last executing test programs: 7m14.362981748s ago: executing program 3 (id=269): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0x8004510b, &(0x7f00000001c0)) 7m13.818853014s ago: executing program 3 (id=274): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) timer_create(0x8, 0x0, &(0x7f0000bbdffc)) 7m13.218398812s ago: executing program 3 (id=278): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x8000004, 0x3, 0x3, 0x0, 0x1}) 7m12.681829026s ago: executing program 3 (id=282): syz_mount_image$hfsplus(&(0x7f00000003c0), &(0x7f0000000640)='./file0\x00', 0x800000, &(0x7f0000000400)=ANY=[@ANYBLOB="63726561746f723d33fefa372c666f7263652c7569643d", @ANYRESHEX=0x0, @ANYBLOB="2c63726561746f723dd1a7bc992c6e6f626172726965722c6769643d", @ANYRESHEX=0x0, @ANYBLOB=',barrier,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c626172726965722c6e6f626172726965722c706172743d3078303030303030303030303030303030342c6e6c733d69736f383835392d322c00657773197974a860"], 0x4, 0x5f0, &(0x7f0000001980)="$eJzs3cFvHFcdB/DvbGLHDlK6TZOmIARWOYAakdjeyAQJCSgFWahClbj0aiWb2somjewtcntApuLc/gvlYM4cOKEg5cCZf8GoRwR3X5DRzM7aW3u7cRInu1Y+H2n2vTdv5s1vfpkZz8wq2gAvreX3M/UoRZavvrtZtne2W52d7da9fj3JuSSNZCZJUc7+a5Ivk630pnyz3zFQHlF8vnxr9eFnV3qtmXqqli9GrXc8+7E0e7FW5UmNt/jM4x3s4VySi3UJY7fX96+h3c94XgIAk6xIzgyb30zO1zfr5XNA7664d499qm2NOwAAAAB4AV7ZzW42c2HccQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBpUv/+f1FPjX59LkX/9/+n63mp66fao3EHAAAAAAAAAADHNOpL+u/uZjebudBv7xXVd/5vVo1L1ec38lE20s56rmUzK+mmm/UsJGkObmRzpdtdXzjGmotD11w82X0GAAAAAAAAgJfMp1k++P4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmQZGc6RXVdKlfb6ZxNslMkulyua3kYb9+mj0adwAAAADwAryym91s5kK/vVdUz/yvV8/9M/ko99PNWrrppJ3b1buA3lN/Y2e71dnZbt0rp6Pj/vy/TxRGNWJ67x6Gb3m+WuLy/hrL+VV+m6tT/fbvspJu2pnLO1VtJUWa9duLZj/O4fH+7Cut9x4X6xtVJLO5k7Uqtmu5lQ/Tye00qn2olhm9xT+U2Sl+Wjtmjm7XZblHv67Lcfjf3uE5zSojU/sZma9zX2bj1dGZGHmcTB2Zc3hLC2nsv4O69Bxyfr4uy1y/85xz/ukTLX04E4sDR9/rozORzC/+58Fq5/7d1TsbV8d1GJ2Yw5loDWTiykuViek6G72r6JCrZebyXtazNuRq+Wa17oWs5Tf5MLfTzs3M52aWciOtLOXHWRrI6+W94rHnWuPJzrXv/aCulGf9L4ee/eNS5vXVgbwOXumaVd/gnIMsXTz5K9LZb9WV8mB9e4x/BY46nImFgUy8NjoTf6r+pGx07t9dX115cMztfb8uywz8YqIyUR4vF8t/rKr11aOj7HttaN9C1Xdpv69xpO/yft/jztTp+h7u6EiLVd+VoX2tqu+Ngb5hdzkATLzzb52fnv337D9nv5j94+zq7Lszb5+7ee7b05n6x9m/nflL48+NnxRv5Yv8/uD5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHobH39yd6XTaa9PdOU7dbSTEo/K01WylUxAGCrHqIz5wgQ8d9e79x5c3/j4kx+u3Vv5oP1B+/6NhaXFGzfml3508/qdtU57vvc57jABgBM08GwGAAAAAAAAAAAAAABMqBfyv74BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeo+X3M/UoRRbmr82X7Z3tVqec+vUkRW/JmX7170m+TLbSm9IcGK74uu0Uny/fWn342ZWDsWb6yxej1jue/VjKj8ahmJ5lvHKcxWce72AP55JcrEsYu/8HAAD//4EQ/90=") mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x21000, 0x0) 7m11.452301716s ago: executing program 3 (id=288): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r0}, 0x47) 7m10.511142963s ago: executing program 3 (id=293): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000380)="3900000014008157efb0349a2e2125ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582b", 0x39}], 0x1}, 0x0) 7m8.424996301s ago: executing program 32 (id=293): r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000380)="3900000014008157efb0349a2e2125ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582b", 0x39}], 0x1}, 0x0) 8.042958124s ago: executing program 2 (id=2914): syz_mount_image$hfs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x10044, &(0x7f0000000200)=ANY=[@ANYBLOB="63726561746f723dde6256b12c636f6465706167653d6d6163677265656b2c696f636861727365743d63703836362c756d61736b3d30303030303030303030303030303030303030303030352c00e4cf2d3a91a80628ea6b1bc6025a3322673c9a6ca7e1bfc0fbffeba166ebdb"], 0x4, 0x2de, &(0x7f0000000600)="$eJzs3btuE0scx/HfrO3EuShnT5KjI9GAApGgiQhQIBoj5JaeCgGxI0VYQSRBAhoCokQ8ANS8Ag9BA+IFoKLiAdItmtnxZm2v1zHE3jh8P5Kt2fFc/qPZ9c4sIhaAv9at+rcPV3/Yl5FKKkm6IQWSqlJZ0n/6v/pke29rr9Vs5DVUcjXsyyiuaXrKbGw3s6raeq6GF9qjsubTeRiNKIpufi86CBTOXf0ZAmnaX4fu8+qY4xqVfels0TGMW3qCzYEO9FQLBYYDADgB/P0/8LeJeZdlFATSqr/tn6r7/0HRARyva62erCi3Qur+71Z3kbHz+4/76HC/57Zw9vOgvUs8SjCVruMpxWdWxwLTDNpVuliCmc2tstY2XqoR6JVqXqrYsntvxKdu24BoV/T+KOMY3FpFt2fj0bgVZbd2SJtbrea0TWTEvzRcj3/OfDJfzF0T6p0ayfqvHBk7TW6mwq6ZCio2/sv9W5xztWwp+W1/rVYLOor86zo543vwBoyymr0jSbfZfkCwn0TQFedM+sD1vajOxwrx6Nb7d+NqLWXVCpOjPrWWO2qV/JmwtvGolfsoZTTaQzRvzR2zop/6qHpq/R/Y+FaVujLzvuqNK+nPjHg8U9kly65k2HPnOLxcziUReNNDjw3SkE/L3uiBrmth99nzh6VWq7ljE/czEo/nd4zPqbyWMsuMPlFSThntH+ZE1osoOmrL0SiDv3SsDdrvjyTHXj5Zhe1VluQE456moRM6GWEMm6h/Vt4JOTmJKFK/KRjZ9xROkF3TnnSfMVNwQBg3u+4y8f7PreT9qs7t/exbmLNOz99kqqPF9WQH17kUXHTvs0Pt4OYy/nWxt8crffaMbs91/qJ0IZVplNtj6OM8JUxdX3WP5/8AAAAAAAAAAAAAAAAAAACTZhz/06DoMQIAAAAAAAAAAAAAAAAAAAAAMOl+6/d/s/5GvPv935Df/wUmyK8AAAD//9kjePc=") r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) 7.103075909s ago: executing program 2 (id=2918): syz_mount_image$erofs(&(0x7f0000000400), &(0x7f0000000140)='./file1\x00', 0x3000801, &(0x7f0000000840)=ANY=[], 0x1, 0x1f3, &(0x7f0000000500)="$eJzsmb/L00AYx7+XtHl/IIqLg4uDL6jgmyapyrt0qOAoiFXUwaHYWKppK22EtiC0uLj4BwiuLo4ODk4O/gWuOqggONjRTTi5yyW9pmlppWjhfT7Qu28ud8/z3FPyHCQgCOLQ8u3rry/PLx/cOA/gCPawpcZ/mFHPj03P//zi8Q5KV16++fTqQ+vok3dpe0ys4cv7twC8L5sIwXLK49TqHU3vqf4mDJxT+hYY7Ej+5pzzvJRD+GC4o+Y80HQ7Nhj49r12ULvfCHxHNK5oPNEUdf8iqPGIoQZgW0bHOdPud/uDh9Ug8Dtpkeexn5lbq4pF+ZPxlQ2UEGePcwPA7WdPR+Ja5QYOjCR/Lgy4ShfBUFH6AFuwbXuSEm3/J3MT++Yy+/+/4rUUx/f/lVORYMEm7F0Iho0IY90ivxY7LD0iHuhk5MQ4roH6nO8r+rrLsDF/gSxcyIjn424QXP1LyyJjVkaiEjGpT4IzWn3KJaNAIWw+KnT7g/1Gs1r3637L84qXnAuOc9EryEIUtQvq37asT7vJSHwGzGIxCz3xoLo9IOy48roahh0varWKW3nb/inXGNfr0eLTUcfUmZUclCmY+hmyF+qsmT1zOHdPBEEQBEEQBEEQBEEQBEEQ2ZwCk29Z1YcqPgfvmnxD+ScAAP//+tFdLw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0) fadvise64(r0, 0x6, 0x5167e41b, 0x3) 6.206907911s ago: executing program 5 (id=2921): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x6c}, {0x6, 0x0, 0x0, 0x7fffffff}]}) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0x50, 0x0, &(0x7f0000000000)="ff", 0x0, 0x36, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50) 5.779445545s ago: executing program 0 (id=2923): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@qipcrtr={0x2a, 0x4, 0x3fff}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000180)="27031c00160014000000002f1eafacf706e105000000894f00010003ee0b80558ddbba9b37242d37a518fc9c5be50eaf07c3650596", 0x35}], 0x1}, 0x4) 4.174014073s ago: executing program 2 (id=2925): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000bc0), 0x2, 0x0) fcntl$setstatus(r0, 0x4, 0x2800) preadv(r0, &(0x7f00000020c0)=[{&(0x7f0000001f00)=""/88, 0x58}], 0x1, 0xffff0000, 0x401) 4.146171154s ago: executing program 5 (id=2927): r0 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0) symlinkat(&(0x7f0000000000)='.\x02\x00', 0xffffffffffffffff, 0x0) ioctl$EVIOCGLED(r0, 0x40284504, &(0x7f0000000000)=""/56) 4.018431836s ago: executing program 0 (id=2928): sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="49d7d3fc68ad6d569734eaf73f5047af80dd40af3d3b70bc049f833b37c8adf4f61a50f492059149dfacb052a3c02461881c89b942feec5a53ad506cb4d053384105c510f6bb78d831b5a898ebe6c373f3d4c19b3cef54c4b012abc34c3b7716af17641661ed86f1563cd1042f05523f48e9224d87886630e2a2a864518cc2fe1067cea4a368d81d05f8acb3fdbbc764ebe26f50fe7d0b10d4b97f78d414aba3040d255c4f522c39"], 0x528}, 0x1, 0x0, 0x0, 0xc815}, 0xc000) r0 = fsopen(&(0x7f0000000000)='9p\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='source', &(0x7f00000019c0)='//\xf2/\x06\b/\\\\o\xdc\xea\x95\x9a)\x00bb\x8a\x80\x91\xdf\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6h\xd1\x1d\xac\xaa\xfb\xc7Y\xcd\xc5n\xeb\xab\xf70\x99\xef\x8b0x0) io_submit(r1, 0x1, &(0x7f0000000a40)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x83, r0, 0x0, 0x0, 0x0, 0x0, 0x2}]) 3.110191369s ago: executing program 1 (id=2935): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x40, r1, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x2c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x5, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa5}]}]}]}, 0x40}}, 0x0) 2.705052168s ago: executing program 2 (id=2936): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x44e, 0x120c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x50, 0x0, [{{0x9, 0x4, 0x0, 0xfe, 0xfd, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x4, 0x8, 0x1, {0x22, 0x8}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x7, 0x2, 0x3}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000940)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x8, {[@global=@item_012={0x1, 0x1, 0x1, "ed"}, @main=@item_4={0x3, 0x0, 0xa, "0c00c1ed"}, @global=@item_012={0x0, 0x1, 0x2}]}}, 0x0}, 0x0) 2.655434553s ago: executing program 4 (id=2937): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000900000087"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) 2.403470609s ago: executing program 1 (id=2938): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) 2.297473549s ago: executing program 5 (id=2939): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f00000002c0)='./file0\x00', 0x1200082, &(0x7f0000000300)={[{@errors_continue}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@utf8}, {@umask={'umask', 0x3d, 0x2396}}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@discard}, {@allow_utime={'allow_utime', 0x3d, 0x5}}, {@errors_remount}, {@discard}]}, 0x5, 0x1531, &(0x7f0000002f80)="$eJzs3AuYjlX3MPC19t43Y5r0NMlh2Huvm4cG2yRJDklySJIkSc4JSZMkCYkhp6QhCTlOksMQksPEpHE+H3JOkleSJCEhyf6uKX3+b/3fq/7f2/t5/++s33Xd1+w1z7PWs+5nzTX34blmvu42vFaT2tUbERH8U/CXLykAEAMAgwHgGgAIAKB8fPn47MfzSEz5516E/bUeTL/SHbArieefs/H8czaef87G88/ZeP45G88/Z+P552w8f8Zysq0zC13LW87dLt3/jwG+/58D8fE/Z+P5/8fw3vf5Hyfx/HM2nn/OxvPP2Xj+ORvPP2fj+ecs9jcxz5+xnOwvuY+c+1Kxf/gc8b/5c4Zf36p/sk7x4Jcy/6o+g/+nvCv0Y8cYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLIc55y9TAPDr+kr3xRhjjDHGGGOMsb+Oz32lO2CMMcYYY4wxxti/HgIoCQoCyAW5IQbyQCxcBXFwNeSFayAC10I8XAf54HrIDwWgIBSCBCgMRUCDAQsEIRSFYhCF4lACboBEKAmloDQ4KANJcCOUhZugHNwM5eEWqAC3QkWoBJWhCtwGVeF2qAZ3QHW4E2pATagFteEuqIN3Q124B+rBvVAf7oMGcD80hAegETwIjeEhaAIPQ1NoBs2hBbSEVtD6t/nwZ/Kfh17wAvSGPpACfaEfvAj9YQAMhEEwGF6CIfAyDIVXIBWGwXB4FUbAazASXodRMBrGwBswFsbBeJgAE2ESpMGbMBneginwNkyFaTAdZkA6zIRZ8A7MhjkwF96FefAezIcFsBAWQQa8D4thCWTCB7AUPoQsWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFb4CLbBdtgBO2EX7IY98DHshU9gH3wK++Gz/2H+2d/kd0dAQIECFSrMhbkwBmMwFmMxDuMwL+bFCEYwHuMxH+bD/JgfC2JBTMAELIJF0KBBQsKiWBSjGMUSWAITMRFLYSl06DAJk7As3oTlsByWx/JYAStgRayElbAKVsGqWBWrYTWsfusCAKyBtbAW3oV34d1YF+tiPayH9bE+NsAG2BAbYiNshI2xMTbBJtgUm2JzbI4tsSW2xtbYBttgW2yL7bE9dsAO2BE7YjImYyfshJ2xM3bBLtgVu2I37IbdsQf2wOfxeXwBX8A+WEP0xX7YD/tjfxyIg3AQvoRD8GV8GV/BVByGw/FVfBVfw5F4BkfhaByDY7CqGIfjcQKSmIRpmIaTcTJOwSk4FafhNJyB6TgTZ+EsnI1zcA6+i/PwPXwPF+ACXIQZmIGLcQlmYiYuxbOYhctwOa7AlQC4EtfgWlyD63EDrsdNuAm34Bb8CD/C7bgdd+JO3I278WP8GD/BTzAVmwHAATyAB/EgHsJDeBgP4xE8gkfxKB7DY3gcj+MJPImn8CSextN4Bs/iOTyH5/E8XsBnE75svLvkulQQ2ZRQIpfIJWJEjIgVsSJOxIm8Iq+IiIiIF/Ein8gn8ov8oqAoKBJEgigiiggjjCARiqKiqIiKqCghSohEkShKiVKir3AiSSSJsqKsKCfKifLiFlFB3Coqikqinasiqoiqor2rJu4Q1UV1UUPUFLVEbVFb1BF1RF1RV9QT9UR9UV8oAGgo+uJAfFBkT6aJGIZNxXBsLlqIlqKVeA0fEW3ESGwr2on24jExGkdhR9HGJYsnRScxHjuLp8UEfEZ0FZOwm3hOdBc9RE/xvOgl2rreoo+Yin1FPzED+4sBYqAYJGZjTZE9sVriFZEqhonh4lWxCF8TI8XrYpQYLcaIN8RYMU6MFxPERDFJpIk3xWTxlpgi3hZTxTQxXcwQ6WKmmCXeEbPFHDFXvCvmiffEfLFALBSLRIZ4XywWS0Sm+EAsFR+KLLFMLBcrxEqxSqwWa8RasU6sFxvERrFJbBZbxFbxkdgmtosdYqfYJXaLPeJjsVd8IvaJT8V+8Zk4IP4mDorPxSHxhTgsvhRHxFfiqPhaHBPfiOOijzghTopT4jtxWnwvzoiz4pz4QZwXP4oL4idxUXgBEqWQUioZyFwyt4yReWSsvErGyatlXnmNjMhrZby8TuaT18v8soAsKAvJBFlYFpFaGmklyVAWlcVkVBaXJeQNMlGWlKVkaelkGZkkb5Rl5U2ynLxZlpe3yAryVllRVpKVZRV5m6wqb5fV5B2yurxT1pA1ZS1ZW94l68i7ZV15j6wn75X15X2ygbxfNpQPyEbyQdlYPiSbyIdlU9lMNpctZEvZSraWj8g28lHZVraT7eVjsoN8XHaUT8hk+aTsJJ+SneXTsot8RnaVz8pu8jnZXfaQPeVP8qL0srfsI1NkX9lPvij7y+xj4SA5WL4kh8iX5VD5ikyVw+Rw+aocIV+TI+XrcpQcLcfIN+RYOU6OlxPkRDlJpsk35WT5lpwi35ZT5TQ5Xc6Q6XKmHHip0tw/kf/Wr/kefzkky5lyaEqqHJayRW6VH8ltcrvcIXfKXXK33CP3yL1yr9wn98n9cr88IA/Ig/KgPCQPycPysDwij8ij8qg8Jo/J4/K4PCFPyh/kd/K0/F6ekWflWfmDPC/PywuX3gNQqISSSqlA5VK5VYzKo2LVVSpOXa3yCgBQ16p4dZ3Kp65X+VUBVVAVUgmqsCqitDLKKlKhKqqKqagqrkqoG1SiKqlKqdLKqTIqSd2oIv9k/t/3J3/tb8X0X94p1Vq1Vm1UG9VWtVXtVXvVQXVQHVVHlaySVSfVSXVWnVUX1UV1VV1VN9VNdVfdVU/VU/VSvVRvBJWiUlQ/9aLqrwaogWqQGqxeUkPUEDVUDVWpKlUNV8PVCDVCjVQj1Sg1So1RY9RYNVaNV+PVRDVRpak0NVlNVlPUFDVVTVXT1XSVrtLVLDVLzVaz1Vw1V81T89R8NV8tVAtVhspQi9Vilaky1VK1VGWpZWqZWqFWqFVqlVqj1qh1ap3aoDaoTWqTylJb1Va1TW1TO9QOtUvtUnvUHrVX7VX71D61X+1XB9QBdVAdVIfUIXVYHVZH1BF1VB1Vx9QxdVwdVyfUCXVKnVKn1Wl1Rp1R59Q5dV6dVxfUBXVRXcw+7QtEIAIVqCBXkCuICWKC2CA2iAvigrxB3iASRIL4ID7IF1wf5A8KBAWDQkFCUDgoEujABDagIAyKBsWCaFA8KBHcECQGJYNSQenABWWCpODGoGxwU1AuuDkoH9wSVAhuDSoGlYLKQZXgtqBqcHtQLbgjqB7cGdQIaga1gtrBXUGd4O6gbnBPUC+4N6gf3Bc0CO4PGgYPBI2CB4PGwUNBk+DhoGnQLGgetAhaBq2C1n9Vfcyu7/2ZAo+63rqPzg19dT/9ou6vB+iBepAerF/SQ/TLeqh+RafqYXp4zKt6hH5Nj9Sv61F6tB6j39Bj9Tg9Xk/QE/Uknabf1JP1W3qKfltP1dP0dD1Dp+uZepZ+R8/Wc/Rc/a6ep9/T8/UCvVAv0hn6fb1YL9GZ+gO9VH+os/QyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1R3qb3q536J16l96t9+iP9V79id6nP9X79Wf6gP6bPqg/14f0F/qw/lIf0V/po/prfUx/o4/rb/UJfVKf0t/p0/p7fUaf1ef0D/q8/lFf0D/pi9pnn9xnH96NMsrkMrlMjIkxsSbWxJk4k9fkNRETMfEm3uQz+Ux+k98UNAVNgkkwRUwRk40MmaKmqImaqClhSphEk2hKmVLGGWeSTJIpa8qacqacKW/KmwqmgqloKprKprK5zdxmbje3mzvMHeZOc6epaWqa2qa2qWPqmLqmrqln6pn6pr5pYBqYhqahaWQamcamsWlimpimpqlpbpqblqalaW1amzamjWlr2pr2pr3pYDqYjqajSTbJppPpZDqbzqaL6WK6mq6mm+lmupvupqfpaXqZXqa36W1STIrpZ/qZ/qa/GWgGmsFmsBlihpihZqhJNalmuBluRpgRZqQZaUaZ0WaMecOMNePMeDPBTDSTTJpJM5PNZDPFTDFTzVQz3Uw36SbdzDKzzGwz28w1c808M8/MN/PNQrPQZJgMs9gsNpkm0yw1S02WyTLLzXKz0qw0q81qs9asNevNerPRbDSbzWaz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQRMDh8xhc9gcMUfMUXPUHDPHzHFz3JwwJ8wpc8qcNqfNGXPGnDPnzHnzo7lgfjIXjTcxNo+NtVfZOHu1zWuvsb+NC9pCNsEWtkWstvltgb+LjbU20Za0pWxp62wZm2Rv/F1c0VaylW0Ve5utam+31X4X17F327r2HlvP3mtr27v+Lq5v77MN7MO2oW1mG9kWtrFtZZvYh21T28w2ty1sS9vKdrCP2472CZtsn7Sd7FO/ixfbJXatXWfX2w12r/3EnrM/2KP2a3ve/mh72z52sH3JDrEv26H2FZtqh/0uHmPfsGPtODveTrAT7aTfxdPtDJtuZ9pZ9h072875XZxh37fzbKadbxfYhXbRz3F2T5n2A7vUfmiz7DK73K6wK+0qu9qu+b+9rrCb7Ga7xe6xH9ttdrvdYXfaXXb3z3H2fuyzn9r99jN7xH5lD9rP7SF7zB62X/4cZ+/fMfuNPW6/tSfsSXvKfmdP2+/tGXv25/3P3vfv7E/2ovUWCEmQJEUB5aLcFEN5KJauoji6mvLSNRShaymerqN8dD3lpwJUkApRAhWmIqTJkCWikIpSMYpScSpBN1AilaRSVJoclaEkupHK0k1Ujm6m8nQLVaBbqSJVospUhW6jqnQ7VaM7qDrdSTWoJtWi2nQX1aG7qS7dQ/XoXqpP91EDup8a0gPUiB6kxvQQNaGHqSk1o+bUglpSK2pNj1AbepTaUjtqT49RB3qcOtITlExPUid6ijrT09SFnqGu9Cx1o+eoO/WgnvQ89aIXqDf1oRTqS/3oRepPA2ggDaLB9FINAKCh9Aql0jAaTq/SCHqNRtLrNIpG0xh6g8bSOBpPE2giTaI0epMm01s0hd6mqTSNptMMSqeZNIveodk0h+bSuzSP3qP5tIAW0iLKoPdpMS2hTPqAltKHlEXLaDmtoJW0ilbTGp8bgNbTBtpIm2gzbaGt9BFto+2EtJN20W7aQx/TXvqE9tGntJ8+owOEeJA+p0P0BR2mL+kIfUVH6Ws6Rt/QcfqWTtBJOkXf0Wn6ns7QWTpHP9B5+pEu0E90kTxBiKEIZajCIMwV5g5jwjxhbHhVGBdeHeYNrwkj4bVhfHhdmC+8PswfFggLhoXChLBwWCTUoQltSGEYFg2LhdGweFgivCFMDEuGpcLSoQvLhEnhjWHZ8KawXHhzWD68JawQ3hpWDCuFD99bJbwtrBreHlYL7wirh3eGNcKaYa2wdnhXWCe8O6wb3hPWC+8Ny4X3hQ3C+8OG4QNho/DBsHH4UNgkfDhsGjYLm4ctwpZhq7B1+EjYJnw0bBu2C9uHj4UdwsfDjuETYXL4ZNgpfOoPH08J+4b9whfDF0Pv75ELo4uiGdH3o4ujS6KZ0Q+iS6MfRrOiy6LLoyuiK6Oroquja6Jro+ui66Mbohujm6Kbo1ui3tfODQ6dcNIpF7hcLreLcXlcrLvKxbmrXV53jYu4a128u87lc9e7/K6AK+gKuQRX2BVx2hlnHbnQFXXFXNQVdyXcDS7RlXSlXGnnXBmX5Fq51q61a+MedW1dO9fePeYec4+7x90T7gn3pOvknnKd3dOui3vGdXXPumfdc6676+F6uuddL/eC6+36uBSX4vq5fq6/6+8GuoFusBvshrghbqgb6lJdqhvuhrsRboQb6Ua6UW6UG+PGuLFurBvvxruJfqJLc2luspvsprgpbqqb6qa76S7dpbtZbpab7Wa7uW6um5c4z813891Ct9BluAy32C12mS7TLXVLXZbLcsvdcrfSrXSr3Wq31q116916t9FtdJvdZrfVbXXb3Da3w+1wu9wut8ftcXvdXrfP7XP73X53wB04591Bd8h94Q67L90R95U76r52x9w37rj71p1wJ90p95077b53Z9xZd8794M67H90F95O76LxLi7wZmRx5KzIl8nZkamRaZHpkRiQ9MjMyK/JOZHZkTmRuBGFe5L3I/MiCyMLIokhG5P3I4siSSGbkg8jSyIeRrMiyyPLIisjKyKqI94W3hb6oL+ajvrgv4W/wib6kL+VLe+fL+CR/oy/rb/Ll/M2+vL/FV/C3+oq+kq/sm/nmvoVv6Vv51v4R38Y/6tv6dr69f8x38I/7jv4Jn+yf9J38U76zf9p38c/4rv5Z380/57v7Hr6nf9738i/43r6PT/F9fT//ou/vB/iBfpAf7F/yQ/zLfqh/xaf6YX64f9WP8K/5kf51P8qP9mP8G36sH+fH+wl+op/k0/ybfrJ/y0/xb/upfpqf7mf4dD/Tz/Lv+Nl+jp/r3/Xz/Ht+vl/gF/pFPsO/7xf7JT7Tf+CX+g99ll/ml/sVHmJW+dV+jV/r1/n1foPf6Df5zX6L3+o/8tv8dr/D7/S7/G6/x3/s9/pP/D7/qd/vP/MH/N/8Qf+5P+S/8If9l/6I/8of9V/7Y/4bf9x/60/4k/6U/86f9t/7M/6sP+d/8Of9j/6C/8lf5L9ZY4wxxhj7U+QfPN73v/meuLRl6wcAV28vdPi3NTfm/2U9QCR0iADAk326PXjp042UGjVSUlIuPTdLQlBsAQBELufngsvxMmgPj0MytIOy/21/A0SP83Sp/q/bb+tHbwGI/S85MXA5vlz/pn9Qf9y8P6y/ACCx2OWcPHA5vly/3D+oX6DNH9TP83kaQNv/khMHl+PL9ZPgUXgKkv9ooL848KeexRhjjDHGGGPsP8YAUbnLH13fZl+fJ6jLObnhcvxH1+c/+3PXpIwxxhhjjDHGGPsXeaZHzyceSU5u1+VKLQCu5Kvz4s8scv17tPEftpD/Hm38o8WV/s3EGGOMMcYY+6tdPum/0p0wxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM51/+Pfyd2pfeRMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu9L+TwAAAP//tVgiNQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, 0x0) 2.162599124s ago: executing program 0 (id=2940): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) setreuid(0x0, 0xee01) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000140)={0x53, 0xfffffffffffffffb, 0x6, 0xab, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000100)='Q]\x00\x00\x00\x00', 0xfffffffffffffffd, 0x0, 0x0, 0x3, 0x0}) 2.116019857s ago: executing program 4 (id=2941): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_GET(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x34, r1, 0x1, 0x0, 