last executing test programs:
11m4.759467348s ago: executing program 1 (id=528):
prctl$PR_SET_MM_MAP(0x41, 0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
11m4.563655855s ago: executing program 1 (id=531):
r0 = socket$igmp(0x2, 0x3, 0x2)
sendmmsg$sock(r0, &(0x7f000000f380)=[{{&(0x7f0000008940)=@ethernet={0x0, @broadcast}, 0x80, 0x0, 0x0, &(0x7f000000adc0)=[@txtime={{0x18, 0x1, 0x3d, 0x6}}], 0x18}}], 0x1, 0x0)
11m4.395272548s ago: executing program 1 (id=536):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'ip_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x7c7, 0x3, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x86, 0x4, 0x0, @empty, @local}}}})
11m4.073479774s ago: executing program 1 (id=541):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000003c0)={[{@errors_remount}, {@gid}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@fmask={'fmask', 0x3d, 0x8c1}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@errors_continue}, {@keep_last_dots}, {@errors_remount}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@namecase}]}, 0x1, 0x1531, &(0x7f0000001f80)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL9zzu/0O86neb6fz/5Yz+z9rP287/Ne1t6YbzoOqtageuV6RAT/FrzwRxIAxAJAPwC4BgACACgdVzru/P7sEpP+vZOwP9fDqVe6AnYlcf+zNu5/1sb9z9q4/1kb9z9r4/5nbdz/rI37z1hWtnFq/mt5y7ob3///66vzh3v4+/8vJLPE6C9Wl7i+E0DMP5vC/c/auP9/WcE/cxD3P2vj/mdVsVe6APZfgN//f0lNfh1m+8MDuf9ZG/efsazsSt9/vtIbRLL2c3ClX3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxrKGU/6i0+AVAFwKr3RdjDHGGGOMMcYY+/P4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/Yv7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFc1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiTDOl/If5b/9O/oCfz75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/Sr4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufPLvkAEIlCBCmKCmCA2iA1yBDmCnEHOIFeQK4gEkSAuiAtyB9cHeYK8Qb4gfxAfFAgKBjowgQ3ExaZHgxuCIsGNQdHgpqBYUDxwQYkgIbg5KBncEpQKbg1KB7cFZYLbg7JBuaB8UCG4I6gY3BlUCu4KKgd3B1WCqkG1oHpwT1AjuDeoGdwX1AruD2oHDwR1ggeDusFDQb3g4aB+8EjQIHg0aBg8FjQKGgdNgqZBsz91fu9P5H3CddPddZLuoXvql3Uv3Vv30X11P/2K7q9f1QP0azpZD9SD9Ot6sH5DD9Fv6qF6mB6u39Ij9Eg9So/WY/RYnaLH6fH6bT1Bv6Mn6kl6sp6iU/VUPU2/q6frGXqmfk/P0u/r2XqOnqvn6TT9gZ6vF+h0/aFeqD/SGXqRXqyX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepverj/WO/QneqfepXfrT/Ue/Zneqz/X+/QXer/+Umfqr/QB/bU+qL/Rh/S3+rD+Th/RR/Ux/b0+rn/QJ/RJfUqf1mf0j/qs/kmf0/784v7817tRRpkYE2NiTazJYXKYnCanyWVymYiJmDgTZ3Kb3CaPyWPymXwm3sSbgqagOY8MmUKmkImaqCliipiipqgpZooZZ5xJMAmmpClpSplSprQpbcqYMqasKWvKm/LmDnOHudPcae4yd5m7zd2mqqlqqpvqpoapYWqamqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkmpgmpplpZpqb5qaFaWFamVamtWlt2pg2JtEkmramrWln2pn2pr3pYDqYjqaj6WQ6mS6mi+lquppupptJMkmmp+lpeplepo/pY/qZfqa/6W8GmAEm2SSbQWaQGWwGmyFmiBlqhpnh5xeqZqQZZUZ/O8aMNSkmxYw3480EM8FMNBPNZDPZpJpUM81MM9PNdDPTzDSzzCwz28w2c81ck2bSzHwz36SbdLPQLDQZJsMsNovNUrPULDfLzUqz0qw2q81aWGvWm/Vmo9loNpvNZqvZarab7WaH2WF2mp1mt9lt9pg9Zq/Za/aZfWa/2W8yTaY5YA6Yg+agOWQOmcPmsDlijphj5pg5bo6bE+aEOWVOmTMm78XvS29ibXabw15lc9qrbS57jf37OJ/Nb+NtAVvQapvH5v1VbKy1Re1Ntpgtbp0tYRPszb+Jy9pytrytYO+wFe2dttJv4hr2XlvT3mdr2fttdXvPr+La9gFbxz5q6yIC2Ma2vm1qG9hHbUP7mG1kG9smtqltbZ+ybezTNtE+Y9vaZ38Tz7cL7Eq7yq62a+xOu8uesqftQfuNPWN/tN1sd9vPvmL721ftAPuaTbYDfxMPt2/ZEXakHWVH2zF27G/iyXaKTbVT7TT7rp1uZ/wmTrMf2Fk23c62c+xcO+/n+HxN6fZDu9B+ZDNsAIvtErvULrPL7Yr/X+sSu86utxvsDvuJ3Wy32K12m91+aSFsd9nd9lO7x35mD9iv7T77hd1vD9lM+9XP8fnHd8h+aw/b7+wRe9Qes9/b4/YH9XPuyF4A9kf7vf3JnrPeAiEBSVIUUAxlo1jKTjnoKspJV1MuuoYidC3F0XWUm66nPJSX8lF+iqcCVJA0GbJEFFIhKkxRuoEulVeMipOjEpRAN1NJuoVK0a1Umm6jMnQ7laVyVJ4q0B1Uke6kSnQXVaa7qQpVpWpUne6hGnQv1aT7qBbdT7XpAapDD1Jdeojq0cNUnx6hBvQoNaTHqBE1pibUlJrR49ScnqAW1JJa0ZPUmp6iNvQ0JdIz1JaepXb0N2pPz1EHep460gvUiTpTF3qRutJL1I26UxL1oJ70MvWi3tSH+lI/eoX606s0gF6jZBpIg+h1Gkxv0BB6k4bSMBpOb9EIGkmjaDSNobGUQuNoPL1NE+gdmkiTaDJNoVSaStPoXZpOM2gmvUez6H2aTXNoLs2jNPqA5tMCSqcPaSF9RBm0iBbTElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDt9TDvoE9pJu2g3fUp76DPaS5/TPvqC9tOXlElf0QH6mg7SN3SIvvXd6Ts6QkfpGH1Px+kHOkEn6RSdpjP0I52ln+gceYIQQxHKUIVBGBNmC2PD7GGO8KowZ3h1mCu8JoyE14Zx4XVh7vD6ME+YN8wX5g/jwwJhwVCHJrQhhWFYKCwcRsMbwiLhjWHREMNiYfHQhSXChPDmsGR4S1gqvDUsHd4WlglvD8uG5cJH768Q3hFWDO8MK4V3hZXDu8MqYdWwWlg9vCesEd4b1gzvC2uF94elwgfCOuGDYd3wobBe+HBYP3wkbBA+GjYMHwsbhY3DJmHTsFn4eNg8fCJsEbYMW4VPhq3Dp8I24dNhYvhM2DZ89uf9Dyz44/1JYY+wZ/hy+HLo/X1ybnReNC36QXR+dEE0PfphdGH0o2hGdFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRD1Pvq2cChE0465QIX47K5WJfd5XBXuZzuapfLXeMi7loX565zud31Lo/L6/K5/C7eFXAFnXbGWUcudIVcYRd1N7gi7kZX1N3kirnizrkSLsE1dc1cM9fcPeFauJaulXvSPemeck+5p93T7hnX1j3r2rm/ufbuOdfBPe+edy+4Tq6z6+JedF3duFwX3pNJrqfr6Xq5Xq6P6+P6uX6uv+vvBrgBLtklu0FukBvsBrshbogb6oa64W64G+FGuFFulBvjxrgUl+LGu/FugpvgJrqJbrKb7FJdqpvmprnpbrqrOOPCWWa72W6um+vSXJqb786vGdPdQrfQZbgMt9gtdkvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt9Nfc2FSt8ftdXvdPrfP7Xdfukz3lTvgvnYH3TfukPvWHXbfuSPuqDvmvnfH3Q/uhDvpTrnT7oz70Z11P7lzzruUyLjI+MjbkQmRdyITI5MikyNTIqmRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF9gc+gL+cI+6m/wRfyNvqi/yRfzxb3zJXyCv9mX9Lf4Uv5WX9rf5sv4231ZX86X94/5Rr6xb+Kb+mb+cd/cP+Fb+Ja+lX/St/ZP+Tb+aZ/on/Ft/bO+nf+bb++f8x38876jf8F38p19F/+i7+pf8t18d5/ke/ie/mXfy/f2fXxf38+/4vv7V/0A/5pP9gP9IP+6H+zf8EP8m36oH+aHx7zlR1y6RIaxPsWP8+P9236Cf8dP9JP8ZD/Fp/qpfpp/10/3M/xM/56f5d/3s/0cP9fP82n+Az/fL/Dp/kO/0H/kM/yiSzeV/XK/wq/0q/xqv8av9ev8er/Bb/Sb/Ga/xW/12/x2/7Hf4T/xO/0uv9t/6vf4z/xe/7nf57/w+/2XPtN/5Q/4r/1B/40/5L/1h/13/og/6o/57/1x/4M/4U/6U/60P+N/9Gf9T/4c/581xhhjjLF/yrjLQ/HrPRdu5/f4nRzxi4N7AsDVW/Jn/nL/+RXl2jwXxr1FfOsIADzTvePDl7YqVZKSki4emyEhKDwH4NLfBJ0XA5fjRdAKnoJEaAklf7f+3qLzGfoH80dvA8jxi5xYuBxfnv9zAEz6nfkff3L4/DLhqbj/Yf45AEULX87JDpfjRdDq5/srLaHUH9Sft/kv64/97fzZv0gBaPGLnJxwOb5cfwI8Ac9C4q+OZIwxxhhjjDHGLugtyre/dP156V98/t71eby6nJMNLsf/6PqcMcYYY4wxxhhjV95znbs8/XhiYsv2//qg0v8q658eNIT/q5l58LsD7wEu/UQBwL85IcD5gfxPPopN/5FzJV986/z9rqWnfQD/Ha38MwZX+IOJMcYYY4wx9qe7vOj/9c/VlSqIMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLgv4Tv07sSj9GxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Er7fwEAAP//nXwDKg==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
