last executing test programs: 10m48.48868433s ago: executing program 32 (id=940): unshare(0x26020480) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000280), 0x206100, 0x0) io_uring_setup(0x1b78, &(0x7f0000000040)={0x0, 0x973, 0x20, 0x8000, 0x103, 0x0, r0}) 10m42.118611811s ago: executing program 33 (id=974): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000b40)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000b00)={0xffffffffffffffff}, 0x2, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r1}}, 0x20) 10m37.695194317s ago: executing program 34 (id=990): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = semget$private(0x0, 0x4, 0x200) semctl$IPC_RMID(r0, 0x0, 0x0) 9m37.772424266s ago: executing program 35 (id=1373): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x5, 0x6, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 9m2.808446438s ago: executing program 36 (id=1580): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f00000002c0)='./file0\x00', 0x1200082, &(0x7f0000000500)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c6572726f72733d636f6e74696e75652c757466382c756d61736b3d30303030303030303030303030303030303032313632362c696f636861727365743d63703935302c646973636172642c616c6c6f775f7574696d653d3030303030303030352c6572726f72733d72656d6f756e742d726f2c646973636172642c00d50194377d24b5953951fbb0e6d2204f459a2129e54509e955e3ac3e9dd76061aeb341a8ae53564e806289fad8cab1be25d1de2b9d46be57d2e9c2ded432413ab147de643c400dba4f15a90c962bcd8d805d7d5f57"], 0x5, 0x1531, &(0x7f0000002f80)="$eJzs3AuYjlX3MPC19t43Y5r0NMlh2Huvm4cG2yRJDklySJIkSc4JSZMkCYkhp6QhCTlOksMQksPEpHE+H3JOkleSJCEhyf6uKX3+b/3fq/7f2/t5/++s33Xd1+w1z7PWs+5nzTX34blmvu42vFaT2tUbERH8U/CXLykAEAMAgwHgGgAIAKB8fPn47MfzSEz5516E/bUeTL/SHbArieefs/H8czaef87G88/ZeP45G88/Z+P552w8f8Zysq0zC13LW87dLt3/jwG+/58D8fE/Z+P5/8fw3vf5Hyfx/HM2nn/OxvPP2Xj+ORvPP2fj+ecs9jcxz5+xnOwvuY+c+1Kxf/gc8b/5c4Zf36p/sk7x4Jcy/6o+g/+nvCv0Y8cYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLIc55y9TAPDr+kr3xRhjjDHGGGOMsb+Oz32lO2CMMcYYY4wxxti/HgIoCQoCyAW5IQbyQCxcBXFwNeSFayAC10I8XAf54HrIDwWgIBSCBCgMRUCDAQsEIRSFYhCF4lACboBEKAmloDQ4KANJcCOUhZugHNwM5eEWqAC3QkWoBJWhCtwGVeF2qAZ3QHW4E2pATagFteEuqIN3Q124B+rBvVAf7oMGcD80hAegETwIjeEhaAIPQ1NoBs2hBbSEVtD6t/nwZ/Kfh17wAvSGPpACfaEfvAj9YQAMhEEwGF6CIfAyDIVXIBWGwXB4FUbAazASXodRMBrGwBswFsbBeJgAE2ESpMGbMBneginwNkyFaTAdZkA6zIRZ8A7MhjkwF96FefAezIcFsBAWQQa8D4thCWTCB7AUPoQsWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFb4CLbBdtgBO2EX7IY98DHshU9gH3wK++Gz/2H+2d/kd0dAQIECFSrMhbkwBmMwFmMxDuMwL+bFCEYwHuMxH+bD/JgfC2JBTMAELIJF0KBBQsKiWBSjGMUSWAITMRFLYSl06DAJk7As3oTlsByWx/JYAStgRayElbAKVsGqWBWrYTWsfusCAKyBtbAW3oV34d1YF+tiPayH9bE+NsAG2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2xtbYBttgW2yL7bE9dsAO2BE7YjImYyfshJ2xM3bBLtgVu2I37IbdsQf2wOfxeXwBX8A+WEP0xX7YD/tjfxyIg3AQvoRD8GV8GV/BVByGw/FVfBVfw5F4BkfhaByDY7CqGIfjcQKSmIRpmIaTcTJOwSk4FafhNJyB6TgTZ+EsnI1zcA6+i/PwPXwPF+ACXIQZmIGLcQlmYiYuxbOYhctwOa7AlQC4EtfgWlyD63EDrsdNuAm34Bb8CD/C7bgdd+JO3I278WP8GD/BTzAVmwHAATyAB/EgHsJDeBgP4xE8gkfxKB7DY3gcj+MJPImn8CSextN4Bs/iOTyH5/E8XsBnE75svLvkulQQ2ZRQIpfIJWJEjIgVsSJOxIm8Iq+IiIiIF/Ein8gn8ov8oqAoKBJEgigiiggjjCARiqKiqIiKqCghSohEkShKiVKir3AiSSSJsqKsKCfKifLiFlFB3Coqikqinasiqoiqor2rJu4Q1UV1UUPUFLVEbVFb1BF1RF1RV9QT9UR9UV8oAGgo+uJAfFBkT6aJGIZNxXBsLlqIlqKVeA0fEW3ESGwr2on24jExGkdhR9HGJYsnRScxHjuLp8UEfEZ0FZOwm3hOdBc9RE/xvOgl2rreoo+Yin1FPzED+4sBYqAYJGZjTZE9sVriFZEqhonh4lWxCF8TI8XrYpQYLcaIN8RYMU6MFxPERDFJpIk3xWTxlpgi3hZTxTQxXcwQ6WKmmCXeEbPFHDFXvCvmiffEfLFALBSLRIZ4XywWS0Sm+EAsFR+KLLFMLBcrxEqxSqwWa8RasU6sFxvERrFJbBZbxFbxkdgmtosdYqfYJXaLPeJjsVd8IvaJT8V+8Zk4IP4mDorPxSHxhTgsvhRHxFfiqPhaHBPfiOOijzghTopT4jtxWnwvzoiz4pz4QZwXP4oL4idxUXgBEqWQUioZyFwyt4yReWSsvErGyatlXnmNjMhrZby8TuaT18v8soAsKAvJBFlYFpFaGmklyVAWlcVkVBaXJeQNMlGWlKVkaelkGZkkb5Rl5U2ynLxZlpe3yAryVllRVpKVZRV5m6wqb5fV5B2yurxT1pA1ZS1ZW94l68i7ZV15j6wn75X15X2ygbxfNpQPyEbyQdlYPiSbyIdlU9lMNpctZEvZSraWj8g28lHZVraT7eVjsoN8XHaUT8hk+aTsJJ+SneXTsot8RnaVz8pu8jnZXfaQPeVP8qL0srfsI1NkX9lPvij7y+xj4SA5WL4kh8iX5VD5ikyVw+Rw+aocIV+TI+XrcpQcLcfIN+RYOU6OlxPkRDlJpsk35WT5lpwi35ZT5TQ5Xc6Q6XKmHHip0tw/kf/Wr/kefzkky5lyaEqqHJayRW6VH8ltcrvcIXfKXXK33CP3yL1yr9wn98n9cr88IA/Ig/KgPCQPycPysDwij8ij8qg8Jo/J4/K4PCFPyh/kd/K0/F6ekWflWfmDPC/PywuX3gNQqISSSqlA5VK5VYzKo2LVVSpOXa3yCgBQ16p4dZ3Kp65X+VUBVVAVUgmqsCqitDLKKlKhKqqKqagqrkqoG1SiKqlKqdLKqTIqSd2oIv9k/t/3J3/tb8X0X94p1Vq1Vm1UG9VWtVXtVXvVQXVQHVVHlaySVSfVSXVWnVUX1UV1VV1VN9VNdVfdVU/VU/VSvVRvBJWiUlQ/9aLqrwaogWqQGqxeUkPUEDVUDVWpKlUNV8PVCDVCjVQj1Sg1So1RY9RYNVaNV+PVRDVRpak0NVlNVlPUFDVVTVXT1XSVrtLVLDVLzVaz1Vw1V81T89R8NV8tVAtVhspQi9Vilaky1VK1VGWpZWqZWqFWqFVqlVqj1qh1ap3aoDaoTWqTylJb1Va1TW1TO9QOtUvtUnvUHrVX7VX71D61X+1XB9QBdVAdVIfUIXVYHVZH1BF1VB1Vx9QxdVwdVyfUCXVKnVKn1Wl1Rp1R59Q5dV6dVxfUBXVRXcw+7QtEIAIVqCBXkCuICWKC2CA2iAvigrxB3iASRIL4ID7IF1wf5A8KBAWDQkFCUDgoEujABDagIAyKBsWCaFA8KBHcECQGJYNSQenABWWCpODGoGxwU1AuuDkoH9wSVAhuDSoGlYLKQZXgtqBqcHtQLbgjqB7cGdQIaga1gtrBXUGd4O6gbnBPUC+4N6gf3Bc0CO4PGgYPBI2CB4PGwUNBk+DhoGnQLGgetAhaBq2C1n9Vfcyu7/2ZAo+63rqPzg19dT/9ou6vB+iBepAerF/SQ/TLeqh+RafqYXp4zKt6hH5Nj9Sv61F6tB6j39Bj9Tg9Xk/QE/Uknabf1JP1W3qKfltP1dP0dD1Dp+uZepZ+R8/Wc/Rc/a6ep9/T8/UCvVAv0hn6fb1YL9GZ+gO9VH+os/QyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1R3qb3q536J16l96t9+iP9V79id6nP9X79Wf6gP6bPqg/14f0F/qw/lIf0V/po/prfUx/o4/rb/UJfVKf0t/p0/p7fUaf1ef0D/q8/lFf0D/pi9pnn9xnH96NMsrkMrlMjIkxsSbWxJk4k9fkNRETMfEm3uQz+Ux+k98UNAVNgkkwRUwRk40MmaKmqImaqClhSphEk2hKmVLGGWeSTJIpa8qacqacKW/KmwqmgqloKprKprK5zdxmbje3mzvMHeZOc6epaWqa2qa2qWPqmLqmrqln6pn6pr5pYBqYhqahaWQamcamsWlimpimpqlpbpqblqalaW1amzamjWlr2pr2pr3pYDqYjqajSTbJppPpZDqbzqaL6WK6mq6mm+lmupvupqfpaXqZXqa36W1STIrpZ/qZ/qa/GWgGmsFmsBlihpihZqhJNalmuBluRpgRZqQZaUaZ0WaMecOMNePMeDPBTDSTTJpJM5PNZDPFTDFTzVQz3Uw36SbdzDKzzGwz28w1c808M8/MN/PNQrPQZJgMs9gsNpkm0yw1S02WyTLLzXKz0qw0q81qs9asNevNerPRbDSbzWaz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQRMDh8xhc9gcMUfMUXPUHDPHzHFz3JwwJ8wpc8qcNqfNGXPGnDPnzHnzo7lgfjIXjTcxNo+NtVfZOHu1zWuvsb+NC9pCNsEWtkWstvltgb+LjbU20Za0pWxp62wZm2Rv/F1c0VaylW0Ve5utam+31X4X17F327r2HlvP3mtr27v+Lq5v77MN7MO2oW1mG9kWtrFtZZvYh21T28w2ty1sS9vKdrCP2472CZtsn7Sd7FO/ixfbJXatXWfX2w12r/3EnrM/2KP2a3ve/mh72z52sH3JDrEv26H2FZtqh/0uHmPfsGPtODveTrAT7aTfxdPtDJtuZ9pZ9h072875XZxh37fzbKadbxfYhXbRz3F2T5n2A7vUfmiz7DK73K6wK+0qu9qu+b+9rrCb7Ga7xe6xH9ttdrvdYXfaXXb3z3H2fuyzn9r99jN7xH5lD9rP7SF7zB62X/4cZ+/fMfuNPW6/tSfsSXvKfmdP2+/tGXv25/3P3vfv7E/2ovUWCEmQJEUB5aLcFEN5KJauoji6mvLSNRShaymerqN8dD3lpwJUkApRAhWmIqTJkCWikIpSMYpScSpBN1AilaRSVJoclaEkupHK0k1Ujm6m8nQLVaBbqSJVospUhW6jqnQ7VaM7qDrdSTWoJtWi2nQX1aG7qS7dQ/XoXqpP91EDup8a0gPUiB6kxvQQNaGHqSk1o+bUglpSK2pNj1AbepTaUjtqT49RB3qcOtITlExPUid6ijrT09SFnqGu9Cx1o+eoO/WgnvQ89aIXqDf1oRTqS/3oRepPA2ggDaLB9FINAKCh9Aql0jAaTq/SCHqNRtLrNIpG0xh6g8bSOBpPE2giTaI0epMm01s0hd6mqTSNptMMSqeZNIveodk0h+bSuzSP3qP5tIAW0iLKoPdpMS2hTPqAltKHlEXLaDmtoJW0ilbTGp8bgNbTBtpIm2gzbaGt9BFto+2EtJN20W7aQx/TXvqE9tGntJ8+owOEeJA+p0P0BR2mL+kIfUVH6Ws6Rt/QcfqWTtBJOkXf0Wn6ns7QWTpHP9B5+pEu0E90kTxBiKEIZajCIMwV5g5jwjxhbHhVGBdeHeYNrwkj4bVhfHhdmC+8PswfFggLhoXChLBwWCTUoQltSGEYFg2LhdGweFgivCFMDEuGpcLSoQvLhEnhjWHZ8KawXHhzWD68JawQ3hpWDCuFD99bJbwtrBreHlYL7wirh3eGNcKaYa2wdnhXWCe8O6wb3hPWC+8Ny4X3hQ3C+8OG4QNho/DBsHH4UNgkfDhsGjYLm4ctwpZhq7B1+EjYJnw0bBu2C9uHj4UdwsfDjuETYXL4ZNgpfOoPH08J+4b9whfDF0Pv75ELo4uiGdH3o4ujS6KZ0Q+iS6MfRrOiy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Kbo1ui3tfODQ6dcNIpF7hcLreLcXlcrLvKxbmrXV53jYu4a128u87lc9e7/K6AK+gKuQRX2BVx2hlnHbnQFXXFXNQVdyXcDS7RlXSlXGnnXBmX5Fq51q61a+MedW1dO9fePeYec4+7x90T7gn3pOvknnKd3dOui3vGdXXPumfdc6676+F6uuddL/eC6+36uBSX4vq5fq6/6+8GuoFusBvshrghbqgb6lJdqhvuhrsRboQb6Ua6UW6UG+PGuLFurBvvxruJfqJLc2luspvsprgpbqqb6qa76S7dpbtZbpab7Wa7uW6um5c4z813891Ct9BluAy32C12mS7TLXVLXZbLcsvdcrfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Da3w+1wu9wut8ftcXvdXrfP7XP73X53wB04591Bd8h94Q67L90R95U76r52x9w37rj71p1wJ90p95077b53Z9xZd8794M67H90F95O76LxLi7wZmRx5KzIl8nZkamRaZHpkRiQ9MjMyK/JOZHZkTmRuBGFe5L3I/MiCyMLIokhG5P3I4siSSGbkg8jSyIeRrMiyyPLIisjKyKqI94W3hb6oL+ajvrgv4W/wib6kL+VLe+fL+CR/oy/rb/Ll/M2+vL/FV/C3+oq+kq/sm/nmvoVv6Vv51v4R38Y/6tv6dr69f8x38I/7jv4Jn+yf9J38U76zf9p38c/4rv5Z380/57v7Hr6nf9738i/43r6PT/F9fT//ou/vB/iBfpAf7F/yQ/zLfqh/xaf6YX64f9WP8K/5kf51P8qP9mP8G36sH+fH+wl+op/k0/ybfrJ/y0/xb/upfpqf7mf4dD/Tz/Lv+Nl+jp/r3/Xz/Ht+vl/gF/pFPsO/7xf7JT7Tf+CX+g99ll/ml/sVHmJW+dV+jV/r1/n1foPf6Df5zX6L3+o/8tv8dr/D7/S7/G6/x3/s9/pP/D7/qd/vP/MH/N/8Qf+5P+S/8If9l/6I/8of9V/7Y/4bf9x/60/4k/6U/86f9t/7M/6sP+d/8Of9j/6C/8lf5L9ZY4wxxhj7U+QfPN73v/meuLRl6wcAV28vdPi3NTfm/2U9QCR0iADAk326PXjp042UGjVSUlIuPTdLQlBsAQBELufngsvxMmgPj0MytIOy/21/A0SP83Sp/q/bb+tHbwGI/S85MXA5vlz/pn9Qf9y8P6y/ACCx2OWcPHA5vly/3D+oX6DNH9TP83kaQNv/khMHl+PL9ZPgUXgKkv9ooL848KeexRhjjDHGGGPsP8YAUbnLH13fZl+fJ6jLObnhcvxH1+c/+3PXpIwxxhhjjDHGGPsXeaZHzyceSU5u1+VKLQCu5Kvz4s8scv17tPEftpD/Hm38o8WV/s3EGGOMMcYY+6tdPum/0p0wxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM51/+Pfyd2pfeRMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu9L+TwAAAP//tVgiNQ==") mount$nfs(&(0x7f0000000100)='...', &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0) mount$nfs(&(0x7f0000000100)='...', &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0) mount$nfs(&(0x7f0000000100)='...', &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0) 9m0.649580656s ago: executing program 37 (id=1588): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) dup3(r1, r0, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e) 8m39.131827244s ago: executing program 8 (id=1700): socket(0xa, 0x3, 0x3a) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x3a, 0x1, &(0x7f0000000100), 0x4) syz_emit_ethernet(0x66, &(0x7f00000068c0)={@link_local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\a\x00', 0x30, 0x3a, 0x0, @local, @mcast2, {[], @dest_unreach={0x1, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "0100", 0x0, 0x0, 0x0, @mcast2, @loopback}}}}}}}, 0x0) 8m38.769179139s ago: executing program 8 (id=1703): sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) sendfile(r0, r1, 0x0, 0x201f00) 8m37.574594065s ago: executing program 8 (id=1713): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000640)=@newqdisc={0x58, 0x24, 0xf0b, 0x1e000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7, 0x8, 0x4, 0x1, 0x0, 0x1, 0xfffff1a3}}, {0x4}}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x40}, 0x20000810) 8m37.067411656s ago: executing program 8 (id=1715): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0) stat(&(0x7f0000000240)='./file0/file0/file0\x00', &(0x7f0000000540)) 8m36.652104494s ago: executing program 8 (id=1719): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000000, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d0, &(0x7f0000001500)="$eJzs3c9vHGcZB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9K7HXDnw+0XjemXfed5555p0Z7zqrDfB/6/qFNB+myPULbyyXy2urs+211dkX6up2krLcSJrdWYq7SfEomSvri74pffMtPl689tZnj9c+7y4166nafmyndkMM2XalnjJd9zc9tOX4XnexUoeXF5PcqOeDJvba18CGZdLO13M4cp0tVvbTfD/XLXDM9J5ORfe5ucVUciLJZP17QOq7Q2N0ER6Ofd3lAAAA4Dn16b2jjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeP/X3/xf11KjnmU7R+/7/id66unwMze15y4eHGgcAAAAAAAAAjMbXn+RJlnOyt9wpqr/5n6sWTueLTvKlvJ8HWcj9XMxy5rOUpdzP5SRTfR1NLM8vLd2/vN6yNLzllaEtr4zqiAEAAAAAAADgf9Iv09r4+z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwHRTLWnVXT6XqeqTSa2ajLSvLPJBNHHe8+FMNWPhx9HAAAAPBMJp+izZef5EmWc7K33Cmq1/xfqV4vT+b93M1SFrOUdhZys34NXb7qb6ytzrbXVmfvlFO5PNjv9/+9rzAm6h7GqqVhez5bbdHKrSxWay7mRhXMzTS6+z6fnO3F0xdXn4/KmIrv1fYYWbNOa7mz32/3LsKBGHwrorHDlq2N4JL1jMzUsZUtT3UzUFRv1CSbM7Hr2WkOLE1VvY6v7+lyGuvv/Jw+hJyfqOfl8fzmUHO+X+uZaKTKxJXe6CuvmZ0zkXzjr396+3b77ru3bz24cHwOaRdj26zfPCZm+zLxynOdieb2Va1hK2eqTJxZX76eH+UnuZDpvJn7WcxPM5+lLKRT18/X47n8ObVzpuYGlt7cLfKJ+rx0z9leYprOD6vSfM5VbU9mMUXu5WYW8nr170ou59u5mqu51neGz2wbd3Vs1VXf2HzV987034YGf/6bdaFM8m83kj230xFvNzoPSvfeX+b1VF9eu6P+8fpWp/qug5m+LL3Uy8740M6f5t7Y/GpdKPfxq12eE6M1VWeivIB6T4ledC93M9GsnkVbx/kfOmW7tO92Orfn39um/5VNy6/V83JYrX5tt617hp+Kg1WOl5cyWd9JBkdHWffy+l2mr66zMZa7dYNP3LLdmaquKHpX6o9zrxoAW6/Uifp3uK09XanqXhlaN1vVne2rG/h9K/fSzs0R5A+Ap/GPt9eLUzkx0fpX69PWJ61ft2633pj8wQvfeeHViYz/ffy7zZmx1xqvFn/JJ/n5xut/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6T344MN359vthfvDC43tqwYKrWxes1vPmwpF/YU++2t1fAuTSQbWVN9zNPIwWpvD2FLo/CIZeX56XyI4fJvflYXmlhE1rDA3sObPWzv8aJ8RFnu7Lg6x0MhodzqW4QPgCG9KwEhcWrrz3qUHH3z4rcU78+8svLNwd/zq1Wsz166+Pnvp1mJ7Yab786ijBA7DxkP/qCMBAAAAAAAAAAAA9mrYBwPOvbjbh0b29BkP/7MQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBDXL6T5MEUuz1ycKZfXVmfb5dQrb2zZTNJoJMXPkuJRMpfulKm+7or88VE6Q/bz8eK1tz57vPb5Rl/N7vZJo56PbRtksdtRrNRTput+pvecgN37u/HM/RX/6R1DmbAvOp3O3LPFBwfjvwEAAP///iX1HQ==") mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x2c) getdents64(r0, &(0x7f0000000100)=""/134, 0x86) 8m36.356422165s ago: executing program 8 (id=1721): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) ppoll(&(0x7f00000001c0)=[{r0, 0x200}], 0x1, 0x0, 0x0, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x3, 0xfd}, 0x8) write$rfkill(r0, &(0x7f0000000340)={0x6, 0x0, 0x3, 0x0, 0x1}, 0x8) 8m34.980352974s ago: executing program 38 (id=1721): r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) ppoll(&(0x7f00000001c0)=[{r0, 0x200}], 0x1, 0x0, 0x0, 0x0) write$rfkill(r0, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x3, 0xfd}, 0x8) write$rfkill(r0, &(0x7f0000000340)={0x6, 0x0, 0x3, 0x0, 0x1}, 0x8) 7m33.406826595s ago: executing program 9 (id=2145): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'streebog512\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$BATADV_CMD_GET_ORIGINATORS(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, 0x0, 0x800, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) 7m33.013187452s ago: executing program 9 (id=2148): sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)={0x24, 0x0, 0x200, 0x70bd2b, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000080}, 0x8090) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000000)=""/102, 0x365}, {&(0x7f0000000280)=""/76, 0x14c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/92, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x188}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 7m32.312085908s ago: executing program 9 (id=2154): r0 = epoll_create1(0x80000) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x20000004}) 7m31.878987167s ago: executing program 9 (id=2159): timer_create(0x3, 0x0, &(0x7f0000044000)=0x0) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffffffb]}, 0x0, 0x8) timer_settime(r0, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) 7m31.39184322s ago: executing program 9 (id=2164): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) fcntl$setstatus(r0, 0x4, 0x2c00) 7m30.999894284s ago: executing program 9 (id=2167): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x204440, &(0x7f0000000440)={[{@fat=@showexec}, {@fat=@fmask={'fmask', 0x3d, 0x7fff}}, {@fat=@check_strict}, {@dots}, {@fat=@umask={'umask', 0x3d, 0xd}}]}, 0x1, 0x249, &(0x7f00000008c0)="$eJzs3c9qE0EcB/CfTdqGHmzP4mHBi6eivkGQCuKCENmDnlyoXloRtpfVUx7DZ/CRfIyeepERu6HpP0qlaadxPx8I84PvBH5zySQwk/34+Mve7teDz+nXjxiNihhGTOMoYitWYhCdB7Nx5bhei9OmAQAsm8mkHufugdvVNON6NSLWLyTVzywNAQAAAAAAAAAAcGPO/wNA/zj///9rmnG9Mfv+dpbz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA+RyltpiteufsDABbv2vt/Sill7RQAWBS//wGgf+z/ANA/795/eDMuy51JUYwiDqdt1Vbd2OWvXpc7z4pjW/N3HbZtNTjJn3d5cTZfjY1Z/uLSfC2ePunyv9nLt+W5fD12b3/5AAAAAAAAAAAAAAAAAAAAcC9sFycuvd+/3U34nS7kXXXq/wHO3d8fxqPhnS0DAAAAAAAAAAAAAAAAAAAAltrBt+979f7+p0Zx4+LhZsQ9aEOhWECR+5MJAAAAAAAAAAAAAAAAAAD6Z37p9+p5g7tqCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAymD///9+LYVxvcu41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3wJwAA///0JpcD") landlock_create_ruleset(&(0x7f0000000040)={0xf0ffc94e915cdaa7, 0x0, 0x2}, 0x18, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) mkdir(&(0x7f0000000040)='./file0\x00', 0x2c) 7m15.763372577s ago: executing program 39 (id=2167): syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x204440, &(0x7f0000000440)={[{@fat=@showexec}, {@fat=@fmask={'fmask', 0x3d, 0x7fff}}, {@fat=@check_strict}, {@dots}, {@fat=@umask={'umask', 0x3d, 0xd}}]}, 0x1, 0x249, &(0x7f00000008c0)="$eJzs3c9qE0EcB/CfTdqGHmzP4mHBi6eivkGQCuKCENmDnlyoXloRtpfVUx7DZ/CRfIyeepERu6HpP0qlaadxPx8I84PvBH5zySQwk/34+Mve7teDz+nXjxiNihhGTOMoYitWYhCdB7Nx5bhei9OmAQAsm8mkHufugdvVNON6NSLWLyTVzywNAQAAAAAAAAAAcGPO/wNA/zj///9rmnG9Mfv+dpbz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA+RyltpiteufsDABbv2vt/Sill7RQAWBS//wGgf+z/ANA/795/eDMuy51JUYwiDqdt1Vbd2OWvXpc7z4pjW/N3HbZtNTjJn3d5cTZfjY1Z/uLSfC2ePunyv9nLt+W5fD12b3/5AAAAAAAAAAAAAAAAAAAAcC9sFycuvd+/3U34nS7kXXXq/wHO3d8fxqPhnS0DAAAAAAAAAAAAAAAAAAAAltrBt+979f7+p0Zx4+LhZsQ9aEOhWECR+5MJAAAAAAAAAAAAAAAAAAD6Z37p9+p5g7tqCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAymD///9+LYVxvcu41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3wJwAA///0JpcD") landlock_create_ruleset(&(0x7f0000000040)={0xf0ffc94e915cdaa7, 0x0, 0x2}, 0x18, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) mkdir(&(0x7f0000000040)='./file0\x00', 0x2c) 5m21.842613835s ago: executing program 3 (id=3079): r0 = gettid() clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff}) 5m21.365025546s ago: executing program 3 (id=3083): r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x35dfdbfe, {0x0, 0x0, 0x0, r2, {0xf}, {0xf}, {0x7, 0xfff3}}}, 0x24}}, 0x24040084) 5m21.002464606s ago: executing program 3 (id=3085): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) creat(&(0x7f00000001c0)='./file0\x00', 0x8) syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f00000020c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}}, 0x0, 0x0, 0x0) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f00000000c0)={0x21, 0x3, 0x0, {0x1}}, 0x21) 5m20.57878651s ago: executing program 3 (id=3088): syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000580)='./file1\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x238, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiUhsUthYGDCiucvtoaQ5NIJgJULir0oPs4aYTU4uK5iAJMHGRjsLIY2F/4BFCisLO/8BQQsVBAuvsLCxGZkfeze3w+ZySzrfpxi+M/Nm3743b1+xIAjiv+X7tz9fn1+amT8L4AgmcMis//QAxrRmW337L68enXnZvLzz9vObD6tHn7zLPk8eEWJwobyHfx/A+1kPiZpx+/RfKSbMZB68p6+D47TRN8FQNfouOG4YHYHhttEPLN2W9tXq/aU4qt5rxwtSTMuhLodQDo3s+3W3GRbMXAghmLW/tr6x3IrjqGMJ3+xZW5vI2Iwies6Wx538lRCgO8vRtN5PZvHWs6fbcp7mZtrKXx0cdRNEAwxzZn0GO2ludEqs+I/7qKQuvIH4MdaKM9FKwUwxAMOCLGvR/F0gNXuLY1PFjk/KcC66W2OFbhGDp0rob8lM5h7PK6/RSkcJP3s7rrhgLrSAr6vZKMSm8wEo8UKW0IHfsisKRZGK8S776G790ILn1rNgw12w/ddPeb/vnH6IZsUfvUQrkHH1VnzvYO4C+LSr+4d4zXDK6k++1T9qycrD2tr6xtTSSmsxWoxWw7BxngFb58KaakR6dPpevz9XVH86bNqTfH4pxzbgAR63kqRT12PAAlSQJJ1QzUPrs5nbbf+6Y44luALgpJ7Ilhb0nug5PligbbiylWrSNSIIgiAIgiAIgiAIgiAIgijECTD1F3QI4TVl/S8AAP//CkpUTQ==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000040)='./file0\x00') mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x200000, 0x0) 5m19.920099618s ago: executing program 3 (id=3092): r0 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d61637365630000140002800500060000000000050007000000000008000500", @ANYRES32=r1], 0x4c}}, 0x0) 5m19.224025264s ago: executing program 3 (id=3097): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8008}, 0x2000c840) 5m17.529789915s ago: executing program 40 (id=3097): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8008}, 0x2000c840) 2m0.13420112s ago: executing program 4 (id=4459): syz_emit_ethernet(0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004500002b"], 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x28bd, 0x42, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x4}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) 1m57.509745662s ago: executing program 4 (id=4472): unshare(0x400) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58) 1m56.623534578s ago: executing program 4 (id=4476): r0 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) ptrace(0x10, r0) ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000000)={&(0x7f0000000080)=""/32, 0x58}) 1m55.476458112s ago: executing program 4 (id=4480): syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x14444, &(0x7f0000000fc0)={[{@iocharset={'iocharset', 0x3d, 'ascii'}}, {@noadinicb}, {@mode={'mode', 0x3d, 0xfff}}, {@uid_forget}, {@uid_forget}, {@dmode={'dmode', 0x3d, 0x2}}, {@noadinicb}, {@rootdir={'rootdir', 0x3d, 0x2}}, {@nostrict}]}, 0xfe, 0xc22, &(0x7f00000002c0)="$eJzs3UFsHNd9B+D/Gy1FSm4rJk5Uu43bTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmCIJkmpkI22YXnroIUBR9JATgdYokKKB0RRBj2zrAsnFhyKnnogWNoKiB7YIkFPAYGbfikuKsmhTpCj7+2zqNzvz3sx7M+sZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+/fOnMc+lhtwIAOEhXxr985qznPwB8rFz1//8AAAAAAAAAAAAAAHDYpSji8Ugxf2U9TVafOwYut2dv3Z4YGd252rFU1TxSlS9/Bp47e+78F54fvtDN96//oD0Zr45fvVR/ae7m/EJrcbE1XZ+YbU/NTbd2vYe91t9uqDoB9Zuv3Zq+fn2xfvbZc1s23x58r/+xk4MXh58+/VS37MTI6Oh4T5la34c++l3uNcLjaBRxOlI8890fp2ZEFLH3c3Gf785+O1Z1YqjqxMTIaNWRmXZzdqncONY9EUVEvadSo3uODuBa7EkjYrlsftngobJ74/PNhea1mVZ9rLmw1F5qz82OpU5ry/7Uo4gLKWIlItb6795dXxRRixTfPrGerkXEke55+Hw1MPje7Sj2sY+7ULaz3hexUjwC1+wQ648iXokUP3m7iKnynOWf+FzEK2V+P+LNMl+MSOUX43zEuzt8j3g01aKIvyiv/8X1NB0RGyc660frl79S/9Ls9bmest37yiP/fDhIh/zeNBBFNKs7/nr68L/ZAQAAAAAAAAAAAAAAAOBBOxZFPBkpXv6PP67GFUc1Lv3ExeE/GPzF3jHjT9xnP2XZZyNiudjdmNyjeQjxWBpL6SGPJf44G4gi/iSP//vmw24MAAAAAAAAAAAAAAAAAADAx1oRP4oUL7xzKq1E75zi7dkb9avNazOdWWG7c/9250zf2NjYqKdONnJO5lzOuZJzNedazihy/ZyNnJM5l3Ou5FzNuZYzjuT6ORs5J3Mu51zJuZpzLWfUcv2cjZyTOZdzruRczbmWMw7J3L0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8lRRTxs0jxra+tp0gR0YiYjE6u9nfLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPU38q4nuRov6HjTvrahGRqn87TpW/nI/G0TI/GY3hMl+MxqWczSprjW/e92hpX/rAh9eXivhhpOgfeOvO1cnXv6/zafOavfn1zU+/Uuvkke7Gwff6Hzt54uLw6K89ca/lHa/+0OX27K3b9YmR0dHxntW1fPRP9qwbzMctHkzXiYjF1994rTkz01qw8PFYqHUWanFI2nNQC/l+FYelPdsXGoejGZsLD/nGxIEon//vRorfeec/uw/87vP/Fzqf7jzh46d/uvn8f2H7jvbp+f94z7oX8u9G+moRA0s35/tORgwsvv7G6fbN5o3Wjdbs+TNnvjg8/MVzZ/qORgxcb8+0epb2fKoAAAAAAAAAAAAAAAAADlYq4vciRfOH66keEber8VqDF4efPv3UkThSjbfaMm7r1fGrl+ovzd2cX2gtLram6xOz7am56dZuDzdQDfeaGBndl87c17F9bv+xgZfm5l9faN/4o6Udtx8fuHRtcWmhObXz5jgWRUSjd81Q1eCJkdGq0TPt5mxVdewBvUqhLxXxX5Fi6nw9fTavy+P/to/w3zL+f3n7jvZp/N8netaVx0ypiJ9Git/+yyfis1U7j8dd5yyX+9tIMXThM7lcHC3LddvQea9AZ2RgWfb/IsU//mxr2e54yMc3yz636xP7iCiv/4lI8b0//078Rl639f0PO1//49t3tE/X/1M9645veV/BnrtOvv6nI8WLj78Vv5nXvd/7P4rY2Nj4RsSpXPjO+zn26fp/umfdYHSO+1sPrvsAAAAAAAAAAACPrL5UxN9FiqdGa+n5vG43f/9vevuO9unvf/1yz7rpA5qvaM8nFQAAAAAOib5UxI8ixY2lt+6Mod46/rtn/Ofvbs69PpK2ba3+nO+XqvcGPMg//+s1mI87ufduAwAAAAAAAAAAAAAAAAAAwKGSUhHP5/nUJ+8zn/pqpHj5f57J5dLJslx3HvjB6teBK3Ozpy/NzMxNNZea12Za9fH55lSrrPupSLH+N5/JdYtqfvXufPOdOd4HNrpzsS9EitG/75btzMXenZu8Mx94Zy72suwnIsV//8PWst15rD+9WfZsWfavI8VX/3nnsic3y54ry34nUvzgq/Vu2eNl2e77UTvvJB2oxUzr2am5mbtehQoAAAAAAAAAAAAAAAAAAAAfVF8q4s8ixf/eXInlPOw/z//fnYG/1i375td75vvf5nY1z/9gNf//vZY/zPz/gw+spwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OhIUcQbkWL+ynpa7S8/dwxcbs/euj0xMrpztWOpqnmkKl/+DDx39tz5Lzw/fKGb71//QXsyXh2/eqn+0tzN+YXW4mJruj4x256am27teg97rb956jqGqhNQv/narenr1xfrZ589t2Xz7cH3+h87OXhx+OnTT3XLToyMjo73lKn1fYCjf6DGbToaRfxVpHjmuz9O/9IfUcTez8V9vjv77VjViaGqExMjo1VHZtrN2aVy41j3RBQR9Z5Kje45OoBrsSeNiOWy+WWDh8rujc83F5rXZlr1sebCUnupPTc7ljqtLftTjyIupIiViFjrv3t3fVHEa5Hi2yfW07/2RxzpnofPXxn/8pmz925HsY993IWynfW+iJXiEbhmh1h/FPFPkeInb5+Kf+uPqEXnJz4X8UqZ3494s8wXI1KK2PhGxLs7fI94NNWiiP8vr//F9fR2f3k/6N5XLn+l/qXZ63M9Zbv3lV09H3793sd86M+Hg3TI700DUcQPqjv+evp3/10DAAAAAAAAAAAAAAAAHCJF/GqkeOGdU6kaH3xnTHF79kb9avPaTGdYX3fsX3fM9MbGxkY9dbKRczLncs6VnKs513JGkevnbOSczLmccyXnas61nHEk18/ZyDmZcznnSs7VnGs5o5br52zknMy5nHMl52rOtZxxSMbuAQAAAAAAAAAAAAAAAAAAHy1F9U+Kb31tPW30d+aXnoxOrpoP9CPv5wEAAP//N4D+uw==") syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000b80), 0x10000, &(0x7f0000000280)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@metacopy_on}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) 1m53.523865488s ago: executing program 4 (id=4485): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x18) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000005ac0)={0x0, 0x0, &(0x7f0000005a80)={&(0x7f00000058c0)=ANY=[@ANYBLOB="cc0000001b0001002bbd7000fddbdf2500000000002400000400000000000001ac1414390000000000000000000000004e2200014e2400050200a0a03b000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="090000000000000007000000000000000600000000000000020000000000000007000000000000000c00000000000000a604000000000000060000000000000002000000000000000000000000000000f4fffffffffffffff2ffffffffffffff790a0000b26b6e00010101010000000005000000000000000a00100002"], 0xcc}, 0x1, 0x0, 0x0, 0x44040}, 0x20000004) 1m51.523740334s ago: executing program 4 (id=4490): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r1) 1m50.16113499s ago: executing program 41 (id=4490): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r1) 1m47.871242318s ago: executing program 7 (id=4509): r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchownat(r1, &(0x7f0000000080)='.\x00', 0xffffffffffffffff, 0x0, 0x0) 1m47.299494023s ago: executing program 7 (id=4512): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]}) mkdir(&(0x7f00000002c0)='./file0\x00', 0x2) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x80101) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10) 1m46.579812063s ago: executing program 7 (id=4515): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f00006ca000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x10000) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) 1m46.09151484s ago: executing program 7 (id=4519): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0x1237, &(0x7f00000006c0)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==") mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1901080, 0x0) chroot(&(0x7f0000000300)='./file0/../file0/file0\x00') execve(&(0x7f0000000080)='./file0/../file0/file0\x00', 0x0, 0x0) 1m44.817713932s ago: executing program 7 (id=4526): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x545, &(0x7f0000001300)="$eJzs3c9vHFcdAPDvrL2Okzi1CxygUktFi5IKshvXtLU4lCIhOFVClHsw9saysvZG9rqNrQo2fwESQoDECS5ckPgDkFAkLhwRUiQ4g1QEQpCCBIfSQbM7G5v1rL0xa2+8/nykybw3v77f5/iNZ3aeZgM4t56PiDci4sM0TV+KiNl8eSmfotWZsu3ef/jucjYlkaZv/S2JJF+WbZamado95uV8t+mI+NpXIr6Z7As4nc93dm8v1eu1zbxaba7fqW7t7F5fW19ara3WNhYW5l9dfG3xlcUbQ2nnlYh4/Ut/+v53fvrl13/52Xf+ePMv176VpTWTr++24xgmD1vZaXr5wnTPDpvHDPYkytpT/iCvXBxsn3snmRAAAH1l1/gfiYhPRcRLMRsTh1/OAgAAAGdQ+oWZ+CDpPL8rMNVnOQAAAHCGlNpjYJNSJR8LMBOlUqXSGcP7sbhUqje2mp+51djeWOmMlZ2LcunWWr12Ix8rPBflJKvPt8t79Zd76gsR8XREfG/2YrteWW7UV0b94QcAAACcE5d77v//Odu5/z9ccjrJAQAAAMMzN+oEAAAAgBPn/h8AAADGWnnUCQAAAAAn7qtvvplNaff7r1fe3tm+3Xj7+kpt63ZlfXu5stzYvFNZbTRW2+/sWz/qePVG487nYmP7brVZ22pWr+zs3lxvbG80b67F9Kk0CAAAADjg6U/e/30SEa3PX2xPmalRJwWcislHpe47PQt6/x+e6szfO6WkgFMxMcA2710oXu46Ac62yd4Fffo6MH6M/weO+kaPvoN3ftOZlYacDwAAMHxXP1H8/P/o6/mWS34443RiOL96nv+ns6NKBDh17ef/gw7kcbEAY6U80AhAYJz9v8//j5amj5UQAAAwdDPtKSlV8o/3ZqJUqlQirrS/FrCc3Fqr125ExFMR8bvZ8oWsPt/eMznyngEAAAAAAAAAAAAAAAAAAAAAAAAA6EjTJFIAAABgrEWU/pz8qvMu/6uzL870fj4wlfy7/ZXAUxHxzo/e+sHdpWZzcz5b/vdHy5s/zJe/PIpPMAAAAIBe3fv09vxfo84GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHHz/sN3l7vTAJtfHFbcv34xIuaK4k/GdHs+HeWIuPSPJCb37ZdExMQQ4rfuRcTHi+InWVqPQhbFH8YPoXUvaaVthfFjLv8pFMW/PIT4cJ7dz84/bxT1/1I8354X97/JiP+pH1f/8188Ov9N9On/VwaM8cyDn1f7xr8X8cxk8fmvGz/pE/+FgaKX4xtf393ttzb9ccTV7t+f9hlvf4S9UrW5fqe6tbN7fW19abW2WttYWJh/dfG1xVcWb1RvrdVr+b+FMb777C8+PKz9lwr//iV5Nv3b/2LB8SYK8v/Pg7sPP9qttA7Gv/ZCQfxf/yTf4mD8Uh7n03k5W3+1W251yvs997PfPndY+1f22l9+nP//a/0O2utAR3l2sF8dAOBEbO3s3l6q12ubY1vI7tKfgDSOU5iKJyKN8S18Oys8GNYB0zRNsz5VsOp+RAxynCSG3NJScT57hb5ngFGfmQAAgGHbu+gfdSYAAAAAAAAAAAAAAAAAAABwfp3GW9Z6Y+69AjkZxiu0AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACG4r8BAAD//7gG3Ac=") r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0) getdents(r0, 0x0, 0x0) syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000001080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20c28, 0x0, 0x3, 0x0, &(0x7f0000000080)) 1m44.274742437s ago: executing program 7 (id=4529): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) read(r0, &(0x7f0000000180)=""/124, 0x7c) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0x8) 1m42.30199455s ago: executing program 42 (id=4529): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) read(r0, &(0x7f0000000180)=""/124, 0x7c) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0x8) 6.76360676s ago: executing program 2 (id=4962): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000740)={'macsec0\x00', 0x400}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000140)={'veth0_macvtap\x00', 0x200}) 6.404125234s ago: executing program 6 (id=4963): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000b40)={'wpan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fddbdf252000000008000300", @ANYRES32=r1, @ANYBLOB="24002d80050002"], 0x40}, 0x1, 0x0, 0x0, 0x20008894}, 0x44010) 5.902987292s ago: executing program 0 (id=4965): r0 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x1, 0x40024f}, &(0x7f0000000280)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_UNLINKAT={0x24, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200}) io_uring_enter(r0, 0x627, 0xc1040000, 0x43, 0x0, 0x0) 5.693849098s ago: executing program 2 (id=4966): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x60) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000001180)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[], 0x8b) 5.193329064s ago: executing program 6 (id=4968): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000800000/0x3000)=nil, 0x400000, 0x2, 0x2}) 5.132489483s ago: executing program 5 (id=4969): syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r0, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44) close_range(r0, 0xffffffffffffffff, 0x0) 4.810621307s ago: executing program 2 (id=4970): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newsa={0x144, 0x10, 0x1, 0xbffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@local, 0x1, 0x794, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x9, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0x1ff}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0xfd, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @mark={0xc, 0x15, {0x35075a, 0x3}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x0, 0x2, 0x1, 0x0, 0x21}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) 4.736213154s ago: executing program 0 (id=4971): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r1, 0x2ded, 0x4000, 0x0, 0x0, 0x0) 4.626936463s ago: executing program 1 (id=4972): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r0) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000010c0)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040001}, 0x810) 4.220323796s ago: executing program 5 (id=4973): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={0xffffffffffffffff}, 0x111, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000340)={0xf, 0x8, 0xfa00, {r2, 0x11}}, 0x10) 4.165973592s ago: executing program 6 (id=4974): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x48283, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xb) ioctl$TUNSETLINK(r0, 0x400454cd, 0x0) 3.887479244s ago: executing program 2 (id=4975): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000000)=0x80000000, 0x4) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e) 3.825622518s ago: executing program 1 (id=4976): r0 = socket$igmp6(0xa, 0x3, 0x2) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000140)={@mcast2, 0x3c, r2}) 3.609022405s ago: executing program 0 (id=4977): unshare(0x22020400) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, 0xffffffffffffffff, 0x4, r0}, 0x10) 3.481646797s ago: executing program 5 (id=4978): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0}) lseek(r2, 0x100000000, 0x0) 3.123556035s ago: executing program 1 (id=4979): syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000500)=ANY=[], 0xc, 0xac, &(0x7f0000000100)="$eJzs0jFqwzAUBuBnY7cdu3foDXwHn6BnMB3tzZNLJ9+nlyh07RFygwxZsygYyUP2QAh8H0hPP/8ikP7PP2+xRryvESmlJu2aSPPyNQ7TvLTjMEVEG3+RVWU+Bw+uLs/ZR/4DWz72uatKfzh9f+4rNx+/eT7d7+IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEPV63Wuo+vK8WXbLgEAAP//2Bwh+A==") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000300)='./bus\x00') 3.026429908s ago: executing program 6 (id=4980): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0xffffffffffffffff) sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) ppoll(&(0x7f00000002c0)=[{r0, 0x2088}], 0x1, &(0x7f0000000440), 0x0, 0x0) 2.830652692s ago: executing program 2 (id=4981): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f0000000180)=ANY=[], 0x1, 0xc4d, &(0x7f00000027c0)="$eJzs3V1sXGdaB/DnnWMndsqyU9qmXbpIsxSxaZoE56OtUVrkbIy1K0VtVMcLNyCP40kY1R67trNKK1gFCbgBQVCRVsAFuUHigovcIKEVQhE3iwRIEajSIpAItI1WQoBXsLBiJYzOzDv22BvXbr6cNL/fbvKfc+Y9M++Z9jlzpprnTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEV/46RNDh9NOzwIAuJ9eG39j6Kj3fwB4pJzx+R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK2lKOKtSPHe2HKabC93DJxqti5cnBgdu/VmgylSVKJojy//DBw+cvTYiy+9PNzNj97+bvtMvD5+5kTt5Nzs/EJjcbExXZtoNc/OTTe2/Qh3uv1G+9svQG32zQvT584t1o4cOrru7ovVm7sf21s9Pvzsgee7YydGx8bGe8b09d/2s3+fdPceik+QXVHEFyPFNw5+K9UjohJ3XgtbHDvutcHoK+uvvRMTo2PtHZlp1ltL5Z2pkkf1RVR7Nhrp1sh9qMU7MhJxqfznVE54f7l74/P1hfrUTKN2ur6w1FxqzrVSpTPbcn+qUYnhFDEfEcvFTk+eB01/FPFqpLj5veU0FRFFtw5eeG38jaGjm2/Ydx8nucnTV4uI6/EQ1Cw8oHZHEb8dKd6dHIqzua7aZfNBxOfLfCXirTKvpbicl1N5gBiO+Lb3E3io9UURfxMp5tJymu7Wfvu88tSXa19qnZvrGds9r3zoPx/cT85NeIANRBFT7TP+5XT7/7ELAAAAAAAAAAAAALg/ivh6pLg6uy/NR29PabN1vnamPjXT+VZw97v/tbzVysrKSjV1spZzKOdIztM5J3PO57yU83LOKzmv5ryW83rOGzmXc0YlP3/OWs6hnCM5T+eczDmf81LOyzmvdLLb0bhyLa+/nvNGzuWcoe8JAAAAAAAAAAAAAAAAAACAu2wwiviNSPHvv/+V9u9KR/t36T99fPjkqU/1/mb8M1s8Tjn2UER8Pbb3m7y78m+Np0r5v7u/X8DWBqKIr+bf//vlnZ4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQKhEEb8SKb72neUUKSJGIiajkzeKnZ4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDanYp4NVL87O+OrK7ri4jU/n/HvvKvYzFS5HyizFdi5HA7KyMnyhyIOLQD8wdu3+Lb77xZn5lpLLjhhhturN7Y6SMTAAAAAAAAAAAAAAAAADzCUhF/Hyl+8veWUzUiLlZv7n5sb/X48LMHni+iaF8EIPWOf338zInaybnZ+YXG4mJjujbRap6dm25s9+kGTjVbFy5OjI7dk53Z0uA9nv/gwMm5+bcXmud/YemW9+8ZODG1uLRQP3vru2Mw+iKGetfsb094YnSsPemZZr3V3jRVNplgX0RtuzvDI29PKuJ/I8V7B78Zj+d1+fof/Z2lter/w19cW/rhvvW5+q9j+/jx6ePDJ/c8t53babsT3d8uvLIQxsZ7VvflWf5Qz7pqnte2HxseUWX9vxApfv6PitStoVz/P9BZKlbH/s9X12rq+IZctUP1/0TPuuP5qNXfFzGwNDvf/3TEwOLb7xxsztbPN843WseOvPzS8LGXXzz2Uv+uiIFzzZnG0Nqtbb92AAAAAAAAAAAAAAAAAHCv9KcivhApfunv/nK1bzz3/32qs7TW/9fb/7tvw+P0Xjdgs9u37PXboq+vV/mcKRXxVKR49s+eac83xR4973Cb9qQivlvW0/QX0+fyulz/ubP/1vV/aUOu2qH+38d71l3Kx4n/iBSP/8Ez8bme48TG7t5y3F9Eiqkf+WweF7vKcd3H6/REdxqDy7FfiRTvn14/tts3/cTa2MPb3S3YSWX9z0aKf/itv40fzevWX//j1vW/Z0Ou2qH6f7J3nyJi8e133qzPzDQWFrf9UsAjp6z/X48Uf/0n34zn8rqPuv5P9zo/+55bn4PdQTtU/0/1rKvmef3Yx3wtAAAAAAAAAAAA4GGxJxXxT5Hiz//0QDqY123n+7/TG3LVDn3/7+meddPrvv97725s+0UGAIAHRH8q4icixR9Pf5C6vbGb9v++stb/M7rxxL19Tv+D7T7/j3Wu/zH6/8vnTKmI/8t9vUNb9PX+eKT4tZ86kMelveW4ke50238PvDbXOnhiZmbubH2pPjXTqI3P1882ym33R4p//bfP5m0r7T7fbn90pzd4rSf4dyLFz33YHdvpCe72Uj65NvZwOfZgpPju++vHdvuunlobe6Qc+5uRYuy/bz1279rYo+XYf4wU//lurTt2Tzm2+3nu6bWxh87OzXzfRzYAAAAAAAAAAAAAAAAAAAB2Xn8qIkWKaz9zZbU3fv31v7rXAVh//a+N7tXv/1fvzm4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEMhRRH/FSneG1tON4pyuWPgVLN14eLE6NitNxtMkaISRXt8+Wfg8JGjx1586eXhbn709nfbZ+L18TMnaifnZucXGouLjenaRKt5dm66se1HuL3ti03v2d9+AWqzb16YPndusXbk0NF1d1+s3tz92N7q8eFnDzzfHTsxOjY23jOmr3/bs99SunsPxSfIrijiryLFNw5+K/1zEVGJ266FVVscO+61wegr66+9ExOjY+0dmWnWW0vlnamSR/VFVHs2GunWyH2oxTsyEnEpIirlhPeXuzc+X1+oT800aqfrC0vNpeZcK1U6sy33pxqVGE4R8xGxvPnRikdUfxRxLVLc/N5y+pei84bWroMXXht/Y+jo5hv23cdJbvL01SLiejwENQsPqN1RxJOR4t3JoXi/6NRVu2w+iPh8ma9EvFXmtRSX83IqDxDDEd/2fgIPtb4o4nSkmEvL6YMi1377vPLUl2tfap2b6xnbPa986D8f3E/OTXiADUQRH7bP+JfTh97PAQAAAAAAAAAAAOABV8SrkeLq7L7U7g9d7Sltts7XztSnZjpf6+9+97+Wt1pZWVmppk7Wcg7lHMl5Oudkzvmcl3Jeznkl59Wc13Jez3mjnbvbjYnlclTy8+es5RzKOZLzdM7JnPM5L+W8nPNKzqs5r+W8nvNGzuWcH9H1DwAAAAAAAAAAAAAAAAAAd6QSRfxqpPjad5bTStH5fdnJ6OSN9X2uu3ZqjsC98f8BAAD//3zgG/w=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204081, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000240)=""/175, 0xaf) 2.730816686s ago: executing program 5 (id=4982): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) sendto$inet6(r0, 0x0, 0x0, 0xc008000, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) sendto$inet6(r0, &(0x7f0000000600)="2501d77b330b7e73d6b1d1b8a473ff7420b41f0080a441d723839abc38ca17da976d8e8510ca2f6ee03b17b3a7896cfaff064300d8b36fcbf9a0f9", 0xfffffffffffffd82, 0x4000, 0x0, 0x0) 2.644084963s ago: executing program 0 (id=4983): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xa) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="2700000001"], 0x27) 2.161213006s ago: executing program 5 (id=4984): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010829bd7000000000000b00000008000300", @ANYRES32=r2, @ANYBLOB="6000508011000a004abee339084eeef16f162471f4000000080003000dac0f00050002"], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0) 1.915829034s ago: executing program 1 (id=4985): r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0) r1 = open(&(0x7f0000000780)='./bus\x00', 0x145c7e, 0x0) io_setup(0x5ff, &(0x7f0000000400)=0x0) io_submit(r2, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, &(0x7f0000000740)={0x0, 0x0, 0x41, 0x1, 0x0, r0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x2, r1}]) 1.725368443s ago: executing program 0 (id=4986): setxattr$system_posix_acl(0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="020000000100000000000000040000000000000010"], 0x24, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001a00010000000000000000001c"], 0x30}}, 0x0) 1.497779908s ago: executing program 5 (id=4987): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x441, 0x0) write$binfmt_aout(r0, &(0x7f00000002c0)=ANY=[], 0xff2e) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='io\x00') preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/230, 0xe6}], 0x1, 0x401, 0x9) 1.238284514s ago: executing program 2 (id=4988): openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0) r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e3000000000000000000000000800030000000000140006"], 0x58}}, 0x0) 1.193906963s ago: executing program 6 (id=4989): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f00000000c0)={0x1c, r0, 0x62c21a4ade68aba1, 0x70bd28, 0x0, {{0x32}, {@void, @val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x4000080) 882.350687ms ago: executing program 1 (id=4990): unshare(0x2000400) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) fcntl$setstatus(r0, 0x4, 0x42800) ppoll(&(0x7f000000e200)=[{r0, 0x20}], 0x1, 0x0, 0x0, 0x0) 556.881909ms ago: executing program 0 (id=4991): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TCSETSW2(r0, 0x5435, 0x0) 216.630617ms ago: executing program 6 (id=4992): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300), 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080), 0x106, 0x5}}, 0x20) close_range(r0, r0, 0x0) 0s ago: executing program 1 (id=4993): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000640)=0x2d73, 0x4) sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800) recvfrom(r0, 0x0, 0x0, 