last executing test programs: 3m7.048881174s ago: executing program 4 (id=347): r0 = syz_io_uring_setup(0x31c7, &(0x7f0000000140)={0x0, 0x0, 0x2, 0x801, 0xfffdfffc}, &(0x7f0000000000), &(0x7f00000005c0)) unshare(0x28000600) syz_io_uring_setup(0x3c5f, &(0x7f0000000240)={0x0, 0x100081, 0x27, 0x2, 0x0, 0x0, r0}, 0x0, 0x0) 3m6.671202696s ago: executing program 4 (id=353): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000000100000040000180060001000a00000008000500000000000c00070000000000000000000800090071150000070006007272000008000800"], 0x54}}, 0x0) 3m6.42449771s ago: executing program 4 (id=356): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, r1, 0x1, 0x0, 0x0, {{}, {}, {0x3, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) 3m6.100664908s ago: executing program 4 (id=361): symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00') mount$9p_unix(&(0x7f00000000c0)='./file0/file0/..\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x12d7498, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0/..\x00', &(0x7f0000000040)={0xa0202, 0x0, 0x11}, 0x18) 3m5.859825875s ago: executing program 4 (id=364): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x7) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0xee) 3m5.171545338s ago: executing program 4 (id=375): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00040000009a00000001"], 0x48) unshare(0x22020400) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r0, &(0x7f0000001600), 0x0}, 0x20) 3m4.458426336s ago: executing program 32 (id=375): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0500000003f01f00040000009a00000001"], 0x48) unshare(0x22020400) bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000580)={r0, &(0x7f0000001600), 0x0}, 0x20) 46.65658371s ago: executing program 0 (id=2050): r0 = fsopen(&(0x7f0000000200)='nilfs2\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) 46.403596247s ago: executing program 0 (id=2055): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000001040)='ns/ipc\x00') sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002340)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a32, 0x823}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_FD={0x8, 0x1c, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004080}, 0x8ae257a062cc3564) 46.114726676s ago: executing program 0 (id=2057): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x44, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_REPLY={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0xda}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8c04}, 0x40c0) 45.777875512s ago: executing program 0 (id=2062): syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2008802, &(0x7f0000000200)={[{@gid}, {}, {@uid={'uid', 0x3d, 0xee00}}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@keep_last_dots}, {@gid={'gid', 0x3d, 0xee01}}, {@utf8}, {@fmask={'fmask', 0x3d, 0x2}}, {@discard}, {@errors_continue}, {@utf8}]}, 0x7, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=") utime(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='debugfs\x00', 0x0, 0x0) 45.353352062s ago: executing program 0 (id=2067): r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = dup(r0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, 0x0, 0x0) 44.658417198s ago: executing program 0 (id=2074): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000100)={0x0, 0x1, [@local]}) 44.22015111s ago: executing program 33 (id=2074): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000100)={0x0, 0x1, [@local]}) 4.440186569s ago: executing program 1 (id=2527): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xee776000) 2.972299776s ago: executing program 3 (id=2545): r0 = socket(0x2b, 0x80801, 0x1) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x20000000) setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000100)=0xffff8000, 0x4) 2.845518885s ago: executing program 2 (id=2546): capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x0, 0x0, 0x5}) r0 = syz_open_dev$sg(&(0x7f0000000000), 0xb68, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0xfffffffffffffffc, 0x6, 0x9, @buffer={0x0, 0x0, 0x0}, &(0x7f00000002c0)="a881e62881f1", 0x0, 0x8, 0x2, 0x2, 0x0}) 2.625730538s ago: executing program 3 (id=2549): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x9) r0 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r0, 0x29, 0x46, 0x0, &(0x7f00007d0000)) 2.461451124s ago: executing program 2 (id=2553): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x308) 2.370364947s ago: executing program 3 (id=2554): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x1c) 2.190555466s ago: executing program 3 (id=2557): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) read(r0, &(0x7f00000001c0)=""/396, 0x18c) 2.062745347s ago: executing program 1 (id=2560): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x1010000, &(0x7f0000000980)=ANY=[@ANYBLOB="73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d312c696f636861727365743d63703737352c6e6f6e756d7461696c3d302c636f6465706167653d3933322c757466383d312c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c757466383d312c757466383d302c73686f72746e616d653d6d697865642c756e695f786c6174653d302c726f6469722c73686f72746e616d653d77696e39352c756e695f786c6174653d302c6e6f6e756d7461696c3d302c008f28b39dfeb9863f7f06105912"], 0x1, 0x36b, &(0x7f0000000500)="$eJzs3T9oJFUYAPBvs/9yB5p0oiCsdoKGu+u0MUFycJhGZfFPIS7enspuEBIMJsVtYqFYCpZa2WlhYSGWNlrYWdh6gpyKhV534OGT3ZndnexucrnDRIK/H2T35Xvve+/NzrA7GWZfXlmOzuVqXLlx43rMz5eisvzUctwsxWKUY2g3ptVmxACA0+FmSvFnykzWzc9OKZ3AtACAYzT4/H8tIhqxmEXe+eaw9smnPwCcevnf/2cOa3PAdYCIN49lSgDAMZu6/v/wvura4Kcy/LVSuCsAADitnnvxpadX1iKebTTmI9bf22puNeOJcf3KlXgjutGOc7EQtyKyE4X+Q2nwePHS2uq5RqPRi18WoxkRc3liMztTWCkP8utxPhZiMc/PzzZSSuWLX6ytnm8MRMRubzB+rJe2mtU4m4//49loj088hp0MniIura1eaOQdNNeH+b2IvfGNCv35L8VCfP/qqJuUhncwrq1ePT+c9Dh/q1mPy6MrHwdeAQEAAAAAAAAAAAAAAAAAAAAAgLuy1BhZHK2fk/rP2Uo5S0sz6gfr42T5+fpAe9n6QKmeIqU/3n6s+X459q0PNLk+z5aFBAEAAAAAAAAAAAAAAAAAAGBkc7sWrW63vbG5vdMpFnobm9tzEdGPlCPiTEy3uU2hkg1RjxgN0ciH3em0UnnYOJUjptP7g44in345mnGxTX20FTOnUT+4qtu956GfPxpHHiwPe/573KYcszewP7V2NYs8OdHz+r3ZlO7khRoVLhQj9enRr6WUCpF3i+lXX57uMEoRlTvfcTuduTi4TeoXvr3++v3DV7/1dco88ujC89c+/OS3TqvbHzkGe7C2sXkrdVqlYeMjjJ53lwa7YHxslCIrlIpHQuWwDvf2R1rlH35/4YEPvjvai5CKkbf6x/NEm3K2OZ9PpteyQn+aE1VnxunVfCO67eqMg/92hbvYp/d9/NVnKf3065GHGJubetso/TvvPgAAAAAAAAAAAAAAAAAAQFHhu+L5l657WUX1sKzHnzmh6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiRj///9CYW83JiJHKfzVm5FVb29sRtT+680EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7p8AAAD//0OxY38=") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000002080)=""/4072, 0xfe8) 2.053086892s ago: executing program 7 (id=2561): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x1c, &(0x7f0000002d40), &(0x7f0000000180)=0xc) 1.834086871s ago: executing program 7 (id=2563): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000380)={0x3c, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x81}, @ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000a000}, 0x0) 1.713941627s ago: executing program 2 (id=2565): syz_emit_ethernet(0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e05040f20"], 0x8) 1.570512346s ago: executing program 3 (id=2567): r0 = memfd_create(&(0x7f0000000080)='\x00\x00\x00@\x10\x85\x9c\x15\x91\xa9\x1a\xda$\x9e\xe7i\xbb.\xa6\xce\xcb\x00\x9b\b\x032\x94\xe2U\xfd\x8b\xdd\x97\xa4\x19\xf3>9\xebI\xa2vRJ\xb2\xc8\xfa\x19a\xe6\xf8;\xa8\xf2\x95\x11\xf6c\xd4\x83\n&_\x16\x88\x91z\xe2\xd63?\x8d\x9d\xfa^\xd7S\xe3@\xf1\xbb\xfas\xd0K\xc4\xe5\x9e4\xc06\xd6\xec3\xbc\x1e\xa6\xd9\x03\xf4&}F\xf4\"\xfc\x9c\xfa\xfdl\xf8A\x139\x10\xb2\x10\xfbc\xab|\xcc\xdc\x00?\xa8\xd5\x038\xf6!\xf4\x17\xdd', 0x7) fcntl$addseals(r0, 0x409, 0x2f) fallocate(r0, 0x0, 0x3, 0x6) 1.518535193s ago: executing program 7 (id=2568): syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file1\x00', 0x1000802, &(0x7f0000000b80)=ANY=[], 0x4, 0x272, &(0x7f0000001f40)="$eJzs3U9LW1kUAPDzYkRHGCLMgCgD8wb3QR1mrwwKMoGBkSxmViNjZAbjCApCu9B01XVX3bSbfoB2U+i20EXptl+gFIotdKNduSikxKRGY1L/lJhSf7+NB+8579773iMvWeTk7x9WV5bWNpb39nYiM5j0Z6fj4dh+EsORib6oqwQA8DXZr1Zjt1rX67UAAJfD8x8Arp7m8z858fxPKo33BN/dGx/txeIAgK7w+R8Arp6FP//6baZQmP1jNx2MWL25Wdws1v/Wx2eW478oRykmIhfvI6qH6vHt+cLsRFrzejiKq9uN+u3NYt/x+snIxfDJ+rn5wuxkWne8vj+GGvUvhqIUU5GL79vXT7Wr74+I8SPz5yMXz/+JtSjHUtRqm/Vbk2n66++FlvkHDvIAAAAAAAAAAAAAAAAAAAAAAKAb8pmD1jnVgTRt278nn08/ahmv1x/tD/RNm/5Ac4f9gVr7+2RjLNvbvQMAAAAAAAAAAAAAAAAAAMCXYuPa9ZXFcrm0/qng/2f3n5yWc8YgaczbNmcgIj5/ijMG3/706k7nnBvnOT8XCKY7Dz3+set7Px7UTvt5q57u/Dv688bIL51yItu1NWdOuSjZdtt5m+twazVuyMrF1/Pg8Jq+OzX51sJl3eF9rf8ZuTu9+Gjr5ZuzHqdXr0gAAAAAAAAAAAAAAAAAAHB1Nb/02+uVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvNH//v0OQRC3IRkTnnHJpPYnk4Hhthiq93iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwIAAD//7QZm14=") lchown(&(0x7f0000000080)='./file1\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4c2, 0x0) 1.47660422s ago: executing program 5 (id=2569): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000340)="08000000010000", 0x7) 1.342563931s ago: executing program 3 (id=2570): syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9rVNceAPBzb/KeiU998cfCBw/ewBPeoy0hcdU2QjVGY6KpxVYp3YyTZNS0k4wkk9KFi3QndFXoQrqQFrrLSrLo1v4J3XRp10K76KZQkKbMzJ0492aGTCXXVPl8wJzc8zvznXvmzOJ64kTt1sJKYWGlUFoqVOdurJwsfFytrC6WQ/yc7PX49CaPOIn93rl89vy7106G8N38D483Nzc3Q11/6Gi07fdff7kz1562xJk29X4797ZbPgghHNs2r7q+EML734YQhRDOJHnjSToYQjgUmmXX7nx2vbBLs3nwqHyq+GTm7sbYien1+xvd//YohC8r/3rt5uJP/+0b+/GVXRoeAAAAAAAAAAAAAAAAAIAX3OSVy1ffGRkND6PQvx5tf153Mkm7PR+7uWv+k/8fCwAAAAAAAAAAAAAAAAAAAH9RT5//L0RHOjz/P5Gkp7u033wr/zmSn6m3L0+cGxlNzn+PtpW/nmT9fKYvHO5w7nv2/Pczmfadz3/fPs6zas2vNe5QiOLh1HUcDw+H8HVy8PvxaH9cqa7UXr1RXV2a37VpvLDS8W+e3p+KTnKgf6/xH8/0n//5/0e3vZvq19d37y32UkvHv69rvW8+jXqK/9l0s3s5TbvN0fyHeIml49/fyBtsr7CvmdTj/3n/zvGfyPSf1/1/KIRQiOpzLaRWgPoepp7fbb9CWjr+f2vkpZbO5IXsdv//lon/uUz/e7X+r2U/iOgoHf+/N/IGUjWaG4BG/OOd7//zmf73Iv71+a/5/O9JOv7JYt+fqtJ4JXtd/ycz/ecV/6txMs9DUeodsB4187v9f3WkpeM/sK386fe/uKf934VM++f1/a81buv7X2v5/3/U/P5HZ+n4D3at1+v9P5Vpl/f6f7qx/+NZpeO/v5GX3jsPNX72Gv/pTP95xb+xKxloxf/pevL7vmb+V/Z/PUnH/x/NzLi9xlrjZ2P/F+28/7+Y6X8v9n/1+a/F+Y76skjH/0DXevX4f9/D5/+lTLv84x/CiL3+M0vH/2DXeo37f2Dn+M9k2uUd///l2TkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC2A8SYdCFA+nruN4eDiEs8n18bA/mi3NF2cr1bmPVkKYSPIL4Uh0s1KdLVWKC0vV+XKxVKlU50I4l5QfCwPRSqVaKy6Wbp/f6mswulUuLddmy6VaCGEyyf93ONjqa3ahtli6HUK4sFX2z7i6fPtWaak4v7D85sjIyEiY2prD4aj8Sa28VGuO3iwNYXqr7VDUNrlG8cWtuRyIPqyuLi+VKo38S21tKtW5UqWtzUxS9kU4HNWWV5fmSrVysVK92RpvL51O0ompK+9duTS6rfx61EzHn++0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHo69cS+E0N+8ikMIhSj5JUr+pTx4VD5VfDJzd2PsxPT6/Y3HneoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl/5RIgaiOAC/GQUtPYZVSDrbiCJaGBE8gR7Dw+hRvIR3sLCwtVgWdiew5A+EwHbf1zyYH2/ewDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgubvn7uWpbiJSnG/OIr7evn8O84dSP66n+09WzDxd0cNx3D92N7d1U/49jfKrcvTb5l36//f+GhO19znYk+E+7Y3nDM3t29z7+rkXkXIVEW3JL1POVbXsLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDLDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91FH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//4w3HM8=") open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20) setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f0000000480)=ANY=[], 0x700, 0x0) 1.304475609s ago: executing program 2 (id=2571): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000500), r0) sendmsg$NFC_CMD_VENDOR(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x14, r1, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x4) 1.277097113s ago: executing program 1 (id=2572): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001040)={0xc, {"a2e3ad9bed0d52f91b18090987f70e06d038e7ff7fc6e5539b5b43078b089b3b33326d090890e0878f0e1ac6e7049b3371959b719a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074c0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x3b3cc1e9e7df1ab7}}, 0x9b) 1.152286147s ago: executing program 5 (id=2573): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000080)=@newtaction={0x68, 0x30, 0x101, 0x0, 0x0, {}, [{0x54, 0x1, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x613f, 0x81, 0x9cdbee1763468153, 0x3, 0x9}, 0x40}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400090200000000000000000000000000010c0002800500010000000000470002800500010001000000060004000000000006"], 0xe4}}, 0x0) 940.273372ms ago: executing program 6 (id=2574): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe) ioctl$KDSIGACCEPT(r0, 0x80047456, 0x100000001ffffffd) 897.210832ms ago: executing program 5 (id=2575): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r0) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x44, r1, 0x1, 0x0, 0x0, {0x4, 0x74, 0x609}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x2, @multicast2}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @mcast2}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'wg1\x00'}]}, 0x44}, 0x1, 0xffffffff00000003, 0x0, 0x60040}, 0x0) 870.245223ms ago: executing program 7 (id=2576): setresgid(0xee00, 0xee01, 0x0) getresgid(0x0, &(0x7f0000001ec0)=0x0, 0x0) setresgid(r0, 0x0, r0) 818.44449ms ago: executing program 2 (id=2577): sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000500)=ANY=[@ANYBLOB="a0000000", @ANYRES16, @ANYBLOB="050424bd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="84000280400001"], 0xa0}, 0x1, 0x0, 0x0, 0xaddf11c998560ddf}, 0x24040084) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)=ANY=[@ANYBLOB="180100002f00010000000000fcdbdf2507"], 0x118}], 0x1, 0x0, 0x0, 0x4000}, 0x0) 709.10409ms ago: executing program 1 (id=2578): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000680)={'veth0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5800000055003d07000000000001000007000000", @ANYRES32=r1, @ANYBLOB="20000280", @ANYRES32=r0, @ANYBLOB="0000000000000000000000000a0000000000000000000014200001"], 0x58}}, 0x0) 672.356252ms ago: executing program 5 (id=2579): unshare(0x22020400) r0 = syz_open_procfs(0x0, &(0x7f0000000240)='maps\x00') fchdir(r0) 661.437811ms ago: executing program 6 (id=2580): r0 = mq_open(&(0x7f0000000a00)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!T\xeeux\x00\xbf@\xf4\x1c\xbce\xca\x97\xd5pkv\x88L\xe8$\xef\xfeI\xdaW1\xfcg\xa1\xdb$,0y$\xcd{zl.\xae\x805\xa8\xd6\x85\x15\xd2\x0e~\xcc\x90\x97\xe8h\v\x1a9X\a\xca{\x11#\x95m{U\xe5-\xabRw\xcafy\xe6\aNhX4Ll[\x14\x150x0, &(0x7f00000004c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, 0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x0, 0xfffffffffffffceb, 0x0}, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x5b43, 0x8200, 0x0, 0x0, 0x0) 342.38888ms ago: executing program 6 (id=2584): r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={0x1, @default, @bpq0, 0x6, 'syz1\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]}) ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, 0x0) 141.041638ms ago: executing program 5 (id=2585): syz_mount_image$exfat(&(0x7f0000002bc0), &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x804, &(0x7f00000001c0)={[{@utf8}, {@dmask={'dmask', 0x3d, 0x8}}, {@uid={'uid', 0x3d, 0xee00}}, {@allow_utime={'allow_utime', 0x3d, 0x1}}, {@errors_remount}, {@namecase}, {@iocharset={'iocharset', 0x3d, 'cp862'}}, {@namecase}, {@keep_last_dots}, {@umask={'umask', 0x3d, 0x7}}]}, 0x1, 0x152f, &(0x7f0000006800)="$eJzs3AuYTlXbOPD7XmvtMSQ9TXIY1lr35kkOiyTJIUkOSZIkSU4JSZJXEhJDTklDEpLDkByGkBwmJo3z+XxISJImSUJyStb/mphPvfX+3/f96s33fXP/ruu5Zt2znnvte889z3723s/wTZehNRrVrNqAiOAPwYtfEgAgFgAGAsA1ABAAQNm4snEZ89klJvyxjbA/10PJV7oCdiVx/7M27n/Wxv3P2rj/WRv3P2vj/mdt3P+sjfvPWFa2eXr+a/mRdR98/z8r4/f//0PSS479Ym3J67sCxPyrKdz///3wD+Ry///PCv6VJ3H/szbuf1YVe6ULYP8D8Os/K8j2D2e4/1kb95+xrOyX94Jj4crfj/6rHxD5T34G4ntd/Clf+f38h/vPGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4z9Bc74yxQAZI6vdF2MMcYYY4wxxhj78/hsV7oCxhhjjDHGGGOM/edlftofQAxkg1jIDjlAAMRkzl8LcXAd5IbrIQ/khXyQH+KhABQEDQYsEIRQCApDFG6AInAjFIViUBxKgIOSUApugtJwM5SBW6As3Arl4DYoDxWgIlSC26Ey3AFV4E6oCndBNagONaAm3A214B6oDfdCHbgP6sL9UA8egPrwIDSAh6AhPAyN4BFoDI9CE2gKzaA5tPhv5b8APeBF6Am9IAF6Qx94CfpCP+gPA2AgvAyD4BUYDK9CIgyBofAaDIPXYTi8ASNgJIyCN2E0vAVjYCyMg/GQBBNgIrwNk+AdmAxTYCpMg2SYDjPgXZgJs2A2vAdz4H2YC/NgPiyAFPgAFsIiSIUPYTF8BGmwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A47YCd8DLvgE9gNe2AvfAr74LN/M//03+V3RUBAgQIVKozBGIzFWMyBOTAn5sRcmAsjGME4jMPcmBvzYB7Mh/kwHuOxIBZEgwYJCQthIYxiFItgESyKRbE4FkeHDkthKSyNN2MZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAu/Fu7I21sTbWwTpYF+tm3p7CBtgAG2JDbISNsDE2xibYBJthM2yBLbAltsRW2ArbYBtsi22xHbbD9tgeO2AH7IgdsRN2ws7YGbtgF+yK3bBb+gvZAF/EF7EXVhO9sQ/2wb6YmK0/DsAB+DIOwlfwFXwVE3EIDsXX8DV8HYfjKRxxYSSOwlFYWbyFY3AskhiPSZiEE3EiTsJJOBmn4BSchsk4HWfgDJyJs3AWvodz8H18H+fhPFyAKZiCC3ERpmIqLsbTmIZLcCkuw+W4ApfjKlyNq3AtrsO1uAE34CbchFtwC27DbbgDd+DHqADwE9yDezAR9+E+3I/78QAewIN4ENMxHQ/hITyMh/EIHsGjeBSP4XE8gcfxJJ7EU3gaz+AZPIfn8Dw+F/9Vw4+LrUkEkUEJJWJEjIgVsSKHyCFyipwil8glIiIi4kScyC1yizwij8gn8ol4ES8KioLCCCNIhBlHChEVUVFEFBFFRVFRXBQXTjhRSpQSpUVpUUaUEWXFraKcuE2UFxVEa1dJVBKVRRtXRdwpqoqqopqoLmqImqKmqCVqidqitqgj6oi6oq6oJx4Q9UVv7I8PiYzONBJDsLEYik1EUyEvHaFaiuHYSrQWbcQTYiSOwHaipWsvnhYdxBjsKP4mxuKzorMYj13E86Kr6Ca6ixdED9HK9RS9xGTsLfqIadhX9BP9xQAxE6uL93BO9hriVZEohoih4jWxAF8Xw8UbYoQYKUaJN8Vo8ZYYI8aKcWK8SBITxETxtpgk3hGTxRQxVUwTyWK6mCHeFTPFLDFbvCfmiPfFXDFPzBcLRIr4QCwUi0Sq+FAsFh+JNLFELBXLxHKxQqwUq8RqsUasFevEerFBbBSbxGaxRWwV28R2sUPsFB+LXeITsVvsEXvFp2Kf+EzsF5+LA+ILcVB8KdLFV+KQ+FocFt+II+JbcVR8J46J4+KE+F6cFD+IU+K0OCPOinPiR3Fe/CQuCC9AohRSSiUDGSOzyViZXeaQV8mcMsg8/ss4eZ3MLa+XeWRemU/ml/GygCwotTTSSpKhLCQLy6i8QRaRN8qispgsLktIJ0vKUvImWVreLMvIW2RZeassJ2+T5WUFWVFWkrfLyvIOCZGL26gmq8sasqa8WybAPbK2vFfWkffJuh5kPfmArC8flA3kQ7KhfFg2ko/IxvJR2UQ2lc1kc9lCPiZbysdlK9latpFPyLbySdlOPiXby6dlB+kv/Yo8KzvL52QX+bzsKrvJ7vIneUF62VP2ktAbZB/5kuwr+8n+coAcKF+Wg+QrcrB8VSbKIXKofE0Ok6/L4fINOUKOlKPkm3K0fEuOkWPlODleJskJcqJ8W06S78jJcoqcKqfJZDld9r+00mwp/2n+27+TP/jnrW+Sm+UWuVVuk9vlDrlTfix3yV1yt9wt98q9cp/cJ/fL/fKAPCAPyoMyXabLQ/KQPCwPyyPyiDwqj8pj8rg8K7+XJ+UP8pQ8LU/Ls/KcPCfPX/oZgEIllFRKBSpGZVOxKrvKoa5SOdXVKpe6RkXUtSpOXadyq+tVHpVX5VP5VbwqoAoqrYyyilSoCqnCKqpuwEu/MKq4KqGcKqlKqZv+nXxVRN2oiqpiv8rPrC/hH9TXQrVQLVVL1Uq1Um1UG9VWtVXtVDvVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVVXVV3VV31UP1UD1VT5WgElQf9ZLqq/qp/mqAGqheFhn7MFgNVokqUQ1VQ9UwNUwNV8PVCDVCjVKj1Gg1Wo1RY9Q4NU4lqSQ1UU1Uk9QkNVlNVlPVVJWsktUMNUPNVDPVbDVbzVFz1Fw1V81X81WKSlEL1UKVqlLVYrVYpaklaolappapFWqFWqVWqTVqjVqn1qkNaoNKU5vVZrVVbVXb1Xa1U+1Uu9QutVvtVnvVXrVP7VP71X51QB1QB9VBla7S1SF1SB1Wh9URdUQdVUfVMXVMnVAn1El1Up1Sp9QZdUadU+fUeXVeXVAXFAQQiEAEKlBBTBATxAaxQY4gR5AzyBnkCnIFkSASxAVxQe7g+iBPkDfIF+QP4oMCQcFAByawgbjU9GhwQ1AkuDEoGhQLigclAheUDEoFNwWlg5uDMsEtQdng1qBccFtQPqgQVAwqBbcHlYM7girBnUHV4K6gWlA9qBHUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/eDBoEDwUNAweDhoFjwSNg0eDJkHToFnQPGjxp67v/am8j7ueupdO0L11H/2S7qv76f56gB6oX9aD9Ct6sH5VJ+oheqh+TQ/Tr+vh+g09Qo/Uo/SberR+S4/RY/U4PV4n6Ql6on5bT9Lv6Ml6ip6qp+lkPV3P0O/qmXqWnq3f03P0+3qunqfn6wU6RX+gF+pFOlV/qBfrj3SaXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoXfqj/Uu/YnerffovfpTvU9/pvfrz/UB/YU+qL/U6forfUh/rQ/rb/QR/a0+qr/Tx/RxXUZ/r0/qH/QpfVqf0Wf1Of2jPq9/0he0zzi5z3h7N8ooE2NiTKyJNTlMRqdzmlwml4mYiIkzcSa3yW3ymDwmn8ln4k28KWgKmgxkyBQyhUzURE0RU8QUNUVNcVPcOONMKVPKlDalTRlTxpQ1ZU05U86UN+VNRVPR3G5uN3eYO8yd5k5zl7nLVDfVTU1T09QytUxtU9vUMXVMXVPX1DP1TH1T3zQwDUxD09A0Mo1MY9PYNDFNTDPTzLQwLUxL09K