last executing test programs: 6.903991151s ago: executing program 1: r0 = socket$inet6(0xa, 0x2, 0x3a) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c) 6.800863967s ago: executing program 1: r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1b96, 0xa, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{}, [{}]}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000d40)={0x2c, &(0x7f0000000780)=ANY=[@ANYBLOB="00000700000007007673ed26b029a925ac675bd612d8ab87f051a10ee74893f24ccd9ce3e96e268eef4b136865aeac"], 0x0, 0x0, 0x0, 0x0}, 0x0) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r2 = openat$incfs(r1, &(0x7f0000000180)='.pending_reads\x00', 0x0, 0x0) ioctl$INCFS_IOC_CREATE_FILE(r2, 0xc058671e, &(0x7f0000000480)={{}, {}, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x0, 0x0, 0x64}) ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x90044802, &(0x7f0000000500)) r3 = syz_open_dev$hidraw(&(0x7f0000000280), 0x0, 0x4a141) write$hidraw(r3, &(0x7f0000000300)="952808db3f4ff2b2da91963a04f0c94fef08d1c158f12eefbe22233aa21a9ac4d8316a130788180471c3cfb56399d6bb5d84030c27345fd6bafca83753c3a560066e6abee916715bbfe2d079eda0b4889fe95cb159aac184270fa0d87e4bc342ad795397686d27979284a1158461fbbb7666a2b9354e7b5a93b25f2b0e2d010652ff11e08ee6e783cf561aa8309515584f", 0x91) r4 = syz_open_dev$hidraw(&(0x7f0000000080), 0x5, 0x20001) ioctl$HIDIOCGFEATURE(r4, 0xc0404807, &(0x7f00000000c0)={0x7f, "be3e815995830e16a128b578e3af9d546fd61d7a5683da229303c76a2df3948c831ebfb4e3a2c0c336fe8ce02d8dc9d583aebcb8beb9e08613ec0143508bd56f"}) r5 = syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0) read$hidraw(r5, 0x0, 0x0) write$hidraw(r5, 0x0, 0x0) ioctl$HIDIOCGFEATURE(r3, 0xc0404807, &(0x7f0000000000)={0x4, "1cf250d2528722061e2daedcbbf930dedf4904d8f9e64f62c3d0e156e87ed3dbfac38f0c1faada797532454dd344c00c8a007369f5d86fe64007aa38577e4db7"}) r6 = syz_open_dev$hidraw(0x0, 0x0, 0x20001) ioctl$HIDIOCGFEATURE(r6, 0xc0404807, &(0x7f00000000c0)={0x7f, "be3e815995830e16a128b578e3af9d546fd61d7a5683da229303c76a2df3948c831ebfb4e3a2c0c336fe8ce02d8dc9d583aebcb8beb9e08613ec0143508bd56f"}) write$hidraw(r6, &(0x7f00000018c0)="387a3e3a119c477b513636325d4cd15cd14fda97942dced7ba973cf5c8a0de", 0x1f) ioctl$HIDIOCGRDESC(r3, 0x90044802, &(0x7f0000000d80)={0x660, "d719d3800e9c938a541ddda71d0515a9b976e809b8ac68c529cc9be214d4e89f01f8e1b4f07a1a9a88028b474d90b27b7e72cd879f7d5d316dd869c5b8a3cf676bc7b8b52ff5eb1fb9f153600a13e1fc216fe34b1563c542c048b5e34e61d0c0d85c2a96731afc8f3f6a421c475217fe764d1b0c9973ba609b8d9ef8e11442a41b65277d5e6149af2d8a06825bd12f13d501ab213648d7c914f422b0c5cc6aa420676417fe367fcb7ce1d10c6f8afdd6beade9ded72d346f64d23776da585cdbbc9f9dee0474f9d7b608e996b67a7b0f4507aed7f1066cec880ddb71b7aa5d50d9dd35842b650f34fa842d1870f36daa614c9b6663713d759b1d06ed646e84edcb2c7e24b9bbf3ad93dc0015a581d650166fc95439c6d47f8c3cabf2d843b71dd0cb33fa62e6fbc4eb3778f1b3d2969ca5f592f569f03e425b384705da14d9d6ea0575d5d06e8e0646d5d8df9fbff224851c8d9835d04313ce63fc0f691ac536db32c219bd2dc7ab6ba01ed2c36dfbf64e269ed45a0c66ead0df961993d9146771662fbfc60693bc41ea04deb77577b73d39af9fcda9f6c61feb7a20d4649af908a4bc03f9cbe9aeadc7c6adb3c1641ded96d5ec5c7b81b99d56b2abdfa878f4ad47be7af23474bd576bf2360aa862b7a55ceecedb466f029e2898310c1025e37637d375bd47467921c5587d221de3a961db8f6f0f517606e6f2bcc7713613c6d3f3620a2d42fd727f7bfaee664155a73aa685972e18d53bea0390ee7e510f36921ccfd9cbd09794f360efa9c89f2f9a0aa2b648118805b58ab6aa4c8b134be51992fe9caf8682ec2dc044eb435919399c4c7d203c5c48297e439a0a6b65daca3e599c9b34c95a9831ac0b1a157fc37eadc43c7bc525f2f078078233a6ab0cfdef2fda8e4f75a7efec5c26e4a9455493d93fedce3c23380194aaafbc8286dde37ef5efdf94b9c9b0b8734b8534b660bb68ecefd166bf0da9f663aa140e84823c7a182d4806590bc024df73fafef6a7ef42c95357edad94104af563d34b4c4d7d1dcdd94c2f25f59d8ca4aaf3023b23fbe421590abe94115b6d43761e498cc10310c5f38da68e1cf3e7b7fe2c516f0cd273bcd1393862b26145b7f1d547c21d1247d894890c28ef8c43d4994768f960553e41f4c1e038bc20a2cfd2a65326ef08773f27e1ad20bcff39b7ce1a40f9bead32b4f8610dedfb1e0a33aea85ac746e4651a7137db2f0adb057e583f8b41b5f13a07add6620948e7d4dc9ee35dcc9c944ae0be9e61c0e9dd27f0f936053d47b2f28225447f8db70227346101f8831b3e984f15bd3cca297ed66d894f7b75aa63ff0c8e24afd8cc9713b582b59ff9ed3cee2b05adff2d6a794914356d820a7bd06319ed87556d43dba0baf906d3135e195571891a5e8169d6fa4ed41a49c3048ab7cc6da7f625ec148907c57f579d342c9fa02553d5a742bf2233f12ae0aea9ae99e5b250092848b94a9a63ded4ca63ba193237c36eac1f09cd37eefc7ea97ac26e35a670d07c2a8db4db05a5578eddd68c12b7b10926b1dee6fa4cf4c337cf51e406af36332427a3f2f57e405053bf91a094bf26a40a5f7b9a052215eaaf6f818beab29f4fb16bf4de956dd7919b78480e09e178a6fa9e3c47c48567828c66a7360028d02767767394d23d844951226144f11ed5cb027ae5c26b1fa55b12bcb78b166f511984f4a8c27177f5b4563fe8bc9ca8c3ee0a70fe431ecf973462789a002ba6cad3f11de280cc47dc198e086a003ea73cfdfc5c3038c79fa24c27a638584240c53d9682fd80aa0b57a026a68380a6ab0160bfd6a588d58cf935b8589d188f728b12e3513923cd48ffaf62ea23c7c62eb8a914e86c99bd9461d57bb9a5846d89257003bd69ff300a3a48cb2798904882d696c519b7325fcf08e17b89c1f8e61c75461a821f215c199680853adf17d79456c550180f5af121d0af5d25334e71cef888566ca4338cdb69d807c1b6592074bfc83e3daec878ddd5d1f1f0b78a02cbc2b0621b400b1a6bd98d7295dde65de2d6f0e366af2b63ed7d7e07fe54163d522bc2c62085187114796da2f621d2fc4d4a812460f9261bb103376a4779f06a720acc37f145dae2022d64d1f6c37abfc9088bbccf45d379024d196140faec268327c9b4fe846499c8972667663f876dff7d906715596a0af986cc4b89a68f0ecb5bda2d57e95a0a8a2bf322f447c81e3d71b97d5c9b4e583bca0a2a334e3cb44e8426edf0892792c4677434940e170d87e8a6d9d9b8b8d44b54fd4d56de65fdf078fc82daa2bef8de27a516a828"}) ioctl$HIDIOCGRDESC(r3, 0x4030582a, &(0x7f0000000240)={0xc700}) syz_open_dev$hidraw(&(0x7f0000000140), 0x8001, 0x200) r7 = syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x4a141) syz_usb_control_io(r0, &(0x7f00000009c0)={0x2c, &(0x7f00000007c0)={0x20, 0x22, 0x11, {0x11, 0xe, "61a1e9098e1c6b091eba835f260eb3"}}, &(0x7f0000000800)={0x0, 0x3, 0xaf, @string={0xaf, 0x3, "1e5b9f9331e033485033e0520918cb494bb86d38ce5e16ca4849dfae0947240a5b1b7034c46531a189703042a935ae0fd8fda9797a8bae1a593caab6d061aafdc7f3d030c0dc700f016da8d76e182a5e662b847a8aff60f95203313e2f05501d5e8b5312a98ff83df8a1b7bf495903e612e2332046bd7363ba5285955b3de0272fa26b9ebeb2473309b6be60a1e7ade927d3ae9d8363c00c66bdce899bffc3bca5f6ef05ebee1b5ac033e5f4cd"}}, &(0x7f00000008c0)={0x0, 0xf, 0x13, {0x5, 0xf, 0x13, 0x2, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x4, 0x28, 0x6, 0x8, 0x0, 0x4}]}}, &(0x7f0000000900)={0x20, 0x29, 0xf, {0xf, 0x29, 0x20, 0x0, 0x8, 0x8, "1378eecf", "453bc1a5"}}, &(0x7f0000000980)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x8, 0x60, 0x0, 0x80, 0x80, 0x9, 0xffff}}}, &(0x7f00000014c0)={0x84, &(0x7f0000000a00)={0x0, 0x11, 0x37, "32c72b53ca152e3d00486b311fdc5d08bca260a59603a7de62bebe955498953aad720f4019202005d1200092e27f89d8ea2ecefbdd91fe"}, &(0x7f0000000a40)={0x0, 0xa, 0x1, 0xff}, &(0x7f0000000a80)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000ac0)={0x20, 0x0, 0x4, {0x1}}, &(0x7f0000000b00)={0x20, 0x0, 0x8, {0x4, 0x4, [0x8700]}}, &(0x7f0000000b40)={0x40, 0x7, 0x2, 0x7111}, &(0x7f0000000b80)={0x40, 0x9, 0x1}, &(0x7f0000000bc0)={0x40, 0xb, 0x2, 'n+'}, &(0x7f0000000c00)={0x40, 0xf, 0x2, 0x20}, &(0x7f0000000c40)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000000c80)={0x40, 0x17, 0x6, @local}, &(0x7f0000000cc0)={0x40, 0x19, 0x2, "d91c"}, &(0x7f0000000d00)={0x40, 0x1a, 0x2, 0x2}, &(0x7f0000001400)={0x40, 0x1c, 0x1, 0x4}, &(0x7f0000001440)={0x40, 0x1e, 0x1, 0x20}, &(0x7f0000001480)={0x40, 0x21, 0x1, 0x5}}) r8 = syz_open_dev$hidraw(&(0x7f0000000940), 0x0, 0x0) read$hidraw(r8, 0x0, 0x0) write$hidraw(r7, &(0x7f0000000180)="2c233130be3a88277fd8b448b34647d713dbc1c0aa4019c8b278699a8c467e85e4ca1febb85ebe5032d43f36156c3f233b37ffb4678611d10f812dd6281444943c808c30a0ca3930b57d882a4233aeccacb0995a74c9a582f6fa69d8c275af89c92bea6f0334bb18a4db855606f8e6", 0x6f) write$hidraw(r8, &(0x7f00000002c0)="613d4d81744a0ed391b7b1c6", 0xc) 4.503310643s ago: executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67a}]}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) sendmmsg$inet(r1, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000100)="435d61e778eb38a7b38869e147b2bb2d8ea5f836c654c0d9d14ceca9529604eb9a1f8d24c87b2153413b8bc5d52b8aa671b64b2290f0d96afeaa40f60d23f9f9f7d8b4c37a6409abd84ddbe5264f73200c67d8f9742d0f51951f7bb8fe27a59cc395ba580c12f6e995b8a62901c58273c223abb6", 0x74}, {&(0x7f0000000180)="518cf9568a61ae870100000000000080b8e2d292b9e8", 0x16}, {&(0x7f0000000a80)="5132ac5e8205378f905fac4b0f7b0ad4ff080df00b5a6655e32124d51a45ebebdf4a86101587d502357bfc43f44098742b83caede42f6e007330dc8ab67371c65d39bc126b8f9bf17dce0ba9d14f263efa7056bb8a0291a4842e42342519a9e795b7d8aee13edfa09bd3f9ae3bdc4c2dccc274c0cf4fe85fa17f46ff8c017571490f296ef2ea1cf31486bd4167bb33cb9a5e1f96de2ee8af5074695ddf5d1ec4d17c9508cdd9e77ec5bc62a820e263a31521f0b9031c9e1e1491f0c99b44960df2aaee22480355aa20d280d1ed54ae539055ca1e20a57f81db185fa207", 0xdd}, {&(0x7f0000000280)="661da68e4cccac69431df174bbce91246fce262b3de6a53334d329a142ae0f304e4fbde8fab4d68bedcd182b41227278c65f7de3723a93dbbaeb901b447fb35a9f3f4b671a3e3929c119f9deec5e46cdbe5cac679cad88c9aa61bc7ffd219a18b36ef0bf5ca45da80aa46274c5cda17a4b8588c492dcdd43dee797fe7debf7c1143177d4f4b02255ca5a46", 0x8b}], 0x4}}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000580)="1fdefa76cc6f846bf5a6f3b74b198bc42104000000000000004b2d", 0x1b}, {&(0x7f00000005c0)="925f1604a8e43b732be04c9b3ba6e8e512ca21f2a68d2366d2f3679f622fd951bfd4abf2bed0b25673e9b8c0e0424914f84c5e5e03d3f1aeeb1abe6160216a7874eb3e7eed3a822035c26a06e605ea5d2791de4914862f3bc38c533b7baaf2adf8e40ac99c6c6ea28a32a67a88c0f7", 0x6f}, {&(0x7f0000000b80)="838b2e5b060676ef306171965a928cb53cbfa1ee01273d0428fed6bb0d938639179c22c9f81ae72e37ec0c99f8796203f4e0aaf00ecd4a97ed24ee85652fa267e43c63920a323c2d064a3ac8628b182ba262154263b16cd5598a3269f5b92a5e7feb98082f6f7a53865140f59290fefb3b58d959fee7ccc4919527f7b6a7657a910f9d15dcc53db90e78a7f094b7e20580ee6a0e2cff5fd1de52be48698a4b42cf0b511407b87779fc26f834e43b150aca71af35a1b3a3d93eeecff8478ed6524bddf284c65a8458d5eafa2ca4c690b9fbb76cbf44c6f5345935ffb195f6861544621877de017d35351620ee8c4714f00a055026d668be499d15252262cab14dccb28ffb910beea73e0528e909723515e77f23ea12c5e1671a", 0x119}, {&(0x7f0000000680)="672733c5976ca6c31adb6c24db79c83e9b45d13a8e1ea257366fb3bfa96784a260fa004d3fc2b710bbd01b54290769b373e99fbfcd8ff00ddbab81d104994815c477e3cb64d14282eec0e67db26a5e0b4ec7a9c740d7e24b53c4b88993b3fb971ed3a457b112ff610555694c4c6232a3c6f9e064f57b9131499992d33412244750adf6e7a3e1bc4db5c02e1bddf4517245abcbb615f1d5ed6ba966ba86992a0a6d170ec160d68df28491389f9f292524216e554ad60419161754391a108b00000000000000", 0xc5}, {&(0x7f0000000cc0)="73fd54eece75adf471522adb56455da4275933a676262ee25f3714893cc16885c81f70ce1dc0b806d5f8cd24495a346f938f8e31ce3b3d263ea7b8ef7328610c89a78b640d210fa06330b6b7570b1c82dcd06fafc2eb84815086cf75bc72b37681c6b77916636c68e787b3598a5a3962343b4967ef2ee352d8ec30817dc9aded78e2e90f22307f571a93ba01b47f67e0f5fbada2250b984d31fc74837562e1abc215c8aabea27702f540cd715435ed5c39fe8189ccb185f5da9ffcc156d2da0800dbeab36134c23854bdfcf1e3ff0b13f49424ee4e5e68f7ab7c8aa9c2e0e54c57ec4c42ca9a6517c2ca860657e013cca20e3ea54b3c646dd9bad0e4f678af0263a02ff4b98146d9f8386dd3d4fe9af036ca8624490cee580bdc6fe7509e841cd6051f3dfefd6f5c0a599e38ec04eb77417ebf9c9111f17da0cdee266b96d89a6b0000", 0x143}, {&(0x7f0000000840)="bd1e34630b4ca292f82b84c4a2dda6012b5a520087c998", 0x17}, {&(0x7f0000000880)="4da150f029e9613e2b8b1926b973b69f8f02db2564aebceec83fb42f37acbce48d3985354b6058a4e0935af0aacf7e2d85f031fdd8c995e0a6dc363938f26220015e5e38cd3af42397b5a4d10974959a35960500000000000000483260430645e3bc8d30a586453126d6ce1a1510fb9a43ec66576977f6588373", 0x7a}], 0x7}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000001140)="084ffd3da07c337a96aebe60f2612f039b5f7e2f63598b654a09e75576e5f726dfed393f1cdbf39f6800f8364110bed3", 0x30}], 0x1}}], 0x4, 0x2000c044) sendto$inet(r1, &(0x7f00000000c0)="c8", 0x1, 0x0, 0x0, 0x0) 4.199573649s ago: executing program 0: r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r0, 0x0) pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000340)='\b', 0x1}, {&(0x7f00000011c0)='(', 0x1}], 0x2, 0x1ffffff, 0x0, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000001200)="eeb95e64e21834f0106eb94bcd626a6789c81745e15ff249aadd77654438a384fab889f06452d966df253899e559cc37d9dad25ebbc731be12fcfad86be675ef0976b3083170fe6d502778a8d620c97db8576be047128828f9c135fa5385124d77aafff52f7624ce1d5251a4ca4a6e1d447e07589e74ce2222ac0ecabcc92b8b243d42f8120e50e4780fac053d67cc8bf77465b9551b350aae7e5083b45a622917a37363fab9cf8c30cfa503632427ef51ec8750ca2cfab470d3c36e20ae66df3b3123ca8ad13c52fd299884c8f60386f2a8b2a594211d986b39881eeecf5b817e5c594038967cbb08503aa6c0c31b6df8ca13f6d705c2d8185e8b7a91e94a041fda4a251f05c998b9407c6894325f945c2ca57c154136c7abd6b90c29cb4492d05ec96d0782ebb01cc8f8a268be8470cc4dc2024f93bde79167e8e8bd9d0e63700123c8f65c927531902a6c04b0026242c74721a6a4f40a602dcbad4b16ee1ca0bebd8b80d2130c4a62635d5520ec9b5e2e1e4ebb900f34c44e30ff0480418a129be2144d07173ec34128c7bdc1c587ebeee5af36d49cbe9655bf890503e31c1c6fdccedd8d4b83aed4968d469dad7ea34231b22686ee6621c8d14211cc183fb8df11f3c131e7e002fb3e2445380f9a8d7f3e0ba086afd10fc769ab5ad2632be5c42b8cbfb6f912c6c8dbfbfd72c5378571b115443bdeda4b3edac7598c3839abb949dec2799f73a74cf4ce0cb0de25215c14a37aa66a080689dd1b6aefcde0c564fc49c73193000f227593f7b19f8ca88afcf41268ee3b561050381e9191a6eada09ecd68d010a8c3851de3fb654a28a1a8651f175c94ebd3772b15a43e1f01ca12b2a39db94047819799910b67d77e5b7039fea721cbee9c2c8a796f9a5e654e71e82a095f6ee5afde71658d1b81a65e5f99ddc7ec5293abd1994ad33b1cffd9ff716203442ece60efd95a9ce809b74875023e166b64444e3cfea1258ea2528a33861294a540cb9736d9b8d80e95cbec038b0679054098c10c6fbee70c334d8cf785119f06a27e1bbcda613265e5ba04b7d81a7f4c0a791164b90555f9bdcdbf8d4acce13c70ea9f1413eec817b89253209130bbd2e10476abb147c728f195644269e74b6f868329f0da6126d76bf887709916be4c9fe3a9841636352331de801cb348b8e23f68b90b611fc39ff8a70fdd1e1f29866196918b2e2c78aba747dd53fa656bb0d828e39a007e3bad73e1dc11d416b6fa340db3226a26455484dd6ae250b21d6223886e26430661a6a723416ea6e155e7c885542e5a5b46735281b88adeffa6ef4f7ba652a1d45b096f39645c09eba143ea219b1bc49ab97eb20593112d1f6f57201a7a841240bfef3495446f1f3f1387f195ae973721cce0afcf7a1d585b77fce174bb5d883bdb4f8af22bd7fae25b5ae007da045d3a9f6437bca7d195b0ef3776f7c27a3912d03de3f1e0cabfa32bd7ae9d77b33520a04c134693726ca45f29d300c858f004c8b0d1d99954fc625248808309b4a687976995b84b404c84765f790c715933ed5288ab98e9a170