last executing test programs: 2m43.757938652s ago: executing program 4 (id=381): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000005780)=@newlink={0x3c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x4}]}}}]}, 0x3c}}, 0x0) 2m43.614122971s ago: executing program 4 (id=383): r0 = socket$igmp6(0xa, 0x3, 0x2) sendmsg$inet6(r0, &(0x7f0000003580)={&(0x7f0000001fc0)={0xa, 0x2, 0x8, @dev={0xfe, 0x80, '\x00', 0x30}, 0x6}, 0x1c, 0x0, 0x0, &(0x7f00000034c0)=ANY=[@ANYBLOB="180000000000000029000000370000003a000000fbffffff1300000000000000290000000b"], 0x30}, 0x2000) 2m43.386344441s ago: executing program 4 (id=386): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000400)={0x2, {0x4, 0x5, 0xfffffffe, 0x400800}}) 2m43.09695406s ago: executing program 4 (id=388): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount$nfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{'noacl'}]}) 2m42.971648679s ago: executing program 4 (id=389): syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3"], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=") open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0) 2m41.974504955s ago: executing program 4 (id=396): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x80, &(0x7f00000002c0)="1af3050000f2bd5b", 0x8) 2m26.871463811s ago: executing program 32 (id=396): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r0, 0x84, 0x80, &(0x7f00000002c0)="1af3050000f2bd5b", 0x8) 11.984043734s ago: executing program 2 (id=1683): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x804, &(0x7f00000000c0)={[{@utf8}, {@shortname_lower}, {@utf8}, {@shortname_win95}, {@shortname_win95}, {@utf8no}, {@uni_xlate}, {@utf8no}, {@numtail}, {@fat=@codepage={'codepage', 0x3d, '855'}}, {@fat=@check_strict}, {@utf8no}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@utf8no}, {@rodir}]}, 0x1, 0x27b, &(0x7f0000000640)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=") mkdir(&(0x7f0000000400)='./file0\x00', 0x0) 10.671048639s ago: executing program 2 (id=1689): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, 0xfffffffffffffffc) 10.415966898s ago: executing program 2 (id=1691): r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x52, 0x39, 0x53, 0x10, 0xe41, 0x5057, 0x6ad, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xed, 0x5, 0x0, 0xeb, 0x24, 0xe0}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) 7.532172877s ago: executing program 2 (id=1708): mknod$loop(&(0x7f00000190c0)='./file0\x00', 0xfff, 0x0) execve(&(0x7f0000019100)='./file0\x00', 0x0, &(0x7f0000019180)={[&(0x7f00000191c0)='\t\xbc\xb4\xd0t\xee\xb5\xbe\xc6\xa1\n\xb7\x91\xa9YG\xc0M\x93-\xaf\xba\x88L\xb8Qwf\xae\xe9 \x0fH\xee\v\x90Q\xb8\xf7\f\xddP}\x15)\x9e\xdd\x11\x87#\x89>\x1a\xc2sH\xcc[y\xcd\x94\xa0\xd9\x105\b\xc2\xfe\x91\x88U\x1d\xc4\xa5\xe9]\x959%\xd3\xc9\xc3\xa9\xda\xd3\x17al_\x1f\xab\x01Xg\x0fb\x91\x97|\x04e37\xd9E\xaaH2\\\x7f0\xac\x8dA7\x1c\xfa\x82v\xce\xf4^\x87\xa6\x99}\x8aW4\'#\xc8\xab*\x004j\xb9\xfbRK(\xb0\xeb(k}\x81H\xc7\x7fz9q\xed\x8adU\x0f\xdf\x9b>\xb3V\x0f\xca\xf3j\xa7K|`\xa9\xcf>\xdd9\x94\xee\t\xc9(\xc5O+\x99\xce\x81\x7f\x8dGc\x88_:\x97\xcf\t\x18\xedpo\xc6/\xefq&v\xb28\xbc]B\\CQi\xfdg|\xb4\xba\xe7\xdc-g\x1a\xe4B\xbf\x03eu\xbfC\xbb\x15\xb1\xaa\xad,a\r\xc8\xc1!\x1f\x88r\x19\x913\x0e*\x17|\xdddZ\r\xfd\\\x9eG\xba\xad\xc1\x87a\x96p\xc3\xdd3\x86\xd5\xe7gx:\xfd\x1c\fI2\xc7\x11\xbc\x17\xc3X\xfa8\x9aA6\x8eE\xb6\x02\x89(Z)\xa0\xd053\xa8T\x02\xc45\x1c&\xc4\xbb-\xba\x80\xa9\xb5\xec0U\xe0\x101r/|\x1eg>cu\xb2\x98\xfc\xe7\xab\xc2\x91[\x1fb\xfa\'&\xf8\xf9\x10\xd6\xab\x1e\xed\xc0\x14\x8f\x9b\x17!!\'9h[\x06\xa8\x83\xed\xc2\xc4\xd3\xc5|\xc3\x905\xcf3L\xb9kCz\x00@\x11(!\xcef\x8a\x82\xc0a\xe8\xf3hB\xd4\x1b\x98X\xc8,)\xff\xda\xb9\x15\x01\xd4\xe1\xdf3b\xd6t=\t<\x80Z\"\x84\x13\xd3\xa5\x15W\xc0\xc9\x18s\x820gq\x98\xe5E\bs\x8bn5\xc58\xcc\xbe\xdc\x86\x0e']}) 6.901153535s ago: executing program 2 (id=1714): r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205649, &(0x7f0000000100)={0x0, 0x300, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90a, 0x8000, '\x00', @ptr=0x20002000}}) 6.422151013s ago: executing program 0 (id=1718): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000080)={0xe0, 0x10, 0x509, 0x0, 0x0, "", [@generic="6f6d8864d22a3f2ffaa46c88bc", @typed={0xa9, 0x0, 0x0, 0x0, @binary="2b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27db1f302de337c0004060000000000bf852c8986626691b01b2d44e4ce28715f2d28da0a9423debbb86f9dba4a2dba4dbe076c02262600c446a567de243ab0d67683f7bb11c9cab3b3eed8a8bef4ff1631aa78acefca03c1a66db4424a8ba100022db228bb7b5eb5100e434db5dd5e995aa0912086d9f4606d2e4cc898739222c5d3a83cb6b707f3336336ebb7d681"}, @nested={0x14, 0x0, 0x0, 0x1, [@typed={0xd, 0x0, 0x0, 0x0, @binary="cfe7336f91087ba18b"}]}]}, 0xe0}], 0x1}, 0x0) 6.272210153s ago: executing program 2 (id=1731): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) recvmmsg(r0, &(0x7f0000005c80), 0x400030f, 0x0, 0x0) 5.49092025s ago: executing program 0 (id=1734): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB="009917593d44d685cf8176521846a9e90205b4b89c0ed49b3e1201fa4a79b0b9651316a89d7e4038e94e54fdffa25c529d1cb4e43bf7e12bd2a555681300b85d6621470c304d6ba5731161f3f1da1193a85525e8c9a5a95798070ca48fa7edcf62e37626480f673141bee1ea2522f8b61aac12f984c1216683ae80e6146169cfb7aa7c50dd4c52259faaee2fedc1077bda4c3e65d7005d0ab71db65617abeb3c51b056d955f1285ed9d26d7c910bf3291f6b349ce7eee33a31a484c31993effe39fcfa55e722a20bf90b2f43ffbfd19afaeb1d6e9683ce09f4c8eb9591f0772a12"], 0x1, 0xc3c, &(0x7f0000000d00)="$eJzs3V1sXGdaB/DnnWMndsqyU9qmXbpIsxSxaZoE56OtUVrkbIy1K0VtVMcLNyCP40kY1V+1nVVawSpIwA0Igoq0Ai7IDRIXXOQGCa0QirhZJECKQJUWgUSgabQSAmYFCysqYXRm3rHHbtK4+bLT/H5t/J8585w575n2OT4TzXsmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIL/30saGDaatHAQA8SK+NvzF02O9/AHiknPL+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA20tRxFuR4r2xVpps3+8YONGcO3d+YnTs5qsNpkhRiaJdX/4ZOHjo8JEXX3p5uJsfv/699rl4ffzUsdrx+dmFxcbSUmO6NjHXPD0/3dj0M9zt+hvtbb8Atdk3z02fObNUO3Tg8LqHz1dv7Hxsd/Xo8LP7nu/WToyOjY331PT13/HWPyLdu6fiU2RHFPHlSPGt/d9J9YioxN33wm2OHffbYPSV/dfeiYnRsfaOzDTrc8vlg6mSq/oiqj0rjXR75AH04l0ZibhQ/ncqB7y33L3xhfpifWqmUTtZX1xuLjfn51KlM9pyf6pRieEUsRARrWKrB8920x9FvBopbnzYSlMRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTx25Hi3cmhOJ37qt021yO+WOYrEW+VeSXFxXw/lQeI4Yjv+n0CD7W+KOJvIsV8aqXpbu+3zytPfLX2lbkz8z213fPKh/79wYPk3IRtbCCKmGqf8bfSnf9lFwAAAAAAAAAAAADwYBTxzUhxeXZPWojeOaXNubO1U/Wpmc6ngruf/a/ltVZWVlaqqZO1nEM5R3KezDmZcyHnhZwXc17KeTnnlZxXc17L2coZlbz9nLWcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhnmPQEAAAAAAAAAAAAAAAAAAHCPDUYRvxEp/v33v9b+Xulofy/9Z48OHz/xmd7vjH/mNs9T1h6IiG/G5r6Td0f+rvFUKf+59/sF3N5AFPH1/P1/v7zVgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALaFShTxK5HiG99rpUgRMRIxGZ28Vmz16AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0s5UxKuR4md/d2R1WV9EpPa/HXvKH0dipMj5RJmvxMjBdlZGjpU5EHFgC8YP3Lmlt995sz4z01h0ww033Fi9sdVHJgAAAAAAAAAAAAAAAAB4hKUi/j5S/OTvtVI1Is5Xb+x8bHf16PCz+54vomhfBCD11r8+fupY7fj87MJiY2mpMV2bmGuenp9ubHZzAyeac+fOT4yO3Zedua3B+zz+wYHj8wtvLzbP/sLyTR/fNXBsaml5sX765g/HYPRFDPUu2dse8MToWHvQM836XHvVVLnFAPsiapvdGR55u1IR/xsp3tv/7Xg8L8vX/+jv3Fvr/j/8xbV7P9y3Plf/d2wfPz57dPj4ruc2czttdqB7241XNsLYeM/ivjzKH+pZVs3j2vRzwyOq7P8XIsXP/1GRuj2U+/8HOveK1dr/+fpaTx3dkKu2qP+f6Fl2NB+1+vsiBpZnF/qfjhhYevud/c3Z+tnG2cbckUMvvzR85OUXj7zUvyNi4ExzpjG0dmvTrx0AAAAAAAAAAAAAAAAA3C/9qYgvRYpf+ru/XJ03nuf/faZzb23+X+/83z0bnqf3ugG3un3TuX63mdfXq9xmSkU8FSme/bNn2uNNscucd7hDu1IR3y/7afrL6Qt5We7/PLP/5v1/YUOu2qL5v4/3LLuQjxP/ESke/4Nn4gs9x4mNs3vLur+IFFM/8vlcFzvKuu7zdeZEdyYGl7VfixTvn1xf2503/cRa7cHN7hZspbL/ZyPFP/zW38aP5mXrr/9x8/7ftSFXbVH/P9m7TxGx9PY7b9ZnZhqLS5t+KeCRU/b/r0eKv/6Tb8dzednHXf+ne52fPc+tz8Fu0Rb1/1M9y6p5XD/2CV8LAAAAAAAAAAAAeFjsSkX8U6T48z/dl/bnZZv5/O/0hly1RZ//e7pn2fS6z//evxubfpEBAGCb6E9F/ESk+OPp66k7N/aW839fWZv/M7rxxL19Tv+D7Xn+n+hc/xPM/y+3mVIR/5fn9Q7dZl7vj0eKX/upfbku7S7rRrrDbf8ceG1+bv+xmZn50/Xl+tRMoza+UD/dKNfdGyn+9d8+n9ettOf5dudHd+YGr80J/p1I8XMfdGs7c4K7cymfXKs9WNbujxTff399bXfe1VNrtYfK2t+MFGP/ffPa3Wu1h8vaf4wU//lurVu7q6ztvp97eq32wOn5mY+8ZQMAAAAAAAAAAAAAAAAAAGDr9aciUqS48jOXVufGr7/+V/c6AOuv/7XR/fr+/+q92U0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeCikKOK/IsV7Y610rSjvdwycaM6dOz8xOnbz1QZTpKhE0a4v/wwcPHT4yIsvvTzczY9f/177XLw+fupY7fj87MJiY2mpMV2bmGuenp9ubPoZ7nb9jfa2X4Da7Jvnps+cWaodOnB43cPnqzd2Pra7enT42X3Pd2snRsfGxntq+vrveOsfke7dU/EpsiOK+KtI8a3930n/XERU4u574TbHjvttMPrK/mvvxMToWHtHZpr1ueXywVTJVX0R1Z6VRro98gB68a6MRFyIiEo54L3l7o0v1BfrUzON2sn64nJzuTk/lyqd0Zb7U41KDKeIhYhoFVs9eLab/ijiSqS48WEr/UsRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTxZKR4d3Io3i86fdVum+sRXyzzlYi3yryS4mK+n8oDxHDEd/0+gYdaXxRxMlLMp1a6XuTeb59Xnvhq7StzZ+Z7arvnlQ/9+4MHybkJ29hAFPFB+4y/lT7w+xwAAAAAAAAAAAAAtrkiXo0Ul2f3pPb80NU5pc25s7VT9amZzsf6u5/9r+W1VlZWVqqpk7WcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhmVvP2ctZxDOUdynsw5mXMh54WcF3Neynk555WcV3Ney9nKGT4nDQAAAAAAAAAAAAAAAADAfVKJIn41Unzje620UnS+X3YyOnnNPFf4VPv/AAAA//84/iOE") renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x0) 4.004060615s ago: executing program 0 (id=1725): r0 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x1, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000b40)={0x1, @pix_mp={0x0, 0x0, 0x34565348}}) 3.375491443s ago: executing program 0 (id=1732): syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="63726561746f723dde6256b12c636f6465706167653d6d6163677265656b2c696f636861727365743d63703836362c756d61736b3d30303030303030303030303030303030303030303030352c00e4cf2d3a91a80628ea6b1bc6025a3322673c9a6ca7e1bfc0fbffeba166ebdb"], 0x4, 0x2d1, &(0x7f0000000300)="$eJzs3T9v00AYx/HfOUmb/lExbRESC6hQCZaKAgNiCUJZ2ZkQ0KRSRVREWyRgoSBGxAtg5y3wIlhAvAGYmHgB3YzufHGdxnEaaOKm/X6kRM757vyczo7vsdRGAE6te/Wfn2/+ti8jlVSSdEcKJFWlsqRzOl99sbmzsdNqNvI6KrkW9mUUtzRdddY2m1lNbTvXwgvtp7Jm02UYjiiK7v4qOggUzl39GQJp0l+Hbn91xHENy650segYRi09wWZPe3qpuQLDAQAcA/7+H/jbxKwrMgoCadnf9k/U/X+v6ACO1q1WV1GU2yB1/3eru8jY+T3jdu3ney6Fs/uDdpZ4mGAqBz5PKD6zOhaYpl9W6WIJptY3ylpZe6tGoHeqealqi+69EZ+6bX2iXcrITXP07q2i+9PxaNyK8qB2SOsbreak3ciIf2GwI/4/89V8Nw9NqE9qJOu/cmTsNLmZCg/MVFCx8V/v3eOMa2Vryaf9tVot6Khy1h3kgj+C12eU1eyMJN1n+wHBbhJBXpzu2PPqfKwQj261T6uFrFZh8qlHq8WOViV/JqysPWvlPkoZjvYQzUfzwCzpj76onlr/Bza+ZaWuzLyveuNq+jMjHs9Eds2yqxl23Tn2L5dLSQTe5MBjgzTg07IPeqLbmtt+9fppqdVqbtmNxxkbz2e3jC+pvJcy6wx/o6ScOtrdL4msN1F02J6jYQZ/7Ug7tN8fSYm9fLIq26ssKQlGPU2nZaP+TXkn5PhsRJHUY9fQvqdwjGyb9qT7gqmCA8Ko2XWXifM/t5L3qzqXItm3MGednp9kqqPH1SSD61wKzrv36YEyuJneGVzqiDd65Iwu57p8VbqSKjTKPWLo4zwhTF0/9Ijn/wAAAAAAAAAAAAAAAAAAAONmFH9pUPQYAQAAAAAAAAAAAAAAAAAAAAAYd//0+79Z/yPe/f5vyO//AmPkbwAAAP//FSp4xw==") mkdir(&(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) 3.143096001s ago: executing program 3 (id=1733): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newtaction={0x48, 0x1e, 0x109, 0x0, 0x0, {}, [{0x34, 0x1, [@m_mirred={0x30, 0x0, 0x0, 0x0, {{0xb, 0x9}, {0x4, 0xe}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x48}, 0x1, 0x2b1e}, 0x0) 2.962957211s ago: executing program 0 (id=1735): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0xf, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x57}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 2.6922481s ago: executing program 3 (id=1738): r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x842, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f00000003c0)="ff071d6ce89d96666b08e828be032f55097076e40148c200000000fb00000200000000000000", 0x26}, {&(0x7f0000000bc0)="d18a876f8f46c153dde8db040cc7e763ba2fab29aca1a1a2e0ab17dfd1fbfa6955b751ed697ff263589987f3de711efae8e2342b2846c1c9d8febaecb3aef2d7650869408a287d92d06f5d660a68f3f0a39e926d8dbd6f8d9de335fe4c520feaffc62c3435ab43a2f77234987d3b1130d31bd78fb28883050a1b8dd4ea2cdc62703eb86600dba7da620ad621c21b75893f334cfc82a3931e8cf3dfa12d31fa32797f5a940475fd8947bde48c8126a44eb9d229126e34e0d8aace15047ccd5bd0932270c88dac48e0bbb2af55a35efca697fe5435b19f827cf2d9337109", 0xdd}, {&(0x7f00000002c0)="a9", 0x1}], 0x3) 2.612428859s ago: executing program 1 (id=1740): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x7, 0xfffff014}, {0x6}]}, 0x10) 2.435240899s ago: executing program 3 (id=1741): syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB="009917593d44d685cf8176521846a9e90205b4b89c0ed49b3e1201fa4a79b0b9651316a89d7e4038e94e54fdffa25c529d1cb4e43bf7e12bd2a555681300b85d6621470c304d6ba5731161f3f1da1193a85525e8c9a5a95798070ca48fa7edcf62e37626480f673141bee1ea2522f8b61aac12f984c1216683ae80e6146169cfb7aa7c50dd4c52259faaee2fedc1077bda4c3e65d7005d0ab71db65617abeb3c51b056d955f1285ed9d26d7c910bf3291f6b349ce7eee33a31a484c31993effe39fcfa55e722a20bf90b2f43ffbfd19afaeb1d6e9683ce09f4c8eb9591f0772a12"], 0x1, 0xc3c, &(0x7f0000000d00)="$eJzs3V1sXGdaB/DnnWMndsqyU9qmXbpIsxSxaZoE56OtUVrkbIy1K0VtVMcLNyCP40kY1V+1nVVawSpIwA0Igoq0Ai7IDRIXXOQGCa0QirhZJECKQJUWgUSgabQSAmYFCysqYXRm3rHHbtK4+bLT/H5t/J8585w575n2OT4TzXsmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIL/30saGDaatHAQA8SK+NvzF02O9/AHiknPL+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA20tRxFuR4r2xVpps3+8YONGcO3d+YnTs5qsNpkhRiaJdX/4ZOHjo8JEXX3p5uJsfv/699rl4ffzUsdrx+dmFxcbSUmO6NjHXPD0/3dj0M9zt+hvtbb8Atdk3z02fObNUO3Tg8LqHz1dv7Hxsd/Xo8LP7nu/WToyOjY331PT13/HWPyLdu6fiU2RHFPHlSPGt/d9J9YioxN33wm2OHffbYPSV/dfeiYnRsfaOzDTrc8vlg6mSq/oiqj0rjXR75AH04l0ZibhQ/ncqB7y33L3xhfpifWqmUTtZX1xuLjfn51KlM9pyf6pRieEUsRARrWKrB8920x9FvBopbnzYSlMRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTx25Hi3cmhOJ37qt021yO+WOYrEW+VeSXFxXw/lQeI4Yjv+n0CD7W+KOJvIsV8aqXpbu+3zytPfLX2lbkz8z213fPKh/79wYPk3IRtbCCKmGqf8bfSnf9lFwAAAAAAAAAAAADwYBTxzUhxeXZPWojeOaXNubO1U/Wpmc6ngruf/a/ltVZWVlaqqZO1nEM5R3KezDmZcyHnhZwXc17KeTnnlZxXc17L2coZlbz9nLWcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhnmPQEAAAAAAAAAAAAAAAAAAHCPDUYRvxEp/v33v9b+Xulofy/9Z48OHz/xmd7vjH/mNs9T1h6IiG/G5r6Td0f+rvFUKf+59/sF3N5AFPH1/P1/v7zVgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALaFShTxK5HiG99rpUgRMRIxGZ28Vmz16AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0s5UxKuR4md/d2R1WV9EpPa/HXvKH0dipMj5RJmvxMjBdlZGjpU5EHFgC8YP3Lmlt995sz4z01h0ww033Fi9sdVHJgAAAAAAAAAAAAAAAAB4hKUi/j5S/OTvtVI1Is5Xb+x8bHf16PCz+54vomhfBCD11r8+fupY7fj87MJiY2mpMV2bmGuenp9ubHZzAyeac+fOT4yO3Zedua3B+zz+wYHj8wtvLzbP/sLyTR/fNXBsaml5sX765g/HYPRFDPUu2dse8MToWHvQM836XHvVVLnFAPsiapvdGR55u1IR/xsp3tv/7Xg8L8vX/+jv3Fvr/j/8xbV7P9y3Plf/d2wfPz57dPj4ruc2czttdqB7241XNsLYeM/ivjzKH+pZVs3j2vRzwyOq7P8XIsXP/1GRuj2U+/8HOveK1dr/+fpaTx3dkKu2qP+f6Fl2NB+1+vsiBpZnF/qfjhhYevud/c3Z+tnG2cbckUMvvzR85OUXj7zUvyNi4ExzpjG0dmvTrx0AAAAAAAAAAAAAAAAA3C/9qYgvRYpf+ru/XJ03nuf/faZzb23+X+/83z0bnqf3ugG3un3TuX63mdfXq9xmSkU8FSme/bNn2uNNscucd7hDu1IR3y/7afrL6Qt5We7/PLP/5v1/YUOu2qL5v4/3LLuQjxP/ESke/4Nn4gs9x4mNs3vLur+IFFM/8vlcFzvKuu7zdeZEdyYGl7VfixTvn1xf2503/cRa7cHN7hZspbL/ZyPFP/zW38aP5mXrr/9x8/7ftSFXbVH/P9m7TxGx9PY7b9ZnZhqLS5t+KeCRU/b/r0eKv/6Tb8dzednHXf+ne52fPc+tz8Fu0Rb1/1M9y6p5XD/2CV8LAAAAAAAAAAAAeFjsSkX8U6T48z/dl/bnZZv5/O/0hly1RZ//e7pn2fS6z//evxubfpEBAGCb6E9F/ESk+OPp66k7N/aW839fWZv/M7rxxL19Tv+D7Xn+n+hc/xPM/y+3mVIR/5fn9Q7dZl7vj0eKX/upfbku7S7rRrrDbf8ceG1+bv+xmZn50/Xl+tRMoza+UD/dKNfdGyn+9d8+n9ettOf5dudHd+YGr80J/p1I8XMfdGs7c4K7cymfXKs9WNbujxTff399bXfe1VNrtYfK2t+MFGP/ffPa3Wu1h8vaf4wU//lurVu7q6ztvp97eq32wOn5mY+8ZQMAAAAAAAAAAAAAAAAAAGDr9aciUqS48jOXVufGr7/+V/c6AOuv/7XR/fr+/+q92U0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeCikKOK/IsV7Y610rSjvdwycaM6dOz8xOnbz1QZTpKhE0a4v/wwcPHT4yIsvvTzczY9f/177XLw+fupY7fj87MJiY2mpMV2bmGuenp9ubPoZ7nb9jfa2X4Da7Jvnps+cWaodOnB43cPnqzd2Pra7enT42X3Pd2snRsfGxntq+vrveOsfke7dU/EpsiOK+KtI8a3930n/XERU4u574TbHjvttMPrK/mvvxMToWHtHZpr1ueXywVTJVX0R1Z6VRro98gB68a6MRFyIiEo54L3l7o0v1BfrUzON2sn64nJzuTk/lyqd0Zb7U41KDKeIhYhoFVs9eLab/ijiSqS48WEr/UsRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTxZKR4d3Io3i86fdVum+sRXyzzlYi3yryS4mK+n8oDxHDEd/0+gYdaXxRxMlLMp1a6XuTeb59Xnvhq7StzZ+Z7arvnlQ/9+4MHybkJ29hAFPFB+4y/lT7w+xwAAAAAAAAAAAAAtrkiXo0Ul2f3pPb80NU5pc25s7VT9amZzsf6u5/9r+W1VlZWVqqpk7WcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhmVvP2ctZxDOUdynsw5mXMh54WcF3Neynk555WcV3Ney9nKGT4nDQAAAAAAAAAAAAAAAADAfVKJIn41Unzje620UnS+X3YyOnnNPFf4VPv/AAAA//84/iOE") renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x0) 2.415296609s ago: executing program 0 (id=1751): syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==") syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c000201000000090400000102060000052406000105240000000d240f0100000000000000000006241a000000090581030002000000090401"], 0x0) 2.323671698s ago: executing program 5 (id=1752): unshare(0x22020400) bpf$LINK_DETACH(0x22, 0x0, 0x0) 2.271715068s ago: executing program 1 (id=1742): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000050c0)={&(0x7f0000000040)=@can_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {}, [@CGW_LIM_HOPS={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0) 2.032897268s ago: executing program 5 (id=1743): r0 = openat$binfmt_register(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000480)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x7, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '', 0x3a, './file0'}, 0x12f) 2.013087228s ago: executing program 1 (id=1744): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0xd}, [@NFULA_CFG_CMD={0x5, 0x1, 0x3}]}, 0x1c}}, 0x0) 1.713477697s ago: executing program 1 (id=1745): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000004800010000000000000000000a00806e08000000e0000001140001800d2a79075827af5aa534d6815c2e93f10c0002"], 0x40}}, 0x0) 1.713373606s ago: executing program 5 (id=1746): syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="63726561746f723dde6256b12c636f6465706167653d6d6163677265656b2c696f636861727365743d63703836362c756d61736b3d30303030303030303030303030303030303030303030352c00e4cf2d3a91a80628ea6b1bc6025a3322673c9a6ca7e1bfc0fbffeba166ebdb"], 0x4, 