0x40002140, 0x0, 0x0) kernel console output (not intermixed with test programs): sb 6-1: SerialNumber: syz [ 711.382824][ T5855] usb 6-1: config 0 descriptor?? [ 711.667994][ T5855] usb 6-1: USB disconnect, device number 15 [ 711.692962][T14402] batadv0: entered promiscuous mode [ 711.703859][T14402] bond0: entered promiscuous mode [ 711.709101][T14402] bond_slave_0: entered promiscuous mode [ 711.716180][T14402] bond_slave_1: entered promiscuous mode [ 711.727937][T14402] debugfs: 'hsr1' already exists in 'hsr' [ 711.737348][T14402] Cannot create hsr debugfs directory [ 711.746043][T14402] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 712.033915][T14405] loop2: detected capacity change from 0 to 512 [ 712.069662][T14405] EXT4-fs: Ignoring removed i_version option [ 712.093894][T14405] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 712.144446][T14405] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002] [ 712.176039][T14405] System zones: 1-12 [ 712.217309][T14405] EXT4-fs (loop2): orphan cleanup on readonly fs [ 712.254778][T14405] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.3559: invalid indirect mapped block 12 (level 1) [ 712.290434][T14405] EXT4-fs (loop2): Remounting filesystem read-only [ 712.299876][T14405] EXT4-fs (loop2): 1 truncate cleaned up [ 712.310312][T14405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 712.513028][ T5798] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 713.542601][T14430] loop4: detected capacity change from 0 to 1024 [ 715.077778][T14460] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3595'. [ 715.306235][T14468] loop2: detected capacity change from 0 to 164 [ 715.337001][T14467] loop7: detected capacity change from 0 to 1024 [ 715.377240][T14468] Unsupported NM flag settings (240) [ 715.406401][T14468] overlayfs: failed to clone lowerpath [ 715.492200][T14470] loop5: detected capacity change from 0 to 512 [ 715.581149][T14470] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 715.683741][ T30] audit: type=1800 audit(1762827858.601:104): pid=14470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3589" name="file1" dev="loop5" ino=26 res=0 errno=0 [ 715.704449][ C1] vkms_vblank_simulate: vblank timer overrun [ 716.043416][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 716.050007][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 716.128091][T14478] loop1: detected capacity change from 0 to 256 [ 716.161458][T14478] exfat: Deprecated parameter 'utf8' [ 716.247845][T14478] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 716.391233][ T5855] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 716.500155][T14488] loop2: detected capacity change from 0 to 512 [ 716.573508][ T5855] usb 5-1: Using ep0 maxpacket: 8 [ 716.589848][T14488] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 716.605631][T14488] ext4 filesystem being mounted at /755/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 716.643514][ T5855] usb 5-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30 [ 716.659687][ T5855] usb 5-1: config 0 interface 0 altsetting 250 has 2 endpoint descriptors, different from the interface descriptor's value: 255 [ 716.674177][ T5855] usb 5-1: config 0 interface 0 has no altsetting 0 [ 716.681233][ T5855] usb 5-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 716.690470][ T5855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 716.850062][ T5855] usb 5-1: config 0 descriptor?? [ 716.895984][ T5798] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 717.311744][ T5855] holtek 0003:1241:5015.0014: unknown main item tag 0x1 [ 717.319005][ T5855] holtek 0003:1241:5015.0014: item fetching failed at offset 3/5 [ 717.385788][ T5855] holtek 0003:1241:5015.0014: parse failed [ 717.392332][ T5855] holtek 0003:1241:5015.0014: probe with driver holtek failed with error -22 [ 717.539187][ T5871] usb 5-1: USB disconnect, device number 13 [ 717.843042][T14508] loop5: detected capacity change from 0 to 128 [ 717.865112][T14508] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 717.884110][T14510] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 719.443320][T14538] netlink: 204 bytes leftover after parsing attributes in process `syz.1.3618'. [ 719.809120][T14545] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3622'. [ 719.838582][T14545] bridge0: entered promiscuous mode [ 719.845668][T14545] macsec2: entered allmulticast mode [ 719.851249][T14545] bridge0: entered allmulticast mode [ 719.863499][T14545] bridge0: port 3(macsec2) entered blocking state [ 719.870389][T14545] bridge0: port 3(macsec2) entered disabled state [ 719.937529][T14545] bridge0: left allmulticast mode [ 719.943027][T14545] bridge0: left promiscuous mode [ 720.016610][T14547] 9p: Unknown access argument ý: -22 [ 720.121282][T14543] loop7: detected capacity change from 0 to 4096 [ 720.233233][T14553] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 720.261223][ T30] audit: type=1800 audit(1762827863.171:105): pid=14543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3620" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 720.453613][T14556] loop2: detected capacity change from 0 to 512 [ 720.587385][T14556] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 720.603985][T14556] ext4 filesystem being mounted at /762/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 720.636021][ C1] vkms_vblank_simulate: vblank timer overrun [ 720.707727][T14562] sctp: [Deprecated]: syz.1.3627 (pid 14562) Use of int in max_burst socket option deprecated. [ 720.707727][T14562] Use struct sctp_assoc_value instead [ 720.872317][T14556] EXT4-fs (loop2): shut down requested (2) [ 721.143564][ T5798] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 722.180925][T14589] 9p: Unknown access argument ý: -22 [ 722.324449][T14592] loop1: detected capacity change from 0 to 128 [ 722.606465][T14597] loop7: detected capacity change from 0 to 256 [ 722.729692][ T30] audit: type=1800 audit(1762827865.641:106): pid=14597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3644" name="file1" dev="loop7" ino=1048863 res=0 errno=0 [ 722.887496][T14603] loop4: detected capacity change from 0 to 164 [ 722.948481][T14603] Unsupported NM flag settings (240) [ 723.043833][ T5871] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 723.099651][ T30] audit: type=1326 audit(1762827866.001:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14607 comm="syz.5.3649" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 723.122946][ T30] audit: type=1326 audit(1762827866.001:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14607 comm="syz.5.3649" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 723.146023][ T42] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 723.154836][T10125] Unsupported NM flag settings (240) [ 723.155084][T10125] Unsupported NM flag settings (240) [ 723.155528][T10125] Unsupported NM flag settings (240) [ 723.187218][ T30] audit: type=1326 audit(1762827866.101:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14607 comm="syz.5.3649" exe="/root/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 723.217474][ T30] audit: type=1326 audit(1762827866.101:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14607 comm="syz.5.3649" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 723.239659][ C1] vkms_vblank_simulate: vblank timer overrun [ 723.249876][ T30] audit: type=1326 audit(1762827866.101:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14607 comm="syz.5.3649" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 723.272147][ C1] vkms_vblank_simulate: vblank timer overrun [ 723.283518][ T30] audit: type=1326 audit(1762827866.101:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14607 comm="syz.5.3649" exe="/root/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 723.305582][ C1] vkms_vblank_simulate: vblank timer overrun [ 723.317419][ T30] audit: type=1326 audit(1762827866.101:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14607 comm="syz.5.3649" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 723.339574][ C1] vkms_vblank_simulate: vblank timer overrun [ 723.351161][ T30] audit: type=1326 audit(1762827866.101:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14607 comm="syz.5.3649" exe="/root/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 723.373298][ C1] vkms_vblank_simulate: vblank timer overrun [ 723.385193][ T30] audit: type=1326 audit(1762827866.101:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14607 comm="syz.5.3649" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 723.434147][ T5871] usb 3-1: Using ep0 maxpacket: 16 [ 723.440052][T10125] Unsupported NM flag settings (240) [ 723.456566][ T5871] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 723.457558][T10125] Unsupported NM flag settings (240) [ 723.473581][ T5871] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 723.488227][T10125] Unsupported NM flag settings (240) [ 723.505883][ T42] usb 2-1: Using ep0 maxpacket: 8 [ 723.527737][ T42] usb 2-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30 [ 723.544357][ T42] usb 2-1: config 0 interface 0 altsetting 250 has 2 endpoint descriptors, different from the interface descriptor's value: 255 [ 723.558001][ T42] usb 2-1: config 0 interface 0 has no altsetting 0 [ 723.565016][ T42] usb 2-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 723.579222][ T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 723.615187][ T5871] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 723.624691][ T5871] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 723.638031][ T5871] usb 3-1: Product: syz [ 723.642576][ T5871] usb 3-1: Manufacturer: syz [ 723.647355][ T5871] usb 3-1: SerialNumber: syz [ 723.678519][ T42] usb 2-1: config 0 descriptor?? [ 723.689631][ T5871] usb 3-1: config 0 descriptor?? [ 723.772989][ T5871] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 723.782640][ T5871] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class) [ 724.124806][ T42] holtek 0003:1241:5015.0015: unknown main item tag 0x1 [ 724.134180][ T42] holtek 0003:1241:5015.0015: item fetching failed at offset 3/5 [ 724.158066][ T42] holtek 0003:1241:5015.0015: parse failed [ 724.165306][ T42] holtek 0003:1241:5015.0015: probe with driver holtek failed with error -22 [ 724.397860][ T42] usb 2-1: USB disconnect, device number 16 [ 724.485649][ T5871] em28xx 3-1:0.0: chip ID is em2874 [ 724.527507][T14623] loop4: detected capacity change from 0 to 512 [ 724.649951][T14623] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 724.663440][T14623] ext4 filesystem being mounted at /388/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 724.699210][ T42] usb 3-1: USB disconnect, device number 18 [ 724.707127][ T42] em28xx 3-1:0.0: Disconnecting em28xx [ 724.721787][ T42] em28xx 3-1:0.0: Freeing device [ 724.950382][T10125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 725.226079][T14635] loop4: detected capacity change from 0 to 256 [ 725.500247][T14640] loop5: detected capacity change from 0 to 128 [ 725.907215][T14642] netlink: 'syz.2.3663': attribute type 3 has an invalid length. [ 725.948510][T14648] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 725.955246][T14648] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 725.968882][T14648] vhci_hcd vhci_hcd.0: Device attached [ 726.101532][ T42] usb 2-1: new full-speed USB device number 17 using dummy_hcd [ 726.221105][ T5871] usb 41-1: new low-speed USB device number 3 using vhci_hcd [ 726.250850][ T2231] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 726.277498][ T42] usb 2-1: not running at top speed; connect to a high speed hub [ 726.297659][ T42] usb 2-1: config 1 interface 0 altsetting 240 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 726.311745][ T42] usb 2-1: config 1 interface 0 has no altsetting 0 [ 726.355890][ T42] usb 2-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 726.365344][ T42] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 726.374776][ T42] usb 2-1: Product: syz [ 726.379136][ T42] usb 2-1: Manufacturer: syz [ 726.389589][ T42] usb 2-1: SerialNumber: syz [ 726.426304][T14645] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 726.442600][ T2231] usb 5-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config [ 726.453214][ T2231] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 726.462509][ T2231] usb 5-1: New USB device found, idVendor=05ac, idProduct=0259, bcdDevice=f0.b2 [ 726.472167][ T2231] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 726.487450][ T42] kernel write not supported for file /input/mouse0 (pid: 42 comm: kworker/1:1) [ 726.554812][ T2231] usb 5-1: config 0 descriptor?? [ 726.715165][ T2231] usb 2-1: USB disconnect, device number 17 [ 726.790638][T14649] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2 [ 726.798822][ T3570] vhci_hcd: stop threads [ 726.802535][ T5855] usb 5-1: USB disconnect, device number 14 [ 726.808582][ T3570] vhci_hcd: release socket [ 726.813982][ T3570] vhci_hcd: disconnect device [ 727.039326][T14664] netlink: 'syz.5.3673': attribute type 21 has an invalid length. [ 727.047893][T14664] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3673'. [ 727.069736][T14664] netlink: 'syz.5.3673': attribute type 21 has an invalid length. [ 727.078160][T14664] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3673'. [ 727.655998][T14672] loop1: detected capacity change from 0 to 256 [ 727.785591][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 727.785663][ T30] audit: type=1800 audit(1762827870.701:117): pid=14672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3677" name="file1" dev="loop1" ino=1048868 res=0 errno=0 [ 727.818530][ C1] vkms_vblank_simulate: vblank timer overrun [ 727.869898][T14670] loop7: detected capacity change from 0 to 4096 [ 728.321368][ T5808] Bluetooth: hci5: command 0x0405 tx timeout [ 728.998249][T14694] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3686'. [ 730.442384][T14715] loop2: detected capacity change from 0 to 4096 [ 730.543271][T14722] loop4: detected capacity change from 0 to 512 [ 730.630048][T14727] loop7: detected capacity change from 0 to 64 [ 730.651617][T14715] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 730.658626][T14715] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 730.668514][T14728] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3700'. [ 730.809881][T14715] ntfs3(loop2): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" attr_set_size [ 730.837759][ C1] vkms_vblank_simulate: vblank timer overrun [ 731.199907][ T3799] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 731.225694][ T5798] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 731.233478][ T5798] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 731.241227][ T5798] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 731.329232][ T3799] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 731.373068][ T5871] vhci_hcd: vhci_device speed not set [ 731.438905][T14736] sctp: [Deprecated]: syz.5.3704 (pid 14736) Use of struct sctp_assoc_value in delayed_ack socket option. [ 731.438905][T14736] Use struct sctp_sack_info instead [ 732.462403][T14752] loop4: detected capacity change from 0 to 64 [ 732.679720][T14755] netlink: 'syz.2.3714': attribute type 9 has an invalid length. [ 732.692844][T14755] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3714'. [ 732.711960][T14753] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3711'. [ 733.364173][T14770] sctp: [Deprecated]: syz.1.3720 (pid 14770) Use of struct sctp_assoc_value in delayed_ack socket option. [ 733.364173][T14770] Use struct sctp_sack_info instead [ 734.234369][T14788] loop5: detected capacity change from 0 to 128 [ 734.268037][T14786] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3729'. [ 734.363186][T14788] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 734.429586][T14788] ext4 filesystem being mounted at /558/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 734.842097][ T8074] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 735.048225][T14804] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3736'. [ 735.489464][ T5871] IPVS: starting estimator thread 0... [ 735.581879][T14815] IPVS: using max 240 ests per chain, 12000 per kthread [ 736.824079][T14835] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3750'. [ 736.833809][T14835] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3750'. [ 738.221826][T14863] input: syz0 as /devices/virtual/input/input22 [ 740.245340][T14892] vivid-000: ================= START STATUS ================= [ 740.253377][T14892] vivid-000: Test Pattern: 75% Colorbar [ 740.259227][T14892] vivid-000: Fill Percentage of Frame: 100 [ 740.265445][T14892] vivid-000: Horizontal Movement: No Movement [ 740.271905][T14892] vivid-000: Vertical Movement: No Movement [ 740.278068][T14892] vivid-000: OSD Text Mode: All [ 740.283448][T14892] vivid-000: Show Border: false [ 740.288563][T14892] vivid-000: Show Square: false [ 740.293859][T14892] vivid-000: Sensor Flipped Horizontally: false [ 740.303330][T14892] vivid-000: Sensor Flipped Vertically: false [ 740.310039][T14892] vivid-000: Insert SAV Code in Image: false [ 740.317288][T14892] vivid-000: Insert EAV Code in Image: false [ 740.324230][T14892] vivid-000: Insert Video Guard Band: false [ 740.330407][T14892] vivid-000: Reduced Framerate: false [ 740.336159][T14892] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 740.344268][T14892] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 740.352598][T14892] vivid-000: Enable Capture Cropping: true grabbed [ 740.359443][T14892] vivid-000: Enable Capture Composing: true grabbed [ 740.366496][T14892] vivid-000: Enable Capture Scaler: false grabbed [ 740.373342][T14892] vivid-000: Timestamp Source: End of Frame [ 740.379601][T14892] vivid-000: Colorspace: sRGB [ 740.384676][T14892] vivid-000: Transfer Function: Default [ 740.390517][T14892] vivid-000: Y'CbCr Encoding: Default [ 740.396282][T14892] vivid-000: HSV Encoding: Hue 0-179 [ 740.405414][T14892] vivid-000: Quantization: Default [ 740.411677][T14892] vivid-000: Apply Alpha To Red Only: false [ 740.417971][T14892] vivid-000: Standard Aspect Ratio: 4x3 [ 740.423896][T14892] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 740.432142][T14892] vivid-000: DV Timings: 640x480p59 inactive [ 740.438463][T14892] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 740.446131][T14892] vivid-000: Maximum EDID Blocks: 2 [ 740.451722][T14892] vivid-000: Limited RGB Range (16-235): false [ 740.458163][T14892] vivid-000: Rx RGB Quantization Range: Automatic [ 740.465144][T14892] vivid-000: Power Present: 0x00000001 [ 740.471032][T14892] tpg source WxH: 1280x960 (Y'CbCr) [ 740.476384][T14892] tpg field: 1 [ 740.479897][T14892] tpg crop: (0,0)/1280x960 [ 740.484723][T14892] tpg compose: (0,0)/1280x960 [ 740.489552][T14892] tpg colorspace: 2 [ 740.493618][T14892] tpg transfer function: 3/3 [ 740.498342][T14892] tpg Y'CbCr encoding: 0/8 [ 740.503026][T14892] tpg quantization: 0/2 [ 740.510137][T14892] tpg RGB range: 0/2 [ 740.515178][T14892] vivid-000: ================== END STATUS ================== [ 740.551239][T14893] loop4: detected capacity change from 0 to 2048 [ 740.652321][T14899] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3778'. [ 740.663431][T14893] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 