last executing test programs: 5m33.37391563s ago: executing program 1 (id=1442): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000007c0)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a80016002000074002000000035c0461c1d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cee0090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6cc", 0xd8}], 0x1}, 0x0) 5m32.539347176s ago: executing program 1 (id=1446): r0 = socket(0x10, 0x3, 0x0) sendto$inet6(r0, &(0x7f0000000080)="7800000018002507b9409b14ffff0b7a0204be04020714056406040c5c0009003f0006160a0000000d0085a168d0bf46d32345653610648d270005000a06024e49935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000400160008030a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0) 5m31.906358827s ago: executing program 1 (id=1449): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') lseek(r0, 0xe, 0x4) 5m31.2655909s ago: executing program 1 (id=1451): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000fd640000000000004b64ffec850000006d000000940000fa0400000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0x3, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffff8}}, 0x0, 0x5ec8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, r0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94) 5m30.544787457s ago: executing program 1 (id=1458): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file0\x00', 0x1000801, &(0x7f0000000080)=ANY=[@ANYRES16=0x0], 0x3, 0x1d9, &(0x7f0000000f00)="$eJzsmT9v00AYxp87u45bUCUWBhYYKlGk1rFdQF0YyidAavknFiLqRgEnQY6HJBJDxMLCx+ArMGRiYGNjhQGQkBjIyGx0lzfxESchEUQg9f1JPT939957d2+TJ1IChmFOLV8+//j08ub+0Q6As9hCica/WXmMNOI/uiQ+vHrb2HzWn8wnAGTZ4vvbAN4cWEipn2W/rt6i5xHkWN+GxBXSdyHgkX4IiTukIwjcJ/3Y0M11EnHkPWrGxye1OPJVE6gmPKnVzxTON+gJHANw6XzCmG91uk8qcRwlk2ItG+1TmFpW/KZ+9uBA4oZRP/X/uvfieU/1R7XxjfoFkAhI70HgkPQ+SvA8Ly+Jcf8Ldp7fWuT+/0I8cAFz5NzuvFU7/8WZWcwXzt/PLIyRdSXUG3o8cn7Qf1dc9XWVN7202hqCPLsw9X7jzzI7ZAJTY3L/VJZ72fAnG/bYP8pp/Wm51enu1uqValSNGmG4d92/6vvXwrI2omE7x/9c7U8bRv61GbGOcNCupGkStIE0CYb90adbEhqOe/i6+V2PSu1/Etubwyj1UtHXLk3fQ9Cf1E+ltq2Zh2cYhmEYhmEYhmEYhmEYhlmKixD6W1D6oSqbQXhLR/8MAAD//79xXyI=") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 5m29.692625289s ago: executing program 1 (id=1463): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) write$evdev(r0, &(0x7f0000000140)=[{{}, 0x1, 0x7}], 0x18) 5m14.41842834s ago: executing program 32 (id=1463): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) write$evdev(r0, &(0x7f0000000140)=[{{}, 0x1, 0x7}], 0x18) 7.401282912s ago: executing program 2 (id=3349): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket(0x2, 0x2, 0x0) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000880)=ANY=[], 0x14) 7.144911491s ago: executing program 3 (id=3351): r0 = inotify_init1(0x80800) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x30000001}) 6.642590677s ago: executing program 2 (id=3355): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x27, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xc0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x40}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@main=@item_4={0x3, 0x0, 0xa}, @global=@item_012={0x1, 0x1, 0x5, "9c"}]}}, 0x0}, 0x0) 6.451133979s ago: executing program 3 (id=3356): syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000000c0), 0x2, 0xbc8, &(0x7f0000002380)="$eJzs3M9rXNcVAODznkYj2VY7ciml7qbqorhQOpZcZGpTqF1cuumi0G4LFvLICI1/IKm4kgUdtf9AabIOZBNIYhKyiNfeJCTbbBJ7m5BFwATFSiCEZMKbeSPJlkaW7Zk8Rf4+uHr3vjPSPWcemncvzEwAz6yx7EcacSwiLiQRlfx8GhHlVm84otF+3PrayvQXayvTSTSbf/s0iSQi7q+tTHf+VpIfj+SD4Yh4749J/Oi/2+ddWFqem6rXa/P5+MTi5WsnFpaWfzN7eepS7VLtysSp302enDw1fnqyZ7V++eHZW5//4s8fN7565eubnz33UhJnYySPba2jV8ZibOM52aoUEVO9nqwgA3k9W+tMSo/4pbTPSQEA0FW6ZQ33k6jEQGwu3irx1vuFJgcAAAD0RHMgogkAAAAccIn9PwAAABxwnfcB3F9bme60Yt+R8N26dy4iRtv1r+etHSlFo3UcjsGIOHw/ia0fa03av/bUxiLio7unX89a9OlzyLtprEbET3e6/kmr/tHWp7i3159GxHgP5h97aPx9qv9sD+Yvun4Ank23z7VvZNvvf+nG+id2uP+Vdrh3PYmi73+d9d/6tvXfZv0DXdZ/f93jHDdefuF6t1hW/+9v/em1Tsvmz45PVdRjuLca8bPSTvUnG/UnXeq/sMc5Kt9cr3WLFV1/88WI47Fz/R3J7t9PdGJmtl4bb//ccY7Vdydf7TZ/0fVn1/9wl/o73//U7fpf2+Mc/zh//o2822w2/93u3d2M715/+kk5+XurV87P/GtqcXF+IqKc/GX7+ZO759J5TOdv3FsdyiPd//93qj97TWjkz0O2F1jNj9n4Pw/N+YebN97slk9n/1fk9b/Y5fpvrf+d0vbr/789zvHLt///q26xrfvfrGXzd/bCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCRRsRIJGl1o5+m1WrEkYj4cRxO61cXFn89c/WfVy5msYjRGExnZuu18YiotMdJNp5o9TfHJx8a/zYijkbE85VDrXF1+mr9YtHFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsOFIRIxEklYjIo2I9UqaVqtFZwUAAAD03GjRCQAAAAB9Z/8PAAAAB5/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH129Oe37yQR0ThzqNUy5Tw2WGhmQL+lRScAFGag6ASAwpSKTgAozGPu8S0X4ABKHhEf7hoZ6nkuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/dvpNEROPMoVbLlPPYYKGZAf2WFp0AUJiB3YKlB0aWA3DAlIpOACiMmzqQPCI+vPmYxoORob7lBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD+M9JqSVqNiHJ+rlqN+EFEjMZgMjNbr41HxA8j4oPK4FA2nig4ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHpvYWl5bqper81nnTTyzsaZg9p5kkqT9jPWKDx5nd50yrEv0tinnaJfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKMLC0vLcVL1em18oOhMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgaAtLy3NT9Xptvo+domsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA43wYAAP//rbMLAQ==") r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x28) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x4, 0x966a, 0x2000, 0x4, 0x0, 0x0, 0x2401}) 5.010577139s ago: executing program 4 (id=3362): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) listen(r0, 0x0) ioctl$SIOCX25SDTEFACILITIES(r0, 0x89eb, &(0x7f0000000040)={0x7c77, 0xfff, 0x80, 0x10, 0x5, 0x13, 0x5, "dbb96720de2ae39d2bb87d28e91a33a9b3592987", "0bd428cc76c327237bf94ff7fa8ca96cf2cadfb2"}) 4.941535085s ago: executing program 0 (id=3363): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80) sendto(r0, &(0x7f0000000140)="050000007a19b90c9daaeca1b1ec5719af0abbb83b0514127c8b417386b5c7cc0f676b6dac18222d5bf3b8b98708a136ddca61719a13016d", 0x38, 0x0, &(0x7f0000000080)=@phonet={0x1d, 0x0, 0x0, 0x3}, 0x80) 4.72645487s ago: executing program 3 (id=3364): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x4e21, @empty}}, 0x10003, 0x3, 0xfffffff7, 0x0, 0x30, 0xfffffffe, 0x88}, 0x9c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 4.532807869s ago: executing program 5 (id=3365): syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xad8, &(0x7f0000000e00)="$eJzs3V2IXFcdAPBzd3c2u0lrJjWxaxrbxGpbP7ppNmv8CJqUBMHQFPGlUHwJaVqDMYIV1FIwyZNvtpQUfPIDn/pSqggWREKffCnYQBH6VAV9MEQs+FCjyZTMnDN752Qmd2c/ZnZ3fj+4e+bec+78z529c+d+nXsCMLLGmn/n52eKEC6+/tLRfz7wj+mbUw61S9SbfydKY7UQQhHHJ7L3e3e8lV5/7/mT3dIizDX/pvHw+NX2vFtCCOfC7nAp1MPOi5dffHPusePnj13Y89YrB6+sztIDAMBo+fqlg/M7/vrne7Zde/Xew2FTe3raP6+nCVOt/f7Dccc/7f+Phc7xojSUTWblJuIwNt1ZbrxLuXKcWlZuokf8ySx+rUe5TeH28cdL07otN6xnaT2uh2JsNoSwuT0+NjY72zomD83j+sli9uzpM08/O6SKAivuP/eFEHaXhiMXOsfX2nBoDdRhiUNjDdRhXQ6HBxfrWqNl6Ms8oKGxddhbIICW/HrhLc7lZxaWp/1uE4uLf/XRse7zwwoY9PrfV/zJIccP4v/6vC0OK2ejrk1pudL36I44nl9HyO9fevkPnfMtyK90dE7Nr0fUFlnPXtcR1sv1hV71HB9wPZaqV/3z9WKj+nJM0+fwlY7c+zq+P/n/dL38j4Hu3s/P/xsMhrU9hI7x2nLeqzHk7Q+wduX3zTXS9dEov68vz99UkT9VkT9dkb+5In9LRT6Mst9+/6fhhWLhfFd+TN/v+fB0nu3OmH6oz/rk5yP7jZ/f99uv5cbP7yeGtez3J5449YWnnrzcuv+/aK//N+L6ng436vG7dSkWSOcL8/Pq7Xv/651xxnqUuyurz51dyjdfb+8sV2xfeJ9Q2s7cUo+Zzvm29iq3q7NcPSs3HYeprL75/snmbL60/5G2q+nzmsiWt5Ytx2RWj7Rd2RbTvB6wFGl9TPf/L7QHaN3/n9bPmVArnj595tQjcTytp38ar226OX3fgOsNLF/e/if//qffr5nQ2f7njvb02lh5u7B1YXrR2i68Ft+vc/pcO05peulHLf3OfWt8ull+9uR3zzy1wssOo+7ZHz337RNnzpz6nhdLfvHVtVGNfl6kw5a1Uh8v+n2xe7VDDHnDBKy6vT9u7QQ8fPo7J5459cyps/sPHNg/N3fgi/vn9zb36/eW9+7Lzg2htsBKWvjRH3ZNAAAAAAAAAAAAgMX6wbGjl99+4/PvtNr/L7T/S+3/052/qf3/T7L2/3k7+dQOPrUD3NYlv1kme8DqZFauFocPZ/XdnsXZkc33kZi2+/GL7f9TuPy5rqk+d2fTaz1Gs8cJ3PK8lMnsGSR5f4Efj+mFmP4qwBAV090nx/Q2z7cu3i+t6+n5FKUmvA3PB14/0v+tuTaUHmmU2n93fa5Tl/barC+DaLE47GUEuvvXSD3/+98LCz70uhh6DxODjfez0V0nGj330hfbgw3Ayhh2/59/D6246fzn2T9+bermkIpdfbRze5k/vxT68Ze3O8fXev+Tqx0/77dv0PGHvfyD7v+z3f9d3P6l7V7v7V/WY159aXH/+/Mr75TChp2LjZ8vf3oO9Pb+4l+L8dPSPBgWF7/xyyx+fkFokf6Xxd+8yPi3LP+upcX/f4yfPraH7l9s/FaNi7HOekxny5Gu/+XnjZPr2fKnZ3veJv43nuu2/EvsqPFGjA+jbL30M9uvbD+ivdNe1f9vv7//y+3/t13ZbLOW34fxuTieNsTpPoe8v5N+65/ur0i/Azuy9y8qft/0/7u+fSmmVd+H1P9vWh/r8Se/NN78LNN4rctnu1G3NbBevTtS1/8GNVxpHQYtbf6p4dff0MfQGF/CfO1+4oZc/0ajsbontCoMNThD//yHfZww7PjD/vyr5P3/5vvwef+/eX7e/2+en/f/m+dPx/9Qr/y8/9/888z7/83z787eN+8feKYi/6MV+Tu757cP2++pmH9XRf7HKvL3tPMPdZRI+ffedv6Fcr3e/66K/Psr8j9Rkf/JivwHKvIfKuWX+4BO+Z/K5i+y/I0utUfp9fkBG1fePs/3H0ZHuv7T6/u/fSF/slxksLUEVsPLr+478uRvvllvtf+fbJ8PSdfxDsfxWjw2+mEcz697h9L4zbw34vjfsvy1fr4DRkn+/Iz89//Binxg/Ur3efl+wwgqprpPjmnVc6t67eezvnw6pp+J6Wdj+nBMZ2O6N6b7Yjo3oPqxOo689ruDLxQLx/tbs/zF3k+etwfqeE5UCGH/IuuTnx/o9372/Dl+/Vpu/CU2BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiasebf+fmZIoSLr7909Injp/fenHKoXaLe/DtRGqu15wvhkZiOx/QX8cX1954/WU5vxLQIc6EIRXt6ePxqO9KWEMK5sDtcCvWw8+LlF9+ce+z4+WMX9rz1ysErq/cJAAAAwMb3QQAAAP//rA0HrQ==") mkdir(&(0x7f0000000240)='./bus\x00', 0x0) truncate(&(0x7f0000000040)='./file2\x00', 0x0) 4.209163668s ago: executing program 4 (id=3366): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000005c0)={0x28, r1, 0x9, 0x3, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048814}, 0x0) 3.898954036s ago: executing program 2 (id=3367): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="64000000010401010000080000000000070000000a0002"], 0x64}, 0x1, 0x0, 0x0, 0x4}, 0x8004) 3.680729427s ago: executing program 0 (id=3368): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x30004081) recvmsg(r0, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f00000002c0)=""/34, 0x56}], 0x1}, 0x0) 3.567501469s ago: executing program 3 (id=3369): syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x2000759, &(0x7f00000000c0)={[{@noload}, {@noblock_validity}, {@discard}, {@errors_remount}, {@abort, 0x0}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0xc}}, {@noquota}, {@usrjquota_path={'usrjquota', 0x3d, './file0'}}, {@lazytime}, {@resuid}, {@nolazytime}, {@journal_dev={'journal_dev', 0x3d, 0x765}}, {@norecovery}, {@nobarrier}, {@data_writeback}, {@noblock_validity}], [], 0x2c}, 0x6, 0x50c, &(0x7f00000002c0)="$eJzs3MtvVNUfAPDvnU4p5fFrf/jipYyisdFIaXkuXADRhI2Jicagu9oWghQwtCZAGinGQOJCw1/gY2fiX+BKN0aNC41biVtjQkw3oAtzzZ25U6edTjttp62ln08ywzn3Mfd8772HnsfcCWDdKmVvScSWiPglIroq2ekblCr/3JscH/xzcnwwiTR95Y+kvN3dyfHB6qbV/TbnmZ5CROH9JHbVH7Zj9MrVcwMjI8OX8gW9Y4U8dX7gzPCZ4Qv9R48ePNB55HD/oZbEmZXp7s53L+7ecfL1Wy8Nnrr15ndfZOVN8/W1cVR0l983NH2EtrolpShNP5c1nmq+6GvC1pp0UszeC6tXGJqW3bXZ5Wov1/+uaCvnKrrixfdWtXDAskrTNO2oWzr1t2wirZUklR3S9HoK3AeSWO0SAKuj+of+7mTWUx0frO8H39/uHI9yDyiL+17+qqwplnuwpe5K36h9mY7/YEScmvjr4+wVs45DAAC01lfHI26eqLQ7qq/KmkI8XLPd//K5oe6I+H9EbIuIB/L2y0MR5W0fiYjtNftsbWIWoDQjX9/++akzT9Q2V1sma/89n89tTW//TZW8uy3PbS3H356cPjsyvD8/Jz3R3pHl++o/empY7esXfv6o0fFLNe2/7JUdv9oWzMvxe3HGAN3QwNjAUuOuunO9fGKv1cefRDGppiJ2RMTORXx+ds7OPvP57kbrp8WfxVkX/4fxxhMNdi4uokAzpJ9GPF25/hMxI/7I5/+S8vzk+bd7R69cfe5s7fxk35HD/Yd6N8bI8P7e6l1R7/sfb7ycJ+u6EXNc/2rVWNaJtOz6b5r1/p+auezOUlPztaMLP8aN2zcb9mkWe/9vSF4tp6vzs5cHxsYu9UVsSCbql/f/u+/lgc5p22fx9+ydvf5vi/j7k3y/XRGR3cSPRsRjEbEnL/vjEZHdnnvniP/bE0++1agLOX/8yyuLf2hB179R4tgPEbOvajv3zZd1B/6gVBd/ezS6/gfLqZ58ydDA2Mb54pqrpLWJJZ9AAAAAWAP2RMSWSAr78oGmLVEo7NsXsXlqBGV07NnTF9+5MFR5RqA72gvVka6umvHQvnxsOMtne/XX5LP1B8rjxmmapp1ZPuu/j2xf3dBh3dvcoP5nfqt/pAW43yxoHq3RE23AmjSz/t9ues/WfyEDWFkt+B4NsEap/7B+NV3/l+spOGDVzFb/r0Xcq8k2/ztYwJoyW/1/rW7JsRUpC7Cy9P9h/Vp8/fdlAFjrFlX/N7W+HMCKauoh+UaJYuNV207OsXtSXMJBF5UoxNy/AtAdUV1SbdPM/YG/FiJaU8K2lkbaOe2aFmbdZmPULCk2+NGGeRNRmHeb4gJ+iGFlE4X/RjEqiY6ImOfunbrZrlUTV5e7YOVK8Nnq/u8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwdP8EAAD//4JC0zk=") r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0) write$cgroup_devices(r0, &(0x7f0000000180)=ANY=[], 0xffdd) 3.330763782s ago: executing program 5 (id=3370): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000001480)={0x3, 0x0, @ioapic={0x4, 0x0, 0x0, 0xffffffff, 0x0, [{}, {0xfc, 0x5}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x7}, {}, {}, {}, {0x0, 0x9}, {0x0, 0x0, 0x84}, {0x2, 0x0, 0x20}, {}, {}, {}, {}, {0x62, 0x6}, {0x0, 0x6, 0x4}, {0x0, 0xff, 0xd}, {0x80}, {}, {0x40, 0x2}, {}, {0x4, 0x0, 0x0, '\x00', 0x1}]}}) 3.330591045s ago: executing program 4 (id=3371): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x337) 2.973705819s ago: executing program 2 (id=3372): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000140)={0x1, 0xf}, 0x8) shutdown(r0, 0x1) 2.530628978s ago: executing program 0 (id=3373): r0 = socket$can_raw(0x1d, 0x3, 0x1) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bind$can_raw(r0, &(0x7f0000000480), 0x10) 2.344869541s ago: executing program 4 (id=3374): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2000800, &(0x7f0000002500)=ANY=[@ANYBLOB="696f636861727365743d69736f383835392d392c757466382c646d61736b3d30303030303030303030303030303030303030303030342c757466382c6572726f72733d72656d6f756e742d726f2c646d61736b3d30303030303030303030303030303030303030303332372c666d61736b3d30303030303030303030303030303030303030303030312c6572726f72733d72656d6f756e742d726f2c6572726f72733d72656d6f756e742d726f2c696f636861727365743d69736f383835392d332c00e2edce5a4a075f73c2c28f"], 0x4, 0x1549, &(0x7f0000000340)="$eJzs3AucTtXaAPDnWWvtMSS9TXIZ1lrP5k0uyyRJLklySZIkSUISkiY5kpAYcksakpBchuQyhOQyMWnc7/dLQpOkSZKQ3JL1/YTP6au+c85X5/j9vnn+v9/+Wc+79rP22vO827v3Gq9vOw+p2bhWtYZEBH8KXvgjCQBiAWAAAFwDAAEAlIsrF3e+P6fEpD93EPbXeij1Ss+AXUlc/+yN65+9cf2zN65/9sb1z964/tkb1z974/ozlp1tmlbwWt6y78br/9kZf/7/P5JVesyXa0pf3wUg5p9N4fpnb1z//7eCf2Ynrn/2xvXPrmKv9ATYX2nW/y2Nr//sIMcf9nD9szeuP2PZ2S/rwDnhiq9DX6kNItn7dyBX+v3HGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OOUvUwBwqX2l58UYY4wxxhhjjLG/js9xpWfAGGOMMcYYY4yxfz8EARIUBBADOSAWckIuEABwNeSBayAC10IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDQkwE1QBm6GsnALlINboTzcBhWgIlSCynA7VIE7oCrcCdXgLqgONaAm1IK7oTbcA3XgXqgL90E9uB/qwwPQAB6EhvAQNIKHoTE8Ak3gUWgKzf77DP71/BehO7wEPaAnJEEv6A0vQx/oC/2gPwyAV2AgvAqD4DVIhsEwBF6HofAGDIM3YTiMgJHwFoyCt2E0jIGxMA5SYDxMgHdgIrwLk2AyTIGpkArTYDq8BzNgJsyC92E2fABzYC7Mg/mQBh/CAlgI6fARLIKPIQMWwxJYCstgOayAlbAKVsMaWPtTH1gPG2AjbILNsAW2wjbYDjvgE9gJn8Iu2P3GXADIhM//KB/W/W7+yUv5sAc+g0zogoCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBm7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vi3Xg39sI6WAfrYl2sh/UuLU9hQ2yIjbARNsbG2ASbYFNsis2xObbAFtgSW2IrbIVtsA22xbbYDtthIiZie2yPHbADdsSO2Ak7YWfsjF2wK3bNejEH4Ev4EvbE6qIX9sbe2AeTc/TD/tgfX8GB+Cq+iq9hMg7GIfg6vo5v4DA8gcNxBI7EkVhFvI2jcQySGIcpmIITcAJOxIk4CSfjZJyKqTgNp+N0nIEzcSa+j7PxA/wA5+JcnI9pmIYLcCGmYzouwpOYgYtxCS7FZbgcl+FKXIUrcQ2uxTW4HtfjRtyIm3EzbsWtuB234yeoAPBT3I27MRkzMRP34l7ch/twP+7HLMzCA3gAD+JBPISH8DAexiN4FI/hUTyOx/EEnsRTeArP4Bk8i8/Hf93okxKrk0Gcp4QSMSJGxIpYkUvkErlFbpFH5BERERFxIk7kFXlFPpFPFBAFRLyIF4VFYWGEESTCGAAQUREVxUQxUVwUFyVFSeGEEwkiQZQRZURZUVaUE7eK8uI2UUFUFK1dZVFZVBFtXFVxp6gmqonqooaoKWqJWqK2qC3qiDqirqgr6ol6or54QDQQvbAfPiTOV6axGIxNxBBsKpoJefH6bymGYSvRWrQRT4oROBzbiZYuUTwj2ovR2EH8TYzB50QnMQ47ixdEF9FVdBMviu6ilesheopJ2Ev0FlOxj+gr+on+YgbWEO/j7Jw1xWsiWQwWQ8TrYj6+IYaJN8VwMUKMFG+JUeJtMVqMEWPFOJEixosJ4h0xUbwrJonJYoqYKlLFNDFdvCdmiJlilnhfzBYfiDlirpgn5os08aFYIBaKdPGRWCQ+FhlisVgiloplYrlYIVaKVWK1WCPWinVivdggNopNYrPYIraKbWK72CE+ETvFp2KX2C32iM9Epvhc7BVfiH3iS7FffCWyxNfigPhGHBTfikPiO3FYfC+OiKPimPhBHBc/ihPipDglTosz4idxVvwszgkvQKIUUkolAxkjc8hYmVPmklfJ3DK4+NO9VsbJ62Reeb3MJ/PLArKgjJeFZGGppZFWkgxlEVlURuUNspi8URaXJWRJWUo6WVomyJtkGXmzLCtvkeXkrbK8vE1WkBVlJVlZ3i6ryDskRC4co7qsIWvKWvJumQT3yDryXllX3ifryftlffmAbCAflA3lQ7KRfFg2lo/IJvJR2VQ2k83lY7KFfFy2lE/IVrK1bCOflG3lU7KdfFomymdke+kvvkWek53k87KzfEF2kV1lN/mzPCe97CF7SugFsrd8WfaRfWU/2V8OkK/IgfJVOUi+JpPlYDlEvi6HyjfkMPmmHC5HyJHyLTlKvi1HyzFyrBwnU+R4OUG+IyfKd+UkOVlOkVNlqpwm+10caZaU/zD/nd/JH/TL0TfKTXKz3CK3ym1yu9whP5E75U65S+6Se+QemSkz5V65V+6T++R+uV9mySx5QB6QB+VBeUgekoflYXlEHpWn5Q/yuPxRnpAn5Ul5Wp6RZ+TZiz8DUKiEkkqpQMWoHCpW5VS51FUqt7pa5VHXqIi6VsWp61Redb3Kp/KrAqqgileFVGGllVFWkQpVEVVURdUNePENo0qqUsqp0ipB3fS/5ReHX+erYupGVVyV+FX+pfkl/cH8WqgWqqVqqVqpVqqNaqPaqraqnWqnElWiaq/aqw6qg+qoOqpOqpPqrDqrLqqL6qa6qe6qu+qheqgklaR6q5dVH9VX9VP91QD1ihqoBqpBapBKVslqiBqihqqhapgapoar4WqkGqlGqVFqtBqtxqqxKkWlqAlqgpqoJqpJapKaoqaoVJWqpqvpaoaaoWapWWq2mq3mqDlqnpqn0lSaWqAWqHSVrhapRSpDLVaL1VK1VC1Xy9VKtVKtVqvVWrVWrVfrVYbapDapLWqL2qa2qR1qh9qpdqpdapfao/aoTJWp9qq9ap/ap/ar/SpLZakD6oA6qA6qQ+qQOqwOqyPqiDqmjqnj6rg6oU6oU+qUOqPOqLPqrDqnzp2/7QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCx6NLghKBbcGBQPSgQlg1KBC0oHCTEXO4NbgnLBrUH54LagQlAxqBRUDm4PqgR3BFWDO4NqwV1B9aBGUDOoFdwd1A7uCeoE9wZ1g/uCesH9Qf3ggaBB8GDQMHgoaBQ8HDQOHgmaBI8GTYNmQfPgsaBFcHNQ9i8b3/sT+Z9wPXRPnaR76d76Zd1H99X9dH89QL+iB+pX9SD9mk7Wg/UQ/boeqt/Qw/SbergeoUfqt/Qo/bYercfosXqcTtHj9QT9jp6o39WT9GQ9RU/VqXqanq7f0zP0TD1Lv69n6w/0HD1Xz9PzdZr+UC/QC3W6/kgv0h/rDL1YL9FL9TK9XK/QK/UqvVqv0Wv1Or1eb9Ab9Sa9WW/RW/U2vV3v0J/onfpTvUvv1nv0ZzpTf6736i/0Pv2l3q+/0ln6a31Af6MP6m/1If2dPqy/10f0UX1M/6CP6x/1CX1Sn9Kn9Rn9kz6rf9bntD9/c3/+490oo0yMiTGxJtbkMrlMbpPb5DF5TMRETJyJM3lNXpPP5DMFTAETb+JNYVPYnEeGTBFTxERN1BQzxUxxU9yUNCWNM84kmARTxpQxZU1ZU86UM+VNeVPBVDCVTCVzu7nd3GHuMHeaO81d5i5Tw9QwtUwtU9vUNnVMHVPX1DX1TD1T39Q3DUwD09A0NI1MI9PYNDZNTBPT1DQ1zU1z08K0MC1NS9PKtDJtTBvT1rQ17Uw7k2gSTXvT3nQwHUxH09F0Mp1MZ9PZdDFdTDfTzXQ33U0P08MkmSTT2/Q2fUwf08/0MwPMADPQDDSDzCCTbJLNEDPEDDVDzTAzzAw3I8zI8zeq5m0z2owxY804k2JSzAQzwUw0E80kM8lMMVNMqkk10810M8PMMLPMLDPbzDZzzBwzz8wzaSbNLDALTLpJN4vMIpNhMswSs8QsM8vMCrPCrDKrzBqzxqyDdWaD2WA2mU1mi9litpltZofZYXaanWaX2WX2mD0m02SavWav2Wf2mf1mv8kyWeaAOWAOmoPmkDlkDpvD5og5Yo6ZY+a4OW5OmBPmlDllzpj8Fz8vvYm1OW0ue5XNba+2eew19n/GBWxBG28L2cJW23w2/69iY60tbkvYkraUdba0TbA3/SauYCvaSrayvd1WsXfYqr+Ja9t7bB17r61r77O17N2/iuvZ+219+4htgAhgm9lG9jHb2D5im9hHbVPbzDa3j9m29inbzj5tE+0ztr199jfxArvQrrKr7Rq71u6yu+0pe9oetN/aM/Yn28P2tAPsK3agfdUOsq/ZZDv4N/FI+5YdZd+2o+0YO9aO+008xU61qXaanW7fszPszN/EafZDO9um2zl2rp1n5/8Sn59Tuv3ILrIf2wwbwBK71C6zy+0Ku/K/57rUrrcb7Ea7035qt9itdpvdbndcuhG2u+0e+5nNtJ/bA/Ybu89+affbQzbLfv1LfP78Dtnv7GH7vT1ij9pj9gd73P6oLmWfP/cf7M/2nPUWCAlIkqKAYigHxVJOykVXUW66mvLQNRShaymOrqO8dD3lo/xUgApSPBWiwqTJkCWikIpQUYrSDXRpeiWpFDkqTQl0E5Whm6ks3ULl6FYqT7dRBapIlagy3U5V6A6qSndSNbqLqlMNqkm16G6qTfdQHbqX6tJ9VI/up/r0ADWgB6khPUSN6GFqTI9QE3qUmlIzak6PUQt6nFrSE9SKWlMbepLa0lPUjp6mRHqG2tOz1IH+Rh3pOepEz1NneoG6UFfqRi9Sd3qJelBPSqJe1Jtepj7Ul/pRfxpAr9BAepUG0WuUTINpCL1OQ+kNGkZv0nAaQSPpLRpFb9NoGkNjaRyl0HiaQO/QRHqXJtFkmkJTKZWm0XR6j2bQTJpF79Ns+oDm0FyaR/MpjT6kBbSQ0ukjWkQfUwYtpiW0lJbRclpBK2kVraY1tJbW0XraQBtpE22mLbSVttF22kGf0E76lHbRbtpDn1EmfU576QvaR1/SfvqKsuhrOkDf0EH6lg7Rd74nfU9H6Cgdox/oOP1IJ+gknaLTdIZ+orP0M50jTxBiKEIZqjAIY8IcYWyYM8wVXhXmDq8O84TXhJHw2jAuvC7MG14f5gvzhwXCgmF8WCgsHOrQhDakMAyLhEXDaHhDWCy8MSwelghLhqVCF5YOE8KbwjLhzWHZ8JawXHhrWD68LawQVgwfua9yeHtYJbwjrBreGVYL7wqrhzXCmmGt8O6wdnhPWCe8N6wb3heWDe8P64cPhA3CB8OG4UNho/DhsHH4SNgkfDRsGjYLm4ePhS3Cx8OW4RNhq7B12CZ8MmwbPhW2C58OE8Nnwvbhs7/037/wj/uTwl5h7/Dl8OXQ+3vlvOj8aFr0w+iC6MJoevSj6KLox9GM6OLokujS6LLo8uiK6Mroqujq6Jro2ui66ProhujGqPe1coBDJ5x0ygUuxuVwsS6ny+Wucrnd1S6Pu8ZF3LUuzl3n8rrrXT6X3xVwBV28K+QKO+2Ms45c6Iq4oi7qbnDF3I2uuCvhSrpSzrnSLsE95lq4Fq6le8K1cq1dG/eke9I95Z5yT7un3TOuvXvWdXB/cx3dc66Te949715wXVxX18296Lq78XkuXJNJrrfr7fq4Pq6f6+cGuAFuoBvoBrlBLtkluyFuiBvqhrphbpgb7oa7kW6kG+VGudFutBvrxroUl+ImuAluopvoJrlJboqb4lJdqpvuprsZboarMvPCUea4OW6em+fSXJpb4M7fM6a7RW6Ry3AZbolb4pa5ZW6FW+FWuVVujVvj1rl1boPb4Da5TW6L2+K2uW1uh9vhdrqdbpe/5sKgLtPtdXvdPrfP7XdfuSz3tTvgvnEH3bfukPvOHXbfuyPuqDvmfnDH3Y/uhDvpTrnT7oz7yZ11P7tzzruUyPjIhMg7kYmRdyOTIpMjUyJTI6mRaZHpkfciMyIzI7Mi70dmRz6IzInMjcyLzI+kRT6MLIgsjKRHPoosinwcyYgsjiyJLI0siyyPeF9oS+iL+KI+6m/wxfyNvrgv4Uv6Ut750j7B3+TL+Jt9WX+LL+dv9eX9bb6Cr+gr+Ud9U9/MN/eP+Rb+cd/SP+Fb+da+jX/St/VP+Xb+aZ/on/Ht/bO+g/+b7+if8538876zf8F38V19N/+i7+5f8j18T5/ke/ne/mXfx/f1/Xx/P8C/4gf6V/0g/5pP9oP9EP+6H+rf8MP8m364H+FHxrzlR116RIZxPsWP9xP8O36if9dP8pP9FD/Vp/ppfrp/z8/wM/0s/76f7T/wc/xcP8/P92n+Q7/AL/Tp/iO/yH/sM/ziS0uyfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf57X6H/8Tv9J/6XX633+M/85n+c7/Xf+H3+S/9fv+Vz/Jf+wP+G3/Qf+sP+e/8Yf+9P+KP+mP+B3/c/+hP+JP+lD/tz/if/Fn/sz/H31ljjDHGGPunjL/cFL/uubCc3+t3csTf7dwbAK7eWjDr7/vP31Guy3eh3VfEt40AwDM9Oz90aatePSkp6eK+GRKConMBLv0m6Lxflo0vxouhDTwFidAayvzu/PuKrmfoH4wfvRUg19/lxMLl+PL4XwBg0u+M//iTIxeUD0/F/S/jzwUoXvRyTk64HC+GNr+sr7SGsn8w//wt/8H8c36ZAtDq73Jyw+X48vwT4Al4FhJ/tSdjjDHGGGOMMXZBX1Gp46Xnz0v/4vP3ns/j1eWcHHA5/kfP54wxxhhjjDHGGLvynuva7enHL31z7/HExNYdf3nln2lU/Vd2/tcbTeDfNTI3frfhPcClVxQA/MkBAc435H/yLDb/R46VfPFq+Z9dy077ALoVu/ilx7/uoLF/vhb/l8aV+huJMcYYY4wx9u9y+ab/16+rKzUhxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsG/pP/HdiV/ocGWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsSvtvwIAAP//2AP46Q==") mount$nfs(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) 2.133124329s ago: executing program 5 (id=3375): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c010000060a0b04000000000000000002000001300004802c0001800b0001006e756d67656e00001c000280080003400000000108000240fffffffc080001400000000a0900010073797a30000000000900020073797a3200000000ce0007"], 0x154}, 0x1, 0x0, 0x0, 0x880}, 0x0) 1.844100181s ago: executing program 3 (id=3376): newfstatat(0xffffffffffffff9c, &(0x7f00000004c0)='.