last executing test programs: 9m28.242213756s ago: executing program 3 (id=110): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'gretap0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r1, 0x3, 0x4, @broadcast}, 0x10) 9m27.368843672s ago: executing program 3 (id=114): syz_mount_image$nilfs2(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1014800, &(0x7f0000000000)=ANY=[@ANYRES8=0x0], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x7f) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@id={0x2, 0x0, @auto="3c71c23b3d8fb5cc65a0fb1d808cc4de"}}) 9m24.999396371s ago: executing program 3 (id=122): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@ieee802154={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0102}}}, 0x80, 0x0}, 0x24000008) 9m24.106166773s ago: executing program 3 (id=126): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='iocharset=cp865,uid=', @ANYRESHEX=0x0, @ANYBLOB=',namecase=1,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666d61736b3d30303030303030303030303030303030303030303031302c757466382c666d61736b3d30303030303030303030303030303030303030303030362c6572726f72733d636f6e74696e75652c7379735f747a2c616c6c6f775f7574696d653d30303030303030303030303030303030303134373036342c00968868822eaa4073da2a8bad3e75bf3fa58e5fe9023e2efe14b61e42154e792855b9c44517fcaf42990fa252a8fcc76df45041b88e383db02cc075636a6b415c49ee2ad1af7ecfc73f3809bce1541b2c780705cdd96cfb760a1f342582ee152abbe3f5828666937a5068d6170f62dc427b22ae7bd20a2fb9094ffaf7b7eda15af87283045448d6cabb51f8a411539d39a9d6db38d1"], 0x1, 0x1545, &(0x7f0000001a00)="$eJzs3AucTVX7OPDnWWvtMSROk1yGtdazOcllmSTJJUkuSZIkSW4JSZO8kpAYQpKGJCSXIYkhJJeJSeN+v18SkqRJkpDckvX/TPFXb97f+77/t19+/988389nf2Y9Z+9n7Wef55w5e2/mfNt1aK0mtas3IiL4j+CvP5IAIBYABgJAXgAIAKB8XPm4rPU5JSb9Zzthf64HU690BexK4v5nb9z/7I37n71x/7M37n/2xv3P3rj/2Rv3n7HsbNO0Qtfwkn2XP/v+fyzf////CH/+/y+SWWbsl2vKXNcNIOZfTeH+Z2/c//+1gn9lI+5/9pTzwk/uf3YVe6ULYH+lPpd/mN//2UGOf7iG+5+9cf8Zy86u9P3nv3KJuczxQuR/2HNw5MK12V+0vyv9+mOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlj2c9pcoALg4vtJ1McYYY4wxxhhj7M/jc1zpChhjjDHGGGOMMfbfD0GABAUBxEAOiIWckAsEAFwNeSAvROAaiINrIR9cB/mhABSEQhAPhaEIaDBggSCEolAMonA9FIcboASUhFJQGhyUgQS4EcrCTVAObobycAtUgFuhIlSCylAFboOqcDtUgzugOtwJNaAm1ILacBfUgbuhLtwD9eBeqA/3IcD90BAegEbwIDSGh6AJPAxN4RFoBs2hBbSEVv91PjS4bP7z0BNegF7QG5KgD/SFF6Ef9IcB8BIMhJdhELwCg+FVSIYhMBReg2HwOgyHN2AEjIRR8CaMhrdgDIyFcTAeUmACTIS3YRK8A5PhXZgCUyEVpsF0eA9mwEyYBe/DbPgA5sBcmAfzIQ0+hAWwENLhI1gEH0MGLIYlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi2wFbbBdtgBn8BO+BR2wW7YA5/BXvj838w/9Xf53RAQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwH+bD/JgfC2JBjMd4LIJF0KBBQsKiWBSjGMXiWBxLYAkshaXQocMETMCyeBOWw3JYHstjBayAFbESVsIqWAWrYlWshtWwOlbHGlgDa2EtvAvvwj5YF+tiPayH9bH+xdtT2AgbYWNsjE2wCTbFptgMm2ELbIGtsBW2xtbYBttgO2yH7bE9dsAOmIiJ2BE7YifshJ2xM3bBLtgVu2I37I7dM5/PAfgCvoC9sYbog32xL/bD5BwD8CV8CV/GQfgKvoKvYjIOwaH4Gr6Gr+NwPIkjcCSOwlFYVbyFY3AskhiPKZiCE3EiTsJJmFXouzgVU3EaTsfpOANn4kx8H2fjB/gBzsW5OB/TMA0X4EJMx3RchKcwAxfjElyKy3A5LsOVuApX4hpci2twPa7HjbgRN+Nm3IpbcTtux09QAeCnuBt3YzLuxb24D/fhftyPB/AAZmImHsSDeAgP4WE8jEfwCB7FY3gcj+EJPIEn8RSextN4Fs/iOXw2/uvGn5RcnQwiixJKxIgYEStiRS6RS+QWuUUekUdERETEiTiRT+QT+UV+UVAUFPEiXhQRRYQRRpAIYwBAREVUFBfFRQlRQpQSpYQTTiSIBFFWlBXlRDlRXtwiKohbRUVRSbR1VUQVUVW0c9XEHaK6qC5qiJqilqgtaos6oo6oK+qKeqKeqC/qiwbiftFQ9MEB+KDI6kwTMQSbiqHYTDQX8sJvsNZiOLYRbUU78bgYiSOwg2jtEsVToqMYg53E38RYfEZ0EeOxq3hOdBPdRQ/xvOgp2rheoreYjH1EXzEV+4n+YoB4SczAmuJ9nJ2zlnhVJIshYqh4TczH18Vw8YYYIUaKUeJNMVq8JcaIsWKcGC9SxAQxUbwtJol3xGTxrpgipopUMU1MF++JGWKmmCXeF7PFB2KOmCvmifkiTXwoFoiFIl18JBaJj0WGWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIT8RO8anYJXaLPeIzsVd8LvaJL8R+8aU4IL4SmeJrcVB8Iw6Jb8Vh8Z04Ir4XR8UxcVz8IE6IH8VJcUqcFmfEWfGTOCd+FueFFyBRCimlkoGMkTlkrMwpc8mrZG4ZXHh2r5Fx8lqZT14n88sCsqAsJONlYVlEammklSRDWVQWk1F5vSwub5AlZElZSpaWTpaRCfJGWVbeJMvJm2V5eYusIG+VFWUlWVlWkbfJqvJ2CZFf91FD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6Cy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeU/zX/7MvmDf9n7RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tyF5wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vvGBUKVVaOVVGJagb/518VVzdoEqokr/Lv1hf0j+or5VqpVqr1qqNaqPaqXaqvWqvOqgOKlElqo6qo+qkOqnOqrPqorqorqqr6qa6qR6qh+qpeqpeqpdKUkmqr3pR9VP91QD1khqoXlaD1CA1WA1WySpZDVVD1TA1TA1Xw9UINUKNUqPUaDVajVFj1Dg1TqWoFDVRTVST1CQ1WU1WU9QUlapS1XQ1Xc1QM9QsNUvNVrPVHDVHzVPzVJpKUwvUApWu0tUitUhlqMVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpQm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVqTLVQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+ezTvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcF+QPCgQFg0JBfFA4KBLowAQ2EBeaHg2uD4oHNwQlgpJBqaB04IIyQUJwY1A2uCkoF9wclA9uCSoEtwYVg0pB5aBKcFtQNbg9qBbcEVQP7gxqBDWDWkHt4K6gTnB3UDe4J6gX3BvUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjQPWgQtg1Z/6vzenyzwmOule+sk3Uf31S/qfrq/HqBf0gP1y3qQfkUP1q/qZD1ED9Wv6WH6dT1cv6FH6JF6lH5Tj9Zv6TF6rB6nx+sUPUFP1G/rSfodPVm/q6foqTpVT9PT9Xt6hp6pZ+n39Wz9gZ6j5+p5er5O0x/qBXqhTtcf6UX6Y52hF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa36x36E71Tf6p36d16j/5M79Wf6336C71ff6kP6K90pv5aH9Tf6EP6W31Yf6eP6O/1UX1MH9c/6BP6R31Sn9Kn9Rl9Vv+kz+mf9Xnts07usz7ejTLKxJgYE2tiTS6Ty+Q2uU0ek8dETMTEmTiTz+Qz+U1+U9AUNPEm3hQxRUwWMmSKmqImaqKmuCluSpgSppQpZZxxJsEkmLKmrClnypnyprypYCqYiqaiqWwqm9vMbeZ2c7u5w9xh7jR3mpqmpqltaps6po6pa+qaeqaeqW/qmwamgWloGppGppFpbBqbJqaJaWqammammWlhWphWppVpbVqbNqaNaWfamfamvelgOphEk2g6mo6mk+lkOpvOpovpYrqarqab6WZ6mB6mp+lpepleJskkmb6mr+ln+pkBZoAZaAaaQWaQGWwGm2STbIaaoWaYGWaGm+FmhBlpRmWdqJq3zBgz1owz402KSTETzUQzyUwyk81kM8VMMakm1Uw3080MM8PMMrPMbDPbzDFzzDwzz6SZNLPALDDpJt0sMotMhskwS8wSs8wsMyvMCrPKrDJrzBqzDtaZDWaD2WQ2mS1mi9lmtpkdZofZaXaaXWaX2WP2mL1mr9ln9pn9Zr85YA6YTJNpDpqD5pA5ZA6bw+aIOWKOmqPmuDluTpgT5qQ5aU6b0+asKXDh89KbWJvT5rJX2dz2apvH5rV/Hxe0hWy8LWyLWG3z2wK/i421toQtaUvZ0tbZMjbB3viHuKKtZCvbKvY2W9Xebqv9Ia5j77Z17T22nr3X1rZ3/S6ub++zDezDtiEigG1uG9uWtol92Da1j9hmtrltYVva9vYJ28E+aRPtU7ajffoP8QK70K6yq+0au9busrvtaXvGHrLf2rP2J9vL9rYD7ct2kH3FDrav2mQ75A/xKPumHW3fsmPsWDvOjv9DPMVOtal2mp1u37Mz7Mw/xGn2Qzvbpts5dq6dZ+f/EmfVlG4/sovsxzbDBrDELrXL7HK7wq68WKvPa9fbDXaj3Wk/tVvsVrvNbrc7Lp4I2912j/3M7rWf24P2G7vffmkP2MM20379S5x1fIftd/aI/d4etcfscfuDPWF/VBezs479B/uzPW+9BUICkqQooBjKQbGUk3LRVZSbrqY8lJcidA3F0bWUj66j/FSAClIhiqfCVIQ0GbJEFFJRKkZRup4ulleKSpOjMpRAN1JZuonK0c1Unm6hCnQrVaRKVJmq0G1UlW6nanQHVac7qQbVpFpUm+6iOnQ31aV7qB7dS/XpPmpA91NDeoAa0YPUmB6iJvQwNaVHqBk1pxbUklrRo9SaHqM21Jba0ePUnp6gDvQkJdJT1JGepk70N+pMz1AXepa60nPUjbpTD3qeetIL1It6UxL1ob70IvWj/jSAXqKB9DINoldoML1KyTSEhtJrNIxep+H0Bo2gkTSK3qTR9BaNobE0jsZTCk2gifQ2TaJ3aDK9S1NoKqXSNJpO79EMmkmz6H2aTR/QHJpL82g+pdGHtIAWUjp9RIvoY8qgxbSEltIyWk4raCWtotW0htbSOlpPG2gjbaLNtIW20jbaTjvoE9pJn9Iu2k176DPaS5/TPvqC9tOXdIC+okz6mg7SN3SIvqXD9J3vTd/TUTpGx+kHOkE/0kk6RafpDJ2ln+gc/UznyROEGIpQhioMwpgwRxgb5gxzhVeFucOrwzxh3jASXhPGhdeG+cLrwvxhgbBgWCiMDwuHRUIdmtCGFIZh0bBYGA2vD4uHN4QlwpJhqbB06MIyYUJ4Y1g2vCksF94clg9vCSuEt4YVw0rhw/dWCW8Lq4a3h9XCO8Lq4Z1hjbBmWCusHd4V1gnvDuuG94T1wnvDcuF9YYPw/rBh+EDYKHwwbBw+FDYJHw6bho+EzcLmYYuwZdgqfDRsHT4Wtgnbhu3Cx8P24RNhh/DJMDF8KuwYPv3L+vsW/uP1SWGfsG/4Yvhi6P09cl50fjQt+mF0QXRhND36UXRR9ONoRnRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR9dEN0Y9T72jnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx+V1EXeNi3PXunzuOpffFXAFXSEX7wq7Ik4746wjF7qirpiLuutdcXeDK+FKulKutHOujEtwLV0r18q1do+5Nq6ta+ced4+7J9wT7kn3pHvKdXRPu07ub66ze8Z1cc+6Z91zrpvr7nq4511PNyHPr+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ35617muDlunpvn0lyaW+CyzhnT3SK3yGW4DLfELXHL3DK3wq1wq9wqt8atcevcOrfBbXCb3Ca3xW1x29w2t8PtcDvdTrfL5/11UrfX7XP73H633x1wX7lM97U76L5xh9y37rD7zh1x37uj7pg77n5wJ9yP7qQ75U67M+6s+8mdcz+78867lMiEyMTI25FJkXcikyPvRqZEpkZSI9Mi0yPvRWZEZkZmRd6PzI58EJkTmRuZF5kfSYt8GFkQWRhJj3wUWRT5OJIRWRxZElkaWRZZHvG+8JbQF/XFfNRf74v7G3wJX9KX8qW982V8gr/Rl/U3+XL+Zl/e3+Ir+Ft9RV/JV/aP+Ga+uW/hW/pW/lHf2j/m2/i2vp1/3Lf3T/gO/kmf6J/yHf3TvpP/m+/sn/Fd/LO+q3/Od/PdfQ//vO/pX/C9fG+f5Pv4vv5F38/39wP8S36gf9kP8q/4wf5Vn+yH+KH+NT/Mv+6H+zf8CD/Sj4p504++eIkM432Kn+An+rf9JP+On+zf9VPOep/qp/np/j0/w8/0s/z7frb/wM/xc/08P9+n+Q/9Ar/Qp/uP/CL/sc/wiy/eVPYr/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3O/wnfqf/1O/yu/0e/5nf6z/3+/wXfr//0h/wX/lM/7U/6L/xh/y3/rD/zh/x3/uj/pg/7n/wJ/yP/qQ/5U/7M/6s/8mf8z/78/w3a4wxxhhj/5IJl4bi92t+vZ3f5zI54jcb9wWAq7cWyvzt+qwzynX5fx33F/HtIwDwVO+uD15catRI+r/bZkgIis0FuPgvQVli4FK8GNrBE5AIbaHsZevvL7qfpT/On5T0m/mjtwDk+k1OLFyKL83/BQAmXWb+Rx8ftaBCeDruv5h/LkCJYpdycsKleDG0++X+Slso9w/qL9D6n9Sf88sUgDa/yckNl+JL9SfAY/A0JP5uS8YYY4wxxhhj7Ff9ReXOF68/L/6Pz7+/vs26Po9Xl3JywKX4n12fM8YYY4wxxhhj7Mp7pnuPJx9NTGzb+d8fVPt/yvqXB03hv2tmHlx24D3AxUcUAPyHEwJkDeRfeRSb/5J9JV946/z9qmVnfAD/M1r5Zwyu8C8mxhhjjDHG2J/u0kn/7x9XV6ogxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsG/orvk6Mv02AMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZYdvd/AgAA//8vzfwg") mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2208c08, 0x0) 9m22.827079378s ago: executing program 3 (id=132): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x10, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000ffffff7f0000000000000004740a0000fcffffff95"], &(0x7f0000000000)='GPL\x00', 0x1, 0x98, &(0x7f00000001c0)=""/152, 0x41100, 0x1e}, 0x94) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41000}, 0x94) 9m22.027167097s ago: executing program 3 (id=137): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) set_mempolicy(0x3, &(0x7f0000000040)=0xfff, 0x5) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0x446d, 0x5}) 9m18.004136587s ago: executing program 32 (id=137): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) set_mempolicy(0x3, &(0x7f0000000040)=0xfff, 0x5) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000080)={0x0, 0x446d, 0x5}) 6m5.874881036s ago: executing program 2 (id=853): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000700)={0x18, r1, 0x601, 0x400000, 0x0, {}, [@TIPC_NLA_LINK={0x4}]}, 0x18}}, 0x0) 6m4.515712989s ago: executing program 2 (id=856): r0 = socket$caif_stream(0x25, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000040)=0x3ff, 0x4) connect$caif(r0, &(0x7f0000000100)=@rfm={0x25, 0x0, "d034e68fae880aca9de7751355b0eb74"}, 0x18) 6m3.298676323s ago: executing program 2 (id=860): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_VERDICT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x20, 0x3, 0x3, 0x101, 0x0, 0x0, {0xa}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffb, 0xff}}]}, 0x20}, 0x1, 0x0, 0x0, 0x20004000}, 0x4) 6m2.275901211s ago: executing program 2 (id=866): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000002240)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0) 6m0.532823858s ago: executing program 2 (id=874): unshare(0x24020400) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) getsockopt(r0, 0xb388, 0x800, 0x0, 0x0) 5m58.900289634s ago: executing program 2 (id=881): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000080)=0x4, 0x4) 5m55.663141281s ago: executing program 33 (id=881): r0 = socket$netlink(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000080)=0x4, 0x4) 5m9.337973093s ago: executing program 5 (id=1029): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0) 5m8.407295365s ago: executing program 5 (id=1033): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0xffffffffffffffa6, &(0x7f00000001c0)=[{&(0x7f0000000100)="1c00000021006bcd210000006e04000081000000000000007aa60864", 0x1c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 5m7.615911663s ago: executing program 5 (id=1036): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast2, 0x6e}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x104) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000140)={0x0, {{0xa, 0x4e22, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) close(r0) 5m6.731343018s ago: executing program 5 (id=1041): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') mount$afs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='dyn']) 5m5.955260842s ago: executing program 5 (id=1045): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) lsetxattr$security_capability(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x0) capset(&(0x7f00000000c0)={0x20080522}, &(0x7f0000000100)={0x0, 0x0, 0x7, 0x0, 0xf1}) llistxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 5m5.106157824s ago: executing program 5 (id=1049): r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10) write$binfmt_misc(r0, &(0x7f0000000080), 0x2000011a) setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000280), 0x4) 5m1.946642963s ago: executing program 34 (id=1049): r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10) write$binfmt_misc(r0, &(0x7f0000000080), 0x2000011a) setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000280), 0x4) 3m13.531769234s ago: executing program 1 (id=1453): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x2e0, 0x30, 0x300, 0x71bd2a, 0x25dfdbff, {}, [{0x2cc, 0x1, [@m_gact={0x1e4, 0x17, 0x0, 0x0, {{0x9}, {0x4}, {0x1b5, 0x6, "0f617356f0a663079abe295a350af32575b7576a2846e5b3b3d9b048dc90bac2c3b40552dc14f7774371c98d6e2763d4fda783e36f45e224474cc6a0e6a530d841c87c70bbf3448d6187a58197fa3ffb0b318a51ba59415ac311a355fe1d08f8de9966d8ba89a56bfbc37c6af7d37dcdeb618f98f29bf3b05a23cefbbf51193614c08c162352d9eaad342b2f307dd8babd71ab8a1c4f80bbbbccc8ce4d369a33f9c6fc16198b2cfa20bc906e08c92c0642310e03f00a0ed12baa1df64f1bf0502f23ff4d6a5e05aa81fa19a9b88c32227231211d5d298a3c63d5549b1a72ad3a2c2dbf727e06036e6f15f608bea0e2a8ff93600a6133a9b45faa6924e7b9e8756e78750bdef4103fcd162842f48260e1dbb952cf91a4fdf9ca11cc86255d345cc97e3e5a060faa5892b6b343ae47592ed09d5829b187941331c8c321997cbc0395a6658c85915c1468ea768127b402af42155e96f11ef5f95a4118370c736689c029238b89e6a7a47d06e553b3f1968de8d30df98c713bd5d18d8c5e00aee2d650046089d3fd1abf65c454e7e5f582e3e17fde068a7d8cfdaf8831aca9c839662d70f7a7893073ad4a108e44a105d7ec27"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_sample={0x30, 0x12, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}, @m_bpf={0x7c, 0xa, 0x0, 0x0, {{0x8}, {0x40, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS={0x34, 0x4, [{0x0, 0xbe, 0xe, 0x201}, {0x3, 0xc, 0x5, 0x6}, {0x8, 0x2, 0xea}, {0x2c4, 0x7, 0x41, 0x2}, {0x0, 0xfc, 0x10, 0x9}, {0x5, 0x8, 0x80, 0x6}]}, @TCA_ACT_BPF_FD={0x8}]}, {0x17, 0x6, "266510c489ea5b3a4a665edbe5fab6a5a7ad94"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_simple={0x38, 0x2, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'bpf\x00'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}, 0x2e0}, 0x1, 0x0, 0x0, 0x4000810}, 0x20040800) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 3m12.450245981s ago: executing program 1 (id=1456): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)={{0x14}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x68}}, 0x0) close(r0) 3m11.191335228s ago: executing program 1 (id=1461): syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x1c5902, 0x2d) write(r0, 0x0, 0x0) 3m9.43383651s ago: executing program 1 (id=1465): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x260) 3m7.843506097s ago: executing program 1 (id=1467): timer_create(0x2, 0x0, &(0x7f0000bbdffc)=0x0) timer_settime(r0, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0) clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 3m6.805086791s ago: executing program 1 (id=1471): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 3m2.811762213s ago: executing program 35 (id=1471): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = fspick(r0, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) 5.486690872s ago: executing program 7 (id=2300): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000440)={{@my=0x1, 0x7f}, 0x1, 0x2, 0x4}) 4.774036552s ago: executing program 8 (id=2304): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000100)='devices.deny\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB='b *:4\twwr'], 0xa) 4.722404371s ago: executing program 7 (id=2305): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_SETUP={0x8, 0x70, [@NL80211_MESH_SETUP_USERSPACE_AMPE={0x4}]}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x30}, 0x1, 0x0, 0x0, 0x4880}, 0x0) 4.299484943s ago: executing program 6 (id=2307): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x38, r1, 0xc11, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_QOS_MAP={0x1a, 0xc7, {[{0x2, 0x1}, {0x73, 0x6}, {0x7a, 0x2}, {0x4, 0x7}, {0x0, 0x4}, {0x8, 0x2}, {0xe8, 0x6}], "7ecd4163b8fccf09"}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) 4.25510498s ago: executing program 7 (id=2308): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x5, 0x2}) ppoll(&(0x7f0000000040)=[{r0}], 0x1, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x2) 4.130241686s ago: executing program 8 (id=2309): socket$inet(0x2, 0x1, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @dev={0xac, 0x14, 0x14, 0x16}}, 0x5d) close(0x4) 4.101354581s ago: executing program 4 (id=2310): r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x4, 0x224}, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000340)=@IORING_OP_SENDMSG={0x9, 0x10, 0x0, r0, 0x0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000180)=[{0x0}, {0x0}], 0x2, 0x0, 0x538}, 0x0, 0x1000}) io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0) 3.850394242s ago: executing program 0 (id=2311): mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0xfcff, &(0x7f0000000700)='V'}) 3.557761347s ago: executing program 6 (id=2312): ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'adq12b\x00', [0x4f27, 0x2, 0x10000, 0x4, 0xe, 0x0, 0x3, 0x7, 0xa, 0x1, 0x8001, 0x4, 0xff6b, 0x801, 0xfffffffe, 0xb4c, 0x0, 0x2, 0x3, 0x40000003, 0x89, 0xcaa7, 0x201ff, 0x20001e58, 0xb, 0xe6b, 0x3c, 0x8, 0x65c, 0x0, 0xfffffff8]}) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800c0021"], 0x40}, 0x1, 0x0, 0x0, 0x34041043}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840) 3.495580069s ago: executing program 8 (id=2313): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000040)={0x7, 0x5, 0x7, 0xdedb, 0x15, "fd1500fdffffffff"}) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000000)=0x8001) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) 3.457034508s ago: executing program 4 (id=2314): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2c, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}, @TCA_RATE={0x6, 0x5, {0x3, 0x9}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x44080) 3.155672784s ago: executing program 0 (id=2315): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000000140)={0x1d, r1}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000003b00)={0x0, 0x0, &(0x7f0000003a00)={&(0x7f0000001000)=ANY=[@ANYBLOB="01000000020800000100000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64, @ANYRES64=0x0, @ANYBLOB="0300004001"], 0x80}, 0x1, 0x0, 0x0, 0x800}, 0x200060d0) 2.940376475s ago: executing program 6 (id=2316): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=@framed={{}, [@ldst={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a7fbb}, @ldst={0x6, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe, 0xa000000}]}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147}, 0x80) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca201f0000000004c00e72f750375ed08a56331dbf9ed7815e281ad6e747033a0093b837dc6cc074be5d78ea08e0561e32efaec8c7a600000c00000140060404000104", 0x5e}], 0x1}, 0x20000810) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="001000001a00911c01000000000041da81"], 0xfe33) 2.901261645s ago: executing program 4 (id=2317): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f00000003c0)=0x8000, 0x4) setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f00000000c0)=0x4d, 0x4) getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000040), &(0x7f0000000240)=0xa4) 2.842106528s ago: executing program 7 (id=2318): r0 = socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000004c0)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000001000010025bd7000fadbdf2500000000", @ANYRES32=r1, @ANYBLOB="138000002b9201002400128009000100626f6e64000000001400028008001f0007000000080007"], 0x44}, 0x1, 0x0, 0x0, 0x4044870}, 0x4000) 2.711907593s ago: executing program 8 (id=2319): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x3, {{0x2, 0x0, @multicast2}}}, 0x88) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000000)=""/4091, &(0x7f0000001000)=0xffb) 2.569668149s ago: executing program 0 (id=2320): r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0xfffffffc, {0x0, 0x0, 0x12, r1, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [], 0x0, [0x8, 0x4], [0x0, 0x8, 0x1, 0xfffe, 0x5, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0xddf0, 0xfffe]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}]}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) 2.064250356s ago: executing program 4 (id=2321): r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000004700)=[{{0x0, 0x0, 0x0}, 0x4}], 0x1, 0x2, 0x0) read$FUSE(r0, &(0x7f0000004740)={0x2020}, 0x2020) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e22, 0x0, @mcast1}, 0x1c) 2.010090026s ago: executing program 8 (id=2322): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffd000/0x3000)=nil], &(0x7f0000002640)=[0x1], &(0x7f0000000000), 0x0) syz_clone(0x5400, 0x0, 0x0, &(0x7f0000001d40), 0x0, 0x0) 1.802070314s ago: executing program 7 (id=2323): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000200)={@host}) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r0, 0x7b0, &(0x7f0000000140)={@any, 0x100}) 1.750952673s ago: executing program 6 (id=2324): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000c"], 0x50) r0 = fsopen(&(0x7f0000000000)='sockfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='/dev/null\x00', &(0x7f0000000080)='/dev/null\x00', 0x0) readv(r0, &(0x7f0000000100)=[{&(0x7f0000000280)=""/144, 0x28}], 0x300) 1.69960054s ago: executing program 0 (id=2325): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0xf) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) 1.319011495s ago: executing program 7 (id=2326): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000700)=ANY=[@ANYBLOB="201101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000200)={0x1, 0x8, 0x2, &(0x7f00000002c0)={0x6, "c6c1f7b51030c4b7c54bf28facb1ed3ee2dfe17a04bc517b5452b3b94bce47509d"}}) 1.131583235s ago: executing program 6 (id=2327): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000240)=@req3={0x1000, 0x1, 0x1000, 0x1, 0x7ff, 0x2, 0x3}, 0x1c) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff) 1.079928352s ago: executing program 0 (id=2328): io_setup(0x1, &(0x7f0000000100)) r0 = add_key$user(&(0x7f0000000180), &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000480)='.', 0x1, 0xfffffffffffffffd) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xf1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f00000000c0)={r0, r1, r0}, &(0x7f00000001c0)=""/241, 0xf1, &(0x7f0000000000)={&(0x7f0000000140)={'rmd160\x00'}}) 787.149012ms ago: executing program 4 (id=2329): syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="636865636b3d7374726963742c6e6f646f74732c6e6f646f74732c6e6f646f74732c6e6f646f74732c007db9b87a3b22e5cdbfd3408bf7f26c6f9e2e5a33a3de79757cd012da0fa08b018021308de4ff8e18c85136d66ca70f9e0202d9f4ae6ea8be44247a411f017b3641e72534ed28887e107245165398cb2190b1c94e503b949600a547d22bd1f5389f7d4c9888f5cf2358d4258a2647e5563c5bf7447ab02ee8751259a8c6ee852e305393a69052893580c4820d1ce2dcfccf9b1f8250ea0de206b8ef12366ebe20bc74087f57f579b70bd08afcf902e41a55b58f624e5ce5a03cf74baddfb64769c330584e79449ff96c074b0065a305dd039b056c50c00d1d6a"], 0x1, 0x236, &(0x7f0000000000)="$eJzs3TFrE2EYB/DHNm1DFjuLw4GLU1C/wSEVxAMhkkEnD6pLK8J1OZ3uY/gZ/Eh+jEzdTpIrTRujiyav6f1+EPInfw6ey5A3w/sm7x9+Ojv9fPGx/fEthsMsBhFNXEYcx17sR+fe1fPeIh/GTU0AALtmMinz1DOwWVWVlwcRcfRLM/2eZCAAAAAAAAAAAAD+mv3/ANA/9v/ffVWVl6Or72+32f8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApHPZtvfbPzxSzwcA/HvWfwDoH+s/APSP9R8A+ufN23ev8qI4mWTZMGLW1O381VlTTyNGEfHiZXHyJFs4Xl41q+vp/iLN+6ddn93uD66vf7a2P4zHj7p+3j1/Xaz0R3G6jTcAAAAAAAAAAAAAAAAAAAAA/gPj7Nra8/3j8e/6Lt34fYCV8/uDeDDY2m0AAAAAAAAAAAAAAAAAAADATrv48vWsPD//UAmC0NMwWlOl/mQCAAAAAAAAAAAAAAAAAID+WR76TT0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKSz/P//zYXU9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w88AAAD//9vbk2A=") syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="03684a7b99a4fde940f3ec0d105ea2c8267323117153aa4a4f099c3835a607cd5cbd77b83cc33d13bbb6c6bcae59db739af84a4b5d34bffc145f3cc27ed3d4f9d9b3103699a1e1cc4ddfb6c1afd07ddfc18e358cd62649479724ce867fefc0a15041bee9f6084842fb982d5c2cf1488d668b741c64f0a6fd2643e729ac5a56462a6b64d5a0a751fda4fadf63ba0dc2fd14ecbf546918db77095545b41ab170e5d6e8ec8bf9ce9b8d53b832e90c701fe52af7999f8fd509577ead1be27891ada8564167f2c7d2eea1c1c9c65d8e151c58ddee43ec34e74d330ec50cbbb2bb21892c7ca995066e3cbea8a69d94dc6bcef5f3c0ef630e774d092ea58627f3e09c66a9c7d1abcf4f8f8af87f4269df288aca9bbf758275ce9695256e764d185a91a7570fca3aab16c75ecaff6b8dda371c3226d6ec6e55c5c4d8cfc5c33892bacc956a3613bcfa849da1b5e070a7911d7488b3e628d9339718e8b821f1bb5d5c45f0316bb563d0a442801412dfd5a4d61ca657e04d6686f7d5863d57954400aeee8e79be8f3cc4cbb3d4b91269df039c3d3543e500b90a2bdc6eb60cc7afab7b5187d88fbd76e6212ea29e872b73f925287bdc808b4a4f8ec7f8aa08bc90b29e217c3eef69d8deae4141f4f9bd110b7bde9320e7b45f422e9a6111bcaf99c9911e46e219d3bab477926bd5d2e78d4cd0eca133c232b1e863fd7799dbf609f3670b323e5518e8f4bd36e9b3da2c68a28eaec9cac688b4dd0b73adc24a8c7acc264399b7facbc2f43e8e40b6cae9f8e956d1dbfe259f12bae75ad362c354050ffdd6e954f2d7615fafce888bd6f672a81c9fd4318caba765069c0a425e898bf7611b77f0fe61c27d318159dba42f011900246c64557d27b77aef928ab04a147baca37863cf998a2ac30b903c0314449ddb218887c309ec7184c8c733f5d4e7b2d79516e9531c9a5becf8294d6ccd777f285b13160e1c949d3069c6c66c0daa62bac679bc9b69825398d1c290d765e882fa2c8708b20ccec885ab6785dc22696b61c109ff84bc5407932c3e5bf12069a68b8e3333a26d3dd390ef9bc01b86013fbcb5c28a1f4d2b8084f1502fccc4027a124c3629d8f4a8befd14b597cebda5f94f36050a31b95087cbac347788a71a90e87f2187fae600aa42719c05c2859cb30ae0fd58a7bba681f7a6027a00583071def2c9a94456e5d9acb9fd2d11fdea524582489c02377bf7f590948985c769b3822cb6366681d79113c6a6c752f2475caba77b7b2e8f293d7fd9b991f63e254c98dec94f4f3def4fee9cdb56ff3ba7fe6a718cbe9a7f04710e257ea8a49d6605266048fc122d4f3173d4b04b3e282bd3c5198d7fcb72ec38e0b07dd8a541b2807e601e5a0a01f07a281e0e1a261c65977088a54597efd0997c59647aeebb2605a89705eeff3ec780e302e24b23a0cbe4f81367c3f118545f01328d22eb8e802667389143166a9db9477c9b58eb5c76a19b8f8b2692b0d356003f08ae54dfc820d8e357ecbf91fb7e212cbef1262171abaf2f613a5bb59b783cad476fec50d16ca0ac13c08a59a3097e6e3fde700a4b987d10311fc22d4aa210956cd859799f78010e4c0f25b715876aa253df15009490f71be3b0022875161f537c70b14bdb9e2d87a5a11b414a1198533c7de6fc4d22228133bc26b19d9f1e7627b14c72e3c39d3fa2186a42e50a0d1867dc312f94c7209d51475ed4aa80b2ccb0557a40422bf7317de2fdf3296727723a2d23babd5e23f7c3edf4942bb485b95a122e6aba41b8f80f684f84605462448d5a4fd66dfe9bbf80590b9999b4780d4f4f189a20f4400b2975df85b584c8c8f9fa3095f13aede1f52dac98be358b0a0d72bed4df71cd23973e326179580268c4e5d1be4b2ae2e1e2dba913998faa6088af128fc8fd3ae26203a898882b67d86d63f6ee8f8e216337330db6d928facf9d0ca273845ee5b33a0a136aeb48b7c52d3b95fe73efaf06197ec8753ee0349f19db8730917d0f18a2de9602d3b887bc583ff64dfee67e2bdf4d5cc1c341b89acd3dd5176d2c15ec2a77120b8a49591ca438ae36c52845e5dca550e539da9ba2a2eda49be316f3d6d4b7c83666bd4759940347c29dedd273adac722630a940e104316b4806553ded47132be4e31a50600f5a4dd56825b245b7aae853f56f79e0ec31f7b5db945ee3bb92865acb0d8828598e77446ee50ecd8bf5e7ccbd963445a09e3be215709b0b3bff2e9d12e6549924338f236b4ff973682e2e03fbf6b167e3b3a0f8c3f3c1e8d0e21a71937c918cabab50dd74c011a1a5531cfcf88a5df5fa58f17715f7c7b3a64d9dab6f20a596288969191420ed71daccbae7c1ec88bf74811b5e1f4bd306f3d810c4f3600df2903ffdf8db40ac7153fd93327a1065cf2c4590c8ba9f9391eb6aa600cb42aff8793e4721afeb3d470beda45dad9adfc6f4fdb24eafc63792f5015c656ca37cee82b7ee382bda31d786d6e03d4c8611c4ca464e2360ca747815c9eebd38c8fc7d5eea2db96b29d771a96dc5c884029077125bcc31980564555d21ecce5d0388e1bc1e618c7dfb31b02b1a6730db7eda387dd4ceb96f65178bb088e81133e5086f73c458f84139685ef930945a51979faeab539e4964244709dcb8b38f575d3a3ec1328a0df65fb34241db7cb3250b8ae0dbc44670d2b5cc3a1785d8d281c05256ef2beee3b202d8bce053e55ce1fb2bb208e65d488ae24484b00c2e343fc3544ca546406688022db6e29ceca9539ec095a2a2cfc5f516230f75fc961c5de1e8d33222331f57db02cac5f9208029c6114d041bb1cc7f959f77511f5790a564600c018afc253e5ecd5010bd769b45a04296ca09e87fb63bf3d3b51dd8b3f6d4426a03c0944d09dff654c5718ab1fef063caba34029be6811502e8bb785011dd1e34b0c192915adeeb40faad0725a8f9a62acf61b944a271d20567f350cdee22d76e3cc5966ba742d9c43823af19ba74c60da0df0c5f4e7e26af7224147774a1f8ae09f929066e1769ffb3c40ba9fed13d2670b9e865a155426ed5c83648c0ad34e46f5308b455e0835730fe529668b606f3f52b0d04534d0e14bc0ff0f742359550e6980ac9978455adb3de0f292af12a3700453e035a49eafe98fc0d7f26e42a6c41f380448607b7c96291f98fa6bbd7e32c249a49171f8fa81762a490a1ce5c39d66d35c6ed6c0679440c06197c2e24d48e1de81c711164c02820816afb5393d3d6c801c3c062ac46d1494f52c45ca36faf94894eec9d71e1be6c7256f4aee8dc080156b28623c821ef8d1826ebf0a41332620f42589270e142561374c825e828e2bd9ae41fd34959db48319d54ffe7a1b58ae8f7361cbaee8e26e0e7e1b7f125f8cd99788825efd01c38ec987904190a0ad52bc20cd36cc7209f9269ac87b2fa44d2456661d3056d893cf912c69ae6b2b83d0c781a6d6c33df1910867b71257ab74e244e3ebbac07445069418fe2e440a384e16feedf8e3165676e67866430eb6a8a5334620d8c2cda15b0328bb0c50630886353f95241cf4f3b647a4ff812c70e1b074c4befdc70fbfdbf868bcc81652034b5bfa831f1b686724046dcd17ac91ace83711e9ec7465d14c9d508bce93676a58ef7dae37221436865ad34ac2fd691e3b3e12aee6736dbdeec9b1c05fcedf8b9ced547259a1a40471ebe8b4bfda69d2f884da025e2809fb9f159150bbcb331ca3c502012a7fe76b4fc2771976aeb624ad7f2d72c707f5f19d8ded84581ac5afa697ff99d27d88c9588fe769839c9cc9d6786a0f814667527c53b6253b1825bfe17e7d734d96d61da0ae7349d0922774fa9b4baf332a4568e32cafa417ec659c4ad72cd656a1e2c59c8dee38890ed3acd8b4f8657de41f670106c38c38ba1a553f0f589a57c61f5105d70e0c0953459383cb9337ca972cda1d2cd3056eb07f21c1f5b995a04997fecf501bb201c67fd2afe4d44fedea595969b6b3706087b0f59d2ddbb099d60436a94f0ba33282b29f6e914fe92add4b33cf70b680b905cfa2b2ccb00b9967f99806e8d69783fd35a2d7fbb424e9fde2647609aecb0208bc3864bf95f05e50ba12123edaca8de927b338dfcb3cc597947c606c08315061a7fec98c48f480e2febd26fcc8dc12289aeb0adefa2c2be1766a5bc74ef1aab6c2cdbdfbf1810d956bc889c8e614b7b933ff6e336bb208db5b592775fe71c3ebfad5f47e0d074e1c0cb36761481ec677794f23c3698bd35875719f242e3fc939bc3668f9723f31effe189dabdf4ebbed073eab952c88f13059eee22230bc7724d7266b15726a0b0898cdd274e3e56d0a356166b5d16456249e9e92e84e39f61c0ecdf99ec2cd230440c03fd21cf68f27306628d35ea47367775f39d20a07f3959b38d49e3674061fc1018b647047ad39f77027878badd29927c5806f95aebde5f070fed28ed34052550678d3c6b677a3b5a46f76a98264c42206bf62caa95df5437092b68e025ee9ce2ad733b6db3ec97fd33cdc3b2f77ee90dd86d8bd289ae1a437c86f4153ddcff5e846347bfecc1499bb42980e4fa91790faee1b1991dfead5d7c460348631f0469b2b9e8f65207a00985511e0c41f441d9a3154f5a0298c172fd7135d4bf95c11cdf1769db1cc55f392aec309037599327a7c53c10a56d1ace8ad19186a2fc75dfa9d657c114eae99c1c1a6b4a58440718bea82290bd1c2a67048938c381648ea2b2c7110d748c9c8d782f20430b1427b51d7036e55b0997c6f75717db67a82c88d3647ee036b49392f0467d6010b32f9de3e5e79ef082c5bb975d11d2bf76a97f7159c11a7753db8a065d3126ccda9abbebd2c54374e389942c24b27435868fadb45bb060d3c1084b211e2afa8dfaa2d8dab8dc47fe10e6c32afece7c4976176a7c66d704125c0948c238c843b41b0246be1f50f8e07884cfe7ae8885ca06339a339c8d5978b079e0eb78facfa1dc67ca70733dfefc6c868ca149e0661b70e0134870a3107c8c46711fed14f892d6fc66d95306838688f13b19e904416a8d161cc33527878b38ad10b1c08db21457b2075608be7300d39748e4fcebe02b190f3e8ed32a0ef734b11ca43a21f5f809bba795f5aa0ea01050021d0f5213620af5b08fda6421a42b7c82804a20a6ef6d471babf76f46538327f943476d1d109a3f0dc531233d6f93d8dc27f4745735085f92adf63d617b373fba24f289035710e69eb80da12d36e8eaec22620ffaabadfb824bd5fc309a2c74959505856b5b890bba8f22bc571a9d87e93ba3b9aba6dcf26f7076c0c2e271641835ea25fd49d96c69d4fb8bb8731bd2cbc75146aed10d269f9060462339cde8830b535920be3dbf143eace0f1ea9469b95a64fbd7e5057eb880d4422cbf97cfc3f7140251d4923580ca2113f345cf24a66499ceffd2e39dc4fd74cf448638962957b409f0d218c165c13ffe107aa1dd1d9a02092cd46cf2b353dd2d2ca7b8a7ae8eda0ee18bba269bbffed0c7d400497aee4da0896cf6329d76ccea098fbef9075412d1c2a3644cf0f202b884303d204314ae92c56217b2feb5e7c1e15a99fbdd655fb8f6bbc3ab1259bf03b2ee17c5b7e9443695177ec5040eeff3fc36ceafe143393d76a3d735cfe6c9b632e52dbe64dc1265961e8a27ee9f76c0add9e0581e474d7678214f5b64c932903715befc6b766611f1d7e495573b9a3e009cfcb0ffef7ac57c3561badbfa41c119e541180aa2364de61a601699cd1bf3de01d15794b728e1444efd6ffa1e57d95489c8df91fbc057b66dd6d9f3a01b19f36bc99f0b54ed1f9905067dd1608bce47f5ff1981a25184aacd39e331d8ff3dfa7c012d7e667a69249cb4803b23f7eeaab8ed29c69ba3d2a1b88821ffefc5825650c53b6364f38e0a178312f5d29d5375423cceabc8e1c4e51a566ba3f9b176b858c8860440ff8ebdde725640d2dff6b9160bb69f188755b0ff766b410704cda4c33e1ae2c73b5799a00d2f55de73109728b350302b64df2ce3eaf2e0c6561009b60c2701ac493076305e97ed20c3b42f40b2bc7f13bba4ab8181e2085b07930c6f5579205dff696902be824e65ddc774e886e8d261fe74712a31e406b0f7725b4559d7ad0f27a1a870261aa5bb8a720e7c89ba933770d48821416de070df1abcc6eee1147c20bda090d940aeee2bd48c0f3d94675d9b9cf1a62ba50e31a7af0714dd8325d5fb7142e88c4d22ddb8f0278ee6ba88e361524e291b6d000f6523ad4188b021da9ef4a634ed09eb2002b9c726746c9ffc32f261edb448106aa1e2daaed865255fd1d296fedbbb2de3f7c1f15935e52006492b632ad125aa1e000c9d71bdb945792668e16b26122a3fd7cba1a40db8083068c5c48fd2aaa621c87d9f5621bba442fc26839030dbe4e37fda4046d6503bb03e0f928de25d4cd4e2a40ec93c9021dfcbb25f6e2c943cc85eba8123340d6364949581e8c8c2913d59dafe4297672c0b9e7418485f00cbcf672a588904beb3c074bebf339815b91c7c374ceed5a701e1ade8f5d87ca536120116307ac259577a8e12958425317c482d2c7089bf3d83e12318d1526107a050f3c094492de7255b22e18ca2ff261b3ed197f2f8e67b71b1c5a6a04b99158b58e9baad75201aabe13254617d0de0a9073af62491c67fc18d1ccbf7686a85a99b39e9d7d9c85a0777e47c9fd0e10c932c20f13ef287b44b9b706ec818aa0c48a10caac58a9b8355e84bc820698c2501f0c12e1b67df701cfcbe72dc47a2c87d43753ebfdb24cc838507e241d9fcd3d4955a373209ccda903a3ffced05e4232f2cca9bba197fdba8a9357cb1d6da6d9b4095027dc03e17d59ebc2d358e171da0044df102b193c79390ebcb58023b40c621df71e064b0056bfcf1eaee1eca85357cd1ac78feaa54bbbd85596977ba85003ea60d8685f4e3b756e4f81453077396590fa214f672929e81569442023667b798c24e06ee20dbf64cfccb51b2bca4e2a5b0df137bb37ab3e2854dc7e1b879866a72a5809b563596cc9fd3e53abdbccfd5dbc60662252ddc5c290d72230d79b7504b40fdb45ded2f02e926652c1e04ea4c1c488025ad1098adeebe98e385ab1caec4b9eb4d3bbd5ef3ddf1fd0d72784604a989558fd37f6d4fee20609090b3331e254fec98414a2c54589ee01c9429b7cb574b9167efede1d966a227bf2a8e422f38680d77d3c555cf1117e7d7e804ad730c36a78b7846473d6481bd0839bd3e6982ed47246c370a90b76e5b88de202346fb20b8b6b5ecb6a90b8478d17b175a1821df75b48ecc34866fe5c8960bf64d5ff92831bb9357474bec65e0dd1699b0f0340ee5ac5e9e9d3df66edca20201371fc21ad80aacd49c6b0abcfee9c876c15edcfccde823b55b61cb7b254487ef8c8781a22043f4adaf25df34580a6b3904fd014b50c59fa90eff75fa5fd32aaec9aa10df8a2b9b824952e475c964533942bbe30f4167a11fc15d548e0a31f911030569722f0c67e79e90483f6f0bee1c7f80face1a1b0f940c891be688cb16394f6c07fd29b5f248c211d1f76ec1292755d8bd963e191b3a8851472fbbd2cb732f4fd9fef3a8fb29aea097328173fdeaf56fa2279e86fb954306b040c960d0b601b3a741c96cf1f0bd1172f848585cb3b57d7d2e2a84914526f5a6f9895cf5aa4425b4dbf9f59037756a0321bba204a737e36277e86fd268f6047921f4f8fab69dfee137c07874f12f89084e7117e2c9221690a27f880f17d08d56f9dbc96ffef3920b55fb773dde72e1ba35f3e0c9872e339508281426ab04941df4885f7e0293149f1642c2573e2b6594b8fd953ae2468cf917cdaa0692cf461e3628860935def39af78af5e1540147ab1c70c3ab7f7c76abea0d8541feb43e632d7a2cc7bef15a4700304048ecf135968d0a9644ce899aad05b186a2224bab3836248cc6137472203ebceb29b3e87610df12417ee722f309c54b2e65591d8b929440f3ec43ee9ff8f7b7710668e4312610d1591303d5270394da0ab61e4515af5215dc81137f0dc90f951972731f8d98ceb8b4ea38da7d8dc153ccbae5068781eaf9a4a7b11b4319090261b61aa65a8536292eb5392020eb285b2db07f81e7f764d65037050f1e3748593474c6c1dc11cfcb56e1c916157280098a437265e1c682cbfed717e7275bc6c3bb6c6ef7f0f9fdd19ef82ff2c82284c3a061f57b21d3705aff97710108a7d1217a7ea3feda021d20f1fdca94bbef67e0aeaa3db6ccc2d060f7b33707fe19cb2d0232f1239373bb38e666cbbbf3a697c6d0e957ec6730f56034440e789a7a37304d09eb742f21019a77c608cf578162a55d0aea113c051b110b5281ed8b6638d2b31604e965cb019f2f106bc4e96d1313c70612f1ff18afdce7926270dd242c49cc53792f160d1e143e04d7eb3ca40828b153fac466bc53a084281987b47b806a4ef668859eb9035ef68e9c20bd6bb790fdf6f921569b4e97fae5b7edc761b4944c1d6d90f4df40bc3203ed838d4c61cdeb7a9bbb68d59b2cc00125eecaf06b759ac1b9dd68028225d0a60efa499e4436962362727011eef6cc55962dd4ffe2fd3892907e837045883cc9ba8892ab265a31924f3055d4dee68feff05d9f10ebdf1e8c1c1e7001b5b02a7fe26b9c0641e054ae37854187fb1bb6e9fae05b09e85a1e0e14bc801f2d8b9a178a9a72b147e137e0d83192664a88a3aca4fb6a4f0c5787b20c31bc5975dfbc8bcff8987573bd14b1ca434d93452e67ed01c60be99e535bb3f848888d224520b61cfc1de2d6b2ebef9f24674c31aada52784a0b7b60f351653c71d546cf951e6b4a0d917ac6afd0a713f41833f9f74a3a7d3c19b523299666da2b48676ca7aafebadef05b3bbf4b6b62834046f51d3d4582fb4c9de27a3f5e992853368e4f17f9dba27c8c4438307fc7405f53fb27cc81c1521452a1a5edb0cabdf7a73b1cab0675b619fd5a0fadb7147776e74695c042d9d8bfda045bcef7542b42249f34c7590605d0201a762390f2fee5f3cdb488426609c663c9fc4dc2a5277f3f589a14e6dcc202dfcd89bb148a368ff1792d230c19934143d2c260dbdfb334af863b856e415febd22fba01c568d8f48dba6d92f493cd1164a376f006d55db609cc2c9532a9f56da3b06e3db2a05f797eed57892e2fb677541324bcd763cf4669e7a871e322d0cc6e21befe3c767976f058dbe7a059d673c94c7ac5d49178bf19d32907b6fe66a92cc8ea30a858da43f74354390d6e97021da50812c59a78915e5b33221531bfa054c594ce3a2300e5a7d712773181901dfcf6922e980566fa62b1f2b669a27fbecce29e9be6d22058463e350163f33d18ce92a72d1b470857b6a37998aec5672521a8f0d66ab2bd01de516036ec47d1f63b95b437dc6d5a0168189d5a963cb0a80a9a5f20b03515396e3525f0ab13b0c1e5dd051b4c930da6d57ab6f7dd94ab3e689e0355af0b34871296152a76cce170d7b14d471ee4d9daa93de4ed755f30d45344f724288c17e4b22583158f1305ff55fecf7d526e207fa609886e14c9a168bf364b049409f63590f18a5515de8c1fd8c5a9710b6e33d2ecd01466b799f14be787612b8f17df0c05483a16097c0a504880249e28f1e067663c640a550a8c7ad9d090f7b2e902c5c20936869a5f3d3a014817f90babf847b43cf67ec23f120ae4abc63a418d1d99f359fc2c33a5bb34e1f5780576111a88c5ede834bc41e498548ddd128f9e884f4cd3e1bf1aaa1204079ce74e709306f38f2d6859128fc35d3a74c534ff1dccadfc8fe41f1be9510349af8710eb6d2dbc758be12b65622dad1cf48abc2fc409f5ed6a3af8d0b6548643c46dfba9db4e5827475e6e317c9c018a4dd5de391cc9cca85ec527537e26949e5091baca4f0b563d4c3969f15115e5ccdeb9e40788fe12f9d32d9488a70ae53b819726e4483ea6bbcb76f99775ca5e4f93c76edae462c08d596209f985aa55ef5e786701edcee8d831dd6dc0fee9ad01b6bdd63e886a5e55bdc593390c81e18dfd8c685b81306bad6b7a19a86b2bab5cbf4754708422e99f8f2497d798b3db565e709bcbba4c376c1c60b22b994fe8fdcb25215d505511cc1927f6a35344023d5da0a3ac0830e6aa80f5f7f0d94a67c99c6b22717078aecba2a599daa2acc054cda25e3965172e5fef464ec19aa71de5e84b6de30cc673fbab8c441ea37bfb3fc321a504371bc0996702e9be38db762e339ad7ad66dc2caa887e4ab60272d7963f85b14c941d31e545b85c640427302efe7142f0e0897a8c623ce57da213fbc2d1f90677142fd48cafca0b2934e572833ed6473218d0513dd1f6ecc578e5a1109ddae552b3be0cfe7246d7682a59fe9ae783a0f318d1800d5c466c80c5fd3facd0340f455f081068dd2cda5cda744018d902217152b6c05d37c090f8348b0471053152c2a4570fbab3f6dc30c8e49a63b88a00b3aac75180a633692e35ea976821694e133eb8bb4d31237d002fce1dd2ce55528dafcef2f0e00690562d144bb0e19576ce6ab72deac22067d8edac916b1b07e4eb57ff0b885b1b79f37dcf88135eedc17ffd948b61e4df4985033bcf891dd5b1448c8668947a271d93d03ce31216810a6bb45a6c5a12e290d97a60ad4b5c7384cf19421ac1ca64d346b50771e0b50e5caf1d9dfe056e8da247aa502ff04c8e29ca810a1d3ec7a89bc17dba2936f03a80228171f7999b3f2768617970efe57b14011c80666ac4999a568ebef74e2ca14df0ff6f0fcd47c538be96aaca1e65b53b98447101e49672b48167c0afc1afffe669b0f9718bd3305805c292db9738740b362564e4691cbdf061db1ed3f9db1f8bed82939f835d14f46818e3eb4e25f7a8d77d9d0d7913c45d8a81115c1a5e37b1d3bd1b7b5e6afaaefc81d9700bf83506fbf15457bc0f59f7008cc803efdcb6d39e388f6b28e80d47134265cc5438804b12d50e61a489da829dca05792d2ac182ba747331e88a7118f7dd38067f7d38f37be362260effacbc33863bb47aeebbadeae648a1090718266eedd2ed5a2c23f168759198aa92b2ac45c2a68ff212f29260e641a38541b066d39df4e95cd1c8e7e6ffae1b8017e6f629db3910b07496c8a81e4e66ac2321fd9e7ebfecf5bf6e922d7a79fb710a2d42dad1916c9b186c2c50c818fdb1afa19be867d943ee98f732fe3a01364281c0f6d0eb64a278721dc7bff5316256b0f4251abbd9b8ba7c7c12a3bf02a1fbc9ca94b965588fbc82343d07df8e06eaa5ed2137fec129351d80a9048a7d78b31ffaf2e388864a763c4af7aa53000e0bb2eb8ac0e4272cbb79dc6a7d65890f125c523c7cfddacdedbe87938aca915c92c807dab26be7d748827d4e3188676312ef1ac8460b29e8e715f4075e33104ce82e6785aadf17a7cf82d2a705e9f2d0fd25810ba33d76e54b48eda3effc01f37c89db38af81922fadc8c3361fe74ed51eac5e4437108106ffdedb339b406c082d62a8bf718989846d23f966e1ea39103010f767b3a6f0a0a2041b1dafcb787e69ffad75ed2a0081b92a4136ad5ae557c55a4b6219a390103428181ab36f329ad182a92957495c", 