last executing test programs: 10m55.593373884s ago: executing program 1 (id=264): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x38, r1, 0x1, 0xffffff80, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x80}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x38}}, 0x0) 10m55.060970092s ago: executing program 1 (id=267): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7e9, &(0x7f00000017c0)="$eJzs3c1rHG8dAPDvbF42SauJIGh7CggaKN2YGlsFDxEPIlgo6Nk2bLahZpMt2U1pQqDpQfAiqHgQ9NKzL/UgePXlqv+EeJAW0TRYT7oys7t53d0kbXa3/fXzgck8M/PMPPPN88yzz+4MuwF8sKbTP7mIKxHxwyRisrk+iYiRLDUcsdDI93p3u5hOSdTr3/pnkuX57aWDYyXN+aXmwqcj4o/fi7iWO17qeHNeLq03U7O11Yez1c2t6w9WF5dLy6W1m3Pz8zduffHWzZN7val//2Xr8ssfff1zv14Yjk89/8GfkliIy81te7vbxbc8/AnTMd38n4yk/8IjvnbRhQ1YMugT4I2kl+ZQ4yqPKzEZQ1mqg7e9AAGAd8KTiKgDAB+Y5LTX/yFDBAD4aGl9DrC3u11sTYP9RKK//vHViBhrxN+6v9nYMty8ZzeW3Qed2EuO3BlJImLqAsqfjoif/+47v0yn6NF9SIB2dp425nu7+WP9f5L2f6OnHyHfccvnu+1Wb+w3fWy1/g/65/fp+OdLJ8d/V/cf6BnL/h4b/4zl21y7b+L06z/3osOuZ+ibTpeO/75y6Nm2g/Hf/kNrU0PNpY9lY76R5P6Dcint2z4eETMxkk+X57Ks7Z+Cmnn131edyj88/vvXj7/7i7T8dH6QI/diOB/1xnN5/8vG60uLtcWLiD2L/2nE1eF28Sf749/kSP0v7Ed6p+NRj1bNN778/Z91ypnGn8bbmk7G31v1ZxGfbVv/B3WZdH0+cTZrDrOtRtHGb/7204lO5R/Ufz6bp+W33gv0Q1r/E93jn0pT1c2tlcVyubRePX8Zf342+YdO2w63//bxZ+3/iLT9jybfztKtlvZ4sVZbn4sYTb55cv2Ng31by638afwzn2l//bdv/42+IH1PeG9/qbvhl6O/ah6qbfyZnU7x91Ya/9K56r9Lot7c59im569XhjqVf7b6n89SM801Z+n/TjnTt2jNAAAAAAAAAAAAAAAAAAAAAAAAAHB+uYi4HEmusJ/O5QqFxm94fzImcuVKtXbtfmVjbSmy38qeipFc66suJw99H+pc8/vwW8s3ji1/ISI+ERE/yY9ny4Vipbw06OABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOnS0d//f5LOCoXGtr/nB312AEDPjA36BACAvvP6DwAfnvO9/o/37DwAgP459/v/etKbEwEA+ubMr//3enseAED/uP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAj925fTud6v/Z3S6my0uPNjdWKo+uL5WqK4XVjWKhWFl/WFiuVJbLpUKxstrxQDuNWblSeTgfaxuPZ2ulam22url1d7WysVa7+2B1cbl0tzTSt8gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oyqm1sri+VyaV2iS2K8NN45TxIRAz/D0xJpXV/kAYff0ZB3/jqSteuumWPqvWn8o13yJBdZ1vjxNYd7ifFBdE0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA74X/BwAA///YTBJy") r0 = open(&(0x7f0000000480)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000100)=ANY=[@ANYBLOB="000000004c9002000000000003000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"]) 10m54.090877182s ago: executing program 1 (id=271): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000005c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000580)={0xffffffffffffffff}, 0x2, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000200)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000900)=[{0x20, 0x0, [0x8bc5, 0x6, 0x8, 0x6ab, 0x101, 0xca0, 0x9, 0x6, 0x1, 0xf8, 0x7, 0xfffff001, 0xeb6, 0x8, 0x9, 0x45ab]}, {0x2b, 0x0, [0x6, 0xffffff81, 0xd408, 0x3, 0x9, 0x9, 0x3ff, 0x8, 0x7, 0xffff367d, 0x2, 0x7, 0x6, 0x401, 0xb8, 0x7]}], r1, 0x1, 0x1, 0x90}}, 0x20) 10m52.407941803s ago: executing program 1 (id=276): syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000f00)='./file1\x00', 0x208800, &(0x7f0000003100)=ANY=[], 0x2, 0xf04, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0T8MT0gKiGKhDhVHKi4UCqlSK0EqlShntqeWvXWE+qFSlUqBfXQRkpc2X5vvX72sOuxPbv2/n7St2/fvNn5vslazsx49m0AhlZj5fHkydkihHc/fefRl58qfru87K72GkdWHovYa4UQmh39Itve53HBtSsvndmsLcLxlcfUD49dbr92MoSwGI6Ez0IrfDS/8OWH7z1y9OPXJ2556+Izr+zS7rfl+wEAAPvRpT8v/P2+f/7pgZmrlw6fDuPt5en4vBX7k/G4/1g8UE7Hy42wvl90RKexbL2RGI1svZFsvdEsz2hJvma2nWbJemNd8o10LNtsPwEAAGAvSue1rVA05tb1G425udXz/mWfT48Vc8+dXzh3oU+FAgAAAJX959WVm26FEEIIIUSt0RyAGoQQQgxTLE33+woEAAAAMGzy+cI2WNzZmbraW2v1lv/yw43NXw87oO6ff/n3Vv4PXvMbBwCA6vbr0WTar3QcneYxyOcRHMlet9Xj/0a2ndEt1lk2r+C65cXgvk1l9ef/roOqrP6tvo/9UlZ/Ph/moCqrP5+nc1CV1T9ecx1VldU/UXMdVZXVf6DmOqoqq/9gzXVUVVb/ZM11VFVW/1TNdVRVVv8NNddRVVn9h2quo6qy+vfKbbVl9bdqrqOqsvpnaq6jqrL6b6y5jqrK6r+p5jqqKqv/5prr6Jc7Y5v+HQ5n453nz/k53V45xwMAAIBh9z/z/wkhhBAbYuU+iAGoQ4j9HcUA1CC+Ktp/7xuAWoQQ249X+3r1AQAAABgE6XMB6QPoS1EaH+kyPho/S7QyPrG2Qhpvdnn9WJfx8S7jAAAAQAi/e+PcbW8Xa5/z3+58eB3zRl0PFeYxyie622r+7c57tt38e2XeMgAAAIZL8b3Prt//6PsvzFy9dPh0x9nv9Xi+m+YBHY3XBj6J/XRfwFTWL9I59On1eRol6+XXB24o297j29xRAAAAGGLp/L0VisZcx3l3KzQac3Nr5+OzoVmcO79w9ljsp+9n+eN0c3x5+UM11w0AAAD0bu18f/Pz//Q9vrNhrJh77vzCuQur/an28maj87rA9NryovO6QCtbfrxk+YnYT9/f+YPpAyvL5878cOGpnd55AAAAGBIXXrz4zJMLC2d/5IknnnjSftLv30wAAMBO++KLd5o/PjH1+9XP/6/Nf5c+/38k9ltxbr+/xBXSfQLpcwAbPq//xPo802XrPb9+vVa23kiM8azuiY7tLDuQvW6mLF9r/XbGSvJNZvmmsnz5PAWj2fop36FseT4/YVpvOluez8M4muUosvx3BwAAACg3/8Kzz89fePHig+efffLps0+ffe7E8VPfPXXq2EPfeWh+5b7++c67+wEAAIC9aO2m335XAgAAAAAAAAAAAAAAAAAAAMOrjq8T6/c+AgAAwLD796shhEUhhKgcS+P9r0EIIYQQQog9Eyvf7V5/3ka/rz8AAAAAw+falZfOhDARQlhuN7FY7Gi+9tZaq831K6t5Uzv14N9mliOtdvnhkXWvP7ij1TDsrsWfu9RusMM///LvrfwfvLaz+SfSk55//2WXjE9Xy3vv/C9nO/PfPtpj/nz/H6+W/2iW/97QW/6l97P8T1TLf1+W/2CP+Tfs//PV8t8f88/G/tF7es2//v0fj23ajwM95v92tv9PhV7zZ/vf6jFh5oGYHwCG0X69ASAdJaTj6MnYT/sbDzfDSPa6rR7/N7LtjG678vXbTcdBt8Z+Ol6ayvImW61/MtveDRXrzOV1Daqy+nfqfdxtZfU3a66jqrL6x2quo6qy+sdrrqOqsvonaq6jqrL6ez0P7bey+vfKdeWy+idrrqOqsvqnaq6jqrL6t/r/eL+U1X+o5jqqKqt/uuY6qiqrv+JltdqV1T9Tcx1VldV/Y811VFVW/00111FVWf0311xHv9wR27Lz4XT+OR3HUr+V9cc3+bfcr9cWAAAAYK/519DO/xevdPS9DiGEEELs1ZgY9GOJZFe2P7rL2xd1x3+XVvW7DiHE7sXSUt1XHBgku/tpZgAGld//w837P9y8/8PN+89XSffwF1k/GekyPtplvNllfCwbz39ex7uM35Rtdyld14xu7jL+tS7jh7qM39plfLbL+G1dxm/vMn5Hl3EAAACGwy2xdX4IAAAA+9fLv/rkzd/c+8SVmauXDp8OYxvmnT8W++Pxb+tvxH4+733SjH/z/0ns/yK2f4jtP7L13X8CAAAAuy99T4y//wMAAMD+lb6n1Pk/AAAA7F8zsXX+DwAAAPvXjbF1/g8AAAD7WDGx+eLYpusCd8e213n9AIDB9/XY3hnbw7G9K7bfiG06Drgntt+sqT4AYOf8/Ps/PfV2sTbf/4ls/FpcntoNFlevFBSN9TP5H4jtwdh+q8d68u8D6DV/cqjHPLuVf3qb+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/aOx8njy5GwRwrufvvPoz8be/OvysrvaaxxZeSxirxVCaLZfl0bX+r+OK1678tKZzvZ6bItwPBShaC8Pj11uZ5oMISyGI+Gz0AofzS98+eF7jxz9+PWJW966+Mwru/hPsG7/AAAAYD/6fwAAAP//ScMebw==") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3813009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@uuid_null}]}) 10m50.872959711s ago: executing program 1 (id=281): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x106, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000003c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e28, 0x711, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x206}, {0xa, 0x4e21, 0x0, @loopback, 0x1ff}, r1, 0x8}}, 0x48) 10m49.399265155s ago: executing program 1 (id=286): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a18010000060a0b0400000000000000000200000034000480300001800a0001006d617463680000002000028008000240000000030b000100736f636b6574000005000300d60000000900010073797a30000000000900020073797a3200000000b70007"], 0x140}, 0x1, 0x0, 0x0, 0x40480e0}, 0x4008014) 10m47.368387923s ago: executing program 32 (id=286): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a18010000060a0b0400000000000000000200000034000480300001800a0001006d617463680000002000028008000240000000030b000100736f636b6574000005000300d60000000900010073797a30000000000900020073797a3200000000b70007"], 0x140}, 0x1, 0x0, 0x0, 0x40480e0}, 0x4008014) 6m56.685020087s ago: executing program 2 (id=1497): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r0, 0x0, 0x0) 6m55.829082425s ago: executing program 2 (id=1501): io_setup(0x222, &(0x7f0000000180)=0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x4000000044402, 0x0) io_submit(r0, 0x2, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x6417, r1, 0x0, 0x0, 0x6ed}, &(0x7f00000000c0)={0x0, 0x0, 0xf4, 0x0, 0x89, r1, 0x0, 0x0, 0x7}]) 6m54.88734956s ago: executing program 2 (id=1504): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x4, 0x0, {}, [@TIPC_NLA_BEARER={0x10, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xb, 0x1, @l2={'eth', 0x3a, 'lo\x00'}}]}]}, 0x24}}, 0x0) 6m54.192616815s ago: executing program 2 (id=1507): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000580)={[{@nomblk_io_submit}, {@journal_dev={'journal_dev', 0x3d, 0x3f2}}, {@noload}]}, 0x3, 0x482, &(0x7f0000001240)="$eJzs3M9rHFUcAPDvTLJpY6qJtf5q/RGtYhFNmrZqDx5UFDxUEBTU45LEUptWaSLYEjD1UE8ignfx6L/gSS8ingSvepdCkV5sPa3Mzkyym2w22XQ3W93PB7b9vvmR974783bfzNvdAAbWZPZPErEvIn6PiPG82LzBZP7fjevLszevL88mUau99VdS3+7v68uz5ablfmONhUjiUIt6Fy9eOltdWJi/UJSnl859NL148dKzZ85VT8+fnj9/7OTJE8dnXnj+2HNdyXMs0iJ6/b2v3jj1RVP+6/Loksl2K5+s1bpcXX/d2RAP97EddGaoOF6Vev8fj6GGozcer322Wvi0Tw0EeqZWq9XGNl+9UgP+x5JoLuvyMCjKN/ry+rfVdfBLPRt99N+1l/MLoCzvG8UjXzO8esegsu76tpsmI+LdlX++yR7Rm/sQAABNfsjGP89ko53l2WzssTb+SOO+hu3uKuaGJiLi7ojYHxH3xPk4EBH3RtS3vT8iHuiw/oZJkvowc+P4J7264+S2IRv/vVjMbTWP/8rRX0wM1UsX80JUkvfPLMwfLZ6TI1HZk5Vn2tTx46u/fbnZusbxX/bI6i/HgkU7rg7vad5nrrpU3XnGza5djjg43Cr/ZHUmIImIByPiYKs/kG5dx5mnv3tos3Vb599GFyaaat9GPJUf/5VYl38paT8/Ob03FuaPTpdnxUa//Hrlzc3qX5f/3ugk/y7Ijv8dLc//1fwnksb52sXO67jyx+ebXtNMVoqgg/N/pbpUHUnerscjxbJPqktLF2YiRpJTeaMblx9b27csl9tn+R853Lr/74+1Z+JQRGQn8cMR8UhEPFocu8ci4vGIONwm/59feeKD9ctGy/xv5fzvgiz/uY6O/1owEs1L0hbbZMHQ2Z++b6p0Yi0s8r/Z/vXvRD06UizZzuvfxla0Dm71+QMAAID/gjQi9kWSTq3GaTo1lX+G/0A+9Z35+Pxc/h2Biaik5Z2u8Yb7oTPFZX1evhwR+UcLyvXHI63fN/56aLRenpr9cGGur5kDY5v0/8yfQ/1uHdBzvrAFg0v/h8HVtv9Xdq8dwO7b0P/b9vk9PW0LsLtavP+P9qMdwO5rNf73ez8wGNb1f9N+MEDc/4fBpf/D4NL/YSAtjsbWX5JvG5R/aYe7bxWMR+y8hRGx0uX2bDuISh8q3cUg0p5XMdLbU6tnQbKzNidxOzS+oe9s4Z02PxwOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwu/g3AAD//0C6yvY=") syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}]}) 6m52.94144671s ago: executing program 2 (id=1514): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4}) ioctl$sock_netdev_private(r0, 0x89f4, &(0x7f0000000000)) 6m52.021296442s ago: executing program 2 (id=1520): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x9, 0x5, 0x81, 0xffffffff}) setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000002000000000000210d0000aaa8fa017242ba9380d440fe0000000000002900000003000000", 0xfe60) 6m50.032093019s ago: executing program 33 (id=1520): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x9, 0x5, 0x81, 0xffffffff}) setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000002000000000000210d0000aaa8fa017242ba9380d440fe0000000000002900000003000000", 0xfe60) 6m6.075701659s ago: executing program 4 (id=1736): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000180)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000001300)=[{&(0x7f0000000240)="27050200340f3c000600002fb96dbcf706060000170000005f45f491bdd54ec5ff1144ee162fd4b8bf7256da82f600102c21880b00000000010040570000000600000000000000", 0x47}, {&(0x7f00000002c0)="1c393502dda1a6", 0x7}], 0x2}, 0x9cdc2384016f48f8) 6m5.395257922s ago: executing program 4 (id=1741): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001980)={0x50, r1, 0x1, 0x4, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x100}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vcan0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x48c1}, 0x0) 6m4.727816528s ago: executing program 4 (id=1745): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000280)='./bus\x00', 0x120c841, &(0x7f0000000100)=ANY=[@ANYBLOB="757466383d312c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c696f636861727365743d73703836322c696f636861727365743d63703433372c73686f72746e616d653d77696e39352c756e695f786c6174653d312c756e695f786c6174653d302c757466383d302c756e695f786c6174653d302c003c24d06816418f4be78ed4fbfe47efc82f966a602a8db43ad053c978bbd3501706515140ef63c2a58653ced497550b22917b09702604bc162c57e05beec5bb0c11fc2f9238b25e4527e24bab534e9ba458d92a597c3fee89f57053a4a1535771c9877b3ab101fb26937779cff75a95a296fafddf11280fafeb9bd5f2da4a88b43f3e4d5b1a9aed1f659d88f914548fba990603b0d4f14adda86d459c62701d3d6f007c7e50da9608a03eff5843f6739a8ec5ff33791394a5c075018b5d92bbd7d9874589f3561fbdfc44653bb6c56b522a3413"], 0x3, 0x394, &(0x7f0000000700)="$eJzs3T+IHNUfAPDv3uz9+5H87gpBFITRTtCQREG08Y5wgeA2UZaohbiYRMPtKeRwMSmyORuxFFJqZWehhUU6G1GRdBa2RpCoWGi6gCEjszO7O3N7Z4JhE4OfT7F8773v982b3bnbd3Psu1dXYv34bJy8evVKLCw0orlyaCWuNWI5khg6H5PmdmgDAO4N17Is/sgKEV/cSklj+rMCAKZp8P7/+t5Ky7tfj+OvJvKz4t1/9k7MDQCYjvL3/8VqW7ItZ2GianHa0wIApqh+/z8iHplIqfypvzmxNgAA7j0vvPTyc6utiOfTdCFi471eu9eOZ8b9qyfjVHTjROyPpbgeUSwU8ofG4PHwkdba/jRN+/HzcrTzil47YqPfaxcrhdVkUD8fB2Iplsv6crWRZVly+PPW2oF0ICLO93uz+SgbjV57dnCXYXUxTv3wvzgRByON+ybqI4601kZrknZ+3MHxZyO2xvct8vnvi6X47rV4K7pxPPLa4bKmtXbuQJoeylp7GuP6fq89P8grTN4BAQAAAAAAAAAAAAAAAAAAAACA27Gv2Htnb5qmy6P9c7Lx/j37yoRafzOi2OtntD/QVrE/UDafRZb9/s7j7feTqO0PNNjgp7a/TjNm7u6pAwAAAAAAAAAAAAAAAAAAwL/G5pm56HS7J05vnjm7Xg36pzfPzERE3vLmt59+uRj1nMVygHpVLWiWKZWudFyVJcPkLKnllEGSH7zRLFo+uTiacSWnchbj8plxzvy2rlqw9+GfPjy7PhzhoWRYdWOck8SO53U2qU+jFmz8vxhw2HJh9+dnMjh4k5zLWZbtVn7ulcmqaEQ0d53qPwyyPPjmyhsPPLE5vAiywqOPLR27fOHjX9c73fzIuW537vTm9Wy9U36988U2EcwPL5ukcv00youtUb0Smp0nbxzds8vIW/WWTvL9by8++MGlsmWm8jLtMI3s2KVxy9s75CTFQT/b3jVXBPk0R13P5kH+HE2MM/wuuenT8lTc1gt3/0crnYvnfvzlVqsqPyRs1AEAAAAAAAAAAAAAAAAAAHdE5bPipfLDvrN/V/X00enPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADunPH//x8FMbO1reXWgj/7MWw5FsOu+XzAmKsccfkuni0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9VfwUAAP//OoRXdA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x165) getdents64(r0, &(0x7f0000000300)=""/193, 0xc1) 6m2.548036658s ago: executing program 4 (id=1756): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2DbiUIqE4FQJKPcSEieK4sRR7LRNVEEqPgASQoDECS5ckPgASKgSF44IqRKcQYBACFo4cIDOyvY4TVM7cVs3TuPfT5rMmzfz/H/P0YznzTzNBDC03oqIqxHxKE3TCxExnuXnsil2WlNju4cP7sw3piTS9Po/k0iyvPZnJdn8bFbsdER87csR30yejlvb2l6Zq1TKG9lyqb66XqptbV9cXp1bKi+V12Zmpi/NXp59b3aqL+08FxFXvvjXH3z3Z1+68qvP3PrTjb+f/1ajWmPZ+r3teEb5g1a2ml5ofhd7C2w8Z7DjKN9sYWa00xYjT+Xcfcl1AgCgs8Y5/gcj4pMRcSHGY+Tg01kAAADgFZR+fiz+l0SknZ3qkg8AAAC8QnLNMbBJrpiNBRiLXK5YbI3h/XCcyVWqtfqnF6ubawutsbITUcgtLlfKU9lY4YkoJI3l6Wb68fK7+5ZnIuL1iPj++GhzuThfrSwM+uIHAAAADImz+/r//xlv9f8BAACAE2Zi0BUAAAAAXjr9fwAAADj59P8BAADgRPvKtWuNKW2//3rh5tbmSvXmxYVybaW4ujlfnK9urBeXqtWl5jP7Vg/7vEq1uv7ZWNu8XaqXa/VSbWv7xmp1c61+Y/mJV2ADAAAAR+j1j9/7QxIRO58bbU4Np3or2uNmwHGV300l2bzDbv3H11rzvxxRpYAjMTLoCgADkx90BYCBKQy6AsDAJYes7zp457fZ/BP9rQ8AANB/kx/tfv8/d2DJnYNXA8eenRiGl/v/MLya9/97HcnrZAFOlIIzABh6L3z//1Bp+kwVAgAA+m6sOSW5YnZ5byxyuWIx4lzztQCFZHG5Up6KiNci4vfjhQ80lqebJZND+wwAAAAAAAAAAAAAAAAAAAAAAAAAQEuaJpECAAAAJ1pE7m/Jr1vP8p8cf2ds//WBU8l/xyN7ReitH1//4e25en1jupH/r938+o+y/HcHcQUDAAAAhsIzvcC/3U9v9+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ8ePrgz356OMu4/vhARE53i5+N0c346ChFx5t9J5PeUy0XESB/ijzb+fKRT/KRRrd2Q++Mn7bIvaOfugfFjIvsWOsU/24f4MMzuNY4/Vzvtf7l4qznvvP/lI55Yfl7dj3+xe/wb6bL/n+sxxhv3f1HqGv9uxBv5zsefdvykS/y3e4z/ja9vb3dbl/4kYrLj70/yRKxSfXW9VNvavri8OrdUXiqvzcxMX5q9PPve7FRpcblSzv52jPG9j/3y0UHtP9Ml/sQh7X+nx/b///7tBx9qJQud4p9/u0P83/w02+Lp+O3fvk9l6cb6yXZ6p5Xe682f/+7Ng9q/0KX9h/3/z/fY/gtf/c6fe9wUADgCta3tlblKpbxxYhONXvoxqIbEMUx8u68fmKZp2tinXuBzkjgOX0szMegjEwAA0G+PT/oHXRMAAAAAAAAAAAAAAAAAAAAYXkfxOLH9MXd2U0k/HqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAX7wcAAP//ZWfZVg==") r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$binfmt_register(r0, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x4f]}, 0x2c) 6m0.302294032s ago: executing program 4 (id=1765): syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[], 0xa, 0x234, &(0x7f0000000140)="$eJzs279rE2Ecx/HPXS7pNdpWrDqIQlGsLjb+mBxE3Tr1H+hU2qjFE6tVsEWwWdRB6OTm4iQIDo4idRMn/wAHwU0pdgg4OfTkzvvR5JLmB5ecpO/X0ueez/Pkee7oJd82iQDsWVc1IUOGCt7BMfvA+riR9ZYA9Ikb/Ny23JgZhgAG282RrHcAIBtb16SXp6Rf1UfzyhXCssCrAL5tStqYfKo1Bbk5JOn1F8mK6oetinTUCnLD1nB9ffFKOh3ON4q14UNbqkjFKN+3IxyWKq7/+GdOhuvv14hGNZb38oMaD9ZfiOYfaVnvWJ2XSAAADBxDU63yXQeYur7olM81zfN+fr5pXvDzCy3yi9HxUNSafTHz4IN7edvLp+bvOAu7bRNAA2YX9//X43E71+L+t5rc//V/JwDov+WV1VtzjuM+lvxG+V7QEzTC/wjEPbnEmFQa4XsObQwO36FMRN5j7OjJJaevTybPPb2zMOONjUnqzYX6jxtqEH2f/ndNoh6zF1e+pnHi558nS8/fvW9n8NsOlzCj37rZjXK1boxMqYfnNZG4C+Ycu73pxprrdrhow6eL+MMBdtrPRAD6rXT/9lJpeWX17GJO0o1yPnzBn/6x6Vf2pZr6Pp/dTgGkLX7Rb5RWEj1u7eHMp8+/q5fePOti5SuSPha7mAgAAAAAAAAAAAAAAOoc0uGstwAAAACgT5Lf/rk7mvZXl7I+RwAAAAAAAAAAAAAAAAAABs3fAAAA///PtQqI") r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 5m59.35870694s ago: executing program 4 (id=1770): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000600), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010028bd7000fedbdf250600"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0xc0) 5m56.536536418s ago: executing program 34 (id=1770): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000600), r0) sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010028bd7000fedbdf250600"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0xc0) 4m8.031372463s ago: executing program 7 (id=2305): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x1000004, &(0x7f0000000cc0)=ANY=[], 0x4, 0x5d9, &(0x7f00000010c0)="$eJzs3U9rHOcdB/DvrNZrrQuOktiJ2wYqUvqHitqS1m2TgqlaTNEhlIBfgajlWHitBGlTlByKXfxCUoLeQC+55OCDz+1LEPRYKPRURC8uMzu72tiyLCWWdhV/Pvaz8zx6Zn7zm9/OjHZXAgV4aS3PpfkwRZbn3tsqxzvbne7OdufuoJ/kbJJG9T/NsvvPZOpBMpt+y3eTFHW44ln7ufbF5818ef9Gf9SoW7X+1EHbHc69umWpTnLpBcZ79I3jFcMjLINeHwSfBI+f7z/HuPupY4zNYbT6i+IZz8VMci7JdH0fGJy4jRPM8FhMzAUIAAAAx+iV3exmK+fHnQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJvXf/y/q1hj0Z1MM/v5/q/5a6v6p9nDcCQAAAAAAAADAC/CD3exmK+cH48dF9TP/t6vBherxO/k4m1nNRi5nKyvppZeNLCSZGQnU2lrp9TYWDrHl4r5bLp7M8QIAAAAAAADAt9Rfsrz3838AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgERTLVX1TtwqA/k0YzyXSSVrneveQfg/5p9nDcCQAAAMAJeGU3u9nK+cH4cVG953+jet8/nY+znl7W0ks3q7lZfRbQf9ff2NnudHe2O3fL9nTc3/77SGlUEdP/7GH/PV+q1mjn1p1mvc0f82G6uZlGtWXp0iCf/fO6X+ZU/KZ2yMxu1ssiKb5ffxoyGWaqipzJraxVNZqvcyur8erBlTjis/PknhbSGH7yc+EYan6uXpY1n57omi+OnH1vHFyJ5EfX/rt+u7t+5/atzbnJOaSv6clKdEYq8eZLVYn5qhIXh+Pl/D43MpfZvJ+NrOVPWUkvq5nN9aq3Up/P5ePMwZVa+sro/edl0qqfl/5d9Gg5vV1tez5r+UM+zM2s5pdZzNW8k4X8qvp3deQZvniIq75xtKv+hz+tO68lRbu/nBBlXV8dqevoPXemmhv9yl6VXnvx98bm9+rOVFI0hzlNgicrsTBSidcPrsRfH5ePm931Oxu3Vz465P5+Ui/L7xJnn/td4iTr1KrP3v4rla+eHeXc6/vOLVRzF4ZzjafmLg7nnnelturXcE9HWqzm3tx3rlPNXRqZaw/nLg9fbwEw8c797Fyr/a/239uftR+0b7ffm/7d2XfOvtXKmUdnft2cn/px463ib/ksf957/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx9m598emel213d0NHR0Rl2xn1n4iRc6d396MrmJ5/+fO3uygerH6yud+Z/sfhuZ2Hx3atXbq11V+f7j+NOk2Oyd9GPOxMAAAAAAAAAAACO4iR+nXTcxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDpsTyX5sMUWZi/PF+Od7Y73bIN+ntrNpI0y+X/kqkHyWz6LTMj4Ypn7efaF5838+X9G3uxGoP1pw7a7nDu1S1LdZJLLzDeo28crxgeYRn0+iA4jNv/AwAA///YHBzc") mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x2) 4m7.130808337s ago: executing program 7 (id=2311): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r1, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b6b9037200001800c0005000400000200000200080001000300000005000200030000000500020008000000240003"], 0x12c}, 0x1, 0x0, 0x0, 0x24004821}, 0x0) 4m5.519035904s ago: executing program 7 (id=2318): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_LOG_GROUP={0x6}, @NFTA_LOG_LEVEL={0x8, 0x5, 0x1, 0x0, 0x6}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0) 4m4.863509477s ago: executing program 7 (id=2323): syz_emit_ethernet(0x66, &(0x7f0000000000)={@link_local={0x5}, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @empty}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x0, {{0x0, 0x1, 0xb2}}}}}}}}, 0x0) r0 = socket$nl_generic(0x11, 0x3, 0x10) sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0) 4m4.25759189s ago: executing program 7 (id=2326): r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10) symlink(&(0x7f0000000080)='./file0\x00', &(0x7f0000002280)='./file0\x00') 4m3.702338485s ago: executing program 7 (id=2331): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x5) syz_emit_ethernet(0x7f, &(0x7f0000000280)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "954a5b", 0x49, 0x2f, 0x0, @dev={0xfe, 0x80, '\x00', 0x31}, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100}, {}, {0x8, 0x88be, 0xffffffff, {{0xc, 0x1, 0x48, 0x1, 0x1, 0x0, 0x4, 0x10}, 0x1, {0x7b40}}}, {0x8, 0x22eb, 0x4, {{0x3, 0x2, 0x5, 0x3, 0x0, 0x0, 0x1, 0xc}, 0x2, {0x5, 0x45, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x0, "08fae4eb13"}}}}}}}, 0x0) 3m48.323744275s ago: executing program 35 (id=2331): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0x5) syz_emit_ethernet(0x7f, &(0x7f0000000280)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "954a5b", 0x49, 0x2f, 0x0, @dev={0xfe, 0x80, '\x00', 0x31}, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100}, {}, {0x8, 0x88be, 0xffffffff, {{0xc, 0x1, 0x48, 0x1, 0x1, 0x0, 0x4, 0x10}, 