last executing test programs: 7m3.780131145s ago: executing program 1 (id=10615): prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000, &(0x7f0000000300)) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0) 7m3.275936343s ago: executing program 1 (id=10621): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x503, 0x70bd27, 0x20000, {0x0, 0x0, 0x0, 0x0, 0x1d961}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @private=0xa010100}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x7}]}, 0x40}}, 0x4080) 7m2.878368982s ago: executing program 1 (id=10626): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000001540)=@assoc_value={0x0, 0x2}, 0x8) 7m2.53352121s ago: executing program 1 (id=10631): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000400)={[{@umask={'umask', 0x3d, 0x8}}, {@discard}, {@gid={'gid', 0x3d, 0xee00}}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp863'}}, {@errors_continue}, {@dmask={'dmask', 0x3d, 0x1ff}}, {@umask={'umask', 0x3d, 0x7}}, {@umask={'umask', 0x3d, 0x400}}, {@dmask={'dmask', 0x3d, 0x5}}]}, 0x1, 0x1534, &(0x7f0000002d00)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm8SyyRJLklySZIkSXJLSJrkSEJiyC1pSJJch+QyhOQyMWnc7/dLQpI0SRKSW7L+H8Vfnep3zvmdfjmfM8/383k/1jNrP2s/+33ey94b83WnwdUb1qhSn4jg34I//5EMALEA0B8ArgKAAADKxJeJPz+fU2Lyv7cT9ud6MO1yV8AuJ+5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZOLXA1P7Lvg+////er+4cz/P3/XySr5OjPV5e8tjNAzD+bwv3P3rj//7WCf2Yj7n/2xv3PrmIvdwHsPwC//7ODHH84w/3P3rj/jGVnl/v+8+V+QCR7PweX+/XHGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OOUvUQBwcXy562KMMcYYY4wxxtifx+e43BUwxhhjjDHGGGPs/x6CAAkKAoiBHBALOSEOBABcCbnhKojA1RAP10AeuBbyQj7IDwUgAQpCIdBgwAJBCIWhCEThOigK10MxuAGKQwlwUBIS4UYoBTdBabgZysAtUBZuhXJQHipARbgNKsHtUBnugCpwJ1SFalAdasBdUBPuhlpwD9SGe6EO3Ad14X6oBw9AfXgQGsBD0BAehkbwCDSGJtAUmkHz/1X+89ANXoDu0AOSoSf0ghehN/SBvtAP+sNLMABehoHwCqTAIBgMr8IQeA2GwuswDN6A4fAmjICRMApGwxgYC6kwDsbDWzAB3oaJMAkmwxRIg6kwDd6B6TADZsK7MAveg9kwB+bCPEiH92E+LIAM+AAWwoeQCYtgMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w0ewAz6GnbALdsMnsAc+/RfzT/5dfmcEBBQoUKHCGIzBWIzFOIzDXJgLc2NujGAE4zEe82AezIt5MT/mxwRMwEJYCA0aJCQsjIUxilEsikWxGBbD4lgcHTpMxEQshTdhaSyNZbAMlsWyWA7LY3msiBWxElbCylgZq2AVrIpVsTpWx7vwLuyJtbAW1sbaWAfrXLw9hfWxPjbABtgQG2IjbISNsTE2xabYHJtjC2yBLbEltsbW2AbbYFtsi0mYhO2wHbbH9tgBO2BH7IidsBN2xi7YJev5HIAv4AvYA6uKntgLe2FvTMnRF/thP3wJB+DL+DK+gik4CAfjq/gqvoZD8QQOwzdwOA7HSmIkjsLRSGIspmIqjsfxOAEn4ESchJNwCqbhVJyG03A6zsAZ+C7OwvfwPZyDc3AepmM6zscFmIEZuBBPYiYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFt+A23AYfoQLAj3EX7sIU3IN7cC/uxX24D/fjfszCLDyAB/AgHsRDeAgP42E8gkfxGB7F43gcT+BJPIWn8AyewbP4bMKXDT66YVUKiPOUUCJGxIhYESviRJzIJXKJ3CK3iIiIiBfxIo/II/KKvCK/yC8SRIIoJAoJI4wgEcYAgIiKqCgqiopiopgoLooLJ5xIFImilCglSovSooy4RZQVt4pyorxo5SqKiqKSaO0qiztEFVFFVBXVRHVRQ9QQNUVNUUvUErVFbVFH1BF1xf2inuiJffFBcb4zDcUgbCQGY2PRRMgLn2AtxFBsKVqJ1uJx8QYOw7aihUsST4l2YhS2F38To/EZ0VGMxU7iOdFZdBFdxfOim2jpuoseYiL2FL3EFOwt+oi+op+YjtXEuzgrZ3XxikgRg8Rg8aqYh6+JoeJ1MeynI31TjBAjxSgxWowRY0WqGCfGi7fEBPG2mCgmicliikgTU8U08Y6YLmaImeJdMUu8J2aLOWKumCfSxftivlggMsQHYqH4UGSKRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrv4SOwQH4udYpfYLT4Re8SnYq/4TOwTn4v94guRJb4UB8RX4qD4WhwS34jD4ltxRBwVx8R34rj4XpwQJ8UpcVqcET+Is+JHcU54ARKlkFIqGcgYmUPGypwyTl4hc8ngwrN7tYyX18g88lqZV+aT+WUBmSALykJSSyOtJBnKwrKIjMrrZFF5vSwmb5DFZQnpZEmZKG+UpeRNsrS8WZaRt8iy8lZZTpaXFWRFeZusJG+XEPl5H1VlNVld1pB3yWS4W9aS98ja8l5ZR94n68r7ZT35gKwvH5QN5EOyoXxYNpKPyMayiWwqm8nm8lHZQj4mW8pWsrV8XLaRT8i28kmZJJ+S7aS/8BJ5RnaUz8pO8jnZWXaRXeWP8pz0srvsIaEnyF7yRdlb9pF9ZT/ZX74kB8iX5UD5ikyRg+Rg+aocIl+TQ+Xrcph8Qw6Xb8oRcqQcJUfLMXKsTJXj5Hj5lpwg35YT5SQ5WU6RaXKq7HthpZlS/sP8t34nf+BPe98gN8pNcrPcIrfKbXK7/EjukDvkTrlT7pa75R65R+6Ve+U+uU/ul/tllsySB+QBeVAelIfkIXlYHpZH5FF5Wn4nj8vv5Ql5Up6Up+UZeUaevfAcgEIllFRKBSpG5VCxKqeKU1eoXOpKlVtdpSLqahWvrlF51LUqr8qn8qsCKkEVVIWUVkZZRSpUhVURFVXX4YUXjCquSiinSqpEdeO/kq+KqutVMXXDr/Iv1pf8B/U1V81VC9VCtVQtVWvVWrVRbVRb1VYlqSTVTrVT7VV71UF1UB1VR9VJdVKdVWfVVXVV3VQ31V11V8kqWfVSL6reqo/qq/qp/uolNUANUAPVQJWiUtRgNVgNUUPUUDVUDVPD1HA1XI1QI9QoNUqNUWNUqkpV49V4NUFNUBPVRDVZTVZpKk1NU9PUdDVdzVQz1Sw1S81Ws9VcNVelq3Q1X81XGSpDLVQLVaZapBapJWqJWqaWqRVqhVqlVqk1ao1ap9apTLVRbVSb1Wa1VW1V29V2tUPtUDvVTrVb7VZ71B61V+1V+9Q+tV/tV1kqSx1QB9RBdVAdUofUYXVYHVFH1DF1TB1Xx9UJdUKdUqfUGXVGnVVn1Tl17vxpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4Nogb5AvyB8UCBKCgkGhQAcmsIG40PRocF1QNLg+KBbcEBQPSgQuKBkkBjcGpYKbgtLBzUGZ4JagbHBrUC4oH1QIKga3BZWC24PKwR1BleDOoGpQLage1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYJHgsZBk6Bp0Cxo/qeu7/2JfI+57rqHTtY9dS/9ou6t++i+up/ur1/SA/TLeqB+RafoQXqwflUP0a/pofp1PUy/oYfrN/UIPVKP0qP1GD1Wp+pxerx+S0/Qb+uJepKerKfoND1VT9Pv6Ol6hp6p39Wz9Ht6tp6j5+p5Ol2/r+frBTpDf6AX6g91pl6kF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa364/0Dv2x3ql36d36E71Hf6r36s/0Pv253q+/0Fn6S31Af6UP6q/1If2NPqy/1Uf0UX1Mf6eP6+/1CX1Sn9Kn9Rn9gz6rf9TntD9/cn/+690oo0yMiTGxJtbEmTiTy+QyuU1uEzERE2/iTR6Tx+Q1eU1+k98kmARTyBQy55EhU9gUNlETNUVNUVPMFDPFTXHjjDOJJtGUMqVMaVPalDFlTFlT1pQz5UwFU8HcZm4zt5vbzR3mDnOnudNUM9VMDVPD1DQ1TS1Ty9Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08g0No1NU9PUNDfNTQvTwrQ0LU1r09q0MW1MW9PWJJkk0860M+1Ne9PBdDAdTUfTyXQynU1n09V0Nd1MN9PddDfJJtn0Mr1Mb9Pb9DV9TX/T3wwwA8xAM9CkmBQz2Aw2Q8wQM9QMNcPMG2b4+RNVM9KMMqPNGDPWpJpUM96MNxPMBDPRTDSTzWSTZtLMNDPNTDfTzUwz08wys8xsM9vMNXNNukk38818k2EyzEKz0GSaTLPYLDZLzVKz3Cw3K81Ks9qsNmthrVlv1puNZqPZbDabrWar2W62mx1mh9lpdprdZrfZY/aYvWav2Wf2mf1mv8kyWeaAOWAOmoPmkDlkDpvD5og5Yo6ZY+a4OW5OmBPmlDllzph8F74vvYm1OW2cvcLmslfa3PYq+/dxflvAJtiCtpDVNq/N96vYWGuL2RtscVvCOlvSJtobfxOXs+VtBVvR3mYr2dtt5d/ENe3dtpa9x9a299oa9q5fxXXsfbaufdjWQwSwTWwD28w2tA/bRvYR29g2sU1tM9vGPmHb2idtkn3KtrNP/yaebxfYlXaVXW3X2J12lz1lT9uD9mt7xv5gu9setr99yQ6wL9uB9hWbYgf9Jh5u37Qj7Eg7yo62Y+zY38ST7RSbZqfaafYdO93O+E2cbt+3s2yGnW3n2Ll23k/x+Zoy7Ad2of3QZtoAFtsldqldZpfbFf+/1iV2nV1vN9gd9mO72W6xW+02u/3iibDdZXfbT+we+6k9YL+y++zndr89ZLPslz/F54/vkP3GHrbf2iP2qD1mv7PH7ffqp9yRvQHsD/Y7+6M9Z70FQgKSpCigGMpBsZST4ugKykVXUm66iiJ0NcXTNZSHrqW8lI/yUwFKoIJUiDQZskQUUmEqQlG6ji6WV5xKkKOSlEg3Uim6iUrTzVSGbqGydCuVo/JUgSrSbVSJbqfKdAdVoTupKlWj6lSD7qKadDfVonuoNt1Ldeg+qkv3Uz16gOrTg9SAHqKG9DA1okeoMTWhptSMmtOj1IIeo5bUilrT49SGnqC29CQl0VPUjp6m9vQ36kDPUEd6ljrRc9SZulBXep660QvUnXpQMvWkXvQi9aY+1Jf6UX96iQbQyzSQXqEUGkSD6VUaQq/RUHqdhtEbNJzepBE0kkbRaBpDYymVxtF4eosm0Ns0kSbRZJpCaTSVptE7NJ1m0Ex6l2bRezSb5tBcmkfp9D7NpwWUQR/QQvqQMmkRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdvqIdtDHtJN20W76hPbQp7SXPqN99Dntpy8oi76kA/QVHaSv6RB943vQt3SEjtIx+o6O0/d0gk7SKTpNZ+gHOks/0jnyBCGGIpShCoMwJswRxoY5w7jwijBXeGWYO7wqjIRXh/HhNWGe8Nowb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGw+vCouH1YbEQw+JhidCFJcPE8MawVHhTWDq8OSwT3hKWDW8Ny4Xlw4fvrRjeFlYKbw8rh3eEVcI7w6phtbB6WCO8K6wZ3h3WCu8Ja4f3hqXD+8K64f1hvfCBsH74YNggfChsGD4cNgofCRuHTcKmYbOwefho2CJ8LGwZtgpbh4+HbcInwrbhk2FS+FTYLnz6p/n7FvzxfHLYM+wVvhi+GHp/j5wbnRdNj74fnR9dEM2IfhBdGP0wmhldFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10f3RD1vkYOcOiEk065wMW4HC7W5XRx7gqXy13pcrurXMRd7eLdNS6Pu9bldflcflfAJbiCrpDTzjjryIWusCviou46V9Rd74q5G1xxV8I5V9IlumauuWvuWrjHXEvXyrV2j7vH3RPuCfeke9I95dq5p1179zfXwT3jOrpn3bPuOdfZdXFd3fOumxuX++f3ZLLr5Xq53q636+v6uv6uvxvgBriBbqBLcSlusBvshrghbqgb6oa5YW64G+5GuBFulBvlxrgxLtWluvFuvJvgJriJbqKb7Ca7NJfmprlpbrqb7irN+Hkvs91sN9fNdeku3c13588ZM9xCt9Bluky32C12S91St9wtdyvdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A6301/186Juj9vr9rp9bp/b775wWe5Ld8B95Q66r90h94077L51R9xRd8x95467790Jd9KdcqfdGfeDO+t+dOecd6mRcZHxkbciEyJvRyZGJkUmR6ZE0iJTI9Mi70SmR2ZEZkbejcyKvBeZHZkTmRuZF0mPvB+ZH1kQyYh8EFkY+TCSGVkUWRxZElkaWRbxvuDm0Bf2RXzUX+eL+ut9MX+DL+5LeOdL+kR/oy/lb/Kl/c2+jL/Fl/W3+nK+vK/gH/GNfRPf1Dfzzf2jvoV/zLf0rXxr/7hv45/wbf2TPsk/5dv5p317/zffwT/jO/pnfSf/nO/su/iu/nnfzb/gu/sePtn39L38i7637+P7+n6+v3/JD/Av+4H+FZ/iB/nB/lU/xL/mh/rX/TD/hh8e86YfcfESGcb6VD/Oj/dv+Qn+bT/RT/KT/RSf5qf6af4dP93P8DP9u36Wf8/P9nP8XD/Pp/v3/Xy/wGf4D/xC/6HP9Isu3lT2y/0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9R36H/9jv9Lv8bv+J3+M/9Xv9Z36f/9zv91/4LP+lP+C/8gf91/6Q/8Yf9t/6I/6oP+a/88f99/6EP+lP+dP+jP/Bn/U/+nP8f9YYY4wxxv4p4y4Nxa9nfr6d3/N3csQvNu4FAFduKZD1y/nzZ5Rr8/487iMS2kQA4KkenR68+KhaNTk5+cK2mRKCInMALv5N0HkxcCleBK3hCUiCVlDqd+vvI7qcoX+wfvQWgLhf5MTCpfjS+p8BYPLvrP/o48Pnlw1Pxf8P688BKFbkUk5OuBQvgtY/3V9pBaX/oP58LX5Zf+xv18/5eSpAy1/k5IJL8aX6E+ExeBqSfrUlY4wxxhhjjDH2sz6iQoeL158X/8Xn712fJ6hLOTngUvyPrs8ZY4wxxhhjjDF2+T3TpeuTjyYlterwrw8q/6+y/ulBI/i/WvkvGdzxn1HGvzDwHuDiTxQA/JsLApwfyL/yKDb9JftKufDW+fuppad9AP8ZrfwzBpf5g4kxxhhjjDH2p7t00v/rn6vLVRBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYN/RW/TuyX++tx+Q6VMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu2z+XwAAAP//dMcCKA==") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 7m1.595513723s ago: executing program 1 (id=10638): syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==") mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) 7m0.720109706s ago: executing program 1 (id=10645): r0 = socket(0x2d, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000000)={0x2d, 0xffffffffffffffff, 0x8000}, 0xc) 6m59.80828293s ago: executing program 32 (id=10645): r0 = socket(0x2d, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000000)={0x2d, 0xffffffffffffffff, 0x8000}, 0xc) 1m16.430078752s ago: executing program 0 (id=14681): r0 = socket$can_raw(0x1d, 0x3, 0x1) accept(r0, 0x0, 0x0) 1m15.984071543s ago: executing program 0 (id=14686): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x34, 0x3c, 0x107, 0x0, 0xfffffffe, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x15}]}, @typed={0x8, 0x5, 0x0, 0x0, @u32=0xd}]}, 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x4040) 1m15.566183164s ago: executing program 0 (id=14695): syz_emit_ethernet(0x82, &(0x7f0000000040)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x80}, @val={@void}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53a04", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "508359", 0x0, 0x0, 0x0, @private1, @mcast1={0xff, 0x0, '\x00', 0x0}, [@hopopts={0x3a, 0x1, '\x00', [@calipso={0x7, 0x8}]}]}}}}}}}, 0x0) syz_emit_ethernet(0x376, &(0x7f00000003c0)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0300", 0x340, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbfb23b48, 0x0, [{0x0, 0xa, "a78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0502"}, {0x0, 0x1, "000005000000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x19, 0x7, "b8a3e10000a3e1030000000900fff5ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0x11, "3f14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e2eeb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05"}]}}}}}}, 0x0) 1m15.206563008s ago: executing program 0 (id=14701): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100), 0x1, 0x58b, &(0x7f00000006c0)="$eJzs3U1oHGUfAPD/zGbffuV90xfeF1R6KCpUKN0k/dDqqb2KhUIPghcNm20o2WRLNtEm5JDei9iDqPRSb3rwqHjwIF48Cp68KJ6FYoNC04OuzH6kabJJk5pkbeb3g9mdZ57Z/T/PzP5ndx5m2ABy62j2kEY8HREXk4iBFXV90a482lpvaXG+fH9xvpxEo3Hp1ySSiLi3OF/urJ+0nw9FxEJEPBUR3xQjjqdr49Zn58ZHqtXKVLs8OD1xdbA+O3fiysTIWGWsMnnqpZfPnD19Zvjk8MqX3W+sLBW31tcbP91898Z3r96++elnRxbK748kcS7623Ur+7GdWtukGOdWLT+9E8F6KOl1A3gshXaeZ6n0/xiIQjvru2kM7GrTgB3W2BfRAHIqkf+QU53fAdn5b2fazd8fd863TkCyuEvtqVXT1xqbiP3Nc5ODvyUPnZlk55uHd7Oh7EkL1yNiqK9v7ec/aX/+Ht/QdjSQHfX1+daOWrv/0+XjT3Q5/vR3xk7/ps7xb2nN8e9B/MI6x7+Lm4zxxxs/f7Ru/OsRz3SNnyzHT7rETyPirU3Gv/X6l2fXq2t8HHEsusfvSDYeHx68fKVaGWo9do3x1bEjr2zU/4PrxG+N2e5vfs102/5dhrW7+uLbz59d2CD+C89tvP+7bf8DEfHeJuP/994nr61Xd+d6cjf7FbDV/Z9EMW53f8tk9WDwi+eO/rjJpgIAAAAAAAAAAFuQNq9lS9LS8nyalkqte3j/FwfTaq0+ffxybWZytHXN2+Eopp0rrQZa5SQrD7evx+2UT64qnyq0AxYONMulcq062uO+AwAAAAAAAAAAAAAAAAAAwD/FoVX3//9eaN7/v/rvqoG9av2//Ab2OvkP+fVw/ic9awew+3z/Q2415D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74uKFC9nUuL84X87Ko32zM+O1t0+MVurjpYmZcqlcm7paGqvVxqqVUrk28aj3S2q1q0MxOXNtcLpSnx6sz869OVGbmez8p2iluOM9AgAAAAAAAAAAAAAAAAAAgCdPf3NK0lJEpM35NC2VIv4dEYeTSC5fqVaGIuI/EfFDobgvKw/3utEAAAAAAAAAAAAAAAAAAACwx9Rn58ZHqtXKVE5m+rayckQsbG8zsnfc8quK7X211aDZa3q+wc08oTO9PS4BAAAAAAAAAAAAAAAAAEAePbjp99Hrfh8HIuLP3WgWAAAAAAAAAAAAAAAAAAAA5Ez6SxIR2XRs4Pn+1bX/SpYKzeeIeOfWpQ+ujUxPTw1ny+8uL5/+sL385CbCJa2nhW3vB/AonTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQH12bnykWq1M7eBMr/sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Dj+CgAA//8+jtaV") mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000003640)='./file0\x00', &(0x7f0000003680)='ext4\x00', 0x0, 0x0) 1m14.623908443s ago: executing program 0 (id=14709): r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000400)={0x3a, 'syz1', 0x3a, 'E', 0x3a, 0x0, 0x3a, 'usrjquota=\xb9\xb3\x16\x84!!\x04\x14vq\xcc\x8e\x83\xd7\xce\xef@\xd3;\xc9\xf5\x8a7\xd9#n\x03\x96y/\xbc\xd4P\x19\xbd;\x18\x9b\xeb\xfa\xea\x88\x92\x01|\xf7\xefG\x91yz\x0e0^\xc6&\xa0\xd7K\xdc\x9e\v%\xd7\xd4\xeay\xf0\xca\xaa\xf5\xb6\xe9\x1d\x9f\x19\xfa\xf5\xf6\xd8\x1e\xd0\x80e\xd2\xb2\xd9\x87\xdd\x02\xb7\xb2\xf5\xf5\xe0@\x93n\x05\a\xb3\xa1\x177DY\xfe<\x8b\xc5\x1a\xd4\xd0\xf5\a\x87P\xa6\xea(g\xe8?\xb0\xf7<\xb4\xc7\xe9@\xa3H\xde!\xd2W\x9a\xa1\xd5S\xae>m\xb7Qz\xc4\xef\x02]\xbc\xeb\xd4<\x1f\x91\xf8\x961\x98\xac\xc38\x03\x05\xe1\xd5\xa0Q^SMr\xf1q\x85\xedO\x19E\xec\x89\xc6\xb3g\x8c\x89\x05\xea\x05z\xd1\x99\xb1', 0x3a, '\xaes\xcc3\xadi\xf8\xb5\xed\x8c\xeb$\x14bQ<\xc2I\xcc\x91\xbcN\xa9v\xd2\x81\x1e\x95\xa7\xa2\xbe\xb9F\x02M\xd5\xd1\xd8\xb1\xf3\x8eS0\x9b\v\xa79\x8f\x01h\xd8K\x99\xcc\x82\xe1\xef|P9\x00'/75, 0x3a, './file1'}, 0x13e) 1m12.011103625s ago: executing program 0 (id=14736): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=@newlink={0x38, 0x10, 0x1, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2180}, [@IFLA_IFNAME={0x14, 0x3, 'wlan0\x00'}, @IFLA_VF_PORTS={0x4}]}, 0x38}}, 0x0) 1m11.381812581s ago: executing program 33 (id=14736): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=@newlink={0x38, 0x10, 0x1, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2180}, [@IFLA_IFNAME={0x14, 0x3, 'wlan0\x00'}, @IFLA_VF_PORTS={0x4}]}, 0x38}}, 0x0) 26.436904103s ago: executing program 3 (id=15199): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="180000003d00010710000000000000000300000004"], 0x18}}, 0x880) 26.080403805s ago: executing program 3 (id=15203): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {0x0, 0x0, 0x10000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4}) 25.697628859s ago: executing program 3 (id=15207): r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000005180)={0x2020}, 0x2020) 25.40788471s ago: executing program 3 (id=15209): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100), 0x1, 0x58b, &(0x7f00000006c0)="$eJzs3U1oHGUfAPD/zGbffuV90xfeF1R6KCpUKN0k/dDqqb2KhUIPghcNm20o2WRLNtEm5JDei9iDqPRSb3rwqHjwIF48Cp68KJ6FYoNC04OuzH6kabJJk5pkbeb3g9mdZ57Z/T/PzP5ndx5m2ABy62j2kEY8HREXk4iBFXV90a482lpvaXG+fH9xvpxEo3Hp1ySSiLi3OF/urJ+0nw9FxEJEPBUR3xQjjqdr49Zn58ZHqtXKVLs8OD1xdbA+O3fiysTIWGWsMnnqpZfPnD19Zvjk8MqX3W+sLBW31tcbP91898Z3r96++elnRxbK748kcS7623Ur+7GdWtukGOdWLT+9E8F6KOl1A3gshXaeZ6n0/xiIQjvru2kM7GrTgB3W2BfRAHIqkf+QU53fAdn5b2fazd8fd863TkCyuEvtqVXT1xqbiP3Nc5ODvyUPnZlk55uHd7Oh7EkL1yNiqK9v7ec/aX/+Ht/QdjSQHfX1+daOWrv/0+XjT3Q5/vR3xk7/ps7xb2nN8e9B/MI6x7+Lm4zxxxs/f7Ru/OsRz3SNnyzHT7rETyPirU3Gv/X6l2fXq2t8HHEsusfvSDYeHx68fKVaGWo9do3x1bEjr2zU/4PrxG+N2e5vfs102/5dhrW7+uLbz59d2CD+C89tvP+7bf8DEfHeJuP/994nr61Xd+d6cjf7FbDV/Z9EMW53f8tk9WDwi+eO/rjJpgIAAAAAAAAAAFuQNq9lS9LS8nyalkqte3j/FwfTaq0+ffxybWZytHXN2+Eopp0rrQZa5SQrD7evx+2UT64qnyq0AxYONMulcq062uO+AwAAAAAAAAAAAAAAAAAAwD/FoVX3//9eaN7/v/rvqoG9av2//Ab2OvkP+fVw/ic9awew+3z/Q2415D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74uKFC9nUuL84X87Ko32zM+O1t0+MVurjpYmZcqlcm7paGqvVxqqVUrk28aj3S2q1q0MxOXNtcLpSnx6sz869OVGbmez8p2iluOM9AgAAAAAAAAAAAAAAAAAAgCdPf3NK0lJEpM35NC2VIv4dEYeTSC5fqVaGIuI/EfFDobgvKw/3utEAAAAAAAAAAAAAAAAAAACwx9Rn58ZHqtXKVE5m+rayckQsbG8zsnfc8quK7X211aDZa3q+wc08oTO9PS4BAAAAAAAAAAAAAAAAAEAePbjp99Hrfh8HIuLP3WgWAAAAAAAAAAAAAAAAAAAA5Ez6SxIR2XRs4Pn+1bX/SpYKzeeIeOfWpQ+ujUxPTw1ny+8uL5/+sL385CbCJa2nhW3vB/AonTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQH12bnykWq1M7eBMr/sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Dj+CgAA//8+jtaV") mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000003640)='./file0\x00', &(0x7f0000003680)='ext4\x00', 0x0, 0x0) 24.659288564s ago: executing program 3 (id=15215): r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000007380), 0x2042, 0x0) pwritev(r0, &(0x7f0000007540)=[{&(0x7f0000007400)="2219", 0x2}], 0x1, 0x80000000, 0x4) 20.957009453s ago: executing program 3 (id=15239): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x52, 0xa, 0x1, "3258c5c00e7f94ae1e008fba001b0000f4ff4000000000002300e91aba2800", 0x34343459}) 20.102193762s ago: executing program 34 (id=15239): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x52, 0xa, 0x1, "3258c5c00e7f94ae1e008fba001b0000f4ff4000000000002300e91aba2800", 0x34343459}) 5.134627719s ago: executing program 2 (id=15364): r0 = syz_open_dev$vbi(&(0x7f0000000200), 0x1, 0x2) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000280)={0x1, 0x7, 0x4, 0x0, 0x8}) 5.133731936s ago: executing program 4 (id=15375): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x50}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='tlb_flush\x00', r0}, 0x10) 4.620420997s ago: executing program 4 (id=15367): syz_mount_image$exfat(&(0x7f0000000700), &(0x7f0000000640)='./file0\x00', 0x810450, &(0x7f0000000280)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c696f636861727365743d69736f383835392d312c646d61736b3d30303030303030303030303033373737373737373737372c696f636861727365743d6b6f69382d72752c696f636861727365743d63703433372c6e616d65636173653d312c6e616d65636173653d312c009a8d4d9016e3d8128333e260a1b926dd0c5f7619710e03ea1ae6521494f87e5737dc0c5bec3f76668140a15258818b6fbc51f9a13940e63c378688559c351287f0e09ef0b7330db20eef797e5004484649e7f5fb64b746683a75b9ed822f5ae34fac"], 0x1, 