740.740926][ T30] audit: type=1800 audit(1762827883.651:118): pid=14893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3776" name="file1" dev="loop4" ino=1346 res=0 errno=0 [ 741.203382][T14905] loop1: detected capacity change from 0 to 256 [ 741.278758][T14905] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x542a3d5d, utbl_chksum : 0xe619d30d) [ 741.364687][T14908] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3782'. [ 741.417599][ T30] audit: type=1800 audit(1762827884.331:119): pid=14905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3781" name="file2" dev="loop1" ino=1048871 res=0 errno=0 [ 742.544543][T14927] loop4: detected capacity change from 0 to 1024 [ 742.741721][ T5871] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 742.781197][ T5855] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 742.906433][ T5871] usb 8-1: Using ep0 maxpacket: 16 [ 742.924402][ T5871] usb 8-1: config 0 interface 0 has no altsetting 0 [ 742.931756][ T5871] usb 8-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 742.945993][ T5871] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 742.989819][ T5871] usb 8-1: config 0 descriptor?? [ 743.107040][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 743.118513][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 743.130996][ T5855] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 743.144702][ T5855] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 743.154070][ T5855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 743.243144][ T5855] usb 2-1: config 0 descriptor?? [ 743.446128][ T5871] hid (null): unknown global tag 0xc [ 743.757830][ T5855] plantronics 0003:047F:FFFF.0017: collection stack underflow [ 743.765789][ T5855] plantronics 0003:047F:FFFF.0017: item 0 2 0 12 parsing failed [ 743.798971][ T5871] usb 8-1: USB disconnect, device number 7 [ 743.850422][ T5855] plantronics 0003:047F:FFFF.0017: parse failed [ 743.857451][ T5855] plantronics 0003:047F:FFFF.0017: probe with driver plantronics failed with error -22 [ 743.970918][ T5855] usb 2-1: USB disconnect, device number 18 [ 744.382043][T14950] veth0: entered promiscuous mode [ 744.421927][T14948] veth0: left promiscuous mode [ 744.503259][T14954] loop5: detected capacity change from 0 to 256 [ 745.841267][ T5855] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 746.032437][ T5855] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 746.046461][ T5855] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 746.056656][ T5855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 746.111893][ T5855] usb 2-1: config 0 descriptor?? [ 746.201787][ T2231] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 746.315328][ T5871] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 746.371074][ T2231] usb 5-1: Using ep0 maxpacket: 16 [ 746.401433][ T2231] usb 5-1: config 0 interface 0 has no altsetting 0 [ 746.408555][ T2231] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 746.418125][ T2231] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 746.487168][ T2231] usb 5-1: config 0 descriptor?? [ 746.517992][ T5871] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 746.529851][ T5871] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 746.540126][ T5871] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 746.554011][ T5855] keytouch 0003:0926:3333.0018: fixing up Keytouch IEC report descriptor [ 746.568045][ T5871] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 746.577461][ T5871] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 746.584169][ T5855] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0018/input/input23 [ 746.691093][ T5855] keytouch 0003:0926:3333.0018: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 746.693126][ T5871] usb 8-1: config 0 descriptor?? [ 746.742167][T14987] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3819'. [ 746.785177][T14987] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3819'. [ 746.948303][ T2231] hid (null): unknown global tag 0xc [ 747.079245][ T5855] usb 2-1: USB disconnect, device number 19 [ 747.199060][ T2231] usb 5-1: USB disconnect, device number 15 [ 747.265115][ T5871] plantronics 0003:047F:FFFF.001A: collection stack underflow [ 747.278174][ T5871] plantronics 0003:047F:FFFF.001A: item 0 2 0 12 parsing failed [ 747.322153][ T5871] plantronics 0003:047F:FFFF.001A: parse failed [ 747.329125][ T5871] plantronics 0003:047F:FFFF.001A: probe with driver plantronics failed with error -22 [ 747.509430][ T2231] usb 8-1: USB disconnect, device number 8 [ 747.839162][T15001] loop1: detected capacity change from 0 to 8 [ 748.163379][T15006] erspan0: entered promiscuous mode [ 748.293523][T15008] loop1: detected capacity change from 0 to 1024 [ 748.314648][T15008] EXT4-fs: inline encryption not supported [ 748.321852][T15008] EXT4-fs: Ignoring removed i_version option [ 748.379919][T15008] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 748.679500][T15017] loop2: detected capacity change from 0 to 512 [ 748.695329][T11393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 748.743379][T15017] EXT4-fs: Ignoring removed nomblk_io_submit option [ 748.777504][T15017] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 748.850299][T15017] EXT4-fs (loop2): 1 truncate cleaned up [ 748.859618][T15017] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 749.214694][ T5798] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 749.239517][ T5797] Bluetooth: hci3: unexpected event for opcode 0x2043 [ 749.710116][T15035] loop1: detected capacity change from 0 to 512 [ 749.737819][T15035] udf: Unknown parameter 'vø' [ 749.810524][T15038] loop5: detected capacity change from 0 to 512 [ 749.829324][T15038] EXT4-fs: Ignoring removed nobh option [ 749.941987][T15038] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 749.957819][T15038] ext4 filesystem being mounted at /577/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 750.285856][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 750.668265][T15052] loop2: detected capacity change from 0 to 1024 [ 750.703282][T15052] EXT4-fs: inline encryption not supported [ 750.709366][T15052] EXT4-fs: Ignoring removed i_version option [ 750.866022][T15052] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 751.284013][ T5798] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 751.379107][T15070] loop5: detected capacity change from 0 to 1024 [ 751.407460][T15070] EXT4-fs: Ignoring removed bh option [ 751.502277][T15070] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 751.947428][T15078] netem: change failed [ 752.022469][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 752.121264][ T2231] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 752.327582][ T2231] usb 8-1: Using ep0 maxpacket: 16 [ 752.343226][ T2231] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 752.353727][ T2231] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 752.365059][ T2231] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 752.375124][ T2231] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 752.387655][ T2231] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 752.561136][ T5797] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 752.569870][ T5797] Bluetooth: hci1: Injecting HCI hardware error event [ 752.573157][ T2231] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 752.578028][ T5797] Bluetooth: hci1: hardware error 0x00 [ 752.586145][ T2231] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 752.586272][ T2231] usb 8-1: Manufacturer: syz [ 752.604603][ T2231] usb 8-1: config 0 descriptor?? [ 752.946035][T15089] loop1: detected capacity change from 0 to 4096 [ 752.970382][T15089] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 753.107506][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 753.292838][ T5808] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 753.304553][ T5808] Bluetooth: hci3: Injecting HCI hardware error event [ 753.316821][ T5808] Bluetooth: hci3: hardware error 0x00 [ 753.349897][T15089] ntfs3(loop1): ino=1a, mi_enum_attr [ 753.355644][T15089] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 753.401651][T15089] ntfs3(loop1): ino=1a, mi_enum_attr [ 753.413528][T15089] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 753.492011][ T2231] rc_core: IR keymap rc-hauppauge not found [ 753.498135][ T2231] Registered IR keymap rc-empty [ 753.503429][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.552370][T15089] ntfs3(loop1): ino=5, "/" ntfs_readdir [ 753.577064][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.605449][ T2231] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0 [ 753.623499][ T2231] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/rc/rc0/input24 [ 753.708482][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.731779][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.751868][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.795969][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.831589][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.851815][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.874235][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.908395][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.931277][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.951403][ T2231] mceusb 8-1:0.0: Error: mce write submit urb error = -90 [ 753.976381][ T2231] mceusb 8-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 753.989896][ T2231] mceusb 8-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 754.021380][ T2231] usb 8-1: USB disconnect, device number 9 [ 754.439229][T15110] loop5: detected capacity change from 0 to 8 [ 754.588536][T15112] loop1: detected capacity change from 0 to 1024 [ 754.605988][T15112] EXT4-fs: Ignoring removed orlov option [ 754.725284][ T5797] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 754.769793][T15112] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 754.782716][T15112] ext4 filesystem being mounted at /311/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 754.835853][T15112] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 755.135285][T11393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 755.223864][T15122] loop5: detected capacity change from 0 to 2048 [ 755.299238][T15122] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 755.363239][ T5808] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 755.810185][T15133] loop7: detected capacity change from 0 to 1024 [ 755.819562][T15133] EXT4-fs: inline encryption not supported [ 755.879956][T15133] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 756.406959][T15143] input: syz0 as /devices/virtual/input/input25 [ 756.647370][T13338] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.782446][T15164] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3894'. [ 758.319977][T15171] loop5: detected capacity change from 0 to 2048 [ 758.440788][T15174] loop1: detected capacity change from 0 to 1024 [ 758.448889][T15171] UDF-fs: warning (device loop5): udf_verify_domain_identifier: Not OSTA UDF compliant logical volume descriptor. [ 758.456676][T15174] EXT4-fs: inline encryption not supported [ 758.464785][T15171] UDF-fs: warning (device loop5): udf_fill_super: No fileset found [ 758.550022][T15174] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 758.794619][T15145] loop4: detected capacity change from 0 to 32768 [ 758.816816][T15145] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3886 (15145) [ 758.996046][T15145] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 759.006805][T15145] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 759.428946][T15145] BTRFS info (device loop4): enabling ssd optimizations [ 759.436617][T15145] BTRFS info (device loop4): turning on async discard [ 759.449361][T15145] BTRFS info (device loop4): enabling free space tree [ 759.452455][T11393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 759.457426][T15145] BTRFS info (device loop4): use zstd compression, level 3 [ 759.809366][T10125] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 760.049484][T15209] loop5: detected capacity change from 0 to 256 [ 760.201208][T15209] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 760.763094][T15219] loop5: detected capacity change from 0 to 64 [ 761.232675][T15225] netlink: 'syz.1.3926': attribute type 7 has an invalid length. [ 761.414270][T15227] loop2: detected capacity change from 0 to 1024 [ 761.435357][T15227] EXT4-fs: inline encryption not supported [ 761.563529][T15227] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 761.586500][T15236] loop1: detected capacity change from 0 to 16 [ 761.603960][T15236] erofs (device loop1): mounted with root inode @ nid 36. [ 762.117374][ T5798] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 762.135559][T15240] loop7: detected capacity change from 0 to 2048 [ 762.245990][T15240] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 762.258869][T15240] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 762.478267][ T30] audit: type=1800 audit(1762827905.391:120): pid=15240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3922" name="file0" dev="loop7" ino=13 res=0 errno=0 [ 762.499099][ C1] vkms_vblank_simulate: vblank timer overrun [ 762.756559][T13338] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 762.847644][T15259] loop4: detected capacity change from 0 to 64 [ 762.995457][ T30] audit: type=1800 audit(1762827905.911:121): pid=15259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3929" name="file2" dev="loop4" ino=22 res=0 errno=0 [ 763.016174][ C1] vkms_vblank_simulate: vblank timer overrun [ 763.038473][T15259] syz.4.3929: attempt to access beyond end of device [ 763.038473][T15259] loop4: rw=34817, sector=39, nr_sectors = 125 limit=64 [ 763.057721][T15259] syz.4.3929: attempt to access beyond end of device [ 763.057721][T15259] loop4: rw=34817, sector=167, nr_sectors = 1 limit=64 [ 763.071987][T15259] syz.4.3929: attempt to access beyond end of device [ 763.071987][T15259] loop4: rw=34817, sector=169, nr_sectors = 1 limit=64 [ 763.091453][T15259] syz.4.3929: attempt to access beyond end of device [ 763.091453][T15259] loop4: rw=34817, sector=171, nr_sectors = 7 limit=64 [ 763.119742][T15259] syz.4.3929: attempt to access beyond end of device [ 763.119742][T15259] loop4: rw=34817, sector=179, nr_sectors = 263 limit=64 [ 763.277732][T15261] netlink: 'syz.5.3931': attribute type 7 has an invalid length. [ 763.314553][T15267] loop1: detected capacity change from 0 to 256 [ 763.324100][T15267] exfat: Deprecated parameter 'namecase' [ 763.330426][T15267] exfat: Deprecated parameter 'namecase' [ 763.337243][T15267] exfat: Deprecated parameter 'namecase' [ 763.357696][T15267] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 763.409731][T15267] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 765.072085][T15304] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3946'. [ 765.092362][T15304] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3946'. [ 765.656441][T15314] loop4: detected capacity change from 0 to 8 [ 766.677390][T15335] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3960'. [ 766.723133][T15335] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3960'. [ 768.729298][T15374] loop4: detected capacity change from 0 to 1024 [ 768.867757][T15374] hfsplus: request for non-existent node 33554434 in B*Tree [ 768.878830][T15374] hfsplus: request for non-existent node 33554434 in B*Tree [ 768.904646][T15374] hfsplus: request for non-existent node 33554434 in B*Tree [ 768.912421][T15374] hfsplus: request for non-existent node 33554434 in B*Tree [ 768.926659][T15380] block nbd4: Unsupported socket: should be TCP or UNIX. [ 769.076938][T15373] hfsplus: request for non-existent node 33554434 in B*Tree [ 769.090255][T15373] hfsplus: request for non-existent node 33554434 in B*Tree [ 769.159581][T15373] hfsplus: request for non-existent node 33554434 in B*Tree [ 769.167180][T15373] hfsplus: request for non-existent node 33554434 in B*Tree [ 769.406483][T15385] loop2: detected capacity change from 0 to 1024 [ 769.666443][T15390] loop5: detected capacity change from 0 to 256 [ 769.676299][ T14] hfsplus: b-tree write err: -5, ino 4 [ 769.759989][T15390] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 769.947875][ T2231] kernel write not supported for file /dsp (pid: 2231 comm: kworker/0:2) [ 770.222243][T15400] netlink: 'syz.4.3989': attribute type 12 has an invalid length. [ 770.230419][T15400] netlink: 'syz.4.3989': attribute type 3 has an invalid length. [ 770.238565][T15400] netlink: 148 bytes leftover after parsing attributes in process `syz.4.3989'. [ 770.804366][T15408] loop1: detected capacity change from 0 to 1024 [ 771.184616][T14396] hfsplus: b-tree write err: -5, ino 4 [ 771.433357][T15419] loop2: detected capacity change from 0 to 512 [ 771.557107][T15419] EXT4-fs (loop2): 1 truncate cleaned up [ 771.566678][T15419] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 771.609090][T15418] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3997: bg 0: block 465: padding at end of block bitmap is not set [ 771.947646][ T5798] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 772.056632][T15433] loop5: detected capacity change from 0 to 16 [ 772.086007][T15433] erofs (device loop5): mounted with root inode @ nid 36. [ 772.471033][ T2231] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 772.655257][ T2231] usb 2-1: Using ep0 maxpacket: 16 [ 772.679963][ T2231] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 772.690590][ T2231] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 772.701878][ T2231] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 772.781539][ T2231] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 772.791151][ T2231] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 772.799342][ T2231] usb 2-1: SerialNumber: syz [ 772.833180][ T2231] hub 2-1:1.0: bad descriptor, ignoring hub [ 772.839400][ T2231] hub 2-1:1.0: probe with driver hub failed with error -5 [ 772.848790][ T2231] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22 [ 773.058728][T15444] loop2: detected capacity change from 0 to 1024 [ 773.161737][ T2231] usb 2-1: USB disconnect, device number 20 [ 773.267107][ T3570] hfsplus: b-tree write err: -5, ino 4 [ 774.136020][T15456] loop1: detected capacity change from 0 to 256 [ 774.150026][T15457] loop4: detected capacity change from 0 to 256 [ 774.175678][T15457] exfat: Deprecated parameter 'namecase' [ 774.227546][T15456] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 774.284039][T15456] exFAT-fs (loop1): start_clu is invalid cluster(0xffffffff) [ 774.367217][T15457] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d) [ 774.510359][T15462] loop7: detected capacity change from 0 to 16 [ 774.582043][T15462] erofs (device loop7): mounted with root inode @ nid 36. [ 775.151760][T15474] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4022'. [ 775.214904][T15476] loop1: detected capacity change from 0 to 256 [ 775.356247][T15476] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 775.597692][T15482] overlayfs: failed lookup in lower (/, name='file1', err=-66): unsupported object type [ 775.764031][ T5808] Bluetooth: hci0: command 0x0406 tx timeout [ 776.030402][T15490] loop4: detected capacity change