\x00', &(0x7f0000005280)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x0) setuid(r0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0) 1.771346147s ago: executing program 0 (id=3377): r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0) capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)) write$sndseq(r0, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x5}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result}, {0x10, 0x0, 0x0, 0x0, @time={0x4, 0x7}, {}, {0x0, 0x80}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time}], 0x68) 1.562472262s ago: executing program 2 (id=3378): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0) 1.433048796s ago: executing program 5 (id=3379): r0 = syz_open_dev$vcsa(&(0x7f0000000040), 0x1, 0x40002) writev(r0, &(0x7f0000000c40)=[{0x0}, {&(0x7f00000005c0)="c21cfb", 0x3}, {&(0x7f00000007c0), 0x300}, {&(0x7f0000000900), 0x4000}], 0xe) read$FUSE(r0, &(0x7f0000002000)={0x2020}, 0x2020) 1.091487262s ago: executing program 0 (id=3380): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d0, &(0x7f0000001340)="$eJzs3cFvHFcdB/DvrNeOt1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeKitEKQAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmfXu/Y6Xif2OoHPJxrPe/Nm3vzmN29mvOusNsD/rctn0ryfIpfPvHG3rG+sL7Y31heP1M3tJGW5kTS7sxQ3k+JBslS2FwNTBubbfLx66a3PHm583q0166laf6q/3exYIY/Yx716ynzd3/zILafH6r/bVxVeXkxypZ4Pmxm3r6EVy6Sdrudw6Drb3NvL5jte78Czr/d0KrrPzW3mkhfqJ3P1O0F9d2hMLsKDsae7HAAAADynPr112BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA86f+/v+inhr1PPMpet//P9NbVpefQUtjr3n/QOMAAAAAAAAAgMn4+qM8yt0c7dU7RfU3/1NV5Xi+6CRfyvu5k5XcztnczXLWspbbOZ9kbqCjmbvLa2u3z/e3LI3e8sLILS9M6ogBAAAAAAAA4H/SL9Pa/Ps/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8C4pkqjurpuP1PHNpNLPZlnvJP5PMHHa8e1CMWnh/8nEAAADAU5l9gm2+/CiPcjdHe/VOUb3m/0r1enk27+dm1rKatbSzkqv1a+jyVX9jY32xvbG+eKOcyvpwv9//957CmKl7mKpqo/Z8slqjlWtZrZaczZUqmKtpdPd9OjnZi2cgrgEflTEV36uNGVmzTmu5s9/v9C7Cvhh+K6LxmDVbm8El/Yws1LGVWx7rZqCo3qhJtmZi17PTHKrNVb1O9/d0Po3+Oz/HDyDnL9Tz8nh+c6A536t+JhqpMnGhN/rKa+bxmUi+8dc/vX29ffPd69funHl2DmkXUzss3zomFgcy8cpznYnmHtdfqDJxol+/nB/lJzmT+byZ21nNT7OctaykU7cv1+O5/Dn3+EwtDdXe3C2Smfq8dM/ZODHN54dVaTmnqm2PZjVFbuVqVvJ69e9CzufbuZiLuTRwhk/sGHd1bNVV39h61ffO9N9GBn/6m3WhvLv9dvMut/S4I95pdO6X7r2/zOuxgbx2R/3D/lrHBq6DhYEsvdTLzvTIzp/k3tj8al0o9/GrXZ4TkzVXZ6K8gHpPiV50L3cz0ayeRdvH+R865XZp3+x0ri+/t0P/97bUX6vn5bBa/9pua/eMPhX7qxwvL2W2vpMMj46y7eX+XWagrbM5lrttw0/ccrsTVVtR9K7UH+dWNQC2X6kz9e9w23u6ULW9MrJtsWo7OdA29PtWbqWdqxPIHwBP4h9v94tzeWGm9a/Wp61PWr9uXW+9MfuDI9858upMpv8+/d3mwtRrjVeLv+ST/Hzz9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDk7nzw4bvL7fbK7dGFxs5NQ4VWti7Zqecjo/sp6i/0GWNfz0VhNsnQkup7jiYeRmtrGNsKnV8kE89P70sER6/zu7LQ3DaiRhWWhpb8eXuHH+0xwmK86+IAC41MdqdTGT0ADvGmBEzEubUb752788GH31q9sfzOyjsrN6cvXry0cOni64vnrq22Vxa6Pw87SuAgbD70DzsSAAAAAAAAAAAAYFyjPhhw6sXdPjQy1mc8/M9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYF9cPpPm/RQ5v3B2oaxvrC+2y6lX3lyzmaTRSIqfJcWDZCndKXMD3RX544N0Ruzn49VLb332cOPzzb6a3fWTRj3f2eNbk9yrp8wnmarnT2GovytP3V/xn94xlAn7otPpLD1dfLA//hsAAP//P3v0tA==") mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) symlink(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.022288165s ago: executing program 3 (id=3381): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file1\x00', 0xa00004, &(0x7f00000021c0)=ANY=[@ANYBLOB='adinicb,dmode=00000000000000000000007,utf8,uid=', @ANYRESDEC=0x0, @ANYBLOB=',novrs,iocharset=macinuit,mode=00000000000000000000010,iocharset=cp866,adinicb,rootdir=00000000000000000007,lastblock=00000000000000000007,gid=forget,uid=', @ANYRESDEC=0x0, @ANYBLOB=',euid<', @ANYRESDEC, @ANYBLOB=',fowner>', @ANYRESDEC=0x0, @ANYBLOB="2c64697273796e632c736d61636b66736861743d292340212c7065726d69745f646972656374696f2c657569643e0c2f07f5779950e665b4ae3e43575857173f373b048c027d465e2335951245dc34bc32af9cfd5ab77a4e4b9cbe524f5eca478ae9481b63d1cd48022e71f1af9c6154c88c9db8c754221ad578c217d750a3c9f284340fe7bef8404743036281f37c4093c4c50716e6ed10e0", @ANYRESDEC=0x0, @ANYBLOB=',smackfshat=**$,\x00'], 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=") r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83) fchown(r0, 0xee01, 0xffffffffffffffff) 958.588708ms ago: executing program 4 (id=3382): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setownex(r1, 0xf, &(0x7f0000000100)={0x2}) sendmsg$unix(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="b5", 0x1}], 0x1}, 0x240408c1) 642.512764ms ago: executing program 5 (id=3383): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000000)=@bpf_lsm={0x10, 0x5, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000000000000000000fcffffff7910000000000000c3704c000000000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0xb, &(0x7f00000002c0)=""/177, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@typedef={0x7}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x12) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r0, 0x58, &(0x7f00000002c0)}, 0x10) 206.588826ms ago: executing program 4 (id=3384): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x68}}, 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000180), 0x0, 0x0) ioctl$I2C_RDWR(r0, 0x707, &(0x7f00000000c0)={&(0x7f0000000080), 0x23}) 127.520055ms ago: executing program 5 (id=3385): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0xb0000005}) 16.991487ms ago: executing program 0 (id=3386): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000480)="dca54048e43a7f567b212a162ef19706ae", 0x11}, {0x0}], 0x2) 0s ago: executing program 2 (id=3387): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x441e, &(0x7f0000000780), 0x1, 0x43c, &(0x7f0000000280)="$eJzs28tvG0UYAPBv7SR9k1CVR9MCgYKIeCRNWkoPXEAgcQAJCQ7lGJK0CnUb1ASJVhEEhMoRVeKOOCLxF3CCCwJOSFzhjipVKJcWTkZr7ya2Y7tJ6tSh/v2kbWd2x5n5vDv2zI43gJ41kv6TROyPiD8iYrCarS8wUv3v1srS9D8rS9NJlMtv/51Uyt1cWZrOi+av25dn+iIKnydxpEm9C5evnJ8qlWYvZfnxxQsfjC9cvvL83IWpc7PnZi9Onj598sTEi6cmX+hInGlcN4c/nj96+PV3r705febae798l+TxN8TRISPtDj5VLne4uu46UJNO+rrYEDalWO2m0V/p/4NRjLWTNxivfdbVxgHbqlwulx9sfXi5DNzDkuh2C4DuyL/o0/lvvt2loceOcOPl6gQojftWtlWP9EUhK9PfML/tpJGIOLP879fpFttzHwIAoM4P6fjnuWbjv0LU3he6L1tDGYqI+yPiYESciohDEfFARKXsQxHx8Cbrb1wkWT/+KVzfUmAblI7/XsrWturHf/noL4aKWe5AJf7+5OxcafZ49p6MRv+uND/Rpo4fX/39y1bHasd/6ZbWn48Fs3Zc79tV/5qZqcWpO4m51o1PI4b7msWfrK4EJBFxOCKGt1jH3DPfHm117Pbxt9GBdabyNxFPV8//cjTEn0var0+O747S7PHx/KpY79ffrr7Vqv47ir8D0vO/t+n1vxr/UFK7Xruw+Tqu/vlFyznNVq//geSdun0fTS0uXpqIGEjeqDa6dv9kQ7nJtfJp/KPHsvgH6vv/wVh7J45ERHoRPxIRj0bEY1nbH4+IJyLiWJv4f37lyfe3Fv/uNn+1M9L4ZzZ1/tcSA9G4p3mieP6n7+sqHdpo/JGd/5OV1Gi2ZyOffxtp19auZgAAAPj/KUTE/kgKY6vpQmFsrPob/kOxt1CaX1h89uz8hxdnqs8IDEV/Ib/TNVhzP3Qim9bn+cmG/InsvvFXxT2V/Nj0fGmm28FDj9vXov+n/ip2u3XAtvO8FvQu/R96l/4PvUv/h55U+ZVfk/6/pwttAbqg2ff/J11oB3D3NfR/y37QQ8z/oXfp/9C79H/oSQt74vYPyUtIrEtEYUc04x5MxI5oRrc/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrjvwAAAP//qSDljg==") setuid(0xee01) fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffed3) kernel console output (not intermixed with test programs): : bogus dirent @ nid 36 [ 487.953022][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 487.991279][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.027058][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.060645][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.076764][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.103260][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.150807][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.193419][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.216817][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.288660][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.310410][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.374715][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.417531][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.446889][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.494667][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.547683][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.627268][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.661903][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.692526][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.722878][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.763571][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.805306][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.839264][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.895082][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.949389][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 488.987122][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.016458][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.057050][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.106671][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.147659][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.177768][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.221828][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.249391][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.259319][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.300238][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.336998][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.402739][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.431704][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.462828][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.541550][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.587710][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.621396][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.655015][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.677199][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.719020][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.753009][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.806694][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.846840][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.897381][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.964509][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 489.973198][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.033697][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.060870][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.103619][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.133706][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.157260][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.206579][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.266886][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.318210][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.347007][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.376257][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.402822][ T5798] Bluetooth: hci4: Malformed LE Event: 0x0d [ 490.430033][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.486849][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.530673][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.577120][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.612586][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.646521][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.686004][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.708984][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.785396][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.827926][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.876503][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.925795][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.937532][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.966280][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 490.983674][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.019556][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.046531][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.118963][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.176119][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.205292][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.257504][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.291218][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.326849][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.363249][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.458704][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.493610][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.533967][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.567571][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.656507][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.696815][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.755903][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.798075][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.835956][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.859110][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.885677][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.927280][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 491.969382][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.016602][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.066575][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.103422][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.151092][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.232576][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.287002][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.317206][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.357009][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.396301][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.442508][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.516686][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.562734][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.608244][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.637864][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.691344][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.747480][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.799061][ T5801] erofs (device loop1): bogus dirent @ nid 36 [ 492.974379][ T30] audit: type=1326 audit(1750682024.528:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11017 comm="syz.0.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 493.124007][ T30] audit: type=1326 audit(1750682024.628:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11017 comm="syz.0.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 493.147012][ T30] audit: type=1326 audit(1750682024.628:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11017 comm="syz.0.1519" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 493.296705][T11022] ip6gretap1: entered promiscuous mode [ 493.302641][T11022] ip6gretap1: entered allmulticast mode [ 493.406027][T11028] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1522'. [ 493.710083][T11032] loop0: detected capacity change from 0 to 128 [ 493.825423][T11032] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 493.928886][T11032] ext4 filesystem being mounted at /308/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 494.426502][ T5791] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 495.115186][T11054] loop4: detected capacity change from 0 to 2048 [ 495.194454][T11054] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 495.351074][T11065] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 495.472677][T11054] NILFS (loop4): failed to count free inodes: err=-34 [ 495.473515][T11068] loop0: detected capacity change from 0 to 256 [ 495.818210][T11068] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 495.992203][ T5805] NILFS (loop4): DAT doesn't have a block to manage vblocknr = 8796093022222 [ 496.001663][ T5805] NILFS error (device loop4): nilfs_bmap_truncate: broken bmap (inode number=16) [ 496.076601][ T5805] Remounting filesystem read-only [ 496.081877][ T5805] NILFS (loop4): error -5 truncating bmap (ino=16) [ 496.165917][ T5805] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer [ 497.344208][T11098] loop2: detected capacity change from 0 to 64 [ 497.455420][T11102] SET target dimension over the limit! [ 497.511737][T11104] loop3: detected capacity change from 0 to 128 [ 498.824530][ T30] audit: type=1326 audit(1750682030.398:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11124 comm="syz.4.