkpoint [ 99.446164][ T5080] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 99.463123][ T5080] F2FS-fs (loop8): f2fs_check_nid_range: out-of-range nid=400000, run fsck to fix. [ 99.505747][ T5096] loop4: detected capacity change from 0 to 512 [ 99.522862][ T5096] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #16: comm syz.4.2009: casefold flag without casefold feature [ 99.536402][ T5096] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.2009: couldn't read orphan inode 16 (err -117) [ 99.548908][ T5096] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 99.558200][ T5096] ext4 filesystem being mounted at /387/file1 supports timestamps until 2038 (0x7fffffff) [ 99.577671][ T294] EXT4-fs (loop4): unmounting filesystem. [ 99.657190][ T5112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2016'. [ 99.780873][ T24] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 99.870812][ T849] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 99.930904][ T530] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 100.030877][ T24] usb 10-1: Using ep0 maxpacket: 32 [ 100.151006][ T24] usb 10-1: config index 0 descriptor too short (expected 29220, got 36) [ 100.159437][ T24] usb 10-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 100.168139][ T24] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 100.177267][ T24] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 100.187008][ T24] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 100.196563][ T24] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 100.200836][ T301] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 100.209488][ T24] usb 10-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 100.225983][ T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.234503][ T24] usb 10-1: config 0 descriptor?? [ 100.250951][ T849] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 100.261901][ T849] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 100.272101][ T849] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 100.280990][ T849] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.300918][ T5110] raw-gadget.2 gadget.8: fail, usb_ep_enable returned -22 [ 100.310875][ T530] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.322815][ T530] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 100.332090][ T530] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.341271][ T530] usb 1-1: config 0 descriptor?? [ 100.464788][ T5144] loop7: detected capacity change from 0 to 512 [ 100.482061][ T24] usblp 10-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 100.483133][ T5144] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 100.502045][ T5144] ext4 filesystem being mounted at /67/bus supports timestamps until 2038 (0x7fffffff) [ 100.519799][ T3767] EXT4-fs (loop7): unmounting filesystem. [ 100.528710][ T24] usb 9-1: USB disconnect, device number 2 [ 100.581039][ T301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 100.591911][ T301] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 100.601550][ T301] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 100.610341][ T301] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.618761][ T301] usb 5-1: config 0 descriptor?? [ 100.639333][ T5150] xt_hashlimit: size too large, truncated to 1048576 [ 100.687807][ T849] usb 10-1: USB disconnect, device number 3 [ 100.701050][ T849] usblp0: removed [ 100.831423][ T530] keytouch 0003:0926:3333.0015: fixing up Keytouch IEC report descriptor [ 100.842068][ T530] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0015/input/input22 [ 100.879466][ T5163] loop7: detected capacity change from 0 to 128 [ 100.886186][ T5163] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 100.905485][ T325] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 100.925391][ T530] keytouch 0003:0926:3333.0015: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 100.972195][ T5167] loop7: detected capacity change from 0 to 128 [ 101.101656][ T301] isku 0003:1E7D:319C.0016: unknown main item tag 0x0 [ 101.108299][ T301] isku 0003:1E7D:319C.0016: unknown main item tag 0x0 [ 101.114938][ T301] isku 0003:1E7D:319C.0016: unknown main item tag 0x0 [ 101.121772][ T301] isku 0003:1E7D:319C.0016: unknown main item tag 0x0 [ 101.121804][ T301] isku 0003:1E7D:319C.0016: unknown main item tag 0x0 [ 101.121827][ T301] isku 0003:1E7D:319C.0016: unknown main item tag 0x0 [ 101.121849][ T301] isku 0003:1E7D:319C.0016: unknown main item tag 0x0 [ 101.122675][ T301] isku 0003:1E7D:319C.0016: hidraw1: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.4-1/input0 [ 101.304996][ T530] usb 5-1: USB disconnect, device number 18 [ 101.320572][ T5180] loop9: detected capacity change from 0 to 2048 [ 101.410941][ T5182] loop9: detected capacity change from 0 to 1024 [ 101.423017][ T5182] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback. [ 101.433942][ T5182] EXT4-fs error (device loop9): __ext4_remount:6435: comm syz.9.2048: Abort forced by user [ 101.444449][ T5182] EXT4-fs (loop9): Remounting filesystem read-only [ 101.451632][ T5182] EXT4-fs (loop9): re-mounted. Quota mode: writeback. [ 101.459952][ T5182] overlayfs: upper fs is r/o, try multi-lower layers mount [ 101.472844][ T4969] EXT4-fs (loop9): unmounting filesystem. [ 101.689910][ T5216] loop9: detected capacity change from 0 to 2048 [ 101.702406][ T5216] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 101.711062][ T5216] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038 (0x7fffffff) [ 101.723397][ T5216] EXT4-fs error (device loop9): ext4_validate_block_bitmap:438: comm syz.9.2064: bg 0: block 345: padding at end of block bitmap is not set [ 101.737831][ T5216] EXT4-fs (loop9): Remounting filesystem read-only [ 101.744388][ T5216] EXT4-fs error (device loop9) in ext4_evict_inode:254: Readonly filesystem [ 101.806880][ T4969] EXT4-fs (loop9): unmounting filesystem. [ 101.819581][ T5220] overlayfs: missing 'lowerdir' [ 101.841140][ T5226] loop9: detected capacity change from 0 to 512 [ 101.847736][ T5226] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 101.849451][ T5226] EXT4-fs (loop9): 1 truncate cleaned up [ 101.864064][ T5226] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 101.884568][ T5231] netlink: 'syz.7.2070': attribute type 8 has an invalid length. [ 101.898462][ T4969] EXT4-fs (loop9): unmounting filesystem. [ 101.899305][ T789] usb 1-1: USB disconnect, device number 14 [ 101.910454][ T5231] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 101.935907][ T5233] loop9: detected capacity change from 0 to 256 [ 101.942524][ T5233] exfat: Deprecated parameter 'namecase' [ 101.948043][ T5233] exfat: Deprecated parameter 'utf8' [ 101.953598][ T5233] exfat: Deprecated parameter 'namecase' [ 101.962097][ T5233] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 102.110806][ T24] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 102.156084][ T5272] loop8: detected capacity change from 0 to 512 [ 102.164538][ T5272] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 102.181506][ T5272] EXT4-fs warning (device loop8): ext4_enable_quotas:7022: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 102.207697][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 102.238331][ T5287] loop8: detected capacity change from 0 to 2048 [ 102.252794][ T5287] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 102.261350][ T5287] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038 (0x7fffffff) [ 102.274242][ T5287] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm syz.8.2096: bg 0: block 345: padding at end of block bitmap is not set [ 102.288757][ T5287] EXT4-fs (loop8): Remounting filesystem read-only [ 102.295299][ T5287] EXT4-fs error (device loop8) in ext4_evict_inode:254: Readonly filesystem [ 102.317255][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 102.344742][ T5295] input: syz0 as /devices/virtual/input/input23 [ 102.361001][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 102.463182][ T5305] input: syz0 as /devices/virtual/input/input24 [ 102.480838][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 102.492845][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 102.503792][ T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 102.513337][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.531420][ T24] usb 5-1: config 0 descriptor?? [ 102.581270][ T24] hub 5-1:0.0: USB hub found [ 102.615711][ T5314] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 102.787228][ T5291] loop9: detected capacity change from 0 to 131072 [ 102.793679][ T24] hub 5-1:0.0: 1 port detected [ 102.794285][ T5291] F2FS-fs (loop9): Wrong segment_count / block_count (65567 > 16384) [ 102.806326][ T5291] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock [ 102.817389][ T5291] F2FS-fs (loop9): Found nat_bits in checkpoint [ 102.855172][ T5291] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0 [ 102.862072][ T5291] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 102.950859][ T28] kauditd_printk_skb: 41 callbacks suppressed [ 102.950874][ T28] audit: type=1400 audit(1866179090.348:4422): avc: denied { ioctl } for pid=5290 comm="syz.9.2106" path="/44/file0/file1" dev="loop9" ino=7 ioctlcmd=0x660b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 103.020868][ T24] hub 5-1:0.0: hub_hub_status failed (err = -71) [ 103.027452][ T24] hub 5-1:0.0: config failed, can't get hub status (err -71) [ 103.130898][ T24] usbhid 5-1:0.0: can't add hid device: -71 [ 103.136743][ T24] usbhid: probe of 5-1:0.0 failed with error -71 [ 103.137085][ T28] audit: type=1400 audit(1866179090.538:4423): avc: denied { ioctl } for pid=5334 comm="syz.9.2114" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=36829 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 103.184010][ T24] usb 5-1: USB disconnect, device number 19 [ 103.440830][ T530] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 103.480877][ T849] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 103.518356][ T5345] loop4: detected capacity change from 0 to 512 [ 103.524809][ T5345] EXT4-fs: Ignoring removed orlov option [ 103.530650][ T5345] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 103.543690][ T5345] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13 [ 103.552163][ T5345] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.2119: invalid indirect mapped block 2683928664 (level 1) [ 103.566521][ T5345] EXT4-fs (loop4): 1 truncate cleaned up [ 103.572239][ T5345] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 103.583923][ T28] audit: type=1400 audit(1866179090.988:4424): avc: denied { mounton } for pid=5344 comm="syz.4.2119" path="/406/file0/file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 103.584682][ T5345] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 103.623489][ T294] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 103.644688][ T28] audit: type=1400 audit(1866179091.058:4425): avc: denied { rmdir } for pid=294 comm="syz-executor" name="lost+found" dev="loop4" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 103.644772][ T294] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz-executor: Invalid block bitmap block 3 in block_group 0 [ 103.681075][ T294] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6172: Corrupt filesystem [ 103.690142][ T28] audit: type=1400 audit(1866179091.088:4426): avc: denied { setattr } for pid=294 comm="syz-executor" path="/406/file0/file2" dev="loop4" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 103.690930][ T294] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz-executor: corrupted in-inode xattr [ 103.714506][ T28] audit: type=1400 audit(1866179091.088:4427): avc: denied { unlink } for pid=294 comm="syz-executor" name="file2" dev="loop4" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 103.727007][ T294] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz-executor: corrupted in-inode xattr [ 103.759815][ T530] usb 10-1: Using ep0 maxpacket: 16 [ 103.769587][ T2725] EXT4-fs (loop4): unmounting filesystem. [ 103.784860][ T2725] bridge0: port 1(syz_tun) entered disabled state [ 103.793205][ T2725] device syz_tun left promiscuous mode [ 103.798521][ T2725] bridge0: port 1(syz_tun) entered disabled state [ 103.837624][ T28] audit: type=1400 audit(1866179091.238:4428): avc: denied { create } for pid=5348 comm="syz.0.2122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 103.860518][ T28] audit: type=1400 audit(1866179091.268:4429): avc: denied { connect } for pid=5348 comm="syz.0.2122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 103.920861][ T530] usb 10-1: config 0 has an invalid interface number: 105 but max is 0 [ 103.928964][ T530] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 103.939224][ T849] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.941000][ T28] audit: type=1400 audit(1866179091.278:4430): avc: denied { write } for pid=5348 comm="syz.0.2122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 103.950355][ T849] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.978748][ T530] usb 10-1: config 0 has no interface number 0 [ 103.998932][ T849] usb 9-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 103.998951][ T28] audit: type=1400 audit(1866179091.318:4431): avc: denied { setopt } for pid=5348 comm="syz.0.2122" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 104.030862][ T849] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.039487][ T849] usb 9-1: config 0 descriptor?? [ 104.086794][ T5352] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.094164][ T5352] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.101751][ T5352] device bridge_slave_0 entered promiscuous mode [ 104.109763][ T5352] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.117008][ T5352] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.124665][ T5352] device bridge_slave_1 entered promiscuous mode [ 104.170874][ T530] usb 10-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 104.179897][ T530] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.190379][ T530] usb 10-1: Product: syz [ 104.194704][ T530] usb 10-1: Manufacturer: syz [ 104.199212][ T530] usb 10-1: SerialNumber: syz [ 104.206008][ T530] usb 10-1: config 0 descriptor?? [ 104.229370][ T5352] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.236265][ T5352] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.243371][ T5352] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.250122][ T5352] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.271459][ T530] usb 10-1: Found UVC 0.00 device syz (046d:08f3) [ 104.277747][ T530] usb 10-1: No valid video chain found. [ 104.296364][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 104.304958][ T616] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.312946][ T616] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.332363][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 104.340612][ T616] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.347491][ T616] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.355580][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 104.364251][ T616] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.371266][ T616] bridge0: port 2(bridge_slave_1) entered forwarding state [ 104.389358][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 104.397678][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 104.413388][ T325] device bridge_slave_1 left promiscuous mode [ 104.419383][ T325] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.428207][ T325] device veth1_macvtap left promiscuous mode [ 104.434618][ T325] device veth0_vlan left promiscuous mode [ 104.474560][ T789] usb 10-1: USB disconnect, device number 4 [ 104.501784][ T849] hid-thrustmaster 0003:044F:B65D.0017: unknown main item tag 0x0 [ 104.510221][ T849] hid-thrustmaster 0003:044F:B65D.0017: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.8-1/input0 [ 104.522836][ T849] hid-thrustmaster 0003:044F:B65D.0017: Wrong number of endpoints? [ 104.676488][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 104.689905][ T5352] device veth0_vlan entered promiscuous mode [ 104.696745][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 104.705326][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 104.713528][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 104.732539][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 104.742587][ T5352] device veth1_macvtap entered promiscuous mode [ 104.754132][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 104.767541][ T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 104.802352][ T1791] usb 9-1: USB disconnect, device number 3 [ 104.810797][ C1] hid-thrustmaster 0003:044F:B65D.0017: URB to get model id failed with error -2 [ 105.009664][ T325] Bluetooth: hci0: Frame reassembly failed (-84) [ 105.040956][ T5398] loop1: detected capacity change from 0 to 512 [ 105.047784][ T5398] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 105.059486][ T5398] EXT4-fs (loop1): 1 truncate cleaned up [ 105.065001][ T5398] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 105.080795][ T5352] EXT4-fs (loop1): unmounting filesystem. [ 105.227252][ T5422] loop1: detected capacity change from 0 to 128 [ 105.235148][ T5422] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 105.243700][ T5422] ext4 filesystem being mounted at /17/mnt supports timestamps until 2038 (0x7fffffff) [ 105.264107][ T5352] EXT4-fs (loop1): unmounting filesystem. [ 105.506961][ T5455] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2168'. [ 105.516061][ T5455] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2168'. [ 105.830954][ T530] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 105.939351][ T5472] loop7: detected capacity change from 0 to 128 [ 105.947372][ T5472] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 