last executing test programs: 1m45.433026347s ago: executing program 4 (id=34): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000140), 0x9, 0x40000) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r0, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0xfffffffffffffffd, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd00000080190000000000000800", [0x0, 0x2000000000001]}}) 1m44.959938866s ago: executing program 4 (id=39): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000003c0), 0x8201) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x2, 0x1, 0x0, 0x0, 0x5}}) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) 1m43.77584539s ago: executing program 4 (id=46): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$unix(0x1, 0x2, 0x0) ppoll(&(0x7f0000000140)=[{r0, 0x9118}], 0x1, 0x0, 0x0, 0x0) 1m42.950918097s ago: executing program 4 (id=51): syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x60) 1m42.152268136s ago: executing program 4 (id=54): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000100000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x4}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='block_bio_remap\x00', r0}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000023c0)={r1, 0x4000, 0x0}, 0x10) 1m41.61948891s ago: executing program 4 (id=56): syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000c80)='./file1\x00', 0x80, &(0x7f00000004c0)=ANY=[@ANYRES64=0x0, @ANYRESHEX=0x0], 0x1, 0xc6b, &(0x7f0000004180)="$eJzs3V1sXGdaB/DnnWMndsqyLm3TLl2kWYrYNE2C89HWKC1yNsbalaI2quOFG5DH8SSMao9d21mlFSxBAm5AEFSkFXBBbpC44CI3SGiFUMTNIgFSBKq0CCQCbaOVEOAVLKxYaY3OzDv22I1jN192mt9vN/nPOfOcOe+Z9j1zpppnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiC/89InBw2m7RwEAPEivjb0xeNTrPwA8Us54/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOZSFPFWpHhvdClNtJbb+k41mhcujo+M3nqz/hQpKlG06ss/fYePHD324ksvD3Xy9tvfa5+J18fOnKienJ2Zm68vLNSnquPNxtnZqfqWH+Fut19vf+sJqM68eWHq3LmF6pFDR9fcfXHg5u7H9g4cH3r2wPOd2vGR0dGxrpqe3jve+0eke/dQfILsiiK+GCm+cfBbqRYRlbj7ubDJueN+64+ecv61DmJ8ZLR1INONWnOxvDNVclVPxEDXRsOdOfIA5uJdGY64VP5zKge8vzy8sbnafG1yul49XZtfbCw2Zpup0h5teTwDUYmhFDEXEUvFdg+enaY3ing1Utz83lKajIiiMw9eeG3sjcGjG2/Y8wAHucHuB4qI6/EQzFnYoXZHEb8TKd6dGIyzeV717o6IDyI+Xxa8EvFWmddSXM7LqTxBDEV82+sJPNR6ooi/jRSzaSlNta4HOteVp75c/VLz3GxXbee68qF6f/DRa4D+B7HbFa5N2MH6oojJ1hX/Urrz/9gFAAAAAAAAAAAAADwYRXw9Ulyd2ZfmoruntNE8Xz1Tm5xufyq489n/at5qeXl5eSC1s5pzMOdwztM5J3LO5byU83LOKzmv5ryW83rOGzmXckYl7z9nNedgzuGcp3NO5JzLeSnn5ZxX2tnpaFy+1pf3n++/kXMpZ+h7AgAAAAAAAAAAAAAAAAAA4B7rjyJ+M1L8xx98pfW70tH6XfpPHx86eepT3b8Z/8wmj1PWHoqIr8fWfpN3V/6t8VQp/3fvjwvYXF8U8dX8+3+/st2DAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdoRKFPGrkeJr31lKkSJiOGIi2nmj2O7RAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl3amIVyPFz/7e8Mq6nohIrf+37Sv/OhbDRc4nynwlhg+3sjJ8osy+iEPbMH7gzi28/c6btenp+rwbbrjhxsqN7T4zAQAAAAAAAAAAAAAAAMAjLBXxD5HiJ39/KQ1ExMWBm7sf2ztwfOjZA88XUbS+BCB1178+duZE9eTszNx8fWGhPlUdbzbOzk7Vt7q7vlON5oWL4yOj9+VgNtV/n8ff33dydu7t+cb5X1i85f17+k5MLizO187e+u7oj56Iwe41+1sDHh8ZbQ16ulFrtjZNlQ0G2BNR3erB8Mjbk4r4v0jx3sFvxuN5Xf7+j9720urs/6NfXF364Z61ufKvY+v88enjQyf3PLeV22mrA93fmnjlRBgd61rdk0f5Q13rBvK4tvzY8Igq5/8LkeLn/7hInTmU5/8PtJeKldn9v19dnVPH1+WKbZr/T3StO57PWr09EX2LM3O9T0f0Lbz9zsHGTO18/Xy9eezIyy8NHXv5xWMv9e6K6DvXmK4Prt7a6oh2b7UQAAAAAAAAAAAAAAAAAD6u3lTEFyLFL/39X630jef+v0+1l4qV2u7+333rHqf7ewM2un3LXr9N+vq6lftMqYinIsWzf/5Ma7wp9uh5hzu0JxXx3XI+TX0xfS6vy/M/d/bfev5fWpcr7mn/b1eL7Sbnice71l3K54n/jBSP/+Ez8bmu88T67t6y7i8jxeSPfDbXxa6yrvN47Z7odmNwWfuVSPH+6bW1nb7pJ1ZrD9/2sGCHKOf/TKT4x9/+u/jRvG7t93/cev7vWZcrtqn//8nuY4qIhbffebM2PV2fX9jyUwGPnHL+/0ak+Js//WY8l9fd7vt/Ot/zs++5tdnfKdqm+f9U17qUx/VjH/O5AAAAAAAAAAAAgIfFnlTEP0eKv/izA+lgXreVz/9OrcsV2/T5v6e71k2t+fzv/bux5ScZAAB2iN5UxE9Eij+Z+iB1emM37P99ZbX/Z2T9hXvrmv4HW33+H+ta/2P0/5f7TKmI7+e+3sFN+np/PFL8+k8dyHVpb1k33Blu6+++12abB09MT8+erS3WJqfr1bG52tl6ue3+SPFv//7ZvG2l1efb6Y9u9wav9gT/bqT4uQ87te2e4E4v5ZOrtYfL2oOR4rvvr63t9F09tVp7pKz9rUgx+j+3rt27Wnu0rP2nSPFf71Y7tXvK2s77uadXaw+dnZ3+yFs2AAAAAAAAAAAAAAAAAAAAtl9vKiJFims/c2WlN37t9391vgdg7fd/rXe/fv9/4N4cJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8FFIU8d+R4r3RpXSjKJfb+k41mhcujo+M3nqz/hQpKlG06ss/fYePHD324ksvD3Xy9tvfa5+J18fOnKienJ2Zm68vLNSnquPNxtnZqfqWH+HOti82vGd/6wmozrx5YercuYXqkUNH19x9ceDm7sf2DhwfevbA853a8ZHR0bGump7eLY9+U+nePRSfILuiiL+OFN84+K30L0VEpbUu4m7m0ibnjvutP3rK+dea0OMjo60DmW7UmovlnamSq3oiBro2Gu7MkQcwF+/KcMSliKiUA95fHt7YXG2+Njldr56uzS82FhuzzVRpj7Y8noGoxFCKmIuIpY3PVjyieqOIa5Hi5veW0r8W7Re01jx44bWxNwaPbrxhzwMc5Aa7HygirsdDMGdhh9odRTwZKd6dGIz3i/a8ak2bDyI+X+YrEW+VeS3F5bycyhPEUMS3vZ7AQ60nijgdKWbTUvqgyHO/dV156svVLzXPzXbVdq4r7/a99ra/P3iQXJuwg/VFER+2rviX0odezwEAAAAAAAAAAABghyvi1UhxdWZfavWHrvSUNprnq2dqk9Ptj/V3PvtfzVstLy8vD6R2VnMO5hzOeTrnRM65nJdyXk7x/TKv5OWrZf7y6g6u5/U3Wrm71ZhYLkcl7z9nNedgzuGcp3NO5JzLeSnn5ZxXcl7NeS3n9Zw3ci7lvE3XPwAAAAAAAAAAAAAAAAAA3JVKFPFrkeJr31lKy0X792Unop031va57tquMQL3x/8HAAD//+M8F98=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x81) lseek(r0, 0x64da, 0x4) 1m38.951236953s ago: executing program 32 (id=56): syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000c80)='./file1\x00', 0x80, &(0x7f00000004c0)=ANY=[@ANYRES64=0x0, @ANYRESHEX=0x0], 0x1, 0xc6b, &(0x7f0000004180)="$eJzs3V1sXGdaB/DnnWMndsqyLm3TLl2kWYrYNE2C89HWKC1yNsbalaI2quOFG5DH8SSMao9d21mlFSxBAm5AEFSkFXBBbpC44CI3SGiFUMTNIgFSBKq0CCQCbaOVEOAVLKxYaY3OzDv22I1jN192mt9vN/nPOfOcOe+Z9j1zpppnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiC/89InBw2m7RwEAPEivjb0xeNTrPwA8Us54/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOZSFPFWpHhvdClNtJbb+k41mhcujo+M3nqz/hQpKlG06ss/fYePHD324ksvD3Xy9tvfa5+J18fOnKienJ2Zm68vLNSnquPNxtnZqfqWH+Fut19vf+sJqM68eWHq3LmF6pFDR9fcfXHg5u7H9g4cH3r2wPOd2vGR0dGxrpqe3jve+0eke/dQfILsiiK+GCm+cfBbqRYRlbj7ubDJueN+64+ecv61DmJ8ZLR1INONWnOxvDNVclVPxEDXRsOdOfIA5uJdGY64VP5zKge8vzy8sbnafG1yul49XZtfbCw2Zpup0h5teTwDUYmhFDEXEUvFdg+enaY3ing1Utz83lKajIiiMw9eeG3sjcGjG2/Y8wAHucHuB4qI6/EQzFnYoXZHEb8TKd6dGIyzeV717o6IDyI+Xxa8EvFWmddSXM7LqTxBDEV82+sJPNR6ooi/jRSzaSlNta4HOteVp75c/VLz3GxXbee68qF6f/DRa4D+B7HbFa5N2MH6oojJ1hX/Urrz/9gFAAAAAAAAAAAAADwYRXw9Ulyd2ZfmoruntNE8Xz1Tm5xufyq489n/at5qeXl5eSC1s5pzMOdwztM5J3LO5byU83LOKzmv5ryW83rOGzmXckYl7z9nNedgzuGcp3NO5JzLeSnn5ZxX2tnpaFy+1pf3n++/kXMpZ+h7AgAAAAAAAAAAAAAAAAAA4B7rjyJ+M1L8xx98pfW70tH6XfpPHx86eepT3b8Z/8wmj1PWHoqIr8fWfpN3V/6t8VQp/3fvjwvYXF8U8dX8+3+/st2DAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdoRKFPGrkeJr31lKkSJiOGIi2nmj2O7RAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACl3amIVyPFz/7e8Mq6nohIrf+37Sv/OhbDRc4nynwlhg+3sjJ8osy+iEPbMH7gzi28/c6btenp+rwbbrjhxsqN7T4zAQAAAAAAAAAAAAAAAMAjLBXxD5HiJ39/KQ1ExMWBm7sf2ztwfOjZA88XUbS+BCB1178+duZE9eTszNx8fWGhPlUdbzbOzk7Vt7q7vlON5oWL4yOj9+VgNtV/n8ff33dydu7t+cb5X1i85f17+k5MLizO187e+u7oj56Iwe41+1sDHh8ZbQ16ulFrtjZNlQ0G2BNR3erB8Mjbk4r4v0jx3sFvxuN5Xf7+j9720urs/6NfXF364Z61ufKvY+v88enjQyf3PLeV22mrA93fmnjlRBgd61rdk0f5Q13rBvK4tvzY8Igq5/8LkeLn/7hInTmU5/8PtJeKldn9v19dnVPH1+WKbZr/T3StO57PWr09EX2LM3O9T0f0Lbz9zsHGTO18/Xy9eezIyy8NHXv5xWMv9e6K6DvXmK4Prt7a6oh2b7UQAAAAAAAAAAAAAAAAAD6u3lTEFyLFL/39X630jef+v0+1l4qV2u7+333rHqf7ewM2un3LXr9N+vq6lftMqYinIsWzf/5Ma7wp9uh5hzu0JxXx3XI+TX0xfS6vy/M/d/bfev5fWpcr7mn/b1eL7Sbnice71l3K54n/jBSP/+Ez8bmu88T67t6y7i8jxeSPfDbXxa6yrvN47Z7odmNwWfuVSPH+6bW1nb7pJ1ZrD9/2sGCHKOf/TKT4x9/+u/jRvG7t93/cev7vWZcrtqn//8nuY4qIhbffebM2PV2fX9jyUwGPnHL+/0ak+Js//WY8l9fd7vt/Ot/zs++5tdnfKdqm+f9U17qUx/VjH/O5AAAAAAAAAAAAgIfFnlTEP0eKv/izA+lgXreVz/9OrcsV2/T5v6e71k2t+fzv/bux5ScZAAB2iN5UxE9Eij+Z+iB1emM37P99ZbX/Z2T9hXvrmv4HW33+H+ta/2P0/5f7TKmI7+e+3sFN+np/PFL8+k8dyHVpb1k33Blu6+++12abB09MT8+erS3WJqfr1bG52tl6ue3+SPFv//7ZvG2l1efb6Y9u9wav9gT/bqT4uQ87te2e4E4v5ZOrtYfL2oOR4rvvr63t9F09tVp7pKz9rUgx+j+3rt27Wnu0rP2nSPFf71Y7tXvK2s77uadXaw+dnZ3+yFs2AAAAAAAAAAAAAAAAAAAAtl9vKiJFims/c2WlN37t9391vgdg7fd/rXe/fv9/4N4cJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8FFIU8d+R4r3RpXSjKJfb+k41mhcujo+M3nqz/hQpKlG06ss/fYePHD324ksvD3Xy9tvfa5+J18fOnKienJ2Zm68vLNSnquPNxtnZqfqWH+HOti82vGd/6wmozrx5YercuYXqkUNH19x9ceDm7sf2DhwfevbA853a8ZHR0bGump7eLY9+U+nePRSfILuiiL+OFN84+K30L0VEpbUu4m7m0ibnjvutP3rK+dea0OMjo60DmW7UmovlnamSq3oiBro2Gu7MkQcwF+/KcMSliKiUA95fHt7YXG2+Njldr56uzS82FhuzzVRpj7Y8noGoxFCKmIuIpY3PVjyieqOIa5Hi5veW0r8W7Re01jx44bWxNwaPbrxhzwMc5Aa7HygirsdDMGdhh9odRTwZKd6dGIz3i/a8ak2bDyI+X+YrEW+VeS3F5bycyhPEUMS3vZ7AQ60nijgdKWbTUvqgyHO/dV156svVLzXPzXbVdq4r7/a99ra/P3iQXJuwg/VFER+2rviX0odezwEAAAAAAAAAAABghyvi1UhxdWZfavWHrvSUNprnq2dqk9Ptj/V3PvtfzVstLy8vD6R2VnMO5hzOeTrnRM65nJdyXk7x/TKv5OWrZf7y6g6u5/U3Wrm71ZhYLkcl7z9nNedgzuGcp3NO5JzLeSnn5ZxXcl7NeS3n9Zw3ci7lvE3XPwAAAAAAAAAAAAAAAAAA3JVKFPFrkeJr31lKy0X792Unop031va57tquMQL3x/8HAAD//+M8F98=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x81) lseek(r0, 0x64da, 0x4) 6.238634899s ago: executing program 2 (id=628): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="000b000000000000ea"]) 5.704703976s ago: executing program 2 (id=632): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), r0) sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r1, 0x401, 0x70bd2c, 0x25dfdbfb, {{}, {0x0, 0x8001}}}, 0x1c}}, 0x10) 5.386135761s ago: executing program 5 (id=634): r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000006c0)={0x0, {{0xa, 0x0, 0x0, @mcast1, 0xfffffffe}}, {{0xa, 0x4e21, 0x3ff, @loopback, 0x100b}}}, 0x108) 5.181669198s ago: executing program 2 (id=636): r0 = socket$inet_sctp(0x2, 0x5, 0x84) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x7b, &(0x7f0000000000)=@assoc_value, &(0x7f0000000080)=0x8) 4.877799764s ago: executing program 5 (id=638): r0 = mq_open(&(0x7f0000000040)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!Tnux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000000)={0x0, 0x1, 0x8}) mq_timedreceive(r0, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0) mq_timedreceive(r0, &(0x7f0000000140)=""/12, 0xc, 0x7, 0x0) 4.580524987s ago: executing program 2 (id=641): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x807, @broadcast, 'macvlan1\x00'}}, 0x1e) sendmmsg(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000500)="ab", 0x5ea}], 0x1}}], 0x484, 0x24048084) 3.795630514s ago: executing program 0 (id=647): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x2}}, @TCA_MPLS_LABEL={0x8}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="180000006a0011"], 0x18}, 0x1, 0x0, 0x0, 0x4010}, 0x0) 3.510435655s ago: executing program 5 (id=648): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x80042, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x19) writev(r0, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000040)='~', 0x1}], 0x2) 3.299047897s ago: executing program 3 (id=650): io_setup(0x3, &(0x7f0000000140)=0x0) r1 = io_uring_setup(0x7410, &(0x7f0000000040)={0x0, 0x7c5f, 0x10000, 0x1, 0x3ab}) io_submit(r0, 0x1, &(0x7f0000000a40)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 3.210446345s ago: executing program 0 (id=651): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x40, r1, 0x1, 0x70bd2a, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x1c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5}, {0x5, 0x3, 0x80}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x0) 2.977640849s ago: executing program 5 (id=652): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x400, &(0x7f0000000280)=ANY=[@ANYBLOB="63726561746f723d9cdc97d22c706172743d3078303030303030303032336666386236392c6465636f6d706f73652c666f7263652c6e6c733d63703836332c6465636f6d706f73652c666f7263652c756d61736b3d30303030303030303030303030303030303030303230312c747970653d3562f9492c00e34262731667dcc6528630a3bd05a80ec9b0623b05b805edfe3fd612041880669e6945470f3e5561b455258ce4"], 0x3, 0x6bb, &(0x7f0000004540)="$eJzs3U2IXWf9B/Dvubm5k5s/pNM2TfMXIUMDRRtMZnKpiSA0ikgWQYJuuh2SSTPkJi2TqaRFzI1aBVcuRLpwUZG46EpEhLoS61oQ3LjKPuDORRbqyDn33Dt3Zm4mM8lk7rT9fODM85z7POd5fufX83JfGk6Az6zzr2d/L0XOn7hwq1y/d7fTvXe3c31QTzKVpJE0+0WKdlJ8nJxLf8n/ly/WwxUPm+fV+x8Vzfc/7PTXmvVS9W9stt0GY3v2kgPDlX2rvf69hQEb48erlswkuVSXj68YRlQm7PggcTBpKxv0VhvHnRprbf28Bfas2/375gbTycH0767l+4DUV4dHXxkmb9NrU2/34gAAAICnZexn+VHPPMiD3Mqh3QkHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh2K/jMDi3ppDOozKQbP/2+NPFO/NeFwn9B7V6ri289MOhAAAAAAAAAAeCLHHuRBbuXQYH2lqH7zf6laOVz9/b+8nZtZyFJO5lbms5zlLGUuyfTIQK1b88vLS3Mbt/xFyi1XVlZu11ueHrvl6bVx9dYHOu7/NNjQCQAAAAAAAAA+s36Q86u//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwF5QJPv6RbUcHtSn02gmOZCkVcwMu7cmGuwO+NOkAwAAAICnr12Xh4r/9isrRfWZ/0j1uf9A3s6NLGcxy+lmIZer7wL6n/obf+t1uvfudq6Xy8aBv/bPbcVRjZj+dw/jZ56terww3OJ8vpnv5ERmcjFLWcx3M5/lLGQm36hq8ykyXX97MX3vbjuDWDfGe27N2sX1sR0bqZfxHa0iaedKFqvYTuZSaxB6o+53dGS2P7SSdTPeKbNTvFbbYo4u12W5Rz+ry71hutrz/cOMzNa5L7Px7GjeN+Z+m8fJ+pnm0hh+B3V4dZZydf1Mj5Xzg3VZ5vrHTzfn2/wqbW0mej8t1wZH35HNc5588e9/vni1cePa1Ss3T+ydw+gxrT8mOiOZeHFLmeje+Hmu9J4gEweeJP6d06qz0b+Kbu9q+VK17aEs5lt5M5ezkDOZzVzOZjZfyel0cnokry9sntfqXGts71w7/oW6Ut6TfjJyb9o1Uw9rKPP67EheR69001Xb6CurWXqukUdmqWhlfJb+MTaU5ufqSjnHD0fuOJO3PhNzI5l4fvPj5Vf/WUlys3vj2tLV+be2ON/LdVmetu+tvTb/ekd2aPvq3S2Pl+fK/1jp3zZGj46y7flB27p8tepfXJr1YGvaWqnO537bo87UcqQjd8aN1G97cewsnart6Ejbmnc5eTPd4buQ2q6fpABswcFXDrba99t/bX/Q/lH7avvCga9PnZ36fCv7/9L8477fNn7T+GrxSj7I93No0pECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCnwc133r023+0uLO3BSho7POCdsU2DVPRfaY3pcyx7IBufjMrUZkfU79J/XNNDNm9NIuZ2HhrP7lbSfOJxbj+yz1TGNF0YvtJOGsN4klzbIw+4A56GU8vX3zp18513v7R4ff6NhTcWbpw+e+a1M50vz90+dWWxuzDb/1t3bk44WGBHrb4NmHQkAAAAAAAAAAAAwFbtxj9vGDNt0ZvAvgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfTOdfz/5eiszNnpwt1+/d7XTLZVBf7dlM0khSfC8pPk7Opb9kemS44mHzvHr/o1++/P6HndWxmoP+jXXb/f5fKyvb3ItevWQmyb66fLSpLY13aWS83jYD6yuGe1gm7PggcTBp/wsAAP//WqkDrQ==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 