last executing test programs: 8m15.785981503s ago: executing program 0 (id=742): r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x101, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f0000000340)={0x1, 0x0, 0x3, 0x4, {0x7178, 0x1, 0x100, 0x1f}}) 8m15.568183496s ago: executing program 0 (id=747): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000180)=0xcbd9, 0x4) 8m15.30327365s ago: executing program 0 (id=753): r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000140)={0x0, 0x3, 0x2018}) 8m15.086854413s ago: executing program 0 (id=757): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='iocharset=cp865,uid=', @ANYRESHEX=0x0, @ANYBLOB=',namecase=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666d61736b3d30303030303030303030303030303030303030303031302c757466382c666d61736b3d30303030303030303030303030303030303030303030362c6572726f72733d636f6e74696e75652c7379735f747a2c616c6c6f775f7574696d653d30303030303030303030303030303030303134373036342c00968868822eaa4073da2a8bad3e75bf3fa58e5fe9023e2efe14b61e42154e792855b9c44517fcaf42990fa252a8fcc76df45041b88e383db02cc075636a6b415c49ee2ad1af7ecfc73f3809bce1541b2c780705cdd96cfb760a1f342582ee152abbe3f5828666937a000000800f62dc427b22ae7bd20a2fb9094ffaf7b7eda15af87283045448d6cabb51f8a411539d39a9d6db38d1409fe568885e22b71e7a4823804f8c350397801bc23742343cecb0758cec6286312c4d"], 0x1, 0x1545, &(0x7f0000001a00)="$eJzs3AucTVX7OPDnWWvtMSROk1yGtdazOcllmSTJJUkuSZIkSW4JSZO8kpAYQpKGJCSXIYkhJJeJSeN+v18SkqRJkpDckvX/TPFXb97f+77/t19+/988389nf2Y9Z+9n7Wef55w5e2/mfNt1aK0mtas3IiL4j+CvP5IAIBYABgJAXgAIAKB8XPm4rPU5JSb9Zzthf64HU690BexK4v5nb9z/7I37n71x/7M37n/2xv3P3rj/2Rv3n7HsbNO0Qtfwkn2XP/v+fyzf////CH/+/y+SWWbsl2vKXNcNIOZfTeH+Z2/c//+1gn9lI+5/9pTzwk/uf3YVe6ULYH+lPpd/mN//2UGOf7iG+5+9cf8Zy86u9P3nv3KJuczxQuR/2HNw5MK12V+0vyv9+mOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlj2c9pcoALg4vtJ1McYYY4wxxhhj7M/jc1zpChhjjDHGGGOMMfbfD0GABAUBxEAOiIWckAsEAFwNeSAvROAaiINrIR9cB/mhABSEQhAPhaEIaDBggSCEolAMonA9FIcboASUhFJQGhyUgQS4EcrCTVAObobycAtUgFuhIlSCylAFboOqcDtUgzugOtwJNaAm1ILacBfUgbuhLtwD9eBeqA/3IcD90BAegEbwIDSGh6AJPAxN4RFoBs2hBbSEVv91PjS4bP7z0BNegF7QG5KgD/SFF6Ef9IcB8BIMhJdhELwCg+FVSIYhMBReg2HwOgyHN2AEjIRR8CaMhrdgDIyFcTAeUmACTIS3YRK8A5PhXZgCUyEVpsF0eA9mwEyYBe/DbPgA5sBcmAfzIQ0+hAWwENLhI1gEH0MGLIYlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi2wFbbBdtgBn8BO+BR2wW7YA5/BXvj838w/9Xf53RAQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwH+bD/JgfC2JBjMd4LIJF0KBBQsKiWBSjGMXiWBxLYAkshaXQocMETMCyeBOWw3JYHstjBayAFbESVsIqWAWrYlWshtWwOlbHGlgDa2EtvAvvwj5YF+tiPayH9bH+xdtT2AgbYWNsjE2wCTbFptgMm2ELbIGtsBW2xtbYBttgO2yH7bE9dsAOmIiJ2BE7YifshJ2xM3bBLtgVu2I37I7dM5/PAfgCvoC9sYbog32xL/bD5BwD8CV8CV/GQfgKvoKvYjIOwaH4Gr6Gr+NwPIkjcCSOwlFYVbyFY3AskhiPKZiCE3EiTsJJmFXouzgVU3EaTsfpOANn4kx8H2fjB/gBzsW5OB/TMA0X4EJMx3RchKcwAxfjElyKy3A5LsOVuApX4hpci2twPa7HjbgRN+Nm3IpbcTtux09QAeCnuBt3YzLuxb24D/fhftyPB/AAZmImHsSDeAgP4WE8jEfwCB7FY3gcj+EJPIEn8RSextN4Fs/iOXw2/uvGn5RcnQwiixJKxIgYEStiRS6RS+QWuUUekUdERETEiTiRT+QT+UV+UVAUFPEiXhQRRYQRRpAIYwBAREVUFBfFRQlRQpQSpYQTTiSIBFFWlBXlRDlRXtwiKohbRUVRSbR1VUQVUVW0c9XEHaK6qC5qiJqilqgtaos6oo6oK+qKeqKeqC/qiwbiftFQ9MEB+KDI6kwTMQSbiqHYTDQX8sJvsNZiOLYRbUU78bgYiSOwg2jtEsVToqMYg53E38RYfEZ0EeOxq3hOdBPdRQ/xvOgp2rheoreYjH1EXzEV+4n+YoB4SczAmuJ9nJ2zlnhVJIshYqh4TczH18Vw8YYYIUaKUeJNMVq8JcaIsWKcGC9SxAQxUbwtJol3xGTxrpgipopUMU1MF++JGWKmmCXeF7PFB2KOmCvmifkiTXwoFoiFIl18JBaJj0WGWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIT8RO8anYJXaLPeIzsVd8LvaJL8R+8aU4IL4SmeJrcVB8Iw6Jb8Vh8Z04Ir4XR8UxcVz8IE6IH8VJcUqcFmfEWfGTOCd+FueFFyBRCimlkoGMkTlkrMwpc8mrZG4ZXHh2r5Fx8lqZT14n88sCsqAsJONlYVlEammklSRDWVQWk1F5vSwub5AlZElZSpaWTpaRCfJGWVbeJMvJm2V5eYusIG+VFWUlWVlWkbfJqvJ2CZFf91FD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6Cy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeU/zX/7MvmDf9n7RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tyF5wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vvGBUKVVaOVVGJagb/518VVzdoEqokr/Lv1hf0j+or5VqpVqr1qqNaqPaqXaqvWqvOqgOKlElqo6qo+qkOqnOqrPqorqorqqr6qa6qR6qh+qpeqpeqpdKUkmqr3pR9VP91QD1khqoXlaD1CA1WA1WySpZDVVD1TA1TA1Xw9UINUKNUqPUaDVajVFj1Dg1TqWoFDVRTVST1CQ1WU1WU9QUlapS1XQ1Xc1QM9QsNUvNVrPVHDVHzVPzVJpKUwvUApWu0tUitUhlqMVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpQm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVqTLVQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+ezTvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcF+QPCgQFg0JBfFA4KBLowAQ2EBeaHg2uD4oHNwQlgpJBqaB04IIyQUJwY1A2uCkoF9wclA9uCSoEtwYVg0pB5aBKcFtQNbg9qBbcEVQP7gxqBDWDWkHt4K6gTnB3UDe4J6gX3BvUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjQPWgQtg1Z/6vzenyzwmOule+sk3Uf31S/qfrq/HqBf0gP1y3qQfkUP1q/qZD1ED9Wv6WH6dT1cv6FH6JF6lH5Tj9Zv6TF6rB6nx+sUPUFP1G/rSfodPVm/q6foqTpVT9PT9Xt6hp6pZ+n39Wz9gZ6j5+p5er5O0x/qBXqhTtcf6UX6Y52hF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa36x36E71Tf6p36d16j/5M79Wf6336C71ff6kP6K90pv5aH9Tf6EP6W31Yf6eP6O/1UX1MH9c/6BP6R31Sn9Kn9Rl9Vv+kz+mf9Xnts07usz7ejTLKxJgYE2tiTS6Ty+Q2uU0ek8dETMTEmTiTz+Qz+U1+U9AUNPEm3hQxRUwWMmSKmqImaqKmuCluSpgSppQpZZxxJsEkmLKmrClnypnyprypYCqYiqaiqWwqm9vMbeZ2c7u5w9xh7jR3mpqmpqltaps6po6pa+qaeqaeqW/qmwamgWloGppGppFpbBqbJqaJaWqammammWlhWphWppVpbVqbNqaNaWfamfamvelgOphEk2g6mo6mk+lkOpvOpovpYrqarqab6WZ6mB6mp+lpepleJskkmb6mr+ln+pkBZoAZaAaaQWaQGWwGm2STbIaaoWaYGWaGm+FmhBlpRmWdqJq3zBgz1owz402KSTETzUQzyUwyk81kM8VMMakm1Uw3080MM8PMMrPMbDPbzDFzzDwzz6SZNLPALDDpJt0sMotMhskwS8wSs8wsMyvMCrPKrDJrzBqzDtaZDWaD2WQ2mS1mi9lmtpkdZofZaXaaXWaX2WP2mL1mr9ln9pn9Zr85YA6YTJNpDpqD5pA5ZA6bw+aIOWKOmqPmuDluTpgT5qQ5aU6b0+asKXDh89KbWJvT5rJX2dz2apvH5rV/Hxe0hWy8LWyLWG3z2wK/i421toQtaUvZ0tbZMjbB3viHuKKtZCvbKvY2W9Xebqv9Ia5j77Z17T22nr3X1rZ3/S6ub++zDezDtiEigG1uG9uWtol92Da1j9hmtrltYVva9vYJ28E+aRPtU7ajffoP8QK70K6yq+0au9busrvtaXvGHrLf2rP2J9vL9rYD7ct2kH3FDrav2mQ75A/xKPumHW3fsmPsWDvOjv9DPMVOtal2mp1u37Mz7Mw/xGn2Qzvbpts5dq6dZ+f/EmfVlG4/sovsxzbDBrDELrXL7HK7wq68WKvPa9fbDXaj3Wk/tVvsVrvNbrc7Lp4I2912j/3M7rWf24P2G7vffmkP2MM20379S5x1fIftd/aI/d4etcfscfuDPWF/VBezs479B/uzPW+9BUICkqQooBjKQbGUk3LRVZSbrqY8lJcidA3F0bWUj66j/FSAClIhiqfCVIQ0GbJEFFJRKkZRup4ulleKSpOjMpRAN1JZuonK0c1Unm6hCnQrVaRKVJmq0G1UlW6nanQHVac7qQbVpFpUm+6iOnQ31aV7qB7dS/XpPmpA91NDeoAa0YPUmB6iJvQwNaVHqBk1pxbUklrRo9SaHqM21Jba0ePUnp6gDvQkJdJT1JGepk70N+pMz1AXepa60nPUjbpTD3qeetIL1It6UxL1ob70IvWj/jSAXqKB9DINoldoML1KyTSEhtJrNIxep+H0Bo2gkTSK3qTR9BaNobE0jsZTCk2gifQ2TaJ3aDK9S1NoKqXSNJpO79EMmkmz6H2aTR/QHJpL82g+pdGHtIAWUjp9RIvoY8qgxbSEltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjvoE9pJn9Iu2k176DPaS5/TPvqC9tOXdIC+okz6mg7SN3SIvqXD9J3vTd/TUTpGx+kHOkE/0kk6RafpDJ2ln+gc/UznyROEGIpQhioMwpgwRxgb5gxzhVeFucOrwzxh3jASXhPGhdeG+cLrwvxhgbBgWCiMDwuHRUIdmtCGFIZh0bBYGA2vD4uHN4QlwpJhqbB06MIyYUJ4Y1g2vCksF94clg9vCSuEt4YVw0rhw/dWCW8Lq4a3h9XCO8Lq4Z1hjbBmWCusHd4V1gnvDuuG94T1wnvDcuF9YYPw/rBh+EDYKHwwbBw+FDYJHw6bho+EzcLmYYuwZdgqfDRsHT4Wtgnbhu3Cx8P24RNhh/DJMDF8KuwYPv3L+vsW/uP1SWGfsG/4Yvhi6P09cl50fjQt+mF0QXRhND36UXRR9ONoRnRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR9dEN0Y9T72jnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx+V1EXeNi3PXunzuOpffFXAFXSEX7wq7Ik4746wjF7qirpiLuutdcXeDK+FKulKutHOujEtwLV0r18q1do+5Nq6ta+ced4+7J9wT7kn3pHvKdXRPu07ub66ze8Z1cc+6Z91zrpvr7nq4511PNyHPr+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ35617muDlunpvn0lyaW+CyzhnT3SK3yGW4DLfELXHL3DK3wq1wq9wqt8atcevcOrfBbXCb3Ca3xW1x29w2t8PtcDvdTrfL5/11UrfX7XP73H633x1wX7lM97U76L5xh9y37rD7zh1x37uj7pg77n5wJ9yP7qQ75U67M+6s+8mdcz+78867lMiEyMTI25FJkXcikyPvRqZEpkZSI9Mi0yPvRWZEZkZmRd6PzI58EJkTmRuZF5kfSYt8GFkQWRhJj3wUWRT5OJIRWRxZElkaWRZZHvG+8JbQF/XFfNRf74v7G3wJX9KX8qW982V8gr/Rl/U3+XL+Zl/e3+Ir+Ft9RV/JV/aP+Ga+uW/hW/pW/lHf2j/m2/i2vp1/3Lf3T/gO/kmf6J/yHf3TvpP/m+/sn/Fd/LO+q3/Od/PdfQ//vO/pX/C9fG+f5Pv4vv5F38/39wP8S36gf9kP8q/4wf5Vn+yH+KH+NT/Mv+6H+zf8CD/Sj4p504++eIkM432Kn+An+rf9JP+On+zf9VPOep/qp/np/j0/w8/0s/z7frb/wM/xc/08P9+n+Q/9Ar/Qp/uP/CL/sc/wiy/eVPYr/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3O/wnfqf/1O/yu/0e/5nf6z/3+/wXfr//0h/wX/lM/7U/6L/xh/y3/rD/zh/x3/uj/pg/7n/wJ/yP/qQ/5U/7M/6s/8mf8z/78/w3a4wxxhhj/5IJl4bi92t+vZ3f5zI54jcb9wWAq7cWyvzt+qwzynX5fx33F/HtIwDwVO+uD15catRI+r/bZkgIis0FuPgvQVli4FK8GNrBE5AIbaHsZevvL7qfpT/On5T0m/mjtwDk+k1OLFyKL83/BQAmXWb+Rx8ftaBCeDruv5h/LkCJYpdycsKleDG0++X+Slso9w/qL9D6n9Sf88sUgDa/yckNl+JL9SfAY/A0JP5uS8YYY4wxxhhj7Ff9ReXOF68/L/6Pz7+/vs26Po9Xl3JywKX4n12fM8YYY4wxxhhj7Mp7pnuPJx9NTGzb+d8fVPt/yvqXB03hv2tmHlx24D3AxUcUAPyHEwJkDeRfeRSb/5J9JV946/z9qmVnfAD/M1r5Zwyu8C8mxhhjjDHG2J/u0kn/7x9XV6ogxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsG/orvk6Mv02AMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZYdvd/AgAA//8vzfwg") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 8m14.62032744s ago: executing program 0 (id=766): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) 8m14.093775838s ago: executing program 0 (id=774): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f00000001c0)=0x800) 8m13.735297423s ago: executing program 32 (id=774): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f00000001c0)=0x800) 6m5.86150265s ago: executing program 3 (id=2398): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000041436120410e5150e8d5000000010902f98a5c01000000090401001186eee200090582"], 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) 6m3.809880258s ago: executing program 3 (id=2428): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$llc_int(r0, 0x10c, 0x4, &(0x7f0000000000)=0x3c, 0x4) 6m3.63859031s ago: executing program 3 (id=2431): r0 = socket(0x10, 0x80002, 0x0) getsockopt$sock_buf(r0, 0x1, 0x3e, 0x0, &(0x7f0000000040)) 6m3.419921453s ago: executing program 3 (id=2434): syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x847, &(0x7f0000000140)=ANY=[], 0xe0, 0xc33, &(0x7f0000000340)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwRFLqwBRJkFQjG2nBdNNFFwGKoousCLRGgRQNjKYIumRaF0g2XhRZdUW0sBEUXbBFgKwCFvfOGXFIkTYjihIlPY9N/WbunHPvOfeM75UFnXsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj4vdcunjqdHnYrAIAH6fLoV0+dcf8HgCfKVf//DwAAAAAAAAAAAAAAB12KIp6OFHOX19J49b6jfqndf+v22PDI9tUOp6pmX1W+/KmfPnP23JdeGjrfzUvtmY+of799Nt4YvXqx8erszbn5qYWFqcnG2Ex7YnZyatd72Gv9rU5UJ6Bx881bk9evLzTOvHh208e3Bz8ceOrY4IWh508+1y07NjwyMrpRpN5bvnbPDenYaYbHoSjiZKR44Xs/Ta2IKGLv56L+YMd+q8NVJ05UnRgbHqk6Mt1uzSyWH17pnogiotFTqdk9R9uPRdT6H2gfdtaMWCqbXzb4RNm90bnWfOva9FTjSmt+sb3Ynp25kjqtLfvTiCLOp4jliFgduHt3/VFELVJ85+hauhYRfd3z8MVqYvDO7Sj2sY+7ULaz0R+xXDwCY3aADUQRr0eKn713PCbydaa61nwh4vUyfxDxTpmvRKTyi3Eu4oNtvkc8mmpRxJ+X439hLU1W14PudeXS1xpfmbk+21O2e135Je8Pd10pHtL94fCWfDAO+LWpHkW0qiv+Wrr33+wAAAAAAAAAAAAAAAAAcL8djiI+Eyle+7c/quYVRzUv/eiFod8f/P99PeWe/Zj9pIh4MSKWit3NyT2UJwZeSVdSeshziZ9k9Sjij/P8v2897MYAAAAAAAAAAAAAAAAAAAA80Yr4SaR4+f3jaTl61xRvz9xoXG1dm+6sCttd+7e7Zvr6+vp6I3WymXM851LO5ZwrOVdzRpHr52zmHM+5lHM550rO1ZzRl+vnbOYcz7mUcznnSs7VnFHL9XM2c47nXMq5nHMl52rOOCBr9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPE6KKOIXkeLb31hLkSKiGTEenVwZeNitAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKA6mI70eKxh8072yrRUSq/u04Xv5yLpqHyvxkNIfKfCWaF3O2qqw1v/UQ2s/e9KcifhwpBurv3hnwPP79nXd3vgbxzjc33n221sm+7oeDHw48dezohaGRX3t2p9dpuwacuNSeuXW7MTY8MjLas7mWj/7Jnm2D+bjF/ek6EbHw1ttvtqanp+bv/UX5FdhD9UfoRao9hj2tH4xmHMgXUTsQzXg4fecJUN7/P4gUv/3+v3dv+J37fz3+X+fdnTt8/PxPNu7/L2/d0S7v/7Wt9fL9v7ynb3f/f7pn28v5dyP9tYj64s25/mMR9YW33j7Zvtm6MXVjaubcqVNfHhr68tlT/Yci6tfb01M9r+7L6QIAAAAAAAAAAAAAAAB4cFIRvxspWj9eS42IuF3N1xq8MPT8yef6oq+ab7Vp3vYbo1cvNl6dvTk3P7WwMDXZGJtpT8xOTu32cPVqutfY8Mi+dOZjHd7n9h+uvzo799Z8+8YfLm77+ZH6xWsLi/Otie0/jsNRRDR7t5yoGjw2PFI1errdmqmqXtl2Mv0vrz8V8R+RYuJcI30+b8vz/7fO8N80/39p6472af7/J3q2lcdMqYifR4rf+otn4/NVO4/EXecsl/ubSHHi/OdyuThUluu2ofNcgc7MwLLs/0SKf/jF5rLd+ZBPb5Q9vesT+4gox/9opPj+n303fj1v2/z8h+3H/8jWHe3T+D/Ts+3IpucV7Lnr5PE/GSleefrd+I287aOe/9F99sbxXPjO8zn2afw/1bNtMB/3N+9P1wEAAAAAAAAAAB5p/amIv40UPxyppZfytt38/b/JrTvap7//9emebZP3Z72ij32x55MKAAAAAAdEfyriJ5HixuK7d+ZQb57/3TP/83c25n8Opy2fVn/O9yvVcwPu55//9RrMxx3fe7cBAAAAAAAAAAAAAAAAAADgQEmpiJfyeurj1Xz+yR3XU1+JFK/91wu5XDpWluuuAz9Y/Vq/PDtz8uL09OxEa7F1bXqqMTrXmpgq6z4TKdb++nO5blGtr95db76zxvvGWuzzkWLk77plO2uxd9cmf2aj7Omy7CcixX/+/eay3XWsP7VR9kxZ9q8ixdf/afuyxzbKni3LfjdS/OjrjW7ZI2XZ7vNRP71R9sWJ2WIfRgUAAAAAAAAAAAAAAAAAAIAnTX8q4k8jxX/fXL4zlz+v/9/f87byzjd71vvf4na1zv9gtf7/Tq/vZf3/6rkCSzsdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHk8ping7UsxdXksrA+X7jvql9syt22PDI9tXO5yqmn1V+fKnfvrM2XNfemnofDc/uv799pl4Y/Tqxcarszfn5qcWFqYmG2Mz7YnZyald72Gv9bc6UZ2Axs03b01ev77QOPPi2U0f3x78cOCpY4MXhp4/+Vy37NjwyMhoT5la/z0f/S5ph+2Hooi/jBQvfO+n6YcDEUXs/Vx8zHdnvx2uOnGi6sTY8EjVkel2a2ax/PBK90QUEY2eSs3uOXoAY7EnzYilsvllg0+U3Ruda823rk1PNa605hfbi+3ZmSup09qyP40o4nyKWI6I1YG7d9cfRbwZKb5zdC3980BEX/c8fPHy6FdPndm5HcU+9nEXynY2+iOWi0dgzA6wgSjiHyPFz947Hv8yEFGLzk98IeL1Mn8Q8U50xjuVX4xzER9s8z3i0VSLIv63HP8La+m9gfJ60L2uXPpa4ysz12d7ynavK4/8/eFBOuDXpnoU8aPqir+W/tV/1wAAAAAAAAAAAAAAAAAHSBG/Gilefv94quYH35lT3J650bjaujbdmdbXnfvXnTO9vr6+3kidbOYcz7mUcznnSs7VnFHk+jmbZdbX18fz+6WcyzlXcq7mjL5cP2cz53jOpZzLOVdyruaMWq6fs5lzPOdSzuWcKzlXc8YBmbsHAAAAAAAAAAAAAAAAAAA8XorqnxTf/sZaWh/orC89Hp1csR7oY+//AgAA///j0/g8") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 6m2.866388671s ago: executing program 3 (id=2439): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10003}}) 6m2.1913206s ago: executing program 3 (id=2446): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@fwd={0x1}]}, {0x0, [0x5f]}}, &(0x7f0000000280)=""/208, 0x27, 0xd0, 0x1, 0x0, 0x0, @void, @value}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1, 0xff, 0x8, 0x80, 0x0, 0x1, 0x0, '\x00', 0x0, r0, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 6m1.703346707s ago: executing program 33 (id=2446): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@fwd={0x1}]}, {0x0, [0x5f]}}, &(0x7f0000000280)=""/208, 0x27, 0xd0, 0x1, 0x0, 0x0, @void, @value}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1, 0xff, 0x8, 0x80, 0x0, 0x1, 0x0, '\x00', 0x0, r0, 0x1, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 5m56.375300029s ago: executing program 1 (id=2515): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x25, &(0x7f00000015c0)={0x0, @in6={{0xa, 0x4e20, 0x7, @local, 0x80000000}}, 0x7}, &(0x7f0000000500)=0x90) 5m56.172482641s ago: executing program 1 (id=2517): r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000002fc0)=[{&(0x7f0000000000)=@in={0x2, 0x4e23, @private=0xa010102}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)="bb", 0x1}], 0x1, &(0x7f00000002c0)=[@init={0x18, 0x84, 0x0, {0x7f6, 0x6, 0x9, 0x1}}, @dstaddrv4={0x18, 0x84, 0x7, @broadcast}], 0x30}], 0x1, 0x4000000) 5m55.994785514s ago: executing program 1 (id=2518): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x5) 5m54.978248778s ago: executing program 1 (id=2520): syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x847, &(0x7f0000000140)=ANY=[], 0xe0, 0xc33, &(0x7f0000000340)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwRFLqwBRJkFQjG2nBdNNFFwGKoousCLRGgRQNjKYIumRaF0g2XhRZdUW0sBEUXbBFgKwCFvfOGXFIkTYjihIlPY9N/WbunHPvOfeM75UFnXsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj4vdcunjqdHnYrAIAH6fLoV0+dcf8HgCfKVf//DwAAAAAAAAAAAAAAB12KIp6OFHOX19J49b6jfqndf+v22PDI9tUOp6pmX1W+/KmfPnP23JdeGjrfzUvtmY+of799Nt4YvXqx8erszbn5qYWFqcnG2Ex7YnZyatd72Gv9rU5UJ6Bx881bk9evLzTOvHh208e3Bz8ceOrY4IWh508+1y07NjwyMrpRpN5bvnbPDenYaYbHoSjiZKR44Xs/Ta2IKGLv56L+YMd+q8NVJ05UnRgbHqk6Mt1uzSyWH17pnogiotFTqdk9R9uPRdT6H2gfdtaMWCqbXzb4RNm90bnWfOva9FTjSmt+sb3Ynp25kjqtLfvTiCLOp4jliFgduHt3/VFELVJ85+hauhYRfd3z8MVqYvDO7Sj2sY+7ULaz0R+xXDwCY3aADUQRr0eKn713PCbydaa61nwh4vUyfxDxTpmvRKTyi3Eu4oNtvkc8mmpRxJ+X439hLU1W14PudeXS1xpfmbk+21O2e135Je8Pd10pHtL94fCWfDAO+LWpHkW0qiv+Wrr33+wAAAAAAAAAAAAAAAAAcL8djiI+Eyle+7c/quYVRzUv/eiFod8f/P99PeWe/Zj9pIh4MSKWit3NyT2UJwZeSVdSeshziZ9k9Sjij/P8v2897MYAAAAAAAAAAAAAAAAAAAA80Yr4SaR4+f3jaTl61xRvz9xoXG1dm+6sCttd+7e7Zvr6+vp6I3WymXM851LO5ZwrOVdzRpHr52zmHM+5lHM550rO1ZzRl+vnbOYcz7mUcznnSs7VnFHL9XM2c47nXMq5nHMl52rOOCBr9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPE6KKOIXkeLb31hLkSKiGTEenVwZeNitAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKA6mI70eKxh8072yrRUSq/u04Xv5yLpqHyvxkNIfKfCWaF3O2qqw1v/UQ2s/e9KcifhwpBurv3hnwPP79nXd3vgbxzjc33n221sm+7oeDHw48dezohaGRX3t2p9dpuwacuNSeuXW7MTY8MjLas7mWj/7Jnm2D+bjF/ek6EbHw1ttvtqanp+bv/UX5FdhD9UfoRao9hj2tH4xmHMgXUTsQzXg4fecJUN7/P4gUv/3+v3dv+J37fz3+X+fdnTt8/PxPNu7/L2/d0S7v/7Wt9fL9v7ynb3f/f7pn28v5dyP9tYj64s25/mMR9YW33j7Zvtm6MXVjaubcqVNfHhr68tlT/Yci6tfb01M9r+7L6QIAAAAAAAAAAAAAAAB4cFIRvxspWj9eS42IuF3N1xq8MPT8yef6oq+ab7Vp3vYbo1cvNl6dvTk3P7WwMDXZGJtpT8xOTu32cPVqutfY8Mi+dOZjHd7n9h+uvzo799Z8+8YfLm77+ZH6xWsLi/Otie0/jsNRRDR7t5yoGjw2PFI1errdmqmqXtl2Mv0vrz8V8R+RYuJcI30+b8vz/7fO8N80/39p6472af7/J3q2lcdMqYifR4rf+otn4/NVO4/EXecsl/ubSHHi/OdyuThUluu2ofNcgc7MwLLs/0SKf/jF5rLd+ZBPb5Q9vesT+4gox/9opPj+n303fj1v2/z8h+3H/8jWHe3T+D/Ts+3IpucV7Lnr5PE/GSleefrd+I287aOe/9F99sbxXPjO8zn2afw/1bNtMB/3N+9P1wEAAAAAAAAAAB5p/amIv40UPxyppZfytt38/b/JrTvap7//9emebZP3Z72ij32x55MKAAAAAAdEfyriJ5HixuK7d+ZQb57/3TP/83c25n8Opy2fVn/O9yvVcwPu55//9RrMxx3fe7cBAAAAAAAAAAAAAAAAAADgQEmpiJfyeurj1Xz+yR3XU1+JFK/91wu5XDpWluuuAz9Y/Vq/PDtz8uL09OxEa7F1bXqqMTrXmpgq6z4TKdb++nO5blGtr95db76zxvvGWuzzkWLk77plO2uxd9cmf2aj7Omy7CcixX/+/eay3XWsP7VR9kxZ9q8ixdf/afuyxzbKni3LfjdS/OjrjW7ZI2XZ7vNRP71R9sWJ2WIfRgUAAAAAAAAAAAAAAAAAAIAnTX8q4k8jxX/fXL4zlz+v/9/f87byzjd71vvf4na1zv9gtf7/Tq/vZf3/6rkCSzsdFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHk8ping7UsxdXksrA+X7jvql9syt22PDI9tXO5yqmn1V+fKnfvrM2XNfemnofDc/uv799pl4Y/Tqxcarszfn5qcWFqYmG2Mz7YnZyald72Gv9bc6UZ2Axs03b01ev77QOPPi2U0f3x78cOCpY4MXhp4/+Vy37NjwyMhoT5la/z0f/S5ph+2Hooi/jBQvfO+n6YcDEUXs/Vx8zHdnvx2uOnGi6sTY8EjVkel2a2ax/PBK90QUEY2eSs3uOXoAY7EnzYilsvllg0+U3Ruda823rk1PNa605hfbi+3ZmSup09qyP40o4nyKWI6I1YG7d9cfRbwZKb5zdC3980BEX/c8fPHy6FdPndm5HcU+9nEXynY2+iOWi0dgzA6wgSjiHyPFz947Hv8yEFGLzk98IeL1Mn8Q8U50xjuVX4xzER9s8z3i0VSLIv63HP8La+m9gfJ60L2uXPpa4ysz12d7ynavK4/8/eFBOuDXpnoU8aPqir+W/tV/1wAAAAAAAAAAAAAAAAAHSBG/Gilefv94quYH35lT3J650bjaujbdmdbXnfvXnTO9vr6+3kidbOYcz7mUcznnSs7VnFHk+jmbZdbX18fz+6WcyzlXcq7mjL5cP2cz53jOpZzLOVdyruaMWq6fs5lzPOdSzuWcKzlXc8YBmbsHAAAAAAAAAAAAAAAAAAA8XorqnxTf/sZaWh/orC89Hp1csR7oY+//AgAA///j0/g8") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 5m54.749196971s ago: executing program 1 (id=2521): syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000000)='./file1\x00', 0xa18c14, &(0x7f0000000340)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d69736f383835392d392c73686f72746e616d653d77696e6e742c636f6465706167653d3836312c757466383d302c756e695f786c6174653d302c726f6469722c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c757466383d312c756e695f786c6174653d312c726f6469722c757466383d302c00531b17042f7ca50e22895c2b5d4e569f5eaf155190d8f66862a6e25caf6e3347919a6ebd4864113ab7083ee0c1019f"], 0x81, 0x2ab, &(0x7f0000000840)="$eJzs3T+LI2UYAPBnskk2OYWksBLBAS2swt19gguywmEqJYU2enh7IEk42EDgVMxdZS9Y+R38Dn4AG7+BhaVg5xXiSDIzSTY7ezHHmpX192vmybzPk/dP3t2FhXnz6RuT0cPH00fPvvolWq0kavfiXjxPohu1KD0NAOAmeZ5l8XuW25Vbj2ZEZJ3iVe0AwwMA/gX7/P0HAG6GDz/6+P3+YHDyQZq2IibfzIZJ5Ne8vf8oPo9xnMbt6MSfEdlKHr96f3AS9TQt/xkwa8cwYvLJT8Xr/m8Ry/o70Ynudn2zyEqX4u3JfDZc9Ly4NuJWEtHPkjzlbnTitYisEcWb5Jf37g9O7qYX62PYjHfe+r4Y/1+n0YtO/PxZPI5xPFy+xbr+6ztp+m723R9f5jMYRiTz2fB4mbeWHR3kAwEAAAAAAAAAAAAAAAAAAAAA4H+hl650N8/PKU8D7PWq2y89H6g44We+cb7O7TRNy2N8ZsNG5PX1eL0e9eubOQAAAAAAAAAAAAAAAAAAAPx3TGtfjB6Mx6dn0ycbwY/ZImiXOU+qcraD+sad8rH+3VXVweiHiD2qnt76x8lxVAxtnFzoIimbXmrM54Pjyqaj6uR2VadRu2wN6+PIB//t/gN786om+MKg3F2jB0nsSG5Vb5KNXVduw7NpsseGzCqW7ujSquYVzb35ysuWtysXajHjxmoxz1e1Fp/kxp3Gnqux6ydlS3Llv3sAAAAAAAAAAAAAAAAAAIDz1g/9xq8XGp9dy5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4ODW3/+/CqK7fWc7mBfFyzu1Fycfn00ruu0eeJoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADccH8HAAD//+4IU3g=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) 5m53.783466844s ago: executing program 1 (id=2526): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001ac0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x30, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x80000001}]}}}, {0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x7, 0x84}}}, 0xbc}}, 0x20050800) 5m53.35375479s ago: executing program 34 (id=2526): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001ac0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x30, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x80000001}]}}}, {0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x7, 0x84}}}, 0xbc}}, 0x20050800) 2m27.874587111s ago: executing program 7 (id=5187): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ec0000002100010026bd700000000000ac1414aa0000000000000000000000007f0000010000000000000000000000000004000000000000020000a000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fcffffff000000009c00110000000000000000000000000000000000ac1414bb000000000000000000000000ac1efe01000000000000000000000000e00000020000000000000000000000006c000000feffffff0200020000000000000000000000000000000000ac1414bb000000000000000000000000fe8000000000000000000000000000bbfe8809000000000000000000000000016c", @ANYRESOCT=r0], 0xec}, 0x1, 0x0, 0x0, 0x815}, 0x140) 2m27.560823116s ago: executing program 7 (id=5192): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_int(r0, 0x6, 0x1, &(0x7f00000002c0), 0x4) 2m27.287583109s ago: executing program 7 (id=5196): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@ipv4_getnetconf={0x1c, 0x52, 0x401, 0x0, 0x0, {}, [@NETCONFA_PROXY_NEIGH={0x8}]}, 0x1c}}, 0x0) 2m26.943642414s ago: executing program 7 (id=5200): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000070000000900010073797a300000000068000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff00080003400000003808000540000000230c000b40000000000000000308000a40000000014c0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000200003801c000080080003400000000210000280"], 0x170}}, 0x40080) 2m26.681314847s ago: executing program 7 (id=5203): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m25.609163862s ago: executing program 7 (id=5218): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000070000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) 2m10.504534907s ago: executing program 35 (id=5218): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000070000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) 1m39.776589744s ago: executing program 5 (id=5839): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newspdinfo={0x1c, 0x24, 0x801, 0x70bd2c, 0x25dfdbfb, 0xc, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}}, 0x40) 1m39.519512648s ago: executing program 5 (id=5843): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDGKBMETA(r0, 0x4b52, 0x0) 1m39.273192631s ago: executing program 5 (id=5849): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000280), 0xffffffffffffffff, 0x0, 0x1, 0xffffffa9}}, 0x20) 1m39.025852714s ago: executing program 5 (id=5854): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000019c0)=ANY=[@ANYBLOB='allow_utime=00000000000000000000304,namecase=1,errors=remount-ro,umask=00000000000000000000020,fmask=00000000000000000000005,iocharset=cp1251,gid=', @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000000003,errors=continue,fmask=00000000000000000000005,allow_utime=0000000000000002\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x1, 0x152a, &(0x7f0000000340)="$eJzs3AuYjtXaOPD7Xms9Y0h6m+QwrLXuhzc5LJMkOSTJIUmSJMkpIWmSLQmJIaekIQnJYUgOQ0gOE5PG+ZDzKSFJmiQJySlZ/2vC327X/vbe3+7Lvvbcv+t6r1n3u557Pet57/ewnuedmW+7DK3ZuFa1hkQE/xa88CMJAGIBYCAAXAMAAQCUiysXl9WfU2LSv7cT9sd6KPVKz4BdSVz/7I3rn71x/bM3rn/2xvXP3rj+2RvXP3vj+jOWnW2aXvBavmXfG1//z8748/+/SGbpsV+uLX19V4CYfzaF65+9cf3/awX/zEZc/+yN659dxV7pCbD/APz6zw5y/N0ern/2xvVnLDv7c683y/+47xsg8uc+Bgqu/DH/6vgZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLE/wWl/mQKAS+0rPS/GGGOMMcYYY4z9cXyOKz0DxhhjjDHGGGOM/d9DECBBQQAxkANiISfkAgEAV0MeuAYicC3EwXWQF66HfJAfCkBBiIdCUBg0GLBAEEIRKApRuAGKwY1QHEpASSgFDkpDAtwEZeBmKAu3QDm4FcrDbVABKkIlqAy3QxW4A6rCnVAN7oLqUANqQi24G2rDPVAH7oW6cB/Ug/uhPjwADeBBaAgPQSN4GBrDI9AEHoWm0AyaQwto+b/KfwF6wIvQE3pBEvSGPvAS9IV+0B8GwEB4GQbBKzAYXoVkGAJD4TUYBq/DcHgDRsBIGAVvwmh4C8bAWBgH4yEFJsBEeBsmwTswGabAVJgGqTAdZsC7MBNmwWx4D+bA+zAX5sF8WABp8AEshEWQDh/CYvgIMmAJLIVlsBxWwEpYBathDayFj2EdrIcNsBE2wWbYAlthG2yHHfAJ7IRPYRfshj3wGeyFz//F/FN/k98VAQEFClSoMAZjMBZjMRfmwtyYG/NgHoxgBOMwDvNiXsyH+bAAFsB4jMfCWBgNGiQkLIJFMIpRLIbFsDgWx5JYEh06TMAELIM3Y1ksi+WwHJbH8lgBK2JFrIyVsQpWwapYFathNayO1bEm1sS78W7sjXWwDtbFulgP6126PIUNsSE2wkbYGBtjE2yCTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI+JmIgdsAN2xI7YCTthZ+yMXbALdsVu2C3zhRyAL+KL2Auri97YB/tgX0zO0R8H4AB8GQfhK/gKvorJOASH4mv4Gr6Ow/EkjsCROApHYRXxFo7BsUhiPKZgCk7EiTgJJ+FknIJTcBqm4nScgTNwJs7CWfgezsH38X2ch/NwAaZhGi7ERZiO6bgYT2EGLsGluAyX4wpcjqtwNa7CtfgxrsX1uB434kbcjJtxK27F7bgdP0EFgJ/ibtyNybgX9+I+3If7cT8ewAOYiZl4EA/iITyEh/EwHsEjeBSP4XE8hifwBJ7EU3gaT+NZPIvn8Ln4rxt9UmJNMogsSigRI2JErIgVuUQukVvkFnlEHhEREREn4kRekVfkE/lEAVFAxIt4UVgUFkYYQSKMAQARFVFRTBQTxUVxUVKUFE44kSASRBlRRpQVZUU5casoL24TFURF0cZJUVlUEW1dVXGnqCaqieqihqgpaolaoraoLeqIOqKuqCvqiXqivnhANBC9sT8+JLIq01gMwSZiKDYVzYS8+A7WSgzH1qKNaCueECNxBLYXrVyieFp0EGOwo/iLGIvPis5iPHYRz4uuopvoLl4QPURr11P0EpOxt+gjpmFf0U/0FwPETKwh3sM5OWuKV0WyGCKGitfEAnxdDBdviBFipBgl3hSjxVtijBgrxonxIkVMEBPF22KSeEdMFlPEVDFNpIrpYoZ4V8wUs8Rs8Z6YI94Xc8U8MV8sEGniA7FQLBLp4kOxWHwkMsQSsVQsE8vFCrFSrBKrxRqxVnws1on1YoPYKDaJzWKL2Cq2ie1ih/hE7BSfil1it9gjPhN7xedin/hC7BdfigPiK5EpvhYHxTfikPhWHBbfiSPie3FUHBPHxQ/ihPhRnBSnxGlxRpwVP4lz4mdxXngBEqWQUioZyBiZQ8bKnDKXvErmlsHFR/daGSevk3nl9TKfzC8LyIIyXhaShaWWRlpJMpRFZFEZlTfIYvJGWVyWkCVlKelkaZkgb5Jl5M2yrLxFlpO3yvLyNllBVpSVZGV5u6wi75AQubCP6rKGrClrybtlEtwj68h7ZV15n6wn75f15QOygXxQNpQPyUbyYdlYPiKbyEdlU9lMNpctZEv5mGwlH5etZRvZVj4h28knZXv5lEyUT8sO0l98ijwrO8vnZBf5vOwqu8nu8md5XnrZU/aS0BtkH/mS7Cv7yf5ygBwoX5aD5CtysHxVJsshcqh8TQ6Tr8vh8g05Qo6Uo+SbcrR8S46RY+U4OV6myAlyonxbTpLvyMlyipwqp8lUOV32vzjSbCn/Yf7bv5M/+Je9b5Sb5Ga5RW6V2+R2uUN+InfKnXKX3CX3yD1yr9wr98l9cr/cLw/IAzJTZsqD8qA8JA/Jw/KwPCKPyKPymDwjf5An5I/ypDwlT8kz8qw8K89dfAxAoRJKKqUCFaNyqFiVU+VSV6nc6mqVR12jIupaFaeuU3nV9Sqfyq8KqIIqXhVShZVWRllFKlRFVFEVVTfgxSeMKqlKKadKqwR107+Sr4qpG1VxVeJX+Zfml/R35tdStVStVCvVWrVWbVVb1U61U+1Ve5WoElUH1UF1VB1VJ9VJdVadVRfVRXVVXVV31V31UD1UT9VTJakk1Ue9pPqqfqq/GqAGqpfVIDVIDVaDVbJKVkPVUDVMDVPD1XA1Qo1Qo9QoNVqNVmPUGDVOjVMpKkVNVBPVJDVJTVaT1VQ1VaWqVDVDzVAz1Uw1W81Wc9QcNVfNVfPVfJWm0tRCtVClq3S1WC1WGWqJWqKWqWVqhVqhVqlVao1ao7LWX+vVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nLfsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBtcH+QL8gcFgoJBfFAoKBzowAQ2EBeLHg1uCIoFNwbFgxJByaBU4ILSQUJwU1AmuDkoG9wSlAtuDcoHtwUVgopBpaBycHtQJbgjqBrcGVQL7gqqBzWCmkGt4O6gdnBPUCe4N6gb3BfUC+4P6gcPBA2CB4OGwUNBo+DhoHHwSNAkeDRoGjQLmgctgpZ/6Pjen8z/uOupe+kk3Vv30S/pvrqf7q8H6IH6ZT1Iv6IH61d1sh6ih+rX9DD9uh6u39Aj9Eg9Sr+pR+u39Bg9Vo/T43WKnqAn6rf1JP2Onqyn6Kl6mk7V0/UM/a6eqWfp2fo9PUe/r+fqeXq+XqDT9Ad6oV6k0/WHerH+SGfoJXqpXqaX6xV6pV6lV+s1eq3+WK/T6/UGvVFv0pv1Fr1Vb9Pb9Q79id6pP9W79G69R3+m9+rP9T79hd6vv9QH9Fc6U3+tD+pv9CH9rT6sv9NH9Pf6qD6mj+sf9An9oz6pT+nT+ow+q3/S5/TP+rz2WYv7rI93o4wyMSbGxJpYk8vkMrlNbpPH5DEREzFxJs7kNXlNPpPPFDAFTLyJN4VNYZOFDJkipoiJmqgpZoqZ4qa4KWlKGmecSTAJpowpY8qasqacKWfKm/KmgqlgKplK5nZzu7nD3GHuNHeau8xdpoapYWqZWqa2qW3qmDqmrqlr6pl6pr6pbxqYBqahaWgamUamsWlsmpgmpqlpapqb5qalaWlamVamtWlt2pq2pp1pZ9qb9ibRJJoOpoPpaDqaTqaT6Ww6my6mi+lqupruprvpYXqYnqanSTJJpo/pY/qavqa/6W8GmoFmkBlkBpvBJtkkm6FmqBlmhpnhZrgZYUaaUVkLVfOWGWPGmnFmvEkxKWaimWgmmUlmsplsppqpJtWkmhlmhplpZprZZraZY+aYuWaumW/mmzSTZhaahSbdpJvFZrHJMBlmqVlqlpvlZqVZaVab1WatWWvWwTqzwWwwm8wms8VsMdvMNrPD7DA7zU6zy+wye8wes9fsNfvMPrPf7DcHzAGTaTLNQXPQHDKHzGFz2BwxR8xRc9QcN8fNCXPCnDQnzWlz2pw1+S9+XnoTa3PaXPYqm9tebfPYa+zfxgVsQRtvC9nCVtt8Nv+vYmOtLW5L2JK2lHW2tE2wN/0mrmAr2kq2sr3dVrF32Kq/iWvbe2wde6+ta++ztezdv4rr2fttffuIbYAIYJvZRraFbWwfsU3so7apbWab2xa2nX3StrdP2UT7tO1gn/lNvNAusqvtGrvWfmx32d32tD1jD9lv7Vn7k+1pe9mB9mU7yL5iB9tXbbId8pt4lH3TjrZv2TF2rB1nx/8mnmqn2VQ73c6w79qZdtZv4jT7gZ1j0+1cO8/Otwt+ibPmlG4/tIvtRzbDBrDULrPL7Qq70q76/3NdZtfbDXaj3Wk/tVvsVrvNbrc7Li2E7W67x35m99rP7UH7jd1vv7QH7GGbab/+Jc46vsP2O3vEfm+P2mP2uP3BnrA/qkvZWcf+g/3ZnrfeAiEBSVIUUAzloFjKSbnoKspNV1MeuoYidC3F0XWUl66nfJSfClBBiqdCVJg0GbJEFFIRKkpRuoEuTa8klSJHpSmBbqIydDOVpVuoHN1K5ek2qkAVqRJVptupCt1BVelOqkZ3UXWqQTWpFt1NtekeqkP3Ul26j+rR/VSfHqAG9CA1pIeoET1MjekRakKPUlNqRs2pBbWkx6gVPU6tqQ21pSeoHT1J7ekpSqSnqQM9Qx3pL9SJnqXO9Bx1oeepK3Wj7vQC9aAXqSf1oiTqTX3oJepL/ag/DaCB9DINoldoML1KyTSEhtJrNIxep+H0Bo2gkTSK3qTR9BaNobE0jsZTCk2gifQ2TaJ3aDJNoak0jVJpOs2gd2kmzaLZ9B7NofdpLs2j+bSA0ugDWkiLKJ0+pMX0EWXQElpKy2g5raCVtIpW0xpaSx/TOlpPG2gjbaLNtIW20jbaTjvoE9pJn9Iu2k176DPaS5/TPvqC9tOXdIC+okz6mg7SN3SIvqXD9J3vRd/TUTpGx+kHOkE/0kk6RafpDJ2ln+gc/UznyROEGIpQhioMwpgwRxgb5gxzhVeFucOrwzzhNWEkvDaMC68L84bXh/nC/GGBsGAYHxYKC4c6NKENKQzDImHRMBreEBYLbwyLhyXCkmGp0IWlw4TwprBMeHNYNrwlLBfeGpYPbwsrhBXDR+6rHN4eVgnvCKuGd4bVwrvC6mGNsGZYK7w7rB3eE9YJ7w3rhveFZcP7w/rhA2GD8MGwYfhQ2Ch8OGwcPhI2CR8Nm4bNwuZhi7Bl+FjYKnw8bB22CduGT4TtwifD9uFTYWL4dNghfOaX/vsX/f3+pLB32Cd8KXwp9P5eOT+6IJoW/SC6MLoomh79MLo4+lE0I7okujS6LLo8uiK6Mroqujq6Jro2+nF0XXR9dEN0Y9T7WjnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx13jIu5aF+euc3nd9S6fy+8KuIIu3hVyhZ12xllHLnRFXFEXdTe4Yu5GV9yVcCVdKedcaZfgWriWrqVr5R53rV0b19Y94Z5wT7on3VPuKfe06+CecR3dX1wn96zr7J5zz7nnXVfXzXV3L7gebkKeC6/JJNfH9XF9XV/X3/V3A91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfVTXWpLtXNcDPcTDfTVZl1YS9z3Vw33813aS7NLXRZa8Z0t9gtdhkuwy11S91yt9ytdCvdarfarXVr3Tq3zm1wG9wmt8ltcVvcNrfN7XA73E630+3y11wY1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5MiUyNTItEhqZHpkRuTdyMzIrMjsyHuROZH3I3Mj8yLzIwsiaZEPIgsjiyLpkQ8jiyMfRTIiSyJLI8siyyMrIt4X2hL6Ir6oj/obfDF/oy/uS/iSvpR3vrRP8Df5Mv5mX9bf4sv5W315f5uv4Cv6Sv5R39Q38819C9/SP+Zb+cd9a9/Gt/VP+Hb+Sd/eP+UT/dO+g3/Gd/R/8Z38s76zf8538c/7rr6b7+5f8D38i76n7+WTfG/fx7/k+/p+vr8f4Af6l/0g/4of7F/1yX6IH+pf88P86364f8OP8CP9qJg3/ehLp8gw3qf4CX6if9tP8u/4yX6Kn+qn+VQ/3c/w7/qZfpaf7d/zc/z7fq6f5+f7BT7Nf+AX+kU+3X/oF/uPfIZfcumisl/pV/nVfo1f6z/26/x6v8Fv9Jv8Zr/Fb/Xb/Ha/w3/id/pP/S6/2+/xn/m9/nO/z3/h9/sv/QH/lc/0X/uD/ht/yH/rD/vv/BH/vT/qj/nj/gd/wv/oT/pT/rQ/48/6n/w5/7M/z3+zxhhjjDH2T5lwuSl+3XPhcn7v38kRf7VxHwC4emvBzL/uz1pRrst3od1PxLeLAMDTvbo8dOlWvXpSUtLFbTMkBEXnAVz6JihLDFyOl0BbeBISoQ2U+d359xPdztI/GD96K0Cuv8qJhcvx5fG/AMCk3xn/sSdGLSwfno77H8afB1C86OWcnHA5XgJtf7m+0gbK/p3552/1D+af88sUgNZ/lZMbLseX558Aj8MzkPirLRljjDHGGGOMsQv6iUqdLp1/XvqNz987P49Xl3NywOX4H52fM8YYY4wxxhhj7Mp7tlv3px5LTGzT6V9vVP1fZf3TjSbwfzUyN3634T3ApXsUAPybAwJkNeSfeRSb/5R9JV986fxt1/IzPoD/jFL+EY0r/MbEGGOMMcYY+8NdXvT/+n51pSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ3/GvxO70sfIGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMXWn/LwAA//9+qv+4") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) 1m38.59753663s ago: executing program 5 (id=5858): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80, &(0x7f0000000700)={[{@oldalloc}, {@min_batch_time}, {@min_batch_time={'min_batch_time', 0x3d, 0x8e}}, {@errors_remount}, {@jqfmt_vfsv0}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000000}}, {@debug}, {@nombcache}, {@data_err_abort}, {@data_writeback}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@nogrpid}], [], 0x2c}, 0x0, 0x4bb, &(0x7f0000000140)="$eJzs3MtvVNUfAPDvnT6gP+DXik8eyigaGx8tLc+FG40mbExMNAaXY1sIUsDQmgBppBqDiQsNf4GPnYl/gSvdGHWlcatxa0yI6QZ0Ya65M3fKlJlpO3TaAebzSQbOmXvuPefcc097HrkNoGsVs3+SiK0R8WtEDFaiSxMUK/9dX5ib+HthbiKJNH31r6Sc7trC3EQ1afW8LXlkuBBR+CCJXQ3ynblw8VRpenrqXB4fnT399ujMhYvPnjxdOjF1YurM+JEjB/YPHD40frAt9czKdG3nu2d37zj6xpWXJ45defOHr7Lypvnx2npUDLWYQ0/dN8UoLr2XNZ5o8eq3u2014aS3gwWhJdlTmzVXX7n/D0ZP3Gi8wXjp/Y4WDlhXaZqmm+q+XfxdNp/WSpLKCcBdItGloUtVf9FfW8hmqnMT9fPgu9vV56M8A8rqfT3/VI70RiGbww9V5kZ965T/fRFxbP6fT7NPNFyHAABor2+y8c8zlXFH9VM5UogHatL9P98bGoqIeyJie0Tcm49f7o8op30wIh6qOScbUdavLS1VvCleP/75eWBNFVxBNv57Lt/bWjr+K1STDPXksW3l+vclx09OT+3L78lw9G3K4mP1l16s+rcv/vJJs/yLNeO/7JPlXx0L5uX4s/emmzhZmi2ttd5VV98rL+ldqq9/srgTkLXjjojYeQvXz+7Zyae+3N3s+Mr1/7j5xduwz5R+HvFkpf3n46b6Z/rzUOP9ybHDh8YPjm6O6al9o9Wnot6PP11+JQ/WTSNWrv/6ytr/fw2f/8Wdy6Gkdr92pvU8Lv/2YdM5za0+//3Ja+Vwf/7d+dLs7LmxiP5kvv778Rvnni8NLEmf1X94b+P+vz3i38/y83ZFRPYQPxwRj0TEnrzsj0bEYxGxd5n6f//C4281m0LeDu0/2VL7tx7oOfXd13UZf1RcZf2z9j9QDg3n30yWZjevVK/VFnDNNxAAAADuAHsiYmskhZF8jXNrFAojIxFbFldQZmafPn72nTOTlXcEhqKvUF3pGqxZDx3L14azeHbWeE08O76/vG6cpmk6UI6PTJyd3tbZqkPX29Kk/2f+qH+lBbjbtLSP1uyNNuCOdOv76GlbywFsPO9rQ/fS/6F7rbr/r9dbcEDHNOr/lyKud6AowAZr1P9f70A5gI1n/g/dS/+H7qX/Q1day3v9ywW2H10mTdK7Ppk2DxRi+b8CMBTR2gV/L0S0p4Q9ba3pwCradHO0I68orJimt4U/xLCxgcLtUYxKYFNErPD0Lj5sl6qBi+tdsPKPhy86/fMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgrf4LAAD//8E921o=") utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000200)={{}, {0x77359400}}) 1m38.095712667s ago: executing program 5 (id=5863): futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x5, 0x6, 0x0, &(0x7f0000000000), 0x4004000) 1m37.704120793s ago: executing program 36 (id=5863): futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x5, 0x6, 0x0, &(0x7f0000000000), 0x4004000) 3.174237567s ago: executing program 9 (id=7012): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c0002800500010004000000060018"], 0x4c}}, 0x0) 2.851484481s ago: executing program 9 (id=7017): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000000400)=ANY=[@ANYBLOB="64000000150001002abd7000fedbdf25ac1414aa000000000000000000000000fe8800000000000000000000000001014e2400004e2500000a0010a011000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000001000200000008001f00040000000c0015"], 0x64}, 0x1, 0x0, 0x0, 0x2843ca8725c9de81}, 0x4000) 2.594176415s ago: executing program 9 (id=7022): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r0, 0x1, 0x3b, 0xffffffffffffffff, &(0x7f0000000000)=0xd) 2.316030848s ago: executing program 9 (id=7026): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000001580)={0x48, 0x0, 0x8, 0x3, 0x0, 0x0, {0x5, 0x0, 0x7}, [@CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @icmpv6}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xf8}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_RESPOND={0x8, 0x2, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_DCCP_REQUEST={0x8, 0x1, 0x1, 0x0, 0xa}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000010}, 0x200040c4) 1.984404253s ago: executing program 9 (id=7032): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) 1.908921574s ago: executing program 8 (id=7034): r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080), 0x2) ioctl$UDMABUF_CREATE(r0, 0x541b, 0x0) 1.618867608s ago: executing program 8 (id=7038): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)="5c00000011006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac0090000008684e08b04000200000000000064bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4000000) 1.618265688s ago: executing program 4 (id=7039): bpf$MAP_UPDATE_CONST_STR(0x15, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x12}, @l2cap_cid_signaling={{0xe}, [@l2cap_cmd_rej_unk={{0x1, 0x9, 0x2}, {0x6}}, @l2cap_move_chan_rsp={{0xf, 0x6, 0x4}, {0x889, 0x4}}]}}, 0x17) 1.49015606s ago: executing program 2 (id=7040): r0 = syz_open_dev$video(&(0x7f0000000000), 0x10001, 0xa0000) ioctl$VIDIOC_OVERLAY(r0, 0x4004560e, &(0x7f0000000040)=0x5) 1.394661451s ago: executing program 6 (id=7041): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x58, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0xfa}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x81}, 0x2) 1.362295511s ago: executing program 8 (id=7042): syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000003c0)='./file1\x00', 0x4680, &(0x7f0000000000)=ANY=[@ANYRES8=0x0, @ANYRESHEX], 0xfd, 0x2a7, &(0x7f0000000b00)="$eJzs3U9P1E4cx/HPdBfY30+C5Y8xMZ5QEk8G8KDxQmJ4Bl48GZFdE2KDiWKintCz8QF49yn4ADx6Ip5NvHny4BE9WDPTqdsuLYUNpSy8X8k27Xa+nZn+Yea7BFYAzqw7q98+3PhuX0ZqqSXpthRI6khtSRd0sfN8c2tjK+p19ztQy0XYl2mVlVnf7BW9beNcXV5ot9qazL6HenS+arvpNqB57ukvEEgT/ul0+zvH3rJ6nPWb3uxqVy801XQ7AADN8uN/4Mf5yd04ju12IC34YT8//o/2AGp+xk7T7ajNp4r9mfHfZVmxsdf3vNvVz/eM3b7pQ1yWKP0+9EkbV3Jn5SaYpiqrdG0J/nu0EfWurz+JuoHeaMUb6xebc8tucuum0pzWrr/ee+j5pGO+ZZWyRzucc64PY7YPy8FOv/2ZIrNHW2M189nsmPsm1Ht1/83/2rGxJ8Odj3DgSiXtX/RbBU+N6+W4XKnsVcoUmXaVXMqf8X172VJJRqL0uk0r/wFBmGtnWdTMQFTSu6WKqNnCqOWKqLnBqP7dXB5ZN/PO3DPz+qGPWs3M/wN7thd0kCfTlnEl/Z2xb3/armTohhj/1G1fLiwZDNsjDOGtHuqWpp69fPV4LYp6T5tb+RPXWoV9EpvtYLryKz4RzViLovQmOCntObUr9iQ3Uns67gx/nMZ+MuEY9S/6IQP53cxpYeddJsn/MvnKopus2UWYn6dPZGMrc8HMEZdKcoMZt/y/PIPLMdK24tLMYCDnKq7R5VxXrklXD1JjIvTtPHlWhgkyq/qiB3z+DwAAAAAAAAAAAAAAAAAAMGqO7k8OOirb1XQfAQAAAAAAAAAAAAAAAAAAAAAYdXV8/6//7/BmT5mDfP/vXSVbbU1q7Ch6CKDM3wAAAP//CNaJKw==") open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x22) 1.342733002s ago: executing program 4 (id=7043): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_RENAME(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000f00)=ANY=[@ANYBLOB="34000000050601020000000000000000020000090900030063797a30000000000900020073797a3000000000050001"], 0x34}}, 0x844) 1.211918353s ago: executing program 2 (id=7044): r0 = socket$igmp6(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0x22, &(0x7f0000000080)={{0xa, 0x0, 0x101, @private1={0xfc, 0x1, '\x00', 0x1}, 0x9}, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x0, {[0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x40]}}, 0x5c) 1.131772654s ago: executing program 6 (id=7045): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000380)={0xfffffffa, 0x6000003, 0xd83f}) 1.033712466s ago: executing program 4 (id=7046): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000002580)=ANY=[@ANYBLOB="240000001a0001000800000000000000810000000000000000000000080001"], 0x24}}, 0x0) 957.899567ms ago: executing program 2 (id=7047): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x18, 0x22, 0x301, 0x0, 0x0, {0x1}, [@typed={0x4, 0x138, 0x0, 0x0, @binary}]}, 0x18}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) 834.916309ms ago: executing program 8 (id=7048): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x891e, &(0x7f00000005c0)={'gre0\x00', 0x0}) 827.410889ms ago: executing program 6 (id=7049): r0 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0) ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000300)={0x8, @pix={0x6, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}) 683.59349ms ago: executing program 4 (id=7050): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, 0x0, 0x0) 672.156831ms ago: executing program 2 (id=7051): openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0) pselect6(0x40, &(0x7f0000004600)={0x2, 0x0, 0x8, 0x7, 0xffffffffffffffe8, 0x401, 0xffffffff}, 0x0, &(0x7f0000004680)={0x9, 0xfff, 0xd3, 0x5, 0x7, 0x400, 0x9, 0xa1}, &(0x7f00000046c0)={0x0, 0x989680}, 0x0) 558.289432ms ago: executing program 6 (id=7052): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000002c0)={0x1, @pix={0x3, 0x7, 0x55595659, 0x8, 0x8000, 0x3, 0x6, 0xf, 0x0, 0x7, 0x0, 0x1}}) 487.316613ms ago: executing program 8 (id=7053): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/crypto\x00', 0x0, 0x0) lseek(r0, 0x1000000, 0x0) 388.995425ms ago: executing program 2 (id=7054): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0xffffffff, 0x2) ioctl$vim2m_VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x1, @pix_mp={0x7, 0x8, 0x31384142, 0x7, 0x6, [{0x0, 0xfffffffd}, {0x401, 0xdc8c}, {0x1, 0x80}, {0xc2, 0x401}, {0x3, 0x8}, {0xc, 0x7}, {0x9, 0x80000001}, {0x8000, 0x7f}], 0xd1, 0x6, 0x4, 0x1, 0x2}}) 388.745635ms ago: executing program 4 (id=7055): r0 = syz_open_dev$sndpcmc(&(0x7f00000000c0), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_FREE(r0, 0x4112, 0x0) 263.701966ms ago: executing program 6 (id=7056): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$AUTOFS_IOC_CATATONIC(r0, 0x800443d3, 0x20000002) 173.031857ms ago: executing program 8 (id=7057): r0 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000240)="7d4db19e", 0x4}], 0x1) 172.491797ms ago: executing program 9 (id=7058): r0 = socket(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020506050e0204095c0009003f0000000a0000000d0085a168d0bf46d32345653600648d0a0015000700000049935ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0) 135.618518ms ago: executing program 4 (id=7059): r0 = socket(0x15, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x2711, 0x0, 0x0) 88.132739ms ago: executing program 2 (id=7060): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2", 0xb8) 0s ago: executing program 6 (id=7061): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000300)={{0x0, 0xfd}, {0x7, 0x2f}, 0xfffffffd, 0xa}) kernel console output (not intermixed with test programs): ][T17479] binfmt_misc: register: failed to install interpreter file ./file0/../file0 [ 571.345432][T17492] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5415'. [ 571.472501][T17496] loop5: detected capacity change from 0 to 512 [ 571.550703][T17496] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 571.611691][ T5400] kernel write not supported for file /2275/net/sockstat (pid: 5400 comm: kworker/0:15) [ 571.634482][T17496] ext4 filesystem being mounted at /967/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 571.848730][T17508] loop6: detected capacity change from 0 