last executing test programs: 1m54.208743647s ago: executing program 4 (id=1047): r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fcntl$setlease(r0, 0x400, 0x1) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') read$qrtrtun(r1, &(0x7f00000004c0)=""/57, 0x39) 1m53.349310966s ago: executing program 4 (id=1051): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f0000003000)=[{{&(0x7f00000002c0)={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5}, 0x1c, &(0x7f0000000a00)=[{&(0x7f0000000640)=':', 0x1}], 0x1}}, {{&(0x7f0000000d40)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000f40)=[{&(0x7f00000077c0)="d7", 0x1}], 0x1}}], 0x2, 0x24000045) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000200)={0x0, 0x8}, 0x8) 1m52.809958743s ago: executing program 4 (id=1055): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) io_setup(0x4, &(0x7f0000000280)=0x0) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) connect$unix(r0, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e) 1m52.043111683s ago: executing program 4 (id=1061): syz_mount_image$udf(&(0x7f0000000f40), &(0x7f0000000f80)='./file1\x00', 0x204004, &(0x7f0000002480)=ANY=[@ANYBLOB='mode=00000000000000000000202,umask=00000000000000000000002,dmode=00000000000000000100002,gid=forget,longad,shortad,novrs,iocharset=cp437,uid=forget,umask=00000000000000000000006,dmode=00000000000000000000010,gid=', @ANYRESDEC=0x0, @ANYBLOB="010000006e6963622c73657373696f6e08003030303030303030303030303030303030ff352c00"], 0x2, 0xc47, &(0x7f0000000fc0)="$eJzs3UFsHNd9B+D/Gy3FlYxWTJwoThoXm7ZIZcZyZUkxFatwVzXNNoAsE6GYWwCuSEpdmCIJkmpkI22ZXnroIUBR9JATgdYokKKB0RRBj0zrAsnFhyKnnogWNoKiB7YIkFPAYGbfUkuatBlRlCjp+2zqtzv73sx789YzsqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN9/5dKZ59ODbgUAcD9dGfvKmbPu/wDwWLnq//8BAAAAAAAAAAAAAOCwS1HEk5Fi/sp6mqjed9Qvt/tu3R4fHtm52rFU1TxSlS9/6s+fPXf+iy8MXejm5fbsh9S/1z4Tr41dvdR4ee7m/ML04uL0VGN8tj05NzW95z3st/52g9UJaNx8/dbU9euLjbPPndvy8e2B9/ufODlwceiZ0093y44Pj4yM3SlS7y1fu+uGdOw2w+NoFHE6Ujz73Z+kVkQUsf9zUb+/Y7/dsaoTg1UnxodHqo7MtFuzS+WHo90TUUQ0eio1u+do57GIWt997cPumhHLZfPLBg+W3Rubby20rs1MN0ZbC0vtpfbc7GjqtLbsTyOKuJAiViJirf+Du+uLImqR4tsn1tO1iDjSPQ9fqCYG796O4gD7uAdlOxt9ESvFQzBmh1h/FPFqpPjpO6diMl9nqmvN5yNeLfP7EW+V+VJEKr8Y5yPe2+F7xMOpFkX8ZTn+F9fTVHU96F5XLn+18eXZ63M9ZbvXlV/y/vCBK8UDuj8c25b3xyG/NtWjiFZ1xV9Pd/+bHQAAAAAAAAAAAAAAAADutWNRxKcjxSv/8cfVvOKo5qWfuDj0BwO/0jtn/KmP2E9Z9rmIWC72Nif3aJ4YOJpGU3rAc4kfZ/Uo4k/y/L9vPujGAAAAAAAAAAAAAAAAAAAAPNaK+HGkePHdU2kletcUb8/eaFxtXZvprArbXfu3u2b6xsbGRiN1splzIudyzpWcqznXOlnN+6/qF7l+zomcyzlXcq7mXMsZR3L9nM2cEzmXc67kXM25ljNquX7OZs6JnMs5V3Ku5lzLGYdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdJEUX8PFJ86+vrKVJENCMmopOr/Q+6dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAqT8V8b1I0fjD5ua2WkSk6t+OU+Uv56N5tMyPR3OozJeieSlnq8pa85sPoP3sT18q4keRor/+9uaA5/Hv67zb/BrEW9+48+4ztU4e6X448H7/EydPXBwa+fWndnuddmrA4OX27K3bjfHhkZGxns21fPSP92wbyMct7k3XiYjFN958vTUzM71w9y/Kr8AuH21sbPxZeZT9HuKQvEi1XXv6WL4oh/YQNOMAO1g7FM14YIPLo668/78XKX7n3f/s3vCr+39ts8TmHT5+9qd37v8vbt/RHu//te318v2/vKfvdP9/smfbi/l3I321iPrSzfm+kxH1xTfePN2+2boxfWN69vyZM18aGvrSuTN9RyPq19sz0z2v9n+uAAAAAAAAAAAAAAAAAO6rVMTvRYrWj9ZTIyJuV/O1Bi4OPXP66SNxpJpvtWXe9mtjVy81Xp67Ob8wvbg4PdUYn21Pzk1N7/Vw9Wq61/jwyIF05iMdO+D2H6u/PDf/xkL7xh8t7fj58fqla4tLC63JnT+OY1FENHu3DFYNHh8eqRo9027NVlVHd5xM/8vrS0X8V6SYPN9In8vb8vz/7TP8t8z/X96+owOa//+xnm3lMVMq4meR4rf/6qn4XNXO4/GBc5bL/V2kGLzw2Vwujpblum3oPFegMzOwLPt/keKffr61bHc+5JN3yj6/5xP7kCjH/0Sk+N5ffCd+I2/b+vyHncf/+PYdHdD4f6Jn2/EtzyvYd9fJ4386Urz05Nvxm3nbhz3/o/vsjVO58ObzOQ5o/D/Zs20gH/e37k3XAQAAAAAAAAAAHmp9qYi/jxQ/GKmlF/K2vfz9v6ntOzqgv//1qZ5tU/dmvaKPfLHvkwoAAAAAh0RfKuLHkeLG0tubc6i3zv/umf/5u3fmfw6nbZ9Wf873q9VzA+7ln//1GsjHndh/twEAAAAAAAAAAAAAAAAAAOBQSamIF/J66hPVfP6pXddTX40Ur/zPs7lcOlmW664DP1D9Wr8yN3v60szM3GRrqXVtZroxNt+anC7rfiJSrP/tZ3PdolpfvbvefGeN93otIqq12Bcixcg/dMt21mLvrk3eWQ+8sxZ7WfZjkeK//3Fr2e461p+8U/ZsWfZvIsXX/mXnsifvlD1Xlv1OpPjh1xrdssfLst3no37qTtnnJueKAxgVAAAAAAAAAAAAAAAAAAAAHjd9qYg/jxT/e3Nlcy5/Xv+/r+dt5a1v9Kz3v83tap3/gWr9/91e3836/9VzBZZ3OyoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyaUhTxZqSYv7KeVvvL9x31y+3ZW7fHh0d2rnYsVTWPVOXLn/rzZ8+d/+ILQxe6+eH177VPx2tjVy81Xp67Ob8wvbg4PdUYn21Pzk1N73kPu9ev31WLBqsT0Lj5+q2p69cXG2efO7fl49sD7/c/cXLg4tAzp5/ulh0fHhkZ6ylT67urI+8o7bL9aBTx15Hi2e/+JP2gP6KIDz0Xe/IR352DdqzqxGDVifHhkaojM+3W7FL54Wj3RBQRjZ5Kze45ug9jsS/NiOWy+WWDB8vujc23FlrXZqYbo62FpfZSe252NHVaW/anEUVcSBErEbHW/8Hd9UURr0eKb59YT//aH3Gkex6+cGXsK2fO7t6O4gD7uAdlOxt9ESvFQzBmh1h/FPHPkeKn75yKf+uPqEXnJz4f8WqZ3494KzrjncovxvmI93b4HvFwqkUR/1+O/8X19E5/eT3oXlcuf7Xx5dnrcz1lu9eVh/7+cD8d8mtTPYr4YXXFX0//7r9rAAAAAAAAAAAAAAAAgEOkiF+LFC++eypV84M35xS3Z280rrauzXSm9XXn/nXnTG9sbGw0UiebOSdyLudcybmacy1nFLl+zmaZ9Y2Nifx+OedKztWcaznjSK6fs5lzIudyzpWcqznXckYt18/ZzDmRcznnSs7VnGs545DM3QMAAAAAAAAAAAAAAAAAAB4tRfVPim99fT1t9HfWl56ITq5aD/SR94sAAAD//8or9Fc=") mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}, {@metacopy_on}], [], 0x2c}) 1m50.827986026s ago: executing program 4 (id=1069): syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x9, 0x43, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000a80), &(0x7f0000000900), 0x1, r0}, 0x38) bpf$BPF_GET_PROG_INFO(0x4, &(0x7f0000000340)={r0, 0xe0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x6f) 1m50.104705442s ago: executing program 4 (id=1074): syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) syz_clone(0x1040600, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) 1m49.213027461s ago: executing program 32 (id=1074): syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) syz_clone(0x1040600, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1) 1m48.152349029s ago: executing program 0 (id=1083): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket(0x10, 0x803, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000000200)) 1m47.529704521s ago: executing program 0 (id=1087): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="600000001000010400000000fcdbdf2500000000", @ANYRES32=r2, @ANYBLOB="8002000000180000400012800b00010062726964676500003000028005001800d46ddff6080002"], 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) 1m46.448211657s ago: executing program 0 (id=1092): r0 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r1 = epoll_create1(0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40088a01, &(0x7f0000000440)=0x40) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x60000006}) 1m46.061194689s ago: executing program 0 (id=1096): syz_mount_image$udf(&(0x7f0000000f40), &(0x7f0000000f80)='./file1\x00', 0x204004, &(0x7f0000002480)=ANY=[@ANYBLOB='mode=00000000000000000000202,umask=00000000000000000000002,dmode=00000000000000000100002,gid=forget,longad,shortad,novrs,iocharset=cp437,uid=forget,umask=00000000000000000000006,dmode=00000000000000000000010,gid=', @ANYRESDEC=0x0, @ANYBLOB="010000006e6963622c73657373696f6e08003030303030303030303030303030303030ff352c00"], 0x2, 0xc47, &(0x7f0000000fc0)="$eJzs3UFsHNd9B+D/Gy3FlYxWTJwoThoXm7ZIZcZyZUkxFatwVzXNNoAsE6GYWwCuSEpdmCIJkmpkI22ZXnroIUBR9JATgdYokKKB0RRBj0zrAsnFhyKnnogWNoKiB7YIkFPAYGbfUkuatBlRlCjp+2zqtzv73sx789YzsqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN9/5dKZ59ODbgUAcD9dGfvKmbPu/wDwWLnq//8BAAAAAAAAAAAAAOCwS1HEk5Fi/sp6mqjed9Qvt/tu3R4fHtm52rFU1TxSlS9/6s+fPXf+iy8MXejm5fbsh9S/1z4Tr41dvdR4ee7m/ML04uL0VGN8tj05NzW95z3st/52g9UJaNx8/dbU9euLjbPPndvy8e2B9/ufODlwceiZ0093y44Pj4yM3SlS7y1fu+uGdOw2w+NoFHE6Ujz73Z+kVkQUsf9zUb+/Y7/dsaoTg1UnxodHqo7MtFuzS+WHo90TUUQ0eio1u+do57GIWt997cPumhHLZfPLBg+W3Rubby20rs1MN0ZbC0vtpfbc7GjqtLbsTyOKuJAiViJirf+Du+uLImqR4tsn1tO1iDjSPQ9fqCYG796O4gD7uAdlOxt9ESvFQzBmh1h/FPFqpPjpO6diMl9nqmvN5yNeLfP7EW+V+VJEKr8Y5yPe2+F7xMOpFkX8ZTn+F9fTVHU96F5XLn+18eXZ63M9ZbvXlV/y/vCBK8UDuj8c25b3xyG/NtWjiFZ1xV9Pd/+bHQAAAAAAAAAAAAAAAADutWNRxKcjxSv/8cfVvOKo5qWfuDj0BwO/0jtn/KmP2E9Z9rmIWC72Nif3aJ4YOJpGU3rAc4kfZ/Uo4k/y/L9vPujGAAAAAAAAAAAAAAAAAAAAPNaK+HGkePHdU2kletcUb8/eaFxtXZvprArbXfu3u2b6xsbGRiN1splzIudyzpWcqznXOlnN+6/qF7l+zomcyzlXcq7mXMsZR3L9nM2cEzmXc67kXM25ljNquX7OZs6JnMs5V3Ku5lzLGYdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdJEUX8PFJ86+vrKVJENCMmopOr/Q+6dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAqT8V8b1I0fjD5ua2WkSk6t+OU+Uv56N5tMyPR3OozJeieSlnq8pa85sPoP3sT18q4keRor/+9uaA5/Hv67zb/BrEW9+48+4ztU4e6X448H7/EydPXBwa+fWndnuddmrA4OX27K3bjfHhkZGxns21fPSP92wbyMct7k3XiYjFN958vTUzM71w9y/Kr8AuH21sbPxZeZT9HuKQvEi1XXv6WL4oh/YQNOMAO1g7FM14YIPLo668/78XKX7n3f/s3vCr+39ts8TmHT5+9qd37v8vbt/RHu//te318v2/vKfvdP9/smfbi/l3I321iPrSzfm+kxH1xTfePN2+2boxfWN69vyZM18aGvrSuTN9RyPq19sz0z2v9n+uAAAAAAAAAAAAAAAAAO6rVMTvRYrWj9ZTIyJuV/O1Bi4OPXP66SNxpJpvtWXe9mtjVy81Xp67Ob8wvbg4PdUYn21Pzk1N7/Vw9Wq61/jwyIF05iMdO+D2H6u/PDf/xkL7xh8t7fj58fqla4tLC63JnT+OY1FENHu3DFYNHh8eqRo9027NVlVHd5xM/8vrS0X8V6SYPN9In8vb8vz/7TP8t8z/X96+owOa//+xnm3lMVMq4meR4rf/6qn4XNXO4/GBc5bL/V2kGLzw2Vwujpblum3oPFegMzOwLPt/keKffr61bHc+5JN3yj6/5xP7kCjH/0Sk+N5ffCd+I2/b+vyHncf/+PYdHdD4f6Jn2/EtzyvYd9fJ4386Urz05Nvxm3nbhz3/o/vsjVO58ObzOQ5o/D/Zs20gH/e37k3XAQAAAAAAAAAAHmp9qYi/jxQ/GKmlF/K2vfz9v6ntOzqgv//1qZ5tU/dmvaKPfLHvkwoAAAAAh0RfKuLHkeLG0tubc6i3zv/umf/5u3fmfw6nbZ9Wf873q9VzA+7ln//1GsjHndh/twEAAAAAAAAAAAAAAAAAAOBQSamIF/J66hPVfP6pXddTX40Ur/zPs7lcOlmW664DP1D9Wr8yN3v60szM3GRrqXVtZroxNt+anC7rfiJSrP/tZ3PdolpfvbvefGeN93otIqq12Bcixcg/dMt21mLvrk3eWQ+8sxZ7WfZjkeK//3Fr2e461p+8U/ZsWfZvIsXX/mXnsifvlD1Xlv1OpPjh1xrdssfLst3no37qTtnnJueKAxgVAAAAAAAAAAAAAAAAAAAAHjd9qYg/jxT/e3Nlcy5/Xv+/r+dt5a1v9Kz3v83tap3/gWr9/91e3836/9VzBZZ3OyoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyaUhTxZqSYv7KeVvvL9x31y+3ZW7fHh0d2rnYsVTWPVOXLn/rzZ8+d/+ILQxe6+eH177VPx2tjVy81Xp67Ob8wvbg4PdUYn21Pzk1N73kPu9ev31WLBqsT0Lj5+q2p69cXG2efO7fl49sD7/c/cXLg4tAzp5/ulh0fHhkZ6ylT67urI+8o7bL9aBTx15Hi2e/+JP2gP6KIDz0Xe/IR352DdqzqxGDVifHhkaojM+3W7FL54Wj3RBQRjZ5Kze45ug9jsS/NiOWy+WWDB8vujc23FlrXZqYbo62FpfZSe252NHVaW/anEUVcSBErEbHW/8Hd9UURr0eKb59YT//aH3Gkex6+cGXsK2fO7t6O4gD7uAdlOxt9ESvFQzBmh1h/FPHPkeKn75yKf+uPqEXnJz4f8WqZ3494KzrjncovxvmI93b4HvFwqkUR/1+O/8X19E5/eT3oXlcuf7Xx5dnrcz1lu9eVh/7+cD8d8mtTPYr4YXXFX0//7r9rAAAAAAAAAAAAAAAAgEOkiF+LFC++eypV84M35xS3Z280rrauzXSm9XXn/nXnTG9sbGw0UiebOSdyLudcybmacy1nFLl+zmaZ9Y2Nifx+OedKztWcaznjSK6fs5lzIudyzpWcqznXckYt18/ZzDmRcznnSs7VnGs545DM3QMAAAAAAAAAAAAAAAAAAB4tRfVPim99fT1t9HfWl56ITq5aD/SR94sAAAD//8or9Fc=") mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}, {@metacopy_on}], [], 0x2c}) 1m44.369301393s ago: executing program 0 (id=1101): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)) ioctl$PPPIOCSPASS(r0, 0x40047452, 0xffffffffffffffff) 1m42.940893201s ago: executing program 0 (id=1107): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='cgroup.clone_children\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0x6a) 1m40.970691885s ago: executing program 33 (id=1107): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='cgroup.clone_children\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0x6a) 34.739097539s ago: executing program 5 (id=1476): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0xb}, 0x1c) syz_emit_ethernet(0x83, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60010100004d1101fe8000f9ffffff0000000000000000bbfe8000000000000000000000000000aa4e200e22"], 0x0) 34.159454277s ago: executing program 5 (id=1481): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000002f9b0000000000000000b50000000f004083c5000000a0000a4095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='io_uring_register\x00', r0}, 0x2a) r1 = io_uring_setup(0x2b71, &(0x7f00000000c0)={0x0, 0x4eba, 0x0, 0x3, 0x122}) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000000)={0x4, r0, 0x34, {0x800, 0xfb26}, 0x3}, 0x1) 33.484576811s ago: executing program 5 (id=1485): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x30, 0x10, 0x801, 0x0, 0x25dfdbfc, {}, [@IFLA_MASTER={0x8, 0xa, r2}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000050}, 0x0) 32.709601109s ago: executing program 5 (id=1490): syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2000040, &(0x7f0000000700)=ANY=[@ANYBLOB='gid=forget,umask=00000000000000000000003,gid=', @ANYRESDEC=0x0, @ANYBLOB=',session=00000000000000043620,gid=ignore,iocharset=euc-jp,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c6164696e6963622c6d6f64653d30303030303030303030303030303030303030303030332c6e6f7374726963742c009b801a9990a34c426430bf3757fbcea5d9a21b29b4ae2c6d10e74873111016bc74ff654722640a72d8cc5e210fef2b359e9e61ade82c60025773de99df3af6548534bfdef68d88ae15c726"], 0xfe, 0xc2d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave']) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f0000003040)={0x2020}, 0x2032) 31.489969925s ago: executing program 5 (id=1499): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, 0x0) ptrace(0x10, r0) ptrace$getregset(0x4205, r0, 0x200, &(0x7f0000000080)={0x0}) 30.116899258s ago: executing program 5 (id=1507): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) fstatfs(r0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) 29.865108362s ago: executing program 34 (id=1507): syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) fstatfs(r0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) 5.21291938s ago: executing program 3 (id=1632): bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000001d040000000000007f000000000000005504000001ed0a002500000017ffffffce040000000000007b0a00fe000000002d04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236ed200073826593c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000640)='asymmetric\x00', &(0x7f00000004c0)) 4.898672094s ago: executing program 3 (id=1634): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = io_uring_setup(0x1da0, &(0x7f0000000500)={0x0, 0x0, 0x1000, 0xfffffffc, 0xc9}) io_uring_register$IORING_UNREGISTER_PBUF_RING(r1, 0x17, &(0x7f0000000300)={0x0, 0x0, 0x1}, 0x1) 4.847669558s ago: executing program 1 (id=1635): r0 = syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000000)={0x1, 0x0, {0x17, 0x837, 0x16, 0x8000401e, 0xb, 0xa2a}}) 4.712462943s ago: executing program 2 (id=1636): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff8500000004000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x524, 0x340, 0x25, 0x148, 0x340, 0x60, 0x490, 0x2a8, 0x2a8, 0x490, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x1, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x150, 0x0, {}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x4, 0x6, 0x30, 0x400, 'syz1\x00', 'syz1\x00', {0x3}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x580) 4.712249244s ago: executing program 3 (id=1637): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010126bd7000fbdbdf250300000008000100", @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) 4.209524761s ago: executing program 1 (id=1639): r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x22301, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x100) write$binfmt_script(r0, &(0x7f0000000540)={'#! ', './file0', [], 0xa, "38319eb0"}, 0xf) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) 4.088966334s ago: executing program 3 (id=1640): r0 = socket$inet6(0xa, 0x802, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0x100000000a, &(0x7f00000003c0)=0x800000001, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @local}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x80010, 0x0, 0x0) 4.009180215s ago: executing program 2 (id=1642): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) 3.682538762s ago: executing program 7 (id=1643): setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000040)={0x3c}, 0x8) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x1018002, &(0x7f0000000080)={[{@iocharset={'iocharset', 0x3d, 'cp865'}}, {@iocharset={'iocharset', 0x3d, 'cp852'}}, {@allow_utime={'allow_utime', 0x3d, 0x3}}, {@time_offset={'time_offset', 0x3d, 0x4}}, {@namecase}, {@discard}, {@utf8}, {@umask={'umask', 0x3d, 0x200}}, {@keep_last_dots}]}, 0x7, 