0x2d1, &(0x7f0000000300)="$eJzs3T9v00AYx/HfOUmb/lExbRESC6hQCZaKAgNiCUJZ2ZkQ0KRSRVREWyRgoSBGxAtg5y3wIlhAvAGYmHgB3YzufHGdxnEaaOKm/X6kRM757vyczo7vsdRGAE6te/Wfn2/+ti8jlVSSdEcKJFWlsqRzOl99sbmzsdNqNvI6KrkW9mUUtzRdddY2m1lNbTvXwgvtp7Jm02UYjiiK7v4qOggUzl39GQJp0l+Hbn91xHENy650segYRi09wWZPe3qpuQLDAQAcA/7+H/jbxKwrMgoCadnf9k/U/X+v6ACO1q1WV1GU2yB1/3eru8jY+T3jdu3ney6Fs/uDdpZ4mGAqBz5PKD6zOhaYpl9W6WIJptY3ylpZe6tGoHeqealqi+69EZ+6bX2iXcrITXP07q2i+9PxaNyK8qB2SOsbreak3ciIf2GwI/4/89V8Nw9NqE9qJOu/cmTsNLmZCg/MVFCx8V/v3eOMa2Vryaf9tVot6Khy1h3kgj+C12eU1eyMJN1n+wHBbhJBXpzu2PPqfKwQj261T6uFrFZh8qlHq8WOViV/JqysPWvlPkoZjvYQzUfzwCzpj76onlr/Bza+ZaWuzLyveuNq+jMjHs9Eds2yqxl23Tn2L5dLSQTe5MBjgzTg07IPeqLbmtt+9fppqdVqbtmNxxkbz2e3jC+pvJcy6wx/o6ScOtrdL4msN1F02J6jYQZ/7Ug7tN8fSYm9fLIq26ssKQlGPU2nZaP+TXkn5PhsRJHUY9fQvqdwjGyb9qT7gqmCA8Ko2XWXifM/t5L3qzqXItm3MGednp9kqqPH1SSD61wKzrv36YEyuJneGVzqiDd65Iwu57p8VbqSKjTKPWLo4zwhTF0/9Ijn/wAAAAAAAAAAAAAAAAAAAONmFH9pUPQYAQAAAAAAAAAAAAAAAAAAAAAYd//0+79Z/yPe/f5vyO//AmPkbwAAAP//FSp4xw==") mkdir(&(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) 1.272076625s ago: executing program 5 (id=1747): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="580000000206010800000000000000000000000014000780050014007f0000000500150003000000050001"], 0x58}, 0x1, 0x0, 0x0, 0x4000805}, 0x4008804) 1.255608045s ago: executing program 1 (id=1759): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00') write$binfmt_elf64(r0, &(0x7f0000000580)=ANY=[@ANYRESDEC=r0, @ANYRESOCT], 0x6ad) 1.070765134s ago: executing program 1 (id=1748): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2000042, &(0x7f0000000cc0)={[{@nombcache}, {@oldalloc}, {@inlinecrypt}, {@delalloc}, {@noload}, {@delalloc}, {@noload}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@lazytime}]}, 0x3, 0x4ea, &(0x7f00000006c0)="$eJzs3UtvG1sdAPD/OPa9yW3AuYVFqURb+lCKoE7S9BGxKK3EY1UJUfZpSJwoihNXidM2UQXuJwChCpBYsWKDxAdAQv0ICKkS7FiwAlWQ0gUbZDR+tI1jh+TWjdvk95NO58w59fz/x4/xnJlRHMCRdSYibkbEQERciIh8sz3TLFFtlPT/vdh6NJuWJGq1O/9MImm2tW/zWPNhqe9/N+KHyc64axubSzOlUnF1e/PmpcXlmYXiQnFlcnLi2tT1qatT43scSZLdrXc4Im586+XPf/Kb79z4w9cf/G36Hxd/lKZ1t9nfaRy90Bh6LgZbDdV3EaV/0vdNtj5CAAA+BOcj4nhEnI2Ir0Y+BmLXw2gAAADgA1T75vDHrSoAAABwOGXq98YmmULzft/hyGQKhcY9vF+MTzKl8lrla/Pl9ZW5xj20I5HLzC+WiuPNe4VHIpek6xP1+uv1y23rkxHxaUQ8yQ+l6/U+AAAA4GAca5v/v8w35v8AAADAIeNiPAAAABx+5v8AAABw+Jn/AwAAwKH2vdu301J7sfWo/jsAc/c31pfK9y/NFdeWCsvrs4XZ8uq9wkK5vFAqFgb+//ZK5fK9K7Gy/nCskl2rjK1tbE4vl9dXKtP13/WeLh4/gDEBAAAA2316+ulfkoiofmOoXlIfNftyfc0MeI8k2baGu1/pUyZAT+zhlP52Z9bfTSLAgWv/TgeODnN8IGlvaDswGOx2qPDH/cdyzAEAAP0x+iXX/+GoyvQ7AaBvftrvBIC+cS4ejq7c/u8ABA6ZHdf/2wx269jz9f9abV8JAQAAPTfcWFSjeS1wODKZQuHVZcFkfrFUHI+Iz0fEn/O5j9P1iT7mCwAAAAAAAAAAAAAAAAAAAAAAAAAfolotiRoAAABwqEVk/p40f/9rNH9+uP38wEfJf/L1ZUQ8+NWdXzycqVRWJ9L2f71qr/yy2X65H2cwAAAA4CjK7drbmqe35vEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Esvth7NtspBxn1+K4ZipFP8bAzWl4ORi4hP/p1E9o3HJREx0IP41ccRcaJT/CRNK0aaWbTHz0TEUJ/jH+tBfDjKnt6KiJudPn+ZOFNfdv78ZZvlbT2/Vf+Qd4zf2v8NdNn/fW6PMU4++91Y1/iPI05mO+9/WvGTLvHP7TH+3R9sbnbrq/06YrTj90+yLdZYZfne2NrG5qXF5ZmF4kJxZXJy4trU9amrU+Nj84ulYvPfjjF+9uXfV590HX+mvnwzfmucI40Mf9xt/Of3OP7/Pnu49YVGNbczfsTFc51f/xP1ZefnP31PXGh+D6T9o616tVF/06nf/ulUt9zS+HNdnv/G65+vdRv/xb0Nf8eYAYD+WtvYXJoplYqrB1A5e6V3G0wOKGeVLpXB9yONg658+6230zocfpvt/LVn40rnDJ27+rxjAgAAeu71QX+/MwEAAAAAAAAAAAAAAAAAAICj6zP98bDT+3tUe8xqf4YKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCr/wUAAP//GpnIcw==") quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000100)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) 592.181272ms ago: executing program 3 (id=1749): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={0x28, 0x3, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x9}, [@CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x24}, @CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x88}]}]}, 0x28}}, 0x8004) 592.082462ms ago: executing program 5 (id=1750): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={&(0x7f0000000380)="a634cd2c", 0x0, 0x0, 0x0, 0x80000001, r0}, 0x38) 307.661491ms ago: executing program 5 (id=1753): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x2008082, &(0x7f00000000c0)=ANY=[@ANYBLOB="706172746974696f6e3d30303030303030303030303030303030303030322c696f636861727365743d6575632d6a702c6769643d666f726765742c6e6f7374726963742c646d6f64653d30303030303030303030303030303030303030303030362c706172746974696f6e3d30303030303030303030303030303030303030372c766f6c756d653d30303030303030303030303030303030303030372c6c6f6e6761642c00a99d4bc4263c5e81a484a85bbe9993a007cf30b171b4a51e96e5dc3657a4e73975b046ac45f4d646a73764ecf48aec2a967453a5957da3ce777871b0cf49440e8ad4ddb1d23f6c6272b53730e7796dcc70e512e030b0d0608f73b8b34ea0a21a581f3bf479f730836c3085bb067edca04908e2c8b0242d5f1f7f753b06dfb9c748f2b3558abb78ad7f43aa7703eef9d1cba154b0b824ca641d6770f769634a8d6b092a3d1b6834effc0244dfc71e30436fcba0bfe736481b85b0dd3c6c20a62bd1ad2dd59c94004307d30708d67a"], 0xfc, 0xc3d, &(0x7f0000001ac0)="$eJzs3U9sHNd9B/DfGy5FUm4rJk5Uu42LTVskMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmCIJkmpkN22YXnroIUBR9JATgdYokKKB0RRFj2zrAsnFh8KnnogWNoKiB7YIkFPAYGbfiqu/lkJSpKzPx6a+s7Pvzbw3M56RBb15AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABE/O6r5068kPa7FQDAw3Rh8isnTnr+A8Bj5aL//wcAAAAAAAAAAAAAgIMuRRFPRorFC5tpuvrcMXi+PX/t+tTY+J2rDaWqZl9VvvwZfOHkqdNffHH0TDfvXX+3PR2vT148V39l4eriUmt5uTVbn5pvzyzMtu57Czutf6uR6gDUr75xbfby5eX6yedP3fT19eEPB544Onx29Nnjz3TLTo2Nj0/2lKn1/9x7v83dRngciiKOR4rnvvej1IyIInZ+LD7i2tlrQ1UnRqpOTI2NVx2ZazfnV8ovJ7oHooio91RqdI/RQzgXO9KIWC2bXzZ4pOze5GJzqXlprlWfaC6ttFfaC/MTqdPasj/1KOJMiliLiI2B2zfXH0XUIsV3jmymSxHR1z0OX6gGBt+9HcUe9vE+lO2s90esFY/AOTvABqKI1yLFj98tYqY8ZvknPhfxWpn/FPF2mS9HpPLCOB3xQXUdDe1zy9kNtSjiz8vzf3YzzVb3g+595fxX61+ev7zQU7Z7X3nknw8P0z3vTfs/7nIwimhW7dhMD/ibnf1vPAAAAAAAAAAAAAAAAMDH2FAU8XSkePU//rAaVxzVuPQjZ0d/b/gXewd4PfUR2ynLPh8Rq8X9jck9lIcQT6SJlPZ5LPHjbDCK+OM8/u9b+90YAAAAAAAAAAAAAAAAAACAx1oR70eKl947ltaid07x9vyV+sXmpbnOrLDduX+7c6ZvbW1t1VMnGzmnc67mXMu5nnMjZxS5fs5GzumcqznXcq7n3MgZfbl+zkbO6ZyrOddyrufcyBm1XD9nI2ct9201f17LuZ5zI2eYVxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNcVUcRPI8W3v76ZIkVEI2I6Ork+0C0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyngVTE9yNF/fcbN9bVIiJV/3YcK385HY1DZX4yGqNlvhyNczmbVdYa39qH9rMz/amIH0aKgcF3bpzwfP77O59uXAbx9je2P/1KrZN93S+HPxx44uiRs6Pjv/bU3ZbTnRowcr49f+16fWpsfHyyZ3Ut7/2TPeuG836L3ek6EbH85ltvNOfmWksWHo+FWmehFru65aGI3d3g7i3UOgv5fhX73p67LDQORjO2F6K699/xns3HRvn8/yBS/NZ7/9l94Hef/7/Q+XTjCR8/+ZPt5/9Lt25oj57/T/aseyn/bqS/FjG4cnWx/2jE4PKbbx1vX21eaV1pzZ8+ceJLo6NfOnWi/1DE4OX2XKtnaceHCgAAAAAAAAAAAAAAAODhSkX8TqRo/nAz1SPiejVea/js6LPHn+mLvmq81U3jtl6fvHiu/srC1cWl1vJya7Y+Nd+eWZht3e/uBqvhXlNj43vSmY80tMftHxp8ZWHxzaX2lT9YueP3hwfPXVpeWWrO3PnrGIoiotG7ZqRq8NTYeNXouXZzvqo6sUsDM/tTEf8VKWZO19Nn87o8/q+M9/t7yvaO/1/tWV8t79H4v0/csp+UivhJpPj8XzwVn63aeThuO2a53N9EipEzn8nl4lBZrtuGznsFOiMDy7L/Fyn+4ac3l+32/cntsi882NE9+MrzfyRSfP/Pvhu/ntfd/P6H7fGfvef/8K0b2qPz/6medYdvel/BjrtOPv/HI8XLT74Tv5HX3ev9H0VsbW19M+JYLnzj/Rx7dP4/3bNuODr7/c3d6z4AAAAAAAAAAMAjqz8V8beR4pnxWnoxr7ufv/83e+uG9ujvf/1yz7rZhzRf0Y4PKgAAAAAcEP2piPcjxZWVd26Moe4Z/33z+M/f3p57fSzd8m3153y/VL03YDf//K/XcN7v9M67DQAAAAAAAAAAAAAAAAAAAAdKSkW8GCk+v/VUNa7+XvOpr0eKV//nuVwuHS3LdeeBH65+HbywMH/83NzcwkxzpXlprlWfXGzOtMq6n4oUm3/9mVy3qOZX784335njfXCrOxf7UqQY/7tu2c5c7N25yTvzgXfmYi/LfiJS/Pff31y2O4/1p7fLnizL/lWk+No/37ns0e2yp8qy340UP/havVv2cFm2+37UzjtJB2sx13p+ZmHutlehAgAAAAAAAAAAAAAAAAAAwIPqT0X8aaT436trsZqH/ef5/7sz8Ne6Zd/+Rs98/7e4Xs3zP1zN/3+35Z9n/v/hXespAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OlIU8VakWLywmdYHys8dg+fb89euT42N37naUKpq9lXly5/BF06eOv3FF0fPdPPe9Xfb0/H65MVz9VcWri4utZaXW7P1qfn2zMJs6763sNP624euY6Q6APWrb1ybvXx5uX7y+VM3fX19+MOBJ44Onx199vgz3bJTY+Pjkz1lav0PsPcHaty2Q1HEX0aK5773o/QvAxFF7PxYfMS1s9eGqk6MVJ2YGhuvOjLXbs6vlF9OdA9EEVHvqdToHqOHcC52pBGxWja/bPBI2b3JxeZS89Jcqz7RXFppr7QX5idSp7Vlf+pRxJkUsRYRGwO3b64/ingjUnznyGb614GIvu5x+MKFya+cOHn3dhR72Mf7ULaz3h+xVjwC5+wAG4gi/jFS/PjdY/FvAxG16PzE5yJe6y34ckQqL4zTER/c4Tri0VSLIv6/PP9nN9O7A+X9oHtfOf/V+pfnLy/0lO3eVw7S82Hrwa/FoV3Y7f074PemwSjiB9UdfzP9u/+uAQAAAAAAAAAAAAAAAA6QIn41Urz03rFUjQ++Maa4PX+lfrF5aa4zrK879q8e8Udlbm1tbdVTJxs5p3Ou5lzLuZ5zI2cUuX7ORs7pnKs513Ku59zIGX25fs5GzumcqznXcq7n3MgZtSq2tra+2alfy/VzruZcq0UUZf38eSNnHJCxewAAAAAAAAAAAAAAAAAAwMdLUf2T4ttf30zVXKqNiOno5Lr5QD/2fhYAAP//SsP61w==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 242.718121ms ago: executing program 3 (id=1754): r0 = syz_open_dev$sndmidi(&(0x7f0000003640), 0x2, 0x20042) write$midi(r0, 0x0, 0x2c) 0s ago: executing program 3 (id=1755): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x20, 0x0, 0x7, 0xfffff014}, {0x6}]}, 0x10) kernel console output (not intermixed with test programs): e not active [ 135.203798][ T5779] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 135.222998][ T5779] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.310075][ T5779] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 135.521483][ T5809] loop1: detected capacity change from 0 to 32768 [ 135.531040][ T27] audit: type=1326 audit(1738069684.457:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5830 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56018cda9 code=0x7ffc0000 [ 135.577504][ T5779] device hsr_slave_0 entered promiscuous mode [ 135.638928][ T5779] device hsr_slave_1 entered promiscuous mode [ 135.653058][ T4261] Bluetooth: hci5: command 0x0409 tx timeout [ 135.675482][ T5779] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 135.685324][ T5809] XFS (loop1): Mounting V5 Filesystem [ 135.688102][ T27] audit: type=1326 audit(1738069684.537:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5830 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fc56018cda9 code=0x7ffc0000 [ 135.721816][ T5779] Cannot create hsr debugfs directory [ 135.898934][ T27] audit: type=1326 audit(1738069684.537:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5830 comm="syz.3.637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56018cda9 code=0x7ffc0000 [ 135.973464][ T5848] netlink: 204732 bytes leftover after parsing attributes in process `syz.2.639'. [ 135.984389][ T5809] XFS (loop1): Ending clean mount [ 136.253771][ T4248] XFS (loop1): Unmounting Filesystem [ 136.560489][ T5779] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 136.633675][ T5779] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 136.672808][ T5779] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 136.702137][ T5779] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 137.101198][ T5779] 8021q: adding VLAN 0 to HW filter on device bond0 [ 137.174378][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 137.194409][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 137.215280][ T5779] 8021q: adding VLAN 0 to HW filter on device team0 [ 137.242677][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 137.252420][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 137.278628][ T41] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.285890][ T41] bridge0: port 1(bridge_slave_0) entered forwarding state [ 137.347730][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 137.425036][ T5880] loop2: detected capacity change from 0 to 8 [ 137.439705][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 137.461261][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 137.488407][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.496783][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 137.546911][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 137.565805][ T5880] SQUASHFS error: xz decompression failed, data probably corrupt [ 137.582765][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 137.589418][ T5880] SQUASHFS error: Failed to read block 0x60: -5 [ 137.627468][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 137.651228][ T5880] SQUASHFS error: xz decompression failed, data probably corrupt [ 137.665438][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 137.677500][ T5880] SQUASHFS error: Failed to read block 0x60: -5 [ 137.685282][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 137.693768][ T27] audit: type=1800 audit(1738069686.627:9): pid=5880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.656" name="file1" dev="loop2" ino=1 res=0 errno=0 [ 137.695100][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 137.730954][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 137.738527][ T4261] Bluetooth: hci5: command 0x041b tx timeout [ 137.772433][ T4300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 137.797468][ T4300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 137.809979][ T4300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 137.819040][ T4300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 137.836545][ T5779] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 137.900599][ T5884] loop3: detected capacity change from 0 to 4096 [ 137.962270][ T5884] ntfs: (device loop3): is_boot_sector_ntfs(): Invalid end of sector marker. [ 138.012163][ T5884] ntfs: volume version 3.1. [ 138.051634][ T5887] bridge0: port 3(veth0_to_bridge) entered blocking state [ 138.097385][ T5884] ntfs: (device loop3): parse_options(): Unrecognized mount option אpCבpCo7O3pCoFuL?s [ 138.097385][ T5884] ?PpC-u[7?PpK6?D07?R翃pC"C?PpC-u{7?PpK>?D07?RpCOE>G. [ 138.103750][ T5887] bridge0: port 3(veth0_to_bridge) entered disabled state [ 138.281815][ T5896] netlink: 1033 bytes leftover after parsing attributes in process `syz.0.662'. [ 138.304206][ T5887] device veth0_to_bridge entered promiscuous mode [ 138.310874][ T5887] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 138.406707][ T5887] bridge0: port 3(veth0_to_bridge) entered blocking state [ 138.414133][ T5887] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 138.695427][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 138.744430][ T4316] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 138.758121][ T5779] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 139.106125][ T5894] loop2: detected capacity change from 0 to 32768 [ 139.145226][ T5894] [ 139.145226][ T5894] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 139.145226][ T5894] [ 139.221249][ T5894] [ 139.221249][ T5894] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 139.221249][ T5894] [ 139.273361][ T5894] [ 139.273361][ T5894] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 139.273361][ T5894] [ 139.298330][ T5894] jfs: Unrecognized mount option "ffffffffff" or missing value [ 139.474382][ T4255] [ 139.474382][ T4255] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 139.474382][ T4255] [ 139.534231][ T4255] [ 139.534231][ T4255] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 139.534231][ T4255] [ 139.793556][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 139.813125][ T4261] Bluetooth: hci5: command 0x040f tx timeout [ 139.831848][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 139.903002][ T22] usb 2-1: new low-speed USB device number 4 using dummy_hcd [ 139.933938][ T5935] loop0: detected capacity change from 0 to 4096 [ 139.955607][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 139.995269][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 140.033212][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 140.054546][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.066988][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.074330][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 140.079392][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.098574][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.111014][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.114324][ T5779] device veth0_vlan entered promiscuous mode [ 140.123418][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.141349][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.153820][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.166307][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.169286][ T5779] device veth1_vlan entered promiscuous mode [ 140.178672][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 140.258054][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 140.283791][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 140.295655][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 140.333916][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 140.356851][ T5779] device veth0_macvtap entered promiscuous mode [ 140.405724][ T5779] device veth1_macvtap entered promiscuous mode [ 140.449268][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.468797][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.555719][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.586932][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.623453][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.624434][ T22] usb 2-1: config 1 has an invalid interface descriptor of length 6, skipping [ 140.662962][ T22] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 140.664683][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.687149][ T22] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 140.706856][ T22] usb 2-1: config 1 has no interface number 1 [ 140.728907][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.751915][ T22] usb 2-1: too many endpoints for config 1 interface 2 altsetting 116: 104, using maximum allowed: 30 [ 140.758108][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.783168][ T22] usb 2-1: config 1 interface 2 altsetting 116 has 0 endpoint descriptors, different from the interface descriptor's value: 104 [ 140.815335][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 140.870025][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 140.870120][ T22] usb 2-1: config 1 interface 2 has no