f7069686e356557109d3573aa43badb935a920c0d665ee6bf92a6afdbd09178ba4dc1c4130c6c550af7b09a9da2190be472ff70b36250c51e5404e1f0d8d2a337730f117849d71b83c2f7c1544c3d03c0fc176909c0a621245b0909bf43a2da9f64c4bdb12e2c16856126a1b295c26ff97a4f19b7bc934accff280fd1d85dd0fd4312b35bc36f4fd81db1e4473073c99289e827d9164200cc43d4e86fe1f13fb2047da809d5644985b76e83f64e1ad4a0e268a2940f7b36eea12a91b7031ba1fbc1c437bc534b12b5ea182906e2566ed54587c9335d4416c1d2f4617ff5a1e78d5a9afc2a41d2807d7010bfe6ed11e668b6904b69c4fe425e8fd7d139a70235acbd080d88a613a6e99e710465b26346e5233777125f76a4439119bf99dd4ccee75188a353772172633122c00620f730ed71452af6b2191268776d702215acaa77c93cfeab4ca3b329708722caf1a3072ec696069c09ffe817bcc18132511e1ff6586231d3227389e8af167d86958349315a72464beacf34fa3f3964be74b203db691d8ff4e9e335af214776e580fe68f1d3664b3a3e289fb5f28723195e1ae2def006707d1bfbe7b43378fd04f88fe03a20f874626f00828e364e621a3c0eb98eb4210bbc46cbc4e1868d4aebe816ec97f034c6de6495701db4dd617d4dd34a5f0ec4a0241cd1b7338fddf05821ca279f0d29b247df19563e3169bfe2a36cbf0c1e6590c90a09d1ec55d2539cb6c05d449f347789b04aa5d3ec7cb022725d5d78a39d214e8d93c9ae48524d28d0031713d9eeb8afd80721bfef3f3f599b6fbe5511f94d5a92fd818bde10c9f4d71a74f2dcc0ccc5c1dfe28851fb40b16409b277972f053b02600f854d2f6cc5ec2db27988646f973108321c8f5ef24d170d3d96f21e8653b840d92caad9d707d7809776dadad1f145af0189b303384eb82336dc01e5df951159ab62adb4dc705762dadef6591031243c2043bd3d3841a6d22f45fedeaaa28f8585e4b4d701f7dcab0833deced8c74f9098c40a955e2348b91330aaa48f894db46d8ece982592f11665d348369db7661d9dfa07784dd249607c2b1cb53287ac299f0eacb5600dfd770ca274c0faa04440f77316e78a56b857bc1e09d6f1cad4c2008fec16839279e033a3ff6dd07e93a4549ca2a9d242c9b89172aed618fa82598492d0af252c6b81d775e55c631159d45c1163b04a70f70cc632fae94873d867c980f95561f314aaefd6af0f4164b2a6a4a19f0cc84912ba1403012bb8e7b8a36c643e4f65124547faaedc1d15396ccaa851991bfcecb382f761b2d9851d95f8d87211d6cd2af2c051fc730781e894fa7168242fe62d8e76583340272c32a4ad25cf593bc3cdc4f0048ab7452a9472c47fc41e199575aae08771516dc3c1ab8540b90c817bde21b1abe797f6deceb2ed6a6016f1b284acd3f556dab9b3b9b34dd1d173057c46622a9b9d249018a1882eb7d55c0ecf9c1cb606c1c47f7c406b09217d0061d2736ca4efac52cfb5565f45dfb46d4d94d066c3404267a091ed4f4ad7e37a9302f30df0579e9c601df813d997b6fc8f92c8992b8ef6da76266e1b2ac0b1e3b64d0131545066677272f8be7e3bb6fcaa78d35072239273d05dcff77c54edf3ec35994d2aceeef1badb91eeda635ba37ea90081039d0ba82978a736ee5687626310d4062775d3217f9f46fd7781296d52873133a537e82c78438349a480be9890f4d35a40efe198afbe5e3bd7c9b52e4b88dbdb0286f6a83d98e2d44bf02a9ef5206cf54257624b225f0870ac0ff4bc44d03301588daccc768bf0275d501814f26209e687b1ebb0eaead8f6d3908f0eab4623199170997bce33a8270d136cac5e05ac4824e9e5909c47ccd003ce2c135f841a2c80d59a50e258030acdd3ae4d92df85e7cc9788780557f70aed45df5cc8654c54891c7454cfe8c921b3e8446b5c9d8f40a6cd02b6d4166bae129dd6986d0d0559ed73593c583c47bbbe0d27cc7f3cf1b4841523ff444ff1734c19f797c52ffe51de9c7cc409b45eeb726d330bc8aa1582597882680c3bd17b93ffba38add407e0cd5a6fbc6af278adc6f87b7ece459bdb227be6f76dddf62aed451fcb61da068d6e43f10d50967701a73b0804935ecd23d5b06214be7604ad7d9d8a459be2d3efeda30a3bd13ff501481f20ca896fc2f3525400b44e5f20ea98c67447fb1ff07f3fbaf212dc1c8f851ca3eacad2790b131d1b27dea663a56ca7d2318541d3b08dcf963b52535ef25111bddbad8e3da6ccd7686c902fb10af0752de9a0ff178c58dc2372422bbf0a45dcbfb9e5d80ec877ef2741046c7170f8d88844523bf8ba464767918233148275d0909e376be079aa499ac628f2ae9c8c9b737a756050a3b5f5c67cc390319f3c4b2f938a99b93defa97c39dde102c838832969c39d914440105053f88f7a56fb3b45e37185ae065b3133c1e22f62b1f6e97cf425f6a2960dffb4eeb7553dd4727edb390c00fa27315b5d35ace8e185526503df86ae94e0d1c0e1598c8c65adf30404ffee5570e8fb64c0c489da173c6d82728d7351bba2672b3b8079f8d1a8c46b565e053cce79316f2053a1d13b58664fd1d13653ad540d9a14c465768838f15dd17126a6aec9f2e432e25db25cce9f60057a1f7dc23ffe5a8434e21c1fd868408d42db0208fd130ac8d35c2d04b5ded66ccd642bfc2759e788a20f3815987e0b4534a358e840df2f2cf82eca00e58643fca4fdbc850dfa7fe3eaa981f5b9695f49c10d54e537704d7e3e821b883c8c822a8c5bf0e60dc60c1dd008c6ab237b20c794c5602cd2ea0e1306280ffa28699811dd507e8a08f4ce8b70191f771e6f0310497461e8571b2222b4320647b0218b7672ff3cff4c05ced8213f6147ccf7bf980ea731c3163a49434965c85de041f3be3cadc25c50b655d47d2e7c52c50365fdf15bb9ed96c4e21233ee56eefc960a8b22bfdf435be874602da338493c00a258d6649421d12abefd2882db7b36b58ee7170d08799eb795ef6db39ca75d17bf81cf048f3fb692535b3982423c0a702fb5d53dfaf3883dcefcdbb079bc8ad181c0369fde371045750e674873dd8240503ccb767708750f756b7f4c8cbd51f6431eaa333a6352e562eb73195a8ce52e9749eac024e13e1493bfc06a4126ce184b3b10656ab85dfded4d223d7937a3fc046519d0bd1b721a52a0963a3d916ff9fa36494831f834518e95b362c8bb04b9e37e85aac4059d4ce19fe64564a683fc501f010bb879eef58207b60341297f4f20285bab397503278a9d3bd9df1f581b86d630c25cc8b882e916b7ad912d49ae805922e8fe50fa9679d1c9892b2b617a71439722ba0774b745a90d1685be9ba20381de84f875f2910b1789b4e8896f3aba8ed56d7df17502775a7848cbd915df894cf521bf31a7e1cdd4d43154ea0175c78eba120b7424f75d219eadebd123d9a352f7894d3244ab593a74ded1abcedf11c263712540fa5a", 0xe01}], 0x1, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) writev(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)='n', 0x1}], 0x1) fadvise64(r0, 0x0, 0x4000, 0x4) 4.160517156s ago: executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) fstat(r0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$erofs(&(0x7f0000000800), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000600)=ANY=[@ANYRES32=r2, @ANYRESOCT, @ANYRESOCT=r1, @ANYRESDEC, @ANYRES16=r2, @ANYRES16=r2, @ANYRES8, @ANYRESHEX, @ANYRES16, @ANYRES64, @ANYRES8, @ANYRESDEC], 0x0, 0x1d3, &(0x7f00000008c0)="$eJzsmb2vEkEUxc/M7oPnizGxsbDRxJeIEZbdRQ0NBSb2JuBXJ5GVoAsYWBMgsSA2NpYWJrb+AxYWVBZ2drZaqImJhZTWa2YYdsflQ4ghkrz7S5g9M3Nn5s4FTgEgCOLI8u3rry/PrxarWQDHcYi0Gv9hxDFci//88vHFF6Vrr958ev2+feLJOLkfAxCG659vAnhXNhCofhj+ufpQPavgkb4BjgtK3wKDpfRdcNxU2gPDHaUfaLpzTAnfs+51/Pr9pu/ZonFE44qmkMxvMmKoA9hX+TFtvjcYPqz5vtdNir1wds7c1KbiL/UzJ2WOklY/8X7dfvZ0JPqz2tha/RxwOEoXwFBRuog0LMuKS6Ld/7QZ72+sc/9dECdzq2KyO5Ahif8gWHJEfKGjkVOT8Yf5Vd+3mdjZ7V5ZGheAuamPB/+2c0qZwMKY2D+F5Z7X/MmEGflHPmg9yvcGw1yzVWt4Da/tuoUr9iXbvuzmpRFN2xX+ty/96UDbf29JbIql0K8FQdfpA0HXifrutNUct/K281Ou4dL/ODLnpnuIj4q8dnrxGUy9uHwKlTGWJk8QBEEQBEEQBEEQBEEQBLERZ8Dkr6Dqj6pwCe51Gf07AAD//8+DaM4=") mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0) r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r3, 0x0, 0x0) 3.94183046s ago: executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x0}) 3.870140101s ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x4}, 0x48) unshare(0x400) fremovexattr(r1, 0x0) 3.833111587s ago: executing program 3: syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x548, &(0x7f0000000b40)="$eJzs3U1oHGUYAOB3ZrPWttG0oKDSQ1GhQukm6Y9WT+lVLBR6ELzUZbMNIZtsyG5qE3JI70UsKCq91JsePCoePIgXj169KJ4F0aDQ9CCRye6mbf5ca5OtmeeB2f1+lrzfl5l3st8wQwLIraPZSxrxbERcSCIG7unri3bn0dbnlpcWKneWFipJrKxc/C2JJCJuLy1UOp9P2u8HI2IxIp6JiG+LEcfTjXEbc/MT5VqtOtOuDzYnpwcbc/MnxifLY9Wx6tSpV149c/b0meGTww9trtd/uvHu9e9fv3Xjs8+PLFY+KCcxEv3tvnvn8TC1fifFGFnXfnongvVQ0usB8EAK7TwvRsTTMRCFdtYDe9/KvogVIKcS+Q851fkekK1/O9tufv/49VxrAZLFXW5vrZ6+1rWJeHx1bXLgj+S+lUm23jy0mwNlT1q8FhFDfX0bj/+kffw9uKGHMUB21DfnWjtq4/5P184/scn5p79z7fQ/6pz/ljec/+7GL2xx/rvQZYy/3vr54y3jX4t4btP4yVr8ZJP4aUS83WX8m29+dXarvpVPIo7F5vE7ku2vDw9eHq9Vh1qvm8b4+tiR17ab/4Et4o9sM/+sbbrL+X/53RfPL24T/6UXtt//m8XfHxHvdRn/8O1P39iqL4s/usX8t4uftd3qMv7LI0d/7PKjAAAAAAAAAADAv5Cu3suWpKW1cpqWSq1neJ+KA2mt3mgev1yfnRpt3fN2KIpp506rgVY9yerD7ftxO/WT6+qnIuJwRLxf2L9aL1XqtdFeTx4AAAAAAAAAAAAAAAAAAAAeEQfXPf//Z6H1/D+QE/7lN+SX/If8uj//k56NA9h9/v5Dfsl/yC/5D/kl/yG/5D/kl/yH/JL/kF/yHwAAAAAAAAAAAAAAAAAAAAAAAAAAdsSF8+ezbeXO0kIlq49emZudqF85MVptTJQmZyulSn1mujRWr4/VqqVKffKffl6tXp8eiqnZq4PNaqM52JibvzRZn51qXhqfLI9VL1WLuzIrAAAAAAAAAAAAAAAAAAAA+H/pX92StBQR6Wo5TUuliCci4lAUk8vjtepQRDwZET8Uivuy+nCvBw0AAAAAAAAAAAAAAAAAAAB7TGNufqJcq1VnFDYWImLxERiGgkJPDn4AAAAAAAAAAAAAAAAAAGBX3X3ot9cjAQAAAAAAAAAAAAAAAAAAgDxLf0kiItuODbzYv773sWS5sPoeEe/cvPjh1XKzOTOctf++1t78qN1+shfjB7rVydNOHgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3NebmJ8q1WnVmBwu9niMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAg/g7AAD//4zf2Wg=") r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) mount$incfs(0x0, 0x0, &(0x7f0000000480), 0x67ccbf614e272b48, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="06000000f6f7ff190100000007000000070bd7eafc5254"], 0x20}, 0x20000011) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r1, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000d00)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="000001000000aa"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f0000000480)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xb, 0x5, &(0x7f00000040c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc40400d2532e764975f03f1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200a011ea665c45a3449abe802f5ab3e89cf40b858e217ce740068720000074e468eea3fcfcf498278ad15f5f87e1c26433a8acdc0e65888b2007f00000000000000000100000000000000010000000000000053350000000034a70c2ab40c7cf5691db43a5c00000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39"], &(0x7f0000000140)='GPL\x00'}, 0x90) r2 = dup(r0) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x0, 0x0, 0xd72}}) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x0, 0x0, 0x101}}) 3.597379373s ago: executing program 0: bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x2, [@struct={0x0, 0x2, 0x0, 0x4, 0x0, 0x8, [{0x0, 0x3}, {0x0, 0x2}]}, @ptr, @restrict={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x56}, 0x20) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000017c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r3, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) dup2(r4, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) symlinkat(0x0, 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00') renameat2(0xffffffffffffffff, &(0x7f0000000040)='./file0/../file0\x00', 0xffffffffffffffff, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0) 3.075824584s ago: executing program 4: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0) ftruncate(r1, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0) sendfile(r2, r1, 0x0, 0x578410e9) sendfile(r2, r1, 0x0, 0x100000000) 2.694971923s ago: executing program 0: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000001440)={0xfffffffffffffd87, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="e221050000000ae90000005f530b376c50bce839b15678a4ae455c1235b1a46867ed6eefedd7de976463650d74e3148c08f453f7767a1f74d758036d40fb627e75b4b90ffc36891cd6269a2bcec7c02607993d544edbcd9ec08be499f04484d3424e60c735e72541d6b151eb02de618a78c725a26928f26d538c3f9765e39700c23e10afa9bb0525777e7c0000000000000000"], 0x0}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@index_on}, {@metacopy_on}]}) mknodat$loop(0xffffffffffffffff, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') r1 = open(&(0x7f0000000040)='./file0\x00', 0x40c5, 0x0) r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$9p(r1, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bfb06f66a1a5e3f05cb283fb45ea67a2727ee6e10bf35b31fdd03d43ec67b753f6737e0d2f4a5275031595878cefc8f0ca", 0x600) sendfile(r1, r2, 0x0, 0xe065) 2.179934983s ago: executing program 4: unshare(0x600) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000002c0)={[{@user_xattr}, {@errors_continue}, {@sysvgroups}, {@norecovery}, {@errors_continue}, {@abort}, {@quota}, {@noauto_da_alloc}, {@lazytime}]}, 0x3, 0x56a, &(0x7f0000000ec0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file1\x00', 0x0, 0x0) fstat(r0, 0x0) 2.075244569s ago: executing program 4: r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r0, 0x0) pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000340)='\b', 0x1}, {&(0x7f00000011c0)='(', 0x1}], 0x2, 0x1ffffff, 0x0, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f0000001200)="eeb95e64e21834f0106eb94bcd626a6789c81745e15ff249aadd77654438a384fab889f06452d966df253899e559cc37d9dad25ebbc731be12fcfad86be675ef0976b3083170fe6d502778a8d620c97db8576be047128828f9c135fa5385124d77aafff52f7624ce1d5251a4ca4a6e1d447e07589e74ce2222ac0ecabcc92b8b243d42f8120e50e4780fac053d67cc8bf77465b9551b350aae7e5083b45a622917a37363fab9cf8c30cfa503632427ef51ec8750ca2cfab470d3c36e20ae66df3b3123ca8ad13c52fd299884c8f60386f2a8b2a594211d986b39881eeecf5b817e5c594038967cbb08503aa6c0c31b6df8ca13f6d705c2d8185e8b7a91e94a041fda4a251f05c998b9407c6894325f945c2ca57c154136c7abd6b90c29cb4492d05ec96d0782ebb01cc8f8a268be8470cc4dc2024f93bde79167e8e8bd9d0e63700123c8f65c927531902a6c04b0026242c74721a6a4f40a602dcbad4b16ee1ca0bebd8b80d2130c4a62635d5520ec9b5e2e1e4ebb900f34c44e30ff0480418a129be2144d07173ec34128c7bdc1c587ebeee5af36d49cbe9655bf890503e31c1c6fdccedd8d4b83aed4968d469dad7ea34231b22686ee6621c8d14211cc183fb8df11f3c131e7e002fb3e2445380f9a8d7f3e0ba086afd10fc769ab5ad2632be5c42b8cbfb6f912c6c8dbfbfd72c5378571b115443bdeda4b3edac7598c3839abb949dec2799f73a74cf4ce0cb0de25215c14a37aa66a080689dd1b6aefcde0c564fc49c73193000f227593f7b19f8ca88afcf41268ee3b561050381e9191a6eada09ecd68d010a8c3851de3fb654a28a1a8651f175c94ebd3772b15a43e1f01ca12b2a39db94047819799910b67d77e5b7039fea721cbee9c2c8a796f9a5e654e71e82a095f6ee5afde71658d1b81a65e5f99ddc7ec5293abd1994ad33b1cffd9ff716203442ece60efd95a9ce809b74875023e166b64444e3cfea1258ea2528a33861294a540cb9736d9b8d80e95cbec038b0679054098c10c6fbee70c334d8cf785119f06a27e1bbcda613265e5ba04b7d81a7f4c0a791164b90555f9bdcdbf8d4acce13c70ea9f1413eec817b89253209130bbd2e10476abb147c728f195644269e74b6f868329f0da6126d76bf887709916be4c9fe3a9841636352331de801cb348b8e23f68b90b611fc39ff8a70fdd1e1f29866196918b2e2c78aba747dd53fa656bb0d828e39a007e3bad73e1dc11d416b6fa340db3226a26455484dd6ae250b21d6223886e26430661a6a723416ea6e155e7c885542e5a5b46735281b88adeffa6ef4f7ba652a1d45b096f39645c09eba143ea219b1bc49ab97eb20593112d1f6f57201a7a841240bfef3495446f1f3f1387f195ae973721cce0afcf7a1d585b77fce174bb5d883bdb4f8af22bd7fae25b5ae007da045d3a9f6437bca7d195b0ef3776f7c27a3912d03de3f1e0cabfa32bd7ae9d77b33520a04c134693726ca45f29d300c858f004c8b0d1d99954fc625248808309b4a687976995b84b404c84765f790c715933ed5288ab98e9a170f7069686e356557109d3573aa43badb935a920c0d665ee6bf92a6afdbd09178ba4dc1c4130c6c550af7b09a9da2190be472ff70b36250c51e5404e1f0d8d2a337730f117849d71b83c2f7c1544c3d03c0fc176909c0a621245b0909bf43a2da9f64c4bdb12e2c16856126a1b295c26ff97a4f19b7bc934accff280fd1d85dd0fd4312b35bc36f4fd81db1e4473073c99289e827d9164200cc43d4e86fe1f13fb2047da809d5644985b76e83f64e1ad4a0e268a2940f7b36eea12a91b7031ba1fbc1c437bc534b12b5ea182906e2566ed54587c9335d4416c1d2f4