0x1501, &(0x7f0000000780)="$eJzs3AuYzlW7MPD7Xmv9GdOkp0kOw1rr/vOkwTJJkkOKHJIkSZKcEpImSRISQ0gSkpwPk+QwhOQwjUnjfD7knDR5pUmSkJzC+q7pbW/vu3v3297f2/581577d13rmnXPeu71rDX3zDz/9b+u5/m+x8i6zevVakpE8C/Bv35JAYAYABgCANcBQAAAleIrxeeOF5CY8q89CftzPZJ2tVfAriauf97G9c/buP55G9c/b+P6521c/7yN65+3cf0Zy8u2zyl2Pbe82/j+f17Gr///i+SUn/z1xvI39vxvpHD98zauf97G9c/buP55G9c/b+P6/+9X85+Mcf3zNq4/Y3nZ1b7/zO3qtqv9+8cYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLG84569QAPBv/au9LsYYY4wxxhhjjP15fP6rvQLGGGOMMcYYY4z9z0MQIEFBAPkgP8RAAYiFayAOroWCcB1E4HqIhxugENwIhaEIFIVikADFoQRoMGCBIISSUAqicBOUhpshEcpAWSgHDspDEtwCFeBWqAi3QSW4HSrDHVAFqkI1qA53Qg24C+6GmlAL7oHaUAfqQj24F+rDfdAA7oeG8AA0ggehMTwETeBhaAqPQDN4FJrDY9ACHoeW0ApaQxto+3+V/zL0gVegL/SDFOgPA+BVGAiDYDC8BkPgdRgKb8AweBOGwwgYCW/BKHgbRsM7MAbGwjgYDxNgIkyCyTAFpkIqvAvT4D2YDu/DDJgJs2A2pMEcmAsfwDyYDwvgQ1gIH8EiWAxLYCmkw8eQAcsgEz6B5fApZMEKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w2ewA3bCLtgNe2Av7IPPYT98AQfgS8iGr/6b+Wf/Q35PBAQUKFChwnyYD2MwBmMxFuMwDgtiQYxgBOMxHgthISyMhbEoFsUETMASWAINGiQkLIklMYpRLI2lMRETsSyWRYcOkzAJK+CtWBErYiWshJWxMlbBqlgVq2N1rIE18G6EKgHUwtpYG+tiXbwX78X7sAE2wIbYEBthI2yMjbEJNsGm2BSbYTNsjs2xBbbAltgSW2NrbIttsR22w/bYHjtiR+yEnbAzdsZkTMYu2AW7Ylfsht2wO3bHHtgDe2Iv7IUv48v4Cr6C/bC26I8DcAAOxIEHcv8YXsPXcSi+gW/gmzgcR+BIfAvfwrdxNJ7BMTgWx+E4rCEm4iScjCSmYiqm4jSchtNxOs7AmTgTZ2MazsG5OBfn4Xycjx/iQvwIP8LFuBiXYjqmYwYuw0zMxOV4FrNwBa7EVbga1+BqXIfrcR1uxE24EbfgFtyG2/Az/Ax34k7cjbtxL+7Fz/Fz/AK/wOGYjdl4EA/iITyEh/Ew5mAOHsEjeBSP4jE8hsfxOJ7Ak3gKT+JpPI1n8Cyew3N4AS/gRXwx4dtme8tsGA4ilxJK5BP5RIyIEbEiVsSJOFFQFBQRERHxIl4UEoVEYVFYFBVFRYJIECVECWGEESRCUVKUFFERFaVFaZEoEkVZUVY44USSSBIVRAVRUVQUlcTtorK4Q1QRVUUHV11UFzVER3e3qClqiVqitqgj6op6op6oL+qLBqKBaCgaikaikWgsHhJNRH8cjI+I3Mo0FyOwhRiJLUUr0Vq0EW/jE6KdGI3tRQfRUTwlxuIY7CzauWTxrOgiJmFX8byYjC+I7mIq9hAviZ6il+gtXhZ9RHvXV/QTM7C/GCBm40AxSAwWr4l5WEfkVqyueFMMFyPESPGWWIpvi9HiHTFGjBXjxHgxQUwUk8RkMUVMFaniXTFNvCemi/fFDDFTzBKzRZqYI+aKD8Q8MV8sEB+KheIjsUgsFkvEUpEuPhYZYpnIFJ+I5eJTkSVWiJVilVgt1oi1Yp1YLzaIjWKT2Cy2iK1im9guPhM7xE6xS+wWe8ResU98LvaLL8QB8aXIFl+Jg+Iv4pD4WhwW34gc8a04Ir4TR8X34pj4QRwXP4oT4qQ4JX4Sp8XP4ow4K86J8+KC+EVcFJfEZeEFSJRCSqlkIPPJ/DJGFpCx8hoZJ6+VBeV1MiKvl/HyBllI3igLyyKyqCwmE2RxWUJqaaSVJENZUpaSUXmTLC1vlomyjCwry0kny8skeYusIG+VFeVtspK8XVaWd8gqsqqsJqvLO2UNeZe8W9aUteQ9srasI+vKevJeWV/eJxvI+2VD+YBsJB+UjeVDsol8WDaVj8hm8lHZXD4mW8jHZUvZSraWbWRb+YRsJ5+U7WUH2VE+JTvJp2Vn+YxMls/KLvI52VU+L7vJF2R3+aLsIV+SPWUv2Vtekpell31lP5ki+8sB8lU5UA6Sg+Vrcoh8XQ6Vb8hh8k05XI6QI+VbcpR8W46W78gxcqwcJ8fLCXKinCQnyylyqkyV78pp8j05Xb4vZ8iZcpacLdPkHDn4t5kW/Bfy3/sH+cN+ffZtcrv8TO6QO+UuuVvukXvlPrlP7pf75QF5QGbLbHlQHpSH5CF5WB6WOTJHHpFH5FF5VB6Tx+RxeVyekCflefmTPC1/lmfkWXlWnpcX5AV58befAShUQkmlVKDyqfwqRhVQseoaFaeuVQXVdSqirlfx6gZVSN2oCqsiqqgqphJUcVVCaWWUVaRCVVKVUlF1kyqtblaJqowqq8opp8qrJHXLv5z/R+trq9qqdqqdaq/aq46qo+qkOqnOqrNKVsmqi+qiuqquqpvqprqr7qqH6qF6qp6qt+qt+qg+qq/qq1JUihqgXlUD1SA1WL2mhqjX1VA1VA1Tw9RwNVyNVCPVKDVKjVaj1Rg1Ro1T49QENUFNUpPUFDVFpapUNU1NU9PVdDVDzVCz1CyVptLUXDVXzVPz1AK1QC1UC9UitUgtUUtUukpXGSpDZapMtVwtV1lqhVqhVqlVao1ao9apdWqD2qA2qU1qi9qistR2tV3tUDvULrVL7VF71D61T+1X+9UBdUBlq2x1UB1Uh9QhdVgdVjkqRx1RR9RRdVQdU8fUcXVcnVAn1Cl1Sp1Wp9UZdUadU+fUBXVBXVQX1WV1OfeyLxCBCFSggnxBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEoAMT2ICCMCgZlAqiwU1B6eDmIDEoE5QNygUuKB8kBbcEFYJbg4rBbUGl4PagcnBHUCWoGlQLqgd3BjWCu4K7g5pBreCeoHZQJ6gb1AvuDeoH9wUNgvuDhsEDQaPgwaBx8FDQJHg4aBo8EjQLHg2aB48FLYLHg5ZBq6B10CZo+6fO7/2ZIk+6vrqfTtH99QD9qh6oB+nB+jU9RL+uh+o39DD9ph6uR+iR+i09Sr+tR+t39Bg9Vo/T4/UEPVFP0pP1FD1Vp+p39TT9np6u39cz9Ew9S8/WaXqOnqs/0PP0fL1Af6gX6o/0Ir1YL9FLdbr+WGfoZTpTf6KX6091ll6hV+pVerVeo9fqdXq93qA36k16s96it+pterv+TO/QO/UuvVvv0Xv1Pv253q+/0Af0lzpbf6UP6r/oQ/prfVh/o3P0t/qI/k4f1d/rY/oHfVz/qE/ok/qU/kmf1j/rM/qsPqfP6wv6F31RX9KXtc+9uM99eTfKKJPP5DMxJsbEmlgTZ+JMQVPQREzExJt4U8gUMoVNYVPUFDUJJsGUMCVMLjJkSpqSJmqiprQpbRJNoilryhpnnEkySaaCqWAqmoqmkqlkKpvKpoqpYqqZauZOc6e5y9xlapqa5h5zj6lj6ph6pp6pb+qbBqaBaWgamkamkWlsGpsmpolpapqaZqaZaW6amxamhWlpWprWprVpa9qadqadaW/am46mo+lkOpnOprNJNsmmi+liupquppvpZrqb7qaH6WF6mp6mt+lt+pg+pq/pa1JMihlgBpiBZqAZbAabIWaIGWqGmmFmmBlfYVPN3JPTKDPKjDajzRgz1owz480EM9FMMpPNFDPVpJpUM81MM9PNdDPDzDCzzCyTZtLMXDPXzDPzzAKzwCw0C80is8gsMUtMukk3GSbDZJpMs9wsN1kmy6w0K81qs9qsNWvNerPebDQbzWaz2Ww1W812s93sMDvMLrPL7DF7zD6zz+w3+80Bc8Bkm+yY3w535rA5bHJMjjlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86ZC+YXc9FcMpeNNzFWQKy9xsbZa21Be52NsQXs38ZFbTGbYIvbElbbwrbI38XGWptoy9iytpx1trxNsrf8Lq5iq9pqtrq909awd9m7fxfXt/fZBvZ+29A+YOvZe/8ubmQftI3tY7aJfdw2ta1sM9vGNreP2Rb2cdvStrKtbRvbyT5tO9tnbLJ91naxz/0uzrDL7Hq7wW60m+x++4U9Z8/bo/Z7e8H+YvvafnaIfd0OtW/YYfZNO9yO+F08zo63E+xEO8lOtlPs1N/Fs+xsm2bn2Ln2AzvPzv9dnG4/tgttpl1kF9sldumvce6aMu0ndrn91GbZFXalXWVX2zV2rV3372tdZbfYrXab3Wc/tzvsTrvL7rZ77N5f49x9HLBf2mz7lT1iv7OH7Nf2sD1mc+y3v8a5+wP4wR63P9oT9qQ9ZX+yp+3P9ow9++v+c/f+k71kL1tvgZAESVIUUD7KTzFUgGLpGoqja6kgXUcRup7i6QYqRDdSYSpCRakYJVBxKkGaDFkiCqkklaIo3USl6WZKpDJUlsqRo/KURLdQBbqVKtJtVIlup8p0B1WhqlSNqtOdVIPuorupJtWie6g21aG6VI/upfp0HzWg+6khPUCN6EFqTA9RE3qYmtIj1Iwepeb0GLWgx6kltaLW1Iba0hPUjp6k9tSBOtJT1Imeps70DCXTs9SFnqOu9Dx1oxeoO71IPegl6km9qDe9TH3oFepL/SiF+tMAepUG0iAaTK/REHqdhtIbNIzepOE0gkbSWzSK3qbR9A6NobE0jsbTBJpIk2gyTaGplErv0jR6j6bT+zSDZtIsmk1pNIfm0gc0j+bTAvqQFtJHtIgW0xJaSun0MWXQMsqkT2g5fUpZtIJW0ipaTWtoLa2j9bSBNtIm2kxbaCtto+30Ge2gnbSLdtMe2kv76HPaT1/QAfqSsukrOkh/oUP0NR2mbyiHvqUj9B0dpe/pGP1Ax+lHOkEn6RT9RKfpZzpDZ+kcnacL9AtdpEt0mTxBiKEIZajCIMwX5g9jwgJhbHhNGBdeGxYMrwsj4fVhfHhDWCi8MSwcFgmLhsXChLB4WCLUoQltSGEYlgxLhdHwprB0eHOYGJYJy4blQheWD5PCW8IK4a1hxfC2sFJ4e1g5vCOsElYNH3ugenhnWCO8K7w7rBnWCu8Ja4d1wrphvfDesH54X9ggvD9sGD4QVgwfDBuHD4VNwofDpuEjYbPw0bB5+FjYInw8bBm2CluHbcK24RNhu/DJsH3YIewYPhV2Cp8OO4fPhMnhs2GX8Lk/HE8J+4cDwlfDV0Pv75dLokuj6dGPoxnRZdHM6CfR5dFPo1nRFdGV0VXR1dE10bXRddH10Q3RjdFN0c3RLdGt0W1R7+vlB4dOOOmUC1w+l9/FuAIu1l3j4ty1rqC7zkXc9S7e3eAKuRtdYVfEFXXFXIIr7ko47YyzjlzoSrpSLupucqXdzS7RlXFlXTnnXHmX5Nq4tq6ta+eedO1dB9fRPeWeck+7p90z7hn3rOvinnNd3fOum3vBdXcvuhfdS66n6+V6u5ddH/eK6+v6uRSX4ga4AW6gG+gGu8FuiBvihrqhbpgb5oa74W6kG+lGuVFutBvtxrgxbpwb5ya4CW6Sm+SmuCku1aW6aW6am+6muxluhpvlZrk0l+bmurlunpvnFrgFbmHiQrfILXJL3BKX7tJdhstwmS7TLXfLXZbLcivdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A63y+1ye9wet8/tc/vdfnfAHXDZLtsddAfdIXfIHXbfuBz3rTvivnNH3ffumPvBHXc/uhPupDvlfnKn3c/ujDvrzrnz7oL7xV10l9xl511q5N3ItMh7kemR9yMzIjMjsyKzI2mROZG5kQ8i8yLzIwsiH0YWRj6KLIosjiyJLI2kRz6OZESWRTIjn0SWRz6NZEVWRFZGVkVWR9ZEvC++I/QlfSkf9Tf50v5mn+jL+LK+nHe+vE/yt/gK/lZf0d/mK/nbfWV/h6/iq/pq/nHf0rfyrX0b39Y/4dv5J31738F39E/5Tv5p39k/45P9s76Lf8539c/7bv4F392/6Hv4l3xP38v39i/7Pv4V39f38ym+vx/gX/UD/SA/2L/mh/jX/VD/hh/m3/TD/Qg/0r/lR/m3/Wj/jh/jx/pxfryf4Cf6SX6yn+Kn+lT/rp/m3/PT/ft+hp/pZ/nZPs3P8XP9B36en+8X+A/9Qv+RX+QX+yV+qU/3H/sMv8xn+k/8cv+pz/Ir/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3n/kdfqff5Xf7PX6v3+c/9/v9F/6A/9Jn+6/8Qf8Xf8h/7Q/7b3yO/9Yf8d/5o/57f8z/4I/7H/0Jf9Kf8j/50/5nf8af9ef8eX/B/+Iv+kv+8n/1PWv5/ifvpTPGGGOM/f8v9Q/G+/+D74nfWq4BAHDtzmI5fzsuAWBz4b/2B4mEThEAeLZfj0f+rdWunZKS8ttjsyQEpRYDQORK/q+XaL/FK6AjPA3J0AEq/MP1DRK9LtAfzB+9HSD2b3Ji/voxB/9h/lv/k/mfeGpcRuXwXPw/mX8xQGKpKzkF4Ep8Zf6K/8n8Rdr9wfoLfJ0K0P5vcuLgSnxl/iR4Ep6D5L97JGOMMcYYY4wx9leDRLVulHsihn9+Pk9QV3Lyw5X4j87njDHGGGOMMcYYu/pe6NX7mSeSkzt04w53uMOdf+9c7f9MjDHGGGOMsT/blYv+q70SxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMs7/p/8XFiV3uPjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2NX2fwIAAP//sN45jQ==") mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 4.602411818s ago: executing program 2 (id=15368): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000240)=ANY=[@ANYBLOB="6800000010000305fcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="1111020000200600400012800b00010069703667726500003000028014000700fc01000000000000000000000000000108000100", @ANYRES32, @ANYBLOB="050017000100000006000200ee"], 0x68}, 0x1, 0x0, 0x0, 0x48890}, 0x0) 4.074122363s ago: executing program 2 (id=15370): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000a00)=@newtaction={0x68, 0x30, 0x871a15abc695fa3d, 0x70bd26, 0x0, {}, [{0x54, 0x1, [@m_ctinfo={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x0, 0xffffffffffffffff, 0x100}}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) 3.687713727s ago: executing program 4 (id=15374): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0xfffffffffffffde5, &(0x7f0000000140)={&(0x7f00000002c0)=@getchain={0x34, 0x66, 0x211, 0x709d28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x5, 0xc}, {0x1, 0x1}, {0x0, 0xe}}, [{0x4, 0xb, 0xcab7}, {0x8, 0xb, 0xfffffff7}]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x0) 3.330418187s ago: executing program 7 (id=15379): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_buf(r0, 0x11c, 0x2, 0xffffffffffffffff, &(0x7f0000000040)=0x10) 3.103580058s ago: executing program 7 (id=15383): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000140)=""/4078, 0xfee}], 0x1, 0xf2, 0x207fff) 2.862131041s ago: executing program 6 (id=15385): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x101d00, 0x0) read$FUSE(r0, &(0x7f0000000200)={0x2020}, 0x2020) 2.84406788s ago: executing program 7 (id=15386): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@bridge_delvlan={0x18, 0x70, 0x1}, 0x18}, 0x1, 0x0, 0x0, 0x40000050}, 0x0) 2.570996904s ago: executing program 6 (id=15388): r0 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_LOOPBACK(r0, 0x65, 0x3, 0x0, 0xfffffffffffffffe) 1.566503911s ago: executing program 5 (id=15399): r0 = socket$inet6(0xa, 0x3, 0x5) sendmmsg(r0, &(0x7f0000001500)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote, 0x0, 0x3}, 0x80, 0x0}, 0x5b4}, {{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f0000001040)=ANY=[@ANYBLOB="08010000000000002900000002"], 0x108}}], 0x2, 0xc040) 1.483148536s ago: executing program 5 (id=15400): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x208, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x10, 0x2, 0x0, "b427ececbbe6d400fd00000200ef00ffffffffffff00", 0x3631564e}) 1.308324661s ago: executing program 7 (id=15401): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000700)='/sys/power/freeze_filesystems', 0x0, 0x0) read$nci(r0, &(0x7f0000000680)=""/88, 0x58) 1.308130631s ago: executing program 6 (id=15402): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x44, 0x3e, 0x107, 0xfffffffe, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x20, 0x2, 0x0, 0x1, [@nested={0x1c, 0x14, 0x0, 0x1, [@nested={0x18, 0x3, 0x0, 0x1, [@typed={0x14, 0x77, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x30}}}]}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000) 1.307483513s ago: executing program 2 (id=15403): syz_mount_image$exfat(&(0x7f0000000700), &(0x7f0000000640)='./file0\x00', 0x810450, &(0x7f0000000280)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c696f636861727365743d69736f383835392d312c646d61736b3d30303030303030303030303033373737373737373737372c696f636861727365743d6b6f69382d72752c696f636861727365743d63703433372c6e616d65636173653d312c6e616d65636173653d312c009a8d4d9016e3d8128333e260a1b926dd0c5f7619710e03ea1ae6521494f87e5737dc0c5bec3f76668140a15258818b6fbc51f9a13940e63c378688559c351287f0e09ef0b7330db20eef797e5004484649e7f5fb64b746683a75b9ed822f5ae34fac"], 0x1, 0x1501, &(0x7f0000000780)="$eJzs3AuYzlW7MPD7Xmv9GdOkp0kOw1rr/vOkwTJJkkOKHJIkSZKcEpImSRISQ0gSkpwPk+QwhOQwjUnjfD7knDR5pUmSkJzC+q7pbW/vu3v3297f2/581577d13rmnXPeu71rDX3zDz/9b+u5/m+x8i6zevVakpE8C/Bv35JAYAYABgCANcBQAAAleIrxeeOF5CY8q89CftzPZJ2tVfAriauf97G9c/buP55G9c/b+P6521c/7yN65+3cf0Zy8u2zyl2Pbe82/j+f17Gr///i+SUn/z1xvI39vxvpHD98zauf97G9c/buP55G9c/b+P6/+9X85+Mcf3zNq4/Y3nZ1b7/zO3qtqv9+8cYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLG84569QAPBv/au9LsYYY4wxxhhjjP15fP6rvQLGGGOMMcYYY4z9z0MQIEFBAPkgP8RAAYiFayAOroWCcB1E4HqIhxugENwIhaEIFIVikADFoQRoMGCBIISSUAqicBOUhpshEcpAWSgHDspDEtwCFeBWqAi3QSW4HSrDHVAFqkI1qA53Qg24C+6GmlAL7oHaUAfqQj24F+rDfdAA7oeG8AA0ggehMTwETeBhaAqPQDN4FJrDY9ACHoeW0ApaQxto+3+V/zL0gVegL/SDFOgPA+BVGAiDYDC8BkPgdRgKb8AweBOGwwgYCW/BKHgbRsM7MAbGwjgYDxNgIkyCyTAFpkIqvAvT4D2YDu/DDJgJs2A2pMEcmAsfwDyYDwvgQ1gIH8EiWAxLYCmkw8eQAcsgEz6B5fApZMEKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w2ewA3bCLtgNe2Av7IPPYT98AQfgS8iGr/6b+Wf/Q35PBAQUKFChwnyYD2MwBmMxFuMwDgtiQYxgBOMxHgthISyMhbEoFsUETMASWAINGiQkLIklMYpRLI2lMRETsSyWRYcOkzAJK+CtWBErYiWshJWxMlbBqlgVq2N1rIE18G6EKgHUwtpYG+tiXbwX78X7sAE2wIbYEBthI2yMjbEJNsGm2BSbYTNsjs2xBbbAltgSW2NrbIttsR22w/bYHjtiR+yEnbAzdsZkTMYu2AW7Ylfsht2wO3bHHtgDe2Iv7IUv48v4Cr6C/bC26I8DcAAOxIEHcv8YXsPXcSi+gW/gmzgcR+BIfAvfwrdxNJ7BMTgWx+E4rCEm4iScjCSmYiqm4jSchtNxOs7AmTgTZ2MazsG5OBfn4Xycjx/iQvwIP8LFuBiXYjqmYwYuw0zMxOV4FrNwBa7EVbga1+BqXIfrcR1uxE24EbfgFtyG2/Az/Ax34k7cjbtxL+7Fz/Fz/AK/wOGYjdl4EA/iITyEh/Ew5mAOHsEjeBSP4jE8hsfxOJ7Ak3gKT+JpPI1n8Cyew3N4AS/gRXwx4dtme8tsGA4ilxJK5BP5RIyIEbEiVsSJOFFQFBQRERHxIl4UEoVEYVFYFBVFRYJIECVECWGEESRCUVKUFFERFaVFaZEoEkVZUVY44USSSBIVRAVRUVQUlcTtorK4Q1QRVUUHV11UFzVER3e3qClqiVqitqgj6op6op6oL+qLBqKBaCgaikaikWgsHhJNRH8cjI+I3Mo0FyOwhRiJLUUr0Vq0EW/jE6KdGI3tRQfRUTwlxuIY7CzauWTxrOgiJmFX8byYjC+I7mIq9hAviZ6il+gtXhZ9RHvXV/QTM7C/GCBm40AxSAwWr4l5WEfkVqyueFMMFyPESPGWWIpvi9HiHTFGjBXjxHgxQUwUk8RkMUVMFaniXTFNvCemi/fFDDFTzBKzRZqYI+aKD8Q8MV8sEB+KheIjsUgsFkvEUpEuPhYZYpnIFJ+I5eJTkSVWiJVilVgt1oi1Yp1YLzaIjWKT2Cy2iK1im9guPhM7xE6xS+wWe8ResU98LvaLL8QB8aXIFl+Jg+Iv4pD4WhwW34gc8a04Ir4TR8X34pj4QRwXP4oT4qQ4JX4Sp8XP4ow4K86J8+KC+EVcFJfEZeEFSJRCSqlkIPPJ/DJGFpCx8hoZJ6+VBeV1MiKvl/HyBllI3igLyyKyqCwmE2RxWUJqaaSVJENZUpaSUXmTLC1vlomyjCwry0kny8skeYusIG+VFeVtspK8XVaWd8gqsqqsJqvLO2UNeZe8W9aUteQ9srasI+vKevJeWV/eJxvI+2VD+YBsJB+UjeVDsol8WDaVj8hm8lHZXD4mW8jHZUvZSraWbWRb+YRsJ5+U7WUH2VE+JTvJp2Vn+YxMls/KLvI52VU+L7vJF2R3+aLsIV+SPWUv2Vtekpell31lP5ki+8sB8lU5UA6Sg+Vrcoh8XQ6Vb8hh8k05XI6QI+VbcpR8W46W78gxcqwcJ8fLCXKinCQnyylyqkyV78pp8j05Xb4vZ8iZcpacLdPkHDn4t5kW/Bfy3/sH+cN+ffZtcrv8TO6QO+UuuVvukXvlPrlP7pf75QF5QGbLbHlQHpSH5CF5WB6WOTJHHpFH5FF5VB6Tx+RxeVyekCflefmTPC1/lmfkWXlWnpcX5AV58befAShUQkmlVKDyqfwqRhVQseoaFaeuVQXVdSqirlfx6gZVSN2oCqsiqqgqphJUcVVCaWWUVaRCVVKVUlF1kyqtblaJqowqq8opp8qrJHXLv5z/R+trq9qqdqqdaq/aq46qo+qkOqnOqrNKVsmqi+qiuqquqpvqprqr7qqH6qF6qp6qt+qt+qg+qq/qq1JUihqgXlUD1SA1WL2mhqjX1VA1VA1Tw9RwNVyNVCPVKDVKjVaj1Rg1Ro1T49QENUFNUpPUFDVFpapUNU1NU9PVdDVDzVCz1CyVptLUXDVXzVPz1AK1QC1UC9UitUgtUUtUukpXGSpDZapMtVwtV1lqhVqhVqlVao1ao9apdWqD2qA2qU1qi9qistR2tV3tUDvULrVL7VF71D61T+1X+9UBdUBlq2x1UB1Uh9QhdVgdVjkqRx1RR9RRdVQdU8fUcXVcnVAn1Cl1Sp1Wp9UZdUadU+fUBXVBXVQX1WV1OfeyLxCBCFSggnxBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEoAMT2ICCMCgZlAqiwU1B6eDmIDEoE5QNygUuKB8kBbcEFYJbg4rBbUGl4PagcnBHUCWoGlQLqgd3BjWCu4K7g5pBreCeoHZQJ6gb1AvuDeoH9wUNgvuDhsEDQaPgwaBx8FDQJHg4aBo8EjQLHg2aB48FLYLHg5ZBq6B10CZo+6fO7/2ZIk+6vrqfTtH99QD9qh6oB+nB+jU9RL+uh+o39DD9ph6uR+iR+i09Sr+tR+t39Bg9Vo/T4/UEPVFP0pP1FD1Vp+p39TT9np6u39cz9Ew9S8/WaXqOnqs/0PP0fL1Af6gX6o/0Ir1YL9FLdbr+WGfoZTpTf6KX6091ll6hV+pVerVeo9fqdXq93qA36k16s96it+pterv+TO/QO/UuvVvv0Xv1Pv253q+/0Af0lzpbf6UP6r/oQ/prfVh/o3P0t/qI/k4f1d/rY/oHfVz/qE/ok/qU/kmf1j/rM/qsPqfP6wv6F31RX9KXtc+9uM99eTfKKJPP5DMxJsbEmlgTZ+JMQVPQREzExJt4U8gUMoVNYVPUFDUJJsGUMCVMLjJkSpqSJmqiprQpbRJNoilryhpnnEkySaaCqWAqmoqmkqlkKpvKpoqpYqqZauZOc6e5y9xlapqa5h5zj6lj6ph6pp6pb+qbBqaBaWgamkamkWlsGpsmpolpapqaZqaZaW6amxamhWlpWprWprVpa9qadqadaW/am46mo+lkOpnOprNJNsmmi+liupquppvpZrqb7qaH6WF6mp6mt+lt+pg+pq/pa1JMihlgBpiBZqAZbAabIWaIGWqGmmFmmBlfYVPN3JPTKDPKjDajzRgz1owz480EM9FMMpPNFDPVpJpUM81MM9PNdDPDzDCzzCyTZtLMXDPXzDPzzAKzwCw0C80is8gsMUtMukk3GSbDZJpMs9wsN1kmy6w0K81qs9qsNWvNerPebDQbzWaz2Ww1W812s93sMDvMLrPL7DF7zD6zz+w3+80Bc8Bkm+yY3w535rA5bHJMjjlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86ZC+YXc9FcMpeNNzFWQKy9xsbZa21Be52NsQXs38ZFbTGbYIvbElbbwrbI38XGWptoy9iytpx1trxNsrf8Lq5iq9pqtrq909awd9m7fxfXt/fZBvZ+29A+YOvZe/8ubmQftI3tY7aJfdw2ta1sM9vGNreP2Rb2cdvStrKtbRvbyT5tO9tnbLJ91naxz/0uzrDL7Hq7wW60m+x++4U9Z8/bo/Z7e8H+YvvafnaIfd0OtW/YYfZNO9yO+F08zo63E+xEO8lOtlPs1N/Fs+xsm2bn2Ln2AzvPzv9dnG4/tgttpl1kF9sldumvce6aMu0ndrn91GbZFXalXWVX2zV2rV3372tdZbfYrXab3Wc/tzvsTrvL7rZ77N5f49x9HLBf2mz7lT1iv7OH7Nf2sD1mc+y3v8a5+wP4wR63P9oT9qQ9ZX+yp+3P9ow9++v+c/f+k71kL1tvgZAESVIUUD7KTzFUgGLpGoqja6kgXUcRup7i6QYqRDdSYSpCRakYJVBxKkGaDFkiCqkklaIo3USl6WZKpDJUlsqRo/KURLdQBbqVKtJtVIlup8p0B1WhqlSNqtOdVIPuorupJtWie6g21aG6VI/upfp0HzWg+6khPUCN6EFqTA9RE3qYmtIj1Iwepeb0GLWgx6kltaLW1Iba0hPUjp6k9tSBOtJT1Imeps70DCXTs9SFnqOu9Dx1oxeoO71IPegl6km9qDe9TH3oFepL/SiF+tMAepUG0iAaTK/REHqdhtIbNIzepOE0gkbSWzSK3qbR9A6NobE0jsbTBJpIk2gyTaGplErv0jR6j6bT+zSDZtIsmk1pNIfm0gc0j+bTAvqQFtJHtIgW0xJaSun0MWXQMsqkT2g5fUpZtIJW0ipaTWtoLa2j9bSBNtIm2kxbaCtto+30Ge2gnbSLdtMe2kv76HPaT1/QAfqSsukrOkh/oUP0NR2mbyiHvqUj9B0dpe/pGP1Ax+lHOkEn6RT9RKfpZzpDZ+kcnacL9AtdpEt0mTxBiKEIZajCIMwX5g9jwgJhbHhNGBdeGxYMrwsj4fVhfHhDWCi8MSwcFgmLhsXChLB4WCLUoQltSGEYlgxLhdHwprB0eHOYGJYJy4blQheWD5PCW8IK4a1hxfC2sFJ4e1g5vCOsElYNH3ugenhnWCO8K7w7rBnWCu8Ja4d1wrphvfDesH54X9ggvD9sGD4QVgwfDBuHD4VNwofDpuEjYbPw0bB5+FjYInw8bBm2CluHbcK24RNhu/DJsH3YIewYPhV2Cp8OO4fPhMnhs2GX8Lk/HE8J+4cDwlfDV0Pv75dLokuj6dGPoxnRZdHM6CfR5dFPo1nRFdGV0VXR1dE10bXRddH10Q3RjdFN0c3RLdGt0W1R7+vlB4dOOOmUC1w+l9/FuAIu1l3j4ty1rqC7zkXc9S7e3eAKuRtdYVfEFXXFXIIr7ko47YyzjlzoSrpSLupucqXdzS7RlXFlXTnnXHmX5Nq4tq6ta+eedO1dB9fRPeWeck+7p90z7hn3rOvinnNd3fOum3vBdXcvuhfdS66n6+V6u5ddH/eK6+v6uRSX4ga4AW6gG+gGu8FuiBvihrqhbpgb5oa74W6kG+lGuVFutBvtxrgxbpwb5ya4CW6Sm+SmuCku1aW6aW6am+6muxluhpvlZrk0l+bmurlunpvnFrgFbmHiQrfILXJL3BKX7tJdhstwmS7TLXfLXZbLcivdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A63y+1ye9wet8/tc/vdfnfAHXDZLtsddAfdIXfIHXbfuBz3rTvivnNH3ffumPvBHXc/uhPupDvlfnKn3c/ujDvrzrnz7oL7xV10l9xl511q5N3ItMh7kemR9yMzIjMjsyKzI2mROZG5kQ8i8yLzIwsiH0YWRj6KLIosjiyJLI2kRz6OZESWRTIjn0SWRz6NZEVWRFZGVkVWR9ZEvC++I/QlfSkf9Tf50v5mn+jL+LK+nHe+vE/yt/gK/lZf0d/mK/nbfWV/h6/iq/pq/nHf0rfyrX0b39Y/4dv5J31738F39E/5Tv5p39k/45P9s76Lf8539c/7bv4F392/6Hv4l3xP38v39i/7Pv4V39f38ym+vx/gX/UD/SA/2L/mh/jX/VD/hh/m3/TD/Qg/0r/lR/m3/Wj/jh/jx/pxfryf4Cf6SX6yn+Kn+lT/rp/m3/PT/ft+hp/pZ/nZPs3P8XP9B36en+8X+A/9Qv+RX+QX+yV+qU/3H/sMv8xn+k/8cv+pz/Ir/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3n/kdfqff5Xf7PX6v3+c/9/v9F/6A/9Jn+6/8Qf8Xf8h/7Q/7b3yO/9Yf8d/5o/57f8z/4I/7H/0Jf9Kf8j/50/5nf8af9ef8eX/B/+Iv+kv+8n/1PWv5/ifvpTPGGGOM/f8v9Q/G+/+D74nfWq4BAHDtzmI5fzsuAWBz4b/2B4mEThEAeLZfj0f+rdWunZKS8ttjsyQEpRYDQORK/q+XaL/FK6AjPA3J0AEq/MP1DRK9LtAfzB+9HSD2b3Ji/voxB/9h/lv/k/mfeGpcRuXwXPw/mX8xQGKpKzkF4Ep8Zf6K/8n8Rdr9wfoLfJ0K0P5vcuLgSnxl/iR4Ep6D5L97JGOMMcYYY4wx9leDRLVulHsihn9+Pk9QV3Lyw5X4j87njDHGGGOMMcYYu/pe6NX7mSeSkzt04w53uMOdf+9c7f9MjDHGGGOMsT/blYv+q70SxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMs7/p/8XFiV3uPjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2NX2fwIAAP//sN45jQ==") mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 1.298033065s ago: executing program 4 (id=15404): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0) 1.102950696s ago: executing program 5 (id=15405): r0 = syz_open_dev$radio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000400)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)={0x98f904, 0x0, '\x00', @string=0x0}}) 914.204352ms ago: executing program 6 (id=15406): r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) setsockopt$ax25_int(r0, 0x101, 0x9, &(0x7f0000000040), 0x4) 914.016059ms ago: executing program 4 (id=15407): syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x3000892, &(0x7f0000000180)={[{@nocompress}, {@mode={'mode', 0x3d, 0x2}}, {@map_acorn}, {@block={'block', 0x3d, 0x400}}, {@map_acorn}, {@map_acorn}, {@check_strict}, {@sbsector}, {@uid}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@iocharset={'iocharset', 0x3d, 'macturkish'}}, {@overriderock}]}, 0x1, 0xa14, &(0x7f0000000dc0)="$eJzs3U1sXOW5B/D/8UdiDEoC5HK5CMgk3AQDvo7tXJIbseAm9iQx146vbEci6oJQ4lRp3NKSVgJUiSBVXRW1Uqsu2h3qqt0gsSmbil27a1ddVKpYdY+6Sleuzsw4HtszHts4dgi/X3Q85+M57/uczzczPp43fLks7l8xtbhYG7Y4fek3O5Ax97Cz4599+NEH5fD+rexJd14sfpf0JakkPUkeT3rHxmempzoUdCO5kuTTpEiyN/XXDbmS4id5aHn60xS/Kutta89GS6aTRb7Sdvv8AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAe1ExNj48PFLsycTFS69W6pLKGmPjM9NFFhfXLllap+6TWq/fxScd602Kckhf31JX348fXF78WJLKkTxZn3qy1iF5+vLug48deOnRnq6l9dtl84Xs3XixN99598brCwvzb7UPWXyvvg3bk9s95nz14sTs9MTUmfPVysTsdOX0yZPDxy+cm62cm5iszl6enatOVcZmqmfmpmcqA2PPVUZOnz5RqQ5dnr508fz40GR1aeap/xodHj5ZeWXo/6tnZmanLx5/ZWh27MLE5OTExfO1mHJxGXOqPBH/b2KuMlc9M1WpXLu+MH9iVU7dq3d2GTTSaUvKoNFOQaPDo6MjI6OjI+83es++M+Pki6dfPDU83DO8StZE3KWTlnvLA+0P8zbfwWHruurtf745mYlczKW8mkrLf2MZz0ymM9VmecNS+3/0eHXdepvb/0Yr39O0+Inyx5E83Zjsa9P+t8ll5/7dzDt5NzfyehaykPm8tesZ7ey/86nmYiYym+lMZCpnanMqjTmVnM7JnMxwXsuFHMpsKjmXiUymmtlczmzmUq2dUWOZSTVnMpfpzKSSgYzluVQyktM5nROppJqhXM507Sw5n/GcqZVyLddr+/3EOjneCRrZSNDoOkGrG/PyXN9c+1+9X/8nyIZt/00ctmix0f7v6Rw6MLYTCQEAAADb7j/+mH0HH/nD35IiT9U+lz83MVl9ebfTAgAAALZR7XG9J8uX3nLsqb7a+//h3U4LAAAA2EZF7W/siiT9OVQfW/pLKB8CAAAAwH2i9vv/p1McWp7h/T8AAADcZzp/x37HiGJw6et/K1frr1cbEfWpov/cxGR1aGx68qWRHKt9y0CSp9aW1p0UvbU/P3g+h+tRh/vrr/3LJZZ19pVRI0MvjeT5HGlsyMAz5cszAy0iR+uRz9Yjn22O7M6KyBNlJADc746s0x5vtP1/PoP1iMEnak1+zxMt2uBhLSsA3Cvu9LHzz0aXZi3a/0bE0+3a//9e5/1/GfFIrh2qP1IwlDfyZhZyNYNpPHFwqFWpS70R1B9DGOzwaUB/45GFP5/qyuCazwP67mxrc+x8RjPY8hOBpnKLpRxO1OO6784xAICddmTddnhj7f9gh/f//R4pBIB7yp0e7Dcx8t5mguffurnb2wgArKSVBgAAAAAAAAAAAAAAAAAAAAAAAAAAgO23oS/w/9OxZGFhPtlCZwFbHunbTIbrj3Rlh3JujPQm2bkd1TzSnWTHK22MvJxNr9X3xXbUbx9orP73Xdrk+3lkl29MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7Igi6W41vyvZm2Q4yfGdz+ruubXbCWyXyp4trVbczu28nX3bng8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFdc4/v/u1J/fbA+Kz1dydEkV5J8bbdz3E63dzuBu6PoHPKteuDy9/93Jb1ZLNJTP+wpesfGZ6anyqKKveXyzz786INy6Fz22l4VygLKGlZ0LtGooWlO78q1Hq6t1T8+f/PG9978TmX8bO3EPDt3bnJ86vzM/y4HPlZ8nFRSH5Ys5fuDo7//adPsRkcJxcfllra2ut5ztXrH19b7763WblPvBlxfmB8ta5qrvjr3/W9ff7tp0SM5nDwzkAysrOkb5dCmpsOr9+dKxefFj4p9+UWu1I5/uTeKxaI8RPtr2//AtesL80NvvLlw9U5O763I6UAOJbma9G08p0Ptz83aWdfVW9Y6XAsqfxzsUN66mkocqW1DeWau3K8P106Z/k1tQ6XD9dVhvzcyOtHySP/su4/mWONId284o2Mdamyp+Lz4a3Ehf8kPm/r/6CqP/9G0vDpbFFGLbDpTmpetuLy6ji5v+WjzgtdWl9n2quQu+HG+nv+5c/y7mu7/jWO1M/ejphpbXxfJ8nWx0Rp/vX9Ni7Ks1iIdXNUiNe4+7dZp5HmwHtUmz3/LC/UyN3FHeaFTi32Xrv9fFgP5R27p/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALj3FUl3q/ldydEkB5LsL6cryeLqmFtbqK+rv9hKmttmKzl/+RRtN7S4ndt5O/t2OiMAAAAAAAAA7o6z4599+NEH5VD7fXx3/rOrsaSS9CQ5UPy8d2x8ZnqqQ0G9yZWlX+n3bS6HK+WPh5anPy2nHu+w0u4+PgAAX2r/CgAA//8S8Ws4") open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901) 913.402212ms ago: executing program 7 (id=15408): creat(&(0x7f00000000c0)='./file0\x00', 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000cc0)=ANY=[@ANYBLOB="14"], &(0x7f0000002300), 0x0) 728.591243ms ago: executing program 5 (id=15409): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, 0x0, &(0x7f0000000340)) 597.873211ms ago: executing program 2 (id=15410): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000480)=@multiplanar_fd={0x7, 0x8, 0x4, 0x2, 0x6a96, {0x77359400}, {0x4, 0x1, 0x4, 0x3, 0xf9, 0x40, "af55123b"}, 0x2, 0x4, {0x0}, 0x8}) 505.640253ms ago: executing program 6 (id=15411): r0 = socket$rxrpc(0x21, 0x2, 0x2) bind$rxrpc(r0, &(0x7f0000000080)=@in4={0x21, 0x0, 0x63, 0x10, {0x2, 0x4e20, @multicast2}}, 0x24) 422.107025ms ago: executing program 5 (id=15412): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000140)=""/4078, 0xfee}], 0x1, 0xf2, 0x207fff) 421.402618ms ago: executing program 7 (id=15423): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$afs(&(0x7f0000000100)=@cell={0x23, 'syz1:', 'syz0', '.readonly'}, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) 245.740458ms ago: executing program 4 (id=15413): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000180)={0xa, 0x0, 0x3, @remote, 0xc0e}, 0x20) 90.416893ms ago: executing program 6 (id=15414): r0 = socket$rds(0x15, 0x5, 0x0) recvmmsg(r0, &(0x7f00000024c0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x21, 0x0) 60.918704ms ago: executing program 2 (id=15415): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000001480)='/dev/comedi4\x00', 0x40, 0x0) ioctl$COMEDI_BUFCONFIG(r0, 