altsetting 1 [ 140.880092][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 140.904558][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 140.923749][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 140.976552][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.049560][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.095821][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.148999][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.163431][ T22] usb 2-1: string descriptor 0 read error: -22 [ 141.169746][ T22] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 141.181439][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.183387][ T5959] loop2: detected capacity change from 0 to 1024 [ 141.207778][ T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.216171][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.243642][ T22] usb 2-1: MIDIStreaming interface descriptor not found [ 141.297617][ T5779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.329982][ T5959] hfsplus: bad catalog entry type [ 141.374221][ T5779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.464899][ T5779] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 141.475525][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 141.504874][ T22] usb 2-1: USB disconnect, device number 4 [ 141.507307][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 141.605100][ T5779] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.665515][ T5779] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.692968][ T5779] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.702092][ T5779] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.739902][ T5967] autofs4:pid:5967:autofs_fill_super: called with bogus options [ 141.893050][ T4261] Bluetooth: hci5: command 0x0419 tx timeout [ 142.059236][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.111924][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.178512][ T4300] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 142.188658][ T5975] netlink: 8 bytes leftover after parsing attributes in process `syz.2.696'. [ 142.213463][ T5975] netlink: 8 bytes leftover after parsing attributes in process `syz.2.696'. [ 142.290534][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 142.317556][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 142.384315][ T4300] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 142.688533][ T5988] loop1: detected capacity change from 0 to 256 [ 142.854314][ T5988] FAT-fs (loop1): Directory bread(block 64) failed [ 142.901746][ T5988] FAT-fs (loop1): Directory bread(block 65) failed [ 142.918017][ T5988] FAT-fs (loop1): Directory bread(block 66) failed [ 142.958023][ T5988] FAT-fs (loop1): Directory bread(block 67) failed [ 142.993200][ T5988] FAT-fs (loop1): Directory bread(block 68) failed [ 143.063035][ T5988] FAT-fs (loop1): Directory bread(block 69) failed [ 143.123327][ T5988] FAT-fs (loop1): Directory bread(block 70) failed [ 143.129944][ T5988] FAT-fs (loop1): Directory bread(block 71) failed [ 143.168108][ T5988] FAT-fs (loop1): Directory bread(block 72) failed [ 143.190513][ T5988] FAT-fs (loop1): Directory bread(block 73) failed [ 143.446362][ T6002] loop5: detected capacity change from 0 to 8 [ 143.964450][ T5982] loop0: detected capacity change from 0 to 32768 [ 143.971734][ T5982] XFS: ikeep mount option is deprecated. [ 144.031788][ T5982] XFS: noikeep mount option is deprecated. [ 144.174147][ T5982] XFS (loop0): Mounting V5 Filesystem [ 144.580954][ T5982] XFS (loop0): Ending clean mount [ 144.669851][ T5982] XFS (loop0): Quotacheck needed: Please wait. [ 144.785228][ T5982] XFS (loop0): Quotacheck: Done. [ 145.063085][ C1] net_ratelimit: 7155 callbacks suppressed [ 145.063105][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 145.074379][ T6041] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl1: link becomes ready [ 145.081483][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 145.100764][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 145.113261][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 145.125664][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 145.138198][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 145.150586][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 145.163071][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 145.175479][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 145.177710][ T6044] loop3: detected capacity change from 0 to 1024 [ 145.187882][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 145.216156][ T4254] XFS (loop0): Unmounting Filesystem [ 145.230302][ T6044] EXT4-fs: Ignoring removed bh option [ 145.235818][ T6044] EXT4-fs: inline encryption not supported [ 145.419970][ T6014] loop5: detected capacity change from 0 to 32768 [ 145.485619][ T6044] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 145.502709][ T6014] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop5 scanned by syz.5.715 (6014) [ 145.572039][ T6051] loop1: detected capacity change from 0 to 256 [ 145.635763][ T6014] BTRFS info (device loop5): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 145.701153][ T6014] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm [ 145.733216][ T6014] BTRFS info (device loop5): force zlib compression, level 3 [ 145.740784][ T6044] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 2: comm syz.3.724: lblock 2 mapped to illegal pblock 2 (length 1) [ 145.763541][ T6014] BTRFS info (device loop5): force clearing of disk cache [ 145.781069][ T6014] BTRFS info (device loop5): setting nodatasum [ 145.791637][ T6014] BTRFS info (device loop5): allowing degraded mounts [ 145.809703][ T6044] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 145.833148][ T6014] BTRFS info (device loop5): enabling disk space caching [ 145.840254][ T6014] BTRFS info (device loop5): disk space caching is enabled [ 145.863760][ T6044] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 48: comm syz.3.724: lblock 0 mapped to illegal pblock 48 (length 1) [ 145.952292][ T6044] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 146.010756][ T6051] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 146.062605][ T6044] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.724: Failed to acquire dquot type 0 [ 146.237925][ T6044] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 146.275555][ T6044] EXT4-fs error (device loop3): ext4_evict_inode:279: inode #11: comm syz.3.724: mark_inode_dirty error [ 146.322485][ T6014] BTRFS info (device loop5): rebuilding free space tree [ 146.354190][ T6044] EXT4-fs warning (device loop3): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 146.386702][ T6044] EXT4-fs (loop3): 1 orphan inode deleted [ 146.404557][ T56] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 146.421350][ T6014] BTRFS info (device loop5): disabling free space tree [ 146.451459][ T6014] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 146.483094][ T6044] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 146.517817][ T56] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 146.540915][ T6014] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 146.563670][ T56] EXT4-fs error (device loop3): ext4_release_dquot:6817: comm kworker/u4:4: Failed to release dquot type 0 [ 146.639340][ T6044] EXT4-fs (loop3): unmounting filesystem. [ 146.658724][ T6044] EXT4-fs error (device loop3): __ext4_get_inode_loc:4506: comm syz.3.724: Invalid inode table block 1 in block_group 0 [ 146.740848][ T6044] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 146.783763][ T6044] EXT4-fs error (device loop3): ext4_quota_off:7083: inode #3: comm syz.3.724: mark_inode_dirty error [ 146.804586][ T6014] BTRFS warning (device loop5): get dev_stats failed, device not found [ 146.912204][ T6053] loop2: detected capacity change from 0 to 32768 [ 146.931693][ T5779] BTRFS info (device loop5): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 147.214328][ T6053] XFS (loop2): Mounting V5 Filesystem [ 147.621335][ T6053] XFS (loop2): Ending clean mount [ 147.837787][ T4255] XFS (loop2): Unmounting Filesystem [ 148.071831][ T6096] loop0: detected capacity change from 0 to 32768 [ 148.164438][ T6096] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.738 (6096) [ 148.362492][ T6096] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 148.418309][ T6096] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 148.492991][ T6096] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 148.502452][ T6096] BTRFS info (device loop0): force zstd compression, level 3 [ 148.637112][ T6096] BTRFS info (device loop0): turning on sync discard [ 148.693026][ T6096] BTRFS info (device loop0): enabling ssd optimizations [ 148.728938][ T6096] BTRFS info (device loop0): using spread ssd allocation scheme [ 148.756493][ T6096] BTRFS info (device loop0): max_inline at 0 [ 148.795822][ T6096] BTRFS info (device loop0): force clearing of disk cache [ 148.853047][ T6096] BTRFS info (device loop0): setting nodatacow [ 148.872631][ T6096] BTRFS info (device loop0): using free space tree [ 149.663668][ T52] block nbd1: Attempted send on invalid socket [ 149.669958][ T52] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 149.681537][ T6156] hfsplus: unable to find HFS+ superblock [ 150.073088][ C1] net_ratelimit: 6133 callbacks suppressed [ 150.073107][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 150.091391][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 150.103678][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 150.116102][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 150.128568][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 150.140957][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 150.153348][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 150.165816][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 150.178319][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 150.190764][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 150.286639][ T6168] ieee802154 phy0 wpan0: encryption failed: -22 [ 150.443502][ T6172] loop5: detected capacity change from 0 to 16 [ 150.547977][ T6175] netlink: 'syz.3.764': attribute type 12 has an invalid length. [ 150.637656][ T6172] erofs: (device loop5): mounted with root inode @ nid 36. [ 150.645818][ T6096] BTRFS info (device loop0): rebuilding free space tree [ 150.746612][ T6172] erofs: (device loop5): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 150.841722][ T6172] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -24 in[52, 4044] out[1851] [ 150.933029][ T6172] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117] [ 150.986204][ T4254] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 151.364863][ T6184] Unsupported ieee802154 address type: 0 [ 151.444203][ T6163] loop1: detected capacity change from 0 to 32768 [ 152.053768][ T6163] read_mapping_page failed! [ 152.162523][ T6178] loop3: detected capacity change from 0 to 32768 [ 152.238208][ T6178] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.766 (6178) [ 152.315930][ T6178] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 152.333078][ T6178] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 152.341801][ T6178] BTRFS info (device loop3): enabling auto defrag [ 152.387094][ T6178] BTRFS info (device loop3): doing ref verification [ 152.411893][ T6178] BTRFS info (device loop3): use no compression [ 152.458794][ T6178] BTRFS info (device loop3): force clearing of disk cache [ 152.485406][ T6178] BTRFS info (device loop3): max_inline at 4096 [ 152.491933][ T6178] BTRFS info (device loop3): metadata ratio 5 [ 152.534197][ T6178] BTRFS info (device loop3): using free space tree [ 153.190142][ T6178] BTRFS info (device loop3): enabling ssd optimizations [ 153.329413][ T6178] BTRFS info (device loop3): rebuilding free space tree [ 153.614198][ T6231] netlink: 32 bytes leftover after parsing attributes in process `syz.1.777'. [ 154.157695][ T4259] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 155.128725][ C1] net_ratelimit: 6424 callbacks suppressed [ 155.128745][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 155.147161][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 155.159543][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 155.171857][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 155.184235][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 155.196671][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 155.209103][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 155.221521][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 155.233911][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 155.246377][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 155.352388][ T6259] ieee802154 phy0 wpan0: encryption failed: -22 [ 155.490177][ T6266] loop3: detected capacity change from 0 to 24 [ 155.533847][ T6266] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 155.597390][ T6266] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 155.739831][ T6266] VFS: Lookup of 'file0' in romfs loop3 would have caused loop [ 155.864129][ T6275] netlink: 'syz.1.805': attribute type 5 has an invalid length. [ 156.086885][ T6281] netlink: 'syz.5.807': attribute type 8 has an invalid length. [ 156.253110][ T6284] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 156.543643][ T6290] loop5: detected capacity change from 0 to 256 [ 156.885673][ T6300] loop0: detected capacity change from 0 to 256 [ 156.953610][ T6300] exfat: Deprecated parameter 'utf8' [ 157.368012][ T6282] loop3: detected capacity change from 0 to 32768 [ 157.450319][ T127] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 157.473388][ T6282] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.808 (6282) [ 157.572177][ T6282] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 157.594552][ T6282] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 157.615379][ T6282] BTRFS info (device loop3): force clearing of disk cache [ 157.622586][ T6282] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 157.645849][ T6282] BTRFS info (device loop3): force zstd compression, level 3 [ 157.690500][ T6300] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 157.702824][ T6282] BTRFS info (device loop3): enabling auto defrag [ 157.710085][ T6282] BTRFS info (device loop3): max_inline at 0 [ 157.732749][ T6282] BTRFS info (device loop3): use zlib compression, level 3 [ 157.849906][ T6282] BTRFS info (device loop3): using free space tree [ 158.275782][ T6290] FAT-fs (loop5): Directory bread(block 64) failed [ 158.282485][ T6290] FAT-fs (loop5): Directory bread(block 65) failed [ 158.303786][ T6290] FAT-fs (loop5): Directory bread(block 66) failed [ 158.307674][ T6305] loop2: detected capacity change from 0 to 32768 [ 158.349664][ T6290] FAT-fs (loop5): Directory bread(block 67) failed [ 158.356719][ T6290] FAT-fs (loop5): Directory bread(block 68) failed [ 158.376493][ T127] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 158.388626][ T127] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.397203][ T6290] FAT-fs (loop5): Directory bread(block 69) failed [ 158.404381][ T6282] BTRFS info (device loop3): enabling ssd optimizations [ 158.432015][ T127] usb 2-1: Product: syz [ 158.437997][ T127] usb 2-1: Manufacturer: syz [ 158.441829][ T6290] FAT-fs (loop5): Directory bread(block 70) failed [ 158.443459][ T127] usb 2-1: SerialNumber: syz [ 158.474190][ T127] usb 2-1: config 0 descriptor?? [ 158.483003][ T6290] FAT-fs (loop5): Directory bread(block 71) failed [ 158.510494][ T6282] BTRFS info (device loop3): rebuilding free space tree [ 158.518722][ T6290] FAT-fs (loop5): Directory bread(block 72) failed [ 158.519781][ T127] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 158.577910][ T6290] FAT-fs (loop5): Directory bread(block 73) failed [ 158.713464][ T6305] XFS (loop2): Mounting V5 Filesystem [ 158.973001][ T127] gspca_sunplus: reg_w_riv err -71 [ 158.978346][ T127] sunplus: probe of 2-1:0.0 failed with error -71 [ 159.107305][ T127] usb 2-1: USB disconnect, device number 5 [ 159.233015][ T4259] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 160.132960][ C1] net_ratelimit: 6074 callbacks suppressed [ 160.132977][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 160.151297][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 160.173691][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 160.186041][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 160.198354][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 160.210804][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 160.223316][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 160.235621][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 160.247994][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 160.260446][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 160.331436][ T6362] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 160.380078][ T6362] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 160.463077][ T6362] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 160.541128][ T6362] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 160.616564][ T6370] loop0: detected capacity change from 0 to 16 [ 160.680391][ T6362] device geneve2 entered promiscuous mode [ 160.756018][ T6370] erofs: (device loop0): mounted with root inode @ nid 36. [ 160.773737][ T6362] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 160.804382][ T6370] erofs: (device