0x2000, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) 589.723039ms ago: executing program 6 (id=2330): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0) 445.074983ms ago: executing program 8 (id=2331): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_type(r0, &(0x7f0000000100), 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000400)=ANY=[@ANYRES64], 0x9) 361.996463ms ago: executing program 0 (id=2332): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000200)={0xa, 0x8e22, 0xdfe4, @ipv4={'\x00', '\xff\xff', @empty}, 0x400}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000180)=[{&(0x7f0000000400)="580000001500add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) 0s ago: executing program 4 (id=2333): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@id={0x2, 0x0, @d}}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x84c00, 0x0, @desc2}}) kernel console output (not intermixed with test programs): e from 0 to 2048 [ 457.789975][ T8018] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 457.903327][ T8011] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=0, inode=7, rec_len=16, name_len=1 [ 457.960315][ T8011] Remounting filesystem read-only [ 457.965806][ T8011] NILFS error (device loop1): nilfs_readdir: bad page in #2 [ 458.505721][ T8013] loop4: detected capacity change from 0 to 4096 [ 458.612411][ T8013] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 458.669748][ T8023] netlink: 28 bytes leftover after parsing attributes in process `syz.0.809'. [ 459.177653][ T5831] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 459.189469][ T8026] macsec1: entered promiscuous mode [ 459.198895][ T8026] macsec1: entered allmulticast mode [ 459.308364][ T8013] ntfs3(loop4): ino=19, mi_enum_attr [ 459.321925][ T8013] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 459.887691][ T8030] loop5: detected capacity change from 0 to 256 [ 460.253614][ T8030] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 460.296443][ T8035] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 460.308049][ T8035] batadv_slave_0: entered promiscuous mode [ 460.314402][ T8035] batadv_slave_0: entered allmulticast mode [ 461.230188][ T8040] loop0: detected capacity change from 0 to 128 [ 461.544229][ T8040] syz.0.817: attempt to access beyond end of device [ 461.544229][ T8040] loop0: rw=3, sector=137, nr_sectors = 7 limit=128 [ 461.561351][ T8040] syz.0.817: attempt to access beyond end of device [ 461.561351][ T8040] loop0: rw=2051, sector=144, nr_sectors = 897 limit=128 [ 461.572355][ T8044] netlink: 'syz.1.820': attribute type 4 has an invalid length. [ 461.587131][ T8044] netlink: 17 bytes leftover after parsing attributes in process `syz.1.820'. [ 461.605242][ T8042] loop4: detected capacity change from 0 to 512 [ 461.898928][ T8042] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 461.920149][ T8042] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 462.919349][ T8055] loop0: detected capacity change from 0 to 64 [ 463.076918][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 464.649434][ T8069] macsec1: entered promiscuous mode [ 464.658432][ T8069] macsec1: entered allmulticast mode [ 465.327628][ T8075] loop2: detected capacity change from 0 to 128 [ 465.578436][ T8075] syz.2.834: attempt to access beyond end of device [ 465.578436][ T8075] loop2: rw=3, sector=137, nr_sectors = 7 limit=128 [ 465.600230][ T8075] syz.2.834: attempt to access beyond end of device [ 465.600230][ T8075] loop2: rw=2051, sector=144, nr_sectors = 897 limit=128 [ 466.166949][ T8082] loop0: detected capacity change from 0 to 512 [ 466.477574][ T8082] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 466.499681][ T8082] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 467.598113][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.306417][ T8104] loop2: detected capacity change from 0 to 256 [ 468.322155][ T8105] autofs: Bad value for 'fd' [ 468.637601][ T8104] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 469.579431][ T8110] loop1: detected capacity change from 0 to 256 [ 470.067187][ T8113] loop0: detected capacity change from 0 to 2048 [ 470.394635][ T8120] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 470.593089][ T8113] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #2: disallowed inode number - offset=0, inode=7, rec_len=16, name_len=1 [ 470.655911][ T8113] Remounting filesystem read-only [ 470.661306][ T8113] NILFS error (device loop0): nilfs_readdir: bad page in #2 [ 473.587483][ T8149] loop2: detected capacity change from 0 to 128 [ 473.692946][ T8149] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 473.851201][ T8149] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 474.202299][ T8149] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 93: 0x5d != 0x05 [ 474.213376][ T8149] UDF-fs: error (device loop2): udf_count_free_bitmap: udf_count_free failed [ 474.449851][ T8157] netlink: 52 bytes leftover after parsing attributes in process `syz.4.869'. [ 474.980935][ T5825] UDF-fs: error (device loop2): udf_read_inode: (ino 104) failed !bh [ 475.060030][ T5825] UDF-fs: error (device loop2): udf_read_inode: (ino 104) failed !bh [ 476.070394][ T8169] netlink: 56 bytes leftover after parsing attributes in process `syz.5.877'. [ 476.283973][ T4414] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.624949][ T4414] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.920709][ T4414] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.964974][ T8176] MPI: mpi too large (113288 bits) [ 477.199674][ T4414] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 477.651704][ T4414] bridge_slave_1: left allmulticast mode [ 477.658009][ T4414] bridge_slave_1: left promiscuous mode [ 477.668461][ T4414] bridge0: port 2(bridge_slave_1) entered disabled state [ 477.844899][ T4414] bridge_slave_0: left allmulticast mode [ 477.851090][ T4414] bridge_slave_0: left promiscuous mode [ 477.861414][ T4414] bridge0: port 1(bridge_slave_0) entered disabled state [ 478.824096][ T4414] team0: Port device bridge1 removed [ 478.926867][ T4414] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 478.951208][ T4414] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 478.976579][ T4414] bond0 (unregistering): Released all slaves [ 480.037675][ T8186] netlink: 52 bytes leftover after parsing attributes in process `syz.0.885'. [ 480.185176][ T8188] loop4: detected capacity change from 0 to 1024 [ 480.426286][ T8188] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 480.444484][ T8188] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 480.695232][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 480.702092][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 480.838787][ T8188] EXT4-fs (loop4): resizing filesystem from 512 to 0 blocks [ 480.853647][ T8188] EXT4-fs warning (device loop4): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 481.045492][ T8193] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 481.562117][ T5817] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 481.576654][ T5817] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 481.579232][ T5817] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 481.601331][ T5817] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 481.612380][ T5817] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 481.749091][ T4414] hsr_slave_0: left promiscuous mode [ 481.791917][ T4414] hsr_slave_1: left promiscuous mode [ 481.795146][ T4414] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 481.825921][ T4414] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 481.826024][ T4414] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 481.885074][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.033843][ T4414] veth1_macvtap: left promiscuous mode [ 482.034021][ T4414] veth0_macvtap: left promiscuous mode [ 482.034388][ T4414] veth1_vlan: left promiscuous mode [ 482.034672][ T4414] veth0_vlan: left promiscuous mode [ 482.517785][ T8210] loop0: detected capacity change from 0 to 1024 [ 483.894470][ T5831] Bluetooth: hci4: command tx timeout [ 484.497226][ T8223] netlink: 8 bytes leftover after parsing attributes in process `syz.4.897'. [ 484.510238][ T8223] netlink: 4 bytes leftover after parsing attributes in process `syz.4.897'. [ 484.519810][ T8223] netlink: 'syz.4.897': attribute type 6 has an invalid length. [ 484.528384][ T8223] netlink: 'syz.4.897': attribute type 5 has an invalid length. [ 484.541227][ T4414] team0 (unregistering): Port device team_slave_1 removed [ 484.661997][ T4414] team0 (unregistering): Port device team_slave_0 removed [ 485.975283][ T5831] Bluetooth: hci4: command tx timeout [ 486.956439][ T8242] loop0: detected capacity change from 0 to 64 [ 487.258980][ T8248] netlink: 'syz.1.904': attribute type 3 has an invalid length. [ 487.379606][ T8237] Trying to free block not in datazone [ 487.681210][ T8247] loop4: detected capacity change from 0 to 1024 [ 488.060298][ T5831] Bluetooth: hci4: command tx timeout [ 488.798900][ T8202] chnl_net:caif_netlink_parms(): no params data found [ 489.561549][ T8260] loop4: detected capacity change from 0 to 128 [ 489.749971][ T8260] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 489.873226][ T8260] ext4 filesystem being mounted at /187/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 490.137700][ T5831] Bluetooth: hci4: command tx timeout [ 490.606323][ T8273] netlink: 8 bytes leftover after parsing attributes in process `syz.5.913'. [ 490.616645][ T8273] netlink: 4 bytes leftover after parsing attributes in process `syz.5.913'. [ 490.626342][ T8273] netlink: 'syz.5.913': attribute type 6 has an invalid length. [ 490.634534][ T8273] netlink: 'syz.5.913': attribute type 5 has an invalid length. [ 490.715516][ T5819] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 491.459910][ T8202] bridge0: port 1(bridge_slave_0) entered blocking state [ 491.471859][ T8202] bridge0: port 1(bridge_slave_0) entered disabled state [ 491.480442][ T8202] bridge_slave_0: entered allmulticast mode [ 491.490750][ T8202] bridge_slave_0: entered promiscuous mode [ 491.680919][ T8202] bridge0: port 2(bridge_slave_1) entered blocking state [ 491.689277][ T8202] bridge0: port 2(bridge_slave_1) entered disabled state [ 491.697307][ T8202] bridge_slave_1: entered allmulticast mode [ 491.720522][ T8202] bridge_slave_1: entered promiscuous mode [ 491.815360][ T8284] loop5: detected capacity change from 0 to 64 [ 492.064159][ T8281] Trying to free block not in datazone [ 492.442241][ T8202] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 492.577483][ T8202] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 492.892358][ T8202] team0: Port device team_slave_0 added [ 492.929278][ T8202] team0: Port device team_slave_1 added [ 493.221884][ T8202] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 493.233278][ T8202] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 493.270240][ T8202] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 493.458913][ T8202] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 493.466466][ T8202] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 493.496985][ T8202] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 493.668978][ T8299] netlink: 'syz.5.923': attribute type 3 has an invalid length. [ 494.148378][ T8202] hsr_slave_0: entered promiscuous mode [ 494.163595][ T8202] hsr_slave_1: entered promiscuous mode [ 494.174818][ T8202] debugfs: 'hsr0' already exists in 'hsr' [ 494.181135][ T8202] Cannot create hsr debugfs directory [ 494.332725][ T8302] loop1: detected capacity change from 0 to 128 [ 494.459703][ T8302] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 494.484945][ T8302] ext4 filesystem being mounted at /194/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 495.048532][ T5813] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 495.792139][ T8202] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 496.061303][ T8202] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 496.177952][ T8202] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 496.254204][ T8202] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 498.237004][ T8202] 8021q: adding VLAN 0 to HW filter on device bond0 [ 498.557486][ T8202] 8021q: adding VLAN 0 to HW filter on device team0 [ 498.754899][ T3723] bridge0: port 1(bridge_slave_0) entered blocking state [ 498.762689][ T3723] bridge0: port 1(bridge_slave_0) entered forwarding state [ 498.807559][ T8339] netlink: 'syz.0.940': attribute type 29 has an invalid length. [ 498.861294][ T8341] netlink: 'syz.0.940': attribute type 29 has an invalid length. [ 498.948769][ T3723] bridge0: port 2(bridge_slave_1) entered blocking state [ 498.956510][ T3723] bridge0: port 2(bridge_slave_1) entered forwarding state [ 502.437681][ T8202] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 502.793299][ T8373] loop5: detected capacity change from 0 to 1024 [ 502.942431][ T8373] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 502.955978][ T8373] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 503.030635][ T8380] loop1: detected capacity change from 0 to 256 [ 503.059123][ T8373] EXT4-fs (loop5): resizing filesystem from 512 to 0 blocks [ 503.067630][ T8373] EXT4-fs warning (device loop5): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 503.469468][ T6336] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 504.145761][ T8389] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 505.175568][ T5884] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 505.387518][ T8401] netlink: 28 bytes leftover after parsing attributes in process `syz.4.964'. [ 505.418952][ T5884] usb 2-1: Using ep0 maxpacket: 32 [ 505.473382][ T5884] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 505.485645][ T5884] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 505.500613][ T5884] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 505.510379][ T5884] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 505.706383][ T5884] usb 2-1: config 0 descriptor?? [ 505.788939][ T5884] hub 2-1:0.0: USB hub found [ 506.020218][ T5884] hub 2-1:0.0: 1 port detected [ 506.197974][ T5884] hub 2-1:0.0: hub_hub_status failed (err = -71) [ 506.204847][ T5884] hub 2-1:0.0: config failed, can't get hub status (err -71) [ 506.304362][ T8202] veth0_vlan: entered promiscuous mode [ 506.337600][ T5884] usbhid 2-1:0.0: can't add hid device: -71 [ 506.348120][ T5884] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 506.378414][ T8202] veth1_vlan: entered promiscuous mode [ 506.444105][ T5884] usb 2-1: USB disconnect, device number 4 [ 506.895050][ T8202] veth0_macvtap: entered promiscuous mode [ 507.009529][ T8202] veth1_macvtap: entered promiscuous mode [ 507.201451][ T8409] loop0: detected capacity change from 0 to 1024 [ 507.306649][ T8202] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 507.439948][ T8202] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 507.517909][ T8409] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 507.535044][ T8409] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 507.638398][ T8409] EXT4-fs (loop0): resizing filesystem from 512 to 0 blocks [ 507.647479][ T8409] EXT4-fs warning (device loop0): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 507.715681][ T3571] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.754421][ T3571] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.843331][ T3571] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.899065][ T3571] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 508.150720][ T8416] loop1: detected capacity change from 0 to 2048 [ 508.265939][ T8416] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 508.318315][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 508.414031][ T8422] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 510.078186][ T8427] loop0: detected capacity change from 0 to 4096 [ 510.309060][ T8436] loop1: detected capacity change from 0 to 1024 [ 510.464062][ T5884] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 510.682428][ T5884] usb 6-1: Using ep0 maxpacket: 8 [ 510.750518][ T5884] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 510.760513][ T5884] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 510.877640][ T5884] usb 6-1: config 0 descriptor?? [ 510.891667][ T8441] netlink: 8 bytes leftover after parsing attributes in process `syz.4.979'. [ 511.250645][ T5884] asix 6-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 511.670477][ T5884] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 511.685428][ T5884] asix 6-1:0.0: probe with driver asix failed with error -71 [ 511.891218][ T5884] usb 6-1: USB disconnect, device number 5 [ 512.670506][ T8454] netlink: 44 bytes leftover after parsing attributes in process `syz.1.984'. [ 513.329849][ T8462] loop1: detected capacity change from 0 to 164 [ 513.463334][ T8462] Unable to read rock-ridge attributes [ 513.550590][ T8462] Unable to read rock-ridge attributes [ 514.251238][ T8470] loop4: detected capacity change from 0 to 1024 [ 514.489497][ T8470] syz.4.990: attempt to access beyond end of device [ 514.489497][ T8470] loop4: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 514.505253][ T8470] Buffer I/O error on dev loop4, logical block 100663296, async page read [ 514.515648][ T8470] hfsplus: unable to mark blocks free: error -5 [ 514.522150][ T8470] hfsplus: can't free extent [ 514.603030][ T30] audit: type=1800 audit(1757076713.705:26): pid=8475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.990" name="file1" dev="loop4" ino=25 res=0 errno=0 [ 514.900170][ T8476] loop5: detected capacity change from 0 to 512 [ 515.202288][ T8476] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 515.216057][ T8476] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 515.334961][ T8479] loop0: detected capacity change from 0 to 2048 [ 515.348339][ T8473] loop1: detected capacity change from 0 to 4096 [ 515.415219][ T8479] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 515.425588][ T8479] NILFS (loop0): mounting unchecked fs [ 515.529508][ T8473] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 515.655921][ T8479] NILFS (loop0): recovery complete [ 