0x8020640d, &(0x7f00000014c0)={0x1, 0x317bfec2, 0x7, 0x9}) 0s ago: executing program 5 (id=15416): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_int(r0, 0x6, 0x6, 0x0, &(0x7f0000000100)=0xffffff83) kernel console output (not intermixed with test programs): on all matching packets. [ 1520.356059][T25275] usb 1-1: new high-speed USB device number 44 using dummy_hcd [ 1520.386365][T16594] team0: Port device dummy0 added [ 1520.397860][ T30] audit: type=1326 audit(2000001212.757:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16604 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb370d8eba9 code=0x7ffc0000 [ 1520.536639][ T30] audit: type=1326 audit(2000001212.757:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16604 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb370d8eba9 code=0x7ffc0000 [ 1520.587793][T25275] usb 1-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 1520.603025][ T30] audit: type=1326 audit(2000001212.823:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16604 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fb370d8eba9 code=0x7ffc0000 [ 1520.645578][T25275] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1520.667122][T16609] netlink: 96 bytes leftover after parsing attributes in process `syz.4.13947'. [ 1520.692640][T25275] usb 1-1: config 0 descriptor?? [ 1520.704725][T25275] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 1520.749406][ T30] audit: type=1326 audit(2000001212.823:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16604 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb370d8eba9 code=0x7ffc0000 [ 1520.832328][ T30] audit: type=1326 audit(2000001212.823:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16604 comm="syz.5.13946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb370d8eba9 code=0x7ffc0000 [ 1520.854904][ C0] vkms_vblank_simulate: vblank timer overrun [ 1520.938203][ T49] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1521.084118][T16625] netlink: 'syz.4.13952': attribute type 21 has an invalid length. [ 1521.173966][T25275] gspca_sunplus: reg_w_riv err -71 [ 1521.200947][T25275] sunplus 1-1:0.0: probe with driver sunplus failed with error -71 [ 1521.203634][ T30] audit: type=1326 audit(2000001213.505:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16632 comm="syz.3.13956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1521.245712][T25275] usb 1-1: USB disconnect, device number 44 [ 1521.280123][T16640] netlink: 'syz.5.13957': attribute type 1 has an invalid length. [ 1521.327640][ T30] audit: type=1326 audit(2000001213.505:1382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16632 comm="syz.3.13956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1521.409235][ T30] audit: type=1326 audit(2000001213.552:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16632 comm="syz.3.13956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1521.459057][T16649] tipc: Can't bind to reserved service type 0 [ 1521.515401][ T30] audit: type=1326 audit(2000001213.552:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16632 comm="syz.3.13956" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1521.519704][T16654] netlink: 32 bytes leftover after parsing attributes in process `syz.3.13960'. [ 1521.633527][T16654] openvswitch: netlink: Missing key (keys=40, expected=100) [ 1522.304337][ T59] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1522.976133][T16724] loop5: detected capacity change from 0 to 512 [ 1523.111108][T16724] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1523.239393][T16724] ext4 filesystem being mounted at /2258/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1523.311885][T16744] wg1: entered promiscuous mode [ 1523.330786][T16724] EXT4-fs error (device loop5): ext4_xattr_block_get:593: inode #15: comm syz.5.13983: corrupted xattr block 19: overlapping e_value [ 1523.351639][T16744] wg1: entered allmulticast mode [ 1523.389061][T16733] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 1523.441430][T16733] EXT4-fs (loop5): Remounting filesystem read-only [ 1523.478550][T16724] EXT4-fs (loop5): Remounting filesystem read-only [ 1523.551573][ T30] audit: type=1800 audit(2000001215.704:1385): pid=16724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.13983" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 1523.557335][T16754] loop3: detected capacity change from 0 to 64 [ 1523.729741][ T6150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1523.751633][T16762] netlink: 'syz.2.13997': attribute type 1 has an invalid length. [ 1523.762651][T16762] netlink: 216 bytes leftover after parsing attributes in process `syz.2.13997'. [ 1523.957294][T16768] loop4: detected capacity change from 0 to 764 [ 1524.034291][T16768] rock: directory entry would overflow storage [ 1524.040496][T16768] rock: sig=0x4654, size=5, remaining=4 [ 1524.415701][T16792] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14005'. [ 1524.727413][T16798] loop2: detected capacity change from 0 to 4096 [ 1524.787582][ T6245] usb 5-1: new full-speed USB device number 27 using dummy_hcd [ 1524.788623][T16798] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1524.896638][T16798] ntfs3(loop2): Failed to load $Extend (-22). [ 1524.914305][T16798] ntfs3(loop2): Failed to initialize $Extend. [ 1524.995545][T16825] ieee802154 phy1 wpan1: encryption failed: -22 [ 1525.024612][ T6245] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 1525.070175][ T6245] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1525.136247][ T6245] usb 5-1: config 0 descriptor?? [ 1525.195135][ T6245] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 1525.367254][T16836] netlink: 'syz.0.14018': attribute type 3 has an invalid length. [ 1525.427304][T16836] netlink: 'syz.0.14018': attribute type 3 has an invalid length. [ 1525.482782][T16836] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14018'. [ 1525.679256][ T6245] gp8psk: usb in 138 operation failed. [ 1525.707655][ T6245] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1525.745081][ T6245] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 1525.757746][ T6245] usb 5-1: USB disconnect, device number 27 [ 1526.133885][T16872] loop2: detected capacity change from 0 to 2048 [ 1526.230806][T16887] netlink: 'syz.0.14032': attribute type 1 has an invalid length. [ 1526.247398][T16872] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1526.420865][ T1152] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1526.599854][T16886] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 1526.666351][ T6149] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1527.005059][ T30] audit: type=1326 audit(2000001218.941:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16926 comm="syz.2.14041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1527.109822][ T30] audit: type=1326 audit(2000001218.941:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16926 comm="syz.2.14041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1527.142535][T16931] Invalid source name [ 1527.160571][T16931] UBIFS error (pid: 16931): cannot open "./file0", error -22 [ 1527.219723][ T30] audit: type=1326 audit(2000001218.987:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16926 comm="syz.2.14041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1527.249851][ C0] vkms_vblank_simulate: vblank timer overrun [ 1527.430314][ T30] audit: type=1326 audit(2000001218.987:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16926 comm="syz.2.14041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1527.559211][ T30] audit: type=1326 audit(2000001218.987:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16926 comm="syz.2.14041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1528.055045][T17001] loop3: detected capacity change from 0 to 1024 [ 1528.081290][T17008] netlink: 7 bytes leftover after parsing attributes in process `syz.4.14064'. [ 1528.171570][T17001] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1528.203597][T17008] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14064'. [ 1528.460250][ T1152] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1528.508428][T17026] loop5: detected capacity change from 0 to 8 [ 1528.542807][ T6156] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1529.240263][T17061] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1529.816396][ T30] audit: type=1326 audit(2000001221.569:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17080 comm="syz.3.14086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1529.877794][ T30] audit: type=1326 audit(2000001221.569:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17080 comm="syz.3.14086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1529.913006][ T30] audit: type=1326 audit(2000001221.569:1393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17080 comm="syz.3.14086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1529.936185][ T30] audit: type=1326 audit(2000001221.569:1394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17080 comm="syz.3.14086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1529.994168][ T30] audit: type=1326 audit(2000001221.569:1395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17080 comm="syz.3.14086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1530.030656][T17088] loop4: detected capacity change from 0 to 512 [ 1530.038163][T17088] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1530.055424][T17088] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 1530.073744][T17088] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002] [ 1530.081820][T17088] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80) [ 1530.128204][T17088] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features [ 1530.178103][T17088] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1530.323111][T17088] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80) [ 1530.339602][T17040] loop2: detected capacity change from 0 to 32768 [ 1530.410646][T17040] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 1530.410646][T17040] [ 1530.453138][T17040] ialloc: diAlloc returned -5! [ 1530.548989][ T6153] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1531.393321][T17140] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14103'. [ 1531.477436][T17135] loop3: detected capacity change from 0 to 4096 [ 1531.671790][T17135] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 1531.717013][T17135] ntfs3(loop3): Failed to load $Extend (-22). [ 1531.753425][T17135] ntfs3(loop3): Failed to initialize $Extend. [ 1531.875485][T17135] ntfs3(loop3): ino=5, "/" indx_read [ 1532.123245][T17161] loop2: detected capacity change from 0 to 764 [ 1532.565182][ T49] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1532.721161][T17193] loop4: detected capacity change from 0 to 512 [ 1532.845293][T17193] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: inode #11: comm syz.4.14119: ea_inode with extended attributes [ 1532.931706][T17205] trusted_key: encrypted_key: keyword 'up‰~te' not recognized [ 1532.966720][T17193] EXT4-fs error (device loop4): ext4_xattr_inode_iget:440: comm syz.4.14119: error while reading EA inode 11 err=-117 [ 1533.093049][T17193] EXT4-fs (loop4): 1 orphan inode deleted [ 1533.113374][T17193] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1533.310628][T17220] netlink: 'syz.5.14128': attribute type 3 has an invalid length. [ 1533.320391][T17220] netlink: 'syz.5.14128': attribute type 3 has an invalid length. [ 1533.331348][T17209] loop6: detected capacity change from 0 to 4096 [ 1533.370071][ T6153] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1533.435957][T17220] netlink: 16 bytes leftover after parsing attributes in process `syz.5.14128'. [ 1533.506107][T17209] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1533.606050][T17209] ntfs3(loop6): Failed to load $Extend (-22). [ 1533.628046][T17209] ntfs3(loop6): Failed to initialize $Extend. [ 1533.645290][T17230] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 1533.645290][T17230] The task syz.3.14130 (17230) triggered the difference, watch for misbehavior. [ 1533.886786][T17242] CIFS: VFS: Malformed UNC in devname [ 1534.069649][ T6245] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 1534.255172][ T6245] usb 5-1: Using ep0 maxpacket: 8 [ 1534.286921][ T6245] usb 5-1: config 165 has too many interfaces: 60, using maximum allowed: 32 [ 1534.323645][ T6245] usb 5-1: config 165 has 0 interfaces, different from the descriptor's value: 60 [ 1534.359469][ T6245] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 1534.389203][ T6245] usb 5-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3 [ 1534.425180][ T6245] usb 5-1: Product: syz [ 1534.429406][ T6245] usb 5-1: Manufacturer: syz [ 1534.478172][ T6245] usb 5-1: SerialNumber: syz [ 1534.627436][ T1152] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1534.702924][ T6200] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 1534.735398][ T6245] usb 5-1: USB disconnect, device number 28 [ 1534.873458][ T6200] usb 7-1: Using ep0 maxpacket: 8 [ 1534.926303][ T6200] usb 7-1: config 179 has an invalid interface number: 65 but max is 0 [ 1534.968315][ T6200] usb 7-1: config 179 has no interface number 0 [ 1534.984384][ T6200] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 1535.004294][ T6200] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 1535.018711][ T6200] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1535.040478][ T6200] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1535.051316][ T6200] usb 7-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 1535.065819][ T6200] usb 7-1: config 179 interface 65 has no altsetting 0 [ 1535.072743][ T6200] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 1535.082552][ T6200] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1535.136530][ T6200] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:179.65/input/input93 [ 1535.170350][T17245] loop2: detected capacity change from 0 to 32768 [ 1535.177769][ T6337] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 1535.229928][T17245] [ 1535.229928][T17245] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1535.229928][T17245] [ 1535.334879][T17245] [ 1535.334879][T17245] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1535.334879][T17245] [ 1535.370471][T17245] [ 1535.370471][T17245] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1535.370471][T17245] [ 1535.386531][ T6337] usb 4-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 1535.409370][ T6337] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1535.432923][T17245] [ 1535.432923][T17245] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1535.432923][T17245] [ 1535.461771][ T6337] usb 4-1: config 0 descriptor?? [ 1535.462289][ T6200] usb 7-1: USB disconnect, device number 19 [ 1535.466796][ C1] xpad 7-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 1535.525431][T17245] [ 1535.525431][T17245] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1535.525431][T17245] [ 1535.555384][ T6337] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 1535.571612][T17245] [ 1535.571612][T17245] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1535.571612][T17245] [ 1535.647847][ T110] [ 1535.647847][ T110] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1535.647847][ T110] [ 1535.825794][ T6149] [ 1535.825794][ T6149] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1535.825794][ T6149] [ 1535.863218][ T6149] [ 1535.863218][ T6149] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1535.863218][ T6149] [ 1535.947206][ T6337] gspca_sunplus: reg_w_riv err -71 [ 1535.977292][ T6337] sunplus 4-1:0.0: probe with driver sunplus failed with error -71 [ 1536.017753][ T6337] usb 4-1: USB disconnect, device number 27 [ 1536.206661][T17348] loop5: detected capacity change from 0 to 64 [ 1536.419897][T17354] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14157'. [ 1536.474558][T17361] loop2: detected capacity change from 0 to 164 [ 1536.516231][T17361] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1536.597989][T17361] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 1536.650112][T17353] bridge0: port 1(bridge_slave_0) entered disabled state [ 1536.657936][T17353] bridge0: port 1(bridge_slave_0) entered blocking state [ 1536.665193][T17353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1536.688563][T17361] Symlink component flag not implemented [ 1536.719920][T17361] Symlink component flag not implemented [ 1536.731833][T17369] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1536.739113][T17369] IPv6: NLM_F_CREATE should be set when creating new route [ 1536.745335][T17361] Symlink component flag not implemented (7) [ 1536.796037][T17361] Symlink component flag not implemented (116) [ 1536.956526][T17370] loop6: detected capacity change from 0 to 2048 [ 1537.057164][T17370] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1537.809124][T17412] ptrace attach of "./syz-executor exec"[6156] was attempted by ""[17412] [ 1537.855831][T17414] netlink: 'syz.5.14175': attribute type 9 has an invalid length. [ 1537.997848][T17423] loop6: detected capacity change from 0 to 256 [ 1538.040730][T24250] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1538.207199][T17423] FAT-fs (loop6): Directory bread(block 64) failed [ 1538.259192][T17423] FAT-fs (loop6): Directory bread(block 65) failed [ 1538.283520][T17423] FAT-fs (loop6): Directory bread(block 66) failed [ 1538.334274][T17423] FAT-fs (loop6): Directory bread(block 67) failed [ 1538.351964][T17423] FAT-fs (loop6): Directory bread(block 68) failed [ 1538.400045][T17423] FAT-fs (loop6): Directory bread(block 69) failed [ 1538.444619][T17423] FAT-fs (loop6): Directory bread(block 70) failed [ 1538.465120][T17423] FAT-fs (loop6): Directory bread(block 71) failed [ 1538.471889][T17423] FAT-fs (loop6): Directory bread(block 72) failed [ 1538.540680][T17446] netlink: 129704 bytes leftover after parsing attributes in process `syz.0.14184'. [ 1538.580531][T17423] FAT-fs (loop6): Directory bread(block 73) failed [ 1538.789221][T17456] comedi comedi0: rti800: I/O port conflict (0x3,16) [ 1540.006038][T17518] IPv6: NLM_F_CREATE should be specified when creating new route [ 1540.426820][T17569] netlink: 116 bytes leftover after parsing attributes in process `syz.3.14215'. [ 1540.558378][T17574] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 1540.774502][T20918] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1541.756450][T17635] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1542.153847][T17656] loop3: detected capacity change from 0 to 16 [ 1542.192845][T17656] erofs (device loop3): mounted with root inode @ nid 36. [ 1542.262074][T17656] erofs (device loop3): readahead error at folio 2 @ nid 89 [ 1542.269424][T17656] erofs (device loop3): readahead error at folio 1 @ nid 89 [ 1542.354662][T17666] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 1542.356375][T17656] erofs (device loop3): read error -117 @ 1 of nid 89 [ 1542.395695][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 1542.395718][ T30] audit: type=1800 audit(2000001233.329:1397): pid=17656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.14244" name="file3" dev="loop3" ino=89 res=0 errno=0 [ 1542.502069][T17671] netlink: 244 bytes leftover after parsing attributes in process `syz.6.14250'. [ 1542.751777][T25275] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 1542.818019][T17697] dlm: no locking on control device [ 1542.937710][T25275] usb 3-1: Using ep0 maxpacket: 8 [ 1542.966611][T25275] usb 3-1: config 165 has too many interfaces: 60, using maximum allowed: 32 [ 1542.975426][T25275] usb 3-1: config 165 has 0 interfaces, different from the descriptor's value: 60 [ 1543.024005][T25275] usb 3-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 1543.042086][T25275] usb 3-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3 [ 1543.060145][T25275] usb 3-1: Product: syz [ 1543.083217][T25275] usb 3-1: Manufacturer: syz [ 1543.095884][T25275] usb 3-1: SerialNumber: syz [ 1543.173024][T17733] netlink: 56 bytes leftover after parsing attributes in process `syz.6.14258'. [ 1543.403827][T25275] usb 3-1: USB disconnect, device number 22 [ 1543.675928][T17766] loop4: detected capacity change from 0 to 64 [ 1544.087724][ T30] audit: type=1326 audit(2000001234.910:1398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17783 