617ff5a1e78d5a9afc2a41d2807d7010bfe6ed11e668b6904b69c4fe425e8fd7d139a70235acbd080d88a613a6e99e710465b26346e5233777125f76a4439119bf99dd4ccee75188a353772172633122c00620f730ed71452af6b2191268776d702215acaa77c93cfeab4ca3b329708722caf1a3072ec696069c09ffe817bcc18132511e1ff6586231d3227389e8af167d86958349315a72464beacf34fa3f3964be74b203db691d8ff4e9e335af214776e580fe68f1d3664b3a3e289fb5f28723195e1ae2def006707d1bfbe7b43378fd04f88fe03a20f874626f00828e364e621a3c0eb98eb4210bbc46cbc4e1868d4aebe816ec97f034c6de6495701db4dd617d4dd34a5f0ec4a0241cd1b7338fddf05821ca279f0d29b247df19563e3169bfe2a36cbf0c1e6590c90a09d1ec55d2539cb6c05d449f347789b04aa5d3ec7cb022725d5d78a39d214e8d93c9ae48524d28d0031713d9eeb8afd80721bfef3f3f599b6fbe5511f94d5a92fd818bde10c9f4d71a74f2dcc0ccc5c1dfe28851fb40b16409b277972f053b02600f854d2f6cc5ec2db27988646f973108321c8f5ef24d170d3d96f21e8653b840d92caad9d707d7809776dadad1f145af0189b303384eb82336dc01e5df951159ab62adb4dc705762dadef6591031243c2043bd3d3841a6d22f45fedeaaa28f8585e4b4d701f7dcab0833deced8c74f9098c40a955e2348b91330aaa48f894db46d8ece982592f11665d348369db7661d9dfa07784dd249607c2b1cb53287ac299f0eacb5600dfd770ca274c0faa04440f77316e78a56b857bc1e09d6f1cad4c2008fec16839279e033a3ff6dd07e93a4549ca2a9d242c9b89172aed618fa82598492d0af252c6b81d775e55c631159d45c1163b04a70f70cc632fae94873d867c980f95561f314aaefd6af0f4164b2a6a4a19f0cc84912ba1403012bb8e7b8a36c643e4f65124547faaedc1d15396ccaa851991bfcecb382f761b2d9851d95f8d87211d6cd2af2c051fc730781e894fa7168242fe62d8e76583340272c32a4ad25cf593bc3cdc4f0048ab7452a9472c47fc41e199575aae08771516dc3c1ab8540b90c817bde21b1abe797f6deceb2ed6a6016f1b284acd3f556dab9b3b9b34dd1d173057c46622a9b9d249018a1882eb7d55c0ecf9c1cb606c1c47f7c406b09217d0061d2736ca4efac52cfb5565f45dfb46d4d94d066c3404267a091ed4f4ad7e37a9302f30df0579e9c601df813d997b6fc8f92c8992b8ef6da76266e1b2ac0b1e3b64d0131545066677272f8be7e3bb6fcaa78d35072239273d05dcff77c54edf3ec35994d2aceeef1badb91eeda635ba37ea90081039d0ba82978a736ee5687626310d4062775d3217f9f46fd7781296d52873133a537e82c78438349a480be9890f4d35a40efe198afbe5e3bd7c9b52e4b88dbdb0286f6a83d98e2d44bf02a9ef5206cf54257624b225f0870ac0ff4bc44d03301588daccc768bf0275d501814f26209e687b1ebb0eaead8f6d3908f0eab4623199170997bce33a8270d136cac5e05ac4824e9e5909c47ccd003ce2c135f841a2c80d59a50e258030acdd3ae4d92df85e7cc9788780557f70aed45df5cc8654c54891c7454cfe8c921b3e8446b5c9d8f40a6cd02b6d4166bae129dd6986d0d0559ed73593c583c47bbbe0d27cc7f3cf1b4841523ff444ff1734c19f797c52ffe51de9c7cc409b45eeb726d330bc8aa1582597882680c3bd17b93ffba38add407e0cd5a6fbc6af278adc6f87b7ece459bdb227be6f76dddf62aed451fcb61da068d6e43f10d50967701a73b0804935ecd23d5b06214be7604ad7d9d8a459be2d3efeda30a3bd13ff501481f20ca896fc2f3525400b44e5f20ea98c67447fb1ff07f3fbaf212dc1c8f851ca3eacad2790b131d1b27dea663a56ca7d2318541d3b08dcf963b52535ef25111bddbad8e3da6ccd7686c902fb10af0752de9a0ff178c58dc2372422bbf0a45dcbfb9e5d80ec877ef2741046c7170f8d88844523bf8ba464767918233148275d0909e376be079aa499ac628f2ae9c8c9b737a756050a3b5f5c67cc390319f3c4b2f938a99b93defa97c39dde102c838832969c39d914440105053f88f7a56fb3b45e37185ae065b3133c1e22f62b1f6e97cf425f6a2960dffb4eeb7553dd4727edb390c00fa27315b5d35ace8e185526503df86ae94e0d1c0e1598c8c65adf30404ffee5570e8fb64c0c489da173c6d82728d7351bba2672b3b8079f8d1a8c46b565e053cce79316f2053a1d13b58664fd1d13653ad540d9a14c465768838f15dd17126a6aec9f2e432e25db25cce9f60057a1f7dc23ffe5a8434e21c1fd868408d42db0208fd130ac8d35c2d04b5ded66ccd642bfc2759e788a20f3815987e0b4534a358e840df2f2cf82eca00e58643fca4fdbc850dfa7fe3eaa981f5b9695f49c10d54e537704d7e3e821b883c8c822a8c5bf0e60dc60c1dd008c6ab237b20c794c5602cd2ea0e1306280ffa28699811dd507e8a08f4ce8b70191f771e6f0310497461e8571b2222b4320647b0218b7672ff3cff4c05ced8213f6147ccf7bf980ea731c3163a49434965c85de041f3be3cadc25c50b655d47d2e7c52c50365fdf15bb9ed96c4e21233ee56eefc960a8b22bfdf435be874602da338493c00a258d6649421d12abefd2882db7b36b58ee7170d08799eb795ef6db39ca75d17bf81cf048f3fb692535b3982423c0a702fb5d53dfaf3883dcefcdbb079bc8ad181c0369fde371045750e674873dd8240503ccb767708750f756b7f4c8cbd51f6431eaa333a6352e562eb73195a8ce52e9749eac024e13e1493bfc06a4126ce184b3b10656ab85dfded4d223d7937a3fc046519d0bd1b721a52a0963a3d916ff9fa36494831f834518e95b362c8bb04b9e37e85aac4059d4ce19fe64564a683fc501f010bb879eef58207b60341297f4f20285bab397503278a9d3bd9df1f581b86d630c25cc8b882e916b7ad912d49ae805922e8fe50fa9679d1c9892b2b617a71439722ba0774b745a90d1685be9ba20381de84f875f2910b1789b4e8896f3aba8ed56d7df17502775a7848cbd915df894cf521bf31a7e1cdd4d43154ea0175c78eba120b7424f75d219eadebd123d9a352f7894d3244ab593a74ded1abcedf11c263712540fa5a", 0xe01}], 0x1, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) writev(r0, &(0x7f00000002c0)=[{&(0x7f00000000c0)='n', 0x1}], 0x1) fadvise64(r0, 0x0, 0x4000, 0x4) 2.021349737s ago: executing program 4: creat(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000600)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000006380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000180)) socket$inet_udp(0x2, 0x2, 0x0) pselect6(0x40, &(0x7f0000000400)={0xfc}, 0x0, 0x0, 0x0, 0x0) close(r0) 1.824384637s ago: executing program 4: r0 = epoll_create1(0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e) listen(r1, 0x0) shutdown(r1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000c85000)) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000f2cff4)={0x775409470d9a1685}) epoll_wait(r0, &(0x7f0000000000)=[{}], 0x1, 0x0) 1.80923004s ago: executing program 4: openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000380)={'#! ', '', [], 0xa, "d6a10f8ecfbcbf1e2dfc7f10ccac0af13f00dc3f987b7ac16eba001772f716fc1720a547f33709a7dfccd3742e34fe03cd7d18521912eaaa274ac38953ddbf49ab71bc413b673594ccc1e75339496f584d7d8427"}, 0x58) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) dup(0xffffffffffffffff) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc0109058903"], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120110030000"], 0x0) syz_usb_control_io(r1, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0) 1.787793953s ago: executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$BLKPG(r0, 0x1269, &(0x7f0000000080)={0x0, 0x0, 0x98, &(0x7f0000000140)={0x0, 0x1000000, 0x4}}) 1.766640306s ago: executing program 3: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f00000005c0)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf200000000000002600020007ffffffbd0310000000000095002000000000006916000000000000bf6700000000000004070000b964b01a4607feff00207000540700000ee61e00bf150000000000000f5700000000000065070000d23700002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c4ed68ecf264e0f84f9f17d3c30e3c7bdd2d17f2f175455000078af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd390700000500000000f18c30907d7bee45a0100000fe9de56c9d05000000c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3f1d5af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8dfd13ff15f852a39e5b2ab7bcb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916fcecc8158f0200000000c8fb735fd552bdc268694aeb0743e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6037ed8c85f21ec2c081bdce431e56723888fb126a19bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1c921b5bbf7949632cacfdd32b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbb400001e3738270b315d362ed834f2af97787f696649a462e7e090000000000000045eac1f2014f720e83b7838e3eede14308d582685e1becd6f35154bcb4000000000000000000000000000000bc3af2b170ad3e2b26539cebca8f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed840a7afaab43176e65ec1118d46d1e827f3472f4445d353887a5ad103649afa1769080584f800031e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b4040c1458d0320ce7d0000413a0000000000000000005f37983f84e98a523d80bd56a57fa82b82f639601ae899a559949702e119e36418f6cfc1cb26a0f6a5480a55d624a0c544ba0dc828c22fe30000aa391598000000437d57fcf8295f63a70837f5cd4e5e77964522dc7ca3aa3476b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac872ade9d1f2ab779b8dbe843aeeda0426c767c00327b8c95b2bb6ddb55117669d9598c0f3598073f3a921c76beceff7e4fbf909a2cabf5b8ea5011db9020823b83abe54346c7af0a99fa077ffe7000feb9e44023a1749eb1d0d572b77d6e0d0fcd74031c8ef2629f5ecff4626746d6abe98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b5d3dfdf0cb8b71ad79000000000000000000000000000000dd434a25e95d0ec29d3adaccf89d0888031ecdfdb4dfbe444673be099ece7e4009c76c7108ef0a7e59fd6d906fbc3c9b412e0478cfee4485f423c63f49db43833c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4fe39cc2d292691672cc18ca372104ceb83a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec905000000b13f4a2575fbe943a6c40000000000000000000000000000028026b80c3899543223a6079ee96198b9a326db3be3a48af415ca28ca68c502550044ed8e29af8d763ef9b1f31befcad2ce5394601c7cdc233bff7f0000000000009fb3ad650f77e339768924dfdbeead13b88371154d743544a6091ec93e0d3fd5b4dc42911c1ba322fd4d6fbf19e617d51f964727bfd5cc5ba15370f6e1141d2271eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d952c7ad17a58d9be691c334ea35bae71e76e160cc2260bd028162917807ce89e11b5f261052ee0dde18efa1d802af2b7bcf6f8af419bccf64ca1c81045153eafbefdb91fbdff9ee3307d4a1837963b2dc2a3698d90e7915b098f19392e792adaea86052f4e948184001b6494e906925a092483adc7e9c8f7a29d226763c100aecae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baaae05aed6bf0f40c8a323f9235dc99698bd0b800067a983fe171fe71fdbc38064627616bb01a79daada03cc77e74feb98b1586946b452764ff917a8ecc10e529c5bea49cad70e22df522c2803b6ef65df70223c6e22c3433e322d8dbd6e9b040065a9d6b3d5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a96548d47c609a93c45f4d1382b39c05dcc07d5b49ad75ddb3ce5b5b9416e03995da04647aa5e6fc1a6f5d663380967ccef9de49a90ced031335e3219ebd9d06c257a50497ec523f5ff7361261ccfe239d603364a42e2e81fc068fcbb9792b673827fe7018a988fbce55bb74cdb327ced4b77b8743fb3cb72cc280b9f62e4f92f46a19600b802cba88b7d0a938d9e0e6cfe5d66b874c9a0c6c04b96360d6f499d004179e5b6025c0e1050faec7ecd9de190a975db2f8c06a551236278c4766d7e22e3b85168c9851de6266c791252f919b4f8b257b5a786734e5142e4666c67aef5b7b2f88c6640995434aa8636993089c73f196c54ae829ad4307132655b075ae534fa7f1ea9a17e62357b0bd2bd1d62d34bfc1364640250136729ba4f763ff25c33e8acc806611792add8254e705fefd2a44d5b15e3b36f6b75c97c9c04c511d8cf9e24c61c8284a913a381cb1a5628878040000000000000017b68afd95d4abf7920de9ebe1c89661f4adc3d83d72b1b778e30c2bf2efbbcd054cf51f4205ebf9a98a0d9f18135cb1d8d567c3436fa697b72c3b0200000000000079c0b3339debc78352b2e65299223d7ef2bd540e78167b3ac92a4c4f826f6d0e5c4ebf4f7a70c03e2f5ddbebf168586360c3663531eb5995d228f011a10ffc8b17d716b0c528dab6d0c4fe2ee402348104bc5d4012babedee898c6d3e1017be2e9bc759d3ab4d615f5000000000000000000000000000000000000000000007fff0000000000e693e314adf7dc9f517d04f1e6ca367d30d31d3647c6059db6e1e9529eb1623ef99e2d9ac2ab4872f8e784b07a31110bef6d000000a6f9e89e6d50ee06ce716f94da60f1f22d9669560d296287c13c92070000ee7553eb2df17839542fa88d09f000e88a90cf4406b9000000000000000000000000f441d6a6f516c235c6f5863e7f454ee0e16b9aa2593eb31fa3836703e7765aaeb77a8770e518efaa6d3dd85e03b3b133eb749057cea9af75a0e6f633532f2891b8e263cb6eecea691842827bc7c8c0130187081c8d320642389f5f0c42dba0ff75a257310f2d92cb1d1e16468949f5675262ee318e735930b01d8f586e34537bcff7d6196f494cdcf3a712078d745db0f5687a78ee6d000b3d171a0f08299b52d207f32e9da311ca090000003a42732808515eec574f892622c5be497fc3d9ca122d7c18b9e54637812c8debc61f0e42d838e44a819b74bce1a56108bb0fde97a02475920532309c55b2c9ae9f281391ec5cc72a5e94cca1cbf1ff01000000000000bdb537a0c52bd45a9f966c25616cec30c3ea3246cb8e6aac7cf273638e6656a3e4ccadc348f0172028c99cc5f6d5c6d09ed65aa54549e73c28b7c8ad06ad3c5e3c27eec0eff1a6c84f1189919eefcee8072d1f88cb781e4cdb04af00ac92f1080211c4bee74381a0e31021918f27863fdbafb50f70857d52a1f7df51935a80b1980a4778d35f183ea517f55a98095305701ab3f3ae43f06e91bc7d85e3800b46926944fba9805a985e63e53a62232fcd3f01dbe1728f300e247a7ebe344f9749818ff3961b2a42664ccd680a90bbb6ab400e286acc8f9febef64594777f848ed1cf980a3da2f0f7745760a05887d0c28060d613dd6539d392fc21fee0b5131609664b821d7a994e6c5965a4fa1ec1790c54e54586907dcc5e8bac16e79da9c2444420900000000000000f888a94365b99b72796fca1b922fc9aefaf1546c17cbb1d2d2fd12cb1a49cad501a3ca218c595b667b634606c57987ebfb0783a4948e4561d5cda158fe74453ff4a837beeedba483842c57d6005b544b4f80003386edfd3d4a88a667bd41eefe0d808abed0ab29e6bc370a80cc0366fb4080bfbaaa946fd47ab662c794846e403950bbc3a48bb276cbb08a8eab145c06221ef16a238e3d50ad18aea9a2cec97d3c2d0569caabe2bffe02506bc9cb7294c5d020536dd5e7a6351642112df3b55d0215aaec7e45598995e79699e47567e353e68b03f82be860b188554b734e1192f9c1a867b815ef52cdc3307c0cc9be05a40fde69c350e59f11f1d26a4d04d8c8b2c4a4d23ec931d14bc7807db773a614b670acf46f83f7c65a0f8d43c5f64705f0d27c46d4b686e867e9b0be76a7978a8f962bb5a070df97f2bf7612115cfe5ebdc7ad0bc5a5f3ace25347d0e5c347279d55aa67a967380000000000000000000000000000000000000000000000ed0942d980c754c6c69ef65c375ad018824f78b260d5f51bc3feba504408a8c8141d84f3f417603b5081680f346ff0ffbe4ae19e936511966965ce268b6345a0001c0f26a32e0a999fc869292e939dcf89b9bfd794f9c12d41959a00688cca43015a9eec58f647796adea520cd2abeb0b55c22949d10e5a05fee4543fdc1e02554a55b5fef2427a6e5708edc38fac53c2f961945a3f83cdf01979939b49bc6b1aef8c733401bbe473de8d64efbe0d123739f387d1c0d9e74f2175c174ada1678c7db79492e8dd0f34e2ccf419cf7f14ffa408b50a52685b36aed14aa22ad928191d5a2697646edc52a1c0c5d720ae690add2b34aed161f51cc1cb424f76098e1e1921e5a405f9d298a8461f2da30e47b7c6ed7c95c84c745f58723e4cddffae3b53b5b947f9435e589f9ae55b30ecd3827b2de5df31976870823da8058c2538c04e397f3d0ef90c11c74da984fa558697ecb57224ce8fa6f79aadbd7dbf3678e74d790bc2ee72769a3ada1dd504f8e4133ce1effd446bc9a2f139e65cc4bd83912af3122352506c7c2191b3705116b2f4fc20d4e93882bdd6ccea97f3a08d3565b0000000000000000000000000000d35fb97c2d7a9374294dcec3da3df9a13c4fc63b00426682534d894caee0b963a30000000000000000000000b1c83ad1d04447d3551f4000746f6642dd581af20e1015f9b7d3d3ca2271f4b6549c30a1bdebee75585e17f8e8ec50da4cf7f502e721c84eb4d9feeb732f511bfdc1bbeb446f0dfb918a172f6c005ea6508f8419e0a682aef2c6dae67a275cba2a7f8706a6ec15183d9fc965ae187495e5124d07e5f421c51139d3deba29d41fcdc1ee3d852eeb6e912f41e6921b20beb606b8e9487684ab719666fb7455f578e0106e5846ede204f9df02efae33821c9a0d493245abb7afa4fa6c34b79e7f1bb0b68d041ee6a0bd56d462cd5f6db8dd34e4f53ef5c6389f36df4a7d23bcab141613a0c0296a89638e8b4bb063ff4e964de9c7d22f821a8b2588d524e0a5f09c52b892e41765930301c1913c135f664e3280f07dff262d95d35dafac2d9c609344280e838281bd2a59802ace5f3a8c94ac5f8fd153bc7b79b14803000bb262cf6031b6e3b79b0e2536443e351048451a2754e4859f472f8816d33608713b383d70"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe50}, 0x48) 1.220297311s ago: executing program 2: prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0) ftruncate(r1, 