0x151b, &(0x7f0000001880)="$eJzs3Au8jdXWMPAx5pwPm6SV5D7HHA8ruUySJJeEXJIkSZLcEpIkSUJyyy0JScg9yT0kt5Dc7/d7khxJkoSEJPP76fI65+2ct773nO/znneP/+/37D3HnmuMNZ811l7reZ7f3uvrdgMr1alcvhYzwz8Ff/nWFQBSAKAPAFwDABEAFMtULNOl+XQau/5zdyL+tR6ccqVXIK4k6X/qJv1P3aT/qZv0P3WT/qdu0v/UTfqfukn/hUjNtkzNfq1sqXf789f/3X89Ldf//w3J+///Wn/qN036n7pJ/1M36X/qJv1P3aT/qZv0P3WT/qdu0n8hUrP/+vowGIArf436Cm+/PVRXeh1/sEX/rbwr++wTQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCJFanAuXGQD4bXyl1yWEEEIIIYQQQoh/nZD2Sq9ACCGEEEIIIYQQ/+8hgNFgIII0kBZSIB2kh6sgA1wNGeEaSMC1kAmug8xwPWSBrJANskMOyAm5wAKBA4YYckMeSMINkBduhHyQHwpAQfBQCArDTVAEboaicAsUg1kLAG6DElASSkFpuB3KwB1QFspBebgTKkBFqASV4S6oAndDVbgHqsG9UB3ugxpwP9SEB6AWPAi14SGoAw9DXXgE6kF9aAANodF/K/8F6AQvQmfoAl2hG3SHl6AH9IRe0Bv6wMvQF16BfvAq9IcBMBBeg0HwOgyGN2AIDIVh8CYMhxEwEkbBaBgDY+EtGAdvw3h4BybARJgEk2EKTIVp8C5MhxkwE96DWfA+zIY5MBfmwXz4ABbAQlgEH8Ji+AiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EH7IRdsLvcHvgY9sInsA8+hf3w2f9l/ln42/z2CAioUKFBg2kwDaZgCqbH9JgBM2BGzIgJTGAmzISZMTNmwSyYDbNhDsyBuTAXEhIyMubG3JjEJObFvJgP82EBLIAePRbGwlgEb8aiWBSLYTEsjsWxBJbEklgaS2MZLINlsSyWv20OAFbASlgJ78K78G6silWxGlbD6lgda2ANrIk1sRbWwtpYG+tgHayLdbEe1sMG2AAbYSNsjI2xCTbBZtgMm2NzbIEtsCW2xFbYCltja2yDbbAttsV22A7bYwfsgC/gC/givohdsILqht2xO/bAHtgLe2NvfBn74iv4Cr6K/XEADsTX8DV8HQfjGRyCQ3EYDsMyagSOxFHIagyOxbE4DsfheByPE3AiTsTJOAWn4jSchtNxBs7A93AWvo/v4xycg/NwPs7HBbgQF+EiXIxncQkuxWW4HFfgSlyBq3ENrsZ1uB7X4UbciJtxM27Frbgdt+NO3Im7cTd+jB/jJ/gJ9sf9uB8P4AE8iAfxEB7Cw3gYj+CRrVcB4DE8hsfxOJ7Ak3gKT+JpPI1n8Cyew3N4Hs/jBXwux5e1d+df2x/UJUYZlUalUSkqRaVX6VUGlUFlVBlVQiVUJpVJZVaZVRaVRWVT2VQOlUPlUrkUKVKsYpVb5VZJlVR5VV6VT+VTBVQB5ZVXhVVhVUQVUUVVUVVM3aqKq9tUCVVSNfWlVWlVRjXzZVU5VV6VVxVURVVJVVaVVRVVRVVVVVU1VU1VV9VVDXW/qqm6YS98UF3qTB01AOuqgVhP1VcNVEP1Oj6qGqvB2EQ1Vc3U42ooDsEWqrFvqZ5SrdRIbK2eUaPwWdVWjcF26nnVXnVQHdULqpNq4jurLmoCdlPd1WTsoXqqXqq3mo4V1aWOVVKvqv5qgBqoXlPz8HU1WL2hhqihaph6Uw1XI9RINUqNVmPUWPWWGqfeVuPVO2qCmqgmqclqipqqpql31XQ1Q81U76lZ6n01W81Rc9U8NV99oBaohWqR+lAtVh+pJWqpWqaWqxVqpVqlVqs1aq1ap9arDWqj2qQ2qy1qq9qmtqsdaqfapXarPepjtVd9ovapT9V+9Zk6oP6iDqrP1SH1hTqsvlRH1FfqqPpaHVPfqOOqizqhTqpT6jt1Wn2vzqiz6pz6QZ1XP6oL6id1UQUFGrXSWhsd6TQ6rU7R6XR6fZXOoK/WGfU1OqGv1Zn0dTqzvl5n0Vl1Np1d59A5dS5tNWmnWcc6t86jk/oGnVffqPPp/LqALqi9LqQL65t0EX2zLqpv0cX0rbq4vk2X0CV1KV1a367L6Dt0WV1Ol9d36gq6oq6kK+u7dBV9t66q79HV9L26ur5P19D365r6AV1LP6hr64d0Hf2wrqsf0fV0fd1AN9SN9KO6sX5MN9FNdTP9uG6un9At9JO6pX5Kt9JP69b6Gd1GP6vb6ud0O/28bq876I76J31RB91Zd9FddTfdXb+ke+ieupfurfvol3Vf/Yrup1/V/fUAPVC/pgfp1/Vg/YYeoofqYfpNPVyP0CP1KD1aj9Fj9Vt6nH5bj9fv6Al6op6kJ+speqru9WulmX8i/+2/k9/v53vfrLforXqb3q536J16l96t9+g9eq/eq/fpfXq/3q8P6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvjwEYNMpoY0xk0pi0JsWkM+nNVSaDudpkNNeYhLnWZDLXmczmepPFZDXZTHaTw+Q0uYw1ZJxhE5vcJo9JmhtMXnOjyWfymwKmoPGmkClsbvqn8//B+pZP+uXgxTQyjUxj09g0MU1MM9PMNDfNTQvTwrQ0LU0r08q0Nq1NG9PGtDVtTTvTzrQ37U1H09F0Mp1MZwTT1XQ13c1LpofpaXqZ3qaPedn0NX1NP9PP9Df9zUAz0Awyg8xgM9gMMUOMAYDhZrgZaUaa0Wa0GWvGmnFmnBlvxpsJZoKZZCaZKWaKmWammelmuplpZppZZpaZbWabuWaumW/mmwVmgVlkFpnFZrFZYpaapWa5WW5WmpVmtVlt1pq1Zr1ZbzaajWaJ2WK2mG1mm9lhdphdZpfZY/aYvWav2Wf2mf1mvzlgDpiD5qA5ZA6Zw+awOWKOmKPmqDlmjpnj5rg5YU6YU+aUOW1OmzPmjDlnzpnz5ry5YC6Yi+bipcO+SEUqMpGJ0kRpopQoJUofpY8yRBmijFHGKBElokxRpihzdH2UJcoaZYuyRzminFGuyEYUuYijOMod5YmS0Q1R3ujGKF+UPyoQFYx8VCgqHN0UFYlujopGt0TFoluj4tFtUYmoZFQqKh3dHpWJ7ojKRuWi8tGdUYWoYlQpqhzdFVWJ7o6qRvdE1aJ7o+rRfVGN6P6oZvRAVCt6MKodPRTViR6O6kaPRPWi+lGDqGHU6F9aP4QzWR/znW0Xmxa62e72JdvD9rS9bG/bx75s+9pXbD/7qu1vB9iB9jU7yL5uB9s37BA71A6zb9rhdoQdaUfZ0XaMHWvfsuPs23a8fcdOsBPtJDvZTrFT7TT7rp1uZ9iZ9j07y75vZ9s5dq6dZ+fbD+wCu9Aush/axfYju8QutcvscrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Ha7w+60u+xuu8d+bPfaT+w++6ndbz+zB2zKr8f3X9jD9kt7xH5lj9qv7TH7jT1uv7Un7El7yn5nT9vv7Rl71p6zP9jz9kd7wf5kL9pw6eD+0ts7GTKUhtJQCqVQekpPGSgDZaSMlKAEZaJMlJkyUxbKQtkoG+WgHJSLctElTEy5KTclKUl5KS/lo3xUgAqQJ0+FqTAVoSJUlIpSMSpGxak4laASVIpK0e10O91Bd1A5Kkd30p1UkSpSZapMVagKVaWqVI2qUXWqTjWoBtWkmlSLalFtqk11qA7VpbpUj+pRA2pAjagRNabG1ISaUDNqRs2pObWgFtSSWlIrakWtqTW1oTbUltpSO2pH7ak9daSO1Ik6UWfqTF2pK3Wn7tSDelAv6kV9qA/1pb7Uj/pRf+pPA2kgDaJBNJgG0xAaSsPoTRpOI2gkjaLRNIbG0lgaR+NoPI2nCTSBJtEkmkJTaBpNo+k0nWbSTJpFs2g2zaa5NJfm03xaQAtoES2ixbSYltASWkbLaAWtoFW0itbQGlpH62gDbaBNtIm20BbaRttoB+2gXbSL9tAe2kt7aR/to/20nw7QATpIB+kQHaLDdJiO0BE6SkfpGB2j43ScTtAJOkWn6DSdpjN0hs7ROTpPP9IF+okuUqAUl86ld1e5DO5ql9Fd4/5znM1ldzlcTpfLWZfFZf2bmJxz+Vx+V8AVdN4VcpeehX8dF3Y3uRKupCvlSrvbXRl3hyv7u7jKmh2//CG6u9dVdne5Ku5uV9Xd46q5e111d5+r4R52Nd0jrpar72q7hq6Oe9jVdY+4eq6+a+AauubuCdfCPelauqdcK/f07+IFbqFb49a6dW692+s+cefcD+6o+9qddz+6zq6L6+Nedn3dK66fe9X1dwN+Fw9zb7rhboQb6Ua50W7M7+JJbrKb4qa6ae5dN93N+F08333gZrlFbrab4+a6eT/Hl9a0yH3oFruP3BK31C1zy90Kt9Ktcqv/Y63L3Ua3yW12e9zHbpvb7na4nW6X2/1zfGk/9rlP3X73mTvivnIH3efukDvmDrsvf44v7d8x94077r51J9xJd8p95067790Zd/bn/b+079+5n9xFFxwwsmLNhiNOw2k5hdNxer6KM/DVnJGv4QRfy5n4Os7M13MWzsrZODvn4Jyciy0TO2aOOTfn4STfwHn5Rs7H+bkAF2TPhbgw38RF+GYuyrdwMb6Vi/NtXIJLcikuzbdzGb6Dy3I5Ls93cgWuyJW4Mt/FVfhursr3cDW+l6vzfVyD7+ea/ADX4ge5Nj/EdfhhrsuPcD2uzw24ITfiR7kxP8ZNuCk348e5OT/BLfhJbslPcSt+mlvzM9yGn+W2/By34+e5PXfgjvwCd+IXuTN34a7cjbvzS9yDe3Iv7s19+GXuy69wP36V+/MAHsiv8SB+nQfzGzyEh/IwfpOH8wgeyaN4NI/hsfwWj+O3eTy/wxN4Ik/iyTyFp/I0fpen8wyeye/xLH6fZ/McnsvzeD5/wAt4IS/iD3kxf8RLeCkv4+W8glfyKl7Na3gtr+P1vIE38ibezFt4K2/j7Yy8k3fxbt7DH/Ne/oT38ae8nz/jA/wXPsif8yH+gg/zl3yEv+Kj/DUf42/4OH/LJ/gkn+Lv+DR/z2f4LJ/jH/g8/8gX+Ce+yIEhxljFOjZxFKeJ08Ypcbo4fXxVnCG+Os4YXxMn4mvjTPF1ceb4+jhLnDXOFmePc8Q541yxjSl2cToAyB3niZPxDXHe+MY4X5w/LhAXjH1cKC4c3xQXiW+Oi8a3xMXiW+Pi8W1xibhk/PC9pePb4zLxHXHZuFxcPr4zrhBXjCvFleO74irx3XHV+J64WnxvXDS+L64R3x/XjB+Ia8UPxrXjh+I68cNx3fiRuF5cP24QN4wbxY/GjePH4iZx07hZ/HjcPH4ibhE/GbeMn4pbxU//4XzXuFvcPX4pfikO4R49NzkvOT/5QXJBcmFyUfLD5OLkR8klyaXJZcnlyRXJlclVydXJNcm1yXXJ9ckNyY3JTcnNyRAqpwWPXnntjY98Gp/Wp/h0Pr2/ymfwV/uM/hqf8Nf6TP46n9lf77P4rD6bz+5z+Jw+l7eevPPsY5/b5/FJf4PP62/0+Xx+X8AX9N4X8oV9Q9/IN/KN/WO+iW/qm5V73D/un/BP+Cf9k/4p38o/7Vv7Z3wb/6xv65/zz/nnfXvfwXf0L/hO/kXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/39/39wP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14P8FP8JP8JD/FT/HT/DQ/3U/3M/1MPyvfLD/bz/Zz/Vw/38/3C/wCv8gv8ov9Yr/EL/HL/DK/wq/wq/wqv8av8ev8Or/Bb/Cb/Ca/xW/x2/w2v8Pv8Lv8Lr/H7/F7/V6/z+/z+/1+f8AfOBf8QX/If+EP+y/9Ef+VP+q/9sf8N/64/9af8Cf9Kf+dP+2/92f8WX/O/+DP+x/9Bf+Tv+iDH5t4KzEu8XZifOKdxITExMSkxOTElMTUxLTEu4npiRmJmYn3ErMS7ydmJ+Yk5ibmJeYnPkgsSCxMLEp8mFic+CixJLE0sSyxPLEisTIRQs5tccgd8oRkuCHkDTeGfCF/KBAKBh8KhcLhplAk3ByKhltCsXBrKB5uCyVCyVAqPBLqhfqhQWgYGoVHQ+PwWGgSmoZm4fHQPDwRWoQnQ8vwVGgVng6twzOhTXg2tA3PhXbh+dA+dAgdwwuhU3gxdA46dA3dQvfwUugReoZeoXfoE14OfcMroV94NfQPA8LA8FoYFF4Pg8MbYUgYGoaFN8PwMCKMDKPC6DAmjA1vhXHh7TA+vBMmhIlhUpgcpoSpYVp4N0wPM8LM8F6YFd4Ps8OcMDfMC/PDB2FBWBgWhQ/D4vBRWBKWhmVheYCUlWFVWB3WhLVhXVgfNoSNYVPYHLaErWFb2B52hJ1hV9gd9oSPw97wSdgXPg37w2fhQPhLOBg+D4fCF+Fw+DIcCV+Fo+HrcCx8E46Hb8OJcDKcCt+F0+H7cCacDefCD+F8+DFcCD+Fi/I/a0IIIYQQf4r+g/lufxOp//iqfv1JdwC4env2w/+55oYsv4x7qhzNEwDwVJd2D/62VajQtWvXX2+7REOUZw4AJC7np4HL8VJoBk9AS2gKRf7u+nqqDuf5D+onbwVI/1c5KXA5vlz/5n9Qf8SsP6w/ByBfnss5l859f4sv1y/6u9rRz/WzNv6D+uk+HwvQ5K/yMsDl+HL9wvAYPA0t/+aWQgghhBBCCCHEL3qqUm3+3vlnul/nfzs/z2Eu56SFy/EfnZ8LIYQQQgghhBDiynu2Q8cnH23ZsmmbfzAo94+nZJBaBmn+Zyzj334A8D9iGX9u8NevEubKvUAJIYQQQggh/mUuH/Rf6ZUIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBCp1/+PjxO70vsohBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCXGn/JwAA//8/py6f") mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62381) 3.564758641s ago: executing program 6 (id=1644): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r1) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)={0x44, r2, 0x1, 0x0, 0x0, {0x4, 0x74, 0x609}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bond0\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}]}, 0x44}, 0x1, 0xffffffff00000003}, 0x0) 3.439476785s ago: executing program 3 (id=1645): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x90a2, 0x2, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) getitimer(0x2, &(0x7f0000000000)) 3.191097943s ago: executing program 6 (id=1646): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r1, @ANYBLOB="0000000002000000b705000008000000850000005e00000095"], &(0x7f0000000300)='GPL\x00', 0x2, 0xff6, &(0x7f0000001e00)=""/4086, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 3.016821072s ago: executing program 6 (id=1647): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x38, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x4}]]}, 0x38}}, 0x0) 2.855266733s ago: executing program 1 (id=1648): r0 = memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x3) fcntl$addseals(r0, 0x409, 0x10) fcntl$setstatus(r0, 0x4, 0x42800) mmap(&(0x7f0000585000/0x2000)=nil, 0x2000, 0x2, 0x12, r0, 0xf55d2000) 2.58031411s ago: executing program 6 (id=1649): openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x20902, 0x0) r0 = syz_io_uring_setup(0x2232, &(0x7f0000000280)={0x0, 0x2, 0x10100}, &(0x7f0000000080)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x6000, @fd_index=0x3, 0x800000, 0x0, 0x0, 0x13}) io_uring_enter(r0, 0x53d1, 0x0, 0x4, 0x0, 0x0) 2.476904612s ago: executing program 7 (id=1650): r0 = socket$igmp(0x2, 0x3, 0x2) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000200)={@empty, @private, 0x0, "606b177019716ea6ff1f4d7ed79c31e2e0f1da00000000230000002000", 0x3e1f}, 0x3c) 2.25669892s ago: executing program 1 (id=1651): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x20, 0x14, 0x503, 0x0, 0x25dfdbff, {0x2, 0x8, 0x0, 0xfe, r2}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) 1.860278007s ago: executing program 7 (id=1652): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x600, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="4400000013002901800000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800038004000500080000003e"], 0x44}}, 0x0) 1.66232716s ago: executing program 6 (id=1653): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x4000, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 1.516495131s ago: executing program 2 (id=1654): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x0, 0x14, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f0000000080), 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000640)=ANY=[@ANYBLOB='-pids -cpu'], 0xb) 1.436103209s ago: executing program 1 (id=1655): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0xfff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x5, 0x0, 0x2], [0x0, 0x0, 0x2002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x1]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0x261) 1.286904117s ago: executing program 2 (id=1656): r0 = socket(0x11, 0x800000003, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0xffff, r1, 0x80, 0x9e}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}]}, 0x28}}, 0x0) 997.011343ms ago: executing program 7 (id=1657): r0 = memfd_secret(0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0xa, 0x11, r0, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) preadv2(r1, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x4) 809.552924ms ago: executing program 2 (id=1658): r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0xb}, 0x1c) syz_emit_ethernet(0x4e, &(0x7f0000000180)={@local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x18, 0x11, 0x0, @remote, @local, {[], {0x4e20, 0xe22, 0x18, 0x0, @wg=@data={0x4, 0xfffffff8, 0x1127}}}}}}}, 0x0) 798.860132ms ago: executing program 1 (id=1659): r0 = socket$kcm(0x2, 0x5, 0x84) sendmsg$inet(r0, &(0x7f0000002700)={&(0x7f0000000000)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000580)=[{&(0x7f0000000180)="90", 0x1}], 0x1}, 0x4008040) sendmsg$inet(r0, &(0x7f00000006c0)={&(0x7f0000000040)={0x2, 0x4a1f, @private=0xa010101}, 0x10, &(0x7f0000000140)=[{&(0x7f00000001c0)='&', 0x1}], 0x1}, 0xc000) setsockopt$sock_attach_bpf(r0, 0x84, 0xb, 0x0, 0x0) 518.042827ms ago: executing program 3 (id=1660): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x2, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==") mkdir(&(0x7f0000000080)='./file1\x00', 0x0) lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x0) mkdir(&(0x7f00000002c0)='./file1/file1\x00', 0x0) 357.901982ms ago: executing program 6 (id=1661): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0103000000000000000001"], 0x30}}, 0x0) read(r0, &(0x7f0000000600)=""/124, 0x7c) 308.937977ms ago: executing program 7 (id=1662): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000780)={'vxcan1\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r1, 0x3}, 0x18) 208.740694ms ago: executing program 7 (id=1663): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TIOCSERGETLSR(r0, 0x5459, &(0x7f0000000040)) 0s ago: executing program 2 (id=1664): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'team_slave_0\x00', 0x112}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a"], 0x0, 0x46, 0x0, 0x9, 0x0, 0x0, @void, @value}, 0x28) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) kernel console output (not intermixed with test programs): 364.321804][ T44] IPVS: starting estimator thread 0... [ 364.421743][ T6913] IPVS: using max 240 ests per chain, 12000 per kthread [ 364.651361][ T6908] loop3: detected capacity change from 0 to 4096 [ 364.951785][ T6908] NILFS (loop3): invalid segment: Checksum error in segment payload [ 364.960167][ T6908] NILFS (loop3): trying rollback from an earlier position [ 365.113324][ T6908] NILFS (loop3): recovery complete [ 365.124509][ T6922] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 365.472221][ T6925] loop2: detected capacity change from 0 to 1024 [ 365.701840][ T6926] loop4: detected capacity change from 0 to 1024 [ 366.178654][ T6933] loop0: detected capacity change from 0 to 256 [ 366.669436][ T6936] netlink: 8 bytes leftover after parsing attributes in process `syz.3.430'. [ 366.670300][ T6933] FAT-fs (loop0): Directory bread(block 64) failed [ 366.685913][ T6933] FAT-fs (loop0): Directory bread(block 65) failed [ 366.693272][ T6933] FAT-fs (loop0): Directory bread(block 66) failed [ 366.700123][ T6933] FAT-fs (loop0): Directory bread(block 67) failed [ 366.707322][ T6933] FAT-fs (loop0): Directory bread(block 68) failed [ 366.714290][ T6933] FAT-fs (loop0): Directory bread(block 69) failed [ 366.721441][ T6933] FAT-fs (loop0): Directory bread(block 70) failed [ 366.728261][ T6933] FAT-fs (loop0): Directory bread(block 71) failed [ 366.740597][ T6933] FAT-fs (loop0): Directory bread(block 72) failed [ 366.749336][ T6933] FAT-fs (loop0): Directory bread(block 73) failed [ 367.392568][ T6943] syz.1.436 (6943) used obsolete PPPIOCDETACH ioctl [ 368.807374][ T6964] loop4: detected capacity change from 0 to 8 [ 368.893393][ T6964] SQUASHFS error: Failed to read block 0x62: -5 [ 368.900066][ T6964] squashfs image failed sanity check [ 369.442220][ T6972] loop0: detected capacity change from 0 to 256 [ 369.780068][ T6972] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 371.321825][ T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 371.559384][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 371.571266][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 371.581502][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 371.594914][ T25] usb 5-1: New USB device found, idVendor=056a, idProduct=00f0, bcdDevice= 0.00 [ 371.604796][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.655123][ T25] usb 5-1: config 0 descriptor?? [ 371.982688][ T7000] netlink: 16 bytes leftover after parsing attributes in process `syz.3.461'. [ 371.992270][ T7000] netlink: 16 bytes leftover after parsing attributes in process `syz.3.461'. [ 372.234470][ T25] wacom 0003:056A:00F0.0009: hidraw0: USB HID v0.04 Device [HID 056a:00f0] on usb-dummy_hcd.4-1/input0 [ 372.401641][ T25] usb 5-1: USB disconnect, device number 4 [ 373.482920][ T7011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.466'. [ 373.528538][ T7011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.466'. [ 375.361477][ T29] audit: type=1326 audit(1736498926.110:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7021 comm="syz.3.472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 375.594251][ T29] audit: type=1326 audit(1736498926.430:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7021 comm="syz.3.472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=40 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 375.616931][ T29] audit: type=1326 audit(1736498926.430:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7021 comm="syz.3.472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 375.638964][ C0] vkms_vblank_simulate: vblank timer overrun [ 375.649824][ T29] audit: type=1326 audit(1736498926.430:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7021 comm="syz.3.472" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 375.671865][ C0] vkms_vblank_simulate: vblank timer overrun [ 377.189127][ T7035] loop3: detected capacity change from 0 to 256 [ 377.785866][ T7035] FAT-fs (loop3): Directory bread(block 64) failed [ 377.798378][ T7035] FAT-fs (loop3): Directory bread(block 65) failed [ 377.807101][ T7035] FAT-fs (loop3): Directory bread(block 66) failed [ 377.814266][ T7035] FAT-fs (loop3): Directory bread(block 67) failed [ 377.821379][ T7035] FAT-fs (loop3): Directory bread(block 68) failed [ 377.828231][ T7035] FAT-fs (loop3): Directory bread(block 69) failed [ 377.835370][ T7035] FAT-fs (loop3): Directory bread(block 70) failed [ 377.842509][ T7035] FAT-fs (loop3): Directory bread(block 71) failed [ 377.849549][ T7035] FAT-fs (loop3): Directory bread(block 72) failed [ 377.856523][ T7035] FAT-fs (loop3): Directory bread(block 73) failed [ 378.670694][ T7039] loop1: detected capacity change from 0 to 256 [ 379.061509][ T7037] team0: entered promiscuous mode [ 379.066966][ T7037] team_slave_0: entered promiscuous mode [ 379.074358][ T7037] team_slave_1: entered promiscuous mode [ 379.094835][ T7037] team0: Cannot enslave team device to itself [ 380.274041][ T5792] Bluetooth: hci3: command 0x0406 tx timeout [ 380.280363][ T5792] Bluetooth: hci4: command 0x0406 tx timeout [ 380.287112][ T5792] Bluetooth: hci0: command 0x0406 tx timeout [ 380.293543][ T5792] Bluetooth: hci1: command 0x0406 tx timeout [ 380.299947][ T5792] Bluetooth: hci2: command 0x0406 tx timeout [ 380.703417][ T7053] loop3: detected capacity change from 0 to 2048 [ 380.845428][ T7058] nbd: illegal input index 262144 [ 381.022574][ T7053] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 381.098693][ T7053] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 381.441546][ T7056] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 381.720343][ T5782] UDF-fs: warning (device loop3): udf_evict_inode: Inode 1367 (mode 120777) has inode size 28 different from extent length 512. Filesystem need not be standards compliant. [ 382.231864][ T7075] libceph: resolve '0.0' (ret=-3): failed [ 384.371986][ T7108] loop1: detected capacity change from 0 to 512 [ 384.414682][ T7108] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 384.443367][ T7108] EXT4-fs (loop1): 1 orphan inode deleted [ 384.454830][ T7108] EXT4-fs (loop1): 1 truncate cleaned up [ 384.464531][ T7108] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 385.014025][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.456962][ T7131] syz.3.514 (7131): drop_caches: 0 [ 386.892322][ T29] audit: type=1326 audit(1736498937.660:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.2.515" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 386.919133][ T29] audit: type=1326 audit(1736498937.660:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.2.515" exe="/root/syz-executor" sig=0 