to 64 [ 571.874108][ T6501] EXT4-fs (loop5): unmounting filesystem. [ 571.948808][T17508] overlayfs: filesystem on './file0' not supported [ 572.040164][T17511] loop5: detected capacity change from 0 to 164 [ 572.086042][T17513] netlink: 'syz.2.5424': attribute type 10 has an invalid length. [ 572.099404][T17511] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 572.159452][T17513] team0: Port device vlan0 added [ 572.277656][T17515] syz.6.5425: attempt to access beyond end of device [ 572.277656][T17515] mtdblock0: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=256 [ 572.550351][T17518] loop5: detected capacity change from 0 to 2048 [ 572.672735][T17518] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 572.796329][T17528] loop6: detected capacity change from 0 to 256 [ 572.889844][T17528] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 572.948714][T17528] fuse: Bad value for 'fd' [ 573.844776][ T4254] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 573.857275][ T4254] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 573.867710][ T4254] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 573.876154][ T4254] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 573.885870][ T4254] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 573.894075][ T4254] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 574.307130][T17570] netlink: 'syz.6.5451': attribute type 21 has an invalid length. [ 574.318629][T17572] loop2: detected capacity change from 0 to 16 [ 574.337919][T17570] IPv6: NLM_F_CREATE should be specified when creating new route [ 574.348951][T17572] erofs: (device loop2): mounted with root inode @ nid 36. [ 574.605490][T17550] chnl_net:caif_netlink_parms(): no params data found [ 574.932970][T17550] bridge0: port 1(bridge_slave_0) entered blocking state [ 574.947738][T17593] loop6: detected capacity change from 0 to 256 [ 574.966575][T17550] bridge0: port 1(bridge_slave_0) entered disabled state [ 574.975330][T17550] device bridge_slave_0 entered promiscuous mode [ 574.984771][T17550] bridge0: port 2(bridge_slave_1) entered blocking state [ 575.008847][T17550] bridge0: port 2(bridge_slave_1) entered disabled state [ 575.036158][T17550] device bridge_slave_1 entered promiscuous mode [ 575.154213][T17595] loop5: detected capacity change from 0 to 8 [ 575.202159][T17550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 575.260607][T17550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 575.427348][T17550] team0: Port device team_slave_0 added [ 575.458908][T17601] loop2: detected capacity change from 0 to 1024 [ 575.466584][T17550] team0: Port device team_slave_1 added [ 575.519510][T17601] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 575.619293][T17601] Quota error (device loop2): do_check_range: Getting block 64 out of range 1-5 [ 575.631829][T17601] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 575.641284][T17601] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.5463: Failed to acquire dquot type 0 [ 575.662041][ T4330] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 575.703167][T17550] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 575.710173][T17550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 575.736203][ C0] vkms_vblank_simulate: vblank timer overrun [ 575.775165][T17601] EXT4-fs error (device loop2): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 575.820674][T17601] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #13: comm syz.2.5463: corrupted inode contents [ 575.831430][T17550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 575.870122][T17601] EXT4-fs error (device loop2): ext4_dirty_inode:6118: inode #13: comm syz.2.5463: mark_inode_dirty error [ 575.901865][T17601] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #13: comm syz.2.5463: corrupted inode contents [ 575.901901][T17550] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 575.940565][T17550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 575.963434][T17601] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #13: comm syz.2.5463: mark_inode_dirty error [ 575.966543][ C0] vkms_vblank_simulate: vblank timer overrun [ 575.981192][ T4330] usb 6-1: Using ep0 maxpacket: 32 [ 575.985284][ T4267] Bluetooth: hci5: command 0x0409 tx timeout [ 575.999254][ T4330] usb 6-1: unable to get BOS descriptor or descriptor too short [ 576.017422][ T4330] usb 6-1: config 7 has an invalid interface number: 128 but max is 0 [ 576.019698][T17550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 576.037636][T17601] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #13: comm syz.2.5463: corrupted inode contents [ 576.050574][ T4330] usb 6-1: config 7 contains an unexpected descriptor of type 0x1, skipping [ 576.071316][T17601] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 576.089327][T17601] EXT4-fs error (device loop2): ext4_do_update_inode:5253: inode #13: comm syz.2.5463: corrupted inode contents [ 576.116434][ T4330] usb 6-1: config 7 has an invalid descriptor of length 148, skipping remainder of the config [ 576.117550][T17550] device hsr_slave_0 entered promiscuous mode [ 576.138030][T17601] EXT4-fs error (device loop2): ext4_truncate:4312: inode #13: comm syz.2.5463: mark_inode_dirty error [ 576.150043][T17550] device hsr_slave_1 entered promiscuous mode [ 576.167224][T17550] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 576.170439][ T4330] usb 6-1: config 7 has no interface number 0 [ 576.190713][T17601] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 576.200031][T17550] Cannot create hsr debugfs directory [ 576.200059][ T4330] usb 6-1: config 7 interface 128 altsetting 2 has an invalid endpoint with address 0x17, skipping [ 576.226716][T17601] EXT4-fs (loop2): 1 truncate cleaned up [ 576.254508][T17601] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 576.263740][ T4330] usb 6-1: config 7 interface 128 altsetting 2 endpoint 0x87 has an invalid bInterval 209, changing to 11 [ 576.286686][ T4330] usb 6-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 576.311579][ T4330] usb 6-1: config 7 interface 128 has no altsetting 0 [ 576.325807][ T4330] usb 6-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13 [ 576.353541][ T4330] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 576.370493][T17601] Quota error (device loop2): do_check_range: Getting block 64 out of range 1-5 [ 576.381861][ T4330] usb 6-1: Product: syz [ 576.395894][ T4330] usb 6-1: Manufacturer: syz [ 576.410816][ T4330] usb 6-1: SerialNumber: syz [ 576.418990][T17601] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 576.429988][T17595] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 576.469114][T17601] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.5463: Failed to acquire dquot type 0 [ 576.600756][T17625] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5475'. [ 576.672881][ T4330] usb 6-1: MIDIStreaming interface descriptor not found [ 576.683278][ T4257] EXT4-fs (loop2): unmounting filesystem. [ 576.746543][ T4330] usb 6-1: USB disconnect, device number 18 [ 576.929572][T17550] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 576.958050][T17550] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 576.992700][T17550] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 577.030502][T17550] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 577.068245][ T4410] udevd[4410]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:7.128/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 577.366387][T17550] 8021q: adding VLAN 0 to HW filter on device bond0 [ 577.426800][T14905] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 577.445314][T14905] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 577.475976][T17550] 8021q: adding VLAN 0 to HW filter on device team0 [ 577.512318][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 577.532313][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 577.558274][T14910] bridge0: port 1(bridge_slave_0) entered blocking state [ 577.565507][T14910] bridge0: port 1(bridge_slave_0) entered forwarding state [ 577.578365][T17645] netlink: 300 bytes leftover after parsing attributes in process `syz.4.5485'. [ 577.632526][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 577.654620][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 577.689253][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 577.699895][T14910] bridge0: port 2(bridge_slave_1) entered blocking state [ 577.707107][T14910] bridge0: port 2(bridge_slave_1) entered forwarding state [ 577.772058][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 577.783600][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 577.823305][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 577.841637][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 577.876216][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 577.898190][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 577.932492][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 577.954928][T17651] loop4: detected capacity change from 0 to 2048 [ 577.962452][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 577.987982][T17550] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 578.013477][T17651] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 578.031935][T17550] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 578.044596][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 578.059677][ T4267] Bluetooth: hci5: command 0x041b tx timeout [ 578.084214][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 578.099353][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 578.126661][T17656] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 578.127040][T17651] syz.4.5488: attempt to access beyond end of device [ 578.127040][T17651] loop4: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 578.341619][T17651] NILFS error (device loop4): nilfs_check_page: bad entry in directory #2: directory entry across blocks - offset=104, inode=16, rec_len=1816, name_len=0 [ 578.431149][T17651] Remounting filesystem read-only [ 578.824520][T17673] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5496'. [ 578.826032][T17672] sctp: [Deprecated]: syz.5.5497 (pid 17672) Use of struct sctp_assoc_value in delayed_ack socket option. [ 578.826032][T17672] Use struct sctp_sack_info instead [ 579.015702][T17678] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5499'. [ 579.052498][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 579.061786][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 579.089606][T17550] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 579.345828][ T26] audit: type=1326 audit(1747922062.157:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17689 comm="syz.2.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 579.411240][ T26] audit: type=1326 audit(1747922062.187:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17689 comm="syz.2.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=160 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 579.501942][ T26] audit: type=1326 audit(1747922062.187:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17689 comm="syz.2.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 579.592722][ T26] audit: type=1326 audit(1747922062.187:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17689 comm="syz.2.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 579.683113][T17699] loop2: detected capacity change from 0 to 2048 [ 579.727449][T17699] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 579.825113][T17704] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 579.842438][ T4911] udevd[4911]: incorrect nilfs2 checksum on /dev/loop2 [ 580.132701][ T4267] Bluetooth: hci5: command 0x040f tx timeout [ 580.153538][T17704] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 580.208929][T17704] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4) [ 580.310050][T17704] Remounting filesystem read-only [ 580.338074][ T4257] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer [ 580.484180][T17719] netlink: 'syz.4.5517': attribute type 24 has an invalid length. [ 580.727851][T14922] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 580.752372][T14922] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 580.756340][T17728] loop5: detected capacity change from 0 to 256 [ 580.835675][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 580.865075][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 580.905855][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 580.933803][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 580.976388][T17550] device veth0_vlan entered promiscuous mode [ 581.029224][T17735] netlink: 76 bytes leftover after parsing attributes in process `syz.6.5524'. [ 581.040727][T17550] device veth1_vlan entered promiscuous mode [ 581.059075][T17735] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5524'. [ 581.148634][T17550] device veth0_macvtap entered promiscuous mode [ 581.172737][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 581.233315][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 581.252479][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 581.273313][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 581.305401][T17550] device veth1_macvtap entered promiscuous mode [ 581.313830][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 581.324021][T14910] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 581.361154][T17550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.401503][T17550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.443429][T17550] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 581.469916][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 581.515005][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 581.580344][T17550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.608463][T17550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.667902][T17550] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 581.692025][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 581.723133][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 581.756250][T17550] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.771688][T17550] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.786762][T17550] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.832131][T17550] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 581.937555][T17731] loop4: detected capacity change from 0 to 32768 [ 582.064047][T17731] ERROR: (device loop4): dbAlloc: the hint is outside the map [ 582.064047][T17731] [ 582.085314][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 582.108888][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 582.142040][T17731] ERROR: (device loop4): remounting filesystem as read-only [ 582.212052][ T4267] Bluetooth: hci5: command 0x0419 tx timeout [ 582.220330][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 582.319893][ T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 582.352689][ T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 582.394091][T17766] tmpfs: Bad value for 'mpol' [ 582.426189][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 583.012002][T17786] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5544'. [ 583.012026][T17786] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5544'. [ 583.032957][T17785] loop6: detected capacity change from 0 to 64 [ 583.439817][T17800] UBIFS error (pid: 17800): cannot open "", error -22 [ 583.931225][T17818] loop6: detected capacity change from 0 to 256 [ 584.098995][T17818] FAT-fs (loop6): Directory bread(block 64) failed [ 584.125148][T17818] FAT-fs (loop6): Directory bread(block 65) failed [ 584.125269][T17818] FAT-fs (loop6): Directory bread(block 66) failed [ 584.125300][T17818] FAT-fs (loop6): Directory bread(block 67) failed [ 584.125378][T17818] FAT-fs (loop6): Directory bread(block 68) failed [ 584.125407][T17818] FAT-fs (loop6): Directory bread(block 69) failed [ 584.125482][T17818] FAT-fs (loop6): Directory bread(block 70) failed [ 584.125511][T17818] FAT-fs (loop6): Directory bread(block 71) failed [ 584.125590][T17818] FAT-fs (loop6): Directory bread(block 72) failed [ 584.125619][T17818] FAT-fs (loop6): Directory bread(block 73) failed [ 584.744833][T17847] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5575'. [ 584.785922][T17849] loop2: detected capacity change from 0 to 256 [ 584.800840][T17847] netlink: 72 bytes leftover after parsing attributes in process `syz.6.5575'. [ 584.825825][T17847] A link change request failed with some changes committed already. Interface veth1 may have been left with an inconsistent configuration, please check. [ 585.579604][T17875] loop2: detected capacity change from 0 to 128 [ 585.588911][T17875] befs: (loop2): invalid magic header [ 585.679783][ T4911] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 585.912079][T17885] xt_TCPMSS: Only works on TCP SYN packets [ 586.300609][T17903] loop8: detected capacity change from 0 to 64 [ 586.373077][T17900] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5599'. [ 586.994533][T17928] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 587.051628][ T4330] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 587.130431][ T26] audit: type=1326 audit(1747922069.937:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17931 comm="syz.4.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fff78e969 code=0x7ffc0000 [ 587.191584][ T26] audit: type=1326 audit(1747922069.967:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17931 comm="syz.4.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fff78e969 code=0x7ffc0000 [ 587.213965][ C1] vkms_vblank_simulate: vblank timer overrun [ 587.256553][ T26] audit: type=1326 audit(1747922069.977:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17931 comm="syz.4.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f3fff78e969 code=0x7ffc0000 [ 587.278857][ C1] vkms_vblank_simulate: vblank timer overrun [ 587.281714][ T4330] usb 6-1: Using ep0 maxpacket: 8 [ 587.302765][ T4330] usb 6-1: config 1 has an invalid interface number: 128 but max is 1 [ 587.321302][ T4330] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 587.357556][ T4330] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 587.367707][ T26] audit: type=1326 audit(1747922069.987:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17931 comm="syz.4.