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f332a98e929 code=0x7ffc0000 [ 498.946556][ T30] audit: type=1326 audit(1750682030.488:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11124 comm="syz.4.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f332a98e929 code=0x7ffc0000 [ 498.969653][ T30] audit: type=1326 audit(1750682030.488:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11124 comm="syz.4.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f332a98e929 code=0x7ffc0000 [ 498.992262][ C0] vkms_vblank_simulate: vblank timer overrun [ 499.003424][ T30] audit: type=1326 audit(1750682030.488:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11124 comm="syz.4.1549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f332a98e929 code=0x7ffc0000 [ 499.025934][ C0] vkms_vblank_simulate: vblank timer overrun [ 499.181630][T11132] x_tables: ip_tables: ah match: only valid for protocol 51 [ 499.869551][ T5795] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 499.942199][ T5795] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 499.960356][ T5795] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 499.976360][ T5795] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 500.005077][ T5795] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 500.438039][T11142] vxcan1 speed is unknown, defaulting to 1000 [ 500.547471][T11160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1558'. [ 500.884733][T11157] loop0: detected capacity change from 0 to 4096 [ 501.200720][T11171] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 502.009784][T11194] 9pnet_fd: p9_fd_create_tcp (11194): problem connecting socket to 127.0.0.1 [ 502.113048][ T5795] Bluetooth: hci5: command tx timeout [ 502.187523][T11199] netlink: 'syz.2.1564': attribute type 10 has an invalid length. [ 502.195787][T11199] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.1564'. [ 502.205548][T11199] openvswitch: netlink: Message has 44053 unknown bytes. [ 502.763139][ T4971] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 503.003696][ T4971] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 503.292977][ T4971] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 503.512838][ T4971] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 504.183527][ T5795] Bluetooth: hci5: command tx timeout [ 504.311749][ T4971] bridge_slave_1: left allmulticast mode [ 504.317917][ T4971] bridge_slave_1: left promiscuous mode [ 504.332558][ T4971] bridge0: port 2(bridge_slave_1) entered disabled state [ 504.392183][T11323] usb usb1: check_ctrlrecip: process 11323 (syz.0.1574) requesting ep 01 but needs 81 [ 504.405213][T11323] usb usb1: usbfs: process 11323 (syz.0.1574) did not claim interface 0 before use [ 504.485770][ T4971] bridge_slave_0: left allmulticast mode [ 504.491692][ T4971] bridge_slave_0: left promiscuous mode [ 504.499278][ T4971] bridge0: port 1(bridge_slave_0) entered disabled state [ 504.741236][T11327] loop4: detected capacity change from 0 to 2048 [ 504.897321][T11327] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 505.385853][T11338] netlink: zone id is out of range [ 505.614485][ T4971] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 505.776095][ T4971] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 505.825752][ T4971] bond0 (unregistering): Released all slaves [ 505.987429][ T4971] bond1 (unregistering): Released all slaves [ 506.240286][T11142] chnl_net:caif_netlink_parms(): no params data found [ 506.274939][ T5795] Bluetooth: hci5: command tx timeout [ 507.935290][ T4971] hsr_slave_0: left promiscuous mode [ 507.951609][ T4971] hsr_slave_1: left promiscuous mode [ 507.964582][ T4971] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 507.972310][ T4971] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 507.985595][ T4971] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 507.993458][ T4971] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 508.162822][ T4971] veth1_macvtap: left promiscuous mode [ 508.169235][ T4971] veth0_macvtap: left promiscuous mode [ 508.175439][ T4971] veth1_vlan: left promiscuous mode [ 508.181021][ T4971] veth0_vlan: left promiscuous mode [ 508.337796][ T5795] Bluetooth: hci5: command tx timeout [ 509.786258][ T4971] team0 (unregistering): Port device team_slave_1 removed [ 509.825237][ T4971] team0 (unregistering): Port device team_slave_0 removed [ 510.112303][ T64] smc: removing ib device syz2 [ 510.963975][T11420] netlink: 288 bytes leftover after parsing attributes in process `syz.0.1594'. [ 510.973489][ T42] vxcan1 speed is unknown, defaulting to 1000 [ 510.983560][ T42] syz2: Port: 1 Link DOWN [ 511.348327][T11142] bridge0: port 1(bridge_slave_0) entered blocking state [ 511.360891][T11142] bridge0: port 1(bridge_slave_0) entered disabled state [ 511.371237][T11142] bridge_slave_0: entered allmulticast mode [ 511.384727][T11142] bridge_slave_0: entered promiscuous mode [ 511.675814][T11142] bridge0: port 2(bridge_slave_1) entered blocking state [ 511.683521][T11142] bridge0: port 2(bridge_slave_1) entered disabled state [ 511.691661][T11142] bridge_slave_1: entered allmulticast mode [ 512.020729][T11142] bridge_slave_1: entered promiscuous mode [ 512.143949][T11477] warning: `syz.0.1601' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 513.087617][T11142] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 513.286435][T11142] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 513.361770][T11516] kAFS: unable to lookup cell '/,cL' [ 513.635924][T11524] xt_cluster: you have exceeded the maximum number of cluster nodes (969 > 32) [ 514.020067][T11142] team0: Port device team_slave_0 added [ 514.165338][T11142] team0: Port device team_slave_1 added [ 514.656965][T11586] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 514.705402][T11142] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 514.712605][T11142] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 514.739616][T11142] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 514.929305][T11142] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 514.936673][T11142] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 514.963197][T11142] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 515.611656][T11142] hsr_slave_0: entered promiscuous mode [ 515.621960][T11142] hsr_slave_1: entered promiscuous mode [ 515.630828][T11142] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 515.638728][T11142] Cannot create hsr debugfs directory [ 516.950972][T11721] loop4: detected capacity change from 0 to 64 [ 517.598905][T11142] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 517.746725][T11142] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 517.833199][T11142] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 517.946082][T11142] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 518.349252][T11762] loop2: detected capacity change from 0 to 8 [ 518.541097][T11766] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 518.549905][T11766] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 518.562364][T11766] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 518.577402][T11762] SQUASHFS error: Unknown inode type 0 in squashfs_iget! [ 519.612869][T11142] 8021q: adding VLAN 0 to HW filter on device bond0 [ 519.891727][T11142] 8021q: adding VLAN 0 to HW filter on device team0 [ 520.083458][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 520.091283][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 520.215575][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 520.223136][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 520.470299][T11792] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1639'. [ 521.811025][T11808] loop3: detected capacity change from 0 to 4096 [ 521.915213][ T5849] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 521.923072][T11811] loop2: detected capacity change from 0 to 4096 [ 522.091588][T11830] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 522.103154][T11829] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 522.176635][ T5849] usb 1-1: Using ep0 maxpacket: 8 [ 522.198101][T11811] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=56, inode=144115188075855884, rec_len=0, name_len=0 [ 522.234789][ T5849] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 522.246887][ T5849] usb 1-1: config 179 has no interface number 0 [ 522.253458][ T5849] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 522.267226][ T5849] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 522.279025][ T5849] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 522.290536][T11808] NILFS error (device loop3): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1 [ 522.299195][T11811] Remounting filesystem read-only [ 522.300979][ T5849] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 522.317976][ T5849] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 522.328088][T11808] Remounting filesystem read-only [ 522.332410][ T5849] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 522.349363][ T5849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 522.824970][T11819] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 523.042611][T11142] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 523.456251][ T5849] usb 1-1: USB disconnect, device number 9 [ 523.462511][ C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 523.462739][ C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 526.520658][T11914] loop2: detected capacity change from 0 to 1764 [ 526.688728][T11142] veth0_vlan: entered promiscuous mode [ 526.816309][T11142] veth1_vlan: entered promiscuous mode [ 527.338523][T11142] veth0_macvtap: entered promiscuous mode [ 527.410074][T11142] veth1_macvtap: entered promiscuous mode [ 527.640125][T11142] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 527.765765][T11142] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 527.932427][T11142] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 527.941757][T11142] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 527.951138][T11142] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 527.960376][T11142] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 529.178313][T11973] 9pnet: Found fid 0 not clunked [ 530.136279][T11993] loop0: detected capacity change from 0 to 256 [ 530.860692][T11993] FAT-fs (loop0): Directory bread(block 64) failed [ 530.868034][T11993] FAT-fs (loop0): Directory bread(block 65) failed [ 530.875503][T11993] FAT-fs (loop0): Directory bread(block 66) failed [ 530.882303][T11993] FAT-fs (loop0): Directory bread(block 67) failed [ 530.889386][T11993] FAT-fs (loop0): Directory bread(block 68) failed [ 530.896414][T11993] FAT-fs (loop0): Directory bread(block 69) failed [ 530.903332][T11993] FAT-fs (loop0): Directory bread(block 70) failed [ 530.910344][T11993] FAT-fs (loop0): Directory bread(block 71) failed [ 530.917437][T11993] FAT-fs (loop0): Directory bread(block 72) failed [ 530.924849][T11993] FAT-fs (loop0): Directory bread(block 73) failed [ 531.722795][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 533.128065][T12054] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1694'. [ 533.137668][T12054] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1694'. [ 533.629303][T12062] loop3: detected capacity change from 0 to 256 [ 533.841913][T12062] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 533.851082][T12071] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1697'. [ 533.867367][T12071] tc_dump_action: action bad kind [ 534.431952][T12078] loop4: detected capacity change from 0 to 256 [ 534.517029][T12078] exfat: Deprecated parameter 'utf8' [ 534.767447][T12078] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 535.671890][T12112] loop4: detected capacity change from 0 to 64 [ 535.915628][T12112] Trying to free block not in datazone [ 535.921838][T12112] Trying to free block not in datazone [ 535.927737][T12112] Trying to free block not in datazone [ 535.933395][T12112] Trying to free block not in datazone [ 535.939415][T12112] Trying to free block not in datazone [ 535.945261][T12112] minix_free_block (loop4:6): bit already cleared [ 535.951948][T12112] Trying to free block not in datazone [ 535.957873][T12112] Trying to free block not in datazone [ 536.076354][T12119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1708'. [ 536.086821][T12119] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1708'. [ 536.115045][T12119] bridge5: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 536.119016][T12118] xt_l2tp: v2 doesn't support IP mode [ 537.014789][T12140] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 537.370800][ T2984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 537.382424][ T2984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 537.699980][ T4269] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 537.711687][ T4269] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 537.786253][T12164] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1716'. [ 537.796269][T12164] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1716'. [ 538.327040][T12171] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1719'. [ 538.716102][T12180] netdevsim netdevsim5 netdevsim0: entered promiscuous mode [ 538.752248][ T5795] Bluetooth: hci3: adv larger than maximum supported [ 540.623189][T12225] loop3: detected capacity change from 0 to 512 [ 540.815093][T12225] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 540.977269][T12225] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 540.994233][T12225] ext4 filesystem being mounted at /370/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 541.144934][T12225] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.1733: corrupted xattr block 32: bad e_name length [ 541.340842][T12240] loop2: detected capacity change from 0 to 256 [ 541.559780][T12240] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00000001) [ 541.720482][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 542.094974][T12252] trusted_key: encrypted_key: master key parameter is missing [ 542.740140][T12251] loop5: detected capacity change from 0 to 4096 [ 543.537715][T12287] program syz.0.1749 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 543.605429][T12287] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 543.845979][T12291] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1750'. [ 544.196802][T12275] loop3: detected capacity change from 0 to 8192 [ 545.056052][T12313] loop5: detected capacity change from 0 to 256 [ 545.939091][T12332] loop4: detected capacity change from 0 to 8 [ 546.125792][T12332] cramfs: Error -3 while decompressing! [ 546.131610][T12332] cramfs: ffffffff95527108(26)->ffff8880249f8000(4096) [ 546.139120][T12332] cramfs: Error -3 while decompressing! [ 546.145323][T12332] cramfs: ffffffff95527122(26)->ffff88805b4e2000(4096) [ 546.152824][T12332] cramfs: Error -3 while decompressing! [ 546.158876][T12332] cramfs: ffffffff95527108(26)->ffff8880249f8000(4096) [ 546.170839][ T30] audit: type=1800 audit(1750682077.758:32): pid=12332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1760" name="file2" dev="loop4" ino=348 res=0 errno=0 [ 546.361811][ T5966] udevd[5966]: incorrect cramfs checksum on /dev/loop4 [ 546.392772][T12341] loop2: detected capacity change from 0 to 16 [ 546.739913][ T5966] udevd[5966]: incorrect cramfs checksum on /dev/loop4 [ 546.966824][T12335] loop3: detected capacity change from 0 to 4096 [ 547.025801][T12335] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 549.205454][T12388] netlink: 'syz.5.1774': attribute type 1 has an invalid length. [ 550.409800][T12414] unsupported nla_type 52263 [ 550.665517][T12420] loop5: detected capacity change from 0 to 64 [ 550.726836][T12409] loop2: detected capacity change from 0 to 4096 [ 550.820106][T12409] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 552.054563][ T1743] usb 6-1: new low-speed USB device number 2 using dummy_hcd [ 552.111589][T12449] loop4: detected capacity change from 0 to 256 [ 552.182121][ T30] audit: type=1400 audit(1750682083.768:33): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(P\)" pid=12448 comm="syz.3.1792" [ 552.284763][ T1743] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 552.295500][ T1743] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 552.309018][ T1743] usb 6-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 552.318501][ T1743] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 552.507567][ T1743] usb 6-1: config 0 descriptor?? [ 552.576775][T12449] FAT-fs (loop4): Directory bread(block 64) failed [ 552.584175][T12449] FAT-fs (loop4): Directory bread(block 65) failed [ 552.591443][T12449] FAT-fs (loop4): Directory bread(block 66) failed [ 552.598831][T12449] FAT-fs (loop4): Directory bread(block 67) failed [ 552.606127][T12449] FAT-fs (loop4): Directory bread(block 68) failed [ 552.613101][T12449] FAT-fs (loop4): Directory bread(block 69) failed [ 552.620646][T12449] FAT-fs (loop4): Directory bread(block 70) failed [ 552.628564][T12449] FAT-fs (loop4): Directory bread(block 71) failed [ 552.635832][T12449] FAT-fs (loop4): Directory bread(block 72) failed [ 552.642836][T12449] FAT-fs (loop4): Directory bread(block 73) failed [ 552.749876][ T1743] usb 6-1: string descriptor 0 read error: -71 [ 552.762898][ T1743] qmi_wwan 6-1:0.0: probe with driver qmi_wwan failed with error -22 [ 552.806277][ T1743] usb 6-1: USB disconnect, device number 2 [ 552.916130][T12449] syz.4.1793: attempt to access beyond end of device [ 552.916130][T12449] loop4: rw=0, sector=1256, nr_sectors = 4 limit=256 [ 553.069556][T12449] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 328) [ 553.128689][T12449] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 328) [ 554.150246][T12494] netlink: 4268 bytes leftover after parsing