comm="syz.4.14272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca558eba9 code=0x7ffc0000 [ 1544.202412][ T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1544.211245][ T30] audit: type=1326 audit(2000001234.910:1399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17783 comm="syz.4.14272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca558eba9 code=0x7ffc0000 [ 1544.358980][ T30] audit: type=1326 audit(2000001234.919:1400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17783 comm="syz.4.14272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7feca558eba9 code=0x7ffc0000 [ 1544.428724][T17798] loop5: detected capacity change from 0 to 1764 [ 1544.483466][ T30] audit: type=1326 audit(2000001234.919:1401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17783 comm="syz.4.14272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca558eba9 code=0x7ffc0000 [ 1544.535889][ T30] audit: type=1326 audit(2000001234.919:1402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17783 comm="syz.4.14272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feca558eba9 code=0x7ffc0000 [ 1544.579634][T17803] loop4: detected capacity change from 0 to 512 [ 1544.602390][T17803] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1544.689170][T17803] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #2: block 9: comm syz.4.14278: lblock 0 mapped to illegal pblock 9 (length 1) [ 1544.713651][T17803] EXT4-fs (loop4): mount failed [ 1544.778470][ T6150] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1544.889751][ T6150] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1544.953831][T17827] loop3: detected capacity change from 0 to 1024 [ 1545.132999][T17839] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 1545.177185][T17839] netdevsim netdevsim5 netdevsim0: left allmulticast mode [ 1545.402443][T25275] usb 1-1: new high-speed USB device number 45 using dummy_hcd [ 1545.597260][T25275] usb 1-1: Using ep0 maxpacket: 8 [ 1545.629949][T25275] usb 1-1: config 165 has too many interfaces: 60, using maximum allowed: 32 [ 1545.661648][T25275] usb 1-1: config 165 has 0 interfaces, different from the descriptor's value: 60 [ 1545.723431][ T6337] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 1545.724609][T25275] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 1545.791158][T25275] usb 1-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3 [ 1545.806570][T17879] netlink: 32 bytes leftover after parsing attributes in process `syz.6.14298'. [ 1545.823533][T25275] usb 1-1: Product: syz [ 1545.827747][T25275] usb 1-1: Manufacturer: syz [ 1545.856917][T17879] netlink: 32 bytes leftover after parsing attributes in process `syz.6.14298'. [ 1545.882760][T25275] usb 1-1: SerialNumber: syz [ 1545.894661][ T6337] usb 3-1: Using ep0 maxpacket: 8 [ 1545.906528][ T6337] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1545.941114][ T6337] usb 3-1: config 8 has an invalid interface number: 61 but max is 2 [ 1545.967075][ T6337] usb 3-1: config 8 has 1 interface, different from the descriptor's value: 3 [ 1545.993174][ T6337] usb 3-1: config 8 has no interface number 0 [ 1546.019749][ T6337] usb 3-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0 [ 1546.063032][ T6337] usb 3-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1546.112015][ T6337] usb 3-1: config 8 interface 61 has no altsetting 0 [ 1546.128542][ T6337] usb 3-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f [ 1546.134733][T25275] usb 1-1: USB disconnect, device number 45 [ 1546.159661][ T6337] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1546.200782][ T6337] usb 3-1: Product: syz [ 1546.209086][ T6337] usb 3-1: Manufacturer: syz [ 1546.213695][ T6337] usb 3-1: SerialNumber: syz [ 1546.528033][ T6337] bfusb 3-1:8.61: probe with driver bfusb failed with error -5 [ 1546.608570][ T6337] usb 3-1: USB disconnect, device number 23 [ 1546.868098][T17929] loop3: detected capacity change from 0 to 4096 [ 1546.892473][T17929] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 1546.933569][T20918] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1547.348026][ T6200] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 1547.540716][ T6200] usb 4-1: Using ep0 maxpacket: 8 [ 1547.578344][ T6200] usb 4-1: config 0 has an invalid interface number: 239 but max is 0 [ 1547.603886][ T6200] usb 4-1: config 0 has no interface number 0 [ 1547.629207][ T6200] usb 4-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=99.1a [ 1547.665751][ T6200] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1547.698849][ T6200] usb 4-1: Product: syz [ 1547.719211][ T6200] usb 4-1: Manufacturer: syz [ 1547.743775][ T6200] usb 4-1: SerialNumber: syz [ 1547.784380][ T6200] usb 4-1: config 0 descriptor?? [ 1547.915725][T17984] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1547.931256][ T6337] usb 1-1: new high-speed USB device number 46 using dummy_hcd [ 1548.037229][ T6200] ath6kl: Failed to submit usb control message: -71 [ 1548.054892][ T6200] ath6kl: unable to send the bmi data to the device: -71 [ 1548.063020][ T6200] ath6kl: Unable to send get target info: -71 [ 1548.097522][ T6200] ath6kl: Failed to init ath6kl core: -71 [ 1548.105439][ T6200] ath6kl_usb 4-1:0.239: probe with driver ath6kl_usb failed with error -71 [ 1548.143262][ T6337] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 1548.160389][ T6337] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 1548.185786][ T6337] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1548.224860][ T6200] usb 4-1: USB disconnect, device number 28 [ 1548.240627][ T6337] usb 1-1: config 220 has no interface number 2 [ 1548.259403][ T6337] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 1548.321634][ T6337] usb 1-1: config 220 interface 0 has no altsetting 0 [ 1548.352078][ T6337] usb 1-1: config 220 interface 76 has no altsetting 0 [ 1548.368307][ T6337] usb 1-1: config 220 interface 1 has no altsetting 0 [ 1548.428346][ T6337] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1548.447331][ T6337] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1548.472218][ T6337] usb 1-1: Product: syz [ 1548.476440][ T6337] usb 1-1: Manufacturer: syz [ 1548.491303][ T6337] usb 1-1: SerialNumber: syz [ 1548.743616][ T6337] usb 1-1: Found UVC 7.01 device syz (8086:0b07) [ 1548.766565][ T6337] usb 1-1: No valid video chain found. [ 1548.777381][ T6337] usb 1-1: selecting invalid altsetting 0 [ 1548.819658][ T6337] usb 1-1: selecting invalid altsetting 0 [ 1548.846469][ T6337] usbtest 1-1:220.1: probe with driver usbtest failed with error -22 [ 1548.899154][ T6337] usb 1-1: USB disconnect, device number 46 [ 1549.321542][T18060] loop2: detected capacity change from 0 to 512 [ 1549.374277][T18060] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 1549.492559][T18060] UDF-fs: error (device loop2): udf_read_inode: (ino 19) failed ident=264 [ 1549.610797][T18072] netlink: 44 bytes leftover after parsing attributes in process `syz.0.14345'. [ 1549.677210][T24250] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1550.417496][ T6337] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 1550.586913][ T6337] usb 5-1: Using ep0 maxpacket: 32 [ 1550.651224][ T6337] usb 5-1: config 0 has an invalid interface number: 35 but max is 0 [ 1550.665025][ T6337] usb 5-1: config 0 has no interface number 0 [ 1550.695042][ T6337] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 1550.720224][ T6337] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 1550.735647][ T6337] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 1550.757812][ T6337] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1550.765823][ T6337] usb 5-1: Product: syz [ 1550.825960][ T6337] usb 5-1: Manufacturer: syz [ 1550.830610][ T6337] usb 5-1: SerialNumber: syz [ 1550.908051][ T6337] usb 5-1: config 0 descriptor?? [ 1551.051518][T18134] loop6: detected capacity change from 0 to 4096 [ 1551.089633][T18134] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 1551.280254][T18134] ntfs3(loop6): ino=19, mi_enum_attr [ 1551.300012][T18134] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1551.377062][ T6337] radio-si470x 5-1:0.35: si470x_get_report: usb_control_msg returned -71 [ 1551.384800][T18134] ntfs3(loop6): failed to convert "c46c" to cp1250 [ 1551.420130][ T6337] radio-si470x 5-1:0.35: probe with driver radio-si470x failed with error -5 [ 1551.429818][T18134] ntfs3(loop6): ino=20, mi_enum_attr [ 1551.495805][ T6337] radio-raremono 5-1:0.35: this is not Thanko's Raremono. [ 1551.539725][T18154] loop5: detected capacity change from 0 to 4096 [ 1551.553810][ T6337] usb 5-1: USB disconnect, device number 29 [ 1551.633720][T18154] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 1551.837569][ T6200] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 1552.028750][T18184] loop2: detected capacity change from 0 to 1764 [ 1552.040694][ T6200] usb 4-1: Using ep0 maxpacket: 16 [ 1552.074459][ T6200] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 1552.123878][ T6200] usb 4-1: config 2 has 1 interface, different from the descriptor's value: 2 [ 1552.166755][ T6200] usb 4-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56 [ 1552.211062][ T6200] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1552.263001][ T6200] usb 4-1: Product: syz [ 1552.270224][ T6200] usb 4-1: Manufacturer: syz [ 1552.281385][ T6200] usb 4-1: SerialNumber: syz [ 1552.426682][T18206] netlink: 'syz.5.14384': attribute type 5 has an invalid length. [ 1552.577371][T18197] loop4: detected capacity change from 0 to 4096 [ 1552.601981][ T6200] ums-cypress 4-1:2.0: USB Mass Storage device detected [ 1552.713554][T18197] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1552.821891][ T6200] usb 4-1: USB disconnect, device number 29 [ 1552.828706][T18197] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 1552.917480][T18232] loop5: detected capacity change from 0 to 8 [ 1552.967610][T18197] ntfs3(loop4): ino=1e, "file1" attr_set_size [ 1552.968293][ T30] audit: type=1800 audit(2000001243.226:1403): pid=18197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.14382" name="file1" dev="loop4" ino=30 res=0 errno=0 [ 1553.094522][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 1553.096542][ T49] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1553.168294][T18232] SQUASHFS error: xz decompression failed, data probably corrupt [ 1553.237949][T18232] SQUASHFS error: Failed to read block 0x60: -5 [ 1553.283146][T18232] SQUASHFS error: xz decompression failed, data probably corrupt [ 1553.333178][T18232] SQUASHFS error: Failed to read block 0x60: -5 [ 1553.347412][ T30] audit: type=1800 audit(2000001243.591:1404): pid=18232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.14387" name="file1" dev="loop5" ino=1 res=0 errno=0 [ 1553.428106][T18244] netlink: 'syz.2.14391': attribute type 30 has an invalid length. [ 1553.830854][T18293] loop6: detected capacity change from 0 to 2048 [ 1553.875004][T18293] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=26504, location=26504 [ 1553.958120][T18293] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1554.524284][T18328] loop4: detected capacity change from 0 to 128 [ 1554.568062][T18328] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 1554.632341][T18328] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1555.836784][T24250] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1556.066291][T18406] program syz.2.14432 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1556.387078][T18414] loop4: detected capacity change from 0 to 4096 [ 1556.414353][T18414] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 1556.541190][T18414] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 1556.556472][T18414] ntfs3(loop4): Failed to load $Extend (-22). [ 1556.562813][T18414] ntfs3(loop4): Failed to initialize $Extend. [ 1556.642684][T18414] ntfs3(loop4): ino=1e, mi_enum_attr [ 1556.774190][T18445] loop3: detected capacity change from 0 to 256 [ 1557.035421][T18444] loop2: detected capacity change from 0 to 4096 [ 1557.138123][T18444] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 1557.272199][T18444] ntfs3(loop2): Failed to load $Extend (-22). [ 1557.303152][T18444] ntfs3(loop2): Failed to initialize $Extend. [ 1557.632502][T14832] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 1557.770163][ T6200] usb 5-1: new low-speed USB device number 30 using dummy_hcd [ 1557.834342][T14832] usb 4-1: Using ep0 maxpacket: 16 [ 1557.861208][T14832] usb 4-1: config 127 has an invalid interface number: 102 but max is 2 [ 1557.877943][T14832] usb 4-1: config 127 has no interface number 2 [ 1557.884420][T18499] netlink: 6 bytes leftover after parsing attributes in process `syz.0.14458'. [ 1557.899036][T14832] usb 4-1: config 127 interface 0 has no altsetting 0 [ 1557.913500][T14832] usb 4-1: config 127 interface 1 has no altsetting 0 [ 1557.954358][T14832] usb 4-1: config 127 interface 102 has no altsetting 0 [ 1557.983443][ T6200] usb 5-1: config index 0 descriptor too short (expected 1307, got 27) [ 1558.004643][ T6200] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 1558.014382][T18499] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1558.038294][ T6200] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 1558.049811][T14832] usb 4-1: New USB device found, idVendor=1199, idProduct=9015, bcdDevice=99.2d [ 1558.065447][T14832] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1558.073817][ T6200] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 1558.088583][T14832] usb 4-1: Product: syz [ 1558.101659][ T6200] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 1558.118433][T14832] usb 4-1: Manufacturer: syz [ 1558.133945][T14832] usb 4-1: SerialNumber: syz [ 1558.144891][ T6200] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1558.183858][ T6200] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 1558.258410][ T6200] usb 5-1: string descriptor 0 read error: -22 [ 1558.265037][ T6200] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 1558.303694][ T6200] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1558.365346][ T6200] usb 5-1: config 0 descriptor?? [ 1558.378629][ T6200] hub 5-1:0.0: bad descriptor, ignoring hub [ 1558.390685][ T6200] hub 5-1:0.0: probe with driver hub failed with error -5 [ 1558.399835][T18517] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1558.447324][ T6200] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input96 [ 1558.473313][T14832] usb 4-1: selecting invalid altsetting 0 [ 1558.504201][T14832] usb 4-1: Could not set interface, error -22 [ 1558.545408][T14832] usb 4-1: selecting invalid altsetting 0 [ 1558.576100][T14832] usb 4-1: Could not set interface, error -22 [ 1558.650616][T14832] usb 4-1: USB disconnect, device number 30 [ 1558.791871][T18546] loop6: detected capacity change from 0 to 256 [ 1558.858420][T18546] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1558.951532][T14832] usb 5-1: USB disconnect, device number 30 [ 1559.109423][ T30] audit: type=1326 audit(2000001248.980:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18559 comm="syz.0.14470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2fdb8eba9 code=0x7ffc0000 [ 1559.219482][ T30] audit: type=1326 audit(2000001248.980:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18559 comm="syz.0.14470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2fdb8eba9 code=0x7ffc0000 [ 1559.248456][T28369] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1559.341028][ T30] audit: type=1326 audit(2000001249.017:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18559 comm="syz.0.14470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7fa2fdb8eba9 code=0x7ffc0000 [ 1559.447512][ T30] audit: type=1326 audit(2000001249.017:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18559 comm="syz.0.14470" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2fdb8eba9 code=0x7ffc0000 [ 1559.529636][T18586] netlink: 6 bytes leftover after parsing attributes in process `syz.5.14475'. [ 1559.627700][T18586] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1560.236667][ T30] audit: type=1107 audit(2000001250.027:1409): pid=18619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1560.327780][T18627] loop0: detected capacity change from 0 to 8 [ 1560.380120][T18631] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14492'. [ 1561.042146][T18660] loop3: detected capacity change from 0 to 256 [ 1561.049563][T18660] exfat: Deprecated parameter 'namecase' [ 1561.250371][T18660] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1561.298242][ T49] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1561.750587][T18697] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1561.985183][T18708] loop0: detected capacity change from 0 to 1024 [ 1562.098444][T18708] hfsplus: bad catalog entry type [ 1562.325965][ T1152] hfsplus: b-tree write err: -5, ino 4 [ 1563.126316][ T6200] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 1563.168456][T18779] netlink: 'syz.5.14536': attribute type 1 has an invalid length. [ 1563.233754][T18779] netlink: 16 bytes leftover after parsing attributes in process `syz.5.14536'. [ 1563.309254][ T6200] usb 3-1: Using ep0 maxpacket: 32 [ 1563.361479][ T6200] usb 3-1: config 0 has an invalid interface number: 37 but max is 1 [ 1563.413531][ T6200] usb 3-1: config 0 has no interface number 1 [ 1563.489438][ T6200] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=20.a3 [ 1563.498547][ T6200] usb 3-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3 [ 1563.521258][ T6200] usb 3-1: Product: syz [ 1563.525480][ T6200] usb 3-1: Manufacturer: syz [ 1563.530116][ T6200] usb 3-1: SerialNumber: syz [ 1563.600628][ T6200] usb 3-1: config 0 descriptor?? [ 1563.854702][ T6200] qcserial 3-1:0.37: Qualcomm USB modem converter detected [ 1564.078339][ T6200] usb 3-1: USB disconnect, device number 24 [ 1564.095343][ T6200] qcserial 3-1:0.37: device disconnected [ 1564.129810][T18828] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1564.225259][T18831] ksmbd: Unknown IPC event: 3, ignore. [ 1564.917431][T18870] loop3: detected capacity change from 0 to 512 [ 1565.012727][T18870] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 1565.097168][T18870] EXT4-fs error (device loop3): ext4_free_branches:1020: inode #13: comm syz.3.14561: invalid indirect mapped block 8 (level 2) [ 1565.171364][T18870] EXT4-fs (loop3): Remounting filesystem read-only [ 1565.201443][T18870] EXT4-fs (loop3): 1 truncate cleaned up [ 1565.256573][T18888] loop6: detected capacity change from 0 to 256 [ 1565.257367][T18870] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1565.295762][T18888] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1565.386268][T18895] loop4: detected capacity change from 0 to 512 [ 1565.404616][ T49] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1565.445989][T18895] EXT4-fs: Ignoring removed mblk_io_submit option [ 1565.505278][ T6156] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1565.523648][T18895] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 1565.542192][T18895] EXT4-fs (loop4): orphan cleanup on readonly fs [ 1565.627712][T18895] Quota error (device loop4): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 1565.680614][ T6200] usb 1-1: new high-speed USB device number 47 using dummy_hcd [ 1565.688519][T18895] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 1565.790209][T18895] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 1565.832899][T18895] EXT4-fs error (device loop4): ext4_validate_block_bitmap:440: comm syz.4.14570: bg 0: block 40: padding at end of block bitmap is not set [ 1565.875575][ T6200] usb 1-1: Using ep0 maxpacket: 32 [ 1565.880452][T18926] loop6: detected capacity change from 0 to 512 [ 1565.918255][ T6200] usb 1-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 1565.936771][T18926] EXT4-fs: Ignoring removed oldalloc option [ 1565.955867][ T6200] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1565.960899][T18895] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 1565.997887][ T6200] usb 1-1: config 0 descriptor?? [ 1566.020306][T18926] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 1566.079912][ T6200] as10x_usb: device has been detected [ 1566.088638][ T6200] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 1566.105390][T18895] EXT4-fs (loop4): 1 truncate cleaned