last executing test programs: 22.120235268s ago: executing program 2 (id=403): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000100)={{0x100}, 'syz1\x00'}) ioctl$UI_DEV_CREATE(r0, 0x5501) 21.995411969s ago: executing program 2 (id=409): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000005c0)='\"', 0x1, 0x4fed0) read$FUSE(r0, &(0x7f0000000800)={0x2020}, 0x2020) sendfile(r0, r0, 0x0, 0xe3aa6ea) 21.643787592s ago: executing program 2 (id=425): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2c, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) timer_create(0x0, 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)={0x20000000}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000300)) 20.773166618s ago: executing program 2 (id=462): syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4016, &(0x7f00000006c0)={[{@dioread_nolock}, {@inlinecrypt}, {@noauto_da_alloc}, {@lazytime}, {@noquota}, {@journal_dev}]}, 0x1, 0x43c, &(0x7f0000000280)="$eJzs28tvG0UYAPBv7SR9k1CVR9MCgYKIeCRNWkoPXEAgcQAJCQ7lGJK0CnUb1ASJVhEEhMoRVeKOOCLxF3CCCwJOSFzhjipVKJcWTkZr7ya2Y7tJ6tSh/v2kbWd2x5n5vDv2zI43gJ41kv6TROyPiD8iYrCarS8wUv3v1srS9D8rS9NJlMtv/51Uyt1cWZrOi+av25dn+iIKnydxpEm9C5evnJ8qlWYvZfnxxQsfjC9cvvL83IWpc7PnZi9Onj598sTEi6cmX+hInGlcN4c/nj96+PV3r705febae798l+TxN8TRISPtDj5VLne4uu46UJNO+rrYEDalWO2m0V/p/4NRjLWTNxivfdbVxgHbqlwulx9sfXi5DNzDkuh2C4DuyL/o0/lvvt2loceOcOPl6gQojftWtlWP9EUhK9PfML/tpJGIOLP879fpFttzHwIAoM4P6fjnuWbjv0LU3he6L1tDGYqI+yPiYESciohDEfFARKXsQxHx8Cbrb1wkWT/+KVzfUmAblI7/XsrWturHf/noL4aKWe5AJf7+5OxcafZ49p6MRv+uND/Rpo4fX/39y1bHasd/6ZbWn48Fs3Zc79tV/5qZqcWpO4m51o1PI4b7msWfrK4EJBFxOCKGt1jH3DPfHm117Pbxt9GBdabyNxFPV8//cjTEn0var0+O747S7PHx/KpY79ffrr7Vqv47ir8D0vO/t+n1vxr/UFK7Xruw+Tqu/vlFyznNVq//geSdun0fTS0uXpqIGEjeqDa6dv9kQ7nJtfJp/KPHsvgH6vv/wVh7J45ERHoRPxIRj0bEY1nbH4+IJyLiWJv4f37lyfe3Fv/uNn+1M9L4ZzZ1/tcSA9G4p3mieP6n7+sqHdpo/JGd/5OV1Gi2ZyOffxtp19auZgAAAPj/KUTE/kgKY6vpQmFsrPob/kOxt1CaX1h89uz8hxdnqs8IDEV/Ib/TNVhzP3Qim9bn+cmG/InsvvFXxT2V/Nj0fGmm28FDj9vXov+n/ip2u3XAtvO8FvQu/R96l/4PvUv/h55U+ZVfk/6/pwttAbqg2ff/J11oB3D3NfR/y37QQ8z/oXfp/9C79H/oSQt74vYPyUtIrEtEYUc04x5MxI5oRrc/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrjvwAAAP//qSDljg==") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x30000ad, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 20.644426029s ago: executing program 2 (id=463): mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) munlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) munlock(&(0x7f0000281000/0x4000)=nil, 0x4000) 20.229682382s ago: executing program 2 (id=465): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0}) 20.172702533s ago: executing program 32 (id=465): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0}) 3.791018585s ago: executing program 5 (id=900): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x1, @dev={0xfe, 0x80, '\x00', 0x26}, 0x3}, 0x1c) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 3.723598905s ago: executing program 5 (id=902): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@access_uid}]}}) 3.654978435s ago: executing program 5 (id=903): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x7, 0x0, 0x80, {0x4000, 0x6000, 0x3}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9fae702d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b9f802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963cd14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb193213f4bccab1c34c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f0d9ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d579531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a785d820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37dfd149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646d7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f2729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab21842da1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91090004aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e69308000000f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336343f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15aa7a5c694e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd7128b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a99b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fb167fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabacfdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f8f4ed0b27cedd1c5e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"}) 3.537363656s ago: executing program 5 (id=904): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000003980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f00000001c0)=ANY=[@ANYBLOB='time_offset=0x0000000000000010,discard,gid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharset=cp932,dmask=00000000000000000070707,gid=', @ANYRESHEX=0x0, @ANYBLOB="0000000010", @ANYRESHEX=0x0, @ANYRES16, @ANYRESOCT=0x0, @ANYBLOB=',fmask=00000000000000000000005,\x00'], 0x1, 0x1528, &(0x7f00000002c0)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm9yWSRJLklySZIkSXJLSJrkSEJiyC1pSEJyGZLLEJLLxKRxv98vCUnSJElIbsn6fyb8nU6d/znnf/odv8+Z5/v57I/1vHs/az/7fd7L3tvMfNdlaM3Gtao1JCL4t+DFf5IAIBYABgLAdQAQAEC5+HLxWetzSkz693bC/lyPpF7tCtjVxP3P3rj/2Rv3P3vj/mdv3P/sjfufvXH/szfuP2PZ2ebpBa7nJfsufP8/O+Pv//8imaXGfrW21I1dAWL+2RTuf/bG/f+vFfwzG3H/szfuf3YVe7ULYP8L8Ps/O8jxd9dw/7M37j9j2dnVvv98tReIZO/n4Gq//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ9n/BUKAC6Pr3ZdjDHGGGOMMcYY+/P4HFe7AsYYY4wxxhhjjP3PQxAgQUEAMZADYiEnxIEAgGshN1wHEbge4uEGyAM3Ql7IB/mhACRAQSgEGgxYIAihMBSBKNwEReFmKAbFoQSUBAeloDTcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6oBQE2rBvVAb7oM6cD/UhQegHjwI9eEhaAAPQ0N4BBrBo9AYHoMm8Dg0hWbQHFpAy0v5Nf6l/JegB7wMPaEXJEFv6AOvQF/oB/1hAAyEV2EQvAaD4XVIhiEwFN6AYfAmDIe3YASMhFHwNoyGd2AMjIVxMB5SYAJMhHdhErwHk2EKTIVpkArTYQa8DzNhFsyGD2AOfAhzYR7MhwWQBh/BQlgE6fAxLIZPIAOWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EH7IRPYRd8BrthD+yFz2EffPEv5p/+m/yuCAgoUKBChTEYg7EYi3EYh7kwF+bG3BjBCMZjPObBPJgX82J+zI8JmICFsBAaNEhIWBgLYxSjWBSLYjEshiWwBDp0WBpLYxm8FctiWSyH5bA8lscKWBErYmWsjFWwClbFqlgNq2F1rI41sSbei/dib6yDdbAu1sV6WO/y7SlsiA2xETbCxtgYm2ATbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3tMxETsgB2wI3bETtgJO2Nn7IJdsCt2w26ZL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncASOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeBozcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO/BQVAH6Ge3APJuM+3If7cT8ewAN4EA9iJmbiITyEh/EwHsEjeBSP4jE8jifwOJ7Ek3gKT+MZPIPn8ByexxcSvmn0afE1ySCyKKFEjIgRsSJWxIk4kUvkErlFbhEREREv4kUekUfkFXlFfpFfJIgEUUgUEkYYQSKMAQARFVFRVBQVxUQxUUKUEE44UVqUFmVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4iszjQWQ7CJGIpNRTMhL32CtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Isbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BSfil3iM7Fb7BF7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihPhRnBQ/iVPitDgjzopz4mdxXvwiLggvQKIUUkolAxkjc8hYmVPGyWtkLhlcenavl/HyBplH3ijzynwyvywgE2RBWUhqaaSVJENZWBaRUXmTLCpvlsVkcVlClpROlpKl5S2yjLxVlpW3yXLydlle3iEryIqykqws75RV5F0SIhf3UV3WkDVlLXmvTIL7ZB15v6wrH5D15IOyvnxINpAPy4byEdlIPioby8dkE/m4bCqbyeayhWwpn5Ct5JOytWwj28qnZDv5tGwvn5GJ8lnZQfpLL5HnZWf5guwiX5RdZTfZXf4iL0gve8peEnqD7CNfkX1lP9lfDpAD5atykHxNDpavy2Q5RA6Vb8hh8k05XL4lR8iRcpR8W46W78gxcqwcJ8fLFDlBTpTvyknyPTlZTpFT5TSZKqfL/pdmmi3lP8x/9w/yB/+6901ys9wit8ptcrvcIXfKT+UuuUvulrvlXrlX7pP75H65Xx6QB+RBeVBmykx5SB6Sh+VheUQekUflUXlMHpdn5Y/ypPxJnpKn5Wl5Vp6T5+T5S88BKFRCSaVUoGJUDhWrcqo4dY3Kpa5VudV1KqKuV/HqBpVH3ajyqnwqvyqgElRBVUhpZZRVpEJVWBVRUXUTXnrBqBKqpHKqlCqtbvlX8lVRdbMqpor/Jv9yfUl/p76WqqVqpVqp1qq1aqvaqnaqnWqv2qtElag6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKkklqT7qFdVX9VP91QA1UL2qBqlBarAarJJVshqqhqphapgaroarEWqEGqVGqdFqtBqjxqhxapxKUSlqopqoJqlJarKarKaqqSpVpaoZaoaaqWaq2Wq2mqPmqLlqrpqv5qs0laYWqoUqXaWrxWqxylBL1BK1TC1TK9QKtUqtUmvUGrVOrVMb1AaVoTarzWqr2qq2q+1qp9qpdqldarfarfaqvWqf2qf2q/3qgDqgDqqDKlNlqkPqkDqsDqsj6og6qo6qY+qYOqFOqJPqpDqlTqkz6ow6p86p8+q8uqAuZJ32BSIQgQpUEBPEBLFBbBAXxAW5glxB7iB3EAkiQXwQH+QJbgzyBvmC/EGBICEoGBQKdGACG4hLTY8GNwVFg5uDYkHxoERQMnBBqaB0cEtQJrg1KBvcFpQLbg/KB3cEFYKKQaWgcnBnUCW4K6ga3B1UC+4Jqgc1gppBreDeoHZwX1AnuD+oGzwQ1AseDOoHDwUNgoeDhsEjQaPg0aBx8FjQJHg8aBo0C5oHLYKWf+r83p/K96TrqXvpJN1b99Gv6L66n+6vB+iB+lU9SL+mB+vXdbIeoofqN/Qw/aYert/SI/RIPUq/rUfrd/QYPVaP0+N1ip6gJ+p39ST9np6sp+ipeppO1dP1DP2+nqln6dn6Az1Hf6jn6nl6vl6g0/RHeqFepNP1x3qx/kRn6CV6qV6ml+sVeqVepVfrNXqtXqfX6w16o96kN+steqveprfrHXqn/lTv0p/p3XqP3qs/1/v0F3q//lIf0F/pg/prnam/0Yf0t/qw/k4f0d/ro/oHfUwf1yf0j/qk/kmf0qf1GX1Wn9M/6/P6F31B+6yT+6yvd6OMMjEmxsSaWBNn4kwuk8vkNrlNxERMvIk3eUwek9fkNflNfpNgEkwhU8hkIUOmsClsoiZqipqippgpZkqYEsYZZ0qb0qaMKWPKmrKmnClnypvypoKpYCqZSuZOc6e5y9xl7jZ3m3vMPaaGqWFqmVqmtqlt6pg6pq6pa+qZeqa+qW8amAamoWloGplGprFpbJqYJqapaWqam+ampWlpWplWprVpbdqatqadaWfam/Ym0SSaDqaD6Wg6mk6mk+lsOpsupovparqa7qa76WF6mJ6mp0kySaaP6WP6mr6mv+lvBpqBZpAZZAabwSbZJJuhZqgZZoaZ4Wa4GWFGmlFZJ6rmHTPGjDXjzHiTYlLMRDPRTDKTzGQz2Uw1U02qSTUzzAwz08w0s81sM8fMMXPNXDPfzDdpJs0sNAtNukk3i81ik2EyzFKz1Cw3y81Ks9KsNqvNWrPWrIf1ZqPZaDabzWar2Wq2m+1mp9lpdpldZrfZbfaavWaf2Wf2m/3mgDlgDpqDJtNkmkPmkDlsDpsj5og5ao6aY+aYOWFOmJPmpDllTpkz5ow5Z/Jd+r70JtbmtHH2GpvLXmtz2+vs38b5bQGbYAvaQlbbvDbfb2JjrS1mi9sStqR1tpQtbW/5XVzBVrSVbGV7p61i77JVfxfXtvfZOvZ+W9c+YGvZe38T17MP2vr2MdsAEcA2s41sC9vYPmab2MdtU9vMNrctbDv7tG1vn7GJ9lnbwT73u3ihXWRX2zV2rV1nd9s99ow9aw/b7+w5+7PtaXvZgfZVO8i+Zgfb122yHfK7eJR9246279gxdqwdZ8f/Lp5qp9lUO93OsO/bmXbW7+I0+5GdY9PtXDvPzrcLfo2zakq3H9vF9hObYQNYapfZ5XaFXWlX/d9al9kNdqPdZHfZz+xWu81utzvszssnwnaP3Ws/t/vsF/aQ/dYesF/Zg/aIzbTf/BpnHd8R+709an+wx+xxe8L+aE/an9Tl7Kxj/9H+Yi9Yb4GQgCQpCiiGclAs5aQ4uoZy0bWUm66jCF1P8XQD5aEbKS/lo/xUgBKoIBUiTYYsEYVUmIpQlG6iy+WVoJLkqBSVpluoDN1KZek2Kke3U3m6gypQRapElelOqkJ3UVW6m6rRPVSdalBNqkX3Um26j+rQ/VSXHqB69CDVp4eoAT1MDekRakSPUmN6jJrQ49SUmlFzakEt6QlqRU9Sa2pDbekpakdPU3t6hhLpWepAz1FH+gt1ouepM71AXehF6krdqDu9RD3oZepJvSiJelMfeoX6Uj/qTwNoIL1Kg+g1GkyvUzINoaH0Bg2jN2k4vUUjaCSNordpNL1DY2gsjaPxlEITaCK9S5PoPZpMU2gqTaNUmk4z6H2aSbNoNn1Ac+hDmkvzaD4toDT6iBbSIkqnj2kxfUIZtISW0jJaTitoJa2i1bSG1tI6Wk8baCNtos20hbbSNtpOO2gnfUq76DPaTXtoL31O++gL2k9f0gH6ig7S15RJ39Ah+pYO03d0hL73vegHOkbH6QT9SCfpJzpFp+kMnaVz9DOdp1/oAnmCEEMRylCFQRgT5ghjw5xhXHhNmCu8NswdXhdGwuvD+PCGME94Y5g3zBfmDwuECWHBsFCoQxPakMIwLBwWCaPhTWHR8OawWFg8LBGWDF1YKiwd3hKWCW8Ny4a3heXC28Py4R1hhbBi+NgDlcM7wyrhXWHV8O6wWnhPWD2sEdYMa4X3hrXD+8I64f1h3fCBsGz4YFg/fChsED4cNgwfCRuFj4aNw8fCJuHjYdOwWdg8bBG2DJ8IW4VPhq3DNmHb8KmwXfh02D58JkwMnw07hM/9uv7BRX9/fVLYO+wTvhK+Enp/v5wfXRBNi34UXRhdFE2PfhxdHP0kmhFdEl0aXRZdHl0RXRldFV0dXRNdG10XXR/dEN0Y3RT1vlYOcOiEk065wMW4HC7W5XRx7hqXy13rcrvrXMRd7+LdDS6Pu9HldflcflfAJbiCrpDTzjjryIWusCviou4mV9Td7Iq54q6EK+mcK+VKuxaupWvpWrknXWvXxrV1T7mn3NPuafeMe8Y96zq451xH9xfXyT3vOrsX3AvuRdfVdXPd3Uuuh5uQ++J7Msn1cX1cX9fX9Xf93UA30A1yg9xgN9glu2Q31A11w9wwN9wNdyPcCDfKjXKj3Wg3xo1x49w4l+JS3EQ30U1yk9xkN9lNdVNdqkt1M9wMN9PNdFVmXdzLXDfXzXfzXZpLcwtd1jljulvsFrsMl+GWuqVuuVvuVrqVbrVb7da6tW69W+82uo1us9vstrqtbrvb7na6nW6X2+V2++suTur2uf1uvzvgDriD7muX6b5xh9y37rD7zh1x37uj7gd3zB13J9yP7qT7yZ1yp90Zd9adcz+78+4Xd8F5lxKZEJkYeTcyKfJeZHJkSmRqZFokNTI9MiPyfmRmZFZkduSDyJzIh5G5kXmR+ZEFkbTIR5GFkUWR9MjHkcWRTyIZkSWRpZFlkeWRFRHvC24NfWFfxEf9Tb6ov9kX88V9CV/SO1/Kl/a3+DL+Vl/W3+bL+dt9eX+Hr+Ar+kr+cd/UN/PNfQvf0j/hW/knfWvfxrf1T/l2/mnf3j/jE/2zvoN/znf0f/Gd/PO+s3/Bd/Ev+q6+m+/uX/I9/Mu+p+/lk3xv38e/4vv6fr6/H+AH+lf9IP+aH+xf98l+iB/q3/DD/Jt+uH/Lj/Aj/aiYt/3oy5fIMN6n+Al+on/XT/Lv+cl+ip/qp/lUP93P8O/7mX6Wn+0/8HP8h36un+fn+wU+zX/kF/pFPt1/7Bf7T3yGX3L5prJf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf57X6H3+k/9bv8Z3633+P3+s/9Pv+F3++/9Af8V/6g/9pn+m/8If+tP+y/80f89/6o/8Ef88f9Cf+jP+l/8qf8aX/Gn/Xn/M/+vP/FX+DfWWOMMcYY+6dMuDIUv11z8XZ+7z/IEX+1cR8AuHZbgcy/Xp91Rrk+78VxP5HQLgIAz/bq8sjlpXr1pKSkS9tmSAiKzAO4/D9BWWIAYi+Pl0BbeBoSoQ2U+cP6+4lu5+gfzB+9HSDur3KyJo/73fxfAmDSH8z/xFOjFpYPz8T/P+afB1CsyJWcnHAlXgJtf72/0gbK/p3687X6B/Xn/CoFoPVf5eSCK/GV+kvDk/AcJP5mS8YYY4wxxhhj7KJ+olKny9efl3/i84+uzxPUlZwccCX+R9fnjDHGGGOMMcYYu/qe79b9mScSE9t0+tcHVf+/sv7pQRP4n5qZB3848B7g8iMKAP7NCQGyBvI/eRRb/iP7Sr701vnbVcvP+gD+d7Tyzxhc5Q8mxhhjjDHG2J/uykn/bx9XV6sgxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsG/pP/Dmxq32MjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2NX2fwIAAP//zPYC7g==") creat(&(0x7f00000000c0)='./bus\x00', 0x182) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket$packet(0x11, 0x3, 0x300) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) 3.418604737s ago: executing program 5 (id=905): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x40) pwrite64(r0, &(0x7f0000000140)='S', 0x1, 0x80fecc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0) sendfile(r1, r1, 0x0, 0x80000000) 3.135675089s ago: executing program 5 (id=906): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000100)=0x3ff, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x297f, 0x4) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 3.098514079s ago: executing program 33 (id=906): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000100)=0x3ff, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x297f, 0x4) sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) recvfrom(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.129120532s ago: executing program 6 (id=941): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x50) getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8) 1.067497843s ago: executing program 6 (id=944): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f9ffffff0000000000000000850000002c00000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r1, r2, 0x25, 0x0, @val=@iter={0x0}}, 0x20) syz_emit_ethernet(0xd81, &(0x7f0000000480)=ANY=[@ANYRES32=0x0, @ANYRESHEX], 0x0) 1.066325113s ago: executing program 1 (id=946): r0 = socket(0x2, 0x3, 0xff) setsockopt$inet_int(r0, 0x0, 0x3, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10) setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000000)=0x3, 0x4) recvfrom$inet(r0, 0x0, 0x0, 0x162, 0x0, 0x0) 1.045040263s ago: executing program 6 (id=947): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=@base={0x7, 0x4, 0x100, 0x401, 0x28}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000400)='sys_enter\x00', r1}, 0x18) r2 = gettid() tkill(r2, 0x12) 1.028676063s ago: executing program 1 (id=949): mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x20000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x20000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 899.200564ms ago: executing program 1 (id=952): syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T") r0 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80) r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) sendfile(r0, r0, 0x0, 0x1000000201005) 899.077653ms ago: executing program 6 (id=953): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0), 0x50) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x10, &(0x7f0000000680)=@framed={{0x18, 0x2}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 870.993994ms ago: executing program 6 (id=955): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xa, 0x4, 0x4, 0x6, 0x0, 0x1}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000800000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000080), &(0x7f0000000180)=r1}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) 801.991985ms ago: executing program 6 (id=957): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) r1 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x3138, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x3, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x4, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x2}}}}}]}}]}}, 0x0) syz_usb_control_io(r1, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f0000000000)={0x2c, &(0x7f0000000040)={0x20, 0x12, 0x5, {0x5, 0x1, "00f400"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 721.270845ms ago: executing program 3 (id=962): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000940)=ANY=[@ANYBLOB="01000000000000008504000000000093e100000000000000f54dd41470897bcd338976ea4ddde43a7580665fdedfabb422a58349d9"]) 692.891205ms ago: executing program 0 (id=963): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x12, 0xb, 0x4, 0x2}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000040)}, 0x20) 666.297445ms ago: executing program 0 (id=964): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) read$FUSE(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@user_xattr}, {@noquota}, {@dioread_nolock}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x70}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x24}}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x3fe}}, {@bh}, {@noinit_itable}]}, 0x3, 0x583, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbHb7+32bQilvX15eCj1Yqd00iT8qeKhH0WJBPdclmYaSTbdkN6WJBduDvXiRIohYEO969+ChePHoX1HQQpES9OBlZTazybbZJJt0Y2L384Fpn2dmNs8888z34Zl9dpgABtaJ7J9CxPGI+CyJONyxrRj5xhNL+y0+vjmRLUk0m+/9lkSSr2vvn+T/H8wz/4mIHz+JOF1YXW59fmG6Uq2ms3l+pDFzbaQ+v3DmykxlKp1Kr46Nj597ZXzs9dde7VtdX7z4x5fv3n/r3KcnF7/47uGRu0mcj0P5ts56PINbnZkTzWZ+Tkpx/qkdR/tQ2G6S7PQBsCVDeZyXIuJ46XCpHfXA8+/jiGgCAyrZZPzv1V/Ac6I9Dmjf2/fpPvgf49GbSzdAq+tfXPpuJPa17o0OLCZP3Bll97vDfSg/K+P7X+/dzZbo3/cQABu6dTsizhaLq/u/JO//tu5sD/s8XYb+D/4+97Pxz0vdxj+F5fFPdBn/HOwSu1uxcfwXHvahmDVl4783uo5/lyethofy3L9aY75ScvlKNc36tn9HxKko7c3y683nnFt80FxrW+f4L1uy8ttjwfw4Hhb3PvmZyUqj8ix17vTodsR/u45/k+X2T7q0f3Y+PuixjGPpvf+vtW3j+m+v5jcRL3Rt/5UZrWT9+cmR1vUw0r4qVvv9zrGf1yq/e/1/+mEbqtpV1v4H1q//cNI5X1vffBlf7/szXWvbVq//Pcn7rfSefN2NSqMxOxqxJ3ln9fqxlc+28+39s/qfOrl+/9ft+t8fER/2WP87R7/939brv72y+k9uqv03n3jw9kdfrVV+b+3/cit1Kl/TS//X6wE+y7kDAAAAAACA3aYQEYciKZRjX54uFMrlpd93HI0DhWqt3jh9uTZ3dTJaz8oOR6nQnuk+3PF7iNH897Dt/NhT+fGIOBIRnw/tb+XLE7Xq5E5XHgAAAAAAAAAAAAAAAAAAAHaJg8vP/8cTz/9nfhna6aMDtl1x6f3fwADa8JX//XjTE7ArbRj/wHNL/MPgEv8wuMQ/DKTWFJ/4h8El/mFwiX8YXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAA+urihQvZ0lx8fHMiy09en5+brl0/M5nWp8szcxPlidrstfJUrTZVTcsTtZmN/l61Vrs2OhZzN0Yaab0xUp9fuDRTm7vauHRlpjKVXkq9ZxwAAAAAAAAAAAAAAAAAAABWq88vTFeq1XS2D4lStZoWIqKXnSP6VOgAJrJ2u1Xs7TxvTyKJlTXF3XJaJPqa2OmeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW/BUAAP//2SsyHQ==") mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0) 