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fff78e969 code=0x7ffc0000 [ 587.415028][ T4330] usb 6-1: config 1 has no interface number 0 [ 587.441929][ T4330] usb 6-1: config 1 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 587.492307][ T26] audit: type=1326 audit(1747922069.987:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17931 comm="syz.4.5615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fff78e969 code=0x7ffc0000 [ 587.514773][ C1] vkms_vblank_simulate: vblank timer overrun [ 587.515048][ T4330] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 587.515079][ T4330] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 587.515100][ T4330] usb 6-1: Product: syz [ 587.515116][ T4330] usb 6-1: Manufacturer: syz [ 587.515132][ T4330] usb 6-1: SerialNumber: syz [ 587.522695][ T4330] cdc_wdm 6-1:1.128: skipping garbage [ 587.598457][ T4330] cdc_wdm 6-1:1.128: invalid descriptor buffer length [ 587.616042][ T4330] cdc_wdm: probe of 6-1:1.128 failed with error -22 [ 587.778444][ T4330] usb 6-1: USB disconnect, device number 19 [ 587.906062][T17954] netlink: 'syz.8.5626': attribute type 10 has an invalid length. [ 587.935284][T17956] loop2: detected capacity change from 0 to 64 [ 587.959888][T17956] MINIX-fs: mounting file system with errors, running fsck is recommended [ 587.983131][T17954] team0: Cannot enslave team device to itself [ 588.239251][T17961] netlink: 'syz.6.5630': attribute type 27 has an invalid length. [ 588.514162][ T5393] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 588.641775][ T5791] usb 9-1: new full-speed USB device number 2 using dummy_hcd [ 588.691043][T17978] netlink: 72 bytes leftover after parsing attributes in process `syz.4.5638'. [ 588.711589][T17978] netlink: 72 bytes leftover after parsing attributes in process `syz.4.5638'. [ 588.715802][ T5393] usb 3-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05 [ 588.749025][ T5393] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 588.770148][ T5393] usb 3-1: Product: syz [ 588.779836][ T5393] usb 3-1: Manufacturer: syz [ 588.786501][ T5393] usb 3-1: SerialNumber: syz [ 588.798423][ T5393] usb 3-1: config 0 descriptor?? [ 588.816914][ T5393] go7007: probe of 3-1:0.0 failed with error -12 [ 588.833100][ T5791] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 588.853761][ T5791] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 588.911519][ T5791] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 588.931766][ T5791] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 588.966979][ T5791] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 588.995513][ T5791] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 589.005189][ T5791] usb 9-1: Manufacturer: syz [ 589.039804][ T5393] usb 3-1: USB disconnect, device number 32 [ 589.047170][ T5791] usb 9-1: config 0 descriptor?? [ 589.230362][T17974] loop6: detected capacity change from 0 to 32768 [ 589.270909][ T5393] usb 9-1: USB disconnect, device number 2 [ 589.272629][T17974] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 scanned by syz.6.5636 (17974) [ 589.383224][T17974] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 589.400617][T17974] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 589.419779][T17974] BTRFS info (device loop6): force clearing of disk cache [ 589.431555][T17974] BTRFS info (device loop6): enabling auto defrag [ 589.441004][T17974] BTRFS info (device loop6): max_inline at 0 [ 589.452685][T17974] BTRFS info (device loop6): enabling disk space caching [ 589.470775][T17974] BTRFS info (device loop6): disk space caching is enabled [ 589.611548][T18007] program syz.4.5647 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 589.648917][ T5791] usb 6-1: new full-speed USB device number 20 using dummy_hcd [ 589.768184][T17974] BTRFS info (device loop6): enabling ssd optimizations [ 589.795520][T17974] BTRFS info (device loop6): rebuilding free space tree [ 589.843768][ T5791] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 589.855840][T17974] BTRFS info (device loop6): disabling free space tree [ 589.858144][T18018] loop4: detected capacity change from 0 to 64 [ 589.879406][ T5791] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 589.884766][T17974] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 589.922112][ T5791] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 589.950089][ T5791] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 589.978061][ T5791] usb 6-1: SerialNumber: syz [ 589.993876][T17974] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 590.033918][ T5791] cdc_ether: probe of 6-1:1.0 failed with error -22 [ 590.075031][ T5791] usb-storage 6-1:1.0: USB Mass Storage device detected [ 590.153183][ T5791] usb-storage 6-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 590.165321][ T5791] scsi host1: usb-storage 6-1:1.0 [ 590.320623][T10425] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 590.589801][ T4911] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 11 /dev/loop6 scanned by udevd (4911) [ 590.658964][ T93] block nbd4: Attempted send on invalid socket [ 590.665558][ T93] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 590.682035][T18040] vxfs: unable to read disk superblock at 1 [ 590.831470][ T52] block nbd4: Attempted send on invalid socket [ 590.837712][ T52] I/O error, dev nbd4, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 590.854628][T18040] vxfs: unable to read disk superblock at 8 [ 590.870033][T18040] vxfs: can't find superblock. [ 591.184288][T18051] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5663'. [ 591.470944][ T126] usb 6-1: USB disconnect, device number 20 [ 591.754573][T18070] netlink: 'syz.6.5672': attribute type 1 has an invalid length. [ 591.799776][T18070] netlink: 134744 bytes leftover after parsing attributes in process `syz.6.5672'. [ 591.805489][T18072] x_tables: ip6_tables: TCPOPTSTRIP target: only valid for protocol 6 [ 592.248455][T18089] loop6: detected capacity change from 0 to 512 [ 592.308847][T18085] loop5: detected capacity change from 0 to 4096 [ 592.329051][T18085] ntfs3: loop5: Different NTFS' sector size (2048) and media sector size (512) [ 592.346434][T18089] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 592.356792][T18089] ext4 filesystem being mounted at /600/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 592.421513][ T5399] usb 5-1: new full-speed USB device number 37 using dummy_hcd [ 592.425392][T18089] Quota error (device loop6): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 592.519243][T18089] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 592.551934][T18089] EXT4-fs error (device loop6): ext4_acquire_dquot:6802: comm syz.6.5681: Failed to acquire dquot type 0 [ 592.654307][ T5399] usb 5-1: New USB device found, idVendor=045e, idProduct=00f4, bcdDevice=d5.51 [ 592.689389][ T5399] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 592.720017][ T5399] usb 5-1: config 0 descriptor?? [ 592.727205][T18103] device netdevsim0 entered promiscuous mode [ 592.744873][ T5399] gspca_main: gspca_sn9c20x-2.14.0 probing 045e:00f4 [ 592.804910][T18103] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 592.829034][T10425] EXT4-fs (loop6): unmounting filesystem. [ 593.162724][ T5399] gspca_sn9c20x: Write register 1001 failed -71 [ 593.169683][ T5399] gspca_sn9c20x: Device initialization failed [ 593.196443][ T5399] gspca_sn9c20x: probe of 5-1:0.0 failed with error -71 [ 593.232368][ T5399] usb 5-1: USB disconnect, device number 37 [ 593.885993][T18105] loop5: detected capacity change from 0 to 32768 [ 594.633076][T18157] bridge0: port 3(netdevsim0) entered disabled state [ 594.671819][T18157] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 595.303171][T18183] loop8: detected capacity change from 0 to 512 [ 595.342024][ T126] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 595.401146][T18183] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002] [ 595.423044][T18182] loop5: detected capacity change from 0 to 4096 [ 595.437042][T18182] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512) [ 595.446892][T18183] System zones: 1-12 [ 595.467715][T18183] EXT4-fs error (device loop8): dx_probe:823: inode #2: comm syz.8.5726: Directory hole found for htree index block 0 [ 595.548368][T18183] EXT4-fs (loop8): Remounting filesystem read-only [ 595.555184][ T126] usb 3-1: Using ep0 maxpacket: 32 [ 595.565103][ T126] usb 3-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 595.604005][T18183] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -117 [ 595.613721][ T126] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 595.646420][T18183] EXT4-fs error (device loop8): dx_probe:823: inode #2: comm syz.8.5726: Directory hole found for htree index block 0 [ 595.669595][ T126] usb 3-1: Product: syz [ 595.674813][ T126] usb 3-1: Manufacturer: syz [ 595.686218][ T126] usb 3-1: SerialNumber: syz [ 595.696251][ T126] usb 3-1: config 0 descriptor?? [ 595.711738][T18183] EXT4-fs (loop8): Remounting filesystem read-only [ 595.729376][T18183] EXT4-fs (loop8): Cannot turn on journaled quota: type 1: error -117 [ 595.751602][T18183] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 595.807629][T18183] EXT4-fs (loop8): unmounting filesystem. [ 595.851573][ T5399] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 596.045107][ T5399] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.086196][ T5399] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 596.117724][ T5399] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 596.145867][ T5399] usb 5-1: config 0 descriptor?? [ 596.151573][ T126] airspy 3-1:0.0: usb_control_msg() failed -71 request 0a [ 596.158754][ T126] airspy 3-1:0.0: Could not detect board [ 596.188700][ T126] airspy: probe of 3-1:0.0 failed with error -71 [ 596.219619][ T126] usb 3-1: USB disconnect, device number 33 [ 596.374433][ T5399] usb 5-1: USB disconnect, device number 38 [ 596.455350][T18210] loop8: detected capacity change from 0 to 512 [ 596.463526][T18210] EXT4-fs: Ignoring removed oldalloc option [ 596.493998][T18210] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b802e02d, mo2=0002] [ 596.502621][T18210] System zones: 1-12 [ 596.508022][T18210] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #11: comm syz.8.5738: invalid indirect mapped block 1 (level 1) [ 596.531735][T18210] EXT4-fs (loop8): Remounting filesystem read-only [ 596.538324][T18210] EXT4-fs error (device loop8): ext4_free_branches:1030: inode #11: comm syz.8.5738: invalid indirect mapped block 7 (level 2) [ 596.579169][T18210] EXT4-fs (loop8): Remounting filesystem read-only [ 596.586080][T18210] EXT4-fs (loop8): 1 truncate cleaned up [ 596.597727][T18210] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 596.684950][T17550] EXT4-fs (loop8): unmounting filesystem. [ 597.113433][ T26] audit: type=1326 audit(1747922080.932:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18231 comm="syz.4.5749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fff78e969 code=0x7ffc0000 [ 597.205698][ T26] audit: type=1326 audit(1747922080.962:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18231 comm="syz.4.5749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f3fff78e969 code=0x7ffc0000 [ 597.430697][ T26] audit: type=1326 audit(1747922081.242:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18231 comm="syz.4.5749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fff78e969 code=0x7ffc0000 [ 597.509828][ T26] audit: type=1326 audit(1747922081.302:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18231 comm="syz.4.5749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fff78e969 code=0x7ffc0000 [ 597.700040][T18216] loop5: detected capacity change from 0 to 32768 [ 598.131513][ T5393] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 598.321675][ T5393] usb 9-1: Using ep0 maxpacket: 8 [ 598.329721][ T5393] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 598.360484][ T5393] usb 9-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 598.381856][T18262] device geneve2 entered promiscuous mode [ 598.387947][ T5393] usb 9-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 598.406807][ T5393] usb 9-1: Product: syz [ 598.411074][ T5393] usb 9-1: Manufacturer: syz [ 598.424517][ T5393] usb 9-1: SerialNumber: syz [ 598.523212][T18240] loop2: detected capacity change from 0 to 32768 [ 598.543315][T18240] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11 [ 598.605742][T18264] netlink: 'syz.6.5765': attribute type 24 has an invalid length. [ 598.671209][ T5393] usb 9-1: Handspring Visor / Palm OS: No valid connect info available [ 598.688170][ T5393] usb 9-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 598.725693][ T5393] usb 9-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 598.744845][ T5393] usb 9-1: Handspring Visor / Palm OS: Number of ports: 2 [ 598.884323][ T5393] usb 9-1: palm_os_3_probe - error -71 getting bytes available request [ 598.913929][ T4908] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 11 [ 598.914055][ T5393] visor 9-1:1.0: Handspring Visor / Palm OS converter detected [ 598.976397][ T5393] usb 9-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 599.017315][ T5393] usb 9-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 599.091693][ T5393] usb 9-1: USB disconnect, device number 3 [ 599.134132][ T5393] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 599.181285][ T5393] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 599.186703][T18277] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 599.238073][ T5393] visor 9-1:1.0: device disconnected [ 599.981619][T18305] xt_limit: Overflow, try lower: 1207959552/384 [ 600.770539][T18329] loop5: detected capacity change from 0 to 1024 [ 600.918678][T18335] netlink: 36 bytes leftover after parsing attributes in process `syz.6.5800'. [ 601.454441][T18350] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5807'. [ 601.553336][T18356] netlink: 'syz.6.5808': attribute type 1 has an invalid length. [ 601.776534][ T26] audit: type=1326 audit(1747922085.592:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18359 comm="syz.8.5812" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7eff3478e969 code=0x0 [ 602.257157][T18380] delete_channel: no stack [ 602.362530][T18386] loop5: detected capacity change from 0 to 256 [ 602.389149][T18388] loop4: detected capacity change from 0 to 8 [ 602.416128][T18386] exfat: Deprecated parameter 'namecase' [ 602.422473][T18388] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 602.451613][T18386] exfat: Deprecated parameter 'namecase' [ 602.496954][T18388] cramfs: Error -3 while decompressing! [ 602.523844][T18386] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 602.535588][T18388] cramfs: ffffffff96b4c568(26)->ffff88804def6000(4096) [ 602.571561][T18388] cramfs: Error -3 while decompressing! [ 602.572428][ T4908] udevd[4908]: incorrect cramfs checksum on /dev/loop4 [ 602.591519][T18388] cramfs: ffffffff96b4c582(26)->ffff88804def5000(4096) [ 602.627490][T18388] cramfs: Error -3 while decompressing! [ 602.663829][T18388] cramfs: ffffffff96b4c59c(16)->ffff88804deff000(4096) [ 602.701785][T18388] cramfs: Error -3 while decompressing! [ 602.707410][T18388] cramfs: ffffffff96b4c568(26)->ffff88804def6000(4096) [ 602.720196][ T4911] udevd[4911]: incorrect cramfs checksum on /dev/loop4 [ 602.815424][T18396] loop6: detected capacity change from 0 to 1024 [ 603.027280][T14905] hfsplus: b-tree write err: -5, ino 4 [ 603.030875][T18402] loop4: detected capacity change from 0 to 1764 [ 603.131570][ T26] audit: type=1326 audit(1747922086.942:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18406 comm="syz.8.5845" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7eff3478e969 code=0x0 [ 603.258496][T18411] loop6: detected capacity change from 0 to 512 [ 603.302099][T18411] EXT4-fs: Ignoring removed oldalloc option [ 603.345084][T18411] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b802e02d, mo2=0002] [ 603.398882][T18411] System zones: 1-12 [ 603.430434][T18411] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.5835: invalid indirect mapped block 1 (level 1) [ 603.499331][T18411] EXT4-fs (loop6): Remounting filesystem read-only [ 603.528874][T18411] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.5835: invalid indirect mapped block 7 (level 2) [ 603.581593][T18411] EXT4-fs (loop6): Remounting filesystem read-only [ 603.606561][T18411] EXT4-fs (loop6): 1 truncate cleaned up [ 603.631562][T18411] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 603.830566][T10425] EXT4-fs (loop6): unmounting filesystem. [ 604.084051][T18439] netlink: 12296 bytes leftover after parsing attributes in process `syz.2.5850'. [ 604.170681][T18439] netlink: 164 bytes leftover after parsing attributes in process `syz.2.5850'. [ 604.224353][T18443] loop6: detected capacity change from 0 to 256 [ 604.261873][T18447] loop5: detected capacity change from 0 to 256 [ 604.270125][T18443] FAT-fs (loop6): error, clusters badly computed (1 != 0) [ 604.272288][T18447] exfat: Deprecated parameter 'namecase' [ 604.343045][T18447] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 604.461856][ T4301] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 604.661602][ T4301] usb 5-1: Using ep0 maxpacket: 16 [ 604.669606][ T4301] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 604.711694][ T4301] usb 5-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d [ 604.723304][ T4301] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 604.731626][ T4301] usb 5-1: Product: syz [ 604.736328][ T4301] usb 5-1: Manufacturer: syz [ 604.741512][ T4301] usb 5-1: SerialNumber: syz [ 604.748436][ T4301] usb 5-1: config 0 descriptor?? [ 604.775599][ T4301] gspca_main: STV06xx-2.14.0 probing 046d:08f0 [ 604.788878][ T4301] gspca_stv06xx: st6422 sensor detected [ 605.200147][ T46] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 605.263926][ T4301] STV06xx: probe of 5-1:0.0 failed with error -71 [ 605.278348][ T4301] usb 5-1: USB disconnect, device number 39 [ 605.288564][T18455] loop6: detected capacity change from 0 to 32768 [ 605.344277][T18451] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 605.379348][T18455] ERROR: (device loop6): dbAlloc: the hint is outside the map [ 605.379348][T18455] [ 605.414107][ T46] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 605.440055][T18455] ialloc: diAlloc returned -5! [ 605.599560][ T46] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 605.705400][T18468] netlink: 'syz.6.5867': attribute type 3 has an invalid length. [ 605.853607][ T46] bridge0: port 3(netdevsim0) entered disabled state [ 605.975311][ T46] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.074918][T18478] cgroup: Unexpected value for 'cpuset_v2_mode' [ 606.487903][T18481] loop8: detected capacity change from 0 to 4096 [ 606.560882][T18481] ntfs3: Unknown parameter 'case' [ 606.619803][ T4254] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 606.634631][ T4254] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 606.651094][ T4254] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 606.661581][ T4254] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 606.669203][ T4254] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 606.677163][ T4254] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 606.704168][ T5459] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 606.961540][ T5459] usb 5-1: Using ep0 maxpacket: 16 [ 606.986106][ T5459] usb 5-1: too many endpoints for config 0 interface 0 altsetting 229: 247, using maximum allowed: 30 [ 607.003052][ T5459] usb 5-1: config 0 interface 0 altsetting 229 has 0 endpoint descriptors, different from the interface descriptor's value: 247 [ 607.029585][ T5459] usb 5-1: config 0 interface 0 has no altsetting 0 [ 607.046191][ T5459] usb 5-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=59.31 [ 607.080576][ T5459] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 607.098150][ T5459] usb 5-1: Product: syz [ 607.103875][ T5459] usb 5-1: Manufacturer: syz [ 607.108653][ T5459] usb 5-1: SerialNumber: syz [ 607.126166][ T5459] usb 5-1: config 0 descriptor?? [ 607.170035][ T5459] usb 5-1: cannot find UAC_HEADER [ 607.218025][ T5459] snd-usb-audio: probe of 5-1:0.0 failed with error -22 [ 607.351024][ T4908] udevd[4908]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 607.424266][ T5459] usb 5-1: USB disconnect, device number 40 [ 608.377322][T18544] netlink: 830 bytes leftover after parsing attributes in process `syz.6.5893'. [ 608.568634][T18488] chnl_net:caif_netlink_parms(): no params data found [ 608.772033][ T4254] Bluetooth: hci4: command 0x0409 tx timeout [ 608.833208][T18555] loop4: detected capacity change from 0 to 4096 [ 608.858678][T18558] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 608.939672][T18555] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 609.115642][T18555] ntfs3: loop4: failed to convert "c46c" to macroman [ 609.178550][T18562] ieee802154 phy0 wpan0: encryption failed: -22 [ 609.413449][T18572] xt_limit: Overflow, try lower: 65536/2147483648 [ 609.489231][T18488] bridge0: port 1(bridge_slave_0) entered blocking state [ 609.509536][T18488] bridge0: port 1(bridge_slave_0) entered disabled state [ 609.553460][T18488] device bridge_slave_0 entered promiscuous mode [ 609.572305][T18488] bridge0: port 2(bridge_slave_1) entered blocking state [ 609.583464][T18488] bridge0: port 2(bridge_slave_1) entered disabled state [ 609.622519][T18488] device bridge_slave_1 entered promiscuous mode [ 610.002067][T18551] loop8: detected capacity change from 0 to 32768 [ 610.025471][T18488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 610.252578][T18551] XFS (loop8): Mounting V5 Filesystem [ 610.399680][T18488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 610.418575][T18551] XFS (loop8): Ending clean mount [ 610.628369][ T46] device hsr_slave_0 left promiscuous mode [ 610.645198][T17550] XFS (loop8): Unmounting Filesystem [ 610.652063][ T46] device hsr_slave_1 left promiscuous mode [ 610.674458][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 610.691910][ T46] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 610.717720][ T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 610.747588][ T46] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 610.788417][ T46] bridge0: port 4(dummy0) entered disabled state [ 610.846151][ T46] device bridge_slave_1 left promiscuous mode [ 610.852713][ T4254] Bluetooth: hci4: command 0x041b tx timeout [ 610.862015][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 610.877844][ T26] audit: type=1326 audit(1747922094.682:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.6.5920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4dd8e969 code=0x7ffc0000 [ 610.927952][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 611.005733][ T26] audit: type=1326 audit(1747922094.682:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.6.5920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4dd8e969 code=0x7ffc0000 [ 611.099978][ T46] device veth0_macvtap left promiscuous mode [ 611.108101][ T26] audit: type=1326 audit(1747922094.762:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.6.5920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f4f4dd8e969 code=0x7ffc0000 [ 611.148821][ T46] device veth1_vlan left promiscuous mode [ 611.164106][ T46] device veth0_vlan left promiscuous mode [ 611.186420][ T26] audit: type=1326 audit(1747922094.762:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.6.5920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4dd8e969 code=0x7ffc0000 [ 611.258804][T18625] ieee802154 phy0 wpan0: encryption failed: -22 [ 611.319489][ T26] audit: type=1326 audit(1747922094.762:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18615 comm="syz.6.5920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f4dd8e969 code=0x7ffc0000 [ 611.677082][ T46] bond2 (unregistering): Released all slaves [ 612.556186][T18665] loop6: detected capacity change from 0 to 256 [ 612.754261][ T46] bond1 (unregistering): Released all slaves [ 612.857517][T18671] loop6: detected capacity change from 0 to 512 [ 612.932299][ T4254] Bluetooth: hci4: command 0x040f tx timeout [ 612.983067][T18671] EXT4-fs error (device loop6): ext4_orphan_get:1426: comm syz.6.5942: bad orphan inode 11862016 [ 613.002602][T18671] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 613.011930][T18671] ext4 filesystem being mounted at /670/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 613.232674][T10425] EXT4-fs (loop6): unmounting filesystem. [ 613.714629][ T46] team0 (unregistering): Port device team_slave_1 removed [ 613.787582][ T46] team0 (unregistering): Port device team_slave_0 removed [ 613.853897][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 613.921322][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 614.713431][ T46] bond0 (unregistering): Released all slaves [ 614.971107][T18488] team0: Port device team_slave_0 added [ 615.011722][ T4254] Bluetooth: hci4: command 0x0419 tx timeout [ 615.026550][T18488] team0: Port device team_slave_1 added [ 615.208394][T18488] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 615.221428][T18488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 615.310908][T18488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 615.363666][T18488] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 615.370677][T18488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 615.521127][T18488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 615.537335][T18691] netlink: 'syz.4.5951': attribute type 1 has an invalid length. [ 615.570088][T18694] netlink: 'syz.8.5950': attribute type 5 has an invalid length. [ 615.581596][T18694] netlink: 176 bytes leftover after parsing attributes in process `syz.8.5950'. [ 615.733172][T18488] device hsr_slave_0 entered promiscuous mode [ 615.829221][T18488] device hsr_slave_1 entered promiscuous mode [ 615.867631][T18488] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 615.885026][T18488] Cannot create hsr debugfs directory [ 615.964996][ T5459] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 616.164081][T18713] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 616.171551][ T5459] usb 3-1: Using ep0 maxpacket: 8 [ 616.191990][ T5459] usb 3-1: config 0 has an invalid interface number: 37 but max is 2 [ 616.201612][T18713] overlayfs: conflicting options: userxattr,redirect_dir=off [ 616.212206][ T5459] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 3 [ 616.224494][ T5459] usb 3-1: config 0 has no interface number 1 [ 616.267298][ T5459] usb 3-1: New USB device found, idVendor=087d, idProduct=5704, bcdDevice=be.0e [ 616.318108][ T5459] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 616.355769][ T5459] usb 3-1: Product: syz [ 616.400809][ T5459] usb 3-1: Manufacturer: syz [ 616.417459][ T5459] usb 3-1: SerialNumber: syz [ 616.428215][T18721] loop8: detected capacity change from 0 to 1024 [ 616.459168][ T5459] usb 3-1: config 0 descriptor?? [ 616.487081][T18724] loop6: detected capacity change from 0 to 1024 [ 616.502262][T18721] EXT4-fs: Ignoring removed nomblk_io_submit option [ 616.533330][T18724] EXT4-fs: Ignoring removed orlov option [ 616.540580][T18724] EXT4-fs (loop6): Test dummy encryption mode enabled [ 616.563378][T18721] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 616.601591][T18721] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 616.700730][T18724] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 616.716937][ T5459] kaweth 3-1:0.37: Firmware present in device. [ 616.724530][T18721] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 616.795031][T18724] EXT4-fs: Ignoring removed orlov option [ 616.816296][T18724] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 616.877599][T18724] EXT4-fs (loop6): re-mounted. Quota mode: writeback. [ 616.900050][T17550] EXT4-fs (loop8): unmounting filesystem. [ 616.912080][T18488] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 616.936105][ T5459] kaweth 3-1:0.37: Error reading configuration (-71), no net device created [ 616.950045][T18488] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 616.977322][ T5459] kaweth: probe of 3-1:0.37 failed with error -5 [ 617.004621][T18488] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 617.048964][T18488] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 617.051308][ T5459] kaweth 3-1:0.0: Firmware present in device. [ 617.072035][T10425] EXT4-fs (loop6): unmounting filesystem. [ 617.123606][ T5459] kaweth 3-1:0.0: Error reading configuration (-71), no net device created [ 617.168880][ T5459] kaweth: probe of 3-1:0.0 failed with error -5 [ 617.213774][ T5459] usb 3-1: USB disconnect, device number 34 [ 617.440631][T18744] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5968'. [ 617.458363][T18488] 8021q: adding VLAN 0 to HW filter on device bond0 [ 617.502771][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 617.530126][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 617.595261][T18488] 8021q: adding VLAN 0 to HW filter on device team0 [ 617.677026][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 617.701195][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 617.742038][ T32] bridge0: port 1(bridge_slave_0) entered blocking state [ 617.749201][ T32] bridge0: port 1(bridge_slave_0) entered forwarding state [ 617.783217][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 617.798993][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 617.810871][ T32] bridge0: port 2(bridge_slave_1) entered blocking state [ 617.818062][ T32] bridge0: port 2(bridge_slave_1) entered forwarding state [ 617.934883][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 617.952685][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 618.007620][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 618.016601][T18758] xt_ecn: cannot match TCP bits for non-tcp packets [ 618.042181][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 618.066328][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 618.090166][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 618.118309][T18763] loop4: detected capacity change from 0 to 1024 [ 618.158441][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 618.190628][T18488] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 618.207309][T18488] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 618.253367][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 618.277635][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 618.311295][T18763] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 618.312415][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 618.390140][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 618.449208][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 618.472060][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 618.519196][T18763] EXT4-fs error (device loop4): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.4.5978: bad entry in directory: inode out of bounds - offset=0, inode=1538, rec_len=12, size=1024 fake=1 [ 618.631501][T18763] EXT4-fs error (device loop4) in ext4_delete_entry:2800: Corrupt filesystem [ 618.684160][T18781] loop2: detected capacity change from 0 to 64 [ 618.735049][T18763] EXT4-fs warning (device loop4): ext4_rename_delete:3778: inode #2: comm syz.4.5978: Deleting old file: nlink 1, error=-117 [ 619.038344][ T4251] EXT4-fs (loop4): unmounting filesystem. [ 619.249463][T18793] device netdevsim0 entered promiscuous mode [ 619.290998][T18793] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 619.547570][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 619.567559][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 619.595913][T18488] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 619.654944][T18809] tmpfs: Bad value for 'mpol' [ 619.718622][T18813] device geneve2 entered promiscuous mode [ 620.595648][T18844] loop6: detected capacity change from 0 to 164 [ 621.023594][T18859] netlink: 340 bytes leftover after parsing attributes in process `syz.8.6013'. [ 621.052690][T18859] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6013'. [ 621.280033][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 621.292625][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 621.374382][T18488] device veth0_vlan entered promiscuous mode [ 621.423269][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 621.468911][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 621.521664][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 621.562456][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 621.606488][T18488] device veth1_vlan entered promiscuous mode [ 621.693301][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 621.730226][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 621.773174][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 621.800702][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 621.816247][T18488] device veth0_macvtap entered promiscuous mode [ 621.847012][T18488] device veth1_macvtap entered promiscuous mode [ 621.897011][T18488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 621.921189][T18488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 621.942797][T18488] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 621.950682][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 621.984011][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 622.006468][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 622.036129][T14924] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 622.072944][T18488] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 622.103759][T18488] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 622.128187][T18488] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 622.151856][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 622.167972][T14926] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 622.198283][T18488] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.226711][T18488] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.266029][T18488] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.288402][T18488] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 622.395027][T18903] device geneve2 entered promiscuous mode [ 622.568072][T14926] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 622.614533][T14926] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 622.653624][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 622.710513][T14922] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 622.731545][T14922] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 622.750841][T18910] tmpfs: Bad value for 'mpol' [ 622.773785][T14922] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 623.067089][T18918] loop8: detected capacity change from 0 to 512 [ 623.067650][T18920] ntfs3: nbd9: try to read out of volume at offset 0x0 [ 623.163260][T18918] EXT4-fs error (device loop8): ext4_orphan_get:1400: inode #15: comm syz.8.6036: casefold flag without casefold feature [ 623.320953][T18918] EXT4-fs error (device loop8): ext4_orphan_get:1405: comm syz.8.6036: couldn't read orphan inode 15 (err -117) [ 623.376957][T18918] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 623.567931][T17550] EXT4-fs (loop8): unmounting filesystem. [ 623.816889][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 623.823299][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.765628][T18916] loop4: detected capacity change from 0 to 40427 [ 624.801954][T18916] F2FS-fs (loop4): invalid crc value [ 624.816610][T18972] IPVS: set_ctl: invalid protocol: 1 0.0.0.0:20002 [ 624.871704][T18916] F2FS-fs (loop4): Found nat_bits in checkpoint [ 625.129647][T18916] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 625.641740][T19003] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6068'. [ 625.650676][T19003] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6068'. [ 625.754134][T19008] loop8: detected capacity change from 0 to 16 [ 625.816345][T19008] erofs: (device loop8): mounted with root inode @ nid 36. [ 625.869331][T19008] erofs: (device loop8): init_inode_xattrs: xattr_isize 12 of nid 86 is not supported yet [ 626.143458][T19023] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 626.215540][T19025] loop8: detected capacity change from 0 to 256 [ 626.446093][T19031] netlink: del zone limit has 4 unknown bytes [ 626.495102][T19034] ufs: Invalid option: "Ûàßä0…(áeêªLüêd9(@ ûŸÀ8ìL´)uH\dKzLVÚÁR<%ï5rÆŒËze ~I2~ [ 626.495102][T19034] r0Rpyëhå:ã‰ÝèÖY³‡ [ 626.495102][T19034] òO©÷‰\›z«Y" or missing value [ 626.590764][T19034] ufs: wrong mount options [ 627.192823][T19055] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in; [ 627.192823][T19055] program syz.9.6090 not setting count and/or reply_len properly [ 628.017230][T19080] loop8: detected capacity change from 0 to 2048 [ 628.097571][T19080] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 628.116255][T19087] loop4: detected capacity change from 0 to 764 [ 628.208658][T19087] Symlink component flag not implemented [ 628.218376][T19087] Symlink component flag not implemented (116) [ 628.233539][T19080] UDF-fs: error (device loop8): udf_fiiter_advance_blk: extent after position 0 not allocated in directory (ino 1376) [ 628.318843][T19080] UDF-fs: error (device loop8): udf_verify_fi: directory (ino 1376) has too big (65320) entry at pos 0 [ 628.476569][T19095] loop6: detected capacity change from 0 to 4096 [ 628.549267][T19095] NILFS (loop6): invalid segment: Checksum error in segment payload [ 628.577729][T19095] NILFS (loop6): trying rollback from an earlier position [ 628.638420][T19095] NILFS (loop6): recovery complete [ 628.701603][T19100] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 630.162139][T19154] netlink: 'syz.9.6129': attribute type 3 has an invalid length. [ 630.630885][T19172] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6139'. [ 630.734763][T19166] loop2: detected capacity change from 0 to 4096 [ 630.747018][T19174] QAT: failed to copy from user cfg_data. [ 631.031633][ T5393] usb 7-1: new low-speed USB device number 13 using dummy_hcd [ 631.101193][T19185] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6145'. [ 631.142175][T19185] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6145'. [ 631.230276][ T5393] usb 7-1: config 1 has an invalid interface descriptor of length 6, skipping [ 631.267075][ T5393] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 631.283274][ T26] audit: type=1326 audit(1747922115.102:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19190 comm="syz.2.6147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 631.331888][ T5393] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 631.387055][ T26] audit: type=1326 audit(1747922115.132:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19190 comm="syz.2.6147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 631.409949][ T5393] usb 7-1: config 1 has no interface number 1 [ 631.448057][ T5393] usb 7-1: too many endpoints for config 1 interface 2 altsetting 116: 104, using maximum allowed: 30 [ 631.517433][ T5393] usb 7-1: config 1 interface 2 altsetting 116 has 0 endpoint descriptors, different from the interface descriptor's value: 104 [ 631.521599][ T26] audit: type=1326 audit(1747922115.132:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19190 comm="syz.2.6147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 631.582263][ T5393] usb 7-1: config 1 interface 2 has no altsetting 1 [ 631.621002][ T5393] usb 7-1: string descriptor 0 read error: -22 [ 631.645307][ T5393] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 631.666987][ T26] audit: type=1326 audit(1747922115.132:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19190 comm="syz.2.6147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 631.698185][ T5393] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 631.761139][ T5393] usb 7-1: MIDIStreaming interface descriptor not found [ 632.057551][ T5393] usb 7-1: USB disconnect, device number 13 [ 632.160994][ T5791] usb 3-1: new full-speed USB device number 35 using dummy_hcd [ 632.332870][ T4911] udevd[4911]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 632.363090][ T5791] usb 3-1: config index 0 descriptor too short (expected 69, got 36) [ 632.400997][ T5791] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 632.465650][ T5791] usb 3-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89 [ 632.501217][ T5791] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 632.520251][ T5791] usb 3-1: Product: syz [ 632.551558][ T5791] usb 3-1: Manufacturer: syz [ 632.556235][ T5791] usb 3-1: SerialNumber: syz [ 632.582318][ T5791] usb 3-1: config 0 descriptor?? [ 632.611863][ T5791] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622 [ 632.808475][T19239] loop6: detected capacity change from 0 to 256 [ 632.852514][T19239] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 632.998525][ T5791] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71 [ 633.044348][ T5791] gspca_pac7302: probe of 3-1:0.0 failed with error -71 [ 633.081507][ T5791] usb 3-1: USB disconnect, device number 35 [ 633.152269][T19244] netlink: 32 bytes leftover after parsing attributes in process `syz.4.6168'. [ 633.255971][T19248] netlink: 16 bytes leftover after parsing attributes in process `syz.8.6169'. [ 633.538831][T19256] netlink: 52 bytes leftover after parsing attributes in process `syz.6.6173'. [ 633.657525][T19232] loop9: detected capacity change from 0 to 32768 [ 633.762420][T19232] ocfs2: Slot 0 on device (7,9) was already allocated to this node! [ 633.876470][T19232] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode. [ 634.010589][T19273] loop8: detected capacity change from 0 to 1024 [ 634.528238][T18488] ocfs2: Unmounting device (7,9) on (node local) [ 634.745412][T19281] xt_CT: No such helper "netbios-ns" [ 635.299659][T19308] netlink: 16 bytes leftover after