last executing test programs: 1m45.293036795s ago: executing program 2 (id=49): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x10000, &(0x7f0000000380)={[{@noauto_da_alloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ") syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1cb842, 0x0) io_setup(0xa, &(0x7f0000000540)=0x0) io_submit(r1, 0x601, &(0x7f0000002680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000b80)="ed", 0xfdef, 0x600}]) 1m44.139148595s ago: executing program 2 (id=56): unshare(0x22020400) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000480)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', r1}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@map, r2, 0x2f, 0x2034, r2}, 0x20) 1m43.535010486s ago: executing program 2 (id=61): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0x6, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1m43.042891882s ago: executing program 2 (id=62): syz_mount_image$udf(&(0x7f0000000000), &(0x7f00000094c0)='./file1\x00', 0x0, &(0x7f0000001940)=ANY=[], 0x1, 0xc25, &(0x7f0000002580)="$eJzs3V9oXNl9B/DfmStZY22aaLOJN2mz6UBKYpTa+F9sBZcgZxW1AccbIit0n6LRHzvDyiMjyY03bYPakhb6ErovpS9FNF1ayEPpQ7ePVZotJJRCCXlIHwqCJss+9EEPgdKWjcK9c0Ya2fJau15ZsvfzMePvnTu/OzrnntGdO6AzNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiM9+7tKp0+mgWwEAPExXJr506myKgYNuBwDw8Fz1+R8AAAAAAAAAAAAAAA67FEUcixSDr2ykqep+R/1yq33r9uTY+O6bHU2RohZFVV/e6qfPnD33qfMXRrr55tu/0z4cz01cvdR4duHGzcW5paW52cZkuzWzMDu352d40O3vNFztgMaNF27NXru21Dhz8uyOh28PvTbwxLGhixdOnB/p1k6OjY9P9NT09b/tn36Xe83wOBJFNCPFG0Ovp2ZE1OLB98V9Xjv77WjVieGqE5Nj41VH5lvN9nL5YKrlqlpEo2ej0e4+eghj8UBGI1bK5pcNHi67N3Gzudicnp9rfLG5uNxabi20U63T2rI/jajFSIpYjYj1XSb59kcRH40UL53aSNMRUXT3wyericH3b09tH/q4B2U7G/0Rq7VHYMwOsYEo4kqk+Nmrx2Om3Gf5Fh+P+EKZr0S8XOZnIlL5wjgX8VOTxR8bfVHEv0WKhbSRZqvjQfe4cvnLjc+3ry301HaPK4/8+8PDdMiPTfUoYro64m+kt3+yAwAAAAAAAAAAAAAAAMA77WgU8e1I8UfP/E41rziqeenvuzjynud/s3fO+NP3eZ6y9mRErNT2Nie3P08dTrXy3z50jD2pRxHfyPP//uCgGwMAAAAAAAAAAAAAAAAAAPCuVsTzkeIrJ46n1aiu/XskqmuKt9rXG1eb0/Odq8J2r/3bvWb65ubmZiN1cjTnVM6VnKs513Ku54xa3j7naM6pnCs5V3Ou5VzPGUXePudozqmcKzlXc67lXM8ZfXn7nKM5p3Ku5FzNuZZzPWcckmv3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8TmpRxM8jxbe+tpEiRcRoxFR0cm3goFsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJTqqYiTkWLt+Xp1f7UWcTUifr65udm9RcRGmQ/qoPsKAAAAAAAAAAAAAAAAAAAAh1Yq4mOR4qn/20iNiLg99NrAE8eGLl44cX6kiCJSWdJb/9zE1UuNZxdu3FycW1qam21MtlszC7Nze/1x9cut9q3bk2Pj+9KZ+zq6z+0/Wn924eaLi63rX13e9fHB+qXppeXF5szuD8fRqEVM9a4Zrho8OTZeNXq+1WxXm6baPRpYixjda2cAAAAAAAAAAAAAAAAAAAA4NAZTEZ+LFD/5z3OpO2+8rzPn/5c694qt2pd/b/u7AObvyK7e7w/Yy3Laa0OHq4n3jcmx8fGJntV9/XeXlm1KqYinI8UnXvpQNR8+xeCuc+PLuveWdTfO5bqhXynrVnZU1Ycnx8YbVxbaJy7Nzy/MNJeb0/NzjYmbzZn8xQEre+0GAAAAAAAAAAAAAAAAAAAA7GYwFfGjSPHff/vvqXvd+Tz/v69zr2f+/29UU+gr9bQzt1Rz+99bze3vLL/v4sjgR5+51/r9mP9ftimlIr4ZKc7+6EPV9fS78/+n7qgt6/4kUrz+zEdyXe1IWdfsdqfzjNda83Onytq/jBS/+ka3Nqra67n2qe3a02Xt0Ujx5xs7a7+aaz+wXXumrD0eKb73X7vXfnC79mxZ+5NI8Y9/0+jWDpa1v5trj23XnpxZmJ+9324tx/87keKvr/xW6vb5nuPf8/0PK3fklrvG/M2X36nxH+pZt5LH9Y/z+DfvM/7nI8V36h/JdZ19P50ff7L6f3v8PxEp/uNfd9Zey7Xv3649vdduHbRy/L8dKb77Fz/e6nMe//74+/+N7RHfOf6/3Lczt14lBzT+T/asG8rtmnnru+NdZ+nFr7/QnJ+fW7RgwYKFrYWDPjLxMJTv/38aKf7/WJG65zH5/f89nXvb53//843t9/+Ld+SWA3r/f3/Puov5rKW/L6K+fONm/9MR9aUXv36idaN5fe76XPvM6VOf/vT506dOn+8/0j25217a8757HJTj/4NI8cO/++HW55it87/K7uf/g3fklgMa/6d6+7TjvGbPu+JdqRz/v4oUT372x1ufN3eO/87z/+7n/+Mf25lbv38HNP4f6Fk3lNvVeov7AgAAAAAAAAAA4FEymIr4s0jx23/466k7h2gvf/83e0duOaC//zrWs272Ic1r2PNOBgA4RMrzvw9Gin/a/P7WXO6d53/xa93a3vO/ezkM1/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHXYoifj9SDL6ykdYGyvsd9cut9q3bk2Pju292NEWKWhRVfXmrnz5z9tynzl8Y6eabb/9O+3A8N3H1UuPZhRs3F+eWluZmG5Pt1szC7Nyen+FBt7/TcLUDGjdeuDV77dpS48zJszsevj302sATx4YuXjhxfqRTO9CYHBsfn+ip6et/2z/9Luke649EEd+PFG8MvZ6+OxBRiwffF/d57ey3o1UnhqtOTI6NVx2ZbzXby+WDqZarahGNno1Gu/soj9t+jsUDGY1YKZtfNni47N7EzeZic3p+rvHF5uJya7m10E61TmvL/jSiFiMpYjUi1gfufrr+KOKbkeKlUxvpnwciiu5++OSViS+dOnv/9tT2oY97ULaz0R+xWnsExuwQG4gi/iFS/OzV4/G9gYi+6Nzi4xFfKPOViJfL/ExEKl8Y5yJ+usvriEdTXxRxLlIspI306kB5POgeVy5/ufH59rWFntruceWRf394mA75sakeRfygOuJvpH/xew0AAAAAAAAAAAAAAABwiBSxGim+cuJ4quYHb80pbrWvN642p+c70/q6c/+6c6Y3Nzc3G6mTozmncq7kXM25lnM9Z9Ty9jlHc07lXMm5mnMt53rOKPL2OUdzTuVcybmacy3nes7oy9vnHM05lXMl52rOtZzrOeOQzN0DAAAAAAAAAAAAAAAAAAAeL7Uoqqu4f+trG2lzoHN96ano5JrrgT72fhEAAP//gMd2Mw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cpuacct.usage_percpu\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0xc0086c43, &(0x7f0000000080)=0x6ff) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3800009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000500)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 1m41.872177593s ago: executing program 2 (id=66): syz_kvm_add_vcpu$x86(0x0, &(0x7f00000000c0)={0x0, 0x0}) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$setregs(0xd, r0, 0x2, &(0x7f0000000180)) ptrace$cont(0x21, r0, 0x5, 0x4) 1m40.534578722s ago: executing program 2 (id=73): pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RGETLOCK(r1, 0x0, 0xffffff6a) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r0, r3, 0xfffffffffffffc01, 0x0) vmsplice(r2, &(0x7f0000000640)=[{&(0x7f00000002c0)="02", 0x1}], 0x1, 0xa) 1m39.99307279s ago: executing program 32 (id=73): pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RGETLOCK(r1, 0x0, 0xffffff6a) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) tee(r0, r3, 0xfffffffffffffc01, 0x0) vmsplice(r2, &(0x7f0000000640)=[{&(0x7f00000002c0)="02", 0x1}], 0x1, 0xa) 1m0.241291243s ago: executing program 1 (id=267): setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@ipv6_getaddr={0x18, 0x16, 0x3c2be10bca706f15, 0x0, 0x0, {0x3}}, 0x18}}, 0x0) r0 = syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12011001000000086e05e60000000000000109022400010000000009040000080300000009210800020122280009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000300)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB=' \r('], 0x0, 0x0, 0x0, 0x0}, 0x0) 58.234676128s ago: executing program 1 (id=286): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000001c0)={'vxcan1\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000000140)={0x1d, r1}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="05"], 0x48}}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="06"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x2004c800) 58.148800932s ago: executing program 1 (id=288): r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3c}}]}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=@newtfilter={0xb0, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xd}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_u32={{0x8}, {0x7c, 0x2, [@TCA_U32_ACT={0x54, 0x7, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xfffd, 0x3}}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0x6, 0x9, 0x20000000, 0x1, 0xd6}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_U32_SEL={0x24, 0x5, {0x8, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x2, 0x20008000, 0x4, 0x1}]}}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0xe}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x1}, 0x24040084) 57.99463535s ago: executing program 1 (id=290): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000000), 0x1, 0x470, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=") syz_mount_image$iso9660(&(0x7f0000000800), &(0x7f0000000000)='./file0\x00', 0x200000, &(0x7f0000000200), 0x0, 0x3fc, &(0x7f0000000280)="$eJzs3M9OG0ccwPFZYiilUlQpagKEw6RpJXqIs7sUI5TTdj02k6x3VzPrCE5VVCBCBVKVVCpcWi5pK7UPkWvfoJc+UaP2Dah211DANq7CH6Po+5HQjD2/nfnNypqRjWYFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQTlh3Xc8RkY7by7K/sG6SVq+GT7eL4rC/j08UZ4wrhJP/ifFxMVm+NXnrv+aPyk7ulK/uiPG8GBd7H9z+8NGtysjh9WckfCV2dvde/FHm+L/iK/8cFC49sSvSVLG2iW4FTSW1TeRireY+XGpY2dCRsis2Uy0ZGhVkiZGz4WfSW1yck6q6krTjZj2I1OGbCw98163Jx9VUBcYm8cPHVRsu6SjScbOIyZvzmIX8g/hEZzJTQUvK9Y3NtblBSeZB3hntjhA/FkH+oJ581/c9z/e92vzi/ILrVnzXlyfecE8RXZcM/0OL4brI5Rs4l4PO/g8AAAAAAN5dTvEbe/79f7T4Hd4RDR0pd9hpAQAAAACAC1T85/9OXozmtUnh8P0fAAAAAIB3zc/Hz9i93+uMnU3fc/78Wxgz6uyny584W0EeHmyJSnHdjdM9Zo1p52ank6KoVTqvQjXjTJVBU4fRbzrF+qCzfk5XAp2RTydQnrA7+KFHAuJXMV0GTa+W5ephSznKRENHqhom0SNPBMHNkUwtZ99tb3wviun/ErduOmJ9Y3Ot+tWLzdUil/28l/2tzgGKrnMU/W+GeHl07rH3jMc6XRTjTpTjusfnP1K2j3SPOSX6jPlK3C1j7k6U5cTJ+Y/n8/eq/WbfycI758xfiZkyZmb2fl7cn+2RhT8oC/94Fv3vxfmymOudxV9HWcydMwsAGJb1AbuQ073xv8Uqd3G7+9kr+r0y5t50sbBWpnus6O6gfcU95+72e9czEPrtsfm4v8Wt6pgQR7vq6/yC133HtZHv5Lfwxsutb8Ttnd29Bxtbz56vPV/b9v25mvu56877YrSYRqdg7wEA9KDMG2ci+8kxRqdfemOLXpAtKWmS8Ik0ut5UUseZMuFSEDeVTE2SJWES5ZWnuq6stO00TUwmG4mRaWL1cvHkF9l59ItVrSDOdGjTSAVWyTCJsyDMZF3bUKbtLyJtl5QpLrapCnVDh0Gmk1japG1CVZXSKnUsUNdVnOmGzquxTI1uBWZFPk2idkvJurKh0WmW5NMyR2PpuJGYVtFtddg3GwCAa2Jnd+/rZ5uba99eYmXYcwQAACexSwMAAAAAAAAAAAAAAAAAAAAAcP1dxfm/i604QohrkAYVKhddGXvbD/bBJeQz7JUJwGX7NwAA//++Aql5") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0xd) getdents64(r0, 0x0, 0x0) 57.515428215s ago: executing program 1 (id=293): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0xd, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x82) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000040)={0x8, 0x40000cca8, 0x7}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0185879, &(0x7f0000000000)={@desc={0x1, 0x0, @desc3}}) 57.02654342s ago: executing program 1 (id=294): open(0x0, 0x518282, 0x78e22799f4a46e8e) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x32cc0000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='numa_maps\x00') read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2020) 56.497925838s ago: executing program 33 (id=294): open(0x0, 0x518282, 0x78e22799f4a46e8e) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x32cc0000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='numa_maps\x00') read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2020) 3.426325602s ago: executing program 5 (id=643): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mount$9p_fd(0x0, &(0x7f00000002c0)='.\x00', &(0x7f0000000040), 0x8000, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) 2.922528098s ago: executing program 0 (id=647): syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r0 = socket(0x1, 0x803, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x401, 0xffffffbf, 0x0, {0x0, 0x0, 0x0, 0x0, 0xe76}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0x3, r1}]}, 0x40}}, 0x0) 2.742672408s ago: executing program 0 (id=649): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f00000002c0)) ioctl$IMADDTIMER(r0, 0x80044940, &(0x7f0000000240)=0x14) syz_clone(0x40000, 0x0, 0x0, 0x0, 0x0, 0x0) read(r0, &(0x7f00000019c0)=""/4097, 0x1001) 2.463696792s ago: executing program 4 (id=651): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x10, 0x0, &(0x7f0000000000)=[@clear_death], 0x0, 0x1000000, 0x0}) 2.462957942s ago: executing program 0 (id=659): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000940)=@newlink={0x3c, 0x10, 0x8, 0x70bd2c, 0x25dfdbfe, {}, [@IFLA_VF_PORTS={0x1c, 0x18, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "064979d3291c76d0aa977b635a66c66d"}]}]}]}, 0x3c}}, 0x80) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000002040)=0x4, 0x4) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000180)=ANY=[@ANYBLOB="28000000690005"], 0x28}}, 0x0) recvmmsg(r0, &(0x7f0000000800)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=""/91, 0x5b}}, {{&(0x7f0000000000)=@isdn, 0x0, &(0x7f0000000640)=[{&(0x7f0000000080)=""/225}, {&(0x7f00000001c0)=""/65}, {&(0x7f0000000d40)=""/4096}, {&(0x7f0000000240)=""/99}, {&(0x7f00000002c0)=""/122}, {&(0x7f0000000340)=""/217}, {&(0x7f00000008c0)=""/35}, {&(0x7f0000000500)=""/227}, {&(0x7f0000000600)=""/1}]}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000700)=""/27}], 0x0, &(0x7f0000000780)=""/112}}], 0x40000000000024a, 0x40002002, 0x0) 2.462451882s ago: executing program 5 (id=652): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffee0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00'}, 0x94) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r1, r2}, 0x40) syz_emit_ethernet(0x7a, &(0x7f0000001240)={@random="e33110495bfd", @remote, @void, {@ipv6={0x86dd, @gre_packet={0x3, 0x6, "15423a", 0x44, 0x2f, 0x0, @loopback, @dev={0xfe, 0x80, '\x00', 0x10}, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x1}, {0x1}, {0x8, 0x88be, 0x1, {{0x2, 0x1, 0x2, 0x2, 0x1, 0x1, 0x1, 0x2b}, 0x1, {0x6}}}, {0x8, 0x22eb, 0x0, {{0x3, 0x2, 0x83, 0x2, 0x0, 0x2, 0x3, 0x2}, 0x2, {0xffffffff, 0x2000, 0x0, 0x12, 0x0, 0x1, 0x2, 0x0, 0x1}}}, {0x8, 0x6558, 0x4}}}}}}}, 0x0) 2.326614849s ago: executing program 5 (id=653): r0 = socket$inet_sctp(0x2, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x20000000, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={r2}, 0x8) 2.326376379s ago: executing program 0 (id=654): syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='utf8,iocharset=cp1255,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d72656d6f756e742d726f2c666d61736b3d30303030303030303030303030303030303030303230302c696f636861727365743d63703933362c757466382c616c6c6f775f7574696d653d30303030303030303030303030303030303030303031302c756d61736b3d30303030303030303030303030303030303030303230302c001eeaf7092ca1da79cfccff92e65d3cc808ae614dad4e0ae496ec4c199d0d74f9335969730841065a788c0228f8b13707957dc8a0b629cd979d35335d6aa2698198b45c02e8b20fc3947f419bb2dbcb3cf60434f2e0fa42a90db8223eb01c854f9ddad9614a04d90bfabf5ba0"], 0x1, 0x14e1, &(0x7f0000002ac0)="$eJzs3Al0VkW2KODaVXUgxIi/EZlr1z7wiwGKiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBhpREREZJJJoN7C7r7cbvsu7uvXt3nvZX9r1UrtnLP3X5Wd5D/nrJX81HVYjcY1qzYgIvHPUH+dwJ8/JAshYoQQA4UQtwkhAiFE2fiy8deO51KQ/E+9CPsf0jD1Zq+A3Uzc/+yN+5+9cf+zN+5/9sb9z964/9kb9z974/4zlq2lFbidR/YdN3j+n/NG3z78/P//Zfz+n71x/7M37n/2xv3P3rj/2Rv3P3vj/mdv3P//j8kbn8L9Zyxb+7/gGTSPmzgYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLF/gwv+Oi2E+Ov8Zq+LMcYYY4wxxhhj/zo+581eAWOMMcYYY4wxxv7ngZBCCS0CkUPkFDEil4gVt4g4cavILW4TEXG7iBd3iDziTpFX5BP5RQFRUBQShYURKKwgEYoioqiIirtEMXG3SBDFRQlRUjhRSiSKe0Rpca8oI+4TZcX9opx4QJQXFURFUUk8KCqLh0QV8bCoKh4R1UR1UUPUFI+KWuIxUVs8LuqIJ0Rd8aSoJ54S9cXTooFoKBqJZ0Rj8axoIpqKZqK5aCFailb/VP5bood4W/QUvUSy6C36iHdEX9FP9BcDxEDxrhgk3hODxftiiBgqhokPxHDxoRghPhIjxSgxWnwsxoixYpwYLyaIiSJFfCImiU/FZPGZmCKmimliukgVM0Sa+FzMFLPEbPGFmCO+FHPFPDFfLBDpYqFYJBaLDPGVWCK+FpliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLHWKn2CV2iz1ir9gn9osD4huRJb7938w//3f53UCAAAkSNGjIATkgBmIgFmIhDuIgN+SGCEQgHuIhD+SBvJAX8kN+KAgFoTAUBgQEAoIiUASiEIViUAwSIAFKQAlw4CAREqE03AtloAyUhbJQDspBeagAFaASVILKUBmqQBWoClWhGlSDGlADHoVH4TGoDbWhDtSBulAX6kE9qA/1oQE0gEbQCBpDY2gCTaAZNIMW0AJaQStoDa2hDbSBdtAO2kN76AAdIAmSoCN0hE7QCTpDZ+gCXaArdIVu8Ca8CW/BW/A2vA29oJrsDX2gD/SFvtAfBsAAeBcGwXvwHrwPQ2AoDIMP4AP4EEbAORgJo2A0jIbKciyMg/FAciKkQApMgkkwGSbDFJgKU2E6pMIMSIM0mAmzYBZ8AXPgS/gS5sE8WADpkA6LYDFkQAYsgfOQCUthGSyHFbASVsBqWAOrYR2sh3WwETbCZtgMW2ErbIftsBN2wm7YDXthL+yH/TAEsiALDsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcAJOwik4DafgLJyFc3AeLsAFuASX4DJchqtw9doPv7xGSy1zyBwyRsbIWBkr42SczC1zy4iMyHgZL/PIPDKvzCvzy/yyoCwoC8vCEiVKkqEsIovIqIzKYrKYTJAJsoQsIZ10MlEmytKytCwjy8iy8n5ZTj4gy8sKsq2rJCvJyrKdqyIfllVlVVlNVpc1ZE1ZU9aStWRtWVvWkXVkXVlX1pNPyfqyN/SHhvJaZxrLodBEDoNmsrlsIVvKD+E52VqOgDayrWwnX5CjYCR0kK1dknxZdpTjoJN8VY6H12QXORG6yjdkN/mm7C7fkj1kG9dT9pJToLfsI6dDX9lP9pcD5EyoLq91rIZ8Xw6RQ+Uw+YFcAB/KEfIjOVKOkqPlx3KMHCvHyfFygpwoU+QncpL8VE6Wn8kpcqqcJqfLVDlDpsnP5Uw5S86WX8g58ks5V86T8+UCmS4XykVyscyQX8kl8muZKZfKZXK5XCFXylVytVwj18p1cr3cIDfKTXKz3CK3ym1yu9whd8pdcrfcI/fKfXK/PCC/kVnyW3lQ/kkekt/Jw/J7eUT+II/KH+Ux+ZM8Ln+WJ+Qv8qQ8JU/LM/Ks/FWek+flBXlRXpK/ycvyirwqvRQKlFRKaRWoHCqnilG5VKy6RcWpW1VudZuKqNtVvLpD5VF3qrwqn8qvCqiCqpAqrIxCZRWpUBVRRVVU3aWKqbtVgiquSqiSyqlSKlHdo0qre1UZdZ8qq+5X5dQDqryqoCqqSupBVVk9pKqoh1VV9YiqpqqrGqqmelTVUo+p2upxVUc9oeqqJ1U99ZSqr55WDVRD1Ug9oxqrZ1UT1VQ1U81VC9VStVLPqdbqedVGtVXt1AuqvXpRdVAvqST1suqoXlGd1Kuqs3pNdVGvq67qDdVNvam6qyvqqvKqp+qlklVv1Ue9o/qqfqq/GqAGqnfVIPWeGqzeV0PUUDVMfaCGqw/VCPWRGqlGqdHqYzVGjVXj1Hg1QU1UKeoTNUl9qiarz9QUNVVNU9NVqpqh+v+l0uz/Rv6n/yB/8O+vvlltUVvVNrVd7VA71S61W+1Re9Q+tU8dUAdUlspSB9VBdUgdUofVYXVEHVFH1VF1TB1Tx9VxdUKdUCfVKXVRnVFn1a/qnDqvzquL6pK6pC7/5WsgNGipldY60Dl0Th2jc+lYfYuO07fq3Po2HdG363h9h86j79R5dT6dXxfQBXUhXVgbjdpq0qEuoovqqL5LF9N36wRdXJfQJbXTpXSivuf/OP9G62ulW+nWurVuo9vodrqdbq/b6w66g07SSbqj7qg76U66s+6su+guuqvuqrvpbrq77q576B66p+6pk3Wy7qPf0X11P91fD9AD9bt6kB6kB+vBeogeoofpYXq4Hq5H6BF6pB6pR+vReoweo8fpcXqCnqBTdIqepCfpyXqynqKn6Gl6mk7VqTpNp+mZeqaerWfrOXqOnqvn6vl6vk7X6XqRXqQzdIZeopfoTL1UL9XL9XK9Uq/Uq/VqvVav1ev1er1Rb9SZeoveorfpbXqH3qF36V16j96j9+l9+oA+oLN0lj6oD+pD+pA+rA/rI/qIPqqP6mP6mD6uj+sT+oQ+qU/q0/q0PqvP6nP6nL6gL+hL+pK+rC/rq/rqtcu+QAYy0IEOcgQ5gpggJogNYoO4IC7IHeQOIkEkiA/igzzBnUHeIF+QPygQFAwKBYUDE2BgAwrCoEhQNIgGdwXFgruDhKB4UCIoGbigVJAY3BOUDu4NygT3BWWD+4NywQNB+aBCUDGoFDwYVA4eCqoEDwdVg0eCakH1oEZQM3g0qBU8FtQOHg/qBE8EdYMng3rBU0H94OmgQdAwaBQ8EzQOng2aBE2DZkHzoEXQMmj1L63v/bl8z7ueppdJNr1NH/OO6Wv6mf5mgBlo3jWDzHtmsHnfDDFDzTDzgRluPjQjzEdmpBllRpuPzRgz1owz480EM9GkmE/MJPOpmWw+M1PMVDPNTDepZoZJM5+bmWaWmW2+MHPMl2aumWfmmwUm3Sw0i8xik2G+MkvM1ybTLDXLzHKzwqw0q8xqs8asNevMerPBbDSbzGazxWw128x2s8PsNLvMbrPH7DX7zH5zwHxjssy35qD5kzlkvjOHzffmiPnBHDU/mmPmJ3Pc/GxOmF/MSXPKnDZnzFnzqzlnzpsL5qK5ZH4zl80Vc9X4axf3197eUaPGHJgDYzAGYzEW4zAOc2NujGAE4zEe82AezIt5MT/mx4JYEAtjYbyGkLAIFsEoRrEYFsMETMASWAIdOkzERCyNpbEMlsGyWBbLYTksj+WxIlbEB/FBfAgfwofxYXwEH8HqWB1rYk2shbWwNtbGOlgH62JdrIf1sD7WxwbYABthI2yMjbEJNsFm2AxbYAtsha2wNbbGNtgG22E7bI/tsQN2wCRMwo7YETthJ+yMnbELdsGu2BW7YTfsjt2xB/bAntgTkzEZ+2Af7It9sT/2x4E4EAfhIByMg3EIDsFhOAyH43AcgSNwJI7C0fgxjsGxOA7H4wSciCmYgpNwEk7GyTgFp+A0nIapmIppmIYzcSbOxtk4B+fgXJyL83E+pmM6LsJFmIEZuASXYCZm4jJchitwBa7CVbgG1+A6XIcbcANuwk24BbfgNtyGO3AH7sJduAf34D7chwfwAGZhFh7Eg3gID+FhPIxH8AgexaN4DI/hcTyOJ/AEnsSTeBpP41k8i+fwHF7AC3gJf8PLeAWvoscYm8vG2ltsnL3V5ra32b+P89sCtqAtZAtbY/PafH8To7U2wRa3JWxJ62wpm2jv+UNc3lawFW0l+6CtbB+yVf4Q17KP2dr2cVvHPmFr2kf/Jq5rn7T17LO2vm1qG9jmtpFtaRvbZ20T29Q2s81tC9vStrcv2g72JZtkX7Yd7St/iBfZxXaNXWvX2fV2n91vL9iL9pj9yV6yv9metpcdaN+1g+x7drB93w6xQ/8Qj7Yf2zF2rB1nx9sJduIf4ml2uk21M2ya/dzOtLP+EKfbhXaOzbBz7Tw73y74Pb62pgz7lV1iv7aZdqldZpfbFXalXWVX/8dal9uNdpPdbPfYvXab3W532J12l939e3xtHwfsNzbLfmuP2h/tIfudPWyP2yP2h9/ja/s7bn+2J+wv9qQ9ZU/bM/as/dWes+d/3/+1vZ+xV+xV660gIEmKNAWUg3JSDOWiWLqF4uhWyk23UYRup3i6g/LQnZSX8lF+KkAFqRAVJkNIlohCKkJFKUp3UTG6mxKoOJWgkuSoFCXSPVSa7qUydB+VpfupHD1A5akCVaRK9CBVpoeoCj1MVekRqkbVqQbVpEepFj1GtelxqkNPUF16kurRU1SfnqYG1JAa0TPUmJ6lJtSUmlFzakEtqRU9R63peWpDbakdvUDt6UXqQC9REr1MHekV6kSvUmd6jbrQ69SV3qBu9CZ1p7eoB71NPakXJVNv6kPvUF/qR/1pAA2kd2kQvUeD6X0aQkNpGH1Aw+lDGkEf0UgaRaPpYxpDY2kcjacJNJFS6BOaRJ/SZPqMptBUmkbTKZVmUBp9TjNpFs2mL2gOfUlzaR7NpwWUTgtpES2mDPqKltDXlElLaRktpxW0klbRalpDa2kdracNtJE20WbaQltpG22nHbSTdtFu2kN7aR/tpwP0DWXRt3SQ/kSH6Ds6TN/TEfqBjtKPdIx+ouP0M52gX+gknaLTdIbO0q90js7TBbpIl+g3ukxX6Cp5EiGEMlShDoMwR5gzjAlzhbHhLWFceGuYO7wtjIS3h/HhHWGe8M4wb5gvzB8WCAuGhcLCoQkxtCGFYVgkLBpGw7vCYuHdYUJYPCwRlgxdWCpMDO8JS4f3hmXC+8Ky4f1hufCBsHxYIawYVgofDCuHD4VVwofDquEjYbWwelgjrBk+GtYKHwtrh4+HdcInwjLhk2G98Kmwfvh02CBsGDYKnwkbh8+GTcKmYbOwedgibBm2Cp8LW4fPh23CtmG78IWwffhi2CF8KUwKXw47hq/c8Hhy2DvsE74TvhN6/7iaH10QTY8ujC6KLo5mRL+KLol+Hc2MLo0uiy6ProiujK6Kro6uia6Nrouuj26Iboxuim6Oel8zp3DgpFNOu8DlcDldjMvlYt0tLs7d6nK721zE3e7i3R0uj7vT5XX5XH5XwBV0hVxhZxw668iFrogr6qLuLlfM3e0SXHFXwpV0zpVyia6la+VaudbuedfGtXXt3AvuBfeie9G95F5yL7uO7hXXyb3qOrvXXBf3unvdveG6uTddd/eW6+Hedj1dL5fskl0f18f1dX1df9ffDXQD3SA3yA12g90QN8QNc8PccDfcjXAj3Eg30o12o90YN8aNc+PcBDfBpbgUN8lNcpPdZDfFTXHT3DSX6lJdmktzM91MN9vNdnPcHDfXzXXz3XyX7tLdIrfIZbgMt8QtcZku0y1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73B63x+1z+9wBd8BluSx30B10h9whd9h97464H9xR96M75n5yx93P7oT7xZ10p9xpd8addb+6c+68u+AuukvuN3fZXXFXnXcpkU8ikyKfRiZHPotMiUyNTItMj6RGZkTSIp9HZkZmRWZHvojMiXwZmRuZF5kfWRBJjyyMLIosjmREvoosiXwdyYwsjSyLLI+siKyMeF9oW+iL+KI+6u/yxfzdPsEX9yV8Se98KZ/o7/Gl/b2+jL/Pl/X3+3L+AV/eV/AVfVPfzDf3LXxL38o/51v7530b39a38y/49v5F38G/5JP8y76jf8V38q/6zv4138W/7rv6N3w3/6bv7t/yPfzbvqfv5ZN9b9/Hv+P7+n6+vx/gB/p3/SD/nh/s3/dD/FA/zH/gh/sP/Qj/kR/pR/nR/mM/xo/14/x4P8FP9Cn+Ez/Jf+on+8/8FD/VT/PTfaqf4dP8536mn+Vn+y/8HP+ln+vn+fl+gU/3C/0iv9hn+K/8Ev+1z/RL/TK/3K/wK/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9Lr/b7/F7/T6/3x/w3/gs/60/6P/kD/nv/GH/vT/if/BH/Y/+mP/JH/c/+xP+F3/Sn/Kn/Rl/1v/qz/nz/oK/6C/53/xlf8Vf5b9ZY4wxxhj7b1E3ON77H3xO/mVc00cIcev2Akf+vuaGvH+e95P7OkaEEC/36trwr6Nhw+Tk5L+cm6lEUHSeECJyPT+HuB4vFe3EiyJJtBWl/+H6+smKQDeoH71fiNj/lBMj/hzH/E39e/+L+k0X3rD+PCESil7PySWux9frl/kv6u9uf4P6ub5LEaLNf8qJE9fj6/UTxfPiFZH0N2cyxhhjjDHGGGN/1k9e6naj+9tr9+cF9fWcnOJ6fKP7c8YYY4wxxhhjjN18r73Z/aXnkpLaduYJT3jCk/+Y3OzfTIwxxhhjjLF/tesX/Td7JYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPb17/h3Yjd7j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtjN9r8CAAD//3myaBA=") syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x18, &(0x7f0000000980)=ANY=[@ANYBLOB='decompose,gid=', @ANYRESHEX=0x0, @ANYBLOB="3dc60caf5c494d0d1904e9b834a83ea5fa1ce063797f5e468312be664629a7b5dd4bde8a31db5c80248e41342c422a015cc68bde6e847ea530e4c591cb003d8d1b81fb622a269be878d3ea8b905c9787ba503a3cb19344dac8fe9f2f7b6470d2077b13f71d82d64ab2ad10c9587d5c471fa4c3a84dd8c06a112150e0d0ac2dbfec56d41690a9c0f32942f68a055532ca38f14b2244374326", @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0x0, @ANYBLOB=',decompose,nodecompose,nls=macgaelic,part=0x0000000000000006,force,\x00'], 0x41, 0x6e8, &(0x7f00000001c0)="$eJzs3U1sHGf9B/DvrNcbbyq57kva/v9CitWICBpI7JiSICERKoRyqFAkLr2axGmsOGlkuyiJEHGBwhFOKIceilA49IR6QCrigChnJCSuKPdI3CMOGM3srL1rx2tvEttJ+Hyk8Twz87z85ueZx7uziTbA/6yz72R0JUXOHnv7erl9987Mwt07M1e65SQHkjSSZmeV4mpSfJ6cSWfJ/5U76+6KrcZ5895nHx29/clMZ6tZL1X9xqB261YHjLBSL5lMMlKvh9Tcqr/zeWtTf7eG6rpYi7tM2JFu4mC/rW6yMkzzHdy3wJPuVjIy+oD9E8nBJGP164DUs0Njj8N77Iaa5QAAAODJNLJdhefv536uZ3xvwgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnQ9H5zsCiXhrd8mSK7vf/t+p9pVZrn+Md7CvbHP/w4h4FAgAAAAAAAAC74tP6g/vD93M/1zPe3b9aVJ/5v15tvFz9fC7vZylzWczxXM9slrOcxUwno+M9Hbauzy4vL05vbvnrlC1XV1dv1S1PJpnY1PLkHpw0AAAAAAAAADy7fpKzGd/vIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoFeRjHRW1fJytzyRRjPJWJJWWW8l+VO3/DT7834HAAAAALuvXa/Hi/90CqtF9Z7/lep9/1jez9UsZz7LWchcLlTPAjrv+ht/X5lZuHtn5kq5bO742/8aKo6qxyQj+WCLkaeqGofWWpzNd/P9HMtkzmUx8/lhZrOcuUymXZ5EZlNkot15ejHRjfPB8Z7p2zq3MbbDG7ZfqyJp52Lmq9iO53wrnccm1TmUY77WM9ofWsmGET8os1N8q7bDHF3o+X39qn4uU1t9fod97I6J6sxH1zIyVea+zsYLg3M/5HWycaTpNNaeQb28Pkq5uXGkbs5/MEzOD9brMtc/78/54zbko7SNmTiZRn31Ja/05/zaF2+/2N/4y//4y7lLjauXL11cOraLp/QoJrerMNotbMzETE8mXh189dWZWCgzsbLzTIxu3DG205a7q1Vno5qKdjhbfqcqzeb1nkvwvVzIXE5lKtM5nal8Iycz03eFHerLa3PmSn9OqnutsXl+aw8I/siXeir9YpvKe6vMyws9ee2d6SaqY/WeM7/MVE+WXhx89Q39V6Ac///rcjnGT9f+4jwJ+jJRz83d6F4anInfrJY/lxauXl68NHtth+Mdrdflbfth/9z828dxPg+vvF7KGbdZbVU5aXevl/LYS2vR9uerVX/i0mnX2HTs0NqxiYxnPt/b8k5t1a/hNvfUOfZq77F/rs+crfr1TfdY36ucvJeF6lXIBttO1QDssYNvHGy177X/1v64/bP2pfbbY28dOH3gC62M/rX5x5HfN37X+GbxRj7OjzO+35ECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCzYOnGzcuzCwtzi2uFjG3c86iF1pZjDS6ksW2dO8/trMNMJIPHKupC6/Ge+9NYaGeXev40yYA6rUceohj6Ghu6UF7Ij6XD7henVXtWR4Zo3uy2enCdZpbGtvoNHli/CzJxeXbh36t9ddrpuWWAZ9yJ5SvXTizduPnV+Suz7869O3f15OlTp0/NfH36aycuzi/MTXV+7neUwG5YunFzZL9jAAAAAAAAAAAAAIZT/+v/5Yf+zwzNbeq0FpcePPLhvT5VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cl19p2MrqTI9NTxqXL77p2ZhXLpltdrNpM0khQ/SorPkzPpLJno6a7Yapw373320dHbn8ys99Xs1m8MarczK/WSySQj9Xp7Bx7Qzeb+zvf0t/JQ4RVrZ1gm7Eg3cbDf/hsAAP//dKz58Q==") mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x123001, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/fscaps', 0x82002, 0x105) 2.3150994s ago: executing program 4 (id=655): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10) listen(r0, 0x0) accept$inet(r0, 0x0, 0x0) mount$9p_tcp(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f00000006c0), 0x8010, &(0x7f0000000080)={'trans=tcp,', {'port', 0x3d, 0x4e22}}) 2.182723027s ago: executing program 3 (id=656): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x840, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x72, 0x0, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x483, 0x2000000, 0xfffffffffffffffd}]}) 2.141821249s ago: executing program 0 (id=657): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuset.effective_mems\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, 0x0) 1.971283438s ago: executing program 0 (id=658): syz_mount_image$hfs(&(0x7f0000000180), &(0x7f00000000c0)='./file1\x00', 0x1000802, &(0x7f0000000a80)=ANY=[@ANYBLOB="71756965742c636f6465706167653d63703836302c696f636861727365743d63703836312c00808fead042bd35dc78f7f06333a5e7165b8271e41aee85e59cbb6c2df3d4e4c16b06c73f2e3b348a7fba46e286378a15ee516bac8d4813c9c3d9cee1ddb95d1bbcf504e065b3749a1cbd841e685a558518cf0db10b55885946e678d0a71877037a090000000700848879ef1604cadc1faca3aa010076750d559c4e124d4cb7293e7393b77286fa8c6dc4923fbe25e134f29e28d1c421320a3bffaa17fcd6b5178e322cc47133b3811e3d3bc34998dc7ed029834ad591d9d56c41063d8d913a9fe8e954a4e4ca99ceb5737e57193c5f47fd63b16c8b34f276dbac0e5ebd0094dbf65c78824a8ee2c96eff86c6309078df2cb1ca1051ad091adbfee5126d8a59fa5438734bc3e8cc7b7edc10716a0a9b711952cdf96586e06fbace21dc04bdb4a1a2072ce5f7", @ANYRESOCT, @ANYRES32, @ANYRES32, @ANYRESHEX=0x0, @ANYRES8], 0x1, 0x305, &(0x7f0000000340)="$eJzs3U1rE1scx/HfmaRNepvbmz5cLtxltaAb0boRNxHJWxDEhWjbCMVQUSuoG1NxJaJ7974FX4QbxTegKxfiC2g3jpwzD8kkk5k0JB2D3w+Ik8n85/zPPP5PoBwB+GNdbX55d/Gb/WekkkrSy8uSJ6kqlSX9q/+qj/b2d/fbrZ2sHZVchI58GQWRZmCb7b2W+/8gudrGuYhQ3X4qq9a7DtPh+/6Vr33rvnsFJYPCuLs/hSdVwrvTfV898cyyHYwZ15lwHrPGHOpQj7VUdB4AgGLZ9/9BUPjb93wtrN89T9oIX/u/5ft/XIdFJzB1fua3Pe9/N8ryjT2//7ivuuM9N4Sz33vRKHGUluf6Ps8rKCQTBaZJH1V2h3wuF2/hzm67dW77XnvH03M1Qj0Ba3ELIXuF5mS7njI2zTBC301qRRmk5c3ZPmwOyX91zBYzDAzfEifEfDCfzE1T11vtxPVf2Tc2W5dwve9MBfmfH97eoouyWyl8bDQaDc/tKLLsGvk/eaZyellNH5EoOrDLSv5AUM/L00Wt9EUFvbuQGlCJo1ZTozajT0PaWktE2d7EV/PwLKfNvDbXzbp+6L2aPfW/Z/Pb0PA7M/GLjtkIbjR3xIP+zKc3V3b7rA+8OTq6UUuuiY9iZVjqR9nPNIwgOoevtKVLWnr45OndUrvdemAXbqcs3K/Fa+ZeSKnbFLygTndNRb4zsHH0DEyEL4Qrp5TY2Ynu0D4/cje2d9mJHPneKyG6YSfWhLziL62sa6P5se9CmtiCX5nwDn/6Y0T9fcIPJRSle9KLzgQFsXWXCcZ/rpIP631Xr9lq4VpleJ0eFWRpJZur3sM9+rbGjkdA1UT8ilv6K1lG54wNFsM6JmUc19FoY65TZ6TTo7dYD/OcDf6znA1MU591i9//AQAAAAAAAAAAAAAAAAAAZs3x/65g4dhRRfcRAAAAAAAAAAAAAAAAAAAAAIBZF8//q2j+X402/2//VCzh/L9V5cz/uzWYw8D8v2/2ZDoS8/8C0/UrAAD///8sd7M=") openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1837c3, 0x43) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x42, 0x60) truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd) syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000240)) 1.970250558s ago: executing program 3 (id=660): ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080)) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x20081e, &(0x7f0000000100)={[{@bsdgroups}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa30}}, {@grpquota}]}, 0x1, 0x52a, &(0x7f0000001440)="$eJzs3c9vHFcdAPDvjL22k7h1WnoABG1oCwFFWcebNqp6gHJCCFVC9AhSauyNFWXXa3nXpTaRcM9ckajECY78AZx74s4FwY1LOSDxwwLVSBwGzezY2di7tpPYXmv385FG+9688XzfizPvzbxd7wtgbF2LiO2ImIqI9yNirtyflFu8093y4z7bebi0u/NwKYkse++fSVGe74uen8ldKc85ExE/+E7Ej5PDcdubWw8WG436epmf7zTX5tubWzfvNxdX6iv11VrtzsKdW2/dfrP2BK2ZObL0leZUmfryp3/Y/sZP82rNlnt623Gauk2v7MfJTUbE984i2BBMlO2ZGnZFeCppRLwYEa8W1/9cTBS/TQBglGXZXGRzvXkAYNSlxRxYklbLuYDZSNNqtTuH91JcThutdufGvdbG6nJ3ruxqVNJ79xv1W+Vc4dWoJHl+oUg/ytcO5G9HxAsR8YvpS0W+utRqLA/zxgcAxtiVA+P/f6a74z8AMOKO/tgMADCKjP8AMH6M/wAwfoz/ADB+uuP/pSf9sSzLfnYW1QEAzoHnfwAYP8Z/ABgr33/33XzLdsvvv17+YHPjQeuDm8v19oNqc2OputRaX6uutForxXf2NI87X6PVWlt4IzY+vPrNtXZnvr25dbfZ2ljt3C2+1/tuvVIctX0OLQMABnnhlU/+nOQj8tuXii161nKoDLVmwFlLh10BYGgmhl0BYGi6q331WaAPGHmPnvGf+EMApgdgRBx3BzDT7w+EsizLzq5KwBm7/gXz/zCuyvn/SZ8ChvFz3Px/sTawNwlhJE0OuwLA0GRZctI1/+OkBwIAF9sRc/xXz/M+BBieAe//v1i+/rZ8c+BHyweP+PgsawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX2976v9Vymd/ZSNNqNeK5YgGgSnLvfqN+KyKej4g/TVem8/zCkOsMADyr9G9Juf7X9bnXZx8revnKfnIqIn7yq/d++eFip7P+x4ip5F/Te/s7H5f7a8cGmzmLFgAAR9sbp4vXngf5z3YeLu1t51mfv3+7e1eQx93dmYrd/fiTMVm8zkQlIi7/OynzXUnP3MWz2P4oIj7fr/1JzBZzIN1bloPx89jPnVL8iRPFTx+Ln5YLNKflv8XnTqEuMG4+yfufd/pdf2lcK177X/8zRQ/17Mr+Lz/V0m7RBz6Kv9f/TQzo/66dNMYbv/9uN3XpcNlHEV+cjNiLvdvT/+zFTwbEf/2E8f/ypZdfHVSW/TrievSP3xtrvtNcm29vbt2831xcqa/UV2u1Owt3br11+83afDFHPT94NPjH2zeeH1SWt//ygPgzx7T/q4NOeuAp9zf/e/+HXzki/tdf6xc/jZeOiJ+PiV8b2OLHLV7+3cDn7jz+8uH2Jyf5/d84YfxP/7p1aNlwAGB42ptbDxYbjfq6hMTFT+T/ZS9ANfomvnVesaaif9HPX+te0weKsuypYg3qMU5j1g24CPYv+oj477ArAwAAAAAAAAAAAAAA9HUef7E07DYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwuv4fAAD//9VG0+g=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000040)={0x800000000000000, 0xffffffffffffffc0, 0x5, 0x1, 0x5, 0x400, 0x1000000000000, 0x0, 0x200086}) 1.678543673s ago: executing program 3 (id=661): r0 = semget$private(0x0, 0x6, 0x0) semtimedop(r0, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0) semop(r0, &(0x7f00000000c0)=[{0x4, 0x0, 0x800}, {0x2}], 0x2) semop(r0, &(0x7f0000001240)=[{}, {0x2, 0x0, 0x2000}], 0x2) semctl$IPC_RMID(r0, 0x0, 0x0) 1.427289756s ago: executing program 5 (id=662): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='proc\x00', 0x0, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) pivot_root(&(0x7f00000004c0)='./file0/../file0\x00', &(0x7f0000000540)='./file0/../file0\x00') 1.410064587s ago: executing program 3 (id=663): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000040)={0x1, 0x0, [{0xd, 0x1, 0x1, 0xf9a, 0x4, 0x200000, 0x8c29}]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.278473734s ago: executing program 4 (id=664): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000380)={[{@sysvgroups}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x514}}, {@grpjquota}, {@stripe={'stripe', 0x3d, 0x7}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@grpid}]}, 0x80, 0x54f, &(0x7f0000000480)="$eJzs3c9vHFcdAPDvbLxufji1SzlAJUqBoqSC7MY1bS0OJUgITpUQ5R6MvbGsrL2Rd93GViScvwAJIUBwggsXJP4AJBSJC0eEFAnOIBWBEDhwQAIy1cyOHdeZ3WzSza5/fD7SZN68+fF9bzYznjfzNBPAifVSRFyJiPtpmr4SEdNFfqUYYrs7ZMvd27m1mA1JpOnb/0giKfJ2t5UU43PFaqcj4htfi/h28nDc9ubW9YVms7FeTNc7qzfq7c2tSyurC8uN5cba3Nzs6/NvzL82f3ko9TwfEW9+5S8/+O7Pv/rmrz//7p+v/u1iVu2YKubvr8djyHbRRL8FulWv5vtiV7bC+hMEO6wm8hoWzpQtkaZpej+d3pdzeyQlAwDgoOwC9iMR8emIeCWm41T/y1kAAADgCEq/NBX/S7pPaEpM9sgHAAAAjpBK3gc2qdSKvgBTUanUat0+vB+Ns5Vmq9353LXWxtrS3R9PRcRMVCvXVpqNy0Vf4ZmoJtn0bJ5+MP3qgem5iHguIr4/fSafri22mkvjvvkBAAAAJ8S5A+3/f0932/8AAADAMTPzcFZlHOUAAAAAnp6S9j8AAABwzGj/AwAAwLH29bfeyoZ09/vXS+9sblxvvXNpqdG+XlvdWKwtttZv1JZbreX8nX2r+9c9VbK9Zqt14wuxtnGz3mm0O/X25tbV1dbGWufqygc+gQ0AAACM0HOfvPPHJCK2v3gmHzKT4y4UMBITe6mkGJcc/X96tjt+b0SFAkai7B7+Qe89M4KCACM38URrpYOcNoBDrjruAgBjlzxifs/OO78rxp8abnkAAIDhu/Dx3s//+38DYNsnAuCIcxDDyXXgQV46Pa6CACOXP/8ftMOviwU4VqoD9QAEjrMP/fz/kdL0sQoEAAAM3VQ+JJVacXtvKiqVWi3ifP5ZgGpybaXZuBwRz0bEH6arz2TTs/maySPbDAAAAAAAAAAAAAAAAAAAAAAAAABAV5omkfZzpe9cAAAA4AiIqPw1+U33Xf4Xpl+eOnh/YDL5T/5J4MmIePcnb//w5kKnsz6b5f9zL7/zoyL/1XHcwQAAAAAO2m2n77bjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY7u3cWry3cyv9786txVHG/fuXI2JmL34+dOdMxOl8fDqqEXH2X0lM7FsviYhTQ4i/fTsiPlYWP8mKtReyLP6Zpx8/Zoq9UBb/3BDiw0l2Jzv/XCk7/irxUj4uP/4mIj4w/aR6n/9i7/x3qsfxf37AGC/c/WW9Z/zbES9MlJ9/duMnD8VPinFloPjf+ubWVq956U8jLkR5/P3R6p3VG/X25talldWF5cZyY21ubvb1+TfmX5u/XL+20mwU/5bG+N4nfnW/X/3P9og/07P+3TK9PFDtI/5/9+bO8z3+XmXxL36mJP5vf1Ys8XD8SrGtzxbpbP6F3fR2N73fi7/4/Yv96r/0oP7VwX7/bsyL/av94AccxoECAAxNe3Pr+kKz2Vg/Conqk6yVtdLLZj1f7IEPX7DJw7J/JB4z8Z2hbjBN07TH/6g7ETHIdpI4DLslT4z3vAQAAAzfg4v+cZcEAAAAAAAAAAAAAAAAAAAATq4hvjNssvQ1eyVvFtjeSyXeDAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBrvBwAA//9pfNv4") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f00000000c0)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x820f8, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 1.278132334s ago: executing program 5 (id=665): syz_io_uring_setup(0xf16, &(0x7f0000000780)={0x0, 0x6d00, 0x3180, 0x8000, 0x400250}, 0x0, 0x0, &(0x7f0000000000)) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$int_in(r0, 0x5452, &(0x7f0000000280)=0xffffffffffffffff) sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800, 0x2}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 1.101570503s ago: executing program 3 (id=666): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syzkaller0\x00'}) syz_usb_disconnect(r0) syz_usb_connect(0x4, 0x24, &(0x7f0000000400)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0xc0085504, &(0x7f0000000000)=0x10) 1.041819306s ago: executing program 5 (id=667): r0 = syz_usb_connect$uac1(0x5, 0xdc, &(0x7f0000000540)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES64], 0x0) syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f00000012c0)={0x2c, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, 0x0, &(0x7f0000000200)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2809}}, 0x0, 0x0, 0x0}, 0x0) syz_open_procfs(0x0, 0x0) 690.431864ms ago: executing program 4 (id=668): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210040, &(0x7f00000004c0), 0xfc, 0x59d, &(0x7f00000022c0)="$eJzs3c1rHGUYAPBnNps0bapJoRT1IIUerNRuvvyoILQeRYsFvdcl2YaQTbdkN6WJBduDvXgrgogF8Sp491j8B/wrClooUoIeRIjMZjZN0t3NR5Numv39YJL33ZnZd56ded59Z2aXDaBrnUz/5CJejehPi4Nr5uUjm3lyZbmlxzcn0imJ5eXP/koiyR5rLJ9k/weyyisR8dvXEWdyT7dbXVicKZbLpbmsPlybvTZcXVg8Oz1bnCpNla6OjY+fe2d87P333t21WN+89M/3n97/6Nw3p5a+++XhsbtJXIij2by1cTyDW2srJ4v/ZaXeuLBhwdFdaGw/STq9AexIT5bnvZH2AYPRk2U9cPB9FRHLQJdK5D90qcY4oHFuv0vnwS+MRx+unADVY+9bG39+5dpI9NfPjY4sJevOjNLz3aFdaD9t49c/791Np2h/HeLwJnWAbbl1OyJG8vmn+/8k6/92bqR+8bi9jW102/sPdNL9dPzzVrPxX251/BNNxj8DTXJ3JzbP/9zDXWimpXT890HT8e9q1zXUk9Veqo/5epMrA+XSSES8HBGnI+LKdLk02r9yDb2Zc0sPllu1v3b8l05p+42xYLYdD/OH1q8zWawVI6LvWWNPPbod8Vq+WfzJ6v5Pmuz/9PW4tMU2TpTuvd5q3ubx763lnyLeaLr/n9zRStrfnxxO9//Iyt+mbfx958TvrdrvdPzp/j/SPv6hZO392ur22/ix/99Sq3kt41892Jof/33J5/VyIwluFGu1udGIvuSTpx8fe7Juo95YPo3/9Kn2/V+z4z89+fpii/HfOX6n5aL7Yf9Pbmv/byykr0SLWVnhwcdf/tCq/a31f2/XS6ezR7L+r7nsWGmzOesKz/r6AQAAAAAAwH6Si4ijkeQKq+VcrlBY+XzH8TiSK1eqtTNXKvNXJ6P+Xdmh6M017nQPNj4PMV0ujWafh23UxzbUxyPiWER823O4Xi9MVMqTnQ4eAAAAAAAAAAAAAAAAAAAA9omBFt//T/3R0+mtA/Zc/YcNDnV6K4BO2PQn/3fjl56AfWnT/AcOrHX5n3RuO4Dnz/s/dC/5D91L/kP3kv/QveQ/dK+t5P+F57AdAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEBcungxnZaXHt+cSOuT1xfmZyrXz06WqjOF2fmJwkRl7lphqlKZKpcKE5XZiBhs93zlSuXa6FjM3xiulaq14erC4uXZyvzV2uXp2eJU6XKp97lFBgAAAAAAAAAAAAAAAAAAAC+O6sLiTLFcLs0diMLP+b145vPR6bj2uHA+4lZ6MOxo9fx+iUKhReF2luvbW6uz/RIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArPV/AAAA///HtTBf") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101041, 0x15) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x0) fallocate(r1, 0x20, 0x4000, 0x8000) 402.322819ms ago: executing program 4 (id=669): syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000004c0)={[{}]}, 0x1, 0x453, &(0x7f0000001040)="$eJzs3U9sFFUcB/DvbrslAbRg/IP4r4JKEaW2NUESTCTKSS4GE88NLYRYqKE1EUKMJh68eTHx7EG5eeTgyXjAoyZ48aaejJEYIvGk1sx2ly5lt3RD26nu55PM7pud132/mdffzO7ryzRAzxoqHirJ1iTfJxlcWL25wtDC0/VrF47/ee3C8Urm54/9XqnX++PahePNqs2f21I8VJPhalL9oJKH2rQ7e+78mxPT01NnG+sjc6ffGpk9d/7ZU6cnTk6dnDozeuDgC+OjB8bGx1dtX1+9+O6xLa+9dOSjySu/zVz86csi3q2Nba37sVqGMnTzsWzx1Go3VrL7WsqV/hIDoSt9SYruqtXzfzB9Wey8wXzzY6nBAWtqvrCp4+b35oH/sUrKjgAoR/NCX3z/bS7r9dmD8l09vPAFsOj3641lYUt/qo06tSXf71fTUJJDl458USxZo3EYAAAAgF721eEkz7Qb/6vm/pZ6RfmBJDuSPJhkZ1Kf1/NwkkeSPJrkseZ8oi4srb90/KfSaQINq+Lq4eRQY27XzeN/zdG/bOtrrN1VrKRWOXFqeuq5JHcnGU5tU7E+ukwbl7/957tO21rH/4qlaL85FtiI49f+JX+fnpyYm7iTfWbR1feTnf3t+r9yYyZQkYKPJ9nVzRvXFos/79p7slO12/c/a2n+02RP2/xvnHivHKw/LTM/c6R+PhhpnhVu9eHo2Cud2tf/5Sryf/Ny/Z9sq7TO153tvo3LOy692Glb9+f/Hz4rzv8DldfrAQ40Xn1nYm7u7GgyUDl66+tj3cf839b5Q1PzeDSPV9H/w7vbX//vaXm33UmeSPJkY+7ynvq1P9mb5Okk+5aJ5u+XD7zRaZv8L1fR/5Nt8//G1IAl+d994dD2T452an9l+f98/Rd6uPGKz3+3t9IOKjtOAAAAAAAAAFZHtX4PvEp1/41ytbp//8I9/O7N5ur0zOzcvhMzb5+ZXLhX3rbUqs2ZXoMt80FH6+XF9bEl6+NJtif5uO+vxp0HZqYny9556HFbOuR/4Ze+sqMD1pz7tULvWkH+19YjDmD9uf5D75L/0LvkP/Qu+Q+9S/5D75L/0LtWnv8DaxoHsP5c/6En3cl9/TZaoT8bIoy2heb8qZLCaP5L/g1yNDZm4fOvk3Voqy/JRtnlZQplnpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANo5/AwAA//9EA9s8") r0 = openat(0xffffffffffffff9c, &(0x7f0000000e00)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @c}}) r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) fchmodat(r1, &(0x7f00000000c0)='./file1\x00', 0x0) 194.46µs ago: executing program 4 (id=670): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000140)=0x2000) ppoll(&(0x7f0000000100)=[{r0, 0x20}], 0x1, 0x0, 0x0, 0x0) mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x4000) 0s ago: executing program 3 (id=671): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$sock(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000100)="ce", 0x1}], 0x1}, 0x8000) ppoll(&(0x7f0000000400)=[{r1, 0x4004}], 0x1, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 641][ T3466] loop: Write error at byte offset 3, length 1024. [ 95.153821][ C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2 [ 95.163613][ C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2 [ 95.191269][ T3466] loop: Write error at byte offset 521219, length 4096. [ 95.211579][ T3466] loop: Write error at byte offset 1045507, length 4096. [ 95.218729][ C1] I/O error, dev loop6, sector 1018 op 0x1:(WRITE) flags 0x8800 phys_seg 128 prio class 2 [ 95.218768][ C1] I/O error, dev loop6, sector 1018 op 0x1:(WRITE) flags 0x8800 phys_seg 128 prio class 2 [ 95.223216][ T6018] XFS (loop3): Ending clean mount [ 95.250081][ C1] I/O error, dev loop6, sector 2042 op 0x1:(WRITE) flags 0x8800 phys_seg 75 prio class 2 [ 95.260014][ C1] I/O error, dev loop6, sector 2042 op 0x1:(WRITE) flags 0x8800 phys_seg 75 prio class 2 [ 95.276135][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.286168][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.305504][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.337330][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.345871][ T6034] ldm_validate_partition_table(): Disk read failed. [ 95.354674][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.360813][ T6018] XFS (loop3): Quotacheck needed: Please wait. [ 95.363795][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.396299][ T6034] Dev loop6: unable to read RDB block 0 [ 95.451710][ T6034] loop6: unable to read partition table [ 95.478989][ T6018] XFS (loop3): Quotacheck: Done. [ 95.487561][ T968] cfg80211: failed to load regulatory.db [ 95.536357][ T6034] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 95.934170][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 95.951901][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 95.958664][ T5766] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 95.974793][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 95.985134][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 95.996499][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 96.003986][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 96.348763][ T6061] loop0: detected capacity change from 0 to 128 [ 96.634324][ T6067] syz.3.78 uses obsolete (PF_INET,SOCK_PACKET) [ 97.008435][ T23] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 97.124630][ T59] hsr_slave_0: left promiscuous mode [ 97.151403][ T59] hsr_slave_1: left promiscuous mode [ 97.213604][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.233104][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.243967][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.256413][ T23] usb 2-1: Using ep0 maxpacket: 16 [ 97.273211][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 97.284550][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.298746][ T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 97.309469][ T59] bridge_slave_1: left allmulticast mode [ 97.313961][ T23] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 97.330718][ T59] bridge_slave_1: left promiscuous mode [ 97.332422][ T23] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 97.351064][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.370460][ T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.381645][ T59] bridge_slave_0: left allmulticast mode [ 97.393483][ T23] usb 2-1: config 0 descriptor?? [ 97.400989][ T59] bridge_slave_0: left promiscuous mode [ 97.416026][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.459233][ T59] veth1_macvtap: left promiscuous mode [ 97.466653][ T59] veth0_macvtap: left promiscuous mode [ 97.472453][ T59] veth1_vlan: left promiscuous mode [ 97.479370][ T59] veth0_vlan: left promiscuous mode [ 97.828933][ T23] microsoft 0003:045E:07DA.0004: ignoring exceeding usage max [ 97.895940][ T23] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0004/input/input7 [ 97.934759][ T6092] loop0: detected capacity change from 0 to 32768 [ 98.019435][ T6092] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 98.023102][ T23] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 98.099961][ T51] Bluetooth: hci2: command tx timeout [ 98.117996][ T23] usb 2-1: USB disconnect, device number 3 [ 98.197099][ T6092] XFS (loop0): Ending clean mount [ 98.282238][ T6108] fido_id[6108]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 98.322373][ T6092] XFS (loop0): User initiated shutdown received. [ 98.350485][ T6092] XFS (loop0): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:497). Shutting down filesystem. [ 98.374294][ T6092] XFS (loop0): Please unmount the filesystem and rectify the problem(s) [ 98.459920][ T5770] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 98.989716][ T59] team0 (unregistering): Port device team_slave_1 removed [ 99.078242][ T59] team0 (unregistering): Port device team_slave_0 removed [ 99.157698][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 99.214494][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 99.539498][ T59] bond0 (unregistering): Released all slaves [ 99.601615][ T6088] netlink: 'syz.3.89': attribute type 1 has an invalid length. [ 99.609845][ T6088] netlink: 76 bytes leftover after parsing attributes in process `syz.3.89'. [ 99.705012][ T6049] chnl_net:caif_netlink_parms(): no params data found [ 99.967176][ T6049] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.990935][ T6049] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.036477][ T6049] bridge_slave_0: entered allmulticast mode [ 100.060668][ T6049] bridge_slave_0: entered promiscuous mode [ 100.085510][ T6049] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.111163][ T6049] bridge0: port 2(bridge_slave_1) entered disabled state [ 100.139437][ T6049] bridge_slave_1: entered allmulticast mode [ 100.157081][ T6049] bridge_slave_1: entered promiscuous mode [ 100.186174][ T51] Bluetooth: hci2: command tx timeout [ 100.270186][ T6049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 100.305005][ T6049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 100.390888][ T6149] loop3: detected capacity change from 0 to 128 [ 100.447952][ T6049] team0: Port device team_slave_0 added [ 100.459866][ T6153] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 100.472227][ T6149] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 100.507452][ T6049] team0: Port device team_slave_1 added [ 100.535911][ T6149] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 100.583182][ T6049] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.600829][ T6049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.696658][ T6049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.746505][ T6049] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.753501][ T6049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.846432][ T6049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 101.063228][ T6049] hsr_slave_0: entered promiscuous mode [ 101.096523][ T6049] hsr_slave_1: entered promiscuous mode [ 101.123442][ T6049] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 101.146897][ T6049] Cannot create hsr debugfs directory [ 101.403764][ T6183] loop3: detected capacity change from 0 to 256 [ 101.447436][ T6183] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 101.527759][ T28] audit: type=1800 audit(1776755565.552:5): pid=6183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.114" name="file1" dev="loop3" ino=1048596 res=0 errno=0 [ 101.552070][ T6183] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2048) [ 101.583343][ T6183] FAT-fs (loop3): Filesystem has been set read-only [ 101.594034][ T28] audit: type=1800 audit(1776755565.552:6): pid=6183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.114" name="file1" dev="loop3" ino=1048596 res=0 errno=0 [ 101.656319][ T6183] FAT-fs (loop3): error, invalid FAT chain (i_pos 196, last_block 8200) [ 101.692630][ T6049] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 101.727506][ T6049] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 101.786571][ T6049] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 101.821222][ T6049] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 102.042558][ T6194] loop0: detected capacity change from 0 to 2048 [ 102.143341][ T6049] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.155652][ T6198] input: syz1 as /devices/virtual/input/input8 [ 102.213082][ T6049] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.221354][ T6202] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 102.273661][ T51] Bluetooth: hci2: command tx timeout [ 102.308717][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.315847][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.362925][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.370186][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.605507][ T6202] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 102.661851][ T6202] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4) [ 102.713914][ T6202] Remounting filesystem read-only [ 102.731336][ T59] NILFS (loop0): discard dirty page: offset=4096, ino=6 [ 102.748793][ T59] NILFS (loop0): discard dirty block: blocknr=39, size=1024 [ 102.786164][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 102.795166][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 102.846109][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 102.855092][ T59] NILFS (loop0): discard dirty page: offset=0, ino=2 [ 102.912284][ T59] NILFS (loop0): discard dirty block: blocknr=18, size=1024 [ 102.951884][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 102.964021][ T6049] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.983275][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.000651][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.011130][ T59] NILFS (loop0): discard dirty page: offset=0, ino=5 [ 103.021412][ T59] NILFS (loop0): discard dirty block: blocknr=41, size=1024 [ 103.031704][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.052029][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.065482][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.084049][ T59] NILFS (loop0): discard dirty page: offset=0, ino=3 [ 103.093314][ T59] NILFS (loop0): discard dirty block: blocknr=42, size=1024 [ 103.105536][ T59] NILFS (loop0): discard dirty block: blocknr=43, size=1024 [ 103.114531][ T59] NILFS (loop0): discard dirty block: blocknr=44, size=1024 [ 103.141371][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.167143][ T59] NILFS (loop0): discard dirty page: offset=196608, ino=3 [ 103.174307][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.216650][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.225567][ T59] NILFS (loop0): discard dirty block: blocknr=49, size=1024 [ 103.276102][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.285798][ T59] NILFS (loop0): discard dirty page: offset=0, ino=4 [ 103.316259][ T59] NILFS (loop0): discard dirty block: blocknr=40, size=1024 [ 103.323600][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.347139][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.367379][ T59] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 103.426299][ T5770] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 103.452120][ T5770] NILFS (loop0): discard dirty page: offset=0, ino=6 [ 103.470640][ T5770] NILFS (loop0): discard dirty block: blocknr=35, size=1024 [ 103.502498][ T5770] NILFS (loop0): discard dirty block: blocknr=36, size=1024 [ 103.528242][ T6206] loop1: detected capacity change from 0 to 32768 [ 103.534820][ T5770] NILFS (loop0): discard dirty block: blocknr=37, size=1024 [ 103.550642][ T5770] NILFS (loop0): discard dirty block: blocknr=38, size=1024 [ 103.654535][ T6049] veth0_vlan: entered promiscuous mode [ 103.657547][ T6206] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 103.677709][ T6049] veth1_vlan: entered promiscuous mode [ 103.720920][ T6049] veth0_macvtap: entered promiscuous mode [ 103.735814][ T6049] veth1_macvtap: entered promiscuous mode [ 103.845914][ T6049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.864627][ T6206] XFS (loop1): Ending clean mount [ 103.913391][ T6049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.924030][ T6206] XFS (loop1): Quotacheck needed: Please wait. [ 103.988758][ T6049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 104.054503][ T6049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.123225][ T6206] XFS (loop1): Quotacheck: Done. [ 104.128528][ T6049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 104.196476][ T6049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.274023][ T6049] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 104.340503][ T51] Bluetooth: hci2: command tx timeout [ 104.388774][ T6049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 104.472882][ T6049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.538107][ T6049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 104.589488][ T6049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.643537][ T6049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 104.694780][ T6049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.738535][ T6049] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.786970][ T5772] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 104.813989][ T6247] loop0: detected capacity change from 0 to 131072 [ 104.825461][ T6049] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.839669][ T6247] F2FS-fs (loop0): invalid crc value [ 104.849928][ T6049] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.876147][ T6049] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.892177][ T6247] F2FS-fs (loop0): Found nat_bits in checkpoint [ 104.904460][ T6049] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.968953][ T6247] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 105.140578][ T6247] F2FS-fs (loop0): lookup inode (7) has corrupted xattr [ 105.232082][ T6240] loop3: detected capacity change from 0 to 32768 [ 105.267334][ T3528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.283998][ T6240] ======================================================= [ 105.283998][ T6240] WARNING: The mand mount option has been deprecated and [ 105.283998][ T6240] and is ignored by this kernel. Remove the mand [ 105.283998][ T6240] option from the mount to silence this warning. [ 105.283998][ T6240] ======================================================= [ 105.320810][ T3528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.477333][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.485200][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.509607][ T28] audit: type=1800 audit(1776755569.532:7): pid=6240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.126" name="file1" dev="loop3" ino=4 res=0 errno=0 [ 105.537934][ T6234] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 105.537934][ T6234] [ 105.610748][ T6234] ERROR: (device loop3): remounting filesystem as read-only [ 105.656342][ T6234] xtLookup: xtSearch returned -5 [ 105.730913][ T6240] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 105.730913][ T6240] [ 105.777825][ T6240] xtLookup: xtSearch returned -5 [ 105.794085][ T6240] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 105.794085][ T6240] [ 105.806840][ T6240] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 105.806840][ T6240] [ 105.817588][ T6240] xtLookup: xtSearch returned -5 [ 105.822590][ T6240] ERROR: (device loop3): xtSearch: XT_GETPAGE: xtree page corrupt [ 105.822590][ T6240] [ 105.826077][ T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 106.058730][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.083158][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.127848][ T9] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 106.156687][ T9] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 106.184985][ T9] usb 2-1: Manufacturer: syz [ 106.203662][ T9] usb 2-1: config 0 descriptor?? [ 106.427006][ T51] Bluetooth: hci2: command tx timeout [ 106.632322][ T6282] loop4: detected capacity change from 0 to 4096 [ 107.287069][ T9] uclogic 0003:256C:006D.0005: failed retrieving string descriptor #100: -71 [ 107.326927][ T9] uclogic 0003:256C:006D.0005: failed retrieving pen parameters: -71 [ 107.350988][ T9] uclogic 0003:256C:006D.0005: failed probing pen v1 parameters: -71 [ 107.386691][ T9] uclogic 0003:256C:006D.0005: failed probing parameters: -71 [ 107.412327][ T9] uclogic: probe of 0003:256C:006D.0005 failed with error -71 [ 107.443144][ T9] usb 2-1: USB disconnect, device number 4 [ 107.677080][ T6301] netlink: 'syz.4.135': attribute type 10 has an invalid length. [ 107.694949][ T6300] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input9 [ 107.696229][ T6301] netlink: 55 bytes leftover after parsing attributes in process `syz.4.135'. [ 108.376578][ T6296] loop3: detected capacity change from 0 to 32768 [ 108.508383][ T6296] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 108.704809][ T6296] XFS (loop3): Ending clean mount [ 108.755353][ T6296] XFS (loop3): Quotacheck needed: Please wait. [ 108.814508][ T6296] XFS (loop3): Quotacheck: Done. [ 109.175089][ T5766] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 109.254385][ T6316] loop1: detected capacity change from 0 to 32768 [ 109.371788][ T6343] loop4: detected capacity change from 0 to 4096 [ 109.388901][ T6316] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 109.624100][ T6316] XFS (loop1): Ending clean mount [ 109.642479][ T6316] XFS (loop1): Quotacheck needed: Please wait. [ 109.756510][ T6316] XFS (loop1): Quotacheck: Done. [ 109.996373][ T5772] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 110.005527][ T6343] overlayfs: upper fs does not support tmpfile. [ 110.080920][ T6343] overlayfs: workdir/#8 already exists [ 110.238832][ T6335] loop0: detected capacity change from 0 to 32768 [ 110.376743][ T6335] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 110.611806][ T6360] loop3: detected capacity change from 0 to 32768 [ 110.682215][ T6360] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 110.701834][ T6335] XFS (loop0): Ending clean mount [ 110.862763][ T6360] XFS (loop3): Ending clean mount [ 111.036163][ T6360] XFS (loop3): User initiated shutdown received. [ 111.106186][ T6360] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 111.163278][ T6360] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 111.253224][ T5766] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 111.420761][ T5770] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 111.926577][ T6417] capability: warning: `syz.0.152' uses deprecated v2 capabilities in a way that may be insecure [ 112.363887][ T6434] syzkaller1: entered promiscuous mode [ 112.392101][ T6434] syzkaller1: entered allmulticast mode [ 112.674763][ T6440] netlink: 12 bytes leftover after parsing attributes in process `syz.0.163'. [ 112.905193][ T6431] loop4: detected capacity change from 0 to 32768 [ 112.983594][ T6428] loop3: detected capacity change from 0 to 32768 [ 112.991400][ T6431] JBD2: Ignoring recovery information on journal [ 113.132308][ T6428] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 113.157300][ T6431] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 113.310656][ T6428] XFS (loop3): Ending clean mount [ 113.513129][ T6431] syz.4.160 (6431) used greatest stack depth: 18768 bytes left [ 113.527111][ T5766] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 113.600815][ T6049] ocfs2: Unmounting device (7,4) on (node local) [ 113.881451][ T6471] loop1: detected capacity change from 0 to 2048 [ 113.920578][ T6471] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.939850][ T6471] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.007740][ T6471] fs-verity: sha512 using implementation "sha512-avx2" [ 114.105470][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.203411][ T6484] loop1: detected capacity change from 0 to 512 [ 114.237484][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 114.240648][ T6484] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13 [ 114.265018][ T6484] EXT4-fs error (device loop1): ext4_orphan_get:1404: inode #13: comm syz.1.175: iget: bad i_size value: 12154757448730 [ 114.300416][ T6484] EXT4-fs error (device loop1): ext4_orphan_get:1409: comm syz.1.175: couldn't read orphan inode 13 (err -117) [ 114.316437][ T6484] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.446822][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 114.469002][ T9] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 114.481311][ T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 114.493280][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 114.493810][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.511419][ T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 114.523454][ T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 114.539092][ T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 114.587935][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.692614][ T6482] loop0: detected capacity change from 0 to 40427 [ 114.725009][ T6482] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 114.746537][ T6482] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 114.780862][ T6482] F2FS-fs (loop0): invalid crc value [ 114.801956][ T6482] F2FS-fs (loop0): Found nat_bits in checkpoint [ 114.828219][ T9] usb 5-1: usb_control_msg returned -32 [ 114.840167][ T9] usbtmc 5-1:16.0: can't read capabilities [ 114.957156][ T6482] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 114.970497][ T6482] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 115.155919][ T3474] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 115.158982][ T6502] loop2: detected capacity change from 0 to 7 [ 115.180264][ T3474] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 115.194677][ T6502] loop2: [CUMANA/ADFS] p1 [ADFS] p1 [ 115.210702][ T6502] loop2: partition table partially beyond EOD, truncated [ 115.226412][ T6502] loop2: p1 size 3435008204 extends beyond EOD, truncated [ 115.282310][ T6503] usbtmc 5-1:16.0: control status returned 0 [ 115.331829][ T5757] udevd[5757]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 115.488923][ T5835] usb 5-1: USB disconnect, device number 2 [ 115.588229][ T6511] loop1: detected capacity change from 0 to 512 [ 115.645554][ T28] audit: type=1326 audit(1776755579.662:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 115.682704][ T6511] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.736628][ T6511] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 115.747400][ T28] audit: type=1326 audit(1776755579.692:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 115.770687][ T28] audit: type=1326 audit(1776755579.712:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 115.794165][ T28] audit: type=1326 audit(1776755579.712:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 115.824195][ T28] audit: type=1326 audit(1776755579.722:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 115.881479][ T28] audit: type=1326 audit(1776755579.722:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 115.920209][ T28] audit: type=1326 audit(1776755579.722:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 115.961430][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.968369][ T28] audit: type=1326 audit(1776755579.722:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 115.997096][ T28] audit: type=1326 audit(1776755579.722:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 116.021832][ T6522] loop3: detected capacity change from 0 to 128 [ 116.027512][ T28] audit: type=1326 audit(1776755579.722:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6514 comm="syz.3.188" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f43c2b9c819 code=0x7ffc0000 [ 116.155507][ T6522] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 116.198447][ T6522] ext4 filesystem being mounted at /50/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 116.419365][ T6536] loop1: detected capacity change from 0 to 128 [ 116.450501][ T6536] FAT-fs (loop1): Directory bread(block 414) failed [ 116.472721][ T5766] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 116.477429][ T6536] FAT-fs (loop1): Directory bread(block 415) failed [ 116.494964][ T6536] FAT-fs (loop1): Directory bread(block 416) failed [ 116.509515][ T6536] FAT-fs (loop1): Directory bread(block 417) failed [ 116.517915][ T6536] FAT-fs (loop1): Directory bread(block 418) failed [ 116.524728][ T6536] FAT-fs (loop1): Directory bread(block 419) failed [ 116.531626][ T6536] FAT-fs (loop1): Directory bread(block 420) failed [ 116.538500][ T6536] FAT-fs (loop1): Directory bread(block 421) failed [ 116.587226][ T788] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 116.610300][ T6536] FAT-fs (loop1): FAT read failed (blocknr 128) [ 116.646975][ T6536] FAT-fs (loop1): FAT read failed (blocknr 128) [ 116.669229][ T6538] loop3: detected capacity change from 0 to 8192 [ 116.689080][ T6538] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 116.705779][ T6538] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 116.715791][ T6538] REISERFS (device loop3): using ordered data mode [ 116.722584][ T6538] reiserfs: using flush barriers [ 116.739557][ T6538] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 116.796960][ T788] usb 5-1: Using ep0 maxpacket: 32 [ 116.831111][ T6538] REISERFS (device loop3): checking transaction log (loop3) [ 116.858040][ T788] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 116.884313][ T6538] REISERFS (device loop3): Using r5 hash to sort names [ 116.901035][ T788] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 116.923139][ T6538] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 116.935188][ T788] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 116.956150][ T788] usb 5-1: Product: syz [ 116.972124][ T788] usb 5-1: Manufacturer: syz [ 116.992795][ T788] usb 5-1: SerialNumber: syz [ 117.007671][ T788] usb 5-1: config 0 descriptor?? [ 117.026320][ T6532] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 117.055159][ T788] hub 5-1:0.0: bad descriptor, ignoring hub [ 117.066057][ T788] hub: probe of 5-1:0.0 failed with error -5 [ 117.330447][ T6547] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 117.559546][ T5770] Trying to free block not in datazone [ 117.794498][ T6563] FAT-fs (loop0): Directory bread(block 64) failed [ 117.824924][ T6563] FAT-fs (loop0): Directory bread(block 65) failed [ 117.833535][ T6532] usb 5-1: reset high-speed USB device number 3 using dummy_hcd [ 117.864806][ T6563] FAT-fs (loop0): Directory bread(block 66) failed [ 117.876100][ T6563] FAT-fs (loop0): Directory bread(block 67) failed [ 117.882734][ T6563] FAT-fs (loop0): Directory bread(block 68) failed [ 117.899966][ T6563] FAT-fs (loop0): Directory bread(block 69) failed [ 117.908352][ T6563] FAT-fs (loop0): Directory bread(block 70) failed [ 117.915362][ T6563] FAT-fs (loop0): Directory bread(block 71) failed [ 117.930414][ T6563] FAT-fs (loop0): Directory bread(block 72) failed [ 117.967919][ T6563] FAT-fs (loop0): Directory bread(block 73) failed [ 118.090985][ T6532] usb 5-1: device firmware changed [ 118.766221][ T5835] usb 5-1: USB disconnect, device number 3 [ 118.847422][ T6566] set_capacity_and_notify: 3 callbacks suppressed [ 118.847447][ T6566] loop3: detected capacity change from 0 to 131072 [ 118.926891][ T5835] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 118.949787][ T6569] loop1: detected capacity change from 0 to 32768 [ 119.031355][ T6569] JBD2: Ignoring recovery information on journal [ 119.148642][ T5835] usb 5-1: Using ep0 maxpacket: 32 [ 119.154864][ T6566] F2FS-fs (loop3): Test dummy encryption mode enabled [ 119.165454][ T6569] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 119.190973][ T6566] F2FS-fs (loop3): invalid crc value [ 119.209255][ T5835] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 119.217149][ T6571] loop0: detected capacity change from 0 to 32768 [ 119.238803][ T6566] F2FS-fs (loop3): Found nat_bits in checkpoint [ 119.250343][ T6571] (syz.0.205,6571,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 119.287001][ T6566] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 119.288406][ T6571] (syz.0.205,6571,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 119.309058][ T5835] usb 5-1: string descriptor 0 read error: -22 [ 119.315367][ T5835] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 119.364634][ T5835] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 119.398756][ T5835] usb 5-1: config 0 descriptor?? [ 119.438346][ T5835] usb 5-1: can't set config #0, error -71 [ 119.479208][ T5835] usb 5-1: USB disconnect, device number 4 [ 119.499739][ T6571] JBD2: Ignoring recovery information on journal [ 119.579477][ T6571] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 119.826468][ T5772] ocfs2: Unmounting device (7,1) on (node local) [ 120.139808][ T5770] ocfs2: Unmounting device (7,0) on (node local) [ 120.360133][ T6583] loop4: detected capacity change from 0 to 40427 [ 120.381233][ T6583] F2FS-fs (loop4): Wrong segment_count / block_count (31 > 0) [ 120.416991][ T6583] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock [ 120.440772][ T6583] F2FS-fs (loop4): invalid crc value [ 120.459603][ T6583] F2FS-fs (loop4): Found nat_bits in checkpoint [ 120.692857][ T6583] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0 [ 120.716035][ T6583] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 120.898829][ T6583] syz.4.206: attempt to access beyond end of device [ 120.898829][ T6583] loop4: rw=2049, sector=77824, nr_sectors = 8 limit=40427 [ 120.945872][ T6583] syz.4.206: attempt to access beyond end of device [ 120.945872][ T6583] loop4: rw=2049, sector=77848, nr_sectors = 16 limit=40427 [ 120.999615][ T6583] syz.4.206: attempt to access beyond end of device [ 120.999615][ T6583] loop4: rw=2049, sector=77872, nr_sectors = 8 limit=40427 [ 121.202572][ T6049] syz-executor: attempt to access beyond end of device [ 121.202572][ T6049] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 121.257490][ T6049] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 121.349027][ T6617] loop3: detected capacity change from 0 to 128 [ 121.357675][ T6594] loop0: detected capacity change from 0 to 32768 [ 121.394468][ T6617] EXT4-fs (loop3): Test dummy encryption mode enabled [ 121.408113][ T6594] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.209 (6594) [ 121.409142][ T6613] loop1: detected capacity change from 0 to 8192 [ 121.440303][ T6617] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042] [ 121.459834][ T6617] System zones: 1-3, 19-19, 35-36 [ 121.495820][ T6617] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 121.520168][ T6617] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 121.565690][ T6594] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 121.565738][ T6613] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 121.606251][ T6594] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 121.616091][ T6613] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 121.636773][ T6613] REISERFS (device loop1): using ordered data mode [ 121.643313][ T6613] reiserfs: using flush barriers [ 121.649125][ T6594] BTRFS info (device loop0): setting nodatasum [ 121.655396][ T6594] BTRFS info (device loop0): force zlib compression, level 3 [ 121.678080][ T6594] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 121.693546][ T6594] BTRFS info (device loop0): use lzo compression, level 0 [ 121.708000][ T6613] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 121.724226][ T6594] BTRFS info (device loop0): turning on flush-on-commit [ 121.724252][ T6594] BTRFS info (device loop0): enabling auto defrag [ 121.724308][ T6594] BTRFS info (device loop0): max_inline at 4096 [ 121.724328][ T6594] BTRFS info (device loop0): using free space tree [ 121.831226][ T6613] REISERFS (device loop1): checking transaction log (loop1) [ 121.937819][ T6613] REISERFS (device loop1): Using r5 hash to sort names [ 121.965137][ T6594] BTRFS info (device loop0): enabling ssd optimizations [ 121.983236][ T6613] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 122.015266][ T6617] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 122.046988][ T6613] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 122.125922][ T6617] EXT4-fs (loop3): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 ro. [ 122.239993][ T6613] REISERFS warning (device loop1): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 122.281480][ T5770] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 122.302875][ T5766] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 122.331236][ T6613] REISERFS warning (device loop1): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 122.410079][ T6649] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 122.463054][ T6651] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 122.484927][ T6613] REISERFS warning (device loop1): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block [ 122.671412][ T5835] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 122.867034][ T5835] usb 5-1: Using ep0 maxpacket: 16 [ 122.875626][ T5835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 122.916051][ T5835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 122.954596][ T5835] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 122.996129][ T5835] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 123.017517][ T5835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.036728][ T5835] usb 5-1: config 0 descriptor?? [ 123.473121][ T5835] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0 [ 123.500836][ T5835] microsoft 0003:045E:07DA.0006: ignoring exceeding usage max [ 123.558332][ T5835] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0006/input/input10 [ 123.631223][ T5835] microsoft 0003:045E:07DA.0006: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 123.845199][ T6665] loop1: detected capacity change from 0 to 40427 [ 123.903941][ T6665] F2FS-fs (loop1): Wrong secs_per_zone / total_sections (67108865, 24) [ 123.932377][ T6665] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 123.936918][ T5835] usb 5-1: USB disconnect, device number 5 [ 123.983022][ T6665] F2FS-fs (loop1): invalid crc value [ 124.034559][ T6665] F2FS-fs (loop1): Found nat_bits in checkpoint [ 124.199769][ T6665] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0 [ 124.217270][ T6672] loop0: detected capacity change from 0 to 32768 [ 124.226139][ T6665] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 124.289829][ T6672] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.218 (6672) [ 124.355692][ T6672] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 124.385797][ T6672] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 