11m3.675349106s ago: executing program 1 (id=547):
timer_create(0xfffffffd, 0x0, &(0x7f00000011c0))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
11m3.167681507s ago: executing program 1 (id=553):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="30000000180001000000000000000000020000000000ff00000000000c0016800800020006000000060015000a"], 0x30}, 0x1, 0x0, 0x0, 0x20008000}, 0x40080)
11m2.913177578s ago: executing program 32 (id=553):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="30000000180001000000000000000000020000000000ff00000000000c0016800800020006000000060015000a"], 0x30}, 0x1, 0x0, 0x0, 0x20008000}, 0x40080)
10m51.969550083s ago: executing program 4 (id=554):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000003c0)={[{@errors_remount}, {@gid}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@fmask={'fmask', 0x3d, 0x8c1}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@errors_continue}, {@keep_last_dots}, {@errors_remount}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@namecase}]}, 0x1, 0x1531, &(0x7f0000001f80)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL9zzu/0O86neb6fz/5Yz+z9rP287/Ne1t6YbzoOqtageuV6RAT/FrzwRxIAxAJAPwC4BgACACgdVzru/P7sEpP+vZOwP9fDqVe6AnYlcf+zNu5/1sb9z9q4/1kb9z9r4/5nbdz/rI37z1hWtnFq/mt5y7ob3///66vzh3v4+/8vJLPE6C9Wl7i+E0DMP5vC/c/auP9/WcE/cxD3P2vj/mdVsVe6APZfgN//f0lNfh1m+8MDuf9ZG/efsazsSt9/vtIbRLL2c3ClX3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxrKGU/6i0+AVAFwKr3RdjDHGGGOMMcYY+/P4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/Yv7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFc1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiTDOl/If5b/9O/oCfz75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/Sr4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufPLvkAEIlCBCmKCmCA2iA1yBDmCnEHOIFeQK4gEkSAuiAtyB9cHeYK8Qb4gfxAfFAgKBjowgQ3ExaZHgxuCIsGNQdHgpqBYUDxwQYkgIbg5KBncEpQKbg1KB7cFZYLbg7JBuaB8UCG4I6gY3BlUCu4KKgd3B1WCqkG1oHpwT1AjuDeoGdwX1AruD2oHDwR1ggeDusFDQb3g4aB+8EjQIHg0aBg8FjQKGgdNgqZBsz91fu9P5H3CddPddZLuoXvql3Uv3Vv30X11P/2K7q9f1QP0azpZD9SD9Ot6sH5DD9Fv6qF6mB6u39Ij9Eg9So/WY/RYnaLH6fH6bT1Bv6Mn6kl6sp6iU/VUPU2/q6frGXqmfk/P0u/r2XqOnqvn6TT9gZ6vF+h0/aFeqD/SGXqRXqyX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepverj/WO/QneqfepXfrT/Ue/Zneqz/X+/QXer/+Umfqr/QB/bU+qL/Rh/S3+rD+Th/RR/Ux/b0+rn/QJ/RJfUqf1mf0j/qs/kmf0/784v7817tRRpkYE2NiTazJYXKYnCanyWVymYiJmDgTZ3Kb3CaPyWPymXwm3sSbgqagOY8MmUKmkImaqCliipiipqgpZooZZ5xJMAmmpClpSplSprQpbcqYMqasKWvKm/LmDnOHudPcae4yd5m7zd2mqqlqqpvqpoapYWqamqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkmpgmpplpZpqb5qaFaWFamVamtWlt2pg2JtEkmramrWln2pn2pr3pYDqYjqaj6WQ6mS6mi+lquppupptJMkmmp+lpeplepo/pY/qZfqa/6W8GmAEm2SSbQWaQGWwGmyFmiBlqhpnh5xeqZqQZZUZ/O8aMNSkmxYw3480EM8FMNBPNZDPZpJpUM81MM9PNdDPTzDSzzCwz28w2c81ck2bSzHwz36SbdLPQLDQZJsMsNovNUrPULDfLzUqz0qw2q81aWGvWm/Vmo9loNpvNZqvZarab7WaH2WF2mp1mt9lt9pg9Zq/Za/aZfWa/2W8yTaY5YA6Yg+agOWQOmcPmsDlijphj5pg5bo6bE+aEOWVOmTMm78XvS29ibXabw15lc9qrbS57jf37OJ/Nb+NtAVvQapvH5v1VbKy1Re1Ntpgtbp0tYRPszb+Jy9pytrytYO+wFe2dttJv4hr2XlvT3mdr2fttdXvPr+La9gFbxz5q6yIC2Ma2vm1qG9hHbUP7mG1kG9smtqltbZ+ybezTNtE+Y9vaZ38Tz7cL7Eq7yq62a+xOu8uesqftQfuNPWN/tN1sd9vPvmL721ftAPuaTbYDfxMPt2/ZEXakHWVH2zF27G/iyXaKTbVT7TT7rp1uZ/wmTrMf2Fk23c62c+xcO+/n+HxN6fZDu9B+ZDNsAIvtErvULrPL7Yr/X+sSu86utxvsDvuJ3Wy32K12m91+aSFsd9nd9lO7x35mD9iv7T77hd1vD9lM+9XP8fnHd8h+aw/b7+wRe9Qes9/b4/YH9XPuyF4A9kf7vf3JnrPeAiEBSVIUUAxlo1jKTjnoKspJV1MuuoYidC3F0XWUm66nPJSX8lF+iqcCVJA0GbJEFFIhKkxRuoEulVeMipOjEpRAN1NJuoVK0a1Umm6jMnQ7laVyVJ4q0B1Uke6kSnQXVaa7qQpVpWpUne6hGnQv1aT7qBbdT7XpAapDD1Jdeojq0cNUnx6hBvQoNaTHqBE1pibUlJrR49ScnqAW1JJa0ZPUmp6iNvQ0JdIz1JaepXb0N2pPz1EHep460gvUiTpTF3qRutJL1I26UxL1oJ70MvWi3tSH+lI/eoX606s0gF6jZBpIg+h1Gkxv0BB6k4bSMBpOb9EIGkmjaDSNobGUQuNoPL1NE+gdmkiTaDJNoVSaStPoXZpOM2gmvUez6H2aTXNoLs2jNPqA5tMCSqcPaSF9RBm0iBbTElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDt9TDvoE9pJu2g3fUp76DPaS5/TPvqC9tOXlElf0QH6mg7SN3SIvvXd6Ts6QkfpGH1Px+kHOkEn6RSdpjP0I52ln+gceYIQQxHKUIVBGBNmC2PD7GGO8KowZ3h1mCu8JoyE14Zx4XVh7vD6ME+YN8wX5g/jwwJhwVCHJrQhhWFYKCwcRsMbwiLhjWHREMNiYfHQhSXChPDmsGR4S1gqvDUsHd4WlglvD8uG5cJH768Q3hFWDO8MK4V3hZXDu8MqYdWwWlg9vCesEd4b1gzvC2uF94elwgfCOuGDYd3wobBe+HBYP3wkbBA+GjYMHwsbhY3DJmHTsFn4eNg8fCJsEbYMW4VPhq3Dp8I24dNhYvhM2DZ89uf9Dyz44/1JYY+wZ/hy+HLo/X1ybnReNC36QXR+dEE0PfphdGH0o2hGdFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRD1Pvq2cChE0465QIX47K5WJfd5XBXuZzuapfLXeMi7loX565zud31Lo/L6/K5/C7eFXAFnXbGWUcudIVcYRd1N7gi7kZX1N3kirnizrkSLsE1dc1cM9fcPeFauJaulXvSPemeck+5p93T7hnX1j3r2rm/ufbuOdfBPe+edy+4Tq6z6+JedF3duFwX3pNJrqfr6Xq5Xq6P6+P6uX6uv+vvBrgBLtklu0FukBvsBrshbogb6oa64W64G+FGuFFulBvjxrgUl+LGu/FugpvgJrqJbrKb7FJdqpvmprnpbrqrOOPCWWa72W6um+vSXJqb786vGdPdQrfQZbgMt9gtdkvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt9Nfc2FSt8ftdXvdPrfP7Xdfukz3lTvgvnYH3TfukPvWHXbfuSPuqDvmvnfH3Q/uhDvpTrnT7oz70Z11P7lzzruUyLjI+MjbkQmRdyITI5MikyNTIqmRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF9gc+gL+cI+6m/wRfyNvqi/yRfzxb3zJXyCv9mX9Lf4Uv5WX9rf5sv4231ZX86X94/5Rr6xb+Kb+mb+cd/cP+Fb+Ja+lX/St/ZP+Tb+aZ/on/Ft/bO+nf+bb++f8x38876jf8F38p19F/+i7+pf8t18d5/ke/ie/mXfy/f2fXxf38+/4vv7V/0A/5pP9gP9IP+6H+zf8EP8m36oH+aHx7zlR1y6RIaxPsWP8+P9236Cf8dP9JP8ZD/Fp/qpfpp/10/3M/xM/56f5d/3s/0cP9fP82n+Az/fL/Dp/kO/0H/kM/yiSzeV/XK/wq/0q/xqv8av9ev8er/Bb/Sb/Ga/xW/12/x2/7Hf4T/xO/0uv9t/6vf4z/xe/7nf57/w+/2XPtN/5Q/4r/1B/40/5L/1h/13/og/6o/57/1x/4M/4U/6U/60P+N/9Gf9T/4c/581xhhjjLF/yrjLQ/HrPRdu5/f4nRzxi4N7AsDVW/Jn/nL/+RXl2jwXxr1FfOsIADzTvePDl7YqVZKSki4emyEhKDwH4NLfBJ0XA5fjRdAKnoJEaAklf7f+3qLzGfoH80dvA8jxi5xYuBxfnv9zAEz6nfkff3L4/DLhqbj/Yf45AEULX87JDpfjRdDq5/srLaHUH9Sft/kv64/97fzZv0gBaPGLnJxwOb5cfwI8Ac9C4q+OZIwxxhhjjDHGLugtyre/dP156V98/t71eby6nJMNLsf/6PqcMcYYY4wxxhhjV95znbs8/XhiYsv2//qg0v8q658eNIT/q5l58LsD7wEu/UQBwL85IcD5gfxPPopN/5FzJV986/z9rqWnfQD/Ha38MwZX+IOJMcYYY4wx9qe7vOj/9c/VlSqIMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLgv4Tv07sSj9GxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Er7fwEAAP//nXwDKg==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