0x8800000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r3, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0) sendfile(r2, r1, 0x0, 0x578410e9) sendfile(r2, r1, 0x0, 0x100000000) 910.122899ms ago: executing program 3: unshare(0x600) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000002c0)={[{@user_xattr}, {@errors_continue}, {@sysvgroups}, {@norecovery}, {@errors_continue}, {@abort}, {@quota}, {@noauto_da_alloc}, {@lazytime}]}, 0x3, 0x56a, &(0x7f0000000ec0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file1\x00', 0x0, 0x0) fstat(r0, 0x0) 815.649544ms ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_control_io$hid(r1, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0) syz_usb_control_io(r1, 0x0, &(0x7f0000000740)={0x84, &(0x7f0000000000)={0x0, 0x0, 0x2, 'u,'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 317.823771ms ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000240)={0x1, 0x0, [{0x1, 0x0, 0x0, 0x0, 0x0, 0xffff}]}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x48c, 0x0, 0x2}]}) 312.875682ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x4}, 0x48) unshare(0x400) fremovexattr(r1, 0x0) 274.780478ms ago: executing program 1: r0 = epoll_create1(0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e) listen(r1, 0x0) shutdown(r1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000c85000)) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000f2cff4)={0x775409470d9a1685}) epoll_wait(r0, &(0x7f0000000000)=[{}], 0x1, 0x0) 265.812069ms ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000400)=[{&(0x7f00000002c0)='\b\x00', 0x2}, {&(0x7f0000000800)="a4d14c4661d0", 0x6}], 0x2, &(0x7f0000000040)=ANY=[@ANYRES8], 0x48}, 0x0) 262.74567ms ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 251.874381ms ago: executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) write$binfmt_elf64(r2, 0x0, 0x40) fsmount(0xffffffffffffffff, 0x0, 0x0) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="2000000014002101000000000000000002170000", @ANYRES32=r3, @ANYBLOB="08000200ac1414aa"], 0x20}}, 0x0) sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@ipv4_newaddr={0x28, 0x14, 0x121, 0x0, 0x0, {0x2, 0x0, 0x0, 0xfe, r3}, [@IFA_LOCAL={0x8, 0x2, @local}, @IFA_BROADCAST={0x8, 0x4, @multicast1}]}, 0x28}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000180)=@ipv4_deladdr={0x18, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}}, 0x18}}, 0x0) 231.320785ms ago: executing program 2: r0 = openat$rtc(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0x7005, 0x0) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/193, 0x8}], 0x1) 212.961937ms ago: executing program 2: syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) symlink(&(0x7f00000005c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f00000002c0)='.\x02\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x42) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15) mlock2(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0) mlock2(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x0) mremap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil) mlock2(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x1) 0s ago: executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) fstat(r0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$erofs(&(0x7f0000000800), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000600)=ANY=[@ANYRES32=r2, @ANYRESOCT, @ANYRESOCT=r1, @ANYRESDEC, @ANYRES16=r2, @ANYRES16=r2, @ANYRES8, @ANYRESHEX, @ANYRES16, @ANYRES64, @ANYRES8, @ANYRESDEC], 0x0, 0x1d3, &(0x7f00000008c0)="$eJzsmb2vEkEUxc/M7oPnizGxsbDRxJeIEZbdRQ0NBSb2JuBXJ5GVoAsYWBMgsSA2NpYWJrb+AxYWVBZ2drZaqImJhZTWa2YYdsflQ4ghkrz7S5g9M3Nn5s4FTgEgCOLI8u3rry/PrxarWQDHcYi0Gv9hxDFci//88vHFF6Vrr958ev2+feLJOLkfAxCG659vAnhXNhCofhj+ufpQPavgkb4BjgtK3wKDpfRdcNxU2gPDHaUfaLpzTAnfs+51/Pr9pu/ZonFE44qmkMxvMmKoA9hX+TFtvjcYPqz5vtdNir1wds7c1KbiL/UzJ2WOklY/8X7dfvZ0JPqz2tha/RxwOEoXwFBRuog0LMuKS6Ld/7QZ72+sc/9dECdzq2KyO5Ahif8gWHJEfKGjkVOT8Yf5Vd+3mdjZ7V5ZGheAuamPB/+2c0qZwMKY2D+F5Z7X/MmEGflHPmg9yvcGw1yzVWt4Da/tuoUr9iXbvuzmpRFN2xX+ty/96UDbf29JbIql0K8FQdfpA0HXifrutNUct/K281Ou4dL/ODLnpnuIj4q8dnrxGUy9uHwKlTGWJk8QBEEQBEEQBEEQBEEQBLERZ8Dkr6Dqj6pwCe51Gf07AAD//8+DaM4=") mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000005c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0) r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r3, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.53' (ED25519) to the list of known hosts. 2024/06/15 23:47:51 fuzzer started 2024/06/15 23:47:51 dialing manager at 10.128.0.163:30000 [ 20.684459][ T23] audit: type=1400 audit(1718495271.280:66): avc: denied { node_bind } for pid=344 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 20.691279][ T23] audit: type=1400 audit(1718495271.280:67): avc: denied { name_bind } for pid=344 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 20.735262][ T23] audit: type=1400 audit(1718495271.330:68): avc: denied { mounton } for pid=353 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 20.738302][ T353] cgroup1: Unknown subsys name 'net' [ 20.764110][ T353] cgroup1: Unknown subsys name 'net_prio' [ 20.771519][ T353] cgroup1: Unknown subsys name 'devices' [ 20.780275][ T23] audit: type=1400 audit(1718495271.330:69): avc: denied { mount } for pid=353 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 20.802795][ T23] audit: type=1400 audit(1718495271.380:71): avc: denied { unmount } for pid=353 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 20.804184][ T361] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 20.823012][ T23] audit: type=1400 audit(1718495271.380:72): avc: denied { setattr } for pid=357 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=879 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 20.854253][ T23] audit: type=1400 audit(1718495271.360:70): avc: denied { mounton } for pid=356 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 20.879205][ T23] audit: type=1400 audit(1718495271.380:73): avc: denied { mount } for pid=356 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 20.902427][ T23] audit: type=1400 audit(1718495271.440:74): avc: denied { relabelto } for pid=361 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.902755][ T358] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 20.927909][ T23] audit: type=1400 audit(1718495271.440:75): avc: denied { write } for pid=361 comm="mkswap" path="/root/swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 20.965313][ T353] cgroup1: Unknown subsys name 'hugetlb' [ 20.971029][ T353] cgroup1: Unknown subsys name 'rlimit' 2024/06/15 23:47:51 starting 5 executor processes [ 21.533842][ T369] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.540807][ T369] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.548670][ T369] device bridge_slave_0 entered promiscuous mode [ 21.563666][ T374] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.570633][ T374] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.578099][ T374] device bridge_slave_0 entered promiscuous mode [ 21.584566][ T369] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.591553][ T369] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.598874][ T369] device bridge_slave_1 entered promiscuous mode [ 21.614659][ T374] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.621513][ T374] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.628948][ T374] device bridge_slave_1 entered promiscuous mode [ 21.645915][ T372] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.652753][ T372] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.660350][ T372] device bridge_slave_0 entered promiscuous mode [ 21.683629][ T372] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.690475][ T372] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.697948][ T372] device bridge_slave_1 entered promiscuous mode [ 21.779589][ T373] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.786419][ T373] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.793853][ T373] device bridge_slave_0 entered promiscuous mode [ 21.800382][ T371] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.807206][ T371] bridge0: port 1(bridge_slave_0) entered disabled state [ 21.814483][ T371] device bridge_slave_0 entered promiscuous mode [ 21.821278][ T371] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.828122][ T371] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.835484][ T371] device bridge_slave_1 entered promiscuous mode [ 21.853093][ T373] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.860216][ T373] bridge0: port 2(bridge_slave_1) entered disabled state [ 21.867546][ T373] device bridge_slave_1 entered promiscuous mode [ 22.031603][ T372] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.038450][ T372] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.045632][ T372] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.052477][ T372] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.063260][ T374] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.070107][ T374] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.077207][ T374] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.084007][ T374] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.119058][ T371] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.125913][ T371] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.133066][ T371] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.139900][ T371] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.159452][ T369] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.166304][ T369] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.173454][ T369] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.180283][ T369] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.214388][ T373] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.221236][ T373] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.228389][ T373] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.235216][ T373] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.265216][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.273398][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.280962][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.288297][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.295251][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.302546][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.309520][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.316557][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.323662][ T124] bridge0: port 1(bridge_slave_0) entered disabled state [ 22.330721][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.337761][ T124] bridge0: port 2(bridge_slave_1) entered disabled state [ 22.367795][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.375465][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.383669][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.392218][ T107] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.399068][ T107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.407585][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.415565][ T107] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.422423][ T107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.449165][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 22.456538][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.464895][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.473120][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.479962][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.487483][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.495285][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.503236][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.511510][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.518351][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.525486][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.533468][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.540298][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.547496][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.555514][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.562353][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.569521][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.577590][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.584408][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.594431][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.602553][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.609452][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.633173][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 22.640776][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 22.648773][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 22.656834][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 22.667050][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 22.673895][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 22.681429][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 22.689681][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 22.697712][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 22.704523][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 22.725410][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 22.733533][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.741569][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 22.750534][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.778244][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 22.786230][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.795412][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 22.803608][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.811982][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 22.820102][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.828277][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 22.836162][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.843965][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 22.851952][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 22.859876][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.868167][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.887653][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.895564][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.903634][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 