from 0 to 256 [ 776.097442][T15490] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 776.196500][T15490] exFAT-fs (loop4): start_clu is invalid cluster(0xffffffff) [ 776.277186][T15496] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4032'. [ 776.769865][T15500] loop1: detected capacity change from 0 to 4096 [ 776.849669][T15506] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 776.948170][ T30] audit: type=1800 audit(1762827919.861:122): pid=15500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4034" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 777.196038][T15512] loop7: detected capacity change from 0 to 512 [ 777.312672][T15512] EXT4-fs (loop7): Test dummy encryption mode enabled [ 777.319714][T15512] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 777.429232][T15512] EXT4-fs error (device loop7): xattr_find_entry:337: inode #15: comm syz.7.4038: corrupted xattr entries [ 777.468955][T15518] netlink: 116 bytes leftover after parsing attributes in process `syz.2.4041'. [ 777.490014][T15512] EXT4-fs (loop7): 1 orphan inode deleted [ 777.504064][T15512] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 777.523275][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 777.529868][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 777.799066][T13338] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 777.891827][T15524] sp0: Synchronizing with TNC [ 778.260450][T15532] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4047'. [ 778.676598][T15541] loop7: detected capacity change from 0 to 8 [ 778.988928][T15548] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4053'. [ 779.023795][T15547] loop5: detected capacity change from 0 to 128 [ 779.083080][T15547] hpfs: Unknown parameter 'uid<00000000000000000000' [ 779.264156][T15552] loop4: detected capacity change from 0 to 512 [ 779.300709][T15552] EXT4-fs (loop4): Test dummy encryption mode enabled [ 779.308067][T15552] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 779.425450][T15552] EXT4-fs error (device loop4): xattr_find_entry:337: inode #15: comm syz.4.4055: corrupted xattr entries [ 779.454639][T15552] EXT4-fs (loop4): 1 orphan inode deleted [ 779.467643][T15552] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 779.550802][T15557] loop5: detected capacity change from 0 to 128 [ 779.591549][T15558] loop1: detected capacity change from 0 to 1024 [ 779.600987][T15558] EXT4-fs: inline encryption not supported [ 779.686246][T15558] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 779.861659][T15558] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4193: comm syz.1.4056: Allocating blocks 497-513 which overlap fs metadata [ 779.904462][T10125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 779.917368][T15555] EXT4-fs (loop1): pa ffff8881229bb700: logic 16, phys. 145, len 23 [ 779.927092][T15555] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1 [ 780.049658][T15562] loop5: detected capacity change from 0 to 512 [ 780.101088][T15562] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 780.164897][T15562] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 780.190101][T11393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 780.228113][T15562] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 780.244642][T15562] ext4 filesystem being mounted at /623/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 780.639246][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 780.970774][ T30] audit: type=1326 audit(1762827923.881:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz.5.4065" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 781.115977][ T30] audit: type=1326 audit(1762827923.921:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz.5.4065" exe="/root/syz-executor" sig=0 arch=40000003 syscall=310 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 781.138829][ T30] audit: type=1326 audit(1762827923.931:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz.5.4065" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 781.166912][ T30] audit: type=1326 audit(1762827923.941:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz.5.4065" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 781.168620][T15541] Dev loop7: unable to read RDB block 8 [ 781.190187][ T30] audit: type=1326 audit(1762827923.961:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz.5.4065" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 781.195966][T15541] loop7: unable to read partition table [ 781.205648][T15541] loop7: partition table beyond EOD, [ 781.228141][ T30] audit: type=1326 audit(1762827923.961:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz.5.4065" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 781.228805][T15541] truncated [ 781.228854][T15541] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü¾CêjÌ–ã¢P=ý?ã}X‹ºÐ œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö˜Èµ4FLQkÝŠ) failed (rc=-5) [ 781.234447][ T30] audit: type=1326 audit(1762827923.991:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz.5.4065" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 781.301857][ C1] vkms_vblank_simulate: vblank timer overrun [ 781.313247][ T30] audit: type=1326 audit(1762827923.991:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15575 comm="syz.5.4065" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70bd539 code=0x7ffc0000 [ 781.335498][ C1] vkms_vblank_simulate: vblank timer overrun [ 781.878633][T15590] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4071'. [ 782.019200][T15592] loop4: detected capacity change from 0 to 1024 [ 782.042535][T15591] loop2: detected capacity change from 0 to 764 [ 782.072781][T15592] EXT4-fs: inline encryption not supported [ 782.107848][T15591] rock: directory entry would overflow storage [ 782.122499][T15591] rock: sig=0x4654, size=5, remaining=4 [ 782.152310][T15592] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 782.267218][T15596] netlink: 'syz.1.4073': attribute type 12 has an invalid length. [ 782.275527][T15596] netlink: 'syz.1.4073': attribute type 29 has an invalid length. [ 782.283734][T15596] netlink: 148 bytes leftover after parsing attributes in process `syz.1.4073'. [ 782.299483][T15596] netlink: 59 bytes leftover after parsing attributes in process `syz.1.4073'. [ 782.313940][T15592] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.4072: Allocating blocks 497-513 which overlap fs metadata [ 782.384844][T15589] EXT4-fs (loop4): pa ffff888121fe2540: logic 16, phys. 145, len 23 [ 782.396235][T15589] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1 [ 782.733253][T10125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 783.683250][T15621] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4085'. [ 783.766548][T15623] loop5: detected capacity change from 0 to 64 [ 784.271701][T15629] netlink: 'syz.2.4089': attribute type 12 has an invalid length. [ 784.279699][T15629] netlink: 'syz.2.4089': attribute type 29 has an invalid length. [ 784.287924][T15629] netlink: 148 bytes leftover after parsing attributes in process `syz.2.4089'. [ 784.299284][T15629] netlink: 59 bytes leftover after parsing attributes in process `syz.2.4089'. [ 784.318487][T15631] loop5: detected capacity change from 0 to 1024 [ 784.368367][T15631] EXT4-fs: inline encryption not supported [ 784.432292][T15634] loop4: detected capacity change from 0 to 64 [ 784.473056][T15631] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 784.604002][T15631] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.4090: Allocating blocks 497-513 which overlap fs metadata [ 784.608860][T15640] loop1: detected capacity change from 0 to 128 [ 784.688148][T15630] EXT4-fs (loop5): pa ffff888121fe2620: logic 16, phys. 145, len 23 [ 784.699154][T15630] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1 [ 784.993963][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 785.803415][T15662] netlink: 'syz.7.4103': attribute type 12 has an invalid length. [ 785.811830][T15662] netlink: 'syz.7.4103': attribute type 29 has an invalid length. [ 785.819865][T15662] netlink: 148 bytes leftover after parsing attributes in process `syz.7.4103'. [ 785.834137][T15662] netlink: 59 bytes leftover after parsing attributes in process `syz.7.4103'. [ 787.962153][T15705] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4132'. [ 788.095281][T15711] loop7: detected capacity change from 0 to 764 [ 788.113855][T15705] nbd: socks must be embedded in a SOCK_ITEM attr [ 788.141357][T15711] rock: directory entry would overflow storage [ 788.147720][T15711] rock: sig=0x4654, size=5, remaining=4 [ 788.655294][T15715] loop1: detected capacity change from 0 to 2048 [ 788.743504][T15721] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 788.794882][T15715] NILFS error (device loop1): nilfs_readdir: zero-length directory entry [ 788.850888][T15715] Remounting filesystem read-only [ 789.848112][T15743] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4137'. [ 789.863585][T15743] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4137'. [ 789.873813][T15743] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4137'. [ 790.159613][T15747] loop5: detected capacity change from 0 to 1024 [ 790.226928][T15747] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 790.688904][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 791.432633][T15775] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4152'. [ 791.969712][T15783] loop1: detected capacity change from 0 to 1024 [ 791.981256][T15783] EXT4-fs: Ignoring removed bh option [ 792.009978][T15783] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 792.088349][T15783] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 792.234041][ T30] audit: type=1800 audit(1762827935.151:131): pid=15783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4156" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 792.481272][T11393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 794.496970][T15824] input: syz0 as /devices/virtual/input/input26 [ 794.855827][T15828] loop7: detected capacity change from 0 to 128 [ 795.059224][T15828] syz.7.4177: attempt to access beyond end of device [ 795.059224][T15828] loop7: rw=2049, sector=138, nr_sectors = 84 limit=128 [ 795.081081][T15833] netlink: 288 bytes leftover after parsing attributes in process `syz.5.4178'. [ 795.120007][T15832] syz.7.4177: attempt to access beyond end of device [ 795.120007][T15832] loop7: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 795.134205][T15832] buffer_io_error: 5 callbacks suppressed [ 795.134281][T15832] Buffer I/O error on dev loop7, logical block 69, lost async page write [ 795.576195][T15839] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4181'. [ 795.966709][T15844] netlink: 'syz.4.4184': attribute type 5 has an invalid length. [ 796.226387][T15847] netlink: 168 bytes leftover after parsing attributes in process `syz.5.4185'. [ 796.709985][T15855] loop5: detected capacity change from 0 to 16 [ 796.749448][T15855] erofs (device loop5): mounted with root inode @ nid 36. [ 796.818082][T15855] erofs (device loop5): readahead error at folio 6 @ nid 36 [ 796.829188][T15855] erofs (device loop5): readahead error at folio 4 @ nid 36 [ 796.838095][T15855] erofs (device loop5): bogus lookback distance 1 @ lcn 0 of nid 36 [ 796.846569][T15855] erofs (device loop5): readahead error at folio 0 @ nid 36 [ 796.854391][T15855] syz.5.4189: attempt to access beyond end of device [ 796.854391][T15855] loop5: rw=524288, sector=16392, nr_sectors = 16 limit=16 [ 796.868893][T15855] syz.5.4189: attempt to access beyond end of device [ 796.868893][T15855] loop5: rw=524288, sector=1049264, nr_sectors = 16 limit=16 [ 796.883675][T15855] syz.5.4189: attempt to access beyond end of device [ 796.883675][T15855] loop5: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 796.897625][T15855] syz.5.4189: attempt to access beyond end of device [ 796.897625][T15855] loop5: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 796.912145][T15855] erofs (device loop5): bogus lookback distance 1 @ lcn 0 of nid 36 [ 796.920470][T15855] syz.5.4189: attempt to access beyond end of device [ 796.920470][T15855] loop5: rw=0, sector=16392, nr_sectors = 8 limit=16 [ 796.937221][T15855] erofs (device loop5): read error -5 @ 0 of nid 36 [ 796.945367][T15855] erofs (device loop5): failed to readdir of logical block 0 of nid 36 [ 797.014925][T15855] erofs (device loop5): bogus lookback distance 1 @ lcn 0 of nid 36 [ 797.026102][T15855] syz.5.4189: attempt to access beyond end of device [ 797.026102][T15855] loop5: rw=0, sector=16392, nr_sectors = 8 limit=16 [ 797.043418][T15855] erofs (device loop5): read error -5 @ 0 of nid 36 [ 797.052604][T15855] erofs (device loop5): failed to readdir of logical block 0 of nid 36 [ 797.950308][T15876] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4199'. [ 797.979690][T15877] loop4: detected capacity change from 0 to 512 [ 798.073044][T15877] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 798.416052][T10125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 798.454503][T15887] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4203'. [ 798.465126][T15887] netlink: 'syz.5.4203': attribute type 7 has an invalid length. [ 798.476292][T15887] netlink: 'syz.5.4203': attribute type 8 has an invalid length. [ 798.486753][T15887] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4203'. [ 798.826571][T15892] pimreg: entered allmulticast mode [ 798.924733][T15892] pimreg: left allmulticast mode [ 799.626236][T15909] loop1: detected capacity change from 0 to 128 [ 800.295053][T15922] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4219'. [ 800.911315][T15935] loop7: detected capacity change from 0 to 256 [ 801.560834][ T5855] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 801.575434][T15950] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4231'. [ 801.584826][T15950] netlink: 'syz.7.4231': attribute type 6 has an invalid length. [ 801.592867][T15950] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4231'. [ 801.785543][ T5855] usb 5-1: Using ep0 maxpacket: 32 [ 801.824313][ T5855] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 801.834051][ T5855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 801.884173][ T5855] usb 5-1: config 0 descriptor?? [ 802.120458][ T5855] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 802.132655][ T5855] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 802.145503][ T5855] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 802.157124][ T5855] usb 5-1: media controller created [ 802.205164][ T5855] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 802.337709][ T5855] az6027: usb out operation failed. (-71) [ 802.344698][ T5855] az6027: usb out operation failed. (-71) [ 802.350679][ T5855] stb0899_attach: Driver disabled by Kconfig [ 802.360902][ T5855] az6027: no front-end attached [ 802.360902][ T5855] [ 802.370477][ T5855] az6027: usb out operation failed. (-71) [ 802.376537][ T5855] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 802.386437][ T5855] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input27 [ 802.402657][ T5855] dvb-usb: schedule remote query interval to 400 msecs. [ 802.409815][ T5855] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 802.423132][ T5855] usb 5-1: USB disconnect, device number 16 [ 802.542134][ T5855] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 802.853354][T15956] loop7: detected capacity change from 0 to 128 [ 802.918662][T15956] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 802.984972][T15956] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 803.498532][T15967] loop1: detected capacity change from 0 to 64 [ 803.784937][T15962] loop5: detected capacity change from 0 to 4096 [ 803.826283][T15970] loop7: detected capacity change from 0 to 1024 [ 803.839735][T15970] EXT4-fs: inline encryption not supported [ 803.889171][T15962] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 803.917989][T15970] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 804.105779][T15962] ntfs3(loop5): ino=b, mi_enum_attr [ 804.114177][T15962] ntfs3(loop5): Failed to load $Extend (-22). [ 804.123250][T15962] ntfs3(loop5): Failed to initialize $Extend. [ 804.189907][ T30] audit: type=1800 audit(1762827947.101:132): pid=15962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4237" name="file1" dev="loop5" ino=30 res=0 errno=0 [ 804.217022][T15979] loop2: detected capacity change from 0 to 256 [ 804.259734][T15979] exfat: Deprecated parameter 'utf8' [ 804.361618][T15979] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 804.621468][T13338] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 806.302041][T16016] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4261'. [ 806.709848][T16023] loop1: detected capacity change from 0 to 4096 [ 808.189291][T16043] loop4: detected capacity change from 0 to 2048 [ 808.301430][T16046] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 808.349579][T16043] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12 [ 808.381983][T16043] Remounting filesystem read-only [ 808.822101][T16054] loop1: detected capacity change from 0 to 256 [ 808.872418][T16054] exFAT-fs (loop1): failed to load upcase table (idx : 0x00002e7f, chksum : 0x03279930, utbl_chksum : 0xe619d30d) [ 809.083331][T16058] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4280'. [ 809.348461][ T5808] Bluetooth: hci5: unexpected event for opcode 0x2016 [ 809.426894][T16065] loop4: detected capacity change from 0 to 512 [ 809.443502][ T42] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 809.515547][T16065] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4283: iget: bad i_size value: 38620345925642 [ 809.540325][T16065] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4283: couldn't read orphan inode 15 (err -117) [ 809.563806][T16065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 809.610919][ T42] usb 3-1: Using ep0 maxpacket: 32 [ 809.629653][ T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 809.643492][ T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 809.656026][ T42] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 809.665622][ T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 809.691174][ T42] usb 3-1: config 0 descriptor?? [ 809.723389][ T42] hub 3-1:0.0: USB hub found [ 809.929154][ T42] hub 3-1:0.0: config failed, can't read hub descriptor (err -90) [ 809.987219][T10125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 810.140432][ T42] usbhid 3-1:0.0: can't add hid device: -71 [ 810.147458][ T42] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 810.207891][T16076] netlink: 316 bytes leftover after parsing attributes in process `syz.7.4286'. [ 810.214736][ T42] usb 3-1: USB disconnect, device number 19 [ 810.577047][T16080] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4289'. [ 810.759246][T16082] loop7: detected capacity change from 0 to 1024 [ 810.858392][T16082] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 811.017435][T16082] EXT4-fs error (device loop7): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.7.4290: path /215/file1/file0: bad entry in directory: inode out of bounds - offset=24, inode=150994957, rec_len=16, size=80 fake=0 [ 811.083769][T16082] EXT4-fs (loop7): Remounting filesystem read-only [ 