105.955924][ T5472] ext4 filesystem being mounted at /88/mnt supports timestamps until 2038 (0x7fffffff) [ 105.973721][ T3767] EXT4-fs (loop7): unmounting filesystem. [ 105.980847][ T1791] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 106.099057][ T5475] loop7: detected capacity change from 0 to 40427 [ 106.106048][ T5475] F2FS-fs (loop7): fault_injection options not supported [ 106.113362][ T5475] F2FS-fs (loop7): heap/no_heap options were deprecated [ 106.120183][ T5475] F2FS-fs (loop7): Image doesn't support compression [ 106.126777][ T5475] F2FS-fs (loop7): fault_type options not supported [ 106.133903][ T5475] F2FS-fs (loop7): invalid crc value [ 106.140367][ T5475] F2FS-fs (loop7): Found nat_bits in checkpoint [ 106.188567][ T5479] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2178'. [ 106.190777][ T5475] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 106.197617][ T5479] netlink: 15 bytes leftover after parsing attributes in process `syz.1.2178'. [ 106.220794][ T1791] usb 9-1: Using ep0 maxpacket: 8 [ 106.231205][ T3767] syz-executor: attempt to access beyond end of device [ 106.231205][ T3767] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 106.261347][ T530] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 106.268759][ T530] usb 1-1: can't read configurations, error -71 [ 106.340876][ T1791] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 106.363256][ T1791] usb 9-1: config 0 has no interfaces? [ 106.383395][ T5495] loop1: detected capacity change from 0 to 256 [ 106.391299][ T5495] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 106.392891][ T5497] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2185'. [ 106.411053][ T5497] netlink: 36 bytes leftover after parsing attributes in process `syz.7.2185'. [ 106.423689][ T5495] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2186'. [ 106.434059][ T5495] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 106.503787][ T5506] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2191'. [ 106.530876][ T1791] usb 9-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 106.543066][ T1791] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 106.552474][ T1791] usb 9-1: Product: syz [ 106.562985][ T1791] usb 9-1: Manufacturer: syz [ 106.567439][ T1791] usb 9-1: SerialNumber: syz [ 106.572622][ T1791] usb 9-1: config 0 descriptor?? [ 106.717068][ T5525] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2198'. [ 106.763713][ T5532] loop7: detected capacity change from 0 to 256 [ 106.781457][ T5532] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 106.831018][ T849] usb 9-1: USB disconnect, device number 4 [ 107.050820][ T5396] Bluetooth: hci0: command 0x1003 tx timeout [ 107.056722][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 107.190605][ T5568] netlink: 48 bytes leftover after parsing attributes in process `syz.9.2217'. [ 107.367097][ T5588] loop8: detected capacity change from 0 to 1024 [ 107.397197][ T5588] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 107.447311][ T5588] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 107.482412][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 107.517791][ T5602] loop8: detected capacity change from 0 to 256 [ 107.525468][ T5602] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 107.546036][ T5602] FAT-fs (loop8): error, corrupted directory (invalid entries) [ 107.578943][ T5614] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 107.589563][ T5614] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.596624][ T5614] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.632440][ T5622] netlink: 'syz.9.2243': attribute type 16 has an invalid length. [ 107.640225][ T5622] netlink: 'syz.9.2243': attribute type 17 has an invalid length. [ 107.649365][ T5624] bridge: RTM_NEWNEIGH with invalid ether address [ 107.830802][ T849] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 108.085679][ T5649] loop8: detected capacity change from 0 to 40427 [ 108.092723][ T5649] F2FS-fs (loop8): Insane cp_payload (553648128 >= 504) [ 108.099503][ T5649] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock [ 108.109196][ T5649] F2FS-fs (loop8): invalid crc value [ 108.115685][ T5649] F2FS-fs (loop8): Found nat_bits in checkpoint [ 108.151762][ T5649] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0 [ 108.158674][ T5649] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 108.172738][ T5649] syz.8.2257: attempt to access beyond end of device [ 108.172738][ T5649] loop8: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 108.190701][ T28] kauditd_printk_skb: 27 callbacks suppressed [ 108.190718][ T28] audit: type=1400 audit(1866179095.588:4459): avc: denied { write } for pid=5664 comm="syz.9.2261" name="ptp0" dev="devtmpfs" ino=260 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 108.220341][ T4870] syz-executor: attempt to access beyond end of device [ 108.220341][ T4870] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 108.251103][ T849] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 108.310924][ T301] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 108.372623][ T28] audit: type=1400 audit(1866179095.778:4460): avc: denied { name_bind } for pid=5673 comm="syz.8.2262" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 108.394580][ T28] audit: type=1400 audit(1866179095.778:4461): avc: denied { node_bind } for pid=5673 comm="syz.8.2262" saddr=fe80::aa src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 108.450893][ T849] usb 1-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1 [ 108.465961][ T849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.476775][ T28] audit: type=1400 audit(1866179095.878:4462): avc: denied { read } for pid=5686 comm="syz.9.2271" name="msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 108.482707][ T849] usb 1-1: Product: syz [ 108.504801][ T849] usb 1-1: Manufacturer: syz [ 108.509263][ T849] usb 1-1: SerialNumber: syz [ 108.514376][ T28] audit: type=1400 audit(1866179095.878:4463): avc: denied { open } for pid=5686 comm="syz.9.2271" path="/dev/cpu/0/msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1 [ 108.514587][ T849] usb 1-1: config 0 descriptor?? [ 108.543257][ T28] audit: type=1400 audit(1866179095.908:4464): avc: denied { append } for pid=5689 comm="syz.8.2272" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 108.550841][ T301] usb 2-1: Using ep0 maxpacket: 16 [ 108.591886][ T28] audit: type=1400 audit(1866179095.998:4465): avc: denied { block_suspend } for pid=5701 comm="syz.9.2277" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 108.621954][ T849] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 108.633594][ T849] usb 1-1: Detected SIO [ 108.638967][ T849] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 108.660764][ T5707] TCP: tcp_parse_options: Illegal window scaling value 174 > 14 received [ 108.681279][ T28] audit: type=1400 audit(1866179096.088:4466): avc: denied { create } for pid=5709 comm="syz.9.2281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 108.701074][ T301] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 108.717146][ T28] audit: type=1400 audit(1866179096.088:4467): avc: denied { connect } for pid=5709 comm="syz.9.2281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 108.737269][ T301] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 108.747416][ T301] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 108.760824][ T28] audit: type=1400 audit(1866179096.088:4468): avc: denied { getopt } for pid=5709 comm="syz.9.2281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 108.767489][ T5716] loop8: detected capacity change from 0 to 4096 [ 108.786978][ T301] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 108.796045][ T301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.804998][ T301] usb 2-1: config 0 descriptor?? [ 108.812494][ T5716] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 108.823434][ T298] usb 1-1: USB disconnect, device number 17 [ 108.830445][ T5716] EXT4-fs error (device loop8): ext4_do_update_inode:5226: inode #15: comm syz.8.2285: corrupted inode contents [ 108.838259][ T298] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 108.846332][ T5723] xt_hashlimit: size too large, truncated to 1048576 [ 108.852143][ T298] ftdi_sio 1-1:0.0: device disconnected [ 108.857855][ T5716] EXT4-fs error (device loop8): ext4_dirty_inode:6088: inode #15: comm syz.8.2285: mark_inode_dirty error [ 108.875390][ T5716] EXT4-fs error (device loop8): ext4_do_update_inode:5226: inode #15: comm syz.8.2285: corrupted inode contents [ 108.888156][ T5716] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #15: comm syz.8.2285: mark_inode_dirty error [ 108.900553][ T5716] EXT4-fs error (device loop8): ext4_do_update_inode:5226: inode #15: comm syz.8.2285: corrupted inode contents [ 108.922432][ T5716] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #15: comm syz.8.2285: mark_inode_dirty error [ 108.960812][ T5716] EXT4-fs error (device loop8): ext4_do_update_inode:5226: inode #15: comm syz.8.2285: corrupted inode contents [ 108.991094][ T5716] EXT4-fs error (device loop8): ext4_truncate:4313: inode #15: comm syz.8.2285: mark_inode_dirty error [ 109.020957][ T5716] EXT4-fs error (device loop8) in ext4_setattr:5627: Corrupt filesystem [ 109.151121][ T5716] EXT4-fs error (device loop8): ext4_do_update_inode:5226: inode #15: comm syz.8.2285: corrupted inode contents [ 109.170654][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 109.282194][ T301] microsoft 0003:045E:07DA.0018: No inputs registered, leaving [ 109.290107][ T301] microsoft 0003:045E:07DA.0018: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 109.301801][ T301] microsoft 0003:045E:07DA.0018: no inputs found [ 109.307968][ T301] microsoft 0003:045E:07DA.0018: could not initialize ff, continuing anyway [ 109.430791][ T298] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 109.484401][ T849] usb 2-1: USB disconnect, device number 6 [ 109.801162][ T298] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.816587][ T298] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 109.828797][ T298] usb 10-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 109.838149][ T298] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.855900][ T298] usb 10-1: config 0 descriptor?? [ 110.180034][ T5803] loop1: detected capacity change from 0 to 2048 [ 110.194329][ T5805] kvm [5804]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010004 data 0x0 [ 110.211302][ T5803] EXT4-fs: Ignoring removed bh option [ 110.227283][ T5803] EXT4-fs: Ignoring removed nomblk_io_submit option [ 110.240847][ T5803] EXT4-fs: Ignoring removed nobh option [ 110.281232][ T5803] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 110.299840][ T5803] EXT4-fs (loop1): shut down requested (2) [ 110.326104][ T5811] incfs: mount failed -22 [ 110.332083][ T298] isku 0003:1E7D:319C.0019: unknown main item tag 0x0 [ 110.338701][ T298] isku 0003:1E7D:319C.0019: unknown main item tag 0x0 [ 110.351801][ T5352] EXT4-fs (loop1): unmounting filesystem. [ 110.360838][ T298] isku 0003:1E7D:319C.0019: unknown main item tag 0x0 [ 110.367491][ T298] isku 0003:1E7D:319C.0019: unknown main item tag 0x0 [ 110.371948][ T5793] loop7: detected capacity change from 0 to 40427 [ 110.374287][ T298] isku 0003:1E7D:319C.0019: unknown main item tag 0x0 [ 110.387055][ T298] isku 0003:1E7D:319C.0019: unknown main item tag 0x0 [ 110.393726][ T298] isku 0003:1E7D:319C.0019: unknown main item tag 0x0 [ 110.401486][ T5793] F2FS-fs (loop7): Invalid SB checksum offset: 0 [ 110.407696][ T5793] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 110.416475][ T298] isku 0003:1E7D:319C.0019: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.9-1/input0 [ 110.441625][ T5793] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 110.475652][ T5793] F2FS-fs (loop7): Try to recover 2th superblock, ret: 0 [ 110.482610][ T5793] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 110.537679][ T298] usb 10-1: USB disconnect, device number 5 [ 110.596440][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.661531][ T5840] kvm [5839]: vcpu0, guest rIP: 0xfff0 disabled perfctr wrmsr: 0xc0010004 data 0x0 [ 110.690809][ T301] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 110.758058][ T5851] __nla_validate_parse: 8 callbacks suppressed [ 110.758080][ T5851] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2341'. [ 110.879762][ T5874] loop8: detected capacity change from 0 to 1024 [ 110.888195][ T5874] EXT4-fs: Ignoring removed orlov option [ 110.894364][ T5874] EXT4-fs (loop8): Test dummy encryption mode enabled [ 110.903854][ T5874] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 110.914330][ T5874] EXT4-fs (loop8): re-mounted. Quota mode: writeback. [ 110.933196][ T5874] EXT4-fs (loop8): re-mounted. Quota mode: writeback. [ 110.940902][ T301] usb 2-1: Using ep0 maxpacket: 16 [ 110.952711][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 111.061113][ T301] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 111.231515][ T301] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 111.241689][ T301] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.242374][ T5916] loop9: detected capacity change from 0 to 128 [ 111.249509][ T301] usb 2-1: Product: syz [ 111.249528][ T301] usb 2-1: Manufacturer: syz [ 111.256782][ T5916] EXT4-fs: Ignoring removed nobh option [ 111.269870][ T301] usb 2-1: SerialNumber: syz [ 111.271684][ T5916] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 111.283061][ T5916] ext4 filesystem being mounted at /88/mnt supports timestamps until 2038 (0x7fffffff) [ 111.283073][ T301] usb 2-1: config 0 descriptor?? [ 111.301704][ T4969] EXT4-fs (loop9): unmounting filesystem. [ 111.341548][ T301] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 111.351706][ T301] usb 2-1: Detected FT232R [ 111.550812][ T301] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 111.623555][ T5926] loop9: detected capacity change from 0 to 40427 [ 111.630402][ T5926] F2FS-fs (loop9): Insane cp_payload (553648128 >= 504) [ 111.637630][ T5926] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock [ 111.646783][ T5926] F2FS-fs (loop9): invalid crc value [ 111.654102][ T5926] F2FS-fs (loop9): Found nat_bits in checkpoint [ 111.667520][ T5971] loop8: detected capacity change from 0 to 512 [ 111.674380][ T5971] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349) [ 111.684438][ T5971] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 111.692473][ T5971] System zones: 1-12 [ 111.696829][ T5971] EXT4-fs (loop8): orphan cleanup on readonly fs [ 111.703064][ T5971] EXT4-fs error (device loop8): ext4_read_inode_bitmap:168: comm syz.8.2396: Inode bitmap for bg 0 marked uninitialized [ 111.706269][ T5926] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0 [ 111.722499][ T5971] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 111.722626][ T5926] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 111.733918][ T5971] EXT4-fs error (device loop8): ext4_map_blocks:634: inode #2: block 5: comm syz.8.2396: lblock 0 mapped to illegal pblock 5 (length 1) [ 111.752112][ T5971] EXT4-fs warning (device loop8): dx_probe:823: inode #2: lblock 0: comm syz.8.2396: error -117 reading directory block [ 111.752689][ T5926] syz.9.2373: attempt to access beyond end of device [ 111.752689][ T5926] loop9: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 111.767275][ T5971] EXT4-fs error (device loop8): ext4_map_blocks:634: inode #2: block 5: comm syz.8.2396: lblock 0 mapped to illegal pblock 5 (length 1) [ 111.792689][ T5971] EXT4-fs warning (device loop8): dx_probe:823: inode #2: lblock 0: comm syz.8.2396: error -117 reading directory block [ 111.794226][ T301] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 111.813064][ T4969] syz-executor: attempt to access beyond end of device [ 111.813064][ T4969] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 111.836861][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 111.996555][ T298] usb 2-1: USB disconnect, device number 7 [ 112.004111][ T298] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 112.014054][ T298] ftdi_sio 2-1:0.0: device disconnected [ 112.281107][ T5995] netlink: 'syz.9.2405': attribute type 6 has an invalid length. [ 112.670469][ T6025] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 112.750689][ T6003] loop1: detected capacity change from 0 to 40427 [ 112.757737][ T6003] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 112.764591][ T6003] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 112.773483][ T6003] F2FS-fs (loop1): invalid crc value [ 112.780102][ T6003] F2FS-fs (loop1): Found nat_bits in checkpoint [ 112.827923][ T6003] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 112.834897][ T6003] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 112.855489][ T6003] syz.1.2408: attempt to access beyond end of device [ 112.855489][ T6003] loop1: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 112.878078][ T5352] syz-executor: attempt to access beyond end of device [ 112.878078][ T5352] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 112.995247][ T6042] tap0: tun_chr_ioctl cmd 2147767506 [ 113.001153][ T789] usb 10-1: new high-speed USB device number 6 using dummy_hcd [ 113.180984][ T301] usb 9-1: new full-speed USB device number 5 using dummy_hcd [ 113.212267][ T6052] loop1: detected capacity change from 0 to 512 [ 113.218953][ T6052] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 113.240986][ T789] usb 10-1: Using ep0 maxpacket: 16 [ 113.260169][ T6052] EXT4-fs (loop1): 1 orphan inode deleted [ 113.266023][ T6052] EXT4-fs (loop1): 1 truncate cleaned up [ 113.271548][ T6052] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 113.283825][ T6052] EXT4-fs error (device loop1): empty_inline_dir:1862: inode #12: block 7: comm syz.1.2430: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=784, size=60 fake=0 [ 113.302991][ T6052] EXT4-fs (loop1): Remounting filesystem read-only [ 113.309314][ T6052] EXT4-fs warning (device loop1): empty_inline_dir:1869: bad inline directory (dir #12) - inode 13, rec_len 784, name_len 5inline size 60 [ 113.329587][ T5352] EXT4-fs (loop1): unmounting filesystem. [ 113.361033][ T789] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 113.370105][ T789] usb 10-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 113.379976][ T789] usb 10-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 113.390106][ T789] usb 10-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 113.400064][ T789] usb 10-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0 [ 113.409972][ T789] usb 10-1: config 1 interface 0 has no altsetting 0 [ 113.416749][ T789] usb 10-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 113.425872][ T789] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 113.481455][ T789] ums-sddr09 10-1:1.0: USB Mass Storage device detected [ 113.508645][ T28] kauditd_printk_skb: 537 callbacks suppressed [ 113.508664][ T28] audit: type=1400 audit(1866179100.910:5006): avc: denied { read } for pid=6068 comm="syz.0.2436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 113.559938][ T28] audit: type=1400 audit(1866179100.960:5007): avc: denied { name_bind } for pid=6068 comm="syz.0.2436" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 113.580811][ T301] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 113.591708][ T301] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 113.601298][ T301] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 113.693018][ T301] usb 9-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00 [ 113.702059][ T789] scsi host1: usb-storage 10-1:1.0 [ 113.708931][ T301] usb 9-1: New USB device strings: Mfr=64, Product=0, SerialNumber=0 [ 113.716924][ T301] usb 9-1: Manufacturer: syz [ 113.722752][ T301] usb 9-1: config 0 descriptor?? [ 113.725949][ T28] audit: type=1400 audit(1866179101.130:5008): avc: denied { bind } for pid=6094 comm="syz.1.2448" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 113.747309][ T28] audit: type=1400 audit(1866179101.130:5009): avc: denied { listen } for pid=6094 comm="syz.1.2448" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 113.760900][ T6097] loop1: detected capacity change from 0 to 1024 [ 113.773538][ T6097] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 113.784255][ T6097] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 113.802796][ T5352] EXT4-fs (loop1): unmounting filesystem. [ 113.833284][ T6104] sch_tbf: burst 720 is lower than device lo mtu (65550) ! [ 113.852241][ T6106] pim6reg0: tun_chr_ioctl cmd 1074025680 [ 113.895321][ T849] usb 10-1: USB disconnect, device number 6 [ 113.920225][ T6110] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2455'. [ 113.979945][ T28] audit: type=1400 audit(1866179101.380:5010): avc: denied { connect } for pid=6124 comm="syz.7.2462" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 114.012978][ T28] audit: type=1400 audit(2000000000.029:5011): avc: denied { write } for pid=6127 comm="+}[@" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 114.013073][ T6128] random: crng reseeded on system resumption [ 114.040586][ T28] audit: type=1400 audit(2000000000.029:5012): avc: denied { open } for pid=6127 comm="+}[@" path="/dev/snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 114.098010][ T6134] loop1: detected capacity change from 0 to 128 [ 114.104437][ T6134] EXT4-fs: Ignoring removed nobh option [ 114.104436][ T28] audit: type=1400 audit(2000000000.119:5013): avc: denied { accept } for pid=6135 comm="syz.7.2468" path="socket:[41345]" dev="sockfs" ino=41345 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 114.135303][ T6134] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 114.142347][ T6139] loop7: detected capacity change from 0 to 256 [ 114.144536][ T6134] ext4 filesystem being mounted at /94/mnt supports timestamps until 2038 (0x7fffffff) [ 114.149979][ T6139] exfat: Deprecated parameter 'utf8' [ 114.164700][ T6139] exfat: Deprecated parameter 'utf8' [ 114.167629][ T6134] fscrypt (loop1, inode 12): Unsupported log2_data_unit_size in encryption policy: 24 [ 114.169864][ T6139] exfat: Deprecated parameter 'utf8' [ 114.187310][ T5352] EXT4-fs (loop1): unmounting filesystem. [ 114.187727][ T6139] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 114.197068][ T301] wacom 0003:056A:0045.001A: ignoring exceeding usage max [ 114.217910][ T301] wacom 0003:056A:0045.001A: Unknown device_type for 'syz'. Assuming pen. [ 114.232629][ T301] wacom 0003:056A:0045.001A: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.8-1/input0 [ 114.251761][ T301] input: Wacom Intuos2 12x18 Pen as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:056A:0045.001A/input/input26 [ 114.321484][ T6151] loop1: detected capacity change from 0 to 256 [ 114.330763][ T6151] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 114.404048][ T301] usb 9-1: USB disconnect, device number 5 [ 114.527314][ T28] audit: type=1400 audit(2000000000.539:5014): avc: denied { read } for pid=6177 comm="syz.0.2487" path="socket:[41603]" dev="sockfs" ino=41603 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 114.670304][ T28] audit: type=1400 audit(2000000000.679:5015): avc: denied { relabelfrom } for pid=6198 comm="syz.7.2495" name="" dev="pipefs" ino=41709 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 114.724296][ T6205] loop7: detected capacity change from 0 to 512 [ 114.765503][ T6205] EXT4-fs (loop7): 1 orphan inode deleted [ 114.774528][ T6205] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback. [ 114.783659][ T616] EXT4-fs error (device loop7): ext4_release_dquot:6810: comm kworker/u4:5: Failed to release dquot type 1 [ 114.804868][ T6205] ext4 filesystem being mounted at /124/bus supports timestamps until 2038 (0x7fffffff) [ 114.819676][ T6170] loop9: detected capacity change from 0 to 40427 [ 114.831241][ T6170] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12 [ 114.841088][ T6170] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock [ 114.860120][ T6170] F2FS-fs (loop9): invalid crc value [ 114.871415][ T3767] EXT4-fs (loop7): unmounting filesystem. [ 114.881223][ T325] EXT4-fs error (device loop7): ext4_release_dquot:6810: comm kworker/u4:3: Failed to release dquot type 1 [ 114.907566][ T6170] F2FS-fs (loop9): Found nat_bits in checkpoint [ 114.913181][ T6216] loop7: detected capacity change from 0 to 512 [ 114.943152][ T6219] loop8: detected capacity change from 0 to 512 [ 114.966510][ T6216] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 114.978638][ T6170] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0 [ 114.987401][ T6216] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2186: inode #15: comm syz.7.2500: corrupted in-inode xattr [ 115.001222][ T6170] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 115.019001][ T6219] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 115.027951][ T6216] EXT4-fs (loop7): Remounting filesystem read-only [ 115.034823][ T6219] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038 (0x7fffffff) [ 115.047211][ T6216] EXT4-fs error (device loop7): ext4_orphan_get:1401: comm syz.7.2500: couldn't read orphan inode 15 (err -117) [ 115.063632][ T6229] SELinux: policydb version 1291680233 does not match my version range 15-33 [ 115.073922][ T6229] SELinux: failed to load policy [ 115.081438][ T6216] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 115.112384][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 115.122024][ T3767] EXT4-fs (loop7): unmounting filesystem. [ 115.223541][ T6258] loop7: detected capacity change from 0 to 128 [ 115.230277][ T6258] EXT4-fs: Ignoring removed nobh option [ 115.254733][ T6260] loop1: detected capacity change from 0 to 512 [ 115.275751][ T6258] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none. [ 115.284453][ T6258] ext4 filesystem being mounted at /128/mnt supports timestamps until 2038 (0x7fffffff) [ 115.308426][ T6258] fscrypt (loop7, inode 12): Unsupported log2_data_unit_size in encryption policy: 24 [ 115.309131][ T6260] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 115.331937][ T3767] EXT4-fs (loop7): unmounting filesystem. [ 115.334171][ T6260] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038 (0x7fffffff) [ 115.395971][ T5352] EXT4-fs (loop1): unmounting filesystem. [ 115.413333][ T6288] overlayfs: missing 'lowerdir' [ 115.556719][ T6331] loop9: detected capacity change from 0 to 512 [ 115.563791][ T6331] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem [ 115.573944][ T6331] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2186: inode #15: comm syz.9.2551: corrupted in-inode xattr [ 115.586155][ T6331] EXT4-fs (loop9): Remounting