last executing test programs: 7m8.73553222s ago: executing program 0 (id=2542): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, 0x0, 0x0) 7m8.075066553s ago: executing program 0 (id=2546): open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x800, &(0x7f0000001940)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@utf8}, {@dmask={'dmask', 0x3d, 0x2}}, {@utf8}, {@errors_remount}, {@utf8}, {@utf8}, {@errors_remount}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm9yWSZJckmSS5IkSZJbQtIkRxISQ25JQxKSy5BchpBcJiaN+/1+SUiSJklCckvW/yP8nU6d3znndy5+nzPP9/PZH+uZtZ+1157nvey9Xu9813lIjUY1qzYgIvin4MV/kgEgFgAGAMB1ABAAQNn4svEX+nNKTP7nDsL+tR5Ju9ozYFcT1z974/pnb1z/7I3rn71x/bM3rn/2xvXP3rj+jGVnm6YVuJ637Lvx+n92xu///0WySo35ak2pG7sAxPy9KVz/7I3r/18r+Ht24vpnb1z/7Cr2ak+A/R/Az//sIMdf7eH6Z29cf8ays1/XgXPCVV+HvlobRLL3ZyBX+/HHGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OO2vUABwuX2158UYY4wxxhhjjLF/HZ/jas+AMcYYY4wxxhhj/34IAiQoCCAGckAs5IQ4EABwLeSG6yAC10M83AB54EbIC/kgPxSABCgIhUCDAQsEIRSGIhCFm6Ao3AzFoDiUgJLgoBQkwi1QGm6FMnAblIXboRzcAeWhAlSESnAnVIa7oArcDVXhHqgG1aEG1IR7oRbcB7XhfqgDD0BdeBDqwUNQHx6GBvAINIRHoRE8Bo3hcWgCTaEZNIcW/6v8l6A7vAw9oCckQy/oDa9AH+gL/aA/DIBXYSC8BoPgdUiBwTAE3oCh8CYMg7dgOIyAkfA2jIJ3YDSMgbEwDlJhPEyAd2EivAeTYDJMgamQBtNgOrwPM2AmzIIPYDZ8CHNgLsyD+ZAOH8ECWAgZ8DEsgk8gExbDElgKy2A5rICVsApWwxpYC+tgPWyAjbAJNsMW2ArbYDvsgE9hJ3wGu2A37IHPYS988Q/mn/qL/C4ICChQoEKFMRiDsRiLcRiHuTAX5sbcGMEIxmM85sE8mBfzYn7MjwmYgIWwEBo0SEhYGAtjFKNYFItiMSyGJbAEOnSYiIlYGm/FMlgGy2JZLIflsDxWwApYCSthZayMVbAKVsWqWA2rYQ2sgffivdgLa2NtrIN1sC7Wvbw8hQ2wATbEhtgIG2FjbIxNsAk2w2bYAltgS2yJrbAVtsE22BbbYjtsh0mYhO2xPXbADtgRO2In7ISdsTN2wa7YNeulHIAv48vYE6uJXtgbe2MfTMnRD/tjf3wVB+Jr+Bq+jik4GIfgG/gGvonD8CQOxxE4EkdiZfEOjsYxSGIcpmIqTsAJOBEn4iScjJNxKqbhNJyO03EGzsSZ+AHOxg/xQ5yLc3E+pmM6LsCFmIEZuAhPYSYuxiW4FJfhclyGK3EVrsQ1uBbX4HpcjxtxI27GzbgVt+J23I6fogLAz3A37sYU3It7cR/uw/24Hw/gAczCLDyIB/EQHsLDeBiP4BE8isfwOB7DE3gCT+IpPI2n8SyexXP4QsI3DT8tvjoFxAVKKBEjYkSsiBVxIk7kErlEbpFbRERExIt4kUfkEXlFXpFf5BcJIkEUEoWEEUaQCGMAQERFVBQVRUUxUUyUECWEE04kikRRWpQWZUQZUVbcLsqJO0R5UUG0dpVEJVFZtHFVxN2iqqgqqonqooaoKWqKWqKWqC1qizqijqgr6op64iFRX/TCfviIuFCZRmIwNhZDsIloKuSlV7CWYhi2Eq1FG/GUGIHDsZ1o6ZLEs6K9GI0dxJ/EGHxedBLjsLN4UXQRXUU38ZLoLlq5HqKnmIS9RG8xFfuIvqKf6C9mYHXxAc7OWUO8LlLEYDFEvCHm45timHhLDBcjxEjxthgl3hGjxRgxVowTqWK8mCDeFRPFe2KSmCymiKkiTUwT08X7YoaYKWaJD8Rs8aGYI+aKeWK+SBcfiQViocgQH4tF4hORKRaLJWKpWCaWixVipVglVos1Yq1YJ9aLDWKj2CQ2iy1iq9gmtosd4lOxU3wmdondYo/4XOwVX4h94kuxX3wlDoivRZb4RhwU34pD4jtxWHwvjogfxFFxTBwXP4oT4idxUpwSp8UZcVb8LM6JX8R54QVIlEJKqWQgY2QOGStzyjh5jcwlg0u/3etlvLxB5pE3yrwyn8wvC8gEWVAWkloaaSXJUBaWRWRU3iSLyptlMVlclpAlpZOlZKK8RZaWt8oy8jZZVt4uy8k7ZHlZQVaUleSdsrK8S0Lk4jGqyeqyhqwp75XJcJ+sLe+XdeQDsq58UNaTD8n68mHZQD4iG8pHZSP5mGwsH5dNZFPZTDaXLeQTsqV8UraSrWUb+ZRsK5+W7eQzMkk+K9tLf+kh8rzsJF+QneWLsovsKrvJX+R56WUP2VNCL5C95Suyj+wr+8n+coB8VQ6Ur8lB8nWZIgfLIfINOVS+KYfJt+RwOUKOlG/LUfIdOVqOkWPlOJkqx8sJ8l05Ub4nJ8nJcoqcKtPkNNnv0kizpPyb+e/+Qf6gX4++UW6Sm+UWuVVuk9vlDvmp3Cl3yl1yl9wj98i9cq/cJ/fJ/XK/PCAPyCyZJQ/Kg/KQPCQPy8PyiDwij8pj8oz8UZ6QP8mT8pQ8Jc/Is/KsPHfpdwAKlVBSKRWoGJVDxaqcKk5do3Kpa1VudZ2KqOtVvLpB5VE3qrwqn8qvCqgEVVAVUloZZRWpUBVWRVRU3YSXHjCqhCqpnCqlEtUt/0i+KqpuVsVU8d/kX55f8l+ZXwvVQrVULVUr1Uq1UW1UW9VWtVPtVJJKUu1Ve9VBdVAdVUfVSXVSnVVn1UV1Ud1UN9VddVc9VA+VrJJVb/WK6qP6qn6qvxqgXlUD1UA1SA1SKSpFDVFD1FA1VA1Tw9RwNVyNVCPVKDVKjVaj1Vg1VqWqVDVBTVAT1UQ1SU1SU9QUlabS1HQ1Xc1QM9QsNUvNVrPVHDVHzVPzVLpKVwvUApWhMtQitUhlqsVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpUm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVpbLUQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+cvXPYFIhCBClQQE8QEsUFsEBfEBbmCXEHuIHcQCSJBfBAf5AluDPIG+YL8QYEgISgYFAp0YAIbiEtFjwY3BUWDm4NiQfGgRFAycEGpIDHmUmdwW1A2uD0oF9wRlA8qBBWDSsGdQeXgrqBKcHdQNbgnqBZUD2oENYN7g1rBfUHt4P6gTvBAUDd4MKgXPBTUDx4OGgSPBA2DR4NGwWNB4+DxoEnQNGgWNA9aBLcGZf5l43t/Mt+TrofuqZN1L91bv6L76L66n+6vB+hX9UD9mh6kX9cperAeot/QQ/Wbeph+Sw/XI/RI/bYepd/Ro/UYPVaP06l6vJ6g39UT9Xt6kp6sp+ipOk1P09P1+3qGnqln6Q/0bP2hnqPn6nl6vk7XH+kFeqHO0B/rRfoTnakX6yV6qV6ml+sVeqVepVfrNXqtXqfX6w16o96kN+steqveprfrHfpTvVN/pnfp3XqP/lzv1V/offpLvV9/pQ/or3WW/kYf1N/qQ/o7fVh/r4/oH/RRfUwf1z/qE/onfVKf0qf1GX1W/6zP6V/0ee0vXNxfeHs3yigTY2JMrIk1cSbO5DK5TG6T20RMxMSbeJPH5DF5TV6T3+Q3CSbBFDKFzAVkyBQ2hU3URE1RU9QUM8VMCVPCOONMokk0pU1pU8aUMWVNWVPOlDPlTXlT0VQ0d5o7zV3mLnO3udvcY+4x1U11U9PUNLVMLVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT08w0My1MC9PStDStTCvTxrQxbU1b0860M0kmybQ37U0H08F0NB1NJ9PJdDadTRfTxXQz3Ux30930MD1Mskk2vU1v08f0Mf1MPzPADDADzUAzyAwyKSbFDDFDzFAz1Awzw8xwM8KMvHChat4xo80YM9aMM6km1UwwE8xEM9FMMpPMFDPFpJk0M91MNzPMDDPLzDKzzWwzx8wx88w8k27SzQKzwGSYDLPILDKZJtMsMUvMMrPMrDArzCqzyqwxa8w6WGc2mA1mk9lktpgtZpvZZnaYHWan2Wl2mV1mj9lj9pq9Zp/ZZ/ab/eaAOWCyTJY5aA6aQ+aQOWwOmyPmiDlqjprj5rg5YU6Yk+akOW1Om7Mm36X3S29ibU4bZ6+xuey1Nre9zv5lnN8WsAm2oC1ktc1r8/0mNtbaYra4LWFLWmdL2UR7y+/i8raCrWgr2TttZXuXrfK7uJa9z9a299s69gFb0977m7iufdDWs4/Z+ogAtqltaJvbRvYx29g+bpvYpraZbW7b2qdtO/uMTbLP2vb2ud/FC+xCu8qutmvsWrvL7ran7Rl7yH5nz9qfbQ/b0w6wr9qB9jU7yL5uU+zg38Uj7dt2lH3HjrZj7Fg77nfxFDvVptlpdrp9386wM38Xp9uP7GybYefYuXaenf9rfGFOGfZju8h+YjNtAEvsUrvMLrcr7Mr/P9eldr3dYDfanfYzu8Vutdvsdrvj8oWw3W332M/tXvuFPWi/tfvtV/aAPWyz7De/xhfO77D93h6xP9ij9pg9bn+0J+xP6nL2hXP/0f5iz1tvgZCAJCkKKIZyUCzlpDi6hnLRtZSbrqMIXU/xdAPloRspL+Wj/FSAEqggFSJNhiwRhVSYilCUbqLL0ytBJclRKUqkW6g03Upl6DYqS7dTObqDylMFqkiV6E6qTHdRFbqbqtI9VI2qUw2qSfdSLbqPatP9VIceoLr0INWjh6g+PUwN6BFqSI9SI3qMGtPj1ISaUjNqTi3oCWpJT1Irak1t6ClqS09TO3qGkuhZak/PUQf6E3Wk56kTvUCd6UXqQl2pG71E3ell6kE9KZl6UW96hfpQX+pH/WkAvUoD6TUaRK9TCg2mIfQGDaU3aRi9RcNpBI2kt2kUvUOjaQyNpXGUSuNpAr1LE+k9mkSTaQpNpTSaRtPpfZpBM2kWfUCz6UOaQ3NpHs2ndPqIFtBCyqCPaRF9Qpm0mJbQUlpGy2kFraRVtJrW0FpaR+tpA22kTbSZttBW2kbbaQd9SjvpM9pFu2kPfU576QvaR1/SfvqKDtDXlEXf0EH6lg7Rd3SYvvc96Qc6SsfoOP1IJ+gnOkmn6DSdobP0M52jX+g8eYIQQxHKUIVBGBPmCGPDnGFceE2YK7w2zB1eF0bC68P48IYwT3hjmDfMF+YPC4QJYcGwUKhDE9qQwjAsHBYJo+FNYdHw5rBYWDwsEZYMXVgqTAxvCUuHt4ZlwtvCsuHtYbnwjrB8WCF87IFK4Z1h5fCusEp4d1g1vCesFlYPa4Q1w3vDWuF9Ye3w/rBO+EBYJnwwrBc+FNYPHw4bhI+EDcNHw0bhY2Hj8PGwSdg0bBY2D1uET4QtwyfDVmHrsE34VNg2fDpsFz4TJoXPhu3D537tf3DhX+9PDnuFvcNXwldC7++X86Lzo+nRj6ILogujGdGPo4uin0Qzo4ujS6JLo8uiy6Mroiujq6Kro2uia6ProuujG6Ibo97XzAEOnXDSKRe4GJfDxbqcLs5d43K5a11ud52LuOtdvLvB5XE3urwun8vvCrgEV9AVctoZZx250BV2RVzU3eSKuptdMVfclXAlnXOlXKJr7lq4Fq6le9K1cq1dG/eUe8o97Z52z7hn3LOuvXvOdXB/ch3d866Te8G94F50XVxX18295Lq78bkvPieTXW/X2/VxfVw/188NcAPcQDfQDXKDXIpLcUPcEDfUDXXD3DA33A13I91IN8qNcqPdaDfWjXWpLtVNcBPcRDfRTXKT3BQ3xaW5NDfdTXcz3AxXeebFo8xxc9w8N8+lu3S3wF24Zsxwi9wil+ky3RK3xC1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XQ73S5/3cVB3V63z+1z+91+d8B97bLcN+6g+9Ydct+5w+57d8T94I66Y+64+9GdcD+5k+6UO+3OuLPuZ3fO/eLOO+9SI+MjEyLvRiZG3otMikyOTIlMjaRFpkWmR96PzIjMjMyKfBCZHfkwMicyNzIvMj+SHvkosiCyMJIR+TiyKPJJJDOyOLIksjSyLLI84n3BLaEv7Iv4qL/JF/U3+2K+uC/hS3rnS/lEf4sv7W/1Zfxtvqy/3Zfzd/jyvoKv6B/3TXxT38w39y38E76lf9K38q19G/+Ub+uf9u38Mz7JP+vb++d8B/8n39E/7zv5F3xn/6Lv4rv6bv4l392/7Hv4nj7Z9/K9/Su+j+/r+/n+foB/1Q/0r/lB/nWf4gf7If4NP9S/6Yf5t/xwP8KPjHnbj7p8iwzjfKof7yf4d/1E/56f5Cf7KX6qT/PT/HT/vp/hZ/pZ/gM/23/o5/i5fp6f79P9R36BX+gz/Md+kf/EZ/rFlxeV/Qq/0q/yq/0av9av8+v9Br/Rb/Kb/Ra/1W/z2/0O/6nf6T/zu/xuv8d/7vf6L/w+/6Xf77/yB/zXPst/4w/6b/0h/50/7L/3R/wP/qg/5o/7H/0J/5M/6U/50/6MP+t/9uf8L/48f2eNMcYYY+zvMv5KU/y25+Jyfq8/yBF/tnNvALh2a4GsP++/cEW5Lu/Fdl+R0DYCAM/27PzI5a1ateTk5Ev7ZkoIiswFuPxJ0AW/LhtfihdDG3gakqA1lP7D+fcVXc/S3xg/ejtA3J/lxMKV+Mr4XwJg8h+M/8RTIxeUC0/H/w/jzwUoVuRKTk64Ei+GNr+ur7SGMn9l/vla/o355/wqFaDVn+XkgivxlfknwpPwHCT9Zk/GGGOMMcYYY+yivqJix8v3n5f/x+cf3Z8nqCs5OeBK/LfuzxljjDHGGGOMMXb1Pd+12zNPJCW17viPN6r8r7L+7kZj+HeNzI0/bHgPcPknCgD+yQEBLjTkf/IsNv9HjpVy6anzl13LzvgAuhW99KXH/xs1/ScaV/NViTHGGGOMMfbvcOWi/7c/V1drQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0n/hzYlf7HBljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLGr7f8FAAD///wR/mQ=") 7m7.073929829s ago: executing program 0 (id=2552): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) 7m6.56307347s ago: executing program 0 (id=2556): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x840, &(0x7f00000001c0)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@fmask={'fmask', 0x3d, 0x1000}}, {@gid}, {@umask={'umask', 0x3d, 0x400}}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x4}}, {@namecase}, {@keep_last_dots}, {@gid}, {@time_offset={'time_offset', 0x3d, 0x9}}]}, 0x1, 0x152c, &(0x7f0000001f80)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0) 7m5.703919038s ago: executing program 0 (id=2563): syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000180)=ANY=[@ANYBLOB="696f636861727365743d6d6163677265656b000000000000000465743d63703835322c756e686964652c00"], 0x1, 0x9f1, &(0x7f0000000c00)="$eJzs3c1vHOd9B/Dv8EWiaUOSbdV1BdtayZVM2yxFUrVUwYdWIlcSXb4UJAVY6MFyLakQxNat3QK2UcAyUPRUIwES5JDcjJxyMuBLfAl8S27JKYcAgf8FIyflxGBml9SSXHJJhW+WPx9id+flN8/zm53Zebi7s/OEb5fFwyvGFher20OOX/vZLmTMPnZp/OvPPv+0vH1yLwfSndeKnyd9SWpJT5Jnk96x8dmZqQ4F3U1uJPkqKZIcTONxU26k+F6eeDD+VYqflPWu68BmS6aTRb7T9nr/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/agYGx8eHikOZGL62pu1hqS2xtj47EyRxcW1c5aWafiy6vW7+LJjvUlR3tLXt9TV97NHH8x+JkntZJ5rjD1XdUievnz0+DNHXn+6p2tp+fWy+bMc3Hyx73/40d23FxZuvbcjiex/V+rTE3MzE1MXr9RrE3MztQvnzg2fuXp5rnZ5YrI+d31uvj5VG5utX5yfma0NjL1cG7lw4WytPnR95tr0lfGhyfrSxPN/Mzo8fK72xtA/1S/Ozs1Mn3ljaG7s6sTk5MT0lSqmnF3GnC93xH+cmK/N1y9O1Wq37yzcOrsqp+6s2n/LoJFOa1IGjbaf1ewp++NabXR4dHRkZHR05JPmtOUJ51678Nr54eGe4VWyJmKHdlr2l8fW38zbfxCHh9TVaP+TyUxkOtfyZmpt/8YyntnMZGrNnGvVfdNS+3/qTH3Delvb/2Yr39My+1h5dzIvNEf71mn/18l19/7ez4f5KHfzdhaykFt5b88z2t2/K6lnOhOZy0wmMpWL1ZRac0otF3Iu5zKct3I1xzOXWi5nIpOpZy7XM5f51Ks9aiyzqedi5jOT2dQykLG8nFpGciEXcja11DOU65nJtUznSsZzsSrldu5Uz/vZDXJcDhrZTNDoBkFrGvMtt//11f+c8J2z/QdxeEiLzfb/QOfQgbHdSAgAAADYdn/1qxw6+tQvf58Ueb76XP7yxGR9eK/TAgAAALZRdbrec+VDbzn0fArv/wEAAOBRU1S/sSuS9Od4Y2jpl1A+BAAAAIBHRPX9/wspjj+Y4P0/AAAAPGI6X2O/Y0QxuHT539rNxuPNZkRjrOi/PDFZHxqbmXx9JKerqwxUvzRYU1p3UvRWPz94JScaUSf6G4/9D0os6+wro0aGXh/JKznZXJGBF8uHFwfaRI42Il9qRL7UGtmdFZFny0gAeNSd3KA93mz7/0oGGxGDx6omv+dYmzZ4WMsKAPvFch87f2x2adam/W9GvLBe+/+3G7z/LyOeyu3jjVMKhvJO3s1CbmYwzTMOjrcrdak3gsZpCIMdPg3ob56y8JvzXRlc83lA3/K6tsbeymgG234i0FJusZTD2UZc985sAwDYbSc3bIc31/4Pdnj/3++UQgDYV5Z7sN/Bgb1eRwBgJa00AAAAAAAAAAAAAAAAAAAAAAAAAAAAbL9NXcD/16eThYXeZBc6C1ge6NtKhhsPdGWXct7zge4ke1X732fLS5XbeL88dQZWDuzxgQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBdUSTd7aZ3JQeTDCc5s/tZ7Zx7e53Adqk93GLF/dzPBzm03ekAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzXNa//35XG4+ONSenpSk4luZHkn/c6x+10f68T2DP/Vt23XP+/K+nNYpGexmZP0Ts2PjszVW7+4mA5/+vPPv+0vHUue22vCmUBZQ0rOpdo1tAypXflUk9WS/WP33r/7n+9+x+18UvVjnlp/vLk+NSV2X94EPhM8UWjC4TWbhCW8v2fU7/4fsvkA83KvyjXtL3V9V6u6h1fW+9ftlt6nXo34c7CrdGypvn6m/P//e93PmiZ9VROJC8OJAMra/rX8rZOTSdWP58rFd8U/1ccyo9yo9r+5bNRLBblJjpcrf9jt+8s3Bp6592Fm8s5fbwipyM5nuRm0rf5nI5Xx5O2qr2uq7esdbgKKu+OdihvQy0ljqzzvD5Z7TL9W1qH2vrrUOnwvDczOts2ox/859M5veUtfbpDjW0V3xS/K67mt/nflv4/usrtfyptX51tiqgiW/aU1nkrXl5djchqzUdbZ7y1usx1X5XsgP/Pv+Tvlrd/V8vxv7mtdud41FJj+9dFsvXXxU8Pr2lRHqhapKOrWqTm0We9ZZp5Hm1ErZPnX+TVpOfYlo4or3Y4ouzU6//HxUDvH3JP/z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD+VyTd7aZ3JaeSHElyuByvJYurY+49RH1d/cXDpLltHibnb59i3RUt7ud+Psih3c4IAAAAAAAAgJ1xafzrzz7/tLxV38d356+7mnNqSU+SI8UPe8fGZ2emOhTUm9xY+kq/b2s53Cjvnngw/lU59myHhfb29AEA+Fb7UwAAAP//6gF1Iw==") statx(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x800, 0x200, 0x0) 7m5.03450036s ago: executing program 0 (id=2566): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x82480, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x62) 7m0.3986631s ago: executing program 32 (id=2566): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x82480, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x62) 3m33.057635561s ago: executing program 4 (id=3774): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r0, 0x0, 0x18, &(0x7f0000000100), 0x4) 3m32.156513816s ago: executing program 4 (id=3779): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file2\x00', 0x404, &(0x7f00000001c0)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRES8], 0x1, 0x122e, &(0x7f0000002580)="$eJzs3MFrHFUcB/BftqlZU5tErdX2oA+9eBqaHDwJEiQFyYJSG6EVhCmZ6JJxN2SWwIoYe/Lq0b9BPHpTxH8gV/8Cb7mIpxzEEXZSk60NmlqyRT+fy/zIb76Z99hl4S3v7f7rX368uVFlG/kgWlNT0dqKSAcpUrTinhdXm+ut26vLnc7KjZSuL99cfC2lNPfSD+9/+s3LPw4uvPft3Hczsbfwwf4vSz/vXd67sv/7zY+6VepWqdcfpDzd6fcH+Z2ySOvdajNL6Z2yyKsidXtVsT3W3yj7W1vDlPfWL85ubRdVlfLeMG0WwzTop8H2MOUf5t1eyrIsXZwNTnT+729Z+/qgrr+PqOvz8UTUdV0/GbMxFU/FxZiLzyPi6Xgmno1L8Vxcjufjhbgyuusshg8AAAAAAAAAAAAAAAAAAAD/Hwej0/zj5/8vHJ7/n48F5/8BAAAAAAAAAAAAAAAAAADgDLx76/bqcqezciOldkT5xc7azlpzbfrLG9GNMoq4FvPxW4xO/zea+vpbnZVraeRcROwe5nd31s6N5xdHPydwmJ8e9e7lF5t8irvlsfxMzDb5dkQUsRTzcenY89tH+aUH5tvx6ivHnp/FfL0b0Y8y1kfPPsp/tpjSm2937stfHd0HAAAA/wVZ+tPC+Pq3Wb9n2Un9Jn+K7wfuW19Px9Xpyc6diGr4yWZelsX2eNH+y18mVsw8HsM4TdH6N/GZOLHVGmt99VPEpGf6WBTtw/fyo/iHU5OfzkMUdx/J3MeLCX8wcSaOXvRJjwQAAAAAAAAAAIDT+Cf7AX+Nh95FOB0P2Fn2xmSmCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MEOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoQIAAP//uXHE5A==") truncate(&(0x7f0000000200)='./file2\x00', 0x40000000007) 3m29.930934037s ago: executing program 4 (id=3793): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x54, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}, @IFLA_GRE_REMOTE={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}]}}}]}, 0x54}}, 0x0) 3m29.279098173s ago: executing program 4 (id=3798): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_newvlan={0x24, 0x76, 0x709, 0x0, 0x0, {0x7, 0x2}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_RANGE={0x6, 0x2, 0xd}}]}, 0x24}, 0x1, 0x5502000000000000}, 0x44800) 3m28.577087072s ago: executing program 4 (id=3804): r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000280)={0x0, 0x3, 0x81, 0x2, 0x101, 0x8}, &(0x7f00000002c0)=0x14) 3m27.935238157s ago: executing program 4 (id=3810): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000000)) 3m12.460067301s ago: executing program 33 (id=3810): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000000)) 6.378276683s ago: executing program 2 (id=4919): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x10000000}}, [@jmp={0x5, 0x0, 0x4, 0x9, 0x0, 0xfffffffffffffffc, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000680)='GPL\x00', 0xa, 0x1016, &(0x7f0000001880)=""/4118, 0x41100}, 0x94) 5.470259077s ago: executing program 1 (id=4924): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x10) 5.33380832s ago: executing program 5 (id=4925): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='environ\x00') read$FUSE(r0, 0x0, 0x0) 4.912710596s ago: executing program 2 (id=4928): r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000780)={'sit0\x00', &(0x7f0000000740)={'erspan0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x29, 0x0, @private}}}}) 4.795251782s ago: executing program 1 (id=4929): r0 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2) readv(r0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000140)=""/26, 0x1a}], 0x2) 4.787163251s ago: executing program 5 (id=4930): r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x2, 0x48) pread64(r0, &(0x7f0000000240)=""/103, 0x67, 0x4) 4.249489902s ago: executing program 2 (id=4933): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) fchown(0xffffffffffffffff, 0xffffffffffffffff, 0xee01) 4.205737059s ago: executing program 1 (id=4934): r0 = syz_open_dev$cec(&(0x7f00000003c0), 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000440)={"2370491d", 0x100, 0x5, 0x2, 0x8, 0x1, "000064640000001503fe00", "037ec42b", '\x00', "64bdac32", ["e86621d9cc668c391f77c506", "3549ffffffffffffff010800", "010000000000f000", "cf6cce2296b3f853e264c4e0"]}) 4.059505733s ago: executing program 5 (id=4935): syz_usb_connect$printer(0x1, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="1201500200000008b80402024000010203010902240001010610060904000802079d"], &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) sendmsg$TIPC_CMD_GET_NODES(0xffffffffffffffff, 0x0, 0x0) 3.746429541s ago: executing program 6 (id=4936): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x5f, 0x1, 0x0, 0x0, {0x12}, [@typed={0x5, 0x1, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008801}, 0x4040040) 3.632849699s ago: executing program 3 (id=4937): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$inet6(r0, &(0x7f0000000040)={&(0x7f0000000000)={0xa, 0x0, 0x4, @loopback, 0x7f}, 0x1c, 0x0, 0x0, &(0x7f0000001500)=[@rthdr_2292={{0x18, 0x29, 0x39, {0x4, 0x0, 0x2, 0x1}}}], 0x18}, 0x24004800) 3.456407096s ago: executing program 1 (id=4938): syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xab4, &(0x7f0000000340)="$eJzs3U2MW0cBAOCxd73JNilxSkKXNLQJhbb8dNNslvATQVIlQiJqKsSlUsUlStMSEYJEkYCqEklO3GhVBYkTP+LUS1UQEr2gqCculWikCqmnwoEDURCVOJRAYhR7xvs8sfNsZ9dex98nzY7nzTzPPO/z8/ubNwGYWtXm3+XlhUoIF9545cg/Hvr7/I0pB9sl6s2/s4VULYRQienZ7P3em2nF195/8US3uBKWmn9TOjx5pT3vphDC2bArXAz1sOPCpZffWnri2Lmj53e//eqBy2uz9AAAMF2+fvHA8va//vm+rVdfu/9Q2NCenvbP6zG9Oe73H4o7/mn/vxo605VCKJrLys3GUJ3vLDfTpVyxnlpWbrZH/XNZ/bUe5TaEW9c/U5jWbblhkqX1uB4q1cWOdLW6uNg6Jg/N4/q5yuKZU6effX5MDQVW3b8fCCHsKoTD5zvT6y0cXAdtGDI01kEbJjIcGl1dVxstY1/mEYXGlnFvgQBa8uuFNzmbn1m4Pe13m+2v/iuPV7vPD6tg1Ov/QPXPjbn+oP7fnLPFYfXcqWtTWq70Pdoc0/l1hPz+pd7fv/xKR+fU/HpErc929rqOMCnXF3q1c2bE7RhWr/bn68Wd6ssxTp/DVzpyH+j4/uT/00n5HwPdfZCf/xcEYX2H0JGu3c57Nca8/QHWr/y+uUa6Phrl9/Xl+RtK8jeW5M+X5N9Vkr+pJB+m2e++/9PwUmXlfFd+TD/o+fB0nu3uGH9owPbk5yMHrT+/73dQt1t/fj8xrGd/OP7UyS888/Sl1v3/lfb6fz2u7+lwox6/WxdjgXS+MD+v3r73v95ZT7VHuXuy9tzdpXzz9bbOcpVtK+8TCtuZm9qx0Dnfll7ldnaWq2fl5mPYmLU33z+5K5sv7X+k7Wr6vGaz5a1lyzGXtSNtV7bGOG8HDCOtj73u/0/r50KoVZ49dfrkYzGd1tM/zdQ23Ji+d8TtBm5fv/1/FkJn/5/N7em1anG7sGVleqW1XXg9vl/n9KV2PYXphR+19Dv3rZn5ZvnFE989/cwqLztMu+d/9MK3j58+ffJ7Xgz94qvroxmDvEiHLeulPV4M+mLXWlcx5g0TsOb2/Li1E/Doqe8cf+7kcyfP7Nu/f9/S0v4v7lve09yv31Pcuy86O4bWAqtp5Ud/3C0BAAAAAAAAAAAA+vWDo0cuvfPm599t9f9f6f+X+v+nO39T//+fZP3/837yqR986ge4tUt+s0z2gNW5rFwthg9n7d2W1bM9m+8jMW6P4xf7/6fq8ue6pvbcm02v9UhmjxO46Xkpc9kzSPLxAj8e4/Mx/nWAMarMd58c41s837ryQWFdT8+nKHThbXg+8ORI/7fm2lB4pFHq/931uU5d+mszWUbRY3Hcywh098+pev73v1YWfOxtEXqH2dHW9/PpXScaPffS+x3BBmB1jHv8z3TeM8Vn/vi1jTdCKnbl8c7tZf78UhjEX97pTK/38SfXuv583L5R1z/u5R/1+J/t8e/63v5lI+bVh6v3P7+4/G6h2rCj3/rz5U/Pgd42WP1XY/1paR4O/dXf+FVWf35BqE//zeq/q8/6b1r+ncPV/79Yf/rYHnmw3/pbLa5UO9sxny1Huv6XnzdOrmXLn57teYv6v/FCt+UfcqDG67F+mGaTMs7soLL9iPZO+/Dj/0ZnV3f833Zjs81afh/G52I6bYjTfQ75eCeDtj/dX5F+B7Zn718p+X0z/u9k+1KMy74PafzftD7W409+Id38LFO61uWzvVO3NTCp3puq63+jCpdbh0HDzb9x/O0XBgiNmSHma48TN+b2NxqNtT2hVWKslTP2z3/cxwnjrn/cn3+ZfPzffB8+H/83z8/H/83z8/F/8/z5+B/qlZ+P/5t/nvn4v3n+vdn75uMDL5Tkf7Qkf0f3/PZh+30l8+8syf9YSf7udv7BjhIp//5bzr9Srtf731OS/2BJ/idK8j9Zkv9QSf4jhfziGNAp/1Ml89/pUn+UaV1+mGZ5/zzff5ge6fpPr+//tpJ8YHL97LW9h5/+7Tfrrf7/c+3zIek63qGYrsXjpx/GdH7dOxTSN/LejOm/Zfnr/XwHTJP8+Rn57/vDJfnA5Er3efl+wxSqbOw+OcZlz63qtZ/PZPl0jD8T48/G+NEYL8Z4T4z3xnhpRO1jbRx+/fcHXqqsHO9vyfL7vZ887w/U8ZyoEMK+PtuTnx8Y9H72/Dl+g7rd+ofsDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA21ebf5eWFSggX3njlyFPHTu25MeVgu0S9+Xe2kKq15wvhsRjPxPiX8cW19188UYyvx7gSlkIlVNrTw5NX2jVtCiGcDbvCxVAPOy5cevmtpSeOnTt6fvfbrx64vHafAAAAANz5/h8AAP//JI4RIA==") truncate(&(0x7f0000000080)='./file2\x00', 