program: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$PIO_FONTX(r0, 0x4b6c, &(0x7f00000005c0)={0x192, 0x1a, &(0x7f00000001c0)="c5157f28eb2b5f73b5712f2a4c14afe4e9a0a492ca7d043f82bae6b28871c67e6b75f2a6fee88aecd4759a6bba74aa6193eac77d98f83d50851845bc87d795f5cebfa53e5fc5ce81c3e8b57129a3f19b330c27611784ae097666b12d37a423495259cf2b9e814b0eed6a4b7eb304b207413fb00ae392e4fbfe9488e831512dfba95c81fcb742a501b461cb5cf0c9f70bb1d634ba7fb957f7c4bd13e1c63189a4f5ea0b35df434d51b6a201aefc92f5dc564616e383c5f4e95e484508deaab44edd8c3d05ecc75f456b918ffd3eed65c2465862cfad63766e181c186be3adcfb838561a6b32f3124e93d4539f94ff88c43bae490d6be0ac1129b247f6f71022c46c1af26ebc7222c85ede7ded227c91f977879feaa11ea06a2b2f9ed83d10ae00613a23b712a7f028d310ee2c6731c3a4257631f1d5c173ce504db8a442c99c18c19c5fad91d271e7b1927109b7a0748192f0255dbec38657c2d95ba8032cb7c8348a57493015bfeb4cfb8a475132207da42d0119c90afce4d43ed9a3218a3cb482eafad792c9197e5f48c70fc2ca11c8d878550a02ac5a1e8d911d97437706a4797cc8a86b86edcc6ab2ca523e3fa42ad153a58f2ee9f96163ff3ae77591ef3a2f6bb12b4df374281f1cf9ca149ae8b1b21be849052157094677421d7d06dffde4ed6bf75a0641763a83c1df7ba8ca56b7345cfbadf99999adfe1b65207f593eb69dab8a7e6767f20496bbac9834fd109b74d96e2f142090e3a01e9b4a65e5a090b610eb7292750b8cd98ec3a217a958c1c7efc849bbbdd8370ecb5b91c44b4547483a6a4882ab902a84f4834e61a435b91fed6051aea0b30affbedd8fe5443997121911891d363bc9f104a7bcb210a068d91d21c7355442a532ae13b818b08cf296d4000154f7d0596eaa9317ccebd09e4a6792cfd01a9e96a4054ee757bfdf877eb6b5d0d02d1d064303463b35123ab0a0dee02d1a8f64321bdf01f76289f783a07f44117af8e6cbae7eeeec27983179e07694be32ee72bca7052a1c4295910e3318a08bab220b6a12d432e6751190d418a7eab1b1fe06344d658711054dbf40c26a3b3efb4b503baeac18f7165caf84cd812e507251c63a499e9a564c82db9cd97ac5368e598c22739d5d88af282cf8f386be4ee8018e27a445727071d0e2aedc3321bc5b0951ad8aad5f5b1a8887f39156a54af594d443717aeb9371251050ac8daad37376fe9288ece15a20dfbcc036fcba2f2988616b67ca41b86ab372db8c9130c9b75d2852945f15447cbcd6022387a9c27522471e1212ed5db4e5ad6cfef7f86541b7cc3108aebcee5bd952d0addb74785627eff761eb0773f2fe47c508e90ff6ec05db60bd63313417df2d2485b9494e0d5fcc25a452a07829dc1b1b73b7095ed8b04ebb83b7c7f52d0a6e0a643e1a4ce5c9b09d87aa17aaed198b"}) write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000006c0)={0x8, {"da5572059629472fde6aca9d5b9ffd8abd2368ad419121b0351186f3c47af4f72e4ac02860c483c3316610ad2abbcb408e467301dc02e3eaba1adbbe0cf5ec2d0a35f781e0645b6cb0c51a3dfc55b61d4be68c2d50b61e7d5b5fed03f22e5c157dcfd122e0c8a542166eced754c91324052d102ce2da3a743838744f828ada7efaec70c588636cbf024ad895ff9dd6cf75f4beba53ff0fb8b1e9cb3e6f0b32963ae1ee552b316df1fa6735c7166dd7da9050bacd86fc64cbec0325b4e0908922123bf08f052230e8123ade766699a8f120ebf274f3