515.735523][ T8485] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 516.144625][ T5884] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 516.292485][ T6336] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.404413][ T5884] usb 5-1: Using ep0 maxpacket: 32 [ 516.445498][ T8473] ntfs3(loop1): failed to convert "076c" to cp932 [ 516.457139][ T5884] usb 5-1: config 0 has an invalid interface number: 35 but max is 0 [ 516.469165][ T5884] usb 5-1: config 0 has no interface number 0 [ 516.613979][ T5884] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 516.623866][ T5884] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 516.632579][ T5884] usb 5-1: Product: syz [ 516.637572][ T5884] usb 5-1: Manufacturer: syz [ 516.642477][ T5884] usb 5-1: SerialNumber: syz [ 516.850898][ T5884] usb 5-1: config 0 descriptor?? [ 517.245733][ T5884] radio-si470x 5-1:0.35: this is not a si470x device. [ 517.295122][ T5884] radio-raremono 5-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 517.561484][ T5884] radio-raremono 5-1:0.35: raremono_cmd_main failed (-71) [ 517.634522][ T5884] radio-raremono 5-1:0.35: V4L2 device registered as radio48 [ 517.706657][ T5884] usb 5-1: USB disconnect, device number 8 [ 517.716952][ T5884] radio-raremono 5-1:0.35: Thanko's Raremono disconnected [ 519.204548][ T8501] loop5: detected capacity change from 0 to 4096 [ 519.337138][ T8501] ntfs3(loop5): ino=3, Correct links count -> 2. [ 519.644956][ T4414] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 519.656314][ T4414] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 519.980591][ T3614] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 519.989264][ T3614] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 520.453606][ T8514] loop0: detected capacity change from 0 to 512 [ 520.537883][ T8514] EXT4-fs: Ignoring removed nobh option [ 520.544064][ T8514] EXT4-fs: Ignoring removed i_version option [ 520.678834][ T8514] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 520.809485][ T8514] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002] [ 520.820928][ T8514] System zones: 1-12 [ 520.827030][ T8514] EXT4-fs (loop0): orphan cleanup on readonly fs [ 520.841212][ T8514] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1004: invalid indirect mapped block 12 (level 1) [ 520.913586][ T8514] EXT4-fs (loop0): Remounting filesystem read-only [ 520.951704][ T8514] EXT4-fs (loop0): 1 truncate cleaned up [ 520.960517][ T8514] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 521.651029][ T8525] loop1: detected capacity change from 0 to 128 [ 521.956676][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 522.911370][ T8536] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1012'. [ 522.993635][ T8528] loop4: detected capacity change from 0 to 4096 [ 523.429360][ T8528] ntfs3(loop4): ino=19, mi_enum_attr [ 523.435205][ T8528] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 523.946544][ T8546] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1017'. [ 524.984887][ T8555] loop1: detected capacity change from 0 to 512 [ 525.196055][ T8555] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 525.210547][ T8555] ext4 filesystem being mounted at /218/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 525.568983][ T5813] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.067213][ T8588] batman_adv: batadv0: Adding interface: gretap1 [ 528.076653][ T8588] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 528.107021][ T8588] batman_adv: batadv0: Interface activated: gretap1 [ 530.237234][ T8611] input: syz1 as /devices/virtual/input/input8 [ 530.300229][ T3940] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.659726][ T3940] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.873477][ T8617] CIFS: VFS: Malformed UNC in devname [ 530.953739][ T3940] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.167480][ T3940] netdevsim netdevsim5 netdevsim0 (unregistering): left allmulticast mode [ 531.322688][ T3940] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.908550][ T3940] bridge_slave_1: left allmulticast mode [ 531.918468][ T3940] bridge_slave_1: left promiscuous mode [ 531.925763][ T3940] bridge0: port 2(bridge_slave_1) entered disabled state [ 532.024960][ T3940] bridge_slave_0: left allmulticast mode [ 532.030864][ T3940] bridge_slave_0: left promiscuous mode [ 532.040545][ T3940] bridge0: port 1(bridge_slave_0) entered disabled state [ 532.654641][ T3940] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 532.716068][ T3940] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 532.738606][ T3940] bond0 (unregistering): Released all slaves [ 532.902405][ T3940] IPVS: stopping backup sync thread 6867 ... [ 533.309177][ T3940] hsr_slave_0: left promiscuous mode [ 533.322687][ T3940] hsr_slave_1: left promiscuous mode [ 533.331393][ T3940] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 533.339605][ T3940] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 533.350749][ T3940] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 533.358719][ T3940] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 533.407133][ T3940] veth1_macvtap: left promiscuous mode [ 533.413262][ T3940] veth0_macvtap: left promiscuous mode [ 533.419255][ T3940] veth1_vlan: left promiscuous mode [ 533.426706][ T3940] veth0_vlan: left promiscuous mode [ 534.582656][ T3940] team0 (unregistering): Port device team_slave_1 removed [ 534.785722][ T3940] team0 (unregistering): Port device team_slave_0 removed [ 535.931359][ T5817] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 535.956410][ T5817] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 535.967928][ T5817] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 536.039821][ T5817] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 536.101540][ T5817] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 536.226109][ T8650] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1063'. [ 537.123865][ T8655] IPVS: stopping backup sync thread 8660 ... [ 538.219834][ T5817] Bluetooth: hci2: command tx timeout [ 538.379347][ T8642] chnl_net:caif_netlink_parms(): no params data found [ 538.650412][ T8675] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1072'. [ 538.973170][ T8677] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1073'. [ 539.196318][ T8682] netlink: 'syz.4.1075': attribute type 1 has an invalid length. [ 539.204790][ T8682] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1075'. [ 540.293685][ T5817] Bluetooth: hci2: command tx timeout [ 540.535384][ T8692] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 540.639990][ T8693] loop0: detected capacity change from 0 to 128 [ 540.815349][ T30] audit: type=1800 audit(1757076739.935:27): pid=8693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1079" name="file2" dev="loop0" ino=1048678 res=0 errno=0 [ 540.910067][ T8693] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 540.918479][ T8693] FAT-fs (loop0): Filesystem has been set read-only [ 540.925619][ T8693] syz.0.1079: attempt to access beyond end of device [ 540.925619][ T8693] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 540.944346][ T8693] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 540.952447][ T8693] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100) [ 540.970255][ T8695] syz.0.1079: attempt to access beyond end of device [ 540.970255][ T8695] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 540.985118][ T8695] syz.0.1079: attempt to access beyond end of device [ 540.985118][ T8695] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 541.047258][ T8693] syz.0.1079: attempt to access beyond end of device [ 541.047258][ T8693] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 541.191032][ T8693] syz.0.1079: attempt to access beyond end of device [ 541.191032][ T8693] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 541.218756][ T8693] syz.0.1079: attempt to access beyond end of device [ 541.218756][ T8693] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 541.319943][ T8642] bridge0: port 1(bridge_slave_0) entered blocking state [ 541.331167][ T8642] bridge0: port 1(bridge_slave_0) entered disabled state [ 541.340726][ T8642] bridge_slave_0: entered allmulticast mode [ 541.351237][ T8642] bridge_slave_0: entered promiscuous mode [ 541.413452][ T8693] syz.0.1079: attempt to access beyond end of device [ 541.413452][ T8693] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 541.485098][ T8693] syz.0.1079: attempt to access beyond end of device [ 541.485098][ T8693] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 541.523099][ T8642] bridge0: port 2(bridge_slave_1) entered blocking state [ 541.531056][ T8642] bridge0: port 2(bridge_slave_1) entered disabled state [ 541.542199][ T8642] bridge_slave_1: entered allmulticast mode [ 541.553203][ T8642] bridge_slave_1: entered promiscuous mode [ 542.088223][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 542.095355][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 542.141156][ T8642] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 542.246965][ T8642] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 542.377021][ T5817] Bluetooth: hci2: command tx timeout [ 542.751579][ T8642] team0: Port device team_slave_0 added [ 542.885333][ T8642] team0: Port device team_slave_1 added [ 543.332188][ T8717] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1089'. [ 543.433801][ T8642] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 543.441108][ T8642] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 543.471408][ T8642] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 543.683009][ T8722] pimreg3: entered allmulticast mode [ 543.735579][ T8642] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 543.742999][ T8642] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 543.773263][ T8642] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 543.920892][ T8721] pimreg3: left allmulticast mode [ 544.127015][ T8724] loop0: detected capacity change from 0 to 256 [ 544.198935][ T8724] exfat: Deprecated parameter 'utf8' [ 544.300956][ T8642] hsr_slave_0: entered promiscuous mode [ 544.313903][ T8642] hsr_slave_1: entered promiscuous mode [ 544.454455][ T5817] Bluetooth: hci2: command tx timeout [ 544.483767][ T8724] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 545.604494][ T8731] sctp: failed to load transform for md5: -2 [ 546.474030][ T8749] Illegal XDP return value 2708921017 on prog (id 50) dev N/A, expect packet loss! [ 546.682589][ T8751] vxcan1: entered allmulticast mode [ 546.712060][ T8752] vxcan1: left allmulticast mode [ 546.834338][ T8642] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 546.971555][ T8642] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 547.134928][ T8642] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 547.268780][ T8642] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 547.382403][ T8754] loop1: detected capacity change from 0 to 1024 [ 547.478994][ T8754] EXT4-fs: inline encryption not supported [ 547.486484][ T8754] EXT4-fs: Ignoring removed bh option [ 547.660250][ T8754] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 547.897414][ T8763] loop6: detected capacity change from 0 to 512 [ 548.075990][ T8763] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 548.087992][ T8763] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2 [ 548.235724][ T8763] EXT4-fs (loop6): 1 truncate cleaned up [ 548.244432][ T8763] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 548.317220][ T5813] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 548.488998][ T8763] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #2: block 4: comm syz.6.1104: lblock 0 mapped to illegal pblock 4 (length 1) [ 548.585955][ T8763] EXT4-fs (loop6): Remounting filesystem read-only [ 549.136935][ T8642] 8021q: adding VLAN 0 to HW filter on device bond0 [ 549.275980][ T8202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 549.438517][ T8642] 8021q: adding VLAN 0 to HW filter on device team0 [ 549.538625][ T3723] bridge0: port 1(bridge_slave_0) entered blocking state [ 549.546347][ T3723] bridge0: port 1(bridge_slave_0) entered forwarding state [ 549.697059][ T3723] bridge0: port 2(bridge_slave_1) entered blocking state [ 549.704838][ T3723] bridge0: port 2(bridge_slave_1) entered forwarding state [ 552.050553][ T8791] netlink: 232 bytes leftover after parsing attributes in process `syz.1.1114'. [ 552.094022][ T30] audit: type=1326 audit(1757076751.175:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8792 comm="syz.0.1115" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 552.120659][ T30] audit: type=1326 audit(1757076751.225:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8792 comm="syz.0.1115" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 552.246590][ T30] audit: type=1326 audit(1757076751.365:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8792 comm="syz.0.1115" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 552.270075][ T30] audit: type=1326 audit(1757076751.375:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8792 comm="syz.0.1115" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 552.419544][ T30] audit: type=1326 audit(1757076751.435:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8792 comm="syz.0.1115" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 552.445583][ T30] audit: type=1326 audit(1757076751.435:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8792 comm="syz.0.1115" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 552.472296][ T30] audit: type=1326 audit(1757076751.435:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8792 comm="syz.0.1115" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 552.495315][ T30] audit: type=1326 audit(1757076751.445:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8792 comm="syz.0.1115" exe="/root/syz-executor" sig=0 arch=40000003 syscall=43 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 552.518037][ T30] audit: type=1326 audit(1757076751.455:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8792 comm="syz.0.1115" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000 [ 552.927271][ T8642] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 553.235075][ T8800] loop1: detected capacity change from 0 to 1024 [ 553.288704][ T8800] EXT4-fs: Ignoring removed orlov option [ 553.296377][ T8800] EXT4-fs: Ignoring removed nomblk_io_submit option [ 553.464811][ T8800] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 553.732044][ T30] audit: type=1800 audit(1757076752.845:37): pid=8800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1118" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 554.007409][ T8813] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1122'. [ 554.219592][ T5813] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 554.710230][ T8816] loop6: detected capacity change from 0 to 512 [ 554.870077][ T8819] netlink: 'syz.0.1125': attribute type 25 has an invalid length. [ 554.904037][ T8816] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 555.587415][ T8202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 556.370994][ T8837] netlink: 'syz.6.1129': attribute type 3 has an invalid length. [ 556.706073][ T8839] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1131'. [ 557.618108][ T8642] veth0_vlan: entered promiscuous mode [ 557.841043][ T8642] veth1_vlan: entered promiscuous mode [ 558.507063][ T8642] veth0_macvtap: entered promiscuous mode [ 558.559570][ T8854] loop6: detected capacity change from 0 to 512 [ 558.627413][ T8642] veth1_macvtap: entered promiscuous mode [ 558.681939][ T8854] EXT4-fs: Ignoring removed orlov option [ 558.965160][ T8854] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 558.981715][ T8854] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 559.092369][ T8642] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 559.281385][ T8642] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 559.504825][ T751] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 559.564166][ T8863] loop4: detected capacity change from 0 to 512 [ 559.578951][ T3571] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 559.657551][ T3940] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 559.692714][ T8863] EXT4-fs: Ignoring removed nomblk_io_submit option [ 559.773673][ T3940] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 559.790968][ T8863] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 559.958647][ T8202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 559.976186][ T8863] EXT4-fs (loop4): 1 truncate cleaned up [ 559.987940][ T8863] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 560.779171][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.803492][ T5884] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 564.041955][ T5884] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 564.050727][ T5884] usb 5-1: config 0 has no interface number 0 [ 564.162619][ T5884] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 564.172319][ T5884] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 564.180886][ T5884] usb 5-1: Product: syz [ 564.185686][ T5884] usb 5-1: Manufacturer: syz [ 564.190534][ T5884] usb 5-1: SerialNumber: syz [ 564.290641][ T5884] usb 5-1: config 0 descriptor?? [ 564.579900][ T5884] usb 5-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 564.697883][ T5884] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 564.711662][ T5884] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 564.725483][ T5884] usb 5-1: media controller created [ 564.880568][ T5884] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 565.289501][ T8914] loop0: detected capacity change from 0 to 512 [ 565.411682][ T5884] i2c i2c-1: ec100: i2c rd failed=-71 reg=33 [ 565.485633][ T8914] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 565.517558][ T8914] EXT4-fs (loop0): orphan cleanup on readonly fs [ 565.606447][ T8914] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 565.616059][ T8914] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 565.626655][ T8914] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1159: Failed to acquire dquot type 1 [ 565.871192][ T8914] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1159: bg 0: block 40: padding at end of block bitmap is not set [ 565.953390][ T8914] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 566.065814][ T8914] EXT4-fs (loop0): 1 truncate cleaned up [ 566.076195][ T8914] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 566.279544][ T8928] loop1: detected capacity change from 0 to 256 [ 566.376531][ T8928] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 566.387963][ T8928] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 566.579213][ T5884] usb 5-1: USB disconnect, device number 9 [ 566.767554][ T8928] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 566.987885][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 567.802177][ T8939] loop0: detected capacity change from 0 to 1024 [ 567.910068][ T8939] EXT4-fs: Ignoring removed oldalloc option [ 567.918090][ T8939] EXT4-fs: Ignoring removed bh option [ 568.280744][ T8939] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 568.454261][ T30] audit: type=1804 audit(1757076767.565:38): pid=8939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1165" name="/newroot/247/file1/file1" dev="loop0" ino=15 res=1 errno=0 [ 568.876668][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 569.863479][ T4414] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 