up [ 1566.112886][T18926] EXT4-fs error (device loop6): ext4_free_branches:1020: inode #16: comm syz.6.14575: invalid indirect mapped block 4294967295 (level 0) [ 1566.138539][ T6200] usb 1-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 1566.159104][ T6200] as10x_usb: error during firmware upload part1 [ 1566.172775][ T6200] Registered device nBox DVB-T Dongle [ 1566.202519][T18895] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1566.247842][T18926] EXT4-fs (loop6): Remounting filesystem read-only [ 1566.255068][T18926] EXT4-fs (loop6): 1 orphan inode deleted [ 1566.306513][T18926] EXT4-fs (loop6): 1 truncate cleaned up [ 1566.358591][T18947] loop2: detected capacity change from 0 to 1024 [ 1566.371070][T18926] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1566.392520][T27173] usb 1-1: USB disconnect, device number 47 [ 1566.429010][T18895] EXT4-fs error (device loop4): ext4_get_link:106: inode #16: comm syz.4.14570: bad symlink. [ 1566.511159][T27173] Unregistered device nBox DVB-T Dongle [ 1566.525529][T27173] as10x_usb: device has been disconnected [ 1566.546877][T18960] netlink: 'syz.5.14581': attribute type 2 has an invalid length. [ 1566.709164][ T3358] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1566.743509][ T6153] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1566.959652][T18981] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14583'. [ 1567.121803][T18984] loop4: detected capacity change from 0 to 2048 [ 1567.248241][T18999] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1567.338873][T18984] NILFS (loop4): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 1567.369662][T18984] NILFS error (device loop4): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1567.412410][ T6200] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 1567.455527][ T49] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1567.495341][T18984] Remounting filesystem read-only [ 1567.512826][T18997] loop5: detected capacity change from 0 to 4096 [ 1567.523066][T18984] NILFS (loop4): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0 [ 1567.566111][T18984] NILFS error (device loop4): nilfs_bmap_last_key: broken bmap (inode number=16) [ 1567.604845][ T6200] usb 4-1: Using ep0 maxpacket: 8 [ 1567.633109][ T6200] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1567.647381][T18984] NILFS (loop4): error -5 truncating bmap (ino=16) [ 1567.681498][ T6200] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1567.750606][ T6200] usb 4-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1567.808854][T19018] tmpfs: Bad value for 'mpol' [ 1567.819686][ T6153] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 1567.822790][ T6200] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1567.849140][T18997] ntfs3(loop5): try to read out of volume at offset 0x3fffffc7000 [ 1567.866161][ T6200] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1567.889723][ T6200] usb 4-1: Product: syz [ 1567.902415][T18997] ntfs3(loop5): ino=21, The size of extended attributes must not exceed 64KiB [ 1567.905799][ T6200] usb 4-1: Manufacturer: syz [ 1567.937975][T25280] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 1567.977956][ T6200] usb 4-1: SerialNumber: syz [ 1568.022373][ T6200] cdc_ncm 4-1:1.0: NCM or ECM functional descriptors missing [ 1568.064512][ T6200] cdc_ncm 4-1:1.0: bind() failure [ 1568.140217][T25280] usb 7-1: Using ep0 maxpacket: 32 [ 1568.157919][T25280] usb 7-1: config 4 has an invalid interface number: 128 but max is 0 [ 1568.177000][T19033] loop0: detected capacity change from 0 to 64 [ 1568.197065][T25280] usb 7-1: config 4 has no interface number 0 [ 1568.218084][T25280] usb 7-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1568.242436][ T6200] cdc_mbim 4-1:1.1: CDC Union missing and no IAD found [ 1568.267247][T25280] usb 7-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1568.284759][ T6200] cdc_mbim 4-1:1.1: bind() failure [ 1568.331576][T25280] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1568.416138][T25280] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1568.484017][T25280] hub 7-1:4.128: USB hub found [ 1568.604360][ T6200] usb 4-1: USB disconnect, device number 31 [ 1568.700970][T25280] hub 7-1:4.128: 6 ports detected [ 1568.715737][T25280] hub 7-1:4.128: Using single TT (err -22) [ 1568.759344][T25280] hub 7-1:4.128: insufficient power available to use all downstream ports [ 1568.928156][T25280] hub 7-1:4.128: hub_hub_status failed (err = -71) [ 1568.939393][T25280] hub 7-1:4.128: config failed, can't get hub status (err -71) [ 1568.993432][T19075] loop4: detected capacity change from 0 to 4096 [ 1568.994568][T25280] usb 7-1: USB disconnect, device number 20 [ 1569.087827][T19090] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1569.297992][T19097] loop5: detected capacity change from 0 to 512 [ 1569.337940][T19097] EXT4-fs: Ignoring removed bh option [ 1569.389740][T19097] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 1569.465002][T19097] EXT4-fs (loop5): invalid journal inode [ 1569.473232][T19097] EXT4-fs (loop5): can't get journal size [ 1569.561119][T19097] EXT4-fs (loop5): 1 truncate cleaned up [ 1569.569948][T19097] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1569.732180][T19097] Device name not specified. [ 1569.732180][T19097] [ 1569.795938][T19114] comedi comedi3: no devices specified [ 1569.956946][T19123] loop3: detected capacity change from 0 to 1024 [ 1570.056898][ T6150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1570.073870][T19123] hfsplus: bad catalog entry type [ 1570.336489][ T3570] hfsplus: b-tree write err: -5, ino 4 [ 1570.463158][T19152] pim6reg: left allmulticast mode [ 1571.563097][T20918] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1571.814098][T19210] netlink: 'syz.3.14641': attribute type 11 has an invalid length. [ 1572.364592][T19162] loop4: detected capacity change from 0 to 32768 [ 1572.465113][T19234] loop0: detected capacity change from 0 to 64 [ 1572.473979][T19162] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1572.480701][T19242] loop3: detected capacity change from 0 to 256 [ 1572.554246][T19242] FAT-fs (loop3): Directory bread(block 64) failed [ 1572.628524][T19242] FAT-fs (loop3): Directory bread(block 65) failed [ 1572.714238][T19242] FAT-fs (loop3): Directory bread(block 66) failed [ 1572.721309][T19242] FAT-fs (loop3): Directory bread(block 67) failed [ 1572.805401][T19262] loop5: detected capacity change from 0 to 512 [ 1572.812876][T19242] FAT-fs (loop3): Directory bread(block 68) failed [ 1572.823337][T19162] XFS (loop4): Ending clean mount [ 1572.845968][T19262] EXT4-fs: Ignoring removed orlov option [ 1572.885135][T19242] FAT-fs (loop3): Directory bread(block 69) failed [ 1572.891771][T19242] FAT-fs (loop3): Directory bread(block 70) failed [ 1572.918203][T19162] XFS (loop4): Quotacheck needed: Please wait. [ 1572.932340][T19262] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1572.978346][T19262] EXT4-fs (loop5): orphan cleanup on readonly fs [ 1572.978606][T19242] FAT-fs (loop3): Directory bread(block 71) failed [ 1573.045496][T19242] FAT-fs (loop3): Directory bread(block 72) failed [ 1573.053746][T19262] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm syz.5.14650: bg 0: block 248: padding at end of block bitmap is not set [ 1573.054646][T19242] FAT-fs (loop3): Directory bread(block 73) failed [ 1573.102895][T19162] XFS (loop4): Quotacheck: Done. [ 1573.126042][T19262] Quota error (device loop5): write_blk: dquota write failed [ 1573.196889][T19262] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 1573.241157][T19262] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.14650: Failed to acquire dquot type 1 [ 1573.368154][T19262] EXT4-fs (loop5): 1 truncate cleaned up [ 1573.401366][T19262] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1573.479068][T19279] loop0: detected capacity change from 0 to 4096 [ 1573.500042][ T6153] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1573.563474][T19262] EXT4-fs: Ignoring removed orlov option [ 1573.601999][T19290] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1573.613474][T24250] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1573.623076][T19262] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1573.754776][T19262] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 1573.851693][T19262] EXT4-fs error (device loop5): __ext4_remount:6740: comm syz.5.14650: Abort forced by user [ 1573.930558][T19262] EXT4-fs (loop5): Remounting filesystem read-only [ 1574.011638][T19262] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 1574.103783][T19262] ext4 filesystem being remounted at /2382/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1574.210898][T19314] netdevsim netdevsim2 : renamed from netdevsim0 (while UP) [ 1574.535459][ T6150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1574.850481][T19337] loop5: detected capacity change from 0 to 64 [ 1574.937614][T19343] netlink: 24 bytes leftover after parsing attributes in process `syz.0.14671'. [ 1574.972197][T19337] hfs: keylen 94 too large [ 1575.626236][T19371] loop4: detected capacity change from 0 to 1764 [ 1576.092553][T19397] : entered promiscuous mode [ 1576.823914][T19446] loop0: detected capacity change from 0 to 1024 [ 1576.920171][T19446] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1577.034371][T19446] ext4 filesystem being mounted at /2470/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1577.189774][T19465] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 1577.248768][ T6141] EXT4-fs error (device loop0): ext4_readdir:262: inode #2: block 16: comm syz-executor: path /2470/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0 [ 1577.280997][T19465] overlayfs: missing 'lowerdir' [ 1577.290793][T19468] netlink: 1 bytes leftover after parsing attributes in process `syz.3.14707'. [ 1577.442555][ T6141] EXT4-fs error (device loop0): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2470/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1577.547718][ T6141] EXT4-fs error (device loop0): ext4_empty_dir:3119: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0 [ 1577.653615][ T6141] EXT4-fs error (device loop0): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2470/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1577.718686][T28369] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1577.795407][ T6141] EXT4-fs error (device loop0): ext4_empty_dir:3119: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0 [ 1577.897237][ T6141] EXT4-fs error (device loop0): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2470/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1577.917876][ C0] vkms_vblank_simulate: vblank timer overrun [ 1577.939541][T19449] loop6: detected capacity change from 0 to 32768 [ 1577.970406][T19449] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.14702 (19449) [ 1577.997674][ T6141] EXT4-fs error (device loop0): ext4_empty_dir:3119: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0 [ 1578.076890][T19449] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1578.098254][ T6141] EXT4-fs error (device loop0): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2470/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1578.165370][T19449] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm [ 1578.167658][T19495] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1578.207707][ T6141] EXT4-fs error (device loop0): ext4_empty_dir:3119: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0 [ 1578.256320][ T6141] EXT4-fs error (device loop0): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2470/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1578.380274][T19449] BTRFS info (device loop6): setting nodatasum [ 1578.386505][T19449] BTRFS info (device loop6): enabling free space tree [ 1578.415986][T19449] BTRFS info (device loop6): use zlib compression, level 3 [ 1578.425412][T19449] BTRFS info (device loop6): max_inline set to 0 [ 1578.510424][T19511] netlink: set zone limit has 4 unknown bytes [ 1578.834564][T19534] netlink: 'syz.3.14723': attribute type 5 has an invalid length. [ 1578.997987][ T3358] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1579.532311][T19567] loop3: detected capacity change from 0 to 164 [ 1579.566863][T19560] sit0: entered promiscuous mode [ 1579.603439][T19560] netlink: 'syz.6.14725': attribute type 1 has an invalid length. [ 1579.636218][T19560] netlink: 1 bytes leftover after parsing attributes in process `syz.6.14725'. [ 1579.667650][T19567] Unsupported NM flag settings (8) [ 1579.703171][ T6141] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1579.780862][T24250] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1580.231670][ T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1580.294209][ T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 1580.410890][ T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1580.429688][ T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 1580.600598][T19596] sctp: [Deprecated]: syz.3.14743 (pid 19596) Use of int in max_burst socket option. [ 1580.600598][T19596] Use struct sctp_assoc_value instead [ 1580.724466][ T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1580.766810][ T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 1580.928064][T19607] netlink: 268 bytes leftover after parsing attributes in process `syz.2.14746'. [ 1580.991690][T19607] unsupported nla_type 65024 [ 1581.153993][ T49] team0: Port device netdevsim0 removed [ 1581.179289][T19616] loop6: detected capacity change from 0 to 1024 [ 1581.188418][ T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1581.244360][ T49] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 1581.245817][T19616] EXT4-fs: Ignoring removed orlov option [ 1581.297355][T19620] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14751'. [ 1581.319089][T19616] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1581.350725][T19616] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec018, mo2=0002] [ 1581.366731][T19625] mac80211_hwsim hwsim9 wlan0: entered promiscuous mode [ 1581.383595][T19616] System zones: 0-1, 3-36 [ 1581.394304][T19625] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 1581.468204][T19616] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1581.524569][ T6145] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1581.549324][ T6145] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1581.561398][ T6145] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1581.602844][ T6145] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1581.617457][ T6145] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1581.674225][T19617] loop3: detected capacity change from 0 to 8192 [ 1581.908734][T19631] lo speed is unknown, defaulting to 1000 [ 1581.994437][ T6145] Bluetooth: hci4: command 0x0c1a tx timeout [ 1582.084196][ T3358] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1582.176694][T19665] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14761'. [ 1583.326988][T19631] chnl_net:caif_netlink_parms(): no params data found [ 1583.329236][T19807] nbd: couldn't find a device at index -1605786504 [ 1583.692295][ T6245] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 1583.883976][ T6145] Bluetooth: hci0: command tx timeout [ 1583.898683][ T59] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1583.944221][ T6245] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1584.000079][ T6245] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 1584.001679][T19631] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.028661][T19631] bridge0: port 1(bridge_slave_0) entered disabled state [ 1584.038358][ T6245] usb 4-1: New USB device strings: Mfr=32, Product=0, SerialNumber=9 [ 1584.049506][T19631] bridge_slave_0: entered allmulticast mode [ 1584.066947][T19631] bridge_slave_0: entered promiscuous mode [ 1584.077031][ T6245] usb 4-1: Manufacturer: syz [ 1584.096072][T19631] bridge0: port 2(bridge_slave_1) entered blocking state [ 1584.103428][ T6245] usb 4-1: SerialNumber: syz [ 1584.117459][ T6245] usb 4-1: config 0 descriptor?? [ 1584.133015][T19631] bridge0: port 2(bridge_slave_1) entered disabled state [ 1584.140248][T19631] bridge_slave_1: entered allmulticast mode [ 1584.154875][ T6245] uvcvideo 4-1:0.0: probe with driver uvcvideo failed with error -22 [ 1584.186240][T19631] bridge_slave_1: entered promiscuous mode [ 1584.402936][ T6245] usb 4-1: USB disconnect, device number 32 [ 1584.529286][T19631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1584.573038][T19631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1584.767822][T19844] loop5: detected capacity change from 0 to 32768 [ 1584.893438][T19844] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1584.931344][T19844] (syz.5.14781,19844,1):ocfs2_find_entry:1094 ERROR: status = -117 [ 1584.968736][ T49] bridge_slave_1: left allmulticast mode [ 1584.996488][ T49] bridge_slave_1: left promiscuous mode [ 1585.006254][T19844] (syz.5.14781,19844,0):ocfs2_find_entry:1094 ERROR: status = -117 [ 1585.015763][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 1585.024220][T19844] (syz.5.14781,19844,0):ocfs2_mknod:505 ERROR: status = -117 [ 1585.045530][T19844] (syz.5.14781,19844,0):ocfs2_mkdir:661 ERROR: status = -117 [ 1585.059658][T19869] loop6: detected capacity change from 0 to 32768 [ 1585.126699][ T49] bridge_slave_0: left allmulticast mode [ 1585.132379][ T49] bridge_slave_0: left promiscuous mode [ 1585.209893][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 1585.255148][ T6150] (syz-executor,6150,0):ocfs2_inode_is_valid_to_delete:947 ERROR: Skipping delete of system file 76 [ 1585.263281][T19983] nftables ruleset with unbound set [ 1585.295235][ T59] read_mapping_page failed! [ 1585.301608][ T59] ERROR: (device loop6): txAbort: [ 1585.301608][ T59] [ 1585.314706][ T6150] ocfs2: Unmounting device (7,5) on (node local) [ 1585.322600][ T59] jfs_write_inode: jfs_commit_inode failed! [ 1585.780157][T27173] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 1585.950657][ T59] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1585.970840][T27173] usb 6-1: Using ep0 maxpacket: 16 [ 1585.992948][T27173] usb 6-1: config 3 has an invalid interface number: 155 but max is 0 [ 1586.013133][T27173] usb 6-1: config 3 has an invalid interface association descriptor of length 3, skipping [ 1586.054488][T27173] usb 6-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config [ 1586.075482][T27173] usb 6-1: config 3 has no interface number 0 [ 1586.097014][T27173] usb 6-1: config 3 interface 155 has no altsetting 0 [ 1586.101293][ T6145] Bluetooth: hci0: command tx timeout [ 1586.149003][T27173] usb 6-1: New USB device found, idVendor=05a9, idProduct=264a, bcdDevice=e5.4c [ 1586.208259][T27173] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1586.300862][T27173] usb 6-1: Product: syz [ 1586.305245][T27173] usb 6-1: Manufacturer: syz [ 1586.328065][T27173] usb 6-1: SerialNumber: syz [ 1586.566980][ T6200] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 1586.627021][T27173] uvcvideo 6-1:3.155: probe with driver uvcvideo failed with error -22 [ 1586.664757][T27173] usb 6-1: USB disconnect, device number 9 [ 1586.703049][T25280] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 1586.751511][ T6200] usb 7-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 1586.769541][ T6200] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1586.821103][ T6200] usb 7-1: config 0 descriptor?? [ 1586.922261][T25280] usb 4-1: config 255 has an invalid interface number: 38 but max is 0 [ 1586.930897][T25280] usb 4-1: config 255 has no interface number 0 [ 1586.955554][T25280] usb 4-1: New USB device found, idVendor=10b8, idProduct=1ebc, bcdDevice= 1.7d [ 1586.966501][T25280] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1586.995501][T25280] usb 4-1: Product: syz [ 1587.000515][T25280] usb 4-1: Manufacturer: syz [ 1587.005221][T25280] usb 4-1: SerialNumber: syz [ 1587.138487][ T49] team0: Port device geneve0 removed [ 1587.240061][T20060] program syz.5.14809 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1587.252143][T25280] dvb-usb: found a 'DiBcom STK7070P reference design' in cold state, will try to load a firmware [ 1587.279475][ T6200] usb 7-1: Cannot read MAC address [ 1587.285922][ T6200] MOSCHIP usb-ethernet driver 