parsing attributes in process `syz.9.6192'. [ 635.583662][T19314] loop2: detected capacity change from 0 to 2048 [ 635.643008][T19314] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 635.753755][T19322] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 635.818742][T19314] NILFS error (device loop2): nilfs_check_page: size of directory #2 is not a multiple of chunk size [ 635.949977][T19314] Remounting filesystem read-only [ 636.229039][T19340] tmpfs: Bad value for 'mpol' [ 636.661204][T19354] loop4: detected capacity change from 0 to 2048 [ 636.720441][T19354] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 636.761594][ T5115] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 636.982870][ T5115] usb 10-1: Using ep0 maxpacket: 8 [ 637.003991][ T5115] usb 10-1: config 0 has an invalid interface number: 6 but max is 2 [ 637.042180][ T5115] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 637.088935][ T5115] usb 10-1: config 0 has 2 interfaces, different from the descriptor's value: 3 [ 637.129186][ T5115] usb 10-1: config 0 has no interface number 1 [ 637.146114][ T5115] usb 10-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac [ 637.171303][T19374] loop2: detected capacity change from 0 to 512 [ 637.171689][ T5115] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 637.190680][ T5115] usb 10-1: config 0 descriptor?? [ 637.250287][ T5115] usb 10-1: unknown number of interfaces: 2 [ 637.292007][T19374] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 637.330123][T19374] ext4 filesystem being mounted at /1306/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 637.450310][T19374] EXT4-fs error (device loop2): ext4_get_verity_descriptor_location:337: inode #15: comm syz.2.6215: verity file corrupted; can't find descriptor [ 637.532773][ T5115] usb 10-1: USB disconnect, device number 2 [ 637.549072][T19374] EXT4-fs (loop2): Remounting filesystem read-only [ 637.564218][T19374] fs-verity (loop2, inode 15): Error -117 getting verity descriptor size [ 637.677929][ T4257] EXT4-fs (loop2): unmounting filesystem. [ 637.766376][T19372] loop4: detected capacity change from 0 to 32768 [ 637.803880][T19383] sock: sock_timestamping_bind_phc: sock not bind to device [ 638.266959][T19394] loop2: detected capacity change from 0 to 4096 [ 638.344590][T19394] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 638.515961][T19394] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present [ 638.557016][T19394] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 638.593041][T19394] EXT4-fs error (device loop2): ext4_acquire_dquot:6802: comm syz.2.6223: Failed to acquire dquot type 0 [ 638.821871][ T4257] EXT4-fs (loop2): unmounting filesystem. [ 639.138992][ T26] audit: type=1326 audit(1747922122.952:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19417 comm="syz.8.6234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3478e969 code=0x7ffc0000 [ 639.231793][ T26] audit: type=1326 audit(1747922122.952:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19417 comm="syz.8.6234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3478e969 code=0x7ffc0000 [ 639.317106][ T26] audit: type=1326 audit(1747922122.982:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19417 comm="syz.8.6234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7eff3478e969 code=0x7ffc0000 [ 639.467654][ T26] audit: type=1326 audit(1747922122.982:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19417 comm="syz.8.6234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3478e969 code=0x7ffc0000 [ 639.484391][T19422] loop6: detected capacity change from 0 to 4096 [ 639.521248][ T26] audit: type=1326 audit(1747922122.982:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19417 comm="syz.8.6234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3478e969 code=0x7ffc0000 [ 639.590285][T19422] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 639.704571][T19422] ntfs3: loop6: ntfs_evict_inode r=3 failed, -22. [ 639.727517][T19422] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 639.758330][T19422] ntfs3: loop6: ntfs_set_state r=3 failed, -22. [ 639.788155][T19405] loop4: detected capacity change from 0 to 32768 [ 640.664704][T19465] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6256'. [ 641.220069][T19486] IPv6: Can't replace route, no match found [ 641.595991][T19501] netlink: 372 bytes leftover after parsing attributes in process `syz.4.6273'. [ 641.889207][T19514] loop2: detected capacity change from 0 to 64 [ 641.936446][T19508] loop6: detected capacity change from 0 to 4096 [ 642.001169][T19508] ntfs3: loop6: Different NTFS' sector size (2048) and media sector size (512) [ 642.136610][ T26] audit: type=1800 audit(1747922125.952:178): pid=19508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.6276" name="file1" dev="loop6" ino=30 res=0 errno=0 [ 642.161737][ T5400] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 642.375091][ T5400] usb 9-1: Using ep0 maxpacket: 8 [ 642.383491][ T5400] usb 9-1: config 0 has an invalid interface number: 31 but max is 0 [ 642.422407][ T5400] usb 9-1: config 0 has no interface number 0 [ 642.431290][ T5400] usb 9-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 642.464809][ T5400] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 642.481423][ T5400] usb 9-1: Product: syz [ 642.502447][ T5400] usb 9-1: Manufacturer: syz [ 642.511748][ T5400] usb 9-1: SerialNumber: syz [ 642.531785][ T22] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 642.533022][ T5400] usb 9-1: config 0 descriptor?? [ 642.760497][ T22] usb 3-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 642.764496][ T5400] usb 9-1: Found UVC 0.04 device syz (046d:08c3) [ 642.782392][ T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 642.791471][ T5400] usb 9-1: Failed to initialize entity for entity 6 [ 642.816029][ T5400] usb 9-1: Failed to register entities (-22). [ 642.817670][ T22] usb 3-1: Product: syz [ 642.848165][ T22] usb 3-1: Manufacturer: syz [ 642.878383][ T22] usb 3-1: SerialNumber: syz [ 642.910362][ T22] usb 3-1: config 0 descriptor?? [ 642.935600][ T22] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 642.948217][T19504] loop9: detected capacity change from 0 to 40427 [ 642.998653][T19504] F2FS-fs (loop9): invalid crc value [ 643.042531][ T5793] usb 9-1: USB disconnect, device number 4 [ 643.079750][T19504] F2FS-fs (loop9): Found nat_bits in checkpoint [ 643.215946][T19504] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e4 [ 643.279695][T19546] openvswitch: netlink: Key 0 has unexpected len 2 expected 0 [ 643.366918][ T5793] usb 3-1: USB disconnect, device number 36 [ 643.624438][T19552] loop6: detected capacity change from 0 to 1024 [ 643.665809][T19552] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 643.756533][T19552] hfsplus: filesystem is marked journaled, leaving read-only. [ 644.283340][T19568] netdevsim netdevsim8: Direct firmware load for / [ 644.283340][T19568] failed with error -2 [ 644.334745][T19568] netdevsim netdevsim8: Falling back to sysfs fallback for: / [ 644.334745][T19568] [ 645.886894][ T26] audit: type=1326 audit(1747922129.702:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19626 comm="syz.2.6326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 645.971200][ T26] audit: type=1326 audit(1747922129.742:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19626 comm="syz.2.6326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 646.099609][ T26] audit: type=1326 audit(1747922129.742:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19626 comm="syz.2.6326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb8e4990887 code=0x7ffc0000 [ 646.191663][ T26] audit: type=1326 audit(1747922129.742:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19626 comm="syz.2.6326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fb8e49907fc code=0x7ffc0000 [ 646.305271][ T26] audit: type=1326 audit(1747922129.742:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19626 comm="syz.2.6326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fb8e4990734 code=0x7ffc0000 [ 646.398058][ T26] audit: type=1326 audit(1747922129.742:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19626 comm="syz.2.6326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fb8e4990734 code=0x7ffc0000 [ 646.511767][ T26] audit: type=1326 audit(1747922129.742:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19626 comm="syz.2.6326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb8e498d5ca code=0x7ffc0000 [ 646.616457][ T26] audit: type=1326 audit(1747922129.742:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19626 comm="syz.2.6326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 646.730849][ T26] audit: type=1326 audit(1747922129.742:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19626 comm="syz.2.6326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 646.891503][T19662] netlink: 68 bytes leftover after parsing attributes in process `syz.8.6340'. [ 646.931723][T19662] netlink: 48 bytes leftover after parsing attributes in process `syz.8.6340'. [ 647.376526][T19678] loop4: detected capacity change from 0 to 512 [ 647.549823][T19678] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 647.561666][T19678] ext4 filesystem being mounted at /1250/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 647.654039][T19691] loop6: detected capacity change from 0 to 8 [ 647.707149][T19691] SQUASHFS error: Unable to read inode 0xe3 [ 647.863317][ T4251] EXT4-fs (loop4): unmounting filesystem. [ 648.077503][T19700] loop9: detected capacity change from 0 to 1024 [ 648.137776][T19700] EXT4-fs: Ignoring removed oldalloc option [ 648.162305][T19700] EXT4-fs: Ignoring removed orlov option [ 648.237696][T19700] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback. [ 648.461197][T18488] EXT4-fs (loop9): unmounting filesystem. [ 648.485571][T19713] netlink: 16 bytes leftover after parsing attributes in process `syz.8.6357'. [ 648.919551][T19722] tipc: Can't bind to reserved service type 0 [ 649.183743][T19729] loop9: detected capacity change from 0 to 16 [ 649.221749][T19729] erofs: (device loop9): mounted with root inode @ nid 36. [ 649.233160][T19696] loop2: detected capacity change from 0 to 32768 [ 649.272586][T19729] erofs: (device loop9): erofs_fill_dentries: bogus dirent @ nid 36 [ 649.308225][T19696] [ 649.308225][T19696] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 649.308225][T19696] [ 649.483124][T19696] __jfs_setxattr: xattr_size = 243, new_size = 337 [ 649.695096][T14924] [ 649.695096][T14924] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 649.695096][T14924] [ 649.734205][T14924] [ 649.734205][T14924] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 649.734205][T14924] [ 649.787799][ T107] [ 649.787799][ T107] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 649.787799][ T107] [ 649.821570][ T4257] [ 649.821570][ T4257] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 649.821570][ T4257] [ 649.884270][ T4257] [ 649.884270][ T4257] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 649.884270][ T4257] [ 650.383234][T19757] SET target dimension over the limit! [ 650.815277][T19765] loop4: detected capacity change from 0 to 4096 [ 651.026886][T19778] loop6: detected capacity change from 0 to 1024 [ 651.094051][T19778] EXT4-fs: Ignoring removed oldalloc option [ 651.100112][T19778] EXT4-fs: Ignoring removed orlov option [ 651.222393][T19778] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback. [ 651.467185][T10425] EXT4-fs (loop6): unmounting filesystem. [ 651.942481][T19808] No such timeout policy "syz0" [ 652.466116][T19832] loop2: detected capacity change from 0 to 16 [ 652.498684][T19832] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 652.531728][ T22] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 652.553333][T19832] cramfs: Error -3 while decompressing! [ 652.585169][T19832] cramfs: ffffffff96b4c428(453)->ffff888032839000(4096) [ 652.592222][T19837] loop9: detected capacity change from 0 to 256 [ 652.675492][T19837] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 652.723540][ T22] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 652.755096][ T22] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 652.811569][ T22] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 652.861416][ T22] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 652.897961][ T22] usb 9-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 652.938664][ T22] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 652.963107][ T22] usb 9-1: Product: syz [ 652.967396][ T22] usb 9-1: Manufacturer: syz [ 652.970124][T19845] loop2: detected capacity change from 0 to 128 [ 652.991464][ T22] usb 9-1: SerialNumber: syz [ 653.024138][ T22] usb 9-1: config 0 descriptor?? [ 653.058555][ T4911] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 653.248599][ T22] adutux 9-1:0.0: Could not retrieve serial number [ 653.285419][ T22] adutux: probe of 9-1:0.0 failed with error -5 [ 653.461666][ T5114] usb 9-1: USB disconnect, device number 5 [ 653.927573][T19881] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6424'. [ 654.320323][ T26] audit: type=1326 audit(1747922138.132:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19895 comm="syz.2.6431" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb8e498e969 code=0x0 [ 654.464539][T19899] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 654.538726][T19891] loop8: detected capacity change from 0 to 4096 [ 654.761691][ T5791] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 654.792926][T17550] ntfs3: loop8: ntfs_evict_inode r=5 failed, -22. [ 654.799447][T17550] ntfs3: loop8: Mark volume as dirty due to NTFS errors [ 654.971479][ T5791] usb 7-1: Using ep0 maxpacket: 16 [ 654.978674][ T5791] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 655.030942][ T5791] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 655.075980][ T5791] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 655.102567][ T5791] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 655.174535][ T5791] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 655.194905][ T5791] usb 7-1: config 0 descriptor?? [ 655.238540][ T5791] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input20 [ 655.282776][ T3608] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 655.326229][ T3608] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 655.358570][ T3608] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 655.487128][ T3608] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 655.542054][ T4908] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 655.552250][ T3608] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 655.588581][T19903] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 655.631065][ T3608] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 655.634517][ T5791] usb 7-1: USB disconnect, device number 14 [ 656.105468][ T93] block nbd8: Attempted send on invalid socket [ 656.112135][ T93] I/O error, dev nbd8, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 656.121974][ T52] block nbd8: Attempted send on invalid socket [ 656.128250][ T52] I/O error, dev nbd8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 656.138436][ T52] block nbd8: Attempted send on invalid socket [ 656.145198][ T52] I/O error, dev nbd8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 656.164118][ T93] block nbd8: Attempted send on invalid socket [ 656.170427][ T93] I/O error, dev nbd8, sector 18 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 656.182644][ T93] block nbd8: Attempted send on invalid socket [ 656.188924][ T93] I/O error, dev nbd8, sector 30 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 656.219949][ T93] block nbd8: Attempted send on invalid socket [ 656.226287][ T93] I/O error, dev nbd8, sector 36 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 656.235875][T19954] VFS: unable to find oldfs superblock on device nbd8 [ 656.572443][T19969] loop8: detected capacity change from 0 to 64 [ 656.741802][ T5793] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 656.913315][ T26] audit: type=1326 audit(1747922140.732:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19977 comm="syz.8.6463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3478e969 code=0x7ffc0000 [ 656.943438][ T5793] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 656.971453][ T5793] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 657.012448][ T5793] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 657.028078][ T26] audit: type=1326 audit(1747922140.772:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19977 comm="syz.8.6463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7eff3478e969 code=0x7ffc0000 [ 657.074220][ T5793] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 657.103008][ T5793] usb 5-1: SerialNumber: syz [ 657.132390][ T26] audit: type=1326 audit(1747922140.772:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19977 comm="syz.8.6463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3478e969 code=0x7ffc0000 [ 657.207827][ T26] audit: type=1326 audit(1747922140.772:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19977 comm="syz.8.6463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff3478e969 code=0x7ffc0000 [ 657.332509][ T5793] usb 5-1: 0:2 : does not exist [ 657.348783][ T26] audit: type=1326 audit(1747922140.822:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19981 comm="syz.2.6464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 657.379969][ T5793] usb 5-1: USB disconnect, device number 41 [ 657.459859][ T26] audit: type=1326 audit(1747922140.822:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19981 comm="syz.2.6464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 657.569598][ T26] audit: type=1326 audit(1747922140.822:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19981 comm="syz.2.6464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 657.664740][T20003] loop6: detected capacity change from 0 to 1024 [ 657.674521][ T26] audit: type=1326 audit(1747922140.822:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19981 comm="syz.2.6464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 657.682926][ T4911] udevd[4911]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 657.791804][T20003] hfsplus: failed to load root directory [ 658.002297][ T26] audit: type=1326 audit(1747922141.822:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20012 comm="syz.9.6477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f842798e969 code=0x7ffc0000 [ 658.087125][T20016] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6479'. [ 658.111991][T20017] loop4: detected capacity change from 0 to 128 [ 658.172601][T20017] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 658.248797][T20019] loop6: detected capacity change from 0 to 1024 [ 658.313873][T20017] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 658.314314][T20019] EXT4-fs: Ignoring removed orlov option [ 658.381644][T20019] EXT4-fs: Ignoring removed oldalloc option [ 658.432322][T20019] EXT4-fs: Ignoring removed nomblk_io_submit option [ 658.528303][T20019] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none. [ 658.674992][T20019] EXT4-fs error (device loop6): ext4_xattr_set_entry:1628: inode #13: comm syz.6.6480: corrupted xattr entries [ 658.911902][T10425] EXT4-fs (loop6): unmounting filesystem. [ 658.992897][T20037] loop2: detected capacity change from 0 to 4096 [ 659.049688][T20037] ntfs: volume version 3.1. [ 659.442534][T14905] __ntfs_error: 4 callbacks suppressed [ 659.442553][T14905] ntfs: (device loop2): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 659.573804][T20062] loop4: detected capacity change from 0 to 1764 [ 659.669804][T20062] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 659.709361][T20067] loop6: detected capacity change from 0 to 16 [ 659.751950][T20067] erofs: (device loop6): mounted with root inode @ nid 36. [ 659.798174][T20067] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 659.871176][T20067] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -6 