0x1ffd) 3.403352523s ago: executing program 3 (id=4939): r0 = socket(0x2, 0x400000000002, 0x0) setsockopt(r0, 0x0, 0x21, &(0x7f0000000180)="b1f5d915", 0x4) 3.364856705s ago: executing program 2 (id=4940): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa00008, &(0x7f0000000000), 0x1, 0x7c8, &(0x7f0000001280)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JrsQ2JQeSqGBQHtOYmTFpJatYMkhNoYklEIvPbT0UGguOTdtesuhl/64tpf+DT2UhLR1QlN6KC4jjRL5hxw7seQ0/nxgrPdmRnrvO2/mzfPMIAWwZw2nf3IRByN60uRgNj+JbEZ0R5yor/dgeamQTkmsrLz6Q1Jb5/7yUiGa3pPan2X+GhFfvBlxKLe+3MrC4vREqVScy/Kj1ZkLo5WFxcPnZyamilPF2aNj4+NHjv3n2NGdi/WnrxcP3HnnpX9+fOKXN/5y8+0vkzgRB7JlzXHslOEYzrZJT7oJV3lxpwvbZcluV4Ankh6aXfWjPA7GYHRt0pL/72jNAIB2uRwRKwDAHpM4/wPAHtO4DnB/eanQmKJ+P+fK464dHG/3xYkOuPtCRPTX42/c36wv6a7fs/umv3YfdOB+UrtH0pBExNAOlD8cEddunb6RTtGm+5AAG7lyNSLODg2v7f/THm7tMwvb9a8trDPcSHxaf9H/Qed8lo5//rt+/BeRy47//trfteOfvuZj9yms/Yz1x3/u9qpszw4U2iQd/x1verbtQVP8maGuLPeH2pivJzl3vlRM+7Y/RsRI9PSl+bFNyhi59+u9Vsuax38/vvv6h2n56eujNXK3u/tWv2dyojrxNDE3u3s14m/dG8WfPGz/pMX499QWy3j5f2990GpZGn8ab2NaH397rVyP+MeG7f/oOahk0+cTR2u7w2hjp9hg//zk2/cHWpXf3P7XbqUlLRUa/wt0Qtr+A5vHP5Q0P69Z2X4ZX10f/LzVstXxn76Rlr86/o33/97ktVq6N5t3aaJanRuL6E1eWT//yKP3NvKN9dP4R/6+Kv6sBXOb7v/pSmez9MpjHn7svvP9R08ef3ul8U+m7Z9kQTy2/befuPlguqtV+Vtr//FaaiSbs77/6173uVut4FNtPAAAAAAAAAAAAAAAAAAAAAAAAADYolxEHIgkl3+YzuXy+fpveP85BnKlcqV66Fx5fnYyar+VPRQ9ucZXXQ42fR/qWPZ9+I38kTX5f0fEnyLivb59tXy+UC5N7nbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJDZ3+L3/1Pf9e127QCAtunf7QoAAB23rfO/wQIAPBdanNJ7N569r611AQA6o3b+T7p3uxoAQAe5pA8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG126uTJdFr5eXmpkOYnLy7MT5cvHp4sVqbzM/OFfKE8dyE/VS5PlYr5Qnmm5Qddqb+UyuUL4zE7f2m0WqxURysLi2dmyvOz1TPnZyamimeKPR2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2rrKwOD1RKhXnJDZPXH4mqnE1a7bd3hrPU+Jstk2flfpsI9EXEe0qormX2Nf5jgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgd+K3AAAA//+aBB1p") unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0) 3.182178544s ago: executing program 6 (id=4941): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_buf(r0, 0x29, 0x30, 0x0, 0x0) 2.742200496s ago: executing program 3 (id=4942): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) poll(&(0x7f00000000c0)=[{r0, 0x420}], 0x1, 0x0) 2.615982721s ago: executing program 6 (id=4943): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@acquire={0x268, 0x17, 0x1, 0x0, 0x0, {{@in6=@private0, 0x1}, @in6=@remote, {@in=@remote, @in=@multicast2}, {{@in6=@private2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, [@tmpl={0x144, 0x5, [{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d6, 0x32}, 0x2, @in=@loopback, 0x3504, 0x1, 0x2, 0x7f, 0x9, 0x2, 0x7}, {{@in=@dev={0xac, 0x14, 0x14, 0x2b}, 0x4d2, 0x2b}, 0x2, @in=@broadcast, 0x0, 0x1, 0x0, 0x7, 0x7fff, 0xfffffffa, 0x3}, {{@in=@multicast2, 0x4d3, 0x6c}, 0x2, @in=@local, 0x3506, 0x4, 0x0, 0xb, 0x6, 0x6, 0xc8ab}, {{@in=@private=0xa010102, 0x4d3, 0x32}, 0x2, @in=@remote, 0x0, 0x1, 0x1, 0x0, 0x3, 0x5, 0x9}, {{@in=@rand_addr=0x64010102, 0x4d4, 0x6c}, 0xa, @in=@multicast1, 0x0, 0x4, 0x1, 0x9, 0x5, 0x4}]}]}, 0x268}}, 0x800) 1.934797487s ago: executing program 1 (id=4944): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'dummy0\x00', &(0x7f0000000100)=@ethtool_perm_addr={0x4b, 0x25, "4372070000001000476fb2940acfbe4c0e24fa98ddf306e50000b646376f385355617a34d3"}}) 1.773884524s ago: executing program 3 (id=4945): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/time\x00') setns(r0, 0x80) 1.756322263s ago: executing program 6 (id=4946): r0 = socket$kcm(0xa, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8916, &(0x7f0000000000)) 1.6299403s ago: executing program 5 (id=4947): r0 = socket(0x840000000002, 0x3, 0xfa) setsockopt$inet_int(r0, 0x0, 0x22, 0x0, 0x0) 1.574721572s ago: executing program 2 (id=4948): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@dellink={0x34, 0x11, 0x82d, 0x0, 0x2000, {0x0, 0x0, 0x0, 0x0, 0x2e0a4, 0xc008}, [@IFLA_IFNAME={0x14, 0x3, 'macsec0\x00'}]}, 0x34}}, 0x0) 1.132661629s ago: executing program 6 (id=4949): socket$inet6(0xa, 0x200000000003, 0x87) syz_emit_ethernet(0x66, &(0x7f0000000080)={@local, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x30, 0x2b, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[@hopopts={0x87}, @routing={0x3b, 0x2, 0x2, 0x0, 0x700, [@dev={0xfe, 0x80, '\x00', 0x21}]}], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0) 918.273302ms ago: executing program 3 (id=4950): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1ff, 0x10, &(0x7f0000006680)) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, 0x0, 0x0) 856.370172ms ago: executing program 5 (id=4951): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="0e0000000500"}) 660.109994ms ago: executing program 1 (id=4952): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f626172726965722c706172743d3078303030303030303030303030303030392c756d61736b3d3030303030303030303030303030303030302c6e6c733d64656661756c742c747970653df268d6512c756d61736b3d30303030303030303030303030303030303030363734352c000000000000"], 0x3, 0x6b2, &(0x7f0000000280)="$eJzs3U+IHFkdB/BvdSY96QjZ2X/ZKEKGDSy6wWQmzZoIwkYRySFI0Mteh2SyGTLJLpNZyS5iOuoqePIke/CwIvGwIoiIsJ4W17MgePGUe8CbhxzUkfrTMz0znUlPkpkedz8fqK73+r1671e/VFV3V2foAJ9a517L/l6KnDt+/mZZv3unu3j3Tvdav5xkMkkrmahXKTpJ8XFyNvWSz5ZPNsMVD5rnlXsfFhPvfdCtaxPNUvVvbbXdJkN79pIDq5V9Sabr4r9HHnbTeNVSjXNxbbxHVKzGXSbsWD9xMG4rm/TWGlsP3Xz08xbYs27Vr5ubTCUHU7+6lu8D0lwdHn5lGIfOutqW16beTscCAAAAO2/oZ/lBT93P/dzMod0JBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Zivo3A4tmafXL0yn6v//fHvhN/faYw31M716uVt9+atyBAAAAAAAAAMBjOXo/93Mzh/r1laL6zv/FqvJc9fiZvJUbmc9STuRm5rKc5SxlNsnUwEDtm3PLy0uzm7f8ecotV1ZWbjVbnhq65an1cfU2Bjrsfxps6gQAAAAAAAAAn1o/yLm17/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAvKJJ99apanuuXp9KaSHIgSbuYXu3eHmuwj6UO/aNxhwEAAAC751Dx37qwUlSf+Q9Xn/sP5K1cz3IWspzFzOdSdS+g/ujc+luvu3j3TvdauWwe8Gv/3Nb81Yip7z0Mn3mm6vH86hbn8s18J8cznQtZykK+m7ksZz7T+UZVmkuRqebuxdTdO530Y90c79l1tQsbYzs6UC7jO1JF0snlLFSxncjFdj/0VtPvyMBsf2wnG2a8XWaneLUxYo4uNetyj37WrPeGqWrP969mZKbJfZmNpwfzvjn32zxONs40m9bqPajn1mYpqxtneqScH2zWu5Drbd5KW5+J3k/LWv/oO7x1zpMv/v3PF660rl+9cvnG8b1zGD2ijcdEdyATL4yUicUyE73HyMSBx4n/yWk32aivotu7Wr5YbXsoC/lW3silzOd0ZjKbM5nJV3Iq3ZwayOvzW+e1Otda2zvXjn2hKXSS/KRZ76rJBzWUeX16IK+DV7qpqm3wmbUsPTNClop2hmfpH0NDmfhcUyjn+OHAK874bczE7EAmnt06E7/8z0qSG4vXry5dmXtzxPleatblafvu+mv0r57IDm1fs7vl8fJM+Y9VVn6cdUdH2fZsv21DvtrNNy4TzWDr2tqpzue67WFnajnS4dvDRqrbXhg6S7dqOzLQtu5dTt7I4uq7EAD2rFYOvnyw3bnX+Wvn/c6POlc65w98ffLM5Ofb2f+XiT/t+13r162vFi/n/Xw/h8YdKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBLcePudq3OLi/NLe7CQ1gidf5vRB7w9tKmfivqZ9k7vVz3ZR78Ze3qfaKF/IE1udUT9PskW47THEXwnyc5OcXS0zpnYhV2ezJCm86vPdJLWajxJru6RH7gDdsLJ5Wtvnrzx9jtfWrg29/r86/PXT505/erp7pdnb528vLA4P1M/jjtKYCdsfF8KAAAAAAAAAAAA7H278VcWQ6YtemPYVwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/07nXsr+XIrMzJ2bK+t073cVy6ZfXek4kaSUpvpcUHydnUy+ZGhiueNA8r9z78BcvvfdBd22siX7/1obt/vCvlZVt7kWvWTKdZF+zfrjJkca7ODBeb5uB1YrVPSwTdqyfOBi3/wUAAP//0koEbg==") rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00') 308.760896ms ago: executing program 2 (id=4953): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x73, 0x11, 0x36}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}, @exit={0x95, 0x0, 0xc2}], {0x95, 0x0, 0x1200}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x70) close(0x3) 250.486725ms ago: executing program 6 (id=4954): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000800), 0x40400, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0xd4) 24.507917ms ago: executing program 5 (id=4955): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000fff07006706000020000000170200000ee60000bf050000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad35010000000000840400000000000014000000000000009500000000000000db13d5d8b741f2cdaabc83df03395287fd51a700ea6553f304000000815dcf00c3eebc52267b042d196bde7c382d21ff79a8583a7482c5994747e19325b1ee980cbd800d845dacbcf5ad8cdbc7abf9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x4e}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa3d0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x10}, 0x50) 0s ago: executing program 3 (id=4956): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x15, &(0x7f0000000a40)={0x0, {{0x2, 0x0, @dev}}, {{0x2, 0x0, @loopback}}}, 0x3) kernel console output (not intermixed with test programs): 793.890988][ T5810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 793.943016][T13342] loop5: detected capacity change from 0 to 128 [ 793.989177][T13340] loop3: detected capacity change from 0 to 2048 [ 794.074502][T13340] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 795.585718][T13364] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3437'. [ 795.815771][T13367] loop4: detected capacity change from 0 to 128 [ 795.939782][T13368] netlink: 'syz.5.3438': attribute type 1 has an invalid length. [ 795.947804][T13368] netlink: 396 bytes leftover after parsing attributes in process `syz.5.3438'. [ 796.110972][T13373] loop3: detected capacity change from 0 to 16 [ 796.162553][T13373] erofs (device loop3): DAX unsupported by block device. Turning off DAX. [ 796.225883][T13373] erofs (device loop3): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 796.238803][T13373] erofs (device loop3): mounted with root inode @ nid 36. [ 796.405180][T13373] syz.3.3442: attempt to access beyond end of device [ 796.405180][T13373] loop3: rw=0, sector=131157, nr_sectors = 1 limit=16 [ 796.419946][T13373] syz.3.3442: attempt to access beyond end of device [ 796.419946][T13373] loop3: rw=0, sector=46, nr_sectors = 1 limit=16 [ 796.466599][T13373] erofs (device loop3): read error -5 @ 0 of nid 36 [ 796.935808][T13379] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 796.973714][T13381] loop2: detected capacity change from 0 to 1024 [ 797.041480][T13381] EXT4-fs: Ignoring removed oldalloc option [ 797.047725][T13381] EXT4-fs: Ignoring removed bh option [ 797.054523][T13381] EXT4-fs: Ignoring removed nobh option [ 797.242364][T13381] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 797.306908][T13387] nftables ruleset with unbound chain [ 797.319743][T13381] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.3444: iget: bad i_size value: -72057594037927926 [ 797.750464][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 798.310485][T13391] loop4: detected capacity change from 0 to 4096 [ 798.853969][ C1] hrtimer: interrupt took 375887 ns [ 799.096827][T13391] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 799.172417][T13399] loop1: detected capacity change from 0 to 4096 [ 799.248866][T13399] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 799.298456][T13391] ntfs3(loop4): ino=5, "/" indx_read [ 799.540978][T13399] ntfs3(loop1): Failed to load $Extend (-22). [ 799.547303][T13399] ntfs3(loop1): Failed to initialize $Extend. [ 799.763780][ T5810] ntfs3(loop4): ino=9, ntfs_sync_fs failed, -22. [ 800.640066][T13424] loop2: detected capacity change from 0 to 8 [ 800.807337][T13427] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3467'. [ 800.818646][ T5875] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 800.872753][T13428] loop1: detected capacity change from 0 to 256 [ 800.885532][T13428] exfat: Deprecated parameter 'utf8' [ 800.953609][T13428] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 801.008624][T13430] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3468'. [ 801.014163][ T5875] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 801.072916][ T5875] usb 4-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=48.99 [ 801.083195][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 801.091691][ T5875] usb 4-1: Product: syz [ 801.096056][ T5875] usb 4-1: Manufacturer: syz [ 801.101022][ T5875] usb 4-1: SerialNumber: syz [ 801.251344][ T5875] usb 4-1: config 0 descriptor?? [ 801.295195][ T5875] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 801.589987][ T5875] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -2 [ 801.670184][ T5875] usb 4-1: USB disconnect, device number 9 [ 802.498813][T13444] loop4: detected capacity change from 0 to 1024 [ 802.713784][T13444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 802.730417][T13444] ext4 filesystem being mounted at /673/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 802.996675][T13457] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3480'. [ 803.013340][T13457] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 803.163556][T13460] loop3: detected capacity change from 0 to 64 [ 803.246792][ T5810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 804.294205][T13474] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3488'. [ 804.992571][ T6316] udevd[6316]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 805.367706][T13483] loop3: detected capacity change from 0 to 16 [ 805.439479][T13483] erofs (device loop3): mounted with root inode @ nid 36. [ 806.541028][ T11] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 806.559661][T13492] netlink: 'syz.3.3498': attribute type 1 has an invalid length. [ 806.788486][ T11] usb 5-1: config 1 has an invalid descriptor of length 28, skipping remainder of the config [ 806.864432][ T11] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 806.873923][ T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 806.882418][ T11] usb 5-1: SerialNumber: syz [ 807.025065][ T11] usb 5-1: bad CDC descriptors [ 807.243681][ T11] usb 5-1: USB disconnect, device number 20 [ 808.585292][T13513] loop4: detected capacity change from 0 to 2048 [ 808.684605][T13518] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 808.785306][T13513] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 808.850008][T13513] Remounting filesystem read-only [ 809.669242][T13526] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 810.878939][T13546] loop4: detected capacity change from 0 to 256 [ 810.936149][T13546] exfat: Deprecated parameter 'namecase' [ 810.942581][T13546] exfat: Deprecated parameter 'utf8' [ 811.057584][T13546] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 811.964436][T13562] block nbd3: NBD_DISCONNECT [ 812.117390][T13566] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.3533'. [ 812.179998][T13567] loop2: detected capacity change from 0 to 256 [ 812.790785][T13576] 8021q: adding VLAN 0 to HW filter on device bond0 [ 812.819610][T13576] bond0: (slave rose0): Enslaving as an active interface with an up link [ 814.185149][T13598] loop1: detected capacity change from 0 to 256 [ 814.493120][T13598] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 816.119288][ T30] audit: type=1326 audit(2000000448.060:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13629 comm="syz.2.3561" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 816.280139][ T30] audit: type=1326 audit(2000000448.100:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13629 comm="syz.2.3561" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 816.303029][ T30] audit: type=1326 audit(2000000448.110:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13629 comm="syz.2.3561" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 816.325605][ T30] audit: type=1326 audit(2000000448.110:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13629 comm="syz.2.3561" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 816.352900][ T30] audit: type=1326 audit(2000000448.130:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13629 comm="syz.2.3561" exe="/root/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 816.376993][ T30] audit: type=1326 audit(2000000448.130:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13629 comm="syz.2.3561" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 816.399796][ T30] audit: type=1326 audit(2000000448.130:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13629 comm="syz.2.3561" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 816.422241][ T30] audit: type=1326 audit(2000000448.140:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13629 comm="syz.2.3561" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 816.449078][ T30] audit: type=1326 audit(2000000448.140:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13629 comm="syz.2.3561" exe="/root/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 819.500443][T13667] /dev/nullb0: Can't open blockdev [ 819.529594][T13670] netlink: 'syz.5.3577': attribute type 21 has an invalid length. [ 820.797731][T13686] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3583'. [ 821.018734][T13694] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3587'. [ 821.622981][ T30] audit: type=1326 audit(2000000453.570:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13700 comm="syz.4.3591" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13539 code=0x7ffc0000 [ 821.646642][ T30] audit: type=1326 audit(2000000453.570:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13702 comm="syz.2.3590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 821.674101][ T30] audit: type=1326 audit(2000000453.610:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13702 comm="syz.2.3590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 821.700068][ T30] audit: type=1326 audit(2000000453.640:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13702 comm="syz.2.3590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=294 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 821.722521][ T30] audit: type=1326 audit(2000000453.680:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13700 comm="syz.4.3591" exe="/root/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f13539 code=0x7ffc0000 [ 821.745140][ T30] audit: type=1326 audit(2000000453.680:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13700 