536.351046ms ago: executing program 0 (id=967): mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=000000']) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x70bd2b, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x50, 0x87, 0x0, 0xee01}, {}, {0x0, 0x0, 0x0, 0x800000}, 0x4, 0x6e6bb8}}, 0xb8}}, 0x8004) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x60, 0x30, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x4}}}, 0xb8}}, 0x0) 504.787386ms ago: executing program 3 (id=968): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000700)=ANY=[@ANYBLOB='shortname=mixed,iocharset=iso8859-=winnt,uni_xlate=1,uni_xlate=1,nonumtail=0,utf8=0,errors=continue,utf8=1,check=strict,iocharset=cp855,utf8=0,iocharset=koi8-u,codepage=857,utf8=0,rodir,shortname=win95,\x00', @ANYRESOCT], 0x1, 0x2d4, &(0x7f0000002a80)="$eJzs3T9rZFUUAPDzkjdvZlWYKaxE8IEWVutmW5sJsgExlUsKtdDg7oJkgrALAf/g7Fa2NhYWfgJB8IPY+A0EW8HOVRauvH/MSzKJO8GJaH6/Jod7z3n3vJdL8lLkzgcvHh7cKePeo89/jtEoi41pTONxFpPYiM7DOGb6VQAA/2WPU4rfUuPMpOdOD2URMVpvawDAmpz9+7/sxfki/OHSWgMA1uT2O+++tb27e+vtshzFzuGXR3vVX/bV12Z++158FLO4GzdiHE8i6heFQdRvC1W4k1Ka52VlEq8czo/2qsrD939sr7/9a0RdvxXjmNRDKaW8C9LOm7u3tspGr35e9fFMu/60qr8Z43i+Xb99W+nqby6pj70iXn251//1GMdPH8bHMYs79dqL+i+2yvKN9PXvn71XdVXVZ/OjvWGdt5A2L/UbAwAAAAAAAAAAAAAAAAAAAADA/9r19uycYZSTP5szANvzdzafVPODKDuT4+fzNPVZd6H++UAppXmKb7vzdW6UZZnaxEV9Hi/k/YMFAQAAAAAAAAAAAAAAAAAA4Op68MmnB/uz2d37Fw6uxWKkOw0gj4g/bkdc9MrT3shLUQf5Wa0O2zX3Z7ONNjyek/dHYrPLySLObaO6iYs/loNVkq+d6rkNvvt+1dVHf58zWL7WPxl0u+tgP1v+DIfRjYzaTfJNEb2NVMRTrlWcNZVile1XLJ0ar3zvxbN1MD8nJ7LzGnv9l+bJtSPZybso6qfajLw2aHLbqUGb0ys/sTeeaj/HqCk//bMic1oHAAAAAAAAAAAAAAAAAACs1eK/f5dMPjq3dCMN19YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyqxef/rxDM2+KTU/GwGe8lF3H/wb95fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwNfwUAAP//ThJUUw==") r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x204280, 0x0) pidfd_send_signal(r0, 0x1d, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x41c001, 0x0) 491.542517ms ago: executing program 0 (id=969): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, r0}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x16, 0x18, &(0x7f0000000800)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@generic={0x0, 0xffffffffffffffff, 0x2000000}, 0x18) 478.086337ms ago: executing program 4 (id=970): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x0) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0) 459.013707ms ago: executing program 4 (id=971): mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) io_setup(0x4, &(0x7f00000014c0)=0x0) r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00') io_submit(r0, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) umount2(&(0x7f0000000040)='.\x00', 0x3) 427.670547ms ago: executing program 3 (id=972): r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r0, 0x400, 0x0) open(&(0x7f0000000000)='./file1\x00', 0x10b942, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r1, 0x400, 0x0) 411.224267ms ago: executing program 3 (id=973): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r1}, 0x18) io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6}) 395.408477ms ago: executing program 3 (id=974): r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x3000004, &(0x7f00000006c0)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0x1}}, {@fat=@time_offset={'time_offset', 0x3d, 0xfffffffffffffcde}}, {@nodots}, {@nodots}, {@fat=@errors_continue}, {@nodots}]}, 0x1, 0x2ba, &(0x7f0000000400)="$eJzs3c1OE1EUAODTPxhZKGvjYhI3roi6cN+YkhAnMcF0oSuboAvBmJRNYcVj6CvwSD4GK1iYMXSG8ldJTKcMlO9LyD3MYYZzp2mn05ybfn72fXvrx+7X/PfPOM7zaEccxMl4nGiUY2scL8VFBwEA3Debm4Pu5JdWraVQhcb1TcNhd9CJiOXJlm9/irF/eIuVAQAAAAAAAAAAUKGL/f9Jkhb9/8cRq9GctAOetZQ1Z+//T6qpGgCYxaX+fxbScNgdrJTv3y7T/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU5zjPn+Q3/NRdHwBQvYvX/1ZEXL3+N+suEACo3LT7/3aZc/8PAIvpps//k3D9B4BF9OHjp3fdLOttpmkScXQw6o/6xVjkW+XfpWm6er7X0WjU75Rx1nuVFq7mVyJifSPrvZ6aX4oXz4v8ae7t+2ycfxwRh79O88uxNf/pAwAAAAAAAAAAAAAAAAAAwJ2wlk5cWd9frPxfW/tXvojWN7Ley6nr+9vxtH1r0wAAAAAAAAAAAAAAAAAAAIB7bXdvf3uws/NluLsXZ8H+3IKl8r9WfuTmteKbMx85bxTFzv+0zBisVnfAaIyDR/Gfu2+8iUhiSmq5fMTvxImab9App3pX6pkpGD9TT/IaXpEAAAAAAAAAAAAAAAAAAODhOl/0ez3XqaMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKhBM86+/39vbkHdcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAehr8BAAD//9fyeoM=") r1 = fsmount(r0, 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000140)={@cgroup=r1, 0x22, 0x1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 379.971157ms ago: executing program 0 (id=975): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000001000000070000000c"], 0x50) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000640)={{r0}, &(0x7f00000005c0), &(0x7f0000000600)='%-5lx \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x18) alarm(0x6) 347.928767ms ago: executing program 4 (id=976): r0 = inotify_init() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000e000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) r2 = inotify_add_watch(r0, &(0x7f0000000280)='.\x00', 0x25000001) inotify_rm_watch(r0, r2) 346.025618ms ago: executing program 0 (id=977): timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0) timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=0x0) timer_settime(r0, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 334.480828ms ago: executing program 1 (id=978): r0 = openat$selinux_policy(0xffffff9c, &(0x7f00000004c0), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_buf(r1, 0x6, 0xb, 0x0, &(0x7f0000000180)) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x2) 264.438258ms ago: executing program 3 (id=979): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328) setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f00000001c0)=0x8, 0x4) 243.855119ms ago: executing program 4 (id=980): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r0}, &(0x7f0000000400), &(0x7f0000000480)}, 0x20) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r1}, 0xc) 222.890948ms ago: executing program 4 (id=981): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0) 181.966949ms ago: executing program 1 (id=982): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$incfs(&(0x7f0000000240)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000005c0), 0x0, 0x0) 103.507039ms ago: executing program 1 (id=983): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_tracing={0x1a, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x41100, 0x4d, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x127ab, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94) 0s ago: executing program 4 (id=984): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x1, 0x5, 0x2, 0x4, 0x5}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000001180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, [@call={0x85, 0x0, 0x0, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) kernel console output (not intermixed with test programs): and is ignored by this kernel. Remove the mand [ 28.705414][ T505] option from the mount to silence this warning. [ 28.705414][ T505] ======================================================= [ 28.769055][ T513] loop3: detected capacity change from 0 to 1024 [ 28.812555][ T513] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 28.853364][ T287] EXT4-fs (loop3): unmounting filesystem. [ 28.893530][ T505] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 28.921794][ T505] ext4 filesystem being mounted at /18/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 29.003729][ T536] loop0: detected capacity change from 0 to 256 [ 29.052054][ T536] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18d7c, utbl_chksum : 0xe619d30d) [ 29.088914][ T283] EXT4-fs (loop1): unmounting filesystem. [ 29.158861][ T19] kernel write not supported for file /ppp (pid: 19 comm: kworker/0:1) [ 29.330510][ T574] loop3: detected capacity change from 0 to 1024 [ 29.353483][ T574] EXT4-fs: Ignoring removed i_version option [ 29.371308][ T574] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 29.420185][ T574] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 29.494322][ T574] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3836: comm syz.3.101: Allocating blocks 497-513 which overlap fs metadata [ 29.532197][ T574] EXT4-fs (loop3): pa ffff888116d14000: logic 256, phys. 385, len 8 [ 29.540332][ T574] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1 [ 29.570248][ T560] loop4: detected capacity change from 0 to 40427 [ 29.586455][ T560] F2FS-fs (loop4): Invalid SB checksum offset: 0 [ 29.598669][ T578] loop1: detected capacity change from 0 to 40427 [ 29.601594][ T560] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 29.615919][ T578] F2FS-fs (loop1): fault_injection options not supported [ 29.627632][ T560] F2FS-fs (loop4): invalid crc value [ 29.633774][ T578] F2FS-fs (loop1): invalid crc value [ 29.642409][ T578] F2FS-fs (loop1): Found nat_bits in checkpoint [ 29.644914][ T560] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 29.678589][ T287] EXT4-fs (loop3): unmounting filesystem. [ 29.706568][ T578] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 29.714215][ T560] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 29.721490][ T560] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 29.790880][ T289] syz-executor: attempt to access beyond end of device [ 29.790880][ T289] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 29.806507][ T283] syz-executor: attempt to access beyond end of device [ 29.806507][ T283] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 29.941175][ T597] loop3: detected capacity change from 0 to 2048 [ 29.969784][ T597] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 29.983411][ T597] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.109: bg 0: block 234: padding at end of block bitmap is not set [ 29.998677][ T597] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28 [ 30.011060][ T597] EXT4-fs (loop3): This should not happen!! Data will be lost [ 30.011060][ T597] [ 30.027398][ T597] EXT4-fs (loop3): Total free blocks count 0 [ 30.033881][ T597] EXT4-fs (loop3): Free/Dirty block details [ 30.040016][ T597] EXT4-fs (loop3): free_blocks=0 [ 30.045117][ T597] EXT4-fs (loop3): dirty_blocks=48 [ 30.050272][ T597] EXT4-fs (loop3): Block reservation details [ 30.056410][ T597] EXT4-fs (loop3): i_reserved_data_blocks=3 [ 30.098315][ T287] EXT4-fs (loop3): unmounting filesystem. [ 30.214655][ T19] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 30.231581][ T625] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 30.261608][ T625] FAT-fs (loop5): unable to read boot sector [ 30.317641][ T611] loop0: detected capacity change from 0 to 40427 [ 30.330018][ T611] F2FS-fs (loop0): heap/no_heap options were deprecated [ 30.337524][ T611] F2FS-fs (loop0): fault_injection options not supported [ 30.346818][ T611] F2FS-fs (loop0): heap/no_heap options were deprecated [ 30.357466][ T611] F2FS-fs (loop0): invalid crc value [ 30.383788][ T611] F2FS-fs (loop0): Found nat_bits in checkpoint [ 30.405642][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 30.424529][ T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 30.444508][ T19] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 30.457911][ T306] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 30.478057][ T19] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 30.484785][ T611] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 30.500913][ T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 30.535683][ T19] usb 5-1: config 0 descriptor?? [ 30.559030][ T623] loop1: detected capacity change from 0 to 40427 [ 30.574857][ T623] F2FS-fs (loop1): fault_injection options not supported [ 30.592988][ T623] F2FS-fs (loop1): invalid crc value [ 30.613858][ T623] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 30.665461][ T636] kvm [635]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x2900000007 [ 30.665918][ T306] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 30.686753][ T623] F2FS-fs (loop1): Start checkpoint disabled! [ 30.694254][ T623] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 30.706386][ T306] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 30.724766][ T306] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 30.740749][ T306] usb 4-1: Product: syz [ 30.747416][ T306] usb 4-1: Manufacturer: syz [ 30.752678][ T306] usb 4-1: SerialNumber: syz [ 30.760216][ T640] syz.0.121 (640) used greatest stack depth: 21824 bytes left [ 30.780822][ T8] kworker/u4:0: attempt to access beyond end of device [ 30.780822][ T8] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 30.788891][ T642] loop0: detected capacity change from 0 to 1024 [ 30.832842][ T642] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 30.843053][ T642] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 30.870062][ T642] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #15: block 3: comm syz.0.123: lblock 3 mapped to illegal pblock 3 (length 3) [ 30.885195][ T642] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 30.903661][ T642] EXT4-fs (loop0): This should not happen!! Data will be lost [ 30.903661][ T642] [ 30.930726][ T642] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #15: comm syz.0.123: lblock 0 mapped to illegal pblock 0 (length 3) [ 30.949559][ T19] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 30.967991][ T19] plantronics 0003:047F:FFFF.0001: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 30.995731][ T654] loop1: detected capacity change from 0 to 1024 [ 31.020617][ T340] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:3: lblock 8 mapped to illegal pblock 8 (length 8) [ 31.043248][ T340] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 31.043999][ T654] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 31.056198][ T340] EXT4-fs (loop0): This should not happen!! Data will be lost [ 31.056198][ T340] [ 31.074635][ T654] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.076109][ T288] EXT4-fs (loop0): unmounting filesystem. [ 31.095462][ T654] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.124: bg 0: block 480: padding at end of block bitmap is not set [ 31.143337][ T654] EXT4-fs (loop1): Remounting filesystem read-only [ 31.197360][ T283] EXT4-fs (loop1): unmounting filesystem. [ 31.251425][ T669] netlink: 16 bytes leftover after parsing attributes in process `syz.2.132'. [ 31.267605][ T19] usb 5-1: USB disconnect, device number 2 [ 31.293987][ T673] SELinux: policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c [ 31.314530][ T673] SELinux: failed to load policy [ 31.363802][ T679] loop1: detected capacity change from 0 to 512 [ 31.401859][ T679] EXT4-fs error (device loop1): ext4_orphan_get:1426: comm syz.1.137: bad orphan inode 11862016 [ 31.415419][ T679] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 31.424836][ T679] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.452684][ T679] EXT4-fs (loop1): shut down requested (2) [ 31.474523][ T665] loop0: detected capacity change from 0 to 40427 [ 31.485733][ T665] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 31.494050][ T665] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 31.506776][ T283] EXT4-fs (loop1): unmounting filesystem. [ 31.522106][ T665] F2FS-fs (loop0): invalid crc value [ 31.557006][ T693] Driver unsupported XDP return value 0 on prog (id 70) dev N/A, expect packet loss! [ 31.570501][ T665] F2FS-fs (loop0): Found nat_bits in checkpoint [ 31.575793][ T695] input: syz1 as /devices/virtual/input/input5 [ 31.646541][ T699] loop2: detected capacity change from 0 to 1024 [ 31.653276][ T665] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 31.661401][ T665] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 31.693113][ T699] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 31.701898][ T699] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.736197][ T290] EXT4-fs (loop2): unmounting filesystem. [ 31.789810][ T306] cdc_ncm 4-1:1.0: failed to get mac address [ 31.797829][ T306] cdc_ncm 4-1:1.0: bind() failure [ 31.823023][ T306] cdc_ncm: probe of 4-1:1.1 failed with error -71 [ 31.846050][ T306] cdc_mbim: probe of 4-1:1.1 failed with error -71 [ 31.867166][ T714] loop1: detected capacity change from 0 to 1024 [ 31.867464][ T306] usb 4-1: USB disconnect, device number 2 [ 31.927418][ T714] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 31.943787][ T714] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 31.970639][ T714] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 32.001673][ T714] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 35 with error 28 [ 32.021933][ T721] loop0: detected capacity change from 0 to 4096 [ 32.030261][ T714] EXT4-fs (loop1): This should not happen!! Data will be lost [ 32.030261][ T714] [ 32.042102][ T714] EXT4-fs (loop1): Total free blocks count 0 [ 32.048571][ T714] EXT4-fs (loop1): Free/Dirty block details [ 32.052492][ T721] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 32.054908][ T714] EXT4-fs (loop1): free_blocks=4293918720 [ 32.069387][ T714] EXT4-fs (loop1): dirty_blocks=64 [ 32.074729][ T714] EXT4-fs (loop1): Block reservation details [ 32.080749][ T714] EXT4-fs (loop1): i_reserved_data_blocks=4 [ 32.136326][ T721] EXT4-fs error (device loop0): ext4_do_update_inode:5256: inode #15: comm syz.0.145: corrupted inode contents [ 32.153364][ T8] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:0: lblock 40 mapped to illegal pblock 8 (length 8) [ 32.169791][ T8] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 40 with max blocks 8 with error 117 [ 32.183703][ T721] EXT4-fs error (device loop0): ext4_dirty_inode:6121: inode #15: comm syz.0.145: mark_inode_dirty error [ 32.197561][ T726] syz.4.153 uses obsolete (PF_INET,SOCK_PACKET) [ 32.220852][ T730] EXT4-fs (loop0): shut down requested (1) [ 32.242378][ T721] EXT4-fs error (device loop0): ext4_do_update_inode:5256: inode #15: comm syz.0.145: corrupted inode contents [ 32.303896][ T288] EXT4-fs (loop0): unmounting filesystem. [ 32.314971][ T727] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 32.364571][ T740] loop0: detected capacity change from 0 to 256 [ 32.386916][ T740] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 32.416397][ T712] syz.2.150 (712) used greatest stack depth: 20896 bytes left [ 32.530380][ T751] loop2: detected capacity change from 0 to 512 [ 32.532880][ T743] loop3: detected capacity change from 0 to 8192 [ 32.555160][ T743] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 32.572951][ T743] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 32.591451][ T743] FAT-fs (loop3): Filesystem has been set read-only [ 32.627102][ T751] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 32.643116][ T751] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 32.689693][ T290] EXT4-fs (loop2): unmounting filesystem. [ 32.766088][ T775] loop2: detected capacity change from 0 to 512 [ 32.773103][ T775] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 32.786468][ T775] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 32.797831][ T775] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 32.811250][ T775] EXT4-fs (loop2): 1 truncate cleaned up [ 32.817076][ T775] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 32.841334][ T28] kauditd_printk_skb: 98 callbacks suppressed [ 32.841350][ T28] audit: type=1400 audit(1762412137.093:236): avc: denied { create } for pid=777 comm="syz.3.