filesystem read-only [ 115.592748][ T6331] EXT4-fs error (device loop9): ext4_orphan_get:1401: comm syz.9.2551: couldn't read orphan inode 15 (err -117) [ 115.605025][ T6331] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: none. [ 115.623080][ T4969] EXT4-fs (loop9): unmounting filesystem. [ 115.631582][ T6338] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2556'. [ 115.671180][ T301] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 115.911087][ T301] usb 2-1: Using ep0 maxpacket: 16 [ 116.031162][ T301] usb 2-1: config 1 interface 0 altsetting 93 bulk endpoint 0x82 has invalid maxpacket 96 [ 116.040977][ T301] usb 2-1: config 1 interface 0 altsetting 93 bulk endpoint 0x3 has invalid maxpacket 8 [ 116.050606][ T301] usb 2-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 116.063495][ T301] usb 2-1: config 1 interface 0 has no altsetting 0 [ 116.141197][ T301] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 116.150186][ T301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 116.158126][ T301] usb 2-1: SerialNumber: syz [ 116.181193][ T6291] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 116.188221][ T6291] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 116.389785][ T6364] loop8: detected capacity change from 0 to 512 [ 116.396451][ T6364] EXT4-fs (loop8): mounting ext3 file system using the ext4 subsystem [ 116.406162][ T6291] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 116.406538][ T6364] EXT4-fs error (device loop8): ext4_xattr_ibody_find:2186: inode #15: comm syz.8.2568: corrupted in-inode xattr [ 116.414931][ T6291] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 116.425774][ T6364] EXT4-fs (loop8): Remounting filesystem read-only [ 116.438229][ T6364] EXT4-fs error (device loop8): ext4_orphan_get:1401: comm syz.8.2568: couldn't read orphan inode 15 (err -117) [ 116.450189][ T6364] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 116.469241][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 116.531228][ T849] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 116.547077][ T6373] loop8: detected capacity change from 0 to 1024 [ 116.562774][ T6373] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 116.574589][ T6373] EXT4-fs (loop8): shut down requested (0) [ 116.587484][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 116.871123][ T298] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 116.891229][ T301] cdc_ether: probe of 2-1:1.0 failed with error -22 [ 116.921211][ T849] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 116.932330][ T849] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 116.943356][ T849] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 116.952144][ T849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.971183][ T6360] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 117.093704][ T24] usb 2-1: USB disconnect, device number 8 [ 117.111111][ T298] usb 9-1: Using ep0 maxpacket: 32 [ 117.221222][ T849] aiptek 1-1:17.0: Aiptek using 400 ms programming speed [ 117.228653][ T849] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input29 [ 117.239258][ T849] usb 1-1: USB disconnect, device number 18 [ 117.245083][ T298] usb 9-1: config index 0 descriptor too short (expected 29220, got 36) [ 117.253187][ C1] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 117.261672][ T298] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 117.271131][ T298] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 117.280285][ T298] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 117.289781][ T298] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 117.299272][ T298] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 117.308872][ T298] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 117.318545][ T298] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 117.331409][ T298] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 117.340257][ T298] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.348759][ T298] usb 9-1: config 0 descriptor?? [ 117.611764][ T298] usblp 9-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 117.623202][ T298] usb 9-1: USB disconnect, device number 6 [ 117.633245][ T298] usblp0: removed [ 117.654798][ T6404] loop9: detected capacity change from 0 to 512 [ 117.674577][ T6404] EXT4-fs (loop9): 1 orphan inode deleted [ 117.680220][ T6404] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback. [ 117.689371][ T6404] ext4 filesystem being mounted at /134/bus supports timestamps until 2038 (0x7fffffff) [ 117.691668][ T10] EXT4-fs error (device loop9): ext4_release_dquot:6810: comm kworker/u4:1: Failed to release dquot type 1 [ 117.717136][ T4969] EXT4-fs (loop9): unmounting filesystem. [ 117.722874][ T10] EXT4-fs error (device loop9): ext4_release_dquot:6810: comm kworker/u4:1: Failed to release dquot type 1 [ 118.381911][ T6425] input: syz0 as /devices/virtual/input/input30 [ 118.595999][ T6467] loop9: detected capacity change from 0 to 512 [ 118.605214][ T6467] EXT4-fs error (device loop9): ext4_free_branches:1030: inode #11: comm syz.9.2614: invalid indirect mapped block 256 (level 2) [ 118.618950][ T6467] EXT4-fs (loop9): Remounting filesystem read-only [ 118.625605][ T6467] EXT4-fs (loop9): 2 truncates cleaned up [ 118.631594][ T6467] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback. [ 118.644034][ T6467] EXT4-fs error (device loop9): ext4_validate_block_bitmap:429: comm syz.9.2614: bg 0: block 5: invalid block bitmap [ 118.665444][ T6467] EXT4-fs (loop9): Remounting filesystem read-only [ 118.676712][ T6476] loop8: detected capacity change from 0 to 16 [ 118.683344][ T6476] erofs: (device loop8): mounted with root inode @ nid 36. [ 118.692468][ T4969] EXT4-fs (loop9): unmounting filesystem. [ 118.693457][ T6476] erofs: (device loop8): z_erofs_readahead: readahead error at page 24 @ nid 36 [ 118.707141][ T6476] erofs: (device loop8): z_erofs_readahead: readahead error at page 19 @ nid 36 [ 118.716383][ T6476] erofs: (device loop8): z_erofs_readahead: readahead error at page 18 @ nid 36 [ 118.725495][ T6476] erofs: (device loop8): z_erofs_readahead: readahead error at page 17 @ nid 36 [ 118.734643][ T6476] erofs: (device loop8): z_erofs_readahead: readahead error at page 16 @ nid 36 [ 118.754316][ T6476] erofs: (device loop8): z_erofs_readahead: readahead error at page 12 @ nid 36 [ 118.763635][ T6476] syz.8.2617: attempt to access beyond end of device [ 118.763635][ T6476] loop8: rw=524288, sector=376, nr_sectors = 16 limit=16 [ 118.777173][ T6476] syz.8.2617: attempt to access beyond end of device [ 118.777173][ T6476] loop8: rw=524288, sector=384, nr_sectors = 16 limit=16 [ 118.791177][ T6476] syz.8.2617: attempt to access beyond end of device [ 118.791177][ T6476] loop8: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 118.805021][ T6476] syz.8.2617: attempt to access beyond end of device [ 118.805021][ T6476] loop8: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 118.818533][ T6476] syz.8.2617: attempt to access beyond end of device [ 118.818533][ T6476] loop8: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 118.842216][ T6476] syz.8.2617: attempt to access beyond end of device [ 118.842216][ T6476] loop8: rw=524288, sector=728, nr_sectors = 16 limit=16 [ 118.895260][ T6487] loop8: detected capacity change from 0 to 1024 [ 118.923595][ T6487] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 118.959423][ T4870] EXT4-fs (loop8): unmounting filesystem. [ 119.251950][ T6536] loop1: detected capacity change from 0 to 256 [ 119.257965][ T6538] syz.8.2645[6538] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 119.258559][ T6538] syz.8.2645[6538] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 119.282713][ T6540] pimreg1: tun_chr_ioctl cmd 1074025681 [ 119.299557][ T6536] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 119.310407][ T6536] FAT-fs (loop1): Filesystem has been set read-only [ 119.320166][ T6536] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 119.330988][ T6536] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 119.349174][ T6536] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 119.361083][ T6544] loop8: detected capacity change from 0 to 16 [ 119.366375][ T6536] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 119.375543][ T6544] erofs: (device loop8): mounted with root inode @ nid 36. [ 119.391361][ T6536] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 119.409504][ T6546] loop8: detected capacity change from 0 to 128 [ 119.416270][ T6546] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 119.432565][ T28] kauditd_printk_skb: 17 callbacks suppressed [ 119.432581][ T28] audit: type=1400 audit(2000000005.449:5029): avc: denied { mounton } for pid=6545 comm="syz.8.2649" path="/139/file0/file0" dev="loop8" ino=1048715 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 119.478457][ T6551] Â: renamed from pim6reg1 [ 119.532973][ T6559] overlayfs: failed to clone lowerpath [ 119.579462][ T28] audit: type=1400 audit(2000000005.589:5030): avc: denied { mount } for pid=6567 comm="syz.1.2658" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 119.617031][ T28] audit: type=1400 audit(2000000005.619:5031): avc: denied { remount } for pid=6567 comm="syz.1.2658" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 119.637506][ T28] audit: type=1400 audit(2000000005.629:5032): avc: denied { unmount } for pid=5352 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1 [ 119.769772][ T28] audit: type=1400 audit(2000000005.779:5033): avc: denied { ioctl } for pid=6582 comm="syz.7.2665" path="/dev/fuse" dev="devtmpfs" ino=93 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 119.829915][ T6593] netlink: 52 bytes leftover after parsing attributes in process `syz.7.2670'. [ 119.838885][ T6593] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2670'. [ 120.051161][ T298] usb 10-1: new high-speed USB device number 7 using dummy_hcd [ 120.235331][ T6599] syz.8.2674[6599] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.235391][ T6599] syz.8.2674[6599] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.441148][ T298] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 120.463086][ T298] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 120.475412][ T298] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 120.486521][ T298] usb 10-1: New USB device found, idVendor=04d9, idProduct=a081, bcdDevice= 0.00 [ 120.498351][ T298] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.507207][ T298] usb 10-1: config 0 descriptor?? [ 120.550826][ T6621] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2683'. [ 120.559692][ T6621] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2683'. [ 120.582590][ T6624] loop7: detected capacity change from 0 to 1024 [ 120.589020][ T6624] EXT4-fs: Ignoring removed nomblk_io_submit option [ 120.596095][ T6624] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 120.608417][ T6624] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 120.616566][ T6624] System zones: 0-1, 3-36 [ 120.624635][ T6624] EXT4-fs (loop7): shut down requested (2) [ 120.742347][ T6627] loop7: detected capacity change from 0 to 512 [ 120.753095][ T6627] EXT4-fs error (device loop7): ext4_quota_enable:6978: comm syz.7.2685: inode #50331648: comm syz.7.2685: iget: illegal inode # [ 120.766483][ T6627] EXT4-fs (loop7): Remounting filesystem read-only [ 120.773040][ T6627] EXT4-fs error (device loop7): ext4_quota_enable:6981: comm syz.7.2685: Bad quota inode: 50331648, type: 2 [ 120.784755][ T6627] EXT4-fs warning (device loop7): ext4_enable_quotas:7022: Failed to enable quota tracking (type=2, err=-117, ino=50331648). Please run e2fsck to fix. [ 120.800206][ T6627] EXT4-fs (loop7): mount failed [ 120.931265][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 120.951407][ T6636] IPv6: ADDRCONF(NETDEV_CHANGE): ip6erspan0: link becomes ready [ 120.970693][ T28] audit: type=1400 audit(2000000006.979:5034): avc: denied { read } for pid=6637 comm="syz.7.2689" name="uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 120.993652][ T28] audit: type=1400 audit(2000000006.979:5035): avc: denied { open } for pid=6637 comm="syz.7.2689" path="/dev/uhid" dev="devtmpfs" ino=263 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 121.003128][ T298] holtek_mouse 0003:04D9:A081.001B: hidraw0: USB HID v0.00 Device [HID 04d9:a081] on usb-dummy_hcd.9-1/input0 [ 121.106913][ T28] audit: type=1400 audit(2000000007.119:5036): avc: denied { bind } for pid=6641 comm="syz.0.2692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 121.213812][ T6656] tap0: tun_chr_ioctl cmd 1074025677 [ 121.217961][ T298] usb 10-1: USB disconnect, device number 7 [ 121.219034][ T6656] tap0: linktype set to 776 [ 121.333541][ T6663] loop8: detected capacity change from 0 to 128 [ 121.340167][ T6663] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 121.374654][ T6665] loop1: detected capacity change from 0 to 256 [ 121.394554][ T6667] loop8: detected capacity change from 0 to 256 [ 121.490030][ T325] tipc: Subscription rejected, illegal request [ 121.604108][ T28] audit: type=1400 audit(2000000007.619:5037): avc: denied { create } for pid=6679 comm="syz.7.2709" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 121.650858][ T28] audit: type=1400 audit(2000000007.659:5038): avc: denied { read } for pid=6679 comm="syz.7.2709" name="file0" dev="tmpfs" ino=929 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 121.741113][ T301] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 121.808963][ T325] Bluetooth: hci0: Frame reassembly failed (-84) [ 121.815486][ T6697] Bluetooth: hci0: Frame reassembly failed (-84) [ 121.835770][ T6682] loop8: detected capacity change from 0 to 40427 [ 121.842991][ T6682] F2FS-fs (loop8): fault_injection options not supported [ 121.848188][ T6700] loop7: detected capacity change from 0 to 1024 [ 121.850683][ T6682] F2FS-fs (loop8): invalid crc value [ 121.856925][ T6700] EXT4-fs: Ignoring removed nomblk_io_submit option [ 121.862979][ T6682] F2FS-fs (loop8): Found nat_bits in checkpoint [ 121.912864][ T6682] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5 [ 121.933843][ T4870] syz-executor: attempt to access beyond end of device [ 121.933843][ T4870] loop8: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 121.983726][ T6714] loop7: detected capacity change from 0 to 512 [ 121.991211][ T301] usb 1-1: Using ep0 maxpacket: 16 [ 121.998480][ T6714] EXT4-fs error (device loop7): ext4_acquire_dquot:6787: comm syz.7.2723: Failed to acquire dquot type 1 [ 122.010663][ T6714] EXT4-fs (loop7): 1 truncate cleaned up [ 122.016451][ T6714] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038 (0x7fffffff) [ 122.029791][ T6714] EXT4-fs error (device loop7): ext4_readdir:260: inode #2: block 3: comm syz.7.2723: path /183/file0: bad entry in directory: rec_len is smaller than minimal - offset=323, inode=0, rec_len=0, size=4096 fake=0 [ 122.071140][ T298] usb 10-1: new high-speed USB device number 8 using dummy_hcd [ 122.121271][ T301] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 122.132413][ T301] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 122.145446][ T301] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 122.161111][ T301] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.177932][ T301] usb 1-1: config 0 descriptor?? [ 122.321057][ T298] usb 10-1: Using ep0 maxpacket: 8 [ 122.414714][ T6741] loop7: detected capacity change from 0 to 512 [ 122.424247][ T6741] EXT4-fs error (device loop7): ext4_orphan_get:1396: inode #15: comm syz.7.2732: casefold flag without casefold feature [ 122.436999][ T6741] EXT4-fs error (device loop7): ext4_orphan_get:1401: comm syz.7.2732: couldn't read orphan inode 15 (err -117) [ 122.471185][ T298] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 122.488062][ T298] usb 10-1: config 0 has no interfaces? [ 122.671150][ T298] usb 10-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 122.690593][ T298] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.692200][ T6748] loop7: detected capacity change from 0 to 40427 [ 122.700700][ T298] usb 10-1: Product: syz [ 122.709124][ T298] usb 10-1: Manufacturer: syz [ 122.711122][ T6748] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 122.713995][ T298] usb 10-1: SerialNumber: syz [ 122.726630][ T298] usb 10-1: config 0 descriptor?? [ 122.731112][ T6748] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 122.741872][ T6748] F2FS-fs (loop7): Found nat_bits in checkpoint [ 122.785763][ T6748] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 122.798698][ T6748] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 122.799967][ T6733] loop8: detected capacity change from 0 to 131072 [ 122.805665][ T6748] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 122.813076][ T6733] F2FS-fs (loop8): QUOTA feature is enabled, so ignore qf_name [ 122.827560][ T6733] F2FS-fs (loop8): invalid crc value [ 122.834154][ T6733] F2FS-fs (loop8): Disable nat_bits due to incorrect cp_ver (15359802341028777995, 275811881701387) [ 122.866915][ T6733] F2FS-fs (loop8): Mounted with checkpoint version = 753bd00b [ 122.982303][ T789] usb 10-1: USB disconnect, device number 8 [ 123.092215][ T6767] loop8: detected capacity change from 0 to 1024 [ 123.098823][ T6767] EXT4-fs: Ignoring removed nomblk_io_submit option [ 123.144291][ T6773] loop8: detected capacity change from 0 to 512 [ 123.163495][ T6773] EXT4-fs error (device loop8): ext4_quota_enable:6978: comm syz.8.2741: inode #50331648: comm syz.8.2741: iget: illegal inode # [ 123.175705][ T6763] loop7: detected capacity change from 0 to 40427 [ 123.176917][ T6773] EXT4-fs (loop8): Remounting filesystem read-only [ 123.183981][ T6763] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12 [ 123.189914][ T6773] EXT4-fs error (device loop8): ext4_quota_enable:6981: comm