attributes in process `syz.4.1800'. [ 554.160790][T12494] netlink: 4268 bytes leftover after parsing attributes in process `syz.4.1800'. [ 554.746438][T12497] loop2: detected capacity change from 0 to 2048 [ 554.795632][T12497] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 555.002838][T12497] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 555.469680][T12520] loop5: detected capacity change from 0 to 64 [ 557.198447][ T1743] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 557.494644][ T1743] usb 5-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 557.504398][ T1743] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 557.512835][ T1743] usb 5-1: Product: syz [ 557.517764][ T1743] usb 5-1: Manufacturer: syz [ 557.522607][ T1743] usb 5-1: SerialNumber: syz [ 557.757468][ T1743] usb 5-1: config 0 descriptor?? [ 557.813053][ T1743] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 558.282635][ T1743] gspca_sq905c: sq905c_read: usb_control_msg failed (-71) [ 558.295370][ T1743] sq905c 5-1:0.0: Reading version command failed [ 558.302209][ T1743] sq905c 5-1:0.0: probe with driver sq905c failed with error -71 [ 558.378780][T12590] loop0: detected capacity change from 0 to 164 [ 558.436784][ T1743] usb 5-1: USB disconnect, device number 11 [ 558.630742][T12590] Unsupported NM flag settings (8) [ 559.134999][ T30] audit: type=1326 audit(1750682090.678:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54fb8e929 code=0x7ffc0000 [ 559.259539][ T30] audit: type=1326 audit(1750682090.768:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb54fb8d290 code=0x7ffc0000 [ 559.283605][ T30] audit: type=1326 audit(1750682090.768:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb54fb8e52b code=0x7ffc0000 [ 559.307633][ T30] audit: type=1326 audit(1750682090.768:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb54fb8e52b code=0x7ffc0000 [ 559.335252][ T30] audit: type=1326 audit(1750682090.798:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb54fb8e52b code=0x7ffc0000 [ 559.359820][ T30] audit: type=1326 audit(1750682090.798:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb54fb8e52b code=0x7ffc0000 [ 559.428980][ T1743] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 559.627567][ T1743] usb 6-1: Using ep0 maxpacket: 16 [ 559.689147][ T1743] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 559.700731][ T1743] usb 6-1: config 0 has no interfaces? [ 559.707203][ T1743] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 559.716878][ T1743] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 559.894442][ T30] audit: type=1326 audit(1750682090.998:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb54fb8e52b code=0x7ffc0000 [ 559.917350][ T30] audit: type=1326 audit(1750682090.998:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb54fb8e52b code=0x7ffc0000 [ 559.945883][ T30] audit: type=1326 audit(1750682091.038:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb54fb8e52b code=0x7ffc0000 [ 559.970646][ T30] audit: type=1326 audit(1750682091.038:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12603 comm="syz.5.1828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb54fb8e52b code=0x7ffc0000 [ 560.058146][ T1743] usb 6-1: config 0 descriptor?? [ 560.154266][ T5849] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 560.303103][T12632] loop2: detected capacity change from 0 to 64 [ 560.329881][ T1857] usb 6-1: USB disconnect, device number 3 [ 560.371381][ T5849] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF6, changing to 0x86 [ 560.384404][ T5849] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid maxpacket 65535, setting to 1024 [ 560.396950][ T5849] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x86 has invalid maxpacket 1024 [ 560.408236][ T5849] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 560.418497][ T5849] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 560.636712][ T5849] usb 4-1: config 0 descriptor?? [ 560.652578][T12624] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 560.703027][ T5849] gspca_main: spca561-2.14.0 probing abcd:cdee [ 560.917854][ T5849] spca561 4-1:0.0: probe with driver spca561 failed with error -22 [ 560.929002][ T5849] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 560.937425][ T5849] usb 4-1: MIDIStreaming interface descriptor not found [ 561.255658][T12659] loop4: detected capacity change from 0 to 256 [ 561.292254][ T5849] usb 4-1: USB disconnect, device number 7 [ 561.752299][T12659] FAT-fs (loop4): Directory bread(block 64) failed [ 561.760405][T12659] FAT-fs (loop4): Directory bread(block 65) failed [ 561.771436][T12659] FAT-fs (loop4): Directory bread(block 66) failed [ 561.779570][T12659] FAT-fs (loop4): Directory bread(block 67) failed [ 561.787662][T12659] FAT-fs (loop4): Directory bread(block 68) failed [ 561.794775][T12659] FAT-fs (loop4): Directory bread(block 69) failed [ 561.801740][T12659] FAT-fs (loop4): Directory bread(block 70) failed [ 561.808793][T12659] FAT-fs (loop4): Directory bread(block 71) failed [ 561.817066][T12659] FAT-fs (loop4): Directory bread(block 72) failed [ 561.824087][T12659] FAT-fs (loop4): Directory bread(block 73) failed [ 561.847144][T12687] netlink: 'syz.5.1839': attribute type 10 has an invalid length. [ 561.855538][T12687] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1839'. [ 562.913612][ T5961] udevd[5961]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 566.164539][ T5849] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 566.384311][ T5849] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 566.394803][ T5849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 566.526910][ T5849] usb 1-1: config 0 descriptor?? [ 566.845505][T12792] xt_addrtype: both incoming and outgoing interface limitation cannot be selected [ 566.976465][ T5849] usb 1-1: Cannot set MAC address [ 566.982523][ T5849] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 567.097992][ T5849] usb 1-1: USB disconnect, device number 10 [ 567.125990][T12799] loop2: detected capacity change from 0 to 512 [ 567.161401][T12799] EXT4-fs: Ignoring removed mblk_io_submit option [ 567.287972][T12799] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 567.306592][T12799] ext4 filesystem being mounted at /387/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 567.713650][T12819] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1873'. [ 567.866619][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 569.545249][T12863] loop3: detected capacity change from 0 to 256 [ 569.764513][T12863] exFAT-fs (loop3): start_clu is invalid cluster(0x400) [ 572.964506][T12938] : renamed from bond_slave_0 (while UP) [ 572.974498][T12936] syz.0.1908 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 573.014241][ T30] kauditd_printk_skb: 19 callbacks suppressed [ 573.014317][ T30] audit: type=1326 audit(1750682104.588:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12937 comm="syz.5.1909" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54fb8e929 code=0x7ffc0000 [ 573.495518][T12943] netlink: 176 bytes leftover after parsing attributes in process `syz.3.1910'. [ 573.552754][T12945] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1911'. [ 574.148264][T12954] loop2: detected capacity change from 0 to 2048 [ 574.310986][T12954] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 574.401282][T12961] binder: BC_ACQUIRE_RESULT not supported [ 574.407522][T12961] binder: 12959:12961 ioctl c0306201 200000000100 returned -22 [ 574.781676][ T5849] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 575.028073][ T5849] usb 1-1: New USB device found, idVendor=0471, idProduct=0329, bcdDevice=db.da [ 575.037687][ T5849] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 575.151903][ T5849] usb 1-1: config 0 descriptor?? [ 575.197834][ T5849] pwc: Philips SPC 900NC USB webcam detected. [ 575.440392][ T5849] pwc: Failed to set LED on/off time (-71) [ 575.468668][ T5849] pwc: send_video_command error -71 [ 575.474369][ T5849] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 575.482800][ T5849] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71 [ 575.558099][T12993] loop2: detected capacity change from 0 to 256 [ 575.651896][ T5849] usb 1-1: USB disconnect, device number 11 [ 575.870041][T13004] loop3: detected capacity change from 0 to 16 [ 575.943329][T13004] erofs (device loop3): mounted with root inode @ nid 36. [ 576.091123][T13004] erofs (device loop3): read error -95 @ 8200 of nid 36 [ 576.987938][T13032] tc_dump_action: action bad kind [ 578.205866][T13055] bridge5: entered allmulticast mode [ 578.336545][T13061] loop5: detected capacity change from 0 to 512 [ 578.963107][T13079] xt_hashlimit: overflow, try lower: 18446744073709551613/255 [ 579.510618][T13091] xt_limit: Overflow, try lower: 0/0 [ 580.001693][T13102] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1951'. [ 581.176614][T13130] loop4: detected capacity change from 0 to 256 [ 581.475075][T13138] netlink: 596 bytes leftover after parsing attributes in process `syz.2.1961'. [ 581.679248][T13130] FAT-fs (loop4): Directory bread(block 64) failed [ 581.686527][T13130] FAT-fs (loop4): Directory bread(block 65) failed [ 581.694006][T13130] FAT-fs (loop4): Directory bread(block 66) failed [ 581.700796][T13130] FAT-fs (loop4): Directory bread(block 67) failed [ 581.707961][T13130] FAT-fs (loop4): Directory bread(block 68) failed [ 581.715142][T13130] FAT-fs (loop4): Directory bread(block 69) failed [ 581.722086][T13130] FAT-fs (loop4): Directory bread(block 70) failed [ 581.729117][T13130] FAT-fs (loop4): Directory bread(block 71) failed [ 581.740203][T13130] FAT-fs (loop4): Directory bread(block 72) failed [ 581.748389][T13130] FAT-fs (loop4): Directory bread(block 73) failed [ 582.094723][ T30] audit: type=1800 audit(1750682113.668:64): pid=13130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1959" name="file3" dev="loop4" ino=1048634 res=0 errno=0 [ 583.731000][ T1743] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 583.943026][ T1743] usb 4-1: Using ep0 maxpacket: 16 [ 584.024639][ T1743] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5 [ 584.034238][ T1743] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 584.042517][ T1743] usb 4-1: Product: syz [ 584.047192][ T1743] usb 4-1: Manufacturer: syz [ 584.052041][ T1743] usb 4-1: SerialNumber: syz [ 584.192742][ T1743] usb 4-1: config 0 descriptor?? [ 584.291340][ T1743] visor 4-1:0.0: Sony Clie 3.5 converter detected [ 584.452370][T13181] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 584.463434][T13181] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 584.640802][ T1743] usb 4-1: clie_3_5_startup: get config number failed: -71 [ 584.649481][ T1743] visor 4-1:0.0: probe with driver visor failed with error -71 [ 584.757292][ T1743] usb 4-1: USB disconnect, device number 8 [ 586.474994][T13258] netlink: 'syz.3.1990': attribute type 9 has an invalid length. [ 586.483370][T13258] netlink: 'syz.3.1990': attribute type 7 has an invalid length. [ 586.491753][T13258] netlink: 'syz.3.1990': attribute type 8 has an invalid length. [ 586.781130][T13263] xt_hashlimit: overflow, try lower: 3/0 [ 587.276341][T13274] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1996'. [ 589.084534][T13308] loop2: detected capacity change from 0 to 164 [ 589.380485][T13308] rock: directory entry would overflow storage [ 589.387152][T13308] rock: sig=0x66, size=4, remaining=3 [ 589.548281][T13308] rock: directory entry would overflow storage [ 589.555153][T13308] rock: sig=0x66, size=4, remaining=3 [ 591.888548][T13350] loop4: detected capacity change from 0 to 512 [ 592.177510][T13350] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 592.195466][T13350] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it [ 592.206055][T13350] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.2020: Corrupt directory, running e2fsck is recommended [ 592.349702][T13350] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 592.359259][T13350] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.2020: corrupted in-inode xattr: invalid ea_ino [ 592.435217][T13350] EXT4-fs (loop4): Remounting filesystem read-only [ 592.447217][T13350] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 592.864242][T13350] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 593.058849][ T5805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.064053][T13368] loop5: detected capacity change from 0 to 256 [ 593.166468][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 593.797728][T13385] loop0: detected capacity change from 0 to 2048 [ 593.911037][T13385] NILFS (loop0): ifile inode (checkpoint number=2) corrupted [ 593.919212][T13385] NILFS (loop0): error -5 while loading last checkpoint (checkpoint number=2) [ 595.490833][T13421] loop2: detected capacity change from 0 to 512 [ 595.532887][T13421] EXT4-fs error (device loop2): ext4_init_orphan_info:585: comm syz.2.2038: inode #0: comm syz.2.2038: iget: illegal inode # [ 595.582355][T13421] EXT4-fs (loop2): get orphan inode failed [ 595.583166][T13421] EXT4-fs (loop2): mount failed [ 596.730950][T13456] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2046'. [ 597.362414][T13466] loop2: detected capacity change from 0 to 1764 [ 598.729488][ T5849] usb 1-1: new full-speed USB device number 12 using dummy_hcd [ 599.035236][ T5849] usb 1-1: config 5 has an invalid interface number: 123 but max is 0 [ 599.048838][ T5849] usb 1-1: config 5 has no interface number 0 [ 599.056905][ T5849] usb 1-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 599.069110][ T5849] usb 1-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid maxpacket 65535, setting to 64 [ 599.080638][ T5849] usb 1-1: config 5 interface 123 has no altsetting 0 [ 599.195818][T13511] loop2: detected capacity change from 0 to 256 [ 599.264547][T13511] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 599.275763][T13511] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 599.335793][ T5849] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 599.346249][ T5849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 599.359620][ T5849] usb 1-1: Product: syz [ 599.365738][ T5849] usb 1-1: Manufacturer: syz [ 599.370616][ T5849] usb 1-1: SerialNumber: syz [ 599.541868][T13511] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 599.578705][T13498] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 600.042086][ T5849] comedi comedi0: driver 'ni6501' has successfully auto-configured 'ni6501'. [ 600.132082][ T5849] usb 1-1: USB disconnect, device number 12 [ 602.704951][T13585] loop4: detected capacity change from 0 to 256 [ 603.820219][T13615] loop5: detected capacity change from 0 to 164 [ 603.939323][T13615] grow_buffers: requested out-of-range block 18446744073709549798 for device loop5 [ 603.950051][T13615] Unable to read rock-ridge attributes [ 605.432444][T13651] loop3: detected capacity change from 0 to 64 [ 606.584229][ T1743] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 606.794062][ T1743] usb 1-1: Using ep0 maxpacket: 32 [ 606.816236][ T5849] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 606.835387][ T1743] usb 1-1: unable to get BOS descriptor or descriptor too short [ 606.896212][ T1743] usb 1-1: config 1 interface 0 has no altsetting 0 [ 606.939078][ T1743] usb 1-1: New USB device found, idVendor=05ac, idProduct=0259, bcdDevice= 0.40 [ 606.948863][ T1743] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 606.957814][ T1743] usb 1-1: Product: syz [ 606.964309][ T1743] usb 1-1: Manufacturer: syz [ 606.969155][ T1743] usb 1-1: SerialNumber: syz [ 607.072236][ T5849] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 607.082081][ T5849] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 607.090554][ T5849] usb 6-1: Product: syz [ 607.095085][ T5849] usb 6-1: Manufacturer: syz [ 607.099924][ T5849] usb 6-1: SerialNumber: syz [ 607.269591][ T5849] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 607.334550][T12578] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 607.383365][ T1743] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input10 [ 607.427354][ T5129] bcm5974 1-1:1.0: could not read from device [ 607.471563][ T5129] bcm5974 1-1:1.0: could not read from device [ 607.540307][ T5129] bcm5974 1-1:1.0: could not read from device [ 607.582982][ T1743] usb 1-1: USB disconnect, device number 13 [ 607.601859][ T1857] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 607.606911][T12578] usb 5-1: Using ep0 maxpacket: 16 [ 607.707791][T12578] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 44, changing to 9 [ 607.720302][T12578] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 1475, setting to 1024 [ 608.086161][T12578] usb 5-1: New USB device found, idVendor=1870, idProduct=0001, bcdDevice=94.47 [ 608.095889][T12578] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 608.104442][T12578] usb 5-1: Product: syz [ 608.108847][T12578] usb 5-1: Manufacturer: syz [ 608.114003][T12578] usb 5-1: SerialNumber: syz [ 608.275686][ T1743] usb 6-1: USB disconnect, device number 4 [ 608.420210][T12578] usb 5-1: config 0 descriptor?? [ 608.428229][T13691] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 608.666612][ T1857] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 608.679437][ T1857] ath9k_htc: Failed to initialize the device [ 608.835480][ T1743] usb 6-1: ath9k_htc: USB layer deinitialized [ 608.882350][ T5849] usb 5-1: USB disconnect, device number 12 [ 609.970882][T13764] loop0: detected capacity change from 0 to 256 [ 610.333019][T13764] FAT-fs (loop0): Directory bread(block 64) failed [ 610.340587][T13764] FAT-fs (loop0): Directory bread(block 65) failed [ 610.347796][T13764] FAT-fs (loop0): Directory bread(block 66) failed [ 610.354805][T13764] FAT-fs (loop0): Directory bread(block 67) failed [ 610.361724][T13764] FAT-fs (loop0): Directory bread(block 68) failed [ 610.368822][T13764] FAT-fs (loop0): Directory bread(block 69) failed [ 610.375933][T13764] FAT-fs (loop0): Directory bread(block 70) failed [ 610.382716][T13764] FAT-fs (loop0): Directory bread(block 71) failed [ 610.389892][T13764] FAT-fs (loop0): Directory bread(block 72) failed [ 610.396865][T13764] FAT-fs (loop0): Directory bread(block 73) failed [ 611.446132][T13793] netlink: 