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 32.868516][ T28] audit: type=1400 audit(1762412137.093:237): avc: denied { setopt } for pid=777 comm="syz.3.174" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 32.888826][ T290] EXT4-fs (loop2): unmounting filesystem. [ 32.939614][ T787] loop2: detected capacity change from 0 to 512 [ 32.941452][ T788] loop3: detected capacity change from 0 to 1024 [ 32.949810][ T28] audit: type=1400 audit(1762412137.213:238): avc: denied { mounton } for pid=785 comm="syz.2.178" path="/34/file0" dev="tmpfs" ino=196 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 32.979629][ T787] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.178: bg 0: block 393: padding at end of block bitmap is not set [ 32.994152][ T787] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 32.996117][ T788] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 33.003614][ T787] EXT4-fs (loop2): 2 truncates cleaned up [ 33.011569][ T788] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 33.017595][ T787] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 33.027752][ T684] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 33.052043][ T788] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 3: comm syz.3.179: lblock 3 mapped to illegal pblock 3 (length 1) [ 33.052156][ T787] EXT4-fs (loop2): unmounting filesystem. [ 33.067014][ T788] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117 [ 33.084451][ T788] EXT4-fs (loop3): This should not happen!! Data will be lost [ 33.084451][ T788] [ 33.102495][ T287] EXT4-fs (loop3): unmounting filesystem. [ 33.198038][ T28] audit: type=1400 audit(1762412137.453:239): avc: denied { write } for pid=799 comm="syz.2.183" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 33.243640][ T803] loop3: detected capacity change from 0 to 1024 [ 33.254559][ T684] usb 5-1: Using ep0 maxpacket: 32 [ 33.260768][ T803] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 33.272795][ T684] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 33.283933][ T684] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 33.294243][ T684] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 33.303620][ T684] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 33.315006][ T803] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 33.330802][ T684] usb 5-1: config 0 descriptor?? [ 33.366232][ T287] EXT4-fs (loop3): unmounting filesystem. [ 33.452216][ T818] loop1: detected capacity change from 0 to 128 [ 33.473318][ T818] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 33.509758][ T818] ext4 filesystem being mounted at /46/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 33.547432][ T28] audit: type=1400 audit(1762412137.803:240): avc: denied { watch } for pid=817 comm="syz.1.189" path="/46/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 33.602612][ T283] EXT4-fs (loop1): unmounting filesystem. [ 33.763608][ T28] audit: type=1400 audit(1762412138.013:241): avc: denied { create } for pid=842 comm="syz.0.200" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=key permissive=1 [ 33.794756][ T684] savu 0003:1E7D:2D5A.0002: hiddev96,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0 [ 33.973025][ T868] loop0: detected capacity change from 0 to 1024 [ 33.987703][ T868] EXT4-fs: Ignoring removed orlov option [ 34.003804][ T868] EXT4-fs: Ignoring removed nomblk_io_submit option [ 34.034503][ T868] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 34.064934][ T288] EXT4-fs (loop0): unmounting filesystem. [ 34.070957][ T306] usb 5-1: USB disconnect, device number 3 [ 34.103439][ T884] loop0: detected capacity change from 0 to 16 [ 34.103997][ T28] audit: type=1400 audit(1762412138.353:242): avc: denied { name_bind } for pid=885 comm="syz.2.218" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 34.118508][ T884] erofs: (device loop0): mounted with root inode @ nid 36. [ 34.169374][ T884] overlayfs: upper fs is r/o, try multi-lower layers mount [ 34.197898][ T890] tipc: Started in network mode [ 34.202962][ T890] tipc: Node identity ac14142f, cluster identity 4711 [ 34.210769][ T890] tipc: New replicast peer: 0.0.0.0 [ 34.216551][ T890] tipc: Enabled bearer , priority 10 [ 34.233818][ T890] tipc: New replicast peer: 0000:0000:0000:0000:0000:0000:0000:0000 [ 34.289461][ T28] audit: type=1400 audit(1762412138.543:243): avc: denied { mount } for pid=900 comm="syz.2.226" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 34.378533][ T910] loop1: detected capacity change from 0 to 16 [ 34.386838][ T910] erofs: (device loop1): mounted with root inode @ nid 36. [ 34.398252][ T910] overlayfs: upper fs is r/o, try multi-lower layers mount [ 34.576333][ T351] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 34.634473][ T60] usb 3-1: new full-speed USB device number 2 using dummy_hcd [ 34.748961][ T927] loop4: detected capacity change from 0 to 1024 [ 34.759831][ T927] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 34.765735][ T351] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 34.791784][ T351] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 34.802460][ T351] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 34.807368][ T916] loop1: detected capacity change from 0 to 40427 [ 34.811845][ T351] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 34.826585][ T351] usb 1-1: Product: syz [ 34.826892][ T916] F2FS-fs (loop1): Invalid SB checksum offset: 0 [ 34.830923][ T351] usb 1-1: Manufacturer: syz [ 34.842422][ T351] usb 1-1: SerialNumber: syz [ 34.846246][ T927] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 34.847702][ T60] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 34.865347][ T916] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 34.883236][ T60] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 34.888621][ T916] F2FS-fs (loop1): invalid crc value [ 34.892656][ T60] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 34.909536][ T60] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 34.910952][ T289] EXT4-fs (loop4): unmounting filesystem. [ 34.921834][ T60] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 34.933234][ T916] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 34.945529][ T908] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 34.955662][ T60] hub 3-1:1.0: bad descriptor, ignoring hub [ 34.961625][ T60] hub: probe of 3-1:1.0 failed with error -5 [ 34.967922][ T60] cdc_wdm 3-1:1.0: skipping garbage [ 34.973289][ T60] cdc_wdm 3-1:1.0: skipping garbage [ 34.990123][ T60] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 34.997033][ T916] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 35.012043][ T916] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 35.048802][ T940] loop4: detected capacity change from 0 to 1024 [ 35.068083][ T283] syz-executor: attempt to access beyond end of device [ 35.068083][ T283] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 35.077426][ T940] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 35.093860][ T940] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 35.094013][ T351] usb 1-1: 0:2 : does not exist [ 35.127411][ T940] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 3: comm syz.4.240: lblock 3 mapped to illegal pblock 3 (length 3) [ 35.127429][ T351] usb 1-1: 5:0: failed to get current value for ch 0 (-22) [ 35.134518][ T351] usb 1-1: USB disconnect, device number 2 [ 35.171159][ T940] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 35.171612][ T908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 35.183586][ T940] EXT4-fs (loop4): This should not happen!! Data will be lost [ 35.183586][ T940] [ 35.202755][ T943] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: comm syz.4.240: lblock 0 mapped to illegal pblock 0 (length 3) [ 35.216209][ T436] tipc: Node number set to 2886997039 [ 35.218937][ T908] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 35.229573][ T24] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 35.248805][ T945] loop1: detected capacity change from 0 to 1024 [ 35.261315][ T945] EXT4-fs: Ignoring removed i_version option [ 35.268004][ T727] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:5: lblock 8 mapped to illegal pblock 8 (length 8) [ 35.268231][ T945] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 35.283004][ T727] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 35.306197][ T727] EXT4-fs (loop4): This should not happen!! Data will be lost [ 35.306197][ T727] [ 35.317088][ T289] EXT4-fs (loop4): unmounting filesystem. [ 35.336510][ T948] loop4: detected capacity change from 0 to 256 [ 35.346374][ T945] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 35.375320][ T353] udevd[353]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 35.386963][ T945] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3836: comm syz.1.241: Allocating blocks 497-513 which overlap fs metadata [ 35.405368][ T945] EXT4-fs (loop1): pa ffff8881320a6690: logic 256, phys. 385, len 8 [ 35.413522][ T945] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1 [ 35.423652][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 35.433567][ T436] usb 3-1: USB disconnect, device number 2 [ 35.435607][ T24] usb 4-1: config 0 has no interfaces? [ 35.444998][ T24] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 35.455687][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 35.470159][ T24] usb 4-1: config 0 descriptor?? [ 35.484378][ T283] EXT4-fs (loop1): unmounting filesystem. [ 35.681068][ T24] usb 4-1: USB disconnect, device number 3 [ 35.818520][ T28] audit: type=1400 audit(1762412140.073:244): avc: denied { append } for pid=984 comm="syz.1.258" name="loop1" dev="devtmpfs" ino=119 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 35.879296][ T989] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 35.892507][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 35.907455][ T28] audit: type=1400 audit(1762412140.163:245): avc: denied { unmount } for pid=283 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 35.911899][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 35.938347][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 35.946641][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 35.955068][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 35.963398][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 35.972035][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 35.982009][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 35.994590][ T351] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 35.996577][ T992] raw_sendmsg: syz.1.261 forgot to set AF_INET. Fix it! [ 36.064626][ T436] usb 1-1: new low-speed USB device number 3 using dummy_hcd [ 36.119859][ T996] IPv6: sit1: Disabled Multicast RS [ 36.174537][ T351] usb 5-1: Using ep0 maxpacket: 16 [ 36.180887][ T351] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 36.189742][ T351] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 36.207260][ T351] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 36.228901][ T351] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 36.240306][ T351] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 36.255783][ T351] usb 5-1: Product: syz [ 36.257803][ T436] usb 1-1: config 0 has no interfaces? [ 36.260579][ T351] usb 5-1: Manufacturer: syz [ 36.270433][ T351] usb 5-1: SerialNumber: syz [ 36.275296][ T436] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 36.309834][ T436] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 36.319076][ T436] usb 1-1: config 0 descriptor?? [ 36.327003][ T1009] loop2: detected capacity change from 0 to 1024 [ 36.365731][ T1009] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 36.420943][ T1009] EXT4-fs (loop2): shut down requested (2) [ 36.459576][ T290] EXT4-fs (loop2): unmounting filesystem. [ 36.598497][ T60] usb 1-1: USB disconnect, device number 3 [ 36.603574][ T1046] loop2: detected capacity change from 0 to 128 [ 36.628030][ T1048] input: syz0 as /devices/virtual/input/input6 [ 36.691307][ T351] usb 5-1: 0:2 : does not exist [ 36.762119][ T1070] loop2: detected capacity change from 0 to 256 [ 36.772309][ T1070] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 36.894480][ T306] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 37.057996][ T1075] loop2: detected capacity change from 0 to 40427 [ 37.075611][ T1075] F2FS-fs (loop2): invalid crc value [ 37.085640][ T306] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 37.096898][ T306] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 37.097138][ T1075] F2FS-fs (loop2): Found nat_bits in checkpoint [ 37.128252][ T306] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 37.160967][ T306] usb 4-1: config 0 descriptor?? [ 37.200076][ T1088] loop0: detected capacity change from 0 to 1024 [ 37.223772][ T1088] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 37.242976][ T1075] F2FS-fs (loop2): Start checkpoint disabled! [ 37.253447][ T1075] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 37.280621][ T1088] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 37.290412][ T1075] F2FS-fs (loop2): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled [ 37.318543][ T351] usb 5-1: USB disconnect, device number 4 [ 37.326165][ T288] EXT4-fs (loop0): unmounting filesystem. [ 37.340170][ T10] kworker/u4:1: attempt to access beyond end of device [ 37.340170][ T10] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 37.369387][ T306] usbhid 4-1:0.0: can't add hid device: -71 [ 37.376264][ T306] usbhid: probe of 4-1:0.0 failed with error -71 [ 37.394243][ T306] usb 4-1: USB disconnect, device number 4 [ 37.514525][ T436] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 37.706317][ T436] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 37.716643][ T436] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 37.726688][ T436] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 37.736236][ T436] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 37.744888][ T436] usb 2-1: SerialNumber: syz [ 37.744917][ T1109] netlink: 32 bytes leftover after parsing attributes in process `syz.0.310'. [ 37.784337][ T1113] device veth0_to_bridge entered promiscuous mode [ 37.791454][ T1112] device veth0_to_bridge left promiscuous mode [ 37.956656][ T436] usb 2-1: 0:2 : does not exist [ 37.964515][ T306] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 37.972826][ T436] usb 2-1: USB disconnect, device number 2 [ 38.114516][ T24] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 38.155687][ T306] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 38.166723][ T306] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 38.176021][ T306] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 38.184694][ T306] usb 4-1: config 0 descriptor?? [ 38.295704][ T24] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 38.305911][ T24] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 38.316390][ T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 38.325512][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 38.333583][ T24] usb 5-1: Product: syz [ 38.337808][ T24] usb 5-1: Manufacturer: syz [ 38.342437][ T24] usb 5-1: SerialNumber: syz [ 38.551872][ T24] usb 5-1: 0:2 : does not exist [ 38.574282][ T1147] input: syz1 as /devices/virtual/input/input8 [ 38.581991][ T24] usb 5-1: 5:0: failed to get current value for ch 0 (-22) [ 38.599709][ T306] usbhid 4-1:0.0: can't add hid device: -71 [ 38.606983][ T24] usb 5-1: USB disconnect, device number 5 [ 38.613855][ T306] usbhid: probe of 4-1:0.0 failed with error -71 [ 38.634258][ T306] usb 4-1: USB disconnect, device number 5 [ 38.794529][ T60] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 38.824986][ T1052] udevd[1052]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 38.974494][ T60] usb 2-1: Using ep0 maxpacket: 16 [ 38.980909][ T60] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 38.989706][ T60] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 38.999849][ T60] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 39.010246][ T60] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 39.014517][ T436] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 39.019349][ T60] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 39.034860][ T60] usb 2-1: Product: syz [ 39.039189][ T60] usb 2-1: Manufacturer: syz [ 39.043794][ T60] usb 2-1: SerialNumber: syz [ 39.091941][ T1166] netlink: 104 bytes leftover after parsing attributes in process `syz.4.336'. [ 39.091945][ T28] kauditd_printk_skb: 7 callbacks suppressed [ 39.091958][ T28] audit: type=1400 audit(1762412143.343:253): avc: denied { nlmsg_read } for pid=1165 comm="syz.4.