811.330828][T13338] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 811.643766][T16098] loop4: detected capacity change from 0 to 256 [ 811.806839][T16098] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012c80, chksum : 0x8ff561f5, utbl_chksum : 0xe619d30d) [ 811.888155][T16104] netlink: 'syz.1.4299': attribute type 5 has an invalid length. [ 811.898880][T16104] netlink: 'syz.1.4299': attribute type 11 has an invalid length. [ 812.501159][T16110] loop7: detected capacity change from 0 to 2048 [ 812.570180][T16110] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 812.804161][T13338] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 814.259060][T16144] trusted_key: encrypted_key: keyword 'à¹w' not recognized [ 814.617465][T16151] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4322'. [ 814.668380][T16151] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4322'. [ 815.466781][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 816.357694][T16185] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4334'. [ 816.941408][T16192] Bluetooth: hci0: load_link_keys: expected 51203 bytes, got 7 bytes [ 816.955280][T16189] loop4: detected capacity change from 0 to 1024 [ 817.998892][T16202] loop5: detected capacity change from 0 to 2048 [ 818.088756][T16208] loop4: detected capacity change from 0 to 512 [ 818.116512][T16208] EXT4-fs: Ignoring removed i_version option [ 818.155230][T16202] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 818.212834][T16208] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 818.226097][T16208] ext4 filesystem being mounted at /528/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 818.415189][T16208] EXT4-fs error (device loop4): ext4_readdir:264: inode #12: block 32: comm syz.4.4345: path /528/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 818.463596][T16208] EXT4-fs (loop4): Remounting filesystem read-only [ 818.663139][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 819.236181][T10125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 819.277902][T16225] loop5: detected capacity change from 0 to 512 [ 819.328942][T16225] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 819.483683][T16225] EXT4-fs (loop5): invalid journal inode [ 819.489667][T16225] EXT4-fs (loop5): can't get journal size [ 819.715550][T16225] EXT4-fs (loop5): 1 truncate cleaned up [ 819.725955][T16225] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 820.267476][T16235] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4354'. [ 820.289697][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 821.483314][ T2231] Process accounting resumed [ 821.542832][ T5855] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 821.721344][ T5855] usb 6-1: Using ep0 maxpacket: 16 [ 821.753853][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 821.765424][ T5855] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 821.775632][ T5855] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 821.788920][ T5855] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 821.798399][ T5855] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 821.910434][ T5855] usb 6-1: config 0 descriptor?? [ 822.377612][ T5855] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 822.385519][ T5855] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 822.392857][ T5855] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 822.400057][ T5855] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 822.410006][ T5855] shield 0003:0955:7214.001B: unknown main item tag 0x0 [ 822.516369][ T5855] input: HID 0955:7214 Haptics as /devices/virtual/input/input29 [ 822.574773][T16256] random: crng reseeded on system resumption [ 822.602067][ T5855] shield 0003:0955:7214.001B: Registered Thunderstrike controller [ 822.611083][ T5855] shield 0003:0955:7214.001B: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.5-1/input0 [ 822.847096][ T9] usb 6-1: USB disconnect, device number 16 [ 822.862907][ T2231] shield 0003:0955:7214.001B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 822.874761][ T2231] shield 0003:0955:7214.001B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 822.887088][ T2231] shield 0003:0955:7214.001B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 822.898597][ T2231] shield 0003:0955:7214.001B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 823.071130][ T5855] usb 5-1: new full-speed USB device number 17 using dummy_hcd [ 823.210007][T16275] loop7: detected capacity change from 0 to 256 [ 823.255301][ T5855] usb 5-1: config 0 has no interfaces? [ 823.285577][ T5855] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 823.295392][ T5855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 823.298085][T16275] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 823.303646][ T5855] usb 5-1: SerialNumber: syz [ 823.339356][ T5855] usb 5-1: config 0 descriptor?? [ 823.574644][ T42] usb 5-1: USB disconnect, device number 17 [ 823.953876][T16281] loop5: detected capacity change from 0 to 2048 [ 823.980042][T16281] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=18576, location=18576 [ 824.038733][T16281] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 825.465621][ T42] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 825.635892][ T42] usb 2-1: Using ep0 maxpacket: 16 [ 825.657217][ T42] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 825.673874][ T42] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 825.686439][ T42] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 825.699976][ T42] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 825.714927][ T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 825.763275][ T42] usb 2-1: config 0 descriptor?? [ 826.265764][ T42] shield 0003:0955:7214.001C: unknown main item tag 0x0 [ 826.273397][ T42] shield 0003:0955:7214.001C: unknown main item tag 0x0 [ 826.285448][ T42] shield 0003:0955:7214.001C: unknown main item tag 0x0 [ 826.292810][ T42] shield 0003:0955:7214.001C: unknown main item tag 0x0 [ 826.300093][ T42] shield 0003:0955:7214.001C: unknown main item tag 0x0 [ 826.364416][T16317] loop7: detected capacity change from 0 to 1024 [ 826.384138][ T42] input: HID 0955:7214 Haptics as /devices/virtual/input/input30 [ 826.418027][ T42] shield 0003:0955:7214.001C: Registered Thunderstrike controller [ 826.428873][ T42] shield 0003:0955:7214.001C: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0 [ 826.456997][T16317] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 826.487883][T16303] random: crng reseeded on system resumption [ 826.697051][T14606] shield 0003:0955:7214.001C: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 826.699459][ T5855] usb 2-1: USB disconnect, device number 21 [ 826.708724][T14606] shield 0003:0955:7214.001C: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 826.733153][T14606] shield 0003:0955:7214.001C: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 826.749908][T14606] shield 0003:0955:7214.001C: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 827.448982][T16326] bridge0: port 3(syz_tun) entered disabled state [ 827.596332][T16326] bridge0: port 2(bridge_slave_1) entered disabled state [ 827.604753][T16326] bridge0: port 1(bridge_slave_0) entered disabled state [ 828.158994][T16350] loop1: detected capacity change from 0 to 256 [ 828.438965][T16326] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 828.511301][T16326] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 828.596141][T16347] loop7: detected capacity change from 0 to 4096 [ 828.794453][T16358] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 828.965948][T16347] NILFS error (device loop7): nilfs_dotdot: directory #12 missing '.' [ 828.991729][T16347] Remounting filesystem read-only [ 829.064266][T14396] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 829.085180][ T3799] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 829.155136][ T3799] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 829.175076][ T3799] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 829.316058][T13338] NILFS (loop7): disposed unprocessed dirty file(s) when detaching log writer [ 830.048301][T16372] tap0: tun_chr_ioctl cmd 1074025677 [ 830.056761][T16372] tap0: linktype set to 773 [ 830.275411][T16376] loop4: detected capacity change from 0 to 512 [ 830.334398][T16380] loop2: detected capacity change from 0 to 64 [ 830.341120][T16376] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 830.408496][T16376] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.4407: iget: bad i_size value: 38620345925642 [ 830.501637][T16376] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.4407: couldn't read orphan inode 15 (err -117) [ 830.595773][T16376] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 830.693551][T16376] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4407: bg 0: block 5: invalid block bitmap [ 830.744334][T16376] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 830.757096][T16376] EXT4-fs (loop4): This should not happen!! Data will be lost [ 830.757096][T16376] [ 830.769600][T16376] EXT4-fs (loop4): Total free blocks count 0 [ 830.778520][T16376] EXT4-fs (loop4): Free/Dirty block details [ 830.784737][T16376] EXT4-fs (loop4): free_blocks=0 [ 830.789839][T16376] EXT4-fs (loop4): dirty_blocks=2 [ 830.797639][T16376] EXT4-fs (loop4): Block reservation details [ 830.806362][T16376] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 830.902397][T16388] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4411'. [ 831.057194][T16385] loop1: detected capacity change from 0 to 4096 [ 831.069731][ T5798] hfs: node 4:3 still has 1 user(s)! [ 831.076109][T10125] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 831.087321][T16385] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 831.261067][T16385] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 831.281424][T16385] ntfs3(loop1): mft corrupted [ 831.286540][T16385] ntfs3(loop1): Failed to load $Extend (-22). [ 831.293066][T16385] ntfs3(loop1): Failed to initialize $Extend. [ 831.353037][T16385] ntfs3(loop1): ino=1e, mi_enum_attr [ 831.358555][T16385] ntfs3(loop1): ino=1e, mi_enum_attr [ 831.364938][T16385] ntfs3(loop1): ino=1e, "file1" mi_enum_attr [ 831.371630][T16385] ntfs3(loop1): ino=1e, "file1" mi_enum_attr [ 831.391725][T16385] ntfs3(loop1): ino=1e, "file1" mi_enum_attr [ 831.698179][T16395] loop5: detected capacity change from 0 to 2048 [ 831.801338][T16395] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found [ 831.809284][T16395] UDF-fs: Scanning with blocksize 512 failed [ 831.937312][T16395] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 832.019855][T16401] netlink: 'syz.7.4419': attribute type 21 has an invalid length. [ 832.028264][T16401] IPv6: NLM_F_CREATE should be specified when creating new route [ 832.036731][T16401] IPv6: Can't replace route, no match found [ 832.087825][T16403] netlink: 168 bytes leftover after parsing attributes in process `syz.1.4417'. [ 833.604061][T16424] loop7: detected capacity change from 0 to 512 [ 833.671396][T16424] EXT4-fs (loop7): Test dummy encryption mode enabled [ 833.678364][T16424] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 833.723905][T16424] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.4429: bad orphan inode 131083 [ 833.742305][T16424] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 833.983674][T16436] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4434'. [ 834.189520][T16436] nbd: socks must be embedded in a SOCK_ITEM attr [ 834.286905][T13338] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 834.737909][T16428] loop2: detected capacity change from 0 to 4096 [ 834.781376][T16428] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 835.070801][T16452] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4439'. [ 835.324269][T16428] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 835.398783][T16428] ntfs3(loop2): mft corrupted [ 835.403973][T16428] ntfs3(loop2): Failed to load $Extend (-22). [ 835.410317][T16428] ntfs3(loop2): Failed to initialize $Extend. [ 835.449360][T16428] ntfs3(loop2): ino=1e, mi_enum_attr [ 835.459862][T16428] ntfs3(loop2): ino=1e, mi_enum_attr [ 835.466142][T16428] ntfs3(loop2): ino=1e, "file1" mi_enum_attr [ 835.472734][T16428] ntfs3(loop2): ino=1e, "file1" mi_enum_attr [ 835.487629][T16428] ntfs3(loop2): ino=1e, "file1" mi_enum_attr [ 835.611439][T16332] usb 8-1: new full-speed USB device number 10 using dummy_hcd [ 835.780362][T16332] usb 8-1: config 0 has no interfaces? [ 835.819774][T16332] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 835.831998][T16332] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 835.841044][T16332] usb 8-1: SerialNumber: syz [ 835.896039][T16332] usb 8-1: config 0 descriptor?? [ 836.140082][T16332] usb 8-1: USB disconnect, device number 10 [ 837.362549][T16485] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4454'. [ 837.371913][T16485] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4454'. [ 837.959436][T16497] loop7: detected capacity change from 0 to 128 [ 838.101681][T16497] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 838.191139][T16497] ext4 filesystem being mounted at /245/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 838.396894][T16332] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 838.416179][T16505] loop5: detected capacity change from 0 to 2048 [ 838.442792][T13338] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 838.496723][T16506] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 838.573698][T16505] NILFS error (device loop5): nilfs_readdir: zero-length directory entry [ 838.585691][T16332] usb 5-1: Using ep0 maxpacket: 16 [ 838.605255][T16332] usb 5-1: config 0 interface 0 has no altsetting 0 [ 838.612504][T16332] usb 5-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 838.624371][T16332] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 838.638975][T16505] Remounting filesystem read-only [ 838.647028][T16332] usb 5-1: config 0 descriptor?? [ 838.917155][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 838.923963][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 839.249163][T16332] hid (null): nested delimiters [ 839.254416][T16332] hid (null): nested delimiters [ 839.259468][T16332] hid (null): nested delimiters [ 839.358079][T16332] uclogic 0003:28BD:0042.001D: interface is invalid, ignoring [ 839.517089][T16332] usb 5-1: USB disconnect, device number 18 [ 842.217639][T16544] loop1: detected capacity change from 0 to 512 [ 842.510749][T16544] EXT4-fs (loop1): Test dummy encryption mode enabled [ 842.517708][T16544] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 842.759489][T16544] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.4477: bad orphan inode 131083 [ 842.914543][T16544] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 843.329760][T16551] loop4: detected capacity change from 0 to 2048 [ 843.446123][T16551] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 843.539357][T16551] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 843.654565][T16551] overlayfs: upper fs needs to support d_type. [ 843.697559][T16551] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 843.705172][T16551] overlayfs: failed to set xattr on upper [ 843.711250][T16551] overlayfs: ...falling back to redirect_dir=nofollow. [ 843.718295][T16551] overlayfs: ...falling back to metacopy=off. [ 843.727619][T16551] overlayfs: ...falling back to index=off. [ 843.734689][T16551] overlayfs: ...falling back to uuid=null. [ 844.125394][T11393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 844.404239][T10125] UDF-fs: error (device loop4): udf_read_inode: (ino 1347) failed !bh [ 844.455148][T10125] UDF-fs: error (device loop4): udf_read_inode: (ino 1347) failed !bh [ 844.547941][T16557] loop5: detected capacity change from 0 to 4096 [ 845.431993][T16557] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 845.456571][T16557] ntfs3(loop5): Failed to load $Extend (-22). [ 845.463065][T16557] ntfs3(loop5): Failed to initialize $Extend. [ 845.585568][T16557] ntfs3(loop5): ino=1b, "file0" ntfs_readdir [ 845.915059][T16510] net_ratelimit: 823 callbacks suppressed [ 845.915137][T16510] Set syz1 is full, maxelem 65536 reached [ 846.249490][T16565] loop7: detected capacity change from 0 to 128 [ 847.899329][T16579] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4494'. [ 848.436283][T16587] netlink: 'syz.1.4499': attribute type 3 has an invalid length. [ 848.552158][ T5797] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 848.563004][ T5797] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 848.577197][ T5797] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 848.599286][ T5797] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 848.615518][ T5797] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 848.907841][T16595] loop5: detected capacity change from 0 to 256 [ 849.088398][T16597] loop1: detected capacity change from 0 to 1024 [ 849.145908][T16595] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 849.230519][T16595] exFAT-fs (loop5): valid_size(150994954) is greater than size(10) [ 849.290051][T16603] exFAT-fs (loop5): start_clu is invalid cluster(0xffffffff) [ 849.446135][T16589] chnl_net:caif_netlink_parms(): no params data found [ 850.235150][T16617] loop1: detected capacity change from 0 to 512 [ 850.312256][T16617] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.4518: corrupted in-inode xattr: invalid ea_ino [ 850.391019][T16617] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.4518: couldn't read orphan inode 15 (err -117) [ 850.453218][T16617] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 850.620485][T16589] bridge0: port 1(bridge_slave_0) entered blocking state [ 850.629173][T16589] bridge0: port 1(bridge_slave_0) entered disabled state [ 850.639417][T16589] bridge_slave_0: entered allmulticast mode [ 850.654870][T16589] bridge_slave_0: entered promiscuous mode [ 850.716217][T16589] bridge0: port 2(bridge_slave_1) entered blocking state [ 850.726359][T16589] bridge0: port 2(bridge_slave_1) entered disabled state [ 850.734490][T16589] bridge_slave_1: entered allmulticast mode [ 850.736258][ T5808] Bluetooth: hci0: command tx timeout [ 850.746570][T16589] bridge_slave_1: entered promiscuous mode [ 850.755418][T11393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 850.905939][T16589] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 850.944207][T16589] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 851.192366][T16589] team0: Port device team_slave_0 added [ 851.242644][T16589] team0: Port device team_slave_1 added [ 851.323372][ T30] audit: type=1326 audit(1762827994.211:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16630 comm="syz.2.4511" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706d539 code=0x0 [ 851.345040][ C1] vkms_vblank_simulate: vblank timer overrun [ 851.534040][T16589] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 851.541230][T16589] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 851.567602][T16589] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 851.649660][T16589] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 851.657037][T16589] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 851.683378][T16589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 852.016801][T16589] hsr_slave_0: entered promiscuous