arch=40000003 syscall=9 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 386.942877][ T29] audit: type=1326 audit(1736498937.660:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz.2.515" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 387.384214][ T7140] netlink: 8 bytes leftover after parsing attributes in process `syz.4.517'. [ 387.484396][ T7142] warning: `syz.2.518' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 388.154660][ T7151] loop3: detected capacity change from 0 to 128 [ 388.842677][ T7154] loop2: detected capacity change from 0 to 2048 [ 389.240201][ T7154] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 389.694155][ T7168] loop3: detected capacity change from 0 to 2048 [ 389.811507][ T7170] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 390.088266][ T7168] syz.3.528 (7168) used greatest stack depth: 4344 bytes left [ 390.586239][ T5105] IPVS: starting estimator thread 0... [ 390.620405][ T7179] IPVS: sh: UDP 0.0.0.0:0 - no destination available [ 390.682453][ T7181] IPVS: using max 240 ests per chain, 12000 per kthread [ 390.907314][ T7186] netlink: 4 bytes leftover after parsing attributes in process `syz.0.537'. [ 391.296305][ T7189] loop4: detected capacity change from 0 to 164 [ 392.581573][ T25] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 392.762603][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 392.774093][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 392.787639][ T25] usb 4-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00 [ 392.797102][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 393.096518][ T25] usb 4-1: config 0 descriptor?? [ 393.537110][ T25] ortek 0003:1223:3F07.000A: Fixing up logical maximum in report descriptor (Ortek) [ 393.586371][ T25] ortek 0003:1223:3F07.000A: unknown main item tag 0x6 [ 393.594135][ T25] ortek 0003:1223:3F07.000A: unknown main item tag 0x0 [ 393.602116][ T25] ortek 0003:1223:3F07.000A: unknown main item tag 0x0 [ 393.609387][ T25] ortek 0003:1223:3F07.000A: unknown main item tag 0x0 [ 393.616783][ T25] ortek 0003:1223:3F07.000A: unknown main item tag 0x0 [ 393.624175][ T25] ortek 0003:1223:3F07.000A: unknown main item tag 0x0 [ 393.632469][ T25] ortek 0003:1223:3F07.000A: unknown main item tag 0x0 [ 393.639769][ T25] ortek 0003:1223:3F07.000A: bogus close delimiter [ 393.646639][ T25] ortek 0003:1223:3F07.000A: item 0 0 2 10 parsing failed [ 393.808069][ T7217] loop2: detected capacity change from 0 to 1024 [ 393.836923][ T25] ortek 0003:1223:3F07.000A: probe with driver ortek failed with error -22 [ 393.922745][ T25] usb 4-1: USB disconnect, device number 7 [ 394.019461][ T7217] hfsplus: bad catalog entry type [ 394.399589][ T54] hfsplus: b-tree write err: -5, ino 4 [ 394.872824][ T7224] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 394.886530][ T29] audit: type=1326 audit(1736498945.700:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7225 comm="syz.2.555" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f6f579 code=0x0 [ 395.195345][ T7234] netlink: 8 bytes leftover after parsing attributes in process `syz.1.559'. [ 395.802135][ T7236] loop4: detected capacity change from 0 to 4096 [ 396.368576][ T7246] loop1: detected capacity change from 0 to 256 [ 396.389534][ T7244] loop2: detected capacity change from 0 to 2048 [ 396.547585][ T7247] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 396.877986][ T7254] loop0: detected capacity change from 0 to 16 [ 397.040429][ T7254] erofs (device loop0): mounted with root inode @ nid 36. [ 397.171972][ T5788] erofs (device loop0): failed to decompress -26 in[46, 0] out[9000] [ 397.340005][ T7254] erofs (device loop0): failed to decompress -26 in[46, 4050] out[8192] [ 397.348945][ T7254] erofs (device loop0): read error -117 @ 0 of nid 89 [ 397.432846][ T29] audit: type=1800 audit(1736498948.200:17): pid=7254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.568" name="file3" dev="loop0" ino=89 res=0 errno=0 [ 399.661429][ T5835] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 399.903699][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 399.918196][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 399.930795][ T5835] usb 4-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00 [ 399.940401][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.057982][ T5835] usb 4-1: config 0 descriptor?? [ 400.357645][ T7296] loop2: detected capacity change from 0 to 4096 [ 400.453556][ T7295] loop0: detected capacity change from 0 to 256 [ 400.545205][ T7295] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 400.614583][ T7295] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512 [ 400.614584][ T5835] hid_mf 0003:0079:1846.000B: hidraw0: USB HID v0.00 Device [HID 0079:1846] on usb-dummy_hcd.3-1/input0 [ 400.614772][ T5835] hid_mf 0003:0079:1846.000B: Invalid report, this should never happen! [ 400.624694][ T7295] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 400.624801][ T7295] UDF-fs: Scanning with blocksize 512 failed [ 400.665286][ T5835] hid_mf 0003:0079:1846.000B: Force feedback init failed. [ 400.709746][ T7295] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 400.762436][ T7295] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 400.895049][ T5835] usb 4-1: USB disconnect, device number 8 [ 401.691881][ T7301] loop2: detected capacity change from 0 to 512 [ 401.781273][ T7304] netlink: 348 bytes leftover after parsing attributes in process `syz.4.589'. [ 401.965743][ T7301] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 401.974124][ T7301] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 402.010000][ T7301] System zones: 0-1, 15-15, 18-18, 34-34 [ 402.020731][ T7301] EXT4-fs (loop2): orphan cleanup on readonly fs [ 402.027638][ T7301] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0 [ 402.037731][ T7301] EXT4-fs warning (device loop2): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 402.052862][ T7301] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 402.129359][ T7301] EXT4-fs error (device loop2): ext4_orphan_get:1415: comm syz.2.588: bad orphan inode 16 [ 402.175084][ T7301] ext4_test_bit(bit=15, block=18) = 1 [ 402.180886][ T7301] is_bad_inode(inode)=0 [ 402.185885][ T7301] NEXT_ORPHAN(inode)=0 [ 402.190200][ T7301] max_ino=32 [ 402.193954][ T7301] i_nlink=2 [ 402.199081][ T7301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 402.439330][ T7301] fscrypt (loop2, inode 16): Error -61 getting encryption context [ 402.916270][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 402.955005][ T5835] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 403.127732][ T7321] netlink: 52 bytes leftover after parsing attributes in process `syz.2.597'. [ 403.385901][ T5835] usb 1-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00 [ 403.398757][ T5835] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.443650][ T7324] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 403.454373][ T5835] usb 1-1: config 0 descriptor?? [ 403.944161][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 403.951836][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 403.959367][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 403.968075][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 403.975530][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 403.983042][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 403.990380][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 403.998151][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.005733][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.018484][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.027375][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.034925][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.042778][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.050182][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.059856][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.067419][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.077787][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.085637][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.093101][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.100492][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.118113][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.126693][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.134180][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.141647][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.149031][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.156516][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.166618][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.175407][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.183023][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.190360][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.198033][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.205950][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.218788][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.227280][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.235250][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.242864][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.256715][ T5835] waltop 0003:172F:0501.000C: unknown main item tag 0x0 [ 404.881024][ T5835] waltop 0003:172F:0501.000C: hidraw0: USB HID v0.00 Device [HID 172f:0501] on usb-dummy_hcd.0-1/input0 [ 405.062254][ T5835] usb 1-1: USB disconnect, device number 4 [ 405.683026][ T7344] loop2: detected capacity change from 0 to 128 [ 405.866792][ T7342] loop4: detected capacity change from 0 to 4096 [ 405.910473][ T7344] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 405.929219][ T7342] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 405.941377][ T7351] loop0: detected capacity change from 0 to 128 [ 406.014773][ T7344] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 406.141816][ T7351] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 406.222111][ T7351] ext4 filesystem being mounted at /116/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 406.254365][ C0] vkms_vblank_simulate: vblank timer overrun [ 406.349847][ T7344] EXT4-fs error (device loop2): htree_dirblock_to_tree:1083: inode #2: comm syz.2.608: Directory block failed checksum [ 406.422858][ T7342] ntfs3(loop4): failed to convert "c46c" to iso8859-4 [ 406.622427][ T7358] Bluetooth: MGMT ver 1.23 [ 406.778231][ T5790] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 407.339397][ T5786] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 407.621479][ T5835] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 407.891879][ T25] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 408.175789][ T44] IPVS: starting estimator thread 0... [ 408.243953][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 408.291959][ T7374] IPVS: using max 240 ests per chain, 12000 per kthread [ 408.318989][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 408.329881][ T5835] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 408.330712][ T25] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 408.338561][ T5835] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 408.338707][ T5835] usb 5-1: config 0 has no interface number 0 [ 408.351597][ T25] usb 4-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00 [ 408.351776][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.362766][ T5835] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 408.396808][ T5835] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 408.442472][ T25] usb 4-1: config 0 descriptor?? [ 408.878236][ T5835] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 408.887992][ T5835] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 408.896646][ T5835] usb 5-1: Product: syz [ 408.901076][ T5835] usb 5-1: Manufacturer: syz [ 408.906117][ T5835] usb 5-1: SerialNumber: syz [ 408.914505][ T25] ortek 0003:1223:3F07.000D: unknown main item tag 0x6 [ 408.929027][ T25] ortek 0003:1223:3F07.000D: report_id 29495 is invalid [ 408.938420][ T25] ortek 0003:1223:3F07.000D: item 0 2 1 8 parsing failed [ 409.037186][ T25] ortek 0003:1223:3F07.000D: probe with driver ortek failed with error -22 [ 409.214558][ T25] usb 4-1: USB disconnect, device number 9 [ 409.300844][ T5835] usb 5-1: config 0 descriptor?? [ 410.125469][ T7391] loop0: detected capacity change from 0 to 256 [ 410.493954][ T5835] usb 5-1: USB disconnect, device number 5 [ 411.213350][ T7391] FAT-fs (loop0): Directory bread(block 64) failed [ 411.220215][ T7391] FAT-fs (loop0): Directory bread(block 65) failed [ 411.228546][ T7391] FAT-fs (loop0): Directory bread(block 66) failed [ 411.237274][ T7391] FAT-fs (loop0): Directory bread(block 67) failed [ 411.245324][ T7391] FAT-fs (loop0): Directory bread(block 68) failed [ 411.252358][ T7391] FAT-fs (loop0): Directory bread(block 69) failed [ 411.259320][ T7391] FAT-fs (loop0): Directory bread(block 70) failed [ 411.266366][ T7391] FAT-fs (loop0): Directory bread(block 71) failed [ 411.273478][ T7391] FAT-fs (loop0): Directory bread(block 72) failed [ 411.283969][ T7391] FAT-fs (loop0): Directory bread(block 73) failed [ 411.551854][ T7406] loop1: detected capacity change from 0 to 1024 [ 411.610806][ T7406] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 411.680151][ T7406] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.637: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 411.797145][ T7406] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.637: couldn't read orphan inode 11 (err -117) [ 411.916718][ T7406] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 412.235856][ T7418] loop0: detected capacity change from 0 to 1764 [ 412.359457][ T7406] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.637: Invalid block bitmap block 0 in block_group 0 [ 412.440657][ T7419] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 413.073678][ T7427] loop2: detected capacity change from 0 to 8 [ 413.134628][ T7406] Quota error (device loop1): write_blk: dquota write failed [ 413.142621][ T7406] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 413.153443][ T7406] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.637: Failed to acquire dquot type 0 [ 413.827319][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 413.834483][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 414.405940][ T7433] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 414.405940][ T7433] program syz.3.647 not setting count and/or reply_len properly [ 414.488616][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 416.995122][ T7471] loop8: detected capacity change from 0 to 524287999 [ 417.375447][ T7474] loop4: detected capacity change from 0 to 512 [ 417.384928][ T7474] EXT4-fs: Ignoring removed nomblk_io_submit option [ 417.704023][ T7474] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 417.712534][ T7474] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 417.749730][ T7474] EXT4-fs (loop4): 1 truncate cleaned up [ 417.760592][ T7474] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 417.830148][ T7474] EXT4-fs error (device loop4): ext4_map_blocks:671: inode #2: block 4: comm syz.4.664: lblock 0 mapped to illegal pblock 4 (length 1) [ 417.920125][ T7474] EXT4-fs (loop4): Remounting filesystem read-only [ 418.157959][ T5779] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 418.221789][ T5835] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 418.412107][ T5835] usb 2-1: Using ep0 maxpacket: 16 [ 418.464427][ T5835] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 418.475886][ T5835] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 418.486205][ T5835] usb 2-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 418.499731][ T5835] usb 2-1: config 0 interface 0 has no altsetting 0 [ 418.506942][ T5835] usb 2-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 418.516668][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.769208][ T5835] usb 2-1: config 0 descriptor?? [ 420.119255][ T5835] input: HID 0458:5010 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5010.000E/input/input19 [ 420.170068][ T5835] kye 0003:0458:5010.000E: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.1-1/input0 [ 420.233384][ T5835] usb 2-1: USB disconnect, device number 4 [ 420.861278][ T7512] loop2: detected capacity change from 0 to 1024 [ 421.319181][ T7517] 8021q: adding VLAN 0 to HW filter on device bond1 [ 421.333480][ T7517] team0: Port device bond1 added [ 423.312314][ T7548] loop4: detected capacity change from 0 to 256 [ 423.687363][ T7548] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x16b5df41, utbl_chksum : 0xe619d30d) [ 424.771764][ T25] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 424.951450][ T25] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 424.961475][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 425.037225][ T7569] loop2: detected capacity change from 0 to 8 [ 425.047391][ T25] usb 2-1: config 0 descriptor?? [ 425.075921][ T25] cp210x 2-1:0.0: cp210x converter detected [ 425.481380][ T7573] fuse: Bad value for 'user_id' [ 425.486831][ T7573] fuse: Bad value for 'user_id' [ 425.604220][ T25] usb 2-1: cp210x converter now attached to ttyUSB0 [ 425.809390][ T7579] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.711'. [ 425.841872][ T7577] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.711'. [ 425.866680][ T5835] usb 2-1: USB disconnect, device number 5 [ 425.894245][ T5835] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 425.976850][ T5835] cp210x 2-1:0.0: device disconnected [ 427.211963][ T7593] program syz.0.715 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 427.225874][ T7592] netlink: 16 bytes leftover after parsing attributes in process `syz.2.718'. [ 429.952084][ T7631] netlink: 28 bytes leftover after parsing attributes in process `syz.0.737'. [ 431.594990][ T7649] vivid-004: disconnect [ 431.602474][ T7648] vivid-004: reconnect [ 433.002840][ T7670] loop1: detected capacity change from 0 to 4096 [ 433.173355][ T7670] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 433.200170][ T7673] loop3: detected capacity change from 0 to 16 [ 433.262510][ T7673] erofs (device loop3): mounted with root inode @ nid 36. [ 433.471880][ T7677] loop4: detected capacity change from 0 to 2048 [ 433.490456][ T7673] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 433.505027][ T7673] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 433.514987][ T7673] erofs (device loop3): read error -117 @ 42 of nid 36 [ 433.691461][ T7673] block device autoloading is deprecated and will be removed. [ 433.699506][ T7673] syz.3.752: attempt to access beyond end of device [ 433.699506][ T7673] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 433.905024][ T7677] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 433.995803][ T7670] ntfs3(loop1): Failed to load $Extend (-22). [ 434.002558][ T7670] ntfs3(loop1): Failed to initialize $Extend. [ 434.364520][ T5779] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 434.484586][ T29] audit: type=1800 audit(1736498985.320:18): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.753" name="file0" dev="loop1" ino=0 res=0 errno=0 [ 436.517180][ T7714] netlink: 'syz.1.769': attribute type 27 has an invalid length. [ 437.066492][ T7719] netlink: 8 bytes leftover after parsing attributes in process `syz.3.773'. [ 437.075748][ T7719] netlink: 12 bytes leftover after parsing attributes in process `syz.3.773'. [ 437.088783][ T7719] netlink: 'syz.3.773': attribute type 19 has an invalid length. [ 437.173823][ T7720] loop2: detected capacity change from 0 to 256 [ 437.343514][ T7720] exfat: Deprecated parameter 'utf8' [ 437.826798][ T7720] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 437.953829][ T7727] bond0: option primary_reselect: invalid value (4) [ 438.726694][ T7739] loop1: detected capacity change from 0 to 256 [ 438.748078][ T7743] loop3: detected capacity change from 0 to 16 [ 439.009568][ T7743] erofs (device loop3): mounted with root inode @ nid 36. [ 439.426734][ T7749] sp0: Synchronizing with TNC [ 439.548916][ T7751] sp0: Found TNC [ 439.824919][ T7748] [U] è` [ 439.920452][ T7739] FAT-fs (loop1): Directory bread(block 64) failed [ 439.927597][ T7739] FAT-fs (loop1): Directory bread(block 65) failed [ 439.935093][ T7739] FAT-fs (loop1): Directory bread(block 66) failed [ 439.942109][ T7739] FAT-fs (loop1): Directory bread(block 67) failed [ 439.953445][ T7739] FAT-fs (loop1): Directory bread(block 68) failed [ 439.960301][ T7739] FAT-fs (loop1): Directory bread(block 69) failed [ 439.968585][ T7739] FAT-fs (loop1): Directory bread(block 70) failed [ 439.975566][ T7739] FAT-fs (loop1): Directory bread(block 71) failed [ 439.982793][ T7739] FAT-fs (loop1): Directory bread(block 72) failed [ 439.989619][ T7739] FAT-fs (loop1): Directory bread(block 73) failed [ 440.020395][ T7758] loop3: detected capacity change from 0 to 512 [ 440.166311][ T7758] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 440.179969][ T7758] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 440.294554][ T7758] EXT4-fs error (device loop3): ext4_map_blocks:671: inode #2: block 3: comm syz.3.789: lblock 8 mapped to illegal pblock 3 (length 26) [ 440.333565][ T7739] syz.1.784: attempt to access beyond end of device [ 440.333565][ T7739] loop1: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 440.350651][ T29] audit: type=1800 audit(1736498991.160:19): pid=7739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.784" name="file1" dev="loop1" ino=1048640 res=0 errno=0 [ 440.750091][ T5782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.132973][ T7771] loop4: detected capacity change from 0 to 1024 [ 441.976921][ T7781] loop0: detected capacity change from 0 to 64 [ 442.227674][ T5786] Trying to free block not in datazone [ 442.254666][ T5786] Trying to free block not in datazone [ 442.532204][ T5786] Trying to free block not in datazone [ 442.545604][ T5786] Trying to free block not in datazone [ 442.551684][ T5786] Trying to free block not in datazone [ 442.566899][ T5786] Trying to free block not in datazone [ 442.572829][ T5786] minix_free_inode: bit 6 already cleared [ 442.790896][ T5786] Trying to free block not in datazone [ 442.797135][ T5786] minix_free_inode: bit 7 already cleared [ 443.905779][ T7803] loop3: detected capacity change from 0 to 128 [ 444.018864][ T7803] VFS: Found a Xenix FS (block size = 1024) on device loop3 [ 444.192310][ T7803] syz.3.812: attempt to access beyond end of device [ 444.192310][ T7803] loop3: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 444.206820][ T7803] Buffer I/O error on dev loop3, logical block 3245768, async page read [ 444.612685][ T5782] sysv_free_block: flc_count > flc_size [ 444.618509][ T5782] sysv_free_block: flc_count > flc_size [ 444.624558][ T5782] sysv_free_block: flc_count > flc_size [ 444.630315][ T5782] sysv_free_block: flc_count > flc_size [ 444.636290][ T5782] sysv_free_block: flc_count > flc_size [ 444.642336][ T5782] sysv_free_block: flc_count > flc_size [ 444.648096][ T5782] sysv_free_block: flc_count > flc_size [ 444.654247][ T5782] sysv_free_block: flc_count > flc_size [ 444.660504][ T5782] sysv_free_block: flc_count > flc_size [ 444.670364][ T5782] sysv_free_block: flc_count > flc_size [ 444.678194][ T5782] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 446.777971][ T7843] loop2: detected capacity change from 0 to 128 [ 446.935199][ T7843] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fffff00) [ 446.943974][ T7843] FAT-fs (loop2): Filesystem has been set read-only [ 447.011733][ T7843] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fffff00) [ 447.587492][ T7858] netlink: 'syz.1.837': attribute type 3 has an invalid length. [ 447.711063][ T7855] loop4: detected capacity change from 0 to 16 [ 447.736225][ T7855] erofs (device loop4): mounted with root inode @ nid 36. [ 447.783804][ T7855] syz.4.836: attempt to access beyond end of device [ 447.783804][ T7855] loop4: rw=0, sector=8, nr_sectors = 32 limit=16 [ 447.784095][ T7855] erofs (device loop4): read error -5 @ 8200 of nid 36 [ 447.813474][ T7855] syz.4.836: attempt to access beyond end of device [ 447.813474][ T7855] loop4: rw=0, sector=8, nr_sectors = 32 limit=16 [ 447.813791][ T7855] erofs (device loop4): read error -5 @ 8200 of nid 36 [ 448.222801][ T7863] netlink: 4 bytes leftover after parsing attributes in process `syz.2.838'. [ 449.051343][ T7873] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 450.138961][ T7884] loop4: detected capacity change from 0 to 1024 [ 450.208544][ T7884] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 450.251845][ T7884] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 450.363044][ T7884] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e118, mo2=0000] [ 450.400196][ T7884] System zones: 0-1, 3-12 [ 450.481695][ T7884] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.850: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 450.603337][ T7884] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.850: couldn't read orphan inode 11 (err -117) [ 450.659772][ T7895] netlink: 4 bytes leftover after parsing attributes in process `syz.3.853'. [ 450.665319][ T7884] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 451.207022][ T7884] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.850: Invalid block bitmap block 0 in block_group 0 [ 451.312767][ T7884] Quota error (device loop4): write_blk: dquota write failed [ 451.325996][ T7884] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 451.338477][ T7884] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.850: Failed to acquire dquot type 0 [ 451.583604][ T7884] syz.4.850 (7884) used greatest stack depth: 4104 bytes left [ 451.619654][ T3537] EXT4-fs error (device loop4): __ext4_get_inode_loc:4435: comm kworker/u8:9: Invalid inode table block 8589934593 in block_group 0 [ 451.692789][ T5779] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.952924][ T7925] netlink: 44 bytes leftover after parsing attributes in process `syz.0.868'. [ 453.525355][ T7932] loop3: detected capacity change from 0 to 256 [ 455.121530][ T29] audit: type=1400 audit(1736499005.470:20): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3AF6EFF374925873ECE44CF3460B0BA260624F2A08BDBB6D3C92592016EA4E0F401876B1958B3F9AA5153386EED838C49D3A2014 pid=7943 comm="syz.2.877" [ 455.212212][ T7955] netlink: 'syz.4.883': attribute type 11 has an invalid length. [ 456.272332][ T7966] loop1: detected capacity change from 0 to 512 [ 456.306203][ T7966] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31 [ 456.411747][ T7966] netlink: 8 bytes leftover after parsing attributes in process `syz.1.888'. [ 456.500082][ T7970] pim6reg: entered allmulticast mode [ 456.511898][ T7970] pim6reg: left allmulticast mode [ 458.194758][ T7989] loop2: detected capacity change from 0 to 512 [ 458.248358][ T7989] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 458.281405][ T5105] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 458.323292][ T7989] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 458.336815][ T7989] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 458.375857][ T7989] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 458.391916][ T7989] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 458.402564][ T7989] EXT4-fs error (device loop2): ext4_acquire_dquot:6938: comm syz.2.898: Failed to acquire dquot type 0 [ 458.451725][ T5105] usb 1-1: Using ep0 maxpacket: 8 [ 458.464522][ T5105] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 458.493882][ T5105] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 458.502455][ T25] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 458.503381][ T5105] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 458.519291][ T5105] usb 1-1: Product: syz [ 458.523874][ T5105] usb 1-1: Manufacturer: syz [ 458.528759][ T5105] usb 1-1: SerialNumber: syz [ 458.729910][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 458.788485][ T25] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0 [ 458.802273][ T25] usb 2-1: config 0 interface 0 has no altsetting 0 [ 458.809254][ T25] usb 2-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00 [ 458.820325][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 458.869293][ T25] usb 2-1: config 0 descriptor?? [ 458.926453][ T5105] usb 1-1: Handspring Visor / Palm OS: No valid connect info available [ 458.935278][ T5105] usb 1-1: Handspring Visor / Palm OS: port 0, is for Remote File System use [ 458.944638][ T5105] usb 1-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 458.953151][ T5105] usb 1-1: Handspring Visor / Palm OS: Number of ports: 2 [ 459.264220][ T5105] usb 1-1: palm_os_3_probe - error -110 getting bytes available request [ 459.273843][ T5105] visor 1-1:1.0: Handspring Visor / Palm OS converter detected [ 459.412886][ T5105] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 459.473381][ T5105] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 459.532810][ T5105] usb 1-1: USB disconnect, device number 5 [ 459.593310][ T5105] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 459.624665][ T5105] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 459.636105][ T5105] visor 1-1:1.0: device disconnected [ 459.794617][ T25] magicmouse 0003:05AC:0269.000F: unbalanced delimiter at end of report description [ 459.810427][ T25] magicmouse 0003:05AC:0269.000F: magicmouse hid parse failed [ 459.825033][ T25] magicmouse 0003:05AC:0269.000F: probe with driver magicmouse failed with error -22 [ 459.875454][ T25] usb 2-1: USB disconnect, device number 6 [ 461.471902][ T8027] loop4: detected capacity change from 0 to 128 [ 461.822787][ T8027] FAT-fs (loop4): Directory bread(block 32) failed [ 461.829806][ T8027] FAT-fs (loop4): Directory bread(block 33) failed [ 461.837079][ T8027] FAT-fs (loop4): Directory bread(block 34) failed [ 461.844047][ T8027] FAT-fs (loop4): Directory bread(block 35) failed [ 461.851047][ T8027] FAT-fs (loop4): Directory bread(block 36) failed [ 461.858063][ T8027] FAT-fs (loop4): Directory bread(block 37) failed [ 461.869963][ T8027] FAT-fs (loop4): Directory bread(block 38) failed [ 461.877026][ T8027] FAT-fs (loop4): Directory bread(block 39) failed [ 461.884182][ T8027] FAT-fs (loop4): Directory bread(block 40) failed [ 461.891002][ T8027] FAT-fs (loop4): Directory bread(block 41) failed [ 462.098426][ T8027] syz.4.915: attempt to access beyond end of device [ 462.098426][ T8027] loop4: rw=524288, sector=4108, nr_sectors = 4 limit=128 [ 462.112699][ T8027] syz.4.915: attempt to access beyond end of device [ 462.112699][ T8027] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 462.129871][ T8027] syz.4.915: attempt to access beyond end of device [ 462.129871][ T8027] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 462.212068][ T8027] FAT-fs (loop4): Filesystem has been set read-only [ 462.295139][ T29] audit: type=1800 audit(1736499012.970:21): pid=8027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.915" name="file1" dev="loop4" ino=1048642 res=0 errno=0 [ 462.336512][ T8027] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 462.723185][ T5105] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 462.891740][ T5105] usb 2-1: Using ep0 maxpacket: 32 [ 462.908087][ T8041] loop2: detected capacity change from 0 to 4096 [ 462.919782][ T8041] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 462.923162][ T5105] usb 2-1: config 0 has an invalid interface number: 12 but max is 0 [ 462.937838][ T5105] usb 2-1: config 0 has no interface number 0 [ 462.944611][ T5105] usb 2-1: config 0 interface 12 has no altsetting 0 [ 463.014452][ T5105] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 463.024288][ T5105] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 463.033015][ T5105] usb 2-1: Product: syz [ 463.037481][ T5105] usb 2-1: Manufacturer: syz [ 463.042639][ T5105] usb 2-1: SerialNumber: syz [ 463.046888][ T8047] netlink: 12 bytes leftover after parsing attributes in process `syz.0.924'. [ 463.057344][ T8047] netlink: 12 bytes leftover after parsing attributes in process `syz.0.924'. [ 463.083474][ T5105] usb 2-1: config 0 descriptor?? [ 463.940748][ T8058] loop4: detected capacity change from 0 to 1024 [ 463.953296][ T5105] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 463.962580][ T5105] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71 [ 463.970197][ T5105] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 463.979098][ T5105] f81534 2-1:0.12: probe with driver f81534 failed with error -71 [ 464.027226][ T5105] usb 2-1: USB disconnect, device number 7 [ 464.283966][ T8058] hfsplus: can't free extent [ 464.435517][ T3801] hfsplus: b-tree write err: -5, ino 4 [ 464.558074][ T8064] /dev/nullb0: Can't open blockdev [ 465.711721][ T8084] netlink: 8 bytes leftover after parsing attributes in process `syz.2.942'. [ 465.734258][ T8084] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 467.068764][ T8107] netlink: 4 bytes leftover after parsing attributes in process `syz.2.952'. [ 468.432547][ T8129] loop3: detected capacity change from 0 to 128 [ 468.523026][ T29] audit: type=1800 audit(1736499019.340:22): pid=8129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.961" name="file1" dev="loop3" ino=1048643 res=0 errno=0 [ 469.814633][ T8146] loop3: detected capacity change from 0 to 256 [ 470.724256][ T3801] Bluetooth: hci5: Frame reassembly failed (-84) [ 470.768677][ T8161] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 471.255183][ T8173] netlink: 60 bytes leftover after parsing attributes in process `syz.3.979'. [ 471.606634][ T8177] netlink: 32 bytes leftover after parsing attributes in process `syz.1.980'. [ 472.157101][ T8187] loop4: detected capacity change from 0 to 256 [ 472.771216][ T5783] Bluetooth: hci5: command 0x1003 tx timeout [ 472.777676][ T5788] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 472.902422][ T25] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 473.144754][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 473.165774][ T25] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 473.177838][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 473.189687][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 473.201538][ T25] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 473.210924][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.354018][ T25] usb 4-1: config 0 descriptor?? [ 473.363243][ T8198] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 473.396572][ T25] hub 4-1:0.0: USB hub found [ 473.619806][ T25] hub 4-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 473.836376][ T25] usbhid 4-1:0.0: can't add hid device: -71 [ 473.848615][ T25] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 473.872707][ T8213] netlink: 32 bytes leftover after parsing attributes in process `syz.4.997'. [ 473.882264][ T8213] netem: unknown loss type 13 [ 473.887181][ T8213] netem: change failed [ 473.914731][ T8214] netlink: 12 bytes leftover after parsing attributes in process `syz.1.998'. [ 473.953034][ T25] usb 4-1: USB disconnect, device number 10 [ 474.242315][ T8218] loop2: detected capacity change from 0 to 128 [ 474.353437][ T29] audit: type=1800 audit(1736499025.180:23): pid=8218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1000" name="file2" dev="loop2" ino=1048645 res=0 errno=0 [ 474.384877][ T8217] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 474.393187][ T8217] FAT-fs (loop2): Filesystem has been set read-only [ 474.400045][ T8217] syz.2.1000: attempt to access beyond end of device [ 474.400045][ T8217] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 474.414552][ T8217] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 474.422845][ T8217] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 474.489684][ T29] audit: type=1800 audit(1736499025.210:24): pid=8218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1000" name="file2" dev="loop2" ino=1048645 res=0 errno=0 [ 474.512102][ T29] audit: type=1326 audit(1736499025.320:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8219 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 474.534686][ T29] audit: type=1326 audit(1736499025.340:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8219 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 474.784637][ T29] audit: type=1326 audit(1736499025.430:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8219 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 474.807380][ T29] audit: type=1326 audit(1736499025.430:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8219 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 474.830059][ T29] audit: type=1326 audit(1736499025.440:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8219 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 474.852558][ T29] audit: type=1326 audit(1736499025.440:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8219 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 474.878189][ T29] audit: type=1326 audit(1736499025.450:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8219 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 474.901610][ T29] audit: type=1326 audit(1736499025.450:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8219 comm="syz.1.1001" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fb75a7 code=0x7ffc0000 [ 475.206884][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 475.213784][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 475.229830][ T5105] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 475.632552][ T8239] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1010'. [ 475.678505][ T8240] input: syz0 as /devices/virtual/input/input21 [ 475.764478][ T5105] usb 1-1: Using ep0 maxpacket: 16 [ 476.450208][ T5105] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 476.465906][ T5105] usb 1-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 476.476223][ T5105] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 476.526684][ T5105] usb 1-1: config 0 descriptor?? [ 476.655100][ T5105] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input22 [ 477.135996][ T5129] bcm5974 1-1:0.0: could not read from device [ 477.155363][ T5105] bcm5974 1-1:0.0: could not read from device [ 477.170380][ T5129] bcm5974 1-1:0.0: could not read from device [ 477.194322][ T5105] input: failed to attach handler mousedev to device input22, error: -5 [ 477.219894][ T5129] bcm5974 1-1:0.0: could not read from device [ 477.233577][ T5129] bcm5974 1-1:0.0: could not read from device [ 477.299946][ T5105] usb 1-1: USB disconnect, device number 6 [ 478.488519][ T8268] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1020'. [ 481.297737][ T8313] loop2: detected capacity change from 0 to 1024 [ 481.590503][ T8320] loop3: detected capacity change from 0 to 1024 [ 481.600743][ T8320] EXT4-fs: Ignoring removed nobh option [ 481.607025][ T8320] EXT4-fs: Ignoring removed orlov option [ 481.647910][ T8320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 482.135336][ T5782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.539378][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 482.539463][ T29] audit: type=1326 audit(1736499033.330:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8332 comm="syz.3.1049" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d579 code=0x0 [ 482.703975][ T8335] netlink: 'syz.0.1050': attribute type 21 has an invalid length. [ 482.712378][ T8335] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1050'. [ 482.722103][ T8335] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1050'. [ 483.511753][ T8351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1056'. [ 483.521856][ T8351] IPVS: Error joining to the multicast group [ 483.715849][ T8354] loop1: detected capacity change from 0 to 256 [ 483.766774][ T8354] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x809ea061, utbl_chksum : 0x7319d30d) [ 484.499626][ T8361] loop4: detected capacity change from 0 to 2048 [ 484.604681][ T8361] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 484.765409][ T8361] overlayfs: upper fs needs to support d_type. [ 484.797657][ T8361] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 484.809116][ T8361] overlayfs: failed to set xattr on upper [ 484.816387][ T8361] overlayfs: ...falling back to redirect_dir=nofollow. [ 484.823708][ T8361] overlayfs: ...falling back to metacopy=off. [ 484.830003][ T8361] overlayfs: ...falling back to index=off. [ 484.836278][ T8361] overlayfs: ...falling back to uuid=null. [ 485.238477][ T5779] UDF-fs: error (device loop4): udf_read_inode: (ino 1317) failed !bh [ 485.273368][ T5779] UDF-fs: error (device loop4): udf_read_inode: (ino 1317) failed !bh [ 485.776893][ T59] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 485.815863][ T8383] veth0_virt_wifi: entered promiscuous mode [ 485.824004][ T8383] veth0_virt_wifi: entered allmulticast mode [ 485.848146][ T8383] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1070'. [ 486.726368][ T8390] loop1: detected capacity change from 0 to 512 [ 486.785348][ T59] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.148306][ T8390] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.167449][ T8390] ext4 filesystem being mounted at /208/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 487.232435][ T59] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.309529][ T5783] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 487.327260][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 487.350325][ T8390] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1076'. [ 487.364182][ T8390] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1076'. [ 487.374442][ T8390] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1076'. [ 487.434068][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 487.453172][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 487.484746][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 487.494866][ T59] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.521905][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 488.023102][ T59] bridge_slave_1: left allmulticast mode [ 488.029057][ T59] bridge_slave_1: left promiscuous mode [ 488.037666][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.090928][ T59] bridge_slave_0: left allmulticast mode [ 488.093814][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 488.097133][ T59] bridge_slave_0: left promiscuous mode [ 488.112891][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.933434][ T8420] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1087'. [ 489.029438][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 489.059465][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 489.163443][ T59] bond0 (unregistering): Released all slaves [ 489.406093][ T8425] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1090'. [ 489.690335][ T51] Bluetooth: hci0: command tx timeout [ 490.017851][ T8432] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present [ 490.030478][ T8432] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9) [ 490.040972][ T8438] loop0: detected capacity change from 0 to 2048 [ 490.237840][ T8438] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 490.276073][ T59] hsr_slave_0: left promiscuous mode [ 490.309720][ T59] hsr_slave_1: left promiscuous mode [ 490.340464][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 490.348448][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 490.417546][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 490.425599][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 490.449363][ T8438] overlayfs: upper fs needs to support d_type. [ 490.483891][ T8438] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 490.491408][ T8438] overlayfs: failed to set xattr on upper [ 490.497480][ T8438] overlayfs: ...falling back to redirect_dir=nofollow. [ 490.504946][ T8438] overlayfs: ...falling back to metacopy=off. [ 490.513022][ T8438] overlayfs: ...falling back to index=off. [ 490.525493][ T8438] overlayfs: ...falling back to uuid=null. [ 490.562682][ T59] veth1_macvtap: left promiscuous mode [ 490.568510][ T59] veth0_macvtap: left promiscuous mode [ 490.575203][ T59] veth1_vlan: left promiscuous mode [ 490.580811][ T59] veth0_vlan: left promiscuous mode [ 491.520628][ T59] team_slave_1 (unregistering): left promiscuous mode [ 491.539283][ T59] team0 (unregistering): Port device team_slave_1 removed [ 491.586967][ T59] team_slave_0 (unregistering): left promiscuous mode [ 491.639216][ T59] team0 (unregistering): Port device team_slave_0 removed [ 491.658290][ T8447] loop1: detected capacity change from 0 to 2048 [ 491.674847][ T5786] UDF-fs: error (device loop0): udf_read_inode: (ino 1317) failed !bh [ 491.688786][ T5786] UDF-fs: error (device loop0): udf_read_inode: (ino 1317) failed !bh [ 491.806588][ T8450] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 491.850147][ T51] Bluetooth: hci0: command tx timeout [ 491.920326][ T8398] chnl_net:caif_netlink_parms(): no params data found [ 492.065375][ T29] audit: type=1800 audit(1736499042.900:40): pid=8447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1100" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 492.883462][ T8459] netlink: 'syz.1.1104': attribute type 7 has an invalid length. [ 493.064816][ T8461] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1105'. [ 493.076519][ T8398] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.091271][ T8398] bridge0: port 1(bridge_slave_0) entered disabled state [ 493.101970][ T8398] bridge_slave_0: entered allmulticast mode [ 493.111531][ T8398] bridge_slave_0: entered promiscuous mode [ 493.127289][ T8398] bridge0: port 2(bridge_slave_1) entered blocking state [ 493.137094][ T8398] bridge0: port 2(bridge_slave_1) entered disabled state [ 493.145305][ T8398] bridge_slave_1: entered allmulticast mode [ 493.154985][ T8398] bridge_slave_1: entered promiscuous mode [ 493.293405][ T59] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.342708][ T8398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 493.367881][ T8398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 493.533729][ T59] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.730443][ T59] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.769137][ T8398] team0: Port device team_slave_0 added [ 493.792571][ T8398] team0: Port device team_slave_1 added [ 493.836120][ T59] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.871958][ T51] Bluetooth: hci0: command tx timeout [ 494.073963][ T8398] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 494.081284][ T8398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 494.108001][ T8398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 494.207014][ T59] bridge_slave_1: left allmulticast mode [ 494.213265][ T59] bridge_slave_1: left promiscuous mode [ 494.219877][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 494.241693][ T59] bridge_slave_0: left allmulticast mode [ 494.247635][ T59] bridge_slave_0: left promiscuous mode [ 494.254617][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 494.732261][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 494.768349][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 494.791925][ T59] bond0 (unregistering): Released all slaves [ 494.813280][ T59] bond1 (unregistering): Released all slaves [ 494.843355][ T8398] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 494.850595][ T8398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 494.877352][ T8398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 495.327805][ T8398] hsr_slave_0: entered promiscuous mode [ 495.360039][ T8398] hsr_slave_1: entered promiscuous mode [ 495.416091][ T8398] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 495.424643][ T8398] Cannot create hsr debugfs directory [ 495.571565][ T5835] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 495.800204][ T59] hsr_slave_0: left promiscuous mode [ 495.818810][ T59] hsr_slave_1: left promiscuous mode [ 495.819538][ T5788] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 495.832265][ T5835] usb 4-1: Using ep0 maxpacket: 16 [ 495.839092][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 495.842325][ T5788] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 495.847357][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 495.862149][ T5835] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 495.862305][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 495.862501][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 495.862661][ T5835] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 495.904836][ T5835] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 495.922889][ T5788] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 495.930684][ T5835] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 495.932807][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 495.940169][ T5835] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 495.947852][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 495.955801][ T5835] usb 4-1: Manufacturer: syz [ 495.971952][ T5788] Bluetooth: hci0: command tx timeout [ 495.980643][ T5835] usb 4-1: config 0 descriptor?? [ 496.015571][ T59] veth1_macvtap: left promiscuous mode [ 496.021674][ T59] veth0_macvtap: left promiscuous mode [ 496.027786][ T59] veth1_vlan: left promiscuous mode [ 496.034077][ T59] veth0_vlan: left promiscuous mode [ 496.102491][ T5788] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 496.165854][ T5788] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 496.180922][ T5788] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 496.532152][ T5835] rc_core: IR keymap rc-hauppauge not found [ 496.538463][ T5835] Registered IR keymap rc-empty [ 496.544385][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 496.571858][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 496.603966][ T5835] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 496.618632][ T5835] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input23 [ 496.656845][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 496.802000][ T59] team0 (unregistering): Port device team_slave_1 removed [ 496.838032][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 496.874161][ T59] team0 (unregistering): Port device team_slave_0 removed [ 496.909666][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 496.940306][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 497.020754][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 497.046308][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 497.076656][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 497.102095][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 497.130985][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 497.168128][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 497.191929][ T5835] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 497.215800][ T5835] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 8a [ 497.225548][ T5835] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 497.301613][ T5835] usb 4-1: USB disconnect, device number 11 [ 498.139378][ T59] IPVS: stop unused estimator thread 0... [ 498.314356][ T8495] loop1: detected capacity change from 0 to 64 [ 498.437428][ T5788] Bluetooth: hci2: command tx timeout [ 498.460799][ T8398] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 498.486608][ T8398] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 498.569523][ T8398] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 498.633804][ T8498] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1121'. [ 498.653090][ T8398] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 499.012487][ T8474] chnl_net:caif_netlink_parms(): no params data found [ 500.080569][ T8398] 8021q: adding VLAN 0 to HW filter on device bond0 [ 500.196291][ T8517] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1127'. [ 500.205922][ T8517] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1127'. [ 500.235765][ T8474] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.244169][ T8474] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.252239][ T8474] bridge_slave_0: entered allmulticast mode [ 500.267465][ T8474] bridge_slave_0: entered promiscuous mode [ 500.367035][ T8398] 8021q: adding VLAN 0 to HW filter on device team0 [ 500.391864][ T8474] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.399665][ T8474] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.408188][ T8474] bridge_slave_1: entered allmulticast mode [ 500.417893][ T8474] bridge_slave_1: entered promiscuous mode [ 500.459581][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.467512][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 500.541921][ T5788] Bluetooth: hci2: command tx timeout [ 500.718383][ T8474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 500.820562][ T8474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 500.976978][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.984849][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 501.283567][ T8474] team0: Port device team_slave_0 added [ 501.334165][ T8474] team0: Port device team_slave_1 added [ 501.635600][ T8474] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 501.643381][ T8474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 501.669920][ T8474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 501.760343][ T8474] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 501.767952][ T8474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 501.794628][ T8474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 501.898057][ T8534] loop1: detected capacity change from 0 to 2048 [ 502.014321][ T8534] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 502.108833][ T8539] input: syz0 as /devices/virtual/input/input24 [ 502.152225][ T8534] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 502.249006][ T8542] loop2: detected capacity change from 0 to 64 [ 502.292933][ T8474] hsr_slave_0: entered promiscuous mode [ 502.372966][ T8474] hsr_slave_1: entered promiscuous mode [ 502.432571][ T8474] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 502.440431][ T8474] Cannot create hsr debugfs directory [ 502.591710][ T5788] Bluetooth: hci2: command tx timeout [ 503.199490][ T8548] loop2: detected capacity change from 0 to 256 [ 503.335382][ T8548] exfat: Unknown parameter 'ÿÿÿÿ0x0000000000000000ÿ0x0000000000000000' [ 503.395119][ T8398] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 503.427557][ T8474] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 503.482860][ T8474] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 503.548712][ T8474] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 503.632749][ T8474] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 503.748395][ T8550] loop1: detected capacity change from 0 to 4096 [ 503.907055][ T8556] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 504.006709][ T8558] bond_slave_1: invalid flags given to default FDB implementation [ 504.037132][ T29] audit: type=1800 audit(1736499054.860:41): pid=8550 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1139" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 504.777085][ T5788] Bluetooth: hci2: command tx timeout [ 505.105873][ T8474] 8021q: adding VLAN 0 to HW filter on device bond0 [ 505.156081][ T8474] 8021q: adding VLAN 0 to HW filter on device team0 [ 505.196593][ T3801] bridge0: port 1(bridge_slave_0) entered blocking state [ 505.204442][ T3801] bridge0: port 1(bridge_slave_0) entered forwarding state [ 505.364419][ T3843] bridge0: port 2(bridge_slave_1) entered blocking state [ 505.372315][ T3843] bridge0: port 2(bridge_slave_1) entered forwarding state [ 505.816346][ T8398] veth0_vlan: entered promiscuous mode [ 505.850181][ T8398] veth1_vlan: entered promiscuous mode [ 506.045841][ T8398] veth0_macvtap: entered promiscuous mode [ 506.121628][ T8398] veth1_macvtap: entered promiscuous mode [ 506.259007][ T8581] pim6reg: entered allmulticast mode [ 506.289519][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.300505][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.311871][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.323045][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.334243][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.345057][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.361713][ T8398] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 506.386489][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 506.397251][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.408517][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 506.419718][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.429882][ T8398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 506.440682][ T8398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.455786][ T8398] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 506.480314][ T8581] pim6reg: left allmulticast mode [ 506.544328][ T8398] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.554188][ T8398] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.563693][ T8398] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.573084][ T8398] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.884814][ T8586] Bluetooth: MGMT ver 1.23 [ 507.088950][ T8474] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 508.324353][ T8607] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1158'. [ 508.333929][ T8607] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1158'. [ 508.683919][ T8611] loop2: detected capacity change from 0 to 64 [ 509.001574][ T8474] veth0_vlan: entered promiscuous mode [ 509.091720][ T8474] veth1_vlan: entered promiscuous mode [ 509.201025][ T8474] veth0_macvtap: entered promiscuous mode [ 509.224623][ T8474] veth1_macvtap: entered promiscuous mode [ 509.232392][ T8617] usb usb4: usbfs: process 8617 (syz.3.1161) did not claim interface 0 before use [ 509.282089][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 509.292891][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 509.303192][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 509.314090][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 509.324377][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 509.335181][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 509.345472][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 509.356257][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 509.371875][ T8474] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 509.470275][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 509.483559][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 509.494272][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 509.505090][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 509.515390][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 509.526411][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 509.536614][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 509.547437][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 509.562775][ T8474] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 509.624609][ T8474] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.633944][ T8474] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.643249][ T8474] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.652438][ T8474] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 511.456089][ T8647] loop2: detected capacity change from 0 to 128 [ 512.276700][ T8655] loop1: detected capacity change from 0 to 2048 [ 512.312744][ T8655] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 512.401804][ T8662] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 513.301585][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 513.309713][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 513.500206][ T4095] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 513.509354][ T4095] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 514.042141][ T29] audit: type=1326 audit(1736499064.860:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 514.064606][ T29] audit: type=1326 audit(1736499064.860:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 514.203343][ T29] audit: type=1326 audit(1736499065.010:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 514.225819][ T29] audit: type=1326 audit(1736499065.040:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 514.262092][ T29] audit: type=1326 audit(1736499065.090:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 514.285983][ T29] audit: type=1326 audit(1736499065.090:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 514.310984][ T29] audit: type=1326 audit(1736499065.090:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 514.433977][ T29] audit: type=1326 audit(1736499065.170:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 514.456596][ T29] audit: type=1326 audit(1736499065.190:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f6f5a7 code=0x7ffc0000 [ 514.479807][ T29] audit: type=1326 audit(1736499065.190:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.2.1180" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 514.694004][ T3843] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 514.704347][ T3843] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 515.060057][ T3843] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 515.068420][ T3843] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 516.152054][ T5839] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 516.379506][ T5839] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 516.390086][ T5839] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 516.474309][ T5839] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 516.484004][ T5839] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 516.492450][ T5839] usb 7-1: Product: syz [ 516.496887][ T5839] usb 7-1: Manufacturer: syz [ 516.501891][ T5839] usb 7-1: SerialNumber: syz [ 516.842905][ T5839] usb 7-1: 0:2 : does not exist [ 516.846937][ T8724] netem: incorrect ge model size [ 516.856632][ T8724] netem: change failed [ 516.902051][ T5839] usb 7-1: 5:0: failed to get current value for ch 0 (-22) [ 517.031292][ T5839] usb 7-1: USB disconnect, device number 2 [ 517.480545][ T8731] loop1: detected capacity change from 0 to 64 [ 517.616079][ T8731] syz.1.1197: attempt to access beyond end of device [ 517.616079][ T8731] loop1: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 517.630441][ T8731] Buffer I/O error on dev loop1, logical block 134217734, async page read [ 517.716229][ T8729] Trying to free block not in datazone [ 518.514685][ T8745] loop5: detected capacity change from 0 to 8 [ 519.258022][ T8745] SQUASHFS error: xz decompression failed, data probably corrupt [ 519.266503][ T8745] SQUASHFS error: Failed to read block 0x108: -5 [ 519.273385][ T8745] SQUASHFS error: Unable to read metadata cache entry [106] [ 519.280931][ T8745] SQUASHFS error: Unable to read inode 0x0 [ 519.731616][ T8756] loop3: detected capacity change from 0 to 512 [ 519.843445][ T8756] EXT4-fs (loop3): orphan cleanup on readonly fs [ 519.949085][ T8756] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.1209: invalid block [ 520.035208][ T8756] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1209: invalid indirect mapped block 4294967295 (level 1) [ 520.137535][ T8756] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1209: invalid indirect mapped block 4294967295 (level 1) [ 520.177240][ T8756] EXT4-fs (loop3): 2 truncates cleaned up [ 520.185480][ T8756] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 520.502765][ T5782] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 520.721734][ T5839] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 520.901511][ T5839] usb 3-1: Using ep0 maxpacket: 16 [ 520.940460][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 520.955556][ T5839] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 520.969973][ T5839] usb 3-1: New USB device found, idVendor=5543, idProduct=0045, bcdDevice= 0.00 [ 520.979608][ T5839] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 521.025222][ T8771] loop5: detected capacity change from 0 to 512 [ 521.043551][ T5839] usb 3-1: config 0 descriptor?? [ 521.113277][ T8771] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 521.126903][ T8771] ext4 filesystem being mounted at /8/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 521.566995][ T8779] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 521.719413][ T5839] usb 3-1: string descriptor 0 read error: -71 [ 521.746119][ T8783] loop3: detected capacity change from 0 to 2048 [ 521.758102][ T5839] uclogic 0003:5543:0045.0010: failed retrieving string descriptor #200: -71 [ 521.773705][ T5839] uclogic 0003:5543:0045.0010: failed retrieving pen parameters: -71 [ 521.783471][ T5839] uclogic 0003:5543:0045.0010: failed probing pen v2 parameters: -71 [ 521.792136][ T5839] uclogic 0003:5543:0045.0010: failed probing parameters: -71 [ 521.800317][ T5839] uclogic 0003:5543:0045.0010: probe with driver uclogic failed with error -71 [ 521.841938][ T8783] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 521.859629][ T5839] usb 3-1: USB disconnect, device number 3 [ 521.993158][ T8398] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 522.530709][ T8792] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1224'. [ 522.547519][ T8792] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1224'. [ 522.597779][ T8791] loop3: detected capacity change from 0 to 256 [ 522.769757][ T8791] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 522.869928][ T8791] exFAT-fs (loop3): error, exfat_alloc_cluster: invalid used clusters(t:15,u:4294967295) [ 522.869928][ T8791] [ 522.883058][ T8791] exFAT-fs (loop3): Filesystem has been set read-only [ 522.947661][ T8791] exFAT-fs (loop3): error, exfat_alloc_cluster: invalid used clusters(t:15,u:4294967295) [ 522.947661][ T8791] [ 522.960221][ T8791] exFAT-fs (loop3): error, failed to bmap (inode : ffff888048450db0 iblock : 0, err : -5) [ 523.779414][ T8810] loop5: detected capacity change from 0 to 512 [ 524.109826][ T8816] loop2: detected capacity change from 0 to 64 [ 524.354998][ T8818] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1234'. [ 524.378429][ T8810] EXT4-fs (loop5): Test dummy encryption mode enabled [ 524.467945][ T8810] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #12: comm syz.5.1231: corrupted in-inode xattr: invalid ea_ino [ 524.556118][ T8810] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.1231: couldn't read orphan inode 12 (err -117) [ 524.623874][ T8810] EXT4-fs (loop5): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 524.723280][ T8810] EXT4-fs (loop5): shut down requested (2) [ 525.094706][ T8398] EXT4-fs (loop5): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 525.585244][ T8835] af_packet: tpacket_rcv: packet too big, clamped from 54 to 4294967286. macoff=82 [ 525.647248][ T8837] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 526.122572][ T8840] loop6: detected capacity change from 0 to 164 [ 526.230098][ T8840] rock: directory entry would overflow storage [ 526.236800][ T8840] rock: sig=0x4f50, size=4, remaining=3 [ 526.243323][ T8840] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 527.304200][ T8859] loop6: detected capacity change from 0 to 512 [ 527.318724][ T8859] EXT4-fs (loop6): Test dummy encryption mode enabled [ 527.715297][ T8859] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2240: inode #12: comm syz.6.1249: corrupted in-inode xattr: invalid ea_ino [ 527.801724][ T8859] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.1249: couldn't read orphan inode 12 (err -117) [ 527.840936][ T8859] EXT4-fs (loop6): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 527.909610][ T8859] EXT4-fs (loop6): shut down requested (2) [ 528.061274][ T8877] bridge0: port 2(bridge_slave_1) entered disabled state [ 528.071605][ T8877] bridge0: port 1(bridge_slave_0) entered disabled state [ 528.305686][ T8474] EXT4-fs (loop6): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 528.693269][ T8883] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1258'. [ 528.703363][ T8883] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1258'. [ 529.649007][ T8901] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1266'. [ 529.663141][ T8901] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1266'. [ 530.239574][ T8910] loop3: detected capacity change from 0 to 256 [ 531.049264][ T8919] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1275'. [ 531.853866][ T44] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 531.999453][ T8932] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1280'. [ 532.013169][ T8932] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1280'. [ 532.148822][ T44] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 532.167040][ T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 532.175623][ T44] usb 3-1: Product: syz [ 532.180060][ T44] usb 3-1: Manufacturer: syz [ 532.185292][ T44] usb 3-1: SerialNumber: syz [ 532.196182][ T44] usb 3-1: config 0 descriptor?? [ 532.483865][ T44] usb 3-1: USB disconnect, device number 4 [ 532.919212][ T8944] loop6: detected capacity change from 0 to 128 [ 532.933323][ T8944] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 532.960697][ T8944] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 533.070027][ T8945] bridge0: port 3(bond1) entered blocking state [ 533.077596][ T8945] bridge0: port 3(bond1) entered disabled state [ 533.084992][ T8945] bond1: entered allmulticast mode [ 533.095924][ T8945] bond1: entered promiscuous mode [ 533.483361][ T8950] input: syz1 as /devices/virtual/input/input25 [ 533.670441][ T3843] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 533.964127][ T8958] loop3: detected capacity change from 0 to 16 [ 533.976287][ T8958] erofs (device loop3): mounted with root inode @ nid 36. [ 534.399460][ T8968] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 534.603421][ T8972] No such timeout policy "syz1" [ 535.347728][ T8982] program syz.1.1304 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 535.725055][ T8988] loop6: detected capacity change from 0 to 512 [ 535.803930][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 535.804017][ T29] audit: type=1326 audit(1736499086.630:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8991 comm="syz.3.1310" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x0 [ 535.869510][ T8988] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2 [ 536.029575][ T8988] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.1307: invalid indirect mapped block 8 (level 2) [ 536.066701][ T8988] EXT4-fs (loop6): Remounting filesystem read-only [ 536.067083][ T8997] input: syz1 as /devices/virtual/input/input26 [ 536.075814][ T8988] EXT4-fs (loop6): 1 truncate cleaned up [ 536.088981][ T8988] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 536.498633][ T8474] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 536.644145][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 536.650825][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 537.318334][ T9011] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1318'. [ 537.424426][ T9007] loop5: detected capacity change from 0 to 4096 [ 537.556931][ T9007] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 537.653115][ T29] audit: type=1326 audit(1736499088.490:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9012 comm="syz.3.1320" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x0 [ 537.897606][ T9007] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 537.909009][ T9007] ntfs3(loop5): Failed to load $Extend (-22). [ 537.915594][ T9007] ntfs3(loop5): Failed to initialize $Extend. [ 539.023056][ T5105] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 539.227448][ T9032] netlink: 136 bytes leftover after parsing attributes in process `syz.2.1325'. [ 539.237431][ T9032] netlink: 89 bytes leftover after parsing attributes in process `syz.2.1325'. [ 539.578991][ T5105] usb 6-1: config 0 has an invalid interface number: 7 but max is 0 [ 539.592112][ T5105] usb 6-1: config 0 has no interface number 0 [ 539.598607][ T5105] usb 6-1: config 0 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 539.610057][ T5105] usb 6-1: config 0 interface 7 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 539.620334][ T5105] usb 6-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 539.629984][ T5105] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 539.668058][ T9039] loop6: detected capacity change from 0 to 1024 [ 539.677813][ T5105] usb 6-1: config 0 descriptor?? [ 540.084016][ T9039] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 540.100200][ T9039] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 540.291804][ T5105] uclogic 0003:5543:0522.0011: item fetching failed at offset 2/5 [ 540.312460][ T5105] uclogic 0003:5543:0522.0011: parse failed [ 540.319095][ T5105] uclogic 0003:5543:0522.0011: probe with driver uclogic failed with error -22 [ 540.352725][ T29] audit: type=1800 audit(1736499091.170:64): pid=9051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1327" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 540.521810][ T5835] usb 6-1: USB disconnect, device number 2 [ 540.549345][ T9054] loop1: detected capacity change from 0 to 2048 [ 540.615150][ T9054] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 540.658377][ T8474] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 540.688438][ T9055] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 541.722358][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 542.347664][ T9079] loop2: detected capacity change from 0 to 64 [ 542.631397][ T9086] loop5: detected capacity change from 0 to 512 [ 542.749449][ T9086] EXT4-fs error (device loop5): ext4_orphan_get:1389: inode #15: comm syz.5.1348: casefold flag without casefold feature [ 542.856167][ T9086] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.1348: couldn't read orphan inode 15 (err -117) [ 542.879775][ T9091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1350'. [ 542.893452][ T9091] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1350'. [ 542.978052][ T9086] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 543.059211][ T9086] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 543.234631][ T9095] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 543.254668][ T9086] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 543.291634][ T9086] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 543.402067][ T9086] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 543.430819][ T9100] netlink: 'syz.1.1355': attribute type 1 has an invalid length. [ 543.439730][ T9100] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1355'. [ 543.763831][ T8398] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 544.157654][ T9109] netlink: 'syz.5.1358': attribute type 30 has an invalid length. [ 544.166584][ T9109] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 544.176143][ T9109] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 544.413923][ T9115] loop1: detected capacity change from 0 to 512 [ 544.496263][ T9115] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.1361: Invalid inode bitmap blk 4 in block_group 0 [ 544.529539][ T9115] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 545.023982][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 546.102097][ T29] audit: type=1326 audit(1736499096.920:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.6.1374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 546.124862][ T29] audit: type=1326 audit(1736499096.930:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.6.1374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 546.149561][ T29] audit: type=1326 audit(1736499096.930:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.6.1374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 546.172599][ T29] audit: type=1326 audit(1736499096.930:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.6.1374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 546.197063][ T29] audit: type=1326 audit(1736499096.940:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.6.1374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 546.220361][ T29] audit: type=1326 audit(1736499096.940:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.6.1374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 546.244921][ T29] audit: type=1326 audit(1736499096.940:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.6.1374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 546.269799][ T29] audit: type=1326 audit(1736499096.940:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.6.1374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 546.292279][ T29] audit: type=1326 audit(1736499096.940:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.6.1374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 546.634419][ T9146] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1372'. [ 547.820669][ T9168] loop2: detected capacity change from 0 to 128 [ 548.561359][ T9183] loop1: detected capacity change from 0 to 256 [ 548.605801][ T9184] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1391'. [ 548.621424][ T25] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 548.728731][ T9186] netlink: 'syz.5.1393': attribute type 298 has an invalid length. [ 548.820074][ T25] usb 7-1: config index 0 descriptor too short (expected 31, got 27) [ 548.828743][ T25] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 548.839229][ T25] usb 7-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 548.901568][ T25] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= b.72 [ 548.913335][ T25] usb 7-1: New USB device strings: Mfr=28, Product=37, SerialNumber=3 [ 548.922948][ T25] usb 7-1: Product: syz [ 548.927414][ T25] usb 7-1: Manufacturer: syz [ 548.932443][ T25] usb 7-1: SerialNumber: syz [ 549.417551][ T5835] usb 7-1: USB disconnect, device number 3 [ 549.511640][ T25] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 549.682048][ T25] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 549.692838][ T25] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 549.702351][ T25] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 549.712076][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 549.730258][ T25] usb 6-1: config 0 descriptor?? [ 549.966641][ T5835] usb 6-1: USB disconnect, device number 3 [ 551.996655][ T9224] loop2: detected capacity change from 0 to 64 [ 552.004063][ T5835] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 552.203006][ T5835] usb 2-1: Using ep0 maxpacket: 16 [ 552.240910][ T5835] usb 2-1: config index 0 descriptor too short (expected 53135, got 27) [ 552.250311][ T5835] usb 2-1: config 0 has too many interfaces: 208, using maximum allowed: 32 [ 552.259655][ T5835] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 552.270288][ T5835] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 208 [ 552.529782][ T9230] loop3: detected capacity change from 0 to 64 [ 552.630055][ T5835] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 552.639613][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 552.649660][ T5835] usb 2-1: Product: syz [ 552.654968][ T5835] usb 2-1: SerialNumber: syz [ 552.717663][ T5835] usb 2-1: config 0 descriptor?? [ 553.069858][ T44] usb 2-1: USB disconnect, device number 8 [ 553.633100][ T5788] Bluetooth: hci2: command tx timeout [ 553.977025][ T9251] vlan2: entered allmulticast mode [ 553.982611][ T9251] bridge0: entered allmulticast mode [ 553.995597][ T9251] bridge0: port 3(vlan2) entered blocking state [ 554.009410][ T9251] bridge0: port 3(vlan2) entered disabled state [ 554.104211][ T9251] bridge0: left allmulticast mode [ 556.212835][ T9281] loop2: detected capacity change from 0 to 2048 [ 556.420658][ T9297] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 556.476483][ T9293] loop6: detected capacity change from 0 to 256 [ 557.751569][ T44] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 558.013929][ T9320] loop2: detected capacity change from 0 to 24 [ 558.041548][ T44] usb 6-1: Using ep0 maxpacket: 16 [ 558.063378][ T44] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 558.074146][ T44] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 558.085544][ T44] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 558.095916][ T44] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 558.106018][ T44] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 558.168950][ T44] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 558.178818][ T44] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 558.187667][ T44] usb 6-1: Manufacturer: syz [ 558.244002][ T44] usb 6-1: config 0 descriptor?? [ 558.419083][ T9324] loop1: detected capacity change from 0 to 1024 [ 558.934561][ T4685] hfsplus: b-tree write err: -5, ino 4 [ 559.168286][ T44] rc_core: IR keymap rc-hauppauge not found [ 559.174856][ T44] Registered IR keymap rc-empty [ 559.180627][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.205910][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.233209][ T44] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0 [ 559.253854][ T44] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input27 [ 559.322548][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.424979][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.453863][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.492814][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.512586][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.568004][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.598237][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.653476][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.690452][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.722965][ T44] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 559.763573][ T44] mceusb 6-1:0.0: Registered with mce emulator interface version 1 [ 559.772623][ T44] mceusb 6-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active) [ 559.874146][ T44] usb 6-1: USB disconnect, device number 4 [ 560.024709][ T9348] bridge0: entered promiscuous mode [ 560.031325][ T9348] macvlan3: entered promiscuous mode [ 562.579940][ T9385] loop3: detected capacity change from 0 to 4096 [ 562.696133][ T9390] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 562.875027][ T29] audit: type=1800 audit(1736499113.700:74): pid=9385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1480" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 562.898490][ T9393] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 562.912260][ T9393] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 563.657662][ T9402] loop5: detected capacity change from 0 to 2048 [ 563.669042][ T9402] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=18576, location=18576 [ 563.934978][ T9402] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 564.433211][ T9418] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1496'. [ 564.580780][ T8398] UDF-fs: error (device loop5): udf_read_inode: (ino 1317) failed !bh [ 564.590561][ T8398] UDF-fs: error (device loop5): udf_read_inode: (ino 1317) failed !bh [ 565.127303][ T4685] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.406513][ T4685] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.685647][ T4685] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.775520][ T4685] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.447045][ T4685] bridge_slave_1: left allmulticast mode [ 566.453854][ T4685] bridge_slave_1: left promiscuous mode [ 566.460543][ T4685] bridge0: port 2(bridge_slave_1) entered disabled state [ 566.498256][ T4685] bridge_slave_0: left allmulticast mode [ 566.504654][ T4685] bridge_slave_0: left promiscuous mode [ 566.512275][ T4685] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.087527][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 567.098688][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 567.207042][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 567.223384][ T9450] loop1: detected capacity change from 0 to 512 [ 567.264989][ T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 567.327583][ T9450] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 567.374657][ T4685] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 567.429623][ T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 567.463266][ T4685] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 567.466063][ T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 567.626262][ T4685] bond0 (unregistering): Released all slaves [ 567.762535][ T9450] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 567.776084][ T9450] ext4 filesystem being mounted at /311/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 567.871012][ T9461] netlink: 'syz.2.1516': attribute type 11 has an invalid length. [ 567.882177][ T9461] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1516'. [ 568.492320][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.696187][ T9472] loop6: detected capacity change from 0 to 2048 [ 568.820272][ T9472] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 568.824638][ T9475] loop2: detected capacity change from 0 to 256 [ 568.996162][ T9475] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 569.032963][ T4685] hsr_slave_0: left promiscuous mode [ 569.084615][ T4685] hsr_slave_1: left promiscuous mode [ 569.113184][ T29] audit: type=1800 audit(1736499119.940:75): pid=9475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1523" name="file1" dev="loop2" ino=1048664 res=0 errno=0 [ 569.177054][ T9472] UDF-fs: error (device loop6): udf_read_inode: (ino 1345) failed !bh [ 569.202095][ T4685] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 569.209915][ T4685] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 569.312156][ T4685] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 569.319966][ T4685] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 569.463404][ T4685] veth1_macvtap: left promiscuous mode [ 569.469250][ T4685] veth0_macvtap: left promiscuous mode [ 569.475559][ T4685] veth1_vlan: left promiscuous mode [ 569.481477][ T4685] veth0_vlan: left promiscuous mode [ 569.617864][ T9481] loop2: detected capacity change from 0 to 512 [ 569.705598][ T51] Bluetooth: hci0: command tx timeout [ 570.163526][ T9481] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 570.176964][ T9481] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 570.214283][ T9481] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 3: comm syz.2.1525: path /331/file0: bad entry in directory: rec_len % 4 != 0 - offset=12, inode=2197815810, rec_len=21, size=2048 fake=0 [ 570.264311][ T9481] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 12: comm syz.2.1525: path /331/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 570.419615][ T9481] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 13: comm syz.2.1525: path /331/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 570.559893][ T4685] team0 (unregistering): Port device team_slave_1 removed [ 570.596001][ T4685] team0 (unregistering): Port device team_slave_0 removed [ 570.607842][ T9491] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #2: block 18: comm syz.2.1525: lblock 23 mapped to illegal