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 39.225813][ T436] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 39.237016][ T436] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 39.247233][ T436] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 39.262693][ T436] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 39.272036][ T436] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 39.286095][ T436] usb 3-1: config 0 descriptor?? [ 39.463060][ T60] usb 2-1: 0:2 : does not exist [ 39.546522][ T1192] netlink: 44 bytes leftover after parsing attributes in process `syz.0.346'. [ 39.620718][ T1197] loop3: detected capacity change from 0 to 512 [ 39.628182][ T1197] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 39.638080][ T1197] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.348: bad orphan inode 15 [ 39.652157][ T1197] ext4_test_bit(bit=14, block=5) = 0 [ 39.657696][ T1197] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 39.671973][ T1197] EXT4-fs error (device loop3): __ext4_new_inode:1075: comm syz.3.348: reserved inode found cleared - inode=1 [ 39.685532][ T1197] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 7987 vs 220 free clusters [ 39.701656][ T436] plantronics 0003:047F:FFFF.0003: unknown main item tag 0xd [ 39.702036][ T1197] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem [ 39.711574][ T436] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 39.728283][ T436] plantronics 0003:047F:FFFF.0003: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 39.746790][ T287] EXT4-fs (loop3): unmounting filesystem. [ 39.975958][ T351] usb 3-1: USB disconnect, device number 3 [ 40.003744][ T28] audit: type=1400 audit(1762412144.253:254): avc: denied { create } for pid=1220 comm="syz.0.357" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 40.024766][ T28] audit: type=1400 audit(1762412144.253:255): avc: denied { read write } for pid=1220 comm="syz.0.357" name="file1" dev="tmpfs" ino=485 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 40.047660][ T28] audit: type=1400 audit(1762412144.253:256): avc: denied { open } for pid=1220 comm="syz.0.357" path="/89/file1" dev="tmpfs" ino=485 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 40.070889][ T436] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 40.077538][ T60] usb 2-1: USB disconnect, device number 3 [ 40.248304][ T28] audit: type=1400 audit(1762412144.503:257): avc: denied { bind } for pid=1240 comm="syz.4.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 40.265600][ T436] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 40.285246][ T353] udevd[353]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 40.287916][ T436] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 40.320194][ T436] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 40.329641][ T436] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 40.338254][ T436] usb 4-1: Product: syz [ 40.342778][ T436] usb 4-1: Manufacturer: syz [ 40.347824][ T436] usb 4-1: SerialNumber: syz [ 40.378428][ T1247] capability: warning: `syz.4.371' uses 32-bit capabilities (legacy support in use) [ 40.459487][ T28] audit: type=1400 audit(1762412144.713:258): avc: denied { read } for pid=1252 comm="syz.4.374" dev="nsfs" ino=4026532491 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 40.510999][ T28] audit: type=1400 audit(1762412144.713:259): avc: denied { open } for pid=1252 comm="syz.4.374" path="net:[4026532491]" dev="nsfs" ino=4026532491 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 40.543560][ T1239] loop0: detected capacity change from 0 to 40427 [ 40.561083][ T436] usb 4-1: 0:2 : does not exist [ 40.584108][ T1239] F2FS-fs (loop0): invalid crc value [ 40.594590][ T436] usb 4-1: 5:0: failed to get current value for ch 0 (-22) [ 40.627556][ T436] usb 4-1: USB disconnect, device number 6 [ 40.642936][ T1239] F2FS-fs (loop0): Found nat_bits in checkpoint [ 40.676071][ T28] audit: type=1326 audit(1762412144.923:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1273 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae3b8f6c9 code=0x7ffc0000 [ 40.711632][ T28] audit: type=1326 audit(1762412144.923:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1273 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ae3b8f6c9 code=0x7ffc0000 [ 40.755326][ T28] audit: type=1326 audit(1762412144.923:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1273 comm="syz.1.382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7f9ae3b8f6c9 code=0x7ffc0000 [ 40.781951][ T1282] netlink: 'syz.4.386': attribute type 27 has an invalid length. [ 40.792646][ T1239] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 40.801502][ T1282] netlink: 36 bytes leftover after parsing attributes in process `syz.4.386'. [ 40.852180][ T353] udevd[353]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory [ 40.873021][ T1239] syz.0.367: attempt to access beyond end of device [ 40.873021][ T1239] loop0: rw=0, sector=77824, nr_sectors = 8 limit=40427 [ 40.926008][ T288] syz-executor: attempt to access beyond end of device [ 40.926008][ T288] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 40.967807][ T1300] input: syz1 as /devices/virtual/input/input10 [ 41.090083][ T1318] input: syz1 as /devices/virtual/input/input11 [ 41.105142][ T1318] input: failed to attach handler leds to device input11, error: -6 [ 41.211665][ T1326] netlink: 40 bytes leftover after parsing attributes in process `syz.3.410'. [ 41.238292][ T1329] loop2: detected capacity change from 0 to 2048 [ 41.250863][ T1326] netlink: 32 bytes leftover after parsing attributes in process `syz.3.410'. [ 41.263466][ T1335] loop1: detected capacity change from 0 to 128 [ 41.271183][ T1335] EXT4-fs: Ignoring removed nobh option [ 41.309484][ T1335] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 41.319363][ T1329] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 41.336104][ T1329] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 41.347101][ T1335] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 41.374867][ T1346] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.431713][ T283] EXT4-fs (loop1): unmounting filesystem. [ 41.535448][ T290] EXT4-fs (loop2): unmounting filesystem. [ 41.694334][ T1387] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 41.702762][ T1387] device bridge_slave_0 left promiscuous mode [ 41.709817][ T1387] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.720247][ T1387] device bridge_slave_1 left promiscuous mode [ 41.726899][ T1387] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.823193][ T1400] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 41.851868][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 41.861076][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.868188][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.878427][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 41.887024][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 41.895463][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 41.903772][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 41.917176][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 41.929944][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 41.942884][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 41.956779][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 42.010901][ T1408] netlink: 165 bytes leftover after parsing attributes in process `syz.1.441'. [ 42.156588][ T1423] loop1: detected capacity change from 0 to 512 [ 42.172190][ T1423] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.448: casefold flag without casefold feature [ 42.185504][ T1423] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.448: couldn't read orphan inode 15 (err -117) [ 42.197588][ T1423] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 42.199061][ T1429] netlink: 28 bytes leftover after parsing attributes in process `syz.4.450'. [ 42.215791][ T1429] netlink: 28 bytes leftover after parsing attributes in process `syz.4.450'. [ 42.228556][ T283] EXT4-fs (loop1): unmounting filesystem. [ 42.324501][ T351] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 42.375470][ T1449] SELinux: Context @ is not valid (left unmapped). [ 42.414559][ T436] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 42.420038][ T1453] loop2: detected capacity change from 0 to 512 [ 42.432582][ T1453] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 42.444074][ T1453] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 42.455968][ T1453] EXT4-fs (loop2): 1 truncate cleaned up [ 42.461727][ T1453] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 42.483923][ T290] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 42.505152][ T290] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 42.505815][ T351] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 42.535290][ T290] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 42.536396][ T351] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 42.560822][ T290] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 42.568136][ T351] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 42.585745][ T306] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 42.602686][ T290] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 42.623561][ T351] usb 1-1: config 0 descriptor?? [ 42.628680][ T436] usb 4-1: Using ep0 maxpacket: 16 [ 42.635014][ T290] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 42.637082][ T436] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 42.655273][ T290] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 42.674343][ T436] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 42.689725][ T290] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 42.692448][ T436] usb 4-1: Product: syz [ 42.713857][ T290] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 54: comm syz-executor: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 42.716670][ T436] usb 4-1: Manufacturer: syz [ 42.742244][ T436] usb 4-1: SerialNumber: syz [ 42.743519][ T290] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 42.748176][ T436] usb 4-1: config 0 descriptor?? [ 42.774384][ T436] ums-onetouch 4-1:0.0: USB Mass Storage device detected [ 42.815615][ T306] usb 2-1: config 0 has no interfaces? [ 42.821983][ T306] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 42.831231][ T306] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 42.840806][ T306] usb 2-1: Manufacturer: syz [ 42.854898][ T306] usb 2-1: config 0 descriptor?? [ 42.936660][ T290] EXT4-fs (loop2): unmounting filesystem. [ 42.991496][ T436] usb 4-1: USB disconnect, device number 7 [ 43.041838][ T351] keytouch 0003:0926:3333.0004: fixing up Keytouch IEC report descriptor [ 43.055811][ T351] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0004/input/input12 [ 43.063143][ T1441] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 43.076311][ T1441] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 43.085635][ T306] usb 2-1: USB disconnect, device number 4 [ 43.137508][ T351] keytouch 0003:0926:3333.0004: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 43.158253][ T1465] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.174478][ T1465] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.184990][ T1465] device bridge_slave_0 entered promiscuous mode [ 43.196130][ T1465] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.203305][ T1465] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.210943][ T1465] device bridge_slave_1 entered promiscuous mode [ 43.297490][ T1465] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.304630][ T1465] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.311918][ T1465] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.318983][ T1465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.348126][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 43.356967][ T43] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.365010][ T43] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.375174][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 43.383605][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.390715][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 43.401341][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 43.409868][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 43.418700][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.425870][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 43.444989][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 43.453218][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 43.461637][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 43.470367][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 43.487125][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 43.495795][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 43.508639][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 43.516753][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 43.526640][ T1465] device veth0_vlan entered promiscuous mode [ 43.535710][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 43.543607][ T1477] input: syz1 as /devices/virtual/input/input13 [ 43.550538][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 43.554846][ T1477] input: failed to attach handler leds to device input13, error: -6 [ 43.578858][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 43.587241][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 43.602786][ T1479] loop3: detected capacity change from 0 to 512 [ 43.612528][ T1479] EXT4-fs: Ignoring removed nobh option [ 43.622806][ T1465] device veth1_macvtap entered promiscuous mode [ 43.640520][ T348] device bridge_slave_1 left promiscuous mode [ 43.648293][ T348] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.656555][ T1479] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #3: comm syz.3.469: corrupted inode contents [ 43.659681][ T6] usb 1-1: USB disconnect, device number 4 [ 43.674628][ T348] device bridge_slave_0 left promiscuous mode [ 43.679449][ T1479] EXT4-fs error (device loop3): ext4_dirty_inode:6121: inode #3: comm syz.3.469: mark_inode_dirty error [ 43.681074][ T348] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.700576][ T1479] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #3: comm syz.3.469: corrupted inode contents [ 43.717334][ T1479] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #3: comm syz.3.469: mark_inode_dirty error [ 43.729020][ T1479] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.469: Failed to acquire dquot type 0 [ 43.730899][ T348] device veth1_macvtap left promiscuous mode [ 43.741897][ T1479] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.469: corrupted inode contents [ 43.747360][ T348] device veth0_vlan left promiscuous mode [ 43.759744][ T1479] EXT4-fs error (device loop3): ext4_dirty_inode:6121: inode #16: comm syz.3.469: mark_inode_dirty error [ 43.775567][ T1479] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.469: corrupted inode contents [ 43.787791][ T1479] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.469: mark_inode_dirty error [ 43.813163][ T1479] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.469: corrupted inode contents [ 43.826223][ T1479] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 43.835646][ T1479] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.469: corrupted inode contents [ 43.836975][ T1488] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 43.847788][ T1479] EXT4-fs error (device loop3): ext4_truncate:4314: inode #16: comm syz.3.469: mark_inode_dirty error [ 43.869050][ T1479] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 43.878463][ T1479] EXT4-fs (loop3): 1 truncate cleaned up [ 43.884241][ T1479] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 43.893379][ T1479] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.896924][ T1488] FAT-fs (loop9): unable to read boot sector [ 43.953195][ T287] EXT4-fs (loop3): unmounting filesystem. [ 43.976825][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 43.999427][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 44.013020][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 44.048232][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 44.067149][ T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 44.152221][ T1509] syz.3.481[1509] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 44.152301][ T1509] syz.3.481[1509] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 44.154970][ T1508] loop5: detected capacity change from 0 to 512 [ 44.432152][ T28] kauditd_printk_skb: 54 callbacks suppressed [ 44.432169][ T28] audit: type=1400 audit(1762412148.683:315): avc: denied { read } for pid=1528 comm="syz.0.489" path="socket:[21045]" dev="sockfs" ino=21045 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 44.494792][ T351] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 44.542671][ T1541] loop1: detected capacity change from 0 to 512 [ 44.550683][ T28] audit: type=1326 audit(1762412148.803:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1542 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf5f8f6c9 code=0x7ffc0000 [ 44.574202][ T1541] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 44.585592][ T28] audit: type=1326 audit(1762412148.803:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1542 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf5f8f6c9 code=0x7ffc0000 [ 44.612145][ T28] audit: type=1326 audit(1762412148.803:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1542 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf5f8f6c9 code=0x7ffc0000 [ 44.635621][ T28] audit: type=1326 audit(1762412148.803:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1542 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf5f8f6c9 code=0x7ffc0000 [ 44.659955][ T28] audit: type=1326 audit(1762412148.803:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1542 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7ffaf5f8f6c9 code=0x7ffc0000 [ 44.665098][ T1541] EXT4-fs (loop1): 1 truncate cleaned up [ 44.683241][ T28] audit: type=1326 audit(1762412148.803:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1542 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf5f8f6c9 code=0x7ffc0000 [ 44.712316][ T28] audit: type=1326 audit(1762412148.803:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1542 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf5f8f6c9 code=0x7ffc0000 [ 44.732563][ T1541] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 44.735769][ T28] audit: type=1326 audit(1762412148.803:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1542 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf5f8f6c9 code=0x7ffc0000 [ 44.750008][ T1541] EXT4-fs (loop1): unmounting filesystem. [ 44.768022][ T28] audit: type=1326 audit(1762412148.803:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1542 comm="syz.0.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf5f8f6c9 code=0x7ffc0000 [ 44.796805][ T351] usb 4-1: Using ep0 maxpacket: 32 [ 44.808419][ T351] usb 4-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=b4.bf [ 44.825550][ T351] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 44.833769][ T351] usb 4-1: Product: syz [ 44.834604][ T6] usb 5-1: new low-speed USB device number 6 using dummy_hcd [ 44.838267][ T351] usb 4-1: Manufacturer: syz [ 44.851040][ T351] usb 4-1: SerialNumber: syz [ 44.856767][ T351] usb 4-1: config 0 descriptor?? [ 45.026300][ T6] usb 5-1: config 0 has no interfaces? [ 45.031944][ T6] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 45.047478][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 45.062161][ T6] usb 5-1: config 0 descriptor?? [ 45.064468][ T351] snd-usb-audio: probe of 4-1:0.0 failed with error -71 [ 45.076926][ T351] usb 4-1: USB disconnect, device number 8 [ 45.121943][ T1556] loop1: detected capacity change from 0 to 40427 [ 45.139729][ T1556] F2FS-fs (loop1): invalid crc value [ 45.153952][ T1556] F2FS-fs (loop1): Found nat_bits in checkpoint [ 45.193847][ T1556] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 45.247088][ T1556] syz.1.501: attempt to access beyond end of device [ 45.247088][ T1556] loop1: rw=0, sector=77824, nr_sectors = 8 limit=40427 [ 45.268755][ T283] syz-executor: attempt to access beyond end of device [ 45.268755][ T283] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 45.285706][ T1571] loop0: detected capacity change from 0 to 128 [ 45.304027][ T1571] FAT-fs (loop0): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 45.315601][ T1571] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 45.323479][ T1571] FAT-fs (loop0): Filesystem has been set read-only [ 45.330743][ T1571] syz.0.506: attempt to access beyond end of device [ 45.330743][ T1571] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 45.452116][ T1583] loop5: detected capacity change from 0 to 512 [ 45.484663][ T1583] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 45.493888][ T1583] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 45.542077][ T1465] EXT4-fs (loop5): unmounting filesystem. [ 45.632103][ T1610] loop5: detected capacity change from 0 to 512 [ 45.655315][ T1610] EXT4-fs (loop5): Test dummy encryption mode enabled [ 45.675902][ T1610] EXT4-fs error (device loop5): ext4_find_inline_data_nolock:164: inode #12: comm syz.5.523: inline data xattr refers to an external xattr inode [ 45.691031][ T1610] EXT4-fs (loop5): Remounting filesystem read-only [ 45.698285][ T1610] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.523: couldn't read orphan inode 12 (err -117) [ 45.710359][ T1610] EXT4-fs (loop5): Remounting filesystem read-only [ 45.718878][ T1610] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 45.747826][ T1610] EXT4-fs (loop5): shut down requested (2) [ 45.770432][ T1465] EXT4-fs (loop5): unmounting filesystem. [ 45.793970][ T1625] support for cryptoloop has been removed. Use dm-crypt instead. [ 45.826651][ T1630] syz.1.532[1630] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.826731][ T1630] syz.1.532[1630] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 45.904546][ T306] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 45.962561][ T1645] netlink: 96 bytes leftover after parsing attributes in process `syz.5.538'. [ 46.105958][ T306] usb 4-1: unable to get BOS descriptor or descriptor too short [ 46.114475][ T6] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 46.122999][ T306] usb 4-1: not running at top speed; connect to a high speed hub [ 46.132260][ T1653] loop0: detected capacity change from 0 to 512 [ 46.136132][ T306] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 46.149056][ T306] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 46.160633][ T306] usb 4-1: string descriptor 0 read error: -22 [ 46.167431][ T306] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 46.185565][ T306] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 46.196327][ T306] usb 4-1: 0:2 : does not exist [ 46.239041][ T1659] loop0: detected capacity change from 0 to 512 [ 46.266717][ T1659] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 46.276467][ T1659] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.304516][ T6] usb 2-1: Using ep0 maxpacket: 32 [ 46.311432][ T288] EXT4-fs (loop0): unmounting filesystem. [ 46.312879][ T6] usb 2-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=b4.bf [ 46.326806][ T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 46.334924][ T6] usb 2-1: Product: syz [ 46.339327][ T6] usb 2-1: Manufacturer: syz [ 46.343984][ T6] usb 2-1: SerialNumber: syz [ 46.350058][ T6] usb 2-1: config 0 descriptor?? [ 46.390484][ T1670] loop0: detected capacity change from 0 to 4096 [ 46.401839][ T1670] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 46.422387][ T288] EXT4-fs (loop0): unmounting filesystem. [ 46.506270][ T1681] Zero length message leads to an empty skb [ 46.557393][ T6] snd-usb-audio: probe of 2-1:0.0 failed with error -71 [ 46.565470][ T6] usb 2-1: USB disconnect, device number 5 [ 46.802933][ T306] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5) [ 46.812511][ T306] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5) [ 46.822089][ T306] usb 4-1: 5:0: failed to get current value for ch 1 (-22) [ 46.834985][ T306] usb 4-1: USB disconnect, device number 9 [ 47.084370][ T1697] netlink: 8 bytes leftover after parsing attributes in process `syz.0.556'. [ 47.109849][ T1697] netlink: 8 bytes leftover after parsing attributes in process `syz.0.556'. [ 47.175561][ T1711] loop0: detected capacity change from 0 to 128 [ 47.190799][ T1711] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 47.199964][ T1711] ext4 filesystem being mounted at /142/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 47.231546][ T288] EXT4-fs (loop0): unmounting filesystem. [ 47.334566][ T1036] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 47.343085][ T60] usb 5-1: USB disconnect, device number 6 [ 47.344382][ T1720] loop3: detected capacity change from 0 to 512 [ 47.358688][ T1720] EXT4-fs: Ignoring removed oldalloc option [ 47.365812][ T1720] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 47.398805][ T1720] EXT4-fs (loop3): 1 truncate cleaned up [ 47.411036][ T1720] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 47.451063][ T287] EXT4-fs (loop3): unmounting filesystem. [ 48.348576][ T1824] loop4: detected capacity change from 0 to 256 [ 48.384515][ T6] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 48.574540][ T6] usb 1-1: Using ep0 maxpacket: 16 [ 48.584047][ T1843] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c [ 48.596891][ T6] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 48.604268][ T1843] SELinux: failed to load policy [ 48.612715][ T6] usb 1-1: config 0 has no interfaces? [ 48.624622][ T6] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 48.644460][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 48.663923][ T6] usb 1-1: config 0 descriptor?? [ 48.752133][ T1826] loop1: detected capacity change from 0 to 40427 [ 48.772383][ T1826] F2FS-fs (loop1): invalid crc value [ 48.787376][ T1826] F2FS-fs (loop1): Found nat_bits in checkpoint [ 48.844382][ T1826] F2FS-fs (loop1): Start checkpoint disabled! [ 48.860363][ T1826] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 48.894556][ T60] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 48.910152][ T306] usb 1-1: USB disconnect, device number 5 [ 48.972278][ T1826] F2FS-fs (loop1): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled [ 49.000523][ T1874] loop5: detected capacity change from 0 to 512 [ 49.011315][ T1874] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 49.029545][ T727] kworker/u4:5: attempt to access beyond end of device [ 49.029545][ T727] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 49.049380][ T1874] EXT4-fs (loop5): 1 truncate cleaned up [ 49.057227][ T1877] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.070730][ T1874] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 49.095869][ T60] usb 4-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 49.108922][ T1465] EXT4-fs (loop5): unmounting filesystem. [ 49.119067][ T60] usb 4-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 49.135642][ T60] usb 4-1: config 0 interface 0 has no altsetting 0 [ 49.142307][ T60] usb 4-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00 [ 49.151713][ T60] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 49.164785][ T60] usb 4-1: config 0 descriptor?? [ 49.255759][ T1889] loop4: detected capacity change from 0 to 1024 [ 49.270298][ T1889] EXT4-fs: Ignoring removed orlov option [ 49.287448][ T1889] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 49.311498][ T289] EXT4-fs (loop4): unmounting filesystem. [ 49.552960][ T28] kauditd_printk_skb: 91 callbacks suppressed [ 49.552977][ T28] audit: type=1400 audit(1762412153.803:416): avc: denied { write } for pid=1913 comm="syz.4.655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 49.580054][ T28] audit: type=1400 audit(1762412153.803:417): avc: denied { nlmsg_write } for pid=1913 comm="syz.4.655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 49.603578][ T60] nintendo 0003:057E:2009.0005: unknown main item tag 0x0 [ 49.612950][ T60] nintendo 0003:057E:2009.0005: unknown main item tag 0x0 [ 49.621350][ T60] nintendo 0003:057E:2009.0005: unknown main item tag 0x0 [ 49.621757][ T28] audit: type=1400 audit(1762412153.813:418): avc: denied { create } for pid=1913 comm="syz.4.655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 49.630158][ T60] nintendo 0003:057E:2009.0005: hidraw0: USB HID v80.00 Device [HID 057e:2009] on usb-dummy_hcd.3-1/input0 [ 49.659555][ T28] audit: type=1400 audit(1762412153.813:419): avc: denied { connect } for pid=1913 comm="syz.4.655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 49.679242][ T28] audit: type=1400 audit(1762412153.813:420): avc: denied { getopt } for pid=1913 comm="syz.4.655" laddr=fe80::a8aa:aaff:feaa:aaaa lport=4 faddr=ff04::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 49.724566][ T60] nintendo 0003:057E:2009.0005: failed reading SPI flash; ret=-38 [ 49.732441][ T60] nintendo 0003:057E:2009.0005: using factory cal for left stick [ 49.754556][ T60] nintendo 0003:057E:2009.0005: failed reading SPI flash; ret=-38 [ 49.762457][ T60] nintendo 0003:057E:2009.0005: using factory cal for right stick [ 49.770585][ T60] nintendo 0003:057E:2009.0005: failed reading SPI flash; ret=-38 [ 49.778509][ T60] nintendo 0003:057E:2009.0005: Failed to read left stick cal, using defaults; e=-38 [ 49.790125][ T60] nintendo 0003:057E:2009.0005: failed reading SPI flash; ret=-38 [ 49.798042][ T60] nintendo 0003:057E:2009.0005: Failed to read right stick cal, using defaults; e=-38 [ 49.807669][ T60] nintendo 0003:057E:2009.0005: failed reading SPI flash; ret=-38 [ 49.815658][ T60] nintendo 0003:057E:2009.0005: using factory cal for IMU [ 49.819804][ T1916] mmap: syz.4.656 (1916) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 49.822906][ T60] nintendo 0003:057E:2009.0005: failed reading SPI flash; ret=-38 [ 49.843891][ T60] nintendo 0003:057E:2009.0005: Failed to read IMU cal, using defaults; ret=-38 [ 49.848812][ T1910] loop0: detected capacity change from 0 to 40427 [ 49.853398][ T60] nintendo 0003:057E:2009.0005: Unable to read IMU calibration data [ 49.860423][ T1910] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 49.872589][ T60] nintendo 0003:057E:2009.0005: Failed to set report mode; ret=-38 [ 49.875656][ T1910] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 49.883752][ T60] nintendo 0003:057E:2009.0005: Failed to initialize controller; ret=-38 [ 49.892855][ T1910] F2FS-fs (loop0): invalid crc value [ 49.901913][ T60] nintendo 0003:057E:2009.0005: probe - fail = -38 [ 49.912456][ T60] nintendo: probe of 0003:057E:2009.0005 failed with error -38 [ 49.921334][ T1910] F2FS-fs (loop0): Found nat_bits in checkpoint [ 49.923672][ T60] usb 4-1: USB disconnect, device number 10 [ 49.971044][ T1922] fido_id[1922]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 49.995307][ T1910] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 50.007718][ T1910] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 50.047088][ T28] audit: type=1400 audit(1762412154.303:421): avc: denied { relabelfrom } for pid=1925 comm="syz.5.657" name="" dev="pipefs" ino=22480 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 50.084321][ T1910] syz.0.653: attempt to access beyond end of device [ 50.084321][ T1910] loop0: rw=34817, sector=77824, nr_sectors = 32 limit=40427 [ 50.189380][ T28] audit: type=1400 audit(1762412154.443:422): avc: denied { create } for pid=1936 comm="syz.1.663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 50.217020][ T28] audit: type=1400 audit(1762412154.443:423): avc: denied { write } for pid=1936 comm="syz.1.663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 50.239105][ T28] audit: type=1400 audit(1762412154.473:424): avc: denied { sqpoll } for pid=1937 comm="syz.4.664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 50.265902][ T28] audit: type=1400 audit(1762412154.473:425): avc: denied { create } for pid=1937 comm="syz.4.664" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 50.320747][ T1946] loop4: detected capacity change from 0 to 128 [ 50.364555][ T436] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 50.448159][ T1953] serio: Serial port ptm0 [ 50.474927][ T6] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 50.550217][ T1968] loop4: detected capacity change from 0 to 512 [ 50.560704][ T1968] EXT4-fs: Ignoring removed oldalloc option [ 50.568537][ T1968] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 50.568656][ T436] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 50.590197][ T436] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 