22.911606][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 22.949087][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.956781][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.965709][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 22.973890][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 22.981568][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 22.989590][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 22.997930][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.006039][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 23.014456][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.022864][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.030850][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.038800][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.057236][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 23.065502][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 23.088624][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.096593][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.104679][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.112494][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.120604][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.128791][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 23.136435][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 23.161896][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.170516][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.179307][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.187677][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.196075][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.204297][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.212647][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.220895][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.229271][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.237297][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.248232][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.256401][ T107] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.294668][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.303791][ T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.331025][ T400] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 23.346539][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.365948][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.375552][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.385028][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.403829][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 23.412232][ T124] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 23.448672][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 23.456831][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 23.500000][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 23.517809][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 23.599377][ T410] loop3: p4 < > [ 23.660673][ T410] syz-executor.3 (410) used greatest stack depth: 21176 bytes left [ 23.685281][ T429] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 23.775337][ T416] udevd[416]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 23.798644][ T439] process 'syz-executor.2' launched './file1' with NULL argv: empty string added [ 23.811872][ T404] F2FS-fs (loop0): Found nat_bits in checkpoint [ 23.911555][ T404] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 23.996185][ T374] attempt to access beyond end of device [ 23.996185][ T374] loop0: rw=2049, want=45104, limit=40427 [ 24.021732][ T465] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 24.050565][ T467] xt_l2tp: missing protocol rule (udp|l2tpip) [ 24.353127][ T373] syz-executor.2 (373) used greatest stack depth: 20760 bytes left [ 24.506389][ T490] bridge0: port 1(bridge_slave_0) entered blocking state [ 24.513931][ T490] bridge0: port 1(bridge_slave_0) entered disabled state [ 24.521474][ T490] device bridge_slave_0 entered promiscuous mode [ 24.535726][ T490] bridge0: port 2(bridge_slave_1) entered blocking state [ 24.542653][ T490] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.550236][ T490] device bridge_slave_1 entered promiscuous mode [ 24.558398][ T492] loop0: p4 < > [ 24.583873][ T426] syz-executor.4 (426) used greatest stack depth: 20664 bytes left [ 24.598204][ T484] F2FS-fs (loop3): Found nat_bits in checkpoint [ 24.639993][ T504] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 24.676438][ T507] xt_l2tp: missing protocol rule (udp|l2tpip) [ 24.717714][ T484] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 24.741739][ T445] udevd[445]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 24.802857][ T369] attempt to access beyond end of device [ 24.802857][ T369] loop3: rw=2049, want=45104, limit=40427 [ 24.820251][ T513] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold, [ 24.850347][ T513] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor.0: bg 0: block 234: padding at end of block bitmap is not set [ 24.869736][ T513] EXT4-fs (loop0): Remounting filesystem read-only [ 24.889994][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 24.897580][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 24.909168][ T7] device bridge_slave_1 left promiscuous mode [ 24.915104][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 24.930038][ T7] device bridge_slave_0 left promiscuous mode [ 24.939421][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 25.068365][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 25.077143][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 25.085725][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 25.092604][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 25.101479][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 25.115860][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 25.125672][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 25.132547][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 25.150744][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 25.160764][ T536] syz-executor.3 (pid 536) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 25.175992][ T536] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-generic)" [ 25.178479][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 25.197128][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 25.219117][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 25.239882][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 25.256368][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 25.264949][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 25.274779][ T392] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 25.292542][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 25.301805][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 25.369995][ T544] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 25.400671][ T544] EXT4-fs error (device loop2): ext4_orphan_get:1236: inode #17: comm syz-executor.2: iget: bad i_size value: -6917529027641081756 [ 25.421893][ T544] EXT4-fs error (device loop2): ext4_orphan_get:1240: comm syz-executor.2: couldn't read orphan inode 17 (err -117) [ 25.436311][ T544] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 25.493500][ T544] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz-executor.2: bg 0: block 65: padding at end of block bitmap is not set [ 25.559481][ T554] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 25.583468][ T558] xt_l2tp: missing protocol rule (udp|l2tpip) [ 25.662543][ T552] loop2: p4 < > [ 25.728766][ T572] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 25.731784][ T571] request_module fs-autofs succeeded, but still no fs? [ 25.739247][ T23] kauditd_printk_skb: 240 callbacks suppressed [ 25.739261][ T23] audit: type=1400 audit(1718495276.330:314): avc: denied { write } for pid=567 comm="syz-executor.1" name="softnet_stat" dev="proc" ino=4026532387 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 25.772167][ T23] audit: type=1400 audit(1718495276.340:315): avc: denied { name_bind } for pid=567 comm="syz-executor.1" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 25.799825][ T23] audit: type=1400 audit(1718495276.360:316): avc: denied { connect } for pid=570 comm="syz-executor.3" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 25.821955][ T23] audit: type=1400 audit(1718495276.360:317): avc: denied { write } for pid=570 comm="syz-executor.3" laddr=fe80::a8aa:aaff:feaa:aa16 lport=58 faddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 25.861121][ T23] audit: type=1326 audit(1718495276.460:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=582 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff1f89ddea9 code=0x0 [ 25.886579][ T580] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 25.921587][ T580] EXT4-fs error (device loop2): ext4_orphan_get:1236: inode #17: comm syz-executor.2: iget: bad i_size value: -6917529027641081756 [ 25.935205][ T23] audit: type=1326 audit(1718495276.530:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=576 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82e5d59ea9 code=0x7ffc0000 [ 25.960144][ T580] EXT4-fs error (device loop2): ext4_orphan_get:1240: comm syz-executor.2: couldn't read orphan inode 17 (err -117) [ 25.972812][ T23] audit: type=1400 audit(1718495276.530:321): avc: denied { read write } for pid=584 comm="syz-executor.0" name="vhost-vsock" dev="devtmpfs" ino=9251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 25.998734][ T580] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue [ 26.009020][ T23] audit: type=1400 audit(1718495276.530:322): avc: denied { open } for pid=584 comm="syz-executor.0" path="/dev/vhost-vsock" dev="devtmpfs" ino=9251 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 26.034202][ T595] xt_l2tp: missing protocol rule (udp|l2tpip) [ 26.045589][ T23] audit: type=1400 audit(1718495276.530:323): avc: denied { ioctl } for pid=584 comm="syz-executor.0" path="/dev/vhost-vsock" dev="devtmpfs" ino=9251 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 26.047627][ T580] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz-executor.2: bg 0: block 65: padding at end of block bitmap is not set [ 26.076754][ T23] audit: type=1326 audit(1718495276.530:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=576 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f82e5d59ea9 code=0x7ffc0000 [ 26.497514][ T393] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 26.523515][ T609] loop0: p4 < > [ 26.698623][ T613] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 26.706268][ T613] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 26.715651][ T625] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 26.732635][ T613] F2FS-fs (loop4): invalid crc value [ 26.760881][ T631] xt_l2tp: missing protocol rule (udp|l2tpip) [ 26.768860][ T613] F2FS-fs (loop4): Found nat_bits in checkpoint [ 26.825905][ T613] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 26.832941][ T613] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 26.857994][ T372] attempt to access beyond end of device [ 26.857994][ T372] loop4: rw=2049, want=45104, limit=40427 [ 26.870484][ T625] kvm: emulating exchange as write [ 26.917584][ T393] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 26.928386][ T393] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 26.937968][ T393] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 26.954732][ T637] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 27.177889][ T393] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 27.188491][ T637] EXT4-fs error (device loop3): ext4_orphan_get:1236: inode #17: comm syz-executor.3: iget: bad i_size value: -6917529027641081756 [ 27.203003][ T637] EXT4-fs error (device loop3): ext4_orphan_get:1240: comm syz-executor.3: couldn't read orphan inode 17 (err -117) [ 27.209545][ T393] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 27.224384][ T393] usb 3-1: Product: syz [ 27.226906][ T637] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 27.228953][ T393] usb 3-1: Manufacturer: syz [ 27.241810][ T393] usb 3-1: SerialNumber: syz [ 27.251964][ T637] EXT4-fs error (device loop3): ext4_validate_block_bitmap:418: comm syz-executor.3: bg 0: block 65: padding at end of block bitmap is not set [ 27.439711][ T646] EXT4-fs warning (device loop3): read_mmp_block:111: Error -117 while reading MMP block 0 [ 27.451911][ T642] F2FS-fs (loop1): Found nat_bits in checkpoint [ 27.488703][ T605] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 27.495698][ T642] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 27.559596][ T371] attempt to access beyond end of device [ 27.559596][ T371] loop1: rw=2049, want=45104, limit=40427 [ 27.639279][ T661] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold, [ 27.662519][ T661] EXT4-fs error (device loop4): ext4_validate_block_bitmap:418: comm syz-executor.4: bg 0: block 234: padding at end of block bitmap is not set [ 27.677327][ T661] EXT4-fs (loop4): Remounting filesystem read-only [ 28.148015][ T605] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 28.189329][ T678] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 28.196970][ T678] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 28.206686][ T678] F2FS-fs (loop4): invalid crc value [ 28.214506][ T678] F2FS-fs (loop4): Found nat_bits in checkpoint [ 28.272652][ T678] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 28.281228][ T678] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 28.308715][ T372] attempt to access beyond end of device [ 28.308715][ T372] loop4: rw=2049, want=45104, limit=40427 [ 28.377644][ T393] cdc_ncm 3-1:1.0: bind() failure [ 28.385621][ T393] cdc_ncm 3-1:1.1: bind() failure [ 28.819099][ T694] F2FS-fs (loop3): Found nat_bits in checkpoint [ 28.841891][ T617] usb 3-1: USB disconnect, device number 2 [ 28.861645][ T694] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 28.896451][ T369] attempt to access beyond end of device [ 28.896451][ T369] loop3: rw=2049, want=45104, limit=40427 [ 28.922703][ T704] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold, [ 28.945753][ T704] EXT4-fs error (device loop0): ext4_validate_block_bitmap:418: comm syz-executor.0: bg 0: block 234: padding at end of block bitmap is not set [ 28.960652][ T704] EXT4-fs (loop0): Remounting filesystem read-only [ 29.599375][ T747] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,errors=remount-ro,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold, [ 29.621848][ T747] EXT4-fs error (device loop2): ext4_validate_block_bitmap:418: comm syz-executor.2: bg 0: block 234: padding at end of block bitmap is not set [ 29.636592][ T747] EXT4-fs (loop2): Remounting filesystem read-only [ 29.667496][ T392] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 29.818299][ T752] ====================================================== [ 29.818299][ T752] WARNING: the mand mount option is being deprecated and [ 29.818299][ T752] will be removed in v5.15! [ 29.818299][ T752] ====================================================== [ 29.844486][ T752] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 29.852038][ T752] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 29.861532][ T752] F2FS-fs (loop2): invalid crc value [ 29.875958][ T756] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.0'. [ 29.881489][ T752] F2FS-fs (loop2): Found nat_bits in checkpoint [ 29.917483][ T392] usb 2-1: Using ep0 maxpacket: 32 [ 29.928893][ T752] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 29.935811][ T752] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 30.002434][ T490] attempt to access beyond end of device [ 30.002434][ T490] loop2: rw=2051, want=53248, limit=40427 [ 30.013774][ T490] attempt to access beyond end of device [ 30.013774][ T490] loop2: rw=2051, want=81920, limit=40427 [ 30.025198][ T490] F2FS-fs (loop2): Issue discard(6144, 6144, 512) failed, ret: -5 [ 30.025216][ T490] F2FS-fs (loop2): Issue discard(9728, 9728, 512) failed, ret: -5 [ 30.037557][ T392] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 30.059959][ T392] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 30.072281][ T392] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 30.081372][ T392] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 30.092155][ T392] usb 2-1: config 0 descriptor?? [ 30.107722][ T736] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 30.128066][ T392] hub 2-1:0.0: USB hub found [ 30.177486][ T406] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 30.442684][ T736] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,,errors=continue [ 30.454910][ T736] ext4 filesystem being mounted at /root/syzkaller-testdir1746931612/syzkaller.FAzT6h/17/file1 supports timestamps until 2038 (0x7fffffff) [ 30.677596][ T392] hub 2-1:0.0: config failed, can't read hub descriptor (err -22) [ 30.737618][ T406] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 30.748524][ T406] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 30.758331][ T406] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 30.787609][ T392] usbhid 2-1:0.0: can't add hid device: -71 [ 30.793494][ T392] usbhid: probe of 2-1:0.0 failed with error -71 [ 30.827973][ T392] usb 2-1: USB disconnect, device number 2 [ 30.937530][ T406] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 30.946432][ T406] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 30.954428][ T406] usb 1-1: Product: syz [ 30.958590][ T406] usb 1-1: Manufacturer: syz [ 30.962994][ T406] usb 1-1: SerialNumber: syz [ 31.088165][ T796] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.1'. [ 31.208214][ T762] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 31.265058][ T23] kauditd_printk_skb: 319 callbacks suppressed [ 31.265069][ T23] audit: type=1400 audit(1718495281.860:639): avc: denied { create } for pid=818 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 31.291674][ T23] audit: type=1400 audit(1718495281.870:640): avc: denied { setopt } for pid=818 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 31.323155][ T23] audit: type=1400 audit(1718495281.920:641): avc: denied { read } for pid=823 comm="syz-executor.4" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 31.345955][ T23] audit: type=1400 audit(1718495281.920:642): avc: denied { open } for pid=823 comm="syz-executor.4" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 31.370174][ T23] audit: type=1400 audit(1718495281.930:643): avc: denied { ioctl } for pid=823 comm="syz-executor.4" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 31.395672][ T23] audit: type=1400 audit(1718495281.930:644): avc: denied { set_context_mgr } for pid=823 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 31.410342][ T828] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.2'. [ 31.416296][ T23] audit: type=1400 audit(1718495281.930:645): avc: denied { map } for pid=823 comm="syz-executor.4" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 31.452660][ T23] audit: type=1400 audit(1718495281.930:646): avc: denied { call } for pid=823 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 31.471849][ T23] audit: type=1400 audit(1718495281.930:647): avc: denied { transfer } for pid=823 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 31.647469][ T392] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 31.877711][ T762] raw-gadget gadget: fail, usb_ep_enable returned -22 [ 31.974649][ T836] fscrypt: AES-256-CTS-CBC using implementation "cts(cbc-aes-aesni)" [ 32.007668][ T392] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 32.018427][ T392] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 32.031481][ T392] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 32.040328][ T392] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 32.049168][ T392] usb 5-1: config 0 descriptor?? [ 32.107828][ T406] cdc_ncm 1-1:1.0: bind() failure [ 32.173235][ T406] cdc_ncm 1-1:1.1: bind() failure [ 32.399497][ T406] usb 1-1: USB disconnect, device number 2 [ 32.569234][ T392] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 32.577963][ T392] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 32.588216][ T392] plantronics 0003:047F:FFFF.0001: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 32.681232][ T23] audit: type=1400 audit(1718495283.280:648): avc: denied { mount } for pid=856 comm="syz-executor.2" name="/" dev="pstore" ino=9271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 32.817631][ T863] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.2'. [ 32.838292][ T406] usb 5-1: USB disconnect, device number 2 [ 32.874583][ T865] FAT-fs (loop2): Directory bread(block 64) failed [ 32.881902][ T865] FAT-fs (loop2): Directory bread(block 65) failed [ 32.888277][ T865] FAT-fs (loop2): Directory bread(block 66) failed [ 32.894543][ T865] FAT-fs (loop2): Directory bread(block 67) failed [ 32.900990][ T865] FAT-fs (loop2): Directory bread(block 68) failed [ 32.907219][ T865] FAT-fs (loop2): Directory bread(block 69) failed [ 32.913655][ T865] FAT-fs (loop2): Directory bread(block 70) failed [ 32.920239][ T865] FAT-fs (loop2): Directory bread(block 71) failed [ 32.926954][ T865] FAT-fs (loop2): Directory bread(block 72) failed [ 32.933318][ T865] FAT-fs (loop2): Directory bread(block 73) failed [ 33.613183][ T893] netlink: 168 bytes leftover after parsing attributes in process `syz-executor.2'. [ 33.827685][ T902] FAT-fs (loop1): Directory bread(block 64) failed [ 33.837572][ T902] FAT-fs (loop1): Directory bread(block 65) failed [ 33.844108][ T902] FAT-fs (loop1): Directory bread(block 66) failed [ 33.857501][ T902] FAT-fs (loop1): Directory bread(block 67) failed [ 33.864006][ T902] FAT-fs (loop1): Directory bread(block 68) failed [ 33.888487][ T902] FAT-fs (loop1): Directory bread(block 69) failed [ 33.895125][ T902] FAT-fs (loop1): Directory bread(block 70) failed [ 33.907497][ T902] FAT-fs (loop1): Directory bread(block 71) failed [ 33.913860][ T902] FAT-fs (loop1): Directory bread(block 72) failed [ 33.937498][ T902] FAT-fs (loop1): Directory bread(block 73) failed [ 34.018658][ T889] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 34.026326][ T889] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 34.036539][ T889] F2FS-fs (loop4): invalid crc value [ 34.043483][ T889] F2FS-fs (loop4): Found nat_bits in checkpoint [ 34.096238][ T889] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 34.103420][ T889] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 34.170219][ T916] F2FS-fs (loop0): invalid crc value [ 34.176856][ T916] F2FS-fs (loop0): Found nat_bits in checkpoint [ 34.227285][ T916] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 34.254050][ T372] attempt to access beyond end of device [ 34.254050][ T372] loop4: rw=2051, want=53248, limit=40427 [ 34.265306][ T372] attempt to access beyond end of device [ 34.265306][ T372] loop4: rw=2051, want=81920, limit=40427 [ 34.277682][ T372] F2FS-fs (loop4): Issue discard(6144, 6144, 512) failed, ret: -5 [ 34.277701][ T372] F2FS-fs (loop4): Issue discard(9728, 9728, 512) failed, ret: -5 [ 34.357462][ T124] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 34.727568][ T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 34.739075][ T124] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 34.752400][ T124] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 34.775185][ T124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 34.785537][ T124] usb 2-1: config 0 descriptor?? [ 34.872866][ T956] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 34.881565][ T956] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 34.898258][ T956] F2FS-fs (loop4): invalid crc value [ 34.914093][ T956] F2FS-fs (loop4): Found nat_bits in checkpoint [ 34.977921][ T956] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 34.984845][ T956] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 35.019480][ T972] EXT4-fs: Invalid sb specification: sb=0x000000000000009d"delalloc,resuid=0x0000000000000000,inode_readahead_blks=0x0000000002000002,dioread_nolock,sysvgroups,nomblk_io_submit,noauto_da_alloc,bsdgroups,journal_dev=0x0000000000008001,,errors=continue [ 35.044303][ T972] EXT4-fs (loop2): Unrecognized mount option "sb=0x000000000000009d"delalloc" or missing value [ 35.098980][ T372] attempt to access beyond end of device [ 35.098980][ T372] loop4: rw=2051, want=53248, limit=40427 [ 35.110271][ T372] attempt to access beyond end of device [ 35.110271][ T372] loop4: rw=2051, want=81920, limit=40427 [ 35.121549][ T372] F2FS-fs (loop4): Issue discard(6144, 6144, 512) failed, ret: -5 [ 35.121569][ T372] F2FS-fs (loop4): Issue discard(9728, 9728, 512) failed, ret: -5 [ 35.258779][ T124] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 35.274779][ T124] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 35.536795][ T124] plantronics 0003:047F:FFFF.0002: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 35.552823][ T124] usb 2-1: USB disconnect, device number 3 [ 35.718935][ T991] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 35.738176][ T991] EXT4-fs (loop3): invalid journal inode [ 35.743689][ T991] EXT4-fs (loop3): can't get journal size [ 35.752211][ T991] EXT4-fs (loop3): 1 truncate cleaned up [ 35.757955][ T991] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue [ 35.816463][ T1007] cgroup: syz-executor.3 (1007) created nested cgroup for controller "memory" which has incomplete hierarchy support. Nested cgroups may change behavior in the future. [ 35.833057][ T1007] cgroup: "memory" requires setting use_hierarchy to 1 on the root [ 36.503503][ T1025] input: syz0 as /devices/virtual/input/input4 [ 36.512628][ T23] kauditd_printk_skb: 15 callbacks suppressed [ 36.512717][ T23] audit: type=1400 audit(1718495287.100:664): avc: denied { ioctl } for pid=1022 comm="syz-executor.4" path="/dev/uinput" dev="devtmpfs" ino=883 ioctlcmd=0x5569 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 36.563768][ T617] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 36.807472][ T617] usb 2-1: Using ep0 maxpacket: 16 [ 36.838732][ T1035] EXT4-fs: Invalid sb specification: sb=0x000000000000009d"delalloc,resuid=0x0000000000000000,inode_readahead_blks=0x0000000002000002,dioread_nolock,sysvgroups,nomblk_io_submit,noauto_da_alloc,bsdgroups,journal_dev=0x0000000000008001,,errors=continue [ 36.863259][ T1035] EXT4-fs (loop3): Unrecognized mount option "sb=0x000000000000009d"delalloc" or missing value [ 36.937586][ T617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 36.948307][ T617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 36.957854][ T617] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 36.966662][ T617] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 36.975286][ T617] usb 2-1: config 0 descriptor?? [ 37.038837][ T1039] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 37.047815][ T1039] EXT4-fs (loop3): invalid journal inode [ 37.053307][ T1039] EXT4-fs (loop3): can't get journal size [ 37.060201][ T1039] EXT4-fs (loop3): 1 truncate cleaned up [ 37.065692][ T1039] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue [ 37.180482][ T1047] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 37.190083][ T1047] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 37.199660][ T1047] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 not in group (block 0)! [ 37.209628][ T1047] EXT4-fs (loop3): group descriptors corrupted! [ 37.263188][ T23] audit: type=1400 audit(1718495287.860:665): avc: denied { read } for pid=1051 comm="syz-executor.4" name="usbmon7" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 37.286941][ T23] audit: type=1400 audit(1718495287.860:666): avc: denied { open } for pid=1051 comm="syz-executor.4" path="/dev/usbmon7" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 37.311091][ T23] audit: type=1400 audit(1718495287.860:667): avc: denied { write } for pid=1051 comm="syz-executor.4" name="usbmon7" dev="devtmpfs" ino=873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 37.437892][ T1019] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 37.457499][ T124] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 37.461809][ T617] hid-generic 0003:0158:0100.0003: unexpected long global item [ 37.474101][ T617] hid-generic: probe of 0003:0158:0100.0003 failed with error -22 [ 37.659119][ T1071] erofs: (device loop0): mounted with opts: , root inode @ nid 36. [ 37.667574][ T406] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 37.675137][ T23] audit: type=1400 audit(1718495288.270:668): avc: denied { execute } for pid=1070 comm="syz-executor.0" name="file2" dev="loop0" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 