0x0, {0x54}, [@nsim={{0x1f}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x40010) 1.752960445s ago: executing program 1 (id=2942): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00'}) 1.355013253s ago: executing program 4 (id=2943): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000068c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}]}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "d1"}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}}, 0x0) 1.129361697s ago: executing program 0 (id=2944): r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x101, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000004c0)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, 0x1}, 0x90) 1.083390441s ago: executing program 1 (id=2945): unshare(0x400) r0 = socket$rxrpc(0x21, 0x2, 0xa) connect$rxrpc(r0, &(0x7f0000000040)=@in6={0x21, 0x2, 0x2, 0x10, {0xa, 0x4e20, 0x4, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x1}}, 0x24) 809.938551ms ago: executing program 5 (id=2946): r0 = socket$tipc(0x1e, 0x4, 0x0) io_setup(0x800, &(0x7f0000000500)=0x0) io_submit(r1, 0x1, &(0x7f00000004c0)=[&(0x7f00000005c0)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) 530.429078ms ago: executing program 1 (id=2947): openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x3}) 513.20551ms ago: executing program 0 (id=2948): syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000bc0)=ANY=[], 0x1, 0x601, &(0x7f0000000580)="$eJzs3U9vHGcdB/DvbGLHDlK6cZOm/JGwygHUiMR/ImMkJKAUZKGqqsSlVytxaiubNLJdcHqAgDi3b6EczBUOnFCQcuDMWzDqgQOCuy/IaGZnvRtn69iJ7V03n480+zzPPvM883t+mR3NrBVtgJfWwvsZeZwiC1ff2SjbW5uzra3N2budepJzSRrJWJKifPsvST5PHqa95audjp7yKcWnCzeXH31ypd0aq7dq/2K/cQezG0uzHWtVHtV8My88X3eFk0km6hIGbqfjn327X/BzCQAMsyI50+/9ZnK+vlkvnwPad8Xte+xT7eGgAwAAAIAT8Mp2trORC4OOAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6T9u//P/hVu1r9vn9ZFpMpOr//P1q/l7p+qnx94n//6m0/HlwoAAAAAAAAAHBkvrmd7WzkQqe9U1R/83+jalyqXr+Sj7KWpazmWjaymPWsZzXTSZo9E41uLK6vr04fYORM35EzJ7NeAAAAAAAAAPiS+l0Wun//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAYVAkZ9pFtV3q1JtpnE0ylmS03O9h8qhTP80eDzoAAAAAOAGvbGc7G7nQae8U1TP/a9Vz/1g+yr2sZyXraWUpt6rvAtpP/Y2tzdnW1ubs3XJ7et4f//dQYVQzpv3dQ/8jT1V7XN4dsZCf5Re5msm8l9Ws5JdZzHqWMpm3q9piijTrby+anTj7x/ujJ1rvPSvW16tIxnM7K1Vs13IzH6aVW2lUa6j22f+Ivy2zU/ywdsAc3arLckU/r8vj0Dj0iGY1amQ3I1N17suZLm5tzte79cvEIc+TvUeaTmP3O6hLx5Dz83VZ5vrtY8z54e3NxEzP2ffa/plIpmb+c3+5de/O8u21q8OzpOe0NxOzPZm48lJlYrTORvsqerir5RvV2AtZybv5MLeylPlMZT5zuZHZzOX7mevJ6+UDfNYah/usfes7dWUkyU/r8lne/dPBJn8xZV4v9uS190rXrPp63+lmaeLor0hnv1ZXypP1raG7Il3cc23uZOLV/TPxh53yda11787q8uL9Ax7v23VZZuAnQ5WJ8nyZKP+xqtaTZ0fZ92rfvumq79JuX+Opvsu7fc/6pI7W93BPzzRT9V3p2zdb9b3e09fvLgeAoXf+zfOj4/8e/8f4Z+O/H18ef2fsrXPz574xmpG/n/3rmT83/tj4QfFmPsuvu8//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA81t78PGdxVZrafW0V4rhCENlWCpnjukM3/lNe96BL/CYK4O8KgEn4fr63fvX1x58/N2Vu4sfLH2wdO/G9NzMjRtTc9+bv357pbU01X4ddJgAwBHq3vQPOhIAAAAAAAAAAAAAAOCLnMR/Jx70GgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC+3hfcz8jhFpqeuTZXtrc3ZVrl16t09x5IUZeVvST5PHqa9pdkzXfFFxyk+Xbi5/OiTK925xjr7F/uNO5gnYmnsielF55vpne/c80zXXeFkkom6hIH7fwAAAP//pRb9Zg==") mkdir(&(0x7f0000000000)='./control\x00', 0x0) rmdir(&(0x7f0000000040)='./control\x00') 450.797167ms ago: executing program 4 (id=2949): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]}) unshare(0x22020600) flistxattr(r0, 0x0, 0xffffffffffffffb1) 279.30737ms ago: executing program 2 (id=2950): syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='noadinicb,partition=00000000000000000005,noadinicb,mode=00000000000000000003324,gid=', @ANYRESDEC=0x0, @ANYBLOB=',volume=0000000000000,\x00\x00\x00\x00\x00\x00\x00\x00'], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='.\x02\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) 0s ago: executing program 5 (id=2951): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="780000001000ffff27bd3000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="00000000000000003c00128009000100766c616e000000002c000280100004800c000100ff010000f9ffffff0600010000000000100003800c000100010000004903000008000500", @ANYRES32=r1, @ANYBLOB="140003"], 0x78}, 0x1, 0x0, 0x0, 0x2000c855}, 0x8000002) kernel console output (not intermixed with test programs): or no altset; falling back to MIDI 1.0 [ 466.128229][ T11] usb 3-1: USB disconnect, device number 6 [ 466.925304][ T6070] udevd[6070]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 467.326599][ T5880] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 467.555453][ T5880] usb 1-1: config 0 has an invalid interface number: 64 but max is 0 [ 467.564184][ T5880] usb 1-1: config 0 has no interface number 0 [ 467.657286][ T5880] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07 [ 467.670831][ T5880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 467.682533][ T5880] usb 1-1: Product: syz [ 467.689881][ T5880] usb 1-1: Manufacturer: syz [ 467.696559][ T5880] usb 1-1: SerialNumber: syz [ 467.747050][ T5880] usb 1-1: config 0 descriptor?? [ 467.970014][ T9612] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1661'. [ 468.066689][ T5880] usb 1-1: Found UVC 0.08 device syz (046d:0823) [ 468.073703][ T5880] usb 1-1: No valid video chain found. [ 468.138357][ T5880] usb 1-1: USB disconnect, device number 9 [ 468.859922][ T5817] Bluetooth: hci2: Invalid handle: 0xb300 > 0x0eff [ 469.562990][ T9639] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 470.294783][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 470.304353][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 473.137083][ T9695] capability: warning: `syz.1.1702' uses 32-bit capabilities (legacy support in use) [ 473.527643][ T9698] loop2: detected capacity change from 0 to 256 [ 473.703515][ T9704] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 473.711096][ T9704] IPv6: NLM_F_CREATE should be set when creating new route [ 475.445654][ T9729] veth2: entered allmulticast mode [ 475.932335][ T9736] loop1: detected capacity change from 0 to 2048 [ 475.992604][ T9736] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 476.067302][ T9736] syz.1.1722: attempt to access beyond end of device [ 476.067302][ T9736] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 476.083144][ T9739] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 476.186920][ T9736] syz.1.1722: attempt to access beyond end of device [ 476.186920][ T9736] loop1: rw=0, sector=9437254, nr_sectors = 2 limit=2048 [ 476.201063][ T9736] NILFS (loop1): I/O error reading meta-data file (ino=6, block-offset=0) [ 476.215917][ T9742] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1726'. [ 476.976896][ T9753] libceph: resolve 'c' (ret=-3): failed [ 477.493175][ T9761] ieee802154 phy0 wpan0: encryption failed: -22 [ 478.424613][ T9770] loop2: detected capacity change from 0 to 2048 [ 478.667330][ T9770] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 478.828098][ T9781] netlink: 'syz.5.1745': attribute type 5 has an invalid length. [ 478.852601][ T9781] ip6erspan0: entered promiscuous mode [ 479.339160][ T9787] dlm: non-version read from control device 36 [ 479.526519][ T5880] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 479.623145][ T9793] loop2: detected capacity change from 0 to 256 [ 479.778335][ T5880] usb 5-1: config 8 has an invalid interface number: 230 but max is 0 [ 479.786965][ T5880] usb 5-1: config 8 has no interface number 0 [ 479.793264][ T5880] usb 5-1: config 8 interface 230 altsetting 2 endpoint 0x3 has invalid maxpacket 1024, setting to 64 [ 479.808127][ T5880] usb 5-1: config 8 interface 230 altsetting 2 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 479.820306][ T5880] usb 5-1: config 8 interface 230 has no altsetting 0 [ 479.873634][ T5880] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=2d.e7 [ 479.883274][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 479.891863][ T5880] usb 5-1: Product: syz [ 479.896355][ T5880] usb 5-1: Manufacturer: syz [ 479.901126][ T5880] usb 5-1: SerialNumber: syz [ 480.023567][ T9793] FAT-fs (loop2): Directory bread(block 64) failed [ 480.030634][ T9793] FAT-fs (loop2): Directory bread(block 65) failed [ 480.038259][ T9793] FAT-fs (loop2): Directory bread(block 66) failed [ 480.045092][ T9793] FAT-fs (loop2): Directory bread(block 67) failed [ 480.052391][ T9793] FAT-fs (loop2): Directory bread(block 68) failed [ 480.059391][ T9793] FAT-fs (loop2): Directory bread(block 69) failed [ 480.066978][ T9793] FAT-fs (loop2): Directory bread(block 70) failed [ 480.073828][ T9793] FAT-fs (loop2): Directory bread(block 71) failed [ 480.081175][ T9793] FAT-fs (loop2): Directory bread(block 72) failed [ 480.088235][ T9793] FAT-fs (loop2): Directory bread(block 73) failed [ 480.204600][ T5880] ath6kl: Failed to submit usb control message: -71 [ 480.212131][ T5880] ath6kl: unable to send the bmi data to the device: -71 [ 480.224401][ T5880] ath6kl: Unable to send get target info: -71 [ 480.282906][ T5880] ath6kl: Failed to init ath6kl core: -71 [ 480.304524][ T5880] ath6kl_usb 5-1:8.230: probe with driver ath6kl_usb failed with error -71 [ 480.547088][ T5880] usb 5-1: USB disconnect, device number 10 [ 481.479930][ T9814] sp0: Synchronizing with TNC [ 482.490429][ T11] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 482.695758][ T11] usb 2-1: Using ep0 maxpacket: 32 [ 482.760182][ T11] usb 2-1: unable to get BOS descriptor or descriptor too short [ 482.770693][ T9835] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.1770'. [ 482.805469][ T11] usb 2-1: config 7 has an invalid interface number: 187 but max is 0 [ 482.814026][ T11] usb 2-1: config 7 has no interface number 0 [ 482.820606][ T11] usb 2-1: config 7 interface 187 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0 [ 482.830901][ T11] usb 2-1: config 7 interface 187 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 0 [ 482.841073][ T11] usb 2-1: config 7 interface 187 has no altsetting 0 [ 482.997435][ T11] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb [ 483.006935][ T11] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 483.015184][ T11] usb 2-1: Product: syz [ 483.019675][ T11] usb 2-1: Manufacturer: syz [ 483.024499][ T11] usb 2-1: SerialNumber: syz [ 483.445651][ T11] usb 2-1: Unknown endpoint type found, address 0x07 [ 483.452802][ T11] usb 2-1: Not enough endpoints found in device, aborting! [ 483.456553][ T30] audit: type=1326 audit(1758850687.123:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9841 comm="syz.0.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ee58eec9 code=0x7ffc0000 [ 483.590429][ T30] audit: type=1326 audit(1758850687.193:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9841 comm="syz.0.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ee58eec9 code=0x7ffc0000 [ 483.616410][ T30] audit: type=1326 audit(1758850687.203:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9841 comm="syz.0.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f03ee58eec9 code=0x7ffc0000 [ 483.640016][ T30] audit: type=1326 audit(1758850687.203:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9841 comm="syz.0.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ee58eec9 code=0x7ffc0000 [ 483.662684][ T30] audit: type=1326 audit(1758850687.213:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9841 comm="syz.0.1774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03ee58eec9 code=0x7ffc0000 [ 483.771294][ T5880] usb 2-1: USB disconnect, device number 5 [ 484.693190][ T9861] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1783'. [ 484.703043][ T9861] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1783'. [ 485.476986][ T5880] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 485.696231][ T5880] usb 3-1: Using ep0 maxpacket: 16 [ 485.792737][ T5880] usb 3-1: New USB device found, idVendor=0483, idProduct=1234, bcdDevice=ff.76 [ 485.802393][ T5880] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 485.811749][ T5880] usb 3-1: Product: syz [ 485.816246][ T5880] usb 3-1: Manufacturer: syz [ 485.821024][ T5880] usb 3-1: SerialNumber: syz [ 485.954688][ T5880] usb 3-1: config 0 descriptor?? [ 486.230093][ T5880] usb_8dev 3-1:0.0 can0: sending command message failed [ 486.238225][ T5880] usb_8dev 3-1:0.0 can0: can't get firmware version [ 486.345167][ T5880] usb_8dev 3-1:0.0: probe with driver usb_8dev failed with error -22 [ 486.429441][ T5880] usb 3-1: USB disconnect, device number 7 [ 486.433751][ T9887] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1796'. [ 488.356943][ T9917] netlink: 'syz.1.1811': attribute type 10 has an invalid length. [ 488.428940][ T9917] team0: Port device netdevsim3 added [ 488.812812][ T9923] loop5: detected capacity change from 0 to 256 [ 488.994578][ T9923] exfat: Deprecated parameter 'namecase' [ 489.000695][ T9923] exfat: Deprecated parameter 'namecase' [ 489.157317][ T9923] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 489.242597][ T9930] loop2: detected capacity change from 0 to 512 [ 489.275896][ T9930] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 489.290080][ T9930] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 489.346431][ T11] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 489.489748][ T9930] EXT4-fs error (device loop2): xattr_find_entry:333: inode #15: comm syz.2.1816: corrupted xattr entries [ 489.544463][ T9930] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 489.608030][ T9930] EXT4-fs (loop2): 1 truncate cleaned up [ 489.616812][ T9930] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 489.642089][ T11] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 489.654031][ T11] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 489.670629][ T11] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64 [ 489.794801][ T11] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 489.804357][ T11] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 489.812772][ T11] usb 1-1: Product: syz [ 489.817241][ T11] usb 1-1: Manufacturer: syz [ 489.822004][ T11] usb 1-1: SerialNumber: syz [ 489.830787][ T9930] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.1816: corrupted in-inode xattr: e_name out of bounds [ 489.949163][ T11] usb 1-1: config 0 descriptor?? [ 489.957378][ T9925] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 489.965334][ T9925] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 490.073911][ T9939] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1821'. [ 490.079357][ T11] usb 1-1: ucan: probing device on interface #0 [ 490.084375][ T9939] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1821'. [ 490.322167][ T11] usb 1-1: ucan: device protocol version 0 is not supported [ 490.329992][ T11] usb 1-1: ucan: probe failed; try to update the device firmware [ 490.448563][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 490.576544][ T1866] usb 1-1: USB disconnect, device number 10 [ 490.767347][ T9946] mmap: syz.5.1825 (9946): VmData 37466112 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 492.368048][ T9969] openvswitch: netlink: Actions may not be safe on all matching packets [ 493.602403][ T9983] loop2: detected capacity change from 0 to 1764 [ 493.607928][ T9991] netlink: 'syz.4.1847': attribute type 1 has an invalid length. [ 493.617040][ T9991] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1847'. [ 493.782376][ T9983] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 494.638804][T10007] tc_dump_action: action bad kind [ 495.045477][T10013] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1858'. [ 496.256604][T10031] loop5: detected capacity change from 0 to 256 [ 496.676997][ T30] audit: type=1326 audit(1758850700.333:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc48558eec9 code=0x7ffc0000 [ 496.772615][ T30] audit: type=1326 audit(1758850700.403:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc48558d710 code=0x7ffc0000 [ 496.796290][ T30] audit: type=1326 audit(1758850700.403:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc48558eacb code=0x7ffc0000 [ 496.822055][ T30] audit: type=1326 audit(1758850700.403:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc48558eacb code=0x7ffc0000 [ 496.921470][ T30] audit: type=1326 audit(1758850700.543:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc48558eacb code=0x7ffc0000 [ 496.925765][T10043] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1873'. [ 496.944234][ T30] audit: type=1326 audit(1758850700.543:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc48558eacb code=0x7ffc0000 [ 496.977031][ T30] audit: type=1326 audit(1758850700.543:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc48558eacb code=0x7ffc0000 [ 497.006855][ T11] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 497.226291][ T11] usb 5-1: Using ep0 maxpacket: 8 [ 497.226967][ T30] audit: type=1326 audit(1758850700.683:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc48558eacb code=0x7ffc0000 [ 497.254521][ T30] audit: type=1326 audit(1758850700.713:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc48558eacb code=0x7ffc0000 [ 497.277442][ T30] audit: type=1326 audit(1758850700.723:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10038 comm="syz.4.