569.871516][ T4414] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 570.168018][ T4173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 570.177157][ T4173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 570.923406][ T8966] loop7: detected capacity change from 0 to 512 [ 571.833048][ T8974] netlink: 72 bytes leftover after parsing attributes in process `syz.6.1177'. [ 574.742554][ T9001] loop4: detected capacity change from 0 to 16 [ 574.827530][ T9001] erofs (device loop4): mounted with root inode @ nid 36. [ 575.738181][ T9009] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 577.162332][ T9025] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1199'. [ 577.466907][ T30] audit: type=1326 audit(1757076776.565:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9019 comm="syz.4.1198" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e539 code=0x7fc00000 [ 578.114588][ T9031] loop1: detected capacity change from 0 to 512 [ 578.146487][ T9031] EXT4-fs: Ignoring removed orlov option [ 578.284787][ T9031] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1202: casefold flag without casefold feature [ 578.329478][ T9031] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1202: couldn't read orphan inode 15 (err -117) [ 578.478677][ T9031] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 579.247226][ T5813] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 579.682905][ T9049] Bluetooth: MGMT ver 1.23 [ 580.707067][ T9058] macvlan0: entered promiscuous mode [ 580.721396][ T9058] macvlan1: entered promiscuous mode [ 580.733160][ T9058] hsr1: entered promiscuous mode [ 580.924659][ T9061] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1215'. [ 582.596666][ T9080] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1224'. [ 584.081707][ T9096] loop4: detected capacity change from 0 to 512 [ 584.140207][ T9096] EXT4-fs: Ignoring removed orlov option [ 584.421374][ T9096] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 584.435217][ T9096] ext4 filesystem being mounted at /265/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 584.660979][ T9103] loop1: detected capacity change from 0 to 1024 [ 584.775390][ T9103] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 584.868771][ T9103] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 584.948008][ T9103] EXT4-fs (loop1): orphan cleanup on readonly fs [ 585.033907][ T9103] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.1234: Freeing blocks not in datazone - block = 0, count = 4096 [ 585.044761][ T9111] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1236'. [ 585.137125][ T9103] EXT4-fs (loop1): 1 orphan inode deleted [ 585.145622][ T9103] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 585.305679][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 585.845791][ T5813] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.234455][ T9118] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1240'. [ 586.264336][ T9118] vlan2: entered allmulticast mode [ 586.269706][ T9118] macvtap0: entered allmulticast mode [ 586.276278][ T9118] veth0_macvtap: entered allmulticast mode [ 588.639517][ T9147] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 590.697311][ T9154] loop1: detected capacity change from 0 to 8192 [ 591.612608][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 591.625411][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 592.950456][ T9176] input: syz0 as /devices/virtual/input/input10 [ 594.076259][ T9189] loop0: detected capacity change from 0 to 512 [ 594.133114][ T9189] EXT4-fs: Ignoring removed nomblk_io_submit option [ 594.172496][ T9189] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 594.276490][ T9189] EXT4-fs (loop0): 1 truncate cleaned up [ 594.288434][ T9189] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 594.868574][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 595.493718][ T9201] netlink: 'syz.0.1273': attribute type 2 has an invalid length. [ 595.916616][ T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 596.143113][ T9] usb 5-1: Using ep0 maxpacket: 32 [ 596.197964][ T9] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 596.208109][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 596.291709][ T9] usb 5-1: config 0 descriptor?? [ 596.386355][ T9] gspca_main: sunplus-2.14.0 probing 041e:400b [ 596.701204][ T9211] team0: Device gtp0 is of different type [ 597.201194][ T9] gspca_sunplus: reg_r err -71 [ 597.206849][ T9] sunplus 5-1:0.0: probe with driver sunplus failed with error -71 [ 597.227805][ T9214] loop7: detected capacity change from 0 to 2048 [ 597.315447][ T9] usb 5-1: USB disconnect, device number 10 [ 597.365638][ T9214] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 597.384367][ T9214] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 597.870453][ T9221] netlink: 360 bytes leftover after parsing attributes in process `syz.0.1283'. [ 598.280669][ T8642] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 598.660368][ T9224] netlink: 642 bytes leftover after parsing attributes in process `syz.4.1284'. [ 598.794254][ T9229] loop7: detected capacity change from 0 to 64 [ 599.722126][ T9234] loop4: detected capacity change from 0 to 512 [ 599.808932][ T9234] EXT4-fs: Ignoring removed orlov option [ 599.873697][ T9234] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 599.973208][ T9234] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 600.033528][ T9234] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1289: corrupted in-inode xattr: e_value size too large [ 600.147304][ T9234] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1289: couldn't read orphan inode 15 (err -117) [ 600.260930][ T9234] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 601.020418][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 602.763024][ T30] audit: type=1800 audit(1757076801.885:40): pid=9270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1302" name=0A dev="tmpfs" ino=177 res=0 errno=0 [ 603.545184][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.552215][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 603.798929][ T9277] loop7: detected capacity change from 0 to 1024 [ 603.973246][ T9277] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 605.004892][ T9289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1311'. [ 605.577464][ T5831] Bluetooth: hci4: command 0x0406 tx timeout [ 605.715989][ T9296] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1315'. [ 605.732619][ T9293] loop7: detected capacity change from 0 to 2048 [ 605.961580][ T9299] loop0: detected capacity change from 0 to 64 [ 606.606254][ T9292] loop6: detected capacity change from 0 to 4096 [ 607.286988][ T9292] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 607.857082][ T9292] ntfs3(loop6): Failed to read $UpCase (-4). [ 608.820532][ T9319] batman_adv: batadv0: Adding interface: ipvlan2 [ 608.827498][ T9319] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 608.858683][ T9319] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 608.871068][ T9319] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 608.881428][ T9319] batman_adv: batadv0: Interface activated: ipvlan2 [ 609.734258][ T9327] pimreg: tun_chr_ioctl cmd 35111 [ 609.816644][ T9330] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1329'. [ 612.053320][ T5884] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 612.231920][ T5884] usb 8-1: Using ep0 maxpacket: 8 [ 612.250344][ T5884] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 612.259318][ T5884] usb 8-1: config 179 has no interface number 0 [ 612.266031][ T5884] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 612.277691][ T5884] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 612.289712][ T5884] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 612.302370][ T5884] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 612.314963][ T5884] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 612.334332][ T5884] usb 8-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 612.344130][ T5884] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 612.751175][ T9348] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 613.375972][ T9348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 613.394415][ T9348] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 613.463356][ T5884] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 613.724038][ T5884] usb 7-1: Using ep0 maxpacket: 16 [ 613.805874][ T5884] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 613.820119][ T5884] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 613.923576][ T9] usb 8-1: USB disconnect, device number 2 [ 613.923838][ C1] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 613.939297][ C1] dummy_hcd dummy_hcd.7: timer fired with no URBs pending? [ 614.083899][ T5884] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 614.093875][ T5884] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 614.102428][ T5884] usb 7-1: Product: syz [ 614.107109][ T5884] usb 7-1: Manufacturer: syz [ 614.111938][ T5884] usb 7-1: SerialNumber: syz [ 614.135598][ T9360] loop0: detected capacity change from 0 to 2048 [ 614.264118][ T5884] usb 7-1: config 0 descriptor?? [ 614.365389][ T5884] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 614.379892][ T5884] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class) [ 614.490161][ T9360] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 614.680303][ T9364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1346'. [ 615.421855][ T5884] em28xx 7-1:0.0: chip ID is em2874 [ 615.911916][ T5884] usb 7-1: USB disconnect, device number 2 [ 615.944375][ T5884] em28xx 7-1:0.0: Disconnecting em28xx [ 616.084952][ T5884] em28xx 7-1:0.0: Freeing device [ 616.309339][ T9373] autofs: Bad value for 'fd' [ 617.427449][ T9384] loop4: detected capacity change from 0 to 128 [ 618.115620][ T9392] loop1: detected capacity change from 0 to 128 [ 619.432069][ T9402] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input11 [ 620.513515][ T9410] loop1: detected capacity change from 0 to 164 [ 620.610093][ T9410] rock: directory entry would overflow storage [ 620.616835][ T9410] rock: sig=0x66, size=4, remaining=3 [ 621.389292][ T9418] netlink: 'syz.6.1370': attribute type 10 has an invalid length. [ 621.487976][ T9419] netlink: 'syz.6.1370': attribute type 4 has an invalid length. [ 621.496876][ T9419] netlink: 152 bytes leftover after parsing attributes in process `syz.6.1370'. [ 621.643112][ T9418] bond0: (slave netdevsim3): Enslaving as an active interface with an up link [ 621.950077][ T9419] : renamed from bond0 (while UP) [ 622.309629][ T9425] loop7: detected capacity change from 0 to 512 [ 622.521498][ T9425] EXT4-fs (loop7): orphan cleanup on readonly fs [ 622.653191][ T9425] EXT4-fs error (device loop7): ext4_quota_enable:7128: comm syz.7.1373: inode #218103808: comm syz.7.1373: iget: illegal inode # [ 622.696537][ T9425] EXT4-fs error (device loop7): ext4_quota_enable:7131: comm syz.7.1373: Bad quota inode: 218103808, type: 2 [ 622.711299][ T9425] EXT4-fs warning (device loop7): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix. [ 622.749083][ T9430] loop0: detected capacity change from 0 to 256 [ 622.761558][ T9425] EXT4-fs (loop7): Cannot turn on quotas: error -117 [ 622.771581][ T9425] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 622.924475][ T9430] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 622.988633][ T9425] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended [ 623.031706][ T9430] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512 [ 623.042294][ T9430] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 623.050440][ T9430] UDF-fs: Scanning with blocksize 512 failed [ 623.138278][ T9425] EXT4-fs error (device loop7): ext4_quota_enable:7128: comm syz.7.1373: inode #218103808: comm syz.7.1373: iget: illegal inode # [ 623.258632][ T9430] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 623.263560][ T9425] EXT4-fs error (device loop7): ext4_quota_enable:7131: comm syz.7.1373: Bad quota inode: 218103808, type: 2 [ 623.375896][ T9430] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 623.475229][ T9425] EXT4-fs warning (device loop7): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix. [ 623.538619][ T9437] mmap: syz.4.1377 (9437) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 623.624181][ T9433] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended [ 623.809307][ T9433] EXT4-fs error (device loop7): ext4_quota_enable:7128: comm syz.7.1373: inode #218103808: comm syz.7.1373: iget: illegal inode # [ 623.913598][ T9433] EXT4-fs error (device loop7): ext4_quota_enable:7131: comm syz.7.1373: Bad quota inode: 218103808, type: 2 [ 624.020743][ T9433] EXT4-fs warning (device loop7): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix. [ 624.478480][ T9444] loop4: detected capacity change from 0 to 128 [ 624.571210][ T9444] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 624.765872][ T9444] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 625.037382][ T8642] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 625.467373][ T9450] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1383'. [ 625.477289][ T9450] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 625.492983][ T9450] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 625.578644][ T9450] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 625.587105][ T9450] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 626.101467][ T9458] loop4: detected capacity change from 0 to 512 [ 629.666787][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 629.894128][ T9499] loop1: detected capacity change from 0 to 128 [ 630.324236][ T9499] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 630.332358][ T9499] FAT-fs (loop1): Filesystem has been set read-only [ 630.342657][ T9499] syz.1.1404: attempt to access beyond end of device [ 630.342657][ T9499] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 630.365156][ T9499] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 630.375399][ T9499] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 630.532333][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 630.542601][ T9499] syz.1.1404: attempt to access beyond end of device [ 630.542601][ T9499] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 630.580507][ T30] audit: type=1800 audit(1757076829.695:41): pid=9499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1404" name="file2" dev="loop1" ino=1048689 res=0 errno=0 [ 631.521148][ T9510] loop0: detected capacity change from 0 to 1024 [ 632.327945][ T1091] hfsplus: b-tree write err: -5, ino 8 [ 632.788620][ T9504] loop4: detected capacity change from 0 to 8192 [ 633.990903][ T9531] loop7: detected capacity change from 0 to 256 [ 634.412490][ T9532] loop1: detected capacity change from 0 to 1764 [ 634.614622][ T9537] input: syz1 as /devices/virtual/input/input12 [ 634.647290][ T9531] FAT-fs (loop7): Directory bread(block 64) failed [ 634.659141][ T9531] FAT-fs (loop7): Directory bread(block 65) failed [ 634.669113][ T9531] FAT-fs (loop7): Directory bread(block 66) failed [ 634.676378][ T9531] FAT-fs (loop7): Directory bread(block 67) failed [ 634.683996][ T9531] FAT-fs (loop7): Directory bread(block 68) failed [ 634.690947][ T9531] FAT-fs (loop7): Directory bread(block 69) failed [ 634.698304][ T9531] FAT-fs (loop7): Directory bread(block 70) failed [ 634.705862][ T9531] FAT-fs (loop7): Directory bread(block 71) failed [ 634.713066][ T9531] FAT-fs (loop7): Directory bread(block 72) failed [ 634.719822][ T9531] FAT-fs (loop7): Directory bread(block 73) failed [ 634.936197][ T9531] syz.7.1418: attempt to access beyond end of device [ 634.936197][ T9531] loop7: rw=524288, sector=1256, nr_sectors = 4 limit=256 [ 634.950884][ T9531] syz.7.1418: attempt to access beyond end of device [ 634.950884][ T9531] loop7: rw=0, sector=1256, nr_sectors = 4 limit=256 [ 635.026694][ T30] audit: type=1800 audit(1757076834.105:42): pid=9531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.1418" name="file0" dev="loop7" ino=1048690 res=0 errno=0 [ 635.996647][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 636.237192][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 636.321866][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 636.336706][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 636.347865][ T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=0324, bcdDevice= 0.00 [ 636.358341][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 636.587680][ T9] usb 5-1: config 0 descriptor?? [ 637.012552][ T9556] overlayfs: failed lookup in lower (/, name='file0', err=-66): unsupported object type [ 637.168878][ T9] magicmouse 0003:05AC:0324.000E: item fetching failed at offset 3/5 [ 637.264396][ T9] magicmouse 0003:05AC:0324.000E: magicmouse hid parse failed [ 637.272662][ T9] magicmouse 0003:05AC:0324.000E: probe with driver magicmouse failed with error -22 [ 637.427598][ T5884] usb 5-1: USB disconnect, device number 11 [ 637.692416][ T9560] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1430'. [ 637.703671][ T9560] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1430'. [ 639.134266][ T9579] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1437'. [ 640.293289][ T9592] loop6: detected capacity change from 0 to 256 [ 643.227576][ T9619] loop4: detected capacity change from 0 to 1024 [ 643.290293][ T9619] EXT4-fs: Ignoring removed nobh option [ 643.296448][ T9619] EXT4-fs: Ignoring removed nobh option [ 643.539411][ T9619] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 644.122468][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 644.934375][ T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 645.006062][ T9634] loop1: detected capacity change from 0 to 2048 [ 645.133688][ T9634] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 645.143187][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 645.176727][ T9] usb 5-1: config 1 has an invalid interface number: 105 but max is 0 [ 645.185619][ T9] usb 5-1: config 1 has no interface number 0 [ 645.192056][ T9] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16 [ 645.211067][ T9] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64 [ 645.223946][ T9] usb 5-1: config 1 interface 105 has no altsetting 0 [ 645.266804][ T9] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 645.276592][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 645.285536][ T9] usb 5-1: Product: syz [ 645.289918][ T9] usb 5-1: Manufacturer: syz [ 645.298107][ T9] usb 5-1: SerialNumber: syz [ 645.421824][ T9639] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 645.477965][ T9639] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 645.575798][ T9638] loop7: detected capacity change from 0 to 4096 [ 645.683176][ T9638] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512). [ 646.028007][ T5813] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 646.148137][ T9639] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 646.180044][ T9639] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 646.674170][ T9] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 646.732013][ T9638] overlayfs: upper fs does not support tmpfile. [ 646.787731][ T9] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 646.827239][ T9] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71 [ 646.874031][ T9] aqc111 5-1:1.105 eth13: register 'aqc111' at usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 92:cb:dd:17:44:0c [ 646.948239][ T9638] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 647.010290][ T9] usb 5-1: USB disconnect, device number 12 [ 647.021441][ T9] aqc111 5-1:1.105 eth13: unregister 'aqc111' usb-dummy_hcd.4-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter [ 647.109501][ T9] aqc111 5-1:1.105 eth13 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 647.120667][ T9] aqc111 5-1:1.105 eth13 (unregistered): Failed to write(0x1) reg index 0x0002: -19 [ 647.134491][ T9] aqc111 5-1:1.105 eth13 (unregistered): Failed to write(0x61) reg index 0x0000: -19 [ 647.480940][ T9637] loop0: detected capacity change from 0 to 8192 [ 647.624526][ T8651] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 647.888869][ T8651] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 647.899490][ T8651] usb 7-1: New USB device found, idVendor=046d, idProduct=c287, bcdDevice= 0.00 [ 647.909112][ T8651] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 648.087527][ T8651] usb 7-1: config 0 descriptor?? [ 648.796651][ T4241] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 648.865246][ T9658] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1469'. [ 649.020983][ T8651] logitech 0003:046D:C287.000F: hidraw0: USB HID v0.00 Device [HID 046d:c287] on usb-dummy_hcd.6-1/input0 [ 649.036190][ T8651] logitech 0003:046D:C287.000F: no inputs found [ 649.170039][ T4241] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 649.431587][ T8651] usb 7-1: USB disconnect, device number 3 [ 649.641054][ T4241] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 649.924910][ T4241] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 650.547664][ T4241] bridge_slave_1: left allmulticast mode [ 650.557268][ T4241] bridge_slave_1: left promiscuous mode [ 650.564370][ T4241] bridge0: port 2(bridge_slave_1) entered disabled state [ 650.694341][ T4241] bridge_slave_0: left allmulticast mode [ 650.700344][ T4241] bridge_slave_0: left promiscuous mode [ 650.711021][ T4241] bridge0: port 1(bridge_slave_0) entered disabled state [ 650.717842][ T9661] fido_id[9661]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 650.811942][ T4241] batman_adv: batadv0: Interface deactivated: gretap1 [ 651.298278][ T4241] batman_adv: batadv0: Removing interface: gretap1 [ 651.564043][ T4241] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 651.586439][ T4241] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 651.612473][ T4241] bond0 (unregistering): Released all slaves [ 651.905258][ T4241] IPVS: stopping backup sync thread 7778 ... [ 651.921257][ T4241] IPVS: stopping backup sync thread 7776 ... [ 651.954505][ T4241] IPVS: stopping backup sync thread 7775 ... [ 651.977080][ T4241] IPVS: stopping backup sync thread 7772 ... [ 652.530055][ T4241] macvlan0: left promiscuous mode [ 652.548629][ T4241] macvlan1: left promiscuous mode [ 652.685121][ T4241] hsr_slave_0: left promiscuous mode [ 652.703312][ T4241] hsr_slave_1: left promiscuous mode [ 652.711810][ T4241] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 652.747672][ T4241] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 652.756079][ T4241] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 652.833697][ T4241] veth1_macvtap: left promiscuous mode [ 652.839500][ T4241] veth0_macvtap: left promiscuous mode [ 652.846069][ T4241] veth1_vlan: left promiscuous mode [ 652.851753][ T4241] veth0_vlan: left promiscuous mode [ 653.623164][ C0] hrtimer: interrupt took 517058 ns [ 654.374210][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 654.394389][ T4241] team0 (unregistering): Port device team_slave_1 removed [ 654.529471][ T9675] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 654.545410][ T9675] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 654.547036][ T4241] team0 (unregistering): Port device team_slave_0 removed [ 654.616814][ T9675] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 654.639654][ T9675] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 656.323957][ T9683] macvtap1: entered allmulticast mode [ 656.329681][ T9683] veth0_macvtap: entered allmulticast mode [ 656.700793][ T9675] Bluetooth: hci0: command tx timeout [ 656.984435][ T9673] chnl_net:caif_netlink_parms(): no params data found [ 657.516577][ T9697] loop4: detected capacity change from 0 to 512 [ 657.673902][ T9697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 657.687236][ T9697] ext4 filesystem being mounted at /318/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 658.384256][ T9709] mac80211_hwsim hwsim17 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 658.803133][ T9675] Bluetooth: hci0: command tx timeout [ 658.926812][ T9673] bridge0: port 1(bridge_slave_0) entered blocking state [ 658.935696][ T9673] bridge0: port 1(bridge_slave_0) entered disabled state [ 658.943894][ T9673] bridge_slave_0: entered allmulticast mode [ 658.954052][ T9673] bridge_slave_0: entered promiscuous mode [ 658.961715][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 659.062131][ T9673] bridge0: port 2(bridge_slave_1) entered blocking state [ 659.070526][ T9673] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.078613][ T9673] bridge_slave_1: entered allmulticast mode [ 659.089007][ T9673] bridge_slave_1: entered promiscuous mode [ 659.590318][ T9714] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1492'. [ 659.631613][ T9673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 659.724352][ T9718] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1489'. [ 659.846749][ T9673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 660.376118][ T9673] team0: Port device team_slave_0 added [ 660.468268][ T9673] team0: Port device team_slave_1 added [ 660.533790][ T4414] wlan1: Trigger new scan to find an IBSS to join [ 660.854091][ T9675] Bluetooth: hci0: command tx timeout [ 660.965628][ T9673] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 660.976945][ T9673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.004852][ T9673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 661.060665][ T9673] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 661.068459][ T9673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 661.098752][ T9673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 661.419373][ T9673] hsr_slave_0: entered promiscuous mode [ 661.431788][ T9673] hsr_slave_1: entered promiscuous mode [ 661.441445][ T9673] debugfs: 'hsr0' already exists in 'hsr' [ 661.447714][ T9673] Cannot create hsr debugfs directory [ 662.131811][ T9737] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 662.141772][ T9737] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 662.153589][ T9737] overlayfs: failed to get uuid (322/file0, err=-13); falling back to uuid=null. [ 662.933772][ T9675] Bluetooth: hci0: command tx timeout [ 663.284630][ T9673] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 663.390565][ T9673] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 663.499616][ T9673] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 663.596496][ T9673] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 663.927674][ T9750] loop4: detected capacity change from 0 to 2048 [ 664.148388][ T9750] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 664.537483][ T751] wlan1: Trigger new scan to find an IBSS to join [ 664.600434][ T9750] UDF-fs: warning (device loop4): udf_truncate_tail_extent: Too long extent after EOF in inode 1415: i_size: 67407872 lbcount: 67411968 extent 129+26624 [ 664.993515][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 665.000340][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 665.461795][ T9673] 8021q: adding VLAN 0 to HW filter on device bond0 [ 665.568299][ T9763] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1512'. [ 665.771464][ T3723] wlan1: Creating new IBSS network, BSSID 9e:49:d8:c0:2b:a1 [ 665.816169][ T9673] 8021q: adding VLAN 0 to HW filter on device team0 [ 665.946727][ T4173] bridge0: port 1(bridge_slave_0) entered blocking state [ 665.954611][ T4173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 666.133660][ T4173] bridge0: port 2(bridge_slave_1) entered blocking state [ 666.141303][ T4173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 667.733507][ T9784] loop7: detected capacity change from 0 to 512 [ 667.781260][ T9786] ip6gretap1: entered promiscuous mode [ 667.787238][ T9786] ip6gretap1: entered allmulticast mode [ 668.028897][ T9784] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.1519: casefold flag without casefold feature [ 668.135328][ T9784] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.1519: couldn't read orphan inode 15 (err -117) [ 668.230077][ T9784] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 669.039858][ T9673] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 669.110238][ T8642] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 671.575199][ T5882] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 671.822277][ T5882] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 671.837753][ T5882] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 671.923485][ T5882] usb 7-1: config 0 descriptor?? [ 671.981260][ T5882] cp210x 7-1:0.0: cp210x converter detected [ 672.424433][ T5882] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 672.528923][ T9836] loop7: detected capacity change from 0 to 1024 [ 672.538502][ T5882] usb 7-1: cp210x converter now attached to ttyUSB0 [ 672.701918][ T1727] usb 7-1: USB disconnect, device number 4 [ 672.829349][ T1727] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 672.968211][ T1727] cp210x 7-1:0.0: device disconnected [ 673.320932][ T9673] veth0_vlan: entered promiscuous mode [ 673.531733][ T9673] veth1_vlan: entered promiscuous mode [ 674.132917][ T9673] veth0_macvtap: entered promiscuous mode [ 674.241876][ T9673] veth1_macvtap: entered promiscuous mode [ 674.424939][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 674.613820][ T9673] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 674.762166][ T9673] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 674.883855][ T4558] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.953406][ T4414] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.966233][ T4558] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.991537][ T4558] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.417545][ T9858] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1547'. [ 676.284398][ T9865] netlink: 'syz.6.1549': attribute type 83 has an invalid length. [ 677.426710][ T9875] loop4: detected capacity change from 0 to 1024 [ 678.554862][ T9890] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1559'. [ 679.200843][ T9896] netlink: 112 bytes leftover after parsing attributes in process `syz.6.1561'. [ 682.539971][ T9933] loop4: detected capacity change from 0 to 1024 [ 683.054776][ T9933] hfsplus: catalog searching failed [ 683.540251][ T3723] hfsplus: b-tree write err: -5, ino 3 [ 683.746814][ T9946] netlink: 'syz.6.1580': attribute type 9 has an invalid length. [ 683.755060][ T9946] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1580'. [ 683.785272][ T9946] hsr0: entered promiscuous mode [ 683.790955][ T9946] macvlan2: entered promiscuous mode [ 683.798235][ T9946] macvlan2: entered allmulticast mode [ 683.808644][ T9946] hsr0: entered allmulticast mode [ 683.815174][ T9946] hsr_slave_0: entered allmulticast mode [ 683.821239][ T9946] hsr_slave_1: entered allmulticast mode [ 684.591856][ T9950] loop4: detected capacity change from 0 to 2048 [ 684.779705][ T9950] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 684.951872][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 684.963893][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 685.157218][ T9957] sp0: Synchronizing with TNC [ 685.166570][ T4414] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 685.178214][ T4414] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 686.349834][ T9967] netlink: 'syz.4.1588': attribute type 1 has an invalid length. [ 688.518341][ T9990] loop7: detected capacity change from 0 to 512 [ 688.576736][ T9990] EXT4-fs: Ignoring removed i_version option [ 688.605289][ T9990] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 688.835403][ T9990] EXT4-fs (loop7): 1 truncate cleaned up [ 688.903987][ T9990] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 689.821607][ T8642] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 692.894908][T10031] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1615'. [ 693.702472][T10046] loop6: detected capacity change from 0 to 164 [ 693.827687][T10046] rock: directory entry would overflow storage [ 693.834289][T10046] rock: sig=0x66, size=4, remaining=3 [ 694.077149][T10046] rock: directory entry would overflow storage [ 694.083922][T10046] rock: sig=0x66, size=4, remaining=3 [ 695.343045][ T5882] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 695.606461][ T5882] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 695.618502][ T5882] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 695.628916][ T5882] usb 9-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 695.638390][ T5882] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 695.804551][ T5882] usb 9-1: config 0 descriptor?? [ 696.880625][ T5882] hid-led 0003:27B8:01ED.0010: probe with driver hid-led failed with error -71 [ 696.936301][ T42] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 696.974090][ T5882] usb 9-1: USB disconnect, device number 2 [ 697.143172][ T42] usb 5-1: Using ep0 maxpacket: 8 [ 697.237546][ T42] usb 5-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab [ 697.247337][ T42] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 697.256393][ T42] usb 5-1: Product: syz [ 697.260825][ T42] usb 5-1: Manufacturer: syz [ 697.266408][ T42] usb 5-1: SerialNumber: syz [ 697.384937][ T42] usb 5-1: config 0 descriptor?? [ 698.175018][ T42] usb 5-1: USB disconnect, device number 13 [ 698.238199][T10086] tmpfs: Unknown parameter '‹' [ 698.586705][ T6066] udevd[6066]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 698.869780][ T4173] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 699.161627][T10092] netlink: 'syz.4.1646': attribute type 4 has an invalid length. [ 699.176054][T10092] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1646'. [ 699.190728][T10092] NCSI netlink: No device for ifindex 6906736 [ 699.202979][T10093] netlink: 64 bytes leftover after parsing attributes in process `syz.8.1645'. [ 700.879762][T10106] loop4: detected capacity change from 0 to 64 [ 701.034643][ T30] audit: type=1800 audit(1757076900.155:43): pid=10106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1652" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 704.730039][T10154] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1674'. [ 704.959408][T10146] loop7: detected capacity change from 0 to 4096 [ 705.990400][T10164] 8021q: adding VLAN 0 to HW filter on device bond1 [ 706.007602][T10164] bond0: (slave bond1): Enslaving as an active interface with an up link [ 707.392273][T10179] loop8: detected capacity change from 0 to 256 [ 707.629973][T10179] exFAT-fs (loop8): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 707.644083][T10179] exFAT-fs (loop8): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 708.806022][T10190] block nbd0: Attempted send on invalid socket [ 708.812434][T10190] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1 [ 709.467114][T10198] loop8: detected capacity change from 0 to 128 [ 709.560517][T10198] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256 [ 709.684055][T10198] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 710.240786][T10202] netlink: 136 bytes leftover after parsing attributes in process `syz.4.1694'. [ 710.250308][T10202] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 710.582231][T10204] loop6: detected capacity change from 0 to 256 [ 710.783722][T10204] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d) [ 710.866131][T10204] exFAT-fs (loop6): valid_size(150994954) is greater than size(10) [ 710.889544][ T30] audit: type=1800 audit(1757076910.005:44): pid=10204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1695" name="file1" dev="loop6" ino=1048697 res=0 errno=0 [ 712.452231][T10222] loop7: detected capacity change from 0 to 1024 [ 712.490614][T10222] EXT4-fs: Ignoring removed nobh option [ 712.497372][T10222] EXT4-fs: Ignoring removed bh option [ 712.676333][T10222] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 712.921459][T10227] loop6: detected capacity change from 0 to 256 [ 713.061608][T10227] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 713.072986][T10227] exFAT-fs (loop6): Medium has reported failures. Some data may be lost. [ 713.104323][T10229] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1705'. [ 713.429609][T10227] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 713.559391][ T8642] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 715.100588][T10246] netlink: 'syz.8.1712': attribute type 2 has an invalid length. [ 715.109092][T10246] netlink: 'syz.8.1712': attribute type 1 has an invalid length. [ 715.117789][T10246] netlink: 193500 bytes leftover after parsing attributes in process `syz.8.1712'. [ 715.130764][T10246] nbd: couldn't find device at index 16 [ 717.953699][T10281] loop7: detected capacity change from 0 to 16 [ 718.059030][T10281] erofs (device loop7): mounted with root inode @ nid 36. [ 719.973849][T10302] loop7: detected capacity change from 0 to 512 [ 720.116886][T10302] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2 [ 720.129486][T10302] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.1739: invalid indirect mapped block 2683928664 (level 1) [ 720.213960][T10302] EXT4-fs (loop7): Remounting filesystem read-only [ 720.215860][T10302] EXT4-fs (loop7): 1 truncate cleaned up [ 720.218555][T10302] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 720.786082][ T9356] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 720.996238][ T8642] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 721.055343][ T9356] usb 5-1: Using ep0 maxpacket: 16 [ 721.124970][ T9356] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 721.133632][ T9356] usb 5-1: config 0 has no interface number 0 [ 721.139964][ T9356] usb 5-1: config 0 interface 8 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 721.318150][ T9356] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 721.327972][ T9356] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 721.336637][ T9356] usb 5-1: Product: syz [ 721.341478][ T9356] usb 5-1: SerialNumber: syz [ 721.537147][ T9356] usb 5-1: config 0 descriptor?? [ 721.663904][ T9356] usbhid 5-1:0.8: couldn't find an input interrupt endpoint [ 721.889425][ T42] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 722.174906][ T42] usb 8-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 722.175093][ T42] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 722.202415][ T42] usb 8-1: config 0 descriptor?? [ 722.544060][ T42] udl 8-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 722.876293][ T42] [drm] Initialized udl 0.0.1 for 8-1:0.0 on minor 2 [ 722.883724][ T42] [drm] Initialized udl on minor 2 [ 723.247502][ T42] udl 8-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9 [ 723.258222][ T42] udl 8-1:0.0: [drm] Cannot find any crtc or sizes [ 723.283865][ T9356] udl 8-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 723.361696][ T9356] udl 8-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 723.370760][ T9356] udl 8-1:0.0: [drm] Cannot find any crtc or sizes [ 723.471827][ T42] usb 8-1: USB