ddcc6a5b003c29197c2b3941d88d12cf036964b3b662d2d103528a11c717a4af89e342e046c35a79afca3e68cd834e4b9533861765be68ac11bb8b87b065fab217e04565ec99e8e1e7ee67a5a4a1e98f6bf575f20e620492ddfd0799ff241e33fd500c14f2d4c1929b876e8cac6e79420872d7b5122d55ec45cd8c4c82cdda4ce68c4988e130c3274815882cf51bd676c0ecc3d527c560ee57d1b9af6a82b5a14703fb45eee264053bf29156a4a4b5dbadfe5ac622a1b03b3e99bbc3d31ef4ac40b4f40abf9626bd8c6d0a8eeec8eab7a008f3755af9d9fb5328d72d1b713c96c0f03540c13ca94b1d133ec46df897a2942e25dd468c7a073b81e8f158a739ac0837a2dc029b0aff35e5ba5b7c593ba58356cf066266c7780b55e0c4ba522b12ca045d8c72ef96162afd918651fce04ae6c7d1eb0140a5a3e9ab947931b6492f04f2a94ec1d9dcfb78fc492b97f00d5d5ca3b62a414d4ca4d9409e34fa488542ba8716a93ee9e51f625cc15c16c5bd91a0ab33ef6115a95bc71f6add48ff526c2adea2546bf470af913ca7e2be88640393156bb3527e8c6225d3d3ab94a35c68977022d55c1a8adae24eff046f93e379240b3461569c0c1fd07c80d8caa681b8bf98b974a2e1ada6276ba4f0ba55fe5908ac64ba25fd927b73a9b9f01b1b19a1d51e6353635eeb075768a5a7fe3e51053b0306a30f9991735f42186cd59adb71dc09665d51950e05e1ba7cd5621d309c19c839edb4989ba8d5045baf1a37ac3bb43c08b9d1a1d6d3aba190c1b2107d5c80bcffc5c13a0504ed058ee2411f83ddaeb2b4d410b621352d0bbdd06ac1bc6c60ed04e42c383f75a4691d351d0ce4ea2ac7feb7676b66c8d0138277c20d1889ac1f3bcc0c11bae971ec6d8974ba744674e38b7ab3bc8e592605883761964be79fb0f60713d4a0816a1dc45748b83b7be4d97b574c3a6073518d78784d7d32c85d0d63313761ad67d8eae7ff288dc7e0c9301f2635182fa8a73f082d4643e8892a964dcca1f7cdf373b4b826be94a1e5e6523545eae824db91fcd6ae0cf191da8d99f48a19c34d42d811170f2ab4df99083749f586739ecd65f199bd108a76887036cf89ff02d14d9e9d7d50f457ca70500ed2f883da562715e093497804ee4d43a8b263b2aa9c29fc82cfab32efa63e4cb5fdc1026b8523172bc9fcdbd8c1170cd38ffa608bbd5cb616fd1577a46ec5a302ca077f3637745b5fc59a8e58b16841facd601d2fe3721eb0d73ccaed20e28d09acadbba227e5e70373bf8555045b0e45ce8dbb585f7704ba7fbaeeaac64fd949feb7e0efcf187eb4485c485515971f9a04bca499df3ab4f0c173c0d2c0ed5073b7a21a1d800fc49a46fec4e61e678cfd20803bdf73f6c8111c512c98af1268cdebb8c012a75f301b9676af229834fa510687c4774a4aae65a76b516959294ab06e50a5a49e2f91d81586a30d2e04a43d999f9292936f49e6c96363914235202aab716aada9f8b8428d37a5f3b0d31db5c8f8f51656cad1ced1ae6491a5c46ba6fb15c19eb2f492a12acee984f4e24153580c5a93dee4652f979e96b64a9d207231e0906f909f1633eb5f33a741878ddcf07e9f1bde0d79b60fdfd13b9366a54ab39f01f4038e13ae728a4c4749a09f8dcf6de8c1a615ea75e6b5de0832b30dc219df44dc8d8d83c18aea7baa16263ddd2d2aef1f6574829be966682d403f5f1d516b280b62af4d36688481d85c6c0c8b40c3b3d507f2fc3223bab8392c924b1878d33cca3899fb50497de8787f4fc25ed4ff8c6193127cf473de2eea9e7c0d75a852c225eb9cd726ddf5e98432b736aee1a6b2520c761979d73e146aeef834c463ceb8c13b3bae52140fa74b1b6dcc6ef64d6938a01dac70694bcc46d8972