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc48558eacb code=0x7ffc0000 [ 497.356410][ T11] usb 5-1: unable to get BOS descriptor or descriptor too short [ 497.497200][ T11] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 497.507662][ T11] usb 5-1: config 0 has no interfaces? [ 497.610954][ T11] usb 5-1: New USB device found, idVendor=2c7c, idProduct=0125, bcdDevice= a.30 [ 497.620376][ T11] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 497.631603][ T11] usb 5-1: Product: syz [ 497.636867][ T11] usb 5-1: Manufacturer: syz [ 497.641639][ T11] usb 5-1: SerialNumber: syz [ 497.790699][ T11] usb 5-1: config 0 descriptor?? [ 498.064895][ T1866] usb 5-1: USB disconnect, device number 11 [ 500.427453][T10095] usb usb1: check_ctrlrecip: process 10095 (syz.5.1898) requesting ep 01 but needs 81 [ 500.438160][T10095] usb usb1: usbfs: process 10095 (syz.5.1898) did not claim interface 0 before use [ 500.783401][T10103] loop1: detected capacity change from 0 to 64 [ 500.927759][T10103] syz.1.1902: attempt to access beyond end of device [ 500.927759][T10103] loop1: rw=0, sector=16777216, nr_sectors = 2 limit=64 [ 500.941956][T10103] Buffer I/O error on dev loop1, logical block 8388608, async page read [ 501.031735][T10103] syz.1.1902: attempt to access beyond end of device [ 501.031735][T10103] loop1: rw=0, sector=16777216, nr_sectors = 2 limit=64 [ 501.047175][T10103] Buffer I/O error on dev loop1, logical block 8388608, async page read [ 501.236905][T10109] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1905'. [ 502.024540][T10123] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1912'. [ 502.039929][T10123] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1912'. [ 502.049177][T10121] loop1: detected capacity change from 0 to 512 [ 502.327756][T10121] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 502.344230][T10121] ext4 filesystem being mounted at /395/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 502.502351][T10121] __quota_error: 32 callbacks suppressed [ 502.502433][T10121] Quota error (device loop1): find_block_dqentry: Quota for id 0 referenced but not present [ 502.520339][T10121] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 502.530047][T10121] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1909: Failed to acquire dquot type 1 [ 503.020484][ T30] audit: type=1326 audit(1758850706.703:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10135 comm="syz.2.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 503.020694][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 503.077579][T10139] comedi comedi3: pcl812: I/O port conflict (0x8,16) [ 503.102362][ T30] audit: type=1326 audit(1758850706.783:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10135 comm="syz.2.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 503.125515][ T30] audit: type=1326 audit(1758850706.783:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10135 comm="syz.2.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 503.149369][ T30] audit: type=1326 audit(1758850706.783:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10135 comm="syz.2.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 503.651982][T10147] loop5: detected capacity change from 0 to 24 [ 503.720289][T10147] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 504.665790][T10153] loop1: detected capacity change from 0 to 4096 [ 504.973536][T10166] loop2: detected capacity change from 0 to 64 [ 505.254882][T10153] ntfs3(loop1): ino=5, "/" indx_read [ 505.260709][T10153] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 506.484241][T10176] loop5: detected capacity change from 0 to 4096 [ 506.548127][T10176] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 507.039309][T10176] ntfs3(loop5): ino=19, mi_enum_attr [ 507.167995][T10192] netlink: 'syz.1.1944': attribute type 14 has an invalid length. [ 507.176312][T10192] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1944'. [ 507.189790][T10176] ntfs3(loop5): failed to convert "c46c" to ascii [ 507.221857][T10176] ntfs3(loop5): ino=20, mi_enum_attr [ 510.003516][T10232] loop1: detected capacity change from 0 to 1024 [ 510.172432][T10232] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 510.606956][T10242] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1967'. [ 510.691968][T10246] netlink: 'syz.0.1968': attribute type 1 has an invalid length. [ 510.743142][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.765298][T10258] comedi comedi3: pcl730: I/O port conflict (0x40404f26,4) [ 511.968679][T10261] Bluetooth: MGMT ver 1.23 [ 512.342789][T10269] loop5: detected capacity change from 0 to 128 [ 512.615853][T10269] FAT-fs (loop5): Directory bread(block 32) failed [ 512.623497][T10269] FAT-fs (loop5): Directory bread(block 33) failed [ 512.630637][T10269] FAT-fs (loop5): Directory bread(block 34) failed [ 512.639047][T10269] FAT-fs (loop5): Directory bread(block 35) failed [ 512.645900][T10269] FAT-fs (loop5): Directory bread(block 36) failed [ 512.652912][T10269] FAT-fs (loop5): Directory bread(block 37) failed [ 512.660416][T10269] FAT-fs (loop5): Directory bread(block 38) failed [ 512.667291][T10269] FAT-fs (loop5): Directory bread(block 39) failed [ 512.674131][T10269] FAT-fs (loop5): Directory bread(block 40) failed [ 512.685187][T10269] FAT-fs (loop5): Directory bread(block 41) failed [ 512.998254][T10269] process 'syz.5.1979' launched './file2' with NULL argv: empty string added [ 513.043436][T10269] syz.5.1979: attempt to access beyond end of device [ 513.043436][T10269] loop5: rw=0, sector=4112, nr_sectors = 4 limit=128 [ 513.057711][T10269] Buffer I/O error on dev loop5, logical block 1028, async page read [ 513.066341][T10269] syz.5.1979: attempt to access beyond end of device [ 513.066341][T10269] loop5: rw=0, sector=167964, nr_sectors = 4 limit=128 [ 513.080262][T10269] Buffer I/O error on dev loop5, logical block 41991, async page read [ 513.092917][T10269] FAT-fs (loop5): Filesystem has been set read-only [ 513.101154][T10269] syz.5.1979: attempt to access beyond end of device [ 513.101154][T10269] loop5: rw=0, sector=4112, nr_sectors = 4 limit=128 [ 513.114770][T10269] Buffer I/O error on dev loop5, logical block 1028, async page read [ 513.123252][T10269] syz.5.1979: attempt to access beyond end of device [ 513.123252][T10269] loop5: rw=0, sector=167964, nr_sectors = 4 limit=128 [ 513.137586][T10269] Buffer I/O error on dev loop5, logical block 41991, async page read [ 513.688479][ T11] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 513.947106][ T11] usb 5-1: Using ep0 maxpacket: 16 [ 514.004201][ T11] usb 5-1: config index 0 descriptor too short (expected 30768, got 72) [ 514.016204][ T11] usb 5-1: config 48 has too many interfaces: 48, using maximum allowed: 32 [ 514.025121][ T11] usb 5-1: config 48 has an invalid descriptor of length 0, skipping remainder of the config [ 514.037017][ T11] usb 5-1: config 48 has 0 interfaces, different from the descriptor's value: 48 [ 514.275805][ T11] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 514.285471][ T11] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.293860][ T11] usb 5-1: Product: syz [ 514.297730][T10290] random: crng reseeded on system resumption [ 514.298355][ T11] usb 5-1: Manufacturer: syz [ 514.310912][ T11] usb 5-1: SerialNumber: syz [ 514.499398][T10290] Restarting kernel threads ... [ 514.534481][T10290] Done restarting kernel threads. [ 514.772911][ T11] usb 5-1: USB disconnect, device number 12 [ 515.278450][T10306] ptrace attach of "./syz-executor exec"[5823] was attempted by " [ 516.848022][T10330] tipc: Started in network mode [ 516.951532][T10330] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 516.959769][T10330] tipc: Enabled bearer , priority 0 [ 517.868177][T10344] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2012'. [ 517.977137][T10349] loop0: detected capacity change from 0 to 8 [ 518.086209][ T1866] tipc: Node number set to 11578026 [ 519.957456][ T11] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 520.156538][ T11] usb 1-1: Using ep0 maxpacket: 8 [ 520.207784][ T11] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 520.216303][ T11] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 520.227188][ T11] usb 1-1: config 0 has no interface number 0 [ 520.233731][ T11] usb 1-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 520.245627][ T11] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 520.259829][ T11] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 520.272273][ T11] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 520.285551][ T11] usb 1-1: config 0 interface 52 has no altsetting 0 [ 520.293022][ T11] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 520.302492][ T11] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 520.403674][T10382] loop2: detected capacity change from 0 to 1024 [ 520.493525][T10385] loop1: detected capacity change from 0 to 256 [ 520.538261][T10385] exfat: Deprecated parameter 'namecase' [ 520.608482][T10382] hfsplus: bad catalog entry type [ 520.608940][ T11] usb 1-1: config 0 descriptor?? [ 520.687146][T10385] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x367e6920, utbl_chksum : 0xe619d30d) [ 520.910883][ T11] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input9 [ 520.949941][ T3800] hfsplus: b-tree write err: -5, ino 4 [ 521.106970][ T11] usb 1-1: USB disconnect, device number 11 [ 521.113253][ C1] synaptics_usb 1-1:0.52: synusb_irq - usb_submit_urb failed with result: -19 [ 521.305870][T10391] loop2: detected capacity change from 0 to 16 [ 521.363599][T10391] erofs (device loop2): mounted with root inode @ nid 36. [ 521.495596][ T30] audit: type=1800 audit(1758850725.173:114): pid=10391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2035" name="file1" dev="loop2" ino=86 res=0 errno=0 [ 522.229578][T10398] loop5: detected capacity change from 0 to 1024 [ 522.548428][T10408] loop0: detected capacity change from 0 to 256 [ 522.667326][T10408] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 522.678322][T10408] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 522.912277][ T4048] hfsplus: b-tree write err: -5, ino 4 [ 522.967638][T10408] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 524.023637][T10425] loop5: detected capacity change from 0 to 512 [ 524.085275][T10425] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 524.212750][T10425] EXT4-fs (loop5): 1 truncate cleaned up [ 524.221148][T10425] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 524.473732][T10425] EXT4-fs error (device loop5): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.5.2050: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 524.579842][T10425] EXT4-fs (loop5): Remounting filesystem read-only [ 524.838253][ T6642] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 526.450922][ T5111] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 527.587463][T10482] loop0: detected capacity change from 0 to 1024 [ 527.637054][T10482] EXT4-fs: Ignoring removed orlov option [ 527.848067][T10488] bridge: RTM_NEWNEIGH with unconfigured vlan 3 on bridge0 [ 527.879692][T10482] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 528.463895][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 528.731699][T10494] loop1: detected capacity change from 0 to 4096 [ 528.836831][T10494] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 529.061990][T10502] netlink: 'syz.2.2083': attribute type 62 has an invalid length. [ 529.443512][T10494] ntfs3(loop1): ino=5, "/" ntfs_readdir [ 529.449508][T10494] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 531.732798][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 531.739688][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 531.826296][T10542] Bluetooth: MGMT ver 1.23 [ 532.087291][T10543] loop0: detected capacity change from 0 to 2048 [ 532.244780][T10543] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 532.503925][T10543] EXT4-fs: can't change dax mount option while remounting [ 532.926849][T10556] loop2: detected capacity change from 0 to 1024 [ 532.943049][T10556] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 532.954756][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 532.967327][T10556] EXT4-fs (loop2): group descriptors corrupted! [ 533.983421][T10562] loop1: detected capacity change from 0 to 4096 [ 535.282116][T10580] loop2: detected capacity change from 0 to 4096 [ 535.536801][T10591] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 536.970405][T10600] loop2: detected capacity change from 0 to 4096 [ 537.185379][T10611] netlink: 'syz.1.2131': attribute type 6 has an invalid length. [ 537.193740][T10611] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2131'. [ 537.734570][T10613] loop5: detected capacity change from 0 to 2364 [ 537.855627][T10618] NILFS (nullb0): couldn't find nilfs on the device [ 538.348227][T10624] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2137'. [ 538.357716][T10624] tipc: Started in network mode [ 538.362809][T10624] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711 [ 538.372250][T10624] tipc: Enabling of bearer rejected, failed to enable media [ 540.987227][T10663] [U] ^E^P [ 541.361156][T10662] loop0: detected capacity change from 0 to 4096 [ 541.446550][T10662] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 541.658921][T10677] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2161'. [ 541.718931][T10674] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2161'. [ 541.800614][T10662] ntfs3(loop0): failed to convert "c46c" to cp866 [ 543.027235][T10682] loop5: detected capacity change from 0 to 32768 [ 543.046937][T10682] bcachefs (/dev/loop5): error validating superblock: Invalid superblock section members_v2: device 0: not enough buckets (got 0, max 64) [ 543.046937][T10682] members_v2 (size 40): [ 543.046937][T10682] nr_devices mismatch: have 2 entries, should be 1Device:0 [ 543.046937][T10682] Label: (none) [ 543.046937][T10682] UUID: 07000000-0000-0000-1800-000000000000 [ 543.046937][T10682] Size: 0 [ 543.046937][T10682] read errors: 0 [ 543.046937][T10682] write errors: 0 [ 543.046937][T10682] checksum errors: 0 [ 543.046937][T10682] seqread iops: 0 [ 543.046937][T10682] seqwrite iops: 0 [ 543.046937][T10682] randread iops: 0 [ 543.046937][T10682] randwrite iops: 0 [ 543.046937][T10682] Bucket size: 0 [ 543.046937][T10682] First bucket: 0 [ 543.046937][T10682] Buckets: 0 [ 543.046937][T10682] Last mount: (never) [ 543.046937][T10682] Last superblock write: 0 [ 543.046937][T10682] State: rw [ 543.046937][T10682] Data allowed: (none) [ 543.046937][T10682] Has data: (none) [ 543.046937][T10682] Btree allocated bitmap blocksize:1 [ 543.046937][T10682] Btree allocated bitmap: 0000000000000000000000000000000000000000000000000000000000000000 [ 543.046937][T10682] Durability: [ 543.047920][T10682] bcachefs: bch2_fs_get_tree() error: invalid_sb_members [ 543.187578][ C1] vkms_vblank_simulate: vblank timer overrun [ 544.219755][T10700] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2173'. [ 544.270252][T10700] Zero length message leads to an empty skb [ 544.888854][T10712] loop2: detected capacity change from 0 to 256 [ 545.014311][T10713] netlink: 264 bytes leftover after parsing attributes in process `syz.5.2179'. [ 545.506951][T10712] FAT-fs (loop2): Directory bread(block 64) failed [ 545.513977][T10712] FAT-fs (loop2): Directory bread(block 65) failed [ 545.521086][T10712] FAT-fs (loop2): Directory bread(block 66) failed [ 545.527936][T10712] FAT-fs (loop2): Directory bread(block 67) failed [ 545.534777][T10712] FAT-fs (loop2): Directory bread(block 68) failed [ 545.541628][T10712] FAT-fs (loop2): Directory bread(block 69) failed [ 545.552231][T10712] FAT-fs (loop2): Directory bread(block 70) failed [ 545.560107][T10712] FAT-fs (loop2): Directory bread(block 71) failed [ 545.567046][T10712] FAT-fs (loop2): Directory bread(block 72) failed [ 545.573739][T10712] FAT-fs (loop2): Directory bread(block 73) failed [ 545.869418][T10709] loop1: detected capacity change from 0 to 32768 [ 546.125331][T10709] gfs2: fsid=commit: Trying to join cluster "lock_nolock", "commit" [ 546.133832][T10709] gfs2: fsid=commit: Now mounting FS (format 0)... [ 546.144797][T10709] gfs2: not a GFS2 filesystem [ 546.151809][T10709] gfs2: fsid=commit: can't read superblock [ 546.158241][T10709] gfs2: fsid=commit: can't read superblock: -22 [ 547.989479][T10729] loop5: detected capacity change from 0 to 512 [ 548.030292][T10729] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 548.040408][T10729] EXT4-fs (loop5): orphan cleanup on readonly fs [ 548.133537][T10729] Quota error (device loop5): dq_insert_tree: Quota tree root isn't allocated! [ 548.142894][T10729] Quota error (device loop5): qtree_write_dquot: Error -5 occurred while creating quota [ 548.159660][T10729] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.2186: Failed to acquire dquot type 1 [ 548.190288][T10729] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2186: bg 0: block 40: padding at end of block bitmap is not set [ 548.219023][T10729] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 548.244249][T10729] EXT4-fs (loop5): 1 truncate cleaned up [ 548.252657][T10729] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 548.349004][ T6642] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 548.569653][T10738] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2190'. [ 548.938939][ T1866] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 549.136555][ T1866] usb 2-1: Using ep0 maxpacket: 32 [ 549.164439][ T1866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 549.176335][ T1866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 549.186982][ T1866] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 549.196394][ T1866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 549.323372][ T1866] usb 2-1: config 0 descriptor?? [ 549.705758][T10754] netlink: 'syz.5.2196': attribute type 3 has an invalid length. [ 549.833286][ T1866] koneplus 0003:1E7D:2D51.0001: unknown main item tag 0x7 [ 549.840980][ T1866] koneplus 0003:1E7D:2D51.0001: item fetching failed at offset 4/5 [ 549.921104][ T1866] koneplus 0003:1E7D:2D51.0001: parse failed [ 549.927695][ T1866] koneplus 0003:1E7D:2D51.0001: probe with driver koneplus failed with error -22 [ 550.106646][ T1866] usb 2-1: USB disconnect, device number 6 [ 550.825066][T10768] loop2: detected capacity change from 0 to 512 [ 551.029867][T10768] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 551.043122][T10768] ext4 filesystem being mounted at /449/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 551.164116][T10780] loop1: detected capacity change from 0 to 64 [ 551.520664][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 551.803306][T10782] loop5: detected capacity change from 0 to 1024 [ 552.037359][T10782] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 552.521983][T10782] EXT4-fs error (device loop5): ext4_empty_dir:3109: inode #11: block 623: comm syz.5.2208: Attempting to read directory block (623) that is past i_size (638464) [ 552.637020][T10782] EXT4-fs (loop5): Remounting filesystem read-only [ 552.637136][T10788] loop2: detected capacity change from 0 to 4096 [ 552.757499][T10788] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 553.093964][ T6642] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 553.246458][T10788] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 553.460839][T10788] ntfs3(loop2): ino=1e, mi_enum_attr [ 553.892075][T10808] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 553.899238][T10808] comedi comedi3: 8255: I/O port conflict (0x8000006,4) [ 553.914551][T10808] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 553.921475][T10808] comedi comedi3: 8255: I/O port conflict (0x8,4) [ 553.929470][T10808] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 553.936557][T10808] comedi comedi3: 8255: I/O port conflict (0x7fffffff,4) [ 553.947071][T10808] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 553.954463][T10808] comedi comedi3: 8255: I/O port conflict (0x3000000,4) [ 554.019484][T10811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2220'. [ 554.029602][T10811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2220'. [ 554.039582][T10811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2220'. [ 554.527697][T10817] pimreg: entered allmulticast mode [ 556.737764][T10836] loop0: detected capacity change from 0 to 2048 [ 556.822110][T10836] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 557.137120][T10836] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 558.843621][T10871] vivid-000: disconnect [ 558.888796][T10866] vivid-000: reconnect [ 559.197121][T10875] batadv0: entered promiscuous mode [ 559.217788][T10874] batadv0: left promiscuous mode [ 561.575297][T10915] loop5: detected capacity change from 0 to 256 [ 561.635005][T10915] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 561.646252][T10915] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 561.685379][T10920] loop0: detected capacity change from 0 to 256 [ 561.822703][T10920] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x09066d1f, utbl_chksum : 0xe619d30d) [ 561.824461][T10915] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 562.459847][T10927] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2274'. [ 563.587336][T10931] loop0: detected capacity change from 0 to 32768 [ 563.604198][T10931] jfs_mount: dbMount failed w/rc = -22 [ 563.610512][T10931] Mount JFS Failure: -22 [ 563.614906][T10931] jfs_mount failed w/return code = -22 [ 563.999013][T10938] loop2: detected capacity change from 0 to 2048 [ 564.162162][T10938] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 564.267729][T10938] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 564.390507][T10938] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 565.861806][T10954] loop2: detected capacity change from 0 to 4096 [ 566.148466][T10954] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 568.848593][T10994] loop0: detected capacity change from 0 to 4096 [ 569.744433][T11010] loop5: detected capacity change from 0 to 2048 [ 569.842636][T11010] EXT4-fs: Ignoring removed mblk_io_submit option [ 569.979190][T11010] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 570.209617][T11010] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2311: bg 0: block 234: padding at end of block bitmap is not set [ 570.296618][T11010] EXT4-fs (loop5): Remounting filesystem read-only [ 570.649941][ T6642] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 571.379549][T11034] loop2: detected capacity change from 0 to 64 [ 571.421898][T11034] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 571.456685][T11033] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2321'. [ 571.803990][T11038] loop2: detected capacity change from 0 to 256 [ 571.855573][T11040] mkiss: ax0: crc mode is auto. [ 571.888952][T11038] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 571.900545][T11038] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 571.984286][T11038] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb94faefa, utbl_chksum : 0xe619d30d) [ 572.017369][ T1866] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 572.287989][ T1866] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 572.299692][ T1866] usb 6-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 572.309233][ T1866] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 572.412299][ T1866] usb 6-1: config 0 descriptor?? [ 572.796562][T11047] loop1: detected capacity change from 0 to 512 [ 572.843195][T11047] EXT4-fs: Ignoring removed oldalloc option [ 572.849957][T11047] EXT4-fs: Ignoring removed bh option [ 572.909098][ T1866] holtek 0003:1241:5015.0002: item fetching failed at offset 1/5 [ 572.950215][ T1866] holtek 0003:1241:5015.0002: parse failed [ 572.956710][ T1866] holtek 0003:1241:5015.0002: probe with driver holtek failed with error -22 [ 573.065598][T11047] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.2328: corrupted in-inode xattr: e_value size too large [ 573.139633][T11047] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2328: couldn't read orphan inode 15 (err -117) [ 573.155186][ T1866] usb 6-1: USB disconnect, device number 6 [ 573.242626][T11047] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 573.437553][ T30] audit: type=1800 audit(1758850777.113:115): pid=11047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2328" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 573.759553][ T5823] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.100930][T11081] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2344'. [ 576.359115][T11102] bridge_slave_0: default FDB implementation only supports local addresses [ 577.197379][T11114] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2362'. [ 577.626934][T11120] loop2: detected capacity change from 0 to 256 [ 578.599937][T11133] loop1: detected capacity change from 0 to 256 [ 579.592879][T11148] netlink: 'syz.4.2377': attribute type 1 has an invalid length. [ 580.036858][ T30] audit: type=1326 audit(1758850783.693:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.059677][ C0] vkms_vblank_simulate: vblank timer overrun [ 580.069959][ T30] audit: type=1326 audit(1758850783.693:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.092584][ C0] vkms_vblank_simulate: vblank timer overrun [ 580.099046][ T30] audit: type=1326 audit(1758850783.713:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.122172][ T30] audit: type=1326 audit(1758850783.713:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.144705][ C0] vkms_vblank_simulate: vblank timer overrun [ 580.218717][T11143] loop5: detected capacity change from 0 to 32768 [ 580.313813][T11143] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 580.322920][T11143] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 580.349536][T11143] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 580.367050][ T1866] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 580.374116][ T1866] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 580.437729][ T30] audit: type=1326 audit(1758850783.853:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.461189][ T30] audit: type=1326 audit(1758850783.873:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.486750][ T30] audit: type=1326 audit(1758850783.883:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.510919][ T30] audit: type=1326 audit(1758850783.883:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.533751][ T30] audit: type=1326 audit(1758850783.893:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.556815][ T30] audit: type=1326 audit(1758850783.893:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11151 comm="syz.2.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f6a40b8eec9 code=0x7ffc0000 [ 580.754067][ T1866] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 379ms [ 580.762862][ T1866] gfs2: fsid=syz:syz.0: jid=0: Done [ 580.769463][T11143] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 581.446925][T11163] loop0: detected capacity change from 0 to 2048 [ 581.461615][T11168] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 581.468362][T11168] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 581.476623][T11168] vhci_hcd vhci_hcd.0: Device attached [ 581.541066][T11163] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 581.552782][T11163] NILFS (loop0): mounting unchecked fs [ 581.605551][T11174] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(5) [ 581.612353][T11174] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 581.620543][T11174] vhci_hcd vhci_hcd.0: Device attached [ 581.731891][ T6464] udevd[6464]: incorrect nilfs2 checksum on /dev/loop0 [ 581.752964][T11168] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(8) [ 581.759729][T11168] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 581.768356][T11168] vhci_hcd vhci_hcd.0: Device attached [ 581.776582][ T11] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 581.784936][T11163] NILFS (loop0): recovery complete [ 581.848007][T11179] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 581.904818][T11175] vhci_hcd: connection closed [ 581.914422][ T74] vhci_hcd: stop threads [ 581.917193][T11170] vhci_hcd: connection reset by peer [ 581.919500][ T74] vhci_hcd: release socket [ 581.924845][T11177] vhci_hcd: connection closed [ 581.929607][ T74] vhci_hcd: disconnect device [ 582.038707][ T74] vhci_hcd: stop threads [ 582.043193][ T74] vhci_hcd: release socket [ 582.048082][ T74] vhci_hcd: disconnect device [ 582.134803][ T74] vhci_hcd: stop threads [ 582.139995][ T74] vhci_hcd: release socket [ 582.144879][ T74] vhci_hcd: disconnect device [ 582.915038][T11189] loop0: detected capacity change from 0 to 2048 [ 583.046474][T11195] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 583.264274][T11196] loop2: detected capacity change from 0 to 256 [ 583.606968][T11196] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 586.895406][T11251] openvswitch: netlink: Unknown key attributes 2 [ 586.906534][ T11] vhci_hcd: vhci_device speed not set [ 588.904239][T11277] loop5: detected capacity change from 0 to 2048 [ 589.123819][T11277] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 589.211234][T11285] loop1: detected capacity change from 0 to 1024 [ 589.368827][T11285] hfsplus: bad catalog entry type [ 589.619908][ T6642] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.796670][ T4048] hfsplus: b-tree write err: -5, ino 4 [ 589.915389][T11292] loop2: detected capacity change from 0 to 2048 [ 590.061530][T11292] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 590.166457][ T30] audit: type=1326 audit(1758850793.813:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 590.268283][ T30] audit: type=1326 audit(1758850793.893:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 590.292511][ T30] audit: type=1326 audit(1758850793.893:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 590.318359][ T30] audit: type=1326 audit(1758850793.893:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 590.342185][ T30] audit: type=1326 audit(1758850793.903:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 590.365045][ T30] audit: type=1326 audit(1758850793.903:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 590.387892][ T30] audit: type=1326 audit(1758850793.913:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11296 comm="syz.5.2438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 590.454180][ T6458] udevd[6458]: incorrect nilfs2 checksum on /dev/loop2 [ 590.633277][ T6458] udevd[6458]: incorrect nilfs2 checksum on /dev/loop2 [ 591.638045][T11319] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2448'. [ 592.401026][T11330] Mount JFS Failure: -22 [ 592.497297][T11329] loop0: detected capacity change from 0 to 1024 [ 592.628369][T11329] hfsplus: bad catalog entry type [ 593.007021][ T5101] hfsplus: b-tree write err: -5, ino 4 [ 593.179614][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 593.186546][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 593.337163][T11343] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 593.449064][T11346] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2460'. [ 593.460510][T11346] tipc: Started in network mode [ 593.465613][T11346] tipc: Node identity 0000000000002d210000000000000001, cluster identity 4711 [ 593.479109][T11346] tipc: Enabling of bearer rejected, failed to enable media [ 594.195517][T11358] loop0: detected capacity change from 0 to 64 [ 594.236881][ T11] usb 2-1: new full-speed USB device number 7 using dummy_hcd [ 594.435353][ T11] usb 2-1: config index 0 descriptor too short (expected 19492, got 36) [ 594.444349][ T11] usb 2-1: config 0 has too many interfaces: 36, using maximum allowed: 32 [ 594.453676][ T11] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 36 [ 594.462942][ T11] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 594.478109][ T11] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 594.488144][ T11] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 594.504301][ T11] usb 2-1: New USB device found, idVendor=046d, idProduct=c225, bcdDevice= 0.00 [ 594.514607][ T11] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 594.678481][ T11] usb 2-1: config 0 descriptor?? [ 594.833733][T11364] loop2: detected capacity change from 0 to 1024 [ 594.953748][T11364] EXT4-fs: Ignoring removed bh option [ 595.055617][T11364] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 595.200373][ T11] hid (null): bogus close delimiter [ 595.280826][ T11] lg-g15 0003:046D:C225.0003: bogus close delimiter [ 595.288910][ T11] lg-g15 0003:046D:C225.0003: item 0 0 2 10 parsing failed [ 595.424367][ T11] lg-g15 0003:046D:C225.0003: probe with driver lg-g15 failed with error -22 [ 595.490516][T11364] EXT4-fs: Ignoring removed orlov option [ 595.498358][T11364] EXT4-fs: can't change dax mount option while remounting [ 595.505467][ T11] usb 2-1: USB disconnect, device number 7 [ 595.868893][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 596.696783][ T1866] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 596.782563][T11378] loop0: detected capacity change from 0 to 8192 [ 596.883665][T11392] loop2: detected capacity change from 0 to 512 [ 596.884061][ T1866] usb 6-1: Using ep0 maxpacket: 32 [ 596.930113][ T1866] usb 6-1: config 0 has an invalid interface number: 51 but max is 0 [ 596.939023][ T1866] usb 6-1: config 0 has no interface number 0 [ 596.982327][ T1866] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 596.991935][ T1866] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 597.000396][ T1866] usb 6-1: Product: syz [ 597.004725][ T1866] usb 6-1: Manufacturer: syz [ 597.009596][ T1866] usb 6-1: SerialNumber: syz [ 597.040639][T11392] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.2481: corrupted in-inode xattr: invalid ea_ino [ 597.076243][T11392] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2481: couldn't read orphan inode 15 (err -117) [ 