10m51.463626004s ago: executing program 4 (id=632):
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f00000000c0)='./file0\x00', 0x1, &(0x7f00000043c0)=ANY=[@ANYBLOB="003bfa093f92d25f4b42889f58b36282edd6f82c49e007ed49b9ed030962f330bd57af2a"], 0x2, 0x1a2, &(0x7f0000000440)="$eJzs0L9rE2Ecx/H397knPypUiYpDBRuweF6oJndVB6fgFCEHDi6CQUMam2KippfBlha6SEGq/Rd0qqMKOokoOBcHwUHPpZs0Q3EQB4nk8kTwb/B5Dfe57wfunodvK+pGGeD3/mqDMgmHg3xE0MC0jDqlRvnazN9Nbo2CS2beNPnM5FS0vHK73m43l/IX8+T+KYAfSfe3il5wTNEXysjn/dVGXW6GDMp01HxIrkrhEU6NrveYKT3J0Rs4DNxNLiu64lbhULHXuVeMllfOLHbqC82F5p0gmLtQOlcqnQ+KtxbbzdIrxHsoiies4YVkQia8NVI1HuzoA8wK4rVU7EihT7rG1o5z+uRsH+XtMUB45/bJfNWtvLrKKbLXh5evcER4ihMyU2VCoUkOqiBX1Evx9Sf9M6XIrjvO2cbd9vzGNSW/0ttl2cuKv0vK9QkKPnPD1XCY92zEzMRUYrZjdr8xLW+Gp4z3qteHz+dmOs4JSHO/3ust+Wn4IDokcEOCHEwmv1PJvXLw1nxjgi/jF8uyLMuyLMuyLOs/8CcAAP//o/hj9Q==")
llistxattr(&(0x7f0000000400)='./file1\x00', 0x0, 0x0)
10m49.731674524s ago: executing program 4 (id=640):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000f6dbdf250900020073797a310000000008004100a6e0650014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
10m49.041974389s ago: executing program 33 (id=640):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000f6dbdf250900020073797a310000000008004100a6e0650014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
1.888472638s ago: executing program 3 (id=9602):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r0, 0x10d, 0xe, 0x0, 0x0)
1.283664516s ago: executing program 0 (id=9609):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0)
pread64(r0, &(0x7f0000004640)=""/94, 0x5e, 0x2a)
1.220696151s ago: executing program 2 (id=9610):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000300)={'adq12b\x00', [0x22f00, 0x5, 0xd09a, 0xfff7ffff, 0x3, 0xfffffffe, 0x20000004, 0x6, 0xffe, 0x9, 0xc, 0x1001, 0x9, 0x4, 0xffff, 0x6, 0x5, 0x40000009, 0x830, 0x30000, 0x10003, 0x2, 0x800, 0xe2df, 0x2, 0xd, 0x7, 0x3, 0x4, 0x5, 0x70f]})
1.079636373s ago: executing program 3 (id=9612):
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000006c0)={0x40, 0xf, 0xe6, 0x5, 0x0, 0x5, 0x0})
1.050346995s ago: executing program 0 (id=9613):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, 0x0, &(0x7f0000000040))
948.545793ms ago: executing program 2 (id=9614):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x1, 0x3, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/131, 0x83}]}, &(0x7f0000000480)="ad8852698be9", 0x0, 0x0, 0x0, 0x0, 0x0})
947.746233ms ago: executing program 3 (id=9616):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000a40)={0x3c, 0x0, 0x7, 0x3, 0x0, 0x0, {0x1, 0x0, 0x4}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x6}, @NFACCT_FLAGS={0x8}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44050}, 0x10)
797.427186ms ago: executing program 0 (id=9617):
r0 = gettid()
process_vm_readv(r0, &(0x7f0000001140)=[{&(0x7f0000000000)=""/72, 0x48}], 0x1, &(0x7f0000000180)=[{0xfffffffffffffffc}, {&(0x7f0000000100)=""/53, 0x35}], 0x2, 0x0)
773.766737ms ago: executing program 2 (id=9625):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000a0850000004300000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x7, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
773.063587ms ago: executing program 5 (id=9618):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000006800010002c7aa493b5bbdbdc6000000000000000c0002"], 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
761.210208ms ago: executing program 3 (id=9619):
r0 = syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x80081)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000180)={0x1, 0x1, 0x6, 0x1, 0x9})
619.65815ms ago: executing program 0 (id=9620):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, 0x0, 0x0)
563.042954ms ago: executing program 5 (id=9621):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched_retired(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newtaction={0x4c, 0x30, 0x205, 0x70bd2d, 0x25dfdbff, {}, [{0x38, 0x1, [@m_ipt={0x34, 0x1, 0x0, 0x0, {{0x8}, {0xc, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8, 0x3, 0x9}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x44000)
562.885634ms ago: executing program 2 (id=9622):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
500.595829ms ago: executing program 0 (id=9623):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x181001, 0x0)
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000080)={0xe000003, 0x0, 0x0, 0x6, 0xe0000})
492.19555ms ago: executing program 3 (id=9624):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read(r0, 0x0, 0x0)
352.730241ms ago: executing program 5 (id=9626):
r0 = syz_open_dev$sndpcmc(&(0x7f0000004c40), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r0, 0x40084149, 0x0)
