last executing test programs: 3m35.281495312s ago: executing program 2 (id=1632): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="300000002e000305000000000000000020000080080000000000000008000000", @ANYRES32, @ANYBLOB="0c000f00000012"], 0x30}], 0x1}, 0x0) 3m35.273062783s ago: executing program 2 (id=1634): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10, &(0x7f00000001c0)=0x7, 0x4) 3m35.147098394s ago: executing program 2 (id=1638): r0 = userfaultfd(0x80001) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, 0x0) 3m34.963292098s ago: executing program 2 (id=1641): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4002, &(0x7f0000000140)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x5}}, {@delalloc}, {@errors_remount}]}, 0x1, 0x7a2, &(0x7f0000000f80)="$eJzs3ctrG9caAPBvZDuOk9xrX7hwb7oyFFpDiFynbtJCFyldlEIDgXbdxMiKSS1bwZJDbAxNKIVuCn0tCu0m6z7SXbd9bNv/oouS0IcTmtJFcRlp5Ki25CipJRn8+8HY58xD53w6M2fOaAYpgH1rPP2TizgaEe8kEaPZ/CQihmqpwYjT9fXurq8V0imJjY2Xf0lq69xZXytE0zapw1nm/xHxzZsRx3Lby62srM7PlErFpSw/WV24NFlZWT1+cWFmrjhXXDw5NT194tRTp07uXqy/fb965Na7Lzz++ek/3vjfjbe/TeJ0HMmWNcexW8ZjPHtPhtK38G+e3+3C+izpdwV4KOmhOVA/yuNojMZALdXGSC9rBgB0ywYAsA8lxgAAsM80Pge4s75WaEz9/USit356LiIO1uNv3N+sLxnM7tkdrN0HPXQnqd0ZadwdSSJibBfKH4+Ij7989dN0iqwd3EsDeuHqtYg4Pza+vf9Ptj2zkNl4fTM5vONrP7HTwo36tuNbZu+38w/001fp+OfpVuO/3Ob4J5rGPw3DLY7dh3H/4z93cxeKaSsd/z3b9Gzb3ab4M2MDWe5ftTHfUHLhYqmY9m3/joiJGBpO81O1VTdHbsnVpjImbv95u135zeO/X9977ZO0/PT/vTVyNwe3dLOzM9WZXQk+jf9axCODreJPNts/afHoTzrvbIdlvPjMWx+1W5bGn8bbmLbH310b1yMea9n+90bhyY7PJ07WdofJxk7Rwhc/fHioXfnN7Z9OafmNa4FeSNs/rVzSPv6xpPl5zcqDl/Hd9dGv2y27f/yt9/8DySu19IFs3pWZanVpKuJA8tL2+SfubdvIN9ZP4594tPXxXy+2vv9v7f/Sa8LzHcY/eOvnzx4+/u5K45/def/f0v4Pnrhxd36gXfmdtf90LTWRzemk/+u0gv/kvQMAAAAAAAAAAAAAAAAAAAAAAACATuUi4kgkufxmOpfL5+u/4f3fOJQrlSvVYxfKy4uzUfut7LEYyjW+6nK06ftQp7Lvw2/kT2zJPxkR/4mID4ZHavl8oVya7XfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJA53Ob3/1M/Dve7dgBA1xzsdwUAgJ5z/geA/efBzv8jXasHANA7rv8BYP/p+Px/vrv1AAB6x/U/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXXb2zJl02vh9fa2Q5mcvryzPly8fny1W5vMLy4V8obx0KT9XLs+VivlCeWFzw/e3vNDV+r9SuXxpOhaXr0xWi5XqZGVl9dxCeXmxeu7iwsxc8VxxqKfRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBnKiur8zOlUnFJYsfEyN6oxp5JDMaeqIZE1xLNvcRI/zooAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD3urwAAAP//mFguzQ==") mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file1\x00', &(0x7f0000000040), 0x8000, 0x0) 3m34.611514783s ago: executing program 2 (id=1648): r0 = timerfd_create(0x0, 0x80000) timerfd_settime(r0, 0x1, &(0x7f0000000080)={{}, {0x0, 0x3938700}}, 0x0) 3m34.409383856s ago: executing program 2 (id=1651): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@lazytime}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 3m34.244274748s ago: executing program 32 (id=1651): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@lazytime}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1m33.059351955s ago: executing program 5 (id=4443): socketpair$unix(0x1, 0x2, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]}) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3) 1m33.012413466s ago: executing program 5 (id=4444): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000000000)=0x3, 0x4) recvfrom(r0, 0x0, 0x0, 0x1, 0x0, 0x0) 1m32.937713487s ago: executing program 5 (id=4447): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) getitimer(0x0, &(0x7f0000001300)) 1m32.826373099s ago: executing program 5 (id=4451): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x120044e, &(0x7f0000000340)={[{@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1002, 0x0, 0x9, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 1m32.650965901s ago: executing program 5 (id=4456): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x7c7, 0x7ff, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x80, 0x4, 0x0, @loopback, @rand_addr=0x64010101}}}}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f3, &(0x7f0000000000)={'syztnl0\x00', &(0x7f0000000040)={'ip_vti0\x00', 0x0, 0x0, 0x700, 0x4000000, 0x2, {{0x5, 0x4, 0x0, 0x16, 0x14, 0xfffd, 0x0, 0x1, 0x4, 0x0, @loopback, @rand_addr=0x64010100}}}}) 1m32.369631886s ago: executing program 5 (id=4464): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x15, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000100000000000000000000009500000000000000"], &(0x7f00000005c0)='GPL\x00'}, 0x80) setsockopt$sock_attach_bpf(r0, 0x1, 0x34, &(0x7f0000000180)=r1, 0x4) 1m32.300041797s ago: executing program 33 (id=4464): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x15, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000100000000000000000000009500000000000000"], &(0x7f00000005c0)='GPL\x00'}, 0x80) setsockopt$sock_attach_bpf(r0, 0x1, 0x34, &(0x7f0000000180)=r1, 0x4) 24.918961247s ago: executing program 0 (id=5689): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 24.796327028s ago: executing program 0 (id=5692): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='scsi_dispatch_cmd_start\x00', r1}, 0x18) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 24.7118336s ago: executing program 0 (id=5694): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x90) ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f00000000c0)={0xfffffff8, 0x401, 0xfffffffd, 0x7ff, 0x7, "0441920887e87fcb367800000000080100", 0x4, 0x200}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0x8) 24.617444821s ago: executing program 0 (id=5697): syz_mount_image$exfat(&(0x7f0000006c00), &(0x7f0000001b40)='./file0\x00', 0x208008de, &(0x7f0000001b80)=ANY=[@ANYBLOB='utf8,errors=continue,namecase=1,utf8,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000077,umask=00000000000000000005676,uid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX=0x0, @ANYBLOB="2c000ca8768ddddc191573cbd33da79641936c9de64e264f331d1b50f4c4f54702f51dcbddb39c14c19175f07a639bb65ea608fbf6fadf5d8da30ace1281bed3e61b084526e10dbe921dad84fbcabc5791f52445cb76b789ed377aa0cd17309c4df04d525e8af05fb246b33836d90656cd2daa991b916be40df3bd607ae5672e1bb90730d0ff03000000000000c5f0cf287ea707c1fc66165f74e7d8a78c37a4b86907cec1df06da3611f616718d88770a2520ceb039bc06ef4d1183"], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3Au4T9XWMPAx5pyLbSf928lls8Yci3/amCRJLgm5JEmSJLklJCRJQmKTWxKSkHuSe0guO3Zyv99yT5Ij7SQJyS3M79Hp/Zz3dN7T936n7/M+Z4/f88zHHNZ/jP9Ye+xnr7X+z7P3952HVmtQvXI9ZoZ/Cf71n1QASACAAQBwAwAEAFAqqVTSlePZNKb+a28i/lyPzrjWHYhrSeafucn8MzeZf+Ym88/cZP6Zm8w/c5P5Z24yfyEys20z894oK/Mu+fw/M5Pr/7+RjGLjvt5Q7OYu/40UmX/mJvP/N5f1nx+W+WduMv/MTeafucn8//1V+ifHZP6Zm8xfiMzsWn/+LOvarmv9/SeEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQInM4568yAPAf+2vdlxBCCCGEEEIIIf48Puu17kAIIYQQQgghhBD/7yEo0GAggCyQFRIgGyTCdZAdrocccAPE4EZIgpsgJ9wMuSA35IG8kAz5ID+EQGCBIYICUBDicAsUglshBQpDESgKDopBcbgNSsDtUBLugFJwJ5SGu6AMlIVyUB7uhgpwD1SESlAZ7oUqUBWqQXW4D2rA/VATHoBa8CDUhoegDjwMdeERqAePQn14DBrA49AQnoBG0BiaQFNo9n+V/zJ0h1egB/SEVOgFveFV6AN9oR/0hwHwGgyE12EQvAGDYQgMhTdhGLwFw+FtGAEjYRS8A6NhDIyFcTAeJsBEeBcmwXswGd6HKTAVpsF0mAEzYRZ8ALNhDsyFD2EefATzYQEshEWQBh/DYlgC6fAJLIVPYRkshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG3wG22EH7IRdsBv2wF74HPbBF7AfvoQD8NV/M//s3+V3QUBAhQoNGsyCWTABEzAREzE7ZsccmANjGMMkTMKcmBNzYS7Mg3kwGZMxP+ZHQkJGxgJYAOMYx0JYCFMwBYtgEXTosDgWxxJ4O5bEklgKS2FpLI1lsCyWxfJYHitgBayIFbEyVsYqWAWrYTW8D+/D+7Em1sRaWAtrY22sg3WwLtbFelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBdtgO22N77IAdsCN2xE7YCTtjZ+yCXbErvowv4yv4CvbEKqoX9sbe2Af7YD/sj/3xNRyIr+Pr+AYOxiE4FN/EN/EtHI5ncASOxFE4CiuoMTgWxyGrCTgRJ+IknISTcTJOwak4FafjDJyJs3AWzsY5OAc/xHn4EX6EC3ABLsI0TMPFuATTMR2X4llchstxBa7EVbgaV+FaXIdrcQNuxA24GTfjVtyKn+FnuAN34C7chXtwD36On+MX+AUOxgN4AA/iQTyEh/AwHsYMzMAjeASP4lE8hsfwOB7HE3gST+FJPI2n8QyexXN4Di/gBbyILyZ/W39P4fWDQV1hlFFZVBaVoBJUokpU2VV2lUPlUDEVU0kqSeVUOVUulUvlUXlUskpW+VV+RYoUq0gVUAUSAEAVUoVUikpRRVQR5ZRTxVVxVUKVUCVVSVVK3alKq7tUGVVWtXTlVXlVQbVyFVUlVVlVVlVUVVVNVVfVVQ1VQ9VUNVUtVUvVVrVVHfWwqqt6YT98VF2ZTAM1BBuqodhINVZNVFP1Fj6pmqvh2EK1VK3U02okjsA2qrlrp55V7dVY7KCeV+PwBdVJTcDO6iXVRXVV3dTLqrtq4XqonmoK9lK91XTso/qqfqq/mo1V1ZWJVVNvqMFqiBqq3lSL8C01XL2tRqiRapR6R41WY9RYNU6NVxPURPWumqTeU5PV+2qKmqqmqelqhpqpZqkP1Gw1R81VH6p56iM1Xy1QC9UilaY+VovVEpWuPlFL1adqmVquVqiVapVardaotWqdWq82qI1qk9qstqitapv6TG1XO9ROtUvtVnvUXvW52qe+UPvVl+qA+kodVH9Rh9TX6rD6RmWob9UR9Z06qr5Xx9QP6rj6UZ1QJ9Up9ZM6rX5WZ9RZdU6dVxfUL+qiuqQuK69Ao1Zaa6MDnUVn1Qk6m07U1+ns+nqdQ9+gY/pGnaRv0jn1zTqXzq3z6Lw6WefT+XWoSVvNOtIFdEEd17foQvpWnaIL6yK6qHa6mC6ub9Ml9O26pL5Dl9J36tL6Ll1Gl9XldHl9t66g79EVdSVdWd+rq+iqupquru/TNfT9uqZ+QNfSD+ra+iFdRz+s6+pHdD39qK6vH9MN9OO6oX5CN9KNdRPdVDfTT+rm+indQrfUrfTTurV+RrfRbXU7/axur5/THfTzuqN+QXfSL+rO+iXdRXfV3fQlfVl73UP31Km6l+6tX9V9dDr00/31AP2aHqhf14P0G3qwHqKH6jf1MP2WHq7f1iP0SD1Kv6NH6zF6rB6nx+sJeqJ+V0/S7+nJ+n09RU/V0/R0PUPP1P1+qzT37/J7/XbV/dv89/5B/qBf332r3qY/09v1Dr1T79K79R69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WGTpDH9FH9FF9VB/Tx/RxfVyf0Cf1ef2TPq1/1mf0WX1Wn9cX9AV98bevARg0ymhjTGCymKwmwWQzieY6k91cb3KYG0zM3GiSzE0mp7nZ5DK5TR6T1ySbfCa/CQ0Za9hEpoApaOLmFlPI3GpSTGFTxBQ1zhQzxc1t/3L+H/XXzDQzzU1z08K0MK1MK9PatDZtTBvTzrQz7U1708F0MB1NR9PJdDKdTWfTxXQx3Uw30910Nz1MD5NqUk1v86rpY/qafqa/GWBeMwPNQDPIDDKDzWAz1Aw1w8wwM9wMNyPMCDPKjDKjzWgz1ow14814M9FMNJPMJDPZTDZTzBQzzUwzM8wMM8vMMrPNbDPXzDXzzDwz38w3C81Ck2bSzGKz2KSbdLPULDXLzHKz3Kw0K81qs9qsNWvNerPebDQbzWaz2Swz28w2s91sNzvNTrPb7DZ7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWGTYTLMEXPEHDVHzTFzrNdxc9ycMCfMKXPKnDanzRlzxpwz58wFc8FcNBfNZXP5ym1foAIVmMAEWYIsQUKQECQGiUH2IHuQI8gRxIJYkBQkBTmDm4NcQe4gT5A3SA7yBfmDMKDABhxEQYGgYBAPbgkKBbcGKUHhoEhQNHBBsaB4cFtQIrg9KBncEZQK7gxKB3cFZYKyQbmgfHB3UCG4J6gYVAoqB/cGVYKqQbWgenBfUCO4P6gZPBDUCh4MagcPBXWCh4O6wSNBveDRoH7wWNAgeDxoGDwRNAoaB02CpkGzP7W+92dyP+V6hD3D1LBX2Dt8NewT9g37hf3DAeFr4cDw9XBQ+EY4OBwSDg3fDIeFb4XDw7fDEeHIcFT4Tjg6HKMBIBwfTggnhu+Gk8L3wsnh++GUcGo4LZwezghnhrPCD8LZ4ZxwbvhhOC/8KJwfLggXhovCtPDjcHG4JEwPPwmXhp+Gy8Ll4YpwZbgqXH3+RoBwXbg+3BBuDDeFm8Mt4dZwW/hZuD3cEe4Md4W7wz3h3vDzcF/4Rbg//DI8EH4VHgz/Eh4Kvw4Ph9+EGeG34ZHwu/Bo+H14LPwhPB7+GJ4IT4anwp/C0+HP4ZnwbHguPB9eCH8JL4aXwsuhv3Jzf+XyToYMZaEslEAJlEiJlJ2yUw7KQTGKURIlUU7KSbkoF+WhPJRMyZSf8tMVTEwFqADFKU6FqBClUAoVoSLkyFFxKk4lqASVpJJUikpRaSpNZagMlaNydDfdTffQPVSJKtG9dC9VpapUnapTDapBNakm1aJaVJtqUx2qQ3WpLtWjelSf6lMDakANqSE1okbUhJpQM2pGzak5taAW1IpaUWtqTW2oDbWjdtSe2lMH6kAdqSN1ok7UmTpTF+pC3agbdafu1IN6UCqlUm/qTX2oD/WjfjSABtBAGkiDaBANpsE0lIbSMBpGw2k4jaCRNIreodE0hsbSOBpPE2giTaRJNIkm02SaQlNoGk2jGTSDZtEsmk2zaS7NpXk0j+bTfFpICymN0mgxLaZ0SqeltJSW0TJaQStoFa2iNbSG1tE62kAbaBNtoi20hbbRNtpO22kn7aTdtJv20l7aR/toP+2nA3SADtJBOkSH6DAdpgzKoCN0hI7SUTpGx+g4HacTdIJO0Sk6TafpDJ2hc3SOLtAvdJEu0WXylGAVJNrrbHZ7vc1hb7AJNpv92ziPzWuTbT6b34Y2l839n2Ky1qbYwraILWqdLWaL29t+F5exZW05W97ebSvYe2zF38U17P22pn3A1rIP2ur2vt/irL/Gte1Dto593Na1T9h6trGtb5vaBvZx29A+YRvZxraJbWpb22dsG9vWtrPP2vb2ud/Fi+0Su86utxvsRrvPfmHP2fP2qP3eXrC/2B62px1gX7MD7et2kH3DDrZDfhePsu/Y0XaMHWvH2fF2wu/iaXa6nWFn2ln2AzvbzvldnGY/tvNsup1vF9iFdtGv8ZWe0u0ndqn91C6zy+0Ku9KusqvtGrv2f/e60m62W+xWu9d+brfbHXan3WV32z2/xlfOY7/90h6wX9kj9jt7yH5tD9tjNsN++2t85fyO2R/scfujPWFP2lP2J3va/mzP2LO/nv+Vc//JXrKXrbfAyIo1Gw44C2flBM7GiXwdZ+frOQffwDG+kZP4Js7JN3Muzs15OC8ncz7OzyETW2aOuAAX5DjfwoX4Vk7hwlyEi7LjYlycb+MSfDuX5Du4FN/JpfkuLsNluRyX57u5At/DFbkSV+Z7uQpX5Wpcne/jGnw/1+QHuBY/yLX5Ia7DD3NdfoTr8aNcnx/jBvw4N+QnuBE35ibclJvxk9ycn+IW3JJb8dPcmp/hNtyW2/Gz3J6f4w78PHfkF7gTv8id+SXuwl25G7/M3fkV7sE9OZV7cW9+lftwX+7H/XkAv8YD+XUexG/wYB7CQ/lNHsZv8XB+m0fwSB7F7/BoHsNjeRyP5wk8kd/ls2lt81y515vCU3kaT+cZPJNn8Qc8m+fwXP6Q5/FHPJ8X8EJexGn8MS/mJZzOn/BS/pSX8XJewSt5Fa/mNbyW1/F63sAbeRNv5i28lbfxZ7ydd/BO3sW7eQ/v5c95H3/B+/lLPsBf8UH+Cx/ir/kwf8MZ/C0f4e/4KH/Px/gHPs4/8gk+yaf4Jz7NP/MZPsvn+Dxf4F/4Il/iy+wZIoxUpCMTBVGWKGuUEGWLEqProuzR9VGO6IYoFt0YJUU3RTmjm6NcUe4oT5Q3So7yRfmjMKLIRhxFUYGoYBSPbokKRbdGKVHhqEhUNHJRsah4dFtUIro9KhndEZWK7oxKR3dFZaKy0eMPlo/ujipE90QVo0pR5ejeqEpUNaoWVY/ui2pE90c1oweiWtGDUcnooahO9HBUN3okqhc9GtWPHosaRI9HDaMnokZR46hJ1DRqFj0ZNY+eilpELaNW0dNR6+iZqE3UNmoXPRu1j577w+OpUa+od/Rq9Grk/QN6YXxRPC3+cXxxfEk8Pf5JfGn80/iy+PL4ivjK+Kr46via+Nr4uvj6+Ib4xvim+Ob4lvjWuPfVs4JDp5x2xgUui8vqElw2l+iuc9nd9S6Hu8HF3I0uyd3kcrqbXS6X2+VxeV2yy+fyu9CRs45d5Aq4gi7ubnGF3K0uxRV2RVxR51wxV9w1dc1cM9fcPeVauJaulXvaPe2ecc+4tq6te9a1d8+5Du5519G94Dq5F92L7iXXxXV13dzLrrt7xfVwPV2qS3W9XW/Xx/Vx/Vw/N8ANcAPdQDfIDXKD3WA31A11w9wwN9wNdyPcCDfKjXKj3Wg31o114914N9FNdJPcJDfZTXZT3BQ3zU1zM9wMN8vNcrPdbDfXzXXzUua5+W6+W+gWujSX5ha7xS7dpbulbqlb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2ue1uu9vpdrrdbrfb6/a6fW6f2+/2uwPugDvoDrpD7pA77L5xGe5bd8R95466790x94M77n50J9xJd8r95E67n90Zd9adc+fdBfeLu+guucvOu4mxd2OTYu/FJsfej02JTY1Ni02PzYjNjM2KfRCbHZsTmxv7MDYv9lFsfmxBbGFsUSwt9nFscWxJLD32SWxp7NPYstjy2IrYytiq2OqY9/m2R76AL+jj/hZfyN/qU3xhX8QX9c4X88X9bb6Ev92X9Hf4Uv5OX9rf5cv4sr6cf8I38o19E9/UN/NP+ub+Kd/Ct/St/NO+tX/Gt/FtfTv/rG/vn/Md/PO+o3/Bd/Iv+s7+Jd/Fd/Xd/Mu+u3/F9/A9farv5Xv7V30f39f38/39AP+aH+hf94P8G36wH+KH+jf9MP+WH+7f9iP8SD/Kv+NH+zF+rB/nx/sJfqJ/10/y7/nJ/n0/xU/10/x0P8PP9LP8B362n+Pn+g/9PP+Rn+8X+IV+kU/zH/vFfolP95/4pf5Tv8wv9yv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vr/Nf+a3+x1+p9/ld/s9fq//3O/zX/j9/kt/wH/lD/q/+EP+a3/Yf+Mz/Lf+iP/OH/Xf+2P+B3/c/+hP+JP+lP/Jn/Y/+zP+rD/nz/sL/hd/0V/yl+V31oQQQggh/o/oPzje6x/8n/ptXdEbAK7fkTfj72tuyvXXfV+V3DoGAM/27Pzof6wqVVJTU3977TINQcEFABC7mp8FrsbLoRU8A+2gJZT4h/31VV0v8B/Uj98JkHi18q8S4e/r3/5f1H/y6VGLS0fnkv5J/QUAKQWv5mSDq/HV+iX/i/q5m/9B/9m+ngjQ4m9yssPV+Gr94vAUPAft/tMrhRBCCCGEEEKIv+qrynX8o+fnK8/nyeZqTla4Gv/R87kQQgghhBBCCCGuvRe6dmv7ZLt2LTvK5l/YVPyf0YZsZPOnba71TyYhhBBCCCHEn+3qTf+17kQIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhMi8/n/8ObFrfY5CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHEtfa/AgAA//9OvTcs") mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0) stat(&(0x7f0000000480)='./file0/file0\x00', 0x0) setxattr$system_posix_acl(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x2c, 0x2) 24.201813847s ago: executing program 0 (id=5701): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x9d, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000200)='%+9llu \x00'}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f00000002c0)=""/168}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000000080), 0x0}, 0x20) 23.961634521s ago: executing program 0 (id=5702): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="10000000040000000800000008"], 0x50) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 23.800826533s ago: executing program 34 (id=5702): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="10000000040000000800000008"], 0x50) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 3.198193952s ago: executing program 1 (id=6048): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000100)={[{@init_itable}, {@usrjquota}, {@quota}, {@norecovery}, {@auto_da_alloc}, {@noquota}, {@grpquota}, {@barrier_val}, {@grpjquota}, {@jqfmt_vfsold}]}, 0x49, 0x7b1, &(0x7f0000000c80)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0) getrusage(0x1, &(0x7f0000000140)) 2.839617477s ago: executing program 1 (id=6057): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) syz_mount_image$ext4(0x0, &(0x7f0000000580)='./file0\x00', 0x19560c0, 0x0, 0x0, 0x0, 0x0) faccessat2(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x3, 0x300) 2.70957176s ago: executing program 1 (id=6061): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f00000007c0)={[{@nodiscard}, {@usrjquota}, {@errors_remount}, {@sb={'sb', 0x3d, 0x2b}}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@sysvgroups}, {@minixdf}, {@barrier_val}, {@nombcache}, {}]}, 0x45, 0x7b6, &(0x7f0000001140)="$eJzs3c9rG1ceAPDvyPLPZNdeWNjNngwLu4EQeZ31JruwsF72sBQaCLSnHpoYWTGpZStYcoiNaRNKoZdCW3prLzn356X02h+HXtr/oySkrROa0kNxGf2wZVtyrMSWkubzgYne07zRe995ozcvmrEUwBNrPP0nE3EsIl5PIkbrzycR0V9NZSOma+Xura/l0yWJjY1nvkuqZe6ur+WjaZvUkXrmjxHx+SsRJzK76y2vrM7PFIuFpXp+orJweaK8snry0sLMXGGusHh6cmrq1Jl/nDn9UOENN2d++Hr16K03/v/XD6Z/evkPH772RRLTcbS+rjmOgzIe4/V90p/uwm3+d9CV9czHL+6jUNMRkD3MxtChtGP66r1yLEajb6/+Ge5mywCAw/JSRGy009d2DQDwWEtq5///9LodAEC3ND4HuLu+lm8svf1Eortu/zcihobqudr1zVo6W79mN1S9DjpyN9l2ZSSJiLEDqH88It755Pn30iUO6TokQCvXrkfEhbHx3eN/suuehU79rfXTc82Z8R0rjX/QPZ+m859/tpr/ZTbnP9Fi/jPY4r37IO7//s/cPIBq2krnf/9uurftXlP8dWN99dxvqnO+/uTipWIhHdt+GxHHo38wzU/uUcfxOz/fabeuef73/ZsvvJvWnz5ulcjczA5u32Z2pjLzMDE3u3094k/ZVvGn4/9gtf+TNvPfc/X0wH3qeOpfr77dbl0afxpvY9kd/+HauBHxl5b9n2yWSfa8P3GiejhMNA6KFj6ajpF29Y9nt/o/XdL6G/8X6Ia0/0f2jn8sab5fs7zvl968W+yrG6OftSvUfPy3jr/18T+QPFtNN469qzOVytJkxEDy9O7nT21t28g3yqfxH/9z6/d/Y/xrcfw/l77+hX3uiOytb99/8PgPVxr/bEf933Eihu7N97Wrf3/9P7Vtm/2Mf/tt4IPuNwAAAAAAAAAAAAAAAAAAAAAAAADoRCYijkaSyW2mM5lcrvYb3r+PkUyxVK6cuFhaXpyN6m9lj0V/pvFVl6NN34c6Wf8+/Eb+1I783yPidxHx1uBwNZ/Ll4qzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqOtPn9/9Q3gzsK9/WihQDAoRhyYgeAJ02Szfa6CQBAtw11VHr40NoBAHRPZ+d/AODXwPkfAJ489zn/7/wzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjUubNn02Xjx/W1fJqfvbKyPF+6cnK2UJ7PLSznc/nS0uXcXKk0Vyzk8qWFti90rfZQLJUuT8Xi8tWJSqFcmSivrJ5fKC0vVs5fWpiZK5wv9HctMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYv/LK6vxMsVhYkuhJYv7LWj88Ku2R6CwR12r996i05+ASMbA1Sgz3ZnACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAz8EgAA//99gB7t") connect$unix(0xffffffffffffffff, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) unlink(&(0x7f0000000180)='./file1\x00') 2.467528613s ago: executing program 6 (id=6068): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10) getpriority(0x1, 0x0) 2.451250874s ago: executing program 1 (id=6069): r0 = socket(0x1e, 0x805, 0x0) connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x2}}, 0x10) connect$tipc(r0, &(0x7f00000004c0)=@id={0x1e, 0x3, 0x0, {0x1}}, 0x10) close(r0) 2.417487914s ago: executing program 6 (id=6070): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x6}}]}}, 0x1, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') read$FUSE(r1, &(0x7f0000004200)={0x2020}, 0x2051) 2.332241305s ago: executing program 1 (id=6072): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2d50, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x33, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x4, 