597.097784][T11392] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 597.178892][ T1866] usb 6-1: config 0 descriptor?? [ 597.210226][ T1866] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 597.378060][T10753] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 597.609951][ T1866] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 597.642749][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 597.690612][ C1] quatech-serial ttyUSB0: qt2_process_read_urb - status message too short [ 597.701576][T10753] usb 2-1: config 0 has an invalid interface number: 64 but max is 0 [ 597.710261][T10753] usb 2-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 597.721839][T10753] usb 2-1: config 0 has no interface number 0 [ 597.777045][ T1866] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 597.864694][T10753] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 597.877395][T10753] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 597.885612][T10753] usb 2-1: Product: syz [ 597.891053][T10753] usb 2-1: Manufacturer: syz [ 597.896073][T10753] usb 2-1: SerialNumber: syz [ 597.978973][ C1] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 597.986820][ T11] usb 6-1: USB disconnect, device number 7 [ 598.006399][T10753] usb 2-1: config 0 descriptor?? [ 598.081952][ T11] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 598.262662][ T11] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 598.279203][ T11] quatech2 6-1:0.51: device disconnected [ 598.370951][T11404] loop2: detected capacity change from 0 to 512 [ 598.501274][T10753] usb 2-1: Found UVC 0.00 device syz (046d:0823) [ 598.509237][T11404] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 598.509790][T11404] System zones: [ 598.518569][T10753] usb 2-1: No valid video chain found. [ 598.524566][T10753] usb 2-1: USB disconnect, device number 8 [ 598.527919][T11404] 1-12 [ 598.621022][T11404] EXT4-fs error (device loop2): dx_probe:791: inode #2: comm syz.2.2485: Directory hole found for htree index block 0 [ 598.750451][T11404] EXT4-fs (loop2): Remounting filesystem read-only [ 598.803248][T11404] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -117 [ 598.841204][T11404] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117 [ 598.852360][T11404] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 599.256566][T11415] loop5: detected capacity change from 0 to 64 [ 599.469923][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 600.018150][T11425] vivid-000: ================= START STATUS ================= [ 600.029402][T11425] vivid-000: Test Pattern: 75% Colorbar [ 600.035257][T11425] vivid-000: Fill Percentage of Frame: 100 [ 600.042614][T11425] vivid-000: Horizontal Movement: No Movement [ 600.049089][T11425] vivid-000: Vertical Movement: No Movement [ 600.055259][T11425] vivid-000: OSD Text Mode: All [ 600.060529][T11425] vivid-000: Show Border: false [ 600.065647][T11425] vivid-000: Show Square: false [ 600.070986][T11425] vivid-000: Sensor Flipped Horizontally: false [ 600.077638][T11425] vivid-000: Sensor Flipped Vertically: false [ 600.083981][T11425] vivid-000: Insert SAV Code in Image: false [ 600.090386][T11425] vivid-000: Insert EAV Code in Image: false [ 600.097004][T11425] vivid-000: Insert Video Guard Band: false [ 600.103168][T11425] vivid-000: Reduced Framerate: false [ 600.108927][T11425] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 600.116980][T11425] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 600.128406][T11425] vivid-000: Enable Capture Cropping: true grabbed [ 600.135247][T11425] vivid-000: Enable Capture Composing: false grabbed [ 600.143358][T11425] vivid-000: Enable Capture Scaler: true grabbed [ 600.150322][T11425] vivid-000: Timestamp Source: End of Frame [ 600.156713][T11425] vivid-000: Colorspace: SMPTE 170M [ 600.162181][T11425] vivid-000: Transfer Function: Default [ 600.168163][T11425] vivid-000: Y'CbCr Encoding: Default [ 600.173793][T11425] vivid-000: HSV Encoding: Hue 0-179 [ 600.179512][T11425] vivid-000: Quantization: Default [ 600.184894][T11425] vivid-000: Apply Alpha To Red Only: false [ 600.191326][T11425] vivid-000: Standard Aspect Ratio: 4x3 [ 600.197341][T11425] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 600.205406][T11425] vivid-000: DV Timings: 640x480p59 inactive [ 600.211933][T11425] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 600.219730][T11425] vivid-000: Maximum EDID Blocks: 2 [ 600.225212][T11425] vivid-000: Limited RGB Range (16-235): false [ 600.234909][T11425] vivid-000: Rx RGB Quantization Range: Automatic [ 600.242691][T11425] vivid-000: Power Present: 0x00000001 [ 600.248642][T11425] tpg source WxH: 720x576 (R'G'B) [ 600.253820][T11425] tpg field: 4 [ 600.257493][T11425] tpg crop: (0,0)/720x576 [ 600.261981][T11425] tpg compose: (0,0)/720x576 [ 600.267528][T11425] tpg colorspace: 1 [ 600.271467][T11425] tpg transfer function: 0/1 [ 600.276705][T11425] tpg quantization: 0/1 [ 600.280997][T11425] tpg RGB range: 0/2 [ 600.285021][T11425] vivid-000: ================== END STATUS ================== [ 601.183478][T11440] vlan0: entered promiscuous mode [ 601.239929][T11440] team0: Port device vlan0 added [ 601.245391][T11442] netlink: 356 bytes leftover after parsing attributes in process `syz.2.2502'. [ 602.449617][T11457] loop5: detected capacity change from 0 to 256 [ 602.748083][T11457] FAT-fs (loop5): Directory bread(block 64) failed [ 602.754843][T11457] FAT-fs (loop5): Directory bread(block 65) failed [ 602.762462][T11457] FAT-fs (loop5): Directory bread(block 66) failed [ 602.769300][T11457] FAT-fs (loop5): Directory bread(block 67) failed [ 602.776289][T11457] FAT-fs (loop5): Directory bread(block 68) failed [ 602.782996][T11457] FAT-fs (loop5): Directory bread(block 69) failed [ 602.793413][T11457] FAT-fs (loop5): Directory bread(block 70) failed [ 602.801183][T11457] FAT-fs (loop5): Directory bread(block 71) failed [ 602.808183][T11457] FAT-fs (loop5): Directory bread(block 72) failed [ 602.814891][T11457] FAT-fs (loop5): Directory bread(block 73) failed [ 603.262415][T11471] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2517'. [ 603.434075][T11469] loop2: detected capacity change from 0 to 512 [ 603.528937][T11469] EXT4-fs: Ignoring removed oldalloc option [ 603.639063][T11469] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.2514: Parent and EA inode have the same ino 15 [ 603.771763][T11469] EXT4-fs (loop2): Remounting filesystem read-only [ 603.779145][T11469] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 603.789913][T11469] EXT4-fs (loop2): 1 orphan inode deleted [ 603.797992][T11469] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 604.206972][T10753] usb 2-1: new low-speed USB device number 9 using dummy_hcd [ 604.518399][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 605.004780][T11486] loop0: detected capacity change from 0 to 32768 [ 605.038973][T11486] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section journal_v2: journal buckets entry with bad nr: 21474967553+0 [ 605.038973][T11486] journal_v2 (size 2912): [ 605.038973][T11486] Buckets: 0-10 21474902017-21474902025 21474967553-21474967553 21474836481-21474836481 21491613697-21491613697 21508390913-21508390913 21525168129-21525168129 25769803778-25769806594 65795-25769869573 0-65794 25769803778-25769803794 65796-34359804197 0-0 0-83 0-0 25-6177 248-256 2048-2048 11-2827 0-1 16-256 0-0 0-0 0-0 0-0 0-0 0-0 0-0 0-30064771074 0-0 30064771074-30064771075 1280-12884903179 1179915-1179915 18446744069414584320-18446744069414584319 18446744073709551615-18446744073709551615 14322110933576210885-14322110933576210901 0-0 110593-4295143436 1179915-1179915 18446744069414584320-18446744069414584319 18446744073709551615-18446744073709551615 8469488994664696954-8469488994664696978 0-0 155649-4295254028 1179915-1179915 18446744069414584320-18446744069414584319 18446744073709551615-18446744073709551615 11142619451731364831-11142619451731 [ 605.044564][T11486] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal [ 605.571053][T10753] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 8 [ 605.582249][T10753] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 605.596456][T10753] usb 2-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00 [ 605.605698][T10753] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 605.799980][T10753] usb 2-1: config 0 descriptor?? [ 605.839194][T11481] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 607.055125][T10753] dragonrise 0003:0079:0011.0004: hidraw0: USB HID v0.03 Device [HID 0079:0011] on usb-dummy_hcd.1-1/input0 [ 607.223216][T10753] usb 2-1: USB disconnect, device number 9 [ 608.178907][T11504] fido_id[11504]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 608.242799][T11512] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore [ 608.252220][T11512] overlayfs: missing 'lowerdir' [ 608.492669][T11518] loop2: detected capacity change from 0 to 1024 [ 609.048911][ T3997] hfsplus: b-tree write err: -5, ino 4 [ 609.783336][T11531] loop0: detected capacity change from 0 to 2048 [ 609.929077][T11531] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 609.941994][T11531] ext4 filesystem being mounted at /507/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 610.109533][T11531] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #16: comm syz.0.2543: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 610.564080][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 611.721283][T11554] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2553'. [ 611.731231][T11554] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2553'. [ 612.179697][T11556] sp0: Synchronizing with TNC [ 613.031819][T11560] loop1: detected capacity change from 0 to 4096 [ 613.509134][ T4465] tipc: Subscription rejected, illegal request [ 613.661017][T11574] xt_limit: Overflow, try lower: 604147548/4200216962 [ 614.949645][T11584] kernel profiling enabled (shift: 34) [ 614.955299][T11584] profiling shift: 34 too large [ 615.114357][T11588] loop0: detected capacity change from 0 to 1024 [ 615.328106][T11588] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 615.500230][ T30] audit: type=1800 audit(1758850819.163:133): pid=11588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2569" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 615.967079][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 616.367845][T11609] loop2: detected capacity change from 0 to 64 [ 617.105472][T11614] loop0: detected capacity change from 0 to 2048 [ 617.237408][T11620] tipc: Enabled bearer , priority 7 [ 617.277570][T10753] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 617.350680][T11623] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 617.474687][T11623] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 617.486188][T11623] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4) [ 617.506708][T10753] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 617.518095][T10753] usb 6-1: config 0 interface 0 has no altsetting 0 [ 617.524940][T10753] usb 6-1: New USB device found, idVendor=05ac, idProduct=8242, bcdDevice= 0.00 [ 617.537557][T10753] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 617.633773][T11623] Remounting filesystem read-only [ 617.745278][T10753] usb 6-1: config 0 descriptor?? [ 617.967596][ T5814] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 618.276192][T10753] appleir 0003:05AC:8242.0005: item fetching failed at offset 5/7 [ 618.349492][T10753] appleir 0003:05AC:8242.0005: parse failed [ 618.360828][T10753] appleir 0003:05AC:8242.0005: probe with driver appleir failed with error -22 [ 618.383592][ T1866] tipc: Node number set to 4278255617 [ 618.475817][T10753] usb 6-1: USB disconnect, device number 8 [ 619.325396][T11644] loop0: detected capacity change from 0 to 2048 [ 619.449283][T11644] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 619.462221][T11644] ext4 filesystem being mounted at /517/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 619.970197][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 621.155266][T11675] loop5: detected capacity change from 0 to 256 [ 621.467852][T11675] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 621.481480][T11675] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 621.912063][ T5111] Bluetooth: hci1: unexpected event for opcode 0x042e [ 622.081219][ T30] audit: type=1326 audit(1758850825.753:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 622.188193][T11691] loop5: detected capacity change from 0 to 256 [ 622.206610][ T30] audit: type=1326 audit(1758850825.803:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 622.232692][ T30] audit: type=1326 audit(1758850825.813:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 622.258532][ T30] audit: type=1326 audit(1758850825.813:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f758d78ef03 code=0x7ffc0000 [ 622.282164][ T30] audit: type=1326 audit(1758850825.833:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f758d78d97f code=0x7ffc0000 [ 622.305484][ T30] audit: type=1326 audit(1758850825.833:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f758d78ef57 code=0x7ffc0000 [ 622.329985][ T30] audit: type=1326 audit(1758850825.833:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f758d78d710 code=0x7ffc0000 [ 622.359294][ T30] audit: type=1326 audit(1758850825.873:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f758d78eacb code=0x7ffc0000 [ 622.382842][ T30] audit: type=1326 audit(1758850825.873:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f758d78db2a code=0x7ffc0000 [ 622.405821][ T30] audit: type=1326 audit(1758850826.013:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11690 comm="syz.5.2615" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f758d78db2a code=0x7ffc0000 [ 622.531516][T11691] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001) [ 623.244365][T11706] loop5: detected capacity change from 0 to 128 [ 624.215562][T11722] loop2: detected capacity change from 0 to 256 [ 624.298711][T11723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2630'. [ 624.315063][T11722] exfat: Deprecated parameter 'utf8' [ 624.456520][T11722] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 625.609566][T11730] DRBG: could not allocate CTR cipher TFM handle: ctr(aes) [ 626.907032][T11758] loop0: detected capacity change from 0 to 1024 [ 626.951555][T11758] hfsplus: Filesystem is marked locked, mounting read-only. [ 627.086919][T11758] hfsplus: invalid catalog entry type in lookup [ 627.478542][T11761] loop1: detected capacity change from 0 to 4096 [ 627.616211][T11761] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 627.673365][T11761] ntfs3(loop1): ino=3, mi_enum_attr [ 628.227543][T11761] ntfs3(loop1): ino=1e, "file1" fallocate(0x10) is not supported [ 628.411202][ T11] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 628.659104][ T11] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 628.673681][ T11] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 628.683821][ T11] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 628.699884][ T11] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 628.710071][ T11] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 628.779952][ T11] usb 3-1: config 0 descriptor?? [ 629.347724][ T11] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 629.479406][T10753] usb 3-1: USB disconnect, device number 8 [ 630.076684][T10753] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 630.175271][T11794] fido_id[11794]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 630.276345][T10753] usb 5-1: Using ep0 maxpacket: 32 [ 630.294378][T10753] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 630.302925][T10753] usb 5-1: config 0 has no interface number 0 [ 630.379586][T10753] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 630.389133][T10753] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 630.397555][T10753] usb 5-1: Product: syz [ 630.401891][T10753] usb 5-1: Manufacturer: syz [ 630.406820][T10753] usb 5-1: SerialNumber: syz [ 630.540652][T10753] usb 5-1: config 0 descriptor?? [ 630.612331][T10753] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 630.621605][T10753] usb 5-1: selecting invalid altsetting 1 [ 630.627816][T10753] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 630.699585][T10753] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 630.711270][T10753] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 630.719981][T10753] usb 5-1: media controller created [ 630.887299][T10753] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 631.276879][ T1866] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 631.503806][ T1866] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 631.515415][ T1866] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 631.526102][ T1866] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 631.535378][ T1866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 631.700183][T11808] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 631.754438][ T1866] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 