124.406296][ T6672] BTRFS info (device loop0): allowing degraded mounts [ 124.413128][ T6672] BTRFS info (device loop0): enabling ssd optimizations [ 124.441005][ T6672] BTRFS info (device loop0): allowing degraded mounts [ 124.466123][ T6672] BTRFS info (device loop0): using free space tree [ 125.299073][ T6737] loop1: detected capacity change from 0 to 128 [ 125.346821][ T6737] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 125.369425][ T6737] ext4 filesystem being mounted at /72/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 127.893952][ T5772] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 128.154353][ T5770] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 128.236484][ T6753] GUP no longer grows the stack in syz.3.231 (6753): 200000004000-20000000a000 (200000002000) [ 128.317033][ T6753] CPU: 1 PID: 6753 Comm: syz.3.231 Not tainted syzkaller #0 [ 128.324374][ T6753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 128.334472][ T6753] Call Trace: [ 128.337788][ T6753] [ 128.340741][ T6753] dump_stack_lvl+0x18c/0x250 [ 128.345480][ T6753] ? show_regs_print_info+0x20/0x20 [ 128.350709][ T6753] ? load_image+0x420/0x420 [ 128.355238][ T6753] ? find_vma+0x134/0x1b0 [ 128.359604][ T6753] __get_user_pages+0xf0e/0x1380 [ 128.364598][ T6753] ? populate_vma_page_range+0x380/0x380 [ 128.370268][ T6753] get_user_pages_remote+0x3ea/0xbd0 [ 128.375587][ T6753] ? __might_sleep+0xb0/0xe0 [ 128.380209][ T6753] ? get_dump_page+0x200/0x200 [ 128.385004][ T6753] __access_remote_vm+0x1fd/0x570 [ 128.390051][ T6753] ? generic_access_phys+0x650/0x650 [ 128.395364][ T6753] ? alloc_pages+0x4dc/0x740 [ 128.399974][ T6753] ? do_raw_spin_unlock+0x121/0x230 [ 128.405205][ T6753] proc_pid_cmdline_read+0x453/0x840 [ 128.410521][ T6753] ? schedule+0xc7/0x170 [ 128.414810][ T6753] ? comm_show+0x150/0x150 [ 128.419252][ T6753] ? common_file_perm+0x170/0x1f0 [ 128.424306][ T6753] ? fsnotify_perm+0x271/0x5e0 [ 128.429104][ T6753] do_iter_read+0x4fa/0xc90 [ 128.433640][ T6753] ? comm_show+0x150/0x150 [ 128.438056][ T6753] ? vfs_iter_read+0xa0/0xa0 [ 128.442639][ T6753] ? __import_iovec+0x5f2/0x850 [ 128.447490][ T6753] ? import_iovec+0x73/0xa0 [ 128.451988][ T6753] do_preadv+0x236/0x390 [ 128.456229][ T6753] ? do_writev+0x480/0x480 [ 128.460652][ T6753] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 128.466627][ T6753] ? lock_chain_count+0x20/0x20 [ 128.471479][ T6753] ? lockdep_hardirqs_on+0x98/0x150 [ 128.476683][ T6753] do_syscall_64+0x55/0xa0 [ 128.481094][ T6753] ? clear_bhb_loop+0x40/0x90 [ 128.485774][ T6753] ? clear_bhb_loop+0x40/0x90 [ 128.490444][ T6753] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 128.496339][ T6753] RIP: 0033:0x7f43c2b9c819 [ 128.500757][ T6753] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 128.520360][ T6753] RSP: 002b:00007f43c0df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 128.528769][ T6753] RAX: ffffffffffffffda RBX: 00007f43c2e15fa0 RCX: 00007f43c2b9c819 [ 128.536733][ T6753] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000003 [ 128.544695][ T6753] RBP: 00007f43c2c32c91 R08: 00000000fffffff9 R09: 0000000000000000 [ 128.552662][ T6753] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000000 [ 128.560621][ T6753] R13: 00007f43c2e16038 R14: 00007f43c2e15fa0 R15: 00007ffc394b23a8 [ 128.568593][ T6753] [ 128.811928][ T6764] loop1: detected capacity change from 0 to 512 [ 128.916786][ T6764] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2803: inode #11: comm syz.1.234: corrupted xattr block 95: invalid header [ 129.079759][ T6764] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 129.127886][ T6764] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm syz.1.234: bg 0: block 7: invalid block bitmap [ 129.244828][ T6764] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6655: Corrupt filesystem [ 129.288079][ T6764] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2969: inode #11: comm syz.1.234: corrupted xattr block 95: invalid header [ 129.367560][ T6785] loop6: detected capacity change from 0 to 8 [ 129.370165][ T6764] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117) [ 129.407615][ T6764] EXT4-fs (loop1): 1 orphan inode deleted [ 129.432193][ T6764] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.456456][ T6787] loop6: detected capacity change from 8 to 7 [ 129.496712][ T6787] Dev loop6: unable to read RDB block 7 [ 129.526792][ T6787] loop6: unable to read partition table [ 129.532684][ T6787] loop6: partition table beyond EOD, truncated [ 129.539032][ T6785] loop6: detected capacity change from 7 to 0 [ 129.564888][ T6787] loop_reread_partitions: partition scan of loop6 (uG ܱ.:0 [ 129.564888][ T6787] 咁 1 [ 139.388848][ T5769] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 139.398401][ T5769] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 139.415129][ T5769] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 139.427784][ T5769] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 139.438543][ T5769] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 140.034431][ T7029] process 'syz.3.308' launched './file2' with NULL argv: empty string added [ 140.054339][ T7027] input: syz0 as /devices/virtual/input/input13 [ 140.420283][ T7002] chnl_net:caif_netlink_parms(): no params data found [ 140.808963][ T7049] netlink: 56 bytes leftover after parsing attributes in process `syz.3.314'. [ 140.894578][ T7002] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.944085][ T7002] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.956477][ T7002] bridge_slave_0: entered allmulticast mode [ 140.962962][ T7059] loop3: detected capacity change from 0 to 512 [ 140.963961][ T7002] bridge_slave_0: entered promiscuous mode [ 141.025438][ T59] hsr_slave_0: left promiscuous mode [ 141.037227][ T59] hsr_slave_1: left promiscuous mode [ 141.043799][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.079154][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.097581][ T7059] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.139287][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.157776][ T7059] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 141.174622][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 141.194483][ T59] bridge_slave_1: left allmulticast mode [ 141.223988][ T59] bridge_slave_1: left promiscuous mode [ 141.256257][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 141.296336][ T59] bridge_slave_0: left allmulticast mode [ 141.302032][ T59] bridge_slave_0: left promiscuous mode [ 141.317991][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.354966][ T59] veth1_macvtap: left promiscuous mode [ 141.362133][ T59] veth0_macvtap: left promiscuous mode [ 141.367935][ T59] veth1_vlan: left promiscuous mode [ 141.373306][ T59] veth0_vlan: left promiscuous mode [ 141.483805][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.537534][ T51] Bluetooth: hci3: command tx timeout [ 142.044104][ T59] team0 (unregistering): Port device team_slave_1 removed [ 142.092848][ T59] team0 (unregistering): Port device team_slave_0 removed [ 142.139795][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 142.519486][ T59] bond0 (unregistering): Released all slaves [ 142.601718][ T7002] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.610442][ T7002] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.618077][ T7002] bridge_slave_1: entered allmulticast mode [ 142.624799][ T7002] bridge_slave_1: entered promiscuous mode [ 142.680249][ T7074] netlink: 4 bytes leftover after parsing attributes in process `syz.3.318'. [ 142.694061][ T7074] bond_slave_0: entered promiscuous mode [ 142.700153][ T7074] bond_slave_1: entered promiscuous mode [ 142.711603][ T7074] macvlan2: entered promiscuous mode [ 142.726187][ T7074] bond0: entered promiscuous mode [ 142.732722][ T7074] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 142.771160][ T7002] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 142.821694][ T7002] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 142.925757][ T7002] team0: Port device team_slave_0 added [ 142.965388][ T7002] team0: Port device team_slave_1 added [ 143.084064][ T7002] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 143.123048][ T7002] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 143.158774][ T7084] loop3: detected capacity change from 0 to 64 [ 143.206474][ T7002] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 143.295707][ T7002] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 143.326048][ T7002] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 143.354194][ T7088] loop4: detected capacity change from 0 to 512 [ 143.387237][ T7002] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 143.427190][ T7091] loop0: detected capacity change from 0 to 512 [ 143.439847][ T7088] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.501864][ T7088] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.518641][ T7091] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.324: invalid indirect mapped block 4294967295 (level 1) [ 143.549907][ T7091] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.324: invalid indirect mapped block 4294967295 (level 1) [ 143.631699][ T51] Bluetooth: hci3: command tx timeout [ 143.660350][ T7088] EXT4-fs (loop4): shut down requested (0) [ 143.667173][ T7091] EXT4-fs (loop0): 2 truncates cleaned up [ 143.674744][ T7002] hsr_slave_0: entered promiscuous mode [ 143.692225][ T7091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.709768][ T7101] EXT4-fs (loop4): shut down requested (0) [ 143.717003][ T7002] hsr_slave_1: entered promiscuous mode [ 143.723787][ T7002] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 143.759622][ T7002] Cannot create hsr debugfs directory [ 143.780386][ T7091] EXT4-fs error (device loop0): ext4_check_dx_root:2266: inode #2: comm syz.0.324: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 143.878128][ T6049] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.896402][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.393812][ T7002] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 144.413963][ T7002] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 144.457752][ T7002] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 144.479449][ T7002] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 144.675189][ T7002] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.715167][ T7002] 8021q: adding VLAN 0 to HW filter on device team0 [ 144.758720][ T3528] bridge0: port 1(bridge_slave_0) entered blocking state [ 144.765875][ T3528] bridge0: port 1(bridge_slave_0) entered forwarding state [ 144.808914][ T3474] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.816131][ T3474] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.884563][ T7108] loop3: detected capacity change from 0 to 32768 [ 145.287248][ T7137] loop4: detected capacity change from 0 to 1024 [ 145.329659][ T7137] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 145.580164][ T7002] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 145.706133][ T51] Bluetooth: hci3: command tx timeout [ 145.978087][ T7157] loop3: detected capacity change from 0 to 8192 [ 146.045201][ T7157] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 146.135776][ T7157] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 146.157349][ T7166] Bluetooth: MGMT ver 1.22 [ 146.197835][ T7157] REISERFS (device loop3): using ordered data mode [ 146.236210][ T7157] reiserfs: using flush barriers [ 146.239640][ T7002] veth0_vlan: entered promiscuous mode [ 146.255221][ T7002] veth1_vlan: entered promiscuous mode [ 146.307509][ T7002] veth0_macvtap: entered promiscuous mode [ 146.318147][ T7157] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 146.356781][ T7157] REISERFS (device loop3): checking transaction log (loop3) [ 146.381035][ T7002] veth1_macvtap: entered promiscuous mode [ 146.456810][ T7002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.506085][ T7002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.532109][ T7002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.561227][ T7002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.589313][ T7157] REISERFS (device loop3): Using tea hash to sort names [ 146.596534][ T7002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 146.613760][ T7157] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 146.622971][ T7002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.645181][ T7002] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 146.695203][ T7002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 146.727926][ T7002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.728810][ T7156] loop0: detected capacity change from 0 to 32768 [ 146.766389][ T7002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 146.786560][ T7156] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.336 (7156) [ 146.807980][ T7002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.831820][ T7156] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 146.833822][ T7002] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 146.843576][ T7156] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 146.864631][ T7156] BTRFS info (device loop0): using free space tree [ 146.888734][ T7002] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 146.918689][ T7002] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 147.002279][ T7156] BTRFS info (device loop0): enabling ssd optimizations [ 147.016199][ T7156] BTRFS info (device loop0): auto enabling async discard [ 147.047552][ T7002] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.086209][ T7002] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.094959][ T7002] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.148434][ T7002] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.221555][ T5770] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 147.335591][ T7194] loop3: detected capacity change from 0 to 512 [ 147.343798][ T23] IPVS: starting estimator thread 0... [ 147.442153][ T3528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.496565][ T7196] IPVS: using max 27 ests per chain, 64800 per kthread [ 147.524745][ T3528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.716859][ T3574] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 147.750852][ T3574] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 147.776388][ T51] Bluetooth: hci3: command tx timeout [ 148.398131][ T7225] tmpfs: Bad value for 'uid' [ 148.856173][ T9] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 149.046259][ T9] usb 1-1: Using ep0 maxpacket: 32 [ 149.062108][ T9] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 149.073444][ T9] usb 1-1: config 0 has no interface number 0 [ 149.087473][ T9] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 149.096956][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.109967][ T9] usb 1-1: Product: syz [ 149.114237][ T9] usb 1-1: Manufacturer: syz [ 149.119396][ T9] usb 1-1: SerialNumber: syz [ 149.131122][ T9] usb 1-1: config 0 descriptor?? [ 149.162313][ T9] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 149.286392][ T27] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 149.397074][ T9] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 149.441981][ T9] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 149.461889][ T7241] loop4: detected capacity change from 0 to 32768 [ 149.514013][ T27] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 149.556220][ T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.615282][ T27] usb 4-1: config 0 descriptor?? [ 149.677400][ T7241] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 149.681440][ T27] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 149.923709][ C0] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 149.933438][ T9] usb 1-1: USB disconnect, device number 5 [ 149.952060][ T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 149.989462][ T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 150.027753][ T9] quatech2 1-1:0.51: device disconnected [ 150.063303][ T7241] XFS (loop4): Ending clean mount [ 150.089949][ T7241] XFS (loop4): Quotacheck needed: Please wait. [ 150.123867][ T27] cpia1 4-1:0.0: unexpected state after lo power cmd: 00 [ 150.200568][ T7241] XFS (loop4): Quotacheck: Done. [ 150.334070][ T7252] loop5: detected capacity change from 0 to 32768 [ 150.426772][ T7252] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 150.534895][ T27] gspca_cpia1: usb_control_msg 02, error -71 [ 150.572848][ T6049] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 150.586181][ T27] gspca_cpia1: usb_control_msg 05, error -71 [ 150.625265][ T27] cpia1 4-1:0.0: unexpected systemstate: 00 [ 150.640879][ T7252] XFS (loop5): Ending clean mount [ 150.664877][ T27] usb 4-1: USB disconnect, device number 5 [ 150.689007][ T7252] XFS (loop5): Quotacheck needed: Please wait. [ 150.809474][ T7252] XFS (loop5): Quotacheck: Done. [ 150.886996][ T7252] XFS (loop5): User initiated shutdown received. [ 150.894445][ T7252] XFS (loop5): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501). Shutting down filesystem. [ 150.936828][ T7252] XFS (loop5): Please unmount the filesystem and rectify the problem(s) [ 151.025835][ T7002] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 151.451280][ T7302] netlink: 4 bytes leftover after parsing attributes in process `syz.4.357'. [ 151.602504][ T7289] loop0: detected capacity change from 0 to 32768 [ 151.701385][ T28] kauditd_printk_skb: 2 callbacks suppressed [ 151.701400][ T28] audit: type=1800 audit(1776755615.722:20): pid=7289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.356" name="file1" dev="loop0" ino=7 res=0 errno=0 [ 151.897534][ T7315] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 152.504990][ T7326] loop4: detected capacity change from 0 to 8192 [ 152.573132][ T7326] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 152.693185][ T7326] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 152.746231][ T7326] REISERFS (device loop4): using ordered data mode [ 152.752832][ T7326] reiserfs: using flush barriers [ 152.797515][ T7326] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 152.877477][ T7326] REISERFS (device loop4): checking transaction log (loop4) [ 153.201059][ T7326] REISERFS (device loop4): Using tea hash to sort names [ 153.212538][ T7326] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 153.246117][ T7326] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 153.377810][ T7326] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 153.410105][ T7326] REISERFS warning (device loop4): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2) [ 154.567781][ T7373] loop0: detected capacity change from 0 to 1024 [ 154.720826][ T7375] loop5: detected capacity change from 0 to 512 [ 154.747103][ T7375] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 154.755949][ T28] audit: type=1800 audit(1776755618.772:21): pid=7373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.378" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=2 res=0 errno=0 [ 154.832164][ T7375] EXT4-fs (loop5): 1 truncate cleaned up [ 154.855238][ T7375] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 154.976566][ T5769] Bluetooth: hci0: command 0x080f tx timeout [ 154.976837][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 154.982711][ T5769] Bluetooth: hci4: command 0x1003 tx timeout [ 154.997506][ T7341] Bluetooth: hci0: Opcode 0x080f failed: -110 [ 155.021479][ T3474] hfsplus: b-tree write err: -5, ino 3 [ 155.196574][ T7383] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 155.381472][ T7002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.950482][ T7387] loop3: detected capacity change from 0 to 32768 [ 156.093542][ T28] audit: type=1800 audit(1776755620.112:22): pid=7387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.383" name="file1" dev="loop3" ino=7 res=0 errno=0 [ 156.304200][ T7409] netlink: 9 bytes leftover after parsing attributes in process `syz.4.393'. [ 156.329731][ T7409] netlink: 9 bytes leftover after parsing attributes in process `syz.4.393'. [ 156.629555][ T7401] loop5: detected capacity change from 0 to 32768 [ 156.677238][ T7401] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 156.736871][ T5835] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 156.868337][ T7401] XFS (loop5): Ending clean mount [ 156.888710][ T7401] XFS (loop5): Quotacheck needed: Please wait. [ 156.935551][ T5835] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 156.955569][ T5835] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 156.965240][ T7401] XFS (loop5): Quotacheck: Done. [ 157.008312][ T5835] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 157.046434][ T5835] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 157.082575][ T5835] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 157.114467][ T5835] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 157.143428][ T5835] usb 5-1: Product: syz [ 157.147719][ T7002] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 157.181048][ T7429] netlink: 'syz.0.397': attribute type 1 has an invalid length. [ 157.190125][ T5835] usb 5-1: Manufacturer: syz [ 157.196206][ T7429] netlink: 'syz.0.397': attribute type 2 has an invalid length. [ 157.211051][ T5835] cdc_wdm 5-1:1.0: skipping garbage [ 157.226039][ T7429] netlink: 'syz.0.397': attribute type 2 has an invalid length. [ 157.234420][ T5835] cdc_wdm 5-1:1.0: skipping garbage [ 157.252248][ T5835] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 157.277880][ T7429] netlink: 'syz.0.397': attribute type 3 has an invalid length. [ 157.285602][ T5835] cdc_wdm 5-1:1.0: Unknown control protocol [ 157.319322][ T7429] netlink: 'syz.0.397': attribute type 4 has an invalid length. [ 157.356055][ T7429] netlink: 'syz.0.397': attribute type 5 has an invalid length. [ 157.363761][ T7429] netlink: 'syz.0.397': attribute type 6 has an invalid length. [ 157.396030][ T7429] netlink: 'syz.0.397': attribute type 7 has an invalid length. [ 157.436038][ T7429] netlink: 'syz.0.397': attribute type 9 has an invalid length. [ 157.443740][ T7429] netlink: 'syz.0.397': attribute type 10 has an invalid length. [ 157.507651][ T7429] netlink: 126304 bytes leftover after parsing attributes in process `syz.0.397'. [ 157.560216][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.567167][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.573482][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.580113][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.586446][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.593080][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.605217][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.611871][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.618319][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.624951][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.636147][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.642786][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.649142][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.655769][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.667029][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.673663][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.680185][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.686822][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.693121][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 157.699741][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 157.707264][ T23] usb 5-1: USB disconnect, device number 9 [ 157.713148][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 157.754568][ T7435] loop0: detected capacity change from 0 to 128 [ 157.800044][ T7435] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 157.817361][ T7435] ext4 filesystem being mounted at /102/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 157.828849][ T7427] loop3: detected capacity change from 0 to 32768 [ 157.958974][ T7427] overlayfs: upper fs needs to support d_type. [ 157.968752][ T7427] overlayfs: upper fs does not support tmpfile. [ 157.983691][ T7427] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 158.001217][ T7427] ERROR: (device loop3): dbAlloc: the hint is outside the map [ 158.001217][ T7427] [ 158.021939][ T7427] overlayfs: failed to set uuid (/file0, err=-5); falling back to uuid=null. [ 158.034758][ T7427] ERROR: (device loop3): dbAlloc: the hint is outside the map [ 158.034758][ T7427] [ 158.050482][ T7427] overlayfs: failed to verify origin (/, ino=2, err=-5) [ 158.057922][ T7427] overlayfs: failed to verify upper root origin [ 158.139949][ T5770] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 158.153640][ T3466] read_mapping_page failed! [ 158.162500][ T3466] ERROR: (device loop3): txCommit: [ 158.162500][ T3466] [ 158.183299][ T3466] jfs_write_inode: jfs_commit_inode failed! [ 158.321650][ T7444] loop0: detected capacity change from 0 to 764 [ 158.513611][ T7444] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet. [ 158.848664][ T7451] loop3: detected capacity change from 0 to 1024 [ 158.865778][ T7439] loop5: detected capacity change from 0 to 32768 [ 158.935147][ T7439] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 158.972398][ T28] audit: type=1800 audit(1776755622.992:23): pid=7451 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.405" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=2 res=0 errno=0 [ 159.132288][ T7439] XFS (loop5): Ending clean mount [ 159.145406][ T59] hfsplus: b-tree write err: -5, ino 3 [ 159.147662][ T7439] XFS (loop5): Quotacheck needed: Please wait. [ 159.287643][ T7439] XFS (loop5): Quotacheck: Done. [ 159.319173][ T7446] loop4: detected capacity change from 0 to 32768 [ 159.387169][ T28] audit: type=1800 audit(1776755623.412:24): pid=7446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.403" name="file1" dev="loop4" ino=7 res=0 errno=0 [ 159.427168][ T7469] warning: `syz.3.408' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 159.537141][ T7002] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 159.591937][ T7474] netlink: 4 bytes leftover after parsing attributes in process `syz.0.409'. [ 160.107005][ T5806] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 160.346662][ T5806] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 160.366359][ T5806] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 160.396914][ T5806] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 160.426352][ T5806] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 160.486754][ T5806] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 160.513904][ T5806] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 160.523624][ T5806] usb 4-1: Manufacturer: syz [ 160.536183][ T7496] netlink: 16 bytes leftover after parsing attributes in process `syz.0.426'. [ 160.560139][ T5806] usb 4-1: config 0 descriptor?? [ 160.676100][ T7484] loop5: detected capacity change from 0 to 32768 [ 160.695375][ T7484] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.410 (7484) [ 160.735901][ T7500] loop0: detected capacity change from 0 to 512 [ 160.796339][ T7500] EXT4-fs error (device loop0): ext4_orphan_get:1404: inode #15: comm syz.0.420: inode has both inline data and extents flags [ 160.800248][ T7484] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 160.811688][ T7500] EXT4-fs error (device loop0): ext4_orphan_get:1409: comm syz.0.420: couldn't read orphan inode 15 (err -117) [ 160.836817][ T7500] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.936091][ T7484] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 160.955601][ T7484] BTRFS info (device loop5): setting nodatacow, compression disabled [ 160.956672][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.978971][ T5806] appleir 0003:05AC:8243.0009: unknown main item tag 0x0 [ 161.016156][ T7484] BTRFS info (device loop5): turning on flush-on-commit [ 161.036949][ T5806] appleir 0003:05AC:8243.0009: No inputs registered, leaving [ 161.050611][ T7484] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_LZO (0x8) [ 161.076729][ T5806] appleir 0003:05AC:8243.0009: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 161.088450][ T7484] BTRFS info (device loop5): use lzo compression, level 0 [ 161.095627][ T7484] BTRFS info (device loop5): setting nodatasum [ 161.118769][ T7504] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 161.129175][ T7484] BTRFS info (device loop5): use no compression [ 161.135500][ T7484] BTRFS info (device loop5): trying to use backup root at mount time [ 161.172269][ T7484] BTRFS info (device loop5): max_inline at 0 [ 161.206051][ T7484] BTRFS info (device loop5): using free space tree [ 161.279282][ T5806] usb 4-1: USB disconnect, device number 6 [ 161.306638][ T59] BTRFS warning (device loop5): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xcee3a718 level 0 [ 161.357550][ T7484] BTRFS warning (device loop5): couldn't read tree root [ 161.367823][ T7484] BTRFS warning (device loop5): try to load backup roots slot 1 [ 161.380273][ T1099] BTRFS warning (device loop5): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0xe06dfc66 level 0 [ 161.394282][ T7484] BTRFS warning (device loop5): couldn't read tree root [ 161.403500][ T7484] BTRFS warning (device loop5): try to load backup roots slot 2 [ 161.414969][ T1099] BTRFS error (device loop5): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 161.426392][ T7484] BTRFS warning (device loop5): couldn't read tree root [ 161.433376][ T7484] BTRFS warning (device loop5): try to load backup roots slot 3 [ 161.467177][ T7484] BTRFS info (device loop5): enabling ssd optimizations [ 161.476342][ T7484] BTRFS info (device loop5): auto enabling async discard [ 161.486987][ T7484] BTRFS info (device loop5): rebuilding free space tree [ 161.583086][ T7498] loop4: detected capacity change from 0 to 32768 [ 161.627358][ T7484] BTRFS info (device loop5): checking UUID tree [ 161.672842][ T28] audit: type=1800 audit(1776755625.692:25): pid=7498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.419" name="file1" dev="loop4" ino=4 res=0 errno=0 [ 161.704111][ T7497] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt [ 161.704111][ T7497] [ 161.735438][ T7497] ERROR: (device loop4): remounting filesystem as read-only [ 161.765430][ T7497] xtLookup: xtSearch returned -5 [ 161.840364][ T7498] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt [ 161.840364][ T7498] [ 161.877013][ T7498] xtLookup: xtSearch returned -5 [ 161.904825][ T7498] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt [ 161.904825][ T7498] [ 161.932793][ T7002] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 161.987368][ T7498] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt [ 161.987368][ T7498] [ 162.026229][ T7498] xtLookup: xtSearch returned -5 [ 162.031271][ T7498] ERROR: (device loop4): xtSearch: XT_GETPAGE: xtree page corrupt [ 162.031271][ T7498] [ 162.472338][ T7535] netlink: 4 bytes leftover after parsing attributes in process `syz.5.422'. [ 163.466352][ T23] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 163.507592][ T7580] loop4: detected capacity change from 0 to 128 [ 163.563832][ T7580] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 163.649429][ T7586] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 163.670161][ T23] usb 1-1: config index 0 descriptor too short (expected 45, got 36) [ 163.675455][ T7580] ext4 filesystem being mounted at /80/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 163.686114][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.716111][ T23] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 163.741711][ T23] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 163.784958][ T23] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 163.817347][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.829367][ T23] usb 1-1: config 0 descriptor?? [ 163.971764][ T6049] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 164.096973][ T7597] loop5: detected capacity change from 0 to 256 [ 164.213021][ T7597] FAT-fs (loop5): Directory bread(block 64) failed [ 164.236052][ T7597] FAT-fs (loop5): Directory bread(block 65) failed [ 164.242707][ T7597] FAT-fs (loop5): Directory bread(block 66) failed [ 164.275023][ T23] plantronics 0003:047F:FFFF.000A: unknown main item tag 0xd [ 164.290478][ T7597] FAT-fs (loop5): Directory bread(block 67) failed [ 164.316438][ T23] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 164.325063][ T7597] FAT-fs (loop5): Directory bread(block 68) failed [ 164.356541][ T23] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 164.362467][ T7597] FAT-fs (loop5): Directory bread(block 69) failed [ 164.400760][ T7597] FAT-fs (loop5): Directory bread(block 70) failed [ 164.411487][ T7611] validate_nla: 2 callbacks suppressed [ 164.411512][ T7611] netlink: 'syz.3.449': attribute type 10 has an invalid length. [ 164.414794][ T7597] FAT-fs (loop5): Directory bread(block 71) failed [ 164.427306][ T7611] netlink: 55 bytes leftover after parsing attributes in process `syz.3.449'. [ 164.470693][ T7597] FAT-fs (loop5): Directory bread(block 72) failed [ 164.507314][ T7597] FAT-fs (loop5): Directory bread(block 73) failed [ 164.664689][ T5835] usb 1-1: USB disconnect, device number 6 [ 165.003885][ T7618] netlink: 'syz.5.450': attribute type 2 has an invalid length. [ 165.185282][ T7625] sctp: [Deprecated]: syz.5.451 (pid 7625) Use of int in maxseg socket option. [ 165.185282][ T7625] Use struct sctp_assoc_value instead [ 165.849038][ T7650] loop4: detected capacity change from 0 to 512 [ 165.896967][ T7650] EXT4-fs: Ignoring removed nomblk_io_submit option [ 165.951691][ T7650] EXT4-fs error (device loop4): mb_free_blocks:1970: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 165.992703][ T7650] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.458: corrupted inode contents [ 166.015704][ T7650] EXT4-fs error (device loop4): ext4_dirty_inode:6143: inode #11: comm syz.4.458: mark_inode_dirty error [ 166.034108][ T7650] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.458: invalid indirect mapped block 1 (level 1) [ 166.049969][ T7650] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.458: corrupted inode contents [ 166.076804][ T7650] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 166.114228][ T7650] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #11: comm syz.4.458: corrupted inode contents [ 166.141488][ T7657] syzkaller1: entered promiscuous mode [ 166.150334][ T7657] syzkaller1: entered allmulticast mode [ 166.158627][ T7650] EXT4-fs error (device loop4): ext4_truncate:4301: inode #11: comm syz.4.458: mark_inode_dirty error [ 166.210353][ T7650] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 166.219743][ T5832] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 166.242498][ T7650] EXT4-fs (loop4): 1 truncate cleaned up [ 166.263450][ T7650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 166.264688][ T7633] loop0: detected capacity change from 0 to 40427 [ 166.301551][ T7633] F2FS-fs (loop0): build fault injection attr: rate: 684, type: 0x7ffff [ 166.311743][ T7633] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x35f7 [ 166.326690][ T7633] F2FS-fs (loop0): Image doesn't support compression [ 166.354153][ T7633] F2FS-fs (loop0): invalid crc value [ 166.392079][ T7633] F2FS-fs (loop0): Found nat_bits in checkpoint [ 166.436366][ T5832] usb 4-1: Using ep0 maxpacket: 8 [ 166.459079][ T5832] usb 4-1: unable to get BOS descriptor or descriptor too short [ 166.498755][ T7650] EXT4-fs error (device loop4): ext4_find_dest_de:2115: inode #2: block 13: comm syz.4.458: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 166.514518][ T5832] usb 4-1: config 117 has an invalid interface number: 163 but max is 0 [ 166.547870][ T5832] usb 4-1: config 117 has no interface number 0 [ 166.554229][ T5832] usb 4-1: config 117 interface 163 altsetting 162 endpoint 0xF has invalid maxpacket 1024, setting to 64 [ 166.600295][ T6049] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.600970][ T5832] usb 4-1: config 117 interface 163 has no altsetting 0 [ 166.633310][ T7633] F2FS-fs (loop0): Start checkpoint disabled! [ 166.644284][ T5832] usb 4-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=5d.24 [ 166.654248][ T5832] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.670531][ T7633] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 166.678603][ T5832] usb 4-1: Product: syz [ 166.682799][ T5832] usb 4-1: Manufacturer: syz [ 166.689036][ T5832] usb 4-1: SerialNumber: syz [ 167.014922][ T7679] netlink: 80 bytes leftover after parsing attributes in process `syz.4.472'. [ 167.025686][ T59] kworker/u4:4: attempt to access beyond end of device [ 167.025686][ T59] loop0: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 167.054602][ T59] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 167.085147][ T59] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 167.097250][ T59] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 167.216274][ T5807] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 167.426341][ T5807] usb 6-1: Using ep0 maxpacket: 32 [ 167.442763][ T5807] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 167.466853][ T5807] usb 6-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 167.482538][ T7690] loop0: detected capacity change from 0 to 64 [ 167.491120][ T5807] usb 6-1: config 0 interface 0 has no altsetting 0 [ 167.503132][ T5807] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 167.524578][ T5807] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 167.556080][ T5807] usb 6-1: Product: syz [ 167.560434][ T5807] usb 6-1: Manufacturer: syz [ 167.570489][ T5807] usb 6-1: SerialNumber: syz [ 167.578834][ T5807] usb 6-1: config 0 descriptor?? [ 167.751513][ T7697] loop4: detected capacity change from 0 to 2048 [ 167.826195][ T7697] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 167.860779][ T5832] usb 4-1: USB disconnect, device number 7 [ 167.885003][ T5832] f81534a_ctrl 4-1:117.163: failed to enable ports: -19 [ 167.907714][ T28] audit: type=1800 audit(1776755631.932:26): pid=7697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.474" name="file1" dev="loop4" ino=1367 res=0 errno=0 [ 167.982599][ T28] audit: type=1800 audit(1776755631.932:27): pid=7697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.474" name="file1" dev="loop4" ino=1367 res=0 errno=0 [ 168.029690][ T5807] gs_usb 6-1:0.0: Configuring for 1 interfaces [ 168.439973][ T5807] gs_usb 6-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 168.472792][ T5807] gs_usb: probe of 6-1:0.0 failed with error -22 [ 168.648783][ T5807] usb 6-1: USB disconnect, device number 2 [ 169.055055][ T7726] loop3: detected capacity change from 0 to 2048 [ 169.120390][ T7726] loop3: p4 < > [ 169.215860][ T7726] EXT4-fs (loop3p4): unable to read superblock [ 169.452851][ T7742] loop5: detected capacity change from 0 to 2048 [ 169.506096][ T7742] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 169.531111][ T7750] netlink: 8 bytes leftover after parsing attributes in process `syz.4.476'. [ 169.792344][ T7755] Invalid argument reading file caps for ./file0 [ 170.027656][ T7765] Zero length message leads to an empty skb [ 170.311015][ T7780] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000004 [ 170.543678][ T788] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 170.758780][ T788] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.795133][ T788] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.838591][ T788] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 170.867607][ T788] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 170.888442][ T788] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.918325][ T788] usb 1-1: config 0 descriptor?? [ 171.178892][ T5832] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 171.352105][ T788] plantronics 0003:047F:FFFF.000B: unknown main item tag 0xd [ 171.368338][ T788] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving [ 171.377638][ T5832] usb 5-1: Using ep0 maxpacket: 8 [ 171.391621][ T5832] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 171.402438][ T788] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 171.416713][ T5832] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 171.431290][ T5832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 171.441550][ T5832] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 171.461831][ T5832] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 171.494431][ T5832] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 171.513863][ T5832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.644164][ T9] usb 1-1: USB disconnect, device number 7 [ 171.730480][ T7810] loop5: detected capacity change from 0 to 32768 [ 171.759805][ T5832] usb 5-1: usb_control_msg returned -32 [ 171.765458][ T5832] usbtmc 5-1:16.0: can't read capabilities [ 171.780000][ T7810] JBD2: Ignoring recovery information on journal [ 171.825408][ T7810] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 172.103243][ T7002] ocfs2: Unmounting device (7,5) on (node local) [ 172.146786][ T7817] usbtmc 5-1:16.0: INITIATE_ABORT_BULK_IN returned 0 [ 172.292987][ T7815] loop3: detected capacity change from 0 to 32768 [ 172.329034][ T7815] JBD2: Ignoring recovery information on journal [ 172.353183][ T5807] usb 5-1: USB disconnect, device number 10 [ 172.480965][ T7815] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 172.725215][ T5766] ocfs2: Unmounting device (7,3) on (node local) [ 172.909227][ T7832] loop5: detected capacity change from 0 to 256 [ 173.012034][ T7832] FAT-fs (loop5): Directory bread(block 64) failed [ 173.032402][ T7832] FAT-fs (loop5): Directory bread(block 65) failed [ 173.053370][ T7832] FAT-fs (loop5): Directory bread(block 66) failed [ 173.059181][ T7834] loop0: detected capacity change from 0 to 4096 [ 173.090403][ T7832] FAT-fs (loop5): Directory bread(block 67) failed [ 173.115510][ T7832] FAT-fs (loop5): Directory bread(block 68) failed [ 173.122795][ T7837] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 173.139896][ T7832] FAT-fs (loop5): Directory bread(block 69) failed [ 173.157286][ T7832] FAT-fs (loop5): Directory bread(block 70) failed [ 173.184987][ T7832] FAT-fs (loop5): Directory bread(block 71) failed [ 173.200796][ T7832] FAT-fs (loop5): Directory bread(block 72) failed [ 173.210231][ T7832] FAT-fs (loop5): Directory bread(block 73) failed [ 173.352035][ T7832] syz.5.499: attempt to access beyond end of device [ 173.352035][ T7832] loop5: rw=2049, sector=1224, nr_sectors = 8 limit=256 [ 173.429476][ T7832] loop7: detected capacity change from 0 to 6 [ 173.444522][ T7832] Dev loop7: unable to read RDB block 6 [ 173.468001][ T7832] loop7: unable to read partition table [ 173.475913][ T7832] loop7: partition table beyond EOD, truncated [ 173.488386][ T7832] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 174.032726][ T7859] netlink: 28 bytes leftover after parsing attributes in process `syz.4.510'. [ 174.398957][ T7876] loop4: detected capacity change from 0 to 128 [ 174.459287][ T7876] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 174.529926][ T7876] ext4 filesystem being mounted at /104/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 174.803914][ T6049] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 174.871004][ T7888] loop0: detected capacity change from 0 to 64 [ 174.984282][ T7888] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 174.998007][ T7880] loop3: detected capacity change from 0 to 32768 [ 175.027367][ T7880] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.519 (7880) [ 175.090708][ T7880] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 175.114574][ T7880] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 175.154749][ T7880] BTRFS info (device loop3): setting nodatacow, compression disabled [ 175.192583][ T7880] BTRFS info (device loop3): enabling auto defrag [ 175.206892][ T7880] BTRFS info (device loop3): max_inline at 0 [ 175.215354][ T7880] BTRFS info (device loop3): using free space tree [ 175.238778][ T7899] netlink: 20 bytes leftover after parsing attributes in process `syz.4.526'. [ 175.380453][ T7880] BTRFS info (device loop3): auto enabling async discard [ 175.812185][ T5766] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 176.123020][ T7898] loop0: detected capacity change from 0 to 32768 [ 176.145397][ T7898] XFS: attr2 mount option is deprecated. [ 176.277974][ T7912] loop5: detected capacity change from 0 to 40427 [ 176.299136][ T7912] F2FS-fs (loop5): invalid crc value [ 176.300626][ T7898] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 176.311841][ T7912] F2FS-fs (loop5): Found nat_bits in checkpoint [ 176.428688][ T7940] batadv_slave_0: entered promiscuous mode [ 176.438557][ T7939] batadv_slave_0: left promiscuous mode [ 176.492581][ T7898] XFS (loop0): Ending clean mount [ 176.541890][ T7898] XFS (loop0): Quotacheck needed: Please wait. [ 176.614468][ T7912] F2FS-fs (loop5): Start checkpoint disabled! [ 176.672771][ T7898] XFS (loop0): Quotacheck: Done. [ 176.685187][ T7912] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6 [ 176.697288][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.745611][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.771937][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.801005][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.807906][ T28] audit: type=1804 audit(1776755640.812:28): pid=7912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.528" name="/newroot/43/bus/bus" dev="loop5" ino=10 res=1 errno=0 [ 176.826023][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.868481][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.875932][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.880489][ T5770] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 176.881680][ T7912] syz.5.528: attempt to access beyond end of device [ 176.881680][ T7912] loop5: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 176.916431][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.936111][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.943543][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.965293][ T7912] syz.5.528: attempt to access beyond end of device [ 176.965293][ T7912] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 176.984076][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 176.993453][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 177.019013][ T5832] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 177.037997][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 177.045535][ T788] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 177.070037][ T788] hid-generic 00A0:0006:0003.000C: hidraw0: HID v0.05 Device [syz1] on syz0 [ 177.239092][ T5832] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 177.252273][ T5832] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 177.293086][ T3466] kworker/u4:10: attempt to access beyond end of device [ 177.293086][ T3466] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 177.316877][ T5832] usb 5-1: New USB device found, idVendor=1ae7, idProduct=0525, bcdDevice=ca.e6 [ 177.323730][ T3466] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 177.325929][ T5832] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.341119][ T5832] usb 5-1: Product: syz [ 177.370837][ T5832] usb 5-1: Manufacturer: syz [ 177.372726][ T3466] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 177.382796][ T5832] usb 5-1: SerialNumber: syz [ 177.385869][ T5832] usb 5-1: config 0 descriptor?? [ 177.622101][ T5832] usb 5-1: USB disconnect, device number 11 [ 177.636116][ T788] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 177.830576][ T788] usb 1-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice= 9.00 [ 177.843945][ T788] usb 1-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0 [ 177.866091][ T788] usb 1-1: Product: syz [ 177.878039][ T788] usb 1-1: config 0 descriptor?? [ 177.885252][ T788] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 177.898609][ T788] usb 1-1: Detected FT232H [ 178.098208][ T788] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 178.124343][ T7969] netlink: 4 bytes leftover after parsing attributes in process `syz.5.543'. [ 178.538275][ T788] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 178.675458][ T7974] netlink: 14 bytes leftover after parsing attributes in process `syz.4.553'. [ 178.742463][ T788] usb 1-1: USB disconnect, device number 8 [ 178.772784][ T788] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 178.791223][ T788] ftdi_sio 1-1:0.0: device disconnected [ 178.901143][ T7979] netlink: 'syz.3.546': attribute type 11 has an invalid length. [ 178.910131][ T7979] netlink: 8 bytes leftover after parsing attributes in process `syz.3.546'. [ 178.927976][ T7981] loop4: detected capacity change from 0 to 512 [ 178.946154][ T7981] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 178.965736][ T7981] EXT4-fs error (device loop4): ext4_orphan_get:1430: comm syz.4.547: bad orphan inode 131083 [ 178.984973][ T7981] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 179.034015][ T6049] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 179.571283][ T8004] loop5: detected capacity change from 0 to 256 [ 179.618853][ T8004] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 179.630268][ T8004] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 179.716750][ T8004] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5817f139, utbl_chksum : 0xe619d30d) [ 180.145333][ T8013] loop3: detected capacity change from 0 to 1024 [ 180.158390][ T8015] Invalid argument reading file caps for ./file0 [ 180.165007][ T8002] loop0: detected capacity change from 0 to 32768 [ 180.196562][ T8002] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.555 (8002) [ 180.213514][ T8002] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 180.245263][ T8002] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 180.289262][ T8013] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 180.296142][ T8002] BTRFS info (device loop0): setting nodatacow, compression disabled [ 180.310225][ T8002] BTRFS info (device loop0): enabling auto defrag [ 180.328446][ T8002] BTRFS info (device loop0): max_inline at 0 [ 180.379758][ T8002] BTRFS info (device loop0): using free space tree [ 180.493415][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.593685][ T8002] BTRFS info (device loop0): auto enabling async discard [ 180.808914][ T8044] loop4: detected capacity change from 0 to 2048 [ 180.873490][ T8045] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 181.024700][ T5770] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 181.096877][ T8012] loop5: detected capacity change from 0 to 32768 [ 181.258724][ T8012] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 181.433981][ T8012] XFS (loop5): Ending clean mount [ 181.502627][ T8012] XFS (loop5): Quotacheck needed: Please wait. [ 181.636624][ T8012] XFS (loop5): Quotacheck: Done. [ 181.773383][ T7002] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 182.102659][ T8076] loop5: detected capacity change from 0 to 512 [ 182.135070][ T8076] EXT4-fs error (device loop5): ext4_iget_extra_inode:4739: inode #15: comm syz.5.573: corrupted in-inode xattr: e_value size too large [ 182.149848][ T8076] EXT4-fs error (device loop5): ext4_orphan_get:1409: comm syz.5.573: couldn't read orphan inode 15 (err -117) [ 182.164959][ T8076] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 182.264658][ T7002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.356205][ T8088] loop4: detected capacity change from 0 to 32768 [ 183.361919][ T8089] loop3: detected capacity change from 0 to 32768 [ 183.396145][ T8088] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.577 (8088) [ 183.425919][ T8088] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 183.436901][ T8088] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 183.440693][ T8089] JBD2: Ignoring recovery information on journal [ 183.445693][ T8088] BTRFS info (device loop4): setting nodatacow, compression disabled [ 183.469080][ T8088] BTRFS info (device loop4): enabling auto defrag [ 183.511321][ T8088] BTRFS info (device loop4): max_inline at 0 [ 183.529249][ T8088] BTRFS info (device loop4): using free space tree [ 183.638883][ T8089] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 183.684084][ T8088] BTRFS info (device loop4): auto enabling async discard [ 184.086795][ T6049] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 184.105822][ T8122] loop5: detected capacity change from 0 to 128 [ 184.138184][ T5766] ocfs2: Unmounting device (7,3) on (node local) [ 184.227879][ T8122] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 184.235151][ T5760] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 10 /dev/loop4 scanned by udevd (5760) [ 184.299037][ T8122] ext4 filesystem being mounted at /57/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 184.668811][ T7002] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 184.942540][ T8132] loop0: detected capacity change from 0 to 128 [ 185.012610][ T8132] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 185.063827][ T8132] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 185.782430][ T5770] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 186.046469][ T788] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 186.226443][ T788] usb 5-1: Using ep0 maxpacket: 16 [ 186.240610][ T788] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 186.267144][ T788] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.296430][ T788] usb 5-1: Product: syz [ 186.300653][ T788] usb 5-1: Manufacturer: syz [ 186.322129][ T788] usb 5-1: SerialNumber: syz [ 186.538157][ T27] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 186.636084][ T5832] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 186.726071][ T27] usb 6-1: Using ep0 maxpacket: 16 [ 186.735350][ T27] usb 6-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22 [ 186.750891][ T27] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.759609][ T27] usb 6-1: Product: syz [ 186.764274][ T27] usb 6-1: Manufacturer: syz [ 186.772960][ T27] usb 6-1: SerialNumber: syz [ 186.816294][ T5832] usb 1-1: Using ep0 maxpacket: 32 [ 186.838392][ T5832] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 186.847191][ T5832] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 186.863421][ T5832] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 186.874560][ T5832] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 186.888029][ T5832] usb 1-1: config 0 interface 0 has no altsetting 0 [ 186.900966][ T5832] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 186.910198][ T5832] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 186.923600][ T5832] usb 1-1: Product: syz [ 186.929101][ T5832] usb 1-1: Manufacturer: syz [ 186.933770][ T5832] usb 1-1: SerialNumber: syz [ 186.943656][ T5832] usb 1-1: config 0 descriptor?? [ 186.952044][ T5832] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 186.963185][ T5832] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 186.991431][ T27] usb 6-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state [ 187.008792][ T27] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 187.023111][ T27] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0) [ 187.032180][ T27] usb 6-1: media controller created [ 187.055775][ T27] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 187.174813][ T5832] usb 1-1: USB disconnect, device number 9 [ 187.180811][ C0] ldusb 1-1:0.0: usb_submit_urb failed (-19) [ 187.194611][ T5832] ldusb 1-1:0.0: LD USB Device #0 now disconnected [ 187.297944][ T27] zl10353_read_register: readreg error (reg=127, ret==-110) [ 187.340285][ T27] dvb_usb_gl861: probe of 6-1:157.0 failed with error -5 [ 187.358762][ T27] usb 6-1: USB disconnect, device number 3 [ 187.380820][ T788] snd-usb-audio: probe of 5-1:1.0 failed with error -71 [ 187.401897][ T788] usb 5-1: USB disconnect, device number 12 [ 188.219637][ T8192] loop5: detected capacity change from 0 to 128 [ 188.249660][ T8194] loop4: detected capacity change from 0 to 256 [ 188.300267][ T8194] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001e4a3, chksum : 0xe65d9f0a, utbl_chksum : 0x7319d30d) [ 188.690205][ T8202] loop0: detected capacity change from 0 to 512 [ 188.754605][ T8202] EXT4-fs error (device loop0): ext4_iget_extra_inode:4739: inode #15: comm syz.0.612: corrupted in-inode xattr: e_value size too large [ 188.769096][ T8202] EXT4-fs error (device loop0): ext4_orphan_get:1409: comm syz.0.612: couldn't read orphan inode 15 (err -117) [ 188.784018][ T8202] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.888276][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.930591][ T8208] batadv_slave_0: entered promiscuous mode [ 188.977782][ T8207] batadv_slave_0: left promiscuous mode [ 189.017003][ T5807] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 189.226531][ T5807] usb 5-1: Using ep0 maxpacket: 8 [ 189.248191][ T5807] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 189.279754][ T5807] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 189.304701][ T5807] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 189.325413][ T5807] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 189.352949][ T5807] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 189.382668][ T5807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.591821][ T8222] loop5: detected capacity change from 0 to 512 [ 189.630223][ T5807] usb 5-1: GET_CAPABILITIES returned 0 [ 189.631026][ T8222] EXT4-fs: Ignoring removed nobh option [ 189.635753][ T5807] usbtmc 5-1:16.0: can't read capabilities [ 189.667019][ T8222] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 189.721056][ T8222] EXT4-fs (loop5): 1 truncate cleaned up [ 189.758519][ T8222] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 189.855199][ T5832] usb 5-1: USB disconnect, device number 13 [ 189.971362][ T7002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.214210][ T8235] loop5: detected capacity change from 0 to 512 [ 190.244058][ T8235] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.372820][ T7002] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.491820][ T8244] loop5: detected capacity change from 0 to 128 [ 190.524029][ T8244] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 190.572675][ T8244] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 190.609465][ T8244] ext2 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 190.746962][ T8244] EXT4-fs (loop5): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 190.842186][ T7002] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 191.080628][ T788] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 191.185549][ T8266] loop0: detected capacity change from 0 to 1024 [ 191.240514][ T8266] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 191.289377][ T788] usb 4-1: Using ep0 maxpacket: 32 [ 191.308502][ T788] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.337154][ T788] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 191.387516][ T788] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 191.401076][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.415360][ T788] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.463690][ T788] usb 4-1: config 0 descriptor?? [ 191.544041][ T8276] loop0: detected capacity change from 0 to 256 [ 191.566890][ T8276] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 191.601925][ T28] audit: type=1800 audit(1776755655.622:29): pid=8276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.642" name="file1" dev="loop0" ino=1048612 res=0 errno=0 [ 191.820745][ T8280] loop0: detected capacity change from 0 to 64 [ 191.933583][ T788] savu 0003:1E7D:2D5A.000D: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 192.173612][ T8286] binder: 8285:8286 ioctl 4018620d 0 returned -22 [ 192.198682][ T23] usb 4-1: USB disconnect, device number 8 [ 192.516347][ T8298] netlink: 16 bytes leftover after parsing attributes in process `syz.0.659'. [ 192.638733][ T8302] loop0: detected capacity change from 0 to 256 [ 192.647065][ T8302] exfat: Deprecated parameter 'utf8' [ 192.652514][ T8302] exfat: Deprecated parameter 'utf8' [ 192.978603][ T8313] loop0: detected capacity change from 0 to 64 [ 193.018535][ T8315] loop3: detected capacity change from 0 to 512 [ 193.058789][ T8315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 193.093119][ T8315] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 193.200532][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.659919][ T8330] loop4: detected capacity change from 0 to 512 [ 193.709410][ T8330] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 193.743324][ T8330] EXT4-fs (loop4): orphan cleanup on readonly fs [ 193.754047][ T8330] EXT4-fs warning (device loop4): ext4_enable_quotas:7188: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 193.797069][ T8330] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 193.845442][ T8330] EXT4-fs error (device loop4): ext4_ext_check_inode:530: inode #13: comm syz.4.664: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 193.912493][ T8330] EXT4-fs error (device loop4): ext4_orphan_get:1409: comm syz.4.664: couldn't read orphan inode 13 (err -117) [ 193.976515][ T8330] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 194.016302][ T8330] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 194.064821][ T8330] EXT4-fs warning (device loop4): ext4_enable_quotas:7188: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 194.101146][ T8340] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 194.120016][ T8340] EXT4-fs warning (device loop4): ext4_enable_quotas:7188: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 194.185690][ T6049] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.246203][ T23] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 194.314618][ T8343] loop4: detected capacity change from 0 to 1024 [ 194.390545][ T8343] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 194.456148][ T23] usb 6-1: Using ep0 maxpacket: 16 [ 194.463237][ T23] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 194.474712][ T23] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 194.488681][ T23] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 194.498317][ T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.506733][ T23] usb 6-1: Product: syz [ 194.510945][ T23] usb 6-1: Manufacturer: syz [ 194.515588][ T23] usb 6-1: SerialNumber: syz [ 194.519267][ T6049] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.717903][ T8347] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 194.828747][ T8347] EXT4-fs (loop4): shut down requested (2) [ 194.915922][ T6049] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.994869][ T23] usb 6-1: 0:2 : does not exist [ 195.072910][ T8313] [ 195.075290][ T8313] ============================================ [ 195.081465][ T8313] WARNING: possible recursive locking detected [ 195.087633][ T8313] syzkaller #0 Not tainted [ 195.092053][ T8313] -------------------------------------------- [ 195.098205][ T8313] syz.0.658/8313 is trying to acquire lock: [ 195.104102][ T8313] ffff8880266700b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 195.113463][ T8313] [ 195.113463][ T8313] but task is already holding lock: [ 195.120832][ T8313] ffff8880266700b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 195.130177][ T8313] [ 195.130177][ T8313] other info that might help us debug this: [ 195.138229][ T8313] Possible unsafe locking scenario: [ 195.138229][ T8313] [ 195.145667][ T8313] CPU0 [ 195.148932][ T8313] ---- [ 195.152197][ T8313] lock(&tree->tree_lock/1); [ 195.156873][ T8313] lock(&tree->tree_lock/1); [ 195.161541][ T8313] [ 195.161541][ T8313] *** DEADLOCK *** [ 195.161541][ T8313] [ 195.169669][ T8313] May be due to missing lock nesting notation [ 195.169669][ T8313] [ 195.177974][ T8313] 5 locks held by syz.0.658/8313: [ 195.182982][ T8313] #0: ffff888023e86418 (sb_writers#29){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 195.192301][ T8313] #1: ffff88805115b6b8 (&sb->s_type->i_mutex_key#35){+.+.}-{3:3}, at: do_truncate+0x19c/0x240 [ 195.202649][ T8313] #2: ffff88805115b4f8 (&HFS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 195.213337][ T8313] #3: ffff8880266700b0 (&tree->tree_lock/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 195.223085][ T8313] #4: ffff88805115a178 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 195.234385][ T8313] [ 195.234385][ T8313] stack backtrace: [ 195.240263][ T8313] CPU: 0 PID: 8313 Comm: syz.0.658 Not tainted syzkaller #0 [ 195.247535][ T8313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 195.257579][ T8313] Call Trace: [ 195.260854][ T8313] [ 195.263778][ T8313] dump_stack_lvl+0x18c/0x250 [ 195.268464][ T8313] ? show_regs_print_info+0x20/0x20 [ 195.273665][ T8313] ? print_deadlock_bug+0x435/0x5d0 [ 195.278856][ T8313] __lock_acquire+0x5dbc/0x7d40 [ 195.283703][ T8313] ? preempt_schedule_thunk+0x1a/0x30 [ 195.289075][ T8313] ? verify_lock_unused+0x140/0x140 [ 195.294276][ T8313] ? _raw_spin_unlock_irqrestore+0x111/0x120 [ 195.300259][ T8313] ? _raw_spin_unlock+0x40/0x40 [ 195.305101][ T8313] ? stack_trace_save+0xaa/0x100 [ 195.310028][ T8313] ? stack_trace_snprint+0xf0/0xf0 [ 195.315136][ T8313] lock_acquire+0x19e/0x420 [ 195.319633][ T8313] ? hfs_find_init+0x17e/0x1f0 [ 195.324401][ T8313] ? hfs_extend_file+0x361/0x1380 [ 195.329418][ T8313] ? hfs_bmap_reserve+0x107/0x430 [ 195.334433][ T8313] ? block_write_begin+0x9a/0x1e0 [ 195.339455][ T8313] ? __might_sleep+0xe0/0xe0 [ 195.344052][ T8313] ? hfs_write_begin+0x8b/0xd0 [ 195.348819][ T8313] ? read_lock_is_recursive+0x20/0x20 [ 195.354189][ T8313] ? do_truncate+0x1b0/0x240 [ 195.358773][ T8313] ? vfs_truncate+0x266/0x300 [ 195.363446][ T8313] ? do_sys_truncate+0xf6/0x1c0 [ 195.368285][ T8313] ? do_syscall_64+0x55/0xa0 [ 195.372862][ T8313] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 195.378922][ T8313] __mutex_lock+0x136/0xcc0 [ 195.383423][ T8313] ? hfs_find_init+0x17e/0x1f0 [ 195.388228][ T8313] ? hfs_find_init+0x17e/0x1f0 [ 195.392985][ T8313] ? mutex_lock_nested+0x20/0x20 [ 195.397913][ T8313] ? __kmem_cache_alloc_node+0x13a/0x250 [ 195.403544][ T8313] ? hfs_find_init+0xa7/0x1f0 [ 195.408217][ T8313] ? hfs_find_init+0xa7/0x1f0 [ 195.412987][ T8313] ? __kmalloc+0xe2/0x230 [ 195.417312][ T8313] hfs_find_init+0x17e/0x1f0 [ 195.421895][ T8313] hfs_extend_file+0x361/0x1380 [ 195.426736][ T8313] ? hfs_bnode_read+0x358/0x7a0 [ 195.431578][ T8313] ? hfs_ext_keycmp+0x1c7/0x320 [ 195.436416][ T8313] ? hfs_get_block+0xc50/0xc50 [ 195.441263][ T8313] ? hfs_rename+0x2c0/0x2c0 [ 195.445766][ T8313] ? hfs_find_exit+0xa0/0xa0 [ 195.450357][ T8313] ? hfs_brec_find+0x3cd/0x500 [ 195.455126][ T8313] hfs_bmap_reserve+0x107/0x430 [ 195.459973][ T8313] __hfs_ext_write_extent+0x1fa/0x470 [ 195.465345][ T8313] __hfs_ext_cache_extent+0x6b/0x9b0 [ 195.470632][ T8313] ? hfs_find_init+0x17e/0x1f0 [ 195.475397][ T8313] hfs_extend_file+0x3a0/0x1380 [ 195.480246][ T8313] ? filemap_get_folios+0x102/0x7e0 [ 195.485434][ T8313] ? hfs_get_block+0xc50/0xc50 [ 195.490190][ T8313] ? find_lock_entries+0xfe0/0xfe0 [ 195.495296][ T8313] ? clean_bdev_aliases+0x587/0x680 [ 195.500489][ T8313] hfs_get_block+0x413/0xc50 [ 195.505202][ T8313] ? hfs_free_extents+0x430/0x430 [ 195.510215][ T8313] ? _raw_spin_unlock+0x28/0x40 [ 195.515059][ T8313] ? folio_add_lru+0x320/0xd30 [ 195.519841][ T8313] __block_write_begin_int+0x57f/0x1af0 [ 195.525388][ T8313] ? folio_add_lru+0xd30/0xd30 [ 195.530143][ T8313] ? hfs_free_extents+0x430/0x430 [ 195.535159][ T8313] ? folio_zero_new_buffers+0x550/0x550 [ 195.540707][ T8313] ? hfs_free_extents+0x430/0x430 [ 195.545716][ T8313] block_write_begin+0x9a/0x1e0 [ 195.550563][ T8313] cont_write_begin+0x5ee/0x810 [ 195.555404][ T8313] ? generic_cont_expand_simple+0x200/0x200 [ 195.561281][ T8313] ? __block_commit_write+0x23f/0x350 [ 195.566648][ T8313] ? put_page+0xea/0x260 [ 195.570884][ T8313] hfs_write_begin+0x8b/0xd0 [ 195.575459][ T8313] ? hfs_free_extents+0x430/0x430 [ 195.580473][ T8313] cont_write_begin+0x2b1/0x810 [ 195.585311][ T8313] ? do_sys_truncate+0xf6/0x1c0 [ 195.590152][ T8313] ? generic_cont_expand_simple+0x200/0x200 [ 195.596037][ T8313] hfs_write_begin+0x8b/0xd0 [ 195.600703][ T8313] ? hfs_free_extents+0x430/0x430 [ 195.605718][ T8313] hfs_file_truncate+0x1c4/0xa10 [ 195.610646][ T8313] ? __up_read+0x2b6/0x6b0 [ 195.615048][ T8313] ? up_read+0x20/0x20 [ 195.619099][ T8313] ? up_read+0x20/0x20 [ 195.623154][ T8313] ? hfs_extend_file+0x1380/0x1380 [ 195.628251][ T8313] ? unmap_mapping_range+0xe7/0x180 [ 195.633433][ T8313] ? unmap_mapping_pages+0x160/0x160 [ 195.638708][ T8313] ? pagecache_isize_extended+0x116/0x570 [ 195.644420][ T8313] hfs_inode_setattr+0x4af/0x6e0 [ 195.649346][ T8313] ? bpf_lsm_inode_setattr+0x9/0x10 [ 195.654550][ T8313] ? try_break_deleg+0x79/0x120 [ 195.659394][ T8313] ? hfs_evict_inode+0x110/0x110 [ 195.664331][ T8313] notify_change+0xb0d/0xe10 [ 195.668919][ T8313] do_truncate+0x1b0/0x240 [ 195.673322][ T8313] ? put_page_bootmem+0x2c0/0x2c0 [ 195.678337][ T8313] ? bpf_lsm_path_truncate+0x9/0x10 [ 195.683528][ T8313] vfs_truncate+0x266/0x300 [ 195.688022][ T8313] do_sys_truncate+0xf6/0x1c0 [ 195.692692][ T8313] ? lock_chain_count+0x20/0x20 [ 195.697534][ T8313] ? break_lease+0xd0/0xd0 [ 195.701941][ T8313] ? lockdep_hardirqs_on+0x98/0x150 [ 195.707131][ T8313] do_syscall_64+0x55/0xa0 [ 195.711539][ T8313] ? clear_bhb_loop+0x40/0x90 [ 195.716207][ T8313] ? clear_bhb_loop+0x40/0x90 [ 195.720872][ T8313] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 195.726754][ T8313] RIP: 0033:0x7f5c0739c819 [ 195.731243][ T8313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 195.750844][ T8313] RSP: 002b:00007f5c082fb028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c [ 195.759250][ T8313] RAX: ffffffffffffffda RBX: 00007f5c07615fa0 RCX: 00007f5c0739c819 [ 195.767223][ T8313] RDX: 0000000000000000 RSI: 0000000002fffffd RDI: 0000200000000940 [ 195.775184][ T8313] RBP: 00007f5c07432c91 R08: 0000000000000000 R09: 0000000000000000 [ 195.783237][ T8313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 195.791198][ T8313] R13: 00007f5c07616038 R14: 00007f5c07615fa0 R15: 00007ffd53a28c48 [ 195.799166][ T8313] [ 196.052893][ T23] usb 6-1: 5:0: failed to get current value for ch 0 (-22) [ 196.072174][ T23] usb 6-1: USB disconnect, device number 4 [ 196.090393][ T5757] udevd[5757]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 197.870006][ T1290] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.936359][ T5774] Bluetooth: hci0: command 0x080f tx timeout [ 199.936421][ T5779] Bluetooth: hci1: command 0x0406 tx timeout