comm="syz.4.3591" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13539 code=0x7ffc0000 [ 821.767703][ T30] audit: type=1326 audit(2000000453.680:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13700 comm="syz.4.3591" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13539 code=0x7ffc0000 [ 821.797568][T13701] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3589'. [ 821.912568][ T30] audit: type=1326 audit(2000000453.770:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13702 comm="syz.2.3590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 821.935409][ T30] audit: type=1326 audit(2000000453.770:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13702 comm="syz.2.3590" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 823.569065][T13728] loop1: detected capacity change from 0 to 128 [ 823.591669][T13716] loop4: detected capacity change from 0 to 4096 [ 823.662801][T13728] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 823.823749][T13728] ext4 filesystem being mounted at /723/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 824.079653][ T11] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 824.171807][T13738] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3604'. [ 824.390339][ T11] usb 4-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice=31.00 [ 824.399777][ T11] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 824.408003][ T11] usb 4-1: Product: syz [ 824.412515][ T11] usb 4-1: Manufacturer: syz [ 824.420106][ T11] usb 4-1: SerialNumber: syz [ 824.453586][ T5816] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 824.553475][ T11] usb 4-1: config 0 descriptor?? [ 824.649338][ T11] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 824.660288][ T11] usb 4-1: Detected FT4232HP [ 824.844991][ T11] ftdi_sio ttyUSB0: Unable to read latency timer: -71 [ 824.888932][ T11] ftdi_sio ttyUSB0: Unable to write latency timer: -71 [ 824.941914][ T11] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 824.999019][ T11] usb 4-1: USB disconnect, device number 10 [ 825.097351][ T11] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 825.112066][ T11] ftdi_sio 4-1:0.0: device disconnected [ 827.225565][T13776] loop5: detected capacity change from 0 to 1024 [ 828.886549][T13803] delete_channel: no stack [ 829.081168][T13798] loop5: detected capacity change from 0 to 4096 [ 829.217032][T13798] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 829.780931][T13798] ntfs3(loop5): ino=19, mi_enum_attr [ 830.454908][T13823] loop3: detected capacity change from 0 to 512 [ 830.753236][T13823] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 830.765643][T13823] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 830.780661][T13823] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.3638: Failed to acquire dquot type 1 [ 830.970585][T13823] EXT4-fs (loop3): 1 truncate cleaned up [ 830.983736][T13823] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 830.997453][T13823] ext4 filesystem being mounted at /746/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 831.403819][T13830] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set [ 831.515045][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 831.778696][ T30] audit: type=1400 audit(2000000463.730:182): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=13843 comm="syz.1.3649" [ 832.600162][T13859] netlink: 'syz.3.3655': attribute type 1 has an invalid length. [ 832.612181][T13859] netlink: 220 bytes leftover after parsing attributes in process `syz.3.3655'. [ 833.275376][T13871] loop5: detected capacity change from 0 to 64 [ 833.555103][T13875] loop4: detected capacity change from 0 to 256 [ 833.674924][T13875] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 834.983702][T13899] netlink: 'syz.2.3674': attribute type 1 has an invalid length. [ 834.992025][T13899] netlink: 228 bytes leftover after parsing attributes in process `syz.2.3674'. [ 835.308610][ T5875] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 835.456334][T13908] loop1: detected capacity change from 0 to 512 [ 835.519100][ T5875] usb 6-1: Using ep0 maxpacket: 16 [ 835.559681][ T5875] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 835.614448][T13907] loop3: detected capacity change from 0 to 2048 [ 835.635854][T13908] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 835.649339][T13908] ext4 filesystem being mounted at /739/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 835.711717][ T5875] usb 6-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 835.721359][ T5875] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 835.730102][ T5875] usb 6-1: Product: syz [ 835.734478][ T5875] usb 6-1: Manufacturer: syz [ 835.739577][ T5875] usb 6-1: SerialNumber: syz [ 835.797839][T13907] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 835.896611][ T5875] usb 6-1: config 0 descriptor?? [ 835.899364][T13907] UDF-fs: unknown compression code (0) [ 835.915290][T13908] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3679: bg 0: block 96: padding at end of block bitmap is not set [ 835.942257][T13908] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 836.181791][T13917] netlink: 'syz.2.3682': attribute type 1 has an invalid length. [ 836.189951][T13917] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3682'. [ 836.205946][T11395] Bluetooth: hci0: Malformed LE Event: 0x0d [ 836.223565][ T11] usb 6-1: USB disconnect, device number 6 [ 836.312177][ T5816] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 837.413739][T13927] netlink: 'syz.2.3686': attribute type 12 has an invalid length. [ 837.425102][T13927] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3686'. [ 838.616488][T13946] loop2: detected capacity change from 0 to 128 [ 838.672630][T13947] loop3: detected capacity change from 0 to 256 [ 839.070192][T13947] FAT-fs (loop3): Directory bread(block 64) failed [ 839.077070][T13947] FAT-fs (loop3): Directory bread(block 65) failed [ 839.084380][T13947] FAT-fs (loop3): Directory bread(block 66) failed [ 839.095646][T13947] FAT-fs (loop3): Directory bread(block 67) failed [ 839.105229][T13947] FAT-fs (loop3): Directory bread(block 68) failed [ 839.112176][T13947] FAT-fs (loop3): Directory bread(block 69) failed [ 839.119266][T13947] FAT-fs (loop3): Directory bread(block 70) failed [ 839.125956][T13947] FAT-fs (loop3): Directory bread(block 71) failed [ 839.132992][T13947] FAT-fs (loop3): Directory bread(block 72) failed [ 839.139829][T13947] FAT-fs (loop3): Directory bread(block 73) failed [ 839.943733][T13959] loop5: detected capacity change from 0 to 512 [ 840.191432][T13959] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.3701: invalid block [ 840.251992][T13965] loop2: detected capacity change from 0 to 764 [ 840.284091][T13959] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3701: invalid indirect mapped block 4294967295 (level 1) [ 840.373545][T13959] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3701: invalid indirect mapped block 4294967295 (level 1) [ 840.450822][T13959] EXT4-fs (loop5): 2 truncates cleaned up [ 840.459181][T13959] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 840.491061][T13965] Symlink component flag not implemented [ 840.499873][T13965] Symlink component flag not implemented [ 840.509528][T13965] Symlink component flag not implemented (129) [ 840.515870][T13965] Symlink component flag not implemented (6) [ 840.594836][T13965] rock: directory entry would overflow storage [ 840.605094][T13965] rock: sig=0x4f50, size=4, remaining=3 [ 840.614699][T13965] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 841.428068][T13978] netlink: 'syz.4.3708': attribute type 15 has an invalid length. [ 841.433429][T11394] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 843.199435][T14007] loop4: detected capacity change from 0 to 1024 [ 843.407321][T14007] hfsplus: cannot replace xattr [ 843.823657][T14019] netlink: 'syz.3.3723': attribute type 2 has an invalid length. [ 843.852211][ T3848] hfsplus: b-tree write err: -5, ino 4 [ 844.226135][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 844.233111][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 844.405917][T14027] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 844.415665][T14027] overlayfs: missing 'lowerdir' [ 845.443185][T14043] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 846.150131][T14052] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3738'. [ 846.846613][T14060] loop1: detected capacity change from 0 to 512 [ 847.067614][T14060] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 847.176848][T14060] EXT4-fs error (device loop1): ext4_get_branch:178: inode #13: block 1024: comm syz.1.3742: invalid block [ 847.239251][T14060] EXT4-fs (loop1): Remounting filesystem read-only [ 847.246963][T14060] EXT4-fs (loop1): 1 truncate cleaned up [ 847.259655][T14060] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 847.706743][ T5816] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 848.237860][T14083] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3751'. [ 848.435045][T14087] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 848.828019][ T30] audit: type=1326 audit(2000000480.780:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 848.946402][T14092] loop3: detected capacity change from 0 to 512 [ 848.963174][ T30] audit: type=1326 audit(2000000480.830:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 848.986063][ T30] audit: type=1326 audit(2000000480.830:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 849.013454][ T30] audit: type=1326 audit(2000000480.860:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 849.037490][ T30] audit: type=1326 audit(2000000480.900:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 849.060176][ T30] audit: type=1326 audit(2000000480.900:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 849.082449][ C0] vkms_vblank_simulate: vblank timer overrun [ 849.089329][ T30] audit: type=1326 audit(2000000480.900:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 849.111472][ C0] vkms_vblank_simulate: vblank timer overrun [ 849.124027][ T30] audit: type=1326 audit(2000000481.000:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 849.146082][ C0] vkms_vblank_simulate: vblank timer overrun [ 849.152784][ T30] audit: type=1326 audit(2000000481.000:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 849.175112][ T30] audit: type=1326 audit(2000000481.000:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.3.3758" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 849.197309][ C0] vkms_vblank_simulate: vblank timer overrun [ 849.439129][T14099] bridge0: port 3(netdevsim3) entered blocking state [ 849.446432][T14099] bridge0: port 3(netdevsim3) entered disabled state [ 849.455570][T14099] netdevsim netdevsim1 netdevsim3: entered allmulticast mode [ 849.468116][T14099] netdevsim netdevsim1 netdevsim3: entered promiscuous mode [ 849.477851][T14099] bridge0: port 3(netdevsim3) entered blocking state [ 849.485217][T14099] bridge0: port 3(netdevsim3) entered forwarding state [ 849.544058][T14092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 849.557563][T14092] ext4 filesystem being mounted at /769/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 849.717355][T14105] loop4: detected capacity change from 0 to 256 [ 849.972016][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 849.984416][ T5875] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 850.248481][ T5875] usb 6-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0 [ 850.262098][ T5875] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4 [ 850.372969][ T5875] usb 6-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00 [ 850.383076][ T5875] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 850.391962][ T5875] usb 6-1: Product: syz [ 850.396338][ T5875] usb 6-1: Manufacturer: syz [ 850.401236][ T5875] usb 6-1: SerialNumber: syz [ 850.546360][ T5875] usb 6-1: config 0 descriptor?? [ 850.593250][ T5875] usb-storage 6-1:0.0: USB Mass Storage device detected [ 850.663021][ T5875] usb-storage 6-1:0.0: Quirks match for vid 1908 pid 1315: 20000 [ 850.824566][ T5875] usb 6-1: USB disconnect, device number 7 [ 851.310558][T14125] loop1: detected capacity change from 0 to 256 [ 851.514545][T14125] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x2eabf3fa, utbl_chksum : 0xe619d30d) [ 852.821310][T14145] (unnamed net_device) (uninitialized): option tlb_dynamic_lb: invalid value (242) [ 853.485480][T14155] netlink: 7084 bytes leftover after parsing attributes in process `syz.1.3785'. [ 853.864167][T14160] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 853.932483][T14144] loop4: detected capacity change from 0 to 8192 [ 854.007280][T14144] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 854.116856][T14144] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001) [ 854.125594][T14144] FAT-fs (loop4): Filesystem has been set read-only [ 854.816739][T14170] MPI: mpi too large (124808 bits) [ 855.486420][T14183] netlink: 'syz.4.3798': attribute type 1 has an invalid length. [ 856.459306][T14199] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 857.202608][T14211] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3812'. [ 857.202715][T14211] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3812'. [ 857.347456][T14215] openvswitch: netlink: Missing key (keys=40, expected=100) [ 858.124821][T14223] loop5: detected capacity change from 0 to 1024 [ 858.587369][ T1106] hfsplus: b-tree write err: -5, ino 4 [ 859.009767][T14233] loop5: detected capacity change from 0 to 512 [ 859.142438][T14233] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2 [ 859.190815][T14233] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.3822: invalid indirect mapped block 2683928664 (level 1) [ 859.230689][T14233] EXT4-fs (loop5): Remounting filesystem read-only [ 859.231668][T14233] EXT4-fs (loop5): 1 truncate cleaned up [ 859.238745][T14233] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 859.668732][T11394] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 860.185164][T14249] netlink: del zone limit has 4 unknown bytes [ 860.776596][T14257] loop1: detected capacity change from 0 to 164 [ 860.836031][T14257] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 860.880022][T14257] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 860.933148][T14257] rock: directory entry would overflow storage [ 860.933209][T14257] rock: sig=0x4f50, size=4, remaining=3 [ 860.933292][T14257] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 861.642894][T14264] binder: Bad value for 'max' [ 861.786243][T14270] netlink: 'syz.2.3840': attribute type 1 has an invalid length. [ 862.299857][T14273] netlink: 172 bytes leftover after parsing attributes in process `syz.5.3841'. [ 862.299963][T14273] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3841'. [ 862.341815][T14274] netlink: 'syz.2.3842': attribute type 2 has an invalid length. [ 862.489626][T14278] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3844'. [ 863.611350][T14288] /dev/nullb0: Can't open blockdev [ 864.461116][T14300] nbd: must specify an index to disconnect [ 866.092260][T14320] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3864'. [ 866.659036][T14322] loop5: detected capacity change from 0 to 2048 [ 866.699939][T14326] loop1: detected capacity change from 0 to 512 [ 866.787345][T14322] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found [ 866.787452][T14322] UDF-fs: Scanning with blocksize 512 failed [ 866.857520][T14326] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 866.857922][T14326] ext4 filesystem being mounted at /782/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 866.871727][T14322] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 867.013995][T14326] EXT4-fs error (device loop1): ext4_xattr_block_find:1869: inode #15: comm syz.1.3868: corrupted xattr block 33: invalid header [ 867.444687][ T5816] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 871.157739][T14382] netlink: 'syz.2.3894': attribute type 4 has an invalid length. [ 871.537357][T14386] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (10) [ 871.711919][T14390] loop2: detected capacity change from 0 to 256 [ 872.180800][T14390] FAT-fs (loop2): Directory bread(block 64) failed [ 872.180933][T14390] FAT-fs (loop2): Directory bread(block 65) failed [ 872.181198][T14390] FAT-fs (loop2): Directory bread(block 66) failed [ 872.181315][T14390] FAT-fs (loop2): Directory bread(block 67) failed [ 872.181819][T14390] FAT-fs (loop2): Directory bread(block 68) failed [ 872.181949][T14390] FAT-fs (loop2): Directory bread(block 69) failed [ 872.182220][T14390] FAT-fs (loop2): Directory bread(block 70) failed [ 872.182335][T14390] FAT-fs (loop2): Directory bread(block 71) failed [ 872.182584][T14390] FAT-fs (loop2): Directory bread(block 72) failed [ 872.182700][T14390] FAT-fs (loop2): Directory bread(block 73) failed [ 872.417744][ T30] kauditd_printk_skb: 6 callbacks suppressed [ 872.417818][ T30] audit: type=1800 audit(2000000504.370:199): pid=14390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3898" name="file1" dev="loop2" ino=1048668 res=0 errno=0 [ 873.934796][ T5812] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 873.947779][ T5812] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 873.950265][ T5812] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 873.992470][ T5812] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 873.997696][ T5812] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 874.668054][T14420] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (10) [ 874.907187][T14423] loop1: detected capacity change from 0 to 512 [ 874.929269][T14423] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 875.037818][T14423] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 875.038720][T14423] ext4 filesystem being mounted at /793/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 875.196481][T14423] Quota error (device loop1): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 875.197140][T14423] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 875.197592][T14423] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.3912: Failed to acquire dquot type 0 [ 