7-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 1587.339494][ T6200] usb 7-1: USB disconnect, device number 21 [ 1587.359202][T25280] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 1587.378314][T25280] dib0700: firmware download failed at 7 with -22 [ 1587.407282][T25280] usb 4-1: USB disconnect, device number 33 [ 1587.481234][T20078] loop5: detected capacity change from 0 to 2048 [ 1587.523235][T20078] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1587.778654][T20085] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14811'. [ 1587.799807][ T49] bond0 (unregistering): (slave 30): Releasing backup interface [ 1587.812516][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1587.829715][ T49] bond0 (unregistering): Released all slaves [ 1587.850859][ T49] bond1 (unregistering): Released all slaves [ 1587.875656][ T49] bond2 (unregistering): Released all slaves [ 1587.972571][ T49] bond3 (unregistering): Released all slaves [ 1588.205720][T20097] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14815'. [ 1588.239522][ T49] bond4 (unregistering): Released all slaves [ 1588.267104][ T49] bond5 (unregistering): Released all slaves [ 1588.312589][ T49] bond6 (unregistering): Released all slaves [ 1588.320101][ T30] audit: type=1326 audit(2000001276.296:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20099 comm="syz.3.14816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1588.333787][ T49] bond7 (unregistering): Released all slaves [ 1588.347319][ T6145] Bluetooth: hci0: command tx timeout [ 1588.354630][ T30] audit: type=1326 audit(2000001276.334:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20099 comm="syz.3.14816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1588.377615][ T30] audit: type=1326 audit(2000001276.343:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20099 comm="syz.3.14816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=123 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1588.401870][ T30] audit: type=1326 audit(2000001276.343:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20099 comm="syz.3.14816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1588.424609][ T30] audit: type=1326 audit(2000001276.343:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20099 comm="syz.3.14816" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f712418eba9 code=0x7ffc0000 [ 1588.468780][T19631] team0: Port device team_slave_0 added [ 1588.582817][T19631] team0: Port device team_slave_1 added [ 1588.708569][T20097] ip6gretap1: entered allmulticast mode [ 1589.068134][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14821'. [ 1589.136466][T19631] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1589.143477][T19631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1589.147101][T20146] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14821'. [ 1589.338853][T19631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1589.411116][T19631] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1589.418078][T19631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1589.444001][ C0] vkms_vblank_simulate: vblank timer overrun [ 1589.556566][T19631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1589.985562][T20166] loop2: detected capacity change from 0 to 8192 [ 1590.038497][ T1152] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1590.058723][T19631] hsr_slave_0: entered promiscuous mode [ 1590.106977][T19631] hsr_slave_1: entered promiscuous mode [ 1590.145172][T19631] debugfs: 'hsr0' already exists in 'hsr' [ 1590.172632][T19631] Cannot create hsr debugfs directory [ 1590.488693][T20245] netlink: 80 bytes leftover after parsing attributes in process `syz.2.14833'. [ 1590.544184][ T6145] Bluetooth: hci0: command tx timeout [ 1590.616124][ T49] : left promiscuous mode [ 1590.825730][T20138] loop3: detected capacity change from 0 to 32768 [ 1590.957348][T20138] ea_get: invalid extended attribute [ 1591.000881][ T49] _ÐZ`Ô€@ÿÃ: left promiscuous mode [ 1591.110135][T20163] loop4: detected capacity change from 0 to 32768 [ 1591.179650][T20276] netlink: 'syz.6.14839': attribute type 49 has an invalid length. [ 1591.198542][T20163] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.14826 (20163) [ 1591.281921][ T49] : left promiscuous mode [ 1591.297488][T20163] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1591.360925][T20163] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 1591.691117][T20163] BTRFS info (device loop4): enabling ssd optimizations [ 1591.758790][T20163] BTRFS info (device loop4): enabling free space tree [ 1591.786740][T20343] netlink: 'syz.3.14845': attribute type 3 has an invalid length. [ 1591.795216][T20343] netlink: 224 bytes leftover after parsing attributes in process `syz.3.14845'. [ 1591.837901][ T6245] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 1591.884735][T20293] 8021q: adding VLAN 0 to HW filter on device bond6 [ 1591.902620][T20163] BTRFS error (device loop4): balance: invalid convert metadata profile single [ 1592.019480][ T6245] usb 7-1: Using ep0 maxpacket: 16 [ 1592.037863][ T6245] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1592.088944][T24250] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1592.112318][ T6245] usb 7-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25 [ 1592.141120][ T6153] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1592.141603][ T6245] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1592.217655][ T6245] usb 7-1: Product: syz [ 1592.246534][ T6245] usb 7-1: Manufacturer: syz [ 1592.281820][ T6245] usb 7-1: SerialNumber: syz [ 1592.312427][ T6245] usb 7-1: config 0 descriptor?? [ 1592.397176][ T6245] uvcvideo 7-1:0.0: probe with driver uvcvideo failed with error -22 [ 1592.603579][ T6245] usb 7-1: USB disconnect, device number 22 [ 1593.393218][T20436] netlink: 'syz.2.14856': attribute type 1 has an invalid length. [ 1593.443717][T20436] netlink: 'syz.2.14856': attribute type 2 has an invalid length. [ 1593.697398][T19631] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1594.073258][T19631] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1594.138215][T19631] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1594.240559][T19631] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1594.268021][T20472] netlink: 20 bytes leftover after parsing attributes in process `syz.2.14862'. [ 1594.359284][T20405] loop5: detected capacity change from 0 to 32768 [ 1594.424051][ T49] hsr_slave_0: left promiscuous mode [ 1594.513256][ T49] hsr_slave_1: left promiscuous mode [ 1594.524457][T20405] JBD2: Ignoring recovery information on journal [ 1594.572712][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1594.586021][T20405] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 1594.591225][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1594.639539][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1594.647429][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1594.651762][ T30] audit: type=1400 audit(2000001282.199:1415): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=20483 comm="syz.4.14864" [ 1594.676814][T20421] loop3: detected capacity change from 0 to 32768 [ 1594.762292][T20405] OCFS2: ERROR (device loop5): ocfs2_claim_suballoc_bits: Chain allocator dinode 73 has 4294901761 used bits but only 0 total [ 1594.804438][ T49] veth0_macvtap: left promiscuous mode [ 1594.862152][T20405] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1594.898229][T20421] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1594.922119][T20405] OCFS2: File system is now read-only. [ 1594.928058][T20405] (syz.5.14852,20405,1):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30 [ 1594.958329][T20405] (syz.5.14852,20405,1):ocfs2_claim_metadata:2088 ERROR: status = -30 [ 1594.966937][T20405] (syz.5.14852,20405,1):ocfs2_claim_metadata:2101 ERROR: status = -30 [ 1595.002859][T20405] (syz.5.14852,20405,1):ocfs2_dx_dir_attach_index:2336 ERROR: status = -30 [ 1595.082517][T20405] (syz.5.14852,20405,1):ocfs2_expand_inline_dir:3029 ERROR: status = -30 [ 1595.149606][T20405] (syz.5.14852,20405,1):ocfs2_extend_dir:3211 ERROR: status = -30 [ 1595.174127][T20421] XFS (loop3): Ending clean mount [ 1595.219610][T20421] XFS (loop3): Quotacheck needed: Please wait. [ 1595.243494][T20405] (syz.5.14852,20405,1):ocfs2_prepare_dir_for_insert:4316 ERROR: status = -30 [ 1595.291553][T20405] (syz.5.14852,20405,1):ocfs2_mknod:301 ERROR: status = -30 [ 1595.342811][T20405] (syz.5.14852,20405,1):ocfs2_mknod:505 ERROR: status = -30 [ 1595.343064][T20421] XFS (loop3): Quotacheck: Done. [ 1595.355402][T20405] (syz.5.14852,20405,0):ocfs2_mkdir:661 ERROR: status = -30 [ 1595.553311][ T6150] ocfs2: Unmounting device (7,5) on (node local) [ 1595.633112][ T6156] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1596.188950][ T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1596.855884][T20532] loop3: detected capacity change from 0 to 32768 [ 1596.883638][ T49] team0 (unregistering): Port device team_slave_1 removed [ 1596.892335][T20532] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.14872 (20532) [ 1596.940737][T20532] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1596.974388][T20532] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 1597.087857][ T49] team0 (unregistering): Port device team_slave_0 removed [ 1597.103554][T20530] loop5: detected capacity change from 0 to 40427 [ 1597.166891][T20530] F2FS-fs (loop5): build fault injection rate: 18 [ 1597.190339][T20530] F2FS-fs (loop5): build fault injection type: 0x3bf [ 1597.221578][T20532] BTRFS info (device loop3): rebuilding free space tree [ 1597.253055][T20530] F2FS-fs (loop5): invalid crc value [ 1597.282080][T20530] F2FS-fs (loop5): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x3428/0x98c0 [ 1597.310638][T20530] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-12) [ 1597.436272][T20532] BTRFS info (device loop3): setting nodatasum [ 1597.454249][T20532] BTRFS info (device loop3): allowing degraded mounts [ 1597.480329][T20532] BTRFS info (device loop3): enabling ssd optimizations [ 1597.513897][T20532] BTRFS info (device loop3): enabling free space tree [ 1597.535287][T20532] BTRFS info (device loop3): force clearing of disk cache [ 1597.553315][T20532] BTRFS info (device loop3): doing ref verification [ 1597.564080][T20532] BTRFS info (device loop3): force zlib compression, level 3 [ 1597.749323][ T6156] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1598.059246][T27173] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 1598.251917][ T6265] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1598.263441][T27173] usb 6-1: config 0 has an invalid interface number: 120 but max is 0 [ 1598.271672][T27173] usb 6-1: config 0 has no interface number 0 [ 1598.278233][T27173] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1598.290997][T27173] usb 6-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 1598.300880][T27173] usb 6-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 1598.310019][T27173] usb 6-1: Product: syz [ 1598.314279][T27173] usb 6-1: SerialNumber: syz [ 1598.327776][T27173] usb 6-1: config 0 descriptor?? [ 1598.343746][T27173] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.120/input/input97 [ 1598.480471][T20492] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14866'. [ 1598.500290][T20492] netlink: 12 bytes leftover after parsing attributes in process `syz.6.14866'. [ 1598.678150][T27173] usb 6-1: USB disconnect, device number 10 [ 1599.131396][T19631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1599.304787][T19631] 8021q: adding VLAN 0 to HW filter on device team0 [ 1599.396512][ T1152] bridge0: port 1(bridge_slave_0) entered blocking state [ 1599.403728][ T1152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1599.540709][T20635] loop5: detected capacity change from 0 to 22 [ 1599.553499][ T6265] bridge0: port 2(bridge_slave_1) entered blocking state [ 1599.560723][ T6265] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1599.591826][T20635] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 1599.636761][T20635] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1599.841147][T19631] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1599.902288][T19631] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1600.334694][T20667] loop4: detected capacity change from 0 to 64 [ 1601.126052][T20706] binder: 20702:20706 ioctl c0046209 ffffffffff600000 returned -22 [ 1601.322987][T19631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1601.901690][T20739] loop5: detected capacity change from 0 to 256 [ 1602.075100][T20746] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1602.129254][T20750] netlink: 'syz.6.14918': attribute type 1 has an invalid length. [ 1602.346918][ T59] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1603.223239][T20804] loop3: detected capacity change from 0 to 256 [ 1603.282708][T20808] loop5: detected capacity change from 0 to 256 [ 1603.325199][T20804] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 1603.356196][T19631] veth0_vlan: entered promiscuous mode [ 1603.438986][T19631] veth1_vlan: entered promiscuous mode [ 1603.606044][T19631] veth0_macvtap: entered promiscuous mode [ 1603.655638][T19631] veth1_macvtap: entered promiscuous mode [ 1603.795767][T19631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1603.891912][T19631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1603.995670][ T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1604.067333][ T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1604.113384][ T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1604.160336][T20846] netlink: 'syz.6.14943': attribute type 2 has an invalid length. [ 1604.168466][T20846] netlink: 119 bytes leftover after parsing attributes in process `syz.6.14943'. [ 1604.194071][ T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1604.331515][T20842] loop4: detected capacity change from 0 to 4096 [ 1604.485865][T20885] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1604.649393][T20896] loop6: detected capacity change from 0 to 64 [ 1604.708151][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1604.747540][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1605.009718][T20915] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14950'. [ 1605.055809][T20915] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14950'. [ 1605.125006][T20918] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1605.132875][T20918] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1605.600069][T20945] /dev/nullb0: Can't open blockdev [ 1606.323582][ T30] audit: type=1326 audit(2000001293.135:1416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20969 comm="syz.2.14963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1606.471545][ T30] audit: type=1326 audit(2000001293.191:1417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20969 comm="syz.2.14963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1606.621865][ T30] audit: type=1326 audit(2000001293.191:1418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20969 comm="syz.2.14963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1606.738440][ T30] audit: type=1326 audit(2000001293.191:1419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20969 comm="syz.2.14963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1606.892740][ T30] audit: type=1326 audit(2000001293.191:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20969 comm="syz.2.14963" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a3778eba9 code=0x7ffc0000 [ 1607.081517][T20928] loop6: detected capacity change from 0 to 32768 [ 1607.113259][T20928] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.14951 (20928) [ 1607.186833][T20928] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1607.204408][T25275] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 1607.213032][T20928] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm [ 1607.432023][T25275] usb 4-1: Using ep0 maxpacket: 32 [ 1607.516726][T20928] BTRFS info (device loop6): enabling ssd optimizations [ 1607.531476][T20928] BTRFS info (device loop6): enabling free space tree [ 1607.569746][T25275] usb 4-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 1607.602749][T25275] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1607.647578][T25275] usb 4-1: Product: syz [ 1607.696223][T21041] netlink: 'syz.2.14979': attribute type 3 has an invalid length. [ 1607.706882][T25275] usb 4-1: Manufacturer: syz [ 1607.734350][T25275] usb 4-1: SerialNumber: syz [ 1607.754223][T21041] netlink: 'syz.2.14979': attribute type 1 has an invalid length. [ 1607.762101][T21041] netlink: 216 bytes leftover after parsing attributes in process `syz.2.14979'. [ 1607.798168][T25275] usb 4-1: config 0 descriptor?? [ 1607.863544][T21041] NCSI netlink: No device for ifindex 33022 [ 1607.883157][T21053] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14981'. [ 1607.938708][ T3358] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1608.068878][T25275] RobotFuzz Open Source InterFace, OSIF 4-1:0.0: version d4.15 found at bus 004 address 034 [ 1608.319592][T27173] usb 4-1: USB disconnect, device number 34 [ 1608.515003][T28376] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1608.709800][T21096] loop2: detected capacity change from 0 to 128 [ 1608.814598][T21096] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1608.935508][T21096] ext4 filesystem being mounted at /2495/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1608.990811][T21096] EXT4-fs warning (device loop2): verify_group_input:136: Cannot add at group 3 (only 1 groups) [ 1609.017037][ T6337] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 1609.165217][ T6200] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 1609.250055][ T6149] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1609.262009][ T6337] usb 7-1: Using ep0 maxpacket: 32 [ 1609.270799][T21127] openvswitch: netlink: EtherType 50a is less than min 600 [ 1609.295769][ T6337] usb 7-1: config 0 has an invalid interface number: 37 but max is 1 [ 1609.329648][ T6337] usb 7-1: config 0 has no interface number 1 [ 1609.356791][ T6337] usb 7-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=20.a3 [ 1609.370584][ T6200] usb 6-1: Using ep0 maxpacket: 8 [ 1609.381994][ T6337] usb 7-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3 [ 1609.384324][ T6200] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1609.409141][ T6337] usb 7-1: Product: syz [ 1609.437861][ T6200] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1609.449776][ T6200] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1609.474289][ T6337] usb 7-1: Manufacturer: syz [ 1609.486109][ T6337] usb 7-1: SerialNumber: syz [ 1609.499305][ T6337] usb 7-1: config 0 descriptor?? [ 1609.533243][T21137] netlink: 'syz.2.15000': attribute type 25 has an invalid length. [ 1609.537346][ T6200] usb 6-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 1609.624963][ T6200] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1609.663400][ T6200] usb 6-1: Product: syz [ 1609.686356][ T6200] usb 6-1: Manufacturer: syz [ 1609.709311][ T6200] usb 6-1: SerialNumber: syz [ 1609.734659][ T6337] qcserial 7-1:0.37: Qualcomm USB modem converter detected [ 1609.762127][ T6200] usb 6-1: config 0 descriptor?? [ 1609.774332][ T6200] streamzap 6-1:0.0: streamzap_probe: endpoint Max Packet Size is 0!?! [ 1609.954218][T21160] netlink: 'syz.4.15005': attribute type 11 has an invalid length. [ 1610.069876][T21160] netlink: 12 bytes leftover after parsing attributes in process `syz.4.15005'. [ 1610.086330][ T6337] usb 7-1: USB disconnect, device number 23 [ 1610.112336][ T6200] usb 6-1: USB disconnect, device number 11 [ 1610.125523][ T6337] qcserial 7-1:0.37: device disconnected [ 1610.407385][T21187] loop7: detected capacity change from 0 to 2048 [ 1610.506808][T21187] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1610.574834][T21198] loop3: detected capacity change from 0 to 256 [ 1610.593285][T21198] exfat: Deprecated parameter 'namecase' [ 1610.629794][T21198] exfat: Deprecated parameter 'namecase' [ 1610.803313][T21198] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 1611.117717][T21221] loop7: detected capacity change from 0 to 512 [ 1611.179941][T21221] EXT4-fs: Ignoring removed mblk_io_submit option [ 1611.240312][T21221] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem [ 1611.335847][T21221] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 1611.400061][T21221] System zones: 1-12 [ 1611.417548][T21221] EXT4-fs error (device loop7): ext4_iget_extra_inode:5103: inode #15: comm syz.7.15019: corrupted in-inode xattr: e_value size too large [ 1611.518143][T21221] EXT4-fs error (device loop7): ext4_orphan_get:1395: comm syz.7.15019: couldn't read orphan inode 15 (err -117) [ 1611.579641][T21221] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1611.720810][T21221] cgroup: name respecified [ 1611.974484][T19631] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1612.367142][T21215] loop5: detected capacity change from 0 to 32768 [ 1612.441091][T21215] [ 1612.441091][T21215] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1612.441091][T21215] [ 1612.545969][ T6200] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 1612.626616][T21215] read_mapping_page failed! [ 1612.653966][T21215] ERROR: (device loop5): txAbort: [ 1612.653966][T21215] [ 1612.738363][ T6200] usb 8-1: Using ep0 maxpacket: 32 [ 1612.785732][ T6200] usb 8-1: config 0 has an invalid interface number: 37 but max is 1 [ 1612.805031][ T6200] usb 8-1: config 0 has no interface number 1 [ 1612.818925][ T6200] usb 8-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=20.a3 [ 1612.863927][ T6200] usb 8-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3 [ 1612.897148][ T6200] usb 8-1: Product: syz [ 1612.901484][ T6200] usb 8-1: Manufacturer: syz [ 1612.930775][ T59] ERROR: (device loop5): diWrite: ixpxd invalid [ 1612.930775][ T59] [ 1612.968239][ T6200] usb 8-1: SerialNumber: syz [ 1612.977944][ T59] ERROR: (device loop5): txAbort: [ 1612.977944][ T59] [ 1613.028001][ T59] jfs_write_inode: jfs_commit_inode failed! [ 1613.056786][ T6200] usb 8-1: config 0 descriptor?? [ 1613.106603][ T6150] [ 1613.106603][ T6150] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1613.106603][ T6150] [ 1613.190876][ T6150] [ 1613.190876][ T6150] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1613.190876][ T6150] [ 1613.288960][ T6200] qcserial 8-1:0.37: Qualcomm USB modem converter detected [ 1613.498520][T21326] loop2: detected capacity change from 0 to 64 [ 1613.593972][T21326] hfs: unable to locate alternate MDB [ 1613.606645][T20852] usb 8-1: USB disconnect, device number 2 [ 1613.624435][T20852] qcserial 8-1:0.37: device disconnected [ 1613.639576][T21326] hfs: continuing without an alternate MDB [ 1613.732993][T21340] netlink: 'syz.6.15047': attribute type 6 has an invalid length. [ 1614.413970][T21368] netlink: 56 bytes leftover after parsing attributes in process `syz.3.15055'. [ 1614.543184][T21378] netlink: 8460 bytes leftover after parsing attributes in process `syz.4.15059'. [ 1614.667119][ T6265] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1615.449239][T21420] loop6: detected capacity change from 0 to 256 [ 1615.487189][T21420] exfat: Deprecated parameter 'namecase' [ 1615.600238][T21420] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 1615.854880][T21440] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15079'. [ 1616.081830][T21450] ceph: No source [ 1617.046897][T21489] loop6: detected capacity change from 0 to 1024 [ 1617.068936][T21493] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15098'. [ 1617.418863][T21434] loop4: detected capacity change from 0 to 32768 [ 1617.523723][T21434] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1617.726243][T21434] XFS (loop4): Ending clean mount [ 1617.754009][T21532] netlink: 'syz.6.15102': attribute type 4 has an invalid length. [ 1618.062528][ T6153] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1618.773947][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 1619.008418][T21578] netlink: 'syz.7.15119': attribute type 4 has an invalid length. [ 1619.365761][T21599] netlink: 'syz.2.15125': attribute type 6 has an invalid length. [ 1620.148567][T20918] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1620.767467][T21657] netlink: 12 bytes leftover after parsing attributes in process `syz.7.15141'. [ 1621.017286][T21593] loop5: detected capacity change from 0 to 32768 [ 1621.108272][T21668] netlink: 'syz.3.15143': attribute type 4 has an invalid length. [ 1621.157792][T21593] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1621.180212][T21679] netlink: 40 bytes leftover after parsing attributes in process `syz.7.15146'. [ 1621.277863][T21679] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 1621.464631][T21593] XFS (loop5): Ending clean mount [ 1621.569223][T21696] loop2: detected capacity change from 0 to 512 [ 1621.637659][T21696] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 1621.727921][T21696] EXT4-fs (loop2): orphan cleanup on readonly fs [ 1621.752466][T21696] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.15149: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 1621.764944][ T6150] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 1621.842400][T21696] EXT4-fs error (device loop2): ext4_quota_enable:7130: comm syz.2.15149: Bad quota inode: 3, type: 0 [ 1621.933145][T21696] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 1622.034127][T21696] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 1622.100014][T21696] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1622.636462][ T6149] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1622.854680][T21748] netlink: 'syz.2.15163': attribute type 4 has an invalid length. [ 1622.883171][ T59] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1623.300540][T21757] loop6: detected capacity change from 0 to 1764 [ 1623.301839][T21764] netlink: 'syz.7.15170': attribute type 7 has an invalid length. [ 1623.537094][T21770] netlink: 40 bytes leftover after parsing attributes in process `syz.2.15183'. [ 1623.583735][T21770] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 1623.594083][T21778] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1623.856874][T21789] loop5: detected capacity change from 0 to 64 [ 1623.910574][T21789] hfs: unable to locate alternate MDB [ 1623.915984][T21789] hfs: continuing without an alternate MDB [ 1624.853169][T21838] netlink: 'syz.2.15189': attribute type 49 has an invalid length. [ 1624.896977][T21843] loop5: detected capacity change from 0 to 256 [ 1624.961244][T21843] FAT-fs (loop5): count of clusters too big (178174) [ 1625.009398][T21843] FAT-fs (loop5): Can't find a valid FAT filesystem [ 1625.093689][T21849] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1625.339044][T25280] usb 6-1: new full-speed USB device number 12 using dummy_hcd [ 1625.565364][T25280] usb 6-1: config 0 has an invalid interface number: 199 but max is 1 [ 1625.603007][T25280] usb 6-1: config 0 has no interface number 1 [ 1625.622177][ T59] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1625.639222][T25280] usb 6-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 1625.679715][T25280] usb 6-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1625.713925][T25280] usb 6-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00 [ 1625.752115][T25280] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1625.798220][T25280] usb 6-1: SerialNumber: syz [ 1625.843591][T25280] usb 6-1: config 0 descriptor?? [ 1626.003307][T21893] loop4: detected capacity change from 0 to 512 [ 1626.039850][T21893] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 1626.103961][T25280] usb 6-1: Found UVC 0.00 device (0002:0000) [ 1626.116462][T21893] EXT4-fs (loop4): orphan cleanup on readonly fs [ 1626.129904][T25280] usb 6-1: No valid video chain found. [ 1626.143239][T25280] usb 6-1: USB disconnect, device number 12 [ 1626.154776][T21893] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.15202: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 1626.282715][T21893] EXT4-fs error (device loop4): ext4_quota_enable:7130: comm syz.4.15202: Bad quota inode: 3, type: 0 [ 1626.373061][T21893] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 1626.487615][T21893] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 1626.533931][T21893] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1626.681436][T21921] loop3: detected capacity change from 0 to 1024 [ 1626.853636][T21921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1626.877571][ T6153] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1626.974218][T21921] ext4 filesystem being mounted at /2498/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1627.210706][ T6156] EXT4-fs error (device loop3): ext4_readdir:262: inode #2: block 16: comm syz-executor: path /2498/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0 [ 1627.333959][ T6156] EXT4-fs error (device loop3): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2498/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1627.390025][T21897] loop7: detected capacity change from 0 to 32768 [ 1627.409878][T21897] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.15205 (21897) [ 1627.443550][ T6156] EXT4-fs error (device loop3): ext4_empty_dir:3119: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0 [ 1627.544840][ T6156] EXT4-fs error (device loop3): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2498/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1627.600997][T21897] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1627.636687][T21897] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm [ 1627.644205][ T6156] EXT4-fs error (device loop3): ext4_empty_dir:3119: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0 [ 1627.759746][ T6156] EXT4-fs error (device loop3): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2498/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1627.905913][ T6156] EXT4-fs error (device loop3): ext4_empty_dir:3119: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0 [ 1627.963583][T21889] loop6: detected capacity change from 0 to 32768 [ 1627.972713][ T6156] EXT4-fs error (device loop3): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2498/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1628.069745][T21897] BTRFS info (device loop7): setting nodatasum [ 1628.101579][ T6156] EXT4-fs error (device loop3): ext4_empty_dir:3119: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0 [ 1628.118071][T21897] BTRFS info (device loop7): enabling free space tree [ 1628.126894][T21897] BTRFS info (device loop7): use zlib compression, level 3 [ 1628.139557][T21897] BTRFS info (device loop7): max_inline set to 0 [ 1628.157914][ T6156] EXT4-fs error (device loop3): ext4_readdir:262: inode #11: block 37: comm syz-executor: path /2498/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0 [ 1628.232553][T22011] netlink: 'syz.4.15220': attribute type 1 has an invalid length. [ 1628.242407][T22011] netlink: 'syz.4.15220': attribute type 2 has an invalid length. [ 1628.243726][T21889] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 1628.404352][T21889] (syz.6.15204,21889,0):ocfs2_find_entry:1094 ERROR: status = -117 [ 1628.471336][T21889] (syz.6.15204,21889,1):ocfs2_find_entry:1094 ERROR: status = -117 [ 1628.501178][T21889] (syz.6.15204,21889,1):ocfs2_mknod:505 ERROR: status = -117 [ 1628.513517][T21889] (syz.6.15204,21889,1):ocfs2_mkdir:661 ERROR: status = -117 [ 1628.558635][T19631] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1628.595938][T21978] loop5: detected capacity change from 0 to 32768 [ 1628.720277][T21978] ea_get: invalid extended attribute [ 1628.895262][ T3358] (syz-executor,3358,0):ocfs2_inode_is_valid_to_delete:947 ERROR: Skipping delete of system file 76 [ 1628.973795][ T3358] ocfs2: Unmounting device (7,6) on (node local) [ 1629.028461][T20569] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1629.356873][T22038] loop2: detected capacity change from 0 to 2048 [ 1629.454091][T25280] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 1629.499745][T22038] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1629.667160][T25280] usb 7-1: config 255 has an invalid interface number: 38 but max is 0 [ 1629.697363][T25280] usb 7-1: config 255 has no interface number 0 [ 1629.785968][T22049] sit0: entered promiscuous mode [ 1629.806158][T25280] usb 7-1: New USB device found, idVendor=10b8, idProduct=1ebc, bcdDevice= 1.7d [ 1629.832252][T22049] netlink: 'syz.7.15222': attribute type 1 has an invalid length. [ 1629.845682][ T6149] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1629.860146][T22049] netlink: 1 bytes leftover after parsing attributes in process `syz.7.15222'. [ 1629.860544][T25280] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1629.922853][T25280] usb 7-1: Product: syz [ 1629.937646][T25280] usb 7-1: Manufacturer: syz [ 1629.949251][T25280] usb 7-1: SerialNumber: syz [ 1630.200849][T25280] dvb-usb: found a 'DiBcom STK7070P reference design' in cold state, will try to load a firmware [ 1630.226744][ T30] audit: type=1400 audit(2000001315.512:1421): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=22062 comm="syz.2.15228" [ 1630.257721][T25280] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 1630.310173][T25280] dib0700: firmware download failed at 7 with -22 [ 1630.360519][T25280] usb 7-1: USB disconnect, device number 24 [ 1630.765097][ T6156] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1631.079928][ T6265] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1631.108458][ T59] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1631.169178][ T59] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 1631.195589][T22107] loop2: detected capacity change from 0 to 22 [ 1631.215149][ T30] audit: type=1107 audit(2000001316.420:1422): pid=22103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 1631.283547][T22107] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 1631.441788][T22107] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1631.751605][ T59] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1631.771548][ T59] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 1631.995668][T22124] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1632.073094][T22164] loop6: detected capacity change from 0 to 256 [ 1632.409592][ T59] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1632.485729][ T59] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 1632.746381][ T6200] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 1632.939833][ T6200] usb 8-1: config 255 has an invalid interface number: 38 but max is 0 [ 1632.949019][ T59] team0: Port device netdevsim0 removed [ 1632.960877][ T6200] usb 8-1: config 255 has no interface number 0 [ 1632.986051][ T6200] usb 8-1: New USB device found, idVendor=10b8, idProduct=1ebc, bcdDevice= 1.7d [ 1632.990742][ T59] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1633.020630][ T6200] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1633.051355][ T6200] usb 8-1: Product: syz [ 1633.055610][ T6200] usb 8-1: Manufacturer: syz [ 1633.056300][ T59] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0 [ 1633.072433][ T6200] usb 8-1: SerialNumber: syz [ 1633.251696][T22197] loop6: detected capacity change from 0 to 4096 [ 1633.287368][ T6145] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1633.303062][ T6145] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1633.314769][ T6145] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1633.328739][ T6145] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1633.342174][ T6145] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1633.371485][ T6200] dvb-usb: found a 'DiBcom STK7070P reference design' in cold state, will try to load a firmware [ 1633.385844][ T6200] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 1633.395634][ T6200] dib0700: firmware download failed at 7 with -22 [ 1633.407523][ T6200] usb 8-1: USB disconnect, device number 3 [ 1633.540933][T22197] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1633.605686][T22197] ntfs3(loop6): Failed to load $Extend (-22). [ 1633.613159][T22197] ntfs3(loop6): Failed to initialize $Extend. [ 1633.630732][T22203] lo speed is unknown, defaulting to 1000 [ 1634.318933][T22299] loop6: detected capacity change from 0 to 256 [ 1634.330636][T22190] loop4: detected capacity change from 0 to 40427 [ 1634.383786][T22190] F2FS-fs (loop4): build fault injection rate: 18 [ 1634.390349][T22190] F2FS-fs (loop4): build fault injection type: 0x3bf [ 1634.586133][T20918] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1634.593396][T22190] F2FS-fs (loop4): invalid crc value [ 1634.675283][T22190] F2FS-fs (loop4): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x3428/0x98c0 [ 1634.724847][T22190] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-12) [ 1635.132510][T22353] 8021q: adding VLAN 0 to HW filter on device bond3 [ 1635.293358][T22203] chnl_net:caif_netlink_parms(): no params data found [ 1635.311496][T22404] loop2: detected capacity change from 0 to 64 [ 1635.525754][ T6145] Bluetooth: hci5: command tx timeout [ 1635.595873][T22428] netlink: 'syz.7.15276': attribute type 21 has an invalid length. [ 1635.705326][T22434] binder: 22433:22434 ioctl c0046209 ffffffffff600000 returned -22 [ 1635.903324][ T59] bridge_slave_1: left allmulticast mode [ 1635.909244][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 1636.005254][T22458] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1636.044958][ T59] bridge_slave_0: left allmulticast mode [ 1636.064942][ T59] bridge_slave_0: left promiscuous mode [ 1636.070829][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 1637.052746][T22436] loop4: detected capacity change from 0 to 32768 [ 1637.185068][T22436] JBD2: Ignoring recovery information on journal [ 1637.241782][T28369] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1637.358966][T22436] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 1637.458596][T22436] OCFS2: ERROR (device loop4): ocfs2_claim_suballoc_bits: Chain allocator dinode 73 has 4294901761 used bits but only 0 total [ 1637.477617][T22436] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1637.488373][T22436] OCFS2: File system is now read-only. [ 1637.494475][T22436] (syz.4.15278,22436,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30 [ 1637.506054][T22436] (syz.4.15278,22436,0):ocfs2_claim_metadata:2088 ERROR: status = -30 [ 1637.538515][T22436] (syz.4.15278,22436,0):ocfs2_claim_metadata:2101 ERROR: status = -30 [ 1637.548889][T22436] (syz.4.15278,22436,0):ocfs2_dx_dir_attach_index:2336 ERROR: status = -30 [ 1637.568849][T22436] (syz.4.15278,22436,0):ocfs2_expand_inline_dir:3029 ERROR: status = -30 [ 1637.582233][T22464] loop6: detected capacity change from 0 to 32768 [ 1637.587209][T22436] (syz.4.15278,22436,0):ocfs2_extend_dir:3211 ERROR: status = -30 [ 1637.598173][T22436] (syz.4.15278,22436,0):ocfs2_prepare_dir_for_insert:4316 ERROR: status = -30 [ 1637.607675][T22436] (syz.4.15278,22436,0):ocfs2_mknod:301 ERROR: status = -30 [ 1637.623174][T22436] (syz.4.15278,22436,0):ocfs2_mknod:505 ERROR: status = -30 [ 1637.630864][T22436] (syz.4.15278,22436,0):ocfs2_mkdir:661 ERROR: status = -30 [ 1637.680025][T22464] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1637.741842][ T59] dvmrp1 (unregistering): left allmulticast mode [ 1637.750127][ T6145] Bluetooth: hci5: command tx timeout [ 1637.799452][ T6153] ocfs2: Unmounting device (7,4) on (node local) [ 1637.880862][T22464] XFS (loop6): Ending clean mount [ 1637.935055][T22464] XFS (loop6): Quotacheck needed: Please wait. [ 1638.165285][T22464] XFS (loop6): Quotacheck: Done. [ 1638.366728][ T3358] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1639.273919][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1639.306473][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1639.315575][T20852] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 1639.393215][ T59] bond0 (unregistering): (slave team0): Releasing backup interface [ 1639.433776][ T59] bond0 (unregistering): Released all slaves [ 1639.496276][T20852] usb 6-1: config 255 has an invalid interface number: 38 but max is 0 [ 1639.513652][ T59] bond1 (unregistering): Released all slaves [ 1639.519768][T20852] usb 6-1: config 255 has no interface number 0 [ 1639.548973][T20852] usb 6-1: New USB device found, idVendor=10b8, idProduct=1ebc, bcdDevice= 1.7d [ 1639.579562][T20852] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1639.590099][ T59] bond2 (unregistering): Released all slaves [ 1639.605734][T20852] usb 6-1: Product: syz [ 1639.624873][T20852] usb 