352.626891ms ago: executing program 2 (id=9627):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000200)='/dev/comedi4\x00', 0x80, 0x0)
ioctl$COMEDI_BUFCONFIG(r0, 0x8020640d, 0x0)
334.675103ms ago: executing program 0 (id=9628):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000480), 0x1, 0x5a5, &(0x7f0000002300)="$eJzs3U9sG1UaAPBvxnbTP9lNV9qVdlc9VLtIRarqJP0DhVN7RVSq1AMSF4gcJ6rixFWcQBNFIr1XiB4QoF7KDQ6IE4gDB8SFI1cuIM5IFY1AanoAI8fjNKROcUIcl/j3k8Z+b2Y833sz/sYzoxk5gL51vPGSRvwnIi4nEUMbpuUjm3i8Od/qylLpwcpSKYl6/cqPSSQRcX9lqdSaP8nej0TEckT8OyK+LEScTNcXeaBVqC0sTo1VKuXZrD48N31tuLaweOrq9NhkebI8c+bZ586dP3tu9PToxuY+qG+sFbbX15vf3Xrz5tcv3Ln14UfHlktvjyVxIQazaRv7sZua66QQFzaNP9uNYD2U9LoB7Eguy/NGKv0rhiKXZX079Y07h4E9aR7QRfWBiDrQpxL5D32qdRzQOP9tDXt5/HH3YvMEpBF3dWWp9Ea04ueb1ybi4Nq5yeGfkt+dmTTON4/uZUPZl5ZvRMRIPv/o9z/Jvn87N7IbDaSrvrjY3FCPbv90ff8TbfY/g61rp39Sa/+3mu3/VtvEz22x/7vcYYxfXv7+vS3j3xiI/7aNn6zHT9rETyPi1Q7j337ps/NbTau/H3Ei2sdvSR5/fXh44mqlPNJ8jXZXpj4/cez5rfsfcXiL+M1rtgfXfmY29v9A1qa0w/5/+tUn/1t+TPyn///47d9u/R+KiLc6jP+P+x+8uNW0uzeSe42jgO1u/yQKcefRxX3c7uDhmQvHv82KrhoCAAAAAAAAAMAuStfuZUvS4no5TYvF5jO8/4zDaaVamzs5UZ2fGW/e83Y0CmnrTquhZj1p1Eez+3Fb9dOb6mdyWcDcobV6sVStjPe47wAAAAAAAAAAAAAAAAAAAPCkOLLp+f+fc2vP/2/+u2pgv9r6L7+B/U7+Q//KH9xYS3rXEGDP+f2HvlWX/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAABdcfnSpcZQf7CyVGrUx/ML81PV106Nl2tTxen5UrFUnb1WnKxWJyvlYqk6/UfLS6rVayMxM399eK5cmxuuLSy+Ml2dn2n9p2i50PUeAQAAAAAAAAAAAAAAAAAAwF/P4NqQpMWIQrOepsVixN8i4mgSycTVSnkkIv4eEd/kCgON+mivGw0AAAAAAAAAAAAAAAAAAAD7TG1hcWqsUinPdq+Qz0J1MUTnhfx2Zo6I5d1tRmOJ2/5UIVuBPV51+6OQezK+h096YaLSw50SAAAAAAAAAAAAAAAAAAD0qYcP/Xb6iV+72yAAAAAAAAAAAAAAAAAAAADoS+kPSUQ0hhNDTw1unnogWc2tvUfE67evvHN9bG5udrQx/t76+Ll3s/Gne9F+oFOtPE0jopHHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEO1hcWpsUqlPLvDwkAH8/S6jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA78VsAAAD//5zR0IU=")
rmdir(&(0x7f0000000140)='./file0\x00')
280.718567ms ago: executing program 3 (id=9629):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x18, 0x1, 0xfffffffe, 0x25dfdbfe, {{@in=@broadcast, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x2, 0x0, 0x0, 0x0, 0xff}, {@in6=@private2, 0x4d6, 0x6c}, @in=@private=0x8010101, {0x0, 0x192, 0x9ba3, 0x2, 0x251c, 0x3, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0xfffffffc}, 0x80, 0x3502, 0xa, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x800}, 0x0)
158.010477ms ago: executing program 2 (id=9630):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="1400000010b3010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000180a0101000b"], 0x74}}, 0x0)
149.404677ms ago: executing program 5 (id=9631):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCGETS2(r0, 0x5435, 0x0)
25.229348ms ago: executing program 5 (id=9632):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002080)=@newtaction={0x48, 0x32, 0x25, 0x0, 0x0, {}, [{0x34, 0x1, [@m_pedit={0x30, 0x1, 0x0, 0x0, {{0xa}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)
0s ago: executing program 5 (id=9633):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x50, 0x10, 0x1, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2180}, [@IFLA_IFNAME={0x14, 0x3, 'wlan0\x00'}, @IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xb, {0x7, 0x1}}]}]}]}, 0x50}}, 0x0)
kernel console output (not intermixed with test programs):
609.468809][T24945] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 609.509838][T24945] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[ 609.598292][T24956] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7207'.
[ 609.632884][T24956] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7207'.
[ 610.070935][T24983] binfmt_misc: register: failed to install interpreter file ./file0
[ 610.193270][ T28] audit: type=1326 audit(1756509822.984:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24987 comm="syz.0.7218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 610.291036][ T28] audit: type=1326 audit(1756509822.984:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24987 comm="syz.0.7218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 610.330461][ T28] audit: type=1326 audit(1756509823.021:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24987 comm="syz.0.7218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 610.363866][ T28] audit: type=1326 audit(1756509823.021:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24987 comm="syz.0.7218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 610.466046][ T28] audit: type=1326 audit(1756509823.021:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24987 comm="syz.0.7218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 610.476319][T25003] comedi comedi4: bad chanlist[0]=0x00001001 chan=4097 range length=2
[ 610.502923][T25004] gtp1: entered promiscuous mode
[ 612.247155][T25106] loop0: detected capacity change from 0 to 512
[ 612.288045][T25106] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 612.320619][T25116] loop3: detected capacity change from 0 to 2048
[ 612.350482][T25112] IPv6: NLM_F_CREATE should be specified when creating new route
[ 612.368364][T25106] EXT4-fs: Ignoring removed i_version option
[ 612.374211][T25112] IPv6: Can't replace route, no match found
[ 612.416465][T25116] UDF-fs: INFO Mounting volume 'Li�uxUDF', timestamp 2022/11/22 14:59 (1000)
[ 612.453007][T25106] EXT4-fs (loop0): 1 orphan inode deleted
[ 612.473404][T25106] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 612.527736][T25116] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 1376) has entry at pos 100 with incorrect tag e01
[ 612.762841][T25169] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7261'.