pblock 18 (length 1) [ 570.742388][ T9481] EXT4-fs error (device loop2): ext4_readdir:261: inode #2: block 14: comm syz.2.1525: path /331/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 571.247878][ T5790] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 571.694117][ T9503] loop6: detected capacity change from 0 to 764 [ 571.717944][ T9445] chnl_net:caif_netlink_parms(): no params data found [ 571.853375][ T51] Bluetooth: hci0: command tx timeout [ 572.636852][ T9523] Bluetooth: MGMT ver 1.23 [ 572.847895][ T9445] bridge0: port 1(bridge_slave_0) entered blocking state [ 572.856065][ T9445] bridge0: port 1(bridge_slave_0) entered disabled state [ 572.867233][ T9445] bridge_slave_0: entered allmulticast mode [ 572.877536][ T9445] bridge_slave_0: entered promiscuous mode [ 572.896408][ T9445] bridge0: port 2(bridge_slave_1) entered blocking state [ 572.905530][ T9445] bridge0: port 2(bridge_slave_1) entered disabled state [ 572.913566][ T9445] bridge_slave_1: entered allmulticast mode [ 572.923199][ T9445] bridge_slave_1: entered promiscuous mode [ 573.229400][ T9445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 573.257208][ T9445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 573.492513][ T9445] team0: Port device team_slave_0 added [ 573.507224][ T9538] vivid-002: disconnect [ 573.511320][ T9445] team0: Port device team_slave_1 added [ 573.522943][ T9534] vivid-002: reconnect [ 573.762897][ T9445] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 573.770119][ T9445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 573.799991][ T9445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 573.820754][ T9445] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 573.828217][ T9445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 573.854803][ T9445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 573.961980][ T51] Bluetooth: hci0: command tx timeout [ 574.198444][ T9445] hsr_slave_0: entered promiscuous mode [ 574.247265][ T9445] hsr_slave_1: entered promiscuous mode [ 574.266773][ T9540] loop6: detected capacity change from 0 to 2048 [ 574.299196][ T9445] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 574.307184][ T9445] Cannot create hsr debugfs directory [ 574.336783][ T9540] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found! [ 574.403096][ T9540] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 574.826204][ T9550] loop2: detected capacity change from 0 to 1024 [ 575.211750][ T9445] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 575.256218][ T9445] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 575.302809][ T9445] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 575.353430][ T3843] hfsplus: b-tree write err: -5, ino 4 [ 575.405774][ T9445] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 576.110758][ T51] Bluetooth: hci0: command tx timeout [ 576.176960][ T9445] 8021q: adding VLAN 0 to HW filter on device bond0 [ 576.230824][ T9445] 8021q: adding VLAN 0 to HW filter on device team0 [ 576.266597][ T3801] bridge0: port 1(bridge_slave_0) entered blocking state [ 576.274468][ T3801] bridge0: port 1(bridge_slave_0) entered forwarding state [ 576.380187][ T3801] bridge0: port 2(bridge_slave_1) entered blocking state [ 576.388059][ T3801] bridge0: port 2(bridge_slave_1) entered forwarding state [ 576.493896][ T9445] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 576.504691][ T9445] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 577.165090][ T29] audit: type=1326 audit(1736499127.980:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.1.1558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7fc00000 [ 577.188001][ T29] audit: type=1326 audit(1736499127.980:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.1.1558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb7579 code=0x7fc00000 [ 577.210483][ T29] audit: type=1326 audit(1736499127.980:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.1.1558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7fc00000 [ 577.233949][ T29] audit: type=1326 audit(1736499127.980:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.1.1558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7fc00000 [ 577.256363][ T29] audit: type=1326 audit(1736499127.980:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.1.1558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7fc00000 [ 577.278830][ T29] audit: type=1326 audit(1736499127.980:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.1.1558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7fc00000 [ 577.301829][ T29] audit: type=1326 audit(1736499127.990:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9564 comm="syz.1.1558" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7fc00000 [ 577.956827][ T9445] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 578.047314][ T9591] vivid-002: disconnect [ 578.071300][ T9594] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1567'. [ 578.722171][ T9590] vivid-002: reconnect [ 579.197966][ T9612] loop2: detected capacity change from 0 to 256 [ 579.275001][ T9612] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 579.286290][ T9612] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 579.420574][ T9612] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe563dbae, utbl_chksum : 0xe619d30d) [ 579.888671][ T9622] loop3: detected capacity change from 0 to 128 [ 579.913865][ T9622] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 580.059521][ T9623] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1575'. [ 580.069081][ T9623] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1575'. [ 580.468303][ T9622] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 580.486297][ T9445] veth0_vlan: entered promiscuous mode [ 580.655193][ T9445] veth1_vlan: entered promiscuous mode [ 580.940207][ T5782] UDF-fs: warning (device loop3): udf_evict_inode: Inode 94 (mode 100755) has inode size 134220898 different from extent length 134221312. Filesystem need not be standards compliant. [ 581.109428][ T9445] veth0_macvtap: entered promiscuous mode [ 581.214914][ T9445] veth1_macvtap: entered promiscuous mode [ 581.422794][ T9445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.433718][ T9445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.443928][ T9445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.454809][ T9445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.465049][ T9445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.480119][ T9445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.491617][ T9445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 581.502450][ T9445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.517556][ T9445] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 581.694545][ T9445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.706212][ T9445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.717390][ T9445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.728790][ T9445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.739012][ T9445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.749868][ T9445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.760403][ T9445] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 581.771381][ T9445] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 581.790904][ T9445] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 581.838841][ T9638] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1584'. [ 582.064767][ T9445] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 582.074258][ T9445] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 582.083739][ T9445] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 582.092971][ T9445] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 582.194290][ T9639] loop1: detected capacity change from 0 to 2048 [ 582.262140][ T9639] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 582.270210][ T9639] UDF-fs: Scanning with blocksize 512 failed [ 582.370376][ T9639] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 582.386564][ T9644] loop3: detected capacity change from 0 to 8 [ 582.920668][ T9648] netlink: 'syz.6.1587': attribute type 7 has an invalid length. [ 583.032251][ T9650] sp0: Synchronizing with TNC [ 583.296662][ T9654] sp0: Found TNC [ 584.350760][ T29] audit: type=1326 audit(1736499135.180:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.442563][ T9672] loop6: detected capacity change from 0 to 256 [ 584.471317][ T29] audit: type=1326 audit(1736499135.230:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.493841][ T29] audit: type=1326 audit(1736499135.230:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.517091][ T29] audit: type=1326 audit(1736499135.230:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.541965][ T29] audit: type=1326 audit(1736499135.270:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.565072][ T29] audit: type=1326 audit(1736499135.270:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.587468][ T29] audit: type=1326 audit(1736499135.270:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.648218][ T29] audit: type=1326 audit(1736499135.450:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.670678][ T29] audit: type=1326 audit(1736499135.450:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.693034][ T29] audit: type=1326 audit(1736499135.450:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9671 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 584.815481][ T9672] FAT-fs (loop6): Directory bread(block 64) failed [ 584.824048][ T9672] FAT-fs (loop6): Directory bread(block 65) failed [ 584.831807][ T9672] FAT-fs (loop6): Directory bread(block 66) failed [ 584.838646][ T9672] FAT-fs (loop6): Directory bread(block 67) failed [ 584.849886][ T9672] FAT-fs (loop6): Directory bread(block 68) failed [ 584.857748][ T9672] FAT-fs (loop6): Directory bread(block 69) failed [ 584.864874][ T9672] FAT-fs (loop6): Directory bread(block 70) failed [ 584.871974][ T9672] FAT-fs (loop6): Directory bread(block 71) failed [ 584.878980][ T9672] FAT-fs (loop6): Directory bread(block 72) failed [ 584.885939][ T9672] FAT-fs (loop6): Directory bread(block 73) failed [ 585.065948][ T9677] loop1: detected capacity change from 0 to 1024 [ 585.582424][ T9685] IPv6: NLM_F_CREATE should be specified when creating new route [ 585.882998][ T54] hfsplus: b-tree write err: -5, ino 4 [ 586.186263][ T9697] loop1: detected capacity change from 0 to 256 [ 587.018942][ T9707] syz_tun: entered promiscuous mode [ 587.122868][ T9707] syz_tun: left promiscuous mode [ 587.378091][ T4095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 587.386449][ T4095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 587.468386][ T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 587.478303][ T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 588.911280][ T44] hid-generic 0005:0C45:1010.0012: item fetching failed at offset 0/1 [ 588.965460][ T44] hid-generic 0005:0C45:1010.0012: probe with driver hid-generic failed with error -22 [ 590.008245][ T9749] loop7: detected capacity change from 0 to 512 [ 590.536377][ T9755] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1628'. [ 590.545853][ T9755] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1628'. [ 590.913516][ T9749] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.927340][ T9749] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 591.429564][ T9445] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.472504][ T9774] Cannot find set identified by id 0 to match [ 591.475233][ T9773] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1637'. [ 592.632715][ T9789] loop7: detected capacity change from 0 to 256 [ 592.654601][ T9789] exfat: Deprecated parameter 'namecase' [ 592.660648][ T9789] exfat: Deprecated parameter 'utf8' [ 593.113474][ T9789] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e8072e, utbl_chksum : 0xe619d30d) [ 594.856642][ T9817] input: syz0 as /devices/virtual/input/input28 [ 595.679845][ T9828] loop3: detected capacity change from 0 to 512 [ 595.836913][ T9828] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 595.850523][ T9828] ext4 filesystem being mounted at /355/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 596.001917][ T9836] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1661'. [ 596.129803][ T3801] ===================================================== [ 596.138101][ T3801] BUG: KMSAN: uninit-value in n_tty_receive_buf_closing+0x539/0xb40 [ 596.147349][ T3801] n_tty_receive_buf_closing+0x539/0xb40 [ 596.153986][ T3801] n_tty_receive_buf_common+0x196b/0x2490 [ 596.160569][ T3801] n_tty_receive_buf2+0x4c/0x60 [ 596.166367][ T3801] tty_ldisc_receive_buf+0xd0/0x290 [ 596.172509][ T3801] tty_port_default_receive_buf+0xdf/0x190 [ 596.179134][ T3801] flush_to_ldisc+0x473/0xdb0 [ 596.184777][ T3801] process_scheduled_works+0xae0/0x1c40 [ 596.191619][ T3801] worker_thread+0xea7/0x14f0 [ 596.199275][ T3801] kthread+0x3e2/0x540 [ 596.204256][ T3801] ret_from_fork+0x6d/0x90 [ 596.209464][ T3801] ret_from_fork_asm+0x1a/0x30 [ 596.223126][ T3801] [ 596.226179][ T3801] Uninit was created at: [ 596.231452][ T3801] __kmalloc_noprof+0x923/0x1230 [ 596.237309][ T3801] __tty_buffer_request_room+0x36e/0x6d0 [ 596.246581][ T3801] __tty_insert_flip_string_flags+0x140/0x570 [ 596.253503][ T3801] uart_insert_char+0x39e/0xa10 [ 596.259197][ T3801] serial8250_read_char+0x1a7/0x5d0 [ 596.265387][ T3801] serial8250_handle_irq+0x970/0x1130 [ 596.271697][ T3801] serial8250_default_handle_irq+0x120/0x2b0 [ 596.278568][ T3801] serial8250_interrupt+0xc5/0x360 [ 596.285628][ T3801] __handle_irq_event_percpu+0x118/0xca0 [ 596.292531][ T3801] handle_irq_event+0xef/0x2c0 [ 596.298132][ T3801] handle_edge_irq+0x340/0xfb0 [ 596.303921][ T3801] __common_interrupt+0x97/0x1f0 [ 596.309780][ T3801] common_interrupt+0x92/0xb0 [ 596.321959][ T3801] asm_common_interrupt+0x2b/0x40 [ 596.329311][ T3801] [ 596.332552][ T3801] CPU: 0 UID: 0 PID: 3801 Comm: kworker/u8:15 Not tainted 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 596.344400][ T3801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 596.355302][ T3801] Workqueue: events_unbound flush_to_ldisc [ 596.362036][ T3801] ===================================================== [ 596.369615][ T3801] Disabling lock debugging due to kernel taint [ 596.377465][ T3801] Kernel panic - not syncing: kmsan.panic set ... [ 596.384040][ T3801] CPU: 0 UID: 0 PID: 3801 Comm: kworker/u8:15 Tainted: G B 6.13.0-rc6-syzkaller-00130-g2144da25584e #0 [ 596.396675][ T3801] Tainted: [B]=BAD_PAGE [ 596.400937][ T3801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 596.411150][ T3801] Workqueue: events_unbound flush_to_ldisc [ 596.417222][ T3801] Call Trace: [ 596.420625][ T3801] [ 596.423680][ T3801] dump_stack_lvl+0x216/0x2d0 [ 596.428576][ T3801] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 596.434591][ T3801] dump_stack+0x1e/0x24 [ 596.438943][ T3801] panic+0x4e2/0xcf0 [ 596.443044][ T3801] ? kmsan_get_metadata+0x81/0x1c0 [ 596.448354][ T3801] kmsan_report+0x2c7/0x2d0 [ 596.453042][ T3801] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 596.459599][ T3801] ? __msan_warning+0x95/0x120 [ 596.464585][ T3801] ? n_tty_receive_buf_closing+0x539/0xb40 [ 596.470613][ T3801] ? n_tty_receive_buf_common+0x196b/0x2490 [ 596.476699][ T3801] ? n_tty_receive_buf2+0x4c/0x60 [ 596.481907][ T3801] ? tty_ldisc_receive_buf+0xd0/0x290 [ 596.487505][ T3801] ? tty_port_default_receive_buf+0xdf/0x190 [ 596.493724][ T3801] ? flush_to_ldisc+0x473/0xdb0 [ 596.498789][ T3801] ? process_scheduled_works+0xae0/0x1c40 [ 596.504846][ T3801] ? worker_thread+0xea7/0x14f0 [ 596.509921][ T3801] ? kthread+0x3e2/0x540 [ 596.514331][ T3801] ? ret_from_fork+0x6d/0x90 [ 596.519119][ T3801] ? ret_from_fork_asm+0x1a/0x30 [ 596.524294][ T3801] ? irqentry_enter+0x37/0x60 [ 596.529196][ T3801] ? common_interrupt+0x5e/0xb0 [ 596.534251][ T3801] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 596.539978][ T3801] ? n_tty_receive_buf_closing+0x474/0xb40 [ 596.545989][ T3801] ? virt_to_page_or_null+0x7a/0x150 [ 596.551459][ T3801] ? __pfx_min_vruntime_cb_rotate+0x10/0x10 [ 596.557547][ T3801] ? kmsan_get_metadata+0x13e/0x1c0 [ 596.562920][ T3801] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 596.568922][ T3801] ? kmsan_get_metadata+0x13e/0x1c0 [ 596.574297][ T3801] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 596.580304][ T3801] __msan_warning+0x95/0x120 [ 596.585132][ T3801] n_tty_receive_buf_closing+0x539/0xb40 [ 596.590994][ T3801] n_tty_receive_buf_common+0x196b/0x2490 [ 596.597053][ T3801] n_tty_receive_buf2+0x4c/0x60 [ 596.602093][ T3801] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 596.607833][ T3801] tty_ldisc_receive_buf+0xd0/0x290 [ 596.613271][ T3801] tty_port_default_receive_buf+0xdf/0x190 [ 596.619318][ T3801] flush_to_ldisc+0x473/0xdb0 [ 596.624242][ T3801] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 596.630926][ T3801] ? __pfx_flush_to_ldisc+0x10/0x10 [ 596.636349][ T3801] process_scheduled_works+0xae0/0x1c40 [ 596.642174][ T3801] worker_thread+0xea7/0x14f0 [ 596.647103][ T3801] kthread+0x3e2/0x540 [ 596.651350][ T3801] ? __pfx_worker_thread+0x10/0x10 [ 596.656697][ T3801] ? __pfx_kthread+0x10/0x10 [ 596.661469][ T3801] ret_from_fork+0x6d/0x90 [ 596.666078][ T3801] ? __pfx_kthread+0x10/0x10 [ 596.670835][ T3801] ret_from_fork_asm+0x1a/0x30 [ 596.675856][ T3801] [ 596.679315][ T3801] Kernel Offset: disabled [ 596.683719][ T3801] Rebooting in 86400 seconds..