0x57, {0x57, 0x6, "a7ea3163fd3bc518194b120c1e73d54cfc4ad2841ef4f6a3fd7c59ccb785025f2e7b3504ff87cbfd10f3c080b733000000000000000800000000000000ea7a288982d5337c364daf03bd400d66293b0a2b103dd93f"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) 1.464489898s ago: executing program 6 (id=6079): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x9000, 0x2000, 0x3, &(0x7f0000ff8000/0x2000)=nil) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 1.178872823s ago: executing program 4 (id=6084): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x80, &(0x7f0000000240), 0x1, 0x50d, &(0x7f0000000980)="$eJzs3WFrI2kdAPD/TJJed7dncypynnh3eCfdQzdpr95dEbk7QfTVgXq+79U2LaVpU5p03ZZFu/gBBBEVfOUr3wh+AEH2I4iwoO9FRRHd1Ze6I0mmum2TNrttmrX9/WCa58kzM///MzSTmczDTACX1ssR8W5EFCLitYiYzN9P82m+Xdnrzvfg/u3F9pRElr3/tySS/L39dbXrxYi41l0kxiPi61+J+GZyNG5zZ3dtoV6vbeX1amt9s9rc2b2xur6wUlupbczOzrw599bcG3PTWe5U/SxHxNtf+tMPv/ezL7/9q89+6/fzf7n+7XZaX/hY8ok8vcVTBeiju+5SZ1vsa2+jrWEEG4FC3p9SYdSZAAAwiPYx/ocj4lOd4//JKHSO5gAAAICLJHtnIv6VRGQAAADAhZVGxEQkaSUfCzARaVqpdMfwfjSupvVGs/WZ5cb2xlK7LaIcpXR5tV6bzscKl6OUtOsz+Rjb/frrh+qzEfFcRPxg8kqnXlls1JdG/eMHAAAAXBLXXjp4/v/PybRTBgAAAC6Yct8KAAAAcFE45QcAAICL786oEwAAAACG6avvvdeesv3neC/d3Nlea9y8sVRrrlXWtxcri42tzcpKo7HSuWff+knrqzcam5+Lje1b1Vat2ao2d3bn1xvbG6351QOPwAYAAADO0XMv3f1dEhF7n7/SmSK/DyDAAX8cdQLAWSqMOgFgZIrtPx+MOgtgFEonzlE8lzyA0UlOaO87eOfXZ58LAAAwHFMfP3r9fyxvO/m3AeD/mbE+AHD5uLoHl1cpCk7z4ZL7UPflmX7tj3/9//CRRZY9UWIAAMCZmehMSVrJrwVORJpWKhHPdh4LWEqWV+u16fz84LeTpWfa9ZnOksmJY4YBAAAAAAAAAAAAAAAAAAAAAAAAgK4sSyIDAAAALrSI9M9J527+EVOTr04c/HXg0FO/fvL+j24ttFpbMxFjyd8n22+NRUTrx/n7r2ceCQAAAABPge55ev46M+psAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhoHty/vbg/HWgYH27cv34xIsq94hfz0ONRioir/0ii+MhySUQUziD+3p2IeL5X/CQeZllWzrPoFf/KkOOXO5umd/w0Iq6dQXy4zO629z/v9vr8pfFy57X356+YT6fVf/+X/nf/V+iz/3l2wBgv3PtFtW/8OxEvFHvvf/bjJ934SRyK/8qA8T/4xu5uv7bspxFTPb9/kgOxqq31zWpzZ/fG6vrCSm2ltjE7O/Pm3Ftzb8xNV5dX67X8b88Y3//kLx8e1/+rfeKXD/b/yPZ/dcD+//verfsf6RZLveJff6X39+/zfeKn+Xffp/Nyu31qv7zXLT/qxZ//5sXj+r/Up//jJ/T/+oD9f+1r3/3DgLMCAOegubO7tlCv17aOKYwPMM85F955OtIYUuEp3ODDLmTf6f4/nm49p1z8SCE7zeLFOIM0xh7jc3q2hVHulQAAgGH430F/u5Ylo84HAAAAAAAAAAAAAAAAAAAALqMnvEPYeEQMPPPhmHuj6SoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLH+EwAA//+uy9et") r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020) ioctl$LOOP_SET_STATUS64(0xffffffffffffffff, 0x4c04, 0x0) 965.413746ms ago: executing program 7 (id=6085): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000140)={0x1000200, 0x0, 0x80000000, 0xffff, 0x0, "4ae23ae17df2e98c69ba36c4095c911abad88f"}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0xc) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000480)=0x9) 870.663057ms ago: executing program 7 (id=6086): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0xe, 0x7fff0000}]}) close_range(r1, 0xffffffffffffffff, 0x0) 869.685297ms ago: executing program 4 (id=6087): openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 773.673059ms ago: executing program 7 (id=6088): r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_script(r0, &(0x7f00000002c0)={'#! ', './file0', [{}, {0x20, 'GPL\xf3'}]}, 0x11) close(r0) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 697.27272ms ago: executing program 4 (id=6091): r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x2, 0x3}, 0x10) sendmsg$tipc(r0, &(0x7f0000000400)={&(0x7f00000008c0), 0x58, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x20) 684.33937ms ago: executing program 7 (id=6092): r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x10) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r0, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) pread64(r1, &(0x7f0000001600)=""/4081, 0x7, 0x0) 634.81177ms ago: executing program 4 (id=6093): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) rt_sigpending(0x0, 0x0) 588.790531ms ago: executing program 7 (id=6094): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) symlink(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') readlink(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001200)=""/4096, 0x1000) 538.665312ms ago: executing program 7 (id=6095): unshare(0x2040400) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) ppoll(&(0x7f0000000180)=[{r0}], 0x1, 0x0, 0x0, 0x0) 488.419013ms ago: executing program 3 (id=6096): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x2}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) 425.848484ms ago: executing program 4 (id=6097): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='defconfined']) 412.904104ms ago: executing program 6 (id=6098): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0xc0010020, 0x0, 0x5}]}) 318.087126ms ago: executing program 3 (id=6099): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.cpu_exclusive\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x6d276b17) 313.656175ms ago: executing program 4 (id=6100): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff}, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x8000, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 264.243046ms ago: executing program 3 (id=6101): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0xfffffffd, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000f00000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000891}, 0x0) 246.586607ms ago: executing program 6 (id=6102): timer_create(0x2, 0x0, &(0x7f0000000100)) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) mlockall(0x7) munlockall() 215.167957ms ago: executing program 3 (id=6103): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0) recvmmsg(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)=""/130, 0x82}, {&(0x7f0000000000)=""/44, 0x2c}, {&(0x7f0000000200)=""/83, 0x53}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000000280)=""/70, 0x46}, {&(0x7f0000001380)=""/74, 0x4a}, {&(0x7f0000001400)=""/143, 0x8f}, {&(0x7f00000014c0)=""/94, 0x5e}], 0x8}, 0x6e04}, {{0x0, 0x0, &(0x7f0000002b40)=[{&(0x7f0000001780)=""/171, 0xab}, {&(0x7f00000000c0)=""/39, 0x27}, {&(0x7f0000001840)=""/82, 0x52}, {&(0x7f0000001940)=""/170, 0xaa}, {&(0x7f0000001a00)=""/77, 0x4d}, {&(0x7f0000001a80)=""/157, 0x9d}, {&(0x7f0000001b40)=""/4096, 0x1000}], 0x7}, 0x1}], 0x3, 0x0, 0x0) 166.712238ms ago: executing program 3 (id=6104): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'erspan0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d61637365630000140002800500060000000000050007000000000008000500", @ANYRES32=r1], 0x4c}}, 0x0) 126.796819ms ago: executing program 3 (id=6105): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f00000003c0)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@noauto_da_alloc}, {@dioread_nolock}, {@test_dummy_encryption}, {@nobarrier}, {@nojournal_checksum}, {@inlinecrypt}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xba6, &(0x7f0000000c00)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r") chdir(&(0x7f0000000240)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x1, 0x1000, 0x1, &(0x7f0000000080)='\b', 0x0, 0x0, 0x0}) 17.23532ms ago: executing program 1 (id=6106): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x100000) 0s ago: executing program 6 (id=6107): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x5, '\x00', 0x0, 0x0}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f00000002c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='signal_deliver\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) kernel console output (not intermixed with test programs): 947][T10709] EXT4-fs error (device loop6) in ext4_orphan_cleanup:3108: error 27 [ 259.471595][T10714] EXT4-fs error (device loop4): ext4_free_blocks:5685: comm syz.4.4708: Freeing blocks not in datazone - block = 0, count = 4096 [ 259.486019][T10709] EXT4-fs (loop6): 1 truncate cleaned up [ 259.496024][T10709] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 259.545251][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 259.560191][T10714] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.4708: Invalid inode bitmap blk 0 in block_group 0 [ 259.573293][ T9] Quota error (device loop4): remove_tree: Getting block too big (0 >= 9) [ 259.573424][T10714] EXT4-fs error (device loop4) in ext4_free_inode:360: Corrupt filesystem [ 259.591089][T10714] EXT4-fs (loop4): 1 orphan inode deleted [ 259.612470][ T9] EXT4-fs error (device loop4): ext4_release_dquot:6262: comm kworker/u4:1: Failed to release dquot type 0 [ 259.624164][T10714] EXT4-fs (loop4): mounted filesystem without journal. Opts: ; ,errors=continue [ 259.670192][ T297] udevd[297]: symlink '../../loop4' '/dev/disk/by-label/syzkal\xff\xff\xff\xff\xff\xff\xff\x7f.tmp-b7:4' failed: Read-only file system [ 259.747630][T10709] EXT4-fs (loop6): re-mounted. Opts: (null) [ 259.756596][T10709] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended [ 259.776707][T10709] EXT4-fs (loop6): re-mounted. Opts: [ 260.010893][ T649] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 260.066071][T10642] F2FS-fs (loop3): Test dummy encryption mode enabled [ 260.080962][T10642] F2FS-fs (loop3): invalid crc value [ 260.118160][T10642] F2FS-fs (loop3): Found nat_bits in checkpoint [ 260.223756][ T2444] udevd[2444]: symlink '../../loop3' '/dev/disk/by-uuid/36fde3fc-a519-493c-8baa-e32931e9a89c.tmp-b7:3' failed: Read-only file system [ 260.278225][T10747] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 260.299634][ T649] usb 2-1: Using ep0 maxpacket: 16 [ 260.360936][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-uuid/36fde3fc-a519-493c-8baa-e32931e9a89c.tmp-b7:3' failed: Read-only file system [ 260.449055][ T649] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 260.497575][ T649] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 260.522015][ T649] usb 2-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00 [ 260.542278][ T649] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.588946][ T649] usb 2-1: config 0 descriptor?? [ 260.838333][ T2444] udevd[2444]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 260.887005][T10762] EXT4-fs (loop6): mounted filesystem without journal. Opts: nodiscard,noinit_itable,barrier=0x0000000000000040,grpjquota=,errors=remount-ro,init_itable, [ 261.026552][ T24] audit: type=1400 audit(476.737:795): avc: denied { setattr } for pid=10761 comm="syz.6.4727" name=".pending_reads" dev="loop6" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 261.092367][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x6 [ 261.105377][ T649] apple 0003:05AC:024B.000F: ignoring exceeding usage max [ 261.138163][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.165235][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.172244][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.208003][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.214977][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.229379][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.240294][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.251027][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.268849][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.275852][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.293547][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.325361][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.326058][ T24] audit: type=1326 audit(477.018:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10772 comm="syz.3.4724" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8a31a11929 code=0x0 [ 261.347010][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.368370][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.389227][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.396889][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.411114][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.418068][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.427066][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.436367][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.444074][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.451090][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.458758][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.465984][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.472987][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.480279][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.487506][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.494480][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.501837][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.509042][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.516057][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.537779][ T649] apple 0003:05AC:024B.000F: unknown main item tag 0x0 [ 261.547524][ T649] apple 0003:05AC:024B.000F: hidraw0: USB HID v0.00 Device [HID 05ac:024b] on usb-dummy_hcd.1-1/input0 [ 261.603711][ T649] usb 2-1: USB disconnect, device number 31 [ 261.623341][T10779] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 261.680663][T10779] EXT4-fs (loop0): 1 truncate cleaned up [ 261.699234][T10779] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota, [ 261.751029][ C1] print_req_error: 217 callbacks suppressed [ 261.751063][ C1] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 261.768007][ C1] buffer_io_error: 186 callbacks suppressed [ 261.768029][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 261.782180][ C1] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 261.793149][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 261.802917][T10784] loop9: unable to read partition table [ 261.828814][T10784] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 261.828814][T10784] ) failed (rc=-5) [ 261.831133][T10781] fido_id[10781]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 261.857144][ C1] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 261.868093][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 261.877681][ C1] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 261.888651][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 261.939878][ C1] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 261.950852][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 261.966529][ C1] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 261.977481][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 261.991169][ C1] blk_update_request: I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 262.002116][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 262.305420][ T24] audit: type=1400 audit(477.925:797): avc: denied { set_context_mgr } for pid=10800 comm="syz.6.4744" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 262.413510][ T24] audit: type=1326 audit(478.028:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10807 comm="syz.6.4745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 262.484026][ T24] audit: type=1326 audit(478.028:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10807 comm="syz.6.4745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 262.562367][ T24] audit: type=1326 audit(478.066:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10807 comm="syz.6.4745" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x0 [ 262.658162][ T24] audit: type=1326 audit(478.253:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10807 comm="syz.6.4745" exe="/root/syz-executor" sig=31 arch=c000003e syscall=436 compat=0 ip=0x7f12fca27929 code=0x0 [ 262.841957][T10825] erofs: (device loop3): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 125300) [ 263.306459][ T24] audit: type=1400 audit(478.870:802): avc: denied { module_load } for pid=10836 comm="syz.0.4758" path="/selinux/policy" dev="selinuxfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=system permissive=1 [ 263.307602][T10837] kernel read not supported for file /policy (pid: 10837 comm: syz.0.4758) [ 263.341644][ T649] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 263.613560][ T649] usb 4-1: Using ep0 maxpacket: 32 [ 263.742058][ T649] usb 4-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 263.784439][ T649] usb 4-1: config 0 interface 0 has no altsetting 0 [ 263.791152][ T649] usb 4-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00 [ 263.800813][ T649] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.815167][ T649] usb 4-1: config 0 descriptor?? [ 263.987724][ T4484] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 264.052709][T10870] netlink: 'syz.1.4774': attribute type 4 has an invalid length. [ 264.060673][T10870] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.4774'. [ 264.320960][ T649] chicony 0003:04F2:1421.0010: item fetching failed at offset 5/7 [ 264.346722][ T649] chicony: probe of 0003:04F2:1421.0010 failed with error -22 [ 264.372876][ T4484] usb 5-1: config 0 interface 0 altsetting 253 endpoint 0x81 has an invalid bInterval 36, changing to 9 [ 264.389123][ T4484] usb 5-1: config 0 interface 0 altsetting 253 endpoint 0x81 has invalid wMaxPacketSize 0 [ 264.400923][ T4484] usb 5-1: config 0 interface 0 has no altsetting 0 [ 264.403422][T10877] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4777'. [ 264.408019][ T4484] usb 5-1: New USB device found, idVendor=0810, idProduct=0002, bcdDevice= 0.00 [ 264.426715][ T4484] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 264.441841][ T4484] usb 5-1: config 0 descriptor?? [ 264.567029][ T15] usb 4-1: USB disconnect, device number 38 [ 264.846655][ T2444] udevd[2444]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 264.859014][T10892] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 264.884335][ T2444] udevd[2444]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 264.941141][ T4484] pantherlord 0003:0810:0002.0011: item fetching failed at offset 5/7 [ 264.980690][ T4484] pantherlord 0003:0810:0002.0011: parse failed [ 264.994169][ T4484] pantherlord: probe of 0003:0810:0002.0011 failed with error -22 [ 265.255370][ T649] usb 5-1: USB disconnect, device number 37 [ 266.633263][T10934] F2FS-fs (loop6): fault_injection options not supported [ 266.665333][T10934] F2FS-fs (loop6): invalid crc value [ 266.675395][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:6' failed: Read-only file system [ 266.694226][T10934] F2FS-fs (loop6): Found nat_bits in checkpoint [ 266.809930][T10934] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 266.849633][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:6' failed: Read-only file system [ 267.173608][T10965] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4816'. [ 267.301656][ T649] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 267.457081][ T297] udevd[297]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 267.475792][T10967] EXT4-fs error (device loop0): ext4_free_branches:1026: inode #13: comm syz.0.4817: invalid indirect mapped block 10 (level 1) [ 267.500379][T10967] EXT4-fs error (device loop0): ext4_free_branches:1026: inode #13: comm syz.0.4817: invalid indirect mapped block 8 (level 1) [ 267.516142][T10967] EXT4-fs (loop0): 1 truncate cleaned up [ 267.521985][T10967] EXT4-fs (loop0): mounted filesystem without journal. Opts: acl,user_xattr,,errors=continue [ 267.551836][ T297] udevd[297]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 267.563355][ T649] usb 5-1: Using ep0 maxpacket: 16 [ 267.601516][T10967] EXT4-fs error (device loop0): ext4_lookup:1830: inode #12: comm syz.0.4817: unexpected EA_INODE flag [ 267.686616][ T649] usb 5-1: config 8 has an invalid interface number: 39 but max is 0 [ 267.705702][ T649] usb 5-1: config 8 has no interface number 0 [ 267.712313][ T649] usb 5-1: config 8 interface 39 altsetting 1 has an invalid endpoint with address 0xDF, skipping [ 267.733842][ T649] usb 5-1: config 8 interface 39 has no altsetting 0 [ 267.911148][ T649] usb 5-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77 [ 267.941990][ T649] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.950575][ T649] usb 5-1: Product: syz [ 267.965773][ T649] usb 5-1: Manufacturer: syz [ 267.970473][ T649] usb 5-1: SerialNumber: syz [ 268.201899][T10930] F2FS-fs (loop3): Invalid segment/section count (31, 24 x 150994945) [ 268.236296][T10930] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 268.246892][T10930] F2FS-fs (loop3): invalid crc value [ 268.271795][T10930] F2FS-fs (loop3): Found nat_bits in checkpoint [ 268.279394][ T649] ipheth 5-1:8.39: Unable to find endpoints [ 268.323116][ T2444] udevd[2444]: symlink '../../loop3' '/dev/disk/by-uuid/7d96804d-fc78-4d7b-ba96-ee448261d02c.tmp-b7:3' failed: Read-only file system [ 268.428371][T10930] F2FS-fs (loop3): Cannot turn on quotas: -2 on 2 [ 268.437147][T10930] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 268.444229][T10930] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 268.477797][T10989] FAT-fs (loop0): Directory bread(block 64) failed [ 268.489037][T10989] FAT-fs (loop0): Directory bread(block 65) failed [ 268.522228][T10989] FAT-fs (loop0): Directory bread(block 66) failed [ 268.528845][T10989] FAT-fs (loop0): Directory bread(block 67) failed [ 268.539275][ T2444] udevd[2444]: symlink '../../loop3' '/dev/disk/by-uuid/7d96804d-fc78-4d7b-ba96-ee448261d02c.tmp-b7:3' failed: Read-only file system [ 268.560359][ T24] audit: type=1400 audit(483.781:803): avc: denied { append } for pid=10929 comm="syz.3.4800" name="file1" dev="loop3" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 268.586950][T10989] FAT-fs (loop0): Directory bread(block 68) failed [ 268.593795][T10989] FAT-fs (loop0): Directory bread(block 69) failed [ 268.617279][T10989] FAT-fs (loop0): Directory bread(block 70) failed [ 268.627534][T10989] FAT-fs (loop0): Directory bread(block 71) failed [ 268.638613][T10989] FAT-fs (loop0): Directory bread(block 72) failed [ 268.645227][T10989] FAT-fs (loop0): Directory bread(block 73) failed [ 268.840781][T11001] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4828'. [ 269.118834][T11017] EXT4-fs (loop0): Ignoring removed orlov option [ 269.152122][T11017] EXT4-fs (loop0): orphan cleanup on readonly fs [ 269.159719][T11017] EXT4-fs error (device loop0): ext4_find_extent:928: inode #4: comm syz.0.4836: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 269.181375][T11021] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4837'. [ 269.191287][T11021] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4837'. [ 269.200941][T11017] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=-117 [ 269.210692][T11017] EXT4-fs warning (device loop0): ext4_enable_quotas:6491: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 269.215456][ T649] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 269.233144][T11017] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 269.240051][T11017] EXT4-fs (loop0): mounted filesystem without journal. Opts: orlov,sysvgroups,,errors=continue [ 269.280464][T11017] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4836'. [ 269.434653][T11028] A link change request failed with some changes committed already. Interface vlan1 may have been left with an inconsistent configuration, please check. [ 269.482631][ T649] usb 7-1: Using ep0 maxpacket: 32 [ 269.610985][ T649] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 34, changing to 9 [ 269.650049][ T649] usb 7-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00 [ 269.664302][ T649] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.689356][ T649] usb 7-1: config 0 descriptor?? [ 269.812319][T11044] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 269.827491][ T2444] udevd[2444]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 269.839535][T11044] EXT4-fs (loop1): Ignoring removed bh option [ 269.851014][T11044] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 269.896710][ T2444] udevd[2444]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 269.921440][T11044] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,jqfmt=vfsold,block_validity,block_validity,init_itable,data_err=abort,data_err=ignore,grpquota,mblk_io_submit,nodiscard,bh,dioread_nolock,,errors=continue [ 270.150406][T11029] F2FS-fs (loop0): invalid crc value [ 270.159187][T11029] F2FS-fs (loop0): Found nat_bits in checkpoint [ 270.234463][ T649] aureal 0003:0755:2626.0012: hidraw0: USB HID v20.00 Device [HID 0755:2626] on usb-dummy_hcd.6-1/input0 [ 270.268369][T11029] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 270.325959][ T649] usb 5-1: USB disconnect, device number 38 [ 270.379399][ T2444] udevd[2444]: symlink '../../loop0' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:0' failed: Read-only file system [ 270.424618][T11064] binder: 11063:11064 ioctl 4018620d 0 returned -22 [ 270.431870][ T277] attempt to access beyond end of device [ 270.431870][ T277] loop0: rw=2049, want=45104, limit=40427 [ 270.432132][T11064] binder: 11063:11064 ioctl c0306201 200000001440 returned -11 [ 270.625269][ T52] usb 7-1: USB disconnect, device number 2 [ 270.977843][T11089] EXT4-fs (loop3): Test dummy encryption mode enabled [ 270.995276][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 271.026124][T11089] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 271.097901][T11089] EXT4-fs error (device loop3): ext4_orphan_get:1421: comm syz.3.4865: bad orphan inode 131083 [ 271.110096][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 271.158405][T11089] EXT4-fs (loop3): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,noload,,errors=continue [ 271.263539][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 271.519628][T11107] FAT-fs (loop0): Directory bread(block 64) failed [ 271.529041][T11117] netlink: 'syz.1.4876': attribute type 1 has an invalid length. [ 271.543353][T11107] FAT-fs (loop0): Directory bread(block 65) failed [ 271.578290][T11107] FAT-fs (loop0): Directory bread(block 66) failed [ 271.584898][T11107] FAT-fs (loop0): Directory bread(block 67) failed [ 271.611584][T11107] FAT-fs (loop0): Directory bread(block 68) failed [ 271.618751][T11107] FAT-fs (loop0): Directory bread(block 69) failed [ 271.625529][T11107] FAT-fs (loop0): Directory bread(block 70) failed [ 271.632192][T11107] FAT-fs (loop0): Directory bread(block 71) failed [ 271.638968][T11107] FAT-fs (loop0): Directory bread(block 72) failed [ 271.642631][T11119] exfat: Deprecated parameter 'utf8' [ 271.645614][T11107] FAT-fs (loop0): Directory bread(block 73) failed [ 271.667056][T11119] exfat: Deprecated parameter 'namecase' [ 271.688477][T11119] exfat: Deprecated parameter 'utf8' [ 271.733583][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-uuid/1234-1234.tmp-b7:1' failed: Read-only file system [ 271.737655][T11125] usb usb1: check_ctrlrecip: process 11125 (syz.4.4880) requesting ep 01 but needs 81 [ 271.763824][T11119] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 271.849842][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-uuid/1234-1234.tmp-b7:1' failed: Read-only file system [ 271.884984][ T25] kernel write not supported for file /input/event2 (pid: 25 comm: kworker/1:1) [ 271.895002][T11107] attempt to access beyond end of device [ 271.895002][T11107] loop0: rw=0, want=1196, limit=256 [ 272.072877][T11147] incfs: Options parsing error. -22 [ 272.090259][T11147] incfs: mount failed -22 [ 272.241350][T11157] exfat: Deprecated parameter 'namecase' [ 272.256353][T11157] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 272.300640][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-uuid/1234-1234.tmp-b7:3' failed: Read-only file system [ 272.349683][T11170] SELinux: security_context_str_to_sid(system_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 272.536120][T11187] device veth1_macvtap left promiscuous mode [ 272.542310][T11187] device macsec0 entered promiscuous mode [ 272.558885][T11187] device veth1_macvtap entered promiscuous mode [ 272.608555][T11187] device macsec0 left promiscuous mode [ 272.641705][T11182] EXT4-fs (loop4): INFO: recovery required on readonly filesystem [ 272.668373][T11182] EXT4-fs (loop4): write access will be enabled during recovery [ 272.683683][ T2445] udevd[2445]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 272.701026][T11182] EXT4-fs (loop4): barriers disabled [ 272.706387][T11182] JBD2: no valid journal superblock found [ 272.713244][T11182] EXT4-fs (loop4): error loading journal [ 272.856006][ T24] audit: type=1400 audit(487.794:804): avc: denied { shutdown } for pid=11212 comm="syz.1.4920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 272.908292][ T738] udevd[738]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 272.924559][T11202] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 272.954897][T11206] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 272.974663][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 273.386036][T11207] F2FS-fs (loop3): invalid crc value [ 273.432831][T11207] F2FS-fs (loop3): Found nat_bits in checkpoint [ 273.498532][ T24] audit: type=1326 audit(488.402:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.4.4930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fd6ae929 code=0x7ffc0000 [ 273.543337][ T24] audit: type=1326 audit(488.402:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.4.4930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fd6ae929 code=0x7ffc0000 [ 273.590670][ T24] audit: type=1326 audit(488.439:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.4.4930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1fd6ae929 code=0x7ffc0000 [ 273.641242][T11207] F2FS-fs (loop3): Start checkpoint disabled! [ 273.656387][ T24] audit: type=1326 audit(488.439:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.4.4930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fd6ae929 code=0x7ffc0000 [ 273.681626][T11207] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 273.695662][T11248] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4932'. [ 273.762775][ T24] audit: type=1326 audit(488.439:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.4.4930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fd6ae929 code=0x7ffc0000 [ 273.852236][ T24] audit: type=1326 audit(488.439:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.4.4930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fd1fd6ae929 code=0x7ffc0000 [ 273.937724][ T24] audit: type=1326 audit(488.439:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.4.4930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fd6ae929 code=0x7ffc0000 [ 273.961041][ T24] audit: type=1326 audit(488.439:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.4.4930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fd6ae929 code=0x7ffc0000 [ 274.074348][T11258] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 274.089979][ T382] attempt to access beyond end of device [ 274.089979][ T382] loop3: rw=2049, want=40976, limit=40427 [ 274.175885][ T25] usb 7-1: new low-speed USB device number 3 using dummy_hcd [ 274.258988][T11275] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4947'. [ 274.495932][T11278] EXT4-fs (loop4): Ignoring removed nobh option [ 274.503635][T11281] EXT4-fs (loop1): INFO: recovery required on readonly filesystem [ 274.557172][T11278] EXT4-fs error (device loop4): ext4_ext_check_inode:500: inode #11: comm syz.4.4948: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 274.567132][T11281] EXT4-fs (loop1): write access will be enabled during recovery [ 274.592934][ T25] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 274.603433][T11281] EXT4-fs (loop1): barriers disabled [ 274.608938][T11281] JBD2: no valid journal superblock found [ 274.624700][ T25] usb 7-1: config 179 has no interface number 0 [ 274.639640][ T25] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 274.652854][T11281] EXT4-fs (loop1): error loading journal [ 274.659804][T11278] EXT4-fs error (device loop4): ext4_orphan_get:1400: comm syz.4.4948: couldn't read orphan inode 11 (err -117) [ 274.672105][ T25] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 274.683869][T11278] EXT4-fs (loop4): mounted filesystem without journal. Opts: sysvgroups,noload,nobh,noload,journal_dev=0x0000000000000004,norecovery,errors=continue,quota,,errors=continue [ 274.715717][ T25] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 274.735878][ T25] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 58368, setting to 8 [ 274.748011][ T25] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 274.761805][ T25] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 274.775010][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.784578][T11278] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.4948: Invalid block bitmap block 0 in block_group 0 [ 274.806049][T11278] Quota error (device loop4): write_blk: dquota write failed [ 274.814645][T11256] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 274.822312][T11278] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 274.833964][T11278] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.4948: Failed to acquire dquot type 0 [ 274.846501][T11294] EXT4-fs (loop4): re-mounted. Opts: [ 274.861512][ T25] xpad 7-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 274.881491][ T25] xpad: probe of 7-1:179.65 failed with error -5 [ 274.940353][ T24] audit: type=1400 audit(489.749:813): avc: denied { mount } for pid=11296 comm="syz.3.4955" name="/" dev="ramfs" ino=50563 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 274.988049][ T24] audit: type=1400 audit(489.768:814): avc: denied { remount } for pid=11296 comm="syz.3.4955" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 275.015744][ T24] audit: type=1400 audit(489.814:815): avc: denied { unmount } for pid=279 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 275.120699][ T420] usb 7-1: USB disconnect, device number 3 [ 275.462494][T11326] EXT4-fs (loop3): INFO: recovery required on readonly filesystem [ 275.482621][T11326] EXT4-fs (loop3): write access will be enabled during recovery [ 275.502117][T11326] EXT4-fs (loop3): barriers disabled [ 275.510529][T11326] JBD2: no valid journal superblock found [ 275.516820][T11326] EXT4-fs (loop3): error loading journal [ 275.993263][T11346] erofs: (device loop1): mounted with root inode @ nid 36. [ 276.004737][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-uuid/dc99752b-953d-459c-b2db-a5c46e0e7dba.tmp-b7:1' failed: Read-only file system [ 276.031354][T11346] erofs: (device loop1): z_erofs_fill_inode_lazy: per-inode big pcluster without sb feature for nid 36 [ 276.046673][ T15] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 276.068269][T11346] erofs: (device loop1): z_erofs_readpage: failed to read, err [-117] [ 276.078841][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-uuid/dc99752b-953d-459c-b2db-a5c46e0e7dba.tmp-b7:1' failed: Read-only file system [ 276.121412][T11346] erofs: (device loop1): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 276.206473][ T24] audit: type=1400 audit(490.927:816): avc: denied { shutdown } for pid=11354 comm="syz.6.4982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 276.236162][ T24] audit: type=1400 audit(490.927:817): avc: denied { read } for pid=11354 comm="syz.6.4982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 276.313794][ T15] usb 4-1: Using ep0 maxpacket: 8 [ 276.445267][ T15] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 276.461243][ T15] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 276.471954][ T15] usb 4-1: New USB device found, idVendor=046d, idProduct=c343, bcdDevice= 0.00 [ 276.481490][ T15] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.496196][ T15] usb 4-1: config 0 descriptor?? [ 276.540587][T11370] EXT4-fs (loop1): Test dummy encryption mode enabled [ 276.564968][T11370] EXT4-fs (loop1): Ignoring removed mblk_io_submit option [ 276.586367][T11370] EXT4-fs (loop1): mounted filesystem without journal. Opts: nojournal_checksum,test_dummy_encryption,bsddf,discard,data_err=abort,mblk_io_submit,nobarrier,quota,,errors=continue [ 276.601183][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 276.656726][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 277.013300][ T15] hid-generic 0003:046D:C343.0013: unbalanced delimiter at end of report description [ 277.013854][ T15] hid-generic: probe of 0003:046D:C343.0013 failed with error -22 [ 277.063835][ T24] audit: type=1400 audit(491.741:818): avc: denied { remount } for pid=11410 comm="syz.1.5004" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1 [ 277.232079][ T15] usb 4-1: USB disconnect, device number 39 [ 277.709567][T11424] F2FS-fs (loop6): Invalid SB checksum offset: 0 [ 277.716651][T11424] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock [ 277.728714][T11424] F2FS-fs (loop6): invalid crc value [ 277.737508][T11424] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 277.753564][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:6' failed: Read-only file system [ 277.788913][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:6' failed: Read-only file system [ 277.829155][T11424] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0 [ 277.836663][T11424] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 277.870881][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:6' failed: Read-only file system [ 277.907091][T10145] attempt to access beyond end of device [ 277.907091][T10145] loop6: rw=2049, want=45104, limit=40427 [ 278.244869][T11463] SELinux: security_context_str_to_sid(staff_u) failed for (dev debugfs, type debugfs) errno=-22 [ 278.591154][ T649] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 278.873306][ T52] kernel write not supported for file [eventfd] (pid: 52 comm: kworker/1:2) [ 278.986609][ T649] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 278.998128][ T649] usb 7-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 279.007394][ T649] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.009216][T11477] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option [ 279.032001][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 279.039961][T11477] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 279.051671][ T649] usb 7-1: config 0 descriptor?? [ 279.076652][T11477] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2219: inode #15: comm syz.3.5036: corrupted in-inode xattr [ 279.089546][T11477] EXT4-fs (loop3): Remounting filesystem read-only [ 279.096429][T11477] EXT4-fs (loop3): 1 truncate cleaned up [ 279.102145][T11477] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,resuid=0x000000000000ee01,debug_want_extra_isize=0x000000000000006c,lazytime,errors=remount-ro,nomblk_io_submit, [ 279.162801][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 279.184572][T11467] F2FS-fs (loop4): invalid crc value [ 279.203772][T11482] device ip6gretap0 entered promiscuous mode [ 279.223228][ T2444] udevd[2444]: symlink '../../loop4' '/dev/disk/by-uuid/ae71b7fd-767a-4c88-a53b-ea5e39a5f101.tmp-b7:4' failed: Read-only file system [ 279.255015][T11467] F2FS-fs (loop4): Found nat_bits in checkpoint [ 279.348034][T11467] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 279.526738][T11467] F2FS-fs (loop4): Corrupted max_depth of 3: 16842753 [ 279.576611][ T649] logitech 0003:046D:C295.0014: unbalanced delimiter at end of report description [ 279.595019][ T649] logitech 0003:046D:C295.0014: parse failed [ 279.606653][ T649] logitech: probe of 0003:046D:C295.0014 failed with error -22 [ 279.701639][T11503] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 279.724224][T11503] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 279.749158][T11503] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended [ 279.764198][T11503] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 279.772982][T11503] System zones: 0-2, 18-18, 34-35 [ 279.779476][T11503] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 279.866019][ T25] usb 7-1: USB disconnect, device number 4 [ 280.014594][ T24] kauditd_printk_skb: 3 callbacks suppressed [ 280.014638][ T24] audit: type=1326 audit(494.501:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11507 comm="syz.3.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 280.088414][ T24] audit: type=1326 audit(494.519:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11507 comm="syz.3.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=212 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 280.115316][ T24] audit: type=1326 audit(494.519:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11507 comm="syz.3.5047" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 280.442698][T11501] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 280.462522][T11501] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 280.509544][T11501] F2FS-fs (loop1): invalid crc value [ 280.534078][T11501] F2FS-fs (loop1): Found nat_bits in checkpoint [ 280.548708][ T24] audit: type=1326 audit(494.996:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11526 comm="syz.6.5054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 280.572375][ T24] audit: type=1326 audit(494.996:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11526 comm="syz.6.5054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 280.601438][ T24] audit: type=1326 audit(494.996:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11526 comm="syz.6.5054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 280.627324][ T24] audit: type=1326 audit(495.053:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11526 comm="syz.6.5054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 280.742079][T11501] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 280.749319][T11501] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 281.082791][ T24] audit: type=1326 audit(495.502:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11553 comm="syz.3.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 281.108346][ T24] audit: type=1326 audit(495.520:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11553 comm="syz.3.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 281.157262][ T24] audit: type=1326 audit(495.539:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11553 comm="syz.3.5067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 281.312841][T11565] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 281.345551][T11565] EXT4-fs (loop3): warning: maximal mount count reached, running e2fsck is recommended [ 281.358273][T11565] EXT4-fs error (device loop3): ext4_orphan_get:1395: inode #15: comm syz.3.5070: iget: bad i_size value: 360287970189639680 [ 281.372097][T11565] EXT4-fs (loop3): Remounting filesystem read-only [ 281.378734][T11565] EXT4-fs error (device loop3): ext4_orphan_get:1400: comm syz.3.5070: couldn't read orphan inode 15 (err -117) [ 281.391058][T11565] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,noblock_validity,noquota,errors=remount-ro,dioread_nolock, [ 281.427426][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 281.532562][T11582] device syz_tun entered promiscuous mode [ 281.536882][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 281.539296][T11581] device syz_tun left promiscuous mode [ 281.746646][T11596] netlink: 104 bytes leftover after parsing attributes in process `syz.1.5085'. [ 281.842655][T11607] netlink: 'syz.1.5091': attribute type 1 has an invalid length. [ 281.964700][T11614] syzkaller0: tun_chr_ioctl cmd 2147767521 [ 282.112826][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 282.152056][T11625] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 282.184189][T11625] EXT4-fs (loop6): orphan cleanup on readonly fs [ 282.204709][T11625] EXT4-fs warning (device loop6): ext4_enable_quotas:6491: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 282.259107][T11625] EXT4-fs (loop6): Cannot turn on quotas: error -22 [ 282.291585][T11625] EXT4-fs error (device loop6): ext4_orphan_get:1395: inode #16: comm syz.6.5099: iget: immutable or append flags not allowed on symlinks [ 282.371962][T11625] EXT4-fs error (device loop6): ext4_orphan_get:1400: comm syz.6.5099: couldn't read orphan inode 16 (err -117) [ 282.407203][T11625] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 282.431568][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 282.460165][T11625] xt_hashlimit: size too large, truncated to 1048576 [ 282.569174][T11655] EXT4-fs (loop1): Ignoring removed orlov option [ 282.596959][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 282.628686][T11655] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,resgid=0x0000000000000000,max_dir_size_kb=0x0000000000000008,grpid,orlov,,errors=continue [ 282.667044][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 282.881978][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 283.006226][ T420] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 283.262857][ T420] usb 5-1: Using ep0 maxpacket: 16 [ 283.320238][T11691] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 283.332669][T11691] EXT4-fs (loop1): 1 truncate cleaned up [ 283.338817][T11691] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000004000,errors=remount-ro,minixdf, [ 283.375964][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 283.392941][T11695] netlink: 'syz.6.5128': attribute type 2 has an invalid length. [ 283.401859][ T420] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 283.418107][ T297] udevd[297]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 283.423240][ T420] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 283.433849][ T25] usb 4-1: new full-speed USB device number 40 using dummy_hcd [ 283.447398][ T420] usb 5-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28 [ 283.460947][ T420] usb 5-1: config 0 interface 0 has no altsetting 0 [ 283.467727][ T420] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 283.476933][ T420] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.487696][ T420] usb 5-1: config 0 descriptor?? [ 283.753166][ T2444] udevd[2444]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 283.768432][T11712] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,bsddf, [ 283.790852][T11712] EXT4-fs error (device loop6): ext4_empty_dir:3074: inode #12: comm syz.6.5136: invalid size [ 283.801802][T11712] EXT4-fs (loop6): Remounting filesystem read-only [ 283.824716][ T112] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 283.904678][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 283.914747][ T25] usb 4-1: New USB device found, idVendor=056a, idProduct=032b, bcdDevice= 0.00 [ 283.924155][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.939553][ T25] usb 4-1: config 0 descriptor?? [ 284.024052][ T420] hid (null): report_id 55279 is invalid [ 284.029972][ T420] hid (null): unknown global tag 0xe [ 284.041255][ T420] hid (null): unknown global tag 0xe [ 284.047062][ T420] hid (null): unknown global tag 0xe [ 284.126228][T11728] user requested TSC rate below hardware speed [ 284.219738][ T420] usb 5-1: USB disconnect, device number 39 [ 284.469695][ T25] wacom 0003:056A:032B.0016: hidraw0: USB HID v0.04 Device [HID 056a:032b] on usb-dummy_hcd.3-1/input0 [ 284.513563][T11747] netlink: 100 bytes leftover after parsing attributes in process `syz.0.5151'. [ 284.762067][ T420] usb 4-1: USB disconnect, device number 40 [ 284.847299][T11765] EXT4-fs (loop6): Ignoring removed bh option [ 284.888012][T11765] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 284.973582][T11775] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 284.986136][T11765] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000001,dioread_lock,nouid32,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,sysvgroups,user_xattr,bh,dioread_nolock,,errors=continue [ 285.381277][ T24] kauditd_printk_skb: 65 callbacks suppressed [ 285.381312][ T24] audit: type=1400 audit(499.514:895): avc: denied { read write } for pid=11799 comm="syz.0.5175" name="raw-gadget" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 285.448146][ T24] audit: type=1400 audit(499.552:896): avc: denied { open } for pid=11799 comm="syz.0.5175" path="/dev/raw-gadget" dev="devtmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 285.476423][ T24] audit: type=1400 audit(499.552:897): avc: denied { ioctl } for pid=11799 comm="syz.0.5175" path="/dev/raw-gadget" dev="devtmpfs" ino=253 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 285.506839][ T24] audit: type=1400 audit(499.552:898): avc: denied { mounton } for pid=11801 comm="syz.4.5174" path="/1049/file0" dev="tmpfs" ino=5373 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 285.530261][ T24] audit: type=1400 audit(499.571:899): avc: denied { read } for pid=11805 comm="syz.6.5178" dev="nsfs" ino=4026532430 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 285.575516][ T24] audit: type=1400 audit(499.571:900): avc: denied { open } for pid=11805 comm="syz.6.5178" path="net:[4026532430]" dev="nsfs" ino=4026532430 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 285.603406][ T24] audit: type=1400 audit(499.571:901): avc: denied { create } for pid=11805 comm="syz.6.5178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 285.623505][ T24] audit: type=1400 audit(499.599:902): avc: denied { connect } for pid=11805 comm="syz.6.5178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 285.644123][ T24] audit: type=1400 audit(499.599:903): avc: denied { setopt } for pid=11805 comm="syz.6.5178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 285.687826][ T24] audit: type=1400 audit(499.608:904): avc: denied { shutdown } for pid=11805 comm="syz.6.5178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 286.478440][T11862] netlink: 277 bytes leftover after parsing attributes in process `syz.4.5204'. [ 286.488303][T11855] loop6: p2 < > p3 p4 [ 286.502727][T11855] loop6: p3 start 65535 is beyond EOD, truncated [ 286.534622][T11855] loop6: p4 size 8192 extends beyond EOD, truncated [ 286.604054][T11866] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 286.816186][ T297] udevd[297]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 287.081775][T11878] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 287.105491][ T297] udevd[297]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 287.177305][ T2444] udevd[2444]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 287.201704][ T297] udevd[297]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 287.219293][T11888] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 287.262860][T11888] fs-verity (loop6, inode 13): Unknown hash algorithm number: 0 [ 287.329952][ T2444] udevd[2444]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:6' failed: Read-only file system [ 287.330355][ T297] udevd[297]: symlink '../../loop6' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 287.342505][T11874] F2FS-fs (loop3): Invalid SB checksum offset: 0 [ 287.378758][T11874] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock [ 287.393786][ T738] udevd[738]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system [ 287.408283][T11874] F2FS-fs (loop3): invalid crc value [ 287.417645][T11874] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 287.476530][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system [ 287.495157][T11874] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0 [ 287.502606][T11874] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 287.541892][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system [ 287.700472][ T7066] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 287.854819][T11910] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 287.874671][ T297] udevd[297]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 287.977288][ T7066] usb 5-1: Using ep0 maxpacket: 8 [ 288.010604][T11914] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 288.030918][ T52] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 288.057623][T11914] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000008,jqfmt=vfsold,nojournal_checksum,,errors=continue [ 288.105722][ T7066] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 288.124335][ T7066] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 288.142563][ T7066] usb 5-1: New USB device found, idVendor=056a, idProduct=0000, bcdDevice= 0.00 [ 288.158714][ T7066] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.178980][ T7066] usb 5-1: config 0 descriptor?? [ 288.298072][ T52] usb 7-1: Using ep0 maxpacket: 16 [ 288.316844][T11923] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 288.426467][ T52] usb 7-1: config 0 has an invalid interface number: 105 but max is 0 [ 288.434795][ T52] usb 7-1: config 0 descriptor has 1 excess byte, ignoring [ 288.447513][ T52] usb 7-1: config 0 has no interface number 0 [ 288.618868][ T52] usb 7-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 288.637262][ T52] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.656835][ T52] usb 7-1: Product: syz [ 288.666969][ T52] usb 7-1: Manufacturer: syz [ 288.671768][ T52] usb 7-1: SerialNumber: syz [ 288.686371][ T7066] wacom 0003:056A:0000.0017: unbalanced delimiter at end of report description [ 288.704691][ T7066] wacom 0003:056A:0000.0017: parse failed [ 288.706863][ T52] usb 7-1: config 0 descriptor?? [ 288.710700][ T7066] wacom: probe of 0003:056A:0000.0017 failed with error -22 [ 288.759430][ T52] uvcvideo: Found UVC 0.00 device syz (046d:08f3) [ 288.768359][ T52] uvcvideo: No valid video chain found. [ 288.930753][ T7066] usb 5-1: USB disconnect, device number 40 [ 289.022644][ T420] usb 7-1: USB disconnect, device number 5 [ 289.036102][T11966] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5243'. [ 289.236770][T11972] EXT4-fs (loop1): Test dummy encryption mode enabled [ 289.262287][T11972] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000008000000,noauto_da_alloc,dioread_nolock,test_dummy_encryption,nobarrier,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue [ 289.571904][T11978] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 289.590596][T11978] EXT4-fs (loop1): 1 truncate cleaned up [ 289.596507][T11978] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,,errors=continue [ 289.620773][T11978] EXT4-fs (loop1): Online resizing not supported with sparse_super2 [ 289.948633][T12003] syz.4.5258[12003] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 289.948756][T12003] syz.4.5258[12003] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 290.149690][T12015] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 290.171098][ T52] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 290.244206][ T382] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 290.376935][T12018] EXT4-fs (loop4): Ignoring removed orlov option [ 290.407791][T12018] EXT4-fs (loop4): orphan cleanup on readonly fs [ 290.426767][ T52] usb 2-1: Using ep0 maxpacket: 16 [ 290.437028][T12018] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.5266: bg 0: block 248: padding at end of block bitmap is not set [ 290.452333][T12024] SELinux: Context : is not valid (left unmapped). [ 290.469004][T12018] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.5266: Failed to acquire dquot type 1 [ 290.481430][T12018] EXT4-fs (loop4): 1 truncate cleaned up [ 290.491069][T12018] EXT4-fs (loop4): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,orlov,abort,nombcache,stripe=0x0000000000000010,,errors=continue [ 290.553894][ T52] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 290.566211][ T52] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 290.746255][ T52] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 290.762504][ T52] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.770768][ T52] usb 2-1: Product: syz [ 290.775067][ T52] usb 2-1: Manufacturer: syz [ 290.777371][ T24] kauditd_printk_skb: 110 callbacks suppressed [ 290.777409][ T24] audit: type=1400 audit(504.556:1013): avc: denied { mounton } for pid=12046 comm="syz.4.5278" path="/1066/file1" dev="tmpfs" ino=5463 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 290.779793][ T52] usb 2-1: SerialNumber: syz [ 290.816758][T12047] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 290.827509][ T24] audit: type=1400 audit(504.603:1014): avc: denied { mount } for pid=12046 comm="syz.4.5278" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 290.856789][ T24] audit: type=1400 audit(504.603:1015): avc: denied { write } for pid=12046 comm="syz.4.5278" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 290.879247][ T24] audit: type=1400 audit(504.622:1016): avc: denied { add_name } for pid=12046 comm="syz.4.5278" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 290.900397][ T24] audit: type=1400 audit(504.622:1017): avc: denied { create } for pid=12046 comm="syz.4.5278" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 290.920468][ T24] audit: type=1400 audit(504.622:1018): avc: denied { read write } for pid=12046 comm="syz.4.5278" name="file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 290.943000][ T24] audit: type=1400 audit(504.622:1019): avc: denied { open } for pid=12046 comm="syz.4.5278" path="/1066/file1/file1" dev="loop4" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 290.967074][ T24] audit: type=1400 audit(504.640:1020): avc: denied { unmount } for pid=278 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 290.986290][ T24] audit: type=1400 audit(504.659:1021): avc: denied { unmount } for pid=10145 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 291.060787][T12054] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5279'. [ 291.061367][ T24] audit: type=1400 audit(504.827:1022): avc: denied { mount } for pid=12053 comm="syz.6.5280" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 291.158729][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.166662][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.175097][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.182994][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.191676][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.199883][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.207448][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.214985][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.222755][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.230323][ T649] hid-generic 00A0:0008:0003.0018: unknown main item tag 0x0 [ 291.239086][ T649] hid-generic 00A0:0008:0003.0018: hidraw0: HID v0.05 Device [syz1] on syz0 [ 291.308491][T12065] fido_id[12065]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 291.323704][ T52] usb 2-1: cannot find UAC_HEADER [ 291.329004][ T52] snd-usb-audio: probe of 2-1:1.0 failed with error -22 [ 291.555740][ T52] usb 2-1: USB disconnect, device number 32 [ 291.764073][T12088] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 24 [ 291.803991][T12094] raw_sendmsg: syz.6.5297 forgot to set AF_INET. Fix it! [ 291.855523][T12088] EXT4-fs (loop3): Unrecognized mount option "" or missing value [ 291.878598][T12088] EXT4-fs (loop3): failed to parse options in superblock: [ 291.896862][T12088] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 25443 [ 292.255466][T12126] tmpfs: Unknown parameter '' [ 292.426614][ T649] hid-generic 0003:0000:0000.0019: unknown main item tag 0x0 [ 292.447325][ T649] hid-generic 0003:0000:0000.0019: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 292.602423][T12149] fido_id[12149]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 292.700600][T12155] futex_wake_op: syz.6.5323 tries to shift op by -1; fix this program [ 293.362177][T12190] syz.0.5337[12190] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 293.362303][T12190] syz.0.5337[12190] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 293.404620][T12181] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 293.499675][T12192] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 293.824153][T12211] bridge0: port 1(syz_tun) entered blocking state [ 293.830777][T12211] bridge0: port 1(syz_tun) entered disabled state [ 293.839374][T12211] device syz_tun entered promiscuous mode [ 293.981691][ T7] attempt to access beyond end of device [ 293.981691][ T7] loop1: rw=1, want=737, limit=128 [ 293.993616][ T7] attempt to access beyond end of device [ 293.993616][ T7] loop1: rw=1, want=1041, limit=128 [ 294.004689][ T7] attempt to access beyond end of device [ 294.004689][ T7] loop1: rw=1, want=745, limit=128 [ 294.014447][T12185] F2FS-fs (loop6): fault_injection options not supported [ 294.029248][T12185] F2FS-fs (loop6): invalid crc value [ 294.058829][T12185] F2FS-fs (loop6): Found nat_bits in checkpoint [ 294.171017][T12185] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 294.221415][T12228] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5350'. [ 294.383457][T12185] attempt to access beyond end of device [ 294.383457][T12185] loop6: rw=2049, want=45104, limit=40427 [ 294.456300][T10145] attempt to access beyond end of device [ 294.456300][T10145] loop6: rw=2049, want=45112, limit=40427 [ 295.166550][T12256] Bluetooth: hci0: Frame reassembly failed (-84) [ 295.373549][T12247] F2FS-fs (loop1): invalid crc value [ 295.388253][T12247] F2FS-fs (loop1): Found nat_bits in checkpoint [ 295.460818][T12247] F2FS-fs (loop1): Start checkpoint disabled! [ 295.468356][T12247] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 295.643996][ T382] attempt to access beyond end of device [ 295.643996][ T382] loop1: rw=2049, want=45104, limit=40427 [ 295.856736][T12272] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 295.931938][T12276] netlink: 'syz.6.5371': attribute type 25 has an invalid length. [ 295.953980][T12276] netlink: 184 bytes leftover after parsing attributes in process `syz.6.5371'. [ 296.242865][ T24] kauditd_printk_skb: 66 callbacks suppressed [ 296.242898][ T24] audit: type=1400 audit(509.673:1089): avc: denied { create } for pid=12297 comm="syz.6.5380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 296.269987][ T24] audit: type=1400 audit(509.673:1090): avc: denied { setopt } for pid=12297 comm="syz.6.5380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 296.356041][ T24] audit: type=1326 audit(509.776:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12304 comm="syz.6.5383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 296.401004][ T24] audit: type=1326 audit(509.804:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12304 comm="syz.6.5383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 296.438826][ T24] audit: type=1326 audit(509.804:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12304 comm="syz.6.5383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 296.463883][ T24] audit: type=1326 audit(509.804:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12304 comm="syz.6.5383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 296.463957][T12309] syz.6.5386[12309] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 296.488512][ T24] audit: type=1326 audit(509.804:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12304 comm="syz.6.5383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 296.492962][T12309] syz.6.5386[12309] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 296.500596][ T24] audit: type=1326 audit(509.804:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12304 comm="syz.6.5383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 296.557989][ T24] audit: type=1326 audit(509.804:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12304 comm="syz.6.5383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 296.581269][ T24] audit: type=1400 audit(509.804:1098): avc: denied { execute } for pid=12306 comm="syz.1.5384" path="/1143/file1" dev="tmpfs" ino=5875 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 297.314185][T12362] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5407'. [ 297.363671][ T280] Bluetooth: hci0: command 0x1003 tx timeout [ 297.370068][T12257] Bluetooth: hci0: sending frame failed (-49) [ 297.630698][T12368] EXT4-fs error (device loop0): ext4_orphan_get:1395: inode #15: comm syz.0.5409: casefold flag without casefold feature [ 297.663207][T12368] EXT4-fs error (device loop0): ext4_orphan_get:1400: comm syz.0.5409: couldn't read orphan inode 15 (err -117) [ 297.695248][T12368] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 298.107236][T12357] F2FS-fs (loop3): invalid crc value [ 298.177855][T12357] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 298.338688][T12357] F2FS-fs (loop3): Start checkpoint disabled! [ 298.367899][T12357] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 298.595562][ T382] attempt to access beyond end of device [ 298.595562][ T382] loop3: rw=2049, want=45104, limit=40427 [ 299.084637][T12415] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5423'. [ 299.587413][ T280] Bluetooth: hci0: command 0x1001 tx timeout [ 299.593827][T12257] Bluetooth: hci0: sending frame failed (-49) [ 299.744385][T12455] netlink: 148 bytes leftover after parsing attributes in process `syz.3.5447'. [ 300.111365][T12466] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869) [ 300.142750][T12466] EXT4-fs (loop0): invalid journal inode [ 300.164179][T12466] EXT4-fs (loop0): can't get journal size [ 300.201433][T12466] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,sysvgroups,norecovery,abort,nombcache,,errors=continue [ 300.246391][T12466] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 64: comm syz.0.5451: path (unknown): bad entry in directory: rec_len is too small for name_len - offset=0, inode=11, rec_len=12, size=1024 fake=0 [ 300.336436][T12466] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 73: comm syz.0.5451: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=83886080, rec_len=0, size=1024 fake=0 [ 300.605396][T12488] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5460'. [ 300.645772][ T420] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 300.860879][T12504] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5467'. [ 301.041467][ T420] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 301.159019][ T420] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 301.186346][ T420] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 301.203192][ T420] usb 2-1: SerialNumber: syz [ 301.506790][T12532] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 301.598077][ T24] kauditd_printk_skb: 60 callbacks suppressed [ 301.598111][ T24] audit: type=1400 audit(514.677:1159): avc: denied { unlink } for pid=279 comm="syz-executor" name="file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 301.634352][ T24] audit: type=1400 audit(514.677:1160): avc: denied { unlink } for pid=279 comm="syz-executor" name="file1" dev="loop3" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 301.659592][ T24] audit: type=1400 audit(514.715:1161): avc: denied { rmdir } for pid=279 comm="syz-executor" name="work" dev="loop3" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 301.690055][T12541] xt_bpf: check failed: parse error [ 301.811174][ T280] Bluetooth: hci0: command 0x1009 tx timeout [ 302.052774][ T24] audit: type=1400 audit(515.108:1162): avc: denied { bind } for pid=12558 comm="syz.6.5491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 302.121541][T12563] device lo entered promiscuous mode [ 302.130318][T12560] device lo left promiscuous mode [ 302.185391][ T420] cdc_ether: probe of 2-1:1.0 failed with error -71 [ 302.191997][ T24] audit: type=1400 audit(515.238:1163): avc: denied { write } for pid=12564 comm="syz.6.5494" name="loop-control" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 302.226882][ T420] usb 2-1: USB disconnect, device number 33 [ 302.230539][ T24] audit: type=1400 audit(515.267:1164): avc: denied { open } for pid=12564 comm="syz.6.5494" path="/dev/loop-control" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 302.279811][ T24] audit: type=1400 audit(515.267:1165): avc: denied { ioctl } for pid=12564 comm="syz.6.5494" path="/dev/loop-control" dev="devtmpfs" ino=114 ioctlcmd=0x4c81 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 302.400318][T12562] device bridge2 entered promiscuous mode [ 302.423996][T12547] F2FS-fs (loop3): invalid crc value [ 302.439480][T12547] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 302.528002][T12547] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0 [ 302.535100][T12547] F2FS-fs (loop3): Start checkpoint disabled! [ 302.544587][T12576] netlink: 136 bytes leftover after parsing attributes in process `syz.6.5498'. [ 302.548861][T12547] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 302.564477][T12576] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 303.154404][T12579] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 303.190043][T12579] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 303.210875][T12579] F2FS-fs (loop0): invalid crc value [ 303.256086][T12579] F2FS-fs (loop0): Found nat_bits in checkpoint [ 303.382177][T12579] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 303.393220][T12579] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 303.521547][ T420] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 303.587881][T12579] attempt to access beyond end of device [ 303.587881][T12579] loop0: rw=34817, want=79872, limit=40427 [ 303.763603][ T24] audit: type=1400 audit(516.707:1166): avc: denied { getattr } for pid=12613 comm="syz.6.5512" name="/" dev="dax" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 303.787062][ T112] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 303.799828][ T112] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 303.917130][ T420] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 303.931786][ T420] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 303.944375][ T420] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 303.964555][ T420] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 303.992291][ T420] usb 4-1: config 0 descriptor?? [ 304.316599][T12631] bridge0: port 2(bridge_slave_1) entered disabled state [ 304.508655][ T420] hid-steam 0003:28DE:1142.001A: unknown main item tag 0x0 [ 304.529268][ T420] hid-steam 0003:28DE:1142.001A: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0 [ 304.551779][ T420] hid-steam 0003:28DE:1142.001B: unknown main item tag 0x0 [ 304.579428][ T420] hid-steam 0003:28DE:1142.001B: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0 [ 304.625846][T12642] FAT-fs (loop6): Directory bread(block 64) failed [ 304.632668][T12642] FAT-fs (loop6): Directory bread(block 65) failed [ 304.642369][T12642] FAT-fs (loop6): Directory bread(block 66) failed [ 304.649316][T12642] FAT-fs (loop6): Directory bread(block 67) failed [ 304.656141][T12642] FAT-fs (loop6): Directory bread(block 68) failed [ 304.663070][T12642] FAT-fs (loop6): Directory bread(block 69) failed [ 304.673930][T12642] FAT-fs (loop6): Directory bread(block 70) failed [ 304.680586][T12642] FAT-fs (loop6): Directory bread(block 71) failed [ 304.686733][ T420] hid-steam 0003:28DE:1142.001A: Steam wireless receiver connected [ 304.697477][T12642] FAT-fs (loop6): Directory bread(block 72) failed [ 304.708061][T12642] FAT-fs (loop6): Directory bread(block 73) failed [ 304.795138][ T4484] usb 4-1: USB disconnect, device number 41 [ 304.811537][ T4484] hid-steam 0003:28DE:1142.001A: Steam wireless receiver disconnected [ 304.833525][T12645] fido_id[12645]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 304.921920][ T24] audit: type=1400 audit(517.783:1167): avc: denied { execute_no_trans } for pid=12641 comm="syz.6.5524" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1249 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 305.201800][ T24] audit: type=1326 audit(518.054:1168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12658 comm="syz.6.5531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 305.780126][T12680] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 306.078583][T12666] F2FS-fs (loop6): invalid crc value [ 306.131174][T12666] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 306.187324][T12701] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5550'. [ 306.200247][T12701] bridge0: port 3(macsec2) entered blocking state [ 306.208557][T12701] bridge0: port 3(macsec2) entered disabled state [ 306.324548][T12666] F2FS-fs (loop6): Start checkpoint disabled! [ 306.331571][T12666] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 306.400734][T12666] attempt to access beyond end of device [ 306.400734][T12666] loop6: rw=10241, want=45104, limit=40427 [ 306.555127][T12718] bridge: RTM_NEWNEIGH with unconfigured vlan 2 on bridge0 [ 306.571166][T12716] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5557'. [ 306.794303][ T112] attempt to access beyond end of device [ 306.794303][ T112] loop6: rw=1, want=81920, limit=40427 [ 306.832841][ T112] attempt to access beyond end of device [ 306.832841][ T112] loop6: rw=1, want=53248, limit=40427 [ 306.893733][ T112] attempt to access beyond end of device [ 306.893733][ T112] loop6: rw=1, want=67256, limit=40427 [ 306.914663][ T112] attempt to access beyond end of device [ 306.914663][ T112] loop6: rw=1, want=45104, limit=40427 [ 306.928995][T12732] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5564'. [ 306.939003][ T9] attempt to access beyond end of device [ 306.939003][ T9] loop6: rw=2049, want=45112, limit=40427 [ 306.942848][ T15] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 307.008340][ T24] kauditd_printk_skb: 18 callbacks suppressed [ 307.008375][ T24] audit: type=1400 audit(519.747:1187): avc: denied { read } for pid=12733 comm="syz.0.5565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 307.034228][ T420] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 307.176261][ T24] audit: type=1400 audit(519.897:1188): avc: denied { create } for pid=12741 comm="syz.0.5569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 307.206444][ T24] audit: type=1400 audit(519.897:1189): avc: denied { write } for pid=12741 comm="syz.0.5569" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 307.225570][ T15] usb 2-1: Using ep0 maxpacket: 32 [ 307.295185][ T420] usb 5-1: Using ep0 maxpacket: 32 [ 307.348856][ T15] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 307.362684][T12746] syz.0.5571[12746] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 307.362809][T12746] syz.0.5571[12746] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 307.368813][ T15] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.424000][ T15] usb 2-1: config 0 descriptor?? [ 307.434513][ T420] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 307.445008][ T420] usb 5-1: config 0 has no interface number 0 [ 307.451332][ T420] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 307.485896][T12748] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 307.488057][ T420] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 307.501253][T12748] syzkaller0: linktype set to 778 [ 307.519756][ T420] usb 5-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 307.539241][ T420] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.567583][ T420] usb 5-1: config 0 descriptor?? [ 307.835004][T12758] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 307.892583][ T24] audit: type=1400 audit(520.570:1190): avc: denied { setattr } for pid=12757 comm="syz.0.5576" path="/1054/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 307.946273][T12740] F2FS-fs (loop3): Found nat_bits in checkpoint [ 307.962579][ T15] logitech 0003:046D:C29C.001C: unknown main item tag 0x0 [ 308.001310][ T15] logitech 0003:046D:C29C.001C: hidraw0: USB HID vb4.34 Device [HID 046d:c29c] on usb-dummy_hcd.1-1/input0 [ 308.061053][T12740] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 308.241949][ T279] attempt to access beyond end of device [ 308.241949][ T279] loop3: rw=2049, want=45104, limit=40427 [ 308.304204][ T420] input: HID 28bd:0094 Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0094.001D/input/input26 [ 308.338853][ T24] audit: type=1400 audit(520.991:1191): avc: denied { read } for pid=79 comm="acpid" name="event3" dev="devtmpfs" ino=1500 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 308.357762][T12783] tap0: tun_chr_ioctl cmd 1074025673 [ 308.366900][ T420] uclogic 0003:28BD:0094.001D: input,hidraw1: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.4-1/input1 [ 308.381500][ T24] audit: type=1400 audit(520.991:1192): avc: denied { open } for pid=79 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1500 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 308.417785][ T15] logitech 0003:046D:C29C.001C: no inputs found [ 308.447443][ T24] audit: type=1400 audit(521.057:1193): avc: denied { ioctl } for pid=79 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1500 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 308.456676][ T15] usb 2-1: USB disconnect, device number 34 [ 308.544707][T12785] fido_id[12785]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 308.594239][ T420] usb 5-1: USB disconnect, device number 41 [ 308.814715][T12791] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 308.839588][T12791] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.5588: bg 0: block 5: invalid block bitmap [ 308.852602][T12791] EXT4-fs error (device loop6) in ext4_mb_clear_bb:5645: Corrupt filesystem [ 308.862244][T12791] EXT4-fs error (device loop6): ext4_free_branches:1026: inode #11: comm syz.6.5588: invalid indirect mapped block 3 (level 2) [ 308.876099][T12791] EXT4-fs (loop6): 2 truncates cleaned up [ 308.898960][T12791] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,init_itable=0x0000000000000006,dioread_nolock,grpquota,,errors=continue [ 309.293851][ T24] audit: type=1400 audit(521.880:1194): avc: denied { write } for pid=12802 comm="syz.6.5592" name="mcfilter6" dev="proc" ino=4026533019 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 309.349318][ T24] audit: type=1400 audit(521.908:1195): avc: denied { read } for pid=12804 comm="syz.3.5593" name="event2" dev="devtmpfs" ino=266 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 309.415741][ T24] audit: type=1400 audit(522.001:1196): avc: denied { wake_alarm } for pid=12810 comm="syz.6.5596" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 309.901985][T12825] dvmrp1: tun_chr_ioctl cmd 2147767511 [ 310.072203][T12837] netlink: 23 bytes leftover after parsing attributes in process `syz.0.5606'. [ 310.916224][T12875] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 310.955248][T12875] EXT4-fs (loop4): 1 truncate cleaned up [ 310.972592][T12875] EXT4-fs (loop4): mounted filesystem without journal. Opts: init_itable,resuid=0x0000000000000000,stripe=0x0000000000000000,,errors=continue [ 310.992378][T12883] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5624'. [ 311.161360][T12888] bridge: RTM_DELNEIGH with unconfigured vlan 1 on bridge0 [ 312.453564][T12969] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5664'. [ 312.631815][T12986] serio: Serial port ptm0 [ 312.654678][ T24] kauditd_printk_skb: 70 callbacks suppressed [ 312.654715][ T24] audit: type=1326 audit(2000000000.346:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12983 comm="syz.3.5670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 312.708591][ T24] audit: type=1326 audit(2000000000.383:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12983 comm="syz.3.5670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 312.732711][ T24] audit: type=1326 audit(2000000000.383:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12983 comm="syz.3.5670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 312.758164][ T24] audit: type=1326 audit(2000000000.383:1270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12983 comm="syz.3.5670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 312.758979][T12982] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue [ 312.782508][ T24] audit: type=1326 audit(2000000000.383:1271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12983 comm="syz.3.5670" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a31a11929 code=0x7ffc0000 [ 312.814877][T12982] ext4 filesystem being mounted at /1072/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 312.836763][T12911] F2FS-fs (loop4): Fix alignment : done, start(4096) end(16896) block(12288) [ 312.866763][T12911] F2FS-fs (loop4): invalid crc value [ 312.881488][T12911] F2FS-fs (loop4): invalid crc value [ 312.911289][T12911] F2FS-fs (loop4): Failed to get valid F2FS checkpoint [ 313.004284][ T24] audit: type=1400 audit(2000000000.682:1272): avc: denied { remount } for pid=12997 comm="syz.4.5675" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 313.042631][T12982] EXT4-fs error (device loop0): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 313.055615][ T24] audit: type=1400 audit(2000000000.710:1273): avc: denied { unmount } for pid=278 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 313.873360][T13044] exfat: Deprecated parameter 'utf8' [ 313.927757][T13044] exfat: Deprecated parameter 'namecase' [ 313.964375][T13044] exfat: Deprecated parameter 'utf8' [ 314.021377][T13044] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d) [ 314.117354][ T24] audit: type=1400 audit(2000000001.721:1274): avc: denied { mounton } for pid=13043 comm="syz.0.5697" path="/1078/file0/file0" dev="loop0" ino=1048756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 314.170358][T13052] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002] [ 314.178451][T13052] System zones: 1-12 [ 314.209741][T13052] EXT4-fs error (device loop1): dx_probe:796: inode #2: comm syz.1.5700: Directory hole found for htree index block 0 [ 314.224428][T13052] EXT4-fs (loop1): Remounting filesystem read-only [ 314.231027][T13052] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 314.246543][ T24] audit: type=1400 audit(2000000001.833:1275): avc: denied { remove_name } for pid=277 comm="syz-executor" name=".index" dev="loop0" ino=1048757 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 314.287020][T13052] EXT4-fs error (device loop1): dx_probe:796: inode #2: comm syz.1.5700: Directory hole found for htree index block 0 [ 314.340969][T13052] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 314.349497][T13052] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=Jdebug,jqfmt=vfsold,noquota,bsdgroups,usrjquota="nojournal_checksum,errors=remount-ro,, [ 314.351298][ T24] audit: type=1400 audit(2000000001.833:1276): avc: denied { rmdir } for pid=277 comm="syz-executor" name=".index" dev="loop0" ino=1048757 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 314.493037][T13052] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 314.776150][T13057] EXT4-fs (loop1): Mount option "nouser_xattr" will be removed by 3.5 [ 314.776150][T13057] Contact linux-ext4@vger.kernel.org if you think we should keep it. [ 314.776150][T13057] [ 314.874888][T13057] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 314.952761][T13057] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,block_validity,min_batch_time=0x0000000000000007,nobarrier,nouser_xattr,dioread_nolock, [ 315.038085][ T7] device bridge_slave_1 left promiscuous mode [ 315.059958][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.079065][ T7] device bridge_slave_0 left promiscuous mode [ 315.085325][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 315.103973][T13050] F2FS-fs (loop6): Small segment_count (9 < 1 * 24) [ 315.132268][T13050] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 315.218918][T13050] F2FS-fs (loop6): Found nat_bits in checkpoint [ 315.444175][T13050] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 315.451292][T13050] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 315.673481][T13065] bridge0: port 1(bridge_slave_0) entered blocking state [ 315.681374][T13065] bridge0: port 1(bridge_slave_0) entered disabled state [ 315.689840][T13065] device bridge_slave_0 entered promiscuous mode [ 315.697689][T13065] bridge0: port 2(bridge_slave_1) entered blocking state [ 315.705227][T13065] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.713984][T13065] device bridge_slave_1 entered promiscuous mode [ 315.763345][T10145] attempt to access beyond end of device [ 315.763345][T10145] loop6: rw=2049, want=45104, limit=40427 [ 315.870753][T13088] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue [ 315.901638][T13088] ext4 filesystem being mounted at /1205/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 316.047558][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 316.057540][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 316.074279][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 316.084292][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 316.092805][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 316.099972][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 316.109090][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 316.118218][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 316.124165][T13093] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 316.127047][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 316.143358][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 316.172345][T13093] EXT4-fs (loop3): 1 truncate cleaned up [ 316.178228][T13093] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodiscard,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,dioread_lock,quota,,errors=continue [ 316.196819][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 316.216681][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 316.243562][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 316.287082][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 316.330542][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 316.382880][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 316.404192][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 316.431607][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 316.442367][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 316.463925][T13065] device veth0_vlan entered promiscuous mode [ 316.472880][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 316.500635][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 316.531241][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 316.550467][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 316.577968][T13065] device veth1_macvtap entered promiscuous mode [ 316.621458][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 316.639389][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 316.677996][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 316.693128][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 316.913696][T13111] EXT4-fs (loop3): Ignoring removed bh option [ 316.925872][T13111] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 316.992820][T13111] EXT4-fs (loop3): 1 truncate cleaned up [ 316.998549][T13111] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,resgid=0x0000000000000000,bh,noload,data_err=ignore,noblock_validity,,errors=continue [ 317.623032][T13160] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5743'. [ 317.964450][ T280] usb 2-1: new low-speed USB device number 35 using dummy_hcd [ 318.089616][ T24] kauditd_printk_skb: 60 callbacks suppressed [ 318.089652][ T24] audit: type=1400 audit(2000000005.425:1337): avc: denied { mounton } for pid=13171 comm="syz.3.5748" path="/1168/file1" dev="tmpfs" ino=6021 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 318.203954][ T24] audit: type=1400 audit(2000000005.537:1338): avc: denied { create } for pid=13178 comm="syz.3.5751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 318.229296][T13179] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5751'. [ 318.250159][ T24] audit: type=1400 audit(2000000005.565:1339): avc: denied { write } for pid=13178 comm="syz.3.5751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 318.344199][ T24] audit: type=1400 audit(2000000005.668:1340): avc: denied { create } for pid=13180 comm="syz.3.5752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 318.393842][ T24] audit: type=1400 audit(2000000005.696:1341): avc: denied { ioctl } for pid=13180 comm="syz.3.5752" path="socket:[56990]" dev="sockfs" ino=56990 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 318.445735][ T280] usb 