6-1: Manufacturer: syz [ 1639.629512][T20852] usb 6-1: SerialNumber: syz [ 1639.646163][ T59] bond3 (unregistering): Released all slaves [ 1639.719836][T22428] netlink: 'syz.7.15276': attribute type 6 has an invalid length. [ 1639.728278][T22428] netlink: 132 bytes leftover after parsing attributes in process `syz.7.15276'. [ 1639.939529][T22568] loop7: detected capacity change from 0 to 256 [ 1639.973322][ T6145] Bluetooth: hci5: command tx timeout [ 1639.996769][T20852] dvb-usb: found a 'DiBcom STK7070P reference design' in cold state, will try to load a firmware [ 1640.049485][T20852] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 1640.072419][T22568] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 1640.099258][T20852] dib0700: firmware download failed at 7 with -22 [ 1640.156049][T20852] usb 6-1: USB disconnect, device number 13 [ 1640.258219][ T59] : left promiscuous mode [ 1640.268308][T22605] loop6: detected capacity change from 0 to 256 [ 1640.421687][T22203] bridge0: port 1(bridge_slave_0) entered blocking state [ 1640.471757][T22203] bridge0: port 1(bridge_slave_0) entered disabled state [ 1640.511733][T22203] bridge_slave_0: entered allmulticast mode [ 1640.546157][T22203] bridge_slave_0: entered promiscuous mode [ 1640.584426][ T59] : left promiscuous mode [ 1640.661637][T28376] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1640.758730][T22203] bridge0: port 2(bridge_slave_1) entered blocking state [ 1640.798220][T22203] bridge0: port 2(bridge_slave_1) entered disabled state [ 1640.859900][T22203] bridge_slave_1: entered allmulticast mode [ 1640.894033][T22203] bridge_slave_1: entered promiscuous mode [ 1641.535609][T22203] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1641.589901][T22203] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1641.650711][T20852] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 1641.900143][T20852] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1641.940471][T20852] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1641.974802][T20852] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1642.015489][T20852] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1642.037038][T22203] team0: Port device team_slave_0 added [ 1642.083127][T20852] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1642.139221][T20852] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1642.157553][T22203] team0: Port device team_slave_1 added [ 1642.192566][T20852] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1642.195947][ T6145] Bluetooth: hci5: command tx timeout [ 1642.250530][T20852] usb 3-1: Product: syz [ 1642.266127][T20852] usb 3-1: Manufacturer: syz [ 1642.362053][T20852] cdc_wdm 3-1:1.0: skipping garbage [ 1642.396410][T20852] cdc_wdm 3-1:1.0: skipping garbage [ 1642.460181][T20852] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 1642.504815][T20852] cdc_wdm 3-1:1.0: Unknown control protocol [ 1642.617739][T14832] usb 3-1: USB disconnect, device number 25 [ 1642.732366][T22203] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1642.772209][T22203] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1642.890877][T22203] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1643.078604][T22203] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1643.106275][T22203] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1643.254099][T22203] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1643.407322][T20918] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1643.954733][T22203] hsr_slave_0: entered promiscuous mode [ 1643.981638][T22203] hsr_slave_1: entered promiscuous mode [ 1644.347747][T22794] loop5: detected capacity change from 0 to 32768 [ 1644.464789][T22794] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1644.468169][ T30] audit: type=1326 audit(2000001328.824:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22918 comm="syz.6.15346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86f778eba9 code=0x7ffc0000 [ 1644.593491][ T30] audit: type=1326 audit(2000001328.862:1424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22918 comm="syz.6.15346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86f778eba9 code=0x7ffc0000 [ 1644.630980][ T30] audit: type=1326 audit(2000001328.871:1425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22918 comm="syz.6.15346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f86f778eba9 code=0x7ffc0000 [ 1644.654411][ T30] audit: type=1326 audit(2000001328.871:1426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22918 comm="syz.6.15346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86f778eba9 code=0x7ffc0000 [ 1644.748718][T22794] XFS (loop5): Ending clean mount [ 1644.787191][T22794] XFS (loop5): Quotacheck needed: Please wait. [ 1644.796933][T22933] loop4: detected capacity change from 0 to 128 [ 1644.889370][T22933] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1645.000507][T22933] ext4 filesystem being mounted at /2482/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1645.066859][T22794] XFS (loop5): Quotacheck: Done. [ 1645.090520][T22820] loop7: detected capacity change from 0 to 32768 [ 1645.145185][T22820] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.15335 (22820) [ 1645.220958][T22933] EXT4-fs warning (device loop4): verify_group_input:136: Cannot add at group 3 (only 1 groups) [ 1645.263594][T22820] BTRFS info (device loop7): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1645.273768][T22820] BTRFS info (device loop7): using xxhash64 (xxhash64-generic) checksum algorithm [ 1645.456084][ T6150] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1645.488669][ T59] hsr_slave_0: left promiscuous mode [ 1645.585518][ T59] hsr_slave_1: left promiscuous mode [ 1645.629675][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1645.637140][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1645.668222][T22820] BTRFS info (device loop7): enabling ssd optimizations [ 1645.693169][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1645.693454][ T6153] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1645.700587][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1645.717010][T22820] BTRFS info (device loop7): enabling free space tree [ 1645.864394][T22820] BTRFS error (device loop7): balance: invalid convert metadata profile single [ 1646.105760][ T59] veth1_macvtap: left promiscuous mode [ 1646.127472][ T59] veth0_macvtap: left promiscuous mode [ 1646.169424][ T59] veth1_vlan: left promiscuous mode [ 1646.209715][ T59] veth0_vlan: left promiscuous mode [ 1646.263261][T19631] BTRFS info (device loop7): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 1646.368378][T23020] loop2: detected capacity change from 0 to 64 [ 1646.728163][ T6337] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 1646.817220][T28376] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1646.957576][ T6337] usb 7-1: New USB device found, idVendor=0471, idProduct=0329, bcdDevice=db.da [ 1646.999810][ T6337] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1647.060613][ T6337] usb 7-1: config 0 descriptor?? [ 1647.124685][ T6337] pwc: Philips SPC 900NC USB webcam detected. [ 1647.447825][T23064] loop4: detected capacity change from 0 to 256 [ 1647.481855][T23067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15368'. [ 1647.496030][T23064] exfat: Deprecated parameter 'namecase' [ 1647.508890][T23064] exfat: Deprecated parameter 'namecase' [ 1647.542625][ T6337] pwc: send_video_command error -71 [ 1647.582510][ T6337] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 1647.647521][ T6337] Philips webcam 7-1:0.0: probe with driver Philips webcam failed with error -71 [ 1647.660103][T23064] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 1647.704092][ T6337] usb 7-1: USB disconnect, device number 25 [ 1648.363299][T23104] netlink: 'syz.7.15373': attribute type 11 has an invalid length. [ 1648.398885][T23104] netlink: 12 bytes leftover after parsing attributes in process `syz.7.15373'. [ 1648.688365][T23117] netlink: 'syz.5.15378': attribute type 3 has an invalid length. [ 1648.720319][T23117] netlink: 'syz.5.15378': attribute type 1 has an invalid length. [ 1648.733902][T23117] netlink: 216 bytes leftover after parsing attributes in process `syz.5.15378'. [ 1648.778048][T23117] NCSI netlink: No device for ifindex 33022 [ 1649.551091][ T6265] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 1649.567749][ T59] team0 (unregistering): Port device team_slave_1 removed [ 1649.674684][ T59] team0 (unregistering): Port device team_slave_0 removed [ 1649.826055][T23151] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.15394'. [ 1650.010843][T25275] IPVS: starting estimator thread 0... [ 1650.121348][T23156] IPVS: using max 23 ests per chain, 55200 per kthread [ 1650.178085][ T59] team0 (unregistering): Port device dummy0 removed [ 1650.414497][T23102] netlink: 'syz.4.15374': attribute type 11 has an invalid length. [ 1650.745678][T23184] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1650.797972][T23178] loop2: detected capacity change from 0 to 256 [ 1650.816101][T23178] exfat: Deprecated parameter 'namecase' [ 1650.821811][T23178] exfat: Deprecated parameter 'namecase' [ 1651.004426][T23178] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 1651.041496][T22203] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1651.168384][T22203] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1651.246556][T23205] loop4: detected capacity change from 0 to 1764 [ 1651.263011][T22203] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1651.370203][T22203] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1651.714231][T22203] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1651.882061][ T59] ================================================================== [ 1651.890206][ T59] BUG: KASAN: slab-use-after-free in __xfrm_state_delete+0x9db/0xa30 [ 1651.898431][ T59] Write of size 8 at addr ffff888040b988a8 by task kworker/u8:4/59 [ 1651.906345][ T59] [ 1651.908679][ T59] CPU: 1 UID: 0 PID: 59 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) [ 1651.908725][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1651.908751][ T59] Workqueue: netns cleanup_net [ 1651.908790][ T59] Call Trace: [ 1651.908804][ T59] [ 1651.908819][ T59] dump_stack_lvl+0x116/0x1f0 [ 1651.908879][ T59] print_report+0xcd/0x630 [ 1651.908913][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.908959][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.909003][ T59] ? __phys_addr+0xe8/0x180 [ 1651.909055][ T59] ? __xfrm_state_delete+0x9db/0xa30 [ 1651.909116][ T59] kasan_report+0xe0/0x110 [ 1651.909152][ T59] ? __xfrm_state_delete+0x9db/0xa30 [ 1651.909211][ T59] __xfrm_state_delete+0x9db/0xa30 [ 1651.909267][ T59] xfrm_state_flush+0x512/0x700 [ 1651.909324][ T59] ? __pfx_xfrm6_tunnel_net_exit+0x10/0x10 [ 1651.909369][ T59] xfrm6_tunnel_net_exit+0x3d/0x160 [ 1651.909411][ T59] ? __pfx_xfrm6_tunnel_net_exit+0x10/0x10 [ 1651.909454][ T59] ops_undo_list+0x2ee/0xab0 [ 1651.909519][ T59] ? __pfx_ops_undo_list+0x10/0x10 [ 1651.909578][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.909624][ T59] ? idr_destroy+0x62/0x2e0 [ 1651.909675][ T59] cleanup_net+0x408/0x890 [ 1651.909713][ T59] ? __pfx_cleanup_net+0x10/0x10 [ 1651.909752][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.909796][ T59] ? rcu_is_watching+0x12/0xc0 [ 1651.909847][ T59] process_one_work+0x9cf/0x1b70 [ 1651.909899][ T59] ? __pfx_process_one_work+0x10/0x10 [ 1651.909941][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.909992][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.910036][ T59] ? assign_work+0x1a0/0x250 [ 1651.910082][ T59] worker_thread+0x6c8/0xf10 [ 1651.910128][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.910174][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.910218][ T59] ? __kthread_parkme+0x19e/0x250 [ 1651.910271][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.910317][ T59] ? __pfx_worker_thread+0x10/0x10 [ 1651.910359][ T59] kthread+0x3c5/0x780 [ 1651.910395][ T59] ? __pfx_kthread+0x10/0x10 [ 1651.910433][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1651.910476][ T59] ? rcu_is_watching+0x12/0xc0 [ 1651.910523][ T59] ? __pfx_kthread+0x10/0x10 [ 1651.910561][ T59] ret_from_fork+0x56d/0x730 [ 1651.910596][ T59] ? __pfx_kthread+0x10/0x10 [ 1651.910633][ T59] ret_from_fork_asm+0x1a/0x30 [ 1651.910691][ T59] [ 1651.910704][ T59] [ 1652.146920][ T59] Allocated by task 19607: [ 1652.151331][ T59] kasan_save_stack+0x33/0x60 [ 1652.156047][ T59] kasan_save_track+0x14/0x30 [ 1652.160754][ T59] __kasan_slab_alloc+0x89/0x90 [ 1652.165635][ T59] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 1652.171215][ T59] xfrm_state_alloc+0x23/0x5c0 [ 1652.176018][ T59] __find_acq_core+0xb59/0x2900 [ 1652.180902][ T59] xfrm_find_acq+0x7b/0xa0 [ 1652.185343][ T59] xfrm_alloc_userspi+0x58e/0xbb0 [ 1652.190395][ T59] xfrm_user_rcv_msg+0x58e/0xc00 [ 1652.195355][ T59] netlink_rcv_skb+0x158/0x420 [ 1652.200123][ T59] xfrm_netlink_rcv+0x71/0x90 [ 1652.204813][ T59] netlink_unicast+0x5aa/0x870 [ 1652.209578][ T59] netlink_sendmsg+0x8d1/0xdd0 [ 1652.214345][ T59] ____sys_sendmsg+0xa98/0xc70 [ 1652.219119][ T59] ___sys_sendmsg+0x134/0x1d0 [ 1652.223817][ T59] __sys_sendmsg+0x16d/0x220 [ 1652.228428][ T59] do_syscall_64+0xcd/0x4e0 [ 1652.232934][ T59] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1652.238837][ T59] [ 1652.241153][ T59] Freed by task 20852: [ 1652.245209][ T59] kasan_save_stack+0x33/0x60 [ 1652.249905][ T59] kasan_save_track+0x14/0x30 [ 1652.254605][ T59] kasan_save_free_info+0x3b/0x60 [ 1652.259640][ T59] __kasan_slab_free+0x60/0x70 [ 1652.264433][ T59] kmem_cache_free+0x2d1/0x4d0 [ 1652.269214][ T59] xfrm_state_gc_task+0x50a/0x770 [ 1652.274259][ T59] process_one_work+0x9cf/0x1b70 [ 1652.279203][ T59] worker_thread+0x6c8/0xf10 [ 1652.283802][ T59] kthread+0x3c5/0x780 [ 1652.287876][ T59] ret_from_fork+0x56d/0x730 [ 1652.292471][ T59] ret_from_fork_asm+0x1a/0x30 [ 1652.297250][ T59] [ 1652.299569][ T59] The buggy address belongs to the object at ffff888040b98880 [ 1652.299569][ T59] which belongs to the cache xfrm_state of size 928 [ 1652.313535][ T59] The buggy address is located 40 bytes inside of [ 1652.313535][ T59] freed 928-byte region [ffff888040b98880, ffff888040b98c20) [ 1652.327268][ T59] [ 1652.329604][ T59] The buggy address belongs to the physical page: [ 1652.336013][ T59] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888040b98880 pfn:0x40b98 [ 1652.346085][ T59] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1652.354681][ T59] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1652.362228][ T59] page_type: f5(slab) [ 1652.366211][ T59] raw: 00fff00000000040 ffff8881422d0500 dead000000000122 0000000000000000 [ 1652.374806][ T59] raw: ffff888040b98880 00000000800f000b 00000000f5000000 0000000000000000 [ 1652.383416][ T59] head: 00fff00000000040 ffff8881422d0500 dead000000000122 0000000000000000 [ 1652.392090][ T59] head: ffff888040b98880 00000000800f000b 00000000f5000000 0000000000000000 [ 1652.400762][ T59] head: 00fff00000000002 ffffea000102e601 00000000ffffffff 00000000ffffffff [ 1652.409436][ T59] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 1652.418104][ T59] page dumped because: kasan: bad access detected [ 1652.424506][ T59] page_owner tracks the page as allocated [ 1652.430213][ T59] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 18895, tgid 18894 (syz.4.5702), ts 838556250425, free_ts 831544528617 [ 1652.449680][ T59] post_alloc_hook+0x1c0/0x230 [ 1652.454471][ T59] get_page_from_freelist+0x132b/0x38e0 [ 1652.460037][ T59] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1652.465958][ T59] alloc_pages_mpol+0x1fb/0x550 [ 1652.470832][ T59] new_slab+0x247/0x330 [ 1652.475029][ T59] ___slab_alloc+0xcf2/0x1750 [ 1652.479738][ T59] __slab_alloc.constprop.0+0x56/0xb0 [ 1652.485138][ T59] kmem_cache_alloc_noprof+0xef/0x3b0 [ 1652.490537][ T59] xfrm_state_alloc+0x23/0x5c0 [ 1652.495315][ T59] xfrm_add_sa+0x1283/0x5c50 [ 1652.499935][ T59] xfrm_user_rcv_msg+0x58e/0xc00 [ 1652.504914][ T59] netlink_rcv_skb+0x158/0x420 [ 1652.509678][ T59] xfrm_netlink_rcv+0x71/0x90 [ 1652.514366][ T59] netlink_unicast+0x5aa/0x870 [ 1652.519129][ T59] netlink_sendmsg+0x8d1/0xdd0 [ 1652.523892][ T59] ____sys_sendmsg+0xa98/0xc70 [ 1652.528673][ T59] page last free pid 6156 tgid 6156 stack trace: [ 1652.534996][ T59] __free_frozen_pages+0x7d5/0x10f0 [ 1652.540213][ T59] bch2_fs_btree_iter_exit+0x282/0x5f0 [ 1652.545698][ T59] bch2_fs_release+0x181/0xa10 [ 1652.550488][ T59] kobject_put+0x1e7/0x5a0 [ 1652.554911][ T59] deactivate_locked_super+0xc1/0x1a0 [ 1652.560310][ T59] deactivate_super+0xde/0x100 [ 1652.565108][ T59] cleanup_mnt+0x225/0x450 [ 1652.569547][ T59] task_work_run+0x150/0x240 [ 1652.574144][ T59] exit_to_user_mode_loop+0xeb/0x110 [ 1652.579436][ T59] do_syscall_64+0x41c/0x4e0 [ 1652.584031][ T59] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1652.590110][ T59] [ 1652.592423][ T59] Memory state around the buggy address: [ 1652.598043][ T59] ffff888040b98780: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 1652.606110][ T59] ffff888040b98800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1652.614172][ T59] >ffff888040b98880: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1652.622231][ T59] ^ [ 1652.627601][ T59] ffff888040b98900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1652.635661][ T59] ffff888040b98980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1652.643721][ T59] ================================================================== [ 1652.651849][ T59] Kernel panic - not syncing: kasan.fault=panic_on_write set ... [ 1652.659570][ T59] CPU: 1 UID: 0 PID: 59 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) [ 1652.668863][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1652.679012][ T59] Workqueue: netns cleanup_net [ 1652.683799][ T59] Call Trace: [ 1652.687076][ T59] [ 1652.690012][ T59] dump_stack_lvl+0x3d/0x1f0 [ 1652.694638][ T59] vpanic+0x6e8/0x7a0 [ 1652.698648][ T59] ? __pfx_vpanic+0x10/0x10 [ 1652.703186][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1652.708833][ T59] ? mark_held_locks+0x49/0x80 [ 1652.713630][ T59] ? __xfrm_state_delete+0x9db/0xa30 [ 1652.718935][ T59] panic+0xca/0xd0 [ 1652.722684][ T59] ? __pfx_panic+0x10/0x10 [ 1652.727131][ T59] ? _raw_spin_unlock_irqrestore+0x31/0x80 [ 1652.732970][ T59] end_report+0x159/0x170 [ 1652.737310][ T59] kasan_report+0xee/0x110 [ 1652.741733][ T59] ? __xfrm_state_delete+0x9db/0xa30 [ 1652.747045][ T59] __xfrm_state_delete+0x9db/0xa30 [ 1652.752189][ T59] xfrm_state_flush+0x512/0x700 [ 1652.757068][ T59] ? __pfx_xfrm6_tunnel_net_exit+0x10/0x10 [ 1652.762895][ T59] xfrm6_tunnel_net_exit+0x3d/0x160 [ 1652.768108][ T59] ? __pfx_xfrm6_tunnel_net_exit+0x10/0x10 [ 1652.773932][ T59] ops_undo_list+0x2ee/0xab0 [ 1652.778558][ T59] ? __pfx_ops_undo_list+0x10/0x10 [ 1652.783696][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1652.789351][ T59] ? idr_destroy+0x62/0x2e0 [ 1652.793879][ T59] cleanup_net+0x408/0x890 [ 1652.798308][ T59] ? __pfx_cleanup_net+0x10/0x10 [ 1652.803278][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1652.808996][ T59] ? rcu_is_watching+0x12/0xc0 [ 1652.813790][ T59] process_one_work+0x9cf/0x1b70 [ 1652.818757][ T59] ? __pfx_process_one_work+0x10/0x10 [ 1652.824158][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1652.829830][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1652.835484][ T59] ? assign_work+0x1a0/0x250 [ 1652.840089][ T59] worker_thread+0x6c8/0xf10 [ 1652.844697][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1652.850359][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1652.856039][ T59] ? __kthread_parkme+0x19e/0x250 [ 1652.861124][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1652.866777][ T59] ? __pfx_worker_thread+0x10/0x10 [ 1652.871901][ T59] kthread+0x3c5/0x780 [ 1652.875988][ T59] ? __pfx_kthread+0x10/0x10 [ 1652.880581][ T59] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1652.886310][ T59] ? rcu_is_watching+0x12/0xc0 [ 1652.891152][ T59] ? __pfx_kthread+0x10/0x10 [ 1652.895749][ T59] ret_from_fork+0x56d/0x730 [ 1652.900345][ T59] ? __pfx_kthread+0x10/0x10 [ 1652.904944][ T59] ret_from_fork_asm+0x1a/0x30 [ 1652.909739][ T59] [ 1652.913100][ T59] Kernel Offset: disabled [ 1652.917426][ T59] Rebooting in 86400 seconds..