0x1, {0x7b40}}}, {0x8, 0x22eb, 0x4, {{0x3, 0x2, 0x5, 0x3, 0x0, 0x0, 0x1, 0xc}, 0x2, {0x5, 0x45, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x0, "08fae4eb13"}}}}}}}, 0x0) 1m47.8463776s ago: executing program 0 (id=2990): openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x502, 0x0) r0 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000300)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) 1m46.811641885s ago: executing program 0 (id=2995): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000100)={'wpan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x58, r2, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_DEVKEY={0x3c, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0x2c, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x2}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0x2}]}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x5}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000891}, 0x20004044) 1m46.370192759s ago: executing program 0 (id=2998): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080)) ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f00000001c0)={0x60, 0x1, &(0x7f0000002000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x3, 0x0, 0x0, 0xa1, 0x0, 0x0, 0xe, 0x5c}) 1m45.503871055s ago: executing program 0 (id=3001): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x2014050, 0x0) mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0) umount2(&(0x7f00000000c0)='./file0\x00', 0x4) 1m44.684884268s ago: executing program 0 (id=3006): r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f00000000c0)={0x21, {{0xa, 0x4e23, 0x5, @mcast2, 0x6}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000005c0)={0x1, {{0xa, 0x4e20, 0x0, @mcast1}}, 0x1, 0x1, [{{0xa, 0x4e24, 0x8, @loopback, 0x8}}]}, 0x110) 1m43.15680709s ago: executing program 0 (id=3011): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100000000000400048008000c8004000b800800020001000000a00008801c000780080077144ebb0000080006"], 0xd0}}, 0x0) 1m40.641484983s ago: executing program 36 (id=3011): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100000000000400048008000c8004000b800800020001000000a00008801c000780080077144ebb0000080006"], 0xd0}}, 0x0) 6.028556001s ago: executing program 9 (id=3454): r0 = userfaultfd(0x80001) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000005280)={0x40000001}) pselect6(0x40, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x7}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x180, 0x0, 0x0, 0x200000, 0xfffffffffffffffe}, 0x0, 0x0) 5.447908715s ago: executing program 6 (id=3458): syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000001200)='./bus\x00', 0x2000002, &(0x7f00000001c0)={[{}, {@gid}, {@gid}, {@rootdir={'rootdir', 0x3d, 0x4}}, {@uid}, {@uid}, {@nostrict}, {@anchor={'anchor', 0x3d, 0xf87a}}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}]}, 0x1, 0xc46, &(0x7f0000000580)="$eJzs3U9sHNd9B/DfG5LiSm4iJnYUJ42LTVuksmK5+hdTsQp3VdNsA8iyEIq5BeCKXKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcjIYzOxbcUmTEi2K+mN9Pgn13Z15b/a9easZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cv7EyfSgWwEA3E8Xx75+4pT7PwA8Vi77738AAAAAAAAAAAAAAHjYpSjiyUgxd3EtTVTvO2oX2gM3bo6PjG5f7WCqavZV5cuf2slTp8985YXhs9280J65Tf177fPx2tjl8/WXZ6/PzbcWFlpT9fGZ9uTsVGvXR9hr/a2OVSegfv31G1NXry7UTz1/etPum0PvDz5xZOjc8LPHn+mWHR8ZHR3bKFLrLd9/1w3p2GmGx4Eo4nikeO4HP0/NiChi7+eidn/HfquDVSeOVZ0YHxmtOjLdbs4sljsvdU9EEVHvqdTonqPtxyL6B+5rH3bWiFgqm182+FjZvbG55nzzynSrfqk5v9hebM/OXEqd1pb9qUcRZ1PEckSsDn74cANRRH+k+N7htXQlIvq65+HL1cTgndtR7GMfd6FsZ30gYrl4BMbsITYYRbwaKX7xztGYzNeZ6lrzpYhXy/xRxFtlvhSRyi/GmYj3tvke8WjqjyL+shz/c2tpqroedK8rF75R/9rM1dmest3ryke8P3zoSvGA7g8Ht+T98ZBfm2pRRLO64q+lu//DDgAAAAAAAAAAAAAAAAD32sEo4nOR4pX/+JNqXnFU89IPnxv+w6FP9M4Zf/oOxynLPh8RS8Xu5uQeyBMDL6VLKT3gucSPs1oU8ad5/t93HnRjAAAAAAAAAAAAAAAAAAAAHmtF/CxSvPju0bQcvWuKt2eu1S83r0x3VoXtrv3bXTN9fX19vZ462cg5kaqlo9eX8vvlnCs5V3NGkevnbOScyLmUcznnSs7VnNGX6+ds5JzIuZRzOedKztWcZSur+jkbOSdyLuVczrmSczVnPCRr9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfJwUUcQHkeK731pLkSKiETERnVwZfNCtAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKg6mIH0aK+h81bm3rj4hU/b/jaPnLmWgcKPPT0Rgu86VonM/ZrLK/8Z0H0H72ZiAV8dNIMVh7+9aA5/Ef6Ly79TWIt7698e7z/Z3s6+4cen/wiSOHzw2P/sbTO71O2zXg2IX2zI2b9fGR0dGxns39+dM/3bNtKH9ucW+6TkQsvPHm683p6db83b8ovwJ7qP4IvUj9j0tPvaheRP8ej1NexR54L+6y7zwGyvv/e5Hid9/9z+4Nv3P/r8Wvdd7dusPHL/9s4/7/4tYD7fL+37+1Xr7/l/f07e7/T/ZsezH/aWSgP6K2eH1u4EhEbeGNN4+3rzevta61Zs6cOPHV4eGvnj4xcCCidrU93ep5dU9OFwAAAAAAAAAAAAAAAMD9k4r4/UjR/OlaqkfEzWq+1tC54WePP9MXfdV8q03ztl8bu3y+/vLs9bn51sJCa6o+PtOenJ1q7fbjatV0r/GR0X3pzB0d3Of2H6y9PDv3xnz72h8vbrv/UO38lYXF+ebk9rvjYBQRjd4tx6oGj4+MVo2ebjdnqqqXtp1M/9ENpCL+K1JMnqmnL+Ztef7/1hn+m+b/L2090D7N//9Uz7byM1Mq4peR4nf+6un4YtXOQ/Ghc5bL/V2kOHb2C7lcHCjLddvQea5AZ2ZgWfb/IsU/fbC5bHc+5JMbZU/u+sQ+IsrxPxwpfvgX34/fzNs2P/9h+/E/tPVA+zT+T/VsO7TpeQV77jp5/I9HipeefDt+K2+73fM/us/eOJoL33o+xz6N/2d6tg3lz/3te9N1AAAAAAAAAACAR9pAKuLvI8WPR/vTC3nbbv7939TWA+3Tv//6bM+2qXuzXtEdX+z5pAIAAADAQ2IgFfGzSHFt8e1bc6g3z//umf/5exvzP0fSlr3V3/N9snpuwL38+79eQ/lzJ/bebQAAAAAAAAAAAAAAAAAAAHiopFTEC3k99YlqPv/Ujuupr0SKV/7nuVwuHSnLddeBH6p+rV2cnTl+fnp6drK52Lwy3aqPzTUnW2XdpyLF2t9+IdctqvXVu+vNd9Z431iLfT5SjP5Dt2xnLfbu2uRPdcsutU6WZT8VKf77HzeX7a5j/ZmN454qy/5NpPjmv2xf9shG2dNl2e9Hip98s94te6gs230+6mc3yj4/OVvs5jR/8qOPDAAAAAAAAAAAAAAAAAAAAI+TgVTEn0eK/72+fGsuf17/f6DnbeWtb/es97/FzWqd/6Fq/f+dXt/N+v/VcwWWdvpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4eEpRxJuRYu7iWloZLN931C60Z27cHB8Z3b7awVTV7KvKlz+1k6dOn/nKC8Nnu3n7+vfa5+K1scvn6y/PXp+bby0stKbq4zPtydmp1q6PsNf6Wx2rTkD9+us3pq5eXaifev70pt03h94ffOLI0LnhZ48/0yn7ifr4yOjoWE+Z/oGP8HmDt9+ddth+IIr460jx3A9+nn48GFHE3s/FHb47++1g1YljVSfGR0arjky3mzOL5c5L3RNRRNR7KjW65yiP257GYj81IpbK5pcNPlZ2b2yuOd+8Mt2qX2rOL7YX27Mzl1KntWV/6lHE2RSxHBGr23xHBqKI1yPF9w6vpX/N41+dhy9fHPv6iVM7t6PYxz7uQl/Zt4GI5eJ2Y3aH3xTEYBTxz5HiF+8cjX8bjOiPzk98KeLVMn8U8VZ0xjuVX4wzEe85rR8b/VHE/5fjf24tvTNYXg+615UL36h/bebqbE/Z7nXlkb8/xH28mD/k95NaFPGT6oq/lv7d72sAAAAAAAAAAAAAAACAh0gRvx4pXnz3aKrmB9+aU9yeuVa/3Lwy3ZnW1537150zvb6+vl5PnWzknMi5lHM550rO1ZxR5Po5G2XW1tcn8vulnMs5V3Ku5oy+XD9nI+dEzqWcyzlXcq7mjP5cP2cj50TOpZzLOVdyrua8n9MHAQAAAAAAAAAAAAAAAACAx0dR/S/Fd7+1ltYHq/Wl+7r7VqwH+rH3qwAAAP//3v/zCw==") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r0, 0x400, 0x1) link(&(0x7f0000000000)='./file1\x00', &(0x7f0000000300)='./bus\x00') 4.830981904s ago: executing program 8 (id=3461): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) r1 = gettid() fcntl$setown(r0, 0x8, r1) 4.442887795s ago: executing program 9 (id=3463): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x587, 0x4) sendmmsg$inet6(r0, &(0x7f0000000e00)=[{{&(0x7f00000002c0)={0xa, 0x4e22, 0xf58, @mcast2}, 0x1c, 0x0}}], 0x1, 0x4040884) 4.234729614s ago: executing program 8 (id=3464): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000}, 0x94) r1 = open(&(0x7f0000000240)='./file1\x00', 0x14d142, 0x0) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000)={r0, r1}, 0xc) 4.136807448s ago: executing program 3 (id=3465): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)={0x30, r1, 0x101, 0x70bd2a, 0x80000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random='v'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x4804) 4.062094311s ago: executing program 6 (id=3466): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x10a900, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x2}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1) ioctl$TUNSETLINK(r0, 0x400454cd, 0x10e) 3.806544939s ago: executing program 9 (id=3467): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x8040, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x10000008}) 3.623059573s ago: executing program 5 (id=3468): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x800) ioctl$EVIOCREVOKE(r0, 0x40044591, 0x0) io_setup(0x8, &(0x7f0000004200)=0x0) io_submit(r1, 0x1, &(0x7f0000000100)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 3.590678397s ago: executing program 8 (id=3469): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000380)={0xfffc, 0x800, 0x3, 0xffff}, 0x8) sendto$inet6(r0, &(0x7f0000000080)="ab", 0x1, 0x94, &(0x7f0000000000)={0xa, 0x4, 0x3, @private1={0xfc, 0x1, '\x00', 0xfc}, 0x8}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x33, 0x0, 0x0) 3.46604079s ago: executing program 3 (id=3470): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x2000005c, &(0x7f0000000500)=ANY=[], 0x1, 0x1540, &(0x7f0000001ec0)="$eJzs3Au4TtXWOPAx5pxLm6Q3yX2OORZvcpkkSS4JuSZJkiO5JSRJkoTkllsSkpB7kntIbiG532+5J8mRJElISDL/j46O+ndO3zlf55y+5+zxe5757Dn2WmOuOdd4n/2utfZ+95ftBlasU6lcLWaG3wX/8qUrAKQAQB8AuBoAIgAomrFoxovb02rs+vsOIv617p/yR89A/JGk/qmb1D91k/qnblL/1E3qn7pJ/VM3qX/qJvUXIjXbMjXbNdJSb5Pn/6mZvP//FzlUcNSn6wpe1/6fSJH6p25S/9RN6p+6Sf1TN6l/6ib1/+9X9je2Sf1TN6m/EKnZX58Fnw8h/B94Hi3tP9v+6NefEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQojU4Wy4zADAT/2/t39C/WfnJ4QQQgghhBBCiN8vXPFHz0AIIYQQQgghhBD/fggKNBiIIA1cASmQFtLBlZAeroIMcDUk4BrICNdCJrgOMkMWyArZIDvkgJxggcABQwy5IDck4XrIAzdAXsgH+aEAeCgIheBGKAw3QRG4GYrCLVAMboXiUAJKQim4DUrD7VAGykI5uAPKQwWoCJWgMlSBO6Eq3AXV4G6oDvdADbgXasJ9UAvuh9rwJ6gDD0BdeBDqQX1oAA2h0S/zx/xj+c9CJ3gOOkMX6ArdoDs8Dz2gJ/SC3tAHXoC+8CL0g5egPwyAgfAyDIJXYDC8CkNgKAyD12A4jICRMApGwxgYC6/DOHgDxsObMAEmwiSYDFNgKkyDt2A6zICZ8DbMgndgNsyBuTAP5sO7sAAWwiJ4DxbD+7AElsIyWA4rYCWsgtWwBtbCOlgPG2AjbILNsAU+gK2wDbbDDtgJu2A3fAh74CPYCx/DPvjkn8w/8//lt0dAQIUKDRpMg2kwBVMwHabD9JgeM2AGTGACM2JGzISZMDNmxqyYFbNjdsyJOZGQkJExF+bCJCYxD+bBvJg3zU8vrEJYCAvjTVgEi2BRLIrFsBgWxxJYAkthKSyNpbEMlsFyWA7LY3msiBWxMlbGO7EqVsVqWA2rY3WsgTWwJtbEWlgLa2NtrIN1sC7WxXpYDxtgA2yEjbAxNsYm2ASbYTNsjs2xBbbAltgSW2ErbI2tsQ22wbbYFtthO2yPHbADPovP4nP4HHbB8qobdsfu2AN7YC/sjb3xBeyLL+KL+BL2xwE4EF/Gl/EVHIyncQgOxWE4DEurETgSRyGrMTgWx+I4HIfjcTxOwIk4ESfjFJyK03AaTscZOAPfxln4Dr6Dc3AOzsP5OB8X4EJchItwMZ7BJbgUl+FyXIErcQWuxjW4GtfhelyHG3EjbsbN+AF+gNtwG+7AHbgLd+GH+CF+hB9hf9yH+3A/7scDeAAP4kE8hIfwMB7GI3gEj+JRPIbH8DiewJN4Ak/hKTyNZ/AsnsVzeA7P49PZP6+9K9/a/qAuMsqoNCqNSlEpKp1Kp9Kr9CqDyqASKqEyqowqk8qkMqvMKqvKqrKr7CqnyqlIkWIVq1wql0qqpMqj8qi8Kq/Kr/Irr7wqpAqpwqqwKqKKqKLqFlVM3aqKqxKqqS+lSqnSqpkvo8qqcqqcKq8qqIqqkqqkqqgqqqqqqqqpaqq6qq5qqHtVTdUNe+H96mJl6qgBWFcNxHqqvmqgGqpX8CHVWA3GJqqpaqYeUUNxCLZQjX1L9bhqpUZia/WkGoVPqbZqDLZTz6j2qoPqqJ5VnVQT31l1UROwm+quJmMP1VP1Ur3VdKygLlasonpJ9VcD1ED1spqHr6jB6lU1RA1Vw9RrargaoUaqUWq0GqPGqtfVOPWGGq/eVBPURDVJTVZT1FQ1Tb2lpqsZaqZ6W81S76jZao6aq+ap+epdtUAtVIvUe2qxel8tUUvVMrVcrVAr1Sq1OgEAap1arzaojWqT2qy2qA/UVrVNbVc71E61S+1WH6o96iO1V32s9qlP1H71Z3VAfaoOqs/UIfW5Oqy+UEfUl+qo+kodU1+r4+qEOqm+UafUt+q0OqPOqu/UOfW9Oq9+UBdUUKBRK6210ZFOo6/QKTqtTqev1On1VTqDvlon9DU6o75WZ9LX6cw6i86qs+nsOofOqa0m7TTrWOfSuXVSX6/z6Bt0Xp1P59cFtNcFdSF9oy6sb9JF9M26qL5FF9O36uK6hC6pS+nbdGl9uy6jy+py+g5dXlfQFXUlXVlX0XfqqvouXU3fravre3QNfa+uqe/TtfT9ujYigH5A19UP6nq6vm5QGXQj/ZBurB/WTXRT3Uw/opvrR3UL/ZhuqR/XrfQTurV+UrfRT+m2+mndTj+j2+sOuqP+QV/QQXfWXXRX3U1318/rHrqn7qV76z76Bd1Xv6j76Zd0fz1AD9Qv60H6FT1Yv6qH6KF6mH5ND9cj9Eg9So/WY/RY/boep9/Q4/WbeoKeqCfpyXqKnqp7XRpp5j+Q/8bfyO/349E36y36A71Vb9Pb9Q69U+/Su/VuvUfv0Xv1Xr1P79P79X59QB/QB/VBfUgf0of1YX1EH9FH9VF9TB/Tx/UJ/Z3+Rp/S3+rT+ow+o7/T5/Q5ff7SOQCDRhltjIlMGnOFSTFpTTpzpUlvrjIZzNUmYa4xGc21JpO5zmQ2WUxWk81kNzlMTmMNGWfYxCaXyW2S5nqTx9xg8pp8Jr8pYLwpaAqZG393/v80v0amkWlsGpsmpolpZpqZ5qa5aWFamJampWllWpnWprVpY9qYtqataWfamfamveloOppOppPpbDqbrqar6W6eNz1MT9PL9DZ9zAumr+lr+pl+pr/pbwaagWaQGWQGm8FmiBlihplhZrgZbkaakWa0GW3GmrFmnBlnxpvxZoKZYCaZSWaKmWKmmWlmupluZpqZZpaZZWab2WaumWvmm/lmgVlgFplFZrFZbJaYpWapWW6Wm5VmpVltVpu1Zq1Zb9abjWajWWK2mC1mq9lqtpvtZqfZaXab3WaP2WP2mr1mn9ln9pv95oA5YA6ag+aQOWQOm8PmiDlijpqj5pg5Zo6b4+akOWlOmVPmtDltzpqz5pw5Z86b8+aCuXDxsi9SkYpMZKI0UZooJUqJ0kXpovRR+ihDlCFKRIkoY5QxyhRdF2WOskRZo2xR9ihHlDOyEUUu4iiOckW5o2R0fZQnuiHKG+WL8kcFIh8VjApFN0aFo5uiItHNUdHolqhYdGtUPCoRlYxKRbdFpaPbozJR2ahcdEdUPqoQVYwqRZWjKtGdUdXorqhadHdUPbonqhHdG9WM7otqRfdHtaM/RXWiB6K60YNRvah+1CBqGDX6l44fwuksD/vOtovtarvZ7vZ528P2tL1sb9vHvmD72hdtP/uS7W8H2IH2ZTvIvmIH21ftEDvUDrOv2eF2hB1pR9nRdowda1+34+wbdrx9006wE+0kO9lOsVPtNPuWnW5n2Jn2bTvLvmNn2zl2rp1n59t37QK70C6y79nF9n27xC61y+xyu8KutKvsarvGrrXr7Hq7wW60m+xmu8V+kGar3Wa32x12p91ld9sP7R77kd1rP7b77Cd2v/2zPWA/tQftZ/aQ/dwetl/YI/ZLe9R+ZY/Zr+1xe8KetN/YU/Zbe9qesWftd/ac/d6etz/YCzZcvLi/+PZOhgyloTSUQimUjtJRekpPGSgDJShBGSkjZaJMlJkyU1bKStkpO+WknHQRE1MuykVJSlIeykN5KS/lp/zkyVMhKkSFqTAVoSJUlIpSMSpGxak4laSSdBvdRrfT7VSWytIddAdVoApUiSpRFapCVakqVaNqVJ2qUw2qQTWpJtWiWlSbalMdqkN1qS7Vo3rUgBpQI2pEjakxNaEm1IyaUXNqTi2oBbWkltSKWlFrak1tqA21pbbUjtpRe2pPHakjdaJO1Jk6U1fqSt2pO/WgHtSLelEf6kN9qS/1o37Un/rTQBpIg2gQDabBNISG0jB6jYbTCBpJo2g0jaGxNJbG0TgaT+NpAk2gSTSJptAUmkbTaDpNp5k0k2bRLJpNs2kuzaX5NJ8W0AJaRIvA0GJaQktoGS2jFbSCVtEqWkNraB2tow20gTbRJtpCW2grbaXttJ120k7aTbtpD+2hvbSX9tE+2k/76QAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpJJ2kU3SKTtNpOktn6Rx9T+fpB7pAgVKcgnTuSpfeXeUyuKtdikvrfh5nddlcdpfD5XTWZXZZfhGTcy6vy+fyuwLGu4KukLvxp9j9FBd3JVxJV8rd5kq7212ZX8VV3J2uqrvLVXN3u0qu8i/i6u4eV8M94Gq6B10tV9/Vdg1dHfeAq+sedPVcfdfANXTN3aOuhXvMtXSPu1buiV/FC9xCt8atdevcerfHfeTOuu/cEfelO+e+d51dF9fHveD6uhddP/eS6+8G/Coe5l5zw90IN9KNcqPdmF/Fk9xkN8VNddMcwnQ342fxW+5iPN+962Y5wNlujpvr5v0YX5zTIveeW+zed0vcUrfMLXcr3Eq3yq3+61yXu41uk9vsdrsP3Va3zW13O9xOt+vH+OI69rqP3T73iTvsvnAH3KfuoDvqDrnPf4wvru+o+8odc1+74+6EO+m+cafct+60O/Pj+i+u/Rv3g7vgggNGVqzZcMRp+ApO4bScjq/k9HwVZ+CrOcHXcEa+ljPxdZyZs3BWzsbZOQfnZMvEjpljzsW5OcnXcx6+gfNyPs7PBdhzQS7EN3JhvomL8M1clG/hYnwrF+cSXJJL8W1cmm/nMlyWy/EdXJ4rcEWuxJW5Ct/JVfkursZ3c3W+h2vwvVyT7+NafD/X5j9xHX6A6/KDXI/rcwNuyI34IW7MD3MTbsrN+BFuzo9yC36MW/Lj3Iqf4Nb8JLfhp7gtP83t+Bluzx24Iz/Lnfg57sxduCt34+78PPfgntyLe3MffoH78ovcj1/i/jyAB/LLPIhf4cH8Kg/hoTyMX+PhPIJH8igezWN4LL/O4/gNHs9v8gSeyJN4Mk/hqTyN3+LpPINn8ts8i9/h2TyH5/I8ns/v8gJeyIv4PV7M7/MSXsrLeDmv4JW8ilfzGl7L63g9b+CNvIk38xb+gLfyNt7OO3gn7+Ld/CHv4Y94L3/M+/gT3s9/5gP8KR/kz/gQf86H+Qs+wl/yUf6Kj/HXfJxP6Ev36Xyaz/BZ/o7P8fd8nn/gCxwYYoxVrGMTR3Ga+Io4JU4bp4uvjNPHV8UZ4qvjRHxNnDG+Ns4UXxdnjrPEWeNscfY4R5wztjHFLuY4jnPFueNkfH2cJ74hzhvni/PHBWIfF4wLxTfGheOb4iLxzXHR+Ja4WHxrXDwuET9wd6n4trh0fHtcJi4bl4vviMvHFeKKcaW4clwlvjOuGt8VV4vvjovE98Q14nvjmvF9ca34/rh2/Ke4TvxAXDd+MK4X148bxA3jRvFDceP44bhJ3DRuFj8SN48fjVvEj8Ut44AAT/zG9sfjVvETcde4W9w9fj5+Pg7hLj03OS85P/luckFyYXJR8r3k4uT7ySXJpcllyeXJFcmVyVXJ1ck1ybVpIbk+uSG5MbkpuTkZQqUrwKNXXnvjI5/GX+FTfFqfzl/p0/urfAZ/tU/4a3xGf63P5K9rtgvAZ/XZfHafw+f01pN3nn3sc/ncPumv93n8DT6vz+fz+wLe+4K+kG/oG/lGvrF/2DfxTX0z/4h/xD/qH/WP+cf8476Vf8K39k/6Nv4p39Y/7Z/2z/j2voPv6J/1nfxzvrPv4rv6rr677+57+B6+l+/l+/g+vq/v6/v5fr6/7+8H+oF+kB/kB/vBfogf4of5YX64H+5H+pF+tB/tx/qxfpwf58f78X6Cn+An+Ul+ip/ip/lpfrqf7mf6mX5W3ll+tp/t5/q5fr6f7xf4BX6RX+QX+8V+iV/il/llfoVf4Vf5VX6NX+PX+XV+g9/gN/lNfovf4rf6rX673+53+p1+t9/t9/g9fq/f6/f5fX6/3+8P+AP+oP/MH/Kf+8P+C3/Ef+mP+q/8Mf+1P+5P+JP+G3/Kf+tP+zP+rP/On/Pf+/P+B3/BBz828XpiXOKNxPjEm4kJiYmJSYnJiSmJqYlpibcS0xMzEjMTbydmJd5JzE7MScxNzEvMT7ybWJBYmFiUeC+xOPF+YkliaWJZYnliRWJlIoQcW+OQK+QOyXB9yBNuCHlDvpA/FAg+FAyFwo2hcLgpFAk3h6LhllAs3BqKhxKhZHgw1Av1Q4PQMDQKD4XG4eHQJDQNzcIjoXl4NLQIj4WW4fHQKjwRWocnQ5vwVGgbng7twjOhfegQOoZnQ6fwXOgcuoSuoVvoHp4PPULP0Cv0Dn3CC6FveDH0Cy+F/mFAGBheDoPCK2FweDUMCUPDsPBaGB5GhJFhVBgdxoSx4fUwLrwRxoc3w4QwMUwKk8OUMDVMC2+F6WFGmBneDrPCO2F2mBPmhnlhfng3LAgLw6LwXlgc3g9LwtKwLCwPK8LKsCqsDmvC2rAurA8bwsawKQKA8EHYGraF7WFH2Bl2hd3hw7AnfBT2ho/DvvBJ2B/+HA6ET8PB8Fk4FD4Ph8MX4Uj4MhwNX4Vj4etwPJwIJ8M34VT4NpwOZ8LZ8F04F74P58MP4cJvfGZNCCGEEEJc9luf9b+o29/4nrrULuoOAFdty/bUz7cbANiQ+S/9nip78wQAPN6l3f0/tfLlu3btemnfJRqi3HMAIHE5/8dfIF+Kl0IzeBRaQlMo/Dfn11N1OMd/Hf+nW9rL4+PxEJK3AKT7WU4KXI4vj3/T3xn/oUeGLSgWn834y/mfv3TeLs4/OQcgb+7LOWnhcnx5/CJ/Z/wsjfm3z0/aT8cCNPlZTnq4HF8evxA8DE9Ay1/sKYQQQgghhBBC/EVPVbJNyX/g/jy7uZxzBVyO/6f7cyGEEEIIIYQQQvzxnurQ8bGHWrZs2uZ/30l7aahfbfrpbwR+/yF+3vnpQcS/bMCmbZ5K8+vJ/5d0dl46W/+hg6r/A0uWzr+k8wf8MBJCCCGEEEL8W12+6P8nkjriv3FGQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE6vOf+Hdif/QahRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiD/a/wsAAP//BMUp6g==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000640)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 3.051979344s ago: executing program 6 (id=3471): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x38, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x8d, 0x0, 0x8001, 0x7, 0x60ad, 0x9, 0x7]}}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x2080}, 0x0) 2.979106923s ago: executing program 9 (id=3472): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x14, 0x2d, 0x9, 0x70bd27, 0x0, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x42804}, 0x0) 2.850539836s ago: executing program 5 (id=3473): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'wp512-generic\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 2.448957348s ago: executing program 3 (id=3474): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xf, 0x4, 0x4, 0x12}, 0x50) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x20}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000200)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="05"], 0x10) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000780)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB='&'], 0x10) 2.269996857s ago: executing program 6 (id=3475): capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0xa6, 0x0, &(0x7f0000000180)="b44c806748f06309624431ed3373010001000000008c6390009c4ebd873094563683b7ee0fae7a6a53200386ce51def6a4effb9de8b4645c2b9c0614907dac12c6d34a8266e6124b925240080cd4f4e5b5da601596c31f137d2ce6ca74fd87f90ea0be786fe13ac0805807dd6853458eccc84575e9af5fee93c9427fc0bd19ccae5d3bc54f9bdf5cf073b5a597a9df9cb422ce2ab5ff0700000000000093b110a54f32ad69d0", 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x6}, 0x50) r0 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85) 2.027463204s ago: executing program 5 (id=3476): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ff9}]}) r0 = semget$private(0x0, 0x4, 0x0) semop(r0, &(0x7f0000000380)=[{0x0, 0xffff}], 0x1) semtimedop(r0, &(0x7f0000000000)=[{0x0, 0x9, 0x800}], 0x1, 0x0) 1.798212969s ago: executing program 8 (id=3477): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$UFFDIO_ZEROPAGE(r0, 0xc018aa06, &(0x7f0000000380)={{&(0x7f00007db000/0x2000)=nil, 0x2000}}) 1.71358334s ago: executing program 9 (id=3478): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4006, &(0x7f0000003f80), 0x1, 0x44f, &(0x7f00000002c0)="$eJzs289vFFUcAPDvzG6L/LIrwR/8UIloJP4otCBy8KLRxIMmJnrAY20LQRZqaE2EEC3G4NGQeDceTfgLPOnFqCcTr+rZkBDTC+hpzezO0O2yu/bXdiv7+SQD78287XvfefO2b+Z1AhhYB7J/kogdEfFbRIw0sksLHGj8d3vh8uTfC5cnk6jV3v4rqZe7tXB5sihafG57kSlHpJ8lsa9NvbMXL52dqFanL+T5w3PnPjg8e/HS82fOTZyePj19fvzEiWNHx148Pv7CusSZxXVr78cz+/e8/u61NydPXnvvp+tJEX9LHGtXjqYf3dZTtdr6VbcJ7GxKJ+U+NoQVKeVX61B9/I9EKRY7byRe+7SvjQN6qlar1R7qfHi+BtzDkuh3C4D+KH7RZ/e/xbZBU49N4ebLjRugLO7b+dY4Uo40LzPUcn+7ng5ExMn5f77Ktmh9DrG1R5UCAAPtu2z+81y7+V8azc+F7s/XUCoR8UBE7IqI4xGxOyIejKiXfTgiHllh/a2LJHfPP9MbqwpsmbL530v52tbS+V8x+4tKKc/trMc/lJw6U50+kp+TQzG0JcuPdanj+1d//aLTseb5X7Zl9RdzwbwdN8pbln5mamJuYi0xN7t5JWJvuV38yZ2VgCQi9kTE3lXWceaZb/Z3OtYh/uFl/eB1WGeqfR3xdKP/56Ml/kLSfX3y8H1RnT6yJfKr4m4//3L1rU71/3f/91bW/9vaXv9F/H9Ukub12tmV13H198873lOu9vofTt5Zsu+jibm5C2MRw8kb9Xylef94S7nxxfJZ/IcOth//u2LxTOyLiOwifjQiHouIx5u+u56IiINd4v/xlSffX338vZXFP9W1/6Ol/xcTw9G6p32idPaHb5dUWllJ/Fn/H6unDuV7lvP91645RUTNh9Zy7gAAAOD/Io2IHZGko3fSaTo62vgb/t2xLa3OzM49e2rmw/NTjXcEKjGUFs8/R5qeh47lt/VFfrwlfzR/bvxlaWs9Pzo5U53qd/Aw4LZ3GP+ZP0v9bh3Qc97XgsFl/MPgMv5hcBn/MLjajH+vnsGAaPf7/5M+tAPYeC3jv+uyn4kB3Fvc/8PgMv5hcBn/MJCuRHR/eb+niet5Kzak0jQiVv3xiH6cn82ciHRTNEOiR4k+fzEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsk38DAAD//3893aY=") mkdir(&(0x7f0000000080)='./bus\x00', 0x3) r0 = open(&(0x7f0000000000)='./bus\x00', 0x42100, 0xa) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000000c0)=@v2={0x2, @aes128, 0xca9996a1ff360dc6, '\x00', @c}) 1.623287861s ago: executing program 3 (id=3479): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000540)=@generic={&(0x7f0000000500)='./file0\x00', 0x0, 0x10}, 0x18) 1.517987228s ago: executing program 6 (id=3480): syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x1000000, &(0x7f0000000340)=ANY=[], 0x1, 