2-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 318.445770][ T24] audit: type=1400 audit(2000000005.696:1342): avc: denied { bind } for pid=13180 comm="syz.3.5752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 318.445822][ T24] audit: type=1400 audit(2000000005.696:1343): avc: denied { write } for pid=13180 comm="syz.3.5752" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 318.483143][ T280] usb 2-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 1024, setting to 8 [ 318.528924][ T24] audit: type=1400 audit(2000000005.705:1344): avc: denied { read } for pid=13182 comm="syz.6.5753" name="event0" dev="devtmpfs" ino=255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 318.541727][ T280] usb 2-1: config 0 interface 0 has no altsetting 0 [ 318.584538][ T280] usb 2-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00 [ 318.584669][ T24] audit: type=1400 audit(2000000005.705:1345): avc: denied { open } for pid=13182 comm="syz.6.5753" path="/dev/input/event0" dev="devtmpfs" ino=255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 318.612668][ T280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.645829][ T280] usb 2-1: config 0 descriptor?? [ 318.686074][T13162] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 318.865742][T13191] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 318.875378][T13191] ext4 filesystem being mounted at /1174/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 318.899734][T13177] F2FS-fs (loop4): invalid crc value [ 318.926590][ T20] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 318.942984][ T24] audit: type=1400 audit(2000000006.229:1346): avc: denied { read } for pid=13190 comm="syz.3.5757" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 318.953911][T13177] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 319.029783][T13177] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0 [ 319.036861][T13177] F2FS-fs (loop4): Start checkpoint disabled! [ 319.045287][T13177] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 319.194055][ T20] usb 7-1: Using ep0 maxpacket: 8 [ 319.207701][ T280] holtek_mouse 0003:04D9:A067.001E: unknown main item tag 0x0 [ 319.226027][ T280] holtek_mouse 0003:04D9:A067.001E: unknown main item tag 0x0 [ 319.244958][ T280] holtek_mouse 0003:04D9:A067.001E: unknown main item tag 0x0 [ 319.264863][ T280] holtek_mouse 0003:04D9:A067.001E: unknown main item tag 0x0 [ 319.283567][ T280] holtek_mouse 0003:04D9:A067.001E: unknown main item tag 0x0 [ 319.300812][ T280] holtek_mouse 0003:04D9:A067.001E: unknown main item tag 0x0 [ 319.316118][ T280] holtek_mouse 0003:04D9:A067.001E: unknown main item tag 0x0 [ 319.322305][ T20] usb 7-1: config 0 has no interfaces? [ 319.332939][ T280] holtek_mouse 0003:04D9:A067.001E: unknown main item tag 0x0 [ 319.353785][ T280] holtek_mouse 0003:04D9:A067.001E: hidraw0: USB HID v0.00 Device [HID 04d9:a067] on usb-dummy_hcd.1-1/input0 [ 319.504709][ T20] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 319.546857][T13203] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 319.568109][ T20] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.576174][ T20] usb 7-1: Product: syz [ 319.632211][ T20] usb 7-1: Manufacturer: syz [ 319.636889][ T20] usb 7-1: SerialNumber: syz [ 319.652753][ T280] usb 2-1: USB disconnect, device number 35 [ 319.692421][ T20] usb 7-1: config 0 descriptor?? [ 319.998627][ T20] usb 7-1: USB disconnect, device number 6 [ 320.716511][T13242] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5774'. [ 320.751841][T13223] F2FS-fs (loop3): invalid crc value [ 320.757403][T13226] F2FS-fs (loop7): invalid crc value [ 320.770041][T13223] F2FS-fs (loop3): Found nat_bits in checkpoint [ 320.778052][T13226] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 320.795158][T13238] EXT4-fs (loop6): invalid inodes per group: 204800 [ 320.795158][T13238] [ 320.910669][T13223] F2FS-fs (loop3): Start checkpoint disabled! [ 320.918781][T13223] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 320.932715][T13226] F2FS-fs (loop7): Cannot turn on quotas: -2 on 0 [ 320.969010][T13226] F2FS-fs (loop7): Start checkpoint disabled! [ 320.981753][T13226] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6 [ 321.093816][ T112] attempt to access beyond end of device [ 321.093816][ T112] loop7: rw=2049, want=45104, limit=40427 [ 321.174259][T13255] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue [ 321.187837][ T9514] attempt to access beyond end of device [ 321.187837][ T9514] loop3: rw=2049, want=40984, limit=40427 [ 321.203276][T13255] ext4 filesystem being mounted at /1121/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 321.717300][T13264] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 321.964569][T13284] netlink: 1076 bytes leftover after parsing attributes in process `syz.7.5789'. [ 321.993910][T13284] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 322.820162][T13318] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue [ 322.835335][T13318] ext4 filesystem being mounted at /17/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 323.460246][T13311] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 323.478322][T13311] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 323.489943][T13311] F2FS-fs (loop1): invalid crc value [ 323.523898][ T24] kauditd_printk_skb: 28 callbacks suppressed [ 323.523932][ T24] audit: type=1400 audit(2000000010.523:1375): avc: denied { create } for pid=13337 comm="syz.3.5812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 323.550782][ T24] audit: type=1400 audit(2000000010.541:1376): avc: denied { connect } for pid=13337 comm="syz.3.5812" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 323.572129][ T24] audit: type=1400 audit(2000000010.541:1377): avc: denied { write } for pid=13337 comm="syz.3.5812" lport=15 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 323.592917][T13311] F2FS-fs (loop1): Found nat_bits in checkpoint [ 323.618580][ T24] audit: type=1400 audit(2000000010.588:1378): avc: denied { read write } for pid=13339 comm="syz.4.5813" name="vhost-vsock" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 323.707422][T13311] F2FS-fs (loop1): Cannot turn on quotas: -2 on 2 [ 323.708788][ T24] audit: type=1400 audit(2000000010.588:1379): avc: denied { open } for pid=13339 comm="syz.4.5813" path="/dev/vhost-vsock" dev="devtmpfs" ino=262 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 323.714483][T13311] F2FS-fs (loop1): Start checkpoint disabled! [ 323.747437][ T24] audit: type=1400 audit(2000000010.635:1380): avc: denied { ioctl } for pid=13339 comm="syz.4.5813" path="/dev/vhost-vsock" dev="devtmpfs" ino=262 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1 [ 323.773475][T13311] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 323.773544][ T24] audit: type=1400 audit(2000000010.644:1381): avc: denied { read } for pid=13341 comm="syz.3.5814" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 323.790926][T13311] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 324.098403][T13358] FAT-fs (loop1): Directory bread(block 64) failed [ 324.112338][T13358] FAT-fs (loop1): Directory bread(block 65) failed [ 324.140343][T13358] FAT-fs (loop1): Directory bread(block 66) failed [ 324.165306][T13358] FAT-fs (loop1): Directory bread(block 67) failed [ 324.189248][T13358] FAT-fs (loop1): Directory bread(block 68) failed [ 324.221153][T13358] FAT-fs (loop1): Directory bread(block 69) failed [ 324.235941][T13358] FAT-fs (loop1): Directory bread(block 70) failed [ 324.261225][T13358] FAT-fs (loop1): Directory bread(block 71) failed [ 324.289478][T13358] FAT-fs (loop1): Directory bread(block 72) failed [ 324.301518][ T24] audit: type=1400 audit(2000000011.243:1382): avc: denied { append } for pid=13367 comm="syz.7.5824" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 324.313867][T13358] FAT-fs (loop1): Directory bread(block 73) failed [ 324.483670][ T24] audit: type=1400 audit(2000000011.411:1383): avc: denied { create } for pid=13372 comm="syz.6.5826" dev="anon_inodefs" ino=58624 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 324.523987][ T24] audit: type=1400 audit(2000000011.439:1384): avc: denied { ioctl } for pid=13372 comm="syz.6.5826" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=58624 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 324.848542][T13393] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 324.857851][T13393] ext4 filesystem being mounted at /1137/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 325.255437][ T646] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 325.453807][T13417] F2FS-fs (loop4): fault_injection options not supported [ 325.467308][T13417] F2FS-fs (loop4): invalid crc value [ 325.477919][T13417] F2FS-fs (loop4): Found nat_bits in checkpoint [ 325.517561][T13430] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 325.572391][T13417] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 325.651219][ T646] usb 4-1: config 0 has an invalid interface number: 64 but max is 0 [ 325.651593][ T278] attempt to access beyond end of device [ 325.651593][ T278] loop4: rw=2049, want=40976, limit=40427 [ 325.659615][ T646] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 325.682955][ T646] usb 4-1: config 0 has no interface number 0 [ 325.836557][T13442] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 325.867951][T13442] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,discard,dioread_nolock,nodioread_nolock,dioread_nolock,minixdf,dioread_nolock, [ 325.869857][ T646] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 325.894148][T13442] ext4 filesystem being mounted at /1227/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.895799][ T646] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 325.913566][ T646] usb 4-1: Product: syz [ 325.940257][ T646] usb 4-1: Manufacturer: syz [ 325.945481][ T646] usb 4-1: SerialNumber: syz [ 325.971154][ T646] usb 4-1: config 0 descriptor?? [ 325.990238][T13442] EXT4-fs error (device loop1): ext4_mb_generate_buddy:808: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 326.007822][T13442] EXT4-fs (loop1): Remounting filesystem read-only [ 326.026936][ T646] uvcvideo: Found UVC 0.00 device syz (046d:0823) [ 326.043108][ T646] uvcvideo: No valid video chain found. [ 326.348234][T13461] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 326.377012][T13461] ext4 filesystem being mounted at /298/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 326.486466][ T296] usb 4-1: USB disconnect, device number 42 [ 327.071586][T13500] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 327.112820][T13500] ext4 filesystem being mounted at /1151/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 327.163918][T13505] syzkaller0: tun_chr_ioctl cmd 2147767506 [ 327.404902][T13482] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12 [ 327.412752][T13482] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 327.463594][T13482] F2FS-fs (loop6): Found nat_bits in checkpoint [ 327.658870][T13482] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 327.666056][T13482] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 328.507160][T13550] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue [ 328.528852][T13550] ext4 filesystem being mounted at /300/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 328.592725][T13558] EXT4-fs (loop4): Ignoring removed nobh option [ 328.619122][T13558] EXT4-fs (loop4): Ignoring removed bh option [ 328.628370][T13558] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 328.638183][T13550] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 328.648176][T13558] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue [ 328.695120][T13496] F2FS-fs (loop1): invalid crc value [ 328.736041][T13496] F2FS-fs (loop1): Found nat_bits in checkpoint [ 328.842446][T13496] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 328.944711][T13572] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 329.390692][T13585] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled [ 329.489012][T13585] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000008,jqfmt=vfsold,quota,,errors=continue [ 329.509161][ T24] kauditd_printk_skb: 81 callbacks suppressed [ 329.509193][ T24] audit: type=1400 audit(2000000016.107:1466): avc: denied { create } for pid=13590 comm="syz.6.5910" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 329.594125][T13585] ext4 filesystem being mounted at /1207/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 329.733783][T13579] F2FS-fs (loop4): invalid crc value [ 329.779605][T13579] F2FS-fs (loop4): Found nat_bits in checkpoint [ 329.800897][ T24] audit: type=1400 audit(2000000016.388:1467): avc: denied { bind } for pid=13610 comm="syz.1.5915" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 329.877683][ T24] audit: type=1400 audit(2000000016.406:1468): avc: denied { node_bind } for pid=13610 comm="syz.1.5915" saddr=172.20.20.0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 329.900474][T13579] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 330.167484][ T24] audit: type=1400 audit(2000000016.724:1469): avc: denied { create } for pid=13627 comm="syz.1.5924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 330.204032][ T24] audit: type=1400 audit(2000000016.724:1470): avc: denied { mount } for pid=13629 comm="syz.3.5922" name="/" dev="ramfs" ino=59112 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 330.235967][ T24] audit: type=1400 audit(2000000016.753:1471): avc: denied { write } for pid=13627 comm="syz.1.5924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 330.257146][ T24] audit: type=1400 audit(2000000016.762:1472): avc: denied { unmount } for pid=279 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 330.528424][T13650] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 330.535847][T13650] IPv6: NLM_F_CREATE should be set when creating new route [ 330.726644][T13657] attempt to access beyond end of device [ 330.726644][T13657] loop6: rw=2049, want=250, limit=128 [ 330.812597][T13657] attempt to access beyond end of device [ 330.812597][T13657] loop6: rw=2049, want=222, limit=128 [ 330.824630][ T24] audit: type=1400 audit(2000000017.342:1473): avc: denied { read } for pid=13670 comm="syz.1.5941" name="rtc0" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 330.864246][ T24] audit: type=1400 audit(2000000017.379:1474): avc: denied { open } for pid=13670 comm="syz.1.5941" path="/dev/rtc0" dev="devtmpfs" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 330.887975][T13657] Buffer I/O error on dev loop6, logical block 110, lost async page write [ 330.927444][ T24] audit: type=1400 audit(2000000017.379:1475): avc: denied { ioctl } for pid=13670 comm="syz.1.5941" path="/dev/rtc0" dev="devtmpfs" ino=258 ioctlcmd=0x7002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 330.966650][T13678] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5945'. [ 331.007357][T13678] netlink: 3 bytes leftover after parsing attributes in process `syz.1.5945'. [ 331.261166][T13699] xt_hashlimit: size too large, truncated to 1048576 [ 331.308988][T13694] EXT4-fs error (device loop4): ext4_free_branches:1026: inode #11: comm syz.4.5952: invalid indirect mapped block 4294967295 (level 1) [ 331.328249][T13694] EXT4-fs error (device loop4): ext4_free_branches:1026: inode #11: comm syz.4.5952: invalid indirect mapped block 4294967295 (level 1) [ 331.350071][T13694] EXT4-fs (loop4): 2 truncates cleaned up [ 331.356021][T13694] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000004004,barrier=0x0000000000000005,,errors=continue [ 331.473549][T13694] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.5952: bg 0: block 5: invalid block bitmap [ 331.535764][T13709] device lo entered promiscuous mode [ 332.364340][T13750] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 332.374905][T13750] EXT4-fs (loop6): orphan cleanup on readonly fs [ 332.398646][T13750] EXT4-fs error (device loop6): __ext4_get_inode_loc:4438: comm syz.6.5975: Invalid inode table block 0 in block_group 0 [ 332.418456][T13750] EXT4-fs (loop6): Remounting filesystem read-only [ 332.445434][T13750] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5933: Corrupt filesystem [ 332.465410][T13750] EXT4-fs error (device loop6): ext4_quota_write:6651: inode #3: comm syz.6.5975: mark_inode_dirty error [ 332.489745][T13750] EXT4-fs error (device loop6): ext4_acquire_dquot:6226: comm syz.6.5975: Failed to acquire dquot type 0 [ 332.512021][T13750] EXT4-fs (loop6): 1 truncate cleaned up [ 332.518075][T13750] EXT4-fs (loop6): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000015,stripe=0x0000000000000000,grpid,errors=remount-ro,data_err=ignore,noblock_validity,minixdf,min_batch_time=0x0000000000000013, [ 332.549317][T13750] EXT4-fs (loop6): shut down requested (1) [ 332.691026][T13766] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5982'. [ 333.044230][T13797] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 333.051161][T13797] syzkaller1: linktype set to 768 [ 333.058075][T13793] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 333.078393][T13793] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 333.252612][ T382] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 333.283461][T13814] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6003'. [ 333.294065][T13814] 8021q: VLANs not supported on lo [ 333.514210][T13823] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 333.577334][T13834] EXT4-fs (loop1): Ignoring removed nobh option [ 333.595609][T13834] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled [ 333.634752][T13834] EXT4-fs