loop0): z_erofs_pcluster_readmore: readmore error at page 72 @ nid 36 [ 160.846978][ T6362] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 160.871960][ T6370] erofs: (device loop0): z_erofs_read_folio: failed to read, err [-117] [ 160.892977][ T6362] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 160.902014][ T6362] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 162.485074][ T6404] loop0: detected capacity change from 0 to 512 [ 162.554031][ T6404] EXT4-fs: Ignoring removed nomblk_io_submit option [ 162.597924][ T6404] EXT4-fs: Ignoring removed mblk_io_submit option [ 162.790352][ T6411] tmpfs: Bad value for 'mpol' [ 162.995975][ T6404] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 163.043115][ T6404] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 163.153491][ T6404] EXT4-fs (loop0): 1 truncate cleaned up [ 163.159219][ T6404] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 163.241137][ T6404] EXT4-fs (loop0): unmounting filesystem. [ 164.128498][ T6434] netlink: 'syz.5.866': attribute type 1 has an invalid length. [ 165.149208][ C1] net_ratelimit: 7226 callbacks suppressed [ 165.149228][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 165.167486][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 165.179958][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 165.192445][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 165.204798][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 165.217091][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 165.229484][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 165.241945][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 165.254361][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 165.266768][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 165.728213][ T6305] XFS (loop2): Ending clean mount [ 165.905753][ T4255] XFS (loop2): Unmounting Filesystem [ 165.963716][ T6474] loop1: detected capacity change from 0 to 256 [ 166.748272][ T4996] usb 4-1: new low-speed USB device number 6 using dummy_hcd [ 166.909399][ T6486] loop5: detected capacity change from 0 to 256 [ 167.199792][ T4996] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 167.208213][ T4996] usb 4-1: config 179 has no interface number 0 [ 167.214698][ T4996] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10 [ 167.246255][ T4996] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8 [ 167.293330][ T4996] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 167.335840][ T4996] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 8 [ 167.371851][ T4996] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 167.396259][ T4996] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 167.416133][ T4996] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.424395][ T6474] FAT-fs (loop1): Directory bread(block 64) failed [ 167.431035][ T6486] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84977, utbl_chksum : 0xe619d30d) [ 167.443218][ T6474] FAT-fs (loop1): Directory bread(block 65) failed [ 167.450691][ T6474] FAT-fs (loop1): Directory bread(block 66) failed [ 167.503199][ T6476] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 167.511598][ T6474] FAT-fs (loop1): Directory bread(block 67) failed [ 167.518421][ T6476] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 167.525853][ T6474] FAT-fs (loop1): Directory bread(block 68) failed [ 167.532458][ T6474] FAT-fs (loop1): Directory bread(block 69) failed [ 167.609778][ T6474] FAT-fs (loop1): Directory bread(block 70) failed [ 167.663098][ T6474] FAT-fs (loop1): Directory bread(block 71) failed [ 167.687411][ T6474] FAT-fs (loop1): Directory bread(block 72) failed [ 167.720169][ T6474] FAT-fs (loop1): Directory bread(block 73) failed [ 167.974756][ T4996] usb 4-1: USB disconnect, device number 6 [ 167.992847][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 169.046105][ T6504] netlink: 16 bytes leftover after parsing attributes in process `syz.5.901'. [ 169.107812][ T6504] netlink: 16 bytes leftover after parsing attributes in process `syz.5.901'. [ 169.286555][ T6508] cgroup: noprefix used incorrectly [ 169.958260][ T6524] loop2: detected capacity change from 0 to 164 [ 170.003518][ T27] audit: type=1400 audit(1738069718.927:10): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED838C49D3A pid=6522 comm="syz.3.907" [ 170.152988][ C1] net_ratelimit: 7774 callbacks suppressed [ 170.153010][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 170.171426][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 170.183756][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 170.196237][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 170.208553][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 170.220842][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 170.233356][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 170.245827][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 170.258289][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 170.270706][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 170.478286][ T6496] loop1: detected capacity change from 0 to 32768 [ 170.565650][ T6496] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 170.582984][ T6496] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 170.613446][ T6534] netlink: 48 bytes leftover after parsing attributes in process `syz.5.914'. [ 170.654049][ T6524] syz.2.910: attempt to access beyond end of device [ 170.654049][ T6524] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 170.698696][ T6524] syz.2.910: attempt to access beyond end of device [ 170.698696][ T6524] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 170.771032][ T27] audit: type=1800 audit(1738069719.687:11): pid=6524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.910" name="file0" dev="loop2" ino=1862 res=0 errno=0 [ 171.397677][ T6541] loop2: detected capacity change from 0 to 4096 [ 171.434392][ T6541] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 171.481121][ T6526] loop0: detected capacity change from 0 to 32768 [ 171.605875][ T6526] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.911 (6526) [ 171.704420][ T6496] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms [ 171.712382][ T6526] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 171.730708][ T6526] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 171.767894][ T6541] ntfs: (device loop2): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 171.783052][ T6541] ntfs: (device loop2): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 171.818211][ T127] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 171.826037][ T6526] BTRFS info (device loop0): force zlib compression, level 3 [ 171.833564][ T127] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 171.850744][ T6526] BTRFS info (device loop0): force clearing of disk cache [ 171.929987][ T6526] BTRFS info (device loop0): setting nodatasum [ 171.976252][ T6541] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 172.013681][ T6526] BTRFS info (device loop0): enabling disk space caching [ 172.018643][ T6541] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 172.020758][ T6526] BTRFS info (device loop0): disk space caching is enabled [ 172.069247][ T127] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 235ms [ 172.156450][ T127] gfs2: fsid=syz:syz.0: jid=0: Done [ 172.163608][ T6496] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 172.192994][ T6541] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 172.201798][ T6541] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 172.265753][ T6541] ntfs: (device loop2): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 172.388332][ T6541] ntfs: volume version 3.1. [ 172.393129][ T6496] gfs2: fsid=syz:syz.0: can't start logd thread: -4 [ 172.592744][ T6536] loop5: detected capacity change from 0 to 32768 [ 172.928145][ T6526] BTRFS info (device loop0): enabling ssd optimizations [ 173.045490][ T6526] BTRFS info (device loop0): rebuilding free space tree [ 173.198209][ T6526] BTRFS info (device loop0): disabling free space tree [ 173.212984][ T6526] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 173.253096][ T6526] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 173.649238][ T4254] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 173.966720][ T6581] netlink: 40 bytes leftover after parsing attributes in process `syz.3.931'. [ 173.975920][ T6581] netlink: 40 bytes leftover after parsing attributes in process `syz.3.931'. [ 174.414438][ T4850] I/O error, dev loop5, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 175.163218][ C1] net_ratelimit: 7044 callbacks suppressed [ 175.163236][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 175.181558][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 175.193978][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 175.206289][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 175.218715][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 175.231170][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 175.243600][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 175.255885][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 175.268255][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 175.280753][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 175.712268][ T6620] xt_addrtype: ipv6 does not support BROADCAST matching [ 175.978859][ T6626] loop2: detected capacity change from 0 to 512 [ 176.328102][ T6626] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 176.354274][ T6635] loop1: detected capacity change from 0 to 512 [ 176.518534][ T6626] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.949: bad orphan inode 16 [ 176.617728][ T6626] ext4_test_bit(bit=15, block=4) = 0 [ 176.638832][ T6626] EXT4-fs (loop2): 1 orphan inode deleted [ 176.673854][ T6635] EXT4-fs (loop1): 1 truncate cleaned up [ 176.679579][ T6635] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 176.701876][ T6626] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 176.743351][ T6626] EXT4-fs error (device loop2): __ext4_new_inode:1075: comm syz.2.949: reserved inode found cleared - inode=1 [ 177.010987][ T6592] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 177.019750][ T4248] EXT4-fs (loop1): unmounting filesystem. [ 177.143902][ T4255] EXT4-fs (loop2): unmounting filesystem. [ 177.177920][ T6632] loop3: detected capacity change from 0 to 32768 [ 177.410439][ T6592] usb 6-1: Using ep0 maxpacket: 16 [ 177.413263][ T6632] (syz.3.952,6632,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 177.458570][ T6632] (syz.3.952,6632,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 177.748565][ T6647] loop2: detected capacity change from 0 to 8192 [ 177.817594][ T6592] usb 6-1: config 1 has too many interfaces: 129, using maximum allowed: 32 [ 177.843426][ T6592] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 129 [ 177.886121][ T6592] usb 6-1: config 1 interface 0 altsetting 93 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 177.930973][ T6592] usb 6-1: config 1 interface 0 altsetting 93 bulk endpoint 0x82 has invalid maxpacket 96 [ 177.950426][ T6592] usb 6-1: config 1 interface 0 altsetting 93 bulk endpoint 0x3 has invalid maxpacket 8 [ 177.983902][ T6592] usb 6-1: config 1 interface 0 altsetting 93 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 178.032225][ T6592] usb 6-1: config 1 interface 0 has no altsetting 0 [ 178.084212][ T6632] JBD2: Ignoring recovery information on journal [ 178.116183][ T6592] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a2, bcdDevice= 0.40 [ 178.133317][ T6592] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 178.160655][ T6592] usb 6-1: SerialNumber: syz [ 178.192342][ T6641] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 178.243765][ T6641] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 178.266143][ T6592] usb 6-1: bad CDC descriptors [ 178.370179][ T6632] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 178.498724][ T6641] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 178.506507][ T6641] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 178.595442][ T6592] cdc_subset 6-1:1.0 usb0: register 'cdc_subset' at usb-dummy_hcd.5-1, Linux Device, 12:03:2a:ea:51:6f [ 178.621412][ T6645] loop1: detected capacity change from 0 to 32768 [ 178.741980][ T6645] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.956 (6645) [ 178.873867][ T6645] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 178.901033][ T6592] usb 6-1: USB disconnect, device number 2 [ 178.904726][ T6645] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 178.908291][ T6592] cdc_subset 6-1:1.0 usb0: unregister 'cdc_subset' usb-dummy_hcd.5-1, Linux Device [ 178.973019][ T6645] BTRFS info (device loop1): using free space tree [ 179.110867][ T6647] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 179.131371][ T6647] FAT-fs (loop2): Filesystem has been set read-only [ 179.423572][ T4259] ocfs2: Unmounting device (7,3) on (node local) [ 179.449018][ T6645] BTRFS info (device loop1): enabling ssd optimizations [ 179.814861][ T4248] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 180.151271][ T4996] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 180.173544][ C1] net_ratelimit: 5898 callbacks suppressed [ 180.173562][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 180.192100][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 180.204486][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 180.216851][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 180.229322][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 180.241781][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 180.254223][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 180.266604][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 180.278948][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 180.291328][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 180.789258][ T6701] loop3: detected capacity change from 0 to 2048 [ 180.934196][ T4996] usb 1-1: config 0 has an invalid interface number: 185 but max is 0 [ 180.942436][ T4996] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 180.973397][ T4996] usb 1-1: config 0 has no interface number 0 [ 180.979573][ T4996] usb 1-1: config 0 interface 185 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 181.037002][ T4996] usb 1-1: config 0 interface 185 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 16 [ 181.270264][ T4996] usb 1-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=d2.82 [ 181.344173][ T4996] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.381875][ T4996] usb 1-1: Product: syz [ 181.409203][ T6701] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 181.462393][ T4996] usb 1-1: Manufacturer: syz [ 181.475341][ T4996] usb 1-1: SerialNumber: syz [ 181.519245][ T4996] usb 1-1: config 0 descriptor?? [ 181.593983][ T4996] cdc_ether 1-1:0.185: skipping garbage [ 181.599620][ T4996] usb 1-1: bad CDC descriptors [ 181.632557][ T4996] usb 1-1: unsupported MDLM descriptors [ 181.893531][ T6692] loop2: detected capacity change from 0 to 32768 [ 181.910739][ T4996] usb 1-1: USB disconnect, device number 4 [ 181.982845][ T6692] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.968 (6692) [ 182.096383][ T6692] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 182.154377][ T6692] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 182.198605][ T6692] BTRFS info (device loop2): using free space tree [ 182.560785][ T6705] loop1: detected capacity change from 0 to 32768 [ 182.702041][ T6705] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.967 (6705) [ 182.844411][ T6705] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 182.887718][ T6705] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 183.043950][ T6705] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 183.066351][ T6705] BTRFS info (device loop1): force zstd compression, level 3 [ 183.105369][ T6705] BTRFS info (device loop1): turning on sync discard [ 183.146855][ T6705] BTRFS info (device loop1): enabling ssd optimizations [ 183.193387][ T6705] BTRFS info (device loop1): using spread ssd allocation scheme [ 183.213229][ T6705] BTRFS info (device loop1): max_inline at 0 [ 183.219383][ T6705] BTRFS info (device loop1): force clearing of disk cache [ 183.300923][ T6760] mmap: syz.5.983 (6760) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 183.363037][ T6705] BTRFS info (device loop1): setting nodatacow [ 183.422486][ T6705] BTRFS info (device loop1): using free space tree [ 183.979527][ T6692] BTRFS error (device loop2): open_ctree failed [ 184.003327][ T4850] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by udevd (4850) [ 184.027422][ T6705] BTRFS error (device loop1): open_ctree failed [ 184.222311][ T4325] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by udevd (4325) [ 184.349204][ T6788] device veth3 entered promiscuous mode [ 184.799767][ T6796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.990'. [ 185.015603][ T6801] netlink: 16 bytes leftover after parsing attributes in process `syz.1.994'. [ 185.183040][ C1] net_ratelimit: 4149 callbacks suppressed [ 185.183060][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 185.201447][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 185.213985][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 185.226381][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 185.238768][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 