2.720140557s ago: executing program 3 (id=653): r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000380), 0x4) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000040)={{}, 0x20}, 0x10) 2.7010341s ago: executing program 0 (id=654): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x2}}, 0x10) 2.650814098s ago: executing program 1 (id=655): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x3081, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_X86_BUS_LOCK_EXIT(r1, 0x4068aea3, &(0x7f00000001c0)={0xc1, 0x0, 0x1}) 2.221366108s ago: executing program 5 (id=656): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb7e, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DDHEiIdcPkhRMcBHbhXRVC910UWgXpX9AoetstNBV6aaVFrqXShHdp9zJnWQwM0mqMx4/fj84c8/HZM7z5JK555C5E8BLa6x8yCP2R8S5LGKk6s8jYrBRG4pYWn3eg/vXJh/evzaZxcrKB39nkVV9zdfKquPuqjEUEb+cyeK/n2ycd25hcWaiKOqzVfvw/MUrh+cWFg9NX5y4UL9QvzR+YvzY8RPHjr99pGu5vrv35tmvxk/t+f7Mrauv3fj9yyxOxXA11ppHt4zFWKxUWvv7I2Ki25Ml0lflk7X0Zf0JAwIAYFN5yxrufzESfbG+eBuJW78mDQ4AAADoipW+WPsfFQAAAPCiyuz/AQAA4AXX/BzAg/vXJpsl7ScSnq57pyNitF3+/bHUOA7FQETsepBF622t2eqPPbGxiNj30+iPZYke3Ye8maXrEfH/dvlnjfxHG3dxb8w/j4hu3Jk99kj7ecr/VBfmT50/AC+n5dOrF7KN1798bf0Tba5//W2uXY8j9fWv8/pvPf++Duu/97c5R/3Ap593Gmtd/xXfvnq7nL88PlFS/8K96xGv9Hde/5T5Zx3yP7fNOQb++PmHTmNl/mW+zfK081/5JuJg2/3P+jfaZJt/P9HhqemiXj22nePG7e/2dZq/9fyXpZy/uRd4Gsrzv6tD/lud/yvbnGP5r4N/dhrbOv/87mD2YaM2WPVcnZifnx2PGMzObuw/unkszec0X6PM/83XN//7b5d/+Z6wVP0eyr3A9epYtj9+ZM5D773zxuPn31tl/ucf8/zf3OYcX382e7fTWOr8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+5BExHFleW6vnea0WsTsi9sWuvLg8N//W1OWPLp0vxyJGYyCfmi7qRyJiZLWdle3xRn29ffSR9rGI2BsRX4zsbLRrk5eL86mTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3uiBiOLK9FRB4RD0fyvFZLHRUAAADQdaOpAwAAAAB6zv4fAAAAXnz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTY3gPLd7KIWDq5s1FKg9XYQNLIgF7LUwcAJNOXOgAgmf7UAQDJ2OMD2RbjQx1HdnQ9FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeXQf3L9/JImLp5M5GKQ1WYwNJIwN6LU8dAJBMX+oAgGT6UwcAJGOPD2RbjA91HNnR9VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHYNN0qW1yIib9TzvFaL2BMRozGQTU0X9SMR8Z+I+G1kYEfZHk8dNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF03t7A4M1EU9VkVFRWVtUrqdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFKYW1icmSiK+uxc6kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1OYWFmcmiqI+28NK6hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjnnwAAAP///JMJmQ==") capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) 2.180595197s ago: executing program 3 (id=657): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_route(0x10, 0x3, 0x0) close_range(r0, 0xffffffffffffffff, 0x2) 2.10609643s ago: executing program 0 (id=658): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x4810, &(0x7f0000000140)=ANY=[], 0x11, 0x69f, &(0x7f0000001840)="$eJzs3c1vHGcdB/DvrNcvm0qu26ZpQJUwjVQQEYkdK4VwSUAIBalCVTggjlbjNFacNDguSnsgLiD1yoE/oBzCBU4ghISEFKmc4VZxszhVQuqlp7QHBu3s7Hrt7volb2vD5xPNzvPMM/M8v/nNy+46Wk2A/1sXT6Z5L61cPPnq7XZ94+7CysbdhevdcpLJJI2k2ZmluJEUHyQX0pnyhfbCurti2Di/Xj536cNPNj7q1JrZ7K/90hoeYHMve7FeT5lNMlbPH8KW/l5/sP4mN4tFLzPthJ3oJg5GbTxJucVPjm22DFKO9VWGXu/A4VF03jf7dK7/meRIkqnuG9p6p7Hx5CPc1b7uReuPLw4AAAA4MJ6+fye5nelRxwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHSf38/6KeGt3ybIru8/8n+p6xPzHicIfbObKpbuFe40kEAwAAAAAAAACP15fu53eXynK6Wy+L6v/8X6oqR6vXp/JWbmUpqzmV21nMWtaymvkkM+/9uNfRxO3FtbXV+e6Wn5VlOWTLM+0t+0LobHlmjwG3Hs1+AwAAAAAAAMD/iPP1/Oe5mOkRxwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFsUyVhnVk1Hu+WZNJpJppJMtNdbT/7RLR9m90YdAAAAADwBT9/P/dzOdLdeFtV3/mPV9/6pvJUbWcty1rKSpVyu/hbQ+dbf2Li7sLJxd+F6e9raZ2PbGH+c3jWMiXqzsao2aOTj1RqtXMlyteRUXs+bWcnlNHoDHu/GMziudz9u932+oyz3lqDL9by957+q5wfDTJWR8V5G5urY2tl4ZudMfPvjhxppPo3eX36O7iPn53ccpfhP95gc6S5Jnvr+7jkf39fO7EPxuYG3Z+JM39l3bOdMJF/50+9/dHXlxrWrxfrJg3Ma7cPkvzavmu2ZWOjLxAt7zsSVW4czE9s18nyvfDHfyw9zMrN5LatZzk+zmLUsZTbfrUqL9fncfp3ZOVMXttRe2y2Kifq4jG2L6ctPd+Y7xfRSte10lvODvJnLWcor1b8zmc83cjZnc67vCD+/h6u+MeCq//Pw4E98tS60krxXzw+Gdl6f6ctr/z13pmrrX9JIOdnZ7tlHdm/saX6xLrSPxC8GvNmOTi8TU+m9S3Sje66bgfGBmfhNdVu5tXLj2urVxZvb+i3WB4/3crbu/sG5kbTPl2fbB6uqbT072m3PDWybr9qO9toa29t+2+q17XalTtSf4T7f05mq7YWBbQtV2/G+ts3PW5+VZdn5vAXAgXfka0cmWv9u/b31fuuXrautV6e+M/nNyRcnMv638W8158ZebrxY/CHv52fZ/Rs6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwq1tvv3NtcWVlaXVboSzLO0OaHkshzWTLkr/+pW+dJNXDgPbeYXvtC42kWtJMXdhfYHcebHfefdAk/LM+Jk8k4Y+kMDX0/Nle+LQsy4MR814KZe2gxDOKwkhvS8ATcHrt+s3Tt95+5+vL1xffWHpj6ca5s2fPzZ07+8rC6SvLK0tznddRRwk8Dn2fwAEAAAAAAAAAAIBDYm8/zike7rc9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h4sk076XI/NypuXZ94+7CSnvqljfX/DRJI0kxmxQfJBfSmTLT110xbJz15NKHn2x81Kk166lav7HTdnuzXk+ZTTJWzweYGrSwvDOsv6Lq5+bw/vao6O1hO2EnuomDUftvAAAA//8fBRpx") timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f00000001c0)) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) 2.105807204s ago: executing program 1 (id=659): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0003}]}) signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8) 1.718721163s ago: executing program 3 (id=660): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0500000000000000000003000000400001802c0004001400010002004e230000000000000000000000001400020002000000ac1e010100000000000000000d000100757f703a73"], 0x54}}, 0x0) 1.660098379s ago: executing program 1 (id=661): r0 = socket$inet(0x2b, 0x801, 0x0) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f00000000c0)={{0x87, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x0, 'nq\x00', 0x22, 0x10000, 0x6e}, {@broadcast, 0x4e23, 0x10000, 0x1, 0x93, 0xd18e}}, 0x44) 1.277770997s ago: executing program 0 (id=662): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x0, &(0x7f0000000080), 0xc1, 0x7b7, &(0x7f00000007c0)="$eJzs3ctrXNcZAPDvjl6W7FYqFFp3JSi0AuNR5ap2C124dFEKNRjadW0xGgtXI43RjIwlBLYpgWwCScgikGy8zsPZZZvHNvkvsgg2TiKLKGQRJtzRHWlkzciSo5kR6PeDq3vOfeicb859nJlzmQngxBpP/+QizkbEq0nEaLY8iYiBeqo/4vLWdpvra4V0SqJW+/fXSX2bjfW1QjTtkzqdZX4dEZ+8FHEuly44tavcysrq/EypVFzK8pPVhVuTlZXV8zcXZuaKc8XFi1PT0xcu/enSxaOL9dvPV888fu0fv3//8vf//9XDVz5N4nKcydY1x3FUxmM8e00G0pdwl78fdWE9lvS6AryQ9NTs2zrL42yMRl891cZwN2sGAHTK3YioAQAnTOL+DwAnTONzgI31tUJj6u0nEt315G9bQ5Mb2djm5nb8/dmY3an6OOjIRrJrZCSJiLEjKH88It7+8L/vplN0aBwSoJV79yPi+tj43ut/sueZhcP6w34ra0P12fgzi13/oHs+Svs/f27V/8tt93+iRf9nqMW5+yKef/7nHh1BMW2l/b+/Nj3bttkUf2asL8v9rN7nG0hu3CwV02vbzyNiIgaG0vxUfdPWT0FNPP3habvym/t/37z+v3fS8tP5zha5R/1Du/eZnanO/NS4G57cj/hNf6v4k+32T9r0f68esIx//uXlt9qtS+NP421Me+PvrNqDiN+1bP+dtkz2fT5xsn44TDYOihY++OLNkXbl77T/UH2elt94L9ANafuP7B//WNL8vGbl8GV89mD043brmo//1vG3Pv4Hk//U04PZsjsz1erSVMRg8q+9yy/s7NvIN7ZP45/4bevzv93xn8uejb2+ndtf/+Ov3sv+Vcv46+61i7+z0vhnD9X++yRq2T7PrHq4Od/XrvyDtf90PTWRLTnI9e85NW0knt94AAAAAAAAAAAAAAAAAAAAAAAAAHAEchFxJpJcfjudy+XzW7/h/csYyZXKleq5G+Xlxdmo/1b2WAzkGl91Odr0fahT2ffhN/IXnsn/MSJ+ERFvDA3X8/lCuTTb6+ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHN69+//301n+fzWui+Hel07AKBjTvW6AgBA17n/A8DJc7j7/3DH6gEAdM+h3//Xks5UBADomgPf/693th4AQPcY/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDDrl65kk6179bXCml+9vbK8nz59vnZYmU+v7BcyBfKS7fyc+XyXKmYL5QX2v6je1uzUrl8azoWl+9MVouV6mRlZfXaQnl5sXrt5sLMXPFacaBrkQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwVVWVudnSqXiksS+ieHjUY1jk+iPY1GNI0vU+rbOh+NRn/5oLBnsWTWarxLDPbo6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABx/PwYAAP//eUchiw==") mkdir(&(0x7f0000000140)='./control\x00', 0x5) rmdir(&(0x7f0000000100)='./control\x00') 1.052531521s ago: executing program 1 (id=663): renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6d706f6c3d62690bbe608ae7a8e257d632a80e6e643a302d4e3a33"]) 1.003454391s ago: executing program 3 (id=664): syz_mount_image$udf(&(0x7f0000000480), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00b96fa236bfd596c74e808dd7b85a97c6ab3f6173849702311b635ac7a4e02bb352424c"], 0x1, 0x46f, &(0x7f00000009c0)="$eJzs299PW2Ucx/HPc2i7M0a0MIZuWUwTE0cwAgUZbKgJDjHGDeZY8cYsYVCwrlBCwcCyKLf7A3alN14sMV4si//DovEP0LhkXuj0xpvezSs153BOz2npBlra0u39SqCnp9+e85znx3m+T9MKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIb78z1p80jS4FAACop8npS/0DzP8AADxTLrP+BwAAeJYYWfpNRu/PFMwF9/k2+3xmeX0jNT5R+W2HjfvOFjfe+bOTA4OvD50eHvEfn/z+/XZcU9OXxxLncksrq+l8Pj2fSC1n5nLz6T0fodr3l+txKyCxdG19fmEhnxjoHSx5eSP+x6EjXfHR0zOppB+bGp+YmA7FRKL/++w7PC7Dj8nSmzLqs++YSUmWqq+LXfpOrR12L6LHvYjU+IR7IdnM7PKa86LxK8IqrZOYX0d1aIuqWJJTLhPbnzVbVJZekdEPnQUzJanFr4dX3Q+G91SeRog4S1dJ3WqCNjvADsnSFRnd64vrolevbvvHpBuNLhxqLiJLd2R06q2C+cC9Hzjjybltnp9JvLe8kAvFGuONqGafH+rpgN+bbFmadEd8wVxqdGFQd06ylJZRavRTN6+Qm5c+Pzp8oufDcIbxwi7HcWJ7vcG1lzk5GkodTINyCEi2sfRQRo9+tt3n3f4cIG3909iioR6Mpfsyyq0X3KVReF3aElrfFzX73F/b8h+2z+VWNlczix+vVXy91R67ml9bnZ2r/PL22rXkdrjbOrZKUWPpCxl99e7XxfN6a4BIeeztN4Ky2d75i8Vw+81z259n+HPI8YHO8HbFIv+H/Mj2zttS3SUjxHj3/4UrL3pr/1bt6INe3DEZfXTrpBdnxZwgv5PE3f/2Qiab7ndi/5ZRx/d+rPsxk3Nk19EgNunErsro5r3S2CNebGcQO+DE/iSjBz9Wjj0WxA46sRsyyj9I+LGtTuxLXmxXENs7l8vO16yCDzhn/H8no0/6EsZvy9LxH4y22zeC8b5VfqDHjPlqx388tG/L64e/e/01skt/vSmjzT9P+tfj9hX/ttLu/g/6a1ZG394qjfUXih1BbHLPFdsknPaPyKh96G6xbrw68J4GrRZu/xPlvaNG7d8e2hf3zhvbn0uHpPzm9Wuz2Wx6lQ022GCjuNHoOxPqwZn//5LRrz33i/mON/+3bT8L8r9HnwXz/9nyA9Vo/u8I7TvrZSPRiGSvLa1EuyQ7v3n9tczS7GJ6Mb08PDhyZmjwTHIkGvNzu2Cr6qp6KjntPyuj1NQ3xfVZaf5XOf9vLT9Qjdr/aGhfa0m+UvWlw2v/hIw2Ht4trqOflP/766zul7cfi+OzRu3fGdoX987btj+XDgAAAAAAAAAAAAAAAABNLWos/SKji1cjxv9t1F6+/7fjB1M1+v5XV2jffJ1+r1B1pQIAAAAAAAAAADSQJUtfyuiUCuZzZ0ebdCH8iKfavwEAAP//M8EfQQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x2) lseek(r0, 0x2, 0x3) 738.129353ms ago: executing program 2 (id=665): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0xff, 0x6e5, &(0x7f0000000f00)="$eJzs3c9vHGcZB/DvrNeON1TBaZM2QkVYiVSQIhInVgrhgkEI5VChqhx6thKnsbpJqsRFaYUgBQQnJA79AwqSbxwQEvegcOFSbr36WAmJS8QhqpAWzezsetdex3Zirx34fKLxvO+877zzzDO/vOusNsD/rStn03yQIlfOvnGvrK+tzrfXVueP1M3tJGW5kTS7sxS3kuJhslC2FwNTBuabfLx8+a3PHq193q0166nqP9Ffb3pHIY/Yxv16ymw93uzINSd3NH53rCq8vJDkaj0fNrXTsYY6lkk7U8/hwHU2ub+b1be83oHDr/d0KrrPzU1mkqP1k7n6naC+OzTGF+H+2NVdDgAAAJ5Tn94+6AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+VN//39RT416ntkUve//n+otq8uH0MKOez7Y1zgAAAAAAAAAYDy+9jiPcy/HevVOUf3N/3RVOZEvOsmX8n7uZil3ci73spiVrOROLiSZGRho6t7iysqdC/01S6PXvDhyzYvj2mMAAAAAAAAA+J/0i7TW//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHQZFMdGfVdKKeZyaNZtbbcj/5R5Kpg453F4pRCx+MPw4AAAB4JtNPsc6XH+dx7uVYr94pqtf8L1evl6fzfm5lJctZSTtLuVa/hi5f9TfWVufba6vzN8uprA+P+71/7SqMqXqEiao2asunqh6tXM9yteRcrhbJfzqdTqO77TPJqV48A3EN+KiMqfhubYeRNeu0lnv+u63eRdgTw29FNJ7Qs7UeXNLPyFwdW7nm8W4GiuqNmmRjJrY9Os2h2kw16mR/SxfS6L/zc2Ifcn60npf78+t9zflu9TPRSJWJi2n0j9TLT85E8vW//PHtG+1b7964fvfs4dmlbUxssXzjOTE/kIlXnutMNHfZf67KxMl+/Up+mB/nbGbzZu5kOT/JYlaylE7dvlifz+XPmSdnamGo9uZ2kUzVx6V7zHYS02x+UJUWc7pa91iWU+R2rmUpr1f/LuZCvpVLuZTLA0f45JZxV/tWXfWNjVd970j/dWTwZ75RF8q722/W73ILT9rjrc7OvdK995d5PT6Q1+5Z/6jf6/jAdTA3kKUXe9mZHDn409wbm1+pC+U2frnNc2K8ZupMlBdQ7ynRi+6lbiaa1bNo83n++065Xtq3Op0bi+9tMf79DfXX6nl5Wq1+dbvePaMPxd4qz5cXM13fSYbPjrLtpf5dZqCts34ud9uGn7jleiertqLoXak/yu3qBNh8pU7Vv8N1R5oYGOli1fbKyK3MV22nBtqGft/K7bRzbQz5A+Bp/P3tfnEmR6da/2x92vqk9avWjdYb098/8u0jr05l8m+T32nOTbzWeLX4cz7Jz9Zf/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/v7gcfvrvYbi/dGV1obN20uND74pp2e6mVjX02jlw0U/U5MnrAov5Cn23iOZSFNDc3TZd5GVwy2U3UmCNsbQxjU6Hz82TsGet9ieDoPr8tC81NZ9SowsLQkj9tHvCjXUZY7Oy62MdCI+PdaHkVj2o6oBsSMDbnV26+d/7uBx9+c/nm4jtL7yzdmrx06fLc5Uuvz5+/vtxemuv+POgogf2w/tA/6EgAAAAAAAAAAACAnRr1wYDTL2z3oZEdfcbD/ywEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9sSVs2k+SJELc+fmyvra6ny7nHrl9Z7NJI1GUvw0KR4mC+lOmRkYrsgfHqYzYjsfL19+67NHa5+vj9Xs9k8a9XxrT25Ncr+eMptkop4/g6Hxrj7zeMW/e/tQJuyLTqez8Gzxwd74bwAAAP//uNjyEw==") mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x64) 665.026391ms ago: executing program 5 (id=666): r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0xda72ed5a9dc29567, 0x2000) msgsnd(r0, &(0x7f00000003c0)={0x3}, 0x8, 0x0) 536.558399ms ago: executing program 1 (id=667): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={0x18, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x860}, 0x20000000) 218.576784ms ago: executing program 1 (id=668): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, &(0x7f0000000780)=ANY=[@ANYBLOB="020080"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, 0x0) 138.893592ms ago: executing program 3 (id=669): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]}) close_range(r0, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x2, &(0x7f0000000200)=[{0x45, 0x0, 0x0, 0x66}, {0x6, 0x1, 0x83, 0x7fff0000}]}) 117.494528ms ago: executing program 0 (id=670): r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f00000001c0)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e20, 0xff, @ipv4={'\x00', '\xff\xff', @remote}, 0x701}}, 0x24) connect$rxrpc(r0, &(0x7f0000000340)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e21, @local}}, 0x24) 0s ago: executing program 2 (id=671): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd1, &(0x7f0000000000)=0x9, 0x4) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.203' (ED25519) to the list of known hosts. [ 174.825182][ T5788] cgroup: Unknown subsys name 'net' [ 174.956064][ T5788] cgroup: Unknown subsys name 'cpuset' [ 174.971877][ T5788] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 181.056159][ T5788] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 185.255720][ T5807] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 185.264563][ T5807] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 185.273568][ T5807] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 185.297086][ T5807] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 185.311973][ T5807] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 185.351724][ T5102] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 185.363455][ T5812] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 185.372403][ T5812] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 185.391685][ T5812] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 185.392731][ T5102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 185.404236][ T5812] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 185.419076][ T5817] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 185.430369][ T5102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 185.434682][ T5812] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 185.445895][ T5810] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 185.461515][ T5810] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 185.489066][ T5807] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 185.510397][ T5807] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 185.519431][ T5807] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 185.530537][ T5807] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 185.537497][ T50] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 185.553570][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 185.565124][ T5807] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 185.566165][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 185.590413][ T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 186.782393][ T5811] chnl_net:caif_netlink_parms(): no params data found [ 187.156086][ T5805] chnl_net:caif_netlink_parms(): no params data found [ 187.437065][ T50] Bluetooth: hci0: command tx timeout [ 187.510382][ T50] Bluetooth: hci1: command tx timeout [ 187.588428][ T50] Bluetooth: hci2: command tx timeout [ 187.666827][ T50] Bluetooth: hci3: command tx timeout [ 187.672454][ T50] Bluetooth: hci4: command tx timeout [ 187.693182][ T5811] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.702756][ T5811] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.710663][ T5811] bridge_slave_0: entered allmulticast mode [ 187.720235][ T5811] bridge_slave_0: entered promiscuous mode [ 187.744699][ T5809] chnl_net:caif_netlink_parms(): no params data found [ 187.787486][ T5811] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.795051][ T5811] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.802922][ T5811] bridge_slave_1: entered allmulticast mode [ 187.812540][ T5811] bridge_slave_1: entered promiscuous mode [ 187.840624][ T5814] chnl_net:caif_netlink_parms(): no params data found [ 188.112548][ T5811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.274302][ T5811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.284420][ T5820] chnl_net:caif_netlink_parms(): no params data found [ 188.312599][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.320276][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.329891][ T5805] bridge_slave_0: entered allmulticast mode [ 188.339194][ T5805] bridge_slave_0: entered promiscuous mode [ 188.472315][ T5811] team0: Port device team_slave_0 added [ 188.480224][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.491044][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.500318][ T5805] bridge_slave_1: entered allmulticast mode [ 188.509911][ T5805] bridge_slave_1: entered promiscuous mode [ 188.531144][ T5811] team0: Port device team_slave_1 added [ 188.744633][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.840181][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.848108][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.874479][ T5811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.002265][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 189.009565][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.036009][ T5811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 189.063650][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 189.344243][ T5809] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.351955][ T5809] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.359884][ T5809] bridge_slave_0: entered allmulticast mode [ 189.369564][ T5809] bridge_slave_0: entered promiscuous mode [ 189.477643][ T5814] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.485185][ T5814] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.494363][ T5814] bridge_slave_0: entered allmulticast mode [ 189.503988][ T5814] bridge_slave_0: entered promiscuous mode [ 189.522650][ T5805] team0: Port device team_slave_0 added [ 189.530443][ T5814] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.530951][ T50] Bluetooth: hci0: command tx timeout [ 189.540383][ T5814] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.551089][ T5814] bridge_slave_1: entered allmulticast mode [ 189.560620][ T5814] bridge_slave_1: entered promiscuous mode [ 189.570931][ T5809] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.578845][ T5809] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.586553][ T5809] bridge_slave_1: entered allmulticast mode [ 189.594944][ T5809] bridge_slave_1: entered promiscuous mode [ 189.604875][ T50] Bluetooth: hci1: command tx timeout [ 189.658590][ T5811] hsr_slave_0: entered promiscuous mode [ 189.668270][ T50] Bluetooth: hci2: command tx timeout [ 189.669242][ T5811] hsr_slave_1: entered promiscuous mode [ 189.695129][ T5805] team0: Port device team_slave_1 added [ 189.746788][ T50] Bluetooth: hci4: command tx timeout [ 189.752434][ T5817] Bluetooth: hci3: command tx timeout [ 189.937587][ T5809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.082046][ T5814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.101149][ T5809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 190.150892][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.158698][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.166703][ T5820] bridge_slave_0: entered allmulticast mode [ 190.176017][ T5820] bridge_slave_0: entered promiscuous mode [ 190.202010][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 190.209180][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.235528][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 190.251847][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 190.259253][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.285505][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 190.320792][ T5814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 190.399568][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.407189][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.414684][ T5820] bridge_slave_1: entered allmulticast mode [ 190.424046][ T5820] bridge_slave_1: entered promiscuous mode [ 190.539756][ T5809] team0: Port device team_slave_0 added [ 190.557393][ T5809] team0: Port device team_slave_1 added [ 190.665154][ T5814] team0: Port device team_slave_0 added [ 190.715645][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 190.722931][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.749342][ T5809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 190.772526][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.811373][ T5814] team0: Port device team_slave_1 added [ 190.876118][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 190.883386][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.909651][ T5809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 190.931943][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.118328][ T5805] hsr_slave_0: entered promiscuous mode [ 191.128515][ T5805] hsr_slave_1: entered promiscuous mode [ 191.137196][ T5805] debugfs: 'hsr0' already exists in 'hsr' [ 191.143094][ T5805] Cannot create hsr debugfs directory [ 191.284720][ T5820] team0: Port device team_slave_0 added [ 191.315827][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.323173][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.350070][ T5814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.365927][ T5814] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.373402][ T5814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.399768][ T5814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 191.522111][ T5820] team0: Port device team_slave_1 added [ 191.587100][ T50] Bluetooth: hci0: command tx timeout [ 191.618751][ T5809] hsr_slave_0: entered promiscuous mode [ 191.628123][ T5809] hsr_slave_1: entered promiscuous mode [ 191.635618][ T5809] debugfs: 'hsr0' already exists in 'hsr' [ 191.643216][ T5809] Cannot create hsr debugfs directory [ 191.666870][ T50] Bluetooth: hci1: command tx timeout [ 191.751428][ T50] Bluetooth: hci2: command tx timeout [ 191.775870][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 191.783165][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.809524][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 191.827163][ T50] Bluetooth: hci4: command tx timeout [ 191.832745][ T50] Bluetooth: hci3: command tx timeout [ 191.954717][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 191.961994][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 191.988340][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.075947][ T5814] hsr_slave_0: entered promiscuous mode [ 192.086003][ T5814] hsr_slave_1: entered promiscuous mode [ 192.094949][ T5814] debugfs: 'hsr0' already exists in 'hsr' [ 192.100883][ T5814] Cannot create hsr debugfs directory [ 192.539426][ T5820] hsr_slave_0: entered promiscuous mode [ 192.548799][ T5820] hsr_slave_1: entered promiscuous mode [ 192.557473][ T5820] debugfs: 'hsr0' already exists in 'hsr' [ 192.563359][ T5820] Cannot create hsr debugfs directory [ 192.575687][ T5811] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 192.695915][ T5811] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 192.715478][ T5811] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 192.807677][ T5811] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 193.097691][ T5805] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 193.125347][ T5805] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 193.167975][ T5805] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 193.191520][ T5805] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 193.667805][ T5817] Bluetooth: hci0: command tx timeout [ 193.751035][ T5817] Bluetooth: hci1: command tx timeout [ 193.778693][ T5809] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 193.834557][ T5817] Bluetooth: hci2: command tx timeout [ 193.875742][ T5809] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 193.897020][ T5809] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 193.906617][ T5817] Bluetooth: hci3: command tx timeout [ 193.912169][ T5817] Bluetooth: hci4: command tx timeout [ 193.940798][ T5809] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 194.213965][ T5814] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 194.318437][ T5814] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 194.391497][ T5820] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 194.414706][ T5814] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 194.438421][ T5814] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 194.464022][ T5820] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 194.528286][ T5820] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 194.564555][ T5820] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 194.615628][ T5811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.874984][ T5811] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.972936][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.015441][ T4326] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.023060][ T4326] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.125123][ T4326] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.132778][ T4326] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.227028][ T5805] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.354705][ T4462] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.362401][ T4462] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.488804][ T4462] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.496380][ T4462] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.581363][ T5809] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.620955][ T5811] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 195.830085][ T5809] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.935950][ T5814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.970279][ T4462] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.977789][ T4462] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.082153][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.115434][ T4462] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.123027][ T4462] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.194358][ T5814] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.347953][ T4462] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.355391][ T4462] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.423864][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.515053][ T4462] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.522661][ T4462] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.555622][ T4462] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.563370][ T4462] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.627404][ T4462] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.634849][ T4462] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.700464][ T5811] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 197.782881][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.328908][ T5805] veth0_vlan: entered promiscuous mode [ 198.492219][ T5805] veth1_vlan: entered promiscuous mode [ 198.597789][ T5809] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.758725][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.841676][ T5814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 198.890187][ T5805] veth0_macvtap: entered promiscuous mode [ 198.975959][ T5805] veth1_macvtap: entered promiscuous mode [ 199.271673][ T5809] veth0_vlan: entered promiscuous mode [ 199.290428][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 199.369615][ T5809] veth1_vlan: entered promiscuous mode [ 199.473137][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 199.529291][ T5820] veth0_vlan: entered promiscuous mode [ 199.599189][ T48] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.621906][ T5814] veth0_vlan: entered promiscuous mode [ 199.639139][ T48] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.654764][ T5820] veth1_vlan: entered promiscuous mode [ 199.683496][ T48] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.740713][ T48] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.776638][ T5814] veth1_vlan: entered promiscuous mode [ 199.879738][ T5809] veth0_macvtap: entered promiscuous mode [ 199.954747][ T5809] veth1_macvtap: entered promiscuous mode [ 200.117029][ T5820] veth0_macvtap: entered promiscuous mode [ 200.240270][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.257764][ T5820] veth1_macvtap: entered promiscuous mode [ 200.301245][ T5814] veth0_macvtap: entered promiscuous mode [ 200.358413][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.391947][ T5814] veth1_macvtap: entered promiscuous mode [ 200.534106][ T3864] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.603699][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.619190][ T48] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.636502][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.688183][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.698506][ T4274] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.754694][ T5814] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.780397][ T4326] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.834799][ T1872] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.949017][ T3864] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.998642][ T3864] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.034887][ T5811] veth0_vlan: entered promiscuous mode [ 201.054914][ T3864] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.087720][ T3864] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.129643][ T3864] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.165525][ T5811] veth1_vlan: entered promiscuous mode [ 201.216826][ T3864] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.225817][ T3864] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.535226][ T5811] veth0_macvtap: entered promiscuous mode [ 201.595758][ T5811] veth1_macvtap: entered promiscuous mode [ 201.829187][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 201.922713][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 202.058012][ T4892] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.119880][ T14] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.191442][ T14] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.262143][ T14] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.408212][ T3864] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.416380][ T3864] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.597016][ T1872] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.605060][ T1872] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.894649][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.902766][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.963785][ T5805] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 207.112011][ T1872] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 207.120198][ T1872] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.128565][ T3975] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 207.131688][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 207.136583][ T3975] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.154556][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.460842][ T3975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 207.469372][ T3975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.488406][ T1872] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 207.496572][ T1872] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.412521][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.420919][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.624628][ T6002] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4'. [ 208.764945][ T4892] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.773170][ T4892] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 209.476699][ T5893] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 209.693255][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.703795][ T5893] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 209.716724][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.849192][ T5893] usb 3-1: config 0 descriptor?? [ 210.267027][ T6026] loop3: detected capacity change from 0 to 16 [ 210.334969][ T5893] lenovo 0003:17EF:6047.0001: item fetching failed at offset 2/5 [ 210.381268][ T5893] lenovo 0003:17EF:6047.0001: hid_parse failed [ 210.388144][ T5893] lenovo 0003:17EF:6047.0001: probe with driver lenovo failed with error -22 [ 210.550401][ T5893] usb 3-1: USB disconnect, device number 2 [ 210.943437][ T6035] netlink: 16098 bytes leftover after parsing attributes in process `syz.0.20'. [ 211.277518][ T6039] loop4: detected capacity change from 0 to 256 [ 211.337024][ T6039] exfat: Deprecated parameter 'namecase' [ 211.454136][ T6040] loop1: detected capacity change from 0 to 2048 [ 211.489590][ T6039] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x7edfe654, utbl_chksum : 0xe619d30d) [ 211.577965][ T6047] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 211.925840][ T6050] loop3: detected capacity change from 0 to 64 [ 212.644934][ T30] audit: type=1800 audit(1755734014.619:2): pid=6064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.33" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 213.165318][ T5893] hid (null): unknown global tag 0xe [ 213.194412][ T5893] hid-generic F669:0002:0004.0002: unknown global tag 0xe [ 213.202421][ T5893] hid-generic F669:0002:0004.0002: item 0 0 1 14 parsing failed [ 213.268040][ T5893] hid-generic F669:0002:0004.0002: probe with driver hid-generic failed with error -22 [ 213.297289][ T6070] loop1: detected capacity change from 0 to 4096 [ 213.434703][ T6081] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 214.156114][ T6085] loop2: detected capacity change from 0 to 1024 [ 214.279878][ T6088] netlink: 'syz.0.43': attribute type 4 has an invalid length. [ 214.888448][ T12] hfsplus: b-tree write err: -5, ino 4 [ 215.220223][ T6099] loop3: detected capacity change from 0 to 1024 [ 215.287598][ T6104] capability: warning: `syz.2.49' uses deprecated v2 capabilities in a way that may be insecure [ 215.306090][ T6105] loop4: detected capacity change from 0 to 16 [ 215.357108][ T6101] loop1: detected capacity change from 0 to 1024 [ 215.374711][ T6105] erofs (device loop4): mounted with root inode @ nid 36. [ 215.610949][ T6101] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.955290][ T6111] loop0: detected capacity change from 0 to 8 [ 216.151714][ T4892] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.174158][ T6111] SQUASHFS error: zlib decompression failed, data probably corrupt [ 216.182623][ T6111] SQUASHFS error: Failed to read block 0x9b: -5 [ 216.189247][ T6111] SQUASHFS error: Unable to read metadata cache entry [99] [ 216.196800][ T6111] SQUASHFS error: Unable to read inode 0x127 [ 216.425054][ T4892] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.687382][ T4892] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.811131][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.944269][ T4892] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.968655][ T6119] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 216.975487][ T6119] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 217.478490][ T4892] bridge_slave_1: left allmulticast mode [ 217.484388][ T4892] bridge_slave_1: left promiscuous mode [ 217.498078][ T4892] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.551854][ T4892] bridge_slave_0: left allmulticast mode [ 217.558328][ T4892] bridge_slave_0: left promiscuous mode [ 217.564906][ T4892] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.183778][ T4892] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 218.248249][ T4892] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 218.267159][ T4892] bond0 (unregistering): Released all slaves [ 218.798730][ T4892] hsr_slave_0: left promiscuous mode [ 218.831075][ T4892] hsr_slave_1: left promiscuous mode [ 218.839946][ T4892] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 218.847700][ T4892] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 218.889022][ T4892] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 218.896668][ T4892] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 218.958562][ T4892] veth1_macvtap: left promiscuous mode [ 218.964264][ T4892] veth0_macvtap: left promiscuous mode [ 218.970285][ T4892] veth1_vlan: left promiscuous mode [ 218.975792][ T4892] veth0_vlan: left promiscuous mode [ 220.025448][ T4892] team0 (unregistering): Port device team_slave_1 removed [ 220.065042][ T4892] team0 (unregistering): Port device team_slave_0 removed [ 220.523750][ T6146] netlink: 200 bytes leftover after parsing attributes in process `syz.3.64'. [ 220.761566][ T50] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 220.778482][ T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 220.790167][ T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 220.811180][ T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 220.822920][ T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 222.146954][ T5909] usb 4-1: new full-speed USB device number 2 using dummy_hcd [ 222.309889][ T50] Bluetooth: hci4: command tx timeout [ 222.347692][ T6162] loop0: detected capacity change from 0 to 8192 [ 222.353750][ T5909] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 222.365432][ T5909] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 222.375565][ T5909] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1c1e, bcdDevice= 0.00 [ 222.385064][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.421602][ T6162] ======================================================= [ 222.421602][ T6162] WARNING: The mand mount option has been deprecated and [ 222.421602][ T6162] and is ignored by this kernel. Remove the mand [ 222.421602][ T6162] option from the mount to silence this warning. [ 222.421602][ T6162] ======================================================= [ 222.429133][ T5909] usb 4-1: config 0 descriptor?? [ 222.579863][ T6148] chnl_net:caif_netlink_parms(): no params data found [ 222.662257][ T30] audit: type=1800 audit(1755734024.639:3): pid=6162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.70" name="file2" dev="loop0" ino=1048604 res=0 errno=0 [ 222.675397][ T6162] syz.0.70: attempt to access beyond end of device [ 222.675397][ T6162] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 222.697349][ T6162] Buffer I/O error on dev loop0, logical block 57847, async page read [ 222.797589][ T6162] syz.0.70: attempt to access beyond end of device [ 222.797589][ T6162] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 222.812732][ T6162] Buffer I/O error on dev loop0, logical block 57847, async page read [ 222.867945][ T50] Bluetooth: hci2: command tx timeout [ 222.897075][ T6162] syz.0.70: attempt to access beyond end of device [ 222.897075][ T6162] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 222.910943][ T6162] Buffer I/O error on dev loop0, logical block 57847, async page read [ 223.052688][ T5909] corsair-psu 0003:1B1C:1C1E.0003: hidraw0: USB HID v0.00 Device [HID 1b1c:1c1e] on usb-dummy_hcd.3-1/input0 [ 223.074838][ T6162] syz.0.70: attempt to access beyond end of device [ 223.074838][ T6162] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 223.089137][ T6162] Buffer I/O error on dev loop0, logical block 57847, async page read [ 223.179529][ T6162] syz.0.70: attempt to access beyond end of device [ 223.179529][ T6162] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 223.193107][ T6162] Buffer I/O error on dev loop0, logical block 57847, async page read [ 223.218363][ T5909] corsair-psu 0003:1B1C:1C1E.0003: unable to initialize device (-71) [ 223.272780][ T5909] corsair-psu 0003:1B1C:1C1E.0003: probe with driver corsair-psu failed with error -71 [ 223.306947][ T6162] syz.0.70: attempt to access beyond end of device [ 223.306947][ T6162] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 223.322644][ T6162] Buffer I/O error on dev loop0, logical block 57847, async page read [ 223.413905][ T5909] usb 4-1: USB disconnect, device number 2 [ 224.215405][ T6181] fido_id[6181]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 224.722396][ T6148] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.730064][ T6148] bridge0: port 1(bridge_slave_0) entered disabled state [ 224.739254][ T6148] bridge_slave_0: entered allmulticast mode [ 224.800962][ T6148] bridge_slave_0: entered promiscuous mode [ 224.821196][ T6196] loop0: detected capacity change from 0 to 512 [ 224.879645][ T6148] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.887372][ T6148] bridge0: port 2(bridge_slave_1) entered disabled state [ 224.895083][ T6148] bridge_slave_1: entered allmulticast mode [ 224.904720][ T6148] bridge_slave_1: entered promiscuous mode [ 224.947091][ T50] Bluetooth: hci2: command tx timeout [ 225.011203][ T6196] EXT4-fs (loop0): Cannot use DAX on a filesystem that may contain inline data [ 225.029981][ T6200] loop2: detected capacity change from 0 to 1024 [ 225.139355][ T6200] EXT4-fs (loop2): Test dummy encryption mode enabled [ 225.177360][ T6200] EXT4-fs (loop2): stripe (9) is not aligned with cluster size (16), stripe is disabled [ 225.325817][ T6200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 225.409168][ T6148] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 225.562001][ T6148] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 225.960290][ T6218] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 225.981014][ T6148] team0: Port device team_slave_0 added [ 226.017811][ T6217] netlink: 20 bytes leftover after parsing attributes in process `syz.3.88'. [ 226.059235][ T6148] team0: Port device team_slave_1 added [ 226.532652][ T6200] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 226.581788][ T6148] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 226.589997][ T6148] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.623016][ T6148] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 226.670846][ T6224] sg_read: process 42 (syz.0.89) changed security contexts after opening file descriptor, this is not allowed. [ 226.771206][ T6148] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 226.778697][ T6148] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 226.805100][ T6148] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 226.951513][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.039119][ T50] Bluetooth: hci2: command tx timeout [ 227.392984][ T6148] hsr_slave_0: entered promiscuous mode [ 227.397201][ T6148] hsr_slave_1: entered promiscuous mode [ 227.956808][ T6240] loop3: detected capacity change from 0 to 256 [ 228.098887][ T6240] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 228.248498][ T6245] netlink: 'syz.2.97': attribute type 1 has an invalid length. [ 228.248578][ T6245] netlink: 5624 bytes leftover after parsing attributes in process `syz.2.97'. [ 228.339297][ T6244] loop1: detected capacity change from 0 to 1024 [ 228.568702][ T6244] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.023645][ T30] audit: type=1326 audit(1755734030.979:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000 [ 229.046475][ T30] audit: type=1326 audit(1755734030.979:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000 [ 229.099396][ T5814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.127698][ T50] Bluetooth: hci2: command tx timeout [ 229.189237][ T30] audit: type=1326 audit(1755734031.079:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f83539 code=0x7ffc0000 [ 229.212500][ T30] audit: type=1326 audit(1755734031.079:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000 [ 229.234566][ T30] audit: type=1326 audit(1755734031.079:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000 [ 229.257065][ T30] audit: type=1326 audit(1755734031.079:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=40000003 syscall=262 compat=1 ip=0xf7f83539 code=0x7ffc0000 [ 229.282093][ T30] audit: type=1326 audit(1755734031.079:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6251 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83539 code=0x7ffc0000 [ 229.339022][ T6148] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 229.454286][ T6148] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 229.638107][ T6148] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 229.707742][ T6148] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 229.782840][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 229.789936][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 230.338540][ T6271] @: renamed from vlan0 (while UP) [ 230.369817][ T6273] loop0: detected capacity change from 0 to 64 [ 230.610718][ T6273] hfs: request for non-existent node 131072 in B*Tree [ 230.618681][ T6273] hfs: request for non-existent node 131072 in B*Tree [ 231.404973][ T6148] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.618683][ T6148] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.736478][ T5909] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 231.790795][ T3975] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.798352][ T3975] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.863362][ T6292] netlink: 32 bytes leftover after parsing attributes in process `syz.3.115'. [ 231.915904][ T3975] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.923513][ T3975] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.004012][ T5909] usb 1-1: unable to get BOS descriptor or descriptor too short [ 232.037460][ T5909] usb 1-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config [ 232.098856][ T6295] netlink: 'syz.2.116': attribute type 30 has an invalid length. [ 232.138303][ T5909] usb 1-1: New USB device found, idVendor=0cf3, idProduct=1010, bcdDevice=26.db [ 232.148361][ T5909] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.156673][ T5909] usb 1-1: Product: syz [ 232.160995][ T5909] usb 1-1: Manufacturer: syz [ 232.165747][ T5909] usb 1-1: SerialNumber: syz [ 233.307810][ T5909] usb 1-1: reset high-speed USB device number 2 using dummy_hcd [ 233.597404][ T5909] usb 1-1: unable to get BOS descriptor or descriptor too short [ 233.637988][ T5909] usb 1-1: device firmware changed [ 233.733776][ T5909] usb 1-1: USB disconnect, device number 2 [ 234.375105][ T6322] loop1: detected capacity change from 0 to 1024 [ 234.413245][ T6148] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 235.003430][ T6332] netlink: 8 bytes leftover after parsing attributes in process `syz.2.128'. [ 235.158610][ T6335] loop3: detected capacity change from 0 to 512 [ 235.415564][ T6335] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 235.508930][ T6335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.525368][ T6335] ext4 filesystem being mounted at /32/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 235.636131][ T6344] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 236.232506][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.510091][ T6375] loop0: detected capacity change from 0 to 512 [ 237.600097][ T6375] EXT4-fs: Ignoring removed i_version option [ 237.755611][ T6148] veth0_vlan: entered promiscuous mode [ 237.816364][ T6375] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 237.974249][ T6148] veth1_vlan: entered promiscuous mode [ 238.325710][ T6148] veth0_macvtap: entered promiscuous mode [ 238.333947][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.439583][ T6148] veth1_macvtap: entered promiscuous mode [ 238.678539][ T6148] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 238.799310][ T6148] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 238.937592][ T4462] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.025743][ T1872] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.061666][ T1872] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.127740][ T1872] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 240.088366][ T6416] veth0_to_bond: entered allmulticast mode [ 240.602281][ T6422] loop2: detected capacity change from 0 to 128 [ 240.920580][ T5893] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 241.156141][ T5893] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 241.167711][ T5893] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 241.178510][ T5893] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 241.188743][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.369969][ T5893] usb 4-1: config 0 descriptor?? [ 241.877612][ T5893] cm6533_jd 0003:0D8C:0022.0004: unexpected long global item [ 241.935026][ T5893] cm6533_jd 0003:0D8C:0022.0004: parse failed [ 241.943431][ T5893] cm6533_jd 0003:0D8C:0022.0004: probe with driver cm6533_jd failed with error -22 [ 242.053138][ T6439] loop0: detected capacity change from 0 to 1024 [ 242.098662][ T5909] usb 4-1: USB disconnect, device number 3 [ 242.313864][ T6444] loop2: detected capacity change from 0 to 256 [ 242.527832][ T6444] netlink: 28 bytes leftover after parsing attributes in process `syz.2.165'. [ 242.537287][ T6444] netlink: 28 bytes leftover after parsing attributes in process `syz.2.165'. [ 243.065719][ T6449] netlink: 'syz.0.166': attribute type 1 has an invalid length. [ 245.677564][ T6491] process 'syz.2.183' launched '/dev/fd/3' with NULL argv: empty string added [ 246.686758][ T4462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.694748][ T4462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.756433][ T5893] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 246.840689][ T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.849015][ T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.966593][ T5893] usb 2-1: Using ep0 maxpacket: 32 [ 246.993433][ T5893] usb 2-1: config index 0 descriptor too short (expected 35577, got 27) [ 247.002287][ T5893] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 247.011190][ T5893] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 247.020542][ T5893] usb 2-1: config 1 has no interface number 0 [ 247.027478][ T5893] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 247.037891][ T5893] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 247.051157][ T5893] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 247.060521][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.176637][ T42] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 247.358519][ T5893] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found [ 247.406833][ T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 247.418427][ T42] usb 4-1: New USB device found, idVendor=0c70, idProduct=f00a, bcdDevice= 0.00 [ 247.428803][ T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 247.522822][ T42] usb 4-1: config 0 descriptor?? [ 247.533228][ T6509] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 247.578734][ T5893] snd_usb_pod 2-1:1.1: invalid control EP [ 247.584645][ T5893] snd_usb_pod 2-1:1.1: cannot start listening: -22 [ 247.591954][ T5893] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected [ 247.608724][ T5893] snd_usb_pod 2-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 247.899358][ T5893] usb 2-1: USB disconnect, device number 2 [ 248.041462][ T42] aquacomputer_d5next 0003:0C70:F00A.0005: unknown main item tag 0x3 [ 248.134255][ T42] aquacomputer_d5next 0003:0C70:F00A.0005: hidraw0: USB HID v1.01 Device [HID 0c70:f00a] on usb-dummy_hcd.3-1/input0 [ 248.264056][ T42] usb 4-1: USB disconnect, device number 4 [ 248.887880][ T6525] fido_id[6525]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 250.203542][ T6555] ALSA: mixer_oss: invalid OSS volume '' [ 250.629972][ T6554] loop0: detected capacity change from 0 to 2048 [ 250.691079][ T6554] EXT4-fs: Ignoring removed mblk_io_submit option [ 250.704161][ T6562] netlink: 60 bytes leftover after parsing attributes in process `syz.5.211'. [ 250.743386][ T6560] netlink: 60 bytes leftover after parsing attributes in process `syz.5.211'. [ 250.843092][ T6554] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.227949][ T6568] loop3: detected capacity change from 0 to 1024 [ 251.333258][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.402142][ T6568] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 251.625543][ T6576] netlink: 8 bytes leftover after parsing attributes in process `syz.2.215'. [ 251.634787][ T6576] netlink: 4 bytes leftover after parsing attributes in process `syz.2.215'. [ 251.643962][ T6576] netlink: 'syz.2.215': attribute type 15 has an invalid length. [ 251.845073][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.353973][ T6586] loop3: detected capacity change from 0 to 256 [ 252.475189][ T6589] warning: `syz.2.221' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 252.850436][ T6586] FAT-fs (loop3): Directory bread(block 