[ 613.129120][T25190] ieee802154 phy0 wpan0: encryption failed: -90
[ 613.733724][T20226] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 613.947167][T20226] usb 3-1: Using ep0 maxpacket: 16
[ 613.980345][T20226] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 3233, setting to 64
[ 614.009714][T20226] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[ 614.027287][T25217] loop3: detected capacity change from 0 to 32768
[ 614.028871][T20226] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 614.052024][T20226] usb 3-1: Product: syz
[ 614.064842][T20226] usb 3-1: Manufacturer: syz
[ 614.074500][T25217] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.7275 (25217)
[ 614.080549][T20226] usb 3-1: SerialNumber: syz
[ 614.111948][T20226] usb 3-1: config 0 descriptor??
[ 614.128130][T25217] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 614.148571][T25217] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 614.157798][T25217] BTRFS info (device loop3): using free space tree
[ 614.170680][T20226] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 614.242735][T25217] BTRFS info (device loop3): enabling ssd optimizations
[ 614.252119][T25217] BTRFS info (device loop3): auto enabling async discard
[ 614.398646][ T5784] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 614.499914][ T138] usb 3-1: Failed to submit usb control message: -71
[ 614.500167][T20226] usb 3-1: USB disconnect, device number 25
[ 614.535897][ T138] usb 3-1: unable to send the bmi data to the device: -71
[ 614.554346][ T138] usb 3-1: unable to get target info from device
[ 614.588600][ T138] usb 3-1: could not get target info (-71)
[ 614.600481][ T138] usb 3-1: could not probe fw (-71)
[ 615.373160][T25302] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 615.380546][T25302] IPv6: NLM_F_CREATE should be set when creating new route
[ 615.387863][T25302] IPv6: NLM_F_CREATE should be set when creating new route
[ 615.443417][T25307] loop2: detected capacity change from 0 to 512
[ 615.487936][T25307] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[ 615.500361][T25307] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[ 615.513417][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 615.523777][T25307] EXT4-fs (loop2): 1 truncate cleaned up
[ 615.561550][T25307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 615.626076][T25307] EXT4-fs error (device loop2): ext4_append:79: inode #2: comm syz.2.7294: Logical block already allocated
[ 615.778234][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 616.054282][T25341] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7302'.
[ 616.075485][T25341] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7302'.
[ 616.102444][T25341] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7302'.
[ 616.580702][T25366] loop3: detected capacity change from 0 to 1024
[ 616.610412][T25366] hfsplus: unable to parse mount options
[ 616.711797][ T6009] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 617.260581][T25407] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7322'.
[ 617.791890][T25366] loop3: detected capacity change from 0 to 32768
[ 617.799628][T25429] dlm: no local IP address has been set
[ 617.805945][T25429] dlm: cannot start dlm midcomms -107
[ 617.818091][T25366] JFS: Invalid value of umask
[ 617.862897][ T5793] Bluetooth: hci2: command 0x0406 tx timeout
[ 617.913578][ T6009] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 618.333684][T25456] netlink: 'syz.5.7336': attribute type 3 has an invalid length.
[ 618.405271][T25456] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7336'.
[ 618.648643][T25472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7341'.
[ 618.673675][T25472] netlink: 312 bytes leftover after parsing attributes in process `syz.0.7341'.
[ 618.711712][T25472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7341'.
[ 619.178919][T25499] netlink: 'syz.0.7350': attribute type 1 has an invalid length.
[ 619.206421][T25499] netlink: 224 bytes leftover after parsing attributes in process `syz.0.7350'.
[ 619.272604][T25504] delete_channel: no stack
[ 619.592266][T25526] loop0: detected capacity change from 0 to 64
[ 619.927903][T25541] x_tables: ip6_tables: sctp match: only valid for protocol 132
[ 620.026448][T25545] xt_bpf: check failed: parse error
[ 620.377399][T25566] netlink: 4268 bytes leftover after parsing attributes in process `syz.0.7371'.
[ 621.790850][T25625] loop2: detected capacity change from 0 to 1764
[ 621.832727][T25625] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[ 621.890097][T25625] iso9660: Corrupted directory entry in block 2 of inode 1920
[ 621.939942][T25615] loop3: detected capacity change from 0 to 40427
[ 621.962011][T25615] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 621.980799][T25615] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 622.004443][T25615] F2FS-fs (loop3): invalid crc value
[ 622.039484][T25615] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 622.064394][ T5793] Bluetooth: hci2: unexpected event for opcode 0x043d
[ 622.188329][T25615] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 622.206447][T25615] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 622.304273][T25646] loop2: detected capacity change from 0 to 512
[ 622.343126][T25646] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 622.360626][T25646] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 622.449001][T25646] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.7392: bad orphan inode 131083
[ 622.495130][T25646] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 622.634676][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 623.568001][ T28] audit: type=1326 audit(1756509835.490:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25690 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 623.622156][ T28] audit: type=1326 audit(1756509835.490:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25690 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 623.686431][ T28] audit: type=1326 audit(1756509835.518:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25690 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 623.773042][ T28] audit: type=1326 audit(1756509835.518:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25690 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 623.795421][ C0] vkms_vblank_simulate: vblank timer overrun
[ 623.844953][ T28] audit: type=1326 audit(1756509835.527:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25690 comm="syz.3.7404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 623.867465][ C0] vkms_vblank_simulate: vblank timer overrun
[ 624.064039][T25718] syz.0.7410: attempt to access beyond end of device
[ 624.064039][T25718] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 624.105962][T25720] __nla_validate_parse: 4 callbacks suppressed
[ 624.105981][T25720] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7412'.
[ 624.124422][T25718] syz.0.7410: attempt to access beyond end of device
[ 624.124422][T25718] nbd0: rw=0, sector=0, nr_sectors = 2 limit=0
[ 624.137789][T25720] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7412'.
[ 624.162854][T25720] netlink: 36 bytes leftover after parsing attributes in process `syz.3.7412'.
[ 624.172334][T25718] syz.0.7410: attempt to access beyond end of device
[ 624.172334][T25718] nbd0: rw=0, sector=0, nr_sectors = 2 limit=0
[ 624.218608][T25718] syz.0.7410: attempt to access beyond end of device
[ 624.218608][T25718] nbd0: rw=0, sector=18, nr_sectors = 2 limit=0
[ 624.232084][T25718] syz.0.7410: attempt to access beyond end of device
[ 624.232084][T25718] nbd0: rw=0, sector=30, nr_sectors = 2 limit=0
[ 624.251259][T25718] syz.0.7410: attempt to access beyond end of device
[ 624.251259][T25718] nbd0: rw=0, sector=36, nr_sectors = 2 limit=0
[ 624.295779][T25718] VFS: unable to find oldfs superblock on device nbd0
[ 625.149560][T25777] comedi comedi0: dt2801: I/O port conflict (0x4f27,2)
[ 625.179928][T25780] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7430'.
[ 625.216846][T25780] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7430'.
[ 625.461026][T20229] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 625.524409][T25803] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7437'.
[ 625.541450][T25803] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7437'.
[ 625.552939][T25803] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7437'.
[ 625.674864][T20229] usb 3-1: Using ep0 maxpacket: 16
[ 625.683134][T20229] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024
[ 625.707808][T20229] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024
[ 625.728349][T20229] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 2269, setting to 1024
[ 625.749638][T20229] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[ 625.777946][T20229] usb 3-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[ 625.787670][T20229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 625.806010][T20229] usb 3-1: Product: syz
[ 625.814159][T20229] usb 3-1: Manufacturer: syz
[ 625.824730][T20229] usb 3-1: SerialNumber: syz
[ 625.836717][T20229] usb 3-1: config 0 descriptor??