'syz.5.2124': attribute type 1 has an invalid length. [ 611.454417][T13793] netlink: 'syz.5.2124': attribute type 3 has an invalid length. [ 611.465308][T13793] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2124'. [ 613.677171][T13841] loop5: detected capacity change from 0 to 1764 [ 614.132873][T13836] loop0: detected capacity change from 0 to 4096 [ 614.211931][T13836] ntfs3(loop0): It is recommened to use chkdsk. [ 614.277009][T13836] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00 [ 614.285694][T13836] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00 [ 614.294167][T13836] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00 [ 614.306646][T13836] ntfs3(loop0): try to read out of volume at offset 0x3fffffc0c00 [ 614.316519][T13836] ntfs3(loop0): try to read out of volume at offset 0x3fffffc1c00 [ 614.324919][T13836] ntfs3(loop0): try to read out of volume at offset 0x3fffffc2c00 [ 614.333115][T13836] ntfs3(loop0): try to read out of volume at offset 0x3fffffc4c00 [ 614.341803][T13836] ntfs3(loop0): try to read out of volume at offset 0x3fffffc8c00 [ 614.350177][T13836] ntfs3(loop0): try to read out of volume at offset 0x3fffffd0c00 [ 616.002792][T13886] loop0: detected capacity change from 0 to 512 [ 616.086409][T13886] EXT4-fs: Ignoring removed orlov option [ 616.139094][T13886] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 616.210673][T13886] EXT4-fs (loop0): orphan cleanup on readonly fs [ 616.237587][T13886] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2150: bg 0: block 248: padding at end of block bitmap is not set [ 616.270460][T13886] Quota error (device loop0): write_blk: dquota write failed [ 616.278875][T13886] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 616.289493][T13886] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2150: Failed to acquire dquot type 1 [ 616.420332][T13886] EXT4-fs (loop0): 1 truncate cleaned up [ 616.509055][T13886] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 616.607308][T13886] EXT4-fs: Ignoring removed orlov option [ 616.614041][T13886] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 616.703941][T13886] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 616.774305][T13886] EXT4-fs error (device loop0): __ext4_remount:6736: comm syz.0.2150: Abort forced by user [ 616.821828][T13886] EXT4-fs (loop0): Remounting filesystem read-only [ 616.832527][T13886] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 616.841543][T13886] ext4 filesystem being remounted at /436/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 617.131857][T13912] netlink: 288 bytes leftover after parsing attributes in process `syz.2.2157'. [ 617.266726][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 617.958584][T13931] loop3: detected capacity change from 0 to 512 [ 618.232260][T13931] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 618.243423][T13931] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 618.254088][T13931] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2163: Failed to acquire dquot type 1 [ 618.385776][T13931] EXT4-fs (loop3): 1 truncate cleaned up [ 618.394186][T13931] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 618.412852][T13931] ext4 filesystem being mounted at /456/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 618.479103][T13946] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2166'. [ 618.683240][T13931] Quota error (device loop3): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 618.694400][T13931] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 618.710623][T13931] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2163: Failed to acquire dquot type 1 [ 619.247239][T13959] netlink: 'syz.0.2170': attribute type 26 has an invalid length. [ 619.362749][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.578207][T13965] loop5: detected capacity change from 0 to 256 [ 620.106662][T13980] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 620.133923][T13982] loop2: detected capacity change from 0 to 512 [ 620.206339][T13982] EXT4-fs: Ignoring removed bh option [ 620.295037][T13982] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 620.305494][T13982] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 620.511239][T13982] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 620.604667][T13982] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 620.635779][T13982] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 620.734859][T13996] netlink: 188 bytes leftover after parsing attributes in process `syz.0.2180'. [ 620.863356][T13982] EXT4-fs error (device loop2): ext4_find_dest_de:2052: inode #2: block 3: comm syz.2.2176: bad entry in directory: inode out of bounds - offset=24, inode=134217739, rec_len=20, size=2048 fake=0 [ 621.205374][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 621.459238][T14012] netlink: zone id is out of range [ 621.471342][T14012] netlink: zone id is out of range [ 621.478274][T14012] netlink: zone id is out of range [ 621.486086][T14012] netlink: zone id is out of range [ 621.491421][T14012] netlink: zone id is out of range [ 621.497075][T14012] netlink: zone id is out of range [ 621.502422][T14012] netlink: zone id is out of range [ 621.507940][T14012] netlink: zone id is out of range [ 621.513243][T14012] netlink: zone id is out of range [ 621.518733][T14012] netlink: zone id is out of range [ 622.069542][T14005] loop3: detected capacity change from 0 to 4096 [ 622.144431][T14005] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 622.537498][T14005] ntfs3(loop3): ino=19, mi_enum_attr [ 622.665441][T14040] netlink: 'syz.0.2191': attribute type 14 has an invalid length. [ 622.673546][T14040] netlink: 168 bytes leftover after parsing attributes in process `syz.0.2191'. [ 622.754187][T14005] ntfs3(loop3): failed to convert "c46c" to cp850 [ 622.774454][T14005] ntfs3(loop3): ino=20, mi_enum_attr [ 623.622418][T14058] loop0: detected capacity change from 0 to 256 [ 623.877629][T14064] 8021q: adding VLAN 0 to HW filter on device bond0 [ 623.885800][T14058] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d) [ 623.904655][T14064] bond0: (slave rose0): Enslaving as an active interface with an up link [ 624.795521][T14089] netlink: 10 bytes leftover after parsing attributes in process `syz.4.2204'. [ 625.938497][ T5798] Bluetooth: hci5: command 0x0406 tx timeout [ 628.019061][T14149] cifs: Unknown parameter '2Q [ 628.019061][T14149] @"2ach}#`[T&:"1:ӭ'4,Zz-#F<]%gC [ 628.019061][T14149] S' [ 628.954021][T14166] loop5: detected capacity change from 0 to 128 [ 628.996828][T14166] adfs: Bad value for 'ownmask' [ 629.402847][T14182] netlink: 'syz.3.2229': attribute type 10 has an invalid length. [ 629.411204][T14182] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2229'. [ 629.420830][T14182] vlan0: entered promiscuous mode [ 629.427319][T14182] vlan0: entered allmulticast mode [ 629.432681][T14182] veth0_vlan: entered allmulticast mode [ 629.441429][T14182] bridge0: port 3(vlan0) entered blocking state [ 629.448390][T14182] bridge0: port 3(vlan0) entered disabled state [ 629.468918][T14182] bridge0: port 3(vlan0) entered blocking state [ 629.475955][T14182] bridge0: port 3(vlan0) entered forwarding state [ 630.472033][T14208] loop4: detected capacity change from 0 to 128 [ 630.577362][T14208] EXT4-fs: Ignoring removed nomblk_io_submit option [ 630.588126][T14208] EXT4-fs: Ignoring removed nomblk_io_submit option [ 630.664152][T14208] EXT4-fs (loop4): Test dummy encryption mode enabled [ 630.818702][T14208] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 630.826564][T14220] netlink: 'syz.3.2239': attribute type 2 has an invalid length. [ 630.918904][T14208] ext4 filesystem being mounted at /455/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 631.271353][T14208] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 631.798257][ T5805] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 632.210254][T14255] loop3: detected capacity change from 0 to 256 [ 632.307959][T14255] exfat: Deprecated parameter 'utf8' [ 632.558374][T14255] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 632.765793][T14265] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2249'. [ 634.718656][T14287] loop3: detected capacity change from 0 to 4096 [ 635.009527][T14309] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 635.140099][T14287] NILFS (loop3): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed [ 636.582439][T14346] loop5: detected capacity change from 0 to 128 [ 637.660860][T14375] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2279'. [ 637.969119][T14363] loop4: detected capacity change from 0 to 4096 [ 639.245739][T14396] delete_channel: no stack [ 640.052960][T14417] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2291'. [ 640.062575][T14417] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2291'. [ 640.254307][T14420] loop5: detected capacity change from 0 to 64 [ 641.798712][T14459] netlink: 'syz.5.2303': attribute type 21 has an invalid length. [ 642.475974][T14473] netlink: 'syz.5.2307': attribute type 1 has an invalid length. [ 642.484410][T14473] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2307'. [ 642.813090][T14482] loop2: detected capacity change from 0 to 64 [ 644.088614][T14501] loop2: detected capacity change from 0 to 2048 [ 644.244351][T14501] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 644.291719][T14512] binder: 14509:14512 ioctl c0046209 0 returned -22 [ 644.547319][T14501] UDF-fs: unknown compression code (0) [ 644.835805][T14524] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2320'. [ 646.020912][T14541] loop2: detected capacity change from 0 to 1764 [ 646.802479][T14564] netlink: 'syz.4.2331': attribute type 33 has an invalid length. [ 646.810863][T14564] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2331'. [ 646.883362][T14570] loop2: detected capacity change from 0 to 256 [ 647.048256][T14570] FAT-fs (loop2): Directory bread(block 1285) failed [ 647.152806][T14570] FAT-fs (loop2): FAT read failed (blocknr 1281) [ 648.499648][T14603] sit0: entered promiscuous mode [ 648.563238][T14603] netlink: 'syz.4.2342': attribute type 3 has an invalid length. [ 648.571869][T14603] netlink: 1 bytes leftover after parsing attributes in process `syz.4.2342'. [ 648.705154][T14608] netlink: 256 bytes leftover after parsing attributes in process `syz.5.2344'. [ 651.629162][T14668] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2363'. [ 651.638799][T14668] netlink: 'syz.0.2363': attribute type 2 has an invalid length. [ 651.647232][T14668] netlink: 'syz.0.2363': attribute type 1 has an invalid length. [ 651.850317][ T30] audit: type=1400 audit(1750682183.428:65): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F041 [ 652.295726][T14680] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2368'. [ 652.934607][T14692] net_ratelimit: 52 callbacks suppressed [ 652.934683][T14692] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 653.339964][T14702] autofs: Bad value for 'fd' [ 653.801790][T14696] loop0: detected capacity change from 0 to 4096 [ 654.616172][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 654.917119][T14725] netlink: 76 bytes leftover after parsing attributes in process `syz.4.2385'. [ 655.234076][T12578] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 655.438659][T12578] usb 6-1: Using ep0 maxpacket: 32 [ 655.479783][T12578] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 655.491843][T12578] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 655.610525][T12578] usb 6-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 655.621295][T12578] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 655.630225][T12578] usb 6-1: Product: syz [ 655.634765][T12578] usb 6-1: Manufacturer: syz [ 655.639598][T12578] usb 6-1: SerialNumber: syz [ 655.691316][T14750] loop3: detected capacity change from 0 to 256 [ 655.828468][T12578] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input12 [ 656.086945][T12578] usb 6-1: USB disconnect, device number 5 [ 656.193372][T12578] appletouch 6-1:1.0: input: appletouch disconnected [ 656.614045][T14783] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 656.626759][T14783] bond0: (slave lo): Error: Device can not be enslaved while up [ 657.556789][T14803] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2399'. [ 657.864194][ T1743] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 658.099489][ T1743] usb 5-1: Using ep0 maxpacket: 16 [ 658.149134][ T1743] usb 5-1: config 1 has an invalid descriptor of length 67, skipping remainder of the config [ 658.159962][ T1743] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 658.223004][T14816] netlink: 'syz.3.2404': attribute type 2 has an invalid length. [ 658.235696][T14816] netlink: 'syz.3.2404': attribute type 8 has an invalid length. [ 658.245230][T14816] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2404'. [ 658.275521][ T1743] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 658.286425][ T1743] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 658.295607][ T1743] usb 5-1: Product: syz [ 658.300036][ T1743] usb 5-1: Manufacturer: syz [ 658.305029][ T1743] usb 5-1: SerialNumber: syz [ 658.606699][ T1743] usb 5-1: 0:2 : does not exist [ 658.611945][ T1743] usb 5-1: unit 9 not found! [ 658.701468][ T1743] usb 5-1: 4:0: cannot get min/max values for control 1 (id 4) [ 658.857363][ T1743] usb 5-1: USB disconnect, device number 13 [ 659.236754][T12578] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 659.249564][ T6137] udevd[6137]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 659.474173][T12578] usb 4-1: Using ep0 maxpacket: 16 [ 659.545137][T12578] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 659.553459][T12578] usb 4-1: config 0 has no interface number 0 [ 659.646171][T12578] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 659.655687][T12578] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 659.667318][T12578] usb 4-1: Product: syz [ 659.671736][T12578] usb 4-1: Manufacturer: syz [ 659.677781][T12578] usb 4-1: SerialNumber: syz [ 659.785176][T12578] usb 4-1: config 0 descriptor?? [ 659.814129][T12578] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 660.267221][T12578] gspca_spca1528: reg_w err -71 [ 660.292215][T12578] spca1528 4-1:0.1: probe with driver spca1528 failed with error -71 [ 660.363879][T12578] usb 4-1: USB disconnect, device number 9 [ 661.011447][ T30] audit: type=1326 audit(1750682192.598:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14888 comm="syz.0.2418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 661.163247][ T30] audit: type=1326 audit(1750682192.688:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14888 comm="syz.0.2418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 661.187397][ T30] audit: type=1326 audit(1750682192.688:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14888 comm="syz.0.2418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 661.844664][T14905] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2424'. [ 661.854149][T14905] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2424'. [ 661.863372][T14905] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2424'. [ 662.965117][T14923] loop0: detected capacity change from 0 to 2048 [ 663.162140][T14937] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 663.421907][T14923] NILFS error (device loop0): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 663.537066][T14923] Remounting filesystem read-only [ 663.747017][T14943] loop5: detected capacity change from 0 to 16 [ 664.330323][T14957] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2437'. [ 664.340545][T14957] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2437'. [ 665.914420][T14993] loop3: detected capacity change from 0 to 8 [ 667.125247][T15021] netlink: 'syz.2.2457': attribute type 9 has an invalid length. [ 667.133459][T15021] netlink: 'syz.2.2457': attribute type 7 has an invalid length. [ 667.146034][T15021] netlink: 'syz.2.2457': attribute type 8 has an invalid length. [ 667.969436][T15040] loop2: detected capacity change from 0 to 512 [ 668.084212][T15040] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 668.093548][T15040] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 668.200670][T15040] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 668.221505][T15040] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 668.275085][T15040] System zones: 0-2, 18-18, 34-35 [ 668.288024][T15040] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 668.668788][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 669.499036][ T30] audit: type=1400 audit(1750682201.068:69): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AA009F5 pid=15071 comm="syz.5.2473" [ 670.267506][T15087] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2479'. [ 671.009734][T15103] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2484'. [ 671.023108][T15103] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2484'. [ 672.406890][T15130] loop5: detected capacity change from 0 to 1024 [ 672.834529][T12578] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 673.036018][T12578] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 673.044746][T12578] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 673.055368][T12578] usb 5-1: config 0 has no interface number 0 [ 673.061715][T12578] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 673.072048][T12578] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 673.216677][T12578] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 673.226718][T12578] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 673.235223][T12578] usb 5-1: Product: syz [ 673.239638][T12578] usb 5-1: Manufacturer: syz [ 673.244623][T12578] usb 5-1: SerialNumber: syz [ 673.334266][T12578] usb 5-1: config 0 descriptor?? [ 673.755311][T15167] xt_CT: You must specify a L4 protocol and not use inversions on it [ 673.816276][T12578] usbtouchscreen 5-1:0.117: probe with driver usbtouchscreen failed with error -71 [ 673.915373][T12578] usb 5-1: USB disconnect, device number 14 [ 674.426867][T15181] netlink: 'syz.2.2507': attribute type 21 has an invalid length. [ 674.435382][T15181] netlink: 144 bytes leftover after parsing attributes in process `syz.2.2507'. [ 675.266424][T15194] netlink: 