mode [ 852.028143][T16589] hsr_slave_1: entered promiscuous mode [ 852.047373][T16589] debugfs: 'hsr0' already exists in 'hsr' [ 852.053447][T16589] Cannot create hsr debugfs directory [ 852.697195][T16641] loop7: detected capacity change from 0 to 8192 [ 852.754779][T16641] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 852.801070][ T5808] Bluetooth: hci0: command tx timeout [ 853.344701][T16658] loop1: detected capacity change from 0 to 256 [ 853.357796][T16658] exfat: Deprecated parameter 'utf8' [ 853.397098][T16655] loop2: detected capacity change from 0 to 1024 [ 853.408283][T16655] EXT4-fs: inline encryption not supported [ 853.438715][T16658] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 853.469762][T16589] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 853.500414][T16589] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 853.502783][T16655] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 853.551119][T16589] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 853.580212][T16589] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 854.363155][T16589] 8021q: adding VLAN 0 to HW filter on device bond0 [ 854.378358][ T5798] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 854.516526][T16589] 8021q: adding VLAN 0 to HW filter on device team0 [ 854.577027][ T3849] bridge0: port 1(bridge_slave_0) entered blocking state [ 854.584555][ T3849] bridge0: port 1(bridge_slave_0) entered forwarding state [ 854.650654][ T3849] bridge0: port 2(bridge_slave_1) entered blocking state [ 854.658175][ T3849] bridge0: port 2(bridge_slave_1) entered forwarding state [ 854.881006][ T5808] Bluetooth: hci0: command tx timeout [ 855.484446][T16589] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 855.674004][T16589] veth0_vlan: entered promiscuous mode [ 855.743943][T16589] veth1_vlan: entered promiscuous mode [ 856.051938][T16589] veth0_macvtap: entered promiscuous mode [ 856.100843][T16589] veth1_macvtap: entered promiscuous mode [ 856.253069][T16589] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 856.357891][T16589] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 856.467869][ T3849] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 856.580141][ T3849] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 856.610835][ T3849] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 856.619915][ T3849] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 856.966434][ T5797] Bluetooth: hci0: command tx timeout [ 856.974696][ T5797] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 856.983919][T15098] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 856.993221][T15098] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 857.013918][T15098] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 857.025786][T15098] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 858.347572][T16690] chnl_net:caif_netlink_parms(): no params data found [ 858.873050][T16718] netlink: 'syz.1.4545': attribute type 11 has an invalid length. [ 859.122127][T15098] Bluetooth: hci1: command tx timeout [ 859.685538][T16690] bridge0: port 1(bridge_slave_0) entered blocking state [ 859.693153][T16690] bridge0: port 1(bridge_slave_0) entered disabled state [ 859.705396][T16690] bridge_slave_0: entered allmulticast mode [ 859.714964][T16690] bridge_slave_0: entered promiscuous mode [ 859.793277][T16690] bridge0: port 2(bridge_slave_1) entered blocking state [ 859.804876][T16690] bridge0: port 2(bridge_slave_1) entered disabled state [ 859.812889][T16690] bridge_slave_1: entered allmulticast mode [ 859.822400][T16690] bridge_slave_1: entered promiscuous mode [ 860.147582][T16690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 860.208864][T16737] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4559'. [ 860.218390][T16690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 860.276051][T16741] overlayfs: conflicting lowerdir path [ 860.428666][T16690] team0: Port device team_slave_0 added [ 860.502456][T16690] team0: Port device team_slave_1 added [ 860.739225][T16690] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 860.746493][T16690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 860.773055][T16690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 860.829319][T16690] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 860.841781][T16690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 860.868243][T16690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 861.204795][T15098] Bluetooth: hci1: command tx timeout [ 861.352951][T16690] hsr_slave_0: entered promiscuous mode [ 861.363284][T16690] hsr_slave_1: entered promiscuous mode [ 861.377189][T16690] debugfs: 'hsr0' already exists in 'hsr' [ 861.384432][T16690] Cannot create hsr debugfs directory [ 861.790399][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 861.798717][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 861.809810][T16755] loop5: detected capacity change from 0 to 2048 [ 861.924025][T16755] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 861.934274][T16755] NILFS (loop5): mounting unchecked fs [ 861.938306][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 861.948892][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 862.041595][T16760] loop1: detected capacity change from 0 to 1024 [ 862.051780][T16755] NILFS (loop5): recovery complete [ 862.105471][T16761] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 862.235565][T16760] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 862.339548][ T30] audit: type=1800 audit(1762828005.251:134): pid=16755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4557" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 862.360453][ C1] vkms_vblank_simulate: vblank timer overrun [ 862.477530][T16757] hfsplus: filesystem is marked journaled, leaving read-only. [ 863.026558][T16690] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 863.079334][T16690] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 863.138169][T16766] tipc: Started in network mode [ 863.143493][T16766] tipc: Node identity aaaaaaaaaa4, cluster identity 4711 [ 863.152873][T16766] tipc: Enabled bearer , priority 10 [ 863.168757][T16690] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 863.264576][T16690] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 863.281321][T15098] Bluetooth: hci1: command tx timeout [ 863.304350][T16770] loop5: detected capacity change from 0 to 256 [ 863.678805][T16775] loop1: detected capacity change from 0 to 1024 [ 863.719975][T16775] EXT4-fs: inline encryption not supported [ 863.785631][T16775] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 863.873213][T16782] binder: BINDER_SET_CONTEXT_MGR already set [ 863.879551][T16782] binder: 16780:16782 ioctl 4018620d 80004a80 returned -16 [ 864.281418][ T9737] tipc: Node number set to 15379114 [ 864.390117][T11393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 864.442683][T16690] 8021q: adding VLAN 0 to HW filter on device bond0 [ 864.582800][T16690] 8021q: adding VLAN 0 to HW filter on device team0 [ 864.626173][ T3799] bridge0: port 1(bridge_slave_0) entered blocking state [ 864.633736][ T3799] bridge0: port 1(bridge_slave_0) entered forwarding state [ 864.824640][ T3799] bridge0: port 2(bridge_slave_1) entered blocking state [ 864.832175][ T3799] bridge0: port 2(bridge_slave_1) entered forwarding state [ 865.370148][T15098] Bluetooth: hci1: command tx timeout [ 865.573205][T16802] loop0: detected capacity change from 0 to 256 [ 866.351895][T16690] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 866.426350][T16808] loop0: detected capacity change from 0 to 128 [ 867.050866][T16331] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 867.225348][T16331] usb 6-1: Using ep0 maxpacket: 16 [ 867.283453][T16331] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 867.340389][T16331] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 867.350780][T16331] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 867.359031][T16331] usb 6-1: Product: syz [ 867.368355][T16331] usb 6-1: Manufacturer: syz [ 867.373356][T16331] usb 6-1: SerialNumber: syz [ 867.442999][T16331] usb 6-1: config 0 descriptor?? [ 867.494431][T16331] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 867.504032][T16331] em28xx 6-1:0.0: DVB interface 0 found: bulk [ 867.859670][T16823] loop1: detected capacity change from 0 to 4096 [ 867.886871][T16823] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 868.004972][T16830] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4584'. [ 868.128447][T16823] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 868.130929][T16331] em28xx 6-1:0.0: chip ID is em28178 [ 868.220715][T16823] ntfs3(loop1): ino=1e, mi_enum_attr [ 868.433041][T16331] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 868.443945][T16331] em28xx 6-1:0.0: board has no eeprom [ 868.488666][T16690] veth0_vlan: entered promiscuous mode [ 868.551303][T16690] veth1_vlan: entered promiscuous mode [ 868.566234][T16331] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 868.577755][T16331] em28xx 6-1:0.0: dvb set to bulk mode. [ 868.585945][T16334] em28xx 6-1:0.0: Binding DVB extension [ 868.613092][T16331] usb 6-1: USB disconnect, device number 17 [ 868.625129][T16331] em28xx 6-1:0.0: Disconnecting em28xx [ 868.885809][T16690] veth0_macvtap: entered promiscuous mode [ 868.934502][T16334] em28xx 6-1:0.0: Registering input extension [ 868.990170][T16690] veth1_macvtap: entered promiscuous mode [ 869.150842][T16334] rc_core: IR keymap rc-pinnacle-pctv-hd not found [ 869.157635][T16334] Registered IR keymap rc-empty [ 869.170355][T16334] rc rc0: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 869.190371][T16334] input: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input31 [ 869.259122][T16690] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 869.334815][T16334] em28xx 6-1:0.0: Input extension successfully initialized [ 869.354640][T16690] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 869.403238][T16331] em28xx 6-1:0.0: Closing input extension [ 869.479211][ T3849] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 869.505500][T16331] em28xx 6-1:0.0: Freeing device [ 869.539732][ T3849] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 869.610507][ T3799] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 869.638687][ T3799] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 870.004413][ T30] audit: type=1326 audit(1762828012.901:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16847 comm="syz.2.4591" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x0 [ 870.026274][ C1] vkms_vblank_simulate: vblank timer overrun [ 870.613902][T16859] netlink: 'syz.0.4594': attribute type 1 has an invalid length. [ 870.624790][T16859] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4594'. [ 871.189065][T16867] loop1: detected capacity change from 0 to 512 [ 871.358157][T16867] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 871.483652][T16872] loop0: detected capacity change from 0 to 1024 [ 871.506423][T16872] EXT4-fs: Ignoring removed orlov option [ 871.515071][T16872] EXT4-fs: Ignoring removed nomblk_io_submit option [ 871.696080][ T30] audit: type=1800 audit(1762828014.451:136): pid=16867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4597" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 871.725133][T16872] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c018, mo2=0082] [ 871.759471][T16872] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 871.840244][T11393] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 872.154531][T16589] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 872.297718][T16886] veth1_macvtap: left promiscuous mode [ 873.650981][ T30] audit: type=1107 audit(1762828016.541:137): pid=16910 uid=0 auid=0 ses=1 subj=unconfined msg='' [ 874.555032][T16929] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4618'. [ 875.139512][ T3849] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 875.150311][ T3849] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 875.194855][T14396] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 875.206680][T14396] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 875.398261][T16938] vlan0: entered allmulticast mode [ 876.009554][T16946] loop6: detected capacity change from 0 to 256 [ 876.189173][T16946] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 876.232193][T16951] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4628'. [ 876.253912][T16946] exFAT-fs (loop6): valid_size(150994954) is greater than size(10) [ 876.299282][T16952] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4627'. [ 876.335033][T16331] usb 2-1: new full-speed USB device number 22 using dummy_hcd [ 876.566661][T16331] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30 [ 876.582254][T16331] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 876.599596][T16331] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129 [ 876.613309][T16331] usb 2-1: New USB device found, idVendor=056a, idProduct=00b3, bcdDevice= 0.00 [ 876.629742][T16331] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 876.671924][T16331] usb 2-1: config 0 descriptor?? [ 876.679412][T16948] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 877.029496][T16964] loop6: detected capacity change from 0 to 1024 [ 877.169153][T16331] wacom 0003:056A:00B3.001E: Unknown device_type for 'HID 056a:00b3'. Assuming pen. [ 877.210395][T16331] wacom 0003:056A:00B3.001E: hidraw0: USB HID v0.00 Device [HID 056a:00b3] on usb-dummy_hcd.1-1/input0 [ 877.229830][T16331] input: Wacom Intuos3 12x12 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00B3.001E/input/input32 [ 877.347820][T16331] usb 2-1: USB disconnect, device number 22 [ 879.160143][T16988] loop6: detected capacity change from 0 to 4096 [ 880.218220][T15098] Bluetooth: unknown link type 128 [ 880.355254][T17009] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 880.364570][T17009] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 880.382589][T17009] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 880.390311][T17009] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 880.456811][T17009] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 880.465986][T17009] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 880.528849][T17009] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 880.538031][T17009] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 880.547147][T17009] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 880.564631][T17009] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 880.710973][T17020] loop6: detected capacity change from 0 to 1024 [ 880.741340][T17020] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 880.764225][T17020] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 880.765287][T17020] EXT4-fs (loop6): orphan cleanup on readonly fs [ 880.804352][T17020] Quota error (device loop6): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 880.804934][T17020] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 880.805142][T17020] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.4656: Failed to acquire dquot type 0 [ 880.826935][T17020] Quota error (device loop6): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 880.827586][T17020] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 880.827786][T17020] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.4656: Failed to acquire dquot type 0 [ 880.828886][T17020] EXT4-fs error (device loop6): ext4_free_blocks:6706: comm syz.6.4656: Freeing blocks not in datazone - block = 0, count = 4096 [ 880.831814][T17020] Quota error (device loop6): do_check_range: Getting dqdh_entries 512 out of range 0-14 [ 880.832425][T17020] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 880.832621][T17020] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.4656: Failed to acquire dquot type 0 [ 880.839927][T17020] EXT4-fs (loop6): 1 orphan inode deleted [ 880.847086][T17020] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 881.207801][T16690] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 881.971590][T17038] loop2: detected capacity change from 0 to 64 [ 882.241382][T15098] Bluetooth: hci2: command 0x0406 tx timeout [ 882.246518][T17042] loop1: detected capacity change from 0 to 256 [ 882.269052][T17042] exfat: Deprecated parameter 'namecase' [ 882.334376][T17042] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 882.423038][T15098] Bluetooth: hci5: command 0x0405 tx timeout [ 882.481340][T15098] Bluetooth: hci0: command 0x0c1a tx timeout [ 882.563323][T15098] Bluetooth: hci1: command 0x0c1a tx timeout [ 882.776784][T17048] loop0: detected capacity change from 0 to 512 [ 882.855840][T17048] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000101) [ 883.548577][T17060] loop1: detected capacity change from 0 to 256 [ 883.845240][T17060] FAT-fs (loop1): Directory bread(block 64) failed [ 883.856458][T17060] FAT-fs (loop1): Directory bread(block 65) failed [ 883.864228][T17060] FAT-fs (loop1): Directory bread(block 66) failed [ 883.874870][T17060] FAT-fs (loop1): Directory bread(block 67) failed [ 883.884272][T17060] FAT-fs (loop1): Directory bread(block 68) failed [ 883.891101][T17060] FAT-fs (loop1): Directory bread(block 69) failed [ 883.898012][T17060] FAT-fs (loop1): Directory bread(block 70) failed [ 883.907299][T17060] FAT-fs (loop1): Directory bread(block 71) failed [ 883.916984][T17060] FAT-fs (loop1): Directory bread(block 72) failed [ 883.925320][T17060] FAT-fs (loop1): Directory bread(block 73) failed [ 884.326401][T15098] Bluetooth: hci2: command 0x0406 tx timeout [ 884.492213][T15098] Bluetooth: hci5: command 0x0405 tx timeout [ 884.562255][T15098] Bluetooth: hci0: command 0x0c1a tx timeout [ 884.646011][T15098] Bluetooth: hci1: command 0x0c1a tx timeout [ 884.658578][T17078] binder: 17076:17078 ioctl c018620b 0 returned -14 [ 886.079985][T17099] loop5: detected capacity change from 0 to 2048 [ 886.193325][T17099] loop5: p1 < > p3 p4 [ 886.232637][T17099] loop5: p3 start 458752 is beyond EOD, truncated [ 886.239304][T17099] loop5: p4 size 722688 extends beyond EOD, truncated [ 886.644280][T15098] Bluetooth: hci0: command 0x0c1a tx timeout [ 886.736577][T15098] Bluetooth: hci1: command 0x0c1a tx timeout [ 887.420653][ C0] hrtimer: interrupt took 127019 ns [ 887.664917][T17117] loop0: detected capacity change from 0 to 2048 [ 887.781786][T17117] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 888.028495][T17117] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 888.119333][T17117] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 888.137198][T17117] EXT4-fs (loop0): This should not happen!! Data will be lost [ 888.137198][T17117] [ 888.149213][T17117] EXT4-fs (loop0): Total free blocks count 0 [ 888.157202][T17117] EXT4-fs (loop0): Free/Dirty block details [ 888.169639][T17117] EXT4-fs (loop0): free_blocks=2415919104 [ 888.176666][T17117] EXT4-fs (loop0): dirty_blocks=16 [ 888.182371][T17117] EXT4-fs (loop0): Block reservation details [ 888.188509][T17117] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 888.202784][T17124] loop2: detected capacity change from 0 to 512 [ 888.411786][T17126] kernel read not supported for file /cpuset.effective_cpus (pid: 17126 comm: syz.6.4705) [ 888.436017][ T30] audit: type=1800 