552fab3e01af1e8c6a77ddda0f66b335d603114d90ee18b05a9b15582c91dfd1a8a48de80f86144d6feeca8290c3ebbd4f0fc30e361bc2f3c9483dfb7fe18919560d57359f642f4ed0cff87e4bf89d70e57ad65499d1eff11e25aa579f38595559c4ed1d96de4bd40b371c18da0203e879dbd7a6a013844a480d6028ee96fba2907e4ad612794c0d3483678bf1a95823a2c7d6f9b0b7d806025723271a1bbea76b839fb65dbbaeef670f2a80fbd943bd819a6332c9c423c547b0a3728aec85999c115b5ee5c7a12c6c550bc344482bd1712324deca15f9f8c999a9dc7a971822aed50fbc33362d01060779c2432d27bf655459fae2bb7034dcaa341a8575e833ab827b75f1098d03842e7186e647bd2e82cd9bf2a2b649f4d6e13ce47fa1fb6e3ccb0d7b9773e72641b305462b1cdc23ab32ada711467ab2a9f624f3a6b425fe5806166dd8c597572cacc28d368d135475d58cb89afc014c3bfbb64198983f57e096d6f04fc92b0a13cb144296ed6c7e9aea9a865b7524aedd8520877d83e41b1b87d4de9fba14f778fe00aaacf71fd96198684c93f340d76e22807b453803acdedcb7f649e9a912ed2b0bf7abb415a77452621bd0cf0a464dd25d1b14270a2fef1f9ea10b92ac6fddf6586e23fd50537c7eb05d554d0fdaeb02bb9e97584e1db687e5a584e51add5f41d1b7523167d0d6bb104d0ca265e03331b2fd551c51d936e29826ae6c5b35396488cb928a621e10fb7b418f32315c4ac2116030ce18948917e9ce516c73cc62a63fc5279b15664c4726329c5ee58eb3c5a44bf51a902879e82e29cac4f16fd3faf099b55d80fcddbcdcb9e7ea906e6db16986fabfff788411038e57b9787bc409d5c5b84bce155af1e467ee587975a5291330d476cf051328d2aa1c6fb2849da807b15b6931231ade960aea52bdee3fa6f9808c261065d6b8de07b0b34221a766a0cc73d2a8e927b53151c829eac7388772ab3ff5197f7c517ff8ea1ca3157d69eb371d281f73fbb6b64ec48fdce47d4e2f47052f9ff0d1c754c2c6914a445e429ebd47ef8be0e59d81966d6ceb1d348278fbc300d8d36466616df8bb91ccff6dc2bed6a8d9d3739a2551eac221a2e5ecd703b818140e2f7c4a5109205e9da1568565a85caf89b7bde6a3e45b554d560c72ba5c4fcdc43b5c036968c95feb962d87f7791cc9f58cc3d300e54af9ce0a1805861fad813c7f4922cdb374ee249cdf484fdea7ee72362013b644a1ae5f5cf0ee4567a3b9fae0586d7bdbc57ebb38ba7f4e5db0aa6a37c0dff3f097126c8ab2abae7581678939314c7ed071a9da8af234200daf8a863b536178f3c1ff7e1d6da83964b32a898ffea5711ae333fe824cca19889c73a46a16d7db7e1ebb709aadf168baf1333b0bd0855608d98755e28de8cc3e14f8f1994a03e8c61778b876eebdd3e54b9c5acdad83cb80167fc838308a14afe8b85d25d672423d02f1efaf4c78e6e5d0c8b8f3024b20f497320fa94e5b0af1087b907cefc99fae18fb39a06cf51cbdf67a66119d637b88ff28b49f27c3d4fbc420947f5b99101bceb9932d492add03dae5f0e824ea816d4070333282d3980081cba227ea8ab1fff4c138e6ae3f791df74c679a2fee6512b86e10f59cb615e08d0a0642169b09cac1443270dd066468ede9144255ea9ab8e1f6f6577b5c610c067e354605eb245960d0078be4893eeffd180ea74ee1c9227c3db377e323508522c8758b746693d99468d927a58dae80479186cd3cc0f43b20a34928a25f4cc1ec244e0991eb6fa8b6b7b70cec0e74e25e8acfba6741b49c0839201f17bb31a68e34b41fff0f4bf56addb85fbadbba19b96824aea5df6c5ed0187f498a73960ef554c46fb9410fb0d17baf4dc885602a81094d57