'syz.5.2511': attribute type 3 has an invalid length. [ 675.274936][T15194] netlink: 666 bytes leftover after parsing attributes in process `syz.5.2511'. [ 675.717569][ T5849] usb 4-1: new full-speed USB device number 10 using dummy_hcd [ 675.859037][T15212] loop2: detected capacity change from 0 to 256 [ 675.907707][ T5849] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 675.919016][ T5849] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 676.005024][ T5849] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 676.014737][ T5849] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 676.023035][ T5849] usb 4-1: Product: syz [ 676.027687][ T5849] usb 4-1: Manufacturer: syz [ 676.032537][ T5849] usb 4-1: SerialNumber: syz [ 676.290363][T15212] FAT-fs (loop2): Directory bread(block 64) failed [ 676.297887][T15212] FAT-fs (loop2): Directory bread(block 65) failed [ 676.305359][T15212] FAT-fs (loop2): Directory bread(block 66) failed [ 676.312148][T15212] FAT-fs (loop2): Directory bread(block 67) failed [ 676.319414][T15212] FAT-fs (loop2): Directory bread(block 68) failed [ 676.326775][T15212] FAT-fs (loop2): Directory bread(block 69) failed [ 676.334058][T15212] FAT-fs (loop2): Directory bread(block 70) failed [ 676.341037][T15212] FAT-fs (loop2): Directory bread(block 71) failed [ 676.348856][T15212] FAT-fs (loop2): Directory bread(block 72) failed [ 676.361492][T15212] FAT-fs (loop2): Directory bread(block 73) failed [ 676.630742][ T5849] usb 4-1: 0:2 : does not exist [ 676.801668][ T5849] usb 4-1: USB disconnect, device number 10 [ 677.233576][ T6137] udevd[6137]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 678.259090][T15267] loop3: detected capacity change from 0 to 4096 [ 678.461482][T15278] xt_cgroup: path and classid specified [ 679.206697][T15267] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 679.825725][T15297] loop4: detected capacity change from 0 to 256 [ 679.987151][T15297] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 680.096537][T15297] exFAT-fs (loop4): error, data size is invalid(10) [ 680.103519][T15297] exFAT-fs (loop4): Filesystem has been set read-only [ 681.010604][T15326] loop2: detected capacity change from 0 to 1024 [ 681.208173][T15326] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 681.248584][T15329] loop0: detected capacity change from 0 to 2048 [ 681.304223][T15326] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.2543: missing EA_INODE flag [ 681.368268][T15326] EXT4-fs (loop2): Remounting filesystem read-only [ 681.405685][T15329] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 681.736840][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 682.941117][T15361] loop0: detected capacity change from 0 to 4096 [ 683.204264][T15374] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 684.553346][T15399] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2564'. [ 685.997677][T15413] loop0: detected capacity change from 0 to 4096 [ 686.065574][T15413] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 686.236837][T15433] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 686.321324][T15433] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 686.561875][T15413] ntfs3(loop0): ino=1e, "file1" attr_set_size [ 686.568539][T15413] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 686.576105][T15413] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 687.058151][T11999] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22. [ 687.115890][T15446] netlink: 'syz.4.2580': attribute type 30 has an invalid length. [ 687.126445][T15446] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6) [ 688.165439][T15470] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.2588'. [ 689.162017][T15493] netlink: 1010 bytes leftover after parsing attributes in process `syz.3.2596'. [ 689.171844][T15493] bridge: RTM_NEWNEIGH with invalid state 0x1 [ 689.365367][T15496] binfmt_misc: register: failed to install interpreter file ./file0 [ 690.296607][T15520] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2605'. [ 691.297435][T15545] netlink: 'syz.0.2614': attribute type 5 has an invalid length. [ 691.444953][T15548] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2615'. [ 691.527406][T15551] loop5: detected capacity change from 0 to 8 [ 691.956993][T15563] netlink: 'syz.0.2618': attribute type 1 has an invalid length. [ 691.965156][T15563] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2618'. [ 694.065273][T15611] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2635'. [ 695.573995][T12578] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 695.774606][T12578] usb 5-1: Using ep0 maxpacket: 8 [ 695.827915][T12578] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 695.888490][T12578] usb 5-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=46.08 [ 695.898235][T12578] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 695.906990][T12578] usb 5-1: Product: syz [ 695.911404][T12578] usb 5-1: Manufacturer: syz [ 695.919516][T12578] usb 5-1: SerialNumber: syz [ 696.007027][T12578] usb 5-1: config 0 descriptor?? [ 696.108181][T12578] comedi comedi0: Wrong number of endpoints [ 696.114668][T12578] dt9812 5-1:0.0: driver 'dt9812' failed to auto-configure device. [ 696.246305][T15657] netlink: 152 bytes leftover after parsing attributes in process `syz.2.2648'. [ 696.255900][T15657] netlink: 'syz.2.2648': attribute type 1 has an invalid length. [ 696.264252][T15657] netlink: 'syz.2.2648': attribute type 1 has an invalid length. [ 696.272215][T15657] netlink: 'syz.2.2648': attribute type 2 has an invalid length. [ 696.278673][T12578] usb 5-1: USB disconnect, device number 15 [ 696.280391][T15657] netlink: 'syz.2.2648': attribute type 1 has an invalid length. [ 696.294358][T15657] netlink: 'syz.2.2648': attribute type 1 has an invalid length. [ 696.359811][T15656] loop3: detected capacity change from 0 to 512 [ 696.533501][T15656] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 696.547259][T15656] ext4 filesystem being mounted at /549/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 697.159839][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 697.635241][T15692] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2653'. [ 697.740405][T15696] loop2: detected capacity change from 0 to 64 [ 697.874113][T15696] hfs: invalid extent max_key_len 1792 [ 697.919852][T15696] hfs: unable to open extent tree [ 697.925552][T15696] hfs: can't find a HFS filesystem on dev loop2 [ 698.395665][T15710] loop5: detected capacity change from 0 to 256 [ 699.139033][T15732] binder: 15729:15732 ioctl c018620c 200000000180 returned -22 [ 699.254756][T15738] netlink: 'syz.5.2668': attribute type 3 has an invalid length. [ 700.279924][T15760] loop4: detected capacity change from 0 to 64 [ 702.101978][T15805] loop3: detected capacity change from 0 to 1764 [ 702.959490][T15834] loop4: detected capacity change from 0 to 512 [ 703.150354][T15834] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 703.163881][T15834] ext4 filesystem being mounted at /544/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 703.515775][T15849] loop3: detected capacity change from 0 to 512 [ 703.543395][ T5805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 703.554979][T15849] EXT4-fs: Ignoring removed i_version option [ 703.561342][T15849] EXT4-fs: Ignoring removed mblk_io_submit option [ 703.736510][T15849] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.2702: inode #13: comm syz.3.2702: iget: illegal inode # [ 703.867413][T15849] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2702: couldn't read orphan inode 13 (err -117) [ 703.926479][T15849] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 704.030300][T15849] EXT4-fs error (device loop3): ext4_resize_begin:60: comm syz.3.2702: resize_inode disabled but reserved GDT blocks non-zero [ 704.083791][T15869] loop5: detected capacity change from 0 to 64 [ 704.101877][T15873] loop0: detected capacity change from 0 to 64 [ 704.205641][T15873] /dev/loop0: Can't open blockdev [ 704.471084][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 705.396203][T15910] loop2: detected capacity change from 0 to 512 [ 705.426716][T15910] EXT4-fs: inline encryption not supported [ 705.474199][T15910] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 705.564568][T15910] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002] [ 705.626605][T15910] System zones: 1-12 [ 705.754516][T15910] EXT4-fs (loop2): orphan cleanup on readonly fs [ 705.761795][T15910] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2716: invalid indirect mapped block 12 (level 1) [ 705.835412][T15910] EXT4-fs (loop2): Remounting filesystem read-only [ 705.842474][T15910] EXT4-fs (loop2): 1 truncate cleaned up [ 705.856969][T15910] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 706.136797][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 706.610929][T15935] usb usb8: usbfs: process 15935 (syz.2.2726) did not claim interface 0 before use [ 707.362730][T15951] loop0: detected capacity change from 0 to 512 [ 707.401779][T15951] EXT4-fs: Ignoring removed nomblk_io_submit option [ 707.490082][T15951] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8843e02c, mo2=0002] [ 707.572052][T15951] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.2731: invalid indirect mapped block 2683928664 (level 1) [ 707.670661][T15951] EXT4-fs (loop0): Remounting filesystem read-only [ 707.721337][T15951] EXT4-fs (loop0): 1 truncate cleaned up [ 707.729576][T15951] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 707.734482][T15966] loop2: detected capacity change from 0 to 764 [ 708.231720][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 708.914735][T15994] loop5: detected capacity change from 0 to 16 [ 708.952062][ T5795] Bluetooth: hci1: unexpected event for opcode 0x080f [ 709.594839][ T5849] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 709.868472][ T5849] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05 [ 709.878313][ T5849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 709.886756][ T5849] usb 1-1: Product: syz [ 709.891257][ T5849] usb 1-1: Manufacturer: syz [ 709.896376][ T5849] usb 1-1: SerialNumber: syz [ 709.992969][ T5849] usb 1-1: config 0 descriptor?? [ 710.085421][ T5849] go7007 1-1:0.0: probe with driver go7007 failed with error -12 [ 710.241982][ T5795] Bluetooth: hci0: Invalid handle: 0x21e5 > 0x0eff [ 710.247387][ T5849] usb 1-1: USB disconnect, device number 14 [ 710.507739][T16037] loop5: detected capacity change from 0 to 128 [ 711.501403][T16052] IPVS: length: 212 != 24 [ 711.733933][ T5849] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 711.921600][T16063] libceph: resolve '400' (ret=-3): failed [ 711.948035][ T5849] usb 3-1: Using ep0 maxpacket: 16 [ 712.029674][ T5849] usb 3-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 712.039342][ T5849] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 712.136966][ T5849] usb 3-1: config 0 descriptor?? [ 712.225218][ T5849] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 712.645902][ T5849] gspca_sonixj: reg_r err -71 [ 712.651220][ T5849] sonixj 3-1:0.0: probe with driver sonixj failed with error -71 [ 712.773571][ T5849] usb 3-1: USB disconnect, device number 7 [ 712.923149][T16078] loop0: detected capacity change from 0 to 64 [ 712.978234][ T5798] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 712.987936][ T5798] Bluetooth: hci1: Injecting HCI hardware error event [ 712.996797][ T5798] Bluetooth: hci1: hardware error 0x00 [ 715.054566][ T5798] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 715.238701][T16114] loop0: detected capacity change from 0 to 2048 [ 715.414015][T16124] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 716.054555][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 716.354640][T16138] loop5: detected capacity change from 0 to 1024 [ 717.284380][T16165] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2787'. [ 717.294167][T16165] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2787'. [ 718.259385][T16185] bond0: (slave gretap0): Error: Device type is different from other slaves [ 718.776010][T16181] loop3: detected capacity change from 0 to 4096 [ 719.011502][T16196] netlink: 'syz.4.2798': attribute type 9 has an invalid length. [ 719.210589][T16181] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 719.248657][T16181] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 719.336593][T16181] ntfs3(loop3): ino=1e, "file1" attr_set_size [ 720.087699][T16213] loop4: detected capacity change from 0 to 512 [ 720.229572][T16213] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 720.324296][T16213] System zones: 1-12 [ 720.364969][T16213] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.2803: Directory hole found for htree index block 0 [ 720.419672][T16213] EXT4-fs (loop4): Remounting filesystem read-only [ 720.426781][T16213] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 720.436114][T16213] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 720.456473][T16213] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 720.537325][T16233] netlink: 'syz.2.2808': attribute type 21 has an invalid length. [ 720.545893][T16233] netlink: 128 bytes leftover after parsing attributes in process `syz.2.2808'. [ 720.555512][T16233] netlink: 'syz.2.2808': attribute type 4 has an invalid length. [ 720.563488][T16233] netlink: 'syz.2.2808': attribute type 5 has an invalid length. [ 720.571613][T16233] netlink: 3 bytes leftover after parsing attributes in process `syz.2.2808'. [ 720.714994][T16213] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 721.099036][ T5805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 721.467663][T16254] xt_ecn: cannot match TCP bits for non-tcp packets [ 723.173369][T16293] netlink: ct family unspecified [ 723.179292][T16293] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 725.834225][T16351] loop4: detected capacity change from 0 to 512 [ 725.904690][T12578] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 726.068798][T16351] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2847: bg 0: block 248: padding at end of block bitmap is not set [ 726.119506][T16351] Quota error (device loop4): write_blk: dquota write failed [ 726.124986][T12578] usb 3-1: Using ep0 maxpacket: 8 [ 726.143176][T16351] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 726.155447][T16351] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.2847: Failed to acquire dquot type 1 [ 726.196843][T12578] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 726.203586][T16351] EXT4-fs (loop4): 1 truncate cleaned up [ 726.212658][T12578] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 726.217333][T16351] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 726.217706][T16351] ext4 filesystem being mounted at /574/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 726.228883][T12578] usb 3-1: Product: syz [ 726.228990][T12578] usb 3-1: Manufacturer: syz [ 726.229093][T12578] usb 3-1: SerialNumber: syz [ 726.311937][T12578] usb 3-1: config 0 descriptor?? [ 726.388305][T12578] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 726.823364][T12578] gspca_zc3xx: reg_r err -71 [ 726.829209][T12578] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 726.915682][T12578] usb 3-1: USB disconnect, device number 8 [ 727.028278][ T5805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 727.067323][T11999] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 727.076821][T11999] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1 [ 728.022660][T16403] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2859'. [ 728.033098][T16403] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2859'. [ 728.043031][T16403] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2859'. [ 728.254880][T16409] netlink: 'syz.0.2861': attribute type 4 has an invalid length. [ 728.554022][ T1857] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 728.729782][ T1857] usb 5-1: Using ep0 maxpacket: 16 [ 728.760044][ T1857] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 728.770925][ T1857] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 728.831896][ T1857] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 728.841819][ T1857] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 728.850713][ T1857] usb 5-1: Product: syz [ 728.855247][ T1857] usb 5-1: Manufacturer: syz [ 728.860093][ T1857] usb 5-1: SerialNumber: syz [ 728.877549][T16423] loop2: detected capacity change from 0 to 1764 [ 728.938873][T16423] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 729.068928][T16423] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 729.086969][T16431] netlink: 'syz.0.2867': attribute type 8 has an invalid length. [ 729.364822][ T1857] usb 5-1: cannot find UAC_HEADER [ 729.458595][ T1857] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22 [ 729.532035][ T1857] usb 5-1: USB disconnect, device number 16 [ 730.262963][ T6132] udevd[6132]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 731.494260][ T1857] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 731.744291][ T1857] usb 3-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac [ 731.758989][ T1857] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 731.769058][ T1857] usb 3-1: Product: syz [ 731.773481][ T1857] usb 3-1: Manufacturer: syz [ 731.778568][ T1857] usb 3-1: SerialNumber: syz [ 731.912540][ T1857] usb 3-1: config 0 descriptor?? [ 731.925417][T16502] openvswitch: netlink: Flow actions attr not present in new flow. [ 731.979172][ T1857] gspca_main: sunplus-2.14.0 probing 055f:c230 [ 732.410791][T16510] vim2m vim2m.0: Fourcc format (0x42474752) invalid. [ 732.424276][ T1857] gspca_sunplus: reg_r err -71 [ 732.429554][ T1857] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 732.514764][ T1857] usb 3-1: USB disconnect, device number 9 [ 733.451520][T16532] loop5: detected capacity change from 0 to 8 [ 734.734791][T16567] netlink: 'syz.5.2903': attribute type 2 has an invalid length. [ 734.742815][T16567] netlink: 'syz.5.2903': attribute type 1 has an invalid length. [ 735.221075][T16578] loop0: detected capacity change from 0 to 256 [ 735.866305][T16594] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 736.026741][T16598] loop3: detected capacity