disconnect, device number 3 [ 723.868892][ T1727] usb 5-1: USB disconnect, device number 14 [ 726.397501][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 726.406933][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 726.482437][T10358] netlink: 'syz.7.1765': attribute type 10 has an invalid length. [ 726.540733][T10358] team0: Port device netdevsim3 added [ 727.268938][T10367] loop0: detected capacity change from 0 to 1024 [ 727.433172][T10367] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 728.466634][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.066147][ T30] audit: type=1326 audit(1757076929.185:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.6.1779" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 730.243864][ T30] audit: type=1326 audit(1757076929.265:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.6.1779" exe="/root/syz-executor" sig=0 arch=40000003 syscall=276 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 730.267063][ T30] audit: type=1326 audit(1757076929.265:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.6.1779" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 730.289978][ T30] audit: type=1326 audit(1757076929.265:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10393 comm="syz.6.1779" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1539 code=0x7ffc0000 [ 730.853393][ T4173] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 733.097006][T10431] loop7: detected capacity change from 0 to 512 [ 733.151227][T10431] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 733.435593][T10438] sch_tbf: burst 0 is lower than device veth1 mtu (1514) ! [ 738.915988][T10497] loop8: detected capacity change from 0 to 512 [ 738.940821][T10497] EXT4-fs: Ignoring removed nomblk_io_submit option [ 738.983755][T10497] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 739.065114][T10497] EXT4-fs (loop8): 1 truncate cleaned up [ 739.075764][T10497] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 739.804044][ T9673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 739.849365][T10510] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1830'. [ 739.954470][T10510] netlink: 100 bytes leftover after parsing attributes in process `syz.6.1830'. [ 739.967400][T10510] netlink: 100 bytes leftover after parsing attributes in process `syz.6.1830'. [ 742.085194][T10540] loop0: detected capacity change from 0 to 8 [ 742.323330][T10540] SQUASHFS error: Unable to read directory block [249:c] [ 744.059800][ T9675] Bluetooth: hci0: command tx timeout [ 747.891605][T10594] loop4: detected capacity change from 0 to 128 [ 749.141831][T10608] loop0: detected capacity change from 0 to 128 [ 749.343380][ T30] audit: type=1800 audit(1757076948.465:49): pid=10608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1876" name="file1" dev="loop0" ino=1048699 res=0 errno=0 [ 749.939729][T10608] syz.0.1876: attempt to access beyond end of device [ 749.939729][T10608] loop0: rw=2049, sector=129, nr_sectors = 1 limit=128 [ 749.956631][T10608] Buffer I/O error on dev loop0, logical block 129, lost async page write [ 749.966642][T10608] syz.0.1876: attempt to access beyond end of device [ 749.966642][T10608] loop0: rw=2049, sector=130, nr_sectors = 1 limit=128 [ 749.980552][T10608] Buffer I/O error on dev loop0, logical block 130, lost async page write [ 749.990233][T10608] syz.0.1876: attempt to access beyond end of device [ 749.990233][T10608] loop0: rw=2049, sector=139, nr_sectors = 1 limit=128 [ 750.004493][T10608] Buffer I/O error on dev loop0, logical block 139, lost async page write [ 750.013482][T10608] syz.0.1876: attempt to access beyond end of device [ 750.013482][T10608] loop0: rw=2049, sector=140, nr_sectors = 1 limit=128 [ 750.027934][T10608] Buffer I/O error on dev loop0, logical block 140, lost async page write [ 750.036871][T10608] syz.0.1876: attempt to access beyond end of device [ 750.036871][T10608] loop0: rw=2049, sector=141, nr_sectors = 1 limit=128 [ 750.050779][T10608] Buffer I/O error on dev loop0, logical block 141, lost async page write [ 750.062469][T10608] syz.0.1876: attempt to access beyond end of device [ 750.062469][T10608] loop0: rw=2049, sector=142, nr_sectors = 1 limit=128 [ 750.077596][T10608] Buffer I/O error on dev loop0, logical block 142, lost async page write [ 750.086608][T10608] syz.0.1876: attempt to access beyond end of device [ 750.086608][T10608] loop0: rw=2049, sector=143, nr_sectors = 1 limit=128 [ 750.100444][T10608] Buffer I/O error on dev loop0, logical block 143, lost async page write [ 750.109471][T10608] syz.0.1876: attempt to access beyond end of device [ 750.109471][T10608] loop0: rw=2049, sector=144, nr_sectors = 1 limit=128 [ 750.123620][T10608] Buffer I/O error on dev loop0, logical block 144, lost async page write [ 750.132401][T10608] syz.0.1876: attempt to access beyond end of device [ 750.132401][T10608] loop0: rw=2049, sector=147, nr_sectors = 1 limit=128 [ 750.146580][T10608] Buffer I/O error on dev loop0, logical block 147, lost async page write [ 750.155553][T10608] syz.0.1876: attempt to access beyond end of device [ 750.155553][T10608] loop0: rw=2049, sector=148, nr_sectors = 1 limit=128 [ 750.171750][T10608] Buffer I/O error on dev loop0, logical block 148, lost async page write [ 751.757910][T10636] team_slave_0: entered promiscuous mode [ 751.764064][T10636] team_slave_1: entered promiscuous mode [ 751.778351][T10636] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 754.603224][T10668] loop7: detected capacity change from 0 to 16 [ 755.400473][T10673] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1905'. [ 755.496478][T10675] loop0: detected capacity change from 0 to 256 [ 756.082386][T10675] FAT-fs (loop0): Directory bread(block 64) failed [ 756.089430][T10675] FAT-fs (loop0): Directory bread(block 65) failed [ 756.096769][T10675] FAT-fs (loop0): Directory bread(block 66) failed [ 756.106137][T10675] FAT-fs (loop0): Directory bread(block 67) failed [ 756.114190][T10675] FAT-fs (loop0): Directory bread(block 68) failed [ 756.121067][T10675] FAT-fs (loop0): Directory bread(block 69) failed [ 756.128243][T10675] FAT-fs (loop0): Directory bread(block 70) failed [ 756.135151][T10675] FAT-fs (loop0): Directory bread(block 71) failed [ 756.142092][T10675] FAT-fs (loop0): Directory bread(block 72) failed [ 756.149255][T10675] FAT-fs (loop0): Directory bread(block 73) failed [ 756.428695][T10675] tipc: Started in network mode [ 756.435652][T10675] tipc: Node identity 2d5369eaa0c16077002e, cluster identity 5 [ 757.391433][T10690] loop8: detected capacity change from 0 to 512 [ 757.477073][T10690] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 757.891915][T10698] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1918'. [ 758.616051][T10703] Bluetooth: MGMT ver 1.23 [ 761.384862][T10736] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1933'. [ 761.476704][T10738] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1933'. [ 762.178766][ T30] audit: type=1800 audit(1757076961.285:50): pid=10742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.1937" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 762.490024][T10749] block device autoloading is deprecated and will be removed. [ 762.877167][ T3571] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 763.336655][ T4414] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 763.413746][ T3723] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 763.503615][ T3723] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 763.556506][ T3723] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 764.167631][T10768] loop0: detected capacity change from 0 to 256 [ 764.354079][T10773] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 765.460559][T10781] loop0: detected capacity change from 0 to 512 [ 765.739575][T10781] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 765.753560][T10781] ext4 filesystem being mounted at /417/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 766.073016][ T30] audit: type=1800 audit(1757076965.185:51): pid=10781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1954" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 766.509989][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 767.080258][T10796] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1959'. [ 769.777158][T10829] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1974'. [ 769.845943][T10830] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1974'. [ 770.469975][T10838] veth0_to_bridge: entered promiscuous mode [ 770.529454][T10836] veth0_to_bridge: left promiscuous mode [ 770.548247][T10837] loop4: detected capacity change from 0 to 764 [ 770.744969][T10837] rock: directory entry would overflow storage [ 770.751647][T10837] rock: sig=0x4f50, size=4, remaining=3 [ 770.758700][T10837] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 771.084656][ T42] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 771.303076][ T42] usb 9-1: Using ep0 maxpacket: 32 [ 771.336462][ T42] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 771.347498][ T42] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 771.361113][ T42] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 771.371991][ T42] usb 9-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 771.385513][ T42] usb 9-1: config 0 interface 0 has no altsetting 0 [ 771.392447][ T42] usb 9-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 771.401950][ T42] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 771.467872][ T42] usb 9-1: config 0 descriptor?? [ 771.950895][ T42] hid-thrustmaster 0003:044F:B65D.0011: unknown main item tag 0x0 [ 771.959490][ T42] hid-thrustmaster 0003:044F:B65D.0011: unknown main item tag 0x0 [ 771.968468][ T42] hid-thrustmaster 0003:044F:B65D.0011: unknown main item tag 0x0 [ 771.980119][ T42] hid-thrustmaster 0003:044F:B65D.0011: unknown main item tag 0x0 [ 771.989409][ T42] hid-thrustmaster 0003:044F:B65D.0011: unknown main item tag 0x0 [ 772.319149][ T42] hid-thrustmaster 0003:044F:B65D.0011: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.8-1/input0 [ 772.332967][ T42] hid-thrustmaster 0003:044F:B65D.0011: Wrong number of endpoints? [ 772.357277][ C1] hid-thrustmaster 0003:044F:B65D.0011: Unknown packet type 0x0, unable to proceed further with wheel init [ 772.624783][ T42] usb 9-1: USB disconnect, device number 3 [ 773.449125][T10858] fido_id[10858]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 774.619621][T10876] loop6: detected capacity change from 0 to 128 [ 774.859155][T10876] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100) [ 774.863200][ T30] audit: type=1800 audit(1757076973.965:52): pid=10876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1993" name="file2" dev="loop6" ino=1048700 res=0 errno=0 [ 774.868948][T10876] FAT-fs (loop6): Filesystem has been set read-only [ 774.898775][T10876] bio_check_eod: 17 callbacks suppressed [ 774.898862][T10876] syz.6.1993: attempt to access beyond end of device [ 774.898862][T10876] loop6: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 774.922188][T10876] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100) [ 774.930898][T10876] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000100) [ 775.039605][T10876] syz.6.1993: attempt to access beyond end of device [ 775.039605][T10876] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 775.090878][T10882] Attempt to restore checkpoint with obsolete wellknown handles [ 775.131131][T10875] syz.6.1993: attempt to access beyond end of device [ 775.131131][T10875] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 775.157990][T10875] syz.6.1993: attempt to access beyond end of device [ 775.157990][T10875] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 775.171982][T10875] syz.6.1993: attempt to access beyond end of device [ 775.171982][T10875] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 775.203089][T10876] syz.6.1993: attempt to access beyond end of device [ 775.203089][T10876] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 775.299433][T10876] syz.6.1993: attempt to access beyond end of device [ 775.299433][T10876] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 775.415084][T10876] syz.6.1993: attempt to access beyond end of device [ 775.415084][T10876] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 775.530479][T10876] syz.6.1993: attempt to access beyond end of device [ 775.530479][T10876] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 775.659329][T10884] syz.6.1993: attempt to access beyond end of device [ 775.659329][T10884] loop6: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 776.610803][ T1727] IPVS: starting estimator thread 0... [ 776.713692][T10901] IPVS: using max 192 ests per chain, 9600 per kthread [ 778.377012][T10919] vivid-001: disconnect [ 778.408560][T10919] vivid-001: reconnect [ 778.485831][T10921] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 778.623658][T10920] syz.6.2013 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 778.905053][T10923] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2014'. [ 778.906810][T10925] loop4: detected capacity change from 0 to 64 [ 779.197985][T10925] Trying to free block not in datazone [ 779.369515][T10930] loop0: detected capacity change from 0 to 512 [ 779.678120][T10930] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.2016: iget: bad i_size value: 360287970189639690 [ 779.733426][T10930] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2016: couldn't read orphan inode 15 (err -117) [ 779.796234][T10930] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 779.810017][T10930] ext4 filesystem being mounted at /428/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 780.066774][T10930] EXT4-fs error (device loop0): ext4_add_entry:2417: inode #2: comm syz.0.2016: Directory hole found for htree leaf block 0 [ 780.837161][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 781.439095][T10954] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2028'. [ 781.483198][ T42] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 781.673447][ T42] usb 8-1: Using ep0 maxpacket: 16 [ 781.753921][ T42] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 781.766015][ T42] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 781.779569][ T42] usb 8-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00 [ 781.789099][ T42] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 781.994775][ T42] usb 8-1: config 0 descriptor?? [ 782.688167][ T42] playstation 0003:054C:0DF2.0012: hidraw0: USB HID v0.09 Device [HID 054c:0df2] on usb-dummy_hcd.7-1/input0 [ 782.915482][ T42] playstation 0003:054C:0DF2.0012: Invalid reportID received, expected 9 got 0 [ 782.926927][ T42] playstation 0003:054C:0DF2.0012: Failed to retrieve DualSense pairing info: -22 [ 782.940446][ T42] playstation 0003:054C:0DF2.0012: Failed to get MAC address from DualSense [ 782.950359][ T42] playstation 0003:054C:0DF2.0012: Failed to create dualsense. [ 783.005203][ T42] playstation 0003:054C:0DF2.0012: probe with driver playstation failed with error -22 [ 783.176189][ T42] usb 8-1: USB disconnect, device number 4 [ 784.479651][T10972] fido_id[10972]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory [ 784.716159][T10980] loop7: detected capacity change from 0 to 1024 [ 784.783849][T10980] hfsplus: Unknown parameter 'decomzose' [ 786.810966][T11002] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2051'. [ 786.893942][T11002] netlink: 173 bytes leftover after parsing attributes in process `syz.0.2051'. [ 787.844345][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 787.851286][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 788.555642][T11018] netlink: 44 bytes leftover after parsing attributes in process `syz.8.2057'. [ 792.196677][T11055] loop8: detected capacity change from 0 to 2048 [ 792.330876][T11055] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found [ 792.343672][T11055] UDF-fs: Scanning with blocksize 512 failed [ 792.467075][T11055] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 793.338418][T11072] loop6: detected capacity change from 0 to 128 [ 794.866903][ T1091] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 795.661285][T11106] loop7: detected capacity change from 0 to 256 [ 795.748999][T11106] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 795.760495][T11106] exFAT-fs (loop7): Medium has reported failures. Some data may be lost. [ 795.949012][T11106] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 796.977345][T11126] loop7: detected capacity change from 0 to 1024 [ 797.069997][T11126] EXT4-fs: Ignoring removed nobh option [ 797.289334][T11126] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 797.535190][T11136] ipvlan2: entered promiscuous mode [ 797.549697][T11136] bridge0: port 3(ipvlan2) entered blocking state [ 797.556929][T11136] bridge0: port 3(ipvlan2) entered disabled state [ 797.564361][T11136] ipvlan2: entered allmulticast mode [ 797.573702][T11136] gretap0: entered allmulticast mode [ 797.581915][T11136] ipvlan2: left allmulticast mode [ 797.589329][T11136] gretap0: left allmulticast mode [ 797.837156][ T8642] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 797.919760][T11139] loop0: detected capacity change from 0 to 512 [ 797.942039][T11139] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 798.110500][T11142] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2112'. [ 798.271076][T11139] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 798.288186][T11139] ext4 filesystem being mounted at /448/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 798.410527][ T30] audit: type=1326 audit(1757076998.541:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.7.2113" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 798.434723][ T30] audit: type=1326 audit(1757076998.541:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.7.2113" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 798.538018][T11133] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 798.587465][ T30] audit: type=1326 audit(1757076998.601:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.7.2113" exe="/root/syz-executor" sig=0 arch=40000003 syscall=141 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 798.609981][ C0] vkms_vblank_simulate: vblank timer overrun [ 798.628430][ T30] audit: type=1326 audit(1757076998.601:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.7.2113" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 798.651170][ T30] audit: type=1326 audit(1757076998.601:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.7.2113" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 798.960042][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 800.680230][ T9356] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 800.864393][ T9356] usb 5-1: Using ep0 maxpacket: 16 [ 800.906343][ T9356] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 800.918701][ T9356] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 800.959387][ T9356] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 800.969278][ T9356] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 800.977738][ T9356] usb 5-1: Product: syz [ 800.982323][ T9356] usb 5-1: Manufacturer: syz [ 800.987765][ T9356] usb 5-1: SerialNumber: syz [ 801.023029][ T9356] usb 5-1: config 0 descriptor?? [ 801.079175][ T9356] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 801.089196][ T9356] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 801.748133][ T42] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 