875.728027][T14430] loop3: detected capacity change from 0 to 2048 [ 875.807419][ T5816] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 875.959258][T14430] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 876.141923][ T5812] Bluetooth: hci5: command tx timeout [ 876.500064][T14439] tmpfs: Bad value for 'mpol' [ 877.305568][T14452] loop2: detected capacity change from 0 to 8 [ 877.584388][T14411] chnl_net:caif_netlink_parms(): no params data found [ 878.107982][T14461] netlink: 304 bytes leftover after parsing attributes in process `syz.2.3928'. [ 878.198711][ T5812] Bluetooth: hci5: command tx timeout [ 878.780123][ T30] audit: type=1326 audit(2000000510.740:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 878.780347][ T30] audit: type=1326 audit(2000000510.740:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 878.864511][ T30] audit: type=1326 audit(2000000510.820:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=30 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 878.864784][ T30] audit: type=1326 audit(2000000510.820:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 878.865020][ T30] audit: type=1326 audit(2000000510.820:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14465 comm="syz.3.3930" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 879.298633][T14474] loop1: detected capacity change from 0 to 16 [ 879.403061][T14474] erofs (device loop1): mounted with root inode @ nid 36. [ 879.634192][T14480] netlink: 381 bytes leftover after parsing attributes in process `syz.3.3936'. [ 879.906264][T14411] bridge0: port 1(bridge_slave_0) entered blocking state [ 879.906667][T14411] bridge0: port 1(bridge_slave_0) entered disabled state [ 879.907282][T14411] bridge_slave_0: entered allmulticast mode [ 879.913485][T14411] bridge_slave_0: entered promiscuous mode [ 880.011730][T14411] bridge0: port 2(bridge_slave_1) entered blocking state [ 880.012228][T14411] bridge0: port 2(bridge_slave_1) entered disabled state [ 880.012839][T14411] bridge_slave_1: entered allmulticast mode [ 880.016438][T14411] bridge_slave_1: entered promiscuous mode [ 880.278623][ T5812] Bluetooth: hci5: command tx timeout [ 880.527853][T14411] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 880.651823][T14411] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 881.081977][T14411] team0: Port device team_slave_0 added [ 881.170622][T14411] team0: Port device team_slave_1 added [ 881.516249][T14411] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 881.516330][T14411] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 881.516484][T14411] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 881.552666][T14411] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 881.552772][T14411] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 881.552963][T14411] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 881.623976][T14492] loop1: detected capacity change from 0 to 4096 [ 881.746371][T14502] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 881.832298][T14503] netlink: 'syz.3.3947': attribute type 1 has an invalid length. [ 881.832407][T14503] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.3947'. [ 882.127209][T14411] hsr_slave_0: entered promiscuous mode [ 882.132193][T14411] hsr_slave_1: entered promiscuous mode [ 882.135638][T14411] debugfs: 'hsr0' already exists in 'hsr' [ 882.151415][T14411] Cannot create hsr debugfs directory [ 882.399223][ T5812] Bluetooth: hci5: command tx timeout [ 883.553767][T14517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3953'. [ 883.563449][T14517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3953'. [ 884.279172][T14525] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3957'. [ 884.312768][T14411] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 884.399500][T14411] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 884.515356][T14530] netlink: 64 bytes leftover after parsing attributes in process `syz.5.3960'. [ 884.539619][T14411] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 884.680070][T14411] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 885.420299][T14531] loop2: detected capacity change from 0 to 4096 [ 885.421733][T14538] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3963'. [ 885.464156][T14531] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 886.100110][T14542] netlink: 'syz.1.3965': attribute type 16 has an invalid length. [ 886.108616][T14542] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.3965'. [ 886.183918][T14531] ntfs3(loop2): ino=1a, mi_enum_attr [ 886.189802][T14531] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 886.273513][T14531] ntfs3(loop2): ino=1a, mi_enum_attr [ 886.279318][T14531] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 886.381857][T14411] 8021q: adding VLAN 0 to HW filter on device bond0 [ 886.672082][T14411] 8021q: adding VLAN 0 to HW filter on device team0 [ 886.801028][ T4226] bridge0: port 1(bridge_slave_0) entered blocking state [ 886.808802][ T4226] bridge0: port 1(bridge_slave_0) entered forwarding state [ 886.961287][ T4226] bridge0: port 2(bridge_slave_1) entered blocking state [ 886.968947][ T4226] bridge0: port 2(bridge_slave_1) entered forwarding state [ 889.095637][ T1106] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 889.304266][ T1106] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 889.572346][ T1106] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 889.870370][ T1106] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 890.172252][T14411] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 890.636733][ T1106] bridge_slave_1: left allmulticast mode [ 890.643922][ T1106] bridge_slave_1: left promiscuous mode [ 890.650808][ T1106] bridge0: port 2(bridge_slave_1) entered disabled state [ 890.794490][ T1106] bridge_slave_0: left allmulticast mode [ 890.800600][ T1106] bridge_slave_0: left promiscuous mode [ 890.807170][ T1106] bridge0: port 1(bridge_slave_0) entered disabled state [ 890.855496][T14581] loop5: detected capacity change from 0 to 4096 [ 890.943869][T14581] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 891.345938][T14581] ntfs3(loop5): ino=19, mi_enum_attr [ 891.351703][T14581] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 891.540700][T14581] ntfs3(loop5): failed to convert "c46c" to euc-jp [ 891.579113][T14581] ntfs3(loop5): ino=20, mi_enum_attr [ 892.673958][ T1106] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 892.753045][ T1106] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 892.809855][ T1106] bond0 (unregistering): Released all slaves [ 892.869961][ T1106] bond1 (unregistering): Released all slaves [ 893.248623][ T11] usb 3-1: new full-speed USB device number 16 using dummy_hcd [ 893.398506][ T5874] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 893.519954][ T11] usb 3-1: config 0 has an invalid interface number: 20 but max is 0 [ 893.528685][ T11] usb 3-1: config 0 has no interface number 0 [ 893.534997][ T11] usb 3-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 893.666457][ T5874] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 893.676760][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 893.685764][ T5874] usb 2-1: Product: syz [ 893.688671][ T11] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 893.690193][ T5874] usb 2-1: Manufacturer: syz [ 893.699461][ T11] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 893.703939][ T5874] usb 2-1: SerialNumber: syz [ 893.712795][ T11] usb 3-1: Product: syz [ 893.722901][ T11] usb 3-1: Manufacturer: syz [ 893.727696][ T11] usb 3-1: SerialNumber: syz [ 893.905642][ T5874] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 894.080830][ T11] usb 3-1: config 0 descriptor?? [ 894.090477][T14614] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 894.107928][T14590] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 894.215127][ T11] usb-storage 3-1:0.20: USB Mass Storage device detected [ 894.433407][ T11] usb-storage 3-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 894.539842][ T5874] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 894.619140][ T11] scsi host1: usb-storage 3-1:0.20 [ 894.885490][ T5874] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 894.897037][ T5874] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 894.911947][ T5874] usb 4-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 894.923278][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 895.097502][ T11] usb 3-1: USB disconnect, device number 16 [ 895.239636][ T1914] usb 2-1: USB disconnect, device number 16 [ 895.266102][T14590] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 895.274000][T14590] ath9k_htc: Failed to initialize the device [ 895.308577][ T5874] usb 4-1: config 0 descriptor?? [ 895.324689][ T5874] qmi_wwan 4-1:0.0: probe with driver qmi_wwan failed with error -22 [ 895.348394][ T1914] usb 2-1: ath9k_htc: USB layer deinitialized [ 895.495621][ T1106] hsr_slave_0: left promiscuous mode [ 895.584660][ T1106] hsr_slave_1: left promiscuous mode [ 895.594756][ T1106] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 895.603272][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 895.619217][ T5874] usb 4-1: USB disconnect, device number 11 [ 895.714128][ T1106] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 895.722320][ T1106] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 895.939241][ T1106] veth1_macvtap: left promiscuous mode [ 895.945098][ T1106] veth0_macvtap: left promiscuous mode [ 895.951885][ T1106] veth1_vlan: left promiscuous mode [ 895.957424][ T1106] veth0_vlan: left promiscuous mode [ 896.262188][T14644] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4005'. [ 897.806596][ T1106] team0 (unregistering): Port device team_slave_1 removed [ 897.852157][T14659] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4010'. [ 897.912145][ T1106] team0 (unregistering): Port device team_slave_0 removed [ 898.289627][T14643] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4004'. [ 898.318848][T14654] netlink: 830 bytes leftover after parsing attributes in process `syz.5.4008'. [ 898.821476][T14411] veth0_vlan: entered promiscuous mode [ 899.057165][T14411] veth1_vlan: entered promiscuous mode [ 899.456336][ T1106] ------------[ cut here ]------------ [ 899.462357][ T1106] WARNING: CPU: 1 PID: 1106 at net/xfrm/xfrm_state.c:3308 xfrm_state_fini+0x358/0x4c0 [ 899.472607][ T1106] Modules linked in: [ 899.478475][ T1106] CPU: 1 UID: 0 PID: 1106 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT(none) [ 899.488854][ T1106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 899.499315][ T1106] Workqueue: netns cleanup_net [ 899.504367][ T1106] RIP: 0010:xfrm_state_fini+0x358/0x4c0 [ 899.510357][ T1106] Code: ff 0f 84 eb fd ff ff 8b 7d d4 e8 63 da c3 f3 e9 de fd ff ff 8b 3a e8 57 da c3 f3 4d 85 ff 0f 84 41 fe ff ff e8 49 07 21 f3 90 <0f> 0b 90 4d 8b 26 4c 89 f7 e8 1a cf c3 f3 4c 8b 28 8b 02 89 45 d4 [ 899.530469][ T1106] RSP: 0018:ffff888107033a48 EFLAGS: 00010293 [ 899.536786][ T1106] RAX: ffffffff8ed3f757 RBX: ffff8880139c97c0 RCX: ffff888107094180 [ 899.545227][ T1106] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff888049795140 [ 899.553634][ T1106] RBP: ffff888107033a88 R08: ffffea000000000f R09: 0000000000000000 [ 899.562168][ T1106] R10: ffff888237c0d4b0 R11: ffffffff81d44d30 R12: ffff888049795140 [ 899.570473][ T1106] R13: 0000000000000000 R14: ffff8880139ca5e0 R15: ffff8880518d8028 [ 899.580820][ T1106] FS: 0000000000000000(0000) GS:ffff8881aa790000(0000) knlGS:0000000000000000 [ 899.590474][ T1106] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 899.597261][ T1106] CR2: 00000000f514fe7d CR3: 0000000047efa000 CR4: 00000000003526f0 [ 899.605560][ T1106] Call Trace: [ 899.609681][ T1106] [ 899.612770][ T1106] xfrm_net_exit+0x46/0x90 [ 899.617412][ T1106] ? __pfx_xfrm_net_exit+0x10/0x10 [ 899.622936][ T1106] ops_undo_list+0x6c2/0xb80 [ 899.627784][ T1106] cleanup_net+0xb8f/0x14b0 [ 899.632756][ T1106] ? __pfx_cleanup_net+0x10/0x10 [ 899.637927][ T1106] process_scheduled_works+0xb8e/0x1d80 [ 899.644101][ T1106] worker_thread+0xedf/0x1590 [ 899.649278][ T1106] kthread+0xd59/0xf00 [ 899.653559][ T1106] ? __pfx_worker_thread+0x10/0x10 [ 899.659124][ T1106] ? __pfx_kthread+0x10/0x10 [ 899.663935][ T1106] ret_from_fork+0x233/0x380 [ 899.668863][ T1106] ? __pfx_kthread+0x10/0x10 [ 899.673684][ T1106] ret_from_fork_asm+0x1a/0x30 [ 899.678842][ T1106] [ 899.683456][ T1106] ---[ end trace 0000000000000000 ]--- [ 899.697353][T14411] veth0_macvtap: entered promiscuous mode [ 899.748453][T14411] veth1_macvtap: entered promiscuous mode [ 899.883396][T14411] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 899.963938][T14411] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 900.094534][ T14] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 900.187267][ T14] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 900.335913][ T14] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 900.418735][ T14] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 900.611948][T14683] bond0 (uninitialized): option min_links: invalid value (18446744073675997248) [ 900.621995][T14683] bond0 (uninitialized): option min_links: allowed values 0 - 2147483647 [ 901.511709][T14695] netlink: 'syz.1.4023': attribute type 1 has an invalid length. [ 901.519986][T14695] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4023'. [ 902.265368][T14708] netdevsim netdevsim1: loading /lib/firmware// failed with error -22 [ 902.274188][T14708] netdevsim netdevsim1: Direct firmware load for / failed with error -22 [ 902.283219][T14708] netdevsim netdevsim1: Falling back to sysfs fallback for: / [ 903.032345][ T30] audit: type=1326 audit(2000000534.990:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.3.4031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 903.169192][ T30] audit: type=1326 audit(2000000535.050:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.3.4031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=395 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 903.192031][ T30] audit: type=1326 audit(2000000535.050:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.3.4031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 903.214802][ T30] audit: type=1326 audit(2000000535.050:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.3.4031" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 905.487432][T14757] loop3: detected capacity change from 0 to 512 [ 905.680284][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 905.686960][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 905.956405][T14757] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 905.971217][T14757] ext4 filesystem being mounted at /842/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 906.130610][T14768] ieee802154 phy0 wpan0: encryption failed: -22 [ 906.512333][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 907.081570][T14781] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4051'. [ 907.636086][T14785] loop2: detected capacity change from 0 to 2048 [ 907.735493][T14785] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 907.851878][T14796] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 907.902943][T14792] loop5: detected capacity change from 0 to 1024 [ 908.050435][T14785] NILFS error (device loop2): __nilfs_read_inode: invalid file type bits in mode 0177777 for inode 12 [ 908.059161][ T5874] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 908.174265][T14785] Remounting filesystem read-only [ 908.306902][ T5874] usb 4-1: Using ep0 maxpacket: 16 [ 908.372688][ T5874] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 908.382279][ T5874] usb 4-1: config 0 has no interface number 0 [ 908.495804][ T5874] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 908.505929][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 908.514674][ T5874] usb 4-1: Product: syz [ 908.519332][ T5874] usb 4-1: SerialNumber: syz [ 908.736672][ T5874] usb 4-1: config 0 descriptor?? [ 908.844674][ T5874] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input19 [ 909.013583][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 909.024979][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 909.033382][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 909.041635][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 909.052278][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 909.061196][ T5874] usb 4-1: USB disconnect, device number 12 [ 909.068344][ C1] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 909.075476][ C1] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 909.078798][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 909.092749][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 909.270337][ T5874] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 909.571659][ T4145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 909.580107][ T4145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 910.289568][ T5874] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 910.500861][ T5874] usb 3-1: Using ep0 maxpacket: 16 [ 910.550076][ T5874] usb 3-1: config 28 has an invalid interface number: 169 but max is 0 [ 910.559162][ T5874] usb 3-1: config 28 has no interface number 0 [ 910.565694][ T5874] usb 3-1: config 28 interface 169 has no altsetting 0 [ 910.660268][ T1914] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 910.722783][ T5874] usb 3-1: string descriptor 0 read error: -71 [ 910.730607][ T5874] usb 3-1: New USB device found, idVendor=04e8, idProduct=a101, bcdDevice= 4.48 [ 910.740311][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 910.883018][ T1914] usb 7-1: Using ep0 maxpacket: 16 [ 910.902409][ T5874] r8152-cfgselector 3-1: Unknown version 0x0000 [ 910.909266][ T5874] r8152-cfgselector 3-1: rejected 1 configuration due to insufficient available bus power [ 910.921343][ T5874] r8152-cfgselector 3-1: no configuration chosen from 1 choice [ 910.985776][ T1914] usb 7-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 910.995682][ T1914] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 911.004073][ T1914] usb 7-1: Product: syz [ 911.009090][ T1914] usb 7-1: Manufacturer: syz [ 911.013888][ T1914] usb 7-1: SerialNumber: syz [ 911.092122][ T5874] r8152-cfgselector 3-1: USB disconnect, device number 17 [ 911.177493][ T1914] usb 7-1: config 0 descriptor?? [ 911.429522][ T1914] speedtch 7-1:0.0: speedtch_bind: wrong device class 68 [ 911.436957][ T1914] speedtch 7-1:0.0: usbatm_usb_probe: bind failed: -19! [ 911.659713][ T5874] usb 7-1: USB disconnect, device number 2 [ 912.652656][T14847] RDS: rds_bind could not find a transport for fc02::, load rds_tcp or rds_rdma? [ 913.601939][T14863] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4082'. [ 913.625676][T14863] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4082'. [ 914.935389][T14885] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4089'. [ 914.942749][ T5874] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 915.164073][ T5874] usb 2-1: Using ep0 maxpacket: 16 [ 915.204609][ T5874] usb 2-1: config 0 has an invalid interface number: 163 but max is 0 [ 915.213392][ T5874] usb 2-1: config 0 has no interface number 0 [ 915.220105][ T5874] usb 2-1: config 0 interface 163 has no altsetting 0 [ 915.313703][ T5874] usb 2-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=56.cc [ 915.323656][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 915.332492][ T5874] usb 2-1: Product: syz [ 915.336855][ T5874] usb 2-1: Manufacturer: syz [ 915.341789][ T5874] usb 2-1: SerialNumber: syz [ 915.445796][ T5874] usb 2-1: config 0 descriptor?? [ 915.908757][T14898] netlink: 68 bytes leftover after parsing attributes in process `syz.6.4096'. [ 915.959620][ T5874] usb 2-1: USB disconnect, device number 17 [ 915.979914][ T5874] f81534a_ctrl 2-1:0.163: failed to set register 0x116: -19 [ 915.987548][ T5874] f81534a_ctrl 2-1:0.163: failed to enable ports: -19 [ 916.549653][T14906] loop3: detected capacity change from 0 to 256 [ 916.616761][T14904] loop2: detected capacity change from 0 to 512 [ 916.690450][T14906] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 916.735598][T14904] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 916.744749][T14904] EXT4-fs (loop2): blocks per group (34) and clusters per group (32768) inconsistent [ 917.032454][T14906] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 917.112965][T14912] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 917.248549][ T1914] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 917.265752][T14914] loop1: detected capacity change from 0 to 16 [ 917.401180][T14914] erofs (device loop1): mounted with root inode @ nid 36. [ 917.467519][ T1914] usb 3-1: config 0 has an invalid interface number: 111 but max is 0 [ 917.476435][ T1914] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 917.487008][ T1914] usb 3-1: config 0 has no interface number 0 [ 917.493421][ T1914] usb 3-1: too many endpoints for config 0 interface 111 altsetting 99: 44, using maximum allowed: 30 [ 917.506507][ T1914] usb 3-1: config 0 interface 111 altsetting 99 has 0 endpoint descriptors, different from the interface descriptor's value: 44 [ 917.520637][ T1914] usb 3-1: config 0 interface 111 has no altsetting 0 [ 917.527722][ T1914] usb 3-1: New USB device found, idVendor=13e5, idProduct=0001, bcdDevice=4e.53 [ 917.541695][ T1914] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 917.676409][ T1914] usb 3-1: config 0 descriptor?? [ 917.754580][ T1914] usb 3-1: selecting invalid altsetting 0 [ 917.810701][T14917] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4103'. [ 917.951191][ T1914] usb 3-1: USB disconnect, device number 18 [ 918.052709][T14922] tmpfs: Bad value for 'mpol' [ 918.935083][ T6315] udevd[6315]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.111/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 919.250030][T14921] loop5: detected capacity change from 0 to 4096 [ 919.364604][T14921] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 919.489139][T14937] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 919.504685][T14937] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 919.698852][ T5874] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 919.875662][T14921] ntfs3(loop5): ino=1a, mi_enum_attr [ 919.881860][T14921] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 919.898836][ T5874] usb 3-1: Using ep0 maxpacket: 8 [ 919.960066][T14921] ntfs3(loop5): ino=1a, mi_enum_attr [ 919.971285][T14921] ntfs3(loop5): Failed to initialize $Extend/$Reparse. [ 919.972355][ T5874] usb 3-1: config 0 has an invalid interface number: 31 but max is 0 [ 919.986781][ T5874] usb 3-1: config 0 has no interface number 0 [ 920.204088][ T5874] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 920.213736][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 920.222303][ T5874] usb 3-1: Product: syz [ 920.226663][ T5874] usb 3-1: Manufacturer: syz [ 920.231676][ T5874] usb 3-1: SerialNumber: syz [ 920.484750][ T5874] usb 3-1: config 0 descriptor?? [ 920.696453][T14945] loop1: detected capacity change from 0 to 1024 [ 920.751167][ T5874] usb 3-1: Found UVC 0.04 device syz (046d:08c3) [ 920.758006][ T5874] usb 3-1: Failed to initialize entity for entity 6 [ 920.767203][ T5874] usb 3-1: Failed to register entities (-22). [ 920.911410][T14945] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 921.048810][ T5874] usb 3-1: USB disconnect, device number 19 [ 921.163110][T14945] EXT4-fs error (device loop1): ext4_empty_dir:3109: inode #11: block 623: comm syz.1.4114: Attempting to read directory block (623) that is past i_size (638464) [ 921.179953][T14949] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 440: padding at end of block bitmap is not set [ 921.247902][T14945] EXT4-fs (loop1): Remounting filesystem read-only [ 921.776770][ T5816] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 922.067028][T14962] netlink: 'syz.6.4118': attribute type 26 has an invalid length. [ 922.998711][T14975] sock: sock_set_timeout: `syz.5.4124' (pid 14975) tries to set negative timeout [ 923.170067][T14978] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 923.768672][T14981] loop6: detected capacity change from 0 to 2048 [ 924.023459][T14981] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 925.809546][T15017] loop1: detected capacity change from 0 to 16 [ 925.894604][T15017] erofs (device loop1): mounted with root inode @ nid 36. [ 926.337710][T15023] binder: 15022:15023 ioctl c018620c 80000100 returned -1 [ 926.914426][T15030] netlink: 17 bytes leftover after parsing attributes in process `syz.3.4151'. [ 926.926343][T15030] netlink: zone id is out of range [ 926.937246][T15030] netlink: zone id is out of range [ 926.944391][T15030] netlink: zone id is out of range [ 926.949851][T15030] netlink: zone id is out of range [ 926.955171][T15030] netlink: zone id is out of range [ 926.960592][T15030] netlink: zone id is out of range [ 926.965850][T15030] netlink: zone id is out of range [ 926.971303][T15030] netlink: zone id is out of range [ 928.830225][T15056] loop5: detected capacity change from 0 to 1024 [ 928.949124][T15056] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 929.002788][T15056] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 929.057015][T15056] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e80ce018, mo2=0000] [ 929.175925][T15056] System zones: 0-1, 3-12 [ 929.291423][T15056] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #3: block 1: comm syz.5.4163: lblock 1 mapped to illegal pblock 1 (length 1) [ 929.369287][T15056] Quota error (device loop5): write_blk: dquota write failed [ 929.379956][T15056] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 929.390658][T15056] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.4163: Failed to acquire dquot type 0 [ 929.426121][T15064] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4165'. [ 929.458946][T15065] loop6: detected capacity change from 0 to 512 [ 929.499760][T15056] EXT4-fs error (device loop5): ext4_free_blocks:6696: comm syz.5.4163: Freeing blocks not in datazone - block = 0, count = 4096 [ 929.559483][T15065] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 929.635918][T15056] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.4163: Invalid inode bitmap blk 0 in block_group 0 [ 929.692658][ T3848] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:13: lblock 1 mapped to illegal pblock 1 (length 1) [ 929.738525][T15056] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem [ 929.776950][T15065] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 929.818987][T15056] EXT4-fs (loop5): 1 orphan inode deleted [ 929.823213][ T3848] Quota error (device loop5): remove_tree: Can't read quota data block 1 [ 929.827547][T15056] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 929.834701][ T3848] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:13: Failed to release dquot type 0 [ 929.929810][T15065] System zones: 1-12 [ 929.935490][T15065] EXT4-fs (loop6): 1 truncate cleaned up [ 929.943673][T15065] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 930.109858][T15056] EXT4-fs: Cannot change journaled quota options when quota turned on [ 930.446299][T15074] loop3: detected capacity change from 0 to 64 [ 930.458511][T15073] loop1: detected capacity change from 0 to 256 [ 930.468568][T15073] exfat: Deprecated parameter 'utf8' [ 930.474408][T15073] exfat: Deprecated parameter 'utf8' [ 930.480476][T15073] exfat: Deprecated parameter 'utf8' [ 930.486162][T15073] exfat: Deprecated parameter 'namecase' [ 930.583513][T11394] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 930.656701][T15074] Trying to free block not in datazone [ 930.663783][T15074] Trying to free block not in datazone [ 930.670059][T15074] Trying to free block not in datazone [ 930.675665][T15074] Trying to free block not in datazone [ 930.681489][T15074] minix_free_block (loop3:6): bit already cleared [ 930.688296][T15074] Trying to free block not in datazone [ 930.693973][T15074] Trying to free block not in datazone [ 930.786135][T15073] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d) [ 930.824955][T14411] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 933.917218][T15121] loop3: detected capacity change from 0 to 256 [ 934.692346][T15133] netlink: 'syz.6.4194': attribute type 30 has an invalid length. [ 935.127074][T15138] loop3: detected capacity change from 0 to 1024 [ 935.296272][T15138] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 935.609159][ T1914] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 935.741423][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 935.868053][ T1914] usb 7-1: config index 0 descriptor too short (expected 35577, got 27) [ 935.876894][ T1914] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 935.886012][ T1914] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 935.896506][ T1914] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 935.905865][ T1914] usb 7-1: config 1 has no interface number 0 [ 935.912509][ T1914] usb 7-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 17 [ 935.926033][ T1914] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 935.937071][ T1914] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 936.187758][ T1914] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found [ 936.241952][T15153] loop2: detected capacity change from 0 to 1024 [ 936.393610][ T1914] snd_usb_pod 7-1:1.1: endpoint not available, using fallback values [ 936.403154][ T1914] snd_usb_pod 7-1:1.1: invalid control EP [ 936.409258][ T1914] snd_usb_pod 7-1:1.1: cannot start listening: -22 [ 936.416155][ T1914] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected [ 936.426178][ T1914] snd_usb_pod 7-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 936.675957][ T1914] usb 7-1: USB disconnect, device number 3 [ 938.298864][T15180] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4213'. [ 938.681769][T15186] loop3: detected capacity change from 0 to 256 [ 939.977392][T15205] loop3: detected capacity change from 0 to 256 [ 940.073310][T15205] exfat: Deprecated parameter 'utf8' [ 940.079626][T15205] exfat: Deprecated parameter 'namecase' [ 940.455396][T15205] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 940.663710][T15207] bridge0: port 1(bridge_slave_0) entered disabled state [ 940.675489][T15207] bridge0: port 1(bridge_slave_0) entered blocking state [ 940.683326][T15207] bridge0: port 1(bridge_slave_0) entered forwarding state [ 940.934246][T15215] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4227'. [ 940.944417][T15215] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4227'. [ 940.956080][T15215] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4227'. [ 942.540789][ T30] audit: type=1326 audit(2000000574.480:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15237 comm="syz.2.4237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 942.563541][ T30] audit: type=1326 audit(2000000574.480:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15237 comm="syz.2.4237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 942.804389][ T30] audit: type=1326 audit(2000000574.550:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15237 comm="syz.2.4237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=305 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 942.827190][ T30] audit: type=1326 audit(2000000574.550:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15237 comm="syz.2.4237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 942.850428][ T30] audit: type=1326 audit(2000000574.550:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15237 comm="syz.2.4237" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 943.172069][T15246] loop3: detected capacity change from 0 to 512 [ 943.207346][T15249] net_ratelimit: 77 callbacks suppressed [ 943.207443][T15249] openvswitch: netlink: ufid size 20 bytes exceeds the range (1, 16) [ 943.230926][T15249] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 943.256475][T15246] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 944.315406][T15267] netlink: 92 bytes leftover after parsing attributes in process `syz.5.4249'. [ 944.979302][T15277] netlink: 'syz.3.4253': attribute type 21 has an invalid length. [ 945.539307][T15282] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4255'. [ 946.636245][T15296] loop3: detected capacity change from 0 to 2048 [ 946.716960][T15296] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=27485, location=27485 [ 946.965558][T15296] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 947.149427][T15310] overlayfs: unescaped trailing colons in lowerdir mount option. [ 949.738943][ T5874] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 949.944791][ T5874] usb 7-1: Using ep0 maxpacket: 32 [ 949.987346][ T5874] usb 7-1: config 0 interface 0 altsetting 128 endpoint 0x2 has invalid wMaxPacketSize 0 [ 949.999380][ T5874] usb 7-1: config 0 interface 0 has no altsetting 0 [ 950.006299][ T5874] usb 7-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00 [ 950.016016][ T5874] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 950.055705][ T5874] usb 7-1: config 0 descriptor?? [ 950.236506][T15350] qrtr: Invalid version 0 [ 950.348506][ T5874] usbhid 7-1:0.0: can't add hid device: -71 [ 950.355154][ T5874] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 950.520022][ T5874] usb 7-1: USB disconnect, device number 4 [ 950.761411][T15355] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4285'. [ 950.771009][T15355] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4285'. [ 951.789049][T15371] netlink: 'syz.3.4291': attribute type 2 has an invalid length. [ 951.797117][T15371] netlink: 'syz.3.4291': attribute type 1 has an invalid length. [ 952.415619][T15382] loop1: detected capacity change from 0 to 512 [ 952.535188][T15382] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 952.676182][T15382] EXT4-fs (loop1): 1 truncate cleaned up [ 952.684475][T15382] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 952.862975][T15382] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 953.156541][T15395] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4299'. [ 953.190138][T15394] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4300'. [ 953.199953][T15394] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4300'. [ 953.209287][T15394] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4300'. [ 953.367228][ T5816] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 954.107456][T15409] netlink: 'syz.5.4306': attribute type 1 has an invalid length. [ 954.119379][T15409] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 954.808509][ T30] audit: type=1326 audit(2000000586.760:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15414 comm="syz.6.4309" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x0 [ 955.404606][T15425] binder: 15424:15425 ioctl 400c620e 0 returned -14 [ 956.786768][T15449] netlink: zone id is out of range [ 957.113893][T15451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4327'. [ 957.717536][T15443] loop5: detected capacity change from 0 to 8192 [ 957.877605][T15443] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 957.999254][ T11] IPVS: starting estimator thread 0... [ 958.099017][T15467] IPVS: using max 192 ests per chain, 9600 per kthread [ 958.950266][T15479] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4338'. [ 959.170506][T15482] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4341'. [ 959.737935][T15493] loop2: detected capacity change from 0 to 256 [ 960.384656][T15493] FAT-fs (loop2): Directory bread(block 64) failed [ 960.392240][T15493] FAT-fs (loop2): Directory bread(block 65) failed [ 960.399528][T15493] FAT-fs (loop2): Directory bread(block 66) failed [ 960.408635][T15493] FAT-fs (loop2): Directory bread(block 67) failed [ 960.421582][T15493] FAT-fs (loop2): Directory bread(block 68) failed [ 960.430173][T15493] FAT-fs (loop2): Directory bread(block 69) failed [ 960.437510][T15493] FAT-fs (loop2): Directory bread(block 70) failed [ 960.444527][T15493] FAT-fs (loop2): Directory bread(block 71) failed [ 960.451629][T15493] FAT-fs (loop2): Directory bread(block 72) failed [ 960.458447][T15493] FAT-fs (loop2): Directory bread(block 73) failed [ 960.664273][T15493] FAT-fs (loop2): Filesystem has been set read-only [ 