audit(1762828032.347:138): pid=17126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4705" name="cpuset.effective_cpus" dev="mqueue" ino=56731 res=0 errno=0 [ 888.457779][ C1] vkms_vblank_simulate: vblank timer overrun [ 888.612480][T16589] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 889.751786][T17128] loop5: detected capacity change from 0 to 4096 [ 890.428130][ T30] audit: type=1800 audit(1762828034.327:139): pid=17128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4706" name="file1" dev="loop5" ino=30 res=0 errno=0 [ 891.644603][T17144] loop0: detected capacity change from 0 to 4096 [ 891.719351][T17144] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 891.979199][T17144] ntfs3(loop0): Failed to load $Extend (-22). [ 891.990791][T17144] ntfs3(loop0): Failed to initialize $Extend. [ 892.532083][T17155] loop5: detected capacity change from 0 to 1024 [ 892.583260][T17155] EXT4-fs: Ignoring removed oldalloc option [ 892.700963][T17155] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 892.716315][T17155] ext4 filesystem being mounted at /770/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 893.204526][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 893.351551][T17169] sock: sock_set_timeout: `syz.2.4722' (pid 17169) tries to set negative timeout [ 893.385387][T17170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4723'. [ 895.630371][T16355] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 895.871604][T16355] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 895.882801][T16355] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 895.975818][T16355] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 895.987675][T16355] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 895.997559][T16355] usb 6-1: Manufacturer: syz [ 896.114683][T16355] usb 6-1: config 0 descriptor?? [ 896.399304][T17198] loop0: detected capacity change from 0 to 16 [ 896.514474][T17198] erofs (device loop0): mounted with root inode @ nid 36. [ 896.641532][T16355] rc_core: IR keymap rc-hauppauge not found [ 896.654051][T16355] Registered IR keymap rc-empty [ 896.662617][T16355] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 896.688111][T16355] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input35 [ 896.790611][ C0] igorplugusb 6-1:0.0: Error: urb status = -32 [ 896.893248][T16355] usb 6-1: USB disconnect, device number 18 [ 897.602343][T17206] loop2: detected capacity change from 0 to 1764 [ 897.911398][T17213] loop1: detected capacity change from 0 to 64 [ 899.081849][T17221] loop6: detected capacity change from 0 to 1024 [ 899.166532][T17219] loop5: detected capacity change from 0 to 4096 [ 899.195787][T17219] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 899.300185][T17226] loop0: detected capacity change from 0 to 256 [ 899.326794][T17221] hfsplus: inconsistency in B*Tree (9,1,255,1,0) [ 899.334935][T17221] hfsplus: xattr search failed [ 899.559485][T17219] ntfs3(loop5): ino=19, mi_enum_attr [ 899.567943][T17219] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 899.837335][T17231] loop1: detected capacity change from 0 to 256 [ 900.019506][T17231] exFAT-fs (loop1): failed to load upcase table (idx : 0x00002e7f, chksum : 0x03279930, utbl_chksum : 0xe619d30d) [ 900.106763][ T3570] hfsplus: b-tree write err: -5, ino 4 [ 900.392324][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 900.400252][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 902.138119][T17247] loop5: detected capacity change from 0 to 1024 [ 902.373294][ T30] audit: type=1800 audit(1762828046.287:140): pid=17247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4755" name="file1" dev="loop5" ino=20 res=0 errno=0 [ 902.928851][ T3016] hfsplus: b-tree write err: -5, ino 4 [ 903.086430][T17249] loop1: detected capacity change from 0 to 4096 [ 903.171043][T17249] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 909.176454][T17312] netlink: 'syz.2.4784': attribute type 13 has an invalid length. [ 910.113031][T17312] bridge0: port 3(hsr0) entered disabled state [ 910.120097][T17312] bridge0: port 1(bridge_slave_0) entered disabled state [ 910.789830][T17312] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 910.936249][T17312] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 911.746204][T17325] loop6: detected capacity change from 0 to 4096 [ 911.839995][T17325] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 912.268002][T17325] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 912.341552][T17325] ntfs3(loop6): ino=19, mi_enum_attr [ 912.513939][T17325] ntfs3(loop6): failed to convert "c46c" to macromanian [ 912.584321][T17325] ntfs3(loop6): ino=20, mi_enum_attr [ 912.645796][ T3570] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 912.657144][ T3570] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 912.773082][ T3570] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 912.784807][ T3570] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 913.101279][ T3570] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 913.115664][ T3570] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 913.185630][ T3570] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 913.197513][ T3570] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 914.631953][T17351] netlink: 'syz.1.4798': attribute type 2 has an invalid length. [ 914.993381][T17353] loop2: detected capacity change from 0 to 128 [ 915.492069][T17355] loop5: detected capacity change from 0 to 2048 [ 915.603208][T17355] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 916.047454][T17364] loop2: detected capacity change from 0 to 64 [ 916.208380][T17355] UDF-fs: warning (device loop5): udf_truncate_tail_extent: Too long extent after EOF in inode 1436: i_size: 0 lbcount: 512 extent 126+512 [ 916.657949][T17368] loop6: detected capacity change from 0 to 1024 [ 916.693751][T17368] EXT4-fs: Ignoring removed bh option [ 916.714299][T17370] loop0: detected capacity change from 0 to 64 [ 916.787271][T17368] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 917.020201][T17378] input: syz1 as /devices/virtual/input/input36 [ 917.900030][T16690] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 918.746559][T17392] loop6: detected capacity change from 0 to 128 [ 918.912807][ T30] audit: type=1800 audit(1762828062.827:141): pid=17392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4814" name="file1" dev="loop6" ino=1048920 res=0 errno=0 [ 918.949343][T17392] syz.6.4814: attempt to access beyond end of device [ 918.949343][T17392] loop6: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 920.441249][T17403] loop5: detected capacity change from 0 to 4096 [ 920.677099][T17411] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 921.739993][T17423] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4829'. [ 921.751326][T17423] netlink: 140 bytes leftover after parsing attributes in process `syz.2.4829'. [ 922.616592][T17434] loop2: detected capacity change from 0 to 128 [ 923.877063][T17450] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4838'. [ 924.375385][T17452] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4842'. [ 924.419579][T17452] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4842'. [ 924.474088][T17452] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4842'. [ 925.071974][T17464] 9pnet_fd: Insufficient options for proto=fd [ 925.588422][T17467] loop5: detected capacity change from 0 to 1024 [ 925.642956][T17468] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4848'. [ 925.656415][T17467] EXT4-fs: Ignoring removed bh option [ 925.715541][T17467] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 925.909516][T17467] EXT4-fs (loop5): shut down requested (1) [ 926.520183][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 926.521403][T17481] loop2: detected capacity change from 0 to 512 [ 926.594129][T17477] bridge_slave_0: left allmulticast mode [ 926.600001][T17477] bridge_slave_0: left promiscuous mode [ 926.609638][T17477] bridge0: port 1(bridge_slave_0) entered disabled state [ 926.643076][T17481] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 926.709452][T17483] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4854'. [ 926.720456][T17483] netlink: 'syz.1.4854': attribute type 9 has an invalid length. [ 926.865357][T17483] macvlan3: entered allmulticast mode [ 926.872834][T17483] veth0_macvtap: entered allmulticast mode [ 927.372015][ T5855] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 927.643394][ T5855] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 927.654673][ T5855] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 927.731675][T17490] loop6: detected capacity change from 0 to 128 [ 927.746411][ T5855] usb 6-1: config 0 descriptor?? [ 927.791709][ T5855] gspca_main: spca508-2.14.0 probing 8086:0110 [ 927.910132][T17490] syz.6.4857: attempt to access beyond end of device [ 927.910132][T17490] loop6: rw=2051, sector=104, nr_sectors = 33 limit=128 [ 928.032545][ T5855] gspca_spca508: reg_read err -32 [ 928.051751][ T5855] gspca_spca508: reg_read err -32 [ 928.231100][T17495] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4860'. [ 928.254175][T16338] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 928.273248][ T5855] gspca_spca508: reg_read err -71 [ 928.297165][ T5855] gspca_spca508: reg_read err -71 [ 928.305628][ T5855] gspca_spca508: reg write: error -71 [ 928.327976][ T5855] spca508 6-1:0.0: probe with driver spca508 failed with error -71 [ 928.344355][ T5855] usb 6-1: USB disconnect, device number 19 [ 928.539459][T16338] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 928.550601][T16338] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=20 [ 928.561485][T16338] usb 3-1: SerialNumber: syz [ 928.666086][T16338] usb 3-1: config 0 descriptor?? [ 928.705458][T16338] cp210x 3-1:0.0: cp210x converter detected [ 929.225364][T16338] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 929.322493][T16338] usb 3-1: cp210x converter now attached to ttyUSB0 [ 929.528398][T16338] usb 3-1: USB disconnect, device number 20 [ 929.558804][T16338] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 929.578539][T16338] cp210x 3-1:0.0: device disconnected [ 931.847600][T17525] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4874'. [ 934.785759][T17545] loop2: detected capacity change from 0 to 1024 [ 934.893266][T17550] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4884'. [ 935.959334][T17559] netem: incorrect ge model size [ 935.965892][T17559] netem: change failed [ 936.792881][T17567] loop0: detected capacity change from 0 to 1024 [ 936.860444][T17567] EXT4-fs: Ignoring removed orlov option [ 936.867998][T17567] EXT4-fs: Ignoring removed nomblk_io_submit option [ 937.046890][T17567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 937.719143][T17580] Bluetooth: MGMT ver 1.23 [ 938.038944][T16589] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 938.578540][T17582] loop6: detected capacity change from 0 to 2048 [ 938.645563][T17582] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found [ 938.654506][T17582] UDF-fs: Scanning with blocksize 512 failed [ 938.738885][T17582] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 938.989478][ T30] audit: type=1800 audit(1762828082.907:142): pid=17582 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4900" name="file2" dev="loop6" ino=819 res=0 errno=0 [ 942.391996][T17624] loop5: detected capacity change from 0 to 512 [ 942.606643][T17624] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 942.622756][T17624] ext4 filesystem being mounted at /807/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 942.698131][T17624] EXT4-fs error (device loop5): ext4_empty_dir:3077: inode #12: comm syz.5.4919: invalid size [ 942.891462][ T8074] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 943.212655][T17635] loop0: detected capacity change from 0 to 512 [ 943.287354][T17635] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 943.338282][T17635] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4922: invalid indirect mapped block 458752 (level 0) [ 943.371366][T17635] EXT4-fs (loop0): 1 truncate cleaned up [ 943.383037][T17635] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 943.937671][T16589] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 944.328984][T17650] netlink: 'syz.5.4929': attribute type 3 has an invalid length. [ 944.337092][T17650] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4929'. [ 944.750089][T17655] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4932'. [ 945.144466][T17656] loop2: detected capacity change from 0 to 2048 [ 945.376197][T17656] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 945.394217][T17656] ext4 filesystem being mounted at /1000/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 946.009250][ T5798] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 947.005746][T17672] loop0: detected capacity change from 0 to 4096 [ 947.095460][T17672] ext4: Unknown parameter 'noacl' [ 948.404533][T17693] loop6: detected capacity change from 0 to 512 [ 948.469871][T17693] EXT4-fs: Ignoring removed oldalloc option [ 948.549810][T17693] EXT4-fs (loop6): 1 truncate cleaned up [ 948.562952][T17693] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 949.805856][T16690] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 949.903623][T17719] misc userio: No port type given on /dev/userio [ 949.926086][T17719] misc userio: The device must be registered before sending interrupts [ 950.694792][T17726] loop6: detected capacity change from 0 to 1024 [ 952.103911][T17744] netlink: 'syz.6.4963': attribute type 2 has an invalid length. [ 953.552435][T17757] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4970'. [ 953.625388][T17757] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4970'. [ 954.226354][T17765] tap0: tun_chr_ioctl cmd 1074025677 [ 954.233553][T17765] tap0: linktype set to 0 [ 955.176439][T17776] loop1: detected capacity change from 0 to 65 [ 955.216555][T17776] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway [ 955.867435][T17784] loop2: detected capacity change from 0 to 2048 [ 956.027718][T17784] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 956.039068][T17784] UDF-fs: Scanning with blocksize 512 failed [ 956.197683][T17784] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 956.305366][T17784] overlayfs: failed to clone lowerpath [ 957.510002][T17798] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4988'. [ 958.037960][ T35] ===================================================== [ 958.045138][ T35] BUG: KMSAN: uninit-value in ppp_asynctty_receive+0x857/0x2da0 [ 958.052933][ T35] ppp_asynctty_receive+0x857/0x2da0 [ 958.058383][ T35] tty_ldisc_receive_buf+0x1f7/0x2c0 [ 958.063837][ T35] tty_port_default_receive_buf+0xd7/0x1a0 [ 958.069818][ T35] flush_to_ldisc+0x43e/0xe30 [ 958.074657][ T35] process_scheduled_works+0xb91/0x1d80 [ 958.080397][ T35] worker_thread+0xedf/0x1590 [ 958.085237][ T35] kthread+0xd5c/0xf00 [ 958.089426][ T35] ret_from_fork+0x1f5/0x4c0 [ 958.094174][ T35] ret_from_fork_asm+0x1a/0x30 [ 958.099195][ T35] [ 958.101572][ T35] Uninit was created at: [ 958.106006][ T35] __kmalloc_noprof+0xabb/0x1b40 [ 958.111101][ T35] __tty_buffer_request_room+0x3d4/0x7a0 [ 958.116893][ T35] __tty_insert_flip_string_flags+0x157/0x6f0 [ 958.123135][ T35] uart_insert_char+0x368/0x930 [ 958.128120][ T35] serial8250_read_char+0x1ba/0x670 [ 958.133457][ T35] serial8250_handle_irq+0x930/0x1110 [ 958.138993][ T35] serial8250_default_handle_irq+0x116/0x370 [ 958.145150][ T35] serial8250_interrupt+0xcb/0x430 [ 958.150439][ T35] __handle_irq_event_percpu+0x11e/0xf80 [ 958.156224][ T35] handle_irq_event+0xe0/0x2a0 [ 958.161135][ T35] handle_edge_irq+0x2a9/0xb50 [ 958.166372][ T35] __common_interrupt+0x9d/0x180 [ 958.171474][ T35] common_interrupt+0x94/0xb0 [ 958.176277][ T35] asm_common_interrupt+0x2b/0x40 [ 958.181456][ T35] [ 958.183881][ T35] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Tainted: G W syzkaller #0 PREEMPT(none) [ 958.194893][ T35] Tainted: [W]=WARN [ 958.198775][ T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 958.208952][ T35] Workqueue: events_unbound flush_to_ldisc [ 958.214953][ T35] ===================================================== [ 958.221964][ T35] Disabling lock debugging due to kernel taint [ 958.228217][ T35] Kernel panic - not syncing: kmsan.panic set ... [ 958.234741][ T35] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Tainted: G B W syzkaller #0 PREEMPT(none) [ 958.245758][ T35] Tainted: [B]=BAD_PAGE, [W]=WARN [ 958.250947][ T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 958.261128][ T35] Workqueue: events_unbound flush_to_ldisc [ 958.267119][ T35] Call Trace: [ 958.270473][ T35] [ 958.273472][ T35] __dump_stack+0x26/0x30 [ 958.277954][ T35] dump_stack_lvl+0x53/0x270 [ 958.282696][ T35] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 958.288653][ T35] dump_stack+0x1e/0x25 [ 958.292947][ T35] vpanic+0x435/0xd30 [ 958.297110][ T35] panic+0x15d/0x160 [ 958.301202][ T35] kmsan_report+0x31c/0x320 [ 958.305844][ T35] ? __msan_warning+0x1b/0x30 [ 958.310636][ T35] ? ppp_asynctty_receive+0x857/0x2da0 [ 958.316239][ T35] ? tty_ldisc_receive_buf+0x1f7/0x2c0 [ 958.321857][ T35] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 958.327995][ T35] ? flush_to_ldisc+0x43e/0xe30 [ 958.332994][ T35] ? process_scheduled_works+0xb91/0x1d80 [ 958.338877][ T35] ? worker_thread+0xedf/0x1590 [ 958.343879][ T35] ? kthread+0xd5c/0xf00 [ 958.348237][ T35] ? ret_from_fork+0x1f5/0x4c0 [ 958.353155][ T35] ? ret_from_fork_asm+0x1a/0x30 [ 958.358247][ T35] ? should_fail_ex+0x45/0x8a0 [ 958.363144][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 958.368388][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 958.373644][ T35] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 958.380159][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 958.385404][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 958.390651][ T35] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 958.397249][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 958.402529][ T35] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 958.408494][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 958.413738][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 958.418987][ T35] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 958.425432][ T35] ? kmsan_get_metadata+0xfb/0x160 [ 958.430693][ T35] __msan_warning+0x1b/0x30 [ 958.435318][ T35] ppp_asynctty_receive+0x857/0x2da0 [ 958.440824][ T35] tty_ldisc_receive_buf+0x1f7/0x2c0 [ 958.446274][ T35] ? __pfx_ppp_asynctty_receive+0x10/0x10 [ 958.452231][ T35] tty_port_default_receive_buf+0xd7/0x1a0 [ 958.458217][ T35] flush_to_ldisc+0x43e/0xe30 [ 958.463058][ T35] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 958.469644][ T35] ? __pfx_flush_to_ldisc+0x10/0x10 [ 958.474989][ T35] process_scheduled_works+0xb91/0x1d80 [ 958.480757][ T35] worker_thread+0xedf/0x1590 [ 958.485633][ T35] kthread+0xd5c/0xf00 [ 958.489817][ T35] ? __pfx_worker_thread+0x10/0x10 [ 958.495120][ T35] ? __pfx_kthread+0x10/0x10 [ 958.499834][ T35] ret_from_fork+0x1f5/0x4c0 [ 958.504587][ T35] ? __pfx_kthread+0x10/0x10 [ 958.509301][ T35] ret_from_fork_asm+0x1a/0x30 [ 958.514260][ T35] [ 958.517659][ T35] Kernel Offset: disabled [ 958.522029][ T35] Rebooting in 86400 seconds..