change from 0 to 256 [ 736.067637][T16598] exfat: Deprecated parameter 'namecase' [ 736.219118][T16598] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 736.287029][T16608] netlink: 'syz.4.2916': attribute type 20 has an invalid length. [ 737.039427][T16626] random: crng reseeded on system resumption [ 737.420119][T16632] loop5: detected capacity change from 0 to 2048 [ 738.499576][T16662] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 738.564903][T16662] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 738.804562][T16672] loop5: detected capacity change from 0 to 256 [ 739.248690][T16684] cgroup: release_agent respecified [ 741.098229][T16725] loop4: detected capacity change from 0 to 2048 [ 741.178792][T16725] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 741.282438][T16725] NILFS error (device loop4): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 741.293382][T16737] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 741.356714][T16725] Remounting filesystem read-only [ 741.472588][T16725] NILFS error (device loop4): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 741.488814][T16725] NILFS (loop4): error -5 reading inode: ino=12 [ 741.764816][T16747] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2959'. [ 741.774306][T16747] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2959'. [ 741.852722][T16751] xt_l2tp: missing protocol rule (udp|l2tpip) [ 742.342970][T16764] tmpfs: Bad value for 'mpol' [ 742.948092][T16781] loop5: detected capacity change from 0 to 256 [ 743.189166][T16779] loop4: detected capacity change from 0 to 1764 [ 743.309827][T16792] loop2: detected capacity change from 0 to 764 [ 744.890211][T16828] loop0: detected capacity change from 0 to 1024 [ 744.971180][T16828] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 745.116252][T16828] EXT4-fs warning (device loop0): ext4_empty_dir:3095: inode #11: comm syz.0.2980: directory missing '..' [ 745.530803][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 745.668529][T16855] loop3: detected capacity change from 0 to 8 [ 745.754770][T16856] xt_nat: multiple ranges no longer supported [ 745.868557][T16855] SQUASHFS error: Unable to read inode 0xe3 [ 747.454988][T16891] netlink: 'syz.4.2997': attribute type 2 has an invalid length. [ 748.515284][T16910] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3005'. [ 748.604159][T16904] loop3: detected capacity change from 0 to 2048 [ 748.746014][T16904] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 748.811953][T16914] loop5: detected capacity change from 0 to 256 [ 748.945277][ T30] audit: type=1800 audit(1750682280.518:70): pid=16904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3002" name="file1" dev="loop3" ino=1367 res=0 errno=0 [ 751.017483][ T5849] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 751.224665][ T5849] usb 4-1: Using ep0 maxpacket: 32 [ 751.264337][ T5849] usb 4-1: config 0 has an invalid interface number: 35 but max is 0 [ 751.272749][ T5849] usb 4-1: config 0 has no interface number 0 [ 751.390655][ T5849] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 751.400485][ T5849] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 751.408943][ T5849] usb 4-1: Product: syz [ 751.418384][ T5849] usb 4-1: Manufacturer: syz [ 751.423266][ T5849] usb 4-1: SerialNumber: syz [ 751.600492][T16965] loop0: detected capacity change from 0 to 2048 [ 751.611734][ T5849] usb 4-1: config 0 descriptor?? [ 751.962677][T16965] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 752.169994][ T5849] radio-si470x 4-1:0.35: si470x_get_report: usb_control_msg returned -71 [ 752.180159][ T5849] radio-si470x 4-1:0.35: probe with driver radio-si470x failed with error -5 [ 752.301420][ T5849] radio-raremono 4-1:0.35: this is not Thanko's Raremono. [ 752.425464][ T5849] usb 4-1: USB disconnect, device number 11 [ 752.455667][ T5963] udevd[5963]: setting owner of /dev/bus/usb/004/011 to uid=0, gid=0 failed: No such file or directory [ 753.268925][T16999] loop4: detected capacity change from 0 to 128 [ 753.453929][T16996] loop2: detected capacity change from 0 to 1024 [ 753.476875][T16999] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002] [ 753.514580][T16999] System zones: 1-3, 19-19, 35-36 [ 753.557013][T16999] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 753.601231][ T4971] hfsplus: b-tree write err: -5, ino 4 [ 753.678373][T16999] ext4 filesystem being mounted at /607/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 753.854855][T16999] EXT4-fs warning (device loop4): ext4_group_extend:1862: can't shrink FS - resize aborted [ 754.246186][T17016] netlink: 'syz.5.3032': attribute type 32 has an invalid length. [ 754.258573][T17016] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3032'. [ 754.268483][T17016] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 754.345090][ T5805] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 754.444358][T17019] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3033'. [ 755.014702][T17064] netlink: 'syz.2.3038': attribute type 49 has an invalid length. [ 755.863520][T17086] cgroup: none used incorrectly [ 756.016533][T17084] loop2: detected capacity change from 0 to 2048 [ 756.196387][T17084] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 756.284131][T17095] loop4: detected capacity change from 0 to 512 [ 756.440783][T17102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3049'. [ 756.450366][T17102] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3049'. [ 756.576227][T17095] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 756.589820][T17095] ext4 filesystem being mounted at /610/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 756.692430][ T5803] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.158508][T17114] loop0: detected capacity change from 0 to 16 [ 757.274822][ T5805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.322543][T17114] erofs (device loop0): mounted with root inode @ nid 36. [ 758.148726][T17140] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 758.198311][ T5849] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 758.453533][ T5849] usb 3-1: Using ep0 maxpacket: 8 [ 758.477966][ T5849] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 758.496739][ T5849] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 758.506869][ T5849] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 758.516949][ T5849] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024 [ 758.528570][ T5849] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 758.539063][ T5849] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 758.548625][ T5849] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 758.717401][ T5849] usb 3-1: config 0 descriptor?? [ 758.725659][T17132] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 759.050558][T16083] Bluetooth: hci2: unexpected event 0x17 length: 43 > 6 [ 759.255766][ T5798] Bluetooth: hci2: Opcode 0x0c03 failed: -71 [ 759.260480][ T5849] usb 3-1: USB disconnect, device number 10 [ 759.358724][T17163] loop4: detected capacity change from 0 to 1024 [ 759.494625][T17163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 759.762772][T17163] EXT4-fs warning (device loop4): empty_inline_dir:1775: bad inline directory (dir #12) - no `..' [ 760.166646][ T5805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 760.608938][T17201] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3073'. [ 760.982775][T17212] netlink: 'syz.5.3076': attribute type 10 has an invalid length. [ 761.076914][T17212] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 762.484363][ T5849] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 762.711442][ T5849] usb 1-1: config 0 has an invalid interface number: 217 but max is 0 [ 762.720305][ T5849] usb 1-1: config 0 has no interface number 0 [ 762.820153][ T5849] usb 1-1: New USB device found, idVendor=a168, idProduct=0618, bcdDevice=e3.a4 [ 762.830771][ T5849] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 762.839916][ T5849] usb 1-1: Product: syz [ 762.844691][ T5849] usb 1-1: Manufacturer: syz [ 762.849523][ T5849] usb 1-1: SerialNumber: syz [ 763.033507][ T5849] usb 1-1: config 0 descriptor?? [ 763.092651][ T5849] gspca_main: gspca_sn9c20x-2.14.0 probing a168:0618 [ 763.214959][T17259] xt_socket: unknown flags 0xc [ 763.504258][ T5849] gspca_sn9c20x: Write register 1001 failed -71 [ 763.510802][ T5849] gspca_sn9c20x: Device initialization failed [ 763.517513][ T5849] gspca_sn9c20x 1-1:0.217: probe with driver gspca_sn9c20x failed with error -71 [ 763.661850][ T5849] usb 1-1: USB disconnect, device number 15 [ 763.668032][T17268] binder: binder_mmap: 17266 200000000000-200000b36000 bad vm_flags failed -1 [ 763.740764][T17272] netlink: 'syz.3.3094': attribute type 3 has an invalid length. [ 764.766002][T17294] bridge0: port 3(veth1_virt_wifi) entered blocking state [ 764.773988][T17294] bridge0: port 3(veth1_virt_wifi) entered disabled state [ 764.781851][T17294] veth1_virt_wifi: entered allmulticast mode [ 764.790494][T17294] veth1_virt_wifi: left allmulticast mode [ 765.026086][T17302] (unnamed net_device) (uninitialized): down delay (4) is not a multiple of miimon (100), value rounded to 0 ms [ 765.552545][T17342] netlink: 180 bytes leftover after parsing attributes in process `syz.5.3106'. [ 767.822055][T17425] netlink: 'syz.5.3121': attribute type 8 has an invalid length. [ 768.007684][ T30] audit: type=1326 audit(1750682299.578:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17428 comm="syz.0.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 768.031863][ T30] audit: type=1326 audit(1750682299.578:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17428 comm="syz.0.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 768.248123][ T30] audit: type=1326 audit(1750682299.668:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17428 comm="syz.0.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 768.272037][ T30] audit: type=1326 audit(1750682299.668:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17428 comm="syz.0.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 768.295265][ T30] audit: type=1326 audit(1750682299.668:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17428 comm="syz.0.3123" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 768.495059][T17433] bond1: entered promiscuous mode [ 768.501738][T17433] 8021q: adding VLAN 0 to HW filter on device bond1 [ 769.157013][T17486] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3129'. [ 770.174665][ T1857] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 770.372491][ T1857] usb 4-1: config 0 has an invalid interface number: 156 but max is 0 [ 770.384342][ T1857] usb 4-1: config 0 has no interface number 0 [ 770.390729][ T1857] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 770.402395][ T1857] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 770.412805][ T1857] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0 [ 770.423242][ T1857] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 770.432725][ T1857] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 770.458672][ T1857] usb 4-1: config 0 descriptor?? [ 770.493343][ T1857] gspca_main: spca561-2.14.0 probing abcd:cdee [ 770.701713][ T1857] spca561 4-1:0.156: probe with driver spca561 failed with error -22 [ 770.713265][ T1857] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 770.721167][ T1857] usb 4-1: MIDIStreaming interface descriptor not found [ 770.777496][T17523] loop4: detected capacity change from 0 to 256 [ 770.834835][T17523] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 770.846241][T17523] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 770.955347][T17539] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3143'. [ 771.023533][ T1857] usb 4-1: USB disconnect, device number 12 [ 771.093113][T17523] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 771.542966][ T6136] udevd[6136]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.156/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 771.681752][ T30] audit: type=1326 audit(1750682303.248:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17559 comm="syz.5.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54fb8e929 code=0x7ffc0000 [ 771.713087][ T30] audit: type=1326 audit(1750682303.298:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17559 comm="syz.5.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54fb8e929 code=0x7ffc0000 [ 771.938709][ T30] audit: type=1326 audit(1750682303.398:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17559 comm="syz.5.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7fb54fb8e929 code=0x7ffc0000 [ 771.961873][ T30] audit: type=1326 audit(1750682303.398:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17559 comm="syz.5.3145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb54fb8e929 code=0x7ffc0000 [ 772.282425][T17572] kAFS: unparsable volume name [ 773.140003][T17585] loop0: detected capacity change from 0 to 1024 [ 773.167302][T17585] EXT4-fs: Ignoring removed orlov option [ 773.314757][T17585] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 773.912563][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 773.960845][T17607] xt_hashlimit: max too large, truncated to 1048576 [ 773.968519][T17607] No such timeout policy "syz1" [ 774.223097][T17615] netlink: 'syz.5.3161': attribute type 1 has an invalid length. [ 774.231596][T17615] netlink: 'syz.5.3161': attribute type 2 has an invalid length. [ 774.241046][T17615] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3161'. [ 775.149469][T17638] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3167'. [ 775.452121][T17644] loop3: detected capacity change from 0 to 256 [ 776.576961][T17670] loop5: detected capacity change from 0 to 1024 [ 777.476704][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 777.565739][T17696] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3183'. [ 778.247832][ T1857] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 778.494949][ T1857] usb 1-1: config 0 interface 0 has no altsetting 0 [ 778.501953][ T1857] usb 1-1: New USB device found, idVendor=090a, idProduct=1200, bcdDevice=24.87 [ 778.511580][ T1857] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 778.522118][ T30] audit: type=1326 audit(1750682310.068:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17712 comm="syz.4.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f332a98e929 code=0x7ffc0000 [ 778.664483][ T30] audit: type=1326 audit(1750682310.178:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17712 comm="syz.4.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f332a98e929 code=0x7ffc0000 [ 778.687642][ T30] audit: type=1326 audit(1750682310.178:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17712 comm="syz.4.3187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f332a98e929 code=0x7ffc0000 [ 778.691793][T17715] netlink: 'syz.5.3189': attribute type 3 has an invalid length. [ 778.719412][T17715] netlink: 'syz.5.3189': attribute type 3 has an invalid length. [ 778.726630][ T1857] usb 1-1: config 0 descriptor?? [ 778.727436][T17715] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3189'. [ 779.040721][ T1857] usb 1-1: string descriptor 0 read error: -71 [ 779.050584][ T1857] usb-storage 1-1:0.0: USB Mass Storage device detected [ 779.119041][ T1857] usb-storage 1-1:0.0: This device (090a,1200,2487 S 01 P 11) has an unneeded SubClass entry in unusual_devs.h (kernel 6.16.0-rc3-syzkaller) [ 779.119041][ T1857] Please send a copy of this message to and [ 779.304059][ T1857] usb 1-1: USB disconnect, device number 16 [ 779.747330][T17747] loop2: detected capacity change from 0 to 256 [ 780.504394][ T1857] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 780.731626][ T1857] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 780.775234][ T1857] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a [ 780.785380][ T1857] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 780.794372][ T1857] usb 1-1: Product: syz [ 780.798805][ T1857] usb 1-1: Manufacturer: syz [ 780.808565][ T1857] usb 1-1: SerialNumber: syz [ 780.947416][ T1857] usb 1-1: config 0 descriptor?? [ 781.227250][ T1857] usb 1-1: dvb_usb_v2: usb_bulk_msg() failed=-8 [ 781.234181][ T1857] dvb_usb_af9035 1-1:0.0: probe with driver dvb_usb_af9035 failed with error -8 [ 781.355049][ T1857] usb 1-1: USB disconnect, device number 17 [ 781.824247][ T5849] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 782.077286][ T5849] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 782.087921][ T5849] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 272, setting to 64 [ 782.099252][ T5849] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 782.110641][ T5849] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 782.272841][ T5849] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 782.283036][ T5849] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 782.291471][ T5849] usb 6-1: Manufacturer: syz [ 782.396669][ T5849] usb 6-1: config 0 descriptor?? [ 782.404768][T17794] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 782.425544][T17794] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 782.494860][T17813] overlay: ./file0 is not a directory [ 782.731773][T13708] usb 6-1: USB disconnect, device number 6 [ 783.885021][T17848] netlink: 'syz.3.3218': attribute type 5 has an invalid length. [ 787.513062][ T5849] IPVS: starting estimator thread 0... [ 787.615953][T17933] IPVS: using max 192 ests per chain, 9600 per kthread [ 788.034524][T17945] netlink: 84 bytes leftover after parsing attributes in process `syz.3.3251'. [ 788.044156][T17945] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3251'. [ 788.839579][T17967] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3257'. [ 789.141321][T17974] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 789.337127][T17979] loop4: detected capacity change from 0 to 1024 [ 789.365869][T17979] hfsplus: Unexpected value for 'barrier' [ 789.539373][T17979] kAFS: unable to lookup cell 'sYSAٸ?hrF5=X$jӋZ^ۺ2׳Hq=VJtd琎zhD A[stL}Zv݌̥ϳ܏y 43ۣ#989?