631.872232][T11796] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 631.906847][T10753] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 631.914113][T10753] zl10353_read_register: readreg error (reg=127, ret==-71) [ 632.011375][T10753] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 632.158028][ T1866] usb 3-1: USB disconnect, device number 9 [ 632.198764][T11817] loop0: detected capacity change from 0 to 2048 [ 632.268552][T11817] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 632.413112][T11824] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 632.826877][T10753] usb 5-1: USB disconnect, device number 13 [ 633.254988][ T6458] udevd[6458]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 633.571618][T11832] loop2: detected capacity change from 0 to 1024 [ 633.681490][T11836] tipc: Started in network mode [ 633.686911][T11836] tipc: Node identity aaaaaaaaaa1f, cluster identity 4711 [ 633.694929][T11836] tipc: Enabled bearer , priority 10 [ 633.867417][T11832] hfsplus: bad catalog entry type [ 634.207762][T11841] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2682'. [ 634.217891][T11841] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2682'. [ 634.287403][ T4465] hfsplus: b-tree write err: -5, ino 4 [ 634.817164][ T11] tipc: Node number set to 11905706 [ 635.353716][T11858] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2690'. [ 635.778821][T11856] loop2: detected capacity change from 0 to 4096 [ 636.097175][T11866] loop0: detected capacity change from 0 to 1024 [ 636.138970][T11866] EXT4-fs: Ignoring removed i_version option [ 636.237996][T11866] EXT4-fs (loop0): mounted filesystem 00010100-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 636.250801][T11866] ext4 filesystem being mounted at /538/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 636.282597][T11856] ntfs3(loop2): ino=21, "cgroup.controllers" mmap(write) compressed not supported [ 636.472056][T11866] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 636.607444][T11866] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28 [ 636.621185][T11866] EXT4-fs (loop0): This should not happen!! Data will be lost [ 636.621185][T11866] [ 636.631286][T11866] EXT4-fs (loop0): Total free blocks count 0 [ 636.638121][T11866] EXT4-fs (loop0): Free/Dirty block details [ 636.644189][T11866] EXT4-fs (loop0): free_blocks=4293918720 [ 636.650288][T11866] EXT4-fs (loop0): dirty_blocks=64 [ 636.655572][T11866] EXT4-fs (loop0): Block reservation details [ 636.661902][T11866] EXT4-fs (loop0): i_reserved_data_blocks=4 [ 637.445856][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 637.452339][ T30] audit: type=1326 audit(1758850841.123:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11876 comm="syz.4.2699" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc48558eec9 code=0x0 [ 637.513372][T11873] loop1: detected capacity change from 0 to 32768 [ 637.563766][T11873] lmLogInit: exit(-22) [ 637.568246][T11873] lmLogOpen: exit(-22) [ 637.961397][ T5814] EXT4-fs (loop0): unmounting filesystem 00010100-0000-0006-0000-000000000000. [ 639.049763][T11888] openvswitch: netlink: nsh attr 12032 is out of range max 3 [ 639.057947][T11888] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 639.256165][T11886] loop1: detected capacity change from 0 to 32768 [ 639.378955][T11886] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=data_checksum=none,compression=lz4,background_compression=zstd,recovery_pass_last=initialize_subvolumes,nojournal_transaction_names,noexcl,read_only [ 639.379106][T11886] allowing incompatible features above 0.0: (unknown version) [ 639.379200][T11886] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 639.422742][T11886] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0 [ 639.432064][T11886] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 639.443757][T11886] bcachefs (loop1): Version upgrade required: [ 639.443757][T11886] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 639.443757][T11886] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 639.443757][T11886] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 639.739918][T11886] bcachefs (loop1): accounting_read... done [ 639.785470][T11886] bcachefs (loop1): alloc_read... done [ 639.902704][T11886] bcachefs (loop1): done starting filesystem [ 640.063513][ T5823] bcachefs (loop1): shutting down [ 640.150651][ T5823] bcachefs (loop1): shutdown complete [ 641.680850][T11911] netlink: 'syz.4.2713': attribute type 1 has an invalid length. [ 641.947057][T11915] netlink: 'syz.5.2714': attribute type 1 has an invalid length. [ 641.955186][T11915] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2714'. [ 643.218674][T11930] tmpfs: Cannot retroactively limit inodes [ 643.704309][T11936] sp0: Synchronizing with TNC [ 644.536658][T11945] loop5: detected capacity change from 0 to 512 [ 644.647212][T11945] EXT4-fs: Ignoring removed bh option [ 644.706770][T11945] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 644.716627][T11945] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 644.828747][T11945] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 644.852118][T11945] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006] [ 644.891134][T11945] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 645.069657][T11945] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 645.748934][ T6642] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 645.906891][T11956] loop2: detected capacity change from 0 to 32768 [ 645.959230][T11956] (syz.2.2732,11956,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 645.968601][T11956] (syz.2.2732,11956,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 3, possibly corrupt fs? [ 645.968784][T11956] (syz.2.2732,11956,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 645.992973][T11956] (syz.2.2732,11956,0):ocfs2_initialize_super:2198 ERROR: status = -22 [ 646.006645][T11956] (syz.2.2732,11956,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 647.650524][T11985] loop5: detected capacity change from 0 to 8 [ 647.816245][T11979] loop1: detected capacity change from 0 to 4096 [ 648.107832][T11990] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 648.517735][T11994] new mount options do not match the existing superblock, will be ignored [ 648.615624][T11994] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 "" [ 648.726398][T11998] CUSE: info not properly terminated [ 650.717542][T12014] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2759'. [ 652.376274][T10753] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 652.588259][T10753] usb 3-1: Using ep0 maxpacket: 16 [ 652.625634][T10753] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 652.637210][T10753] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 652.647492][T10753] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 652.663603][T10753] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 652.674393][T10753] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 652.732782][T10753] usb 3-1: config 0 descriptor?? [ 652.947642][T12040] loop5: detected capacity change from 0 to 4096 [ 653.212050][T10753] input: HID 0955:7214 Haptics as /devices/virtual/input/input10 [ 653.328722][T10753] shield 0003:0955:7214.0007: Registered Thunderstrike controller [ 653.339159][T10753] shield 0003:0955:7214.0007: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0 [ 653.512203][ T1866] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 653.533256][ T1866] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 653.595701][T10753] usb 3-1: USB disconnect, device number 10 [ 653.653386][ T1866] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 653.665832][ T1866] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 653.748257][T12057] netlink: 'syz.4.2777': attribute type 29 has an invalid length. [ 653.864170][T12057] netlink: 'syz.4.2777': attribute type 29 has an invalid length. [ 654.129664][T12059] loop0: detected capacity change from 0 to 1024 [ 654.487332][T10753] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 654.618322][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 654.625119][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 654.720531][T10753] usb 6-1: Using ep0 maxpacket: 16 [ 654.726050][ T3997] hfsplus: b-tree write err: -5, ino 4 [ 654.746870][T10753] usb 6-1: config 0 has an invalid interface number: 200 but max is 0 [ 654.755266][T10753] usb 6-1: config 0 has no interface number 0 [ 654.762730][T10753] usb 6-1: config 0 interface 200 altsetting 0 bulk endpoint 0xA has invalid maxpacket 16 [ 654.773047][T10753] usb 6-1: config 0 interface 200 altsetting 0 endpoint 0x82 has invalid maxpacket 1104, setting to 1024 [ 654.784678][T10753] usb 6-1: config 0 interface 200 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 655.038046][T10753] usb 6-1: New USB device found, idVendor=0644, idProduct=0000, bcdDevice= 1.00 [ 655.047878][T10753] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 655.056328][T10753] usb 6-1: Product: syz [ 655.060736][T10753] usb 6-1: Manufacturer: syz [ 655.065508][T10753] usb 6-1: SerialNumber: syz [ 655.169297][T10753] usb 6-1: config 0 descriptor?? [ 655.197566][T12061] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 655.205539][T12061] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 655.301860][T10753] usb-storage 6-1:0.200: USB Mass Storage device detected [ 655.339699][T10753] scsi host1: usb-storage 6-1:0.200 [ 655.396291][ T1866] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 655.556310][ T1866] usb 1-1: Using ep0 maxpacket: 32 [ 655.622009][ T1866] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 655.634435][ T1866] usb 1-1: config 0 has no interface number 0 [ 655.681596][ T1866] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 655.691224][ T1866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 655.699605][ T1866] usb 1-1: Product: syz [ 655.703945][ T1866] usb 1-1: Manufacturer: syz [ 655.709122][ T1866] usb 1-1: SerialNumber: syz [ 655.769380][ T1866] usb 1-1: config 0 descriptor?? [ 655.812929][ T1866] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 655.956697][T10753] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 656.013725][ T1866] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 656.095177][ T1866] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 656.140933][T10753] usb 5-1: Using ep0 maxpacket: 8 [ 656.162874][T10753] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 656.174899][T10753] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 656.185165][T10753] usb 5-1: config 0 interface 0 has no altsetting 0 [ 656.192533][T10753] usb 5-1: New USB device found, idVendor=28bd, idProduct=0905, bcdDevice= 0.00 [ 656.202489][T10753] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 656.288008][ C1] quatech-serial ttyUSB0: qt2_process_read_urb - port change to invalid port: 3 [ 656.509384][ C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 656.524977][ T1866] usb 1-1: USB disconnect, device number 12 [ 656.564383][ T1866] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 656.634838][T10753] usb 5-1: config 0 descriptor?? [ 656.761957][ T1866] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 656.778743][ T1866] quatech2 1-1:0.51: device disconnected [ 656.838183][T12084] loop2: detected capacity change from 0 to 32768 [ 657.137515][T12075] usb 6-1: reset high-speed USB device number 9 using dummy_hcd [ 657.238355][T10753] input: HID 28bd:0905 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:28BD:0905.0008/input/input11 [ 657.448944][T10753] uclogic 0003:28BD:0905.0008: input,hidraw0: USB HID v8.15 Mouse [HID 28bd:0905] on usb-dummy_hcd.4-1/input0 [ 657.557524][T10753] usb 5-1: USB disconnect, device number 14 [ 657.990799][ T5870] usb 6-1: USB disconnect, device number 9 [ 658.599988][T12093] fido_id[12093]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 658.846243][T10753] usb 1-1: new full-speed USB device number 13 using dummy_hcd [ 659.059975][T10753] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 659.071339][T10753] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 659.083441][T10753] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64 [ 659.111816][T10753] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 659.121337][T10753] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 659.129690][T10753] usb 1-1: Product: syz [ 659.134016][T10753] usb 1-1: Manufacturer: syz [ 659.139133][T10753] usb 1-1: SerialNumber: syz [ 659.152355][T10753] usb 1-1: config 0 descriptor?? [ 659.160803][T12103] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 659.256667][T12103] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 659.318991][T10753] usb 1-1: ucan: probing device on interface #0 [ 659.806520][T10753] usb 1-1: ucan: device reported invalid device info [ 659.813577][T10753] usb 1-1: ucan: probe failed; try to update the device firmware [ 660.027761][T10753] usb 1-1: USB disconnect, device number 13 [ 661.102936][T12129] loop2: detected capacity change from 0 to 512 [ 661.147426][T12129] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 661.158932][T12129] UDF-fs: Scanning with blocksize 512 failed [ 661.203952][ T30] audit: type=1326 audit(1758850864.873:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12134 comm="syz.5.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 661.234515][T12129] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 661.242401][T12129] UDF-fs: Scanning with blocksize 1024 failed [ 661.329199][T12129] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 661.337025][T12129] UDF-fs: Scanning with blocksize 2048 failed [ 661.346271][ T30] audit: type=1326 audit(1758850864.923:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12134 comm="syz.5.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 661.372669][ T30] audit: type=1326 audit(1758850864.923:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12134 comm="syz.5.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 661.396652][ T30] audit: type=1326 audit(1758850864.943:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12134 comm="syz.5.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 661.419802][ T30] audit: type=1326 audit(1758850864.963:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12134 comm="syz.5.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 661.442651][ T30] audit: type=1326 audit(1758850864.963:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12134 comm="syz.5.