64) failed [ 252.858760][ T6586] FAT-fs (loop3): Directory bread(block 65) failed [ 252.865702][ T6586] FAT-fs (loop3): Directory bread(block 66) failed [ 252.872543][ T6586] FAT-fs (loop3): Directory bread(block 67) failed [ 252.879494][ T6586] FAT-fs (loop3): Directory bread(block 68) failed [ 252.886405][ T6586] FAT-fs (loop3): Directory bread(block 69) failed [ 252.893223][ T6586] FAT-fs (loop3): Directory bread(block 70) failed [ 252.900429][ T6586] FAT-fs (loop3): Directory bread(block 71) failed [ 252.907373][ T6586] FAT-fs (loop3): Directory bread(block 72) failed [ 252.914047][ T6586] FAT-fs (loop3): Directory bread(block 73) failed [ 254.096869][ T42] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 254.139669][ T6614] Zero length message leads to an empty skb [ 254.306692][ T42] usb 1-1: Using ep0 maxpacket: 8 [ 254.373899][ T42] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2 [ 254.383351][ T42] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.391996][ T42] usb 1-1: Product: syz [ 254.396381][ T42] usb 1-1: Manufacturer: syz [ 254.401145][ T42] usb 1-1: SerialNumber: syz [ 254.509224][ T42] usb 1-1: config 0 descriptor?? [ 254.801723][ T42] gspca_main: sunplus-2.14.0 probing 04a5:3003 [ 255.203951][ T42] gspca_sunplus: reg_w_riv err -71 [ 255.209572][ T42] sunplus 1-1:0.0: probe with driver sunplus failed with error -71 [ 255.284538][ T42] usb 1-1: USB disconnect, device number 3 [ 255.384621][ T6632] netlink: 'syz.1.238': attribute type 3 has an invalid length. [ 257.347994][ T6660] loop5: detected capacity change from 0 to 256 [ 257.919599][ T6664] loop3: detected capacity change from 0 to 2048 [ 258.117486][ T6664] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 259.252951][ T6685] loop3: detected capacity change from 0 to 512 [ 259.326063][ T6687] netlink: 32 bytes leftover after parsing attributes in process `syz.1.259'. [ 259.333702][ T6685] EXT4-fs (loop3): orphan cleanup on readonly fs [ 259.341826][ T6685] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 259.568442][ T6685] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 259.656939][ T6685] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.257: attempt to clear invalid blocks 2 len 1 [ 259.732976][ T6685] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.257: invalid indirect mapped block 1819239214 (level 0) [ 259.851659][ T6685] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.257: invalid indirect mapped block 1819239214 (level 1) [ 259.918400][ T6685] EXT4-fs (loop3): 1 truncate cleaned up [ 259.927125][ T6685] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 260.443825][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.756961][ T42] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 261.993951][ T42] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 262.007841][ T42] usb 3-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 262.017218][ T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.129048][ T42] usb 3-1: config 0 descriptor?? [ 262.687961][ T42] uclogic 0003:5543:0781.0006: unknown main item tag 0x1 [ 262.695281][ T42] uclogic 0003:5543:0781.0006: unknown main item tag 0x0 [ 262.794239][ T42] uclogic 0003:5543:0781.0006: hidraw0: USB HID v1.01 Device [HID 5543:0781] on usb-dummy_hcd.2-1/input0 [ 262.904366][ T42] usb 3-1: USB disconnect, device number 3 [ 263.065831][ T50] Bluetooth: Frame is too long (len 16, expected len 4) [ 263.625040][ T6750] fido_id[6750]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 264.682605][ T6775] Bluetooth: MGMT ver 1.23 [ 264.793434][ T4274] hfsplus: b-tree write err: -5, ino 4 [ 265.436782][ T6791] loop2: detected capacity change from 0 to 128 [ 265.647862][ T42] IPVS: starting estimator thread 0... [ 265.747145][ T30] audit: type=1800 audit(1755734067.719:11): pid=6791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.299" name="file1" dev="loop2" ino=1048619 res=0 errno=0 [ 265.784244][ T6795] IPVS: using max 240 ests per chain, 12000 per kthread [ 266.658879][ T6799] loop3: detected capacity change from 0 to 4096 [ 266.767138][ T6799] ntfs3(loop3): ino=3, Correct links count -> 2. [ 268.060172][ T6833] loop2: detected capacity change from 0 to 128 [ 268.095760][ T6835] netlink: 4 bytes leftover after parsing attributes in process `syz.3.314'. [ 268.350001][ T6833] netlink: 8 bytes leftover after parsing attributes in process `syz.2.315'. [ 269.279895][ T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 269.398280][ T6850] loop0: detected capacity change from 0 to 4096 [ 269.485718][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 269.496979][ T9] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 269.509812][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.557485][ T6857] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 269.578426][ T9] usb 4-1: config 0 descriptor?? [ 270.053515][ T9] lenovo 0003:17EF:6047.0007: item fetching failed at offset 2/5 [ 270.108695][ T9] lenovo 0003:17EF:6047.0007: hid_parse failed [ 270.115400][ T9] lenovo 0003:17EF:6047.0007: probe with driver lenovo failed with error -22 [ 270.255918][ T9] usb 4-1: USB disconnect, device number 5 [ 270.991621][ T6877] loop5: detected capacity change from 0 to 512 [ 271.063671][ T6877] EXT4-fs (loop5): can't mount with data=, fs mounted w/o journal [ 271.182467][ T6880] loop0: detected capacity change from 0 to 128 [ 271.333930][ T6880] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 271.436760][ T6880] ext4 filesystem being mounted at /70/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 271.535246][ T6885] loop2: detected capacity change from 0 to 2048 [ 271.581916][ T6885] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 271.634739][ T6885] syz.2.336: attempt to access beyond end of device [ 271.634739][ T6885] loop2: rw=524288, sector=65534, nr_sectors = 2 limit=2048 [ 271.636717][ T6892] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 271.781234][ T6894] loop3: detected capacity change from 0 to 1024 [ 271.798745][ T5805] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 271.907810][ T6894] hfsplus: catalog name length corrupted [ 272.134419][ T6899] netlink: 'syz.5.342': attribute type 4 has an invalid length. [ 272.413483][ T6905] ipvlan2: entered promiscuous mode [ 272.425731][ T6905] bridge0: port 3(ipvlan2) entered blocking state [ 272.432887][ T6905] bridge0: port 3(ipvlan2) entered disabled state [ 272.440162][ T6905] ipvlan2: entered allmulticast mode [ 272.445615][ T6905] bridge0: entered allmulticast mode [ 272.453671][ T6905] ipvlan2: left allmulticast mode [ 272.459107][ T6905] bridge0: left allmulticast mode [ 272.706515][ T6909] capability: warning: `syz.1.347' uses 32-bit capabilities (legacy support in use) [ 272.725797][ T6910] loop5: detected capacity change from 0 to 512 [ 272.736038][ T9] IPVS: starting estimator thread 0... [ 272.742150][ T6911] IPVS: ip_vs_add_dest(): server weight less than zero [ 272.836896][ T6912] IPVS: using max 240 ests per chain, 12000 per kthread [ 273.699213][ T6927] loop3: detected capacity change from 0 to 1024 [ 273.967669][ T12] hfsplus: b-tree write err: -5, ino 4 [ 274.271883][ T6940] program syz.3.360 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 274.851066][ T6948] netlink: 8 bytes leftover after parsing attributes in process `syz.3.365'. [ 275.267383][ T42] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 275.500031][ T42] usb 3-1: config 0 interface 0 has no altsetting 0 [ 275.507419][ T42] usb 3-1: New USB device found, idVendor=172f, idProduct=0500, bcdDevice= 0.00 [ 275.517048][ T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.568623][ T42] usb 3-1: config 0 descriptor?? [ 275.676908][ T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 275.765062][ T6966] loop3: detected capacity change from 0 to 64 [ 275.799661][ T6966] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 275.850928][ T6968] bond_slave_0: entered promiscuous mode [ 275.857085][ T6968] bond_slave_1: entered promiscuous mode [ 275.869666][ T6968] macsec1: entered promiscuous mode [ 275.875202][ T6968] bond0: entered promiscuous mode [ 275.947280][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 275.957674][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 275.977577][ T9] usb 1-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00 [ 275.987346][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 276.068001][ T6968] bond0: left promiscuous mode [ 276.077017][ T6968] bond_slave_0: left promiscuous mode [ 276.082856][ T6968] bond_slave_1: left promiscuous mode [ 276.139084][ T9] usb 1-1: config 0 descriptor?? [ 276.201524][ T42] waltop 0003:172F:0500.0008: hidraw0: USB HID v1.05 Device [HID 172f:0500] on usb-dummy_hcd.2-1/input0 [ 276.334566][ T42] usb 3-1: USB disconnect, device number 4 [ 276.655560][ T9] lenovo 0003:17EF:60EE.0009: hidraw0: USB HID v0.00 Device [HID 17ef:60ee] on usb-dummy_hcd.0-1/input0 [ 276.792228][ T9] lenovo 0003:17EF:60EE.0009: Failed to switch middle button: -71 [ 276.825686][ T9] lenovo 0003:17EF:60EE.0009: Fn-lock setting failed: -71 [ 276.837577][ T6973] comedi comedi3: 8255: I/O port conflict (0x404f26,4) [ 276.844775][ T6973] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 276.852245][ T6973] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 276.859239][ T6973] comedi comedi3: 8255: I/O port conflict (0xc,4) [ 276.865993][ T6973] comedi comedi3: 8255: I/O port conflict (0x5c95239c,4) [ 276.873559][ T6973] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 276.884961][ T6973] comedi comedi3: 8255: I/O port conflict (0x3bf,4) [ 276.893873][ T6973] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 276.900781][ T6973] comedi comedi3: 8255: I/O port conflict (0x20000001,4) [ 276.908836][ T6973] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 276.915657][ T6973] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 276.922563][ T6973] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 276.929456][ T6973] comedi comedi3: 8255: I/O port conflict (0x400,4) [ 276.936611][ T6973] comedi comedi3: 8255: I/O port conflict (0x6,4) [ 276.944336][ T9] lenovo 0003:17EF:60EE.0009: Sensitivity setting failed: -71 [ 276.988693][ T9] usb 1-1: USB disconnect, device number 4 [ 277.460790][ T6982] macvlan2: entered promiscuous mode [ 277.466532][ T6982] macvlan2: entered allmulticast mode [ 278.615314][ T7000] team_slave_0: entered promiscuous mode [ 278.621458][ T7000] team_slave_1: entered promiscuous mode [ 278.640445][ T7000] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 278.651550][ T7000] team0: Device macvtap1 is already an upper device of the team interface [ 278.837146][ T7000] team_slave_0: left promiscuous mode [ 278.842852][ T7000] team_slave_1: left promiscuous mode [ 279.319877][ T7010] netlink: 'syz.5.393': attribute type 1 has an invalid length. [ 279.327948][ T7010] netlink: 5624 bytes leftover after parsing attributes in process `syz.5.393'. [ 280.826711][ T9] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 280.997467][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 281.009432][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 281.020111][ T9] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1c1e, bcdDevice= 0.00 [ 281.028691][ T7043] @: renamed from vlan0 (while UP) [ 281.029553][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 281.055496][ T9] usb 1-1: config 0 descriptor?? [ 281.634502][ T9] corsair-psu 0003:1B1C:1C1E.000A: hidraw0: USB HID v0.00 Device [HID 1b1c:1c1e] on usb-dummy_hcd.0-1/input0 [ 281.787068][ T9] corsair-psu 0003:1B1C:1C1E.000A: unable to initialize device (-71) [ 281.840258][ T9] corsair-psu 0003:1B1C:1C1E.000A: probe with driver corsair-psu failed with error -71 [ 281.883059][ T9] usb 1-1: USB disconnect, device number 5 [ 282.187823][ T7057] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 282.674743][ T7062] netlink: 8 bytes leftover after parsing attributes in process `syz.2.420'. [ 283.046471][ T42] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 283.241296][ T7075] @: renamed from vlan0 (while UP) [ 283.252015][ T42] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 283.263658][ T42] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 283.273900][ T42] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 283.283361][ T42] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.372101][ T7077] loop5: detected capacity change from 0 to 22 [ 283.376945][ T42] usb 1-1: config 0 descriptor?? [ 283.517099][ T7077] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 283.830038][ T42] cm6533_jd 0003:0D8C:0022.000B: unexpected long global item [ 283.876379][ T42] cm6533_jd 0003:0D8C:0022.000B: parse failed [ 283.883248][ T42] cm6533_jd 0003:0D8C:0022.000B: probe with driver cm6533_jd failed with error -22 [ 284.077687][ T9] usb 1-1: USB disconnect, device number 6 [ 284.627952][ T7097] netlink: 'syz.2.435': attribute type 29 has an invalid length. [ 284.658280][ T7096] smc: net device bond0 applied user defined pnetid SYZ0 [ 284.669679][ T7097] netlink: 'syz.2.435': attribute type 29 has an invalid length. [ 285.332248][ T7109] delete_channel: no stack [ 285.595070][ T7112] loop2: detected capacity change from 0 to 256 [ 285.775278][ T7112] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 285.951647][ T30] audit: type=1804 audit(1755734087.929:12): pid=7120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.444" name="/newroot/98/file1/bus" dev="loop2" ino=1048622 res=1 errno=0 [ 286.276510][ T7126] loop0: detected capacity change from 0 to 8 [ 286.387469][ T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 286.465061][ T7128] loop5: detected capacity change from 0 to 1024 [ 286.495057][ T7131] loop3: detected capacity change from 0 to 64 [ 286.620535][ T7128] syz.5.452: attempt to access beyond end of device [ 286.620535][ T7128] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 286.634956][ T7128] Buffer I/O error on dev loop5, logical block 100663296, async page read [ 286.645488][ T7128] syz.5.452: attempt to access beyond end of device [ 286.645488][ T7128] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 286.646973][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 286.661128][ T7128] Buffer I/O error on dev loop5, logical block 100663296, async page read [ 286.670987][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 286.671202][ T9] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 286.671353][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.770053][ T9] usb 2-1: config 0 descriptor?? [ 287.261931][ T9] cm6533_jd 0003:0D8C:0022.000C: unexpected long global item [ 287.285798][ T9] cm6533_jd 0003:0D8C:0022.000C: parse failed [ 287.292852][ T9] cm6533_jd 0003:0D8C:0022.000C: probe with driver cm6533_jd failed with error -22 [ 287.352222][ T30] audit: type=1800 audit(1755734089.339:13): pid=7140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.458" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 287.436664][ T42] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 287.537975][ T5893] usb 2-1: USB disconnect, device number 3 [ 287.630629][ T42] usb 4-1: Using ep0 maxpacket: 32 [ 287.672642][ T42] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 287.686363][ T42] usb 4-1: config 0 interface 0 has no altsetting 0 [ 287.693275][ T42] usb 4-1: New USB device found, idVendor=0403, idProduct=97c1, bcdDevice= 0.00 [ 287.702762][ T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.784924][ T42] usb 4-1: config 0 descriptor?? [ 288.289222][ T42] hid-retrode 0003:0403:97C1.000D: unknown main item tag 0x6 [ 288.368611][ T42] hid-retrode 0003:0403:97C1.000D: hidraw0: USB HID v0.02 Device [HID 0403:97c1] on usb-dummy_hcd.3-1/input0 [ 288.495442][ T3084] usb 4-1: USB disconnect, device number 6 [ 288.513149][ T7154] loop0: detected capacity change from 0 to 256 [ 288.590045][ T7154] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 288.666528][ T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 288.728529][ T30] audit: type=1804 audit(1755734090.719:14): pid=7154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.463" name="/newroot/89/file1/bus" dev="loop0" ino=1048623 res=1 errno=0 [ 288.872620][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 288.884271][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 288.895589][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 288.909765][ T9] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 288.919164][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.941093][ T9] usb 6-1: config 0 descriptor?? [ 288.961503][ T9] hub 6-1:0.0: USB hub found [ 289.118472][ T7164] loop0: detected capacity change from 0 to 256 [ 289.183959][ T9] hub 6-1:0.0: 14 ports detected [ 289.197151][ T9] hub 6-1:0.0: insufficient power available to use all downstream ports [ 289.464852][ T7153] loop5: detected capacity change from 0 to 512 [ 289.587613][ T30] audit: type=1800 audit(1755734091.559:15): pid=7169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.471" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 289.746063][ T7153] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.759818][ T7153] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.905408][ T9] hub 6-1:0.0: hub_hub_status failed (err = -71) [ 289.914644][ T9] hub 6-1:0.0: config failed, can't get hub status (err -71) [ 289.957512][ T9] usb 6-1: USB disconnect, device number 2 [ 290.041716][ T7178] loop0: detected capacity change from 0 to 128 [ 290.065665][ T7179] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 290.638574][ T42] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 290.663054][ T6148] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.871610][ T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 290.883765][ T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 290.894025][ T42] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 290.903519][ T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 290.990840][ T42] usb 3-1: config 0 descriptor?? [ 291.094662][ T7194] loop5: detected capacity change from 0 to 256 [ 291.224628][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 291.232405][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 291.419169][ T7194] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 291.503524][ T42] cm6533_jd 0003:0D8C:0022.000E: unexpected long global item [ 291.548577][ T42] cm6533_jd 0003:0D8C:0022.000E: parse failed [ 291.555404][ T42] cm6533_jd 0003:0D8C:0022.000E: probe with driver cm6533_jd failed with error -22 [ 291.624802][ T30] audit: type=1804 audit(1755734093.599:16): pid=7194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.480" name="/newroot/63/file1/bus" dev="loop5" ino=1048627 res=1 errno=0 [ 291.734753][ T42] usb 3-1: USB disconnect, device number 5 [ 292.162929][ T7204] loop0: detected capacity change from 0 to 1024 [ 292.560390][ T7210] loop5: detected capacity change from 0 to 128 [ 292.642427][ T14] hfsplus: b-tree write err: -5, ino 4 [ 293.785699][ T7232] loop5: detected capacity change from 0 to 256 [ 293.857421][ T7232] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 293.971789][ T7232] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 294.076384][ T50] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 294.089106][ T50] Bluetooth: hci4: Injecting HCI hardware error event [ 294.098839][ T50] Bluetooth: hci4: hardware error 0x00 [ 294.515141][ T7244] loop2: detected capacity change from 0 to 1024 [ 294.604470][ T7244] hfsplus: bad catalog entry type [ 294.616646][ T42] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 294.806593][ T42] usb 4-1: config 0 has too many interfaces: 204, using maximum allowed: 32 [ 294.815573][ T42] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 204 [ 294.825242][ T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 294.837036][ T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 294.847138][ T42] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 294.860434][ T42] usb 4-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00 [ 294.870087][ T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.887443][ T42] usb 4-1: config 0 descriptor?? [ 294.924721][ T4274] hfsplus: b-tree write err: -5, ino 4 [ 295.397959][ T42] input: HID 28bd:0909 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28BD:0909.000F/input/input6 [ 295.489102][ T42] uclogic 0003:28BD:0909.000F: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.3-1/input0 [ 295.534967][ T30] audit: type=1326 audit(1755734097.509:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.1.513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 295.589004][ T42] usb 4-1: USB disconnect, device number 7 [ 295.637058][ T30] audit: type=1326 audit(1755734097.589:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.1.513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 295.660442][ T30] audit: type=1326 audit(1755734097.589:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.1.513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 295.685434][ T30] audit: type=1326 audit(1755734097.589:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.1.513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 295.709478][ T30] audit: type=1326 audit(1755734097.599:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.1.513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=246 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 295.771088][ T30] audit: type=1326 audit(1755734097.739:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.1.513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 295.794665][ T30] audit: type=1326 audit(1755734097.739:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.1.513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 296.154363][ T50] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 296.933886][ T7276] loop2: detected capacity change from 0 to 256 [ 297.561752][ T7292] loop3: detected capacity change from 0 to 1024 [ 297.734988][ T7292] hfsplus: bad catalog entry type [ 297.989259][ T4462] hfsplus: b-tree write err: -5, ino 4 [ 298.126966][ T42] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 298.158296][ T7302] loop2: detected capacity change from 0 to 256 [ 298.317212][ T42] usb 2-1: Using ep0 maxpacket: 8 [ 298.350802][ T42] usb 2-1: config index 0 descriptor too short (expected 30, got 18) [ 298.442855][ T42] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 298.453534][ T42] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.462365][ T42] usb 2-1: Product: syz [ 298.466893][ T42] usb 2-1: Manufacturer: syz [ 298.471696][ T42] usb 2-1: SerialNumber: syz [ 298.575800][ T42] usb 2-1: config 0 descriptor?? [ 298.622886][ T42] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 298.631512][ T42] usb 2-1: setting power ON [ 298.636383][ T42] dvb-usb: bulk message failed: -22 (2/0) [ 298.675833][ T42] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 298.738409][ T42] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 298.749200][ T42] usb 2-1: media controller created [ 298.847025][ T42] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 298.868742][ T7297] dvb-usb: bulk message failed: -22 (3/0) [ 299.163861][ T42] usb 2-1: selecting invalid altsetting 6 [ 299.170583][ T42] usb 2-1: digital interface selection failed (-22) [ 299.178327][ T42] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 299.274528][ T42] usb 2-1: setting power OFF [ 299.279665][ T42] dvb-usb: bulk message failed: -22 (2/0) [ 299.285622][ T42] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 299.295668][ T42] (NULL device *): no alternate interface [ 299.443490][ T7320] loop3: detected capacity change from 0 to 1024 [ 299.646608][ T7320] syz.3.542: attempt to access beyond end of device [ 299.646608][ T7320] loop3: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 299.661208][ T7320] Buffer I/O error on dev loop3, logical block 100663296, async page read [ 299.670200][ T7320] syz.3.542: attempt to access beyond end of device [ 299.670200][ T7320] loop3: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 299.684404][ T7320] Buffer I/O error on dev loop3, logical block 100663296, async page read [ 299.897782][ T7324] loop5: detected capacity change from 0 to 512 [ 299.952555][ T42] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 300.016803][ T42] usb 2-1: USB disconnect, device number 4 [ 300.076851][ T7324] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.544: casefold flag without casefold feature [ 300.146776][ T7324] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.544: couldn't read orphan inode 15 (err -117) [ 300.217968][ T7324] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.649397][ T6148] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 300.989092][ T7340] sg_write: data in/out 16514940/4 bytes for SCSI command 0x1c-- guessing data in; [ 300.989092][ T7340] program syz.5.549 not setting count and/or reply_len properly [ 303.007625][ T7370] loop3: detected capacity change from 0 to 256 [ 303.058383][ T7370] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 303.206581][ T3084] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 303.347650][ T7376] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 303.427297][ T3084] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 303.438776][ T3084] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 303.454768][ T3084] usb 3-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00 [ 303.464244][ T3084] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 303.569021][ T3084] usb 3-1: config 0 descriptor?? [ 304.065447][ T3084] elecom 0003:056E:00FE.0010: hidraw0: USB HID v0.06 Device [HID 056e:00fe] on usb-dummy_hcd.2-1/input0 [ 304.132173][ T7389] netlink: 'syz.1.572': attribute type 11 has an invalid length. [ 304.252771][ T3084] usb 3-1: USB disconnect, device number 6 [ 305.496727][ T42] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 305.690504][ T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 305.702194][ T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 305.712381][ T42] usb 3-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00 [ 305.721878][ T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.739984][ T7415] vlan3: entered promiscuous mode [ 305.745242][ T7415] syz_tun: entered promiscuous mode [ 305.782462][ T42] usb 3-1: config 0 descriptor?? [ 305.926881][ T7417] IPVS: set_ctl: invalid protocol: 135 172.30.1.1:20003 [ 