50.600363][ T436] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 50.604718][ T1968] EXT4-fs (loop4): 1 truncate cleaned up [ 50.613472][ T436] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 50.628809][ T436] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.636192][ T1968] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 50.653195][ T436] usb 6-1: config 0 descriptor?? [ 50.664523][ T6] usb 2-1: Using ep0 maxpacket: 32 [ 50.670524][ T289] EXT4-fs (loop4): unmounting filesystem. [ 50.670966][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 50.687624][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 50.698536][ T6] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 50.707718][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.716604][ T6] usb 2-1: config 0 descriptor?? [ 51.004550][ T60] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 51.062223][ T436] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xd [ 51.070971][ T436] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 51.080461][ T436] plantronics 0003:047F:FFFF.0006: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 51.126413][ T6] savu 0003:1E7D:2D5A.0007: hiddev97,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 51.185615][ T60] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 51.195617][ T60] usb 5-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 51.208644][ T60] usb 5-1: config 0 interface 0 has no altsetting 0 [ 51.215620][ T60] usb 5-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00 [ 51.224701][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.233567][ T60] usb 5-1: config 0 descriptor?? [ 51.295320][ T1983] x_tables: duplicate underflow at hook 4 [ 51.316086][ T1985] loop3: detected capacity change from 0 to 512 [ 51.335498][ T436] usb 6-1: USB disconnect, device number 2 [ 51.345260][ T1985] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 51.369100][ T287] EXT4-fs (loop3): unmounting filesystem. [ 51.406883][ T6] usb 2-1: USB disconnect, device number 6 [ 51.562800][ T2002] loop0: detected capacity change from 0 to 16 [ 51.569823][ T2002] erofs: (device loop0): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300) [ 51.619428][ T2006] loop0: detected capacity change from 0 to 1024 [ 51.636209][ T2006] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 51.654124][ T60] nintendo 0003:057E:2009.0008: unknown main item tag 0x0 [ 51.662537][ T60] nintendo 0003:057E:2009.0008: unknown main item tag 0x0 [ 51.670023][ T60] nintendo 0003:057E:2009.0008: unknown main item tag 0x0 [ 51.673430][ T288] EXT4-fs (loop0): unmounting filesystem. [ 51.678823][ T60] nintendo 0003:057E:2009.0008: hidraw0: USB HID v80.00 Device [HID 057e:2009] on usb-dummy_hcd.4-1/input0 [ 51.764653][ T60] nintendo 0003:057E:2009.0008: failed reading SPI flash; ret=-38 [ 51.772667][ T60] nintendo 0003:057E:2009.0008: using factory cal for left stick [ 51.780494][ T60] nintendo 0003:057E:2009.0008: failed reading SPI flash; ret=-38 [ 51.788355][ T60] nintendo 0003:057E:2009.0008: using factory cal for right stick [ 51.796230][ T60] nintendo 0003:057E:2009.0008: failed reading SPI flash; ret=-38 [ 51.804137][ T60] nintendo 0003:057E:2009.0008: Failed to read left stick cal, using defaults; e=-38 [ 51.813698][ T60] nintendo 0003:057E:2009.0008: failed reading SPI flash; ret=-38 [ 51.821560][ T60] nintendo 0003:057E:2009.0008: Failed to read right stick cal, using defaults; e=-38 [ 51.831181][ T60] nintendo 0003:057E:2009.0008: failed reading SPI flash; ret=-38 [ 51.839052][ T60] nintendo 0003:057E:2009.0008: using factory cal for IMU [ 51.846256][ T60] nintendo 0003:057E:2009.0008: failed reading SPI flash; ret=-38 [ 51.854738][ T60] nintendo 0003:057E:2009.0008: Failed to read IMU cal, using defaults; ret=-38 [ 51.864077][ T60] nintendo 0003:057E:2009.0008: Unable to read IMU calibration data [ 51.872444][ T60] nintendo 0003:057E:2009.0008: Failed to set report mode; ret=-38 [ 51.891835][ T60] nintendo 0003:057E:2009.0008: Failed to initialize controller; ret=-38 [ 51.902155][ T60] nintendo 0003:057E:2009.0008: probe - fail = -38 [ 51.908841][ T60] nintendo: probe of 0003:057E:2009.0008 failed with error -38 [ 51.928612][ T60] usb 5-1: USB disconnect, device number 7 [ 51.977572][ T2017] fido_id[2017]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 52.195865][ T2040] syz.5.705[2040] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.195945][ T2040] syz.5.705[2040] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.214565][ T6] usb 2-1: new low-speed USB device number 7 using dummy_hcd [ 52.272089][ T2046] 9pnet: p9_errstr2errno: server reported unknown error @00000000000000000000004D0xffffffffffffffff [ 52.310834][ T2050] loop3: detected capacity change from 0 to 256 [ 52.324854][ T2050] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 52.335356][ T2050] FAT-fs (loop3): Filesystem has been set read-only [ 52.342075][ T2050] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 52.352384][ T2050] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 52.362735][ T2050] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 52.405588][ T6] usb 2-1: config 0 has no interfaces? [ 52.411211][ T6] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 52.420929][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.434022][ T6] usb 2-1: config 0 descriptor?? [ 52.486397][ T60] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 52.644233][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 52.684599][ T60] usb 6-1: Using ep0 maxpacket: 32 [ 52.692833][ T60] usb 6-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=b4.bf [ 52.702068][ T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 52.710223][ T60] usb 6-1: Product: syz [ 52.714454][ T60] usb 6-1: Manufacturer: syz [ 52.719161][ T60] usb 6-1: SerialNumber: syz [ 52.724696][ T60] usb 6-1: config 0 descriptor?? [ 52.874534][ T351] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 52.933171][ T60] snd-usb-audio: probe of 6-1:0.0 failed with error -71 [ 52.941356][ T60] usb 6-1: USB disconnect, device number 3 [ 53.065899][ T351] usb 5-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 53.076980][ T351] usb 5-1: config 0 interface 0 has no altsetting 0 [ 53.083726][ T351] usb 5-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00 [ 53.092946][ T351] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.101767][ T351] usb 5-1: config 0 descriptor?? [ 53.107183][ T2078] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 53.475046][ T2099] loop0: detected capacity change from 0 to 1024 [ 53.495742][ T2099] EXT4-fs: Ignoring removed orlov option [ 53.506469][ T2099] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 53.517412][ T351] ryos 0003:1E7D:3138.0009: unknown main item tag 0x0 [ 53.524264][ T351] ryos 0003:1E7D:3138.0009: item fetching failed at offset 3/5 [ 53.544698][ T351] ryos 0003:1E7D:3138.0009: parse failed [ 53.550512][ T351] ryos: probe of 0003:1E7D:3138.0009 failed with error -22 [ 53.559534][ T288] EXT4-fs (loop0): unmounting filesystem. [ 53.605048][ T6] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 53.675895][ T2122] syz.0.743[2122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 53.675977][ T2122] syz.0.743[2122] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 53.723608][ T351] usb 5-1: USB disconnect, device number 8 [ 53.777454][ T2125] loop5: detected capacity change from 0 to 512 [ 53.796232][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 53.806525][ T2125] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 53.807379][ T6] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 53.816619][ T2125] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.826506][ T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.853366][ T6] usb 4-1: config 0 descriptor?? [ 53.864493][ T1465] EXT4-fs (loop5): unmounting filesystem. [ 53.886816][ T2129] loop5: detected capacity change from 0 to 2048 [ 53.907826][ T2129] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 53.929984][ T1465] EXT4-fs (loop5): unmounting filesystem. [ 53.954561][ T60] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 54.058878][ T2145] loop5: detected capacity change from 0 to 512 [ 54.066168][ T2145] ext4: Unknown parameter 'mask' [ 54.134490][ T60] usb 1-1: Using ep0 maxpacket: 32 [ 54.142399][ T60] usb 1-1: New USB device found, idVendor=17cc, idProduct=1020, bcdDevice=b4.bf [ 54.146212][ T2153] loop5: detected capacity change from 0 to 16 [ 54.152021][ T60] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 54.166677][ T60] usb 1-1: Product: syz [ 54.170740][ T2153] erofs: (device loop5): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300) [ 54.170931][ T60] usb 1-1: Manufacturer: syz [ 54.186893][ T60] usb 1-1: SerialNumber: syz [ 54.192248][ T60] usb 1-1: config 0 descriptor?? [ 54.263040][ T6] keytouch 0003:0926:3333.000A: fixing up Keytouch IEC report descriptor [ 54.290429][ T6] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.000A/input/input15 [ 54.310045][ T2161] loop4: detected capacity change from 0 to 512 [ 54.316881][ T2161] EXT4-fs: Ignoring removed nobh option [ 54.337123][ T2161] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #3: comm syz.4.759: corrupted inode contents [ 54.349331][ T2161] EXT4-fs error (device loop4): ext4_dirty_inode:6121: inode #3: comm syz.4.759: mark_inode_dirty error [ 54.361314][ T2161] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #3: comm syz.4.759: corrupted inode contents [ 54.374312][ T2161] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #3: comm syz.4.759: mark_inode_dirty error [ 54.393739][ T6] keytouch 0003:0926:3333.000A: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0 [ 54.399627][ T2161] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.759: Failed to acquire dquot type 0 [ 54.417737][ T60] snd-usb-audio: probe of 1-1:0.0 failed with error -71 [ 54.421097][ T2161] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #16: comm syz.4.759: corrupted inode contents [ 54.437596][ T60] usb 1-1: USB disconnect, device number 6 [ 54.446320][ T2161] EXT4-fs error (device loop4): ext4_dirty_inode:6121: inode #16: comm syz.4.759: mark_inode_dirty error [ 54.479305][ T2161] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #16: comm syz.4.759: corrupted inode contents [ 54.500210][ T2161] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #16: comm syz.4.759: mark_inode_dirty error [ 54.521304][ T2161] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #16: comm syz.4.759: corrupted inode contents [ 54.533627][ T2161] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 54.546708][ T2161] EXT4-fs error (device loop4): ext4_do_update_inode:5256: inode #16: comm syz.4.759: corrupted inode contents [ 54.558839][ T2161] EXT4-fs error (device loop4): ext4_truncate:4314: inode #16: comm syz.4.759: mark_inode_dirty error [ 54.570232][ T2161] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 54.579876][ T2161] EXT4-fs (loop4): 1 truncate cleaned up [ 54.586037][ T2161] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 54.595392][ T2161] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.629654][ T28] kauditd_printk_skb: 63 callbacks suppressed [ 54.629686][ T28] audit: type=1400 audit(1762412158.883:487): avc: denied { read } for pid=2160 comm="syz.4.759" path="/145/file0/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 54.690172][ T289] EXT4-fs (loop4): unmounting filesystem. [ 54.696078][ T1572] Bluetooth: hci0: command 0x1003 tx timeout [ 54.696320][ T1036] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 54.713070][ T351] usb 2-1: USB disconnect, device number 7 [ 54.829167][ T28] audit: type=1400 audit(1762412159.083:488): avc: denied { ioctl } for pid=2177 comm="syz.4.766" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=24030 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 54.836567][ T24] usb 4-1: USB disconnect, device number 11 [ 55.024584][ T60] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 55.154517][ T933] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 55.205752][ T60] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 55.222389][ T60] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 55.230786][ T28] audit: type=1400 audit(1762412159.483:489): avc: denied { mount } for pid=2187 comm="syz.1.770" name="/" dev="securityfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1 [ 55.231569][ T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 55.254474][ T6] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 55.262350][ T60] usb 6-1: SerialNumber: syz [ 55.355469][ T933] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 55.366492][ T933] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.383372][ T933] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 55.399030][ T933] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 55.409612][ T933] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.422039][ T2195] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 55.422653][ T933] usb 5-1: config 0 descriptor?? [ 55.445278][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready [ 55.453629][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 55.462986][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready [ 55.471996][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 55.474299][ T6] usb 1-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.483003][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 55.490830][ T6] usb 1-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 55.498608][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 55.511347][ T6] usb 1-1: config 0 interface 0 has no altsetting 0 [ 55.519848][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 55.526303][ T6] usb 1-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00 [ 55.534181][ T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 55.542940][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.571325][ T6] usb 1-1: config 0 descriptor?? [ 55.650344][ T28] audit: type=1400 audit(1762412159.903:490): avc: denied { watch } for pid=2198 comm="syz.3.775" path="/106/file0" dev="tmpfs" ino=573 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 55.724645][ T684] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 55.839581][ T933] plantronics 0003:047F:FFFF.000B: unknown main item tag 0xd [ 55.849042][ T933] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving [ 55.858922][ T933] plantronics 0003:047F:FFFF.000B: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 55.885419][ T60] cdc_ether 6-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.5-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 55.904593][ T684] usb 2-1: Using ep0 maxpacket: 8 [ 55.916397][ T684] usb 2-1: New USB device found, idVendor=22b8, idProduct=6425, bcdDevice=d3.6c [ 55.928084][ T28] audit: type=1400 audit(1762412160.193:491): avc: denied { read } for pid=142 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 55.959766][ T684] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 55.978552][ T684] usb 2-1: Product: syz [ 55.987287][ T28] audit: type=1400 audit(1762412160.193:492): avc: denied { search } for pid=142 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 56.009333][ T6] nintendo 0003:057E:2009.000C: unknown main item tag 0x0 [ 56.020953][ T684] usb 2-1: Manufacturer: syz [ 56.025783][ T6] nintendo 0003:057E:2009.000C: unknown main item tag 0x0 [ 56.034603][ T684] usb 2-1: SerialNumber: syz [ 56.043698][ T6] nintendo 0003:057E:2009.000C: unknown main item tag 0x0 [ 56.055434][ T684] usb 2-1: config 0 descriptor?? [ 56.065353][ T684] cdc_ether 2-1:0.0: skipping garbage [ 56.070782][ T684] usb 2-1: bad CDC descriptors [ 56.088828][ T6] nintendo 0003:057E:2009.000C: hidraw1: USB HID v80.00 Device [HID 057e:2009] on usb-dummy_hcd.0-1/input0 [ 56.100465][ T28] audit: type=1400 audit(1762412160.193:493): avc: denied { read } for pid=142 comm="dhcpcd" name="n15" dev="tmpfs" ino=5175 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 56.125354][ T684] usb 2-1: unsupported MDLM descriptors [ 56.131078][ T684] cdc_acm 2-1:0.0: skipping garbage [ 56.145428][ T684] usb 5-1: USB disconnect, device number 9 [ 56.153739][ T28] audit: type=1400 audit(1762412160.193:494): avc: denied { open } for pid=142 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=5175 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 56.179932][ T28] audit: type=1400 audit(1762412160.193:495): avc: denied { getattr } for pid=142 comm="dhcpcd" path="/run/udev/data/n15" dev="tmpfs" ino=5175 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 56.206203][ T6] nintendo 0003:057E:2009.000C: failed reading SPI flash; ret=-38 [ 56.214072][ T6] nintendo 0003:057E:2009.000C: using factory cal for left stick [ 56.225305][ T6] nintendo 0003:057E:2009.000C: failed reading SPI flash; ret=-38 [ 56.233187][ T6] nintendo 0003:057E:2009.000C: using factory cal for right stick [ 56.241148][ T28] audit: type=1400 audit(1762412160.293:496): avc: denied { read } for pid=2210 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=494 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 56.268809][ T60] usb 2-1: USB disconnect, device number 8 [ 56.274524][ T6] nintendo 0003:057E:2009.000C: failed reading SPI flash; ret=-38 [ 56.282589][ T6] nintendo 