960.714834][T15505] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4353'. [ 960.724489][T15505] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4353'. [ 961.223332][T15511] loop1: detected capacity change from 0 to 64 [ 961.592502][T15515] loop2: detected capacity change from 0 to 16 [ 961.696568][T15515] cramfs: empty filesystem [ 962.121759][T15523] bpf: Bad value for 'mode' [ 962.936761][T15536] loop5: detected capacity change from 0 to 1024 [ 962.983684][T15536] EXT4-fs: Ignoring removed mblk_io_submit option [ 962.994576][T15536] EXT4-fs: inline encryption not supported [ 963.050798][T15536] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 963.191059][ T5874] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 963.214446][T15536] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.4368: bad orphan inode 11 [ 963.268809][T15536] EXT4-fs (loop5): Remounting filesystem read-only [ 963.277863][T15536] ext4_test_bit(bit=10, block=4) = 1 [ 963.289531][T15536] is_bad_inode(inode)=0 [ 963.293874][T15536] NEXT_ORPHAN(inode)=3254779904 [ 963.300717][T15536] max_ino=32 [ 963.304078][T15536] i_nlink=0 [ 963.309731][T15536] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 963.425763][ T5874] usb 7-1: Using ep0 maxpacket: 32 [ 963.461596][ T5874] usb 7-1: config 0 has an invalid interface number: 51 but max is 0 [ 963.471846][ T5874] usb 7-1: config 0 has no interface number 0 [ 963.478476][ T5874] usb 7-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 963.490107][ T5874] usb 7-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 963.586162][ T5874] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 963.595937][ T5874] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 963.604577][ T5874] usb 7-1: Product: syz [ 963.609085][ T5874] usb 7-1: Manufacturer: syz [ 963.613887][ T5874] usb 7-1: SerialNumber: syz [ 963.624455][ T5874] usb 7-1: config 0 descriptor?? [ 963.640661][ T5874] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 963.881171][T15534] loop1: detected capacity change from 0 to 4096 [ 963.959709][ T5874] usb 7-1: qt2_setup_urbs - submit read urb failed -90 [ 963.967909][ T5874] quatech2 7-1:0.51: probe with driver quatech2 failed with error -90 [ 963.983420][T15534] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 964.127376][T11394] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 964.178761][ T5874] usb 7-1: USB disconnect, device number 5 [ 965.337955][T15557] overlayfs: workdir and upperdir must be separate subtrees [ 966.382277][T15570] loop5: detected capacity change from 0 to 64 [ 966.796376][T15576] netlink: 'syz.2.4387': attribute type 13 has an invalid length. [ 967.102314][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 967.110662][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 967.376885][T15573] loop6: detected capacity change from 0 to 4096 [ 967.468596][ T30] audit: type=1326 audit(2000000599.420:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15581 comm="syz.5.4390" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 967.525620][T15579] loop3: detected capacity change from 0 to 2048 [ 967.625919][ T30] audit: type=1326 audit(2000000599.490:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15581 comm="syz.5.4390" exe="/root/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 967.648939][ T30] audit: type=1326 audit(2000000599.490:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15581 comm="syz.5.4390" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 967.671894][ T30] audit: type=1326 audit(2000000599.490:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15581 comm="syz.5.4390" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 967.778492][T15585] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 967.954309][T15579] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 968.036185][T15579] Remounting filesystem read-only [ 968.917727][T15596] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4396'. [ 968.984743][T15597] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4397'. [ 969.538688][ T11] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 969.763785][ T11] usb 7-1: config 1 has an invalid interface number: 140 but max is 0 [ 969.772521][ T11] usb 7-1: config 1 has no interface number 0 [ 969.779188][ T11] usb 7-1: New USB device found, idVendor=0dba, idProduct=5000, bcdDevice=3d.88 [ 969.788571][ T11] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 969.819916][T15612] netlink: 'syz.5.4404': attribute type 1 has an invalid length. [ 969.901627][ T11] usb 7-1: MBOX3: Invalid descriptor size=18. [ 970.185527][ T11] usb 7-1: USB disconnect, device number 6 [ 971.667017][T15633] loop2: detected capacity change from 0 to 1024 [ 972.904902][T15650] libceph: resolve '. [ 972.904902][T15650] #)|.زf͹Dza×ïÅ2sˆoÖw¿úÕ?£'Ê%ÐKAq‰f»CÖê¨Âz¿e­Sb3L)Hyúo¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM¤¨ìó¤h‡E$ [ 972.904902][T15650] ' (ret=-3): failed [ 974.282126][T15667] loop6: detected capacity change from 0 to 512 [ 974.429263][T15667] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 974.439652][T15667] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 974.516836][T15665] loop3: detected capacity change from 0 to 4096 [ 974.531364][T15667] EXT4-fs (loop6): orphan cleanup on readonly fs [ 974.542359][T15667] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #13: comm syz.6.4431: iget: bad i_size value: 12154761577498 [ 974.567771][T15667] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.4431: couldn't read orphan inode 13 (err -117) [ 974.617320][T15667] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 974.780402][T15667] EXT4-fs warning (device loop6): dx_probe:861: inode #2: comm syz.6.4431: dx entry: limit 65535 != root limit 120 [ 974.793670][T15667] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.4431: Corrupt directory, running e2fsck is recommended [ 975.350264][T14411] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 976.555759][T15692] sg_write: data in/out 512/1 bytes for SCSI command 0xb7-- guessing data in; [ 976.555759][T15692] program syz.1.4442 not setting count and/or reply_len properly [ 980.017797][T15741] loop6: detected capacity change from 0 to 256 [ 980.110415][T15743] loop1: detected capacity change from 0 to 65 [ 980.157002][T15743] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway [ 980.174055][T15741] FAT-fs (loop6): error, corrupted directory (invalid entries) [ 980.182195][T15741] FAT-fs (loop6): Filesystem has been set read-only [ 980.410642][T15747] sctp: [Deprecated]: syz.2.4470 (pid 15747) Use of struct sctp_assoc_value in delayed_ack socket option. [ 980.410642][T15747] Use struct sctp_sack_info instead [ 981.570987][T15761] rdma_rxe: rxe_newlink: rxe creation allowed on top of a real device only [ 981.776344][T15765] loop1: detected capacity change from 0 to 128 [ 981.828911][ T5874] usb 3-1: new high-speed USB device number 20 using dummy_hcd [ 981.922110][T15765] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 982.035409][ T5874] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 982.036346][T15765] ext4 filesystem being mounted at /912/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 982.045132][ T5874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 982.145284][ T5874] usb 3-1: config 0 descriptor?? [ 982.629034][ T5874] ath6kl: Failed to submit usb control message: -71 [ 982.635999][ T5874] ath6kl: unable to send the bmi data to the device: -71 [ 982.643529][ T5874] ath6kl: Unable to send get target info: -71 [ 982.663844][ T5874] ath6kl: Failed to init ath6kl core: -71 [ 982.676766][ T5874] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 982.849984][ T5874] usb 3-1: USB disconnect, device number 20 [ 982.909124][ T5816] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 983.092915][T15776] loop3: detected capacity change from 0 to 512 [ 983.268852][T15776] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.4482: bad orphan inode 11862016 [ 983.320877][T15776] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 983.334337][T15776] ext4 filesystem being mounted at /929/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 983.348455][T14590] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 983.489517][ T5874] usb 2-1: new full-speed USB device number 18 using dummy_hcd [ 983.518418][T14590] usb 7-1: Using ep0 maxpacket: 8 [ 983.568615][T14590] usb 7-1: config 2 has an invalid interface number: 31 but max is 0 [ 983.576962][T14590] usb 7-1: config 2 has no interface number 0 [ 983.583663][T14590] usb 7-1: config 2 interface 31 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 983.597076][T14590] usb 7-1: config 2 interface 31 has no altsetting 0 [ 983.706012][T14590] usb 7-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 983.715843][T14590] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 983.724857][T14590] usb 7-1: Product: syz [ 983.729429][T14590] usb 7-1: Manufacturer: syz [ 983.734221][T14590] usb 7-1: SerialNumber: syz [ 983.777433][ T5874] usb 2-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 983.789050][ T5874] usb 2-1: config 253 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 983.801236][ T5874] usb 2-1: config 253 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255 [ 983.906359][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 983.944792][ T5874] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 983.955414][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 983.968339][ T5874] usb 2-1: SerialNumber: syz [ 984.452297][ T5874] rndis_host 2-1:253.0: RNDIS init failed, -71 [ 984.463839][ T5874] rndis_host 2-1:253.0: probe with driver rndis_host failed with error -71 [ 984.580096][T14590] ch9200 7-1:2.31: probe with driver ch9200 failed with error -22 [ 984.621824][ T5874] usb 2-1: USB disconnect, device number 18 [ 984.632057][T14590] usb 7-1: USB disconnect, device number 7 [ 985.971776][T15810] loop2: detected capacity change from 0 to 8 [ 987.743267][T15833] loop3: detected capacity change from 0 to 256 [ 987.841191][T15833] exfat: Deprecated parameter 'namecase' [ 988.022074][T15833] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 988.414215][T15843] tmpfs: Bad value for 'mpol' [ 988.819627][T15846] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4513'. [ 989.509109][T15855] overlayfs: missing 'lowerdir' [ 991.001895][ T30] audit: type=1326 audit(2000000622.940:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15876 comm="syz.6.4529" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 991.127128][ T30] audit: type=1326 audit(2000000623.030:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15876 comm="syz.6.4529" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 991.150709][ T30] audit: type=1326 audit(2000000623.040:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15876 comm="syz.6.4529" exe="/root/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 991.174321][ T30] audit: type=1326 audit(2000000623.040:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15876 comm="syz.6.4529" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 992.740925][T15905] usb usb3: usbfs: process 15905 (syz.2.4542) did not claim interface 0 before use [ 993.622942][T15920] loop6: detected capacity change from 0 to 256 [ 993.730314][T15923] netlink: 'syz.3.4552': attribute type 2 has an invalid length. [ 993.929000][T14628] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 993.933242][ T30] audit: type=1800 audit(2000000625.890:223): pid=15920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4550" name="file1" dev="loop6" ino=1048680 res=0 errno=0 [ 994.178647][T14628] usb 2-1: config 0 has no interfaces? [ 994.184429][T14628] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 994.195257][T14628] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 994.319537][T14628] usb 2-1: config 0 descriptor?? [ 994.408786][T15929] loop3: detected capacity change from 0 to 256 [ 994.613632][ T5812] Bluetooth: hci2: unexpected event for opcode 0x0c22 [ 994.623203][T14590] usb 2-1: USB disconnect, device number 19 [ 994.684738][T15934] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4557'. [ 995.755575][T15952] loop5: detected capacity change from 0 to 128 [ 996.120373][T15955] syz.3.4568: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 996.136487][T15955] CPU: 1 UID: 0 PID: 15955 Comm: syz.3.4568 Tainted: G W syzkaller #0 PREEMPT(none) [ 996.136667][T15955] Tainted: [W]=WARN [ 996.136721][T15955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 996.136805][T15955] Call Trace: [ 996.136856][T15955] [ 996.136907][T15955] __dump_stack+0x26/0x30 [ 996.137095][T15955] dump_stack_lvl+0x1df/0x270 [ 996.137281][T15955] dump_stack+0x1e/0x25 [ 996.137448][T15955] warn_alloc+0x470/0x690 [ 996.137628][T15955] ? kmsan_get_metadata+0xfb/0x160 [ 996.137795][T15955] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 996.137985][T15955] __vmalloc_node_range_noprof+0x133/0x2360 [ 996.138141][T15955] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 996.138330][T15955] ? should_fail_ex+0x45/0x8a0 [ 996.138473][T15955] ? kmsan_get_metadata+0xfb/0x160 [ 996.138632][T15955] ? kmsan_get_metadata+0xfb/0x160 [ 996.138792][T15955] ? kmsan_get_metadata+0xfb/0x160 [ 996.138958][T15955] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 996.139143][T15955] ? kmsan_get_metadata+0xfb/0x160 [ 996.139315][T15955] vmalloc_user_noprof+0xce/0x140 [ 996.139458][T15955] ? xskq_create+0x11d/0x290 [ 996.139613][T15955] xskq_create+0x11d/0x290 [ 996.139768][T15955] xsk_init_queue+0xfd/0x1d0 [ 996.139913][T15955] xsk_setsockopt+0x7f6/0xfe0 [ 996.140093][T15955] ? __pfx_xsk_setsockopt+0x10/0x10 [ 996.140229][T15955] __sys_setsockopt+0x43b/0x580 [ 996.140439][T15955] __ia32_sys_setsockopt+0xf3/0x1a0 [ 996.140646][T15955] ia32_sys_call+0x24c2/0x4310 [ 996.140788][T15955] __do_fast_syscall_32+0xb0/0x150 [ 996.140959][T15955] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 996.141173][T15955] do_fast_syscall_32+0x38/0x80 [ 996.141321][T15955] do_SYSENTER_32+0x1f/0x30 [ 996.141458][T15955] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 996.141647][T15955] RIP: 0023:0xf706e539 [ 996.141753][T15955] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 996.141887][T15955] RSP: 002b:00000000f545e55c EFLAGS: 00000206 ORIG_RAX: 000000000000016e [ 996.142044][T15955] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b [ 996.142140][T15955] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004 [ 996.142230][T15955] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 996.142318][T15955] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 996.142422][T15955] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 996.142537][T15955] [ 996.395226][T15955] Mem-Info: [ 996.398999][T15955] active_anon:7617 inactive_anon:0 isolated_anon:0 [ 996.398999][T15955] active_file:3602 inactive_file:40229 isolated_file:0 [ 996.398999][T15955] unevictable:768 dirty:162 writeback:0 [ 996.398999][T15955] slab_reclaimable:5623 slab_unreclaimable:24278 [ 996.398999][T15955] mapped:30458 shmem:1399 pagetables:1795 [ 996.398999][T15955] sec_pagetables:0 bounce:0 [ 996.398999][T15955] kernel_misc_reclaimable:0 [ 996.398999][T15955] free:362553 free_pcp:12898 free_cma:0 [ 996.444699][T15955] Node 0 active_anon:30468kB inactive_anon:0kB active_file:14408kB inactive_file:160712kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121832kB dirty:648kB writeback:0kB shmem:4060kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5424kB pagetables:6776kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 996.479241][T15955] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:404kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 996.513099][T15955] Node 0 DMA free:4080kB boost:0kB min:164kB low:204kB high:244kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 996.543240][T15955] lowmem_reserve[]: 0 928 1241 1241 1241 [ 996.549553][T15955] Node 0 DMA32 free:535268kB boost:0kB min:36820kB low:46024kB high:55228kB reserved_highatomic:0KB free_highatomic:0KB active_anon:10344kB inactive_anon:0kB active_file:10248kB inactive_file:68484kB unevictable:0kB writepending:380kB present:3129332kB managed:951024kB mlocked:0kB bounce:0kB free_pcp:37692kB local_pcp:17296kB free_cma:0kB [ 996.583469][T15955] lowmem_reserve[]: 0 0 312 312 312 [ 996.589766][T15955] Node 0 Normal free:14960kB boost:0kB min:13016kB low:16268kB high:19520kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20124kB inactive_anon:0kB active_file:4160kB inactive_file:92228kB unevictable:1536kB writepending:268kB present:1048580kB managed:320476kB mlocked:0kB bounce:0kB free_pcp:13824kB local_pcp:6664kB free_cma:0kB [ 996.622416][T15955] lowmem_reserve[]: 0 0 0 0 0 [ 996.627684][T15955] Node 1 Normal free:895904kB boost:0kB min:40100kB low:50124kB high:60148kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:987120kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 996.660796][T15955] lowmem_reserve[]: 0 0 0 0 0 [ 996.666099][T15955] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 1*1024kB (U) 1*2048kB (U) 0*4096kB = 4080kB [ 996.683362][T15955] Node 0 DMA32: 295*4kB (UM) 191*8kB (UME) 209*16kB (UM) 76*32kB (UME) 69*64kB (UME) 39*128kB (UM) 27*256kB (UME) 17*512kB (UME) 8*1024kB (UME) 5*2048kB (UM) 118*4096kB (M) = 535268kB [ 996.703645][T15955] Node 0 Normal: 88*4kB (M) 38*8kB (UM) 8*16kB (ME) 3*32kB (ME) 6*64kB (ME) 1*128kB (U) 1*256kB (E) 4*512kB (UE) 1*1024kB (U) 1*2048kB (U) 2*4096kB (M) = 14960kB [ 996.722539][T15955] Node 1 Normal: 8*4kB (UE) 12*8kB (UME) 22*16kB (UE) 26*32kB (UME) 20*64kB (UME) 9*128kB (UME) 7*256kB (UME) 3*512kB (UE) 2*1024kB (UM) 3*2048kB (UM) 215*4096kB (M) = 895904kB [ 996.742392][T15955] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 996.752411][T15955] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 996.763532][T15955] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 996.773851][T15955] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 996.784803][T15955] 45183 total pagecache pages [ 996.789827][T15955] 0 pages in swap cache [ 996.794349][T15955] Free swap = 124996kB [ 996.798789][T15955] Total swap = 124996kB [ 996.803104][T15955] 2097051 pages RAM [ 996.807064][T15955] 0 pages