306.291633][ T42] uclogic 0003:2179:0077.0011: interface is invalid, ignoring [ 306.520307][ T42] usb 3-1: USB disconnect, device number 7 [ 306.587563][ T30] audit: type=1326 audit(1755734108.549:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7425 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 306.703475][ T30] audit: type=1326 audit(1755734108.619:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7425 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 306.725973][ T30] audit: type=1326 audit(1755734108.619:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7425 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 306.748758][ T30] audit: type=1326 audit(1755734108.639:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7425 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 306.770798][ C0] vkms_vblank_simulate: vblank timer overrun [ 306.777447][ T30] audit: type=1326 audit(1755734108.639:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7425 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 307.467408][ T7432] loop0: detected capacity change from 0 to 2048 [ 307.597411][ T7432] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 307.671391][ T7432] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 307.679621][ T7432] UDF-fs: Scanning with blocksize 512 failed [ 307.857097][ T7432] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 307.946777][ T7444] mkiss: ax0: crc mode is auto. [ 308.633555][ T5812] Bluetooth: hci0: command 0x0406 tx timeout [ 308.633660][ T5807] Bluetooth: hci1: command 0x0406 tx timeout [ 308.640223][ T5812] Bluetooth: hci3: command 0x0406 tx timeout [ 309.819966][ T7477] loop5: detected capacity change from 0 to 256 [ 310.009546][ T7477] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d) [ 310.103595][ T7477] exFAT-fs (loop5): error, data size is invalid(17179870234) [ 310.111856][ T7477] exFAT-fs (loop5): Filesystem has been set read-only [ 310.134084][ T7477] exFAT-fs (loop5): error, data size is invalid(17179870234) [ 311.045409][ T5817] Bluetooth: hci3: unexpected subevent 0x0e length: 30 > 15 [ 311.053467][ T5817] Bluetooth: hci3: Unable to find connection for dst 00:00:00:00:00:00 sid 0x80 [ 311.080683][ T7496] loop2: detected capacity change from 0 to 512 [ 311.113157][ T7497] loop5: detected capacity change from 0 to 256 [ 311.120706][ T7496] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 311.135464][ T7496] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 311.170341][ T7497] exfat: Deprecated parameter 'namecase' [ 311.247922][ T7497] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 311.248153][ T3084] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 311.313286][ T7496] EXT4-fs (loop2): 1 truncate cleaned up [ 311.321988][ T7496] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.370414][ T7496] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.622: bg 0: block 256: padding at end of block bitmap is not set [ 311.422895][ T7496] EXT4-fs (loop2): Remounting filesystem read-only [ 311.454812][ T7496] overlayfs: failed to verify upper root origin [ 311.475434][ T3084] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 311.486919][ T3084] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 311.501402][ T3084] usb 1-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00 [ 311.513011][ T3084] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 311.550473][ T3084] usb 1-1: config 0 descriptor?? [ 311.714838][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.071132][ T3084] elecom 0003:056E:00FE.0012: hidraw0: USB HID v0.06 Device [HID 056e:00fe] on usb-dummy_hcd.0-1/input0 [ 312.109800][ T7513] program syz.2.628 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 312.301768][ T42] usb 1-1: USB disconnect, device number 7 [ 313.321702][ T7531] netlink: 12 bytes leftover after parsing attributes in process `syz.0.639'. [ 315.240456][ T7558] loop5: detected capacity change from 0 to 1024 [ 315.398856][ T7558] hfsplus: bad catalog entry type [ 315.702529][ T3975] hfsplus: b-tree write err: -5, ino 4 [ 316.111948][ T7571] loop0: detected capacity change from 0 to 1024 [ 316.470386][ T7570] loop5: detected capacity change from 0 to 4096 [ 316.496748][ T7575] IPVS: set_ctl: invalid protocol: 135 172.30.1.2:20003 [ 316.553623][ T7570] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 316.574721][ T7576] tipc: Enabling of bearer rejected, media not registered [ 316.768814][ T7570] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 317.115616][ T7582] tmpfs: Bad value for 'mpol' [ 317.168605][ T7584] loop3: detected capacity change from 0 to 128 [ 317.198222][ T7580] loop0: detected capacity change from 0 to 2048 [ 317.215315][ T7584] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 317.293720][ T7584] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 317.333313][ T6148] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 317.360872][ T7580] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 317.375902][ T7586] loop2: detected capacity change from 0 to 1024 [ 317.830009][ T5805] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 317.884055][ T3975] ===================================================== [ 317.891789][ T3975] BUG: KMSAN: uninit-value in hfsplus_cat_case_cmp_key+0xd9/0x190 [ 317.902712][ T3975] hfsplus_cat_case_cmp_key+0xd9/0x190 [ 317.910075][ T3975] hfs_find_rec_by_key+0xae/0x240 [ 317.916506][ T3975] __hfsplus_brec_find+0x271/0x840 [ 317.921872][ T3975] hfsplus_brec_find+0x4df/0x9f0 [ 317.931444][ T3975] hfsplus_brec_read+0x46/0x1f0 [ 317.938213][ T3975] hfsplus_find_cat+0xb5/0x4f0 [ 317.949364][ T3975] hfsplus_cat_write_inode+0x2ca/0xe20 [ 317.957034][ T3975] hfsplus_write_inode+0x178/0x960 [ 317.962507][ T3975] __writeback_single_inode+0x892/0x1190 [ 317.969277][ T3975] writeback_sb_inodes+0xac1/0x1cb0 [ 317.974683][ T3975] wb_writeback+0x4ce/0xc00 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 317.981265][ T3975] wb_workfn+0x397/0x1910 [ 317.985830][ T3975] process_scheduled_works+0xb8e/0x1d80 [ 317.994711][ T3975] worker_thread+0xedf/0x1590 [ 317.999976][ T3975] kthread+0xd59/0xf00 [ 318.004229][ T3975] ret_from_fork+0x1e3/0x310 [ 318.009159][ T3975] ret_from_fork_asm+0x1a/0x30 [ 318.014218][ T3975] [ 318.016899][ T3975] Uninit was created at: [ 318.022569][ T3975] __kmalloc_noprof+0x95f/0x1310 [ 318.027926][ T3975] hfsplus_find_init+0x90/0x1d0 [ 318.033082][ T3975] hfsplus_cat_write_inode+0x1a8/0xe20 [ 318.038977][ T3975] hfsplus_write_inode+0x178/0x960 [ 318.050104][ T3975] __writeback_single_inode+0x892/0x1190 [ 318.055974][ T3975] writeback_sb_inodes+0xac1/0x1cb0 [ 318.063851][ T3975] wb_writeback+0x4ce/0xc00 [ 318.068862][ T3975] wb_workfn+0x397/0x1910 [ 318.073428][ T3975] process_scheduled_works+0xb8e/0x1d80 [ 318.079398][ T3975] worker_thread+0xedf/0x1590 [ 318.084344][ T3975] kthread+0xd59/0xf00 [ 318.089268][ T3975] ret_from_fork+0x1e3/0x310 [ 318.094063][ T3975] ret_from_fork_asm+0x1a/0x30 [ 318.099328][ T3975] [ 318.101801][ T3975] CPU: 0 UID: 0 PID: 3975 Comm: kworker/u8:16 Not tainted syzkaller #0 PREEMPT(none) [ 318.111929][ T3975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 318.117006][ T42] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 318.122540][ T3975] Workqueue: writeback wb_workfn (flush-7:2) [ 318.136012][ T3975] ===================================================== [ 318.143276][ T3975] Disabling lock debugging due to kernel taint [ 318.154888][ T3975] Kernel panic - not syncing: kmsan.panic set ... [ 318.161497][ T3975] CPU: 0 UID: 0 PID: 3975 Comm: kworker/u8:16 Tainted: G B syzkaller #0 PREEMPT(none) [ 318.172830][ T3975] Tainted: [B]=BAD_PAGE [ 318.177112][ T3975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 318.187336][ T3975] Workqueue: writeback wb_workfn (flush-7:2) [ 318.193621][ T3975] Call Trace: [ 318.197032][ T3975] [ 318.200077][ T3975] __dump_stack+0x26/0x30 [ 318.204883][ T3975] dump_stack_lvl+0x53/0x270 [ 318.209660][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.215711][ T3975] dump_stack+0x1e/0x25 [ 318.220070][ T3975] vpanic+0x361/0xc50 [ 318.224341][ T3975] panic+0x15d/0x160 [ 318.228464][ T3975] kmsan_report+0x31c/0x320 [ 318.233158][ T3975] ? __msan_warning+0x1b/0x30 [ 318.238078][ T3975] ? hfsplus_cat_case_cmp_key+0xd9/0x190 [ 318.243923][ T3975] ? hfs_find_rec_by_key+0xae/0x240 [ 318.249338][ T3975] ? __hfsplus_brec_find+0x271/0x840 [ 318.254976][ T3975] ? hfsplus_brec_find+0x4df/0x9f0 [ 318.260316][ T3975] ? hfsplus_brec_read+0x46/0x1f0 [ 318.265560][ T3975] ? hfsplus_find_cat+0xb5/0x4f0 [ 318.270686][ T3975] ? hfsplus_cat_write_inode+0x2ca/0xe20 [ 318.276605][ T3975] ? hfsplus_write_inode+0x178/0x960 [ 318.282278][ T3975] ? __writeback_single_inode+0x892/0x1190 [ 318.288293][ T3975] ? writeback_sb_inodes+0xac1/0x1cb0 [ 318.293865][ T3975] ? wb_writeback+0x4ce/0xc00 [ 318.299130][ T3975] ? wb_workfn+0x397/0x1910 [ 318.303839][ T3975] ? process_scheduled_works+0xb8e/0x1d80 [ 318.309814][ T3975] ? worker_thread+0xedf/0x1590 [ 318.314889][ T3975] ? kthread+0xd59/0xf00 [ 318.319384][ T3975] ? ret_from_fork+0x1e3/0x310 [ 318.324300][ T3975] ? ret_from_fork_asm+0x1a/0x30 [ 318.329428][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.335424][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.340709][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.346705][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.352275][ T3975] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 318.358723][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.364042][ T3975] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 318.370463][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.375867][ T3975] __msan_warning+0x1b/0x30 [ 318.380784][ T3975] hfsplus_cat_case_cmp_key+0xd9/0x190 [ 318.386461][ T3975] hfs_find_rec_by_key+0xae/0x240 [ 318.391903][ T3975] ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10 [ 318.398176][ T3975] __hfsplus_brec_find+0x271/0x840 [ 318.403509][ T3975] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 318.409378][ T3975] hfsplus_brec_find+0x4df/0x9f0 [ 318.414524][ T3975] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 318.420427][ T3975] hfsplus_brec_read+0x46/0x1f0 [ 318.425488][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.431489][ T3975] hfsplus_find_cat+0xb5/0x4f0 [ 318.436429][ T3975] ? hfsplus_find_init+0x90/0x1d0 [ 318.441667][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.447685][ T3975] ? should_fail_ex+0x45/0x8a0 [ 318.452740][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.458039][ T3975] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 318.464552][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.469857][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.475870][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.481162][ T3975] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 318.487668][ T3975] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 318.494144][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.500167][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.505462][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.511472][ T3975] hfsplus_cat_write_inode+0x2ca/0xe20 [ 318.517117][ T3975] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 318.523417][ T3975] ? _raw_spin_unlock+0x30/0x50 [ 318.528438][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.533726][ T3975] ? kmsan_get_shadow_origin_ptr+0x35/0xb0 [ 318.539723][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.545023][ T3975] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 318.551528][ T3975] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 318.557838][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.563238][ T3975] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 318.569783][ T3975] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 318.576101][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.582134][ T3975] hfsplus_write_inode+0x178/0x960 [ 318.587429][ T3975] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 318.594031][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.599353][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.604646][ T3975] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 318.610634][ T3975] ? __pfx_hfsplus_write_inode+0x10/0x10 [ 318.616530][ T3975] ? __pfx_hfsplus_write_inode+0x10/0x10 [ 318.622327][ T3975] __writeback_single_inode+0x892/0x1190 [ 318.628175][ T3975] writeback_sb_inodes+0xac1/0x1cb0 [ 318.633675][ T3975] wb_writeback+0x4ce/0xc00 [ 318.638380][ T3975] ? queue_io+0x481/0x790 [ 318.642877][ T3975] wb_workfn+0x397/0x1910 [ 318.647411][ T3975] ? kmsan_get_metadata+0xfb/0x160 [ 318.652730][ T3975] ? __pfx_wb_workfn+0x10/0x10 [ 318.657699][ T3975] process_scheduled_works+0xb8e/0x1d80 [ 318.663620][ T3975] worker_thread+0xedf/0x1590 [ 318.668708][ T3975] kthread+0xd59/0xf00 [ 318.672937][ T3975] ? __pfx_worker_thread+0x10/0x10 [ 318.678322][ T3975] ? __pfx_kthread+0x10/0x10 [ 318.683070][ T3975] ret_from_fork+0x1e3/0x310 [ 318.687910][ T3975] ? __pfx_kthread+0x10/0x10 [ 318.692659][ T3975] ret_from_fork_asm+0x1a/0x30 [ 318.697648][ T3975] [ 318.700965][ T3975] Kernel Offset: disabled [ 318.705360][ T3975] Rebooting in 86400 seconds..