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 661.468181][ T30] audit: type=1326 audit(1758850864.963:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12134 comm="syz.5.2813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f758d78eec9 code=0x7ffc0000 [ 661.496822][T12129] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 661.717471][T12129] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 661.968194][ T30] audit: type=1800 audit(1758850865.643:161): pid=12146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2818" name="file1" dev="tmpfs" ino=2976 res=0 errno=0 [ 664.629026][T12180] loop2: detected capacity change from 0 to 16 [ 664.726651][T12180] erofs (device loop2): mounted with root inode @ nid 36. [ 665.274648][T12178] loop0: detected capacity change from 0 to 32768 [ 665.366633][T12178] OCFS2: ERROR (device loop0): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #72: signature = INODE0ø [ 665.382767][T12178] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 665.393766][T12178] OCFS2: Returning error to the calling process. [ 665.400421][T12178] (syz.0.2833,12178,1):ocfs2_read_locked_inode:597 ERROR: status = -5 [ 665.409313][T12178] (syz.0.2833,12178,1):_ocfs2_get_system_file_inode:144 ERROR: status = -5 [ 665.419423][T12178] (syz.0.2833,12178,1):ocfs2_init_local_system_inodes:496 ERROR: status=-22, sysfile=7, slot=0 [ 665.430172][T12178] (syz.0.2833,12178,1):ocfs2_init_local_system_inodes:505 ERROR: status = -22 [ 665.439459][T12178] (syz.0.2833,12178,1):ocfs2_mount_volume:1758 ERROR: status = -22 [ 665.461521][T12178] (syz.0.2833,12178,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 667.059474][T12204] loop0: detected capacity change from 0 to 1024 [ 667.338699][T12204] hfsplus: bad catalog entry type [ 667.895217][ T4465] hfsplus: b-tree write err: -5, ino 4 [ 668.288422][T12215] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2850'. [ 668.434983][T12209] loop2: detected capacity change from 0 to 32768 [ 668.498723][T12209] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 668.507275][T12209] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 668.569416][T12209] gfs2: fsid=syz:syz.s: journal 0 mapped with 7 extents in 0ms [ 668.644821][T12209] syz.2.2847: attempt to access beyond end of device [ 668.644821][T12209] loop2: rw=0, sector=61572651159584, nr_sectors = 8 limit=32768 [ 668.776840][T12213] loop5: detected capacity change from 0 to 4096 [ 668.790219][T12217] loop0: detected capacity change from 0 to 2048 [ 668.904515][T12217] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=18576, location=18576 [ 669.034485][T12209] gfs2: fsid=syz:syz.s: Error parsing journal for spectator mount. [ 669.047617][T12217] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 669.572915][T12226] loop1: detected capacity change from 0 to 256 [ 669.825538][T12226] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 671.077267][T12244] tipc: Resetting bearer [ 671.155344][T12244] netlink: 'syz.5.2863': attribute type 2 has an invalid length. [ 671.163432][T12244] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2863'. [ 671.176556][T12243] tipc: Enabling of bearer rejected, failed to enable media [ 672.482010][T12250] loop0: detected capacity change from 0 to 32768 [ 672.591733][T12250] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,background_compression=lz4,recovery_pass_last=initialize_subvolumes,nojournal_transaction_names,read_only,no_data_io [ 672.591894][T12250] allowing incompatible features above 0.0: (unknown version) [ 672.591987][T12250] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 672.616486][ C1] vkms_vblank_simulate: vblank timer overrun [ 672.639568][T12255] use of bytesused == 0 is deprecated and will be removed in the future, [ 672.644916][T12250] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0 [ 672.650438][T12255] use the actual size instead. [ 672.660033][T12250] bcachefs (loop0): invalid journal entry, version=1.7: mi_btree_bitmap type=blacklist in superblock: invalid journal seq blacklist entry: bad size, fixing [ 672.688567][T12250] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 672.698219][T12250] bcachefs (loop0): Version upgrade required: [ 672.698219][T12250] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 672.698219][T12250] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 672.698219][T12250] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 672.718971][T12256] loop5: detected capacity change from 0 to 1024 [ 672.771567][ C1] vkms_vblank_simulate: vblank timer overrun [ 672.908263][T12250] bcachefs (loop0): btree node read error at btree alloc level 0/0 [ 672.908369][T12250] u64s 11 type btree_ptr_v2 283673999966207:U64_MAX:U32_MAX len 0 ver 0: seq ac62141f8dc70d61 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 672.908482][T12250] loop0 node offset 0/24: got wrong btree node: got [ 672.908559][T12250] btree=alloc level=0 seq ac62141f8dc7e261 1 [ 672.908629][T12250] min: POS_MIN [ 672.908698][T12250] max: SPOS_MAX [ 672.908760][T12250] loop0 btree validate error [ 672.908830][T12250] flagging btree alloc lost data [ 672.908904][T12250] running recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 672.908992][T12250] ret btree_node_read_err_bad_node [ 672.983709][T12250] bcachefs (loop0): error reading btree root btree=alloc level=0: btree_node_read_error, fixing [ 673.073460][T12250] bcachefs (loop0): check_topology... done [ 673.109282][T12250] bcachefs (loop0): accounting_read... done [ 673.162632][T12250] bcachefs (loop0): alloc_read... [ 673.169307][T12256] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 673.207581][T12250] done [ 673.211596][T12250] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean [ 673.274887][T12250] bcachefs (loop0): done starting filesystem [ 673.550133][ T5814] bcachefs (loop0): shutting down [ 673.653065][ T5814] bcachefs (loop0): shutdown complete [ 673.940248][ T6642] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 676.999242][T12303] IPVS: Error connecting to the multicast addr [ 677.324486][T12307] ip6tnl0: Master is either lo or non-ether device [ 677.709169][T12314] loop5: detected capacity change from 0 to 256 [ 678.181441][T12314] FAT-fs (loop5): Directory bread(block 64) failed [ 678.188577][T12314] FAT-fs (loop5): Directory bread(block 65) failed [ 678.195505][T12314] FAT-fs (loop5): Directory bread(block 66) failed [ 678.202388][T12314] FAT-fs (loop5): Directory bread(block 67) failed [ 678.209335][T12314] FAT-fs (loop5): Directory bread(block 68) failed [ 678.216195][T12314] FAT-fs (loop5): Directory bread(block 69) failed [ 678.223050][T12314] FAT-fs (loop5): Directory bread(block 70) failed [ 678.229936][T12314] FAT-fs (loop5): Directory bread(block 71) failed [ 678.236898][T12314] FAT-fs (loop5): Directory bread(block 72) failed [ 678.243588][T12314] FAT-fs (loop5): Directory bread(block 73) failed [ 678.409921][ T30] audit: type=1800 audit(1758850882.073:162): pid=12314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2895" name="file1" dev="loop5" ino=1048660 res=0 errno=0 [ 678.428609][T12321] loop0: detected capacity change from 0 to 256 [ 678.482374][T12324] netlink: 165 bytes leftover after parsing attributes in process `syz.4.2900'. [ 678.569543][T12326] hsr0: entered promiscuous mode [ 678.650705][ T5870] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 678.677022][T12321] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 678.822419][ T30] audit: type=1800 audit(1758850882.503:163): pid=12321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2899" name="file1" dev="loop0" ino=1048661 res=0 errno=0 [ 678.918399][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 678.930011][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 678.940231][ T5870] usb 3-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 678.949612][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 679.128296][ T5870] usb 3-1: config 0 descriptor?? [ 679.575318][T12331] macsec1: entered promiscuous mode [ 679.584603][T12331] macvlan0: entered promiscuous mode [ 679.692540][ T5870] hkems 0003:2006:0118.0009: hidraw0: USB HID v0.00 Device [HID 2006:0118] on usb-dummy_hcd.2-1/input0 [ 679.708966][ T5870] hkems 0003:2006:0118.0009: no inputs found [ 679.715156][ T5870] hkems 0003:2006:0118.0009: force feedback init failed [ 679.740272][T12331] macvlan0: left promiscuous mode [ 679.862605][T12335] loop1: detected capacity change from 0 to 164 [ 680.047564][ T5870] usb 3-1: USB disconnect, device number 11 [ 680.051423][T12335] Unable to read rock-ridge attributes [ 680.169366][T12335] Unable to read rock-ridge attributes [ 680.518030][T12336] fido_id[12336]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 680.717768][T12340] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold [ 680.727103][ T5870] IPVS: starting estimator thread 0... [ 680.826343][T12342] IPVS: using max 192 ests per chain, 9600 per kthread [ 680.835697][T12343] loop0: detected capacity change from 0 to 256 [ 680.992335][T12343] exfat: Deprecated parameter 'namecase' [ 680.998674][T12343] exfat: Deprecated parameter 'namecase' [ 681.174578][T12343] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdc4194f9, utbl_chksum : 0xe619d30d) [ 681.320411][T12347] loop1: detected capacity change from 0 to 2048 [ 681.606162][T12347] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 681.768780][ T30] audit: type=1804 audit(1758850885.433:164): pid=12347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2909" name="/newroot/598/file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=1367 res=1 errno=0 [ 681.982695][T12356] loop2: detected capacity change from 0 to 64 [ 682.878291][T12360] loop1: detected capacity change from 0 to 16 [ 682.963291][T12360] erofs (device loop1): mounted with root inode @ nid 36. [ 683.017340][T12364] loop2: detected capacity change from 0 to 16 [ 683.103273][T12364] erofs (device loop2): mounted with root inode @ nid 36. [ 683.234220][T12364] erofs (device loop2): readahead error at folio 319 @ nid 36 [ 683.245223][T12364] erofs (device loop2): readahead error at folio 316 @ nid 36 [ 683.253265][T12364] erofs (device loop2): readahead error at folio 315 @ nid 36 [ 683.261112][T12364] erofs (device loop2): readahead error at folio 314 @ nid 36 [ 683.271659][T12364] erofs (device loop2): readahead error at folio 313 @ nid 36 [ 683.282486][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 312 of nid 36 [ 683.292074][T12364] erofs (device loop2): readahead error at folio 312 @ nid 36 [ 683.302957][T12364] erofs (device loop2): readahead error at folio 309 @ nid 36 [ 683.310913][T12364] erofs (device loop2): readahead error at folio 308 @ nid 36 [ 683.318882][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 306 of nid 36 [ 683.330348][T12364] erofs (device loop2): readahead error at folio 307 @ nid 36 [ 683.338163][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 306 of nid 36 [ 683.346945][T12364] erofs (device loop2): readahead error at folio 306 @ nid 36 [ 683.355037][T12364] erofs (device loop2): readahead error at folio 302 @ nid 36 [ 683.366156][T12364] erofs (device loop2): readahead error at folio 298 @ nid 36 [ 683.373815][T12364] erofs (device loop2): readahead error at folio 297 @ nid 36 [ 683.384605][T12364] erofs (device loop2): readahead error at folio 296 @ nid 36 [ 683.396648][T12364] erofs (device loop2): readahead error at folio 295 @ nid 36 [ 683.404311][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 294 of nid 36 [ 683.413024][T12364] erofs (device loop2): readahead error at folio 294 @ nid 36 [ 683.423673][T12364] erofs (device loop2): readahead error at folio 291 @ nid 36 [ 683.431659][T12364] erofs (device loop2): readahead error at folio 290 @ nid 36 [ 683.439509][T12364] erofs (device loop2): bogus lookback distance 1509 @ lcn 288 of nid 36 [ 683.451016][T12364] erofs (device loop2): readahead error at folio 289 @ nid 36 [ 683.458927][T12364] erofs (device loop2): bogus lookback distance 1509 @ lcn 288 of nid 36 [ 683.467772][T12364] erofs (device loop2): readahead error at folio 288 @ nid 36 [ 683.475604][T12364] erofs (device loop2): readahead error at folio 286 @ nid 36 [ 683.489206][T12364] erofs (device loop2): readahead error at folio 283 @ nid 36 [ 683.498177][T12364] erofs (device loop2): readahead error at folio 280 @ nid 36 [ 683.506021][T12364] erofs (device loop2): readahead error at folio 279 @ nid 36 [ 683.513680][T12364] erofs (device loop2): readahead error at folio 278 @ nid 36 [ 683.524225][T12364] erofs (device loop2): readahead error at folio 277 @ nid 36 [ 683.532182][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 276 of nid 36 [ 683.540978][T12364] erofs (device loop2): readahead error at folio 276 @ nid 36 [ 683.551596][T12364] erofs (device loop2): readahead error at folio 273 @ nid 36 [ 683.559904][T12364] erofs (device loop2): readahead error at folio 272 @ nid 36 [ 683.567968][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 270 of nid 36 [ 683.579543][T12364] erofs (device loop2): readahead error at folio 271 @ nid 36 [ 683.590462][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 270 of nid 36 [ 683.600162][T12364] erofs (device loop2): readahead error at folio 270 @ nid 36 [ 683.611082][T12364] erofs (device loop2): readahead error at folio 266 @ nid 36 [ 683.619006][T12364] erofs (device loop2): readahead error at folio 265 @ nid 36 [ 683.627052][T12364] erofs (device loop2): readahead error at folio 262 @ nid 36 [ 683.634715][T12364] erofs (device loop2): readahead error at folio 261 @ nid 36 [ 683.645272][T12364] erofs (device loop2): readahead error at folio 260 @ nid 36 [ 683.653556][T12364] erofs (device loop2): readahead error at folio 259 @ nid 36 [ 683.661378][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 258 of nid 36 [ 683.672870][T12364] erofs (device loop2): readahead error at folio 258 @ nid 36 [ 683.680857][T12364] erofs (device loop2): readahead error at folio 255 @ nid 36 [ 683.691653][T12364] erofs (device loop2): readahead error at folio 254 @ nid 36 [ 683.703200][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 252 of nid 36 [ 683.712024][T12364] erofs (device loop2): readahead error at folio 253 @ nid 36 [ 683.719876][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 252 of nid 36 [ 683.731385][T12364] erofs (device loop2): readahead error at folio 252 @ nid 36 [ 683.739501][T12364] erofs (device loop2): readahead error at folio 248 @ nid 36 [ 683.747449][T12364] erofs (device loop2): readahead error at folio 247 @ nid 36 [ 683.755288][T12364] erofs (device loop2): readahead error at folio 244 @ nid 36 [ 683.766000][T12364] erofs (device loop2): readahead error at folio 243 @ nid 36 [ 683.773662][T12364] erofs (device loop2): readahead error at folio 242 @ nid 36 [ 683.781486][T12364] erofs (device loop2): readahead error at folio 241 @ nid 36 [ 683.795048][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 240 of nid 36 [ 683.804736][T12364] erofs (device loop2): readahead error at folio 240 @ nid 36 [ 683.812625][T12364] erofs (device loop2): readahead error at folio 237 @ nid 36 [ 683.823158][T12364] erofs (device loop2): readahead error at folio 236 @ nid 36 [ 683.831111][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 234 of nid 36 [ 683.839891][T12364] erofs (device loop2): readahead error at folio 235 @ nid 36 [ 683.850462][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 234 of nid 36 [ 683.859345][T12364] erofs (device loop2): readahead error at folio 234 @ nid 36 [ 683.867369][T12364] erofs (device loop2): readahead error at folio 230 @ nid 36 [ 683.875033][T12364] erofs (device loop2): readahead error at folio 229 @ nid 36 [ 683.885671][T12364] erofs (device loop2): readahead error at folio 226 @ nid 36 [ 683.896634][T12364] erofs (device loop2): readahead error at folio 225 @ nid 36 [ 683.904306][T12364] erofs (device loop2): readahead error at folio 224 @ nid 36 [ 683.915780][T12364] erofs (device loop2): readahead error at folio 223 @ nid 36 [ 683.923761][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 222 of nid 36 [ 683.932504][T12364] erofs (device loop2): readahead error at folio 222 @ nid 36 [ 683.943072][T12364] erofs (device loop2): readahead error at folio 219 @ nid 36 [ 683.951009][T12364] erofs (device loop2): readahead error at folio 218 @ nid 36 [ 683.958914][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 216 of nid 36 [ 683.970420][T12364] erofs (device loop2): readahead error at folio 217 @ nid 36 [ 683.978384][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 216 of nid 36 [ 683.987177][T12364] erofs (device loop2): readahead error at folio 216 @ nid 36 [ 683.998052][T12364] erofs (device loop2): readahead error at folio 212 @ nid 36 [ 684.005715][T12364] erofs (device loop2): readahead error at folio 211 @ nid 36 [ 684.017330][T12364] erofs (device loop2): readahead error at folio 208 @ nid 36 [ 684.024982][T12364] erofs (device loop2): readahead error at folio 207 @ nid 36 [ 684.032839][T12364] erofs (device loop2): readahead error at folio 206 @ nid 36 [ 684.044567][T12364] erofs (device loop2): readahead error at folio 205 @ nid 36 [ 684.053140][T12364] erofs (device loop2): bogus lookback distance 256 @ lcn 204 of nid 36 [ 684.061835][T12364] erofs (device loop2): readahead error at folio 204 @ nid 36 [ 684.072628][T12364] erofs (device loop2): readahead error at folio 201 @ nid 36 [ 684.080459][T12364] erofs (device loop2): readahead error at folio 200 @ nid 36 [ 684.088376][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 198 of nid 36 [ 684.103123][T12364] erofs (device loop2): readahead error at folio 199 @ nid 36 [ 684.113726][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 198 of nid 36 [ 684.122505][T12364] erofs (device loop2): readahead error at folio 198 @ nid 36 [ 684.134074][T12364] erofs (device loop2): readahead error at folio 194 @ nid 36 [ 684.142967][T12364] erofs (device loop2): readahead error at folio 193 @ nid 36 [ 684.150935][T12364] erofs (device loop2): readahead error at folio 190 @ nid 36 [ 684.161757][T12364] erofs (device loop2): readahead error at folio 189 @ nid 36 [ 684.169589][T12364] erofs (device loop2): readahead error at folio 188 @ nid 36 [ 684.177435][T12364] erofs (device loop2): readahead error at folio 187 @ nid 36 [ 684.185097][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 186 of nid 36 [ 684.197207][T12364] erofs (device loop2): readahead error at folio 186 @ nid 36 [ 684.204943][T12364] erofs (device loop2): readahead error at folio 183 @ nid 36 [ 684.216863][T12364] erofs (device loop2): readahead error at folio 182 @ nid 36 [ 684.224775][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 180 of nid 36 [ 684.236419][T12364] erofs (device loop2): readahead error at folio 181 @ nid 36 [ 684.244104][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 180 of nid 36 [ 684.253015][T12364] erofs (device loop2): readahead error at folio 180 @ nid 36 [ 684.261082][T12364] erofs (device loop2): readahead error at folio 176 @ nid 36 [ 684.271648][T12364] erofs (device loop2): readahead error at folio 175 @ nid 36 [ 684.279603][T12364] erofs (device loop2): readahead error at folio 172 @ nid 36 [ 684.287445][T12364] erofs (device loop2): readahead error at folio 171 @ nid 36 [ 684.295106][T12364] erofs (device loop2): readahead error at folio 170 @ nid 36 [ 684.309084][T12364] erofs (device loop2): readahead error at folio 165 @ nid 36 [ 684.318172][T12364] erofs (device loop2): readahead error