HighMem/MovableOnly [ 996.812709][T15955] 1531372 pages reserved [ 996.817112][T15955] 0 pages cma reserved [ 997.465795][T15966] loop6: detected capacity change from 0 to 64 [ 997.564539][T15966] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 997.578766][T15966] hfs: filesystem is marked locked, mounting read-only. [ 997.836364][T15973] loop5: detected capacity change from 0 to 512 [ 998.152070][T15973] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 998.165300][T15973] ext4 filesystem being mounted at /368/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 998.549307][T15981] netlink: 164 bytes leftover after parsing attributes in process `syz.3.4578'. [ 998.712602][T15984] loop1: detected capacity change from 0 to 256 [ 998.775646][T15984] exfat: Deprecated parameter 'namecase' [ 998.897568][T11394] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 999.090288][T15984] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 999.526024][T15990] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4584'. [ 999.890942][T15975] Bluetooth: hci5: command 0x0406 tx timeout [ 1001.858420][T16022] ip6tnl3: entered promiscuous mode [ 1003.616127][T16047] sctp: [Deprecated]: syz.1.4611 (pid 16047) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1003.616127][T16047] Use struct sctp_sack_info instead [ 1004.700017][T16061] loop1: detected capacity change from 0 to 2048 [ 1004.871328][T16061] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1004.931400][T16067] loop2: detected capacity change from 0 to 64 [ 1005.288415][T14590] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 1005.510771][T16073] block device autoloading is deprecated and will be removed. [ 1005.548920][T14590] usb 6-1: config 0 has an invalid interface number: 52 but max is 0 [ 1005.557264][T14590] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1005.570650][T14590] usb 6-1: config 0 has no interface number 0 [ 1005.576984][T14590] usb 6-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10 [ 1005.589367][T14590] usb 6-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0 [ 1005.599711][T14590] usb 6-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1005.613377][T14590] usb 6-1: config 0 interface 52 has no altsetting 0 [ 1005.926929][T14590] usb 6-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00 [ 1005.937386][T14590] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=35 [ 1005.946128][T14590] usb 6-1: SerialNumber: syz [ 1006.082080][T14590] usb 6-1: config 0 descriptor?? [ 1006.350122][T14590] synaptics_usb 6-1:0.52: synusb_open - usb_submit_urb failed, error: -90 [ 1006.361308][T14590] synaptics_usb 6-1:0.52: probe with driver synaptics_usb failed with error -5 [ 1006.576553][ T1914] usb 6-1: USB disconnect, device number 8 [ 1008.885663][T16117] loop3: detected capacity change from 0 to 512 [ 1009.071107][T16117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1009.084731][T16117] ext4 filesystem being mounted at /964/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1009.155244][T16127] loop1: detected capacity change from 0 to 128 [ 1009.286099][T16117] Quota error (device loop3): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 1009.302120][T16117] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 1009.312766][T16117] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.4645: Failed to acquire dquot type 0 [ 1009.619210][T16130] netlink: 'syz.5.4650': attribute type 2 has an invalid length. [ 1009.627696][T16130] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4650'. [ 1009.822700][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1010.804566][T16146] loop2: detected capacity change from 0 to 256 [ 1010.873245][T16146] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1010.884356][T16146] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 1011.111761][T16146] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 1011.160119][T14590] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 1011.388838][T14590] usb 6-1: config 0 has an invalid interface number: 11 but max is 0 [ 1011.397339][T14590] usb 6-1: config 0 has no interface number 0 [ 1011.405486][T14590] usb 6-1: config 0 interface 11 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8 [ 1011.415943][T14590] usb 6-1: config 0 interface 11 altsetting 0 endpoint 0xE has invalid maxpacket 1023, setting to 64 [ 1011.427510][T14590] usb 6-1: config 0 interface 11 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 1024 [ 1011.568015][T14590] usb 6-1: New USB device found, idVendor=0f3d, idProduct=68aa, bcdDevice=b4.ca [ 1011.577709][T14590] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1011.586423][T14590] usb 6-1: Product: syz [ 1011.590971][T14590] usb 6-1: Manufacturer: syz [ 1011.595865][T14590] usb 6-1: SerialNumber: syz [ 1011.722900][T14590] usb 6-1: config 0 descriptor?? [ 1011.731337][T16151] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1011.751909][T16151] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1012.102287][T16151] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1012.135180][T16151] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 1012.191513][T14590] usb 6-1: No status endpoint found [ 1012.266597][T16167] loop6: detected capacity change from 0 to 512 [ 1012.442012][T14590] usb 6-1: USB disconnect, device number 9 [ 1012.537407][T16167] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1012.551446][T16167] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1012.701687][T16167] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.4668: corrupted xattr block 33: invalid header [ 1012.721928][T16167] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.4668: corrupted xattr block 33: invalid header [ 1012.772686][T16167] fscrypt (loop6, inode 15): Error -117 getting encryption context [ 1012.810683][T16176] loop2: detected capacity change from 0 to 256 [ 1013.033507][T14411] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1013.235143][T16180] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4674'. [ 1013.309555][T16176] FAT-fs (loop2): Directory bread(block 64) failed [ 1013.316435][T16176] FAT-fs (loop2): Directory bread(block 65) failed [ 1013.324391][T16176] FAT-fs (loop2): Directory bread(block 66) failed [ 1013.332377][T16176] FAT-fs (loop2): Directory bread(block 67) failed [ 1013.339583][T16176] FAT-fs (loop2): Directory bread(block 68) failed [ 1013.348600][T16176] FAT-fs (loop2): Directory bread(block 69) failed [ 1013.361575][T16176] FAT-fs (loop2): Directory bread(block 70) failed [ 1013.370233][T16176] FAT-fs (loop2): Directory bread(block 71) failed [ 1013.377188][T16176] FAT-fs (loop2): Directory bread(block 72) failed [ 1013.384224][T16176] FAT-fs (loop2): Directory bread(block 73) failed [ 1013.710626][T16184] loop1: detected capacity change from 0 to 164 [ 1013.834607][T16184] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 1015.643650][T16210] loop6: detected capacity change from 0 to 1024 [ 1016.155741][ T3545] hfsplus: b-tree write err: -5, ino 4 [ 1017.037484][T16220] loop5: detected capacity change from 0 to 4096 [ 1017.079643][T16220] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 1017.325135][T16237] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4702'. [ 1017.531224][T16220] ntfs3(loop5): Failed to load $Extend (-22). [ 1017.537546][T16220] ntfs3(loop5): Failed to initialize $Extend. [ 1018.068751][T14590] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 1018.310770][T14590] usb 3-1: Using ep0 maxpacket: 16 [ 1018.415061][T14590] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 1018.424843][T14590] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1018.433857][T14590] usb 3-1: Product: syz [ 1018.438486][T14590] usb 3-1: Manufacturer: syz [ 1018.443331][T14590] usb 3-1: SerialNumber: syz [ 1018.677283][T14590] usb 3-1: config 0 descriptor?? [ 1018.754386][T16247] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4707'. [ 1019.228504][T14590] dvb_usb_dtv5100 3-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -71 [ 1019.288861][T14590] usb 3-1: USB disconnect, device number 21 [ 1020.600235][T16253] loop6: detected capacity change from 0 to 4096 [ 1020.731074][T16261] loop2: detected capacity change from 0 to 16 [ 1020.826557][T16261] erofs (device loop2): mounted with root inode @ nid 36. [ 1020.945974][T16261] erofs (device loop2): corrupted dir block 0 @ nid 36 [ 1020.966832][T16267] loop1: detected capacity change from 0 to 256 [ 1021.210642][T16253] ntfs3(loop6): Failed to initialize $Extend/$ObjId. [ 1021.563033][T16267] FAT-fs (loop1): Directory bread(block 64) failed [ 1021.570488][T16267] FAT-fs (loop1): Directory bread(block 65) failed [ 1021.577573][T16267] FAT-fs (loop1): Directory bread(block 66) failed [ 1021.584981][T16267] FAT-fs (loop1): Directory bread(block 67) failed [ 1021.592068][T16267] FAT-fs (loop1): Directory bread(block 68) failed [ 1021.599293][T16267] FAT-fs (loop1): Directory bread(block 69) failed [ 1021.606206][T16267] FAT-fs (loop1): Directory bread(block 70) failed [ 1021.613192][T16267] FAT-fs (loop1): Directory bread(block 71) failed [ 1021.620278][T16267] FAT-fs (loop1): Directory bread(block 72) failed [ 1021.627023][T16267] FAT-fs (loop1): Directory bread(block 73) failed [ 1021.794001][T16269] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4718'. [ 1021.891782][T16273] netlink: 'syz.2.4720': attribute type 10 has an invalid length. [ 1021.900278][T16273] macvlan0: entered allmulticast mode [ 1021.907216][T16273] veth1_vlan: entered allmulticast mode [ 1021.928429][T16273] team0: Port device macvlan0 added [ 1022.003136][ T30] audit: type=1800 audit(2000000653.930:224): pid=16267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.4716" name="file2" dev="loop1" ino=1048688 res=0 errno=0 [ 1022.484544][T16272] loop5: detected capacity change from 0 to 2048 [ 1022.567687][T16272] EXT4-fs: Ignoring removed mblk_io_submit option [ 1022.859124][T16278] loop1: detected capacity change from 0 to 64 [ 1022.918589][T16272] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1022.961305][T16283] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4723'. [ 1022.974099][T16283] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4723'. [ 1023.053548][T16284] loop2: detected capacity change from 0 to 64 [ 1023.126008][T16272] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4719: bg 0: block 234: padding at end of block bitmap is not set [ 1023.171410][T16272] EXT4-fs (loop5): Remounting filesystem read-only [ 1023.550680][T16286] loop6: detected capacity change from 0 to 1024 [ 1023.575754][T16286] EXT4-fs: Ignoring removed bh option [ 1023.619916][T11394] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1023.666715][T16288] netlink: 'syz.3.4726': attribute type 1 has an invalid length. [ 1023.675982][T16288] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4726'. [ 1023.829607][T16286] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1023.881048][T16292] comedi comedi4: bad chanlist[0]=0x00000009 chan=9 range length=2 [ 1023.929808][T16286] EXT4-fs warning (device loop6): ext4_empty_dir:3089: inode #11: comm syz.6.4725: directory missing '.' [ 1024.100906][T16294] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4728'. [ 1024.115926][T16294] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4728'. [ 1024.391064][T14411] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1025.012172][T16308] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4734'. [ 1025.550397][T16303] loop6: detected capacity change from 0 to 4096 [ 1025.639261][T16303] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 1025.725389][T16316] trusted_key: encrypted_key: master key parameter '' is invalid [ 1025.823655][T16313] loop2: detected capacity change from 0 to 1024 [ 1026.025296][T16303] ntfs3(loop6): ino=19, mi_enum_attr [ 1026.032777][T16303] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1026.359023][T16321] netlink: 'syz.3.4741': attribute type 1 has an invalid length. [ 1027.699506][T16332] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4747'. [ 1028.419516][T16342] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4752'. [ 1028.555087][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 1028.564325][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 1028.966833][T16347] syz.3.4754 (16347): /proc/16345/oom_adj is deprecated, please use /proc/16345/oom_score_adj instead. [ 1029.375776][T16350] loop2: detected capacity change from 0 to 512 [ 1029.520296][T16350] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1029.702745][T16350] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1029.716645][T16350] ext4 filesystem being mounted at /1006/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1029.910802][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1031.108647][ T30] audit: type=1326 audit(2000000663.040:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16376 comm="syz.3.4767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1031.133880][ T30] audit: type=1326 audit(2000000663.070:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16376 comm="syz.3.4767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1031.156793][ T30] audit: type=1326 audit(2000000663.070:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16376 comm="syz.3.4767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1031.181199][ T30] audit: type=1326 audit(2000000663.070:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16376 comm="syz.3.4767" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 1032.706107][T16401] tmpfs: Bad value for 'mpol' [ 1032.788537][ T1914] usb 4-1: new full-speed USB device number 13 using dummy_hcd [ 1032.997548][ T1914] usb 4-1: config 1 has an invalid interface number: 236 but max is 1 [ 1033.008822][ T1914] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1033.026488][ T1914] usb 4-1: config 1 has 3 interfaces, different from the descriptor's value: 2 [ 1033.037266][ T1914] usb 4-1: config 1 has no interface number 2 [ 1033.043928][ T1914] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 1033.055271][ T1914] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1033.065493][ T1914] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1033.078916][ T1914] usb 4-1: config 1 interface 1 has no altsetting 0 [ 1033.125923][T16406] loop2: detected capacity change from 0 to 164 [ 1033.207255][T16406] Unable to read rock-ridge attributes [ 1033.296484][ T1914] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1033.308856][ T1914] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1033.319091][ T1914] usb 4-1: Product: syz [ 1033.328619][ T1914] usb 4-1: Manufacturer: syz [ 1033.333457][ T1914] usb 4-1: SerialNumber: syz [ 1033.461049][T16397] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1033.502501][ T1914] cdc_ncm 4-1:1.0: skipping garbage [ 1033.508217][ T1914] cdc_ncm 4-1:1.0: NCM or ECM functional descriptors missing [ 1033.515921][ T1914] cdc_ncm 4-1:1.0: bind() failure [ 1033.545549][ T1914] cdc_ncm 4-1:1.236: CDC Union missing and no IAD found [ 1033.553262][ T1914] cdc_ncm 4-1:1.236: bind() failure [ 1034.110234][ T1914] usb 4-1: USB disconnect, device number 13 [ 1034.274887][T16421] loop5: detected capacity change from 0 to 128 [ 1035.729557][T16440] loop5: detected capacity change from 0 to 256 [ 1035.859595][T16440] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf4000b1f, utbl_chksum : 0xe619d30d) [ 1036.087307][T16444] loop6: detected capacity change from 0 to 2048 [ 1036.172138][T16444] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found [ 1036.182720][T16444] UDF-fs: Scanning with blocksize 512 failed [ 1036.356098][T16444] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1036.447290][T16450] netlink: 'syz.3.4803': attribute type 10 has an invalid length. [ 1036.456740][T16450] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4803'. [ 1036.469284][T16450] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 1037.297134][T16464] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4807'. [ 1037.458743][ T1914] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 1037.668843][ T1914] usb 4-1: Using ep0 maxpacket: 8 [ 1037.741287][ T1914] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1037.752951][ T1914] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1037.763249][ T1914] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1037.773295][ T1914] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024 [ 1037.784887][ T1914] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1037.795323][ T1914] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1037.804744][ T1914] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1038.140184][ T1914] usb 4-1: config 0 descriptor?? [ 1038.157532][T16460] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1039.035309][T15975] Bluetooth: hci1: Opcode 0x0c03 failed: -71 [ 1039.052524][ T1914] usb 4-1: USB disconnect, device number 14 [ 1039.756210][T16473] loop2: detected capacity change from 0 to 4096 [ 1040.372859][T16485] loop6: detected capacity change from 0 to 2048 [ 1040.620619][T16485] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1041.280785][T14411] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1043.103487][T16511] loop5: detected capacity change from 0 to 2048 [ 1043.191090][T16511] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1043.838963][T16519] dlm: no local IP address has been set [ 1043.845802][T16519] dlm: cannot start dlm midcomms -107 [ 1044.029573][T16525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4836'. [ 1044.848010][T16537] loop5: detected capacity change from 0 to 512 [ 1044.915076][T16537] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1045.066851][T16537] EXT4-fs (loop5): 1 truncate cleaned up [ 1045.146827][T16537] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1045.433542][T16546] xfrm0: entered promiscuous mode [ 1045.439020][T16546] xfrm0: entered allmulticast mode [ 1045.455292][ T1914] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 1045.650313][ T1914] usb 2-1: Using ep0 maxpacket: 16 [ 1045.732212][ T1914] usb 2-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76 [ 1045.741697][ T1914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1045.750259][ T1914] usb 2-1: Product: syz [ 1045.754632][ T1914] usb 2-1: Manufacturer: syz [ 1045.759554][ T1914] usb 2-1: SerialNumber: syz [ 1045.816416][T11394] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1045.852340][ T1914] usb 2-1: config 0 descriptor?? [ 1046.165296][ T1914] usb 2-1: ignoring: not an USB2CAN converter [ 1046.400804][T14590] usb 2-1: USB disconnect, device number 20 [ 1046.731051][T16558] RDS: rds_bind could not find a transport for 2001::2, load rds_tcp or rds_rdma? [ 1047.020978][T16562] loop2: detected capacity change from 0 to 512 [ 1047.196939][T16562] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #15: comm syz.2.4853: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964) [ 1047.228319][T16562] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.4853: couldn't read orphan inode 15 (err -117) [ 1047.246171][T16562] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1047.874262][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1048.888408][T16589] netlink: 'syz.5.4865': attribute type 27 has an invalid length. [ 1048.896477][T16589] netlink: 'syz.5.4865': attribute type 3 has an invalid length. [ 1048.904876][T16589] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4865'. [ 1050.134344][T16592] loop2: detected capacity change from 0 to 4096 [ 1050.199067][T16592] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 1050.920597][T16592] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 1051.044951][T16612] loop5: detected capacity change from 0 to 1024 [ 1051.372017][ T4145] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 1051.437583][ T5817] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 1051.446961][ T5817] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 1051.455446][ T5817] ntfs3(loop2): ino=3, ntfs_set_state failed, -22. [ 1051.581458][T16478] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22. [ 1051.872983][T16478] hfsplus: b-tree write err: -5, ino 4 [ 1053.194364][T16635] rdma_rxe: rxe_newlink: failed to add lo [ 1053.909510][T16627] loop3: detected capacity change from 0 to 8192 [ 1054.047726][T16645] overlayfs: failed to resolve './file0': -2 [ 1054.138464][T16627] FAT-fs (loop3): error, clusters badly computed (1 != 0) [ 1054.865856][T16653] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4896'. [ 1056.321657][T16672] loop3: detected capacity change from 0 to 256 [ 1056.339500][T16674] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4906'. [ 1056.820978][T16672] FAT-fs (loop3): Directory bread(block 64) failed [ 1056.827761][T16672] FAT-fs (loop3): Directory bread(block 65) failed [ 1056.835155][T16672] FAT-fs (loop3): Directory bread(block 66) failed [ 1056.845378][T16672] FAT-fs (loop3): Directory bread(block 67) failed [ 1056.855412][T16672] FAT-fs (loop3): Directory bread(block 68) failed [ 1056.862801][T16672] FAT-fs (loop3): Directory bread(block 69) failed [ 1056.871598][T16672] FAT-fs (loop3): Directory bread(block 70) failed [ 1056.878977][T16672] FAT-fs (loop3): Directory bread(block 71) failed [ 1056.885971][T16672] FAT-fs (loop3): Directory bread(block 72) failed [ 1056.893047][T16672] FAT-fs (loop3): Directory bread(block 73) failed [ 1057.317167][T16687] loop1: detected capacity change from 0 to 1024 [ 1058.479735][T16701] ------------[ cut here ]------------ [ 1058.485405][T16701] verifier bug: REG INVARIANTS VIOLATION (false_reg1): range bounds violation u64=[0x10000008, 0x10000008] s64=[0x10000008, 0x10000008] u32=[0x10000008, 0x10000000] s32=[0x10000008, 0x10000008] var_off=(0x10000008, 0x0)(1) [ 1058.509913][T16701] WARNING: CPU: 1 PID: 16701 at kernel/bpf/verifier.c:2728 reg_bounds_sanity_check+0xb26/0x14b0 [ 1058.521468][T16701] Modules linked in: [ 1058.525634][T16701] CPU: 1 UID: 0 PID: 16701 Comm: syz.2.4919 Tainted: G W syzkaller #0 PREEMPT(none) [ 1058.537111][T16701] Tainted: [W]=WARN [ 1058.541336][T16701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1058.551799][T16701] RIP: 0010:reg_bounds_sanity_check+0xb26/0x14b0 [ 1058.558614][T16701] Code: ff ff ff b5 20 ff ff ff ff b5 18 ff ff ff ff b5 48 ff ff ff ff b5 10 ff ff ff ff b5 08 ff ff ff e8 df 0a 02 ff 48 83 c4 38 90 <0f> 0b 90 90 4c 8b bd 70 ff ff ff e9 83 f8 ff ff 8b 3a e8 43 62 79 [ 1058.581481][T16701] RSP: 0018:ffff88802c222f28 EFLAGS: 00010286 [ 1058.587831][T16701] RAX: ffffffff81207e8e RBX: ffff88804dcea438 RCX: 0000000000080000 [ 1058.596251][T16701] RDX: ffffc90008802000 RSI: 00000000000096a2 RDI: 00000000000096a3 [ 1058.604776][T16701] RBP: ffff88802c2230a8 R08: ffffea000000000f R09: 0000000000000000 [ 1058.615123][T16701] R10: ffff888237b7b028 R11: ffff88823f2635e0 R12: 0000000000000000 [ 1058.623823][T16701] R13: ffff888054b3ac20 R14: 0000000000000000 R15: 0000000000000000 [ 1058.632360][T16701] FS: 0000000000000000(0000) GS:ffff8881aa790000(0063) knlGS:00000000f5436b40 [ 1058.648424][T16701] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 1058.655231][T16701] CR2: 0000000080002000 CR3: 00000000524f4000 CR4: 00000000003526f0 [ 1058.663833][T16701] Call Trace: [ 1058.667372][T16701] [ 1058.670792][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.676273][T16701] reg_set_min_max+0x3a8/0x440 [ 1058.681625][T16701] check_cond_jmp_op+0x3187/0x4820 [ 1058.687094][T16701] do_check+0x2374/0x15760 [ 1058.691969][T16701] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1058.698270][T16701] ? __rcu_read_unlock+0x6d/0xd0 [ 1058.703502][T16701] ? __pfx_verbose+0x10/0x10 [ 1058.710473][T16701] ? __pfx_disasm_kfunc_name+0x10/0x10 [ 1058.716412][T16701] do_check_common+0x2482/0x3740 [ 1058.722418][T16701] bpf_check+0x61f8/0x2a100 [ 1058.727379][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.732975][T16701] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1058.739280][T16701] ? pcpu_block_update_hint_alloc+0x12df/0x1390 [ 1058.745813][T16701] ? kmsan_get_metadata+0x150/0x160 [ 1058.751449][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.756923][T16701] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1058.764595][T16701] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1058.771162][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.776549][T16701] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1058.783261][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.788874][T16701] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1058.794990][T16701] ? strncpy_from_user+0xb1/0x470 [ 1058.800601][T16701] ? stack_depot_save_flags+0x35/0x7b0 [ 1058.806327][T16701] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1058.814936][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.821038][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.826452][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.832052][T16701] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1058.838920][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.844353][T16701] ? kmsan_get_metadata+0xfb/0x160 [ 1058.850017][T16701] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1058.856116][T16701] bpf_prog_load+0x28e6/0x2e50 [ 1058.861486][T16701] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1058.868328][T16701] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1058.874667][T16701] ? security_bpf+0x88/0x620 [ 1058.879808][T16701] ? _copy_from_user+0xcb/0x100 [ 1058.884951][T16701] __sys_bpf+0x7f4/0xed0 [ 1058.889642][T16701] __ia32_sys_bpf+0xa4/0xf0 [ 1058.894447][T16701] ia32_sys_call+0xadf/0x4310 [ 1058.899575][T16701] __do_fast_syscall_32+0xb0/0x150 [ 1058.904961][T16701] do_fast_syscall_32+0x38/0x80 [ 1058.910306][T16701] do_SYSENTER_32+0x1f/0x30 [ 1058.916780][T16701] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1058.924046][T16701] RIP: 0023:0xf7f38539 [ 1058.928553][T16701] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 1058.948619][T16701] RSP: 002b:00000000f543655c EFLAGS: 00000206 ORIG_RAX: 0000000000000165 [ 1058.957329][T16701] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000180 [ 1058.965804][T16701] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 1058.974195][T16701] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1058.982691][T16701] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1058.991150][T16701] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1058.999629][T16701] [ 1059.002800][T16701] ---[ end trace 0000000000000000 ]--- [ 1060.549255][ T30] audit: type=1326 audit(2000000692.500:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.2.4933" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 1060.571529][ C1] vkms_vblank_simulate: vblank timer overrun [ 1060.707688][ T30] audit: type=1326 audit(2000000692.570:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.2.4933" exe="/root/syz-executor" sig=0 arch=40000003 syscall=95 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 1060.731037][ T30] audit: type=1326 audit(2000000692.570:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.2.4933" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 1060.759504][ T30] audit: type=1326 audit(2000000692.570:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16729 comm="syz.2.4933" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38539 code=0x7ffc0000 [ 1061.003417][T14628] usb 6-1: new low-speed USB device number 10 using dummy_hcd [ 1061.245326][T14628] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1061.331091][T14628] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1061.341749][T14628] usb 6-1: config 1 interface 0 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1061.355265][T14628] usb 6-1: config 1 interface 0 has no altsetting 0 [ 1061.491721][T14628] usb 6-1: string descriptor 0 read error: -22 [ 1061.498850][T14628] usb 6-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40 [ 1061.508511][T14628] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1061.606597][T16740] loop1: detected capacity change from 0 to 2048 [ 1061.800478][T16746] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1061.815717][T14628] usb 6-1: USB disconnect, device number 10 [ 1061.932854][T16740] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 1061.954845][T16743] loop2: detected capacity change from 0 to 2048 [ 1061.998697][T16740] Remounting filesystem read-only [ 1062.155983][T16743] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1062.643326][ T5816] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 1062.914496][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1064.332306][T16771] loop1: detected capacity change from 0 to 1024 [ 1064.642082][T16771] ===================================================== [ 1064.651252][T16771] BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x1173/0x17e0 [ 1064.659750][T16771] hfsplus_rename_cat+0x1173/0x17e0 [ 1064.665181][T16771] hfsplus_rename+0x1fc/0x2f0 [ 1064.670318][T16771] vfs_rename+0x1f4e/0x2530 [ 1064.675114][T16771] do_renameat2+0x1484/0x1a50 [ 1064.680291][T16771] __ia32_sys_rename+0xd7/0x140 [ 1064.685364][T16771] ia32_sys_call+0x351c/0x4310 [ 1064.690676][T16771] __do_fast_syscall_32+0xb0/0x150 [ 1064.696478][T16771] do_fast_syscall_32+0x38/0x80 [ 1064.701787][T16771] do_SYSENTER_32+0x1f/0x30 [ 1064.706523][T16771] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1064.713321][T16771] [ 1064.715741][T16771] Uninit was stored to memory at: [ 1064.721216][T16771] hfsplus_rename_cat+0x10a9/0x17e0 [ 1064.726620][T16771] hfsplus_rename+0x1fc/0x2f0 [ 1064.731705][T16771] vfs_rename+0x1f4e/0x2530 [ 1064.736478][T16771] do_renameat2+0x1484/0x1a50 [ 1064.743443][T16771] __ia32_sys_rename+0xd7/0x140 [ 1064.748935][T16771] ia32_sys_call+0x351c/0x4310 [ 1064.755434][T16771] __do_fast_syscall_32+0xb0/0x150 [ 1064.761343][T16771] do_fast_syscall_32+0x38/0x80 [ 1064.766370][T16771] do_SYSENTER_32+0x1f/0x30 [ 1064.771324][T16771] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1064.777872][T16771] [ 1064.780445][T16771] Uninit was stored to memory at: [ 1064.785710][T16771] hfsplus_create_cat+0x18fb/0x1910 [ 1064.791297][T16771] hfsplus_fill_super+0x211d/0x2730 [ 1064.796686][T16771] get_tree_bdev_flags+0x6e3/0x920 [ 1064.802239][T16771] get_tree_bdev+0x38/0x50 [ 1064.806848][T16771] hfsplus_get_tree+0x35/0x40 [ 1064.811892][T16771] vfs_get_tree+0xb0/0x5c0 [ 1064.816525][T16771] do_new_mount+0x733/0x1420 [ 1064.821478][T16771] path_mount+0x6db/0x1e90 [ 1064.826091][T16771] __se_sys_mount+0x6eb/0x7d0 [ 1064.831809][T16771] __ia32_sys_mount+0xe2/0x150 [ 1064.836835][T16771] ia32_sys_call+0x2c16/0x4310 [ 1064.842022][T16771] __do_fast_syscall_32+0xb0/0x150 [ 1064.847317][T16771] do_fast_syscall_32+0x38/0x80 [ 1064.854596][T16771] do_SYSENTER_32+0x1f/0x30 [ 1064.859884][T16771] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1064.866441][T16771] [ 1064.869060][T16771] Uninit was created at: [ 1064.873539][T16771] __alloc_frozen_pages_noprof+0x689/0xf00 [ 1064.879706][T16771] alloc_pages_mpol+0x328/0x860 [ 1064.884756][T16771] alloc_frozen_pages_noprof+0xf7/0x200 [ 1064.890742][T16771] allocate_slab+0x24d/0x1220 [ 1064.895613][T16771] ___slab_alloc+0xff3/0x3470 [ 1064.900634][T16771] kmem_cache_alloc_lru_noprof+0x922/0xed0 [ 1064.906680][T16771] hfsplus_alloc_inode+0x5a/0xd0 [ 1064.912009][T16771] alloc_inode+0x87/0x4a0 [ 1064.916538][T16771] iget_locked+0x239/0x12d0 [ 1064.922171][T16771] hfsplus_iget+0x5c/0xb80 [ 1064.926761][T16771] hfsplus_lookup+0xd5f/0xf70 [ 1064.931859][T16771] __lookup_slow+0x560/0x760 [ 1064.936626][T16771] lookup_slow+0x6a/0xd0 [ 1064.941221][T16771] walk_component+0x444/0x650 [ 1064.946061][T16771] path_lookupat+0x251/0x6b0 [ 1064.951187][T16771] filename_lookup+0x2bd/0x800 [ 1064.957629][T16771] path_listxattrat+0x16d/0x6e0 [ 1064.963138][T16771] __ia32_sys_llistxattr+0xa4/0x100 [ 1064.968709][T16771] ia32_sys_call+0x3c74/0x4310 [ 1064.973671][T16771] __do_fast_syscall_32+0xb0/0x150 [ 1064.979133][T16771] do_fast_syscall_32+0x38/0x80 [ 1064.984158][T16771] do_SYSENTER_32+0x1f/0x30 [ 1064.989013][T16771] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1064.995556][T16771] [ 1064.998808][T16771] CPU: 1 UID: 0 PID: 16771 Comm: syz.1.4952 Tainted: G W syzkaller #0 PREEMPT(none) [ 1065.010383][T16771] Tainted: [W]=WARN [ 1065.014295][T16771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1065.024703][T16771] ===================================================== [ 1065.031963][T16771] Disabling lock debugging due to kernel taint [ 1065.038394][T16771] Kernel panic - not syncing: kmsan.panic set ... [ 1065.044956][T16771] CPU: 1 UID: 0 PID: 16771 Comm: syz.1.4952 Tainted: G B W syzkaller #0 PREEMPT(none) [ 1065.056127][T16771] Tainted: [B]=BAD_PAGE, [W]=WARN [ 1065.061270][T16771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1065.071472][T16771] Call Trace: [ 1065.074873][T16771] [ 1065.077920][T16771] __dump_stack+0x26/0x30 [ 1065.082478][T16771] dump_stack_lvl+0x53/0x270 [ 1065.087291][T16771] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.093342][T16771] dump_stack+0x1e/0x25 [ 1065.097697][T16771] vpanic+0x361/0xc50 [ 1065.101885][T16771] panic+0x15d/0x160 [ 1065.106041][T16771] kmsan_report+0x31c/0x320 [ 1065.110743][T16771] ? __msan_warning+0x1b/0x30 [ 1065.115600][T16771] ? hfsplus_rename_cat+0x1173/0x17e0 [ 1065.121227][T16771] ? hfsplus_rename+0x1fc/0x2f0 [ 1065.126288][T16771] ? vfs_rename+0x1f4e/0x2530 [ 1065.131168][T16771] ? do_renameat2+0x1484/0x1a50 [ 1065.136230][T16771] ? __ia32_sys_rename+0xd7/0x140 [ 1065.141463][T16771] ? ia32_sys_call+0x351c/0x4310 [ 1065.146573][T16771] ? __do_fast_syscall_32+0xb0/0x150 [ 1065.152043][T16771] ? do_fast_syscall_32+0x38/0x80 [ 1065.157234][T16771] ? do_SYSENTER_32+0x1f/0x30 [ 1065.162060][T16771] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1065.168776][T16771] ? kmsan_get_metadata+0xfb/0x160 [ 1065.174110][T16771] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.180229][T16771] ? hfsplus_bnode_dump+0x50a/0x560 [ 1065.185663][T16771] ? kmsan_get_metadata+0xfb/0x160 [ 1065.190955][T16771] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.196956][T16771] ? hfsplus_brec_remove+0x92f/0xa60 [ 1065.202465][T16771] ? kmsan_get_metadata+0xfb/0x160 [ 1065.207763][T16771] __msan_warning+0x1b/0x30 [ 1065.212445][T16771] hfsplus_rename_cat+0x1173/0x17e0 [ 1065.217857][T16771] ? kfree+0xf1/0xec0 [ 1065.222030][T16771] ? filter_irq_stacks+0x49/0x190 [ 1065.227217][T16771] ? stack_depot_save_flags+0x35/0x7b0 [ 1065.232825][T16771] ? kmsan_get_metadata+0xfb/0x160 [ 1065.238217][T16771] ? kmsan_get_metadata+0xfb/0x160 [ 1065.243500][T16771] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1065.250012][T16771] ? kmsan_get_metadata+0xfb/0x160 [ 1065.255292][T16771] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.261278][T16771] ? kmsan_get_metadata+0xfb/0x160 [ 1065.266567][T16771] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.272597][T16771] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1065.279155][T16771] hfsplus_rename+0x1fc/0x2f0 [ 1065.284053][T16771] ? __pfx_hfsplus_rename+0x10/0x10 [ 1065.289437][T16771] vfs_rename+0x1f4e/0x2530 [ 1065.294191][T16771] do_renameat2+0x1484/0x1a50 [ 1065.299127][T16771] __ia32_sys_rename+0xd7/0x140 [ 1065.304183][T16771] ia32_sys_call+0x351c/0x4310 [ 1065.309100][T16771] __do_fast_syscall_32+0xb0/0x150 [ 1065.314386][T16771] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 1065.320319][T16771] do_fast_syscall_32+0x38/0x80 [ 1065.325338][T16771] do_SYSENTER_32+0x1f/0x30 [ 1065.329983][T16771] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1065.336490][T16771] RIP: 0023:0xf7fc8539 [ 1065.340673][T16771] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 1065.360454][T16771] RSP: 002b:00000000f54c655c EFLAGS: 00000206 ORIG_RAX: 0000000000000026 [ 1065.369119][T16771] RAX: ffffffffffffffda RBX: 0000000080000000 RCX: 0000000080000380 [ 1065.377239][T16771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1065.385343][T16771] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1065.393597][T16771] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1065.401685][T16771] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1065.409808][T16771] [ 1065.413340][T16771] Kernel Offset: disabled [ 1065.417762][T16771] Rebooting in 86400 seconds..