c1b29030e86d598c4f1a3d0c39d76ff3a333c0e8741c5d47082396d5d497850ae0b991cbad9ba900f007f185ddae699b1d76d5439ee3662019969ba0248ffb1e724b93d25e82628f6c03e7d5cd70f42580d3c2b07805c42d78471265ae414552457ff3c32aacda5008c47f8122e365d82556cfd5b2b0010e5cf16c1e9d32ed8e68d3ae9937856cd6c43457e6ce7f5e2ecaf5267ad0cb9aa466389b043f2db8ddf8f04259485fa19396f3db6f3ab1c9479d30b18b5d9d2e0bd440d4ce39756d7f4600bbe1428142b9311c0c147ce4b6232bd045769b86568dc7511fe4d117c4b2c5702a3f2969600529c464468d6dd23b86714d8b1a50b31d3af33e9732205094f50f49d938275e2d3684c385138292975baa78a7a9a0d4384a130f889894a50d776eb3d7583c548dd11cc38f8e21cd6b8d22f694bd9d3ae589d6edd24e96a16bd63e7b6c859e8ca48b1497a42bb50cdae801e9bcdd9832df7488c1de4023928188fc6cb1e93c94ebe14d32d68632c090eb559bc27ccdda238ad5d85a7723db8ac2a6c40055f5e293e1e501edda3f6ad8191ad3935a606c1b164d524f2336097e0d3017ded8e1c1276a8c19181e356fcf68f2bb03ad7ad07e9a0b5cc9484f042f3237f9938253e4a958354cdb3c6ebb636a7a6a1cc15a1d37327ffc092c7b9c0504e502b1b45efe39b117d642bd469339195949bea802811582c854bbd8143b1efc7abc7e2e6389557c87c52acb8039e28054a80090ff244a2bab77120fe33cf9d9104680d0c9bffbe37bc98dcd5cb4a40cc3642eb5009c0f698b368ce7b2c0633ae981c6bd2cd6c5691fd5e32712f65abce5ff4ce824ec4529eb3f28ad790cde9d8832d21a371481f9b1850bb5b01735b559e4d0de4683ad0f7823076e0b4db15a7d11396e15ceca2b7c5bb5f8d0cee901a7fa62f3bc25fc2a7d95266dc55ddd13acfd2225ccffd82efe131fc0175b8a51dff09fe49d0f397e7ce1b7696397b54f6cc5e5a087dad943199c8facbe273986020dbc538362319ab443ea1e29fd24470913a1a23e30e16b9a56ba788aaa570a2b5fd38d4f0364724c1c057066248c295bb2921e499628096e278f6da16bd84fbe060a0b4c6f5da64145fe9028ff8ff33c45fa91d3b8655637bfe406c60668da1e96e2173747774d03509a95820f7a1426f29d882505b5c3cdd1b3fab9fe46e478649c27603a11b897b7081387a7eb5a06bf3774464212d9ed7052ab30006879062fec72fe7f5e94f93a2da05abd8ea479313d1d22c454c9d2f7b1292b66cad44111dec6a90b4891095eaa4caa4ca5278d047ff17050a110b221b0db7aa045eefd69daba68ac7450e0cc633362a8e486be91d9cc7988e076a14367fa29f4730adb3f32a38aab55bf2b6403a37848f9e04a0253a246174426aca21e1978f2064f1a9c7e021e59472ebdd979f07208b787120a38c54e766de08b543a4ad0258d7ee45f501ceec8303366277fde71c09e003941885defe5b782f31c825d5b9c59fa6d590744bf1aead54230ec6f92cb0b4ddcd04b310560f89f13460de138cb28c36de5aa90093a987e2879a9c825d8fac190f682ffa0b5b6997db272884d7a284ff207503698807dbe410f7035e839d978cf9700a632fa52ca6e76f77a54feca421897e64da9223ddff06fef63f99ea1b46617cefbad6e64687", 0x1000}}, 0x1006) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x1a9041, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f00000000c0)={0x7f, 0x40, 0x0, 0xb9ff, 0x18, '\x00\x00@\x00'}) write$binfmt_aout(r1, &(0x7f0000000040)=ANY=[@ANYRESOCT=r1], 0xff2e) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x0, 