0x11ab, &(0x7f0000001280)="$eJzs209rI2UcB/Bf/2hramv9V20vPuhFL4PtwZOXIi1IA0rbCK0gTGmqITEJmRwS8VDw5snXIR69CeIb6LvwVgTZvfS0s2yztNvSPewu28Du53PJF74ZeB4GBp5hfqef//Zj86jIjvJ+TE5MxHQ3Ip2lSDEZUzFyHJ/8snn31529/a31anVjO6XN9d3Vz1JKCx/8/e3Pf3z4T3/umz8X/pqJk8XvTv9f+/dk6WT59N7uD40iNYrU7vRTng46nX5+0Kqnw0bRzFL6ulXPi3pqtIt670p/1Op0u8OUtw/nK91evShS3h6mZn2Y+p3U7w1T/n3eaKcsy9J8JXgWtd/PyrKMKMtX4tUoy7J8LSoxF6/HfCzEG7EYb8Zb8Xa8E+/GUrwX78fy+b/GvW4AAAAAAAAAAAAAAAAAAAB4sZj/BwAAAAAAAAAAAAAAAAAAgPEz/w8AAAAAAAAAAAAAAAAAAADjZ/4fAAAAAAAAAAAAAAAAAAAAxm9nb39rvVrd2E5pNuK/40FtUBv9jvrNL6sbn6Zzi5dX3RkMalMX/eqoT1f7mag87Ndu7Gfj449G/YPui6+q1/qVOHz+2wcAAICXQpYu3Hi+z7LH9aP0yPuBa+f36ViZvrVt8JSK4U/NvNWq9wRBEC7CuJ9M3IbLmz7ulQAAAAAAAAAAAPAkbuNzwnHvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjPDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK4KAAD//7AGljE=") sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)=@in={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40094}, 0x24000001) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2, 0x0) 1.373990665s ago: executing program 5 (id=3481): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e1d, 0x1, @mcast1, 0x8}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x400ad80, &(0x7f00000000c0)={0xa, 0x4e23, 0x5b3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x8}, 0x1c) sendmmsg$inet6(r0, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000080)={0xa, 0x4e24, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x401}, 0x1c, 0x0, 0x0, &(0x7f0000001140)=[@rthdr={{0x14, 0x29, 0x39, {0x21, 0x0, 0x1, 0x3a}}}], 0x14}}], 0x2, 0x0) 1.151240321s ago: executing program 8 (id=3482): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6gretap0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ENCRYPT={0x5, 0xf, 0x2}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}}, 0x0) 1.074386451s ago: executing program 5 (id=3483): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x3) syz_emit_ethernet(0x42, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x65, 0x0, 0x4, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0xffff, 0x0, 0x0, {[@sack_perm={0x4, 0x2}, @timestamp={0x8, 0xa, 0x8000, 0x7a4}]}}}}}}}, 0x0) 866.124098ms ago: executing program 3 (id=3484): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0xe45c, @empty, 0xa098}, {0xa, 0x4e21, 0xac9, @empty, 0x2}, r1, 0x81}}, 0x48) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) 667.186602ms ago: executing program 5 (id=3485): r0 = syz_io_uring_setup(0x1f85, &(0x7f0000000340)={0x0, 0x0, 0x13580, 0x0, 0xfffffffc}, &(0x7f0000000100), &(0x7f0000000300)) r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) readv(r1, &(0x7f0000000780)=[{&(0x7f0000000280)=""/136, 0x88}], 0x1) ppoll(&(0x7f0000000040)=[{r0}], 0x1, 0x0, 0x0, 0x0) 629.66162ms ago: executing program 8 (id=3486): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054) 500.729132ms ago: executing program 9 (id=3487): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r1, 0xfffff000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xffffa888}]}}}]}, 0x3c}}, 0x0) 234.113828ms ago: executing program 3 (id=3488): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000e40)='\b', 0x17ff}], 0x5) close(0x3) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) 0s ago: executing program 6 (id=3489): r0 = socket(0x11, 0xa, 0x0) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7) bind$can_raw(r0, &(0x7f0000000000), 0x10) getsockname$inet(r0, 0x0, &(0x7f00000001c0)) kernel console output (not intermixed with test programs): loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 640.909031][T11590] netlink: 'syz.7.2279': attribute type 4 has an invalid length. [ 640.909367][T11590] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.2279'. [ 642.048695][ T5841] kernel read not supported for file /vcs (pid: 5841 comm: kworker/0:4) [ 642.732702][T11618] netlink: 'syz.5.2292': attribute type 10 has an invalid length. [ 642.970005][T11622] loop6: detected capacity change from 0 to 512 [ 643.224725][T11622] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 643.382878][T11622] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 643.452100][T11622] EXT4-fs error (device loop6): ext4_resize_begin:60: comm syz.6.2294: resize_inode disabled but reserved GDT blocks non-zero [ 643.498065][T11629] loop5: detected capacity change from 0 to 512 [ 643.525539][T11629] EXT4-fs: Ignoring removed i_version option [ 643.656798][T11629] EXT4-fs (loop5): 1 truncate cleaned up [ 643.725788][ T9575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 643.752127][T11629] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 644.174994][ T6625] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 645.052941][T11650] loop7: detected capacity change from 0 to 1024 [ 645.535550][ T12] hfsplus: bad catalog file entry [ 645.873617][T11659] loop3: detected capacity change from 0 to 2048 [ 645.987763][T11659] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 646.039708][T11664] netlink: 168 bytes leftover after parsing attributes in process `syz.7.2311'. [ 646.756112][T11673] loop6: detected capacity change from 0 to 2048 [ 646.891152][T11678] loop0: detected capacity change from 0 to 128 [ 646.923305][T11673] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 647.840635][T11686] loop0: detected capacity change from 0 to 512 [ 647.929742][T11686] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 648.156585][T11686] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.2320: invalid indirect mapped block 83886080 (level 1) [ 648.247879][T11686] EXT4-fs (loop0): Remounting filesystem read-only [ 648.294226][T11686] EXT4-fs (loop0): 1 orphan inode deleted [ 648.300435][T11686] EXT4-fs (loop0): 1 truncate cleaned up [ 648.366692][T11686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 648.402834][T11696] binder: 11695:11696 ioctl c0306201 2000000001c0 returned -14 [ 648.542220][T11686] EXT4-fs (loop0): shut down requested (0) [ 648.950374][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 649.099518][ T5841] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 649.309699][ T5841] usb 7-1: Using ep0 maxpacket: 32 [ 649.367002][ T5841] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 649.387496][ T5841] usb 7-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 649.399575][ T5841] usb 7-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0 [ 649.409981][ T5841] usb 7-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 649.423411][ T5841] usb 7-1: config 0 interface 0 has no altsetting 0 [ 649.445022][ T5841] usb 7-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00 [ 649.454490][ T5841] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 649.504609][ T5841] usb 7-1: config 0 descriptor?? [ 650.061447][ T5841] corsair-psu 0003:1B1C:1C09.001D: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.6-1/input0 [ 650.164209][ T5841] corsair-psu 0003:1B1C:1C09.001D: unable to initialize device (-38) [ 650.235342][ T5841] corsair-psu 0003:1B1C:1C09.001D: probe with driver corsair-psu failed with error -38 [ 650.282482][ T5841] usb 7-1: USB disconnect, device number 4 [ 650.898451][T11717] fido_id[11717]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 651.253233][T11725] loop3: detected capacity change from 0 to 256 [ 651.312308][T11725] exfat: Deprecated parameter 'namecase' [ 651.501584][T11725] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1cbb3694, utbl_chksum : 0xe619d30d) [ 653.351458][T11751] netlink: 822 bytes leftover after parsing attributes in process `syz.0.2353'. [ 653.704949][T11753] openvswitch: netlink: Actions may not be safe on all matching packets [ 654.011005][T11758] loop0: detected capacity change from 0 to 512 [ 654.100730][T11758] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 654.324229][T11758] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 654.403827][T11758] ext4 filesystem being mounted at /488/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 654.582251][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 654.588839][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 654.857298][ T5781] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.703792][T11777] loop6: detected capacity change from 0 to 512 [ 655.728283][T11777] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 655.824683][T11780] loop5: detected capacity change from 0 to 256 [ 656.276254][T11780] FAT-fs (loop5): Directory bread(block 64) failed [ 656.341148][T11780] FAT-fs (loop5): Directory bread(block 65) failed [ 656.348046][T11780] FAT-fs (loop5): Directory bread(block 66) failed [ 656.389810][T11780] FAT-fs (loop5): Directory bread(block 67) failed [ 656.450229][T11780] FAT-fs (loop5): Directory bread(block 68) failed [ 656.457317][T11780] FAT-fs (loop5): Directory bread(block 69) failed [ 656.510773][T11780] FAT-fs (loop5): Directory bread(block 70) failed [ 656.547835][T11780] FAT-fs (loop5): Directory bread(block 71) failed [ 656.576253][T11780] FAT-fs (loop5): Directory bread(block 72) failed [ 656.647786][T11780] FAT-fs (loop5): Directory bread(block 73) failed [ 657.734933][T11800] loop5: detected capacity change from 0 to 512 [ 657.838864][T11800] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 657.850540][T11800] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 0 not in group (block 2)! [ 657.860961][T11800] EXT4-fs (loop5): group descriptors corrupted! [ 659.138199][T11815] loop0: detected capacity change from 0 to 128 [ 659.239387][T11817] sg_write: data in/out 92/98 bytes for SCSI command 0x0-- guessing data in; [ 659.239387][T11817] program syz.5.2384 not setting count and/or reply_len properly [ 659.325593][T11815] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 659.542370][T11815] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 659.973553][T10258] kernel read not supported for file /1049/net/mcfilter (pid: 10258 comm: kworker/0:1) [ 660.511228][T11831] loop6: detected capacity change from 0 to 512 [ 660.569729][T11831] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem [ 660.626853][T11831] EXT4-fs error (device loop6): mb_free_blocks:2037: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 660.648849][T11831] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #11: comm syz.6.2391: corrupted inode contents [ 660.682076][T11831] EXT4-fs error (device loop6): ext4_dirty_inode:6502: inode #11: comm syz.6.2391: mark_inode_dirty error [ 660.780004][T11831] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.2391: invalid indirect mapped block 1 (level 1) [ 660.865443][T11831] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #11: comm syz.6.2391: corrupted inode contents [ 660.894935][T11831] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem [ 660.944914][T11831] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #11: comm syz.6.2391: corrupted inode contents [ 660.968294][T11831] EXT4-fs error (device loop6): ext4_truncate:4635: inode #11: comm syz.6.2391: mark_inode_dirty error [ 660.981514][T11831] EXT4-fs error (device loop6) in ext4_process_orphan:345: Corrupt filesystem [ 661.087645][T11831] EXT4-fs (loop6): 1 truncate cleaned up [ 661.134274][T11831] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 661.607255][ T9575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 662.221374][T11853] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2400'. [ 662.923962][T11859] loop5: detected capacity change from 0 to 2048 [ 663.031126][T11863] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 663.187936][T11863] NILFS (loop5): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 663.200871][T11863] NILFS error (device loop5): nilfs_bmap_propagate: broken bmap (inode number=4) [ 663.303964][T11863] Remounting filesystem read-only [ 664.091020][T11875] netem: change failed [ 664.645193][T11883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2414'. [ 665.331338][T11887] mkiss: ax0: crc mode is auto. [ 665.485605][T11144] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 665.498920][T11144] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 665.518269][T11144] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 665.538091][T11144] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 665.549774][T11144] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 666.150567][T11898] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2420'. [ 666.849437][ T5841] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 667.085785][ T5841] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 667.097078][ T5841] usb 7-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00 [ 667.106492][ T5841] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 667.281448][ T5841] usb 7-1: config 0 descriptor?? [ 667.589725][ T5795] Bluetooth: hci5: command tx timeout [ 667.746825][ T5841] zeroplus 0003:0C12:0005.001E: item fetching failed at offset 0/3 [ 667.802720][ T5841] zeroplus 0003:0C12:0005.001E: parse failed [ 667.809454][ T5841] zeroplus 0003:0C12:0005.001E: probe with driver zeroplus failed with error -22 [ 667.948049][T10694] usb 7-1: USB disconnect, device number 5 [ 668.032381][ T13] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.116875][T11892] chnl_net:caif_netlink_parms(): no params data found [ 668.334848][ T13] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.547701][T11921] loop3: detected capacity change from 0 to 4096 [ 668.601172][ T13] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.694742][T11928] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 668.695327][T11921] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 668.810211][T11929] loop5: detected capacity change from 0 to 256 [ 668.822719][T11921] Remounting filesystem read-only [ 668.903021][ T13] netdevsim netdevsim7 netdevsim0 (unregistering): left allmulticast mode [ 669.058243][ T13] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 669.268506][T11929] FAT-fs (loop5): Directory bread(block 64) failed [ 669.323962][T11929] FAT-fs (loop5): Directory bread(block 65) failed [ 669.354042][T11929] FAT-fs (loop5): Directory bread(block 66) failed [ 669.420982][T11929] FAT-fs (loop5): Directory bread(block 67) failed [ 669.427875][T11929] FAT-fs (loop5): Directory bread(block 68) failed [ 669.503777][T11929] FAT-fs (loop5): Directory bread(block 69) failed [ 669.557006][T11929] FAT-fs (loop5): Directory bread(block 70) failed [ 669.609792][T11929] FAT-fs (loop5): Directory bread(block 71) failed [ 669.616689][T11929] FAT-fs (loop5): Directory bread(block 72) failed [ 669.679675][ T5795] Bluetooth: hci5: command tx timeout [ 669.731607][T11929] FAT-fs (loop5): Directory bread(block 73) failed [ 670.273399][T11935] loop0: detected capacity change from 0 to 32768 [ 670.370628][T11935] (syz.0.2434,11935,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 670.388018][T11935] (syz.0.2434,11935,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 670.459722][T11935] (syz.0.2434,11935,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x3c8d1ba1, computed 0xbb82cb57. Applying ECC. [ 670.473516][T11935] (syz.0.2434,11935,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x3c8d1ba1, computed 0xbb82cb57 [ 670.486468][T11935] (syz.0.2434,11935,0):ocfs2_validate_inode_block:1441 ERROR: Checksum failed for dinode 24 [ 670.496907][T11935] (syz.0.2434,11935,0):ocfs2_read_locked_inode:599 ERROR: status = -5 [ 670.505598][T11935] (syz.0.2434,11935,0):_ocfs2_get_system_file_inode:144 ERROR: status = -5 [ 670.516069][T11935] (syz.0.2434,11935,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 670.528965][T11935] (syz.0.2434,11935,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 5, possibly corrupt fs? [ 670.534549][T11935] (syz.0.2434,11935,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 670.556472][T11935] (syz.0.2434,11935,0):ocfs2_initialize_super:2198 ERROR: status = -22 [ 670.567400][T11935] (syz.0.2434,11935,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 670.664911][ T13] bridge_slave_1: left allmulticast mode [ 670.674100][ T13] bridge_slave_1: left promiscuous mode [ 670.680858][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 670.928157][ T13] bridge_slave_0: left allmulticast mode [ 670.938797][ T13] bridge_slave_0: left promiscuous mode [ 670.946923][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 671.544793][T11947] loop3: detected capacity change from 0 to 128 [ 671.589765][T11947] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 671.685916][T11950] loop6: detected capacity change from 0 to 64 [ 671.754417][ T5795] Bluetooth: hci5: command tx timeout [ 671.766627][T11947] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 671.870086][T11947] ext2 filesystem being mounted at /513/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 672.338139][ T5785] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 672.374629][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 672.511082][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 672.595825][ T13] bond0 (unregistering): Released all slaves [ 672.817445][T10258] kernel write not supported for file /amidi2 (pid: 10258 comm: kworker/0:1) [ 673.034328][T11965] genirq: Flags mismatch irq 4. 00200000 (das16m1) vs. 00200080 (ttyS0) [ 673.350160][T11892] bridge0: port 1(bridge_slave_0) entered blocking state [ 673.357727][T11892] bridge0: port 1(bridge_slave_0) entered disabled state [ 673.412738][T11892] bridge_slave_0: entered allmulticast mode [ 673.436133][T11892] bridge_slave_0: entered promiscuous mode [ 673.538030][T11892] bridge0: port 2(bridge_slave_1) entered blocking state [ 673.545867][T11892] bridge0: port 2(bridge_slave_1) entered disabled state [ 673.547749][T11967] loop3: detected capacity change from 0 to 512 [ 673.641215][T11892] bridge_slave_1: entered allmulticast mode [ 673.678702][T11892] bridge_slave_1: entered promiscuous mode [ 673.709919][T11967] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 673.815654][T11967] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 673.832335][ T5795] Bluetooth: hci5: command tx timeout [ 674.258188][T11892] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 674.396169][ T13] hsr_slave_0: left promiscuous mode [ 674.439635][ T13] hsr_slave_1: left promiscuous mode [ 674.481272][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 674.488821][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 674.554713][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 674.562592][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 674.570329][T10694] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 674.671031][ T13] veth1_macvtap: left promiscuous mode [ 674.697528][ T13] veth0_macvtap: left promiscuous mode [ 674.709634][ T13] veth1_vlan: left promiscuous mode [ 674.715139][ T13] veth0_vlan: left promiscuous mode [ 674.758807][T10694] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 674.770822][T10694] usb 6-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00 [ 674.780302][T10694] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 674.848283][T10694] usb 6-1: config 0 descriptor?? [ 674.947738][T11986] Option ' ' to dns_resolver key: bad/missing value [ 675.269330][T11988] comedi comedi3: dt2817: I/O port conflict (0x4f27,5) [ 675.402015][T11990] loop6: detected capacity change from 0 to 64 [ 675.475898][T10694] megaworld 0003:07B5:0312.001F: unbalanced collection at end of report description [ 675.548860][T10694] megaworld 0003:07B5:0312.001F: parse failed [ 675.555572][T10694] megaworld 0003:07B5:0312.001F: probe with driver megaworld failed with error -22 [ 675.632203][T10694] usb 6-1: USB disconnect, device number 13 [ 676.982081][ T13] team0 (unregistering): Port device team_slave_1 removed [ 677.126645][ T13] team0 (unregistering): Port device team_slave_0 removed [ 677.919372][T12017] netlink: 'syz.6.2471': attribute type 32 has an invalid length. [ 677.927543][T12017] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2471'. [ 678.122395][T12010] loop5: detected capacity change from 0 to 4096 [ 678.122464][T12013] loop3: detected capacity change from 0 to 32768 [ 678.182459][T12010] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 678.231289][T12013] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 678.962235][T12013] XFS (loop3): Ending clean mount [ 678.975653][T12013] XFS (loop3): Quotacheck needed: Please wait. [ 678.989000][T11892] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 679.010436][T12017] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 679.211376][T12013] XFS (loop3): Quotacheck: Done. [ 679.455379][ T5785] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 679.507537][T11892] team0: Port device team_slave_0 added [ 679.608041][T11892] team0: Port device team_slave_1 added [ 679.858066][T11892] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 679.866229][T11892] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 679.893363][T11892] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 680.180426][T11892] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 680.187548][T11892] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 680.215164][T11892] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 680.794614][T12044] loop5: detected capacity change from 0 to 4096 [ 680.903094][T11892] hsr_slave_0: entered promiscuous mode [ 680.927003][T11892] hsr_slave_1: entered promiscuous mode [ 680.935964][T11892] debugfs: 'hsr0' already exists in 'hsr' [ 680.942103][T11892] Cannot create hsr debugfs directory [ 681.000469][T12044] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 681.510884][T10258] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 681.555375][ T6625] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 681.701480][T10258] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 681.716414][T10258] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 681.726653][T10258] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 681.739897][T10258] usb 7-1: New USB device found, idVendor=05ac, idProduct=0324, bcdDevice= 0.00 [ 681.749368][T10258] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 681.841743][T10258] usb 7-1: config 0 descriptor?? [ 682.280930][T11144] Bluetooth: hci4: command 0x0406 tx timeout [ 682.759007][T11892] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 682.890777][T11892] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 683.091089][T10258] magicmouse 0003:05AC:0324.0020: hidraw0: USB HID v0.00 Device [HID 05ac:0324] on usb-dummy_hcd.6-1/input0 [ 683.110490][T10258] usb 7-1: USB disconnect, device number 6 [ 683.131080][T11892] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 683.179324][T12063] loop3: detected capacity change from 0 to 32768 [ 683.197121][T12063] workqueue: name exceeds WQ_NAME_LEN. Truncating to: gfs2-glock/Ô±rÐÛ»ð_î [ 683.197121][T12063] ˜b‚瀫ñ§ [ 683.244822][T12063] gfs2: fsid=Ô±rÐÛ»ð_î [ 683.244822][T12063] ˜b‚瀫ñ§Ö]êk;.