0003:057E:2009.000C: Failed to read left stick cal, using defaults; e=-38 [ 56.294686][ T6] nintendo 0003:057E:2009.000C: failed reading SPI flash; ret=-38 [ 56.302641][ T6] nintendo 0003:057E:2009.000C: Failed to read right stick cal, using defaults; e=-38 [ 56.317960][ T6] nintendo 0003:057E:2009.000C: failed reading SPI flash; ret=-38 [ 56.334459][ T6] nintendo 0003:057E:2009.000C: using factory cal for IMU [ 56.345618][ T6] nintendo 0003:057E:2009.000C: failed reading SPI flash; ret=-38 [ 56.353473][ T6] nintendo 0003:057E:2009.000C: Failed to read IMU cal, using defaults; ret=-38 [ 56.362839][ T6] nintendo 0003:057E:2009.000C: Unable to read IMU calibration data [ 56.371441][ T6] nintendo 0003:057E:2009.000C: Failed to set report mode; ret=-38 [ 56.383407][ T6] nintendo 0003:057E:2009.000C: Failed to initialize controller; ret=-38 [ 56.393707][ T306] usb 6-1: USB disconnect, device number 4 [ 56.400888][ T306] cdc_ether 6-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.5-1, CDC Ethernet Device [ 56.411269][ T6] nintendo 0003:057E:2009.000C: probe - fail = -38 [ 56.420952][ T6] nintendo: probe of 0003:057E:2009.000C failed with error -38 [ 56.440928][ T6] usb 1-1: USB disconnect, device number 7 [ 56.486840][ T2225] fido_id[2225]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 56.532952][ T10] Bluetooth: hci0: Frame reassembly failed (-84) [ 56.706213][ T306] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 56.714256][ T306] hid-generic 0000:0000:0000.000D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 56.741286][ T2253] netlink: 24 bytes leftover after parsing attributes in process `syz.4.785'. [ 56.745460][ T2251] fido_id[2251]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 56.767602][ T2253] device veth3 entered promiscuous mode [ 56.793053][ T2256] loop1: detected capacity change from 0 to 512 [ 56.794329][ T24] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x4 [ 56.816970][ T2256] ext4: Bad value for 'mb_optimize_scan' [ 56.821888][ T24] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x2 [ 56.830950][ T24] hid-generic 0000:3000000:0000.000E: unknown main item tag 0x3 [ 56.840199][ T24] hid-generic 0000:3000000:0000.000E: hidraw0: HID v0.00 Device [sy] on syz0 [ 56.908671][ T2268] loop4: detected capacity change from 0 to 2048 [ 56.958918][ T2271] fido_id[2271]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 56.982329][ T2268] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 56.991817][ T2268] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.013896][ T2268] fs-verity: sha512 using implementation "sha512-avx2" [ 57.053192][ T289] EXT4-fs (loop4): unmounting filesystem. [ 57.233102][ T2312] loop5: detected capacity change from 0 to 2048 [ 57.285420][ T2327] loop0: detected capacity change from 0 to 512 [ 57.297259][ T2312] Alternate GPT is invalid, using primary GPT. [ 57.303166][ T2327] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 57.303763][ T2312] loop5: p2 p3 p7 [ 57.319253][ T2327] ext4 filesystem being mounted at /192/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 57.340524][ T103] Alternate GPT is invalid, using primary GPT. [ 57.351603][ T2327] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 57.352768][ T103] loop5: p2 p3 p7 [ 57.386957][ T2327] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 57.426517][ T288] EXT4-fs (loop0): unmounting filesystem. [ 57.453890][ T353] udevd[353]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 57.466177][ T1052] udevd[1052]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory [ 57.478010][ T643] udevd[643]: inotify_add_watch(7, /dev/loop5p7, 10) failed: No such file or directory [ 57.534664][ T2350] netlink: 'syz.1.827': attribute type 4 has an invalid length. [ 57.685306][ T2364] 8021q: VLANs not supported on gre0 [ 57.733695][ T2373] loop5: detected capacity change from 0 to 512 [ 57.748400][ T2373] EXT4-fs: Ignoring removed nobh option [ 57.771689][ T2373] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #3: comm syz.5.835: corrupted inode contents [ 57.784914][ T2373] EXT4-fs error (device loop5): ext4_dirty_inode:6121: inode #3: comm syz.5.835: mark_inode_dirty error [ 57.797434][ T2373] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #3: comm syz.5.835: corrupted inode contents [ 57.814881][ T2373] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #3: comm syz.5.835: mark_inode_dirty error [ 57.826547][ T2373] EXT4-fs error (device loop5): ext4_acquire_dquot:6803: comm syz.5.835: Failed to acquire dquot type 0 [ 57.838766][ T2373] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #16: comm syz.5.835: corrupted inode contents [ 57.855389][ T2373] EXT4-fs error (device loop5): ext4_dirty_inode:6121: inode #16: comm syz.5.835: mark_inode_dirty error [ 57.877328][ T2373] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #16: comm syz.5.835: corrupted inode contents [ 57.890953][ T2373] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #16: comm syz.5.835: mark_inode_dirty error [ 57.929019][ T2373] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #16: comm syz.5.835: corrupted inode contents [ 57.967206][ T2373] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 57.977012][ T2373] EXT4-fs error (device loop5): ext4_do_update_inode:5256: inode #16: comm syz.5.835: corrupted inode contents [ 57.989667][ T2391] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 57.997175][ T2373] EXT4-fs error (device loop5): ext4_truncate:4314: inode #16: comm syz.5.835: mark_inode_dirty error [ 58.009533][ T2373] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 58.019346][ T2373] EXT4-fs (loop5): 1 truncate cleaned up [ 58.025253][ T2373] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 58.034398][ T2373] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.074277][ T2393] loop0: detected capacity change from 0 to 512 [ 58.116235][ T2393] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 58.128275][ T2393] ext4 filesystem being mounted at /200/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 58.150529][ T2387] loop1: detected capacity change from 0 to 40427 [ 58.168529][ T2393] EXT4-fs (loop0): shut down requested (2) [ 58.187943][ T2387] F2FS-fs (loop1): fault_injection options not supported [ 58.193045][ T1465] EXT4-fs (loop5): unmounting filesystem. [ 58.195526][ T2387] F2FS-fs (loop1): fault_type options not supported [ 58.208867][ T2387] F2FS-fs (loop1): invalid crc value [ 58.230479][ T288] EXT4-fs (loop0): unmounting filesystem. [ 58.236629][ T2387] F2FS-fs (loop1): Found nat_bits in checkpoint [ 58.288676][ T2387] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 58.339005][ T283] syz-executor: attempt to access beyond end of device [ 58.339005][ T283] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 58.416115][ T2417] device wireguard0 entered promiscuous mode [ 58.534534][ T1572] Bluetooth: hci0: command 0x1003 tx timeout [ 58.544544][ T1036] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 58.758281][ T2458] netlink: 8 bytes leftover after parsing attributes in process `syz.3.873'. [ 58.930391][ T2480] loop0: detected capacity change from 0 to 512 [ 58.958549][ T2480] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 58.997490][ T288] EXT4-fs (loop0): unmounting filesystem. [ 59.022306][ T2490] 9pnet: p9_errstr2errno: server reported unknown error  [ 59.024525][ T60] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 59.089868][ T2498] xt_connbytes: Forcing CT accounting to be enabled [ 59.097783][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 59.214582][ T60] usb 2-1: Using ep0 maxpacket: 32 [ 59.221811][ T60] usb 2-1: config 2 has an invalid interface number: 88 but max is 0 [ 59.230225][ T60] usb 2-1: config 2 has no interface number 0 [ 59.236605][ T60] usb 2-1: config 2 interface 88 has no altsetting 0 [ 59.244025][ T2514] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=2514 comm=syz.4.894 [ 59.245569][ T60] usb 2-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e [ 59.265812][ T2514] netlink: 32 bytes leftover after parsing attributes in process `syz.4.894'. [ 59.281688][ T60] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 59.289982][ T933] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 59.297585][ T60] usb 2-1: Product: syz [ 59.301856][ T60] usb 2-1: Manufacturer: syz [ 59.309117][ T60] usb 2-1: SerialNumber: syz [ 59.344979][ T2520] loop5: detected capacity change from 0 to 512 [ 59.486079][ T933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 59.497334][ T933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 59.510979][ T933] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 59.526469][ T933] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 59.536293][ T933] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.545239][ T933] usb 1-1: config 0 descriptor?? [ 59.649654][ T2528] loop3: detected capacity change from 0 to 40427 [ 59.653822][ T2535] loop5: detected capacity change from 0 to 256 [ 59.660973][ T2528] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 59.670536][ T2535] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xd6e00b17, utbl_chksum : 0xe619d30d) [ 59.674146][ T2528] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 59.692673][ T28] kauditd_printk_skb: 83 callbacks suppressed [ 59.692687][ T28] audit: type=1400 audit(1762412163.943:578): avc: denied { mount } for pid=2534 comm="syz.5.904" name="/" dev="loop5" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 59.713546][ T2528] F2FS-fs (loop3): invalid crc value [ 59.727518][ T28] audit: type=1400 audit(1762412163.983:579): avc: denied { write } for pid=2534 comm="syz.5.904" name="/" dev="loop5" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 59.751304][ T28] audit: type=1400 audit(1762412163.983:580): avc: denied { add_name } for pid=2534 comm="syz.5.904" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 59.772203][ T28] audit: type=1400 audit(1762412163.983:581): avc: denied { associate } for pid=2534 comm="syz.5.904" name="bus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 59.785162][ T2528] F2FS-fs (loop3): Found nat_bits in checkpoint [ 59.794061][ T28] audit: type=1400 audit(1762412163.993:582): avc: denied { write open } for pid=2534 comm="syz.5.904" path="/113/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop5" ino=1048620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 59.845012][ T28] audit: type=1400 audit(1762412164.003:583): avc: denied { mounton } for pid=2534 comm="syz.5.904" path="/113/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus" dev="loop5" ino=1048620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 59.846490][ T2528] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 59.890041][ T28] audit: type=1400 audit(1762412164.023:584): avc: denied { unmount } for pid=1465 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 59.899797][ T2528] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 59.950957][ T2528] syz.3.901: attempt to access beyond end of device [ 59.950957][ T2528] loop3: rw=34817, sector=77824, nr_sectors = 32 limit=40427 [ 59.966570][ T933] plantronics 0003:047F:FFFF.000F: unknown main item tag 0xd [ 59.976168][ T933] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving [ 59.987140][ T933] plantronics 0003:047F:FFFF.000F: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 60.093088][ T28] audit: type=1400 audit(1762412164.343:585): avc: denied { execmem } for pid=2541 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 60.114867][ T2543] xt_hashlimit: max too large, truncated to 1048576 [ 60.210532][ T2549] loop4: detected capacity change from 0 to 512 [ 60.245582][ T684] usb 1-1: USB disconnect, device number 8 [ 60.284716][ T28] audit: type=1400 audit(1762412164.543:586): avc: denied { read } for pid=2553 comm="syz-executor" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 60.325176][ T28] audit: type=1400 audit(1762412164.573:587): avc: denied { open } for pid=2553 comm="syz-executor" path="net:[4026531840]" dev="nsfs" ino=4026531840 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 60.328939][ T60] asix 2-1:2.88 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 60.369618][ T60] asix 2-1:2.88 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9 [ 60.380893][ T60] asix: probe of 2-1:2.88 failed with error -71 [ 60.403141][ T60] usb 2-1: USB disconnect, device number 9 [ 60.416268][ T2564] netlink: 12 bytes leftover after parsing attributes in process `syz.3.914'. [ 60.431261][ T2553] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.439256][ T2553] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.455057][ T2553] device bridge_slave_0 entered promiscuous mode [ 60.470128][ T2553] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.477578][ T2553] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.485419][ T2553] device bridge_slave_1 entered promiscuous mode [ 60.638972][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 60.648228][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 60.665760][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 60.674290][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 60.682715][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.689786][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.698044][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 60.706868][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 60.715145][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.722187][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.741594][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 60.750073][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.759038][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.767521][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 60.782044][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.804176][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 60.812777][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 60.821266][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 60.830152][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 60.844263][ T2553] device veth0_vlan entered promiscuous mode [ 60.850458][ T933] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 60.861057][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 60.869771][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 60.884201][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.893040][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.902330][ T2553] device veth1_macvtap entered promiscuous mode [ 60.917450][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 60.925769][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.934378][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.958224][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.971706][ T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 61.044484][ T933] usb 4-1: Using ep0 maxpacket: 16 [ 61.052443][ T933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 61.064640][ T340] device bridge_slave_1 left promiscuous mode [ 61.071295][ T340] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.084508][ T684] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 61.088560][ T933] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 61.114496][ T933] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 61.127635][ T933] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 61.139472][ T933] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.149509][ T933] usb 4-1: config 0 descriptor?? [ 61.154923][ T340] device bridge_slave_0 left promiscuous mode [ 61.161117][ T340] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.171201][ T340] device veth1_macvtap left promiscuous mode [ 61.180604][ T340] device veth0_vlan left promiscuous mode [ 61.264475][ T684] usb 1-1: Using ep0 maxpacket: 32 [ 61.270924][ T684] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 61.285066][ T684] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 61.296501][ T684] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 61.302650][ T2602] loop4: detected capacity change from 0 to 256 [ 61.306068][ T684] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 61.324973][ T684] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 61.334920][ T684] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 61.344783][ T2602] FAT-fs (loop4): Directory bread(block 64) failed [ 61.381824][ T2606] loop6: detected capacity change from 0 to 512 [ 61.386725][ T2602] FAT-fs (loop4): Directory bread(block 65) failed [ 61.389143][ T684] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 61.403499][ T2602] FAT-fs (loop4): Directory bread(block 66) failed [ 61.406407][ T2606] EXT4-fs: Ignoring removed nobh option [ 61.415931][ T684] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.425786][ T684] usb 1-1: config 0 descriptor?? [ 61.430890][ T2602] FAT-fs (loop4): Directory bread(block 67) failed [ 61.439632][ T2602] FAT-fs (loop4): Directory bread(block 68) failed [ 61.446833][ T2602] FAT-fs (loop4): Directory bread(block 69) failed [ 61.453759][ T2602] FAT-fs (loop4): Directory bread(block 70) failed [ 61.458552][ T2606] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #3: comm syz.6.930: corrupted inode contents [ 61.460755][ T2602] FAT-fs (loop4): Directory bread(block 