185.251290][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 185.263828][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 185.276209][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 185.288566][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 185.301022][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 185.713569][ T6814] ieee802154 phy0 wpan0: encryption failed: -22 [ 185.786080][ T6819] loop2: detected capacity change from 0 to 256 [ 186.073261][ T6819] MINIX-fs: mounting file system with errors, running fsck is recommended [ 186.123183][ T6819] MINIX-fs warning: remounting fs with errors, running fsck is recommended [ 186.533809][ T6836] netlink: 'syz.5.1008': attribute type 10 has an invalid length. [ 186.729185][ T6836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 186.787666][ T6836] team0: Port device bond0 added [ 186.830091][ T6844] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1013'. [ 187.644970][ T6862] loop5: detected capacity change from 0 to 16 [ 187.652033][ T6862] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 188.039459][ T6866] loop1: detected capacity change from 0 to 4096 [ 188.163432][ T6866] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 188.388391][ T6847] loop3: detected capacity change from 0 to 32768 [ 189.179652][ T6893] device netdevsim0 entered promiscuous mode [ 189.506523][ T6901] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1036'. [ 189.591699][ T6901] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1036'. [ 190.028275][ T6866] ntfs3: loop1: ino=5, "/" The size of extended attributes must not exceed 64KiB [ 190.193142][ C1] net_ratelimit: 5291 callbacks suppressed [ 190.193164][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 190.211627][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 190.224163][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 190.236658][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 190.249206][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 190.261750][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 190.274138][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 190.286615][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 190.299121][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 190.311677][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 190.355694][ T6913] loop0: detected capacity change from 0 to 64 [ 191.162959][ T4995] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 191.598708][ T4995] usb 6-1: Using ep0 maxpacket: 16 [ 191.670397][ T6934] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1055'. [ 191.697859][ T6934] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1055'. [ 191.702257][ T6938] block nbd1: NBD_DISCONNECT [ 191.847637][ T4995] usb 6-1: config 0 has an invalid interface number: 237 but max is 0 [ 191.867783][ T4995] usb 6-1: config 0 has no interface number 0 [ 191.903051][ T4995] usb 6-1: config 0 interface 237 has no altsetting 0 [ 192.007895][ T6942] loop3: detected capacity change from 0 to 256 [ 192.184663][ T6946] netlink: 'syz.1.1062': attribute type 32 has an invalid length. [ 192.185100][ T4995] usb 6-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad [ 192.221389][ T4995] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.288231][ T4995] usb 6-1: Product: syz [ 192.292515][ T4995] usb 6-1: Manufacturer: syz [ 192.372948][ T4995] usb 6-1: SerialNumber: syz [ 192.393786][ T4995] usb 6-1: config 0 descriptor?? [ 192.470736][ T4995] snd_usb_podhd 6-1:0.237: Line 6 POD HD300 found [ 192.748387][ T4995] snd_usb_podhd 6-1:0.237: cannot get proper max packet size [ 192.764476][ T4995] snd_usb_podhd 6-1:0.237: Line 6 POD HD300 now disconnected [ 192.782624][ T4995] snd_usb_podhd: probe of 6-1:0.237 failed with error -22 [ 193.107269][ T4995] usb 6-1: USB disconnect, device number 3 [ 193.573200][ T6969] loop1: detected capacity change from 0 to 1024 [ 193.723595][ T6942] FAT-fs (loop3): Directory bread(block 64) failed [ 193.730247][ T6942] FAT-fs (loop3): Directory bread(block 65) failed [ 193.747462][ T6942] FAT-fs (loop3): Directory bread(block 66) failed [ 193.793015][ T6942] FAT-fs (loop3): Directory bread(block 67) failed [ 193.824129][ T6942] FAT-fs (loop3): Directory bread(block 68) failed [ 193.835382][ T6942] FAT-fs (loop3): Directory bread(block 69) failed [ 193.842093][ T6942] FAT-fs (loop3): Directory bread(block 70) failed [ 193.973082][ T6942] FAT-fs (loop3): Directory bread(block 71) failed [ 193.990979][ T6969] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 194.033121][ T6942] FAT-fs (loop3): Directory bread(block 72) failed [ 194.039733][ T6942] FAT-fs (loop3): Directory bread(block 73) failed [ 194.355269][ T4248] EXT4-fs (loop1): unmounting filesystem. [ 194.391365][ T27] kauditd_printk_skb: 13 callbacks suppressed [ 194.391383][ T27] audit: type=1800 audit(1738069743.317:12): pid=6942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1060" name="file1" dev="loop3" ino=1048611 res=0 errno=0 [ 194.475327][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.481688][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.080207][ T6992] loop2: detected capacity change from 0 to 1024 [ 195.250510][ C1] net_ratelimit: 5629 callbacks suppressed [ 195.250533][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 195.268831][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 195.281304][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 195.294004][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 195.306295][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 195.318810][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 195.331379][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 195.343774][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 195.356167][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 195.368612][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 195.421041][ T6998] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1086'. [ 195.528597][ T7000] loop5: detected capacity change from 0 to 1024 [ 195.595994][ T7002] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1088'. [ 196.136347][ T7010] netlink: 'syz.3.1092': attribute type 2 has an invalid length. [ 196.216309][ T7010] device 0 entered promiscuous mode [ 196.348687][ T11] hfsplus: b-tree write err: -5, ino 4 [ 196.575939][ T7018] loop3: detected capacity change from 0 to 128 [ 197.012077][ T7018] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 197.074044][ T7018] ext4 filesystem being mounted at /235/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 197.522046][ T4259] EXT4-fs (loop3): unmounting filesystem. [ 197.938444][ T7049] netlink: 'syz.5.1107': attribute type 1 has an invalid length. [ 197.994001][ T7049] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1107'. [ 198.223314][ T7054] x_tables: unsorted underflow at hook 3 [ 199.774363][ T7087] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.822555][ T7087] bond0: (slave rose0): Enslaving as an active interface with an up link [ 199.846589][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 200.188057][ T7098] loop2: detected capacity change from 0 to 256 [ 200.253076][ C1] net_ratelimit: 5720 callbacks suppressed [ 200.253098][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 200.271323][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 200.283688][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 200.296175][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 200.308698][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 200.321145][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 200.333843][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 200.346340][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 200.358788][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 200.371268][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 200.495764][ T7102] netlink: 'syz.3.1129': attribute type 2 has an invalid length. [ 200.578132][ T7102] device 0! entered promiscuous mode [ 201.447401][ T7098] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 201.658541][ T4256] Bluetooth: hci2: command 0x0406 tx timeout [ 201.675598][ T4256] Bluetooth: hci0: command 0x0406 tx timeout [ 201.681671][ T4256] Bluetooth: hci1: command 0x0406 tx timeout [ 201.687868][ T4261] Bluetooth: hci3: command 0x0406 tx timeout [ 201.688906][ T4251] Bluetooth: hci4: command 0x0406 tx timeout [ 201.713066][ T7128] netlink: 'syz.5.1138': attribute type 2 has an invalid length. [ 201.992950][ T4344] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 202.652627][ T4344] usb 3-1: config 1 has an invalid descriptor of length 212, skipping remainder of the config [ 202.683564][ T4344] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 202.699532][ T7149] tmpfs: Bad value for 'nr_blocks' [ 202.772931][ T4344] usb 3-1: too many endpoints for config 1 interface 1 altsetting 78: 168, using maximum allowed: 30 [ 202.843463][ T4344] usb 3-1: config 1 interface 1 altsetting 78 has 0 endpoint descriptors, different from the interface descriptor's value: 168 [ 202.923446][ T4344] usb 3-1: config 1 interface 1 has no altsetting 0 [ 203.393707][ T4344] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 203.402832][ T4344] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 203.470760][ T4344] usb 3-1: Product: syz [ 203.552172][ T4344] usb 3-1: can't set config #1, error -71 [ 203.633224][ T7166] loop3: detected capacity change from 0 to 128 [ 203.647941][ T4344] usb 3-1: USB disconnect, device number 4 [ 203.903231][ T7174] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1155'. [ 204.099502][ T7179] loop5: detected capacity change from 0 to 256 [ 204.834586][ T7195] loop2: detected capacity change from 0 to 16 [ 204.844774][ T7191] loop3: detected capacity change from 0 to 1024 [ 204.902901][ T7195] erofs: (device loop2): EXPERIMENTAL compressed inline data feature in use. Use at your own risk! [ 204.933885][ T7195] erofs: (device loop2): mounted with root inode @ nid 36. [ 204.970843][ T4344] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 205.005357][ T7195] syz.2.1164: attempt to access beyond end of device [ 205.005357][ T7195] loop2: rw=0, sector=1049256, nr_sectors = 128 limit=16 [ 205.262999][ C1] net_ratelimit: 5928 callbacks suppressed [ 205.263020][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 205.281456][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 205.293769][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 205.306095][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 205.318576][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 205.331091][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 205.343420][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 205.355722][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 205.368215][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 205.393463][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 205.767227][ T7218] netlink: 'syz.2.1171': attribute type 32 has an invalid length. [ 205.816331][ T7220] netlink: 'syz.5.1172': attribute type 1 has an invalid length. [ 205.846915][ T7218] device netdevsim0 entered promiscuous mode [ 206.153542][ T4344] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 206.162655][ T4344] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 206.182936][ T4344] usb 2-1: Product: syz [ 206.193214][ T4344] usb 2-1: Manufacturer: syz [ 206.197887][ T4344] usb 2-1: SerialNumber: syz [ 206.240256][ T4344] usb 2-1: config 0 descriptor?? [ 206.360915][ T4344] ch341 2-1:0.0: ch341-uart converter detected [ 206.730371][ T7240] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1181'. [ 206.736422][ T7244] netlink: 'syz.3.1179': attribute type 3 has an invalid length. [ 206.812123][ T7244] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1179'. [ 206.831996][ T7240] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1181'. [ 206.918463][ T4344] usb 2-1: failed to send control message: -71 [ 206.927088][ T4344] ch341-uart: probe of ttyUSB0 failed with error -71 [ 206.999678][ T4344] usb 2-1: USB disconnect, device number 6 [ 207.021122][ T4344] ch341 2-1:0.0: device disconnected [ 207.476470][ T7255] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1186'. [ 208.373733][ T27] audit: type=1326 audit(1738069757.307:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7276 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56018cda9 code=0x7ffc0000 [ 208.412138][ T7281] loop2: detected capacity change from 0 to 64 [ 208.453664][ T27] audit: type=1326 audit(1738069757.327:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7276 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56018cda9 code=0x7ffc0000 [ 208.550542][ T27] audit: type=1326 audit(1738069757.377:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7276 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7fc56018cda9 code=0x7ffc0000 [ 208.577738][ T7275] loop1: detected capacity change from 0 to 2048 [ 208.694563][ T27] audit: type=1326 audit(1738069757.377:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7276 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56018cda9 code=0x7ffc0000 [ 208.803208][ T27] audit: type=1326 audit(1738069757.377:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7276 comm="syz.3.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56018cda9 code=0x7ffc0000 [ 209.065365][ T7294] netlink: 'syz.3.1204': attribute type 1 has an invalid length. [ 209.158912][ T7296] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1205'. [ 209.664490][ T7308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1211'. [ 209.710213][ T7275] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 209.718300][ T7275] UDF-fs: Scanning with blocksize 512 failed [ 210.273283][ C1] net_ratelimit: 5439 callbacks suppressed [ 210.273305][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 210.291772][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 210.353196][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 210.365732][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 210.378249][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 210.390656][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 210.403141][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 210.415571][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 210.428175][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 210.440756][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 210.706868][ T7331] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1221'. [ 211.053230][ T7275] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 211.551972][ T7347] loop5: detected capacity change from 0 to 4096 [ 212.048002][ T7361] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 212.153699][ T7364] loop2: detected capacity change from 0 to 1024 [ 212.175482][ T7365] loop1: detected capacity change from 0 to 1024 [ 212.258067][ T7364] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 212.268620][ T7364] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 212.353421][ T7364] EXT4-fs error (device loop2): ext4_get_journal_inode:5722: inode #5: comm syz.2.1236: unexpected bad inode w/o EXT4_IGET_BAD [ 212.428240][ T7364] EXT4-fs (loop2): no journal found [ 212.445207][ T7364] EXT4-fs (loop2): can't get journal size [ 212.494389][ T7364] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 212.618270][ T56] hfsplus: b-tree write err: -5, ino 4 [ 212.794260][ T4255] EXT4-fs (loop2): unmounting filesystem. [ 213.513072][ T7392] loop3: detected capacity change from 0 to 512 [ 213.520193][ T7392] EXT4-fs: Ignoring removed oldalloc option [ 213.582983][ T7392] EXT4-fs: inline encryption not supported [ 213.734771][ T7392] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 214.052679][ T7398] loop2: detected capacity change from 0 to 4096 [ 214.120947][ T7398] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 214.157067][ T7408] netlink: 'syz.5.1256': attribute type 9 has an invalid length. [ 214.213686][ T7408] netlink: 'syz.5.1256': attribute type 6 has an invalid length. [ 214.371649][ T7392] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1249: bg 0: block 64: padding at end of block bitmap is not set [ 214.477985][ T7392] Quota error (device loop3): write_blk: dquota write failed [ 214.489792][ T7392] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 214.578972][ T7392] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.1249: Failed to acquire dquot type 0 [ 214.631951][ T7415] loop0: detected capacity change from 0 to 2048 [ 214.701956][ T7392] EXT4-fs (loop3): 1 truncate cleaned up [ 214.707941][ T7392] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 214.832429][ T7392] Quota error (device loop3): do_check_range: Getting block 144 out of range 0-5 [ 214.842162][ T7417] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1260'. [ 215.001123][ T7415] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 215.190921][ T4259] EXT4-fs (loop3): unmounting filesystem. [ 215.283109][ C1] net_ratelimit: 5223 callbacks suppressed [ 215.283131][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 215.301406][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 215.313859][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 215.326560][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 215.338885][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 215.351390][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 