37.678532][ T617] usb 2-1: USB disconnect, device number 4 [ 37.698746][ T23] audit: type=1400 audit(1718495288.270:669): avc: denied { execute_no_trans } for pid=1070 comm="syz-executor.0" path="/root/syzkaller-testdir3426764565/syzkaller.qRo5jx/36/file1/file2" dev="loop0" ino=89 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 37.703743][ T1071] erofs: (device loop0): z_erofs_lz4_decompress: failed to decompress, in[46, 4050] out[9000] [ 37.741718][ T1071] ------------[ cut here ]------------ [ 37.746900][ T1071] WARNING: CPU: 1 PID: 1071 at fs/erofs/decompressor.c:170 z_erofs_lz4_decompress+0x910/0xc70 [ 37.756940][ T1071] Modules linked in: [ 37.760677][ T1071] CPU: 1 PID: 1071 Comm: syz-executor.0 Not tainted 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 37.770657][ T1071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 37.780565][ T1071] RIP: 0010:z_erofs_lz4_decompress+0x910/0xc70 [ 37.786541][ T1071] Code: b6 04 03 84 c0 0f 85 da 02 00 00 45 8b 0f 48 89 ef 48 c7 c6 b2 f9 5a 85 48 c7 c2 20 c1 f7 84 44 89 e9 45 89 f0 e8 80 ec fe ff <0f> 0b 44 89 e8 48 c7 c7 80 c1 f7 84 48 c7 c6 a0 c1 f7 84 ba 02 00 [ 37.805981][ T1071] RSP: 0018:ffff8881e05d6b58 EFLAGS: 00010246 [ 37.811883][ T1071] RAX: 50ae052a8fb6fc00 RBX: 1ffff1103c0bae28 RCX: 50ae052a8fb6fc00 [ 37.819834][ T1071] RDX: ffffc90001146000 RSI: 000000000003ffff RDI: 0000000000040000 [ 37.827593][ T1071] RBP: ffff8881e1778000 R08: ffffffff814d5cd2 R09: ffffed103edea9b8 [ 37.835490][ T1071] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881e162bfd2 [ 37.843299][ T1071] R13: 000000000000002e R14: 0000000000000fd2 R15: ffff8881e05d7140 [ 37.847561][ T124] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 37.851120][ T1071] FS: 00007fda6bc336c0(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 37.851128][ T1071] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 37.851135][ T1071] CR2: 0000001b32a34000 CR3: 00000001e3f22000 CR4: 00000000003406a0 [ 37.851160][ T1071] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 37.862032][ T124] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 37.870561][ T1071] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 37.870565][ T1071] Call Trace: [ 37.870583][ T1071] ? __warn+0x162/0x250 [ 37.870596][ T1071] ? report_bug+0x3a1/0x4e0 [ 37.870609][ T1071] ? z_erofs_lz4_decompress+0x910/0xc70 [ 37.870631][ T1071] ? z_erofs_lz4_decompress+0x910/0xc70 [ 37.879170][ T124] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 37.884805][ T1071] ? do_invalid_op+0x6e/0x110 [ 37.884824][ T1071] ? invalid_op+0x1e/0x30 [ 37.893089][ T124] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 37.905533][ T1071] ? wake_up_klogd+0xb2/0xf0 [ 37.905548][ T1071] ? z_erofs_lz4_decompress+0x910/0xc70 [ 37.905560][ T1071] ? z_erofs_lz4_decompress+0x910/0xc70 [ 37.905576][ T1071] ? z_erofs_lz4_prepare_destpages+0x690/0x690 [ 37.905587][ T1071] z_erofs_decompress+0xba6/0xfc0 [ 37.905604][ T1071] z_erofs_vle_unzip_all+0x1147/0x1bf0 [ 37.905625][ T1071] ? z_erofs_onlinepage_endio+0x140/0x140 [ 37.905661][ T1071] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 37.915292][ T124] usb 3-1: config 0 descriptor?? [ 37.916457][ T1071] ? _raw_spin_lock+0x1b0/0x1b0 [ 37.916469][ T1071] ? prepare_to_wait_event+0x3c1/0x420 [ 37.916488][ T1071] ? autoremove_wake_function+0xf0/0xf0 [ 38.023208][ T1071] ? finish_wait+0xa5/0x1a0 [ 38.027545][ T1071] z_erofs_submit_and_unzip+0x12d2/0x13d0 [ 38.033100][ T1071] ? z_erofs_attach_page+0x4d7/0x710 [ 38.038225][ T1071] ? z_erofs_do_read_page+0x2580/0x2580 [ 38.043609][ T1071] ? init_wait_entry+0xd0/0xd0 [ 38.048202][ T1071] ? z_erofs_vle_normalaccess_readpages+0xc70/0xc70 [ 38.054632][ T1071] ? check_preemption_disabled+0x153/0x320 [ 38.057582][ T406] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 38.060364][ T1071] z_erofs_vle_normalaccess_readpages+0x901/0xc70 [ 38.060387][ T1071] ? z_erofs_vle_normalaccess_readpage+0x630/0x630 [ 38.071338][ T406] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 38.077295][ T1071] ? setup_fault_attr+0x3d0/0x3d0 [ 38.077315][ T1071] ? bpf_probe_read+0x54/0x80 [ 38.084713][ T406] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.092475][ T1071] ? common_lsm_audit+0x1412/0x17e0 [ 38.092493][ T1071] ? z_erofs_vle_normalaccess_readpage+0x630/0x630 [ 38.092504][ T1071] read_pages+0x119/0x400 [ 38.092517][ T1071] ? __do_page_cache_readahead+0x4f0/0x4f0 [ 38.092537][ T1071] ? find_get_entry+0x569/0x600 [ 38.099071][ T406] usb 4-1: config 0 descriptor?? [ 38.101851][ T1071] __do_page_cache_readahead+0x448/0x4f0 [ 38.101871][ T1071] ? read_cache_pages_invalidate_pages+0x1b0/0x1b0 [ 38.152100][ T1071] generic_file_read_iter+0x673/0x21f0 [ 38.157384][ T1071] ? avc_denied+0x15c/0x1d0 [ 38.161749][ T1071] ? find_get_pages_range_tag+0xae0/0xae0 [ 38.167283][ T1071] ? get_vfs_caps_from_disk+0x163/0x760 [ 38.172667][ T1071] ? iov_iter_init+0x82/0x160 [ 38.177175][ T1071] __vfs_read+0x5cd/0x730 [ 38.181346][ T1071] ? rw_verify_area+0x360/0x360 [ 38.186034][ T1071] ? __fsnotify_update_child_dentry_flags+0x290/0x290 [ 38.192722][ T1071] ? security_file_permission+0x1dc/0x2f0 [ 38.198269][ T1071] vfs_read+0x148/0x360 [ 38.202258][ T1071] kernel_read+0xa2/0xf0 [ 38.206336][ T1071] prepare_binprm+0x5c5/0x780 [ 38.210854][ T1071] ? install_exec_creds+0x130/0x130 [ 38.215880][ T1071] ? bprm_mm_init+0x3d7/0x450 [ 38.220410][ T1071] __do_execve_file+0x8b9/0x10d0 [ 38.225263][ T1071] ? do_execve_file+0x40/0x40 [ 38.229773][ T1071] __x64_sys_execveat+0xcf/0xe0 [ 38.234456][ T1071] do_syscall_64+0xca/0x1c0 [ 38.238797][ T1071] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 38.244523][ T1071] RIP: 0033:0x7fda6c8b8ea9 [ 38.248775][ T1071] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 38.268217][ T1071] RSP: 002b:00007fda6bc330c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 38.276636][ T1071] RAX: ffffffffffffffda RBX: 00007fda6c9eff80 RCX: 00007fda6c8b8ea9 [ 38.284442][ T1071] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 38.292251][ T1071] RBP: 00007fda6c927ff4 R08: 0000000000000000 R09: 0000000000000000 [ 38.300062][ T1071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 38.307877][ T1071] R13: 000000000000000b R14: 00007fda6c9eff80 R15: 00007ffc5031cdd8 [ 38.315692][ T1071] ---[ end trace f18d63f30a301435 ]--- [ 38.340949][ T23] audit: type=1400 audit(1718495288.940:670): avc: denied { remove_name } for pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=9280 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 38.366191][ T23] audit: type=1400 audit(1718495288.940:671): avc: denied { rename } for pid=144 comm="syslogd" name="messages" dev="tmpfs" ino=9280 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 38.389089][ T23] audit: type=1400 audit(1718495288.940:672): avc: denied { create } for pid=144 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 38.410542][ T124] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 38.418269][ T124] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 38.427329][ T124] plantronics 0003:047F:FFFF.0004: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 38.449003][ T1075] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 38.457754][ T1075] ext4 filesystem being mounted at /root/syzkaller-testdir3044919168/syzkaller.yEc9DI/48/file1 supports timestamps until 2038 (0x7fffffff) [ 38.479239][ T1080] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'. [ 38.600614][ T406] keytouch 0003:0926:3333.0005: fixing up Keytouch IEC report descriptor [ 38.620471][ T406] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0005/input/input5 [ 38.689661][ T617] usb 3-1: USB disconnect, device number 3 [ 38.711867][ T406] keytouch 0003:0926:3333.0005: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0 [ 39.005133][ T1100] FAT-fs (loop0): Directory bread(block 64) failed [ 39.011547][ T1100] FAT-fs (loop0): Directory bread(block 65) failed [ 39.019187][ T1100] FAT-fs (loop0): Directory bread(block 66) failed [ 39.025544][ T1100] FAT-fs (loop0): Directory bread(block 67) failed [ 39.032117][ T1100] FAT-fs (loop0): Directory bread(block 68) failed [ 39.039519][ T1100] FAT-fs (loop0): Directory bread(block 69) failed [ 39.045968][ T1100] FAT-fs (loop0): Directory bread(block 70) failed [ 39.052466][ T1100] FAT-fs (loop0): Directory bread(block 71) failed [ 39.059592][ T1100] FAT-fs (loop0): Directory bread(block 72) failed [ 39.065949][ T1100] FAT-fs (loop0): Directory bread(block 73) failed [ 39.206860][ T1085] F2FS-fs (loop4): Wrong segment_count / block_count (65567 > 16384) [ 39.217515][ T1085] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 39.229348][ T1085] F2FS-fs (loop4): Found nat_bits in checkpoint [ 39.259882][ T406] usb 4-1: USB disconnect, device number 2 [ 39.266545][ T1106] FAT-fs (loop0): Directory bread(block 64) failed [ 39.273179][ T1106] FAT-fs (loop0): Directory bread(block 65) failed [ 39.279833][ T1106] FAT-fs (loop0): Directory bread(block 66) failed [ 39.284941][ T1085] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 39.286711][ T1106] FAT-fs (loop0): Directory bread(block 67) failed [ 39.294387][ T1085] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 39.299859][ T1106] FAT-fs (loop0): Directory bread(block 68) failed [ 39.314195][ T1106] FAT-fs (loop0): Directory bread(block 69) failed [ 39.322232][ T1106] FAT-fs (loop0): Directory bread(block 70) failed [ 39.328642][ T1106] FAT-fs (loop0): Directory bread(block 71) failed [ 39.333042][ T23] audit: type=1400 audit(1718495289.940:673): avc: denied { rename } for pid=1084 comm="syz-executor.4" name="file0" dev="loop4" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1 [ 39.335054][ T1106] FAT-fs (loop0): Directory bread(block 72) failed [ 39.364319][ T1106] FAT-fs (loop0): Directory bread(block 73) failed [ 39.408054][ T1106] attempt to access beyond end of device [ 39.408054][ T1106] loop0: rw=2049, want=1320, limit=256 [ 40.608651][ T1141] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 40.690601][ T1141] EXT4-fs (loop1): invalid journal inode [ 40.696071][ T1141] EXT4-fs (loop1): can't get journal size [ 40.705782][ T1141] EXT4-fs (loop1): 1 truncate cleaned up [ 40.711470][ T1141] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,,errors=continue [ 40.759013][ T1134] F2FS-fs (loop0): Wrong CP boundary, start(512) end(198144) blocks(1024) [ 40.776954][ T1134] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock [ 40.799264][ T1134] F2FS-fs (loop0): invalid crc value [ 40.818482][ T1134] F2FS-fs (loop0): Found nat_bits in checkpoint [ 40.891639][ T1134] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0 [ 40.900818][ T1134] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 41.127496][ T406] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 41.135973][ T1164] erofs: (device loop4): mounted with opts: , root inode @ nid 36. [ 41.147309][ T1164] erofs: (device loop4): erofs_fill_dentries: bogus dirent @ nid 36 [ 41.167525][ T124] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 41.399147][ T1167] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 41.407558][ T124] usb 2-1: Using ep0 maxpacket: 32 [ 41.407976][ T1167] ext4 filesystem being mounted at /root/syzkaller-testdir3044919168/syzkaller.yEc9DI/55/file1 supports timestamps until 2038 (0x7fffffff) [ 41.428680][ T1150] F2FS-fs (loop3): Wrong segment_count / block_count (65567 > 16384) [ 41.436951][ T1150] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 41.447081][ T1167] capability: warning: `syz-executor.4' uses deprecated v2 capabilities in a way that may be insecure [ 41.451225][ T1150] F2FS-fs (loop3): Found nat_bits in checkpoint [ 41.491376][ T1150] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 41.498464][ T1150] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 41.517564][ T406] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 41.528338][ T406] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 41.537218][ T406] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 41.547663][ T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 41.558987][ T23] kauditd_printk_skb: 140 callbacks suppressed [ 41.558999][ T23] audit: type=1326 audit(1718495292.170:814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6c8b8ea9 code=0x7ffc0000 [ 41.597476][ T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 41.607013][ T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 41.623428][ T23] audit: type=1326 audit(1718495292.170:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda6c8b8ea9 code=0x7ffc0000 [ 41.634766][ T124] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 41.647628][ T23] audit: type=1326 audit(1718495292.170:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fda6c8b8ea9 code=0x7ffc0000 [ 41.656953][ T406] usb 3-1: config 0 descriptor?? [ 41.680729][ T23] audit: type=1326 audit(1718495292.170:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fda6c8b8ee3 code=0x7ffc0000 [ 41.685237][ T124] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 41.720382][ T23] audit: type=1326 audit(1718495292.170:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fda6c8b7bef code=0x7ffc0000 [ 41.721403][ T124] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 41.753457][ T124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 41.763199][ T124] usb 2-1: config 0 descriptor?? [ 41.768180][ T23] audit: type=1326 audit(1718495292.200:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fda6c8b8f37 code=0x7ffc0000 [ 41.791996][ T23] audit: type=1326 audit(1718495292.200:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda6c8b7aa0 code=0x7ffc0000 [ 41.816638][ T23] audit: type=1326 audit(1718495292.200:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fda6c8b8c0b code=0x7ffc0000 [ 41.840529][ T23] audit: type=1326 audit(1718495292.220:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fda6c8b7d9a code=0x7ffc0000 [ 41.864101][ T23] audit: type=1326 audit(1718495292.220:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1172 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fda6c8b7d9a code=0x7ffc0000 [ 41.907482][ T392] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 42.269658][ T406] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor [ 42.281932][ T406] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0006/input/input6 [ 42.293233][ T124] ntrig 0003:1B96:000A.0007: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.1-1/input0 [ 42.327472][ T392] usb 5-1: Using ep0 maxpacket: 8 [ 42.371944][ T406] keytouch 0003:0926:3333.0006: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 42.447628][ T392] usb 5-1: config 0 has an invalid interface number: 171 but max is 0 [ 42.455701][ T392] usb 5-1: config 0 has no interface number 0 [ 42.462075][ T392] usb 5-1: too many endpoints for config 0 interface 171 altsetting 190: 149, using maximum allowed: 30 [ 42.473106][ T392] usb 5-1: config 0 interface 171 altsetting 190 has 0 endpoint descriptors, different from the interface descriptor's value: 149 [ 42.476280][ T1160] incfs_lookup_dentry err:-13 [ 42.489067][ T392] usb 5-1: config 0 interface 171 has no altsetting 0 [ 42.497413][ T392] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 42.506620][ T392] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 42.515399][ T392] usb 5-1: config 0 descriptor?? [ 42.603744][ T1196] syz-executor.3[1196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 42.603823][ T1196] syz-executor.3[1196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 42.659121][ T1198] EXT4-fs: Invalid sb specification: sb=0x000000000000009d"delalloc,resuid=0x0000000000000000,inode_readahead_blks=0x0000000002000002,dioread_nolock,sysvgroups,nomblk_io_submit,noauto_da_alloc,bsdgroups,journal_dev=0x0000000000008001,,errors=continue [ 42.694666][ T1198] EXT4-fs (loop3): Unrecognized mount option "sb=0x000000000000009d"delalloc" or missing value [ 42.837979][ T617] usb 3-1: USB disconnect, device number 4 [ 42.847478][ C0] keytouch 0003:0926:3333.0006: usb_submit_urb(ctrl) failed: -19 [ 42.867521][ T392] usb 5-1: string descriptor 0 read error: -71 [ 42.887623][ T392] asix 5-1:0.171 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 42.907642][ T392] asix: probe of 5-1:0.171 failed with error -71 [ 42.914758][ T392] usb 5-1: USB disconnect, device number 3 [ 43.101407][ T1208] F2FS-fs (loop0): invalid crc value [ 43.108241][ T1208] F2FS-fs (loop0): Found nat_bits in checkpoint [ 43.153391][ T1208] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 43.397728][ T1217] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 43.600574][ T1232] syz-executor.4[1232] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 43.600669][ T1232] syz-executor.4[1232] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 43.639314][ T1229] erofs: (device loop0): mounted with opts: , root inode @ nid 36. [ 43.795902][ T1229] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 36 [ 44.162159][ T1246] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 44.171122][ T1246] ext4 filesystem being mounted at /root/syzkaller-testdir3591813658/syzkaller.krURhu/68/file1 supports timestamps until 2038 (0x7fffffff) [ 44.186669][ T1253] EXT4-fs (loop2): Ignoring removed orlov option [ 44.192876][ T1253] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 44.386030][ T1253] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue [ 44.414458][ T1253] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.2: corrupt xattr in inline inode [ 44.427973][ T1253] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2221: inode #12: comm syz-executor.2: corrupted in-inode xattr [ 44.527579][ T5] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 44.837703][ T5] usb 4-1: Using ep0 maxpacket: 8 [ 44.997509][ T5] usb 4-1: config 0 has an invalid interface number: 171 but max is 0 [ 45.005521][ T5] usb 4-1: config 0 has no interface number 0 [ 45.012161][ T5] usb 4-1: too many endpoints for config 0 interface 171 altsetting 190: 149, using maximum allowed: 30 [ 45.023318][ T5] usb 4-1: config 0 interface 171 altsetting 190 has 0 endpoint descriptors, different from the interface descriptor's value: 149 [ 45.036722][ T5] usb 4-1: config 0 interface 171 has no altsetting 0 [ 45.043510][ T5] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 45.052684][ T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 45.061606][ T5] usb 4-1: config 0 descriptor?? [ 45.170002][ T1268] F2FS-fs (loop2): Test dummy encryption mode enabled [ 45.178150][ T1268] F2FS-fs (loop2): invalid crc value [ 45.184989][ T1268] F2FS-fs (loop2): Found nat_bits in checkpoint [ 45.216981][ T1268] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 45.257521][ T392] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 45.417553][ T5] usb 4-1: string descriptor 0 read error: -71 [ 45.437570][ T5] asix 4-1:0.171 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 45.453114][ T5] asix: probe of 4-1:0.171 failed with error -71 [ 45.460636][ T5] usb 4-1: USB disconnect, device number 3 [ 45.579580][ T1284] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,errors=continue,sysvgroups,norecovery,errors=continue,abort,quota,noauto_da_alloc,lazytime,,errors=continue [ 45.637572][ T392] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 45.648633][ T392] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 45.658921][ T392] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 45.667790][ T392] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 45.676315][ T392] usb 1-1: config 0 descriptor?? [ 45.682278][ T1290] erofs: (device loop2): mounted with opts: , root inode @ nid 36. [ 45.694943][ T1290] erofs: (device loop2): erofs_fill_dentries: bogus dirent @ nid 36 [ 45.809048][ T1297] EXT4-fs (loop2): Ignoring removed orlov option [ 45.815220][ T1297] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 45.829198][ T1297] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue [ 45.863850][ T1297] EXT4-fs error (device loop2): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.2: corrupt xattr in inline inode [ 45.877322][ T1297] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2221: inode #12: comm syz-executor.2: corrupted in-inode xattr [ 46.163941][ T107] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 46.677488][ T107] usb 5-1: Using ep0 maxpacket: 16 [ 46.797562][ T107] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 46.808288][ T107] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 46.817830][ T107] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 46.826675][ T107] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 46.835260][ T107] usb 5-1: config 0 descriptor?? [ 46.839966][ T1325] EXT4-fs (loop3): mounted filesystem without journal. Opts: user_xattr,errors=continue,sysvgroups,norecovery,errors=continue,abort,quota,noauto_da_alloc,lazytime,,errors=continue [ 47.177485][ T5] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 47.307864][ T1306] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 47.331610][ T107] hid-generic 0003:0158:0100.0008: unexpected long global item [ 47.339535][ T107] hid-generic: probe of 0003:0158:0100.0008 failed with error -22 [ 47.366009][ T124] usb 2-1: USB disconnect, device number 5 [ 47.439058][ T1343] EXT4-fs (loop1): Ignoring removed orlov option [ 47.445367][ T1343] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 47.454745][ T23] kauditd_printk_skb: 196 callbacks suppressed [ 47.454755][ T23] audit: type=1400 audit(1718495298.050:1020): avc: denied { read } for pid=1347 comm="syz-executor.2" name="rtc0" dev="devtmpfs" ino=884 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 47.484272][ T23] audit: type=1400 audit(1718495298.050:1021): avc: denied { open } for pid=1347 comm="syz-executor.2" path="/dev/rtc0" dev="devtmpfs" ino=884 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 47.486218][ T1343] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue [ 47.508046][ T23] audit: type=1400 audit(1718495298.060:1022): avc: denied { ioctl } for pid=1347 comm="syz-executor.2" path="/dev/rtc0" dev="devtmpfs" ino=884 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 47.561203][ T617] usb 5-1: USB disconnect, device number 4 [ 47.567570][ T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 47.568386][ T23] audit: type=1400 audit(1718495298.150:1023): avc: denied { mount } for pid=1342 comm="syz-executor.1" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 47.595769][ T5] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 47.609686][ T5] usb 4-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 47.618592][ T5] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 47.627279][ T5] usb 4-1: config 0 descriptor?? [ 47.635597][ T1343] EXT4-fs error (device loop1): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.1: corrupt xattr in inline inode [ 47.657643][ T1343] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2221: inode #12: comm syz-executor.1: corrupted in-inode xattr [ 47.681515][ T371] ================================================================== [ 47.689402][ T371] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xc1f/0xc30 [ 47.697207][ T371] Read of size 4 at addr ffff8881cc0e0000 by task syz-executor.1/371 [ 47.705094][ T371] [ 47.707274][ T371] CPU: 0 PID: 371 Comm: syz-executor.1 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 47.718548][ T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 47.728441][ T371] Call Trace: [ 47.731577][ T371] dump_stack+0x1d8/0x241 [ 47.735744][ T371] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 47.741470][ T371] ? printk+0xd1/0x111 [ 47.745375][ T371] ? ext4_xattr_delete_inode+0xc1f/0xc30 [ 47.750841][ T371] print_address_description+0x8c/0x600 [ 47.756227][ T371] ? ext4_xattr_delete_inode+0xc1f/0xc30 [ 47.761689][ T371] __kasan_report+0xf3/0x120 [ 47.766116][ T371] ? ext4_xattr_delete_inode+0xc1f/0xc30 [ 47.771583][ T371] kasan_report+0x30/0x60 [ 47.775748][ T371] ext4_xattr_delete_inode+0xc1f/0xc30 [ 47.781047][ T371] ? check_preemption_disabled+0x9f/0x320 [ 47.786599][ T371] ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0 [ 47.792505][ T371] ? __ext4_journal_start_sb+0x295/0x460 [ 47.797967][ T371] ext4_evict_inode+0x1378/0x1ac0 [ 47.802833][ T371] ? ext4_truncate_restart_trans+0xe0/0xe0 [ 47.808470][ T371] ? wb_io_lists_depopulated+0x85/0x170 [ 47.813852][ T371] ? ext4_truncate_restart_trans+0xe0/0xe0 [ 47.819496][ T371] evict+0x29b/0x6a0 [ 47.823226][ T371] vfs_rmdir+0x24b/0x3c0 [ 47.827303][ T371] do_rmdir+0x2c1/0x580 [ 47.831301][ T371] ? d_delete_notify+0xc0/0xc0 [ 47.835897][ T371] ? _raw_spin_unlock_irq+0x4a/0x60 [ 47.840932][ T371] do_syscall_64+0xca/0x1c0 [ 47.845272][ T371] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 47.850999][ T371] RIP: 0033:0x7f82e5d59687 [ 47.855337][ T371] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 47.874775][ T371] RSP: 002b:00007fffee1fd1e8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 47.883035][ T371] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f82e5d59687 [ 47.890834][ T371] RDX: 0000000000000200 RSI: 00007fffee1fe390 RDI: 00000000ffffff9c [ 47.898663][ T371] RBP: 00007f82e5db6636 R08: 0000000000000000 R09: 0000000000000000 [ 47.906456][ T371] R10: 0000000000000100 R11: 0000000000000207 R12: 00007fffee1fe390 [ 47.914266][ T371] R13: 00007f82e5db6636 R14: 000000000000b92b R15: 0000000000000008 [ 47.922078][ T371] [ 47.924244][ T371] The buggy address belongs to the page: [ 47.929730][ T371] page:ffffea0007303800 refcount:0 mapcount:-128 mapping:0000000000000000 index:0x1 [ 47.938915][ T371] flags: 0x8000000000000000() [ 47.943435][ T371] raw: 8000000000000000 ffffea00073b0e08 ffffea0007322e08 0000000000000000 [ 47.951852][ T371] raw: 0000000000000001 0000000000000002 00000000ffffff7f 0000000000000000 [ 47.960266][ T371] page dumped because: kasan: bad access detected [ 47.966521][ T371] page_owner tracks the page as freed [ 47.971727][ T371] page last allocated via order 0, migratetype Movable, gfp_mask 0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000) [ 47.983888][ T371] prep_new_page+0x18f/0x370 [ 47.988306][ T371] get_page_from_freelist+0x2d13/0x2d90 [ 47.993682][ T371] __alloc_pages_nodemask+0x393/0x840 [ 47.998892][ T371] handle_mm_fault+0x236e/0x4990 [ 48.003666][ T371] __do_page_fault+0x509/0xbb0 [ 48.008265][ T371] page_fault+0x2f/0x40 [ 48.012258][ T371] copy_user_enhanced_fast_string+0xe/0x30 [ 48.017900][ T371] _copy_to_iter+0x2a8/0xd50 [ 48.022326][ T371] __skb_datagram_iter+0x2ca/0x740 [ 48.027272][ T371] skb_copy_datagram_iter+0x41/0x1e0 [ 48.032410][ T371] unix_stream_read_actor+0x6c/0xa0 [ 48.037441][ T371] unix_stream_read_generic+0xb27/0x2060 [ 48.042898][ T371] unix_stream_recvmsg+0x166/0x1e0 [ 48.047840][ T371] ___sys_recvmsg+0x6a7/0xa60 [ 48.052354][ T371] do_recvmmsg+0x418/0x940 [ 48.056608][ T371] __x64_sys_recvmmsg+0x195/0x240 [ 48.061460][ T371] page last free stack trace: [ 48.065981][ T371] free_unref_page_prepare+0x297/0x380 [ 48.071276][ T371] free_unref_page_list+0x10a/0x590 [ 48.076311][ T371] release_pages+0xad8/0xb20 [ 48.080734][ T371] tlb_flush_mmu+0xc8/0x170 [ 48.085073][ T371] unmap_page_range+0x1d29/0x2620 [ 48.089939][ T371] unmap_vmas+0x355/0x4b0 [ 48.094099][ T371] exit_mmap+0x2bc/0x520 [ 48.098196][ T371] __mmput+0x8e/0x2c0 [ 48.101996][ T371] do_exit+0xc08/0x2bc0 [ 48.105992][ T371] do_group_exit+0x138/0x300 [ 48.110418][ T371] __x64_sys_exit_group+0x3b/0x40 [ 48.115278][ T371] do_syscall_64+0xca/0x1c0 [ 48.119617][ T371] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 48.125340][ T371] [ 48.127510][ T371] Memory state around the buggy address: [ 48.132992][ T371] ffff8881cc0dff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.140880][ T371] ffff8881cc0dff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 48.148778][ T371] >ffff8881cc0e0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.156672][ T371] ^ [ 48.160584][ T371] ffff8881cc0e0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.168478][ T371] ffff8881cc0e0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 48.176373][ T371] ================================================================== [ 48.184272][ T371] Disabling lock debugging due to kernel taint 2024/06/15 23:48:18 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 48.204736][ T23] audit: type=1400 audit(1718495298.280:1024): avc: denied { unmount } for pid=371 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 48.240541][ T1317] syz-executor.0 (1317) used greatest stack depth: 20568 bytes left [ 48.307528][ T392] usbhid 1-1:0.0: can't add hid device: -71 [ 48.313332][ T392] usbhid: probe of 1-1:0.0 failed with error -71 [ 48.328349][ T392] usb 1-1: USB disconnect, device number 3