801.758763][ T9356] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 801.779281][T11193] netlink: 'syz.6.2134': attribute type 40 has an invalid length. [ 801.953515][ T42] usb 9-1: Using ep0 maxpacket: 32 [ 801.960204][ T9356] em28xx 5-1:0.0: Config register raw data: 0xfffffffb [ 802.004616][ T9356] em28xx 5-1:0.0: AC97 chip type couldn't be determined [ 802.012001][ T9356] em28xx 5-1:0.0: No AC97 audio processor [ 802.023671][ T42] usb 9-1: config 0 has an invalid interface number: 184 but max is 0 [ 802.032381][ T42] usb 9-1: config 0 has no interface number 0 [ 802.038869][ T42] usb 9-1: config 0 interface 184 has no altsetting 0 [ 802.086623][ T9356] usb 5-1: USB disconnect, device number 15 [ 802.094825][ T9356] em28xx 5-1:0.0: Disconnecting em28xx [ 802.108923][ T9356] em28xx 5-1:0.0: Freeing device [ 802.123572][ T42] usb 9-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 802.133342][ T42] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 802.141765][ T42] usb 9-1: Product: syz [ 802.147421][ T42] usb 9-1: Manufacturer: syz [ 802.152250][ T42] usb 9-1: SerialNumber: syz [ 802.254657][ T42] usb 9-1: config 0 descriptor?? [ 802.276311][ T42] smsc75xx v1.0.0 [ 802.445253][T11197] netlink: 'syz.0.2136': attribute type 1 has an invalid length. [ 802.454072][T11197] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2136'. [ 802.470398][T11197] block nbd0: shutting down sockets [ 803.139865][ T42] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71 [ 803.151251][ T42] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 803.238988][ T42] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 803.250944][ T42] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 803.261219][ T42] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 803.272095][ T42] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 803.283366][ T42] smsc75xx 9-1:0.184: probe with driver smsc75xx failed with error -71 [ 803.418035][ T42] usb 9-1: USB disconnect, device number 4 [ 803.662167][T11208] loop6: detected capacity change from 0 to 512 [ 803.692356][T11208] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 803.781059][T11208] EXT4-fs (loop6): orphan cleanup on readonly fs [ 803.804251][T11208] EXT4-fs error (device loop6): __ext4_iget:5464: inode #11: block 8: comm syz.6.2141: invalid block [ 803.966719][T11208] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.2141: couldn't read orphan inode 11 (err -117) [ 804.043451][T11208] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 804.198751][T11214] loop7: detected capacity change from 0 to 512 [ 804.344354][T11217] loop8: detected capacity change from 0 to 512 [ 804.408998][T11214] EXT4-fs (loop7): invalid inodes per group: 100663328 [ 804.408998][T11214] [ 804.521996][T11217] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 804.538703][T11217] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 804.736722][ T8202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 804.891312][T11217] EXT4-fs error (device loop8): ext4_get_first_dir_block:3540: inode #12: comm syz.8.2145: directory missing '.' [ 805.420451][ T9673] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 805.694111][T11234] netlink: 'syz.7.2151': attribute type 2 has an invalid length. [ 806.539916][T11251] loop6: detected capacity change from 0 to 64 [ 806.597444][T11251] BFS-fs: bfs_fill_super(): loop6 is unclean, continuing [ 806.640074][T11251] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop6 [ 807.389935][T11260] sock: sock_set_timeout: `syz.6.2164' (pid 11260) tries to set negative timeout [ 808.003996][T11254] loop4: detected capacity change from 0 to 8192 [ 808.480126][T11271] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2169'. [ 808.521939][T11272] loop0: detected capacity change from 0 to 256 [ 808.546309][T11272] exfat: Deprecated parameter 'utf8' [ 808.703633][T11272] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 808.995308][ T30] audit: type=1800 audit(1757077009.111:58): pid=11272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2168" name="file1" dev="loop0" ino=1048703 res=0 errno=0 [ 811.598365][T11319] bpf: Bad value for 'gid' [ 811.673574][T11321] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2191'. [ 811.683171][T11321] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2191'. [ 812.121458][T11327] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 812.129180][T11327] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 812.769678][T11334] loop4: detected capacity change from 0 to 1024 [ 812.860211][T11334] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 813.002011][T11331] loop6: detected capacity change from 0 to 8192 [ 813.067017][T11331] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 813.309582][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 814.050031][T11348] loop7: detected capacity change from 0 to 256 [ 814.106491][T11348] exfat: Deprecated parameter 'utf8' [ 814.112381][T11348] exfat: Deprecated parameter 'utf8' [ 814.273640][T11348] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36d2a6b4, utbl_chksum : 0xe619d30d) [ 814.629346][T11354] program syz.8.2206 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 814.751410][T11356] netlink: 'syz.0.2207': attribute type 21 has an invalid length. [ 815.249304][T11362] loop8: detected capacity change from 0 to 1024 [ 815.303886][T11364] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2210'. [ 816.580447][T11383] netlink: 'syz.4.2219': attribute type 4 has an invalid length. [ 816.954037][T11387] netlink: 88 bytes leftover after parsing attributes in process `syz.7.2220'. [ 816.964883][T11387] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2220'. [ 818.544865][T11412] loop4: detected capacity change from 0 to 64 [ 819.210855][T11417] loop0: detected capacity change from 0 to 128 [ 819.251090][T11417] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 819.300961][T11417] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 819.527385][ T30] audit: type=1800 audit(1757077019.631:59): pid=11417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2235" name="bus" dev="loop0" ino=1048708 res=0 errno=0 [ 819.549184][ T30] audit: type=1804 audit(1757077019.641:60): pid=11417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2235" name="/newroot/470/file1/bus" dev="loop0" ino=1048708 res=1 errno=0 [ 820.005999][ T4173] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 820.638025][T11435] netlink: 'syz.7.2242': attribute type 11 has an invalid length. [ 821.024937][T11437] overlayfs: missing 'workdir' [ 822.410159][T11459] loop8: detected capacity change from 0 to 128 [ 822.615013][T11459] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 822.655117][T11465] loop7: detected capacity change from 0 to 512 [ 822.722471][T11459] ext4 filesystem being mounted at /134/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 823.209174][ T9673] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 823.297564][T11461] loop6: detected capacity change from 0 to 4096 [ 823.397646][T11461] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 823.778045][T11461] ntfs3(loop6): ino=1a, mi_enum_attr [ 823.785036][T11461] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 823.951399][ T30] audit: type=1800 audit(1757077024.081:61): pid=11461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2254" name="file1" dev="loop6" ino=30 res=0 errno=0 [ 824.251795][T11485] loop0: detected capacity change from 0 to 256 [ 824.308197][ T751] ntfs3(loop6): ino=1e, ntfs3_write_inode failed, -22. [ 824.450169][T11485] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 824.863267][T11489] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2267'. [ 824.931554][T11492] loop4: detected capacity change from 0 to 128 [ 825.018822][ T30] audit: type=1800 audit(1757077025.141:62): pid=11492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2269" name="bus" dev="loop4" ino=1048712 res=0 errno=0 [ 825.590790][T11499] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2270'. [ 826.535144][T11515] team0: No ports can be present during mode change [ 826.863241][ T4414] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 827.091253][T11519] bond0: entered promiscuous mode [ 827.100122][T11519] bond_slave_0: entered promiscuous mode [ 827.104321][T11521] loop4: detected capacity change from 0 to 512 [ 827.107478][T11519] bond_slave_1: entered promiscuous mode [ 827.133275][T11519] dummy0: entered promiscuous mode [ 827.143536][T11519] hsr1: entered promiscuous mode [ 827.148898][T11519] hsr1: entered allmulticast mode [ 827.157625][T11519] bond0: entered allmulticast mode [ 827.169544][T11519] bond_slave_0: entered allmulticast mode [ 827.177966][T11519] bond_slave_1: entered allmulticast mode [ 827.187323][T11519] dummy0: entered allmulticast mode [ 827.262557][T11521] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 827.278902][T11521] ext4 filesystem being mounted at /483/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 827.315137][T11526] loop6: detected capacity change from 0 to 512 [ 827.394088][T11526] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 827.481044][ T30] audit: type=1800 audit(1757077027.601:63): pid=11521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2281" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 827.489879][T11526] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 827.523868][ T30] audit: type=1800 audit(1757077027.651:64): pid=11521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2281" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 827.604358][T11526] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 3: comm syz.6.2282: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0 [ 827.625188][ C0] vkms_vblank_simulate: vblank timer overrun [ 827.709568][T11526] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 12: comm syz.6.2282: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 827.774207][T11526] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 13: comm syz.6.2282: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 827.832552][T11526] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 14: comm syz.6.2282: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 827.870749][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 827.920532][T11526] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 15: comm syz.6.2282: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 827.941910][ C0] vkms_vblank_simulate: vblank timer overrun [ 828.046361][T11526] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 16: comm syz.6.2282: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 828.117531][T11526] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 17: comm syz.6.2282: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 828.497622][ T8202] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 828.550094][ T8202] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 828.609842][T11542] input: syz0 as /devices/virtual/input/input15 [ 829.080429][T11547] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 830.732021][T11570] sctp: [Deprecated]: syz.6.2301 (pid 11570) Use of int in max_burst socket option deprecated. [ 830.732021][T11570] Use struct sctp_assoc_value instead [ 832.083845][T11594] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2312'. [ 832.896428][ T30] audit: type=1326 audit(1757077033.021:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11605 comm="syz.7.2318" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 832.921148][ T30] audit: type=1326 audit(1757077033.021:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11605 comm="syz.7.2318" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 832.924972][T11608] netlink: 'syz.6.2316': attribute type 15 has an invalid length. [ 832.961677][T11606] bond0: Removing last ns target with arp_interval on [ 832.988175][ T3571] bond0: (slave bond_slave_0): interface is now down [ 832.995730][ T3571] bond0: (slave bond_slave_1): interface is now down [ 833.015492][ T3571] bond0: now running without any active interface! [ 833.079209][ T30] audit: type=1326 audit(1757077033.081:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11605 comm="syz.7.2318" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 833.106236][ T30] audit: type=1326 audit(1757077033.081:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11605 comm="syz.7.2318" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 833.128766][ C0] vkms_vblank_simulate: vblank timer overrun [ 833.139950][ T30] audit: type=1326 audit(1757077033.091:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11605 comm="syz.7.2318" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 833.162373][ C0] vkms_vblank_simulate: vblank timer overrun [ 833.174614][ T30] audit: type=1326 audit(1757077033.091:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11605 comm="syz.7.2318" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 833.200638][ T30] audit: type=1326 audit(1757077033.161:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11605 comm="syz.7.2318" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 833.231147][ T30] audit: type=1326 audit(1757077033.161:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11605 comm="syz.7.2318" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 834.012389][T11624] overlayfs: overlapping lowerdir path [ 834.688299][ T1727] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 834.913842][ T1727] usb 8-1: Using ep0 maxpacket: 32 [ 834.943664][T11633] loop4: detected capacity change from 0 to 512 [ 834.982033][ T1727] usb 8-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 834.991883][ T1727] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 835.069337][ T1727] usb 8-1: config 0 descriptor?? [ 835.112500][T11635] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2330'. [ 835.408292][ T1727] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 835.477114][ T1727] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 835.528461][ T1727] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 835.536443][ T1727] usb 8-1: media controller created [ 835.637918][T11627] ===================================================== [ 835.645566][T11627] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 [ 835.654383][T11627] _copy_to_user+0xcc/0x120 [ 835.659239][T11627] i2cdev_ioctl_smbus+0x586/0x660 [ 835.673304][T11627] compat_i2cdev_ioctl+0x48f/0xb40 [ 835.680444][T11627] __ia32_compat_sys_ioctl+0x7f9/0x1270 [ 835.686507][T11627] ia32_sys_call+0x2d5f/0x4310 [ 835.691805][T11627] __do_fast_syscall_32+0xb0/0x150 [ 835.701266][T11627] do_fast_syscall_32+0x38/0x80 [ 835.706576][T11627] do_SYSENTER_32+0x1f/0x30 [ 835.711508][T11627] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 835.718374][T11627] [ 835.720896][T11627] Uninit was stored to memory at: [ 835.730137][T11627] __i2c_smbus_xfer+0x2561/0x2f60 [ 835.735626][T11627] i2c_smbus_xfer+0x31d/0x4d0 [ 835.740593][T11627] i2cdev_ioctl_smbus+0x4a1/0x660 [ 835.746145][T11627] compat_i2cdev_ioctl+0x48f/0xb40 [ 835.751573][T11627] __ia32_compat_sys_ioctl+0x7f9/0x1270 [ 835.761035][T11627] ia32_sys_call+0x2d5f/0x4310 [ 835.771459][T11627] __do_fast_syscall_32+0xb0/0x150 [ 835.778668][T11627] do_fast_syscall_32+0x38/0x80 [ 835.787238][T11627] do_SYSENTER_32+0x1f/0x30 [ 835.792067][T11627] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 835.798937][T11627] [ 835.801352][T11627] Local variable msgbuf1.i created at: [ 835.807229][T11627] __i2c_smbus_xfer+0x86a/0x2f60 [ 835.812354][T11627] i2c_smbus_xfer+0x31d/0x4d0 [ 835.821671][T11627] [ 835.824294][T11627] Byte 0 of 1 is uninitialized [ 835.829170][T11627] Memory access of size 1 starts at ffff88811b63bc86 [ 835.836149][T11627] Data copied to user address 00000000800002c0 [ 835.846180][T11627] [ 835.848694][T11627] CPU: 0 UID: 0 PID: 11627 Comm: syz.7.2326 Not tainted syzkaller #0 PREEMPT(none) [ 835.858629][T11627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 835.874381][T11627] ===================================================== [ 835.881446][T11627] Disabling lock debugging due to kernel taint [ 835.893298][T11627] Kernel panic - not syncing: kmsan.panic set ... [ 835.899914][T11627] CPU: 0 UID: 0 PID: 11627 Comm: syz.7.2326 Tainted: G B syzkaller #0 PREEMPT(none) [ 835.911180][T11627] Tainted: [B]=BAD_PAGE [ 835.915456][T11627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 835.926186][T11627] Call Trace: [ 835.929710][T11627] [ 835.933101][T11627] __dump_stack+0x26/0x30 [ 835.937687][T11627] dump_stack_lvl+0x53/0x270 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 835.942515][T11627] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 835.948557][T11627] dump_stack+0x1e/0x25 [ 835.952950][T11627] vpanic+0x361/0xc50 [ 835.957180][T11627] panic+0x15d/0x160 [ 835.961468][T11627] kmsan_report+0x31c/0x320 [ 835.966189][T11627] ? kmsan_internal_check_memory+0x1e1/0x230 [ 835.972374][T11627] ? kmsan_copy_to_user+0xf1/0x190 [ 835.977822][T11627] ? _copy_to_user+0xcc/0x120 [ 835.982717][T11627] ? i2cdev_ioctl_smbus+0x586/0x660 [ 835.988151][T11627] ? compat_i2cdev_ioctl+0x48f/0xb40 [ 835.993658][T11627] ? __ia32_compat_sys_ioctl+0x7f9/0x1270 [ 835.999594][T11627] ? ia32_sys_call+0x2d5f/0x4310 [ 836.004705][T11627] ? __do_fast_syscall_32+0xb0/0x150 [ 836.010234][T11627] ? do_fast_syscall_32+0x38/0x80 [ 836.015481][T11627] ? do_SYSENTER_32+0x1f/0x30 [ 836.020380][T11627] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 836.027202][T11627] ? __pfx_az6027_i2c_xfer+0x10/0x10 [ 836.032727][T11627] ? __i2c_transfer+0x11cd/0x3110 [ 836.037995][T11627] ? kmsan_get_metadata+0xfb/0x160 [ 836.043401][T11627] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 836.050057][T11627] ? kmsan_get_metadata+0xfb/0x160 [ 836.055382][T11627] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 836.061940][T11627] ? __i2c_smbus_xfer+0x1e93/0x2f60 [ 836.067327][T11627] ? kmsan_get_metadata+0xfb/0x160 [ 836.072642][T11627] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 836.078784][T11627] kmsan_internal_check_memory+0x1e1/0x230 [ 836.084817][T11627] kmsan_copy_to_user+0xf1/0x190 [ 836.089961][T11627] _copy_to_user+0xcc/0x120 [ 836.094689][T11627] i2cdev_ioctl_smbus+0x586/0x660 [ 836.099983][T11627] compat_i2cdev_ioctl+0x48f/0xb40 [ 836.105341][T11627] ? __pfx_compat_i2cdev_ioctl+0x10/0x10 [ 836.111197][T11627] __ia32_compat_sys_ioctl+0x7f9/0x1270 [ 836.116959][T11627] ? kmsan_get_metadata+0xfb/0x160 [ 836.122275][T11627] ? kmsan_get_metadata+0xfb/0x160 [ 836.127621][T11627] ia32_sys_call+0x2d5f/0x4310 [ 836.132704][T11627] __do_fast_syscall_32+0xb0/0x150 [ 836.138104][T11627] do_fast_syscall_32+0x38/0x80 [ 836.143216][T11627] do_SYSENTER_32+0x1f/0x30 [ 836.147951][T11627] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 836.154516][T11627] RIP: 0023:0xf711e539 [ 836.158807][T11627] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 836.178700][T11627] RSP: 002b:00000000f550e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 836.187304][T11627] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000720 [ 836.195425][T11627] RDX: 0000000080000200 RSI: 0000000000000000 RDI: 0000000000000000 [ 836.203714][T11627] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 836.211824][T11627] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 836.220053][T11627] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 836.228242][T11627] [ 836.231702][T11627] Kernel Offset: disabled [ 836.236131][T11627] Rebooting in 86400 seconds..