71) failed [ 61.480518][ T2602] FAT-fs (loop4): Directory bread(block 72) failed [ 61.487294][ T2602] FAT-fs (loop4): Directory bread(block 73) failed [ 61.497745][ T2606] EXT4-fs error (device loop6): ext4_dirty_inode:6121: inode #3: comm syz.6.930: mark_inode_dirty error [ 61.511259][ T2606] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #3: comm syz.6.930: corrupted inode contents [ 61.534527][ T2606] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #3: comm syz.6.930: mark_inode_dirty error [ 61.549009][ T2606] EXT4-fs error (device loop6): ext4_acquire_dquot:6803: comm syz.6.930: Failed to acquire dquot type 0 [ 61.564763][ T2606] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #16: comm syz.6.930: corrupted inode contents [ 61.579429][ T933] microsoft 0003:045E:07DA.0010: ignoring exceeding usage max [ 61.579454][ T2606] EXT4-fs error (device loop6): ext4_dirty_inode:6121: inode #16: comm syz.6.930: mark_inode_dirty error [ 61.595003][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.602734][ T2616] loop1: detected capacity change from 0 to 128 [ 61.605642][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.625104][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.632364][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.640717][ T340] kworker/u4:3: attempt to access beyond end of device [ 61.640717][ T340] loop4: rw=1, sector=1224, nr_sectors = 544 limit=256 [ 61.645093][ T2606] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #16: comm syz.6.930: corrupted inode contents [ 61.655109][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.666453][ T684] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 61.673662][ T340] kworker/u4:3: attempt to access beyond end of device [ 61.673662][ T340] loop4: rw=1, sector=1800, nr_sectors = 128 limit=256 [ 61.687940][ T684] usb 1-1: USB disconnect, device number 9 [ 61.701963][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.705325][ T2606] EXT4-fs error (device loop6): __ext4_ext_dirty:202: inode #16: comm syz.6.930: mark_inode_dirty error [ 61.717905][ T340] kworker/u4:3: attempt to access beyond end of device [ 61.717905][ T340] loop4: rw=1, sector=1960, nr_sectors = 1380 limit=256 [ 61.725706][ T2616] ext4 filesystem being mounted at /189/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 61.735592][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.748167][ T684] usblp0: removed [ 61.753826][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.764587][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.772389][ T933] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 61.772459][ T2606] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #16: comm syz.6.930: corrupted inode contents [ 61.789188][ T933] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0010/input/input18 [ 61.809211][ T2606] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem [ 61.818586][ T2606] EXT4-fs error (device loop6): ext4_do_update_inode:5256: inode #16: comm syz.6.930: corrupted inode contents [ 61.822343][ T2616] syz.1.934 (pid 2616) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 61.850826][ T2606] EXT4-fs error (device loop6): ext4_truncate:4314: inode #16: comm syz.6.930: mark_inode_dirty error [ 61.863051][ T2606] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem [ 61.874180][ T2606] EXT4-fs (loop6): 1 truncate cleaned up [ 61.876616][ T933] microsoft 0003:045E:07DA.0010: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0 [ 61.891883][ T2606] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.900678][ T933] usb 4-1: USB disconnect, device number 12 [ 61.982693][ T2623] fido_id[2623]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 62.301271][ T2659] loop1: detected capacity change from 0 to 512 [ 62.310881][ T2659] EXT4-fs: Ignoring removed nobh option [ 62.357049][ T2671] loop4: detected capacity change from 0 to 256 [ 62.364858][ T2659] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #3: comm syz.1.952: corrupted inode contents [ 62.380315][ T2671] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 62.391252][ T2659] EXT4-fs error (device loop1): ext4_dirty_inode:6121: inode #3: comm syz.1.952: mark_inode_dirty error [ 62.412056][ T2659] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #3: comm syz.1.952: corrupted inode contents [ 62.425310][ T2659] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.952: mark_inode_dirty error [ 62.445098][ T2659] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.952: Failed to acquire dquot type 0 [ 62.473014][ T2659] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #16: comm syz.1.952: corrupted inode contents [ 62.500570][ T2659] EXT4-fs error (device loop1): ext4_dirty_inode:6121: inode #16: comm syz.1.952: mark_inode_dirty error [ 62.532053][ T2684] loop0: detected capacity change from 0 to 1024 [ 62.536420][ T2659] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #16: comm syz.1.952: corrupted inode contents [ 62.540471][ T2684] EXT4-fs: Ignoring removed bh option [ 62.564078][ T2684] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 62.575621][ T2659] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.952: mark_inode_dirty error [ 62.598010][ T2659] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #16: comm syz.1.952: corrupted inode contents [ 62.618194][ T2684] EXT4-fs (loop0): re-mounted. Quota mode: none. [ 62.618345][ T2659] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 62.633854][ T60] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 62.640977][ T2659] EXT4-fs error (device loop1): ext4_do_update_inode:5256: inode #16: comm syz.1.952: corrupted inode contents [ 62.654385][ T2659] EXT4-fs error (device loop1): ext4_truncate:4314: inode #16: comm syz.1.952: mark_inode_dirty error [ 62.682454][ T2659] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 62.705923][ T2695] loop3: detected capacity change from 0 to 256 [ 62.725330][ T2659] EXT4-fs (loop1): 1 truncate cleaned up [ 62.737367][ T2659] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.803287][ T2707] loop3: detected capacity change from 0 to 512 [ 62.815702][ T60] usb 7-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 62.840462][ T60] usb 7-1: config 0 interface 0 has no altsetting 0 [ 62.844670][ T2707] FAT-fs (loop3): bogus logical sector size 63488 [ 62.854308][ T2707] FAT-fs (loop3): Can't find a valid FAT filesystem [ 62.861570][ T60] usb 7-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00 [ 62.870764][ T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.879934][ T60] usb 7-1: config 0 descriptor?? [ 62.886282][ T353] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 62.886879][ T2667] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 63.035214][ T283] ------------[ cut here ]------------ [ 63.040744][ T283] WARNING: CPU: 0 PID: 283 at fs/inode.c:335 drop_nlink+0xc5/0x110 [ 63.048879][ T283] Modules linked in: [ 63.052812][ T283] CPU: 0 PID: 283 Comm: syz-executor Not tainted syzkaller #0 [ 63.060539][ T283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 63.070774][ T283] RIP: 0010:drop_nlink+0xc5/0x110 [ 63.075943][ T283] Code: 1b 48 8d bb b8 04 00 00 be 08 00 00 00 e8 03 ea f0 ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 fb 73 ac ff <0f> 0b eb 86 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5e ff ff ff 4c [ 63.095721][ T283] RSP: 0018:ffffc90006a77c38 EFLAGS: 00010293 [ 63.101834][ T283] RAX: ffffffff81c3ac05 RBX: ffff888131d28bd8 RCX: ffff88810bdd3cc0 [ 63.109968][ T283] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 63.118082][ T283] RBP: ffffc90006a77c60 R08: 0000000000000004 R09: 0000000000000003 [ 63.126202][ T283] R10: fffff52000d4ef78 R11: 1ffff92000d4ef78 R12: dffffc0000000000 [ 63.134221][ T283] R13: 1ffff110263a5184 R14: ffff888131d28c20 R15: 0000000000000000 [ 63.142306][ T283] FS: 000055558d2d7500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 63.151306][ T283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.157958][ T283] CR2: 000055558d2fa4e8 CR3: 0000000126c44000 CR4: 00000000003506b0 [ 63.165995][ T283] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 63.174016][ T283] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 63.182213][ T283] Call Trace: [ 63.185747][ T283] [ 63.188709][ T283] shmem_rmdir+0x5b/0x90 [ 63.192997][ T283] vfs_rmdir+0x393/0x500 [ 63.197324][ T283] incfs_kill_sb+0x105/0x220 [ 63.202047][ T283] deactivate_locked_super+0xb5/0x120 [ 63.207496][ T283] deactivate_super+0xaf/0xe0 [ 63.212218][ T283] cleanup_mnt+0x45f/0x4e0 [ 63.216711][ T283] __cleanup_mnt+0x19/0x20 [ 63.221254][ T283] task_work_run+0x1db/0x240 [ 63.225927][ T283] ? __cfi_task_work_run+0x10/0x10 [ 63.231079][ T283] ? __x64_sys_umount+0x125/0x160 [ 63.236183][ T283] ? __cfi___x64_sys_umount+0x10/0x10 [ 63.241594][ T283] exit_to_user_mode_loop+0x9b/0xb0 [ 63.246846][ T283] exit_to_user_mode_prepare+0x87/0xd0 [ 63.252329][ T283] syscall_exit_to_user_mode+0x1a/0x30 [ 63.257956][ T283] do_syscall_64+0x58/0xa0 [ 63.262404][ T283] ? clear_bhb_loop+0x30/0x80 [ 63.267146][ T283] ? clear_bhb_loop+0x30/0x80 [ 63.271956][ T283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.277912][ T283] RIP: 0033:0x7f9ae3b909f7 [ 63.282371][ T283] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 63.302283][ T283] RSP: 002b:00007ffe61a1a9c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 63.310761][ T283] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f9ae3b909f7 [ 63.318878][ T283] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe61a1aa80 [ 63.326910][ T283] RBP: 00007ffe61a1aa80 R08: 0000000000000000 R09: 0000000000000000 [ 63.335377][ T283] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe61a1bb10 [ 63.343379][ T283] R13: 00007f9ae3c11d7d R14: 000000000000f619 R15: 00007ffe61a1bb50 [ 63.344618][ T60] ryos 0003:1E7D:3138.0011: unknown main item tag 0x0 [ 63.351449][ T283] [ 63.361218][ T283] ---[ end trace 0000000000000000 ]--- [ 63.366956][ T283] ================================================================== [ 63.375037][ T283] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60 [ 63.381385][ T283] Write of size 4 at addr 0000000000000170 by task syz-executor/283 [ 63.389366][ T283] [ 63.391696][ T283] CPU: 0 PID: 283 Comm: syz-executor Tainted: G W syzkaller #0 [ 63.400644][ T283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 63.410701][ T283] Call Trace: [ 63.413984][ T283] [ 63.416919][ T283] __dump_stack+0x21/0x24 [ 63.421307][ T283] dump_stack_lvl+0xee/0x150 [ 63.426089][ T283] ? __cfi_dump_stack_lvl+0x8/0x8 [ 63.431122][ T283] ? ihold+0x20/0x60 [ 63.435019][ T283] ? ihold+0x20/0x60 [ 63.438921][ T283] print_report+0x3d/0x60 [ 63.443258][ T283] kasan_report+0x122/0x150 [ 63.447772][ T283] ? ihold+0x20/0x60 [ 63.451682][ T283] kasan_check_range+0x280/0x290 [ 63.456631][ T283] __kasan_check_write+0x14/0x20 [ 63.461599][ T283] ihold+0x20/0x60 [ 63.465320][ T283] vfs_rmdir+0x25f/0x500 [ 63.469572][ T283] incfs_kill_sb+0x105/0x220 [ 63.474171][ T283] deactivate_locked_super+0xb5/0x120 [ 63.479561][ T283] deactivate_super+0xaf/0xe0 [ 63.484249][ T283] cleanup_mnt+0x45f/0x4e0 [ 63.488674][ T283] __cleanup_mnt+0x19/0x20 [ 63.493091][ T283] task_work_run+0x1db/0x240 [ 63.497688][ T283] ? __cfi_task_work_run+0x10/0x10 [ 63.502810][ T283] ? __x64_sys_umount+0x125/0x160 [ 63.508191][ T283] ? __cfi___x64_sys_umount+0x10/0x10 [ 63.513576][ T283] exit_to_user_mode_loop+0x9b/0xb0 [ 63.518778][ T283] exit_to_user_mode_prepare+0x87/0xd0 [ 63.524253][ T283] syscall_exit_to_user_mode+0x1a/0x30 [ 63.529723][ T283] do_syscall_64+0x58/0xa0 [ 63.534241][ T283] ? clear_bhb_loop+0x30/0x80 [ 63.538927][ T283] ? clear_bhb_loop+0x30/0x80 [ 63.543617][ T283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.549522][ T283] RIP: 0033:0x7f9ae3b909f7 [ 63.553944][ T283] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 63.573574][ T283] RSP: 002b:00007ffe61a1a9c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 63.581995][ T283] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f9ae3b909f7 [ 63.590057][ T283] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe61a1aa80 [ 63.598032][ T283] RBP: 00007ffe61a1aa80 R08: 0000000000000000 R09: 0000000000000000 [ 63.606008][ T283] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe61a1bb10 [ 63.613981][ T283] R13: 00007f9ae3c11d7d R14: 000000000000f619 R15: 00007ffe61a1bb50 [ 63.621983][ T283] [ 63.625001][ T283] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 63.636973][ T60] ryos 0003:1E7D:3138.0011: item fetching failed at offset 3/5 [ 63.644952][ T60] ryos 0003:1E7D:3138.0011: parse failed [ 63.650797][ T60] ryos: probe of 0003:1E7D:3138.0011 failed with error -22 [ 63.659913][ T60] usb 7-1: USB disconnect, device number 2 [ 63.668425][ T283] Disabling lock debugging due to kernel taint [ 63.674816][ T283] BUG: kernel NULL pointer dereference, address: 0000000000000170 [ 63.682634][ T283] #PF: supervisor write access in kernel mode [ 63.688717][ T283] #PF: error_code(0x0002) - not-present page [ 63.694724][ T283] PGD 13199c067 P4D 13199c067 PUD 0 [ 63.700133][ T283] Oops: 0002 [#1] PREEMPT SMP KASAN [ 63.705357][ T283] CPU: 1 PID: 283 Comm: syz-executor Tainted: G B W syzkaller #0 [ 63.714318][ T283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 63.724408][ T283] RIP: 0010:ihold+0x26/0x60 [ 63.728996][ T283] Code: 33 36 7c df 55 48 89 e5 41 56 53 48 89 fb e8 61 6b ac ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 40 e1 f0 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 51 [ 63.748647][ T283] RSP: 0018:ffffc90006a77c78 EFLAGS: 00010246 [ 63.754751][ T283] RAX: ffff88810bdd3c00 RBX: 0000000000000000 RCX: ffff88810bdd3cc0 [ 63.762780][ T283] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 63.770941][ T283] RBP: ffffc90006a77c88 R08: dffffc0000000000 R09: fffffbfff0f2d8fd [ 63.778968][ T283] R10: fffffbfff0f2d8fd R11: 1ffffffff0f2d8fc R12: ffff888131d28be4 [ 63.787047][ T283] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000 [ 63.795029][ T283] FS: 000055558d2d7500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 63.803964][ T283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 63.810544][ T283] CR2: 0000000000000170 CR3: 0000000126c44000 CR4: 00000000003506a0 [ 63.818520][ T283] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 63.826492][ T283] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 63.834482][ T283] Call Trace: [ 63.837811][ T283] [ 63.840751][ T283] vfs_rmdir+0x25f/0x500 [ 63.845007][ T283] incfs_kill_sb+0x105/0x220 [ 63.849617][ T283] deactivate_locked_super+0xb5/0x120 [ 63.854994][ T283] deactivate_super+0xaf/0xe0 [ 63.859695][ T283] cleanup_mnt+0x45f/0x4e0 [ 63.864116][ T283] __cleanup_mnt+0x19/0x20 [ 63.868531][ T283] task_work_run+0x1db/0x240 [ 63.873127][ T283] ? __cfi_task_work_run+0x10/0x10 [ 63.878249][ T283] ? __x64_sys_umount+0x125/0x160 [ 63.883288][ T283] ? __cfi___x64_sys_umount+0x10/0x10 [ 63.888676][ T283] exit_to_user_mode_loop+0x9b/0xb0 [ 63.893885][ T283] exit_to_user_mode_prepare+0x87/0xd0 [ 63.899346][ T283] syscall_exit_to_user_mode+0x1a/0x30 [ 63.904826][ T283] do_syscall_64+0x58/0xa0 [ 63.909246][ T283] ? clear_bhb_loop+0x30/0x80 [ 63.913929][ T283] ? clear_bhb_loop+0x30/0x80 [ 63.918700][ T283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 63.924602][ T283] RIP: 0033:0x7f9ae3b909f7 [ 63.929369][ T283] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 63.949019][ T283] RSP: 002b:00007ffe61a1a9c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 63.957438][ T283] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f9ae3b909f7 [ 63.965414][ T283] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe61a1aa80 [ 63.973392][ T283] RBP: 00007ffe61a1aa80 R08: 0000000000000000 R09: 0000000000000000 [ 63.981452][ T283] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe61a1bb10 [ 63.989545][ T283] R13: 00007f9ae3c11d7d R14: 000000000000f619 R15: 00007ffe61a1bb50 [ 63.997623][ T283] [ 64.000737][ T283] Modules linked in: [ 64.004649][ T283] CR2: 0000000000000170 [ 64.008801][ T283] ---[ end trace 0000000000000000 ]--- [ 64.014251][ T283] RIP: 0010:ihold+0x26/0x60 [ 64.018760][ T283] Code: 33 36 7c df 55 48 89 e5 41 56 53 48 89 fb e8 61 6b ac ff 48 8d bb 70 01 00 00 be 04 00 00 00 e8 40 e1 f0 ff 41 be 01 00 00 00 44 0f c1 b3 70 01 00 00 41 ff c6 bf 02 00 00 00 44 89 f6 e8 51 [ 64.038374][ T283] RSP: 0018:ffffc90006a77c78 EFLAGS: 00010246 [ 64.044459][ T283] RAX: ffff88810bdd3c00 RBX: 0000000000000000 RCX: ffff88810bdd3cc0 [ 64.052450][ T283] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 64.060426][ T283] RBP: ffffc90006a77c88 R08: dffffc0000000000 R09: fffffbfff0f2d8fd [ 64.068400][ T283] R10: fffffbfff0f2d8fd R11: 1ffffffff0f2d8fc R12: ffff888131d28be4 [ 64.076372][ T283] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000000 [ 64.084343][ T283] FS: 000055558d2d7500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 64.093279][ T283] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 64.099863][ T283] CR2: 0000000000000170 CR3: 0000000126c44000 CR4: 00000000003506a0 [ 64.107838][ T283] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 64.115925][ T283] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 64.123904][ T283] Kernel panic - not syncing: Fatal exception [ 64.130247][ T283] Kernel Offset: disabled [ 64.134568][ T283] Rebooting in 86400 seconds..