0Mq1MG9PGtDVtTTvTzrQ37U0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJgE08f0MX1NX9Pf9DcDzUAzyAwyg81gk2gSzVAz1Awzw8xwM9yMMCPNqIwTVfOWGWPGmnFmvEkySWaimWgmmUlmsplsppqpJtkkmxlmhplpZprZZraZY+aYuWaumW/mmxSTYhaahSbVpJrFZrFJM2lmqVlqlpvlZqVZaVab1WatWWvWw3qz0Ww0m81ms9VsNdvNdrPT7DS7zC6z2+w2e81es8/sM/vNfnPAHDAHzUGTbtLNIXPIHDaHzRFzxBw1R80xc8ycMCfMSXPSnDKnzBlzxpwzeS+9X3oTa7PbHPYqm9NebXPZa+zfx/lsfhtvC9iCVts8Nu+vYmOtLWqL2eK2hHW2pC1lb/pNXN5WsBVtJXu7rWzvsFV+E9ey99ja9l5bx95na9q7fxXXtffbevYRWx8RwDa1DW1z28g+YhvbR20T29Q2s81tW/ukbWefsu3t07aDfeY38UK7yK62a+xau87utnvsGXvWHrbf2HP2R9vT9rID7ct2kH3FDrav2kQ75DfxKPumHW3fsmPsWDvOjv9NPNVOs8l2up1h37Uz7azfxCn2AzvHptq5dp6dbxf8HGfUlGo/tIvtRzbNBrDULrPL7Qq70q76r1qX2Q12o91kd9lP7Fa7zW63O+zOzBNhu8futZ/affYze8h+bQ/YL+xBe8Sm269+jjP274j91h6139lj9rg9Yb+3J+0PKjM7Y9+/tz/ZC9ZbICQgSYoCiqFsFEvZKQddRTnpaspF11CErqU4uo5y0/WUh/JSPspP8VSACpImQ5aIQipEhSlKN1BmecWpBDkqSaXoJipNN1MZuoXK0q1Ujm6j8lSBKlIlup0q0x1Uhe6kqnQXVaPqVINq0t1Ui+6h2nQv1aH7qC7dT/XoAapPD1IDeoga0sPUiB6hxvQoNaGm1IyaUwt6jFrS49SKWlMbeoLa0pPUjp6i9vQ0daBnqCP9jTrRs9SZnqMu9Dx1pW7UnV6gHvQi9aRelEC9qQ+9RH2pH/WnATSQXqZB9AoNplcpkYbQUHqNhtHrNJzeoBE0kkbRmzSa3qIxNJbG0XhKogk0kd6mSfQOTaYpNJWmUTJNpxn0Ls2kWTSb3qM59D7NpXk0nxZQCn1AC2kRpdKHtJg+ojRaQktpGS2nFbSSVtFqWkNraR2tpw20kTbRZtpCW2kbbacdtJM+pl30Ce2mPbSXPqV99Bntp8/pAH1BB+lLSqev6BB9TYfpGzpC3/pe9B0do+N0gr6nk/QDnaLTdIbO0jn6kc7TT3SBPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8O48Lowd3h9mCfMG+YL84fxYYGwYKhDE9qQwjAsFBYOo+ENYZHwxrBoWCwsHpYIXVgyLBXeFJYObw7LhLeEZcNbw3LhbWH5sEL4yH2VwtvDyuEdYZXwzrBqeFdYLawe1ghrhneHtcJ7wtrhvWGd8L6wTHh/WC98IKwfPhg2CB8KG4YPh43CR8LG4aNhk7Bp2CxsHrYIHwtbho+HrcLWYZvwqrBt+GTYLnwqbB8+HXYIn/l5/v5FmfNP/GY+Iewd9glfCl8Kvb9Xzo8uiKZEP4gujC6KpkY/jC6OfhRNiy6JLo0uiy6ProiujK6Kro6uia6Nrouuj26IboxuinpfMxs4dMJJp1zgYlw2F+uyuxzuKpfTXe1yuWtcxF3r4tx1Lre73uVxeV0+l9/FuwKuoNPOOOvIha6QK+yi7gZXxN3oirpirrgr4Zwr6Uq55q6Fa+FausddK9fatXFPuCfck+5J95R7yj3tOrhnXEf3N9fJPes6u+fcc+5519V1c93dC66Hm5Dr4msywfVxfVxf19f1d/3dQDfQDXKD3GA32CW6RDfUDXXD3DA33A13I9wIN8qNcqPdaDfGjXHj3DiX5JLcRDfRTXKT3GQ32U11U12yS3Yz3Aw30810lWdd3MpcN9fNd/NdiktxC13GOWOqW+wWuzSX5pa6pW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1uu9vudrqdbpfb5Xb7ay4u6va5/W6/O+AOuIPuS5fuvnKH3NfusPvGHXHfuqPuO3fMHXcn3PfupPvBnXKn3Rl31p1zP7rz7id3wXmXFJkQmRh5OzIp8k5kcmRKZGpkWiQ5Mj0yI/JuZGZkVmR25L3InMj7kbmReZH5kQWRlMgHkYWRRZHUyIeRxZGPImmRJZGlkWWR5ZEVEe8LbA19IV/YR/0Nvoi/0Rf1xXxxX8I7X9KX8jf50hfrTvP+Vl/O3+bL+wq+on/UN/FNfTPf3Lfwj/mW/nHfyrf2bfwTvq1/0rfzT/n2/mnfwT/jO/q/+U7+Wd/ZP+e7+Od9V9/Nd/cv+B7+Rd/T9/IJvrfv41/yfX0/398P8AP9y36Qf8UP9q/6RD/ED/Wv+WH+dT/cv+FH+JF+VMybfnTmJTKM90l+gp/o3/aT/Dt+sp/ip/ppPtlP9zP8u36mn+Vn+/f8HP++n+vn+fl+gU/xH/iFfpFP9R/6xf4jn+aX/NdN5ZV+lV/t1/i1fp1f7zf4jX6T3+y3+K1+m9/ud/id/mO/y3/id/s9fq//1O/zn/n9/nN/wH/hD/ovfbr/yh/yX/vD/ht/xH/rj/rv/DF/3J/w3/uT/gd/yp/2Z/xZf87/6M/7n/wF/jdrjDHGGGP/kgmXh+LXMxdv5/f+nRzxiyf3AYCrt+VP/+V8xhnl+jwXx/1EfGzG16d7dXko81GtWkJCwqXnpkkICs8DyPwkKMPPf3pwKV4CbeBJaA+tofTv1t9PdDtH/2T96K0AOX6Rk1FQZnx5/c8BMOF31n/siVELy4Vn4v4/688DKFr4ck52uBwvgTY/319pDWX+Qf15W/6T+rN/kQTQ6hc5OeFyfLn+UvA4PAPtf/VMxhhjjDHGGGPson6iYqfM68/Mv/j8vevzeHU5Jxtcjv/Z9TljjDHGGGOMMcauvGe7dX/qsfbtW3f69wdV/ltZ//KgMfynVubB7w68B8j8jgKAP7ggQMZA/pV7seUv2VbipZfO308tP+sD+J/Ryj9jcIUPTIwxxhhjjLE/3eWT/l9/X12pghhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsSzor/jvxK70PjLGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGNX2v8LAAD//6/u/1U=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x40) mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\x8f\x98\xb9\x89Q\xa4Pxy0\x01\x8cC\x1f|\xad\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f00000000c0)='./file1\x00', 0x0, 0x1a29143, 0x0) 136.902221ms ago: executing program 6 (id=2586): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r0, 0x40384708, &(0x7f00000000c0)={0x1, 0x1, 0x0, 0x400a6, 0x94, "3eccd800"}) 74.51128ms ago: executing program 6 (id=2587): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) 69.86622ms ago: executing program 7 (id=2588): openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="180000000114"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x40014) 64.152306ms ago: executing program 2 (id=2589): prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000040)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0xe9483750a3ce27c8) 12.812035ms ago: executing program 6 (id=2590): syz_mount_image$ext4(&(0x7f0000000880)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x10000, &(0x7f0000000000)={[{@nolazytime}]}, 0x1, 0x84d, &(0x7f0000000940)="$eJzs3V9oZFcdB/DfnSRNdnfaZMUHK5aKFleQTjIT6dQ/YIr2wUprsQqCld2wO5mEncmEzCxuQqHpmw8+uA+rgihbCqIIkgef7MMGBUFooSyKqBCh+KDFRdGCPjlyZybZ0E6a0Gxzl97PB27u+TN3vufMZO6ZeToB5NYH0z+FiHvTchIxOWhPImKsVxqNmOs/7srs5mJ6JNHtPvWPpPeYZ2Y3F2PPNalTEbERERMR8cvxJE6Ovzm3vbZ+cb7RqK0O6tOd5sp0e239waXmfL1Wry1XqtXZcqVafqh62+Z698LzP3/1hUefffEX116/7wu/+lkSc1Ec9O2dx+3Uf03G4sk9baNJxBffibAMjPT/Q3rnHclohgPi0D537sRWISLeExEf6p0nYyT6b96F5af/NRn/e2K/ax/+wA//dpxjBQBun+5nIroAQK5k/f0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADuRN1uYv9/AMiZrL9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAneyZ2c3FneO4Mu/7WsTNRyJiop9/ZXD0e0djrneeiLGIOPnvJEb3XJtExMwR8xduRGw8FxHvGzb/pJc/lQ5uSP5IRJw7Yv6L14+Wv3LE/K9+54hPcESnf5pt/rU/ZZt/7iPZ5v/l1WzzH7g/2/yrrYit9P4zN+zzV9i9/8SQz99E/7IjeeTrt+5/V950/7uVP7LP/W/jkDkv3fjz5LD2wpcibj4X8f7RYfnJbn6yT/63D5n/5Ud/9Klh7c++FtF9PuJMDM/fmzXdaa5Mt9fWH1xqztdr9dpypVqdLVeq5Yeq0wtLjdpM/+/Q/HsaTzw2rP3l7f78T+6TvzGY/36v/7VDzv8rv746tTmk/Te/7ed/9MNv/f4Pe/3TNXHrkPnXt7/19LD23326n39hn/kf9P6/csj8V6Y+//Fh7TczXn8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4O0qREQxkkJpt1wolEoRpyLivXGy0Gi1Ox9baF1avpD2RUzFWGFnp6XJfj1J6+Ve+Va98ob6bEScjohvjp/o1UvnW40LWU8eAHKmGLH9x5nPHnYLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyJVTb9j//6/j/f3/AYB3n2LE9taNF36Sll8fz3o0AMBxSNf/s5d/cDWs/wCQG9Z/AMgf6z8A5I/1HwDyx/oPAPlj/QeA/Nm7/gMAAAAAAAAAAAAAAAAAAADZevLxx9Oje2V2czGtL7fqSxcXVz5RmSk1L50vnW+trpTqrVa9USudbzUPfr5Gq7VSrsSly9OdWrsz3V5bP9tsXVrunF1qztdrZ2tjxzAn4GCVx/7z+6zHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHeS0/dv/SGJiI1PnugdqbsGffbqh3e3QtYDADIzkvUAgMyMZj0AIDN+4wPJAf0T+/b4BgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH6cudf+/5BX9v+H/LL/P+SX3Xshv/zGB+z/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAByv2jqRQGuwFXoxCoVSKuDsipmIsWVhq1GYi4p6IeGl8bDytl7MeNADwthQjtrfnlh/OehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAnaq+tX5xvNGqrCgoKCruFrO9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcPxubfqd9UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEuF15KISI8zkw8Ur//9xy/v7b0r+e947xwR3/j+U9+9PN/prJbT9n/utne+N2ivZDUHAOCt7KzTO+s4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzTXlu/ON9o1FbfwULWcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgd/h8AAP//WEsF2g==") setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000100), &(0x7f0000001400)=ANY=[], 0x835, 0x0) setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) 0s ago: executing program 1 (id=2591): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001700)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab000e271f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1ff032aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f757036303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e0800000092e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9be7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa5200002fe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb0972d39e4b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e501ddddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b605908000000f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c332c34812382e57c0e0d83f3f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217b6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b4783d66661a92f174f2b88cd544b2a8e1b05ea7cf51578169fff7765f9978883b4b5983b42a35a05dabfc325ec2a2ec2f9b0882fdcf5d6f72272d2ff0d8eea60f5494ba42b4d40f144f0ab680a6f40f9094d3afb58a1efd6109894b8605c6b3b3f020c222f6446195b2274f634fbb737948a1f36ea729467e132385e9da614e4625175f4443b97a675934db90010e4b884200c3546c4d86d712c3939e11be3343f693846f509ad4c445ade5cd6d126d5694462ac5d3b527c3bd51c0a715a28d65fe94b255d02cdc1fab99b5b9c352f1b284115e4046285a824d22b6f0afbed8d6096a72fef72ebd6aae78b02fa1993e8fe2020ae93aae2bcfffa40b98549f1fb9fcefa74329909a207336d07f6f59da423ac5fa47852055d5ce6d2c56bdbbcdbf3458ba478c669f39d5272e65c90908ea2cb86d38f8ebf80a8cb85d8399b42403c94b8662af5cf1411526f177b4d476169a5d5a8c37d0d8893a77d0bd47b8a0bba60b3e26094209c889585f997ff556bcd2cc223f9c0c44de9d0fe1b5a8a815f652e79747d3e1f413fa0575d51f652d22883e143065c5ad74bdc864754ba3dad5a8fc8fc2c807d1a51dfb29884adee415c13f2ce14d307bd6165ec6ba68a766adfcbe444ea72d586bb47dd98a225467aab538a77667d19bae2e51727ba6d190e6d7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe40, 0x2b0, &(0x7f0000000100)="b9ff0b078059268cb89e14f088a82de0ffff200000000002000aac14140ce000000149e832f0", 0x0, 0x28e, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) kernel console output (not intermixed with test programs): usb 2-1: config 0 interface 6 has no altsetting 0 [ 210.071677][ T5895] usb 6-1: USB disconnect, device number 6 [ 210.082418][ T5908] usb 2-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00 [ 210.094867][ T9582] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 210.115423][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.128993][ T5908] usb 2-1: config 0 descriptor?? [ 210.174845][ T9584] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 210.296586][ T9582] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4222: comm syz.3.1421: Allocating blocks 497-513 which overlap fs metadata [ 210.313683][ T6948] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.450316][ T9582] EXT4-fs (loop3): pa ffff888011e4fd98: logic 131104, phys. 177, len 21 [ 210.458989][ T9582] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5465: group 0, free 0, pa_free 1 [ 210.585877][ T5908] uclogic 0003:28BD:0933.000D: interface is invalid, ignoring [ 210.632087][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 210.809425][ T5931] usb 2-1: USB disconnect, device number 8 [ 210.842857][ T9602] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1432'. [ 210.893462][ T9608] tipc: Started in network mode [ 210.918608][ T9608] tipc: Node identity 36aa9463924b, cluster identity 4711 [ 210.948263][ T9608] tipc: Enabled bearer , priority 14 [ 211.310494][ T9623] loop3: detected capacity change from 0 to 256 [ 211.327319][ T9595] loop6: detected capacity change from 0 to 32768 [ 211.350494][ T9595] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1427 (9595) [ 211.358858][ T9623] exfat: Invalid uid '0x00000000ffffffff' [ 211.418387][ T9595] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 211.459906][ T9595] BTRFS info (device loop6): using crc32c checksum algorithm [ 211.580568][ T9595] BTRFS info (device loop6): rebuilding free space tree [ 211.618781][ T9595] BTRFS info (device loop6): checking UUID tree [ 211.639901][ T9595] BTRFS info (device loop6): allowing degraded mounts [ 211.652644][ T9595] BTRFS info (device loop6): enabling ssd optimizations [ 211.660113][ T9595] BTRFS info (device loop6): enabling free space tree [ 211.667600][ T9595] BTRFS info (device loop6): force clearing of disk cache [ 211.675528][ T9595] BTRFS info (device loop6): force zlib compression, level 3 [ 211.947934][ T29] tipc: Node number set to 2766247011 [ 212.050722][ T6948] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 212.248700][ T9665] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1454'. [ 212.345764][ T9665] vlan3: entered allmulticast mode [ 212.360501][ T9665] team0: entered allmulticast mode [ 212.396976][ T9665] team_slave_0: entered allmulticast mode [ 212.427194][ T9665] team_slave_1: entered allmulticast mode [ 212.894220][ T9681] ipvlan2: entered promiscuous mode [ 212.943389][ T9681] bridge0: port 3(ipvlan2) entered blocking state [ 212.970801][ T9681] bridge0: port 3(ipvlan2) entered disabled state [ 213.001519][ T9681] ipvlan2: entered allmulticast mode [ 213.021539][ T9681] bridge0: entered allmulticast mode [ 213.052497][ T9681] ipvlan2: left allmulticast mode [ 213.082332][ T9681] bridge0: left allmulticast mode [ 213.506873][ T5908] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 213.533619][ T9671] loop6: detected capacity change from 0 to 32768 [ 213.707437][ T5908] usb 3-1: Using ep0 maxpacket: 32 [ 213.754430][ T5908] usb 3-1: config 0 has an invalid interface number: 132 but max is 0 [ 213.784730][ T5908] usb 3-1: config 0 has no interface number 0 [ 213.805779][ T5908] usb 3-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 213.809340][ T9713] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 213.869756][ T5908] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 213.881403][ T9717] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1476'. [ 213.904399][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.933432][ T5908] usb 3-1: Product: syz [ 213.945399][ T5908] usb 3-1: Manufacturer: syz [ 213.963201][ T5908] usb 3-1: SerialNumber: syz [ 214.021988][ T5908] usb 3-1: config 0 descriptor?? [ 214.071880][ T5908] em28xx 3-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 214.128087][ T5908] em28xx 3-1:0.132: Video interface 132 found: [ 214.447630][ T9732] loop6: detected capacity change from 0 to 1024 [ 214.495551][ T5908] em28xx 3-1:0.132: chip ID is em2884 [ 214.777286][ T5908] em28xx 3-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5) [ 214.806365][ T5908] em28xx 3-1:0.132: board has no eeprom [ 214.899370][ T9711] loop3: detected capacity change from 0 to 32768 [ 214.925438][ T5908] em28xx 3-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 214.953711][ T5908] em28xx 3-1:0.132: analog set to bulk mode. [ 214.987612][ T975] em28xx 3-1:0.132: Registering V4L2 extension [ 215.013527][ T5908] usb 3-1: USB disconnect, device number 10 [ 215.050806][ T5908] em28xx 3-1:0.132: Disconnecting em28xx [ 215.415137][ T9728] loop5: detected capacity change from 0 to 32768 [ 215.643547][ T975] em28xx 3-1:0.132: Config register raw data: 0xffffffed [ 215.655492][ T975] em28xx 3-1:0.132: AC97 chip type couldn't be determined [ 215.662666][ T975] em28xx 3-1:0.132: No AC97 audio processor [ 215.668073][ T9728] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 215.691273][ T975] usb 3-1: Decoder not found [ 215.699389][ T975] em28xx 3-1:0.132: failed to create media graph [ 215.715394][ T975] em28xx 3-1:0.132: V4L2 device video103 deregistered [ 215.730118][ T975] em28xx 3-1:0.132: Remote control support is not available for this card. [ 215.733077][ T9766] loop3: detected capacity change from 0 to 256 [ 215.755620][ T5908] em28xx 3-1:0.132: Closing input extension [ 215.781617][ T5908] em28xx 3-1:0.132: Freeing device [ 215.927216][ T9775] loop6: detected capacity change from 0 to 512 [ 215.954549][ T9728] XFS (loop5): Ending clean mount [ 215.986396][ T9775] EXT4-fs: Ignoring removed bh option [ 216.016601][ T9728] XFS (loop5): Quotacheck needed: Please wait. [ 216.021415][ T9775] EXT4-fs (loop6): orphan cleanup on readonly fs [ 216.118567][ T9775] EXT4-fs error (device loop6): ext4_map_blocks:776: inode #11: block 1: comm syz.6.1499: lblock 0 mapped to illegal pblock 1 (length 1) [ 216.167485][ T9728] XFS (loop5): Quotacheck: Done. [ 216.239191][ T9775] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 216.239901][ T9775] EXT4-fs error (device loop6): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.6.1499: EA inode 11 ref wraparound: ref_count=0 ref_change=-1 [ 216.255401][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 216.272305][ C1] EXT4-fs (loop6): initial error at time 1773790581: ext4_map_blocks:776: inode 11: block 1 [ 216.282435][ C1] EXT4-fs (loop6): last error at time 1773790581: ext4_map_blocks:776: inode 11: block 1 [ 216.345686][ T9775] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 216.347464][ T9775] EXT4-fs warning (device loop6): ext4_xattr_inode_dec_ref_all:1231: inode #11: comm syz.6.1499: ea_inode dec ref err=-117 [ 216.372080][ T9775] EXT4-fs (loop6): 1 orphan inode deleted [ 216.380330][ T9775] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 216.445495][ T9775] overlay: filesystem on ./file0 is read-only [ 216.470893][ T5817] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 216.481204][ T9761] loop1: detected capacity change from 0 to 40427 [ 216.587620][ T9761] F2FS-fs (loop1): invalid crc value [ 216.628585][ T6948] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.883525][ T9798] binder: 9797:9798 ioctl c0306201 2000000003c0 returned -14 [ 216.931244][ T9792] loop3: detected capacity change from 0 to 4096 [ 216.967110][ T9792] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 217.049655][ T9761] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 217.093755][ T9761] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 217.188456][ T9805] loop5: detected capacity change from 0 to 128 [ 217.231007][ T31] audit: type=1800 audit(1773790582.224:74): pid=9792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1507" name="/" dev="loop3" ino=9 res=0 errno=0 [ 217.245727][ T9792] ntfs3(loop3): ino=9, attr_set_size_ex [ 217.295079][ T9805] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 217.303207][ T9792] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 217.320571][ T9805] System zones: 1-3, 19-19, 35-36 [ 217.356230][ T9805] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 217.454907][ T9805] ext4 filesystem being mounted at /232/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 217.747743][ T5817] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 217.972711][ T9827] loop3: detected capacity change from 0 to 1024 [ 217.981714][ T9830] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«= [ 217.987665][ T9830] [U] J"—e:ÀÆ" [ 218.248622][ T59] hfsplus: b-tree write err: -5, ino 25 [ 218.286187][ T59] hfsplus: b-tree write err: -5, ino 4 [ 218.286283][ T59] hfsplus: b-tree write err: -5, ino 2 [ 218.287573][ T59] hfsplus: b-tree write err: -5, ino 17 [ 218.467991][ T9848] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1530'. [ 219.010355][ T9870] loop6: detected capacity change from 0 to 256 [ 219.054911][ T9870] FAT-fs (loop6): Directory bread(block 1285) failed [ 219.096546][ T9870] FAT-fs (loop6): Directory bread(block 1286) failed [ 219.103303][ T9870] FAT-fs (loop6): Directory bread(block 1287) failed [ 219.127472][ T9870] FAT-fs (loop6): Directory bread(block 1288) failed [ 219.263350][ T9870] FAT-fs (loop6): Directory bread(block 1285) failed [ 219.326356][ T9870] FAT-fs (loop6): Directory bread(block 1286) failed [ 219.333104][ T9870] FAT-fs (loop6): Directory bread(block 1287) failed [ 219.354330][ T9879] loop5: detected capacity change from 0 to 1024 [ 219.392078][ T9870] FAT-fs (loop6): Directory bread(block 1288) failed [ 219.416715][ T9879] EXT4-fs: inline encryption not supported [ 219.453070][ T9870] FAT-fs (loop6): Directory bread(block 1285) failed [ 219.462674][ T9882] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1548'. [ 219.494171][ T9870] FAT-fs (loop6): Directory bread(block 1286) failed [ 219.513523][ T9879] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 219.574762][ T9879] EXT4-fs error (device loop5): mb_free_blocks:2047: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt. [ 219.593339][ T9851] loop1: detected capacity change from 0 to 32768 [ 219.600355][ T9879] EXT4-fs (loop5): Remounting filesystem read-only [ 219.763715][ T9851] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 219.829427][ T5817] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.138484][ T9905] loop5: detected capacity change from 0 to 64 [ 220.169959][ T5818] ocfs2: Unmounting device (7,1) on (node local) [ 220.179873][ T9905] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing [ 220.390989][ T9884] loop3: detected capacity change from 0 to 32768 [ 220.407817][ T9911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1561'. [ 220.421442][ T9884] xfs: Deprecated parameter 'attr2' [ 220.435074][ T9884] XFS: attr2 mount option is deprecated. [ 220.520772][ T9884] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 220.636723][ T9884] XFS (loop3): Ending clean mount [ 220.661703][ T9884] XFS (loop3): Quotacheck needed: Please wait. [ 220.751934][ T9884] XFS (loop3): Quotacheck: Done. [ 221.175462][ T5820] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 221.485453][ T9949] 9p: Bad value for 'wfdno' [ 222.021348][ T9967] loop1: detected capacity change from 0 to 128 [ 222.097532][ T9967] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 222.457870][ T9945] loop0: detected capacity change from 0 to 32768 [ 222.521458][ T9945] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 222.735554][ T5895] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 222.749906][ T5822] ocfs2: Unmounting device (7,0) on (node local) [ 222.895781][ T5895] usb 6-1: Using ep0 maxpacket: 8 [ 222.921970][ T5895] usb 6-1: config index 0 descriptor too short (expected 30, got 18) [ 222.964492][ T5895] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 223.001607][ T5895] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.025652][ T5895] usb 6-1: Product: syz [ 223.029832][ T5895] usb 6-1: Manufacturer: syz [ 223.034432][ T5895] usb 6-1: SerialNumber: syz [ 223.072365][ T5895] usb 6-1: config 0 descriptor?? [ 223.087218][ T5895] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 223.087280][ T5895] usb 6-1: setting power ON [ 223.087624][ T5895] dvb-usb: bulk message failed: -22 (2/0) [ 223.106218][ T5895] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 223.200763][ T5895] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 223.237007][ T5895] usb 6-1: media controller created [ 223.265081][ T5895] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 223.317296][ T9987] dvb-usb: bulk message failed: -22 (3/0) [ 223.323342][ T9987] dvb-usb: bulk message failed: -22 (4/0) [ 223.396234][ T5895] usb 6-1: selecting invalid altsetting 6 [ 223.402301][ T5895] usb 6-1: digital interface selection failed (-22) [ 223.468397][ T5895] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 223.510825][ T5895] usb 6-1: setting power OFF [ 223.527645][T10011] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1604'. [ 223.527974][ T5895] dvb-usb: bulk message failed: -22 (2/0) [ 223.563344][ T5895] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 223.569580][T10015] loop0: detected capacity change from 0 to 512 [ 223.585692][ T5895] (NULL device *): no alternate interface [ 223.593072][T10011] tipc: Started in network mode [ 223.632091][T10011] tipc: Node identity fff50000000000000000000000000001, cluster identity 4711 [ 223.665453][T10011] tipc: Enabling of bearer rejected, failed to enable media [ 223.707842][T10015] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.1605: bg 0: block 5: invalid block bitmap [ 223.715307][ T5895] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 223.766096][ T5895] usb 6-1: USB disconnect, device number 7 [ 223.802912][T10015] loop0: lost filesystem error report for type 5 error -117 [ 223.805304][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 223.819133][ C0] EXT4-fs (loop0): initial error at time 1773790588: ext4_validate_block_bitmap:432 [ 223.828584][ C0] EXT4-fs (loop0): last error at time 1773790588: ext4_validate_block_bitmap:432 [ 223.865528][T10015] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 223.890371][T10015] loop0: lost filesystem error report for type 5 error -117 [ 223.893256][T10015] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1605: invalid indirect mapped block 3 (level 2) [ 223.973637][T10015] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 223.977625][T10015] EXT4-fs (loop0): 1 orphan inode deleted [ 224.027879][T10015] EXT4-fs (loop0): 1 truncate cleaned up [ 224.044624][T10015] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.203860][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.320806][T10034] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1614'. [ 224.380431][T10036] loop0: detected capacity change from 0 to 512 [ 224.584042][T10036] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 224.619653][T10041] loop5: detected capacity change from 0 to 4096 [ 224.635848][T10036] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 224.755404][T10056] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 224.897555][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 225.078769][T10061] loop3: detected capacity change from 0 to 64 [ 225.158034][T10061] Trying to free block not in datazone [ 225.541360][T10082] loop3: detected capacity change from 0 to 64 [ 225.643790][T10082] syz.3.1631: attempt to access beyond end of device [ 225.643790][T10082] loop3: rw=8388608, sector=1024, nr_sectors = 2 limit=64 [ 225.693493][ T52] Bluetooth: hci5: command 0x0406 tx timeout [ 225.736268][T10082] Buffer I/O error on dev loop3, logical block 512, async page read [ 225.744784][T10082] syz.3.1631: attempt to access beyond end of device [ 225.744784][T10082] loop3: rw=8388608, sector=113152, nr_sectors = 2 limit=64 [ 225.785476][T10082] Buffer I/O error on dev loop3, logical block 56576, async page read [ 225.831307][T10089] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 226.617079][T10115] batadv0: entered promiscuous mode [ 226.650765][T10115] macsec2: entered allmulticast mode [ 226.667486][T10115] batadv0: entered allmulticast mode [ 226.706049][T10115] batadv0: left allmulticast mode [ 226.711284][T10115] batadv0: left promiscuous mode [ 227.461499][T10140] loop1: detected capacity change from 0 to 4096 [ 227.682541][T10140] ntfs3(loop1): failed to convert "0000" to iso8859-6 [ 227.714033][T10140] ntfs3(loop1): failed to convert "0030" to iso8859-6 [ 227.753235][T10140] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 227.790798][T10140] ntfs3(loop1): failed to convert name for inode 1e. [ 227.835778][T10140] ntfs3(loop1): failed to convert "0032" to iso8859-6 [ 227.875941][T10140] ntfs3(loop1): ino=1f, mi_enum_attr [ 227.881328][T10140] ntfs3(loop1): failed to convert "0033" to iso8859-6 [ 228.344661][T10136] loop5: detected capacity change from 0 to 32768 [ 228.370109][T10125] loop0: detected capacity change from 0 to 40427 [ 228.386077][T10125] F2FS-fs (loop0): invalid crc value [ 228.400674][T10136] BTRFS info: device /dev/loop5 (7:5) using temp-fsid 6dc7fc01-aff4-4b8c-8ba0-cbdba14a7826 [ 228.455401][T10136] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1655 (10136) [ 228.552479][T10136] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 228.605415][T10136] BTRFS info (device loop5): using sha256 checksum algorithm [ 228.759891][T10125] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 228.804479][T10189] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1666'. [ 228.850659][T10136] BTRFS info (device loop5): enabling ssd optimizations [ 228.858346][T10125] F2FS-fs (loop0): Start checkpoint disabled! [ 228.901605][T10136] BTRFS info (device loop5): turning on async discard [ 228.908845][T10125] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0 [ 228.935638][T10136] BTRFS info (device loop5): enabling free space tree [ 228.947946][T10125] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 229.035380][ T5895] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 229.210394][ T13] kworker/u8:1: attempt to access beyond end of device [ 229.210394][ T13] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 229.212442][ T5895] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 229.250245][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.262867][ T5895] usb 3-1: Product: syz [ 229.272915][ T13] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Tainted: G L syzkaller #0 PREEMPT(full) [ 229.272952][ T13] Tainted: [L]=SOFTLOCKUP [ 229.272961][ T13] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 229.272976][ T13] Workqueue: writeback wb_workfn (flush-7:0) [ 229.273015][ T13] Call Trace: [ 229.273024][ T13] [ 229.273033][ T13] dump_stack_lvl+0xe8/0x150 [ 229.273071][ T13] f2fs_handle_critical_error+0x37c/0x540 [ 229.273109][ T13] f2fs_write_end_io+0xcdb/0xff0 [ 229.273166][ T13] __submit_merged_bio+0x256/0x700 [ 229.273204][ T13] __submit_merged_write_cond+0x3c9/0x4e0 [ 229.273248][ T13] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 229.273296][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.273338][ T13] f2fs_write_data_pages+0x2975/0x35e0 [ 229.273376][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.273444][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 229.273495][ T13] ? __pfx_f2fs_available_free_memory+0x10/0x10 [ 229.273554][ T13] ? __pfx_f2fs_balance_fs_bg+0x10/0x10 [ 229.273608][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.273646][ T13] ? __lock_acquire+0x6b5/0x2cf0 [ 229.273690][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.273720][ T13] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 229.273755][ T13] do_writepages+0x32e/0x550 [ 229.273797][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.273824][ T13] ? reacquire_held_locks+0x104/0x190 [ 229.273857][ T13] ? writeback_sb_inodes+0x477/0x1a20 [ 229.273896][ T13] __writeback_single_inode+0x133/0x11a0 [ 229.273930][ T13] ? do_raw_spin_unlock+0xf5/0x210 [ 229.273959][ T13] writeback_sb_inodes+0x992/0x1a20 [ 229.274011][ T13] ? do_raw_spin_unlock+0xf5/0x210 [ 229.274041][ T13] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 229.274069][ T13] ? do_raw_spin_lock+0x12b/0x2f0 [ 229.274136][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.274162][ T13] ? rcu_is_watching+0x15/0xb0 [ 229.274194][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.274230][ T13] wb_writeback+0x456/0xb70 [ 229.274265][ T13] ? queue_io+0x271/0x4a0 [ 229.274302][ T13] ? __pfx_wb_writeback+0x10/0x10 [ 229.274336][ T13] ? do_raw_spin_lock+0x12b/0x2f0 [ 229.274376][ T13] wb_workfn+0x414/0xf50 [ 229.274405][ T13] ? look_up_lock_class+0x57/0x110 [ 229.274451][ T13] ? __pfx_wb_workfn+0x10/0x10 [ 229.274480][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.274506][ T13] ? do_raw_spin_lock+0x12b/0x2f0 [ 229.274532][ T13] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 229.274555][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.274588][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.274627][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.274657][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.274690][ T13] ? process_scheduled_works+0xa8d/0x18c0 [ 229.274723][ T13] ? process_scheduled_works+0xa8d/0x18c0 [ 229.274758][ T13] process_scheduled_works+0xb6e/0x18c0 [ 229.274829][ T13] ? __pfx_process_scheduled_works+0x10/0x10 [ 229.274870][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.274898][ T13] ? assign_work+0x3d5/0x5e0 [ 229.274938][ T13] worker_thread+0xa53/0xfc0 [ 229.274999][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.275040][ T13] kthread+0x388/0x470 [ 229.275065][ T13] ? __pfx_worker_thread+0x10/0x10 [ 229.275098][ T13] ? __pfx_kthread+0x10/0x10 [ 229.275124][ T13] ret_from_fork+0x51e/0xb90 [ 229.275162][ T13] ? __pfx_ret_from_fork+0x10/0x10 [ 229.275192][ T13] ? srso_alias_return_thunk+0x5/0xfbef5 [ 229.275218][ T13] ? __switch_to+0xc7d/0x1450 [ 229.275252][ T13] ? __pfx_kthread+0x10/0x10 [ 229.275279][ T13] ret_from_fork_asm+0x1a/0x30 [ 229.275335][ T13] [ 229.295420][ T5895] usb 3-1: Manufacturer: syz [ 229.365552][ T13] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 229.402280][ T5895] usb 3-1: SerialNumber: syz [ 229.921461][ T5817] BTRFS info (device loop5): last unmount of filesystem 6dc7fc01-aff4-4b8c-8ba0-cbdba14a7826 [ 229.958124][ T5895] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 229.988172][ T5895] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 230.001287][ T5887] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 230.035319][ T5895] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 230.085176][ T5895] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71 [ 230.174742][ T5895] usb 3-1: USB disconnect, device number 11 [ 230.183327][ T5887] usb 4-1: Using ep0 maxpacket: 32 [ 230.210788][ T5887] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 230.242787][ T5887] usb 4-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 230.274274][ T5887] usb 4-1: config 0 interface 0 has no altsetting 0 [ 230.293430][ T5887] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 230.323106][ T5887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.341820][ T5887] usb 4-1: Product: syz [ 230.351473][ T5887] usb 4-1: Manufacturer: syz [ 230.366091][ T5887] usb 4-1: SerialNumber: syz [ 230.413363][ T5887] usb 4-1: config 0 descriptor?? [ 230.612366][ T5895] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 230.815552][ T5895] usb 3-1: Using ep0 maxpacket: 32 [ 230.843000][ T5895] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 230.875714][ T5887] gs_usb 4-1:0.0: Configuring for 256 interfaces [ 230.887387][ T5887] gs_usb 4-1:0.0: Driver cannot handle more that 255 CAN interfaces [ 230.899293][ T5895] usb 3-1: New USB device found, idVendor=0c0b, idProduct=a109, bcdDevice=22.db [ 230.915105][ T5887] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -22 [ 230.923186][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.971191][ T5895] usb 3-1: Product: syz [ 230.985370][ T5895] usb 3-1: Manufacturer: syz [ 230.990527][ T5895] usb 3-1: SerialNumber: syz [ 231.046622][ T5895] usb 3-1: config 0 descriptor?? [ 231.072446][ T5887] usb 4-1: USB disconnect, device number 9 [ 231.079099][ T5895] ums-datafab 3-1:0.0: USB Mass Storage device detected [ 231.153045][ T5895] ums-datafab 3-1:0.0: Quirks match for vid 0c0b pid a109: 1 [ 231.227495][ T5895] scsi host1: usb-storage 3-1:0.0 [ 231.331328][ T5895] usb 3-1: USB disconnect, device number 12 [ 231.428530][T10234] Cannot find set identified by id 0 to match [ 232.103359][T10255] netlink: 'syz.0.1693': attribute type 9 has an invalid length. [ 232.191805][T10260] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1695'. [ 232.302719][T10263] loop5: detected capacity change from 0 to 128 [ 232.372607][T10263] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 232.396381][T10263] ext4 filesystem being mounted at /262/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 232.513942][T10263] EXT4-fs (loop5): resizing filesystem from 64 to 2 blocks [ 232.523119][T10263] EXT4-fs warning (device loop5): ext4_resize_fs:2041: can't shrink FS - resize aborted [ 232.654607][T10271] Invalid ELF header len 4 [ 232.661859][T10272] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1699'. [ 232.665599][ T5817] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 232.847687][T10276] netlink: 'syz.6.1700': attribute type 178 has an invalid length. [ 232.958040][T10284] loop1: detected capacity change from 0 to 512 [ 233.015662][T10284] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 233.115967][T10284] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1706: bg 0: block 104: invalid block bitmap [ 233.220520][T10284] loop1: lost filesystem error report for type 5 error -117 [ 233.223175][T10284] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6685: Corrupt filesystem [ 233.230726][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 233.230754][ C0] EXT4-fs (loop1): initial error at time 1773790598: ext4_validate_block_bitmap:432 [ 233.230785][ C0] EXT4-fs (loop1): last error at time 1773790598: ext4_validate_block_bitmap:432 [ 233.303954][T10284] loop1: lost filesystem error report for type 5 error -117 [ 233.304634][T10284] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1706: invalid indirect mapped block 1 (level 1) [ 233.371605][T10284] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 233.374447][T10284] EXT4-fs (loop1): 1 truncate cleaned up [ 233.405887][T10299] use of bytesused == 0 is deprecated and will be removed in the future, [ 233.453576][T10284] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.480947][T10299] use the actual size instead. [ 233.583560][T10303] pim6reg: entered allmulticast mode [ 233.603573][T10304] pim6reg: left allmulticast mode [ 233.645767][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.683700][T10306] netlink: 'syz.6.1716': attribute type 1 has an invalid length. [ 233.714879][T10306] netlink: 228 bytes leftover after parsing attributes in process `syz.6.1716'. [ 233.744108][T10306] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1716'. [ 234.358863][T10325] loop6: detected capacity change from 0 to 8 [ 234.377366][T10294] loop3: detected capacity change from 0 to 32768 [ 234.385402][ T5824] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 234.424415][T10325] SQUASHFS error: xz decompression failed, data probably corrupt [ 234.441417][T10325] SQUASHFS error: Failed to read block 0x108: -5 [ 234.452176][T10294] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 234.460358][T10325] SQUASHFS error: Unable to read metadata cache entry [106] [ 234.495116][T10325] SQUASHFS error: Unable to read inode 0x11f [ 234.539501][ T5824] usb 3-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 234.558968][ T5824] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.598176][ T5824] usb 3-1: Product: syz [ 234.602472][ T5824] usb 3-1: Manufacturer: syz [ 234.639029][ T5824] usb 3-1: SerialNumber: syz [ 234.700373][ T5824] usb 3-1: config 0 descriptor?? [ 234.705713][ T5824] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 234.721184][T10294] XFS (loop3): Ending clean mount [ 234.723899][ T5824] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 234.732570][ T5824] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 234.732637][ T5824] usb 3-1: media controller created [ 234.783199][ T5824] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 234.810063][T10312] loop1: detected capacity change from 0 to 32768 [ 234.838246][T10312] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1717 (10312) [ 234.955963][ T5820] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 235.006406][ T5824] DVB: Unable to find symbol mt352_attach() [ 235.012642][T10312] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 235.046587][T10312] BTRFS info (device loop1): using crc32c checksum algorithm [ 235.245837][ T5824] DVB: Unable to find symbol nxt6000_attach() [ 235.253855][ T5824] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 235.288175][ T5824] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input13 [ 235.327332][ T5824] dvb-usb: schedule remote query interval to 1000 msecs. [ 235.344891][ T5824] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 235.355635][ T5824] dvb-usb: bulk message failed: -22 (7/0) [ 235.360732][T10312] BTRFS info (device loop1): turning off barriers [ 235.362295][ T5824] dvb-usb: bulk message failed: -22 (7/0) [ 235.395219][T10312] BTRFS info (device loop1): enabling free space tree [ 235.402122][T10312] BTRFS info (device loop1): use zstd compression, level 3 [ 235.467555][ T5824] usb 3-1: USB disconnect, device number 13 [ 235.678922][ T5824] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 235.745615][ T31] audit: type=1326 audit(1773790600.734:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.0.