in[55, 4041] out[1851] [ 659.920296][T20065] loop2: detected capacity change from 0 to 4096 [ 659.927392][T20067] erofs: (device loop6): z_erofs_read_folio: failed to read, err [-117] [ 660.023290][T20065] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 660.080090][T20077] netlink: 'syz.9.6503': attribute type 14 has an invalid length. [ 660.139272][T20081] loop8: detected capacity change from 0 to 16 [ 660.170389][T20081] MTD: Attempt to mount non-MTD device "/dev/loop8" [ 660.497399][T20065] ntfs: (device loop2): parse_options(): NLS character set iso8(ê;3 not found. Using previous one utf8. [ 660.550456][T20090] loop4: detected capacity change from 0 to 64 [ 660.567970][T20065] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt mapping pairs array in non-resident attribute. [ 660.671507][T20065] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x1, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 660.792504][T20065] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt mapping pairs array in non-resident attribute. [ 660.861849][T20065] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x1, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5). [ 661.008751][T20065] ntfs: (device loop2): check_mft_mirror(): Failed to read $MFTMirr. [ 661.047792][T20065] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 661.199292][T20065] ntfs: volume version 3.1. [ 661.208482][T20065] ntfs: (device loop2): ntfs_lookup_inode_by_name(): Index entry with child node found in a leaf node in directory inode 0x5. [ 661.252095][T20108] loop6: detected capacity change from 0 to 1024 [ 661.391513][ T5114] usb 9-1: new low-speed USB device number 6 using dummy_hcd [ 661.593393][ T5114] usb 9-1: config index 0 descriptor too short (expected 1307, got 27) [ 661.626246][ T5114] usb 9-1: config 0 has an invalid interface number: 0 but max is -1 [ 661.676132][ T5114] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 661.711453][ T5114] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 661.761579][ T5114] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 661.797856][ T5114] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 661.861718][ T5114] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 661.946100][ T5114] usb 9-1: string descriptor 0 read error: -22 [ 661.986839][ T5114] usb 9-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 662.031460][ T5114] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 662.079776][ T5114] usb 9-1: config 0 descriptor?? [ 662.109988][ T5114] hub 9-1:0.0: bad descriptor, ignoring hub [ 662.171993][ T5114] hub: probe of 9-1:0.0 failed with error -5 [ 662.204802][ T5114] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input21 [ 662.491085][ T5114] usb 9-1: USB disconnect, device number 6 [ 662.597795][T20151] netlink: 24 bytes leftover after parsing attributes in process `syz.9.6531'. [ 662.610909][T20152] loop4: detected capacity change from 0 to 128 [ 662.668671][ T7] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 662.871622][ T7] usb 3-1: Using ep0 maxpacket: 32 [ 662.880316][ T7] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 662.918575][ T7] usb 3-1: config 0 has no interface number 0 [ 662.937281][ T7] usb 3-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 662.952961][ T7] usb 3-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 662.982781][ T7] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 663.009387][ T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 663.039759][ T7] usb 3-1: Product: syz [ 663.063593][ T7] usb 3-1: Manufacturer: syz [ 663.068272][ T7] usb 3-1: SerialNumber: syz [ 663.114859][ T7] usb 3-1: config 0 descriptor?? [ 663.148460][ T7] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 663.338510][ T7] usb 3-1: qt2_setup_urbs - submit read urb failed -90 [ 663.351757][ T7] quatech2: probe of 3-1:0.51 failed with error -90 [ 663.375527][T20175] loop8: detected capacity change from 0 to 2048 [ 663.435212][T20175] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found [ 663.464578][T20175] UDF-fs: Scanning with blocksize 512 failed [ 663.542201][T20175] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 663.578808][ T7] usb 3-1: USB disconnect, device number 37 [ 664.057594][T20191] loop4: detected capacity change from 0 to 8192 [ 664.145177][T20191] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 664.171622][T20191] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 664.193326][T20191] REISERFS (device loop4): using ordered data mode [ 664.216719][T20191] reiserfs: using flush barriers [ 664.281813][T20191] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 664.290525][T20207] cgroup: none used incorrectly [ 664.385711][T20191] REISERFS (device loop4): checking transaction log (loop4) [ 664.432793][T20191] REISERFS (device loop4): Using r5 hash to sort names [ 665.040253][T20220] loop2: detected capacity change from 0 to 4096 [ 665.174257][T20231] netlink: 122896 bytes leftover after parsing attributes in process `syz.6.6563'. [ 665.934134][T20254] netlink: 'syz.6.6573': attribute type 74 has an invalid length. [ 666.218310][T20264] loop8: detected capacity change from 0 to 128 [ 666.260964][T20264] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002] [ 666.339070][T20264] System zones: 1-3, 19-19, 35-36 [ 666.368620][T20246] loop9: detected capacity change from 0 to 32768 [ 666.371408][T20264] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none. [ 666.422034][T20264] ext4 filesystem being mounted at /221/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 666.550241][T20264] EXT4-fs warning (device loop8): ext4_group_extend:1899: can't read last block, resize aborted [ 666.697623][T20279] loop6: detected capacity change from 0 to 256 [ 666.715715][T20281] overlayfs: missing 'lowerdir' [ 666.917481][T17550] EXT4-fs (loop8): unmounting filesystem. [ 666.988434][T20283] device geneve2 entered promiscuous mode [ 667.999754][T20314] Unsupported ieee802154 address type: 0 [ 668.333825][T20329] loop2: detected capacity change from 0 to 128 [ 668.418692][T20329] FAT-fs (loop2): Directory bread(block 32) failed [ 668.470891][T20329] FAT-fs (loop2): Directory bread(block 33) failed [ 668.522740][T20329] FAT-fs (loop2): Directory bread(block 34) failed [ 668.558987][T20329] FAT-fs (loop2): Directory bread(block 35) failed [ 668.579986][T20329] FAT-fs (loop2): Directory bread(block 36) failed [ 668.603735][T20329] FAT-fs (loop2): Directory bread(block 37) failed [ 668.610438][T20329] FAT-fs (loop2): Directory bread(block 38) failed [ 668.647586][T20329] FAT-fs (loop2): Directory bread(block 39) failed [ 668.661269][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 668.661287][ T26] audit: type=1400 audit(1747922152.472:201): apparmor="DENIED" operation="stack_onexec" info="label not found" error=-2 profile="unconfined" name=":(%#{//(@\)//&@},['%%&\#*" pid=20336 comm="syz.9.6612" [ 668.714711][T20329] FAT-fs (loop2): Directory bread(block 40) failed [ 668.727717][T20339] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6614'. [ 668.737577][T20329] FAT-fs (loop2): Directory bread(block 41) failed [ 668.955750][T20343] loop9: detected capacity change from 0 to 512 [ 669.111409][T20351] sctp: [Deprecated]: syz.6.6618 (pid 20351) Use of int in max_burst socket option. [ 669.111409][T20351] Use struct sctp_assoc_value instead [ 669.135563][T20343] EXT4-fs (loop9): mounted filesystem without journal. Quota mode: writeback. [ 669.167604][T20343] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 669.350826][T18488] EXT4-fs (loop9): unmounting filesystem. [ 669.630070][T20335] loop4: detected capacity change from 0 to 32768 [ 669.671429][ T5114] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 669.699834][T20335] (syz.4.6611,20335,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 669.716639][T20361] loop8: detected capacity change from 0 to 2048 [ 669.728366][T20335] (syz.4.6611,20335,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 669.785147][T20361] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 669.848991][T20335] JBD2: Ignoring recovery information on journal [ 669.871532][ T5114] usb 7-1: Using ep0 maxpacket: 8 [ 669.882397][ T5114] usb 7-1: config 32 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 669.955199][ T5114] usb 7-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 670.038582][ T5114] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 670.047916][T20335] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 670.104717][T20373] netlink: 'syz.2.6629': attribute type 11 has an invalid length. [ 670.140148][T20373] netlink: 216 bytes leftover after parsing attributes in process `syz.2.6629'. [ 670.306299][ T5114] usb 7-1: string descriptor 0 read error: -71 [ 670.316433][ T5114] hub 7-1:32.0: bad descriptor, ignoring hub [ 670.340251][ T5114] hub: probe of 7-1:32.0 failed with error -5 [ 670.404199][ T4251] ocfs2: Unmounting device (7,4) on (node local) [ 670.412480][ T5114] usb 7-1: USB disconnect, device number 15 [ 670.713224][ T4911] udevd[4911]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:32.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 670.985586][T20393] xt_hashlimit: max too large, truncated to 1048576 [ 671.042838][T20395] loop2: detected capacity change from 0 to 64 [ 671.584473][T20416] netlink: 40 bytes leftover after parsing attributes in process `syz.9.6647'. [ 671.728508][T20422] loop2: detected capacity change from 0 to 256 [ 671.740405][T20423] loop8: detected capacity change from 0 to 1024 [ 671.779962][T20422] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb22115ea, utbl_chksum : 0xe619d30d) [ 671.828350][T20423] Quota error (device loop8): do_check_range: Getting block 64 out of range 1-5 [ 671.838680][T20423] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0 [ 671.850830][T20423] EXT4-fs error (device loop8): ext4_acquire_dquot:6802: comm syz.8.6650: Failed to acquire dquot type 0 [ 671.868902][T20423] EXT4-fs error (device loop8): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 671.884196][T20423] EXT4-fs error (device loop8): ext4_do_update_inode:5253: inode #13: comm syz.8.6650: corrupted inode contents [ 671.901906][T20423] EXT4-fs error (device loop8): ext4_dirty_inode:6118: inode #13: comm syz.8.6650: mark_inode_dirty error [ 671.921773][T20423] EXT4-fs error (device loop8): ext4_do_update_inode:5253: inode #13: comm syz.8.6650: corrupted inode contents [ 671.935977][T20423] EXT4-fs error (device loop8): __ext4_ext_dirty:202: inode #13: comm syz.8.6650: mark_inode_dirty error [ 671.952225][T20423] EXT4-fs error (device loop8): ext4_do_update_inode:5253: inode #13: comm syz.8.6650: corrupted inode contents [ 671.976851][T20423] EXT4-fs error (device loop8) in ext4_orphan_del:305: Corrupt filesystem [ 672.027172][T20431] netlink: 'syz.4.6652': attribute type 3 has an invalid length. [ 672.036534][T20423] EXT4-fs error (device loop8): ext4_do_update_inode:5253: inode #13: comm syz.8.6650: corrupted inode contents [ 672.084634][T20423] EXT4-fs error (device loop8): ext4_truncate:4312: inode #13: comm syz.8.6650: mark_inode_dirty error [ 672.119343][T20423] EXT4-fs error (device loop8) in ext4_process_orphan:347: Corrupt filesystem [ 672.129849][ T22] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 672.181855][T20423] EXT4-fs (loop8): 1 truncate cleaned up [ 672.210898][T20423] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 672.351674][ T22] usb 10-1: Using ep0 maxpacket: 16 [ 672.360029][ T22] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 672.391462][ T22] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 672.431511][ T22] usb 10-1: config 0 interface 0 has no altsetting 0 [ 672.466422][T17550] EXT4-fs (loop8): unmounting filesystem. [ 672.472952][ T22] usb 10-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 672.505123][ T22] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 672.521736][ T22] usb 10-1: Product: syz [ 672.552018][ T22] usb 10-1: Manufacturer: syz [ 672.571560][ T22] usb 10-1: SerialNumber: syz [ 672.598025][ T22] usb 10-1: config 0 descriptor?? [ 672.981671][T20452] loop2: detected capacity change from 0 to 4096 [ 673.076925][ T22] usb 10-1: USB disconnect, device number 3 [ 673.134084][T20452] ntfs: volume version 3.1. [ 673.189632][T20463] loop4: detected capacity change from 0 to 1024 [ 674.187903][T20495] loop8: detected capacity change from 0 to 512 [ 674.355521][T20495] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback. [ 674.421627][T20495] ext4 filesystem being mounted at /241/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 674.578387][T20512] netlink: 122896 bytes leftover after parsing attributes in process `syz.9.6683'. [ 674.673430][T17550] EXT4-fs (loop8): unmounting filesystem. [ 674.673937][T20512] debugfs: Directory '!!' with parent 'ieee80211' already present! [ 675.131594][T20531] netlink: 108 bytes leftover after parsing attributes in process `syz.8.6692'. [ 675.227484][T20536] loop9: detected capacity change from 0 to 256 [ 675.282397][T20536] FAT-fs (loop9): Directory bread(block 64) failed [ 675.351746][T20536] FAT-fs (loop9): Directory bread(block 65) failed [ 675.358456][T20536] FAT-fs (loop9): Directory bread(block 66) failed [ 675.410563][T20536] FAT-fs (loop9): Directory bread(block 67) failed [ 675.421574][T20544] netlink: 'syz.8.6697': attribute type 11 has an invalid length. [ 675.449462][T20536] FAT-fs (loop9): Directory bread(block 68) failed [ 675.474585][T20544] netlink: 216 bytes leftover after parsing attributes in process `syz.8.6697'. [ 675.489019][T20536] FAT-fs (loop9): Directory bread(block 69) failed [ 675.524214][T20536] FAT-fs (loop9): Directory bread(block 70) failed [ 675.566804][T20536] FAT-fs (loop9): Directory bread(block 71) failed [ 675.608307][T20536] FAT-fs (loop9): Directory bread(block 72) failed [ 675.642214][T20536] FAT-fs (loop9): Directory bread(block 73) failed [ 675.658227][T20550] xt_CONNSECMARK: invalid mode: 0 [ 676.417248][T20574] netlink: 36 bytes leftover after parsing attributes in process `syz.6.6710'. [ 676.764560][T20589] (unnamed net_device) (uninitialized): option mode: invalid value (254) [ 676.796100][T20590] netlink: 'syz.6.6714': attribute type 11 has an invalid length. [ 676.841689][T20590] netlink: 216 bytes leftover after parsing attributes in process `syz.6.6714'. [ 677.132992][T20599] netlink: 'syz.9.6719': attribute type 3 has an invalid length. [ 677.457081][T20611] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6725'. [ 677.583154][ T26] audit: type=1326 audit(1747922161.402:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20619 comm="syz.2.6728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 677.672901][ T26] audit: type=1326 audit(1747922161.412:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20619 comm="syz.2.6728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 677.774450][ T26] audit: type=1326 audit(1747922161.412:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20619 comm="syz.2.6728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 677.796874][ C0] vkms_vblank_simulate: vblank timer overrun [ 677.925600][ T26] audit: type=1326 audit(1747922161.412:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20619 comm="syz.2.6728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e498e969 code=0x7ffc0000 [ 677.948006][ C0] vkms_vblank_simulate: vblank timer overrun [ 678.132084][T20637] netlink: 'syz.4.6735': attribute type 11 has an invalid length. [ 678.158105][T20637] netlink: 216 bytes leftover after parsing attributes in process `syz.4.6735'. [ 678.974772][T20668] No such timeout policy "syz1" [ 679.374139][T20681] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6753'. [ 679.627599][T20692] loop9: detected capacity change from 0 to 256 [ 679.720043][T20692] FAT-fs (loop9): Directory bread(block 64) failed [ 679.769981][T20692] FAT-fs (loop9): Directory bread(block 65) failed [ 679.789832][T20692] FAT-fs (loop9): Directory bread(block 66) failed [ 679.816967][T20692] FAT-fs (loop9): Directory bread(block 67) failed [ 679.861177][T20692] FAT-fs (loop9): Directory bread(block 68) failed [ 679.880792][T20692] FAT-fs (loop9): Directory bread(block 69) failed [ 679.951251][T20692] FAT-fs (loop9): Directory bread(block 70) failed [ 679.968980][T20692] FAT-fs (loop9): Directory bread(block 71) failed [ 679.991781][T20692] FAT-fs (loop9): Directory bread(block 72) failed [ 680.011560][T20692] FAT-fs (loop9): Directory bread(block 73) failed [ 680.102194][T20709] xt_CT: You must specify a L4 protocol and not use inversions on it [ 680.480814][T20718] netlink: 'syz.2.6768': attribute type 1 has an invalid length. [ 680.619659][T20724] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6771'. [ 680.959734][T20730] loop2: detected capacity change from 0 to 4096 [ 681.115102][T20730] ntfs3: loop2: ino=1e, "file1" attr_set_size [ 681.140338][T20730] ntfs3: loop2: ino=1e, "file1" attr_set_size [ 681.265112][T20741] netlink: 340 bytes leftover after parsing attributes in process `syz.6.6777'. [ 681.288978][T20741] netlink: 140 bytes leftover after parsing attributes in process `syz.6.6777'. [ 681.691163][T20719] loop4: detected capacity change from 0 to 32768 [ 681.941756][ T22] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 682.141434][ T22] usb 7-1: Using ep0 maxpacket: 16 [ 682.150982][ T22] usb 7-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 682.202506][ T22] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 682.233255][T20771] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 682.243309][ T22] usb 7-1: Product: syz [ 682.247702][ T22] usb 7-1: Manufacturer: syz [ 682.277183][ T22] usb 7-1: SerialNumber: syz [ 682.298865][ T22] usb 7-1: config 0 descriptor?? [ 682.332597][ T22] ums-onetouch 7-1:0.0: USB Mass Storage device detected [ 682.572193][ T22] usb 7-1: USB disconnect, device number 16 [ 682.636112][T20786] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6796'. [ 682.928013][T20796] netlink: 'syz.8.6798': attribute type 12 has an invalid length. [ 682.994655][T20799] netlink: 'syz.9.6797': attribute type 11 has an invalid length. [ 683.001375][T20796] netlink: 120 bytes leftover after parsing attributes in process `syz.8.6798'. [ 683.024575][T20799] netlink: 216 bytes leftover after parsing attributes in process `syz.9.6797'. [ 684.111922][T20837] netlink: 'syz.2.6814': attribute type 13 has an invalid length. [ 684.140265][T20837] netlink: 'syz.2.6814': attribute type 14 has an invalid length. [ 684.181523][T20837] netlink: 156 bytes leftover after parsing attributes in process `syz.2.6814'. [ 684.205796][T20845] netlink: 'syz.8.6817': attribute type 11 has an invalid length. [ 684.261891][T20845] netlink: 216 bytes leftover after parsing attributes in process `syz.8.6817'. [ 684.488832][T20854] loop4: detected capacity change from 0 to 256 [ 684.670866][T20854] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 684.762397][T20854] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008) [ 684.801696][T20854] exFAT-fs (loop4): Filesystem has been set read-only [ 685.050801][T20871] xt_CT: You must specify a L4 protocol and not use inversions on it [ 685.256035][ T1277] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.262450][ T1277] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.860921][T20898] netlink: 'syz.8.6839': attribute type 21 has an invalid length. [ 685.899578][T20896] loop6: detected capacity change from 0 to 2048 [ 685.899628][T20898] netlink: 156 bytes leftover after parsing attributes in process `syz.8.6839'. [ 685.970177][T20902] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 686.042099][T20896] NILFS error (device loop6): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 686.129105][T20896] Remounting filesystem read-only [ 686.399189][T20876] loop2: detected capacity change from 0 to 32768 [ 686.504473][T20876] __jfs_setxattr: xattr_size = 74, new_size = 12053 [ 686.779281][T20920] loop6: detected capacity change from 0 to 16 [ 686.844829][T20920] erofs: (device loop6): EXPERIMENTAL compressed inline data