Ä Œ±OŽ¿²ˆ:‚.£’t‹‰U§æM: Trying to join cluster "lock_nolock", "Ô±rÐÛ»ð_î [ 683.244822][T12063] ˜b‚瀫ñ§Ö]êk;.Ä Œ±OŽ¿²ˆ:‚.£’t‹‰U§æM" [ 683.266462][T12063] gfs2: fsid=Ô±rÐÛ»ð_î [ 683.266462][T12063] ˜b‚瀫ñ§Ö]êk;.Ä Œ±OŽ¿²ˆ:‚.£’t‹‰U§æM: unknown hostdata (\) [ 683.348746][T11892] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 684.227700][T12071] fido_id[12071]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 684.512033][T12081] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2488'. [ 685.183381][T11892] 8021q: adding VLAN 0 to HW filter on device bond0 [ 685.365226][T12089] ip6gre1: entered promiscuous mode [ 685.378903][T12089] ip6gre1: entered allmulticast mode [ 685.694688][T11892] 8021q: adding VLAN 0 to HW filter on device team0 [ 685.844425][ T5887] bridge0: port 1(bridge_slave_0) entered blocking state [ 685.852003][ T5887] bridge0: port 1(bridge_slave_0) entered forwarding state [ 686.099020][ T5887] bridge0: port 2(bridge_slave_1) entered blocking state [ 686.106562][ T5887] bridge0: port 2(bridge_slave_1) entered forwarding state [ 686.355977][T12104] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.368513][T12104] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1) [ 686.660518][T12106] usb usb7: usbfs: interface 0 claimed by hub while 'syz.0.2499' resets device [ 687.705413][T12124] netlink: 'syz.5.2505': attribute type 4 has an invalid length. [ 688.058851][T12117] loop0: detected capacity change from 0 to 4096 [ 688.211179][ T5838] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 688.462226][ T5838] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 688.473892][ T5838] usb 4-1: config 0 has no interface number 0 [ 688.519391][ T5838] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 688.531104][ T5838] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 688.541418][ T5838] usb 4-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 688.553058][ T5838] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 688.681206][ T5838] usb 4-1: config 0 descriptor?? [ 688.935673][T11892] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 689.322995][ T5838] uclogic 0003:5543:0522.0021: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.3-1/input1 [ 689.448556][ T5838] usb 4-1: USB disconnect, device number 16 [ 690.214905][T12149] fido_id[12149]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 690.310778][T12158] netlink: 'syz.6.2515': attribute type 7 has an invalid length. [ 690.318868][T12158] netlink: 'syz.6.2515': attribute type 8 has an invalid length. [ 691.319515][T10258] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 691.530971][T12175] netlink: 'syz.5.2521': attribute type 1 has an invalid length. [ 691.543723][T10258] usb 7-1: config index 0 descriptor too short (expected 23569, got 27) [ 691.569882][T10258] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 691.630022][T10258] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 691.639676][T10258] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 691.647854][T10258] usb 7-1: Manufacturer: syz [ 691.730513][T10258] usb 7-1: config 0 descriptor?? [ 692.158962][T11892] veth0_vlan: entered promiscuous mode [ 692.258411][T10258] rc_core: IR keymap rc-hauppauge not found [ 692.265674][T10258] Registered IR keymap rc-empty [ 692.287403][T12180] loop3: detected capacity change from 0 to 1024 [ 692.319433][T10258] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0 [ 692.344718][T11892] veth1_vlan: entered promiscuous mode [ 692.401935][T10258] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input15 [ 692.410110][T12180] EXT4-fs: Ignoring removed bh option [ 692.606709][T12180] EXT4-fs: Mount option(s) incompatible with ext3 [ 692.615695][ C0] igorplugusb 7-1:0.0: receive overflow, at least 21 lost [ 692.857022][T10258] usb 7-1: USB disconnect, device number 7 [ 693.177621][T12186] loop0: detected capacity change from 0 to 32768 [ 693.188648][T12186] XFS (loop0): sunit and swidth must be specified together [ 693.995667][T11892] veth0_macvtap: entered promiscuous mode [ 694.133129][T11892] veth1_macvtap: entered promiscuous mode [ 694.338854][T12196] netlink: 332 bytes leftover after parsing attributes in process `syz.0.2528'. [ 694.657926][T11892] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 694.787790][T11892] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 694.979394][ T35] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 695.014173][T12208] syz.0.2533: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 695.030275][T12208] CPU: 0 UID: 0 PID: 12208 Comm: syz.0.2533 Tainted: G L syzkaller #0 PREEMPT(voluntary) [ 695.030451][T12208] Tainted: [L]=SOFTLOCKUP [ 695.030502][T12208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 695.030603][T12208] Call Trace: [ 695.030654][T12208] [ 695.030701][T12208] __dump_stack+0x26/0x30 [ 695.030867][T12208] dump_stack_lvl+0x14c/0x1c0 [ 695.031025][T12208] dump_stack+0x1e/0x25 [ 695.031167][T12208] warn_alloc+0x46f/0x6a0 [ 695.031349][T12208] ? kmsan_get_metadata+0xf1/0x160 [ 695.031554][T12208] __vmalloc_node_range_noprof+0x142/0x2d80 [ 695.031734][T12208] ? should_fail_ex+0x45/0x8c0 [ 695.031869][T12208] ? stack_depot_save_flags+0x35/0x790 [ 695.032008][T12208] ? kmsan_get_metadata+0xf1/0x160 [ 695.032192][T12208] ? kmsan_get_metadata+0xf1/0x160 [ 695.032369][T12208] ? kmsan_get_metadata+0xf1/0x160 [ 695.032555][T12208] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 695.032754][T12208] ? __kmalloc_cache_noprof+0x977/0x1710 [ 695.032893][T12208] ? kmsan_get_metadata+0xf1/0x160 [ 695.033085][T12208] vmalloc_user_noprof+0xce/0x140 [ 695.033233][T12208] ? xskq_create+0x11d/0x290 [ 695.033407][T12208] xskq_create+0x11d/0x290 [ 695.033588][T12208] xsk_init_queue+0xff/0x1d0 [ 695.033752][T12208] xsk_setsockopt+0x7f6/0xfe0 [ 695.033925][T12208] ? __pfx_xsk_setsockopt+0x10/0x10 [ 695.034080][T12208] __sys_setsockopt+0x43e/0x580 [ 695.034282][T12208] __x64_sys_setsockopt+0xf4/0x1a0 [ 695.034480][T12208] x64_sys_call+0x28e3/0x3e70 [ 695.034649][T12208] do_syscall_64+0xc9/0xf80 [ 695.034801][T12208] ? clear_bhb_loop+0x40/0x90 [ 695.034942][T12208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.035089][T12208] RIP: 0033:0x7f422839aeb9 [ 695.035197][T12208] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 695.035315][T12208] RSP: 002b:00007f42265f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 695.035439][T12208] RAX: ffffffffffffffda RBX: 00007f4228615fa0 RCX: 00007f422839aeb9 [ 695.035542][T12208] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003 [ 695.035626][T12208] RBP: 00007f4228408c1f R08: 0000000000000004 R09: 0000000000000000 [ 695.035711][T12208] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 695.035794][T12208] R13: 00007f4228616038 R14: 00007f4228615fa0 R15: 00007ffc535ad228 [ 695.035922][T12208] [ 695.035972][T12208] Mem-Info: [ 695.296608][T12208] active_anon:8748 inactive_anon:0 isolated_anon:0 [ 695.296608][T12208] active_file:12823 inactive_file:40552 isolated_file:0 [ 695.296608][T12208] unevictable:768 dirty:259 writeback:0 [ 695.296608][T12208] slab_reclaimable:5457 slab_unreclaimable:22520 [ 695.296608][T12208] mapped:30546 shmem:2011 pagetables:2068 [ 695.296608][T12208] sec_pagetables:0 bounce:0 [ 695.296608][T12208] kernel_misc_reclaimable:0 [ 695.296608][T12208] free:347094 free_pcp:18293 free_cma:0 [ 695.346469][T12208] Node 0 active_anon:34992kB inactive_anon:0kB active_file:51292kB inactive_file:162008kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:122184kB dirty:1036kB writeback:0kB shmem:6508kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5648kB pagetables:7908kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 695.380161][T12208] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:16kB pagetables:364kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 695.414441][T12208] Node 0 DMA free:4064kB boost:0kB min:164kB low:204kB high:244kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB [ 695.439810][ T35] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 695.446938][T12208] lowmem_reserve[]: 0 928 1241 1241 1241 [ 695.459855][T12208] Node 0 DMA32 free:470388kB boost:0kB min:36872kB low:46088kB high:55304kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12236kB inactive_anon:0kB active_file:46796kB inactive_file:75948kB unevictable:0kB writepending:388kB zspages:0kB present:3129332kB managed:951148kB mlocked:0kB bounce:0kB free_pcp:53784kB local_pcp:22336kB free_cma:0kB [ 695.493350][T12208] lowmem_reserve[]: 0 0 312 312 312 [ 695.499023][T12208] Node 0 Normal free:16164kB boost:0kB min:13004kB low:16252kB high:19500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:22756kB inactive_anon:0kB active_file:4496kB inactive_file:86060kB unevictable:1536kB writepending:676kB zspages:0kB present:1048580kB managed:320476kB mlocked:0kB bounce:0kB free_pcp:14968kB local_pcp:8080kB free_cma:0kB [ 695.523793][ T13] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 695.537542][T12208] lowmem_reserve[]: 0 0 0 0 0 [ 695.547738][T12208] Node 1 Normal free:901544kB boost:0kB min:40064kB low:50080kB high:60096kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:987120kB mlocked:0kB bounce:0kB free_pcp:536kB local_pcp:0kB free_cma:0kB [ 695.580223][T12208] lowmem_reserve[]: 0 0 0 0 0 [ 695.585389][T12208] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 1*1024kB (U) 1*2048kB (U) 0*4096kB = 4064kB [ 695.602408][T12208] Node 0 DMA32: 760*4kB (UME) 544*8kB (UME) 253*16kB (UME) 130*32kB (UM) 118*64kB (UME) 102*128kB (UM) 74*256kB (U) 41*512kB (UM) 19*1024kB (UM) 9*2048kB (UE) 87*4096kB (UM) = 470384kB [ 695.626641][T12208] Node 0 Normal: 265*4kB (UME) 148*8kB (UME) 54*16kB (UME) 12*32kB (ME) 24*64kB (UM) 11*128kB (UME) 6*256kB (UME) 4*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 16164kB [ 695.646955][T12208] Node 1 Normal: 2*4kB (E) 14*8kB (UME) 15*16kB (UE) 20*32kB (UME) 17*64kB (UME) 11*128kB (UME) 8*256kB (UME) 8*512kB (UE) 1*1024kB (M) 7*2048kB (UME) 214*4096kB (M) = 901544kB [ 695.666308][T12208] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 695.676179][T12208] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 695.686259][T12208] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 695.698002][T12208] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 695.707609][T12208] 55336 total pagecache pages [ 695.712675][T12208] 0 pages in swap cache [ 695.720804][T12208] Free swap = 124996kB [ 695.725096][T12208] Total swap = 124996kB [ 695.730772][T12208] 2097051 pages RAM [ 695.734701][T12208] 0 pages HighMem/MovableOnly [ 695.739599][T12208] 1531341 pages reserved [ 695.743950][T12208] 0 pages cma reserved [ 695.764955][ T13] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 695.795532][T12210] loop6: detected capacity change from 0 to 1024 [ 696.561738][T12219] hsr0: entered promiscuous mode [ 696.567238][T12219] macsec2: entered promiscuous mode [ 697.219284][T10258] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 697.480315][T10258] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30 [ 697.514880][T10258] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 697.526325][T10258] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 697.536425][T10258] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196 [ 697.549926][T10258] usb 7-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.05 [ 697.563001][T10258] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 697.835618][T10258] usb 7-1: config 0 descriptor?? [ 698.329400][T10258] holtek_kbd 0003:04D9:A055.0022: unknown main item tag 0x0 [ 698.336991][T10258] holtek_kbd 0003:04D9:A055.0022: unknown main item tag 0x0 [ 698.345198][T10258] holtek_kbd 0003:04D9:A055.0022: unknown main item tag 0x0 [ 698.352959][T10258] holtek_kbd 0003:04D9:A055.0022: unknown main item tag 0x0 [ 698.361019][T10258] holtek_kbd 0003:04D9:A055.0022: unknown main item tag 0x0 [ 698.368554][T10258] holtek_kbd 0003:04D9:A055.0022: unknown main item tag 0x0 [ 698.376256][T10258] holtek_kbd 0003:04D9:A055.0022: unknown main item tag 0x0 [ 698.651707][T10258] holtek_kbd 0003:04D9:A055.0022: hidraw0: USB HID v10.00 Device [HID 04d9:a055] on usb-dummy_hcd.6-1/input0 [ 698.793702][T10258] usb 7-1: USB disconnect, device number 8 [ 699.551387][T12256] fido_id[12256]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 700.853808][T12275] loop0: detected capacity change from 0 to 4096 [ 700.933625][T12275] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 701.172975][T12291] loop3: detected capacity change from 0 to 64 [ 703.518052][ T55] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 703.526194][ T55] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 703.893182][ T5893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 703.901467][ T5893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 703.983141][T12329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2570'. [ 704.761609][T12344] loop6: detected capacity change from 0 to 64 [ 706.090360][T12368] netlink: 260 bytes leftover after parsing attributes in process `syz.8.2584'. [ 706.143552][T12368] netlink: 'syz.8.2584': attribute type 10 has an invalid length. [ 708.394008][T12392] loop3: detected capacity change from 0 to 4096 [ 708.466692][T12392] EXT4-fs: Ignoring removed bh option [ 708.657622][T12392] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 708.700295][T12402] netlink: 'syz.5.2598': attribute type 1 has an invalid length. [ 708.906379][T12392] EXT4-fs error (device loop3): ext4_get_first_dir_block:3547: inode #12: block 80: comm syz.3.2594: bad entry in directory: directory entry overrun - offset=12, inode=6, rec_len=4096, size=4096 fake=0 [ 709.037916][T12392] EXT4-fs (loop3): Remounting filesystem read-only [ 709.200628][T12412] random: crng reseeded on system resumption [ 709.367110][T12415] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2603'. [ 709.376380][T12415] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2603'. [ 709.462814][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 710.098031][T12427] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 710.177916][T12425] loop5: detected capacity change from 0 to 512 [ 710.248386][T12425] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.2608: inode has both inline data and extents flags [ 710.373517][T12425] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.2608: couldn't read orphan inode 15 (err -117) [ 710.531244][T12425] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 710.756290][ T30] audit: type=1326 audit(1769695206.990:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12432 comm="syz.3.2611" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f995d39aeb9 code=0x0 [ 710.920975][T12435] loop6: detected capacity change from 0 to 2048 [ 711.125037][T12441] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 711.277797][ T6625] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 711.320342][T12435] NILFS error (device loop6): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=0, inode=2, rec_len=1040, name_len=1 [ 711.370068][T12435] Remounting filesystem read-only [ 711.712157][T12449] loop0: detected capacity change from 0 to 256 [ 711.763851][T12449] exfat: Deprecated parameter 'namecase' [ 711.830446][T12449] exfat: Deprecated parameter 'utf8' [ 712.164391][T12449] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 712.607383][T12460] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2620'. [ 712.849712][ T797] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 713.078067][ T797] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 713.089493][ T797] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 713.099675][ T797] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 713.112968][ T797] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 713.122298][ T797] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 713.384064][ T797] usb 9-1: config 0 descriptor?? [ 713.711760][T12473] loop6: detected capacity change from 0 to 256 [ 713.860554][T12477] usb usb8: usbfs: process 12477 (syz.3.2626) did not claim interface 0 before use [ 713.902273][ T797] plantronics 0003:047F:FFFF.0023: unbalanced collection at end of report description [ 713.976123][ T797] plantronics 0003:047F:FFFF.0023: parse failed [ 713.983222][ T797] plantronics 0003:047F:FFFF.0023: probe with driver plantronics failed with error -22 [ 714.166293][ T797] usb 9-1: USB disconnect, device number 2 [ 714.922303][T12490] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2630'. [ 715.014951][T12486] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2630'. [ 716.017499][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 716.025009][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 716.109717][T12505] bond_slave_0: entered promiscuous mode [ 716.115644][T12505] bond_slave_1: entered promiscuous mode [ 716.245153][T12505] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 716.379796][T12505] bond_slave_0: left promiscuous mode [ 716.385418][T12505] bond_slave_1: left promiscuous mode [ 717.387133][T12522] loop5: detected capacity change from 0 to 2048 [ 717.637207][T12522] UDF-fs: error (device loop5): udf_fiiter_advance_blk: extent