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 235.794775][ T5818] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 235.870287][ T31] audit: type=1326 audit(1773790600.764:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.0.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 236.014212][ T31] audit: type=1326 audit(1773790600.764:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.0.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 236.120812][ T31] audit: type=1326 audit(1773790600.764:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.0.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 236.236119][ T31] audit: type=1326 audit(1773790600.764:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.0.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 236.378022][ T31] audit: type=1326 audit(1773790600.764:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.0.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 236.405527][ T5824] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 236.470687][ T31] audit: type=1326 audit(1773790600.764:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.0.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 236.598500][ T31] audit: type=1326 audit(1773790600.764:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.0.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 236.712647][ T5824] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 236.715480][ T31] audit: type=1326 audit(1773790600.764:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10367 comm="syz.0.1734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 236.733463][ T5824] usb 7-1: config 0 has no interface number 0 [ 236.762312][T10395] xt_hashlimit: size too large, truncated to 1048576 [ 236.835593][ T5824] usb 7-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 236.844672][ T5824] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.956363][ T5824] usb 7-1: config 0 descriptor?? [ 237.003038][ T5824] usb 7-1: selecting invalid altsetting 1 [ 237.023318][T10406] overlayfs: conflicting options: userxattr,redirect_dir=on [ 237.033680][ T5824] dvb_ttusb_budget: ttusb_init_controller: error [ 237.071377][ T5824] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 237.252371][T10412] loop0: detected capacity change from 0 to 1024 [ 237.343589][T10412] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 237.355451][ T5824] DVB: Unable to find symbol cx22700_attach() [ 237.413445][T10419] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1757'. [ 237.423506][T10419] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1757'. [ 237.491520][ T5824] DVB: Unable to find symbol tda10046_attach() [ 237.525819][ T5824] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 237.574261][ T5824] usb 7-1: USB disconnect, device number 4 [ 237.732936][T10429] loop1: detected capacity change from 0 to 1764 [ 237.772872][T10429] iso9660: Bad value for 'check' [ 238.133021][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 238.665406][ T5824] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 238.901750][ T5824] usb 7-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 238.915299][ T5824] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.968998][ T5824] usb 7-1: Product: syz [ 238.973221][ T5824] usb 7-1: Manufacturer: syz [ 239.002214][ T5824] usb 7-1: SerialNumber: syz [ 239.046289][ T5824] usb 7-1: config 0 descriptor?? [ 239.069222][ T5824] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 239.141072][T10434] loop3: detected capacity change from 0 to 32768 [ 239.395403][ T5908] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 239.578277][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 239.607203][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 239.625377][ T5908] usb 6-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 239.634445][ T5908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.659964][ T5908] usb 6-1: config 0 descriptor?? [ 239.674956][ T5824] gspca_sunplus: reg_r err -71 [ 239.688757][ T5824] sunplus 7-1:0.0: probe with driver sunplus failed with error -71 [ 239.724765][ T5824] usb 7-1: USB disconnect, device number 5 [ 240.063454][T10477] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1781'. [ 240.088149][T10479] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1782'. [ 240.297922][ T5908] hid-led 0003:27B8:01ED.000E: probe with driver hid-led failed with error -71 [ 240.341542][ T5908] usb 6-1: USB disconnect, device number 8 [ 240.504075][T10494] veth1_macvtap: left promiscuous mode [ 240.510175][T10494] macsec0: entered promiscuous mode [ 240.541317][T10494] veth1_macvtap: entered promiscuous mode [ 240.563790][T10494] macsec0: left promiscuous mode [ 240.883398][T10510] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1797'. [ 241.466322][ T5908] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 241.571450][T10539] loop5: detected capacity change from 0 to 1024 [ 241.635755][ T5908] usb 7-1: Using ep0 maxpacket: 32 [ 241.649085][ T5908] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 241.668026][T10539] hfsplus: invalid extended attribute record [ 241.672482][ T5908] usb 7-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 241.711415][ T5908] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 241.726065][ T5915] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 241.744084][ T5908] usb 7-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 241.771094][ T5908] usb 7-1: Product: syz [ 241.780440][ T5908] usb 7-1: Manufacturer: syz [ 241.791187][ T1106] hfsplus: b-tree write err: -5, ino 8 [ 241.797638][ T5908] hub 7-1:4.0: USB hub found [ 241.820514][T10542] loop3: detected capacity change from 0 to 512 [ 241.859899][T10542] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 241.919107][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 241.951125][T10542] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 241.956271][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 241.992957][ T5915] usb 2-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 242.003195][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 242.013373][ T5908] hub 7-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 242.029096][ T5915] usb 2-1: config 0 descriptor?? [ 242.037807][T10542] EXT4-fs (loop3): 1 truncate cleaned up [ 242.074081][T10542] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 242.278370][ T31] audit: type=1326 audit(1773790607.274:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 242.323321][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.339309][ T5908] usb 7-1: USB disconnect, device number 6 [ 242.386619][ T31] audit: type=1326 audit(1773790607.304:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 242.437502][ T31] audit: type=1326 audit(1773790607.304:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 242.495453][ T5915] hid_parser_main: 227 callbacks suppressed [ 242.495479][ T5915] hid-steam 0003:28DE:1142.000F: unknown main item tag 0x0 [ 242.533774][ T5915] hid-steam 0003:28DE:1142.000F: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.1-1/input0 [ 242.548211][ T31] audit: type=1326 audit(1773790607.304:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 242.578414][T10557] loop0: detected capacity change from 0 to 1024 [ 242.606268][ T31] audit: type=1326 audit(1773790607.304:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 242.655429][ T5915] hid-steam 0003:28DE:1142.000F: Steam wireless receiver connected [ 242.675721][ T31] audit: type=1326 audit(1773790607.304:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 242.713732][ T5915] hid-steam 0003:28DE:1142.0010: unknown main item tag 0x0 [ 242.724653][T10557] hfsplus: bad catalog entry type [ 242.749358][ T31] audit: type=1326 audit(1773790607.304:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 242.788502][ T5915] hid-steam 0003:28DE:1142.0010: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.1-1/input0 [ 242.847491][ T5915] usb 2-1: USB disconnect, device number 9 [ 242.875523][ T31] audit: type=1326 audit(1773790607.304:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 242.943018][ T5915] hid-steam 0003:28DE:1142.000F: Steam wireless receiver disconnected [ 242.965865][ T13] hfsplus: b-tree write err: -5, ino 25 [ 242.973855][ T13] hfsplus: b-tree write err: -5, ino 4 [ 242.980991][T10562] rdma_op ffff8880237399f0 conn xmit_rdma 0000000000000000 [ 243.002374][ T13] hfsplus: b-tree write err: -5, ino 2 [ 243.015475][ T31] audit: type=1326 audit(1773790607.314:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 243.050236][T10558] fido_id[10558]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 243.070041][ T31] audit: type=1326 audit(1773790607.314:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10550 comm="syz.0.1815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f16c679c799 code=0x7ffc0000 [ 243.263657][T10568] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 243.408187][ T5915] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 243.557395][T10579] loop0: detected capacity change from 0 to 128 [ 243.573014][T10556] loop3: detected capacity change from 0 to 32768 [ 243.576364][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 243.601904][ T5915] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 243.616002][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 243.666673][T10556] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1817 (10556) [ 243.675563][ T5915] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 243.747667][ T5915] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 243.758349][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.783937][ T5915] usb 3-1: config 0 descriptor?? [ 243.816586][T10556] BTRFS info (device loop3): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 243.862344][T10556] BTRFS info (device loop3): using blake2b checksum algorithm [ 243.989849][T10556] BTRFS info (device loop3): enabling ssd optimizations [ 244.011427][T10556] BTRFS info (device loop3): turning on async discard [ 244.025330][T10556] BTRFS info (device loop3): enabling free space tree [ 244.042381][T10556] BTRFS info (device loop3): use lzo compression, level 1 [ 244.069236][ T5915] hdpvr 3-1:0.0: firmware version 0xbf dated Vúßk­¸ÝáÒ&yñœüeÍI´ FK•HÇd›c ßœ ùÝ`{[Ž [ 244.116489][ T5915] hdpvr 3-1:0.0: untested firmware, the driver might not work. [ 244.124149][T10601] xt_hashlimit: size too large, truncated to 1048576 [ 244.159829][T10605] loop5: detected capacity change from 0 to 64 [ 244.328552][ T5820] BTRFS info (device loop3): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663 [ 244.448016][ T5817] hfs: node 4:3 still has 1 user(s)! [ 244.625455][ T5915] hdpvr 3-1:0.0: Could not setup controls [ 244.640182][ T5915] hdpvr 3-1:0.0: registering videodev failed [ 244.716347][ T5915] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -71 [ 244.774611][ T5915] usb 3-1: USB disconnect, device number 14 [ 245.066622][T10625] loop5: detected capacity change from 0 to 256 [ 245.153093][T10625] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 245.751727][T10648] loop5: detected capacity change from 0 to 1024 [ 245.840222][T10648] syz.5.1852: attempt to access beyond end of device [ 245.840222][T10648] loop5: rw=8388608, sector=33030148, nr_sectors = 2 limit=1024 [ 245.932043][T10648] Buffer I/O error on dev loop5, logical block 16515074, async page read [ 245.965676][T10648] hfsplus: unable to mark blocks free: error -5 [ 245.971971][T10648] hfsplus: can't free extent: start 134, count 1 [ 246.177274][ T80] hfsplus: b-tree write err: -5, ino 25 [ 246.197716][ T80] hfsplus: b-tree write err: -5, ino 4 [ 246.212412][ T80] hfsplus: b-tree write err: -5, ino 2 [ 246.234968][ T80] hfsplus: b-tree write err: -5, ino 20 [ 246.787281][T10689] loop5: detected capacity change from 0 to 1024 [ 246.861416][T10663] loop0: detected capacity change from 0 to 32768 [ 246.892670][ T5832] Bluetooth: hci1: command 0x0406 tx timeout [ 246.937676][T10663] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 247.053172][T10663] XFS (loop0): Ending clean mount [ 247.107104][ T80] hfsplus: b-tree write err: -5, ino 8 [ 247.162260][T10702] loop3: detected capacity change from 0 to 4096 [ 247.372091][ T52] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 247.387619][ T52] Bluetooth: hci1: Injecting HCI hardware error event [ 247.397438][ T5832] Bluetooth: hci1: hardware error 0x00 [ 247.412454][T10706] loop6: detected capacity change from 0 to 4096 [ 247.460916][ T5822] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 247.506937][T10706] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512). [ 248.431634][T10727] loop0: detected capacity change from 0 to 2048 [ 248.488170][T10727] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 248.525393][ T5915] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 248.536643][T10727] ext4 filesystem being mounted at /326/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 248.659284][T10727] fs-verity (loop0, inode 18): Unknown hash algorithm number: 0 [ 248.675365][ T5915] usb 4-1: Using ep0 maxpacket: 16 [ 248.687988][ T5915] usb 4-1: unable to get BOS descriptor or descriptor too short [ 248.726693][ T5915] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7 [ 248.755487][ T5915] usb 4-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40 [ 248.770722][T10740] loop1: detected capacity change from 0 to 256 [ 248.775227][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 248.785486][ T5915] usb 4-1: Product: syz [ 248.789668][ T5915] usb 4-1: Manufacturer: syz [ 248.794263][ T5915] usb 4-1: SerialNumber: syz [ 248.840815][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.858292][T10740] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x246dc941, utbl_chksum : 0xe619d30d) [ 248.898854][T10716] loop5: detected capacity change from 0 to 32768 [ 248.949408][ T31] kauditd_printk_skb: 30 callbacks suppressed [ 248.949430][ T31] audit: type=1800 audit(1773790613.944:124): pid=10740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1888" name="file1" dev="loop1" ino=1048837 res=0 errno=0 [ 249.004121][T10716] (syz.5.1879,10716,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 249.055095][T10716] (syz.5.1879,10716,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 249.105101][ T5915] usb 4-1: Audio class v2/v3 interfaces need an interface association [ 249.150323][ T5915] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 249.180376][T10716] JBD2: Ignoring recovery information on journal [ 249.284452][ T5915] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 249.286898][T10716] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 249.532685][ T5832] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 249.537032][ T5824] usb 4-1: USB disconnect, device number 10 [ 249.852174][ T5817] ocfs2: Unmounting device (7,5) on (node local) [ 250.099369][ T31] audit: type=1326 audit(1773790615.084:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.1.1902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 250.199373][ T31] audit: type=1326 audit(1773790615.084:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.1.1902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 250.267679][ T31] audit: type=1326 audit(1773790615.124:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.1.1902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 250.348463][ T31] audit: type=1326 audit(1773790615.124:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.1.1902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 250.392200][T10744] loop6: detected capacity change from 0 to 32768 [ 250.475391][ T31] audit: type=1326 audit(1773790615.124:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.1.1902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 250.576288][T10786] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1910'. [ 250.579137][ T31] audit: type=1326 audit(1773790615.134:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.1.1902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 250.595762][T10785] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 250.673012][ T31] audit: type=1326 audit(1773790615.134:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.1.1902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 250.785394][ T31] audit: type=1326 audit(1773790615.134:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.1.1902" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 251.840292][T10835] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1933'. [ 252.106049][T10841] loop1: detected capacity change from 0 to 256 [ 252.139153][T10839] loop5: detected capacity change from 0 to 4096 [ 252.148806][T10843] loop6: detected capacity change from 0 to 512 [ 252.180269][T10843] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 252.188000][T10841] FAT-fs (loop1): Directory bread(block 64) failed [ 252.224297][T10841] FAT-fs (loop1): Directory bread(block 65) failed [ 252.244541][T10844] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 252.273074][T10841] FAT-fs (loop1): Directory bread(block 66) failed [ 252.284716][T10841] FAT-fs (loop1): Directory bread(block 67) failed [ 252.293214][T10843] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 252.335964][ T31] audit: type=1326 audit(1773790617.284:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10819 comm="syz.0.1926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16c679c799 code=0x7fc00000 [ 252.374814][T10841] FAT-fs (loop1): Directory bread(block 68) failed [ 252.429162][T10841] FAT-fs (loop1): Directory bread(block 69) failed [ 252.465970][T10841] FAT-fs (loop1): Directory bread(block 70) failed [ 252.472783][T10841] FAT-fs (loop1): Directory bread(block 71) failed [ 252.504335][T10843] EXT4-fs error (device loop6): ext4_map_blocks:776: inode #2: block 3: comm syz.6.1937: lblock 8 mapped to illegal pblock 3 (length 26) [ 252.511981][T10841] FAT-fs (loop1): Directory bread(block 72) failed [ 252.557464][T10841] FAT-fs (loop1): Directory bread(block 73) failed [ 252.671636][ T6948] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.824712][T10833] loop3: detected capacity change from 0 to 32768 [ 