syz.8.2741: Bad quota inode: 50331648, type: 2 [ 123.197459][ T6763] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 123.209182][ T6773] EXT4-fs warning (device loop8): ext4_enable_quotas:7022: Failed to enable quota tracking (type=2, err=-117, ino=50331648). Please run e2fsck to fix. [ 123.217294][ T6763] F2FS-fs (loop7): invalid crc value [ 123.231911][ T6773] EXT4-fs (loop8): mount failed [ 123.238565][ T6763] F2FS-fs (loop7): Found nat_bits in checkpoint [ 123.276240][ T6763] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0 [ 123.283267][ T6763] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5 [ 123.375630][ T6783] netlink: 'syz.7.2742': attribute type 1 has an invalid length. [ 123.402262][ T6787] input: syz0 as /devices/virtual/input/input31 [ 123.469621][ T6796] loop7: detected capacity change from 0 to 4096 [ 123.581201][ T314] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 123.841198][ T314] usb 9-1: Using ep0 maxpacket: 16 [ 123.851184][ T5396] Bluetooth: hci0: command 0x1003 tx timeout [ 123.851464][ T45] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 123.931145][ T616] tipc: Subscription rejected, illegal request [ 123.970982][ T6846] loop7: detected capacity change from 0 to 4096 [ 123.971172][ T314] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 123.988483][ T314] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 124.001835][ T314] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 124.010912][ T314] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.026015][ T314] usb 9-1: config 0 descriptor?? [ 124.095275][ T6855] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2776'. [ 124.268326][ T6873] loop7: detected capacity change from 0 to 512 [ 124.275196][ T6871] loop9: detected capacity change from 0 to 512 [ 124.279587][ T6873] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 124.293001][ T6873] EXT4-fs (loop7): 1 truncate cleaned up [ 124.555171][ T6891] loop9: detected capacity change from 0 to 40427 [ 124.562045][ T6891] F2FS-fs (loop9): Insane cp_payload (553648128 >= 504) [ 124.570106][ T6891] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock [ 124.571224][ T314] usbhid 9-1:0.0: can't add hid device: -71 [ 124.578289][ T301] usbhid 1-1:0.0: can't add hid device: -71 [ 124.591597][ T6891] F2FS-fs (loop9): Image doesn't support compression [ 124.592682][ T314] usbhid: probe of 9-1:0.0 failed with error -71 [ 124.599728][ T301] usbhid: probe of 1-1:0.0 failed with error -71 [ 124.607758][ T314] usb 9-1: USB disconnect, device number 7 [ 124.618067][ T6891] F2FS-fs (loop9): invalid crc value [ 124.632471][ T6905] loop7: detected capacity change from 0 to 256 [ 124.639632][ T301] usb 1-1: USB disconnect, device number 19 [ 124.646574][ T6891] F2FS-fs (loop9): Found nat_bits in checkpoint [ 124.647315][ T6905] exfat: Deprecated parameter 'utf8' [ 124.657969][ T6905] exfat: Deprecated parameter 'namecase' [ 124.664274][ T6905] exfat: Deprecated parameter 'utf8' [ 124.685622][ T6905] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 124.721158][ T6905] exFAT-fs (loop7): error, tried to truncate zeroed cluster. [ 124.729940][ T6891] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0 [ 124.738731][ T6905] exFAT-fs (loop7): error, invalid access to exfat cache (entry 0x00000000) [ 124.738765][ T6891] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5 [ 124.751413][ T6905] exFAT-fs (loop7): error, failed to bmap (inode : ffff888118b1ee30 iblock : 25, err : -5) [ 124.768946][ T6905] exFAT-fs (loop7): error, tried to truncate zeroed cluster. [ 124.781207][ T6905] exFAT-fs (loop7): error, tried to truncate zeroed cluster. [ 124.789008][ T6913] exFAT-fs (loop7): error, invalid access to exfat cache (entry 0x00000000) [ 124.804080][ T6913] exFAT-fs (loop7): error, failed to bmap (inode : ffff888118b1ee30 iblock : 13, err : -5) [ 124.841220][ T28] kauditd_printk_skb: 11 callbacks suppressed [ 124.841260][ T28] audit: type=1400 audit(2000000010.859:5048): avc: denied { setopt } for pid=6918 comm="syz.0.2802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 124.879300][ T28] audit: type=1400 audit(2000000010.869:5049): avc: denied { unmount } for pid=3767 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 124.930629][ T28] audit: type=1400 audit(2000000010.939:5050): avc: denied { write } for pid=6931 comm="syz.9.2807" name="file0" dev="tmpfs" ino=848 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 124.991908][ T6945] loop9: detected capacity change from 0 to 512 [ 124.993553][ T6947] loop8: detected capacity change from 0 to 128 [ 124.998899][ T6945] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 125.009375][ T6947] syz.8.2821: attempt to access beyond end of device [ 125.009375][ T6947] loop8: rw=2049, sector=153, nr_sectors = 89 limit=128 [ 125.016082][ T6945] EXT4-fs (loop9): 1 truncate cleaned up [ 125.029910][ T6947] syz.8.2821: attempt to access beyond end of device [ 125.029910][ T6947] loop8: rw=2049, sector=241, nr_sectors = 1 limit=128 [ 125.071374][ T28] audit: type=1326 audit(2000000011.089:5051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6951 comm="syz.7.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f406bf7e719 code=0x7ffc0000 [ 125.102069][ T28] audit: type=1326 audit(2000000011.109:5052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6951 comm="syz.7.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f406bf7e719 code=0x7ffc0000 [ 125.128745][ T28] audit: type=1326 audit(2000000011.109:5053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6951 comm="syz.7.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f406bf7e719 code=0x7ffc0000 [ 125.155321][ T28] audit: type=1326 audit(2000000011.109:5054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6951 comm="syz.7.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f406bf7e719 code=0x7ffc0000 [ 125.180421][ T28] audit: type=1400 audit(2000000011.109:5055): avc: denied { watch_reads } for pid=6951 comm="syz.7.2815" path="/233" dev="tmpfs" ino=1236 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 125.202946][ T6958] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2817'. [ 125.212178][ T28] audit: type=1326 audit(2000000011.109:5056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6951 comm="syz.7.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f406bf7e719 code=0x7ffc0000 [ 125.240963][ T28] audit: type=1326 audit(2000000011.109:5057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6951 comm="syz.7.2815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f406bf7e719 code=0x7ffc0000 [ 125.305154][ T6971] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2824'. [ 125.314375][ T6969] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 125.324741][ T6973] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 125.328811][ T6969] loop8: detected capacity change from 0 to 2048 [ 125.419803][ T6973] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 125.463353][ T6980] device dummy0 entered promiscuous mode [ 125.473773][ T6969] EXT4-fs error (device loop8): ext4_orphan_get:1422: comm syz.8.2823: bad orphan inode 8192 [ 125.493926][ T6979] device dummy0 left promiscuous mode [ 125.887689][ T7025] IPv6: NLM_F_CREATE should be specified when creating new route [ 125.953587][ T7021] loop7: detected capacity change from 0 to 8192 [ 125.974376][ T7021] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 126.000180][ T7021] FAT-fs (loop7): Filesystem has been set read-only [ 126.010445][ T7021] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 126.029316][ T7021] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 1046) [ 126.093496][ T7048] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2858'. [ 126.099948][ T1791] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0 [ 126.115351][ T7046] UHID_CREATE from different security context by process 376 (syz.8.2859), this is not allowed. [ 126.128221][ T1791] hid-generic 0000:0000:0000.001C: hidraw0: HID v0.00 Device [syz0] on syz0 [ 126.151138][ T301] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 126.180160][ T7065] netlink: 'syz.9.2867': attribute type 7 has an invalid length. [ 126.401119][ T301] usb 2-1: Using ep0 maxpacket: 32 [ 126.521167][ T301] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 126.529004][ T301] usb 2-1: config 0 has no interface number 0 [ 126.534939][ T301] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 126.546308][ T301] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 126.555859][ T301] usb 2-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 126.564738][ T301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.573164][ T301] usb 2-1: config 0 descriptor?? [ 127.271199][ T301] uclogic 0003:28BD:0094.001D: pen parameters not found [ 127.278064][ T301] uclogic 0003:28BD:0094.001D: interface is invalid, ignoring [ 127.472360][ T301] usb 2-1: USB disconnect, device number 9