after position 0 not allocated in directory (ino 1376) [ 717.850484][T12534] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2651'. [ 717.950294][ T797] usb 4-1: new full-speed USB device number 17 using dummy_hcd [ 718.159729][T12536] usb usb9: usbfs: process 12536 (syz.5.2652) did not claim interface 0 before use [ 718.193662][ T797] usb 4-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00 [ 718.203148][ T797] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 718.258910][ T797] usb 4-1: config 0 descriptor?? [ 718.747140][ T797] kye 0003:0458:0138.0024: item fetching failed at offset 6/7 [ 718.779464][ T5841] usb 7-1: new full-speed USB device number 9 using dummy_hcd [ 718.813932][ T797] kye 0003:0458:0138.0024: parse failed [ 718.820319][ T797] kye 0003:0458:0138.0024: probe with driver kye failed with error -22 [ 718.967564][T10694] usb 4-1: USB disconnect, device number 17 [ 718.981882][ T5841] usb 7-1: config 8 has an invalid interface number: 223 but max is 0 [ 718.993416][ T5841] usb 7-1: config 8 contains an unexpected descriptor of type 0x2, skipping [ 719.002448][ T5841] usb 7-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 719.012773][ T5841] usb 7-1: config 8 has no interface number 0 [ 719.117429][ T5841] usb 7-1: config 8 interface 223 altsetting 0 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 719.128802][ T5841] usb 7-1: config 8 interface 223 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 719.233261][ T5841] usb 7-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d [ 719.242862][ T5841] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 719.251452][ T5841] usb 7-1: Product: syz [ 719.255775][ T5841] usb 7-1: Manufacturer: syz [ 719.260666][ T5841] usb 7-1: SerialNumber: syz [ 719.597880][ T5841] usb 7-1: USB disconnect, device number 9 [ 720.361202][T12554] loop3: detected capacity change from 0 to 4096 [ 721.398853][T12576] loop6: detected capacity change from 0 to 256 [ 721.911853][T12576] FAT-fs (loop6): Directory bread(block 64) failed [ 721.918582][T12576] FAT-fs (loop6): Directory bread(block 65) failed [ 721.988311][T12576] FAT-fs (loop6): Directory bread(block 66) failed [ 722.039579][T12576] FAT-fs (loop6): Directory bread(block 67) failed [ 722.046712][T12576] FAT-fs (loop6): Directory bread(block 68) failed [ 722.070788][T12582] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0) [ 722.102310][T12576] FAT-fs (loop6): Directory bread(block 69) failed [ 722.133923][T12576] FAT-fs (loop6): Directory bread(block 70) failed [ 722.203920][T12576] FAT-fs (loop6): Directory bread(block 71) failed [ 722.246212][T12576] FAT-fs (loop6): Directory bread(block 72) failed [ 722.286928][T12576] FAT-fs (loop6): Directory bread(block 73) failed [ 722.625818][T12593] loop5: detected capacity change from 0 to 64 [ 724.793573][T12618] loop5: detected capacity change from 0 to 1764 [ 725.071219][T10258] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 725.225811][T12625] loop8: detected capacity change from 0 to 512 [ 725.279570][T10258] usb 4-1: Using ep0 maxpacket: 32 [ 725.335631][T10258] usb 4-1: config 0 has an invalid interface number: 188 but max is 0 [ 725.344975][T10258] usb 4-1: config 0 has no interface number 0 [ 725.439519][T10258] usb 4-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 725.491058][T12625] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 725.552750][T10258] usb 4-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 725.562325][T10258] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 725.570697][T10258] usb 4-1: Product: syz [ 725.575019][T10258] usb 4-1: Manufacturer: syz [ 725.579932][T10258] usb 4-1: SerialNumber: syz [ 725.610010][T12625] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 725.653906][T10258] usb 4-1: config 0 descriptor?? [ 725.690532][T12622] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 726.005936][T12622] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 726.138504][T11892] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 726.234182][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 726.260210][T12639] CUSE: unknown device info "`" [ 726.265445][T12639] CUSE: unknown device info "" [ 726.270693][T12639] CUSE: unknown device info "€" [ 726.275781][T12639] CUSE: zero length info key specified [ 726.536711][T10258] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 726.631079][T10258] asix 4-1:0.188: probe with driver asix failed with error -71 [ 726.791630][T10258] usb 4-1: USB disconnect, device number 18 [ 727.907201][T12664] loop6: detected capacity change from 0 to 512 [ 727.985401][T12662] loop5: detected capacity change from 0 to 2048 [ 728.023678][T12662] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 728.216261][T12664] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 728.266763][T12671] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 728.307808][T12664] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2 [ 728.358514][T12664] EXT4-fs (loop6): 1 truncate cleaned up [ 728.415030][T12664] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 728.427998][ T30] audit: type=1800 audit(1769695224.650:41): pid=12662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2702" name="file1" dev="loop5" ino=15 res=0 errno=0 [ 728.598093][T12664] EXT4-fs: user quota file already specified [ 728.803318][T12675] loop3: detected capacity change from 0 to 2048 [ 729.023972][ T9575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 729.045172][T12675] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 730.712740][T12697] loop6: detected capacity change from 0 to 2048 [ 730.933213][T12697] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found [ 730.950766][T12697] UDF-fs: Scanning with blocksize 512 failed [ 731.170470][T12697] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 732.459473][T10694] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 732.701340][T10694] usb 7-1: Using ep0 maxpacket: 8 [ 732.787268][T10694] usb 7-1: New USB device found, idVendor=09da, idProduct=001a, bcdDevice= 0.00 [ 732.799622][T10694] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 732.856631][T10694] usb 7-1: config 0 descriptor?? [ 733.355013][T10694] a4tech 0003:09DA:001A.0025: collection stack underflow [ 733.362573][T10694] a4tech 0003:09DA:001A.0025: item 0 2 0 12 parsing failed [ 733.422972][T10694] a4tech 0003:09DA:001A.0025: parse failed [ 733.430057][T10694] a4tech 0003:09DA:001A.0025: probe with driver a4tech failed with error -22 [ 733.574826][ T5442] usb 7-1: USB disconnect, device number 10 [ 733.840555][T12743] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2732'. [ 734.958293][T12760] loop0: detected capacity change from 0 to 64 [ 735.669744][ T5442] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 736.009765][ T5442] usb 4-1: Using ep0 maxpacket: 32 [ 736.118263][T12767] loop5: detected capacity change from 0 to 32768 [ 736.169490][ T5442] usb 4-1: config 4 has an invalid interface number: 128 but max is 0 [ 736.177862][ T5442] usb 4-1: config 4 has no interface number 0 [ 736.197941][ T5442] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 736.210063][ T5442] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 736.228159][ T5442] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 736.237555][ T5442] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 736.322389][T12767] XFS (loop5): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 736.567010][ T5442] hub 4-1:4.128: USB hub found [ 736.584214][T12767] XFS (loop5): Ending clean mount [ 736.663511][T12786] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2745'. [ 736.730336][ T6625] XFS (loop5): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 736.828448][ T5442] hub 4-1:4.128: 2 ports detected [ 736.859540][ T5442] hub 4-1:4.128: Using single TT (err -22) [ 737.045395][ T5442] hub 4-1:4.128: hub_hub_status failed (err = -71) [ 737.052474][ T5442] hub 4-1:4.128: config failed, can't get hub status (err -71) [ 737.249647][ T5442] usb 4-1: USB disconnect, device number 19 [ 738.052750][T12798] netlink: 92 bytes leftover after parsing attributes in process `syz.5.2752'. [ 738.080249][T12797] dvmrp6: entered allmulticast mode [ 738.087349][T12796] loop0: detected capacity change from 0 to 256 [ 738.327821][T12791] loop6: detected capacity change from 0 to 8192 [ 738.629431][ T5795] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 738.637970][ T5795] Bluetooth: hci5: Injecting HCI hardware error event [ 738.646884][ T5795] Bluetooth: hci5: hardware error 0x00 [ 738.900344][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 738.908122][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 738.916948][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 738.925678][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 738.937134][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 738.946741][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 738.954794][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 738.962603][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 738.970447][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 738.978056][T10694] hid-generic 0000:0000:0004.0026: unknown main item tag 0x0 [ 739.089226][T12791] FAT-fs (loop6): error, corrupted directory (invalid entries) [ 739.097154][T12791] FAT-fs (loop6): Filesystem has been set read-only [ 739.222296][T12809] loop0: detected capacity change from 0 to 256 [ 739.232397][T12810] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 739.245578][T10694] hid-generic 0000:0000:0004.0026: hidraw0: HID v0.03 Device [syz1] on syz1 [ 739.281453][T12809] exfat: Deprecated parameter 'utf8' [ 739.286951][T12809] exfat: Deprecated parameter 'utf8' [ 739.484122][T12809] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d) [ 739.537994][T12812] loop8: detected capacity change from 0 to 64 [ 739.639673][T12812] BFS-fs: bfs_fill_super(): loop8 is unclean, continuing [ 740.789365][ T5795] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 740.895980][T12819] fido_id[12819]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 740.903529][T12826] loop5: detected capacity change from 0 to 128 [ 741.036045][T12830] loop6: detected capacity change from 0 to 256 [ 741.423898][T12835] loop3: detected capacity change from 0 to 128 [ 743.065934][T12842] loop5: detected capacity change from 0 to 32768 [ 743.156511][T12842] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 743.166797][T12842] gfs2: fsid=syz:syz: Now mounting FS (format 1802)... [ 743.242102][T12842] gfs2: fsid=syz:syz.s: fatal: invalid metadata block - bh = 2073 (bad magic number), function = gfs2_meta_buffer, file = fs/gfs2/meta_io.c, line = 496 [ 743.260576][T12842] CPU: 0 UID: 0 PID: 12842 Comm: syz.5.2770 Tainted: G L syzkaller #0 PREEMPT(voluntary) [ 743.260743][T12842] Tainted: [L]=SOFTLOCKUP [ 743.260792][T12842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 743.260879][T12842] Call Trace: [ 743.260926][T12842] [ 743.260973][T12842] __dump_stack+0x26/0x30 [ 743.261131][T12842] dump_stack_lvl+0x14c/0x1c0 [ 743.261291][T12842] dump_stack+0x1e/0x25 [ 743.261431][T12842] gfs2_withdraw+0xd5/0x270 [ 743.261580][T12842] gfs2_meta_check_ii+0xd7/0x100 [ 743.261723][T12842] gfs2_meta_buffer+0x39a/0x590 [ 743.261922][T12842] inode_go_instantiate+0xd9/0x1ea0 [ 743.262055][T12842] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 743.262253][T12842] ? kmsan_get_metadata+0xf1/0x160 [ 743.262437][T12842] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 743.262621][T12842] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 743.262814][T12842] ? __pfx_inode_go_instantiate+0x10/0x10 [ 743.262953][T12842] gfs2_instantiate+0x24f/0x4b0 [ 743.263107][T12842] gfs2_glock_wait+0x26a/0x3b0 [ 743.263266][T12842] gfs2_glock_nq+0x152f/0x2c80 [ 743.263408][T12842] ? kmsan_get_metadata+0xf1/0x160 [ 743.263594][T12842] ? kmsan_get_metadata+0xf1/0x160 [ 743.263809][T12842] gfs2_lookupi+0x57d/0x980 [ 743.263956][T12842] ? gfs2_lookup_meta+0x101/0x280 [ 743.264125][T12842] gfs2_lookup_meta+0x101/0x280 [ 743.264280][T12842] init_journal+0x1bb/0x38e0 [ 743.264461][T12842] ? kmsan_get_metadata+0xf1/0x160 [ 743.264659][T12842] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 743.264864][T12842] init_inodes+0x124/0x510 [ 743.265005][T12842] gfs2_fill_super+0x38ee/0x3ff0 [ 743.265146][T12842] ? init_locking+0xed/0x500 [ 743.265317][T12842] get_tree_bdev_flags+0x6e6/0x920 [ 743.265484][T12842] ? __pfx_gfs2_fill_super+0x10/0x10 [ 743.265617][T12842] ? __pfx_gfs2_fill_super+0x10/0x10 [ 743.265747][T12842] ? __pfx_gfs2_get_tree+0x10/0x10 [ 743.265882][T12842] get_tree_bdev+0x38/0x50 [ 743.266042][T12842] gfs2_get_tree+0x57/0x350 [ 743.266176][T12842] ? __pfx_gfs2_get_tree+0x10/0x10 [ 743.266313][T12842] vfs_get_tree+0xb3/0x5d0 [ 743.266480][T12842] do_new_mount+0x879/0x1700 [ 743.266641][T12842] ? kmsan_get_metadata+0xf1/0x160 [ 743.266856][T12842] path_mount+0x7a2/0x20b0 [ 743.267020][T12842] ? user_path_at+0x241/0x3e0 [ 743.267172][T12842] __se_sys_mount+0x704/0x7f0 [ 743.267331][T12842] ? kmsan_get_metadata+0xf1/0x160 [ 743.267544][T12842] __x64_sys_mount+0xe4/0x150 [ 743.267724][T12842] x64_sys_call+0x38cb/0x3e70 [ 743.267905][T12842] do_syscall_64+0xc9/0xf80 [ 743.268062][T12842] ? clear_bhb_loop+0x40/0x90 [ 743.268204][T12842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.268346][T12842] RIP: 0033:0x7f044579c14a [ 743.268446][T12842] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 743.268560][T12842] RSP: 002b:00007f0446627e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 743.268688][T12842] RAX: ffffffffffffffda RBX: 00007f0446627ee0 RCX: 00007f044579c14a [ 743.268783][T12842] RDX: 0000200000000400 RSI: 0000200000000000 RDI: 00007f0446627ea0 [ 743.268884][T12842] RBP: 0000200000000400 R08: 00007f0446627ee0 R09: 0000000000200001 [ 743.268977][T12842] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000000000 [ 743.269067][T12842] R13: 00007f0446627ea0 R14: 00000000000125d5 R15: 0000200000000040 [ 743.269188][T12842] [ 743.608226][T12842] gfs2: fsid=syz:syz.s: can't lookup journal index: 0 [ 743.637089][T12850] loop0: detected capacity change from 0 to 4096 [ 744.405841][T12850] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 746.205935][T12882] netlink: 'syz.6.2789': attribute type 11 has an invalid length. [ 746.214225][T12882] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2789'. [ 746.930731][T12893] bond0: option miimon: invalid value (18446744072210219011) [ 746.938367][T12893] bond0: option miimon: allowed values 0 - 2147483647 [ 747.100913][T12895] loop3: detected capacity change from 0 to 512 [ 747.139910][T12897] loop8: detected capacity change from 0 to 256 [ 747.213885][T12897] exFAT-fs (loop8): failed to load upcase table (idx : 0x00011f1c, chksum : 0x850fc7e5, utbl_chksum : 0xe619d30d) [ 747.226971][T12895] EXT4-fs (loop3): orphan cleanup on readonly fs [ 747.239711][T12895] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 747.259046][T12895] EXT4-fs error (device loop3): ext4_get_branch:178: inode #13: block 1024: comm syz.3.2794: invalid block [ 747.424476][T12895] EXT4-fs (loop3): Remounting filesystem read-only [ 747.480790][T12895] EXT4-fs (loop3): 1 truncate cleaned up [ 747.488488][T12895] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 747.646358][T12905] loop0: detected capacity change from 0 to 16 [ 747.688750][T12905] erofs (device loop0): mounted with root inode @ nid 36. [ 748.011634][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 748.540583][T12913] loop3: detected capacity change from 0 to 512 [ 748.708955][T12915] loop0: detected capacity change from 0 to 2048 [ 748.752218][T12913] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 748.933738][T12922] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 749.032189][T12915] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #12: rec_len is smaller than minimal - offset=1024, inode=0, rec_len=0, name_len=0 [ 749.159671][T12915] Remounting filesystem read-only [ 749.285471][ T5841] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 749.320273][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 749.493647][ T5841] usb 9-1: Using ep0 maxpacket: 32 [ 749.543542][ T5781] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 749.545835][ T5841] usb 9-1: config index 0 descriptor too short (expected 35577, got 27) [ 749.561322][ T5841] usb 9-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 749.570296][ T5841] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 749.583354][ T5841] usb 9-1: config 1 has no interface number 0 [ 749.716092][ T5841] usb 9-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 749.727586][ T5841] usb 9-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 749.740866][ T5841] usb 9-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 749.750214][ T5841] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 749.834435][T12927] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2806'. [ 749.961141][ T5841] snd_usb_pod 9-1:1.1: Line 6 Pocket POD found [ 750.135020][ T5841] snd_usb_pod 9-1:1.1: Line 6 Pocket POD now attached [ 750.656110][ T5841] usb 9-1: USB disconnect, device number 3 [ 750.681291][ T5841] snd_usb_pod 9-1:1.1: Line 6 Pocket POD now disconnected [ 751.789856][T12947] loop8: detected capacity change from 0 to 128 [ 751.975681][ T30] audit: type=1800 audit(1769695248.210:42): pid=12947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2814" name="file2" dev="loop8" ino=1048847 res=0 errno=0 [ 752.092022][T12950] FAT-fs (loop8): error, corrupted directory (invalid i_start) [ 752.099949][T12950] FAT-fs (loop8): Filesystem has been set read-only [ 753.077336][T12966] loop5: detected capacity change from 0 to 512 [ 753.221456][T12966] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.2822: invalid block [ 753.309609][T12966] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.2822: invalid indirect mapped block 4294967295 (level 1) [ 753.424521][T12966] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.2822: invalid indirect mapped block 4294967295 (level 1) [ 753.527426][T12966] EXT4-fs (loop5): 2 truncates cleaned up [ 753.597738][T12966] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 753.839819][ T5841] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 754.008841][ T5841] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 754.013942][ T6625] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 754.019164][ T5841] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 754.175979][ T5841] usb 4-1: config 0 descriptor?? [ 754.219032][T12981] macvlan0: entered promiscuous mode [ 754.268124][ T5841] cp210x 4-1:0.0: cp210x converter detected [ 754.294962][T12981] dummy0: entered promiscuous mode [ 754.340520][T12981] hsr1: entered promiscuous mode [ 754.345783][T12981] hsr1: entered allmulticast mode [ 754.351355][T12981] macvlan0: entered allmulticast mode [ 754.356880][T12981] veth1_vlan: entered allmulticast mode [ 754.418577][T12981] dummy0: entered allmulticast mode [ 754.676402][ T5841] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 754.782606][ T5841] usb 4-1: cp210x converter now attached to ttyUSB0 [ 754.950191][T10694] usb 4-1: USB disconnect, device number 20 [ 755.023137][T10694] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 755.083702][ T5915] IPVS: starting estimator thread 0... [ 755.140817][T10694] cp210x 4-1:0.0: device disconnected [ 755.180465][T12992] IPVS: using max 240 ests per chain, 12000 per kthread [ 756.788762][T13016] loop6: detected capacity change from 0 to 512 [ 756.868499][T13016] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 756.970375][T13016] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2844: bg 0: block 384: padding at end of block bitmap is not set [ 757.028758][T13016] EXT4-fs (loop6): Remounting filesystem read-only [ 757.080088][T13016] EXT4-fs (loop6): 1 truncate cleaned up [ 757.087800][T13016] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 757.197341][T13016] EXT4-fs (loop6): shut down requested (2) [ 757.540952][ T9575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 758.121461][T13031] loop5: detected capacity change from 0 to 64 [ 758.439661][T13035] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2851'. [ 759.254411][T13047] loop3: detected capacity change from 0 to 64 [ 759.438378][T13047] hfs: request for non-existent node 1280 in B*Tree [ 759.445483][T13047] hfs: request for non-existent node 1280 in B*Tree [ 759.536461][T13053] loop8: detected capacity change from 0 to 128 [ 759.881751][ T55] hfs: request for non-existent node 1280 in B*Tree [ 759.888509][ T55] hfs: request for non-existent node 1280 in B*Tree [ 760.517666][T13062] erspan0: entered promiscuous mode [ 762.315543][T13092] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2876'. [ 762.350164][T13092] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2876'. [ 762.488228][T13090] loop3: detected capacity change from 0 to 2048 [ 762.637010][T13090] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 763.563616][T13107] loop5: detected capacity change from 0 to 128 [ 763.573395][T13107] EXT4-fs: Ignoring removed nobh option [ 763.771979][T13107] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 763.868084][T13107] ext4 filesystem being mounted at /547/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 764.552934][ T6625] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 766.199003][T13139] loop3: detected capacity change from 0 to 64 [ 766.551440][T11144] Bluetooth: hci4: command 0x0406 tx timeout [ 766.872110][T13147] loop6: detected capacity change from 0 to 512 [ 766.975318][T13147] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 766.993920][T13147] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it [ 767.007063][T13147] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.2900: Corrupt directory, running e2fsck is recommended [ 767.111333][T13147] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2 [ 767.119746][T13147] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.2900: corrupted in-inode xattr: invalid ea_ino [ 767.162857][T13147] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.2900: couldn't read orphan inode 15 (err -117) [ 767.178030][T13147] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 767.251018][T13147] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 767.266165][T13147] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it [ 767.276671][T13147] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.2900: Corrupt directory, running e2fsck is recommended [ 767.375393][T13147] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 767.387182][T13147] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it [ 767.400943][T13152] overlayfs: missing 'workdir' [ 767.407633][T13147] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.2900: Corrupt directory, running e2fsck is recommended [ 767.422661][T13147] EXT4-fs error (device loop6): ext4_find_dest_de:2050: inode #2: block 3: comm syz.6.2900: bad entry in directory: directory entry overrun - offset=0, inode=4294967295, rec_len=65552, size=1024 fake=0 [ 767.532861][ T9575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 767.869827][ T5841] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 768.091158][ T5841] usb 6-1: Using ep0 maxpacket: 32 [ 768.154912][ T5841] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 768.164350][ T5841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 768.257993][ T5841] usb 6-1: config 0 descriptor?? [ 768.386774][T13165] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 768.538804][ T5841] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 768.587797][ T5841] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 768.621895][ T5841] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 768.679038][ T5841] usb 6-1: media controller created [ 768.897466][ T5841] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 769.268239][ T5841] az6027: usb out operation failed. (-71) [ 769.281167][ T5841] az6027: usb out operation failed. (-71) [ 769.287136][ T5841] stb0899_attach: Driver disabled by Kconfig [ 769.293548][ T5841] az6027: no front-end attached [ 769.293548][ T5841] [ 769.383204][ T5841] az6027: usb out operation failed. (-71) [ 769.389510][ T5841] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 769.407139][ T5841] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input17 [ 770.130533][T13179] loop3: detected capacity change from 0 to 32768 [ 770.240193][T13178] loop6: detected capacity change from 0 to 32768 [ 770.254636][ T5841] dvb-usb: schedule remote query interval to 400 msecs. [ 770.261840][ T5841] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 770.287495][ T5841] usb 6-1: USB disconnect, device number 14 [ 770.907912][T13186] loop0: detected capacity change from 0 to 1024 [ 770.918835][ T5841] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 770.960945][T13187] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2915'. [ 771.174180][T13186] VFS: Lookup of 'bus' in hfsplus loop0 would have caused loop [ 771.198638][T13191] xt_hashlimit: size too large, truncated to 1048576 [ 771.413910][T13189] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 773.105129][T13210] loop5: detected capacity change from 0 to 47 [ 773.690367][T13213] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2928'. [ 774.626356][T13229] loop3: detected capacity change from 0 to 512 [ 774.713409][T13229] EXT4-fs: inline encryption not supported [ 774.719892][T13229] EXT4-fs: Ignoring removed i_version option [ 774.860089][T13229] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2934: inode has both inline data and extents flags [ 775.014549][T13229] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2934: couldn't read orphan inode 15 (err -117) [ 775.158523][T13229] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 775.369640][ T5841] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 775.596886][ T5841] usb 6-1: Using ep0 maxpacket: 32 [ 775.636573][ T5841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 775.647963][ T5841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 775.658694][ T5841] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00 [ 775.668000][ T5841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 775.710553][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 775.767411][ T5841] usb 6-1: config 0 descriptor?? [ 776.271943][ T5841] hid_parser_main: 91 callbacks suppressed [ 776.272039][ T5841] ft260 0003:0403:6030.0027: unknown main item tag 0x0 [ 776.286076][ T5841] ft260 0003:0403:6030.0027: unknown main item tag 0x0 [ 776.483691][T13247] loop8: detected capacity change from 0 to 16 [ 776.532002][ T5841] ft260 0003:0403:6030.0027: chip code: 0000 0000 [ 776.776433][ T5841] ft260 0003:0403:6030.0027: failed to retrieve system status [ 776.861565][ T5841] ft260 0003:0403:6030.0027: probe with driver ft260 failed with error -71 [ 776.952339][ T5841] usb 6-1: USB disconnect, device number 15 [ 777.456401][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 777.463273][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 778.300787][T13265] loop3: detected capacity change from 0 to 4096 [ 778.329430][T13265] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 778.392624][T13265] ntfs3(loop3): ino=3, mi_enum_attr [ 778.704321][T13277] loop8: detected capacity change from 0 to 128 [ 778.872099][T13265] ntfs3(loop3): ino=1e, "file1" The size of extended attributes must not exceed 64KiB [ 779.143679][T10694] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 779.412554][T10694] usb 7-1: config 220 has an invalid interface number: 76 but max is 2 [ 779.421254][T10694] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 779.430716][T10694] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 779.441286][T10694] usb 7-1: config 220 has no interface number 2 [ 779.527945][T10694] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 779.542055][T10694] usb 7-1: config 220 interface 0 has no altsetting 0 [ 779.549014][T10694] usb 7-1: config 220 interface 76 has no altsetting 0 [ 779.556354][T10694] usb 7-1: config 220 interface 1 has no altsetting 0 [ 779.769774][T10694] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 779.779792][T10694] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 779.790283][T10694] usb 7-1: Product: syz [ 779.794618][T10694] usb 7-1: Manufacturer: syz [ 779.800428][T10694] usb 7-1: SerialNumber: syz [ 780.163626][T13290] loop5: detected capacity change from 0 to 128 [ 780.185414][T13290] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 780.247964][T10694] uvcvideo 7-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 780.255773][T10694] uvcvideo 7-1:220.0: No valid video chain found. [ 780.281047][T13290] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 780.323445][T10694] usb 7-1: selecting invalid altsetting 0 [ 780.449007][T10694] usb 7-1: selecting invalid altsetting 0 [ 780.455215][T10694] usbtest 7-1:220.1: probe with driver usbtest failed with error -22 [ 780.550904][T10694] usb 7-1: USB disconnect, device number 11 [ 780.751158][ T13] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 780.933216][T13299] loop0: detected capacity change from 0 to 128 [ 781.246236][T13302] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 781.619429][ T30] audit: type=1326 audit(1769695277.840:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13306 comm="syz.6.2968" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7f7899aeb9 code=0x0 [ 782.692516][T13322] loop5: detected capacity change from 0 to 1024 [ 782.723883][T13327] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_vlan, syncid = 2, id = 0 [ 783.650942][ T3452] hfsplus: b-tree write err: -5, ino 4 [ 784.629531][T10694] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 784.864132][T10694] usb 4-1: unable to get BOS descriptor or descriptor too short [ 784.915361][T10694] usb 4-1: config 6 has an invalid interface number: 200 but max is 0 [ 784.924070][T10694] usb 4-1: config 6 has no interface number 0 [ 784.960393][T10694] usb 4-1: config 6 interface 200 altsetting 8 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 784.971853][T10694] usb 4-1: config 6 interface 200 has no altsetting 0 [ 785.032882][T13352] program syz.8.2989 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 785.048605][T10694] usb 4-1: language id specifier not provided by device, defaulting to English [ 785.247929][T10694] usb 4-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f [ 785.257781][T10694] usb 4-1: New USB device strings: Mfr=9, Product=2, SerialNumber=3 [ 786.630354][T13370] loop8: detected capacity change from 0 to 512 [ 786.831625][T13370] EXT4-fs (loop8): 1 truncate cleaned up [ 786.914332][T13370] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 787.183023][ T30] audit: type=1800 audit(1769695283.420:44): pid=13370 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2997" name="file1" dev="loop8" ino=15 res=0 errno=0 [ 787.223228][T13370] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.2997: bg 0: block 465: padding at end of block bitmap is not set [ 787.407708][T10694] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state. [ 787.417407][T13370] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 1 with error 28 [ 787.430253][T13370] EXT4-fs (loop8): This should not happen!! Data will be lost [ 787.430253][T13370] [ 787.440520][T13370] EXT4-fs (loop8): Total free blocks count 0 [ 787.446719][T13370] EXT4-fs (loop8): Free/Dirty block details [ 787.453000][T13370] EXT4-fs (loop8): free_blocks=0 [ 787.458081][T13370] EXT4-fs (loop8): dirty_blocks=2 [ 787.463416][T13370] EXT4-fs (loop8): Block reservation details [ 787.472325][T13370] EXT4-fs (loop8): i_reserved_data_blocks=2 [ 787.529431][T10694] dvb-usb: bulk message failed: -71 (3/0) [ 787.562740][T13380] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 787.582872][T10694] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 787.632232][T10694] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T) [ 787.677301][T10694] usb 4-1: media controller created [ 787.915069][T10694] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 788.012355][ T5841] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 788.216092][ T5841] usb 6-1: Using ep0 maxpacket: 16 [ 788.219427][T10694] dvb-usb: bulk message failed: -71 (6/0) [ 788.235319][T10694] dvb-usb: bulk message failed: -71 (6/0) [ 788.241726][T10694] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T' [ 788.261304][ T5841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 788.273083][ T5841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 788.283101][ T5841] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 788.301535][ T5841] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 788.313650][ T5841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 788.360308][T10694] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input18 [ 788.393699][ T5841] usb 6-1: config 0 descriptor?? [ 788.521337][T10694] dvb-usb: schedule remote query interval to 150 msecs. [ 788.526040][T13395] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3007'. [ 788.528743][T10694] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected. [ 788.669566][T10694] usb 4-1: USB disconnect, device number 21 [ 788.776916][T13397] loop6: detected capacity change from 0 to 128 [ 788.864131][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 788.872529][ T5841] microsoft 0003:045E:07DA.0028: ignoring exceeding usage max [ 788.928191][T13397] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 789.021594][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 789.030258][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 789.037713][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 789.046971][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 789.056230][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 789.065379][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 789.074531][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 789.084118][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 789.093254][ T5841] microsoft 0003:045E:07DA.0028: unknown main item tag 0x0 [ 789.094016][T13397] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 789.296820][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 789.529655][ T5841] microsoft 0003:045E:07DA.0028: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0 [ 789.541510][ T5841] microsoft 0003:045E:07DA.0028: no inputs found [ 789.548002][ T5841] microsoft 0003:045E:07DA.0028: could not initialize ff, continuing anyway [ 789.582678][T10694] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected. [ 789.717341][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 789.756027][ T5841] usb 6-1: USB disconnect, device number 16 [ 790.054317][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.277554][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.384791][T13401] fido_id[13401]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 790.801428][ T13] bridge_slave_1: left allmulticast mode [ 790.807262][ T13] bridge_slave_1: left promiscuous mode [ 790.813972][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 790.860069][ T13] bridge_slave_0: left allmulticast mode [ 790.865918][ T13] bridge_slave_0: left promiscuous mode [ 790.874595][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 791.395711][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 791.433033][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 791.453685][ T13] bond0 (unregistering): Released all slaves [ 791.673023][ T13] IPVS: stopping backup sync thread 10667 ... [ 792.151778][ T13] hsr_slave_0: left promiscuous mode [ 792.189802][ T13] hsr_slave_1: left promiscuous mode [ 792.239559][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 792.247121][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 792.294330][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 792.302646][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 792.414766][T13414] loop3: detected capacity change from 0 to 128 [ 792.434359][T13416] loop6: detected capacity change from 0 to 1024 [ 792.486496][T13414] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 792.497645][ T13] veth1_macvtap: left promiscuous mode [ 792.519650][ T13] veth0_macvtap: left promiscuous mode [ 792.537388][ T13] veth1_vlan: left promiscuous mode [ 792.579262][ T13] veth0_vlan: left promiscuous mode [ 792.643705][T13416] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 793.335668][ T9575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 793.351175][T11144] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 793.363607][T11144] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 793.373572][T11144] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 793.394017][T11144] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 793.411087][T11144] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 794.925303][T13437] loop6: detected capacity change from 0 to 32768 [ 795.185078][T13435] loop8: detected capacity change from 0 to 4096 [ 795.524406][T11144] Bluetooth: hci0: command tx timeout [ 795.849659][ T13] team0 (unregistering): Port device team_slave_1 removed [ 795.980484][ T13] team0 (unregistering): Port device team_slave_0 removed [ 796.720342][T13454] loop3: detected capacity change from 0 to 256 [ 796.757803][T13454] exfat: Deprecated parameter 'namecase' [ 797.042391][T13454] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001013e, chksum : 0x69bb5849, utbl_chksum : 0xe619d30d) [ 797.601064][T11144] Bluetooth: hci0: command tx timeout [ 798.035696][T13462] loop8: detected capacity change from 0 to 128 [ 798.076730][ T13] IPVS: stop unused estimator thread 0... [ 798.232705][ T30] audit: type=1800 audit(1769695294.470:45): pid=13462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3030" name="file1" dev="loop8" ino=1048855 res=0 errno=0 [ 798.257958][T13462] FAT-fs (loop8): error, invalid FAT chain (i_pos 548, last_block 8) [ 798.267416][T13462] FAT-fs (loop8): Filesystem has been set read-only [ 798.325475][T13462] FAT-fs (loop8): error, corrupted file size (i_pos 548, 522) [ 798.421888][ T30] audit: type=1800 audit(1769695294.470:46): pid=13462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3030" name="file1" dev="loop8" ino=1048855 res=0 errno=0 [ 798.532668][T13459] loop6: detected capacity change from 0 to 4096 [ 798.588662][T13459] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 798.698353][T13460] loop5: detected capacity change from 0 to 4096 [ 798.792527][T13460] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 799.406635][T13460] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 799.523645][T13460] ntfs3(loop5): Failed to initialize $Extend/$Reparse. [ 799.674228][T11144] Bluetooth: hci0: command tx timeout [ 799.701811][T13425] chnl_net:caif_netlink_parms(): no params data found [ 800.446261][T13485] loop8: detected capacity change from 0 to 2048 [ 800.598964][T13485] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found [ 800.607186][T13485] UDF-fs: Scanning with blocksize 512 failed [ 800.743846][T13493] IPVS: nq: SCTP 172.20.20.187:0 - no destination available [ 800.812619][T13485] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 800.911659][T13491] loop5: detected capacity change from 0 to 2048 [ 800.959801][T13496] program syz.6.3039 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 800.972306][ T30] audit: type=1800 audit(1769695297.210:47): pid=13485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.3036" name="file1" dev="loop8" ino=818 res=0 errno=0 [ 801.179809][T13499] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 