252.846344][T10854] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1940'. [ 253.009677][T10833] JBD2: Ignoring recovery information on journal [ 253.184946][T10833] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 253.298369][T10833] (syz.3.1932,10833,0):ocfs2_read_blocks:239 ERROR: status = -12 [ 253.322079][T10833] (syz.3.1932,10833,0):ocfs2_trim_mainbm:7631 ERROR: status = -12 [ 253.376804][ T5824] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 253.437795][ T5820] ocfs2: Unmounting device (7,3) on (node local) [ 253.545473][ T5824] usb 3-1: Using ep0 maxpacket: 16 [ 253.552750][ T5824] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 253.578558][ T5824] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 253.594178][ T5824] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 253.610430][ T5824] usb 3-1: New USB device found, idVendor=05a4, idProduct=1700, bcdDevice= 0.00 [ 253.623699][ T5824] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 253.642641][ T5824] usb 3-1: config 0 descriptor?? [ 254.103656][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.113981][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.127344][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.136395][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.143383][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.164114][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.193328][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.211778][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.224267][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.231421][ T5824] ortek 0003:05A4:1700.0011: unknown main item tag 0x0 [ 254.273823][ T5824] ortek 0003:05A4:1700.0011: hidraw0: USB HID v0.04 Device [HID 05a4:1700] on usb-dummy_hcd.2-1/input0 [ 254.323765][ T5824] usb 3-1: USB disconnect, device number 15 [ 254.357922][ T5895] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 254.551714][ T5895] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 254.566634][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.582804][ T5895] usb 2-1: Product: syz [ 254.588505][ T5895] usb 2-1: Manufacturer: syz [ 254.593621][ T5895] usb 2-1: SerialNumber: syz [ 254.773992][T10913] loop6: detected capacity change from 0 to 512 [ 254.792574][T10913] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 254.828629][ T5895] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 254.878710][ T5895] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 254.905836][ T5895] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 254.936430][ T5895] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71 [ 254.975397][ T5895] usb 2-1: USB disconnect, device number 10 [ 255.060030][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.067178][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.310424][T10925] loop3: detected capacity change from 0 to 1024 [ 255.328839][T10924] ubi31: attaching mtd0 [ 255.342450][T10924] ubi31: scanning is finished [ 255.366944][T10925] hfsplus: bad catalog entry type [ 255.378471][T10924] ubi31: empty MTD device detected [ 255.419407][ T13] hfsplus: b-tree write err: -5, ino 25 [ 255.446959][ T13] hfsplus: b-tree write err: -5, ino 4 [ 255.458903][ T13] hfsplus: b-tree write err: -5, ino 2 [ 255.476782][ T5895] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 255.520539][T10911] loop5: detected capacity change from 0 to 32768 [ 255.568867][T10911] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 255.645331][ T5895] usb 2-1: Using ep0 maxpacket: 32 [ 255.657139][ T5895] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 255.701512][ T5895] usb 2-1: New USB device found, idVendor=0c0b, idProduct=a109, bcdDevice=22.db [ 255.762461][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.795486][T10924] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 255.803092][T10924] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 255.835313][ T5895] usb 2-1: Product: syz [ 255.839527][ T5895] usb 2-1: Manufacturer: syz [ 255.887402][T10911] XFS (loop5): Ending clean mount [ 255.892603][ T5895] usb 2-1: SerialNumber: syz [ 255.905897][T10924] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 255.912994][T10924] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 255.928897][ T5895] usb 2-1: config 0 descriptor?? [ 255.939189][T10911] XFS (loop5): Quotacheck needed: Please wait. [ 255.950789][T10924] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 255.958430][T10924] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 255.999692][T10924] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2094195679 [ 256.011294][ T5895] ums-datafab 2-1:0.0: USB Mass Storage device detected [ 256.039913][ T5895] ums-datafab 2-1:0.0: Quirks match for vid 0c0b pid a109: 1 [ 256.052840][T10924] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 256.064769][ T5895] scsi host1: usb-storage 2-1:0.0 [ 256.071861][T10943] loop0: detected capacity change from 0 to 4096 [ 256.095906][T10943] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 256.107440][T10951] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1979'. [ 256.129107][T10911] XFS (loop5): Quotacheck: Done. [ 256.172856][T10941] ubi31: background thread "ubi_bgt31d" started, PID 10941 [ 256.189217][ T5895] usb 2-1: USB disconnect, device number 11 [ 256.354343][ T5817] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 256.498317][ T5832] Bluetooth: hci5: link tx timeout [ 256.504544][ T5832] Bluetooth: hci5: killing stalled connection 10:aa:aa:aa:aa:aa [ 256.768308][T10960] overlayfs: workdir and upperdir must be separate subtrees [ 256.822470][T10962] loop0: detected capacity change from 0 to 1024 [ 256.951216][T10966] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1987'. [ 256.977754][ T130] hfsplus: b-tree write err: -5, ino 25 [ 256.986375][ T130] hfsplus: b-tree write err: -5, ino 4 [ 257.035180][ T130] hfsplus: b-tree write err: -5, ino 2 [ 257.218223][T10974] vlan2: entered promiscuous mode [ 257.223585][T10974] macvtap0: entered promiscuous mode [ 257.309006][T10980] vivid-004: disconnect [ 257.886486][T11003] netlink: 10 bytes leftover after parsing attributes in process `syz.5.2003'. [ 258.077392][T10978] vivid-004: reconnect [ 258.395396][ T5887] IPVS: starting estimator thread 0... [ 258.486195][T11026] IPVS: using max 25 ests per chain, 60000 per kthread [ 258.565399][ T52] Bluetooth: hci5: command 0x0406 tx timeout [ 258.599637][T11033] dummy0: entered promiscuous mode [ 258.623029][T11033] macsec1: entered promiscuous mode [ 258.679261][T11033] dummy0: left promiscuous mode [ 258.793099][ T975] hid-generic 0006:0004:0009.0012: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 259.061166][T11046] fido_id[11046]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 259.075500][T11048] loop5: detected capacity change from 0 to 512 [ 259.112609][T11048] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 259.181557][T11048] ext4 filesystem being mounted at /323/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 259.645477][T11075] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2037'. [ 259.780761][T11083] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2039'. [ 259.923274][T11088] loop3: detected capacity change from 0 to 736 [ 259.964265][ T5817] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.012804][T11092] ptrace attach of "./syz-executor exec"[5818] was attempted by "ýßu+íO'Uçl$WB·ivÏQåÈ°&*\x07¥ -ä:Ma{MræÏ°ØÄZï‰øÓT!kúWŒ_~—¤{&¿Tçvf<¤×{t‘žýªôV\x0d7á1™¥%Ú^~›‚Åõy’—Ä\x5c>¸qX\x09aŸéEÌx¨–~$ßRåÖ~…¼sÛ„9!þ+îËlàvûs\x22~UëxåaŒ*œfÜÈPyôw.¼ÁÉ6û©iîÂBÖ¡O‹¼ÕÎ ¼‘Ì^¦$ îÆwÃü*ƒ÷Íãû? Æ;Ø-é«b·?3—AÕ”‘SÃÑ­ÂKkÆÛr\x0aæéÃØ™:…y>sÄy\x1b¢SD8\x1bÝuƒ\x0aÚÑ2Ûš.¼bf×h„³Üú™‰ËݹÆ5¿cM¹+²wœkà×Ò|Í(Hnô'cC¼æj<,ᨊ¬r.uñ(ln¹vNÍ¿FˆQ+&iÝÁŽÐkŸŸÐ&È¢¬Ä¤>è²¥½f‰bRs«ó·–¾\x0c~1šœ‰Ï%^“?ñ\x1bÈYµû\x1b­g¯´-3Ë©VO|\x0aá³·ÖÆÄ[.ØÀ'3õ¹‹ÚDµÁAÿÅüzrcOÆ ¥ƒ,œô‘»;ò½ŽÛj„Õ!pŽoûŸUe{‘™ˆÅs%@èO®tnZ–b™§Bš&+4û?pÄÅRN¡Œû½!YË‘Nj˜âgÎiqÐïÜ[¶6ÙÍh“í²vN|›°Õ xiúèPo54(%*ª Ëô½ŒáëħlåLU•»©²Dà䧥7`zú8äh¨Â“ý½„Ù=»‚¨š-eÞði¤’î}˜\x5c\x09£v:-×Ë\x09•œ9.½¦V€¨•§E×&õ†æ¹\x09 b&hΚ€AŽ‘`œRœƒ&±½Ö•—AÌÔO •Ý›/\x1bLÀ\x07Àû&÷òDÈuÄoO…æÆ^Cò'S1 @¯ÃŠòôû#^^ô„¥V1¥¾56rè©´tUõ\x0cô¸½0é´²˜´´>’‰ÅªèÙìMÑü²VÐjØ\x07À=ºÉ}]M†‡XUtûÜY[%>p¹üÄù*×ójšs;”Ûx—9K§£4Ím{yÞãWp5p\x0cVÕ\x0c×\x0a(UηúX«þ8'C}ôħ¿°J=Òјáæ6WwØ&äu×]÷±8?¯œ +Äßþ3 [ 260.065419][ T975] kernel write not supported for file /uinput (pid: 975 comm: kworker/0:2) [ 260.260332][T11096] netlink: 'syz.2.2046': attribute type 1 has an invalid length. [ 260.351330][T11096] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2046'. [ 260.376872][T11103] loop1: detected capacity change from 0 to 512 [ 260.401956][T11096] netlink: 'syz.2.2046': attribute type 1 has an invalid length. [ 260.470779][T11096] netlink: 'syz.2.2046': attribute type 8 has an invalid length. [ 260.499013][T11096] netlink: 606 bytes leftover after parsing attributes in process `syz.2.2046'. [ 260.836261][T11107] loop6: detected capacity change from 0 to 4096 [ 260.847777][T11111] loop3: detected capacity change from 0 to 4096 [ 260.867389][T11107] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 261.040196][ T975] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 261.060162][T11107] ntfs3(loop6): ino=1d, mi_enum_attr [ 261.078224][T11107] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 261.148688][T11107] ntfs3(loop6): ino=1d, mi_enum_attr [ 261.229031][ T975] usb 2-1: Using ep0 maxpacket: 16 [ 261.266313][ T975] usb 2-1: config 0 interface 0 altsetting 13 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 261.299351][T11129] loop0: detected capacity change from 0 to 256 [ 261.311829][ T975] usb 2-1: config 0 interface 0 altsetting 13 endpoint 0x81 has invalid wMaxPacketSize 0 [ 261.339929][ T975] usb 2-1: config 0 interface 0 has no altsetting 0 [ 261.368327][ T975] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b25, bcdDevice= 0.00 [ 261.375438][T11131] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2061'. [ 261.403162][T11129] exfat: Deprecated parameter 'utf8' [ 261.427191][ T975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.435418][T11129] exfat: Deprecated parameter 'utf8' [ 261.499523][T11129] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 261.524127][ T975] usb 2-1: config 0 descriptor?? [ 261.858401][T11136] loop6: detected capacity change from 0 to 4096 [ 261.984540][ T975] hid_parser_main: 42 callbacks suppressed [ 261.984568][ T975] hid-corsair-void 0003:1B1C:1B25.0013: unknown main item tag 0x0 [ 262.033638][ T975] hid-corsair-void 0003:1B1C:1B25.0013: unknown main item tag 0x0 [ 262.041866][ T975] hid-corsair-void 0003:1B1C:1B25.0013: unknown main item tag 0x0 [ 262.068546][T11145] loop5: detected capacity change from 0 to 64 [ 262.076443][ T975] hid-corsair-void 0003:1B1C:1B25.0013: unknown main item tag 0x0 [ 262.126887][ T975] hid-corsair-void 0003:1B1C:1B25.0013: unknown main item tag 0x0 [ 262.175895][ T975] hid-corsair-void 0003:1B1C:1B25.0013: hidraw0: USB HID v0.05 Device [HID 1b1c:1b25] on usb-dummy_hcd.1-1/input0 [ 262.262179][ T975] usb 2-1: USB disconnect, device number 12 [ 262.382739][T11148] fido_id[11148]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 262.540537][ T130] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.664266][ T130] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.796025][ T130] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.072749][ T130] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.092260][T11171] loop6: detected capacity change from 0 to 8 [ 263.129082][T11171] SQUASHFS error: Unable to read directory block [249:c] [ 263.156186][T11177] loop1: detected capacity change from 0 to 256 [ 263.271662][T11177] FAT-fs (loop1): Directory bread(block 64) failed [ 263.291574][T11177] FAT-fs (loop1): Directory bread(block 65) failed [ 263.307160][ T52] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 263.316630][ T52] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 263.324340][ T52] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 263.332763][ T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 263.340521][ T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 263.345783][T11177] FAT-fs (loop1): Directory bread(block 66) failed [ 263.409871][T11177] FAT-fs (loop1): Directory bread(block 67) failed [ 263.439819][T11177] FAT-fs (loop1): Directory bread(block 68) failed [ 263.465807][T11177] FAT-fs (loop1): Directory bread(block 69) failed [ 263.482076][T11177] FAT-fs (loop1): Directory bread(block 70) failed [ 263.499587][T11177] FAT-fs (loop1): Directory bread(block 71) failed [ 263.510039][T11177] FAT-fs (loop1): Directory bread(block 72) failed [ 263.540118][T11177] FAT-fs (loop1): Directory bread(block 73) failed [ 263.935627][ T5887] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 264.019979][T11181] chnl_net:caif_netlink_parms(): no params data found [ 264.117598][ T5887] usb 4-1: too many configurations: 33, using maximum allowed: 8 [ 264.153631][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.187427][ T5887] usb 4-1: config 0 has no interfaces? [ 264.204619][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.225054][ T5887] usb 4-1: config 0 has no interfaces? [ 264.249224][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.273599][ T5887] usb 4-1: config 0 has no interfaces? [ 264.300127][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.356129][ T5887] usb 4-1: config 0 has no interfaces? [ 264.385958][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.433879][T11219] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2100'. [ 264.445549][ T5887] usb 4-1: config 0 has no interfaces? [ 264.500546][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.529147][ T5887] usb 4-1: config 0 has no interfaces? [ 264.558888][T11181] bridge0: port 1(bridge_slave_0) entered blocking state [ 264.570447][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.580062][T11181] bridge0: port 1(bridge_slave_0) entered disabled state [ 264.592605][T11181] bridge_slave_0: entered allmulticast mode [ 264.600462][ T5887] usb 4-1: config 0 has no interfaces? [ 264.616562][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 264.619755][T11181] bridge_slave_0: entered promiscuous mode [ 264.634877][ T5887] usb 4-1: config 0 has no interfaces? [ 264.648817][ T5887] usb 4-1: New USB device found, idVendor=0eb1, idProduct=6668, bcdDevice=57.b8 [ 264.678936][ T5887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 264.720516][ T5887] usb 4-1: Product: syz [ 264.724745][ T5887] usb 4-1: Manufacturer: syz [ 264.736393][T11181] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.740085][ T5887] usb 4-1: SerialNumber: syz [ 264.768273][T11181] bridge0: port 2(bridge_slave_1) entered disabled state [ 264.781948][ T5887] usb 4-1: config 0 descriptor?? [ 264.810355][T11181] bridge_slave_1: entered allmulticast mode [ 264.824418][T11181] bridge_slave_1: entered promiscuous mode [ 264.848196][T11232] loop5: detected capacity change from 0 to 164 [ 264.931164][T11232] ISOFS: unable to read i-node block [ 264.999712][ T130] bridge_slave_1: left allmulticast mode [ 265.009326][ T130] bridge_slave_1: left promiscuous mode [ 265.036046][ T130] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.075762][ T5908] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 265.090032][ T130] bridge_slave_0: left allmulticast mode [ 265.110780][ T130] bridge_slave_0: left promiscuous mode [ 265.130977][ T130] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.236049][ T5908] usb 3-1: Using ep0 maxpacket: 16 [ 265.248055][ T5908] usb 3-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 265.265685][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.284732][ T5908] usb 3-1: Product: syz [ 265.303981][ T5908] usb 3-1: Manufacturer: syz [ 265.312446][ T5908] usb 3-1: SerialNumber: syz [ 265.339532][ T5908] usb 3-1: config 0 descriptor?? [ 265.359521][ T5908] ums-onetouch 3-1:0.0: USB Mass Storage device detected [ 265.436492][T11221] loop1: detected capacity change from 0 to 32768 [ 265.445985][ T5832] Bluetooth: hci4: command tx timeout [ 265.542774][T11221] [ 265.542774][T11221] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 265.542774][T11221] [ 265.593948][ T5908] usb 3-1: USB disconnect, device number 16 [ 265.635069][T11221] ERROR: (device loop1): dbReAlloc: the block is outside the filesystem [ 265.635069][T11221] [ 265.666690][T11221] ERROR: (device loop1): remounting filesystem as read-only [ 265.770174][T11234] loop6: detected capacity change from 0 to 32768 [ 265.992149][T11244] loop1: detected capacity change from 0 to 512 [ 266.016756][ T130] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 266.026378][T11244] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 266.103572][T11244] EXT4-fs (loop1): 1 truncate cleaned up [ 266.144597][ T130] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 266.177936][T11244] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 266.208092][ T130] bond0 (unregistering): Released all slaves [ 266.275149][T11246] loop5: detected capacity change from 0 to 4096 [ 266.310003][T11181] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.366875][T11251] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 266.392700][T11181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.478076][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.484347][T11193] : entered promiscuous mode [ 266.549140][ T5931] usb 4-1: USB disconnect, device number 11 [ 266.609786][ T130] IPVS: stopping master sync thread 8470 ... [ 266.715439][ T31] audit: type=1326 audit(1773790631.704:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11254 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 266.820193][ T31] audit: type=1326 audit(1773790631.704:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11254 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 266.879458][ T31] audit: type=1326 audit(1773790631.714:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11254 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 267.016305][ T31] audit: type=1326 audit(1773790631.714:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11254 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 267.079889][T11181] team0: Port device team_slave_0 added [ 267.095427][ T31] audit: type=1326 audit(1773790631.714:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11254 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 267.105979][T11267] loop1: detected capacity change from 0 to 1024 [ 267.133386][T11181] team0: Port device team_slave_1 added [ 267.165135][T11267] EXT4-fs: Ignoring removed bh option [ 267.236414][ T31] audit: type=1326 audit(1773790631.714:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11254 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 267.360660][ T31] audit: type=1326 audit(1773790631.714:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11254 comm="syz.1.2115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f378079c799 code=0x7ffc0000 [ 267.370156][T11267] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.470694][T11181] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.502522][T11286] loop6: detected capacity change from 0 to 256 [ 267.515712][T11181] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 267.546327][ T5832] Bluetooth: hci4: command tx timeout [ 267.622705][T11286] FAT-fs (loop6): Directory bread(block 64) failed [ 267.675408][T11286] FAT-fs (loop6): Directory bread(block 65) failed [ 267.682074][T11286] FAT-fs (loop6): Directory bread(block 66) failed [ 267.720878][T11181] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.777011][T11181] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.793342][T11181] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 267.815165][T11286] FAT-fs (loop6): Directory bread(block 67) failed [ 267.862053][T11286] FAT-fs (loop6): Directory bread(block 68) failed [ 267.872217][T11181] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.886714][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.889885][T11286] FAT-fs (loop6): Directory bread(block 69) failed [ 267.958442][T11286] FAT-fs (loop6): Directory bread(block 70) failed [ 267.984513][T11286] FAT-fs (loop6): Directory bread(block 71) failed [ 268.058851][T11286] FAT-fs (loop6): Directory bread(block 72) failed [ 268.089139][T11286] FAT-fs (loop6): Directory bread(block 73) failed [ 268.456042][ T130] hsr_slave_0: left promiscuous mode [ 268.510742][ T130] hsr_slave_1: left promiscuous mode [ 268.541692][ T130] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 268.555551][ T130] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 268.587546][ T130] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 268.603321][ T130] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 268.766245][ T130] veth1_macvtap: left promiscuous mode [ 268.780009][ T130] veth0_macvtap: left promiscuous mode [ 268.811336][ T130] veth1_vlan: left promiscuous mode [ 268.831760][ T130] veth0_vlan: left promiscuous mode [ 269.615394][ T5832] Bluetooth: hci4: command tx timeout [ 269.697793][T11317] loop5: detected capacity change from 0 to 40427 [ 269.734875][T11317] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 269.752005][T11317] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 269.761626][ T130] team_slave_1 (unregistering): left promiscuous mode [ 269.766627][T11317] F2FS-fs (loop5): invalid crc value [ 269.805865][ T130] team_slave_1 (unregistering): left allmulticast mode [ 269.835974][ T130] team0 (unregistering): Port device team_slave_1 removed [ 269.899253][ T130] team_slave_0 (unregistering): left promiscuous mode [ 269.910022][T11317] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 269.933026][ T130] team_slave_0 (unregistering): left allmulticast mode [ 269.941492][T11317] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 269.960456][T11317] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 269.972066][ T130] team0 (unregistering): Port device team_slave_0 removed [ 270.027933][T11317] syz.5.2137: attempt to access beyond end of device [ 270.027933][T11317] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 270.054257][T11366] xt_hashlimit: size too large, truncated to 1048576 [ 270.218111][ T5817] syz-executor: attempt to access beyond end of device [ 270.218111][ T5817] loop5: rw=8390659, sector=45096, nr_sectors = 8 limit=40427 [ 270.233242][ T5817] F2FS-fs (loop5): Issue discard(5637, 5637, 1) failed, ret: -5 [ 270.344834][T11181] hsr_slave_0: entered promiscuous mode [ 270.352026][T11181] hsr_slave_1: entered promiscuous mode [ 270.359100][T11181] debugfs: 'hsr0' already exists in 'hsr' [ 270.364964][T11181] Cannot create hsr debugfs directory [ 271.460001][T11181] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 271.522797][T11181] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 271.590557][T11181] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 271.685888][ T5832] Bluetooth: hci4: command tx timeout [ 271.711826][T11181] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 271.736440][ T130] IPVS: stop unused estimator thread 0... [ 271.880310][T11375] loop6: detected capacity change from 0 to 32768 [ 271.963054][T11375] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 272.199276][T11375] XFS (loop6): Ending clean mount [ 272.297099][T11375] XFS (loop6): Quotacheck needed: Please wait. [ 272.340580][T11181] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.386252][T11375] XFS (loop6): Quotacheck: Done. [ 272.441508][T11181] 8021q: adding VLAN 0 to HW filter on device team0 [ 272.490584][ T130] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.497764][ T130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.527898][ T5895] kernel write not supported for file /sequencer (pid: 5895 comm: kworker/1:6) [ 272.547271][ T130] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.554411][ T130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.576840][ T6948] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 272.829969][T11445] loop3: detected capacity change from 0 to 1764 [ 273.367059][T11437] loop1: detected capacity change from 0 to 32768 [ 273.458606][T11437] JBD2: Ignoring recovery information on journal [ 273.513774][T11181] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 273.567420][T11437] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 273.724631][T11439] loop5: detected capacity change from 0 to 32768 [ 273.897315][T11439] XFS (loop5): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 274.001363][T11474] loop3: detected capacity change from 0 to 4096 [ 274.018183][T11437] syz.1.2178 (11437) used greatest stack depth: 18080 bytes left [ 274.123060][T11487] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 274.163147][T11439] XFS (loop5): Ending clean mount [ 274.172268][T11489] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 274.281211][ T5818] ocfs2: Unmounting device (7,1) on (node local) [ 274.416412][ T5817] XFS (loop5): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 274.475171][T11495] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2191'. [ 274.791260][T11501] loop3: detected capacity change from 0 to 1024 [ 275.055562][T11181] veth0_vlan: entered promiscuous mode [ 275.107105][T11181] veth1_vlan: entered promiscuous mode [ 275.250832][T11181] veth0_macvtap: entered promiscuous mode [ 275.336736][T11181] veth1_macvtap: entered promiscuous mode [ 275.413915][T11181] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 275.484366][T11181] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 275.555462][ T5887] usb 4-1: new full-speed USB device number 12 using dummy_hcd [ 275.579209][ T59] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.596158][ T59] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.642728][ T49] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.649625][T11526] loop5: detected capacity change from 0 to 256 [ 275.708964][T11526] exfat: Deprecated parameter 'utf8' [ 275.709619][ T1106] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.745364][T11526] exfat: Deprecated parameter 'namecase' [ 275.776892][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 275.795626][T11526] exfat: Deprecated parameter 'namecase' [ 275.802286][ T5887] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 275.811237][T11526] exfat: Deprecated parameter 'utf8' [ 275.842359][T11526] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0x399ee92f, utbl_chksum : 0xe619d30d) [ 275.887551][ T5887] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 275.902946][T11526] exFAT-fs (loop5): failed to test first cluster bit of root dir(5) [ 275.926557][T11535] syz.1.2203 uses old SIOCAX25GETINFO [ 275.936189][ T5887] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.989364][ T5887] usb 4-1: config 0 descriptor?? [ 275.999660][T11539] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 276.027210][ T5887] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 276.065727][ T5887] dvb-usb: bulk message failed: -22 (3/0) [ 276.068032][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 276.075436][T11540] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2205'. [ 276.116347][ T5887] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 276.134715][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.167746][ T5887] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 276.187579][ T5887] usb 4-1: media controller created [ 276.201060][ T5887] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 276.247867][T11514] dvb-usb: bulk message failed: -22 (2/0) [ 276.257370][ T5887] dvb-usb: bulk message failed: -22 (6/0) [ 276.281461][ T5887] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 276.321025][ T5887] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input15 [ 276.352716][ T130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 276.403278][ T130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.433143][ T5887] dvb-usb: schedule remote query interval to 150 msecs. [ 276.488130][ T5887] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 276.525657][ T5887] usb 4-1: USB disconnect, device number 12 [ 276.669836][ T5887] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 276.769794][T11560] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2212'. [ 276.919913][T11566] netlink: 100 bytes leftover after parsing attributes in process `syz.7.2076'. [ 277.229269][T11578] netlink: 'syz.7.2218': attribute type 5 has an invalid length. [ 277.303953][T11580] loop6: detected capacity change from 0 to 164 [ 277.521782][T11585] loop5: detected capacity change from 0 to 512 [ 277.684568][T11585] EXT4-fs (loop5): 1 orphan inode deleted [ 277.747433][T11585] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 277.836958][T11585] ext4 filesystem being mounted at /357/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 277.867646][T11598] loop6: detected capacity change from 0 to 256 [ 277.881652][T11600] dummy0: entered promiscuous mode [ 277.914109][T11585] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x0000601b, b_size=4096, device loop5 blocksize: 4096 [ 277.941107][T11600] dummy0: left promiscuous mode [ 277.949627][T11598] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 277.972816][T11585] grow_buffers: requested out-of-range block 144115188075855872 for device loop5 [ 277.993926][T11585] EXT4-fs warning (device loop5): ext4_resize_fs:2018: can't read last block, resize aborted [ 278.251377][ T5817] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.419774][T11618] loop3: detected capacity change from 0 to 164 [ 278.440279][T11620] loop7: detected capacity change from 0 to 256 [ 278.451816][T11622] netlink: 'syz.5.2233': attribute type 2 has an invalid length. [ 278.521433][T11620] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 278.731091][T11630] geneve2: entered promiscuous mode [ 278.755451][T11630] geneve2: entered allmulticast mode [ 278.858594][T11634] loop6: detected capacity change from 0 to 512 [ 279.433827][T11643] loop3: detected capacity change from 0 to 8192 [ 279.483227][T11643] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 279.535417][T11643] UDF-fs: Scanning with blocksize 512 failed [ 279.545122][T11660] loop7: detected capacity change from 0 to 128 [ 279.597513][T11643] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 279.604967][T11643] UDF-fs: Scanning with blocksize 1024 failed [ 279.620448][T11660] EXT4-fs (loop7): Test dummy encryption mode enabled [ 279.653314][T11643] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 279.696235][T11643] UDF-fs: Scanning with blocksize 2048 failed [ 279.723326][T11643] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 279.775761][T11660] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 279.804954][T11660] ext4 filesystem being mounted at /8/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 279.858331][ T31] audit: type=1800 audit(1773790644.844:141): pid=11643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2245" name="bus" dev="loop3" ino=824 res=0 errno=0 [ 279.903651][T11666] loop6: detected capacity change from 0 to 512 [ 279.922344][T11660] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2" [ 279.950582][T11666] EXT4-fs (loop6): 1 truncate cleaned up [ 279.961914][T11666] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.274675][T11636] loop5: detected capacity change from 0 to 40427 [ 280.336770][T11636] F2FS-fs (loop5): build fault injection rate: 174 [ 280.342278][T11181] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 280.343402][T11636] F2FS-fs (loop5): build fault injection type: 0x3bfe8c [ 280.397046][ T6948] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.424084][T11636] F2FS-fs (loop5): invalid crc value [ 280.923396][T11636] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 280.977496][T11636] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 281.166801][T11708] hfsplus: b-tree write err: -5, ino 2 [ 281.197998][T11710] ipvlan2: entered promiscuous mode [ 281.262398][ T5817] syz-executor: attempt to access beyond end of device [ 281.262398][ T5817] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 281.316864][ T59] hfsplus: b-tree write err: -5, ino 25 [ 281.319029][ T5817] CPU: 0 UID: 0 PID: 5817 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 281.319064][ T5817] Tainted: [L]=SOFTLOCKUP [ 281.319073][ T5817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 281.319089][ T5817] Call Trace: [ 281.319099][ T5817] [ 281.319109][ T5817] dump_stack_lvl+0xe8/0x150 [ 281.319150][ T5817] f2fs_handle_critical_error+0x37c/0x540 [ 281.319193][ T5817] f2fs_write_end_io+0xcdb/0xff0 [ 281.319230][ T5817] ? __submit_merged_bio+0x256/0x700 [ 281.319282][ T5817] __submit_merged_bio+0x256/0x700 [ 281.319323][ T5817] __submit_merged_write_cond+0x3c9/0x4e0 [ 281.319367][ T5817] ? __pfx___submit_merged_write_cond+0x10/0x10 [ 281.319415][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.319456][ T5817] f2fs_write_data_pages+0x2975/0x35e0 [ 281.319536][ T5817] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 281.319589][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.319618][ T5817] ? css_rstat_updated+0x23a/0x530 [ 281.319676][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.319706][ T5817] ? rcu_is_watching+0x15/0xb0 [ 281.319743][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.319772][ T5817] ? mod_memcg_lruvec_state+0x1a7/0x360 [ 281.319814][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.319843][ T5817] ? __lock_acquire+0x6b5/0x2cf0 [ 281.319888][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.319922][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.319958][ T5817] ? __lock_acquire+0x6b5/0x2cf0 [ 281.320000][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320029][ T5817] ? do_raw_spin_lock+0x12b/0x2f0 [ 281.320062][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320097][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320126][ T5817] ? do_raw_spin_unlock+0xf5/0x210 [ 281.320153][ T5817] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 281.320192][ T5817] do_writepages+0x32e/0x550 [ 281.320232][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320264][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320298][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320327][ T5817] ? do_raw_spin_unlock+0xf5/0x210 [ 281.320360][ T5817] filemap_fdatawrite+0x1e9/0x2f0 [ 281.320404][ T5817] ? __pfx_filemap_fdatawrite+0x10/0x10 [ 281.320486][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320518][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320553][ T5817] ? do_raw_spin_unlock+0xf5/0x210 [ 281.320586][ T5817] f2fs_sync_dirty_inodes+0x30e/0x860 [ 281.320643][ T5817] f2fs_write_checkpoint+0x9df/0x26a0 [ 281.320722][ T5817] ? __pfx_f2fs_write_checkpoint+0x10/0x10 [ 281.320759][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320852][ T5817] kill_f2fs_super+0x314/0x720 [ 281.320898][ T5817] ? __pfx_kill_f2fs_super+0x10/0x10 [ 281.320956][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.320985][ T5817] ? lockdep_hardirqs_on+0x7a/0x110 [ 281.321013][ T5817] ? srso_alias_return_thunk+0x5/0xfbef5 [ 281.321059][ T5817] deactivate_locked_super+0xbc/0x130 [ 281.321102][ T5817] cleanup_mnt+0x437/0x4d0 [ 281.321131][ T5817] ? _raw_spin_unlock_irq+0x23/0x50 [ 281.321161][ T5817] task_work_run+0x1d9/0x270 [ 281.321193][ T5817] ? __pfx_task_work_run+0x10/0x10 [ 281.321234][ T5817] exit_to_user_mode_loop+0xed/0x480 [ 281.321264][ T5817] ? rcu_is_watching+0x15/0xb0 [ 281.321305][ T5817] do_syscall_64+0x32d/0xf80 [ 281.321332][ T5817] ? trace_irq_disable+0x3b/0x150 [ 281.321370][ T5817] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.321402][ T5817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.321428][ T5817] RIP: 0033:0x7fdceed9d9d7 [ 281.321452][ T5817] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 281.321472][ T5817] RSP: 002b:00007fff0f42b558 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 281.321498][ T5817] RAX: 0000000000000000 RBX: 00007fdceee32050 RCX: 00007fdceed9d9d7 [ 281.321515][ T5817] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff0f42b610 [ 281.321530][ T5817] RBP: 00007fff0f42b610 R08: 00007fff0f42c610 R09: 00000000ffffffff [ 281.321548][ T5817] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff0f42c6a0 [ 281.321564][ T5817] R13: 00007fdceee32050 R14: 0000000000044a25 R15: 00007fff0f42c6e0 [ 281.321603][ T5817] [ 281.328886][ T5817] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 281.378605][ T59] hfsplus: b-tree write err: -5, ino 4 [ 281.664168][T11720] xt_hashlimit: size too large, truncated to 1048576 [ 281.754401][T11722] netlink: 'syz.3.2281': attribute type 10 has an invalid length. [ 281.787660][T11722] netlink: 152 bytes leftover after parsing attributes in process `syz.3.2281'. [ 281.884332][ T59] hfsplus: b-tree write err: -5, ino 2 [ 281.890390][ T59] hfsplus: b-tree write err: -5, ino 26 [ 282.126127][T11730] [U] ^C [ 282.251402][T11737] netlink: 'syz.3.2286': attribute type 24 has an invalid length. [ 282.299560][T11737] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2286'. [ 282.319419][T11737] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 282.375182][T11739] netlink: 'syz.2.2287': attribute type 4 has an invalid length. [ 282.419680][T11739] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2287'. [ 282.550992][T11745] set_capacity_and_notify: 1 callbacks suppressed [ 282.551012][T11745] loop3: detected capacity change from 0 to 128 [ 282.851652][T11757] hugetlbfs: Bad value 'm' for mount option 'nr_inodes' [ 282.851652][T11757] [ 283.052129][T11765] loop7: detected capacity change from 0 to 1024 [ 283.096430][T11765] EXT4-fs: Ignoring removed nobh option [ 283.169803][T11765] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 283.275191][T11774] loop1: detected capacity change from 0 to 4096 [ 283.283359][T11776] loop3: detected capacity change from 0 to 256 [ 283.305379][T11774] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 283.639992][T11181] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.812810][T11784] loop5: detected capacity change from 0 to 4096 [ 283.886012][T11792] kernel profiling enabled (shift: 25) [ 283.989763][T11796] loop3: detected capacity change from 0 to 64 [ 284.007227][T11784] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 284.101068][T11784] ntfs3(loop5): Failed to load $Extend (-22). [ 284.165055][T11784] ntfs3(loop5): Failed to initialize $Extend. [ 284.342531][T11803] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2313'. [ 284.387495][T11803] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2313'. [ 284.561680][T11811] loop1: detected capacity change from 0 to 1024 [ 284.734012][T11811] hfsplus: found bad thread record in catalog [ 284.768619][T11815] loop7: detected capacity change from 0 to 1024 [ 284.781025][T11811] hfsplus: found bad thread record in catalog [ 284.853179][T11815] hfsplus: b-tree write err: -5, ino 2 [ 284.979436][ T13] hfsplus: found bad thread record in catalog [ 285.092449][ T12] hfsplus: b-tree write err: -5, ino 25 [ 285.117039][ T12] hfsplus: b-tree write err: -5, ino 4 [ 285.148069][ T12] hfsplus: b-tree write err: -5, ino 2 [ 285.723734][T11842] loop3: detected capacity change from 0 to 2048 [ 285.802412][T11847] IPv6: addrconf: prefix option has invalid lifetime [ 285.838917][T11848] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 285.856346][T11847] IPv6: addrconf: prefix option has invalid lifetime [ 286.185408][ T29] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 286.228923][T11860] loop6: detected capacity change from 0 to 128 [ 286.288902][T11858] hfsplus: bad catalog entry type [ 286.306713][T11860] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 286.379203][ T29] usb 3-1: Using ep0 maxpacket: 16 [ 286.404769][ T80] hfsplus: b-tree write err: -5, ino 25 [ 286.426793][ T29] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 286.443522][ T80] hfsplus: b-tree write err: -5, ino 4 [ 286.474050][ T29] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 286.478390][ T80] hfsplus: b-tree write err: -5, ino 2 [ 286.534810][ T29] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 286.565385][ T29] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 286.575236][T11860] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 286.608929][ T29] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 286.677041][ T29] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 286.698459][ T29] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 286.730465][ T29] usb 3-1: Manufacturer: syz [ 286.756001][ T29] usb 3-1: config 0 descriptor?? [ 287.032668][ T13] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 287.157166][ T29] rc_core: IR keymap rc-hauppauge not found [ 287.183538][ T29] Registered IR keymap rc-empty [ 287.214778][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.231353][T11878] ntfs3(loop1): ino=1, mi_enum_attr [ 287.245493][T11878] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 287.258704][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.289807][T11878] ntfs3(loop1): mft corrupted [ 287.296592][ T29] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 287.319792][T11878] ntfs3(loop1): Failed to load $MFT. [ 287.343190][ T29] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input16 [ 287.447374][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.495547][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.546938][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.588215][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.656803][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.708023][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.766182][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.772884][T11866] set_capacity_and_notify: 3 callbacks suppressed [ 287.772902][T11866] loop3: detected capacity change from 0 to 32768 [ 287.821754][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.880450][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.928816][ T29] mceusb 3-1:0.0: Error: mce write submit urb error = -90 [ 287.998205][ T29] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 288.037912][ T29] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 288.117668][ T29] usb 3-1: USB disconnect, device number 17 [ 288.251680][T11905] loop5: detected capacity change from 0 to 4096 [ 289.115613][T11941] loop7: detected capacity change from 0 to 256 [ 289.125246][T11943] loop6: detected capacity change from 0 to 512 [ 289.210448][T11943] EXT4-fs: Ignoring removed nobh option [ 289.244745][T11948] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2376'. [ 289.627504][T11943] EXT4-fs error (device loop6): ext4_do_update_inode:5569: inode #16: comm syz.6.2371: corrupted inode contents [ 289.725321][T11943] loop6: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 289.735309][ C1] EXT4-fs (loop6): error count since last fsck: 1 [ 289.750908][ C1] EXT4-fs (loop6): initial error at time 1773790654: ext4_do_update_inode:5569: inode 16 [ 289.760803][ C1] EXT4-fs (loop6): last error at time 1773790654: ext4_do_update_inode:5569: inode 16 [ 289.778244][T11943] EXT4-fs (loop6): Remounting filesystem read-only [ 289.863400][T11943] EXT4-fs (loop6): 1 truncate cleaned up [ 289.895138][ T59] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 289.909370][T11943] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.933744][ T59] Quota error (device loop6): write_blk: dquota write failed [ 289.995143][ T59] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries [ 290.021959][T11943] ext4 filesystem being mounted at /303/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 290.032666][ T59] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 290.048470][T11980] loop5: detected capacity change from 0 to 512 [ 290.075230][ T59] Quota error (device loop6): write_blk: dquota write failed [ 290.122649][ T59] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list [ 290.155632][T11983] sch_tbf: burst 274 is lower than device lo mtu (65550) ! [ 290.168896][ T59] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started [ 290.171143][T11980] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.2390: Invalid inode bitmap blk 4 in block_group 0 [ 290.186987][ T5908] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 290.201822][T11980] loop5: lost filesystem error report for type 5 error -117 [ 290.205312][ C0] EXT4-fs (loop5): error count since last fsck: 1 [ 290.219161][ C0] EXT4-fs (loop5): initial error at time 1773790655: ext4_read_inode_bitmap:139 [ 290.228262][ C0] EXT4-fs (loop5): last error at time 1773790655: ext4_read_inode_bitmap:139 [ 290.264076][T11980] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 290.307699][ T59] Quota error (device loop6): v2_write_file_info: Can't write info structure [ 290.308830][ T59] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 290.480274][ T5908] usb 8-1: Using ep0 maxpacket: 16 [ 290.507394][ T5817] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.512158][ T5908] usb 8-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 290.542249][T11993] loop1: detected capacity change from 0 to 2048 [ 290.550805][ T5908] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 290.559328][ T5908] usb 8-1: Product: syz [ 290.566287][ T6948] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.598884][ T5908] usb 8-1: Manufacturer: syz [ 290.603553][ T5908] usb 8-1: SerialNumber: syz [ 290.638129][ T5908] usb 8-1: config 0 descriptor?? [ 290.651851][ T5908] visor 8-1:0.0: Sony Clie 3.5 converter detected [ 290.657194][T11993] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.800246][T11993] ext4 filesystem being mounted at /389/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 291.080623][ T5908] usb 8-1: Sony Clie 3.5 converter now attached to ttyUSB0 [ 291.132320][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.388957][ T5908] usb 8-1: USB disconnect, device number 2 [ 291.487565][T12020] loop1: detected capacity change from 0 to 512 [ 291.498295][ T5908] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0 [ 291.547075][T12020] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.2401: invalid block [ 291.553511][ T5908] visor 8-1:0.0: device disconnected [ 291.575041][T12020] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 291.585301][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 291.600985][ C0] EXT4-fs (loop1): initial error at time 1773790656: ext4_get_branch:178: inode 11: block 4294967295 [ 291.611924][ C0] EXT4-fs (loop1): last error at time 1773790656: ext4_get_branch:178: inode 11: block 4294967295 [ 291.639797][T12020] EXT4-fs (loop1): Remounting filesystem read-only [ 291.676826][T12020] EXT4-fs (loop1): 2 truncates cleaned up [ 291.716976][T12020] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 291.948162][ T5818] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.120826][T12002] loop3: detected capacity change from 0 to 32768 [ 292.150876][T12040] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2410'. [ 292.235611][T12040] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2410'. [ 292.939625][T12070] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2420'. [ 292.980839][T12070] Unknown options in mask b7f2 [ 293.087966][T12074] loop3: detected capacity change from 0 to 64 [ 293.431017][T12089] loop1: detected capacity change from 0 to 64 [ 293.475431][ T5824] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 293.495452][ T5931] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 293.523463][T12089] Trying to free block not in datazone [ 293.629010][T12095] loop5: detected capacity change from 0 to 1024 [ 293.640244][ T5824] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 293.680958][ T5824] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 293.703127][ T5931] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 293.713935][ T5824] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 293.751895][ T5824] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 293.755161][ T5931] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 293.775691][T12095] hfsplus: bad catalog entry type [ 293.792963][ T5824] usb 3-1: SerialNumber: syz [ 293.828298][ T5931] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 293.886246][ T59] hfsplus: b-tree write err: -5, ino 25 [ 293.891939][ T59] hfsplus: b-tree write err: -5, ino 4 [ 293.908273][ T5931] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 293.929050][ T59] hfsplus: b-tree write err: -5, ino 2 [ 293.934803][ T5931] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.934813][T12102] loop1: detected capacity change from 0 to 256 [ 293.944973][T12102] exfat: Deprecated parameter 'utf8' [ 293.995574][T12102] exfat: Deprecated parameter 'namecase' [ 294.046350][ T5931] usb 8-1: config 0 descriptor?? [ 294.049874][T12102] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 294.084992][ T5931] hub 8-1:0.0: USB hub found [ 294.161924][ T5824] usb 3-1: 0:2 : does not exist [ 294.196167][ T5824] usb 3-1: unit 255 not found! [ 294.291038][ T5931] hub 8-1:0.0: 9 ports detected [ 294.315503][ T5931] hub 8-1:0.0: insufficient power available to use all downstream ports [ 294.467476][ T5824] usb 3-1: USB disconnect, device number 18 [ 294.483801][T12112] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 294.561663][T12112] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 294.613301][T12085] udevd[12085]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 294.715811][ T5931] usb 8-1: USB disconnect, device number 3 [ 295.305038][T12134] loop5: detected capacity change from 0 to 4096 [ 295.401545][T12134] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 295.525821][T12134] ntfs3(loop5): ino=19, mi_enum_attr [ 295.559848][T12134] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 295.611295][T12134] ntfs3(loop5): Failed to initialize $Extend/$Reparse. [ 295.819435][T12162] loop3: detected capacity change from 0 to 4096 [ 295.886631][T12162] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 295.972021][T12162] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.144773][T12175] netlink: 'syz.5.2459': attribute type 1 has an invalid length. [ 296.359116][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.426556][T12174] loop7: detected capacity change from 0 to 8192 [ 296.518762][ T31] audit: type=1800 audit(1773790661.514:142): pid=12174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2460" name="file1" dev="loop7" ino=1048883 res=0 errno=0 [ 296.811446][T12186] loop3: detected capacity change from 0 to 512 [ 296.912942][T12186] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.2461: iget: bad i_size value: 38620345925642 [ 296.985390][ T6008] usb 7-1: new full-speed USB device number 7 using dummy_hcd [ 296.995341][T12186] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 297.005311][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 297.020906][ C1] EXT4-fs (loop3): initial error at time 1773790661: ext4_orphan_get:1391: inode 15 [ 297.030354][ C1] EXT4-fs (loop3): last error at time 1773790661: ext4_orphan_get:1391: inode 15 [ 297.040401][T12186] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.2461: couldn't read orphan inode 15 (err -117) [ 297.086911][T12186] loop3: lost filesystem error report for type 5 error -117 [ 297.100269][T12186] EXT4-fs (loop3): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.168440][ T6008] usb 7-1: config 220 has an invalid interface number: 76 but max is 2 [ 297.189169][T12186] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.2461: bg 0: block 5: invalid block bitmap [ 297.215443][ T6008] usb 7-1: config 220 has an invalid descriptor of length 168, skipping remainder of the config [ 297.255814][ T6008] usb 7-1: config 220 has no interface number 2 [ 297.275753][ T6008] usb 7-1: config 220 interface 1 altsetting 5 endpoint 0x5 has invalid maxpacket 64947, setting to 64 [ 297.307113][T12186] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 297.335121][ T6008] usb 7-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12 [ 297.355785][T12186] EXT4-fs (loop3): This should not happen!! Data will be lost [ 297.355785][T12186] [ 297.385362][ T6008] usb 7-1: config 220 interface 0 has no altsetting 0 [ 297.405903][T12186] EXT4-fs (loop3): Total free blocks count 0 [ 297.412065][ T6008] usb 7-1: config 220 interface 76 has no altsetting 0 [ 297.419055][T12186] EXT4-fs (loop3): Free/Dirty block details [ 297.419130][T12186] EXT4-fs (loop3): free_blocks=0 [ 297.419164][T12186] EXT4-fs (loop3): dirty_blocks=2 [ 297.419181][T12186] EXT4-fs (loop3): Block reservation details [ 297.419196][T12186] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 297.493106][ T6008] usb 7-1: config 220 interface 1 has no altsetting 0 [ 297.512475][ T6008] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 297.535384][ T6008] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.569145][ T6008] usb 7-1: Product: syz [ 297.571161][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-00a1-0000-000000000000. [ 297.573319][ T6008] usb 7-1: Manufacturer: syz [ 297.585414][T12183] loop1: detected capacity change from 0 to 32768 [ 297.665431][ T6008] usb 7-1: SerialNumber: syz [ 297.676402][T12183] ERROR: (device loop1): dbAllocNext: Corrupt dmap page [ 297.676402][T12183] [ 297.711442][T12181] loop5: detected capacity change from 0 to 32768 [ 297.723198][T12183] ERROR: (device loop1): remounting filesystem as read-only [ 297.749666][T12183] ialloc: diAlloc returned -5! [ 297.821785][T12181] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 297.976086][ T6008] usb 7-1: selecting invalid altsetting 0 [ 298.016094][T12181] XFS (loop5): Ending clean mount [ 298.027804][ T6008] uvcvideo 7-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 298.081700][T12181] XFS (loop5): Quotacheck needed: Please wait. [ 298.083824][ T6008] uvcvideo 7-1:220.0: No valid video chain found. [ 298.117691][T12203] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 298.188067][T12181] XFS (loop5): Quotacheck: Done. [ 298.194039][ T6008] usb 7-1: selecting invalid altsetting 0 [ 298.222940][ T6008] usbtest 7-1:220.1: probe with driver usbtest failed with error -22 [ 298.247294][ T6008] usb 7-1: USB disconnect, device number 7 [ 298.277268][ T5931] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 298.385967][T12211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2472'. [ 298.405192][T12211] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2472'. [ 298.433534][ T5817] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 298.486452][ T5931] usb 3-1: Using ep0 maxpacket: 16 [ 298.517281][ T5931] usb 3-1: config 0 has an invalid interface number: 2 but max is 0 [ 298.527756][ T5931] usb 3-1: config 0 has no interface number 0 [ 298.534971][ T5931] usb 3-1: config 0 interface 2 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 298.564178][ T5931] usb 3-1: config 0 interface 2 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 298.576536][ T5931] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 298.602893][ T5931] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 298.686951][ T5931] usb 3-1: config 0 descriptor?? [ 298.854562][T12221] set_capacity_and_notify: 1 callbacks suppressed [ 298.854583][T12221] loop3: detected capacity change from 0 to 512 [ 298.909725][T12221] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 298.972216][T12221] EXT4-fs (loop3): 1 truncate cleaned up [ 298.993096][T12221] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.995447][ T975] kernel write not supported for file /amidi2 (pid: 975 comm: kworker/0:2) [ 299.071688][T12227] binder: 12226:12227 ioctl 4018620d 0 returned -22 [ 299.090571][ T31] audit: type=1800 audit(1773790664.084:143): pid=12221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2478" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 299.123399][ T5931] mcp2221 0003:04D8:00DD.0014: unknown main item tag 0x2 [ 299.148196][ T5931] mcp2221 0003:04D8:00DD.0014: item fetching failed at offset 4/5 [ 299.179381][ T5931] mcp2221 0003:04D8:00DD.0014: can't parse reports [ 299.215727][ T5931] mcp2221 0003:04D8:00DD.0014: probe with driver mcp2221 failed with error -22 [ 299.300494][ T5820] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.367423][ T5931] usb 3-1: USB disconnect, device number 19 [ 299.629558][T12213] loop7: detected capacity change from 0 to 32768 [ 299.743782][T12213] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 300.017005][T12213] XFS (loop7): Ending clean mount [ 300.091834][T12213] XFS (loop7): Quotacheck needed: Please wait. [ 300.251020][T12213] XFS (loop7): Quotacheck: Done. [ 300.360587][T12272] loop5: detected capacity change from 0 to 1024 [ 300.395612][T12272] EXT4-fs: inline encryption not supported [ 300.401493][T12272] EXT4-fs: Ignoring removed bh option [ 300.504071][T12278] loop6: detected capacity change from 0 to 2048 [ 300.532952][T12272] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 300.569774][T11181] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 300.579295][T12278] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 300.692200][T12288] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 300.890273][ T5817] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.378876][T12306] loop3: detected capacity change from 0 to 128 [ 301.435450][T12306] EXT4-fs (loop3): Test dummy encryption mode enabled [ 301.448330][T12308] loop5: detected capacity change from 0 to 1024 [ 301.480013][T12306] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 301.533316][T12308] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 301.556100][T12306] ext4 filesystem being mounted at /442/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 301.559491][T12314] loop6: detected capacity change from 0 to 1024 [ 301.665528][T12308] ext4 filesystem being mounted at /404/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 301.680952][T12306] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 301.904755][T12319] loop7: detected capacity change from 0 to 4096 [ 301.908989][ T5820] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 301.922637][ T5817] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 301.959894][T12319] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512). [ 302.130762][T12319] ntfs3(loop7): ino=19, mi_enum_attr [ 302.197863][T12319] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 302.235184][T12319] ntfs3(loop7): Failed to initialize $Extend/$Reparse. [ 302.372834][T12327] mkiss: ax0: crc mode is auto. [ 302.597864][T12331] sp0: Synchronizing with TNC [ 303.196255][T12357] loop5: detected capacity change from 0 to 1024 [ 303.388389][T12357] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.2533'. [ 303.867382][T12377] netlink: 104 bytes leftover after parsing attributes in process `syz.6.2540'. [ 304.063171][T12382] netlink: 'syz.7.2542': attribute type 10 has an invalid length. [ 304.115592][T12385] netlink: 'syz.7.2542': attribute type 10 has an invalid length. [ 304.164896][T12382] team0: Port device dummy0 added [ 304.631531][T12403] netlink: 56 bytes leftover after parsing attributes in process `syz.5.2552'. [ 305.033361][T12415] xt_l2tp: invalid flags combination: 0 [ 305.103108][T12421] loop1: detected capacity change from 0 to 256 [ 305.291719][T12421] FAT-fs (loop1): Directory bread(block 64) failed [ 305.298509][T12421] FAT-fs (loop1): Directory bread(block 65) failed [ 305.305122][T12421] FAT-fs (loop1): Directory bread(block 66) failed [ 305.355657][T12421] FAT-fs (loop1): Directory bread(block 67) failed [ 305.373590][T12421] FAT-fs (loop1): Directory bread(block 68) failed [ 305.395474][T12421] FAT-fs (loop1): Directory bread(block 69) failed [ 305.403862][T12421] FAT-fs (loop1): Directory bread(block 70) failed [ 305.411314][T12421] FAT-fs (loop1): Directory bread(block 71) failed [ 305.418305][T12421] FAT-fs (loop1): Directory bread(block 72) failed [ 305.430414][T12421] FAT-fs (loop1): Directory bread(block 73) failed [ 305.571506][ T5832] Bluetooth: hci2: unexpected event for opcode 0x200f [ 305.603806][T12439] loop7: detected capacity change from 0 to 256 [ 305.715821][T12439] FAT-fs (loop7): Directory bread(block 1285) failed [ 305.753989][T12439] FAT-fs (loop7): Directory bread(block 1286) failed [ 305.783136][T12439] FAT-fs (loop7): Directory bread(block 1287) failed [ 305.801657][T12439] FAT-fs (loop7): Directory bread(block 1288) failed [ 305.858315][T12439] FAT-fs (loop7): Directory bread(block 1285) failed [ 305.923393][T12439] FAT-fs (loop7): Directory bread(block 1286) failed [ 305.995849][T12439] FAT-fs (loop7): Directory bread(block 1287) failed [ 306.002626][T12439] FAT-fs (loop7): Directory bread(block 1288) failed [ 306.036442][T12449] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2573'. [ 306.036497][T12449] netlink: 15 bytes leftover after parsing attributes in process `syz.5.2573'. [ 306.036515][T12449] netlink: 'syz.5.2573': attribute type 6 has an invalid length. [ 306.066434][T12445] FAT-fs (loop7): Directory bread(block 1285) failed [ 306.066498][T12445] FAT-fs (loop7): Directory bread(block 1286) failed [ 306.465687][T12457] netlink: 120 bytes leftover after parsing attributes in process `syz.2.2577'. [ 306.538436][T12457] netlink: 'syz.2.2577': attribute type 1 has an invalid length. [ 306.595692][T12457] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2577'. [ 306.612443][T12468] loop7: detected capacity change from 0 to 128 [ 306.685542][T12468] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256 [ 306.712077][T12470] loop5: detected capacity change from 0 to 512 [ 306.728974][T12468] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 306.761817][T12444] loop3: detected capacity change from 0 to 32768 [ 306.797460][T12470] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 306.810809][T12470] ext4 filesystem being mounted at /417/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 306.943573][T12444] JBD2: Ignoring recovery information on journal [ 307.145956][T12444] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 307.150883][ T5817] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.246381][T12444] [ 307.248731][T12444] ====================================================== [ 307.255739][T12444] WARNING: possible circular locking dependency detected [ 307.262763][T12444] syzkaller #0 Tainted: G L [ 307.268729][T12444] ------------------------------------------------------ [ 307.275739][T12444] syz.3.2570/12444 is trying to acquire lock: [ 307.281795][T12444] ffff888058ffc2c0 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x16a/0x4940 [ 307.295217][T12444] [ 307.295217][T12444] but task is already holding lock: [ 307.302564][T12444] ffff888058e8bff8 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x475/0x13e0 [ 307.312072][T12444] [ 307.312072][T12444] which lock already depends on the new lock. [ 307.312072][T12444] [ 307.322455][T12444] [ 307.322455][T12444] the existing dependency chain (in reverse order) is: [ 307.331447][T12444] [ 307.331447][T12444] -> #4 (&oi->ip_xattr_sem){++++}-{4:4}: [ 307.339261][T12444] down_read+0x47/0x2e0 [ 307.343931][T12444] ocfs2_init_acl+0x2fd/0x7e0 [ 307.349122][T12444] ocfs2_mknod+0x1679/0x2290 [ 307.354225][T12444] ocfs2_mkdir+0x181/0x490 [ 307.359149][T12444] vfs_mkdir+0x413/0x630 [ 307.363903][T12444] filename_mkdirat+0x285/0x510 [ 307.369262][T12444] __se_sys_mkdirat+0x35/0x150 [ 307.374534][T12444] do_syscall_64+0x14d/0xf80 [ 307.379633][T12444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.386044][T12444] [ 307.386044][T12444] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}: [ 307.394555][T12444] down_read+0x47/0x2e0 [ 307.399223][T12444] ocfs2_start_trans+0x3ab/0x700 [ 307.404678][T12444] ocfs2_shutdown_local_alloc+0x1f5/0xa40 [ 307.410904][T12444] ocfs2_dismount_volume+0x1ec/0x900 [ 307.416695][T12444] generic_shutdown_super+0x13d/0x2d0 [ 307.422586][T12444] kill_block_super+0x44/0x90 [ 307.427777][T12444] deactivate_locked_super+0xbc/0x130 [ 307.433668][T12444] cleanup_mnt+0x437/0x4d0 [ 307.438590][T12444] task_work_run+0x1d9/0x270 [ 307.443687][T12444] exit_to_user_mode_loop+0xed/0x480 [ 307.449481][T12444] do_syscall_64+0x32d/0xf80 [ 307.454580][T12444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.460979][T12444] [ 307.460979][T12444] -> #2 (sb_internal#5){.+.+}-{0:0}: [ 307.468456][T12444] ocfs2_start_trans+0x2ac/0x700 [ 307.473911][T12444] ocfs2_mknod+0x1181/0x2290 [ 307.479009][T12444] ocfs2_create+0x195/0x490 [ 307.484023][T12444] path_openat+0x1395/0x3860 [ 307.489211][T12444] do_file_open+0x23e/0x4a0 [ 307.494225][T12444] do_sys_openat2+0x113/0x200 [ 307.499425][T12444] __x64_sys_open+0x11e/0x150 [ 307.504618][T12444] do_syscall_64+0x14d/0xf80 [ 307.509715][T12444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.516121][T12444] [ 307.516121][T12444] -> #1 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}: [ 307.526719][T12444] down_write+0x96/0x200 [ 307.531498][T12444] ocfs2_reserve_local_alloc_bits+0x11f/0x26f0 [ 307.538162][T12444] ocfs2_reserve_clusters_with_limit+0x1b9/0xc20 [ 307.545001][T12444] ocfs2_mknod+0x111f/0x2290 [ 307.550105][T12444] ocfs2_create+0x195/0x490 [ 307.555115][T12444] path_openat+0x1395/0x3860 [ 307.560214][T12444] do_file_open+0x23e/0x4a0 [ 307.565225][T12444] do_sys_openat2+0x113/0x200 [ 307.570422][T12444] __x64_sys_open+0x11e/0x150 [ 307.575615][T12444] do_syscall_64+0x14d/0xf80 [ 307.580713][T12444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.587117][T12444] [ 307.587117][T12444] -> #0 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}: [ 307.597815][T12444] __lock_acquire+0x15a5/0x2cf0 [ 307.603181][T12444] lock_acquire+0xf0/0x2e0 [ 307.608108][T12444] down_write+0x96/0x200 [ 307.612862][T12444] ocfs2_reserve_suballoc_bits+0x16a/0x4940 [ 307.619268][T12444] ocfs2_reserve_new_metadata_blocks+0x415/0x9a0 [ 307.626118][T12444] ocfs2_init_xattr_set_ctxt+0x2f5/0x790 [ 307.632269][T12444] ocfs2_xattr_set+0xc42/0x13e0 [ 307.637632][T12444] __vfs_setxattr+0x43c/0x480 [ 307.642824][T12444] __vfs_setxattr_noperm+0x12d/0x660 [ 307.648624][T12444] vfs_setxattr+0x163/0x360 [ 307.653643][T12444] filename_setxattr+0x296/0x630 [ 307.659097][T12444] path_setxattrat+0x3eb/0x440 [ 307.664373][T12444] __x64_sys_setxattr+0xbc/0xe0 [ 307.669760][T12444] do_syscall_64+0x14d/0xf80 [ 307.674861][T12444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.681261][T12444] [ 307.681261][T12444] other info that might help us debug this: [ 307.681261][T12444] [ 307.691471][T12444] Chain exists of: [ 307.691471][T12444] &ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE] --> &journal->j_trans_barrier --> &oi->ip_xattr_sem [ 307.691471][T12444] [ 307.708593][T12444] Possible unsafe locking scenario: [ 307.708593][T12444] [ 307.716021][T12444] CPU0 CPU1 [ 307.721369][T12444] ---- ---- [ 307.726710][T12444] lock(&oi->ip_xattr_sem); [ 307.731296][T12444] lock(&journal->j_trans_barrier); [ 307.739089][T12444] lock(&oi->ip_xattr_sem); [ 307.746186][T12444] lock(&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]); [ 307.753630][T12444] [ 307.753630][T12444] *** DEADLOCK *** [ 307.753630][T12444] [ 307.761751][T12444] 3 locks held by syz.3.2570/12444: [ 307.766933][T12444] #0: ffff88801201a420 (sb_writers#32){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 307.776267][T12444] #1: ffff888058e8c2c0 (&sb->s_type->i_mutex_key#46){+.+.}-{4:4}, at: vfs_setxattr+0x13e/0x360 [ 307.786731][T12444] #2: ffff888058e8bff8 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x475/0x13e0 [ 307.796675][T12444] [ 307.796675][T12444] stack backtrace: [ 307.802552][T12444] CPU: 1 UID: 0 PID: 12444 Comm: syz.3.2570 Tainted: G L syzkaller #0 PREEMPT(full) [ 307.802581][T12444] Tainted: [L]=SOFTLOCKUP [ 307.802589][T12444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 307.802603][T12444] Call Trace: [ 307.802613][T12444] [ 307.802622][T12444] dump_stack_lvl+0xe8/0x150 [ 307.802657][T12444] print_circular_bug+0x2e1/0x300 [ 307.802696][T12444] check_noncircular+0x12e/0x150 [ 307.802734][T12444] __lock_acquire+0x15a5/0x2cf0 [ 307.802772][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.802802][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.802827][T12444] ? _raw_spin_unlock+0x28/0x50 [ 307.802861][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.802889][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.802914][T12444] ? ocfs2_get_system_file_inode+0x202/0x7e0 [ 307.802943][T12444] lock_acquire+0xf0/0x2e0 [ 307.802970][T12444] ? ocfs2_reserve_suballoc_bits+0x16a/0x4940 [ 307.803000][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.803031][T12444] down_write+0x96/0x200 [ 307.803057][T12444] ? ocfs2_reserve_suballoc_bits+0x16a/0x4940 [ 307.803086][T12444] ? __pfx_down_write+0x10/0x10 [ 307.803113][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.803143][T12444] ocfs2_reserve_suballoc_bits+0x16a/0x4940 [ 307.803182][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.803208][T12444] ? do_raw_spin_lock+0x12b/0x2f0 [ 307.803231][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.803263][T12444] ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10 [ 307.803290][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.803315][T12444] ? lockdep_hardirqs_on+0x7a/0x110 [ 307.803339][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.803364][T12444] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 307.803399][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.803424][T12444] ? stack_depot_save_flags+0x3f3/0x810 [ 307.803460][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.803485][T12444] ? kasan_save_track+0x4f/0x80 [ 307.803508][T12444] ? kasan_save_track+0x3e/0x80 [ 307.803530][T12444] ? __kasan_kmalloc+0x93/0xb0 [ 307.803554][T12444] ? __kmalloc_cache_noprof+0x31c/0x660 [ 307.803577][T12444] ? ocfs2_reserve_new_metadata_blocks+0x10c/0x9a0 [ 307.803605][T12444] ? ocfs2_init_xattr_set_ctxt+0x2f5/0x790 [ 307.803638][T12444] ? ocfs2_xattr_set+0xc42/0x13e0 [ 307.803669][T12444] ? __vfs_setxattr+0x43c/0x480 [ 307.803700][T12444] ? __vfs_setxattr_noperm+0x12d/0x660 [ 307.803732][T12444] ? vfs_setxattr+0x163/0x360 [ 307.803767][T12444] ? filename_setxattr+0x296/0x630 [ 307.803799][T12444] ? path_setxattrat+0x3eb/0x440 [ 307.803824][T12444] ? __x64_sys_setxattr+0xbc/0xe0 [ 307.803857][T12444] ? do_syscall_64+0x14d/0xf80 [ 307.803880][T12444] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.803925][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.803951][T12444] ? __kasan_kmalloc+0x93/0xb0 [ 307.803975][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.804001][T12444] ? __kmalloc_cache_noprof+0x31c/0x660 [ 307.804026][T12444] ? ocfs2_reserve_new_metadata_blocks+0x10c/0x9a0 [ 307.804055][T12444] ? __kmalloc_cache_noprof+0x15b/0x660 [ 307.804081][T12444] ocfs2_reserve_new_metadata_blocks+0x415/0x9a0 [ 307.804110][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.804139][T12444] ? __pfx_ocfs2_reserve_new_metadata_blocks+0x10/0x10 [ 307.804169][T12444] ? __pfx_ocfs2_calc_xattr_set_need+0x10/0x10 [ 307.804202][T12444] ocfs2_init_xattr_set_ctxt+0x2f5/0x790 [ 307.804240][T12444] ? __pfx_ocfs2_init_xattr_set_ctxt+0x10/0x10 [ 307.804275][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.804302][T12444] ? ocfs2_xattr_set+0xc08/0x13e0 [ 307.804336][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.804362][T12444] ? up_write+0x1ab/0x410 [ 307.804381][T12444] ? __kmalloc_cache_noprof+0x15b/0x660 [ 307.804407][T12444] ocfs2_xattr_set+0xc42/0x13e0 [ 307.804454][T12444] ? __pfx_ocfs2_xattr_set+0x10/0x10 [ 307.804489][T12444] ? stack_trace_save+0xa9/0x100 [ 307.804515][T12444] ? check_path+0x21/0x40 [ 307.804546][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.804574][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.804599][T12444] ? add_lock_to_list+0xc7/0x100 [ 307.804633][T12444] ? __lock_acquire+0x146e/0x2cf0 [ 307.804666][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.804692][T12444] ? evm_protected_xattr_common+0x170/0x190 [ 307.804718][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.804743][T12444] ? evm_protect_xattr+0x748/0xac0 [ 307.804772][T12444] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 307.804809][T12444] ? __pfx_evm_protect_xattr+0x10/0x10 [ 307.804832][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.804859][T12444] ? __pfx_ocfs2_xattr_security_set+0x10/0x10 [ 307.804894][T12444] __vfs_setxattr+0x43c/0x480 [ 307.804933][T12444] __vfs_setxattr_noperm+0x12d/0x660 [ 307.804970][T12444] vfs_setxattr+0x163/0x360 [ 307.805006][T12444] ? __pfx_vfs_setxattr+0x10/0x10 [ 307.805037][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.805066][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.805094][T12444] filename_setxattr+0x296/0x630 [ 307.805127][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.805159][T12444] ? __pfx_filename_setxattr+0x10/0x10 [ 307.805199][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.805225][T12444] ? do_getname+0x151/0x250 [ 307.805257][T12444] path_setxattrat+0x3eb/0x440 [ 307.805291][T12444] ? __pfx_path_setxattrat+0x10/0x10 [ 307.805317][T12444] ? do_futex+0x333/0x420 [ 307.805365][T12444] ? rcu_is_watching+0x15/0xb0 [ 307.805396][T12444] ? srso_alias_return_thunk+0x5/0xfbef5 [ 307.805425][T12444] __x64_sys_setxattr+0xbc/0xe0 [ 307.805462][T12444] do_syscall_64+0x14d/0xf80 [ 307.805486][T12444] ? trace_irq_disable+0x3b/0x150 [ 307.805519][T12444] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.805544][T12444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.805566][T12444] RIP: 0033:0x7f290579c799 [ 307.805587][T12444] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 307.805605][T12444] RSP: 002b:00007f290657b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 307.805627][T12444] RAX: ffffffffffffffda RBX: 00007f2905a15fa0 RCX: 00007f290579c799 [ 307.805643][T12444] RDX: 0000200000000480 RSI: 0000200000000140 RDI: 0000200000000100 [ 307.805659][T12444] RBP: 00007f2905832c99 R08: 0000000000000000 R09: 0000000000000000 [ 307.805673][T12444] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000 [ 307.805686][T12444] R13: 00007f2905a16038 R14: 00007f2905a15fa0 R15: 00007ffcbaf74b38 [ 307.805712][T12444] [ 308.455468][T12486] loop6: detected capacity change from 0 to 2048 [ 308.474500][T12488] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2588'. [ 308.507675][ T31] audit: type=1326 audit(1773790673.454:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8868f9c799 code=0x7ffc0000 [ 308.530763][ T31] audit: type=1326 audit(1773790673.454:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8868f9c799 code=0x7ffc0000 [ 308.553343][ T31] audit: type=1326 audit(1773790673.464:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8868f9c799 code=0x7ffc0000 [ 308.579079][ T31] audit: type=1326 audit(1773790673.464:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8868f9c799 code=0x7ffc0000 [ 308.602707][ T31] audit: type=1326 audit(1773790673.464:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8868f9c799 code=0x7ffc0000 [ 308.625316][ T31] audit: type=1326 audit(1773790673.464:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8868f9c799 code=0x7ffc0000 [ 308.640524][T12486] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.647929][ T31] audit: type=1326 audit(1773790673.464:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f8868f9c799 code=0x7ffc0000 [ 308.682539][ T31] audit: type=1326 audit(1773790673.464:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12489 comm="syz.2.2589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f8868f9c799 code=0x7ffc0000 [ 308.798593][T12486] ext4 filesystem being mounted at /345/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 308.893634][T12497] loop5: detected capacity change from 0 to 256 [ 308.934527][ T5820] ocfs2: Unmounting device (7,3) on (node local) [ 308.948227][T12497] exfat: Deprecated parameter 'utf8' [ 308.953615][T12497] exfat: Deprecated parameter 'namecase' [ 309.047863][T12497] exfat: Deprecated parameter 'namecase' [ 309.055712][ T6948] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 309.157064][T12497] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x200001de, utbl_chksum : 0xe619d30d) [ 316.488082][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.494670][ T1296] ieee802154 phy1 wpan1: encryption failed: -22