error (device loop1): ext4_ext_check_inode:500: inode #11: comm syz.1.6011: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 333.653944][T13834] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.6011: couldn't read orphan inode 11 (err -117) [ 333.666258][T13834] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrjquota=,noload,nobh,jqfmt=vfsv0,acl,data=ordered,errors=continue,quota,,errors=continue [ 333.688761][T13834] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:476: comm syz.1.6011: Invalid block bitmap block 0 in block_group 0 [ 333.702874][T13834] EXT4-fs error (device loop1): ext4_acquire_dquot:6226: comm syz.1.6011: Failed to acquire dquot type 0 [ 333.916476][T13849] EXT4-fs (loop1): Ignoring removed nobh option [ 333.923266][T13849] EXT4-fs (loop1): Ignoring removed bh option [ 333.943687][T13849] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 333.963997][T13849] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000003,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue [ 333.999132][ T296] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 334.015527][T13849] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3342: comm syz.1.6018: Allocating blocks 497-513 which overlap fs metadata [ 334.030127][T13849] EXT4-fs (loop1): pa ffff888140c5e3f0: logic 128, phys. 385, len 8 [ 334.038312][T13849] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4359: group 0, free 0, pa_free 1 [ 334.406728][ T296] usb 7-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 334.418498][ T296] usb 7-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 334.440054][ T296] usb 7-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 334.454979][ T296] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.495234][T13841] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 334.521310][T13881] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6031'. [ 334.738308][ T296] aiptek 7-1:17.0: Aiptek using 400 ms programming speed [ 334.754811][ T296] input: Aiptek as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:17.0/input/input27 [ 334.777184][ T296] usb 7-1: USB disconnect, device number 7 [ 334.783160][ C1] aiptek 7-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 334.872995][ T24] kauditd_printk_skb: 250 callbacks suppressed [ 334.873027][ T24] audit: type=1400 audit(2000000022.125:1722): avc: denied { create } for pid=13903 comm="syz.3.6042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 334.899516][ T24] audit: type=1400 audit(2000000022.125:1723): avc: denied { connect } for pid=13903 comm="syz.3.6042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 334.930334][ T24] audit: type=1400 audit(2000000022.125:1724): avc: denied { listen } for pid=13903 comm="syz.3.6042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 334.960302][ T24] audit: type=1400 audit(2000000022.125:1725): avc: denied { accept } for pid=13903 comm="syz.3.6042" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 335.011178][T13912] netlink: 'syz.3.6045': attribute type 3 has an invalid length. [ 335.108469][T13914] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue [ 335.117647][T13914] ext4 filesystem being mounted at /1238/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 335.135580][T13914] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.6046: corrupted xattr block 33 [ 335.147846][T13914] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 335.157055][T13914] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.6046: corrupted xattr block 33 [ 335.169250][T13914] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 335.187968][ T24] audit: type=1400 audit(2000000022.425:1726): avc: denied { read } for pid=13913 comm="syz.3.6046" name="file1" dev="loop3" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 335.224138][T13920] EXT4-fs error (device loop3): ext4_xattr_block_get:546: inode #15: comm syz.3.6046: corrupted xattr block 33 [ 335.254984][T13920] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 335.316538][T13922] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable,usrjquota=,quota,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,,errors=continue [ 335.363947][T13931] netlink: 'syz.6.6051': attribute type 3 has an invalid length. [ 335.375974][ T24] audit: type=1400 audit(2000000022.602:1727): avc: denied { map } for pid=13921 comm="syz.1.6048" path="/1273/file0/hugetlb.2MB.usage_in_bytes" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 335.458734][ T24] audit: type=1400 audit(2000000022.677:1728): avc: denied { unlink } for pid=13932 comm="syz.7.6053" name="#d" dev="tmpfs" ino=253 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1 [ 335.702727][ T24] audit: type=1326 audit(2000000022.911:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13945 comm="syz.6.6060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 335.756008][ T24] audit: type=1326 audit(2000000022.911:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13945 comm="syz.6.6060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 335.822968][ T24] audit: type=1326 audit(2000000022.930:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13945 comm="syz.6.6060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f12fca27929 code=0x7ffc0000 [ 335.849712][T13952] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodiscard,usrjquota=,errors=remount-ro,sb=0x000000000000002b,max_batch_time=0x0000000000000005,sysvgroups,minixdf,barrier=0x0000000000000000,nombcache,bsddf, [ 336.181395][ T15] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 336.395149][ T7066] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 336.448540][ T15] usb 4-1: Using ep0 maxpacket: 8 [ 336.576868][ T15] usb 4-1: config 0 has no interfaces? [ 336.748012][ T15] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 336.757230][ T15] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 336.765761][ T15] usb 4-1: Product: syz [ 336.770180][ T15] usb 4-1: Manufacturer: syz [ 336.774820][ T15] usb 4-1: SerialNumber: syz [ 336.779996][ T7066] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 336.789793][ T7066] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 336.803170][ T7066] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 336.812813][ T15] usb 4-1: config 0 descriptor?? [ 336.817896][ T7066] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 336.827349][ T7066] usb 2-1: config 0 descriptor?? [ 337.089627][ T15] usb 4-1: USB disconnect, device number 43 [ 337.140075][T14000] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6082'. [ 337.276037][T14005] EXT4-fs error (device loop4) in ext4_do_update_inode:5336: error 27 [ 337.284829][T14005] EXT4-fs error (device loop4): ext4_dirty_inode:6143: inode #3: comm syz.4.6084: mark_inode_dirty error [ 337.297528][T14005] EXT4-fs error (device loop4) in ext4_do_update_inode:5336: error 27 [ 337.306352][T14005] EXT4-fs error (device loop4): __ext4_ext_dirty:182: inode #3: comm syz.4.6084: mark_inode_dirty error [ 337.318691][T14005] EXT4-fs error (device loop4): ext4_acquire_dquot:6226: comm syz.4.6084: Failed to acquire dquot type 0 [ 337.330665][ T7066] kovaplus 0003:1E7D:2D50.001F: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.1-1/input0 [ 337.333313][T14005] EXT4-fs (loop4): 1 orphan inode deleted [ 337.349597][T14005] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue [ 337.358976][T14005] ext4 filesystem being mounted at /1207/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 337.784927][ T7066] kovaplus 0003:1E7D:2D50.001F: couldn't init struct kovaplus_device [ 337.790573][T14023] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 337.804041][ T7066] kovaplus 0003:1E7D:2D50.001F: couldn't install mouse [ 337.835456][T14029] syz.7.6094[14029] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 337.835580][T14029] syz.7.6094[14029] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 337.861160][ T7066] kovaplus: probe of 0003:1E7D:2D50.001F failed with error -71 [ 337.922498][ T7066] usb 2-1: USB disconnect, device number 36 [ 337.985330][T14032] fido_id[14032]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 338.039610][T14034] incfs: Options parsing error. -22 [ 338.047560][T14034] incfs: mount failed -22 [ 338.462131][T14053] EXT4-fs (loop3): Test dummy encryption mode enabled [ 338.498573][T14053] ================================================================== [ 338.506755][T14053] BUG: KASAN: use-after-free in __ext4_iget+0x36d/0x40e0 [ 338.513845][T14053] Read of size 8 at addr ffff88811a6d1ee8 by task syz.3.6105/14053 [ 338.521768][T14053] [ 338.524166][T14053] CPU: 1 PID: 14053 Comm: syz.3.6105 Not tainted 5.10.239-syzkaller #0 [ 338.532461][T14053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 338.542572][T14053] Call Trace: [ 338.545923][T14053] __dump_stack+0x21/0x24 [ 338.550309][T14053] dump_stack_lvl+0x169/0x1d8 [ 338.555040][T14053] ? show_regs_print_info+0x18/0x18 [ 338.560310][T14053] ? thaw_kernel_threads+0x220/0x220 [ 338.565663][T14053] ? _raw_spin_lock+0x8e/0xe0 [ 338.570428][T14053] print_address_description+0x7f/0x2c0 [ 338.576037][T14053] ? __ext4_iget+0x36d/0x40e0 [ 338.580784][T14053] kasan_report+0xe2/0x130 [ 338.585269][T14053] ? __ext4_iget+0x36d/0x40e0 [ 338.590014][T14053] __asan_report_load8_noabort+0x14/0x20 [ 338.595738][T14053] __ext4_iget+0x36d/0x40e0 [ 338.600310][T14053] ? idr_replace+0x190/0x190 [ 338.604966][T14053] ? __kasan_check_write+0x14/0x20 [ 338.610287][T14053] ? _raw_write_lock+0x8e/0xe0 [ 338.615130][T14053] ? _raw_write_trylock+0x140/0x140 [ 338.620405][T14053] ? __proc_create+0x564/0x8d0 [ 338.625222][T14053] ? __kasan_check_write+0x14/0x20 [ 338.630405][T14053] ? ext4_get_projid+0x140/0x140 [ 338.635492][T14053] ? _raw_write_unlock+0x2b/0x60 [ 338.640512][T14053] ? proc_register+0x34d/0x4e0 [ 338.645454][T14053] ext4_enable_quotas+0x33b/0x6d0 [ 338.650570][T14053] ext4_fill_super+0x82a9/0x8b60 [ 338.655602][T14053] ? ext4_mount+0x40/0x40 [ 338.659990][T14053] ? set_blocksize+0x1fe/0x3c0 [ 338.664823][T14053] ? sb_set_blocksize+0xaa/0xf0 [ 338.669748][T14053] mount_bdev+0x28b/0x3a0 [ 338.674135][T14053] ? ext4_mount+0x40/0x40 [ 338.678522][T14053] ext4_mount+0x34/0x40 [ 338.682738][T14053] legacy_get_tree+0xed/0x190 [ 338.687471][T14053] ? ext4_chksum+0x160/0x160 [ 338.692131][T14053] vfs_get_tree+0x89/0x260 [ 338.696606][T14053] do_new_mount+0x25a/0xa20 [ 338.701267][T14053] path_mount+0x572/0xc80 [ 338.705672][T14053] __se_sys_mount+0x318/0x380 [ 338.710422][T14053] ? __x64_sys_mount+0xd0/0xd0 [ 338.715243][T14053] ? debug_smp_processor_id+0x17/0x20 [ 338.720684][T14053] __x64_sys_mount+0xbf/0xd0 [ 338.725342][T14053] do_syscall_64+0x31/0x40 [ 338.729820][T14053] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 338.735772][T14053] RIP: 0033:0x7f8a31a130ca [ 338.740244][T14053] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.759909][T14053] RSP: 002b:00007f8a30079e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 338.768394][T14053] RAX: ffffffffffffffda RBX: 00007f8a30079ef0 RCX: 00007f8a31a130ca [ 338.776441][T14053] RDX: 0000200000000100 RSI: 0000200000000280 RDI: 00007f8a30079eb0 [ 338.784485][T14053] RBP: 0000200000000100 R08: 00007f8a30079ef0 R09: 0000000000000000 [ 338.792598][T14053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000280 [ 338.800649][T14053] R13: 00007f8a30079eb0 R14: 0000000000000ba6 R15: 00002000000003c0 [ 338.808678][T14053] [ 338.811066][T14053] Allocated by task 13226: [ 338.815537][T14053] __kasan_slab_alloc+0xbd/0xf0 [ 338.820454][T14053] slab_post_alloc_hook+0x5d/0x2f0 [ 338.825712][T14053] kmem_cache_alloc+0x165/0x2e0 [ 338.831069][T14053] f2fs_alloc_inode+0x26/0x410 [ 338.835898][T14053] iget_locked+0x146/0x7d0 [ 338.840365][T14053] f2fs_iget+0x55/0x4dc0 [ 338.844670][T14053] f2fs_fill_super+0x468e/0x6c70 [ 338.849676][T14053] mount_bdev+0x28b/0x3a0 [ 338.854074][T14053] f2fs_mount+0x34/0x40 [ 338.858293][T14053] legacy_get_tree+0xed/0x190 [ 338.863024][T14053] vfs_get_tree+0x89/0x260 [ 338.867503][T14053] do_new_mount+0x25a/0xa20 [ 338.872056][T14053] path_mount+0x572/0xc80 [ 338.876446][T14053] __se_sys_mount+0x318/0x380 [ 338.881175][T14053] __x64_sys_mount+0xbf/0xd0 [ 338.885824][T14053] do_syscall_64+0x31/0x40 [ 338.890297][T14053] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 338.896228][T14053] [ 338.898616][T14053] Last potentially related work creation: [ 338.904395][T14053] kasan_save_stack+0x3a/0x60 [ 338.909130][T14053] __kasan_record_aux_stack+0xd2/0x100 [ 338.914644][T14053] kasan_record_aux_stack_noalloc+0xb/0x10 [ 338.920517][T14053] call_rcu+0x105/0x1040 [ 338.924812][T14053] evict+0x857/0x910 [ 338.928761][T14053] evict_inodes+0x5d4/0x640 [ 338.933325][T14053] generic_shutdown_super+0x96/0x320 [ 338.938677][T14053] kill_block_super+0x7f/0xf0 [ 338.943413][T14053] kill_f2fs_super+0x2e7/0x390 [ 338.948228][T14053] deactivate_locked_super+0xa0/0x100 [ 338.953674][T14053] deactivate_super+0xaf/0xe0 [ 338.958436][T14053] cleanup_mnt+0x446/0x500 [ 338.962900][T14053] __cleanup_mnt+0x19/0x20 [ 338.967379][T14053] task_work_run+0x127/0x190 [ 338.972023][T14053] exit_to_user_mode_loop+0xcb/0xe0 [ 338.977276][T14053] syscall_exit_to_user_mode+0x68/0x90 [ 338.982796][T14053] do_syscall_64+0x3d/0x40 [ 338.987278][T14053] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 338.993204][T14053] [ 338.995579][T14053] Second to last potentially related work creation: [ 339.002221][T14053] kasan_save_stack+0x3a/0x60 [ 339.006952][T14053] __kasan_record_aux_stack+0xd2/0x100 [ 339.012463][T14053] kasan_record_aux_stack_noalloc+0xb/0x10 [ 339.018329][T14053] call_rcu+0x105/0x1040 [ 339.022631][T14053] evict+0x857/0x910 [ 339.026581][T14053] evict_inodes+0x5d4/0x640 [ 339.031135][T14053] generic_shutdown_super+0x96/0x320 [ 339.036471][T14053] kill_block_super+0x7f/0xf0 [ 339.041208][T14053] kill_f2fs_super+0x2e7/0x390 [ 339.046123][T14053] deactivate_locked_super+0xa0/0x100 [ 339.051562][T14053] deactivate_super+0xaf/0xe0 [ 339.056306][T14053] cleanup_mnt+0x446/0x500 [ 339.060771][T14053] __cleanup_mnt+0x19/0x20 [ 339.065237][T14053] task_work_run+0x127/0x190 [ 339.069884][T14053] exit_to_user_mode_loop+0xcb/0xe0 [ 339.075132][T14053] syscall_exit_to_user_mode+0x68/0x90 [ 339.080643][T14053] do_syscall_64+0x3d/0x40 [ 339.085131][T14053] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 339.091065][T14053] [ 339.093453][T14053] The buggy address belongs to the object at ffff88811a6d19c0 [ 339.093453][T14053] which belongs to the cache f2fs_inode_cache of size 1520 [ 339.108104][T14053] The buggy address is located 1320 bytes inside of [ 339.108104][T14053] 1520-byte region [ffff88811a6d19c0, ffff88811a6d1fb0) [ 339.121587][T14053] The buggy address belongs to the page: [ 339.127297][T14053] page:ffffea000469b400 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88811a6d4d40 pfn:0x11a6d0 [ 339.138891][T14053] head:ffffea000469b400 order:3 compound_mapcount:0 compound_pincount:0 [ 339.147277][T14053] flags: 0x4000000000010200(slab|head) [ 339.152811][T14053] raw: 4000000000010200 dead000000000100 dead000000000122 ffff8881029ce780 [ 339.161475][T14053] raw: ffff88811a6d4d40 0000000080130011 00000001ffffffff 0000000000000000 [ 339.170115][T14053] page dumped because: kasan: bad access detected [ 339.176568][T14053] page_owner tracks the page as allocated [ 339.182365][T14053] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0x1d2050(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 321, ts 34801343911, free_ts 0 [ 339.202897][T14053] prep_new_page+0x179/0x180 [ 339.207551][T14053] get_page_from_freelist+0x2235/0x23d0 [ 339.213168][T14053] __alloc_pages_nodemask+0x268/0x5f0 [ 339.218602][T14053] new_slab+0x84/0x3f0 [ 339.222741][T14053] ___slab_alloc+0x2a6/0x450 [ 339.227390][T14053] __slab_alloc+0x63/0xa0 [ 339.231776][T14053] kmem_cache_alloc+0x1af/0x2e0 [ 339.236700][T14053] f2fs_alloc_inode+0x26/0x410 [ 339.241519][T14053] iget_locked+0x146/0x7d0 [ 339.245988][T14053] f2fs_iget+0x55/0x4dc0 [ 339.250292][T14053] f2fs_fill_super+0x39f0/0x6c70 [ 339.255281][T14053] mount_bdev+0x28b/0x3a0 [ 339.259660][T14053] f2fs_mount+0x34/0x40 [ 339.263896][T14053] legacy_get_tree+0xed/0x190 [ 339.268627][T14053] vfs_get_tree+0x89/0x260 [ 339.273104][T14053] do_new_mount+0x25a/0xa20 [ 339.277641][T14053] page_owner free stack trace missing [ 339.283060][T14053] [ 339.285426][T14053] Memory state around the buggy address: [ 339.291107][T14053] ffff88811a6d1d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 339.299219][T14053] ffff88811a6d1e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 339.307346][T14053] >ffff88811a6d1e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 339.315461][T14053] ^ [ 339.322974][T14053] ffff88811a6d1f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 339.331204][T14053] ffff88811a6d1f80: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc [ 339.339321][T14053] ================================================================== [ 339.347532][T14053] Disabling lock debugging due to kernel taint [ 339.362716][ T9514] Bluetooth: hci0: Frame reassembly failed (-84) [ 339.407539][T14053] EXT4-fs warning (device loop3): ext4_enable_quotas:6491: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix. [ 339.432859][T14053] EXT4-fs (loop3): mount failed [ 341.580249][ T280] Bluetooth: hci0: command 0x1003 tx timeout [ 341.586392][T12257] Bluetooth: hci0: sending frame failed (-49) [ 343.803812][ T296] Bluetooth: hci0: command 0x1001 tx timeout [ 343.809949][T12257] Bluetooth: hci0: sending frame failed (-49) [ 346.027421][ T7066] Bluetooth: hci0: command 0x1009 tx timeout