feature in use. Use at your own risk! [ 686.916781][T20920] erofs: (device loop6): mounted with root inode @ nid 36. [ 687.007617][T20920] syz.6.6848: attempt to access beyond end of device [ 687.007617][T20920] loop6: rw=0, sector=1049256, nr_sectors = 128 limit=16 [ 687.384709][T20944] netlink: 71 bytes leftover after parsing attributes in process `syz.4.6856'. [ 687.713275][T20948] loop2: detected capacity change from 0 to 4096 [ 687.874135][T20951] loop8: detected capacity change from 0 to 4096 [ 687.920923][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffc0c00 [ 687.979384][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffc0c00 [ 688.002076][T20961] netlink: 'syz.4.6865': attribute type 6 has an invalid length. [ 688.031550][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffc0c00 [ 688.040392][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffc0c00 [ 688.082245][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffc1c00 [ 688.090463][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffc2c00 [ 688.165425][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffc4c00 [ 688.186468][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffc8c00 [ 688.285288][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffd0c00 [ 688.338893][T20951] ntfs3: loop8: try to read out of volume at offset 0x3fffffe0c00 [ 688.348135][T20966] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6868'. [ 688.422221][T20972] loop9: detected capacity change from 0 to 128 [ 688.504781][T20972] VFS: Found a Xenix FS (block size = 1024) on device loop9 [ 688.668009][T20972] syz.9.6867: attempt to access beyond end of device [ 688.668009][T20972] loop9: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 688.757893][T20972] Buffer I/O error on dev loop9, logical block 3245768, async page read [ 688.926923][T18488] sysv_free_block: flc_count > flc_size [ 688.941496][T18488] sysv_free_block: flc_count > flc_size [ 688.947212][T18488] sysv_free_block: flc_count > flc_size [ 688.990211][T18488] sysv_free_block: flc_count > flc_size [ 689.005742][T18488] sysv_free_block: flc_count > flc_size [ 689.031383][T18488] sysv_free_block: flc_count > flc_size [ 689.057505][T20988] netlink: 'syz.4.6875': attribute type 2 has an invalid length. [ 689.070847][T18488] sysv_free_block: flc_count > flc_size [ 689.077994][T18488] sysv_free_block: flc_count > flc_size [ 689.100505][T18488] sysv_free_block: flc_count > flc_size [ 689.143584][T18488] sysv_free_block: flc_count > flc_size [ 689.149810][T18488] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 689.539963][T21007] loop2: detected capacity change from 0 to 16 [ 689.617513][T21007] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 689.679606][T21013] loop6: detected capacity change from 0 to 1024 [ 689.697147][T21007] erofs: (device loop2): mounted with root inode @ nid 36. [ 689.714677][T21016] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6887'. [ 689.765945][T21007] CIFS mount error: No usable UNC path provided in device string! [ 689.765945][T21007] [ 689.813892][T21007] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 689.898177][ T46] hfsplus: b-tree write err: -5, ino 4 [ 690.403816][T21037] loop8: detected capacity change from 0 to 47 [ 691.168912][T21062] tmpfs: Bad value for 'mpol' [ 691.306928][T21066] loop9: detected capacity change from 0 to 2048 [ 691.355267][T21066] NILFS (loop9): broken superblock, retrying with spare superblock (blocksize = 1024) [ 691.393279][T21070] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 691.473201][T21077] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 691.473549][T21066] syz.9.6908: attempt to access beyond end of device [ 691.473549][T21066] loop9: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 691.701115][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 691.771602][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 691.851730][T21066] Remounting filesystem read-only [ 691.883599][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 691.951456][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.051837][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.081879][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.131521][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.232350][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.277895][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.309309][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.354407][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.391689][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.431723][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.472892][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.523868][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.586571][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.626762][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.667818][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.720169][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.751749][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.804052][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.861837][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.891708][T21118] cgroup2: Unexpected value for 'nsdelegate' [ 692.917859][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 692.948577][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 692.995710][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 693.072816][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 693.077151][T21083] loop4: detected capacity change from 0 to 32768 [ 693.113501][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 693.212358][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 693.280162][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 693.306467][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 693.361592][T21066] NILFS (loop9): bad btree node (ino=16, blocknr=15): level = 93, flags = 0x6, nchildren = 9 [ 693.408836][T21066] NILFS error (device loop9): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 693.452910][ T26] audit: type=1800 audit(1747922177.272:206): pid=21066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.6908" name="file2" dev="loop9" ino=16 res=0 errno=0 [ 693.569986][T21066] syz.9.6908 (21066) used greatest stack depth: 19144 bytes left [ 693.864305][T21133] loop8: detected capacity change from 0 to 8192 [ 693.962970][T21133] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 694.370845][T21150] loop2: detected capacity change from 0 to 16 [ 694.422765][T21150] erofs: (device loop2): mounted with root inode @ nid 36. [ 694.725581][T21160] nft_compat: unsupported protocol 0 [ 694.772870][T21164] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6946'. [ 695.533780][T21191] loop6: detected capacity change from 0 to 256 [ 695.581469][ T5114] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 695.811414][ T5114] usb 10-1: Using ep0 maxpacket: 8 [ 695.818501][ T5114] usb 10-1: config 2 has an invalid interface number: 31 but max is 0 [ 695.857410][ T5114] usb 10-1: config 2 has no interface number 0 [ 695.871677][ T5114] usb 10-1: config 2 interface 31 has no altsetting 0 [ 695.941137][ T5114] usb 10-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 695.953316][T21202] loop6: detected capacity change from 0 to 256 [ 695.975186][T21204] loop8: detected capacity change from 0 to 256 [ 695.981707][ T5114] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 695.989825][ T5114] usb 10-1: Product: syz [ 695.998632][T21207] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2 [ 696.019583][T21202] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 696.034173][T21204] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 696.046685][ T5114] usb 10-1: Manufacturer: syz [ 696.052254][T21207] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0 [ 696.060400][ T5114] usb 10-1: SerialNumber: syz [ 696.395817][ T22] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 696.537827][ T5114] ch9200: probe of 10-1:2.31 failed with error -22 [ 696.566023][ T5114] usb 10-1: USB disconnect, device number 4 [ 696.593793][ T22] usb 7-1: config 1 has an invalid descriptor of length 212, skipping remainder of the config [ 696.611484][ T22] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 696.671135][ T22] usb 7-1: too many endpoints for config 1 interface 1 altsetting 78: 168, using maximum allowed: 30 [ 696.700955][ T22] usb 7-1: config 1 interface 1 altsetting 78 has 0 endpoint descriptors, different from the interface descriptor's value: 168 [ 696.764986][ T22] usb 7-1: config 1 interface 1 has no altsetting 0 [ 696.791094][ T22] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 696.842271][ T22] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 696.871080][ T22] usb 7-1: Product: syz [ 696.885656][ T22] usb 7-1: Manufacturer: syz [ 696.921418][ T22] usb 7-1: SerialNumber: syz [ 696.958241][ T22] usb 7-1: selecting invalid altsetting 0 [ 696.974583][ T22] cdc_ether: probe of 7-1:1.0 failed with error -22 [ 697.165428][ T22] usb 7-1: selecting invalid altsetting 0 [ 697.171249][ T22] usbtest: probe of 7-1:1.1 failed with error -22 [ 697.218190][ T22] usb 7-1: USB disconnect, device number 17 [ 697.571662][ T4254] Bluetooth: hci5: command 0x0406 tx timeout [ 697.691457][ T5114] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 697.894380][ T5114] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 697.914466][ T5114] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 697.958589][ T5114] usb 9-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 698.024794][ T5114] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 698.072218][ T5114] usb 9-1: config 0 descriptor?? [ 698.233476][T21268] loop6: detected capacity change from 0 to 64 [ 698.333530][ T5393] usb 9-1: USB disconnect, device number 7 [ 698.361916][ T22] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 698.441036][T21272] tmpfs: Bad value for 'mpol' [ 698.561865][ T22] usb 5-1: Using ep0 maxpacket: 8 [ 698.570940][ T22] usb 5-1: config 2 has an invalid interface number: 31 but max is 0 [ 698.601624][ T22] usb 5-1: config 2 has no interface number 0 [ 698.622214][ T22] usb 5-1: config 2 interface 31 has no altsetting 0 [ 698.643705][ T22] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 698.677526][ T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 698.695185][ T22] usb 5-1: Product: syz [ 698.709667][ T22] usb 5-1: Manufacturer: syz [ 698.729989][ T22] usb 5-1: SerialNumber: syz [ 699.164409][T21293] loop9: detected capacity change from 0 to 64 [ 699.186105][ T22] ch9200: probe of 5-1:2.31 failed with error -22 [ 699.220668][ T22] usb 5-1: USB disconnect, device number 42 [ 699.889346][T21320] xt_policy: output policy not valid in PREROUTING and INPUT [ 700.148540][T21328] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7012'. [ 700.172914][T21328] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0) [ 700.209679][T21328] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535 [ 700.784886][T21358] kAFS: Can only specify source 'none' with -o dyn [ 701.983143][T21403] loop8: detected capacity change from 0 to 64 [ 702.101583][T21403] hfs: request for non-existent node -117440513 in B*Tree [ 702.137410][T21403] hfs: request for non-existent node -117440513 in B*Tree [ 703.172009][ T27] INFO: task syz-executor:10616 blocked for more than 143 seconds. [ 703.180026][ T27] Not tainted 6.1.140-syzkaller #0 [ 703.231418][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 703.240363][ T27] task:syz-executor state:D stack:22144 pid:10616 ppid:1 flags:0x00004004 [ 703.291502][ T27] Call Trace: [ 703.307445][ T27] [ 703.320754][ T27] __schedule+0x10e9/0x40d0 [ 703.341029][ T27] ? release_firmware_map_entry+0x18a/0x18a [ 703.363714][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 703.369799][ T27] ? lock_chain_count+0x20/0x20 [ 703.405533][ T27] ? _raw_spin_lock_irq+0xab/0xe0 [ 703.410653][ T27] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 703.438802][ T27] schedule+0xb9/0x180 [ 703.443374][ T27] io_schedule+0x7c/0xd0 [ 703.447852][ T27] folio_wait_bit_common+0x6e1/0xf60 [ 703.460306][ T27] ? folio_wait_bit+0x30/0x30 [ 703.479329][ T27] ? migration_entry_wait_on_locked+0xe50/0xe50 [ 703.486114][ T27] ? folio_mapping+0x1ba/0x4d0 [ 703.490963][ T27] truncate_inode_pages_range+0x9a2/0xff0 [ 703.506494][ T27] ? mapping_evict_folio+0x520/0x520 [ 703.517452][ T27] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 703.530120][ T27] ? _raw_spin_unlock_irq+0x1f/0x40 [ 703.538042][ T27] ? lockdep_hardirqs_on+0x94/0x140 [ 703.543869][ T27] evict+0x498/0x870 [ 703.548743][ T27] ? proc_nr_inodes+0x2f0/0x2f0 [ 703.554327][ T27] ? do_raw_spin_unlock+0x11d/0x230 [ 703.559621][ T27] ? _raw_spin_unlock+0x24/0x40 [ 703.565048][ T27] ? do_raw_spin_unlock+0x11d/0x230 [ 703.570318][ T27] evict_inodes+0x604/0x690 [ 703.575320][ T27] ? clear_inode+0x150/0x150 [ 703.579992][ T27] ? dput+0x1c9/0x1d0 [ 703.586015][ T27] ? sync_filesystem+0x103/0x220 [ 703.591131][ T27] generic_shutdown_super+0x93/0x340 [ 703.600079][ T27] kill_block_super+0x7c/0xe0 [ 703.610540][ T27] deactivate_locked_super+0x93/0xf0 [ 703.620579][ T27] cleanup_mnt+0x463/0x4f0 [ 703.625350][ T27] ? lockdep_hardirqs_on+0x94/0x140 [ 703.630690][ T27] task_work_run+0x1ca/0x250 [ 703.639052][ T27] ? task_work_cancel+0x230/0x230 [ 703.644533][ T27] ? exit_to_user_mode_loop+0x3b/0x110 [ 703.650347][ T27] exit_to_user_mode_loop+0xe6/0x110 [ 703.656526][ T27] exit_to_user_mode_prepare+0xb1/0x140 [ 703.663802][ T27] syscall_exit_to_user_mode+0x16/0x40 [ 703.669487][ T27] do_syscall_64+0x58/0xa0 [ 703.674575][ T27] ? clear_bhb_loop+0x60/0xb0 [ 703.679412][ T27] ? clear_bhb_loop+0x60/0xb0 [ 703.684655][ T27] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 703.690697][ T27] RIP: 0033:0x7f170df8fc97 [ 703.695646][ T27] RSP: 002b:00007ffe76cb3ce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 703.704589][ T27] RAX: 0000000000000000 RBX: 00007f170e01089d RCX: 00007f170df8fc97 [ 703.714408][ T27] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe76cb3da0 [ 703.722943][ T27] RBP: 00007ffe76cb3da0 R08: 0000000000000000 R09: 0000000000000000 [ 703.731067][ T27] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe76cb4e30 [ 703.739679][ T27] R13: 00007f170e01089d R14: 000000000008835c R15: 00007ffe76cb4e70 [ 703.748485][ T27] [ 703.752371][ T27] [ 703.752371][ T27] Showing all locks held in the system: [ 703.760713][ T27] 1 lock held by rcu_tasks_kthre/12: [ 703.766924][ T27] #0: ffffffff8c92b4b0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 703.777930][ T27] 1 lock held by rcu_tasks_trace/13: [ 703.783980][ T27] #0: ffffffff8c92bcd0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00 [ 703.795423][ T27] 1 lock held by khungtaskd/27: [ 703.800425][ T27] #0: ffffffff8c92ab20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 703.810920][ T27] 2 locks held by getty/4016: [ 703.825981][ T27] #0: ffff8880304a2098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 703.848633][ T27] #1: ffffc9000325e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x41b/0x1380 [ 703.859768][ T27] 1 lock held by syz-executor/10616: [ 703.866534][ T27] #0: ffff8880716140e0 (&type->s_umount_key#114){+.+.}-{3:3}, at: deactivate_super+0xa0/0xd0 [ 703.877676][ T27] 1 lock held by rm/21455: [ 703.886247][ T27] [ 703.888739][ T27] ============================================= [ 703.888739][ T27] [ 703.914647][ T27] NMI backtrace for cpu 1 [ 703.919047][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.140-syzkaller #0 [ 703.926974][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 703.937065][ T27] Call Trace: [ 703.940374][ T27] [ 703.943335][ T27] dump_stack_lvl+0x168/0x22e [ 703.948071][ T27] ? irq_work_queue+0xb8/0x140 [ 703.952892][ T27] ? show_regs_print_info+0x12/0x12 [ 703.958148][ T27] ? load_image+0x3b0/0x3b0 [ 703.962692][ T27] ? vprintk_emit+0x571/0x680 [ 703.967860][ T27] ? printk_sprint+0x460/0x460 [ 703.972686][ T27] nmi_cpu_backtrace+0x3f4/0x470 [ 703.977682][ T27] ? nmi_trigger_cpumask_backtrace+0x450/0x450 [ 703.983889][ T27] ? _printk+0xcc/0x110 [ 703.988087][ T27] ? load_image+0x3b0/0x3b0 [ 703.992633][ T27] ? load_image+0x3b0/0x3b0 [ 703.997194][ T27] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 704.003329][ T27] nmi_trigger_cpumask_backtrace+0x1d4/0x450 [ 704.009364][ T27] watchdog+0xeee/0xf30 [ 704.013569][ T27] ? watchdog+0x1ed/0xf30 [ 704.017952][ T27] kthread+0x29d/0x330 [ 704.022068][ T27] ? hungtask_pm_notify+0x40/0x40 [ 704.027136][ T27] ? kthread_blkcg+0xd0/0xd0 [ 704.031775][ T27] ret_from_fork+0x1f/0x30 [ 704.036258][ T27] [ 704.039349][ C1] vkms_vblank_simulate: vblank timer overrun [ 704.046357][ T27] Sending NMI from CPU 1 to CPUs 0: [ 704.051782][ C0] NMI backtrace for cpu 0 [ 704.051794][ C0] CPU: 0 PID: 32 Comm: kworker/u4:2 Not tainted 6.1.140-syzkaller #0 [ 704.051813][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 704.051824][ C0] Workqueue: bat_events batadv_nc_worker [ 704.051849][ C0] RIP: 0010:lock_release+0x5c5/0x910 [ 704.051876][ C0] Code: 66 43 c7 44 2f 09 00 00 43 c6 44 2f 0b 00 65 48 8b 04 25 28 00 00 00 48 3b 84 24 c0 00 00 00 0f 85 8b 00 00 00 48 8d 65 d8 5b <41> 5c 41 5d 41 5e 41 5f 5d c3 0f 0b e9 d7 fa ff ff 0f 0b 48 c7 c7 [ 704.051892][ C0] RSP: 0018:ffffc90000a8fbb0 EFLAGS: 00000246 [ 704.051906][ C0] RAX: 43780aec7f34c000 RBX: ffff8880599989c0 RCX: 43780aec7f34c000 [ 704.051921][ C0] RDX: 0000000000000002 RSI: ffffffff8a6c1180 RDI: ffffffff8abf1260 [ 704.051934][ C0] RBP: ffffc90000a8fbd0 R08: dffffc0000000000 R09: fffffbfff1bfd006 [ 704.051947][ C0] R10: fffffbfff1bfd006 R11: 1ffffffff1bfd005 R12: ffff888019ab8b30 [ 704.051961][ C0] R13: dffffc0000000000 R14: ffff888019ab8ad0 R15: 1ffff92000151f64 [ 704.051975][ C0] FS: 0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000 [ 704.051990][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 704.052003][ C0] CR2: 0000555d6711f000 CR3: 000000000c68e000 CR4: 00000000003506f0 [ 704.052019][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 704.052030][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 704.052041][ C0] Call Trace: [ 704.052047][ C0] [ 704.052054][ C0] ? batadv_nc_worker+0xce/0x600 [ 704.052074][ C0] batadv_nc_worker+0x28d/0x600 [ 704.052096][ C0] ? process_one_work+0x7a1/0x1160 [ 704.052114][ C0] process_one_work+0x898/0x1160 [ 704.052140][ C0] ? worker_detach_from_pool+0x240/0x240 [ 704.052161][ C0] ? _raw_spin_lock_irq+0xab/0xe0 [ 704.052185][ C0] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 704.052209][ C0] ? kthread_data+0x4b/0xc0 [ 704.052236][ C0] worker_thread+0xaa2/0x1250 [ 704.052268][ C0] kthread+0x29d/0x330 [ 704.052292][ C0] ? worker_clr_flags+0x1a0/0x1a0 [ 704.052310][ C0] ? kthread_blkcg+0xd0/0xd0 [ 704.052335][ C0] ret_from_fork+0x1f/0x30 [ 704.052366][ C0] [ 704.263507][ C1] vkms_vblank_simulate: vblank timer overrun [ 704.285981][ T27] Kernel panic - not syncing: hung_task: blocked tasks [ 704.292891][ T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.140-syzkaller #0 [ 704.300823][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 704.310925][ T27] Call Trace: [ 704.314239][ T27] [ 704.317191][ T27] dump_stack_lvl+0x168/0x22e [ 704.321926][ T27] ? memcpy+0x3c/0x60 [ 704.326006][ T27] ? show_regs_print_info+0x12/0x12 [ 704.331255][ T27] ? load_image+0x3b0/0x3b0 [ 704.335813][ T27] panic+0x2c9/0x710 [ 704.339756][ T27] ? schedule_preempt_disabled+0x20/0x20 [ 704.345428][ T27] ? bpf_jit_dump+0xd0/0xd0 [ 704.349981][ T27] ? __irq_work_queue_local+0x12c/0x190 [ 704.355551][ T27] ? nmi_trigger_cpumask_backtrace+0x35b/0x450 [ 704.361723][ T27] ? nmi_trigger_cpumask_backtrace+0x360/0x450 [ 704.367897][ T27] watchdog+0xf2d/0xf30 [ 704.372187][ T27] ? watchdog+0x1ed/0xf30 [ 704.376625][ T27] kthread+0x29d/0x330 [ 704.380710][ T27] ? hungtask_pm_notify+0x40/0x40 [ 704.385743][ T27] ? kthread_blkcg+0xd0/0xd0 [ 704.390349][ T27] ret_from_fork+0x1f/0x30 [ 704.394789][ T27] [ 704.398091][ T27] Kernel Offset: disabled [ 704.402423][ T27] Rebooting in 86400 seconds..