\?mGiXR~Eڟ[_r/Wnn޸qOPML{2/D#DkLL~8@<T4lݬo\ŵX1q)+T_^dZiV/T>Vz;ղc˿,<@' [ 789.705238][ T5849] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 789.986776][ T5849] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 789.999352][ T5849] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 790.009648][ T5849] usb 6-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00 [ 790.024193][ T5849] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 790.255668][ T5849] usb 6-1: config 0 descriptor?? [ 790.581876][T18002] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3266'. [ 790.591690][T18002] netlink: 'syz.4.3266': attribute type 4 has an invalid length. [ 790.891163][ T5849] petalynx 0003:18B1:0037.0001: hidraw0: USB HID v0.04 Device [HID 18b1:0037] on usb-dummy_hcd.5-1/input0 [ 791.008734][T17997] syz.0.3265 (17997): drop_caches: 2 [ 791.014816][ T5849] usb 6-1: USB disconnect, device number 7 [ 791.797836][T18031] loop2: detected capacity change from 0 to 2048 [ 791.893244][T18031] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 792.038188][T18038] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 792.242300][ T30] audit: type=1800 audit(1750682323.808:83): pid=18031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3270" name="file0" dev="loop2" ino=13 res=0 errno=0 [ 792.354561][T18022] fido_id[18022]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 793.149302][T18060] vlan2: entered allmulticast mode [ 793.154936][T18060] gretap0: entered allmulticast mode [ 794.039058][T18080] loop0: detected capacity change from 0 to 256 [ 794.061631][T18079] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3286'. [ 795.455657][T18112] loop5: detected capacity change from 0 to 256 [ 796.624415][T18140] loop2: detected capacity change from 0 to 1024 [ 796.695640][T18140] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 796.901015][T18140] hfsplus: bad catalog entry type [ 796.910250][T18147] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3305'. [ 797.424206][T18156] loop4: detected capacity change from 0 to 2048 [ 797.562902][T18166] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 797.632501][T18169] loop0: detected capacity change from 0 to 64 [ 797.651824][T18165] loop5: detected capacity change from 0 to 1024 [ 797.777577][T18169] hfs: small file entry [ 798.460377][T18189] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3314'. [ 799.053071][T18204] loop3: detected capacity change from 0 to 128 [ 799.190985][T18204] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 799.304956][T18204] ext4 filesystem being mounted at /686/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 799.322547][T18221] loop4: detected capacity change from 0 to 512 [ 799.353849][ T5849] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 799.521686][T18221] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 799.547749][T18221] EXT4-fs (loop4): orphan cleanup on readonly fs [ 799.575773][ T5849] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 799.587930][ T5849] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 799.597424][ T5849] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 799.606935][ T5849] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 799.629599][T18221] Quota error (device loop4): find_block_dqentry: Quota for id 0 referenced but not present [ 799.631007][ T5849] usb 3-1: config 0 descriptor?? [ 799.642146][T18221] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 799.662264][T18221] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.3321: Failed to acquire dquot type 1 [ 799.714399][ T5849] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 799.721402][ T5849] dvb-usb: bulk message failed: -22 (3/0) [ 799.764042][T18221] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3321: bg 0: block 40: padding at end of block bitmap is not set [ 799.853508][T18221] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 799.887308][ T5849] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 799.905086][T18221] EXT4-fs (loop4): 1 truncate cleaned up [ 799.914209][T18221] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 799.982760][T18203] dvb-usb: bulk message failed: -22 (2/0) [ 799.985879][ T5849] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 799.997487][ T5849] usb 3-1: media controller created [ 800.040844][ T5849] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 800.187676][ T5849] dvb-usb: bulk message failed: -22 (6/0) [ 800.194171][ T5849] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 800.234952][ T5792] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 800.316686][ T5849] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input18 [ 800.424863][ T5849] dvb-usb: schedule remote query interval to 150 msecs. [ 800.432203][ T5849] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 800.584213][ T1857] dvb-usb: bulk message failed: -22 (1/0) [ 800.590257][ T1857] dvb-usb: error while querying for an remote control event. [ 800.644426][ T5849] usb 3-1: USB disconnect, device number 11 [ 800.717207][ T5805] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 800.898651][T18250] loop0: detected capacity change from 0 to 256 [ 801.145263][ T5849] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 801.254663][T18265] netlink: 136 bytes leftover after parsing attributes in process `syz.4.3328'. [ 801.420668][T18250] FAT-fs (loop0): Directory bread(block 64) failed [ 801.427806][T18250] FAT-fs (loop0): Directory bread(block 65) failed [ 801.436382][T18250] FAT-fs (loop0): Directory bread(block 66) failed [ 801.443192][T18250] FAT-fs (loop0): Directory bread(block 67) failed [ 801.450464][T18250] FAT-fs (loop0): Directory bread(block 68) failed [ 801.458211][T18250] FAT-fs (loop0): Directory bread(block 69) failed [ 801.465461][T18250] FAT-fs (loop0): Directory bread(block 70) failed [ 801.472263][T18250] FAT-fs (loop0): Directory bread(block 71) failed [ 801.479466][T18250] FAT-fs (loop0): Directory bread(block 72) failed [ 801.492065][T18250] FAT-fs (loop0): Directory bread(block 73) failed [ 803.159703][T18294] loop2: detected capacity change from 0 to 256 [ 803.210460][T18294] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 803.222204][T18294] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 803.350243][T18294] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 803.932448][T18308] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3342'. [ 804.011412][T18308] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3342'. [ 804.780132][T18327] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3347'. [ 806.087181][T13708] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 806.221843][T18367] loop0: detected capacity change from 0 to 1024 [ 806.279693][T18367] EXT4-fs: Ignoring removed nobh option [ 806.286028][T18367] EXT4-fs: Ignoring removed bh option [ 806.346859][T13708] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 806.358777][T13708] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 806.369143][T13708] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 806.382525][T13708] usb 3-1: New USB device found, idVendor=056a, idProduct=0027, bcdDevice= 0.00 [ 806.392080][T13708] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 806.534914][T18366] loop3: detected capacity change from 0 to 4096 [ 806.541008][T18367] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 806.638456][T13708] usb 3-1: config 0 descriptor?? [ 806.671827][T18366] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 807.189258][ T5791] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 807.202174][T13708] wacom 0003:056A:0027.0002: unbalanced collection at end of report description [ 807.269049][T13708] wacom 0003:056A:0027.0002: parse failed [ 807.276072][T13708] wacom 0003:056A:0027.0002: probe with driver wacom failed with error -22 [ 807.377144][T13708] usb 3-1: USB disconnect, device number 12 [ 807.402459][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 808.172575][T18408] loop5: detected capacity change from 0 to 2048 [ 808.731695][T18419] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3367'. [ 809.118385][T18425] loop3: detected capacity change from 0 to 512 [ 809.242945][T18425] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 809.306991][T18433] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 809.324041][T18425] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0102] [ 809.324989][T18425] EXT4-fs (loop3): orphan cleanup on readonly fs [ 809.377812][T18425] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.3369: attempt to clear invalid blocks 1024 len 1 [ 809.496761][T18425] EXT4-fs (loop3): Remounting filesystem read-only [ 809.554553][T18425] EXT4-fs (loop3): 1 truncate cleaned up [ 809.562749][T18425] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 809.789151][T18425] kernel profiling enabled (shift: 63) [ 809.795063][T18425] profiling shift: 63 too large [ 809.966693][ T30] audit: type=1326 audit(1750682341.558:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18447 comm="syz.0.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 809.995020][ T30] audit: type=1326 audit(1750682341.558:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18447 comm="syz.0.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 810.020467][ T30] audit: type=1326 audit(1750682341.568:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18447 comm="syz.0.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 810.043518][ T30] audit: type=1326 audit(1750682341.568:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18447 comm="syz.0.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 810.066505][ T30] audit: type=1326 audit(1750682341.568:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18447 comm="syz.0.3373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f073ab8e929 code=0x7ffc0000 [ 810.278160][T18453] loop4: detected capacity change from 0 to 256 [ 810.317793][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 810.416065][T18453] exfat: Deprecated parameter 'utf8' [ 810.421782][T18453] exfat: Deprecated parameter 'utf8' [ 810.660504][T18453] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x7bac8b1f, utbl_chksum : 0xe619d30d) [ 811.468672][T18474] loop0: detected capacity change from 0 to 1024 [ 811.696840][T18477] loop3: detected capacity change from 0 to 2048 [ 811.799631][T18477] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 812.155284][ T3436] ===================================================== [ 812.162570][ T3436] BUG: KMSAN: uninit-value in hfsplus_cat_case_cmp_key+0xd9/0x190 [ 812.172124][ T3436] hfsplus_cat_case_cmp_key+0xd9/0x190 [ 812.178462][ T3436] hfs_find_rec_by_key+0xab/0x240 [ 812.183970][ T3436] __hfsplus_brec_find+0x274/0x840 [ 812.189336][ T3436] hfsplus_brec_find+0x4df/0x9f0 [ 812.194661][ T3436] hfsplus_brec_read+0x46/0x1f0 [ 812.199759][ T3436] hfsplus_find_cat+0xb5/0x4f0 [ 812.204880][ T3436] hfsplus_cat_write_inode+0x2ca/0xe20 [ 812.210551][ T3436] hfsplus_write_inode+0x178/0x960 [ 812.216056][ T3436] __writeback_single_inode+0x88f/0x1190 [ 812.221912][ T3436] writeback_sb_inodes+0xaa9/0x1c90 [ 812.227508][ T3436] wb_writeback+0x4ce/0xc00 [ 812.232207][ T3436] wb_workfn+0x397/0x1910 [ 812.236822][ T3436] process_scheduled_works+0xb91/0x1d80 [ 812.248483][ T3436] worker_thread+0xedf/0x1590 [ 812.253408][ T3436] kthread+0xd5c/0xf00 [ 812.259962][ T3436] ret_from_fork+0x1e3/0x310 [ 812.264873][ T3436] ret_from_fork_asm+0x1a/0x30 [ 812.269856][ T3436] [ 812.272284][ T3436] Uninit was created at: [ 812.277026][ T3436] __kmalloc_noprof+0x95f/0x1310 [ 812.282150][ T3436] hfsplus_find_init+0x90/0x1d0 [ 812.287843][ T3436] hfsplus_cat_write_inode+0x1a8/0xe20 [ 812.293698][ T3436] hfsplus_write_inode+0x178/0x960 [ 812.299029][ T3436] __writeback_single_inode+0x88f/0x1190 [ 812.305099][ T3436] writeback_sb_inodes+0xaa9/0x1c90 [ 812.310525][ T3436] wb_writeback+0x4ce/0xc00 [ 812.315499][ T3436] wb_workfn+0x397/0x1910 [ 812.320022][ T3436] process_scheduled_works+0xb91/0x1d80 [ 812.326013][ T3436] worker_thread+0xedf/0x1590 [ 812.330936][ T3436] kthread+0xd5c/0xf00 [ 812.335303][ T3436] ret_from_fork+0x1e3/0x310 [ 812.340074][ T3436] ret_from_fork_asm+0x1a/0x30 [ 812.351267][ T3436] [ 812.355499][ T3436] CPU: 0 UID: 0 PID: 3436 Comm: kworker/u8:10 Not tainted 6.16.0-rc3-syzkaller #0 PREEMPT(undef) [ 812.366450][ T3436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 812.376975][ T3436] Workqueue: writeback wb_workfn (flush-7:0) [ 812.383235][ T3436] ===================================================== [ 812.390478][ T3436] Disabling lock debugging due to kernel taint [ 812.396955][ T3436] Kernel panic - not syncing: kmsan.panic set ... [ 812.403555][ T3436] CPU: 0 UID: 0 PID: 3436 Comm: kworker/u8:10 Tainted: G B 6.16.0-rc3-syzkaller #0 PREEMPT(undef) [ 812.416127][ T3436] Tainted: [B]=BAD_PAGE [ 812.420414][ T3436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 812.430738][ T3436] Workqueue: writeback wb_workfn (flush-7:0) [ 812.437021][ T3436] Call Trace: [ 812.440441][ T3436] [ 812.443492][ T3436] __dump_stack+0x26/0x30 [ 812.448039][ T3436] dump_stack_lvl+0x53/0x270 [ 812.452841][ T3436] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 812.458893][ T3436] dump_stack+0x1e/0x25 [ 812.463246][ T3436] panic+0x4bd/0xd50 [ 812.467403][ T3436] kmsan_report+0x31c/0x320 [ 812.472122][ T3436] ? __msan_warning+0x1b/0x30 [ 812.477010][ T3436] ? hfsplus_cat_case_cmp_key+0xd9/0x190 [ 812.482876][ T3436] ? hfs_find_rec_by_key+0xab/0x240 [ 812.488332][ T3436] ? __hfsplus_brec_find+0x274/0x840 [ 812.493854][ T3436] ? hfsplus_brec_find+0x4df/0x9f0 [ 812.499206][ T3436] ? hfsplus_brec_read+0x46/0x1f0 [ 812.504469][ T3436] ? hfsplus_find_cat+0xb5/0x4f0 [ 812.509606][ T3436] ? hfsplus_cat_write_inode+0x2ca/0xe20 [ 812.515441][ T3436] ? hfsplus_write_inode+0x178/0x960 [ 812.520902][ T3436] ? __writeback_single_inode+0x88f/0x1190 [ 812.526929][ T3436] ? writeback_sb_inodes+0xaa9/0x1c90 [ 812.532585][ T3436] ? wb_writeback+0x4ce/0xc00 [ 812.537462][ T3436] ? wb_workfn+0x397/0x1910 [ 812.542133][ T3436] ? process_scheduled_works+0xb91/0x1d80 [ 812.548083][ T3436] ? worker_thread+0xedf/0x1590 [ 812.553160][ T3436] ? kthread+0xd5c/0xf00 [ 812.557579][ T3436] ? ret_from_fork+0x1e3/0x310 [ 812.562514][ T3436] ? ret_from_fork_asm+0x1a/0x30 [ 812.567674][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.573019][ T3436] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 812.579053][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.584386][ T3436] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 812.590860][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.596195][ T3436] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 812.602653][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.607997][ T3436] __msan_warning+0x1b/0x30 [ 812.612698][ T3436] hfsplus_cat_case_cmp_key+0xd9/0x190 [ 812.618382][ T3436] hfs_find_rec_by_key+0xab/0x240 [ 812.623639][ T3436] ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10 [ 812.629932][ T3436] __hfsplus_brec_find+0x274/0x840 [ 812.635273][ T3436] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 812.641154][ T3436] hfsplus_brec_find+0x4df/0x9f0 [ 812.646317][ T3436] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 812.652221][ T3436] hfsplus_brec_read+0x46/0x1f0 [ 812.657299][ T3436] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 812.663347][ T3436] hfsplus_find_cat+0xb5/0x4f0 [ 812.668304][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.673657][ T3436] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 812.679727][ T3436] ? should_fail_ex+0x45/0x8a0 [ 812.684705][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.690041][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.695392][ T3436] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 812.701977][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.707339][ T3436] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 812.713381][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.718716][ T3436] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 812.725275][ T3436] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 812.731560][ T3436] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 812.737597][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.742935][ T3436] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 812.748986][ T3436] hfsplus_cat_write_inode+0x2ca/0xe20 [ 812.754651][ T3436] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 812.760947][ T3436] ? _raw_spin_unlock+0x30/0x50 [ 812.766015][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.771350][ T3436] ? kmsan_get_shadow_origin_ptr+0x35/0xb0 [ 812.777556][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.782883][ T3436] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 812.789438][ T3436] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 812.795722][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.801062][ T3436] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 812.807608][ T3436] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 812.813884][ T3436] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 812.819961][ T3436] hfsplus_write_inode+0x178/0x960 [ 812.825254][ T3436] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 812.831791][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.837129][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.842459][ T3436] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 812.848491][ T3436] ? __pfx_hfsplus_write_inode+0x10/0x10 [ 812.854313][ T3436] ? __pfx_hfsplus_write_inode+0x10/0x10 [ 812.860133][ T3436] __writeback_single_inode+0x88f/0x1190 [ 812.866014][ T3436] writeback_sb_inodes+0xaa9/0x1c90 [ 812.871563][ T3436] wb_writeback+0x4ce/0xc00 [ 812.876277][ T3436] ? queue_io+0x411/0x790 [ 812.880810][ T3436] wb_workfn+0x397/0x1910 [ 812.885321][ T3436] ? kmsan_get_metadata+0xfb/0x160 [ 812.890679][ T3436] ? __pfx_wb_workfn+0x10/0x10 [ 812.895613][ T3436] process_scheduled_works+0xb91/0x1d80 [ 812.901439][ T3436] worker_thread+0xedf/0x1590 [ 812.906372][ T3436] kthread+0xd5c/0xf00 [ 812.910607][ T3436] ? __pfx_worker_thread+0x10/0x10 [ 812.915974][ T3436] ? __pfx_kthread+0x10/0x10 [ 812.920739][ T3436] ret_from_fork+0x1e3/0x310 [ 812.925502][ T3436] ? __pfx_kthread+0x10/0x10 [ 812.930266][ T3436] ret_from_fork_asm+0x1a/0x30 [ 812.935271][ T3436] [ 812.938668][ T3436] Kernel Offset: disabled [ 812.943061][ T3436] Rebooting in 86400 seconds..