801.768520][T11144] Bluetooth: hci0: command tx timeout [ 801.928249][T13425] bridge0: port 1(bridge_slave_0) entered blocking state [ 801.936059][T13425] bridge0: port 1(bridge_slave_0) entered disabled state [ 801.989937][T13425] bridge_slave_0: entered allmulticast mode [ 802.049867][T13425] bridge_slave_0: entered promiscuous mode [ 802.271267][T13425] bridge0: port 2(bridge_slave_1) entered blocking state [ 802.278738][T13425] bridge0: port 2(bridge_slave_1) entered disabled state [ 802.344612][T13425] bridge_slave_1: entered allmulticast mode [ 802.369697][T13425] bridge_slave_1: entered promiscuous mode [ 802.734308][T13425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 802.847430][T13425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 803.283142][T13425] team0: Port device team_slave_0 added [ 803.318724][T13425] team0: Port device team_slave_1 added [ 803.634269][T13425] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 803.641698][T13425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 803.670023][T13425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 803.854617][T13425] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 803.861930][T13425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 803.888485][T13425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 804.170358][T13532] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 804.180445][T13532] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 804.420503][T13526] loop6: detected capacity change from 0 to 4096 [ 804.662610][T13425] hsr_slave_0: entered promiscuous mode [ 804.712949][T13425] hsr_slave_1: entered promiscuous mode [ 804.857648][T13526] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 805.044693][T13541] netlink: 304 bytes leftover after parsing attributes in process `syz.3.3056'. [ 805.319670][ T9575] ntfs3(loop6): ino=9, ntfs_sync_fs failed, -22. [ 805.557165][T13547] loop5: detected capacity change from 0 to 8192 [ 805.677968][T13547] syz.5.3058: attempt to access beyond end of device [ 805.677968][T13547] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 805.695859][T13547] Buffer I/O error on dev loop5, logical block 57847, async page read [ 805.731015][T13547] syz.5.3058: attempt to access beyond end of device [ 805.731015][T13547] loop5: rw=8388608, sector=57847, nr_sectors = 1 limit=8192 [ 805.745237][T13547] Buffer I/O error on dev loop5, logical block 57847, async page read [ 805.780732][ T30] audit: type=1800 audit(1769695301.990:48): pid=13547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3058" name="file2" dev="loop5" ino=1048856 res=0 errno=0 [ 806.226069][T10694] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 806.465424][T10694] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD4, changing to 0x84 [ 806.478161][T10694] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 51544, setting to 1024 [ 806.489805][T10694] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1024 [ 806.696613][T10694] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 806.706624][T10694] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 806.718420][T10694] usb 7-1: Product: syz [ 806.723417][T10694] usb 7-1: Manufacturer: syz [ 806.728187][T10694] usb 7-1: SerialNumber: syz [ 806.923897][T10694] usb 7-1: config 0 descriptor?? [ 806.967476][T13552] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 807.225028][T13552] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 807.268757][T13566] loop5: detected capacity change from 0 to 512 [ 807.342417][T13566] EXT4-fs: Ignoring removed i_version option [ 807.430202][T13566] EXT4-fs: Ignoring removed oldalloc option [ 807.571815][T13566] EXT4-fs (loop5): Test dummy encryption mode enabled [ 807.580184][T10694] usb 7-1: USB disconnect, device number 12 [ 807.694438][T13566] EXT4-fs (loop5): 1 truncate cleaned up [ 807.783674][T13566] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 807.812755][T13425] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 807.955827][T13425] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 808.032541][ T6037] udevd[6037]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 808.135295][T13425] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 808.278685][ T6625] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 808.301208][T13425] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 809.019709][T13588] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3071'. [ 810.034017][T13425] 8021q: adding VLAN 0 to HW filter on device bond0 [ 810.261649][T13425] 8021q: adding VLAN 0 to HW filter on device team0 [ 810.395695][ T5887] bridge0: port 1(bridge_slave_0) entered blocking state [ 810.403226][ T5887] bridge0: port 1(bridge_slave_0) entered forwarding state [ 810.521749][T13600] loop8: detected capacity change from 0 to 4096 [ 810.543821][ T5887] bridge0: port 2(bridge_slave_1) entered blocking state [ 810.551355][ T5887] bridge0: port 2(bridge_slave_1) entered forwarding state [ 811.005576][T13600] ntfs3(loop8): Mark volume as dirty due to NTFS errors [ 811.411122][T13600] ntfs3(loop8): Failed to load $Extend (-22). [ 811.463111][T13600] ntfs3(loop8): Failed to initialize $Extend. [ 812.499790][T13623] loop5: detected capacity change from 0 to 47 [ 813.326962][T13425] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 813.587945][T13639] loop5: detected capacity change from 0 to 512 [ 813.701922][T13639] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found [ 813.711425][T13639] UDF-fs: Scanning with blocksize 512 failed [ 813.778811][T13639] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found [ 813.788454][T13639] UDF-fs: Scanning with blocksize 1024 failed [ 813.920351][T13639] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found [ 813.928030][T13639] UDF-fs: Scanning with blocksize 2048 failed [ 814.040304][T13639] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 814.201969][T13639] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 814.506763][T13655] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3094'. [ 815.281226][T13666] nbd0: detected capacity change from 0 to 127 [ 815.334491][T11144] block nbd0: Receive control failed (result -32) [ 815.520555][ T6042] block nbd0: Dead connection, failed to find a fallback [ 815.583362][ T6042] block nbd0: shutting down sockets [ 815.588755][ T6042] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.601498][ T6042] Buffer I/O error on dev nbd0, logical block 0, async page read [ 815.633736][ T6042] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.643721][ T6042] Buffer I/O error on dev nbd0, logical block 1, async page read [ 815.652765][ T6042] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.663777][ T6042] Buffer I/O error on dev nbd0, logical block 2, async page read [ 815.675011][ T6042] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.685633][ T6042] Buffer I/O error on dev nbd0, logical block 3, async page read [ 815.714110][ T6042] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.724206][ T6042] Buffer I/O error on dev nbd0, logical block 0, async page read [ 815.738867][ T6042] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.748707][ T6042] Buffer I/O error on dev nbd0, logical block 1, async page read [ 815.757203][ T6042] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.766953][ T6042] Buffer I/O error on dev nbd0, logical block 2, async page read [ 815.775334][ T6042] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.785743][ T6042] Buffer I/O error on dev nbd0, logical block 3, async page read [ 815.844027][ T6042] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.853875][ T6042] Buffer I/O error on dev nbd0, logical block 0, async page read [ 815.907451][ T6042] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 815.917519][ T6042] Buffer I/O error on dev nbd0, logical block 1, async page read [ 815.947297][ T6042] ldm_validate_partition_table(): Disk read failed. [ 815.956717][ T6042] Dev nbd0: unable to read RDB block 0 [ 816.011588][ T6042] nbd0: unable to read partition table [ 816.117301][ T6042] ldm_validate_partition_table(): Disk read failed. [ 816.151728][ T6042] Dev nbd0: unable to read RDB block 0 [ 816.202818][ T6042] nbd0: unable to read partition table [ 816.798731][T13425] veth0_vlan: entered promiscuous mode [ 817.003106][T13425] veth1_vlan: entered promiscuous mode [ 817.492591][T13425] veth0_macvtap: entered promiscuous mode [ 817.546125][T13683] loop8: detected capacity change from 0 to 8192 [ 817.607986][T13425] veth1_macvtap: entered promiscuous mode [ 817.888383][T13425] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 817.897651][T13695] loop3: detected capacity change from 0 to 512 [ 818.003756][T13695] EXT4-fs: Ignoring removed orlov option [ 818.033134][T13425] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 818.051767][T13695] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 818.192361][ T13] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 818.270708][T13695] EXT4-fs (loop3): 1 orphan inode deleted [ 818.276735][T13695] EXT4-fs (loop3): 1 truncate cleaned up [ 818.331284][T13695] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 818.366004][ T35] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 818.489865][ T5887] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 818.541811][ T5887] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 818.556576][T13695] EXT4-fs error (device loop3): empty_inline_dir:1770: inode #12: block 7: comm syz.3.3108: bad entry in directory: rec_len is too small for name_len - offset=4, inode=13, rec_len=16, size=60 fake=0 [ 818.646792][T13695] EXT4-fs (loop3): Remounting filesystem read-only [ 818.654389][T13695] EXT4-fs warning (device loop3): empty_inline_dir:1777: bad inline directory (dir #12) - inode 13, rec_len 16, name_len 53inline size 60 [ 818.689011][T13705] loop6: detected capacity change from 0 to 128 [ 818.805259][T13706] EXT4-fs warning (device loop3): empty_inline_dir:1777: bad inline directory (dir #12) - inode 13, rec_len 16, name_len 53inline size 60 [ 819.029718][ T30] audit: type=1800 audit(1769695315.240:49): pid=13705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3111" name="file1" dev="loop6" ino=1048857 res=0 errno=0 [ 819.199425][ T30] audit: type=1800 audit(1769695315.290:50): pid=13705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3111" name="file1" dev="loop6" ino=1048857 res=0 errno=0 [ 819.445361][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 820.738151][T13733] loop8: detected capacity change from 0 to 64 [ 821.087178][T13737] loop5: detected capacity change from 0 to 1024 [ 821.300481][T11892] hfs: node 4:3 still has 1 user(s)! [ 821.400797][T13732] loop3: detected capacity change from 0 to 4096 [ 821.456991][T13732] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 821.806541][T13732] ntfs3(loop3): ino=19, mi_enum_attr [ 821.831111][T13732] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 821.940007][T13732] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 822.150557][T13747] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3124'. [ 822.160075][T13747] tipc: Started in network mode [ 822.165081][T13747] tipc: Node identity 7, cluster identity 4711 [ 822.171640][T13747] tipc: Node number set to 7 [ 822.730063][T13754] loop3: detected capacity change from 0 to 128 [ 822.780700][T13754] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 822.923620][T13754] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 823.479005][ T1011] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 824.155885][T13775] loop5: detected capacity change from 0 to 64 [ 824.287756][T13778] loop3: detected capacity change from 0 to 128 [ 825.203493][T13792] loop3: detected capacity change from 0 to 64 [ 825.754705][T13796] loop8: detected capacity change from 0 to 256 [ 825.808374][ T5893] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 825.816778][ T5893] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 826.223956][ T3452] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 826.232302][ T3452] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 827.237147][T13815] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 827.600208][T13810] loop3: detected capacity change from 0 to 40427 [ 827.638207][T13810] F2FS-fs (loop3): Fix alignment : internally, start(4096) end(16896) block(12288) [ 827.717619][T13810] F2FS-fs (loop3): invalid crc value [ 828.001282][T13810] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1 [ 828.011708][T13810] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 828.146592][T13820] xt_hashlimit: size too large, truncated to 1048576 [ 830.019416][ T796] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 830.259916][ T796] usb 6-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 830.271841][ T796] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 830.314688][T13842] loop9: detected capacity change from 0 to 512 [ 830.401682][ T796] usb 6-1: config 0 descriptor?? [ 830.437819][ T796] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 830.592303][T13842] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 830.717760][T13842] ext4 filesystem being mounted at /2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 830.908099][ T796] cpia1 6-1:0.0: unexpected state after lo power cmd: aa [ 831.059657][T13842] EXT4-fs error (device loop9): ext4_map_blocks:783: inode #2: block 18: comm syz.9.3160: lblock 23 mapped to illegal pblock 18 (length 1) [ 831.211811][T13842] EXT4-fs error (device loop9): ext4_readdir:264: inode #2: block 3: comm syz.9.3160: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1 [ 831.342328][ T796] gspca_cpia1: usb_control_msg 02, error -71 [ 831.402834][ T796] gspca_cpia1: usb_control_msg 05, error -71 [ 831.409019][ T796] cpia1 6-1:0.0: unexpected systemstate: aa [ 831.460835][ T796] usb 6-1: USB disconnect, device number 17 [ 831.784840][T13425] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 833.366273][T13883] loop5: detected capacity change from 0 to 128 [ 833.751532][ C0] EXT4-fs (loop4): error count since last fsck: 4 [ 833.758284][ C0] EXT4-fs (loop4): last error at time 1769695028: ext4_lookup:1789: inode 2 [ 833.887582][T13889] loop3: detected capacity change from 0 to 1024 [ 834.211013][T13889] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 834.253885][T13896] program syz.6.3176 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 834.322424][T13889] ext4 filesystem being mounted at /666/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 834.917060][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 836.879376][ T796] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 836.932012][T13938] loop5: detected capacity change from 0 to 1024 [ 837.032080][T13938] EXT4-fs (loop5): bad geometry: first data block is 0 with a 1k block and cluster size [ 837.070546][ T796] usb 4-1: Using ep0 maxpacket: 32 [ 837.128484][ T796] usb 4-1: config 0 has an invalid interface number: 184 but max is 0 [ 837.139403][ T796] usb 4-1: config 0 has no interface number 0 [ 837.195194][ T796] usb 4-1: config 0 interface 184 has no altsetting 0 [ 837.262829][ T796] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 837.272701][ T796] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 837.281105][ T796] usb 4-1: Product: syz [ 837.285449][ T796] usb 4-1: Manufacturer: syz [ 837.290302][ T796] usb 4-1: SerialNumber: syz [ 837.409906][T13947] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3195'. [ 837.470400][ T796] usb 4-1: config 0 descriptor?? [ 837.516934][ T796] smsc75xx v1.0.0 [ 838.393407][ T796] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71 [ 838.405320][ T796] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 838.438050][T13959] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3199'. [ 838.447611][T13959] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3199'. [ 838.519900][ T796] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 838.532075][ T796] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 838.542108][ T796] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 838.552749][ T796] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 838.614464][T13961] af_packet: tpacket_rcv: packet too big, clamped from 108 to 4294967272. macoff=96 [ 838.831043][ T796] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71 [ 838.892048][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 838.898943][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 838.980236][ T796] usb 4-1: USB disconnect, device number 22 [ 839.604589][T13973] loop5: detected capacity change from 0 to 512 [ 839.613859][T13970] Falling back ldisc for ttyS3. [ 839.634142][T13975] sctp: [Deprecated]: syz.3.3205 (pid 13975) Use of int in max_burst socket option. [ 839.634142][T13975] Use struct sctp_assoc_value instead [ 839.674057][T13973] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 839.885318][T13979] loop6: detected capacity change from 0 to 256 [ 839.941266][T13979] exfat: Deprecated parameter 'utf8' [ 840.175883][T13979] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 840.755616][T13986] loop8: detected capacity change from 0 to 64 [ 840.883884][T13986] BFS-fs: bfs_fill_super(): loop8 is unclean, continuing [ 841.752111][T14004] loop5: detected capacity change from 0 to 128 [ 841.805519][T14003] netlink: 52 bytes leftover after parsing attributes in process `syz.8.3215'. [ 841.811943][T14004] EXT4-fs: Ignoring removed orlov option [ 841.820689][T14004] EXT4-fs: Ignoring removed orlov option [ 842.005768][T14004] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 842.122073][T14004] ext4 filesystem being mounted at /615/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 842.499463][T14012] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3218'. [ 842.508800][T14012] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3218'. [ 842.766388][T14022] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 842.766388][T14022] The task syz.3.3220 (14022) triggered the difference, watch for misbehavior. [ 842.817224][ T6625] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 843.449375][ T796] kernel read not supported for file /usbmon0 (pid: 796 comm: kworker/1:2) [ 845.520906][T14064] sctp: [Deprecated]: syz.5.3237 (pid 14064) Use of int in maxseg socket option. [ 845.520906][T14064] Use struct sctp_assoc_value instead [ 845.812752][T14069] loop6: detected capacity change from 0 to 256 [ 845.955222][T14067] loop9: detected capacity change from 0 to 2048 [ 846.135631][T14073] pimreg: tun_chr_ioctl cmd 21522 [ 846.195421][T14067] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 846.299996][ T796] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 846.367680][ T30] audit: type=1800 audit(1769695342.600:51): pid=14067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3238" name="file1" dev="loop9" ino=15 res=0 errno=0 [ 846.410458][T14069] FAT-fs (loop6): Directory bread(block 64) failed [ 846.446978][T14069] FAT-fs (loop6): Directory bread(block 65) failed [ 846.500211][T14069] FAT-fs (loop6): Directory bread(block 66) failed [ 846.528621][T14069] FAT-fs (loop6): Directory bread(block 67) failed [ 846.536454][ T796] usb 4-1: too many configurations: 17, using maximum allowed: 8 [ 846.563154][T14069] FAT-fs (loop6): Directory bread(block 68) failed [ 846.589556][T14069] FAT-fs (loop6): Directory bread(block 69) failed [ 846.651883][T14069] FAT-fs (loop6): Directory bread(block 70) failed [ 846.687037][T14069] FAT-fs (loop6): Directory bread(block 71) failed [ 846.711466][ T796] usb 4-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 846.721294][ T796] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 846.729735][ T796] usb 4-1: Product: syz [ 846.734057][ T796] usb 4-1: Manufacturer: syz [ 846.738811][ T796] usb 4-1: SerialNumber: syz [ 846.771591][T14069] FAT-fs (loop6): Directory bread(block 72) failed [ 846.778319][T14069] FAT-fs (loop6): Directory bread(block 73) failed [ 846.897069][T13425] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 846.933245][ T796] usb 4-1: config 0 descriptor?? [ 846.988960][ T796] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 847.061278][ T796] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 847.128506][ T796] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 847.180651][T14074] dvb-usb: bulk message failed: -22 (7/0) [ 847.186831][ T796] usb 4-1: media controller created [ 847.502535][ T796] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 847.598092][T14092] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3245'. [ 848.285704][ T796] DVB: Unable to find symbol mt352_attach() [ 848.838912][T14104] IPVS: persistence engine module ip_vs_pe_ not found [ 848.893974][ T796] DVB: Unable to find symbol nxt6000_attach() [ 848.900367][ T796] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 849.051535][ T796] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input19 [ 849.094705][ T796] dvb-usb: schedule remote query interval to 1000 msecs. [ 849.102092][ T796] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 849.159503][ T796] dvb-usb: bulk message failed: -22 (7/0) [ 849.209330][ T796] dvb-usb: bulk message failed: -22 (7/0) [ 849.308769][ T796] usb 4-1: USB disconnect, device number 23 [ 849.781866][ T193] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting [ 849.867689][ T193] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 849.876147][ T193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 849.935688][ T796] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 849.947074][T14132] input: syz1 as /devices/virtual/input/input20 [ 849.947242][T14130] pimreg: tun_chr_ioctl cmd 1074025677 [ 850.036196][T14130] pimreg: linktype set to 823 [ 850.450887][T14136] loop6: detected capacity change from 0 to 512 [ 850.515341][T14136] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 850.636377][T14136] EXT4-fs (loop6): 1 truncate cleaned up [ 850.748256][T14136] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 850.792705][T14141] loop8: detected capacity change from 0 to 512 [ 850.920390][ T30] audit: type=1800 audit(1769695347.160:52): pid=14136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3261" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 851.097234][T14153] loop5: detected capacity change from 0 to 128 [ 851.136886][T14141] EXT4-fs (loop8): 1 orphan inode deleted [ 851.203106][T14141] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 851.226879][ T9575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 851.248398][T14153] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 851.445879][T14160] loop3: detected capacity change from 0 to 128 [ 851.941546][T14141] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 851.956480][T14156] loop9: detected capacity change from 0 to 32768 [ 851.977219][T14156] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3265 (14156) [ 851.981449][T14153] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 852.013672][T14160] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 852.050753][T14156] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 852.061505][T14156] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm [ 852.129499][T14160] hpfs: filesystem error: improperly stopped [ 852.135760][T14160] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 852.143883][T14160] hpfs: You really don't want any checks? You are crazy... [ 852.181839][T14160] hpfs: hpfs_map_sector(): read error [ 852.191520][T14160] hpfs: code page support is disabled [ 852.200859][T14160] hpfs: hpfs_map_4sectors(): unaligned read [ 852.207548][T14160] hpfs: hpfs_map_4sectors(): unaligned read [ 852.214159][T14160] hpfs: filesystem error: unable to find root dir [ 852.381792][T14156] BTRFS info (device loop9): enabling ssd optimizations [ 852.391909][T14156] BTRFS info (device loop9): turning on async discard [ 852.400194][T14156] BTRFS info (device loop9): enabling free space tree [ 852.795728][T13425] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 852.928531][ T5893] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 853.055127][T11892] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 856.052560][T14210] netlink: 'syz.3.3283': attribute type 34 has an invalid length. [ 856.161671][T14218] sp0: Synchronizing with TNC [ 856.898729][T14230] loop8: detected capacity change from 0 to 512 [ 857.009448][T14230] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 857.041734][T14230] System zones: 1-12 [ 857.129922][T14230] EXT4-fs error (device loop8): dx_probe:791: inode #2: comm syz.8.3291: Directory hole found for htree index block 0 [ 857.239412][T14230] EXT4-fs (loop8): Remounting filesystem read-only [ 857.287548][T14230] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -117 [ 857.369744][T14230] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117 [ 857.377782][T14236] input: syz0 as /devices/virtual/input/input21 [ 857.431255][T14230] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 858.010481][T11892] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 858.178189][T14246] @: renamed from vlan0 (while UP) [ 858.918188][T14255] loop3: detected capacity change from 0 to 512 [ 858.966065][T14255] EXT4-fs: Ignoring removed nobh option [ 859.206214][T14255] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 859.360188][T14255] ext4 filesystem being mounted at /690/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 859.680884][T14266] Bluetooth: MGMT ver 1.23 [ 859.862133][ T5785] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 860.216137][T14272] pimreg: tun_chr_ioctl cmd 1074025676 [ 860.222071][T14272] pimreg: owner set to 0 [ 860.350126][T14274] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3310'. [ 860.536594][T14276] loop3: detected capacity change from 0 to 128 [ 860.822475][T14276] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 860.849640][T14276] ext4 filesystem being mounted at /691/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 861.335254][ T5785] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 861.447095][T14286] loop9: detected capacity change from 0 to 128 [ 861.798954][T14286] FAT-fs (loop9): error, invalid access to FAT (entry 0x0fff0000) [ 861.807516][T14286] FAT-fs (loop9): Filesystem has been set read-only [ 861.826666][T14294] loop5: detected capacity change from 0 to 128 [ 861.933444][T14294] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 862.050219][T14294] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 862.414736][T14290] loop8: detected capacity change from 0 to 32768 [ 862.589876][T14290] [ 862.589876][T14290] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.589876][T14290] [ 862.622210][T14290] [ 862.622210][T14290] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.622210][T14290] [ 862.637269][T14290] [ 862.637269][T14290] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.637269][T14290] [ 862.647992][T14290] [ 862.647992][T14290] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.647992][T14290] [ 862.658729][T14290] [ 862.658729][T14290] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.658729][T14290] [ 862.669523][T14290] [ 862.669523][T14290] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.669523][T14290] [ 862.798139][ T112] [ 862.798139][ T112] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.798139][ T112] [ 862.809351][ T55] [ 862.809351][ T55] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.809351][ T55] [ 862.884659][ T55] [ 862.884659][ T55] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.884659][ T55] [ 862.910113][T11892] [ 862.910113][T11892] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.910113][T11892] [ 862.932630][ T111] [ 862.932630][ T111] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.932630][ T111] [ 862.987401][T11892] [ 862.987401][T11892] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 862.987401][T11892] [ 864.001887][ T796] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 864.223427][ T796] usb 7-1: config 0 has no interfaces? [ 864.270881][ T796] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 864.280228][ T796] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 864.288403][ T796] usb 7-1: Product: syz [ 864.293149][ T796] usb 7-1: Manufacturer: syz [ 864.297910][ T796] usb 7-1: SerialNumber: syz [ 864.455554][ T796] usb 7-1: config 0 descriptor?? [ 864.749684][ T796] usb 7-1: USB disconnect, device number 13 [ 865.606833][T14329] loop8: detected capacity change from 0 to 47 [ 868.254715][T14366] loop5: detected capacity change from 0 to 128 [ 869.289697][T14381] bridge: RTM_NEWNEIGH with unconfigured vlan 2 on bridge0 [ 869.442253][T14379] vxcan2: entered allmulticast mode [ 870.243250][T14391] CUSE: unknown device info "@ÿ" [ 870.248539][T14391] CUSE: unknown device info "ˆ" [ 870.254064][T14391] CUSE: unknown device info "Ž#" [ 870.259356][T14391] CUSE: unknown device info "ÿÿ" [ 870.264425][T14391] CUSE: unknown device info "ØLšˆˆÄ" [ 870.270256][T14391] CUSE: DEVNAME unspecified [ 870.422786][T14397] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.3363'. [ 870.539807][T14396] loop3: detected capacity change from 0 to 2048 [ 870.713312][T14396] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 871.604247][T14413] loop8: detected capacity change from 0 to 128 [ 872.633363][T14427] loop8: detected capacity change from 0 to 64 [ 872.940908][T14420] loop3: detected capacity change from 0 to 4096 [ 873.032656][T14420] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 873.362539][T14420] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 873.551012][T14436] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3380'. [ 873.560420][T14436] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3380'. [ 874.059975][T14440] netlink: 'syz.5.3383': attribute type 4 has an invalid length. [ 874.067888][T14440] netlink: 'syz.5.3383': attribute type 4 has an invalid length. [ 874.075967][T14442] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3382'. [ 874.087859][T14440] netlink: 'syz.5.3383': attribute type 2 has an invalid length. [ 874.100281][T14440] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3383'. [ 874.675026][T14448] loop9: detected capacity change from 0 to 1024 [ 875.132378][T14450] loop6: detected capacity change from 0 to 4096 [ 875.216993][T14450] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 875.664126][T14461] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3392'. [ 875.699521][T14450] ntfs3(loop6): ino=19, mi_enum_attr [ 875.705037][T14450] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 876.678924][T14468] No such timeout policy "syz1" [ 876.856196][T14473] loop6: detected capacity change from 0 to 1024 [ 877.831903][T14486] loop9: detected capacity change from 0 to 1024 [ 877.947209][T14486] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 878.512139][T13425] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 879.873585][T14524] program syz.9.3417 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 880.511604][T14530] loop9: detected capacity change from 0 to 256 [ 880.624640][T14534] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 880.696185][T14530] FAT-fs (loop9): Directory bread(block 64) failed [ 880.729748][T14530] FAT-fs (loop9): Directory bread(block 65) failed [ 880.768015][T14530] FAT-fs (loop9): Directory bread(block 66) failed [ 880.809789][T14530] FAT-fs (loop9): Directory bread(block 67) failed [ 880.816682][T14530] FAT-fs (loop9): Directory bread(block 68) failed [ 880.872272][T14530] FAT-fs (loop9): Directory bread(block 69) failed [ 880.889707][T14530] FAT-fs (loop9): Directory bread(block 70) failed [ 880.907535][T14530] FAT-fs (loop9): Directory bread(block 71) failed [ 880.938760][T14530] FAT-fs (loop9): Directory bread(block 72) failed [ 880.996829][T14530] FAT-fs (loop9): Directory bread(block 73) failed [ 881.148208][T14538] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 881.380205][T14536] loop3: detected capacity change from 0 to 4096 [ 881.428567][T14536] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 881.834473][T14544] macvtap1: entered promiscuous mode [ 881.840351][T14544] macvtap1: entered allmulticast mode [ 881.875389][ T30] audit: type=1800 audit(1769695378.110:53): pid=14536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3424" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 881.888946][T14544] dummy0: entered promiscuous mode [ 881.954402][T14544] dummy0: entered allmulticast mode [ 882.004072][T14544] team0: Device macvtap1 failed to register rx_handler [ 882.090927][T14544] dummy0: left allmulticast mode [ 882.105872][T14544] dummy0: left promiscuous mode [ 882.489813][T14551] netlink: 'syz.8.3431': attribute type 8 has an invalid length. [ 883.114043][ T5795] Bluetooth: hci1: command 0x1003 tx timeout [ 883.119887][T11144] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 884.009262][T14559] loop9: detected capacity change from 0 to 32768 [ 884.077574][T14559] XFS (loop9): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 884.267028][T14559] XFS (loop9): Ending clean mount [ 884.379773][T13425] XFS (loop9): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 885.783829][T14594] loop9: detected capacity change from 0 to 2048 [ 885.916100][T14594] UDF-fs: error (device loop9): udf_process_sequence: Primary Volume Descriptor not found! [ 886.022648][T14594] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 887.931601][T14622] loop6: detected capacity change from 0 to 2048 [ 887.995848][T14622] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=26504, location=26504 [ 888.082538][T14622] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 889.530290][T14652] loop3: detected capacity change from 0 to 256 [ 889.732425][T14652] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001e4a3, chksum : 0xe65db40a, utbl_chksum : 0x7319d30d) [ 890.670210][T14662] program syz.6.3475 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 891.218095][T14669] loop9: detected capacity change from 0 to 512 [ 891.289497][T14669] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 891.441873][T14669] EXT4-fs error (device loop9): ext4_orphan_get:1391: inode #15: comm syz.9.3478: inode has both inline data and extents flags [ 891.533832][T14669] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.3478: couldn't read orphan inode 15 (err -117) [ 891.632474][T14669] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 891.794337][T14669] fscrypt (loop9, inode 18): Unsupported encryption flags (0xc6) [ 892.162741][T13425] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 892.270557][T14673] loop6: detected capacity change from 0 to 8192 [ 892.514261][T14690] netlink: 'syz.9.3487': attribute type 8 has an invalid length. [ 892.594820][T14690] bridge0: port 2(bridge_slave_1) entered disabled state [ 892.604399][T14690] bridge0: port 1(bridge_slave_0) entered disabled state [ 892.658111][ T12] ===================================================== [ 892.666032][ T12] BUG: KMSAN: uninit-value in n_tty_receive_buf_closing+0x77e/0xf00 [ 892.675099][ T12] n_tty_receive_buf_closing+0x77e/0xf00 [ 892.681718][ T12] n_tty_receive_buf_common+0x19c6/0x2610 [ 892.688092][ T12] n_tty_receive_buf2+0x4c/0x60 [ 892.693886][ T12] tty_ldisc_receive_buf+0xc6/0x2c0 [ 892.699903][ T12] tty_port_default_receive_buf+0xd7/0x1a0 [ 892.706373][ T12] flush_to_ldisc+0x43e/0xe40 [ 892.711974][ T12] process_scheduled_works+0xae7/0x1d60 [ 892.718591][ T12] worker_thread+0x1741/0x1de0 [ 892.724341][ T12] kthread+0xd5a/0xf00 [ 892.729023][ T12] ret_from_fork+0x207/0x6f0 [ 892.740068][ T12] ret_from_fork_asm+0x1a/0x30 [ 892.746889][ T12] [ 892.749956][ T12] Uninit was created at: [ 892.754919][ T12] __kmalloc_noprof+0xae9/0x1bf0 [ 892.762398][ T12] __tty_buffer_request_room+0x3d4/0x7a0 [ 892.768845][ T12] __tty_insert_flip_string_flags+0x157/0x6e0 [ 892.775699][ T12] uart_insert_char+0x368/0x930 [ 892.781323][ T12] serial8250_read_char+0x1ba/0x670 [ 892.787207][ T12] serial8250_handle_irq+0x930/0x1110 [ 892.795748][ T12] serial8250_default_handle_irq+0x116/0x370 [ 892.802669][ T12] serial8250_interrupt+0xcb/0x420 [ 892.808438][ T12] __handle_irq_event_percpu+0x118/0xed0 [ 892.815117][ T12] handle_irq_event+0xe0/0x2a0 [ 892.820672][ T12] handle_edge_irq+0x2a9/0xb30 [ 892.826070][ T12] __common_interrupt+0x9d/0x180 [ 892.831822][ T12] common_interrupt+0x94/0xb0 [ 892.842895][ T12] asm_common_interrupt+0x2b/0x40 [ 892.850129][ T12] [ 892.853083][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G L syzkaller #0 PREEMPT(voluntary) [ 892.865145][ T12] Tainted: [L]=SOFTLOCKUP [ 892.870129][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 892.880915][ T12] Workqueue: events_unbound flush_to_ldisc [ 892.887383][ T12] ===================================================== [ 892.894959][ T12] Disabling lock debugging due to kernel taint [ 892.901798][ T12] Kernel panic - not syncing: kmsan.panic set ... [ 892.908329][ T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G B L syzkaller #0 PREEMPT(voluntary) [ 892.919788][ T12] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP [ 892.925415][ T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 892.935589][ T12] Workqueue: events_unbound flush_to_ldisc [ 892.941582][ T12] Call Trace: [ 892.944943][ T12] [ 892.947948][ T12] __dump_stack+0x26/0x30 [ 892.952484][ T12] dump_stack_lvl+0x50/0x1c0 [ 892.957228][ T12] ? dump_stack+0x12/0x25 [ 892.961724][ T12] dump_stack+0x1e/0x25 [ 892.966033][ T12] vpanic+0x435/0xd40 [ 892.970195][ T12] panic+0x15d/0x160 [ 892.974308][ T12] kmsan_report+0x31a/0x320 [ 892.979000][ T12] ? __msan_warning+0x1b/0x30 [ 892.983837][ T12] ? n_tty_receive_buf_closing+0x77e/0xf00 [ 892.989835][ T12] ? n_tty_receive_buf_common+0x19c6/0x2610 [ 892.995915][ T12] ? n_tty_receive_buf2+0x4c/0x60 [ 893.001115][ T12] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 893.006645][ T12] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 893.012799][ T12] ? flush_to_ldisc+0x43e/0xe40 [ 893.017800][ T12] ? process_scheduled_works+0xae7/0x1d60 [ 893.023697][ T12] ? worker_thread+0x1741/0x1de0 [ 893.028804][ T12] ? kthread+0xd5a/0xf00 [ 893.033186][ T12] ? ret_from_fork+0x207/0x6f0 [ 893.038157][ T12] ? ret_from_fork_asm+0x1a/0x30 [ 893.043276][ T12] ? kmsan_get_metadata+0xf1/0x160 [ 893.048588][ T12] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 893.054597][ T12] ? __update_load_avg_cfs_rq+0xe6/0x1000 [ 893.060545][ T12] ? kmsan_get_metadata+0xf1/0x160 [ 893.065854][ T12] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 893.071865][ T12] ? kmsan_get_metadata+0xf1/0x160 [ 893.077168][ T12] __msan_warning+0x1b/0x30 [ 893.081823][ T12] n_tty_receive_buf_closing+0x77e/0xf00 [ 893.087681][ T12] n_tty_receive_buf_common+0x19c6/0x2610 [ 893.093571][ T12] ? kmsan_get_metadata+0xf1/0x160 [ 893.098937][ T12] n_tty_receive_buf2+0x4c/0x60 [ 893.103963][ T12] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 893.109676][ T12] tty_ldisc_receive_buf+0xc6/0x2c0 [ 893.115039][ T12] tty_port_default_receive_buf+0xd7/0x1a0 [ 893.121012][ T12] flush_to_ldisc+0x43e/0xe40 [ 893.125840][ T12] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 893.132416][ T12] ? __pfx_flush_to_ldisc+0x10/0x10 [ 893.137759][ T12] process_scheduled_works+0xae7/0x1d60 [ 893.143529][ T12] worker_thread+0x1741/0x1de0 [ 893.148512][ T12] kthread+0xd5a/0xf00 [ 893.152700][ T12] ? __pfx_worker_thread+0x10/0x10 [ 893.158018][ T12] ? __pfx_kthread+0x10/0x10 [ 893.162733][ T12] ret_from_fork+0x207/0x6f0 [ 893.167490][ T12] ? __switch_to+0x521/0x750 [ 893.172219][ T12] ? __pfx_kthread+0x10/0x10 [ 893.176936][ T12] ret_from_fork_asm+0x1a/0x30 [ 893.181890][ T12] [ 893.185360][ T12] Kernel Offset: disabled [ 893.189728][ T12] Rebooting in 86400 seconds..