[ 625.844736][T25782] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 625.853002][T25782] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 625.873697][ C1] port100 3-1:0.0: NFC: Urb failure (status -71)
[ 625.889282][ C1] port100 3-1:0.0: NFC: Urb failure (status -71)
[ 625.910664][T20229] port100 3-1:0.0: NFC: Could not get supported command types
[ 626.095631][T20227] usb 3-1: USB disconnect, device number 26
[ 626.378973][T25856] netlink: 52 bytes leftover after parsing attributes in process `syz.0.7450'.
[ 627.008961][T25886] loop0: detected capacity change from 0 to 4096
[ 627.038248][T25886] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[ 627.088913][T25895] netlink: 'syz.2.7463': attribute type 21 has an invalid length.
[ 627.119968][T25895] netlink: 128 bytes leftover after parsing attributes in process `syz.2.7463'.
[ 627.150338][T25895] netlink: 'syz.2.7463': attribute type 4 has an invalid length.
[ 627.172478][T25895] netlink: 'syz.2.7463': attribute type 5 has an invalid length.
[ 627.606614][T25920] loop0: detected capacity change from 0 to 256
[ 627.628548][T25920] exfat: Deprecated parameter 'namecase'
[ 627.664492][T25920] exfat: Deprecated parameter 'namecase'
[ 627.750507][T25920] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[ 627.895999][T25935] loop3: detected capacity change from 0 to 128
[ 627.997985][T25941] tmpfs: Bad value for 'mpol'
[ 628.375804][T25965] loop2: detected capacity change from 0 to 128
[ 628.731647][T25980] loop3: detected capacity change from 0 to 2048
[ 628.815996][T25991] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 628.901160][T25980] NILFS error (device loop3): nilfs_lookup: deleted inode referenced: 12
[ 628.995983][T25980] Remounting filesystem read-only
[ 629.887143][T20227] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 630.066730][T26062] loop0: detected capacity change from 0 to 128
[ 630.112475][T20227] usb 3-1: Using ep0 maxpacket: 16
[ 630.126172][T26065] loop3: detected capacity change from 0 to 256
[ 630.142764][T20227] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[ 630.148480][T26065] exfat: Deprecated parameter 'namecase'
[ 630.165994][T20227] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 630.201491][T20227] usb 3-1: config 0 has no interface number 0
[ 630.225661][T20227] usb 3-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[ 630.235916][T26065] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 630.245855][T20227] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 630.294614][T20227] usb 3-1: Product: syz
[ 630.298856][T20227] usb 3-1: Manufacturer: syz
[ 630.303494][T20227] usb 3-1: SerialNumber: syz
[ 630.345292][T20227] usb 3-1: config 0 descriptor??
[ 630.609847][T20227] usb 3-1: Found UVC 0.00 device syz (046d:08d3)
[ 630.623934][T20227] usb 3-1: No valid video chain found.
[ 630.669075][T26091] __nla_validate_parse: 1 callbacks suppressed
[ 630.669092][T26091] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7517'.
[ 630.813767][T20227] usb 3-1: USB disconnect, device number 27
[ 631.018603][T26113] loop0: detected capacity change from 0 to 1024
[ 631.506825][T26143] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7531'.
[ 631.680470][T26145] loop0: detected capacity change from 0 to 4096
[ 631.718072][T26145] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[ 631.856358][T26145] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[ 632.067996][ T5785] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22.
[ 632.079171][ T5785] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[ 632.351273][T26178] netlink: 'syz.3.7542': attribute type 8 has an invalid length.
[ 632.367181][T26178] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.7542'.
[ 632.819324][T26168] loop2: detected capacity change from 0 to 32768
[ 632.842560][T26168] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 632.886116][T26168] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 632.943726][T26168] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[ 633.016544][T20229] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 633.038398][T20229] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 633.047876][T26208] overlayfs: overlapping lowerdir path
[ 633.185694][T20229] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 137ms
[ 633.200031][T20229] gfs2: fsid=syz:syz.0: jid=0: Done
[ 633.209506][T26168] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 633.563747][T26227] xt_connbytes: Forcing CT accounting to be enabled
[ 633.594789][T26230] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7553'.
[ 633.752177][T26240] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7556'.
[ 634.042646][T26257] overlayfs: overlapping lowerdir path
[ 634.051416][T26258] loop3: detected capacity change from 0 to 256
[ 634.197503][T26264] PM: Enabling pm_trace changes system date and time during resume.
[ 634.197503][T26264] PM: Correct system time has to be restored manually after resume.
[ 634.392587][T26273] loop3: detected capacity change from 0 to 8
[ 634.970695][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 634.977499][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 635.620300][T26345] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7591'.
[ 635.640082][T26345] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7591'.
[ 636.402833][T26399] bond0: Error: Cannot enslave bond to itself.
[ 636.628478][T26414] netlink: 'syz.3.7607': attribute type 5 has an invalid length.
[ 636.783396][ T788] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 636.974895][ T788] usb 3-1: Using ep0 maxpacket: 32
[ 636.992316][ T788] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[ 637.000653][ T788] usb 3-1: config 0 has no interface number 0
[ 637.011487][ T788] usb 3-1: config 0 interface 89 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 637.024619][ T788] usb 3-1: config 0 interface 89 has no altsetting 0
[ 637.034528][ T788] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[ 637.043911][ T788] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[ 637.052112][ T788] usb 3-1: Product: syz
[ 637.056517][ T788] usb 3-1: Manufacturer: syz
[ 637.061419][ T788] usb 3-1: SerialNumber: syz
[ 637.068822][ T788] usb 3-1: config 0 descriptor??
[ 637.078693][ T788] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 637.088702][ T788] em28xx 3-1:0.89: Video interface 89 found:
[ 637.585852][ T788] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[ 637.666607][ T788] em28xx 3-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 637.675552][ T788] em28xx 3-1:0.89: board has no eeprom
[ 637.757699][ T788] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[ 637.765156][ T788] em28xx 3-1:0.89: analog set to bulk mode.
[ 637.771446][ T5870] em28xx 3-1:0.89: Registering V4L2 extension
[ 637.795176][ T788] usb 3-1: USB disconnect, device number 28
[ 637.809605][ T788] em28xx 3-1:0.89: Disconnecting em28xx
[ 637.844710][ T5870] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[ 637.852998][ T5870] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[ 637.860053][ T5870] em28xx 3-1:0.89: No AC97 audio processor
[ 637.876990][ T5870] usb 3-1: Decoder not found
[ 637.881653][ T5870] em28xx 3-1:0.89: failed to create media graph
[ 637.889513][ T5870] em28xx 3-1:0.89: V4L2 device video103 deregistered
[ 637.900307][ T5870] em28xx 3-1:0.89: Registering snapshot button...
[ 637.911598][ T5870] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input23
[ 637.927437][ T5870] em28xx 3-1:0.89: Remote control support is not available for this card.
[ 637.936102][ T788] em28xx 3-1:0.89: Closing input extension
[ 637.945210][ T788] em28xx 3-1:0.89: Deregistering snapshot button
[ 637.987221][ T788] em28xx 3-1:0.89: Freeing device
[ 638.764300][T26499] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[ 639.224000][T26521] libceph: resolve '.
[ 639.224000][T26521] #)|.�Ø�²fÍ�¹Ç²a×ïÅ�2sˆ��oÖw¿úÕ?£'Ê%ÐKAq‰f»CÖê¨Âz¿eSb3L)Hyúo�¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM¤�¨ìó¤h��‡E$
[ 639.224000][T26521] ' (ret=-3): failed
[ 639.363412][T26533] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7640'.
[ 640.084986][T26575] overlayfs: unescaped trailing colons in lowerdir mount option.
[ 640.971808][T26627] loop3: detected capacity change from 0 to 4096
[ 641.024872][T26635] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 641.919706][T26681] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7684'.
[ 642.617773][T26721] �ÿ: renamed from bond_slave_0 (while UP)
[ 643.004570][T26742] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7704'.