at folio 164 @ nid 36 [ 684.328816][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 162 of nid 36 [ 684.337630][T12364] erofs (device loop2): readahead error at folio 163 @ nid 36 [ 684.345288][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 162 of nid 36 [ 684.354223][T12364] erofs (device loop2): readahead error at folio 162 @ nid 36 [ 684.364897][T12364] erofs (device loop2): readahead error at folio 158 @ nid 36 [ 684.372730][T12364] erofs (device loop2): readahead error at folio 157 @ nid 36 [ 684.380712][T12364] erofs (device loop2): readahead error at folio 154 @ nid 36 [ 684.391268][T12364] erofs (device loop2): readahead error at folio 153 @ nid 36 [ 684.402543][T12364] erofs (device loop2): readahead error at folio 152 @ nid 36 [ 684.411315][T12364] erofs (device loop2): readahead error at folio 151 @ nid 36 [ 684.421841][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 150 of nid 36 [ 684.430553][T12364] erofs (device loop2): readahead error at folio 150 @ nid 36 [ 684.438435][T12364] erofs (device loop2): readahead error at folio 147 @ nid 36 [ 684.448972][T12364] erofs (device loop2): readahead error at folio 146 @ nid 36 [ 684.456849][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 144 of nid 36 [ 684.465460][T12364] erofs (device loop2): readahead error at folio 145 @ nid 36 [ 684.473703][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 144 of nid 36 [ 684.485171][T12364] erofs (device loop2): readahead error at folio 144 @ nid 36 [ 684.493220][T12364] erofs (device loop2): readahead error at folio 140 @ nid 36 [ 684.501151][T12364] erofs (device loop2): readahead error at folio 139 @ nid 36 [ 684.515082][T12364] erofs (device loop2): readahead error at folio 136 @ nid 36 [ 684.523902][T12364] erofs (device loop2): readahead error at folio 135 @ nid 36 [ 684.531728][T12364] erofs (device loop2): readahead error at folio 134 @ nid 36 [ 684.542290][T12364] erofs (device loop2): readahead error at folio 133 @ nid 36 [ 684.550110][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 132 of nid 36 [ 684.558909][T12364] erofs (device loop2): readahead error at folio 132 @ nid 36 [ 684.569535][T12364] erofs (device loop2): readahead error at folio 129 @ nid 36 [ 684.577397][T12364] erofs (device loop2): readahead error at folio 128 @ nid 36 [ 684.585099][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 126 of nid 36 [ 684.593872][T12364] erofs (device loop2): readahead error at folio 127 @ nid 36 [ 684.604377][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 126 of nid 36 [ 684.616384][T12364] erofs (device loop2): readahead error at folio 126 @ nid 36 [ 684.624304][T12364] erofs (device loop2): readahead error at folio 122 @ nid 36 [ 684.635797][T12364] erofs (device loop2): readahead error at folio 121 @ nid 36 [ 684.643764][T12364] erofs (device loop2): readahead error at folio 118 @ nid 36 [ 684.651830][T12364] erofs (device loop2): readahead error at folio 117 @ nid 36 [ 684.662510][T12364] erofs (device loop2): readahead error at folio 116 @ nid 36 [ 684.670370][T12364] erofs (device loop2): readahead error at folio 115 @ nid 36 [ 684.678299][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 114 of nid 36 [ 684.690172][T12364] erofs (device loop2): readahead error at folio 114 @ nid 36 [ 684.698062][T12364] erofs (device loop2): readahead error at folio 111 @ nid 36 [ 684.705714][T12364] erofs (device loop2): readahead error at folio 110 @ nid 36 [ 684.716787][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 108 of nid 36 [ 684.725410][T12364] erofs (device loop2): readahead error at folio 109 @ nid 36 [ 684.737171][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 108 of nid 36 [ 684.745795][T12364] erofs (device loop2): readahead error at folio 108 @ nid 36 [ 684.754531][T12364] erofs (device loop2): readahead error at folio 104 @ nid 36 [ 684.762477][T12364] erofs (device loop2): readahead error at folio 103 @ nid 36 [ 684.773116][T12364] erofs (device loop2): readahead error at folio 102 @ nid 36 [ 684.781542][T12364] erofs (device loop2): readahead error at folio 98 @ nid 36 [ 684.789348][T12364] erofs (device loop2): readahead error at folio 96 @ nid 36 [ 684.800576][T12364] erofs (device loop2): readahead error at folio 94 @ nid 36 [ 684.808350][T12364] erofs (device loop2): readahead error at folio 93 @ nid 36 [ 684.819105][T12364] erofs (device loop2): readahead error at folio 92 @ nid 36 [ 684.830460][T12364] erofs (device loop2): readahead error at folio 91 @ nid 36 [ 684.838336][T12364] erofs (device loop2): readahead error at folio 90 @ nid 36 [ 684.846577][T12364] erofs (device loop2): readahead error at folio 86 @ nid 36 [ 684.854387][T12364] erofs (device loop2): readahead error at folio 84 @ nid 36 [ 684.865642][T12364] erofs (device loop2): readahead error at folio 80 @ nid 36 [ 684.873771][T12364] erofs (device loop2): readahead error at folio 74 @ nid 36 [ 684.881575][T12364] erofs (device loop2): readahead error at folio 72 @ nid 36 [ 684.892602][T12364] erofs (device loop2): readahead error at folio 70 @ nid 36 [ 684.900705][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 62 of nid 36 [ 684.909413][T12364] erofs (device loop2): readahead error at folio 63 @ nid 36 [ 684.923099][T12364] erofs (device loop2): bogus lookback distance 1388 @ lcn 62 of nid 36 [ 684.933051][T12364] erofs (device loop2): readahead error at folio 62 @ nid 36 [ 684.941000][T12364] erofs (device loop2): readahead error at folio 58 @ nid 36 [ 684.951536][T12364] erofs (device loop2): readahead error at folio 57 @ nid 36 [ 684.959497][T12364] erofs (device loop2): readahead error at folio 54 @ nid 36 [ 684.967297][T12364] erofs (device loop2): readahead error at folio 53 @ nid 36 [ 684.975044][T12364] erofs (device loop2): readahead error at folio 52 @ nid 36 [ 684.985620][T12364] erofs (device loop2): readahead error at folio 51 @ nid 36 [ 684.993389][T12364] erofs (device loop2): bogus lookback distance 363 @ lcn 50 of nid 36 [ 685.001973][T12364] erofs (device loop2): readahead error at folio 50 @ nid 36 [ 685.012542][T12364] erofs (device loop2): readahead error at folio 47 @ nid 36 [ 685.023264][T12364] erofs (device loop2): readahead error at folio 46 @ nid 36 [ 685.032515][T12364] erofs (device loop2): readahead error at folio 40 @ nid 36 [ 685.043066][T12364] erofs (device loop2): readahead error at folio 39 @ nid 36 [ 685.050837][T12364] erofs (device loop2): readahead error at folio 38 @ nid 36 [ 685.058817][T12364] erofs (device loop2): readahead error at folio 34 @ nid 36 [ 685.069556][T12364] erofs (device loop2): readahead error at folio 32 @ nid 36 [ 685.077352][T12364] erofs (device loop2): readahead error at folio 30 @ nid 36 [ 685.085130][T12364] erofs (device loop2): readahead error at folio 27 @ nid 36 [ 685.092868][T12364] erofs (device loop2): readahead error at folio 26 @ nid 36 [ 685.103760][T12364] erofs (device loop2): readahead error at folio 25 @ nid 36 [ 685.112485][T12364] erofs (device loop2): readahead error at folio 24 @ nid 36 [ 685.123272][T12364] erofs (device loop2): readahead error at folio 23 @ nid 36 [ 685.134728][T12364] erofs (device loop2): readahead error at folio 22 @ nid 36 [ 685.142548][T12364] erofs (device loop2): readahead error at folio 21 @ nid 36 [ 685.150253][T12364] erofs (device loop2): readahead error at folio 20 @ nid 36 [ 685.160985][T12364] erofs (device loop2): readahead error at folio 18 @ nid 36 [ 685.168815][T12364] erofs (device loop2): readahead error at folio 16 @ nid 36 [ 685.177231][T12364] erofs (device loop2): readahead error at folio 12 @ nid 36 [ 685.185261][T12364] erofs (device loop2): readahead error at folio 9 @ nid 36 [ 685.196148][T12364] erofs (device loop2): readahead error at folio 6 @ nid 36 [ 685.203717][T12364] erofs (device loop2): readahead error at folio 4 @ nid 36 [ 685.212172][T12364] syz.2.2918: attempt to access beyond end of device [ 685.212172][T12364] loop2: rw=524288, sector=1049264, nr_sectors = 16 limit=16 [ 685.232743][T12364] syz.2.2918: attempt to access beyond end of device [ 685.232743][T12364] loop2: rw=524288, sector=376, nr_sectors = 16 limit=16 [ 685.248213][T12364] syz.2.2918: attempt to access beyond end of device [ 685.248213][T12364] loop2: rw=524288, sector=67108872, nr_sectors = 16 limit=16 [ 685.265520][T12364] syz.2.2918: attempt to access beyond end of device [ 685.265520][T12364] loop2: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 685.279776][T12364] syz.2.2918: attempt to access beyond end of device [ 685.279776][T12364] loop2: rw=524288, sector=525144, nr_sectors = 16 limit=16 [ 685.297768][T12364] syz.2.2918: attempt to access beyond end of device [ 685.297768][T12364] loop2: rw=524288, sector=13716630376, nr_sectors = 8 limit=16 [ 685.314334][T12364] syz.2.2918: attempt to access beyond end of device [ 685.314334][T12364] loop2: rw=524288, sector=72, nr_sectors = 16 limit=16 [ 685.334679][T12364] syz.2.2918: attempt to access beyond end of device [ 685.334679][T12364] loop2: rw=524288, sector=1183600, nr_sectors = 16 limit=16 [ 685.350213][T12364] syz.2.2918: attempt to access beyond end of device [ 685.350213][T12364] loop2: rw=524288, sector=24, nr_sectors = 8 limit=16 [ 685.367182][T12364] syz.2.2918: attempt to access beyond end of device [ 685.367182][T12364] loop2: rw=524288, sector=296, nr_sectors = 16 limit=16 [ 686.674200][T12393] loop5: detected capacity change from 0 to 1024 [ 686.692984][T12396] loop0: detected capacity change from 0 to 1024 [ 686.729209][T12396] EXT4-fs: Ignoring removed bh option [ 686.779290][T12396] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 686.788370][T12393] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 686.943433][T12396] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 687.413931][ T6642] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 687.526223][ T5870] usb 3-1: new full-speed USB device number 12 using dummy_hcd [ 687.584327][ T5814] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 687.807029][ T5870] usb 3-1: too many endpoints for config 0 interface 0 altsetting 254: 253, using maximum allowed: 30 [ 687.818698][ T5870] usb 3-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 687.829807][ T5870] usb 3-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 687.843308][ T5870] usb 3-1: config 0 interface 0 has no altsetting 0 [ 687.850244][ T5870] usb 3-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00 [ 687.859632][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 687.924933][ T5870] usb 3-1: config 0 descriptor?? [ 688.050409][T12414] loop5: detected capacity change from 0 to 256 [ 688.100041][T12414] exfat: Deprecated parameter 'utf8' [ 688.310295][T12414] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 688.477484][ T5870] hid-alps 0003:044E:120C.000A: unbalanced collection at end of report description [ 688.571676][ T5870] hid-alps 0003:044E:120C.000A: parse failed [ 688.578434][ T5870] hid-alps 0003:044E:120C.000A: probe with driver hid-alps failed with error -22 [ 688.699445][ T5870] usb 3-1: USB disconnect, device number 12 [ 689.632080][T12431] loop0: detected capacity change from 0 to 1024 [ 689.778724][T12431] ===================================================== [ 689.789175][T12431] BUG: KMSAN: uninit-value in hfsplus_delete_cat+0x1195/0x13d0 [ 689.797553][T12431] hfsplus_delete_cat+0x1195/0x13d0 [ 689.802970][T12431] hfsplus_rmdir+0x13c/0x310 [ 689.808067][T12431] vfs_rmdir+0x5b6/0x800 [ 689.812475][T12431] do_rmdir+0x7d6/0xdc0 [ 689.819727][T12431] __x64_sys_rmdir+0x71/0xb0 [ 689.824499][T12431] x64_sys_call+0x2afe/0x3e20 [ 689.832578][T12431] do_syscall_64+0xd9/0x210 [ 689.834373][T12435] loop2: detected capacity change from 0 to 128 [ 689.838250][T12431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.853632][T12431] [ 689.856251][T12431] Uninit was stored to memory at: [ 689.861473][T12431] hfsplus_create_cat+0x18fb/0x1910 [ 689.867326][T12431] hfsplus_mknod+0x208/0x560 [ 689.872097][T12431] hfsplus_mkdir+0x5a/0x80 [ 689.879571][T12431] vfs_mkdir+0x4e7/0x850 [ 689.883987][T12431] do_mkdirat+0x41a/0xf30 [ 689.885818][T12435] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 689.888631][T12431] __x64_sys_mkdir+0x9a/0xf0 [ 689.902984][T12431] x64_sys_call+0x3a28/0x3e20 [ 689.910730][T12431] do_syscall_64+0xd9/0x210 [ 689.915398][T12431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.921638][T12431] [ 689.924032][T12431] Uninit was created at: [ 689.932251][T12431] __alloc_frozen_pages_noprof+0x689/0xf00 [ 689.941945][T12431] alloc_pages_mpol+0x328/0x860 [ 689.947129][T12431] alloc_frozen_pages_noprof+0xf7/0x200 [ 689.952857][T12431] allocate_slab+0x24d/0x1220 [ 689.958669][T12431] ___slab_alloc+0xff3/0x3470 [ 689.963504][T12431] kmem_cache_alloc_lru_noprof+0x922/0xed0 [ 689.972791][T12431] hfsplus_alloc_inode+0x5a/0xd0 [ 689.978108][T12431] alloc_inode+0x87/0x4a0 [ 689.982608][T12431] iget_locked+0x239/0x12d0 [ 689.987789][T12431] hfsplus_iget+0x5c/0xb80 [ 689.992354][T12431] hfsplus_btree_open+0x128/0x1cf0 [ 690.000564][T12431] hfsplus_fill_super+0x1161/0x2730 [ 690.006118][T12431] get_tree_bdev_flags+0x6e6/0x920 [ 690.011413][T12431] get_tree_bdev+0x38/0x50 [ 690.016272][T12431] hfsplus_get_tree+0x35/0x40 [ 690.021135][T12431] vfs_get_tree+0xb3/0x5c0 [ 690.025724][T12431] do_new_mount+0x733/0x1420 [ 690.036670][T12431] path_mount+0x6db/0x1e90 [ 690.041267][T12431] __se_sys_mount+0x6eb/0x7d0 [ 690.047261][T12431] __x64_sys_mount+0xe4/0x150 [ 690.052124][T12431] x64_sys_call+0x3604/0x3e20 [ 690.059877][T12431] do_syscall_64+0xd9/0x210 [ 690.064530][T12431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.071215][T12431] [ 690.073655][T12431] CPU: 1 UID: 0 PID: 12431 Comm: syz.0.2948 Not tainted syzkaller #0 PREEMPT(none) [ 690.083476][T12431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 690.096602][T12431] ===================================================== [ 690.103626][T12431] Disabling lock debugging due to kernel taint [ 690.110157][T12431] Kernel panic - not syncing: kmsan.panic set ... [ 690.116708][T12431] CPU: 1 UID: 0 PID: 12431 Comm: syz.0.2948 Tainted: G B syzkaller #0 PREEMPT(none) [ 690.127843][T12431] Tainted: [B]=BAD_PAGE [ 690.132086][T12431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 690.142278][T12431] Call Trace: [ 690.145741][T12431] [ 690.148760][T12431] __dump_stack+0x26/0x30 [ 690.153264][T12431] dump_stack_lvl+0x53/0x270 [ 690.158021][T12431] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 690.164005][T12431] dump_stack+0x1e/0x25 [ 690.168327][T12431] vpanic+0x361/0xc50 [ 690.172483][T12431] panic+0x15d/0x160 [ 690.176581][T12431] kmsan_report+0x31c/0x320 [ 690.181237][T12431] ? __msan_warning+0x1b/0x30 [ 690.186046][T12431] ? hfsplus_delete_cat+0x1195/0x13d0 [ 690.191592][T12431] ? hfsplus_rmdir+0x13c/0x310 [ 690.196520][T12431] ? vfs_rmdir+0x5b6/0x800 [ 690.201095][T12431] ? do_rmdir+0x7d6/0xdc0 [ 690.205656][T12431] ? __x64_sys_rmdir+0x71/0xb0 [ 690.210627][T12431] ? x64_sys_call+0x2afe/0x3e20 [ 690.215672][T12431] ? do_syscall_64+0xd9/0x210 [ 690.220487][T12431] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.226720][T12431] ? kmsan_get_metadata+0xfb/0x160 [ 690.232034][T12431] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 690.238044][T12431] ? hfsplus_bnode_dump+0x50a/0x560 [ 690.243481][T12431] ? kmsan_get_metadata+0xfb/0x160 [ 690.248775][T12431] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 690.254809][T12431] ? hfsplus_brec_remove+0x92f/0xa60 [ 690.260333][T12431] ? kmsan_get_metadata+0xfb/0x160 [ 690.265623][T12431] __msan_warning+0x1b/0x30 [ 690.270277][T12431] hfsplus_delete_cat+0x1195/0x13d0 [ 690.275659][T12431] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 690.281645][T12431] ? kmsan_get_metadata+0xfb/0x160 [ 690.286966][T12431] hfsplus_rmdir+0x13c/0x310 [ 690.291744][T12431] ? __pfx_hfsplus_rmdir+0x10/0x10 [ 690.297033][T12431] vfs_rmdir+0x5b6/0x800 [ 690.301447][T12431] do_rmdir+0x7d6/0xdc0 [ 690.305785][T12431] __x64_sys_rmdir+0x71/0xb0 [ 690.310538][T12431] x64_sys_call+0x2afe/0x3e20 [ 690.315416][T12431] do_syscall_64+0xd9/0x210 [ 690.320054][T12431] ? irqentry_exit+0x16/0x60 [ 690.324821][T12431] ? clear_bhb_loop+0x40/0x90 [ 690.329647][T12431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.335729][T12431] RIP: 0033:0x7f03ee58eec9 [ 690.340261][T12431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 690.360033][T12431] RSP: 002b:00007f03ef416038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 690.368602][T12431] RAX: ffffffffffffffda RBX: 00007f03ee7e5fa0 RCX: 00007f03ee58eec9 [ 690.376705][T12431] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040 [ 690.384798][T12431] RBP: 00007f03ee611f91 R08: 0000000000000000 R09: 0000000000000000 [ 690.392873][T12431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 690.400950][T12431] R13: 00007f03ee7e6038 R14: 00007f03ee7e5fa0 R15: 00007ffeb5d48458 [ 690.409073][T12431] [ 690.412329][T12431] Kernel Offset: disabled [ 690.416698][T12431] Rebooting in 86400 seconds..