215.363891][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 215.376229][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 215.388589][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 215.401119][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 215.571106][ T7423] loop1: detected capacity change from 0 to 4096 [ 215.978102][ T7439] loop5: detected capacity change from 0 to 164 [ 216.313510][ T7398] ntfs3: loop2: failed to convert "c46c" to iso8859-3 [ 217.065260][ T7457] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1279'. [ 217.094860][ T7457] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1279'. [ 217.370056][ T7460] loop0: detected capacity change from 0 to 1764 [ 218.026687][ T7479] netlink: 'syz.3.1290': attribute type 10 has an invalid length. [ 218.292729][ T7484] netlink: 'syz.0.1293': attribute type 21 has an invalid length. [ 218.383078][ T7484] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1293'. [ 218.592071][ T7492] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1296'. [ 219.808292][ T7528] loop2: detected capacity change from 0 to 1024 [ 220.009371][ T7528] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 220.022332][ T7532] afs: Bad value for 'source' [ 220.169826][ T7528] hfsplus: filesystem is marked journaled, leaving read-only. [ 220.311502][ C1] net_ratelimit: 4959 callbacks suppressed [ 220.311525][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 220.329815][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 220.342236][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 220.354658][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 220.367123][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 220.379536][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 220.391934][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 220.404277][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 220.416662][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 220.429150][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 220.678161][ T7548] loop3: detected capacity change from 0 to 256 [ 221.079642][ T7558] loop2: detected capacity change from 0 to 64 [ 221.089900][ T7557] SET target dimension over the limit! [ 221.709801][ T7548] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84977, utbl_chksum : 0xe619d30d) [ 222.650379][ T7590] loop3: detected capacity change from 0 to 512 [ 223.046609][ T7605] loop2: detected capacity change from 0 to 764 [ 223.224485][ T7590] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 223.245106][ T7590] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 223.293507][ T7605] Symlink component flag not implemented [ 223.299653][ T7605] Symlink component flag not implemented [ 223.373020][ T7605] Symlink component flag not implemented (129) [ 223.428842][ T7605] Symlink component flag not implemented (6) [ 223.525988][ T4259] EXT4-fs (loop3): unmounting filesystem. [ 223.666830][ T27] audit: type=1400 audit(1738069772.597:18): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED838C49D3A pid=7615 comm="syz.5.1350" [ 223.771683][ T7620] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1352'. [ 224.108167][ T7631] netlink: 'syz.2.1357': attribute type 1 has an invalid length. [ 224.401400][ T7639] loop1: detected capacity change from 0 to 256 [ 224.448342][ T7641] netlink: 196 bytes leftover after parsing attributes in process `syz.3.1361'. [ 224.547779][ T7641] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 225.333269][ C1] net_ratelimit: 6113 callbacks suppressed [ 225.333289][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 225.351836][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 225.364212][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 225.376656][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 225.389082][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 225.401459][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 225.413818][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 225.426619][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 225.439173][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 225.451577][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 225.738282][ T7] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 226.217645][ T7] usb 4-1: Using ep0 maxpacket: 16 [ 226.435142][ T7] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 226.497379][ T7] usb 4-1: config 0 has no interface number 0 [ 226.633953][ T7639] FAT-fs (loop1): Directory bread(block 64) failed [ 226.640577][ T7639] FAT-fs (loop1): Directory bread(block 65) failed [ 226.703045][ T7639] FAT-fs (loop1): Directory bread(block 66) failed [ 226.713215][ T7639] FAT-fs (loop1): Directory bread(block 67) failed [ 226.719912][ T7639] FAT-fs (loop1): Directory bread(block 68) failed [ 226.776060][ T7639] FAT-fs (loop1): Directory bread(block 69) failed [ 226.782814][ T7639] FAT-fs (loop1): Directory bread(block 70) failed [ 226.843432][ T7689] device bond1 entered promiscuous mode [ 226.858173][ T7639] FAT-fs (loop1): Directory bread(block 71) failed [ 226.868342][ T7] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 226.893760][ T7639] FAT-fs (loop1): Directory bread(block 72) failed [ 226.900375][ T7639] FAT-fs (loop1): Directory bread(block 73) failed [ 226.915946][ T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.996066][ T7] usb 4-1: Product: syz [ 227.000308][ T7] usb 4-1: Manufacturer: syz [ 227.038258][ T7] usb 4-1: SerialNumber: syz [ 227.095743][ T7] usb 4-1: config 0 descriptor?? [ 227.179532][ T7] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 227.614739][ T7] gspca_spca1528: reg_w err -71 [ 227.647064][ T7707] cgroup: Bad value for 'name' [ 227.667283][ T7] spca1528: probe of 4-1:0.1 failed with error -71 [ 227.820924][ T7] usb 4-1: USB disconnect, device number 7 [ 228.592302][ T7730] xt_addrtype: ipv6 does not support BROADCAST matching [ 228.886859][ T7734] lo speed is unknown, defaulting to 1000 [ 228.980620][ T7734] lo speed is unknown, defaulting to 1000 [ 228.991101][ T7742] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1411'. [ 229.029872][ T7741] loop5: detected capacity change from 0 to 1024 [ 229.125590][ T7734] lo speed is unknown, defaulting to 1000 [ 229.443055][ T7741] hfsplus: failed to load root directory [ 230.000975][ T7734] infiniband syz0: set active [ 230.009805][ T4344] lo speed is unknown, defaulting to 1000 [ 230.111937][ T7734] infiniband syz0: added lo [ 230.126638][ T7734] rdma_rxe: unable to create cq [ 230.132509][ T7734] infiniband syz0: Couldn't create ib_mad CQ [ 230.208528][ T7734] infiniband syz0: Couldn't open port 1 [ 230.252386][ T27] audit: type=1326 audit(1738069779.177:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.0.1423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dce18cda9 code=0x7ffc0000 [ 230.378993][ T27] audit: type=1326 audit(1738069779.227:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.0.1423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f4dce18cda9 code=0x7ffc0000 [ 230.404511][ C1] net_ratelimit: 5491 callbacks suppressed [ 230.404534][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 230.422721][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 230.435005][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 230.447451][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 230.460373][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 230.472739][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 230.485206][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 230.497708][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 230.510798][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 230.523172][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 230.571528][ T7734] RDS/IB: syz0: added [ 230.582924][ T27] audit: type=1326 audit(1738069779.227:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.0.1423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dce18cda9 code=0x7ffc0000 [ 230.606496][ T7734] smc: adding ib device syz0 with port count 1 [ 230.633259][ T7734] smc: ib device syz0 port 1 has pnetid [ 230.656083][ T6588] lo speed is unknown, defaulting to 1000 [ 230.696198][ T7734] lo speed is unknown, defaulting to 1000 [ 230.703180][ T27] audit: type=1326 audit(1738069779.227:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7763 comm="syz.0.1423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4dce18cda9 code=0x7ffc0000 [ 230.969844][ T7752] loop3: detected capacity change from 0 to 32768 [ 231.272650][ T7781] loop0: detected capacity change from 0 to 256 [ 231.361621][ T7734] lo speed is unknown, defaulting to 1000 [ 231.383312][ T7752] XFS (loop3): Mounting V5 Filesystem [ 231.898966][ T7734] lo speed is unknown, defaulting to 1000 [ 232.043636][ T7781] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d) [ 232.221594][ T7796] program syz.2.1435 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 232.357215][ T7734] lo speed is unknown, defaulting to 1000 [ 232.864621][ T7734] lo speed is unknown, defaulting to 1000 [ 232.974922][ T7792] loop5: detected capacity change from 0 to 32768 [ 233.142966][ T7792] (syz.5.1433,7792,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 233.218851][ T7792] (syz.5.1433,7792,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 233.261571][ T7806] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1440'. [ 233.291472][ T7806] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1440'. [ 233.331244][ T7806] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1440'. [ 233.363239][ T7734] lo speed is unknown, defaulting to 1000 [ 234.022340][ T7792] JBD2: Ignoring recovery information on journal [ 234.081385][ T7802] loop0: detected capacity change from 0 to 32768 [ 234.323204][ T7802] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 234.368667][ T7802] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 234.400633][ T7802] BTRFS info (device loop0): using free space tree [ 234.439750][ T7792] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 234.983362][ T7802] BTRFS info (device loop0): enabling ssd optimizations [ 235.163131][ T4254] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 235.270352][ T7846] netlink: 'syz.1.1450': attribute type 2 has an invalid length. [ 235.278229][ T7846] netlink: 'syz.1.1450': attribute type 1 has an invalid length. [ 235.281014][ T5779] ocfs2: Unmounting device (7,5) on (node local) [ 235.430158][ C1] net_ratelimit: 5983 callbacks suppressed [ 235.430180][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 235.448408][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 235.460753][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 235.473189][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 235.485672][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 235.498163][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 235.510607][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 235.523263][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 235.535603][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 235.547953][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 236.122441][ T7860] loop2: detected capacity change from 0 to 2048 [ 236.623354][ T7871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1461'. [ 236.711631][ T7860] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 238.425319][ T7752] XFS (loop3): Ending clean mount [ 238.555458][ T4259] XFS (loop3): Unmounting Filesystem [ 238.892069][ T7921] loop5: detected capacity change from 0 to 16 [ 239.081819][ T7921] erofs: (device loop5): mounted with root inode @ nid 36. [ 239.150453][ T7921] erofs: (device loop5): z_erofs_readahead: readahead error at page 2 @ nid 89 [ 239.232926][ T7921] erofs: (device loop5): z_erofs_readahead: readahead error at page 1 @ nid 89 [ 239.272931][ T7921] erofs: (device loop5): z_erofs_readahead: readahead error at page 0 @ nid 89 [ 239.308960][ T7921] erofs: (device loop5): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 239.353710][ T7909] loop0: detected capacity change from 0 to 32768 [ 239.372397][ T7921] erofs: (device loop5): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 89 [ 239.392136][ T7909] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.1481 (7909) [ 239.422905][ T7921] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117] [ 239.507728][ T7909] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 239.508000][ T27] audit: type=1800 audit(1738069788.437:23): pid=7921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1487" name="file3" dev="loop5" ino=89 res=0 errno=0 [ 239.522498][ T7909] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 239.641040][ T7909] BTRFS info (device loop0): using free space tree [ 239.745971][ T7932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1491'. [ 240.172380][ T7954] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1494'. [ 240.392992][ T7909] BTRFS info (device loop0): enabling ssd optimizations [ 240.435842][ T7960] device gre1 entered promiscuous mode [ 240.449813][ C1] net_ratelimit: 5056 callbacks suppressed [ 240.449832][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 240.468185][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 240.480601][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 240.493267][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 240.505701][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 240.518067][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 240.530500][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 240.542959][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 240.555411][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 240.567828][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 241.133128][ T4254] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 241.311213][ T6584] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 241.836132][ T6584] usb 2-1: config 0 has an invalid interface number: 185 but max is 0 [ 241.850844][ T6584] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 241.884481][ T6584] usb 2-1: config 0 has no interface number 0 [ 241.924643][ T6584] usb 2-1: config 0 interface 185 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7 [ 241.957661][ T6584] usb 2-1: config 0 interface 185 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 16 [ 242.192662][ T6584] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=d2.82 [ 242.240911][ T6584] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 242.270237][ T6584] usb 2-1: Product: syz [ 242.274931][ T6584] usb 2-1: Manufacturer: syz [ 242.279581][ T6584] usb 2-1: SerialNumber: syz [ 242.293045][ T7991] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1512'. [ 242.307391][ T6584] usb 2-1: config 0 descriptor?? [ 242.357883][ T6584] cdc_ether 2-1:0.185: skipping garbage [ 242.365063][ T6584] usb 2-1: bad CDC descriptors [ 242.370296][ T6584] usb 2-1: unsupported MDLM descriptors [ 242.755262][ T6584] usb 2-1: USB disconnect, device number 7 [ 243.098760][ T8003] loop2: detected capacity change from 0 to 512 [ 243.440711][ T8003] EXT4-fs (loop2): 1 truncate cleaned up [ 243.450788][ T8003] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 243.469235][ T8005] loop3: detected capacity change from 0 to 4096 [ 243.521999][ T8005] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 243.656732][ T4255] EXT4-fs (loop2): unmounting filesystem. [ 244.261216][ T7999] loop5: detected capacity change from 0 to 32768 [ 244.357622][ T8023] loop2: detected capacity change from 0 to 16 [ 244.391511][ T7999] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1524 (7999) [ 244.416403][ T8023] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 244.549508][ T7999] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 244.571455][ T7999] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 244.590839][ T7999] BTRFS info (device loop5): using free space tree [ 244.834417][ T8013] loop0: detected capacity change from 0 to 32768 [ 245.171190][ T7999] BTRFS info (device loop5): enabling ssd optimizations [ 245.453248][ T5779] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 245.463077][ C1] net_ratelimit: 7285 callbacks suppressed [ 245.463100][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 245.481887][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 245.494229][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 245.506700][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 245.519152][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 245.531615][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 245.544105][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 245.556617][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 245.568905][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 245.581375][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 246.450685][ T8061] device netdevsim0 entered promiscuous mode [ 246.847795][ T8067] device gre1 entered promiscuous mode [ 247.340809][ T8079] loop2: detected capacity change from 0 to 4096 [ 247.472968][ T8079] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 247.843297][ T8093] netlink: 'syz.0.1546': attribute type 10 has an invalid length. [ 247.992144][ T8093] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.031339][ T8093] team0: Port device bond0 added [ 248.538849][ T8077] loop3: detected capacity change from 0 to 32768 [ 248.628203][ T8077] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1540 (8077) [ 248.745988][ T8077] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 248.803007][ T8077] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 248.822047][ T8077] BTRFS info (device loop3): using free space tree [ 249.056799][ T8119] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1559'. [ 249.130637][ T8119] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1559'. [ 249.545036][ T8136] block nbd0: NBD_DISCONNECT [ 249.594053][ T8079] ntfs3: loop2: ino=5, "/" The size of extended attributes must not exceed 64KiB [ 249.722710][ T8077] BTRFS info (device loop3): enabling ssd optimizations [ 250.054095][ T4259] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 250.255700][ T8114] loop1: detected capacity change from 0 to 32768 [ 250.465744][ T8151] loop5: detected capacity change from 0 to 256 [ 250.499047][ C1] net_ratelimit: 6490 callbacks suppressed [ 250.499071][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 250.517434][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 250.529795][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 250.542244][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 250.554522][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 250.566939][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 250.579278][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 250.591660][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 250.604483][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 250.617472][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 250.667572][ T8114] (syz.1.1557,8114,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 250.765736][ T8114] (syz.1.1557,8114,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 251.061305][ T8157] netlink: 'syz.0.1582': attribute type 32 has an invalid length. [ 251.139456][ T8159] loop3: detected capacity change from 0 to 1024 [ 251.279401][ T8114] JBD2: Ignoring recovery information on journal [ 251.475155][ T8114] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 251.508266][ T8159] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 251.748280][ T4259] EXT4-fs (loop3): unmounting filesystem. [ 252.589659][ T8175] loop0: detected capacity change from 0 to 4096 [ 252.707503][ T4248] ocfs2: Unmounting device (7,1) on (node local) [ 252.739093][ T8175] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 252.831781][ T8151] FAT-fs (loop5): Directory bread(block 64) failed [ 252.838689][ T8151] FAT-fs (loop5): Directory bread(block 65) failed [ 252.860386][ T8151] FAT-fs (loop5): Directory bread(block 66) failed [ 252.912987][ T8151] FAT-fs (loop5): Directory bread(block 67) failed [ 252.921014][ T8151] FAT-fs (loop5): Directory bread(block 68) failed [ 252.937509][ T8151] FAT-fs (loop5): Directory bread(block 69) failed [ 252.954353][ T8151] FAT-fs (loop5): Directory bread(block 70) failed [ 252.961050][ T8151] FAT-fs (loop5): Directory bread(block 71) failed [ 253.028900][ T8151] FAT-fs (loop5): Directory bread(block 72) failed [ 253.035939][ T8151] FAT-fs (loop5): Directory bread(block 73) failed [ 253.123644][ T8185] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1583'. [ 253.291852][ T27] audit: type=1800 audit(1738069802.217:24): pid=8151 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1580" name="file1" dev="loop5" ino=1048615 res=0 errno=0 [ 253.916406][ T8197] netlink: 'syz.1.1588': attribute type 2 has an invalid length. [ 253.977497][ T8197] device 0 entered promiscuous mode [ 254.068966][ T8181] loop2: detected capacity change from 0 to 32768 [ 254.151342][ T8181] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1579 (8181) [ 254.234908][ T8181] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 254.245819][ T8181] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 254.275148][ T8181] BTRFS info (device loop2): using free space tree [ 254.495966][ T8213] loop3: detected capacity change from 0 to 1024 [ 254.621336][ T8222] loop1: detected capacity change from 0 to 128 [ 254.656915][ T8175] ntfs3: loop0: ino=5, "/" The size of extended attributes must not exceed 64KiB [ 254.894033][ T8222] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 254.962975][ T8222] ext4 filesystem being mounted at /302/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 255.023365][ T8181] BTRFS info (device loop2): enabling ssd optimizations [ 255.138473][ T9] hfsplus: b-tree write err: -5, ino 4 [ 255.193784][ T4248] EXT4-fs (loop1): unmounting filesystem. [ 255.424236][ T4255] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 255.535098][ C1] net_ratelimit: 5720 callbacks suppressed [ 255.535119][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 255.553520][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 255.565882][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 255.578428][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 255.590832][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 255.603408][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 255.615974][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 255.628382][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 255.641097][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 255.653581][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 255.963852][ T1272] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.970261][ T1272] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.180990][ T6356] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 256.542512][ T6356] usb 2-1: Using ep0 maxpacket: 16 [ 256.665172][ T6356] usb 2-1: config 0 has an invalid interface number: 237 but max is 0 [ 256.673467][ T6356] usb 2-1: config 0 has no interface number 0 [ 256.689213][ T6356] usb 2-1: config 0 interface 237 has no altsetting 0 [ 256.969376][ T6356] usb 2-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad [ 256.982623][ T6356] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 257.001272][ T6356] usb 2-1: Product: syz [ 257.024307][ T6356] usb 2-1: Manufacturer: syz [ 257.028980][ T6356] usb 2-1: SerialNumber: syz [ 257.088299][ T6356] usb 2-1: config 0 descriptor?? [ 257.194024][ T6356] snd_usb_podhd 2-1:0.237: Line 6 POD HD300 found [ 257.299399][ T8265] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1620'. [ 257.423414][ T6356] snd_usb_podhd 2-1:0.237: cannot get proper max packet size [ 257.431082][ T6356] snd_usb_podhd 2-1:0.237: Line 6 POD HD300 now disconnected [ 257.472663][ T6356] snd_usb_podhd: probe of 2-1:0.237 failed with error -22 [ 257.537007][ T8267] netlink: 'syz.0.1612': attribute type 1 has an invalid length. [ 257.581297][ T8267] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1612'. [ 257.787884][ T4827] usb 2-1: USB disconnect, device number 8 [ 257.991789][ T4251] Bluetooth: hci5: command 0x0406 tx timeout [ 258.446289][ T8283] loop3: detected capacity change from 0 to 1024 [ 258.513219][ T8285] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1618'. [ 259.004058][ T8293] netlink: 'syz.1.1623': attribute type 2 has an invalid length. [ 259.094775][ T8293] device 0! entered promiscuous mode [ 259.169269][ T8295] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 259.969651][ T8316] netlink: 'syz.1.1636': attribute type 2 has an invalid length. [ 260.286074][ T4290] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 260.543054][ C1] net_ratelimit: 6941 callbacks suppressed [ 260.543076][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 260.562583][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 260.574941][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 260.588097][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 260.600660][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 260.615480][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 260.628854][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 260.642093][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 260.654793][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 260.667379][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 260.742053][ T4290] usb 4-1: Using ep0 maxpacket: 16 [ 260.983476][ T4290] usb 4-1: config 0 has an invalid interface number: 237 but max is 0 [ 260.991913][ T4290] usb 4-1: config 0 has no interface number 0 [ 261.013068][ T4290] usb 4-1: config 0 interface 237 has no altsetting 0 [ 261.303951][ T4290] usb 4-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad [ 261.322929][ T4290] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.352717][ T4290] usb 4-1: Product: syz [ 261.366095][ T8343] tmpfs: Bad value for 'nr_blocks' [ 261.432917][ T4290] usb 4-1: Manufacturer: syz [ 261.437637][ T4290] usb 4-1: SerialNumber: syz [ 261.508585][ T4290] usb 4-1: config 0 descriptor?? [ 261.634038][ T4290] snd_usb_podhd 4-1:0.237: Line 6 POD HD300 found [ 261.912605][ T4290] snd_usb_podhd 4-1:0.237: cannot get proper max packet size [ 261.933067][ T4290] snd_usb_podhd 4-1:0.237: Line 6 POD HD300 now disconnected [ 261.954212][ T4290] snd_usb_podhd: probe of 4-1:0.237 failed with error -22 [ 262.227050][ T4290] usb 4-1: USB disconnect, device number 8 [ 262.475649][ T8337] loop0: detected capacity change from 0 to 32768 [ 262.676714][ T8337] (syz.0.1643,8337,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 262.719739][ T8337] (syz.0.1643,8337,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 263.384460][ T8376] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1659'. [ 263.632730][ T8337] JBD2: Ignoring recovery information on journal [ 263.892819][ T8337] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 264.569354][ T8387] loop3: detected capacity change from 0 to 4096 [ 264.682949][ T8387] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512) [ 264.779139][ T4254] ocfs2: Unmounting device (7,0) on (node local) [ 265.553090][ C1] net_ratelimit: 5845 callbacks suppressed [ 265.553112][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 265.571445][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 265.583793][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 265.596162][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 265.608473][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 265.620881][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 265.633268][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 265.645614][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 265.657984][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 265.670363][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 266.044899][ T8403] loop5: detected capacity change from 0 to 16 [ 266.094927][ T8403] erofs: (device loop5): EXPERIMENTAL compressed inline data feature in use. Use at your own risk! [ 266.124456][ T8403] erofs: (device loop5): mounted with root inode @ nid 36. [ 266.144770][ T8403] syz.5.1678: attempt to access beyond end of device [ 266.144770][ T8403] loop5: rw=0, sector=1049256, nr_sectors = 128 limit=16 [ 266.487755][ T8387] ntfs3: loop3: ino=5, "/" The size of extended attributes must not exceed 64KiB [ 266.711047][ T27] audit: type=1326 audit(1738069815.637:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.2.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504c98cda9 code=0x7ffc0000 [ 266.770947][ T27] audit: type=1326 audit(1738069815.657:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.2.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f504c98cda9 code=0x7ffc0000 [ 266.862931][ T27] audit: type=1326 audit(1738069815.657:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.2.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504c98cda9 code=0x7ffc0000 [ 266.952912][ T27] audit: type=1326 audit(1738069815.657:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.2.1690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f504c98cda9 code=0x7ffc0000 [ 267.382747][ T8414] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1680'. [ 267.719862][ T8423] loop2: detected capacity change from 0 to 256 [ 267.726657][ T8421] netlink: 'syz.5.1682': attribute type 3 has an invalid length. [ 267.770235][ T8421] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1682'. [ 268.239145][ T8430] loop3: detected capacity change from 0 to 256 [ 268.980919][ T8430] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 269.037635][ T8436] netlink: 'syz.0.1666': attribute type 2 has an invalid length. [ 269.385586][ T8442] netlink: 'syz.0.1694': attribute type 1 has an invalid length. [ 269.583575][ T8444] netlink: 'syz.5.1695': attribute type 1 has an invalid length. [ 269.602369][ T6584] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 269.639485][ T4344] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 269.912809][ T8448] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1696'. [ 269.919433][ T8447] netlink: 'syz.0.1707': attribute type 1 has an invalid length. [ 270.012567][ T4344] usb 3-1: Using ep0 maxpacket: 16 [ 270.152572][ T6584] usb 4-1: config 1 has an invalid descriptor of length 212, skipping remainder of the config [ 270.182932][ T6584] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 270.232906][ T6584] usb 4-1: too many endpoints for config 1 interface 1 altsetting 78: 168, using maximum allowed: 30 [ 270.254269][ T4344] usb 3-1: config 0 has an invalid interface number: 237 but max is 0 [ 270.302271][ T6584] usb 4-1: config 1 interface 1 altsetting 78 has 0 endpoint descriptors, different from the interface descriptor's value: 168 [ 270.341351][ T4344] usb 3-1: config 0 has no interface number 0 [ 270.372908][ T4344] usb 3-1: config 0 interface 237 has no altsetting 0 [ 270.379867][ T6584] usb 4-1: config 1 interface 1 has no altsetting 0 [ 270.544429][ T4344] usb 3-1: New USB device found, idVendor=0e41, idProduct=5057, bcdDevice= 6.ad [ 270.553982][ T4344] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 270.562111][ T4344] usb 3-1: Product: syz [ 270.573108][ C1] net_ratelimit: 7854 callbacks suppressed [ 270.573130][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 270.591505][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 270.603939][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 270.616381][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 270.628764][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 270.641148][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 270.653535][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 270.665881][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 270.678602][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 270.691140][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 270.732720][ T4344] usb 3-1: Manufacturer: syz [ 270.737817][ T4344] usb 3-1: SerialNumber: syz [ 270.772172][ T4344] usb 3-1: config 0 descriptor?? [ 270.813334][ T4344] snd_usb_podhd 3-1:0.237: Line 6 POD HD300 found [ 270.820275][ T6584] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 270.839914][ T6584] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 270.869527][ T6584] usb 4-1: Product: syz [ 270.887619][ T6584] usb 4-1: Manufacturer: syz [ 270.914717][ T6584] usb 4-1: SerialNumber: syz [ 270.996183][ T6584] usb 4-1: selecting invalid altsetting 0 [ 271.002147][ T6584] cdc_ether: probe of 4-1:1.0 failed with error -22 [ 271.020657][ T8461] loop0: detected capacity change from 0 to 256 [ 271.071190][ T4344] snd_usb_podhd 3-1:0.237: cannot get proper max packet size [ 271.078940][ T4344] snd_usb_podhd 3-1:0.237: Line 6 POD HD300 now disconnected [ 271.104476][ T4344] snd_usb_podhd: probe of 3-1:0.237 failed with error -22 [ 271.236661][ T6584] usb 4-1: selecting invalid altsetting 0 [ 271.242477][ T6584] usbtest: probe of 4-1:1.1 failed with error -22 [ 271.341348][ T6584] usb 4-1: USB disconnect, device number 9 [ 271.383003][ T4827] usb 3-1: USB disconnect, device number 5 [ 271.947860][ T8470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1705'. [ 273.000516][ T8492] loop5: detected capacity change from 0 to 1024 [ 273.326081][ T8501] loop1: detected capacity change from 0 to 256 [ 273.537933][ T4300] hfsplus: b-tree write err: -5, ino 4 [ 274.150151][ T8507] loop0: detected capacity change from 0 to 2048 [ 274.172911][ T8501] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 274.305749][ T8511] loop3: detected capacity change from 0 to 256 [ 274.721087][ T4344] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 275.024741][ T8507] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 275.032486][ T8507] UDF-fs: Scanning with blocksize 512 failed [ 275.252041][ T4344] usb 2-1: config 1 has an invalid descriptor of length 212, skipping remainder of the config [ 275.265742][ T4344] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 275.302803][ T4344] usb 2-1: too many endpoints for config 1 interface 1 altsetting 78: 168, using maximum allowed: 30 [ 275.343025][ T8507] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 275.351879][ T4344] usb 2-1: config 1 interface 1 altsetting 78 has 0 endpoint descriptors, different from the interface descriptor's value: 168 [ 275.391492][ T4344] usb 2-1: config 1 interface 1 has no altsetting 0 [ 275.582911][ C1] net_ratelimit: 6438 callbacks suppressed [ 275.582935][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 275.601222][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 275.613606][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 275.625957][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 275.638250][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 