[ 643.303780][T26763] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7710'.
[ 643.323789][T26763] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7710'.
[ 643.675594][T26781] binfmt_misc: register: failed to install interpreter file ./file0
[ 644.009320][ T28] audit: type=1326 audit(1756509854.610:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26802 comm="syz.5.7722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 644.094153][ T28] audit: type=1326 audit(1756509854.610:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26802 comm="syz.5.7722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 644.148667][T26811] gtp0: entered promiscuous mode
[ 644.169794][ T28] audit: type=1326 audit(1756509854.619:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26802 comm="syz.5.7722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 644.231439][T26816] comedi comedi4: bad chanlist[0]=0x00001001 chan=4097 range length=2
[ 644.257033][ T28] audit: type=1326 audit(1756509854.619:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26802 comm="syz.5.7722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 644.329856][ T28] audit: type=1326 audit(1756509854.619:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26802 comm="syz.5.7722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 645.552303][T26925] netlink: 16 bytes leftover after parsing attributes in process `syz.2.7751'.
[ 645.891405][T26942] ieee802154 phy0 wpan0: encryption failed: -90
[ 646.330904][T26963] overlayfs: unescaped trailing colons in lowerdir mount option.
[ 646.662524][T26980] loop0: detected capacity change from 0 to 65
[ 646.720483][T26980] BFS-fs: bfs_fill_super(): NOTE: filesystem loop0 was created with 512 inodes, the real maximum is 511, mounting anyway
[ 646.726767][T26984] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7770'.
[ 647.065271][T26998] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 647.072613][T26998] IPv6: NLM_F_CREATE should be set when creating new route
[ 647.079996][T26998] IPv6: NLM_F_CREATE should be set when creating new route
[ 647.590603][T20227] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 647.786210][T20227] usb 4-1: Using ep0 maxpacket: 8
[ 647.802764][T20227] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 647.820596][T20227] usb 4-1: config 8 has an invalid interface number: 61 but max is 2
[ 647.857886][T20227] usb 4-1: config 8 has 1 interface, different from the descriptor's value: 3
[ 647.877894][T20227] usb 4-1: config 8 has no interface number 0
[ 647.899574][T20227] usb 4-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0
[ 647.921383][T20227] usb 4-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0
[ 647.931764][T20227] usb 4-1: config 8 interface 61 has no altsetting 0
[ 647.932803][T27050] netlink: 36 bytes leftover after parsing attributes in process `syz.5.7787'.
[ 647.942097][T20227] usb 4-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f
[ 647.952619][T27050] netlink: 36 bytes leftover after parsing attributes in process `syz.5.7787'.
[ 647.957116][T20227] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 647.974986][T20227] usb 4-1: Product: syz
[ 647.979704][T20227] usb 4-1: Manufacturer: syz
[ 647.984358][T20227] usb 4-1: SerialNumber: syz
[ 647.989215][T27050] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7787'.
[ 648.250056][T20227] bfusb: probe of 4-1:8.61 failed with error -5
[ 648.274510][T20227] usb 4-1: USB disconnect, device number 25
[ 650.371305][ T5102] Bluetooth: hci2: command 0x0406 tx timeout
[ 651.453854][T27111] vxcan1 speed is unknown, defaulting to 1000
[ 651.631628][T20229] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 651.848598][T20229] usb 3-1: Using ep0 maxpacket: 8
[ 651.870625][T20229] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 651.892538][T20229] usb 3-1: config 8 has an invalid interface number: 61 but max is 2
[ 651.910058][T20229] usb 3-1: config 8 has 1 interface, different from the descriptor's value: 3
[ 651.937745][T20229] usb 3-1: config 8 has no interface number 0
[ 651.952306][T20229] usb 3-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0
[ 651.981307][T20229] usb 3-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0
[ 652.019431][T20229] usb 3-1: config 8 interface 61 has no altsetting 0
[ 652.040189][T20229] usb 3-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f
[ 652.059172][T20229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 652.076300][T20229] usb 3-1: Product: syz
[ 652.090221][T20229] usb 3-1: Manufacturer: syz
[ 652.116846][T20229] usb 3-1: SerialNumber: syz
[ 652.174802][T27111] wg1 speed is unknown, defaulting to 1000
[ 652.191293][T27138] netlink: 4268 bytes leftover after parsing attributes in process `syz.5.7807'.
[ 652.317484][T27126] loop0: detected capacity change from 0 to 32768
[ 652.389532][T27126]
[ 652.389532][T27126] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 652.389532][T27126]
[ 652.403528][T20229] bfusb: probe of 3-1:8.61 failed with error -5
[ 652.421981][T20229] usb 3-1: USB disconnect, device number 29
[ 652.604179][ T5785]
[ 652.604179][ T5785] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 652.604179][ T5785]
[ 652.624102][ T5785]
[ 652.624102][ T5785] ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 652.624102][ T5785]
[ 652.780431][T27177] delete_channel: no stack
[ 653.274604][T27215] netlink: 'syz.5.7816': attribute type 4 has an invalid length.
[ 653.555522][T27229] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7819'.
[ 654.082205][T27242] loop3: detected capacity change from 0 to 1764
[ 654.110339][T27242] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[ 654.154181][T27242] iso9660: Corrupted directory entry in block 2 of inode 1920
[ 654.484537][T27272] syz.3.7832: attempt to access beyond end of device
[ 654.484537][T27272] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[ 654.500145][T27272] syz.3.7832: attempt to access beyond end of device
[ 654.500145][T27272] nbd3: rw=0, sector=0, nr_sectors = 2 limit=0
[ 654.517362][T27272] syz.3.7832: attempt to access beyond end of device
[ 654.517362][T27272] nbd3: rw=0, sector=0, nr_sectors = 2 limit=0
[ 654.531639][T27272] syz.3.7832: attempt to access beyond end of device
[ 654.531639][T27272] nbd3: rw=0, sector=18, nr_sectors = 2 limit=0
[ 654.544933][T27272] syz.3.7832: attempt to access beyond end of device
[ 654.544933][T27272] nbd3: rw=0, sector=30, nr_sectors = 2 limit=0
[ 654.560038][T27272] syz.3.7832: attempt to access beyond end of device
[ 654.560038][T27272] nbd3: rw=0, sector=36, nr_sectors = 2 limit=0
[ 654.573048][T27272] VFS: unable to find oldfs superblock on device nbd3
[ 654.848592][T27288] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7836'.
[ 654.860313][T27288] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7836'.
[ 654.869296][T27288] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7836'.
[ 655.168360][T27305] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7842'.
[ 655.183279][T27305] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7842'.
[ 655.746373][T27313] loop2: detected capacity change from 0 to 32768
[ 655.757273][T27313] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.7846 (27313)
[ 655.777350][T27313] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 655.787670][T27313] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[ 655.796637][T27313] BTRFS info (device loop2): using free space tree
[ 655.842794][T27313] BTRFS info (device loop2): enabling ssd optimizations
[ 655.850075][T27313] BTRFS info (device loop2): auto enabling async discard
[ 655.945848][ T5786] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 655.982094][T27335] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7848'.
[ 655.992090][T27335] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7848'.
[ 656.001666][T27335] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7848'.
[ 656.335149][T27349] loop0: detected capacity change from 0 to 1024
[ 656.355884][T27349] hfsplus: unable to parse mount options
[ 656.418655][ T6009] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 656.737627][T27349] loop0: detected capacity change from 0 to 32768
[ 656.745771][T27349] JFS: Invalid value of umask
[ 656.966735][ T5102] Bluetooth: hci0: unexpected event for opcode 0x043d
[ 657.269547][T27381] loop2: detected capacity change from 0 to 128
[ 657.729748][T27410] tmpfs: Bad value for 'mpol'
[ 658.227743][ T5870] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 658.427518][T27449] loop2: detected capacity change from 0 to 2048
[ 658.447856][ T5870] usb 4-1: Using ep0 maxpacket: 8
[ 658.457226][ T5870] usb 4-1: config 0 has too many interfaces: 65, using maximum allowed: 32
[ 658.484779][ T5870] usb 4-1: config 0 has an invalid interface number: 150 but max is 64
[ 658.488940][T27452] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 658.513496][ T5870] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 658.539881][ T5870] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 65
[ 658.570345][T27449] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12
[ 658.586584][ T5870] usb 4-1: config 0 has no interface number 0
[ 658.601239][T27449] Remounting filesystem read-only
[ 658.601829][ T5870] usb 4-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 658.689624][ T5870] usb 4-1: config 0 interface 150 has no altsetting 0
[ 658.716777][ T5870] usb 4-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[ 658.749791][ T5870] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 658.789770][ T5870] usb 4-1: config 0 descriptor??