0xfffffffd, 0x4, "0062ba7d82000000000000000000f7ffffff00"}) creat(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r2, 0x29, 0x1a, &(0x7f00000001c0)=0xa4f, 0x4) syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1014494, &(0x7f00000002c0)={[{@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@partition={'partition', 0x3d, 0x6}}, {@gid_forget}, {@session={'session', 0x3d, 0xfe8}}, {@noadinicb}, {@anchor}, {@uid_forget}]}, 0xfe, 0xc24, &(0x7f0000001480)="$eJzs3UFsHNd9B+D/Gy5Fym4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIRtrQvfTQQ4Ci6CEnAq1RIEUDoymCHtnWBZKLD0VOPREtbARFD2wRIKeAxcy+lZY0ZcmmSFH299nUbznz3ux7b5YzkqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN976cKpZ9ODbgUAcJAuTX311Gn3fwD4RLnsz/8AAAAAAAAAAAAAAHDYpSjisUixeGkzzVTfdw1fbHdu3Jwen9i92tFU1Ryoypdfw8+ePnP2S8+NnevlB9e/356IV6YuX6i/uHB9cam1vNyaq0932rMLc617PsJe6+80Wg1A/fqrN+auXl2un37mzLbdN0feG3r0+Mj5sadOPtkrOz0+MTHVV6Y2+JHf/X3uNMPjSBRxMlI8/b2fpGZEFLH3sbjLZ2e/Ha06MVp1Ynp8ourIfLvZWSl3TvYGooio91Vq9MboAM7FnjQiVsvmlw0eLbs3tdhcal6Zb9Unm0sr7ZX2QmcydVtb9qceRZxLEWsRsTH0/sMNRhG1SPGdY5vpSkQM9Mbhi9XE4Du3o9jHPt6Dsp31wYi14iE4Z4fYUBTxcqT46dtFzJZjlr/iCxEvl/mDiDfLfCEilR+MsxHv7vI54uFUiyL+vDz/5zfTXHU96F1XLn6t/pXO1YW+sr3rykN/fzhIh/zaNBxFNKsr/mb66L/ZAQAAAAAAAAAAAAAAAOB+OxpFPBEpXvr3P6rmFUc1L/3Y+bHfH/nF/jnjj9/lOGXZZyJitbi3OblH8hTiyTSZ0gOeS/xJNhxF/HGe//fGg24MAAAAAAAAAAAAAAAAAADAJ9yPI8Xz75xIa9G/pni7c61+uXllvrsqbG/t396a6VtbW1v11M1GzpmcqznXcq7n3MgZRa6fs5FzJudqzrWc6zk3csZArp+zkXMm52rOtZzrOTdyRi3Xz9nIOZNzNedazvWcGznjkKzdCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwcVJEET+PFN/+xmaKFBGNiJno5vpQrwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CANpSK+Hynqf9C4ta0WEan6v+tE+cvZaBwp89PRGCvzhWhcyNmsstZ44wG0n70ZTEX8KFIMDb9164Tn8z/Y/e7WxyDe/Obt736l1s2B3s6R94YePX7s/NjErz1+p9dptwaMXmx3btysT49PTEz1ba7ld/9037aR/L7F/ek6EbH82uuvNufnW0ufmBdFHIpmPKgXte6LWhyS9hzUi3y9il12FYfhp6BxWAaq9+IBX5g4EOX9/91I8dvv/Efvht+7//9C97tbd/j42Z/cvv8/v/NA+3T/f6xv2/P5dyODtYjhleuLg8cjhpdfe/1k+3rzWutaq3P21Kkvj419+cypwSMRw1fb862+V3seKgAAAAAAAAAAAAAAAICDlYr43UjR/NFmqkfEzWq+1sj5sadOPjkQA9V8q23ztl6Zunyh/uLC9cWl1vJya64+3WnPLsy17vXthqvpXtPjE/vSmbs6us/tPzr84sLia0vta3+4suv+R4YvXFleWWrO7r47jkYR0ejfMlo1eHp8omr0fLvZqapO7jqZ7sMbTEX8Z6SYPVs/0tuW5//tnOG/bf7/6s4D7dP8v0/1bSvfM6UifhYpfusvHo/PV+18JN43Zrnc30SK0XOfy+XiSFmu14bucwW6MwPLsv8bKf7h59vL9uZDPna77LP3Oq4Pi/L8H4sU3/+z78av523bn/+w+/l/ZOeB9un8f6Zv2yPbnlew566Tz//JSPHCY2/Fb+RtH/T8jyK2tra+FXEiF771fI59Ov+f7ds2Et33/c37130AAAAAAAAAAICH1mAq4m8jxZMTtfRc3nYv//5vbueB9unff/1y37a5A1qvaM+DCgAAAACHxGAq4seR4trKW7fmUG+f/903//N3bq+9Pp527K3+nu+XqucG3M+//+s3kt93Zu/dBgAAAAAAAAAAAAAAAAAAgEMlpSKey+upz9xlPfX1SPHSfz+dy6XjZbneOvAj1a/DlxY6Jy/Mzy/MNleaV+Zb9anF5myrrPuZSLH515/LdYtqffXP57rdNd6Ht3prsS9Fiom/65XtrsXeW5u8ux54dy32suynIsV//f32sr11rD97u+zpsuxfRYqv/9PuZY/fLnumLPvdSPHDr9d7ZR8py/aej9p9JulwLeZbz8wuzL/vUagAAAAAAAAAAAAAAAAAAADwYQ2mIv40UvzP9bVYrab9v3FrV85ab8Ob3+xb73+Hm9U6/yPV+v93ev1R1v8fuS+9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh0uKIl6PFIuXNtP6UPl91/DFdufGzenxid2rHU1VzYGqfPk1/OzpM2e/9NzYuV5+cP377Yl4ZeryhfqLC9cXl1rLy625+nSnPbsw17rnI+y1/u2h6xqtBqB+/dUbc1evLtdPP3Nm2+6bI+8NPXp85PzYUyef7JWdHp+YmOorUxv8EO/+oRp325Eo4i8jxdPf+0n656GIIvY+Fnf57Oy3o1UnRqtOTI9PVB2Zbzc7K+XOyd5AFBH1vkqN3hgdwLnYk0bEatn8ssGjZfemFptLzSvzrfpkc2mlvdJe6EymbmvL/tSjiHMpYi0iNob6D3QkZxGvRorvHNtM/zIUMdAbhy9emvrqqdN3bkexr728i29V7awPRqwVD8E5O8SGooh/jBQ/fftE/OtQRC26X/GFiJfL/EHEm2W+EJHKD8bZiHeHHnSruV9qUcT/lef//GZ6eyii+pGprisXv1b/SufqQl/Z3nVl5/1hKyIeqvvDQTrk16bhKOKH1RV/M/2bn2sAAAAAAAAAAAAAAACAQ6SIX40Uz79zIlXzg2/NKW53rtUvN6/Md6f19eb+9eZMb21tbdVTNxs5Z3Ku5lzLuZ5zI2cUuX7ORs6ZnKs513Ku59zIGQO5fs5GzpmcqznXcq7n3MgZtVw/ZyPnTM7VnGs513Nu5IxDMncPAAAAAAAAAAAAAAAAAAD4eCmq/1J8+xubaWuou770THRz3XqgH3v/HwAA//9wn/vk") r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r3, 0x2007ffc) sendfile(r3, r3, 0x0, 0x800000009) r4 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) r5 = open(&(0x7f0000000080)='./bus\x00', 0x107382, 0x1d0) ftruncate(r5, 0x2007ffb) sendfile(r4, r5, 0x0, 0x1000000201005) open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) creat(&(0x7f00000002c0)='./file0\x00', 0x0) [ 110.265050][ T5303] Bluetooth: hci0: command tx timeout [ 110.571502][ T5324] loop0: detected capacity change from 0 to 2048 [ 110.626557][ T5324] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=2362, location=2362 [ 110.664560][ T5324] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 110.677366][ T5324] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 110.692669][ T5324] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 110.717483][ T24] audit: type=1800 audit(1775804938.283:2): pid=5324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.0" name="file1" dev="loop0" ino=1346 res=0 errno=0 [ 110.988355][ T5324] [ 110.989738][ T5324] ============================================ [ 110.992379][ T5324] WARNING: possible recursive locking detected [ 110.995116][ T5324] syzkaller #0 Not tainted [ 110.997075][ T5324] -------------------------------------------- [ 110.999983][ T5324] syz.0.0/5324 is trying to acquire lock: [ 111.002589][ T5324] ffff88801ed24128 (&sbi->s_alloc_mutex){+.+.}-{4:4}, at: udf_free_blocks+0xaaf/0x1940 [ 111.007346][ T5324] [ 111.007346][ T5324] but task is already holding lock: [ 111.010904][ T5324] ffff88801ed24128 (&sbi->s_alloc_mutex){+.+.