275.650594][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 275.662937][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 275.675360][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 275.687955][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 275.700402][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 275.745118][ T4344] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 275.761876][ T4344] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.773264][ T4344] usb 2-1: Product: syz [ 275.777498][ T4344] usb 2-1: Manufacturer: syz [ 275.782164][ T4344] usb 2-1: SerialNumber: syz [ 275.876301][ T4344] usb 2-1: selecting invalid altsetting 0 [ 275.882263][ T4344] cdc_ether: probe of 2-1:1.0 failed with error -22 [ 276.109033][ T4344] usb 2-1: selecting invalid altsetting 0 [ 276.122909][ T4344] usbtest: probe of 2-1:1.1 failed with error -22 [ 276.205776][ T4344] usb 2-1: USB disconnect, device number 9 [ 276.247630][ T8523] loop0: detected capacity change from 0 to 64 [ 276.524791][ T8527] netlink: 'syz.3.1733': attribute type 9 has an invalid length. [ 276.550931][ T8527] netlink: 'syz.3.1733': attribute type 6 has an invalid length. [ 277.280581][ T8539] loop0: detected capacity change from 0 to 256 [ 277.365194][ T8542] loop3: detected capacity change from 0 to 2048 [ 277.865418][ T8551] loop5: detected capacity change from 0 to 64 [ 277.936859][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1745'. [ 278.154679][ T8539] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 278.297193][ T8542] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 278.315131][ T8542] UDF-fs: Scanning with blocksize 512 failed [ 278.538896][ T8557] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1747'. [ 278.634711][ T8559] loop1: detected capacity change from 0 to 512 [ 278.683588][ T8559] EXT4-fs: Ignoring removed oldalloc option [ 278.689631][ T8559] EXT4-fs: inline encryption not supported [ 278.751395][ T8542] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 279.065290][ T8559] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 279.466162][ T8569] loop5: detected capacity change from 0 to 2048 [ 279.604957][ T28] INFO: task syz-executor:4252 blocked for more than 143 seconds. [ 279.612962][ T28] Not tainted 6.1.127-syzkaller #0 [ 279.618632][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 279.626524][ T8559] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1748: bg 0: block 64: padding at end of block bitmap is not set [ 279.644253][ T28] task:syz-executor state:D stack:21168 pid:4252 ppid:1 flags:0x00004004 [ 279.673246][ T28] Call Trace: [ 279.676619][ T28] [ 279.679587][ T28] __schedule+0x143f/0x4570 [ 279.718672][ T28] ? release_firmware_map_entry+0x186/0x186 [ 279.751382][ T28] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 279.772291][ T28] ? print_irqtrace_events+0x210/0x210 [ 279.778826][ T8559] Quota error (device loop1): write_blk: dquota write failed [ 279.782694][ T28] ? _raw_spin_lock_irq+0xdb/0x110 [ 279.829714][ T8559] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 279.836890][ T28] schedule+0xbf/0x180 [ 279.854489][ T8559] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.1748: Failed to acquire dquot type 0 [ 279.869306][ T28] io_schedule+0x88/0x100 [ 279.879516][ T28] folio_wait_bit_common+0x878/0x1290 [ 279.916479][ T28] ? folio_wait_bit+0x20/0x20 [ 279.918656][ T8569] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 279.927121][ T28] ? find_get_entries+0x188/0x710 [ 279.931900][ T8559] EXT4-fs (loop1): 1 truncate cleaned up [ 279.943873][ T8559] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 279.968734][ T28] ? migration_entry_wait_on_locked+0x1160/0x1160 [ 280.025568][ T28] ? __lock_acquire+0x125b/0x1f80 [ 280.041023][ T28] truncate_inode_pages_range+0xbb5/0x1340 [ 280.067933][ T28] ? read_lock_is_recursive+0x10/0x10 [ 280.080652][ T8559] Quota error (device loop1): do_check_range: Getting block 144 out of range 0-5 [ 280.114991][ T28] ? mapping_evict_folio+0x5b0/0x5b0 [ 280.123312][ T28] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 280.136199][ T28] ? _raw_spin_unlock_irq+0x1f/0x40 [ 280.181874][ T28] ? lockdep_hardirqs_on+0x94/0x130 [ 280.202185][ T28] evict+0x53c/0x930 [ 280.253294][ T28] ? proc_nr_inodes+0x310/0x310 [ 280.275258][ T28] ? do_raw_spin_unlock+0x137/0x8a0 [ 280.331940][ T28] evict_inodes+0x668/0x700 [ 280.336623][ T28] ? clear_inode+0x150/0x150 [ 280.341280][ T28] ? sync_filesystem+0x103/0x220 [ 280.360576][ T28] generic_shutdown_super+0x94/0x340 [ 280.366121][ T28] kill_block_super+0x7a/0xe0 [ 280.370859][ T28] deactivate_locked_super+0xa0/0x110 [ 280.395225][ T28] cleanup_mnt+0x490/0x520 [ 280.399741][ T28] ? lockdep_hardirqs_on+0x94/0x130 [ 280.425704][ T28] task_work_run+0x246/0x300 [ 280.430408][ T28] ? task_work_cancel+0x2e0/0x2e0 [ 280.452532][ T28] ? exit_to_user_mode_loop+0x39/0x100 [ 280.480601][ T28] exit_to_user_mode_loop+0xde/0x100 [ 280.486043][ T28] exit_to_user_mode_prepare+0xb1/0x140 [ 280.491653][ T28] syscall_exit_to_user_mode+0x60/0x270 [ 280.535888][ T28] do_syscall_64+0x47/0xb0 [ 280.540477][ T28] ? clear_bhb_loop+0x45/0xa0 [ 280.562981][ T28] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 280.568985][ T28] RIP: 0033:0x7fd27118e0d7 [ 280.592889][ T28] RSP: 002b:00007ffd31001618 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 280.601394][ T28] RAX: 0000000000000000 RBX: 00007fd27120e08c RCX: 00007fd27118e0d7 [ 280.610700][ C1] net_ratelimit: 6672 callbacks suppressed [ 280.610717][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 280.629035][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 280.641343][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 280.653677][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 280.666095][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 280.678461][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 280.690849][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 280.703270][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 280.715613][ C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:1e:76:0a:34:8d:07, vlan:0) [ 280.728098][ C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 280.775718][ T28] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd310016d0 [ 280.783843][ T28] RBP: 00007ffd310016d0 R08: 0000000000000000 R09: 0000000000000000 [ 280.791876][ T28] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd31002760 [ 280.799984][ T28] R13: 00007fd27120e08c R14: 000000000001cae3 R15: 00007ffd310027a0 [ 280.808101][ T28] [ 280.812658][ T28] [ 280.812658][ T28] Showing all locks held in the system: [ 280.824316][ T28] 1 lock held by rcu_tasks_kthre/12: [ 280.838103][ T28] #0: ffffffff8d32b290 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 280.856279][ T28] 1 lock held by rcu_tasks_trace/13: [ 280.861632][ T28] #0: ffffffff8d32ba90 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30 [ 280.873196][ T28] 5 locks held by ksoftirqd/0/15: [ 280.878273][ T28] 1 lock held by khungtaskd/28: [ 280.883207][ T28] #0: ffffffff8d32b0c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290 [ 280.893598][ T28] 2 locks held by getty/4008: [ 280.898325][ T28] #0: ffff88814d791098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70 [ 280.908210][ T28] #1: ffffc9000325e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0 [ 280.918491][ T28] 3 locks held by syz-executor/4237: [ 280.923857][ T28] 1 lock held by syz-executor/4248: [ 280.929751][ T28] #0: ffff888029fae0e0 (&type->s_umount_key#31){++++}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 280.971847][ T4248] EXT4-fs (loop1): unmounting filesystem. [ 281.062071][ T28] 1 lock held by syz-executor/4252: [ 281.080133][ T28] #0: ffff888051e340e0 (&type->s_umount_key#73){+.+.}-{3:3}, at: deactivate_super+0xa9/0xe0 [ 281.111966][ T28] 3 locks held by kworker/1:7/4344: [ 281.134321][ T28] #0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 281.156733][ T28] #1: ffffc90004027d20 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 281.195953][ T28] #2: ffffffff8d3306b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4f0/0x930 [ 281.271155][ T28] 2 locks held by kworker/1:12/6584: [ 281.278382][ T28] #0: ffff888017c72138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 281.294007][ T28] #1: ffffc9001f777d20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0 [ 281.338152][ T28] 1 lock held by syz.2.1731/8500: [ 281.357008][ T28] [ 281.359404][ T28] ============================================= [ 281.359404][ T28] [ 281.384839][ T28] NMI backtrace for cpu 0 [ 281.389252][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.127-syzkaller #0 [ 281.397186][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 281.407284][ T28] Call Trace: [ 281.410600][ T28] [ 281.413649][ T28] dump_stack_lvl+0x1e3/0x2cb [ 281.418391][ T28] ? nf_tcp_handle_invalid+0x642/0x642 [ 281.423911][ T28] ? panic+0x764/0x764 [ 281.428023][ T28] ? vprintk_emit+0x622/0x740 [ 281.432763][ T28] ? printk_sprint+0x490/0x490 [ 281.437597][ T28] ? nmi_cpu_backtrace+0x252/0x560 [ 281.442762][ T28] nmi_cpu_backtrace+0x4e1/0x560 [ 281.447766][ T28] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 281.454084][ T28] ? _printk+0xd1/0x111 [ 281.458286][ T28] ? panic+0x764/0x764 [ 281.462403][ T28] ? __wake_up_klogd+0xcc/0x100 [ 281.467297][ T28] ? panic+0x764/0x764 [ 281.471409][ T28] ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0 [ 281.477608][ T28] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 281.483728][ T28] nmi_trigger_cpumask_backtrace+0x1ae/0x3f0 [ 281.489865][ T28] watchdog+0xf88/0xfd0 [ 281.494079][ T28] ? watchdog+0x1f8/0xfd0 [ 281.498467][ T28] kthread+0x28d/0x320 [ 281.502600][ T28] ? hungtask_pm_notify+0x50/0x50 [ 281.507720][ T28] ? kthread_blkcg+0xd0/0xd0 [ 281.512371][ T28] ret_from_fork+0x1f/0x30 [ 281.516979][ T28] [ 281.520088][ T28] Sending NMI from CPU 0 to CPUs 1: [ 281.525374][ C1] NMI backtrace for cpu 1 [ 281.525408][ C1] CPU: 1 PID: 21 Comm: ksoftirqd/1 Not tainted 6.1.127-syzkaller #0 [ 281.525426][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 281.525436][ C1] RIP: 0010:unwind_next_frame+0xdec/0x2220 [ 281.525463][ C1] Code: 24 38 48 8b 5c 24 50 0f 85 c2 11 00 00 41 c6 06 00 ba 10 00 00 00 4c 8b 7c 24 20 4c 89 ff 31 f6 e8 39 4e a5 00 4c 8b 74 24 10 45 09 00 00 48 89 54 24 48 48 89 5c 24 58 4c 89 6c 24 38 48 89 [ 281.525482][ C1] RSP: 0018:ffffc900001b69c0 EFLAGS: 00000202 [ 281.525498][ C1] RAX: ffffc900001b6af0 RBX: 1ffffffff1f321e1 RCX: 0000000000000000 [ 281.525510][ C1] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc900001b6b00 [ 281.525522][ C1] RBP: dffffc0000000000 R08: dffffc0000000000 R09: ffffc900001b6af0 [ 281.525535][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc900001b6aa0 [ 281.525546][ C1] R13: ffffffff8f990f0e R14: ffffffff8f990f0a R15: ffffc900001b6af0 [ 281.525559][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 281.525573][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 281.525585][ C1] CR2: 0000000020e35030 CR3: 000000007bae3000 CR4: 00000000003506e0 [ 281.525600][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 281.525609][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 281.525619][ C1] Call Trace: [ 281.525625][ C1] [ 281.525630][ C1] ? nmi_cpu_backtrace+0x3de/0x560 [ 281.525648][ C1] ? read_lock_is_recursive+0x10/0x10 [ 281.525684][ C1] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 281.525702][ C1] ? nmi_handle+0x25/0x440 [ 281.525735][ C1] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 281.525751][ C1] ? nmi_handle+0x12e/0x440 [ 281.525776][ C1] ? nmi_handle+0x25/0x440 [ 281.525802][ C1] ? unwind_next_frame+0xdec/0x2220 [ 281.525820][ C1] ? default_do_nmi+0x62/0x150 [ 281.525838][ C1] ? exc_nmi+0xa8/0x100 [ 281.525860][ C1] ? end_repeat_nmi+0x16/0x31 [ 281.525883][ C1] ? unwind_next_frame+0xdec/0x2220 [ 281.525902][ C1] ? unwind_next_frame+0xdec/0x2220 [ 281.525922][ C1] ? unwind_next_frame+0xdec/0x2220 [ 281.525947][ C1] [ 281.525952][ C1] [ 281.525962][ C1] ? br_flood+0x2e7/0x440 [ 281.525985][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 281.526009][ C1] arch_stack_walk+0x10d/0x140 [ 281.526031][ C1] ? br_handle_frame_finish+0x15d0/0x1bf0 [ 281.526057][ C1] stack_trace_save+0x113/0x1c0 [ 281.526080][ C1] ? nla_nest_cancel+0x80/0x80 [ 281.526106][ C1] ? stack_trace_snprint+0xe0/0xe0 [ 281.526130][ C1] ? mark_lock+0x9a/0x340 [ 281.526159][ C1] kasan_set_track+0x4b/0x70 [ 281.526174][ C1] ? kasan_set_track+0x4b/0x70 [ 281.526188][ C1] ? __kasan_slab_alloc+0x65/0x70 [ 281.526203][ C1] ? slab_post_alloc_hook+0x52/0x3a0 [ 281.526224][ C1] ? kmem_cache_alloc+0x10c/0x2d0 [ 281.526244][ C1] ? skb_clone+0x1e5/0x360 [ 281.526267][ C1] ? maybe_deliver+0x96/0x150 [ 281.526287][ C1] ? br_flood+0x2e7/0x440 [ 281.526330][ C1] __kasan_slab_alloc+0x65/0x70 [ 281.526347][ C1] slab_post_alloc_hook+0x52/0x3a0 [ 281.526369][ C1] ? radix_tree_cpu_dead+0x180/0x180 [ 281.526388][ C1] kmem_cache_alloc+0x10c/0x2d0 [ 281.526408][ C1] ? skb_clone+0x1e5/0x360 [ 281.526434][ C1] skb_clone+0x1e5/0x360 [ 281.526459][ C1] maybe_deliver+0x96/0x150 [ 281.526482][ C1] br_flood+0x2e7/0x440 [ 281.526506][ C1] br_handle_frame_finish+0x15d0/0x1bf0 [ 281.526537][ C1] ? brport_get_ownership+0x80/0x80 [ 281.526558][ C1] ? ip6t_do_table+0x1f7/0x1830 [ 281.526578][ C1] ? _local_bh_enable+0xa0/0xa0 [ 281.526606][ C1] ? ip6t_do_table+0x1f7/0x1830 [ 281.526626][ C1] ? ip6t_do_table+0x1643/0x1830 [ 281.526653][ C1] ? nf_hook_slow+0x154/0x1e0 [ 281.526673][ C1] ? brport_get_ownership+0x80/0x80 [ 281.526697][ C1] br_nf_hook_thresh+0x46a/0x580 [ 281.526717][ C1] ? brnf_get_logical_dev+0x2b0/0x2b0 [ 281.526735][ C1] ? brport_get_ownership+0x80/0x80 [ 281.526761][ C1] ? skb_push+0x93/0x100 [ 281.526786][ C1] br_nf_pre_routing_finish_ipv6+0xa92/0xdc0 [ 281.526804][ C1] ? brport_get_ownership+0x80/0x80 [ 281.526838][ C1] br_nf_pre_routing_ipv6+0x354/0x740 [ 281.526856][ C1] ? br_nf_pre_routing_ipv6+0x3fc/0x740 [ 281.526873][ C1] ? br_nf_check_hbh_len+0x550/0x550 [ 281.526892][ C1] ? br_nf_pre_routing_ipv6+0x740/0x740 [ 281.526912][ C1] ? br_nf_hook_thresh+0x580/0x580 [ 281.526933][ C1] br_handle_frame+0x991/0x1340 [ 281.526961][ C1] ? br_handle_frame_dummy+0x10/0x10 [ 281.526983][ C1] ? lockdep_hardirqs_on+0x94/0x130 [ 281.527004][ C1] ? brport_get_ownership+0x80/0x80 [ 281.527030][ C1] ? br_handle_frame_dummy+0x10/0x10 [ 281.527053][ C1] __netif_receive_skb_core+0x13dd/0x41d0 [ 281.527089][ C1] ? qdisc_run+0x260/0x260 [ 281.527112][ C1] ? __lock_acquire+0x125b/0x1f80 [ 281.527148][ C1] __netif_receive_skb+0x11c/0x530 [ 281.527175][ C1] ? read_lock_is_recursive+0x10/0x10 [ 281.527200][ C1] ? __netif_receive_skb_list_core+0x890/0x890 [ 281.527226][ C1] ? __lock_acquire+0x1f80/0x1f80 [ 281.527258][ C1] ? process_backlog+0x2c9/0x760 [ 281.527282][ C1] process_backlog+0x381/0x760 [ 281.527313][ C1] ? trigger_rx_softirq+0x60/0x60 [ 281.527338][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 281.527363][ C1] ? __run_timers+0x847/0x890 [ 281.527382][ C1] ? print_irqtrace_events+0x210/0x210 [ 281.527406][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 281.527433][ C1] __napi_poll+0xc7/0x470 [ 281.527458][ C1] net_rx_action+0x70f/0xeb0 [ 281.527484][ C1] ? _raw_spin_unlock_irq+0x1f/0x40 [ 281.527514][ C1] ? net_tx_action+0x9a0/0x9a0 [ 281.527550][ C1] handle_softirqs+0x2ee/0xa40 [ 281.527579][ C1] ? run_ksoftirqd+0xc6/0x120 [ 281.527597][ C1] ? do_softirq+0x240/0x240 [ 281.527621][ C1] ? preempt_schedule_common+0xa6/0xd0 [ 281.527641][ C1] ? run_ksoftirqd+0xa3/0x120 [ 281.527659][ C1] run_ksoftirqd+0xc6/0x120 [ 281.527674][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 281.527691][ C1] ? preempt_schedule_thunk+0x16/0x18 [ 281.527717][ C1] ? smpboot_thread_fn+0x2c3/0xa30 [ 281.527741][ C1] ? smpboot_thread_fn+0x4e7/0xa30 [ 281.527764][ C1] ? smpboot_thread_fn+0x63c/0xa30 [ 281.527787][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 281.527804][ C1] smpboot_thread_fn+0x52c/0xa30 [ 281.527829][ C1] ? smpboot_thread_fn+0x4a/0xa30 [ 281.527858][ C1] kthread+0x28d/0x320 [ 281.527873][ C1] ? cpu_report_death+0x2b0/0x2b0 [ 281.527896][ C1] ? kthread_blkcg+0xd0/0xd0 [ 281.527912][ C1] ret_from_fork+0x1f/0x30 [ 281.527947][ C1] [ 282.111924][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 282.111945][ T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.1.127-syzkaller #0 [ 282.111970][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 282.111983][ T28] Call Trace: [ 282.111991][ T28] [ 282.112001][ T28] dump_stack_lvl+0x1e3/0x2cb [ 282.112045][ T28] ? nf_tcp_handle_invalid+0x642/0x642 [ 282.112082][ T28] ? panic+0x764/0x764 [ 282.112107][ T28] ? llist_add_batch+0x160/0x1d0 [ 282.112141][ T28] ? vscnprintf+0x59/0x80 [ 282.112169][ T28] panic+0x318/0x764 [ 282.112195][ T28] ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0 [ 282.112221][ T28] ? memcpy_page_flushcache+0xfc/0xfc [ 282.112252][ T28] ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0 [ 282.112274][ T28] ? nmi_trigger_cpumask_backtrace+0x338/0x3f0 [ 282.112301][ T28] ? nmi_trigger_cpumask_backtrace+0x33d/0x3f0 [ 282.112328][ T28] watchdog+0xfc7/0xfd0 [ 282.112363][ T28] ? watchdog+0x1f8/0xfd0 [ 282.112398][ T28] kthread+0x28d/0x320 [ 282.112417][ T28] ? hungtask_pm_notify+0x50/0x50 [ 282.112445][ T28] ? kthread_blkcg+0xd0/0xd0 [ 282.112468][ T28] ret_from_fork+0x1f/0x30 [ 282.112511][ T28] [ 282.113640][ T28] Kernel Offset: disabled [ 282.292479][ T28] Rebooting in 86400 seconds..