}-{4:4}, at: udf_new_block+0x104a/0x1c70 [ 111.015331][ T5324] [ 111.015331][ T5324] other info that might help us debug this: [ 111.019548][ T5324] Possible unsafe locking scenario: [ 111.019548][ T5324] [ 111.022851][ T5324] CPU0 [ 111.024333][ T5324] ---- [ 111.025753][ T5324] lock(&sbi->s_alloc_mutex); [ 111.027716][ T5324] lock(&sbi->s_alloc_mutex); [ 111.029761][ T5324] [ 111.029761][ T5324] *** DEADLOCK *** [ 111.029761][ T5324] [ 111.033935][ T5324] May be due to missing lock nesting notation [ 111.033935][ T5324] [ 111.037400][ T5324] 4 locks held by syz.0.0/5324: [ 111.039391][ T5324] #0: ffff88801aaf2420 (sb_writers#12){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x160 [ 111.044299][ T5324] #1: ffff8880119cbb70 (&sb->s_type->i_mutex_key#25){+.+.}-{4:4}, at: udf_file_write_iter+0x6f/0x6b0 [ 111.050105][ T5324] #2: ffff8880119cb9a0 (&ei->i_data_sem#2){++++}-{4:4}, at: udf_map_block+0x2a4/0x4330 [ 111.054812][ T5324] #3: ffff88801ed24128 (&sbi->s_alloc_mutex){+.+.}-{4:4}, at: udf_new_block+0x104a/0x1c70 [ 111.059191][ T5324] [ 111.059191][ T5324] stack backtrace: [ 111.061872][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) [ 111.061895][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.061904][ T5324] Call Trace: [ 111.061914][ T5324] [ 111.061923][ T5324] dump_stack_lvl+0xe8/0x150 [ 111.061966][ T5324] print_deadlock_bug+0x279/0x290 [ 111.061997][ T5324] __lock_acquire+0x253f/0x2cf0 [ 111.062026][ T5324] ? __pfx___schedule+0x10/0x10 [ 111.062250][ T5324] lock_acquire+0xf0/0x2e0 [ 111.062286][ T5324] ? udf_free_blocks+0xaaf/0x1940 [ 111.062301][ T5324] __mutex_lock+0x19f/0x1300 [ 111.062317][ T5324] ? udf_free_blocks+0xaaf/0x1940 [ 111.062326][ T5324] ? preempt_schedule_thunk+0x16/0x30 [ 111.062341][ T5324] ? __lock_acquire+0x6b5/0x2cf0 [ 111.062355][ T5324] ? udf_free_blocks+0xaaf/0x1940 [ 111.062366][ T5324] ? __pfx___mutex_lock+0x10/0x10 [ 111.062380][ T5324] ? folio_mark_accessed+0x442/0x8c0 [ 111.062398][ T5324] udf_free_blocks+0xaaf/0x1940 [ 111.062412][ T5324] ? bdev_getblk+0x582/0x6e0 [ 111.062424][ T5324] ? udf_get_fileshortad+0x6e/0x1b0 [ 111.062437][ T5324] ? udf_current_aext+0x698/0xb30 [ 111.062449][ T5324] ? __pfx_udf_free_blocks+0x10/0x10 [ 111.062461][ T5324] ? udf_next_aext+0x447/0x530 [ 111.062477][ T5324] udf_delete_aext+0x4fb/0xbd0 [ 111.062493][ T5324] ? __pfx_udf_delete_aext+0x10/0x10 [ 111.062506][ T5324] ? udf_next_aext+0x447/0x530 [ 111.062522][ T5324] udf_new_block+0x149e/0x1c70 [ 111.062536][ T5324] ? bdev_getblk+0x582/0x6e0 [ 111.062548][ T5324] ? __pfx_udf_new_block+0x10/0x10 [ 111.062575][ T5324] udf_map_block+0x1375/0x4330 [ 111.062597][ T5324] ? __pfx_udf_map_block+0x10/0x10 [ 111.062614][ T5324] ? rcu_is_watching+0x15/0xb0 [ 111.062638][ T5324] ? do_raw_spin_unlock+0x4d/0x210 [ 111.062652][ T5324] __udf_get_block+0x52/0x250 [ 111.062666][ T5324] __block_write_begin_int+0x6c6/0x1910 [ 111.062680][ T5324] ? __pfx_udf_get_block+0x10/0x10 [ 111.062690][ T5324] ? __pfx___block_write_begin_int+0x10/0x10 [ 111.062702][ T5324] ? __pfx_udf_get_block+0x10/0x10 [ 111.062711][ T5324] block_write_begin+0x8d/0x120 [ 111.062720][ T5324] ? udf_write_begin+0x92/0x270 [ 111.062731][ T5324] udf_write_begin+0x118/0x270 [ 111.062742][ T5324] generic_perform_write+0x2e2/0x8f0 [ 111.062781][ T5324] ? __pfx_generic_perform_write+0x10/0x10 [ 111.062794][ T5324] ? generic_file_direct_write+0x385/0x3e0 [ 111.062808][ T5324] __generic_file_write_iter+0x1ae/0x230 [ 111.062820][ T5324] udf_file_write_iter+0x2ca/0x6b0 [ 111.062833][ T5324] iter_file_splice_write+0x9a1/0x10f0 [ 111.062851][ T5324] ? __pfx_iter_file_splice_write+0x10/0x10 [ 111.062866][ T5324] ? __pfx_iter_file_splice_write+0x10/0x10 [ 111.062879][ T5324] direct_splice_actor+0x101/0x160 [ 111.062894][ T5324] splice_direct_to_actor+0x53a/0xc70 [ 111.062908][ T5324] ? __pfx_direct_splice_actor+0x10/0x10 [ 111.062923][ T5324] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 111.062939][ T5324] do_splice_direct+0x195/0x290 [ 111.062953][ T5324] ? __pfx_do_splice_direct+0x10/0x10 [ 111.062965][ T5324] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 111.062981][ T5324] ? rw_verify_area+0x255/0x4d0 [ 111.062999][ T5324] do_sendfile+0x535/0x7d0 [ 111.063014][ T5324] ? __pfx_do_sendfile+0x10/0x10 [ 111.063027][ T5324] ? __se_sys_futex+0x3a8/0x450 [ 111.063042][ T5324] __se_sys_sendfile64+0x144/0x1a0 [ 111.063053][ T5324] ? __pfx___se_sys_sendfile64+0x10/0x10 [ 111.063062][ T5324] do_syscall_64+0x14d/0xf80 [ 111.063073][ T5324] ? trace_irq_disable+0x3b/0x150 [ 111.063080][ T5324] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.063087][ T5324] ? clear_bhb_loop+0x40/0x90 [ 111.063095][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.063106][ T5324] RIP: 0033:0x7f50e8f9c819 [ 111.063120][ T5324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.063129][ T5324] RSP: 002b:00007f50e9e6afe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 111.063143][ T5324] RAX: ffffffffffffffda RBX: 00007f50e9216090 RCX: 00007f50e8f9c819 [ 111.063150][ T5324] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008 [ 111.063157][ T5324] RBP: 00007f50e9032c91 R08: 0000000000000000 R09: 0000000000000000 [ 111.063164][ T5324] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000000 [ 111.063170][ T5324] R13: 00007f50e9216128 R14: 00007f50e9216090 R15: 00007ffc043e9ea8 [ 111.063180][ T5324] [ 112.320154][ T5303] Bluetooth: hci0: command tx timeout [ 114.401118][ T5303] Bluetooth: hci0: command tx timeout