[ 659.388889][ T5870] usb 4-1: USB disconnect, device number 26
[ 660.206102][T27547] Unsupported ieee802154 address type: 0
[ 660.268530][T27551] netlink: 'syz.0.7900': attribute type 21 has an invalid length.
[ 660.287506][T27551] netlink: 132 bytes leftover after parsing attributes in process `syz.0.7900'.
[ 660.598989][T27569] netlink: 'syz.5.7906': attribute type 2 has an invalid length.
[ 660.683018][T27567] vxcan1 speed is unknown, defaulting to 1000
[ 661.101988][T27597] loop0: detected capacity change from 0 to 64
[ 661.267295][T27602] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7917'.
[ 661.564275][T27609] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 661.651732][T27615] xt_bpf: check failed: parse error
[ 661.852572][T27567] wg1 speed is unknown, defaulting to 1000
[ 662.170976][T27658] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7928'.
[ 662.210359][T27660] netlink: 'syz.3.7929': attribute type 21 has an invalid length.
[ 662.243924][T27660] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7929'.
[ 662.276083][T27663] xt_hashlimit: max too large, truncated to 1048576
[ 662.897841][T27697] netlink: 128 bytes leftover after parsing attributes in process `syz.3.7940'.
[ 662.907361][T27697] netlink: 20 bytes leftover after parsing attributes in process `syz.3.7940'.
[ 663.181470][T27705] Unsupported ieee802154 address type: 0
[ 665.518860][ T788] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 665.711123][ T788] usb 4-1: Using ep0 maxpacket: 16
[ 665.718374][ T788] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[ 665.726665][ T788] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 665.736818][ T788] usb 4-1: config 0 has no interface number 0
[ 665.748095][ T788] usb 4-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[ 665.757474][ T788] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 665.765762][ T788] usb 4-1: Product: syz
[ 665.769963][ T788] usb 4-1: Manufacturer: syz
[ 665.774581][ T788] usb 4-1: SerialNumber: syz
[ 665.781289][ T788] usb 4-1: config 0 descriptor??
[ 666.013241][ T788] usb 4-1: Found UVC 0.00 device syz (046d:08d3)
[ 666.019659][ T788] usb 4-1: No valid video chain found.
[ 666.243442][ T788] usb 4-1: USB disconnect, device number 27
[ 667.187850][ T788] usb 4-1: new full-speed USB device number 28 using dummy_hcd
[ 667.392407][ T788] usb 4-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[ 667.402372][T27866] loop2: detected capacity change from 0 to 4096
[ 667.421633][ T788] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 667.457702][ T788] usb 4-1: config 0 descriptor??
[ 667.464996][T27872] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 667.489798][ T788] gspca_main: sunplus-2.14.0 probing 055f:c420
[ 667.520950][T27876] libceph: resolve '.
[ 667.520950][T27876] #)|.�Ø�²fÍ�¹Ç²a×ïÅ�2sˆ��oÖw¿úÕ?£'Ê%ÐKAq‰f»CÖê¨Âz¿eSb3L)Hyúo�¤¶ÿÿÿÿÿÿÿ÷ǤÜYšM¤�¨ìó¤h��‡E$
[ 667.520950][T27876] ' (ret=-3): failed
[ 667.928757][ T788] gspca_sunplus: reg_w_riv err -71
[ 667.934167][ T788] sunplus: probe of 4-1:0.0 failed with error -71
[ 667.942837][ T788] usb 4-1: USB disconnect, device number 28
[ 669.336088][T27944] vxcan1 speed is unknown, defaulting to 1000
[ 669.378702][ T5870] usb 3-1: new full-speed USB device number 30 using dummy_hcd
[ 669.548328][T27944] wg1 speed is unknown, defaulting to 1000
[ 669.601103][ T5870] usb 3-1: config 0 has an invalid interface number: 40 but max is 0
[ 669.609669][ T5870] usb 3-1: config 0 has no interface number 0
[ 669.622062][ T5870] usb 3-1: New USB device found, idVendor=0403, idProduct=a951, bcdDevice=c0.f8
[ 669.632626][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 669.646709][ T5870] usb 3-1: config 0 descriptor??
[ 669.667290][ T5870] hub 3-1:0.40: bad descriptor, ignoring hub
[ 669.673668][ T5870] hub: probe of 3-1:0.40 failed with error -5
[ 669.685294][ T5870] ftdi_sio 3-1:0.40: FTDI USB Serial Device converter detected
[ 669.720387][ T5870] ftdi_sio ttyUSB0: unknown device type: 0xc0f8
[ 670.105677][ T788] usb 3-1: USB disconnect, device number 30
[ 670.113274][ T788] ftdi_sio 3-1:0.40: device disconnected
[ 670.272491][T27972] loop3: detected capacity change from 0 to 32768
[ 670.285077][T27972] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 670.294373][T27972] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 670.327830][T27972] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[ 670.337574][ T788] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 670.349147][ T788] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 670.446840][ T788] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 91ms
[ 670.460232][ T788] gfs2: fsid=syz:syz.0: jid=0: Done
[ 670.467931][T27972] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 670.929746][T28007] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[ 670.948105][T28007] netdevsim netdevsim5 netdevsim0: left allmulticast mode
[ 670.969926][T28007] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 671.880732][T28044] vxcan1 speed is unknown, defaulting to 1000
[ 672.104864][T28044] wg1 speed is unknown, defaulting to 1000
[ 673.250255][T28116] loop2: detected capacity change from 0 to 2048
[ 673.312170][T28116] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 673.351100][T28120] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 673.623089][T28129] netlink: 'syz.5.8043': attribute type 13 has an invalid length.
[ 673.680791][T28079] loop0: detected capacity change from 0 to 32768
[ 673.716376][T28127] loop3: detected capacity change from 0 to 512
[ 673.725361][T28079] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 673.793854][T28079] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 673.841036][T28141] netlink: 'syz.5.8046': attribute type 10 has an invalid length.
[ 673.853247][T28127] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 673.873329][T28127] ext4 filesystem being mounted at /2045/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 673.904274][T28127] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #15: comm syz.3.8044: corrupted xattr block 19: overlapping e_value
[ 673.921918][T28079] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[ 673.957104][T28141] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 673.970972][T28127] EXT4-fs (loop3): Remounting filesystem read-only
[ 673.974025][T20227] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 673.986255][T20227] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 674.025371][T28141] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 674.113589][T20227] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 119ms
[ 674.154189][T20227] gfs2: fsid=syz:syz.0: jid=0: Done
[ 674.160537][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 674.185050][T28079] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 674.573353][T28161] loop3: detected capacity change from 0 to 4096
[ 675.136135][T28197] tmpfs: Bad value for 'mpol'
[ 675.151274][T20226] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 675.283983][T28203] loop3: detected capacity change from 0 to 2048
[ 675.294217][T28203] EXT4-fs: Ignoring removed mblk_io_submit option
[ 675.337540][T28203] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 675.368050][T20226] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 675.378020][T20226] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 675.398973][T28203] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.8060: bg 0: block 234: padding at end of block bitmap is not set
[ 675.415961][T20226] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 675.425341][T20226] usb 3-1: config 1 has no interface number 0
[ 675.431662][T20226] usb 3-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30
[ 675.442843][T20226] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[ 675.459458][T20226] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 675.466519][T28203] EXT4-fs (loop3): Remounting filesystem read-only
[ 675.471632][T20226] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 675.483714][T20226] usb 3-1: Product: syz
[ 675.487934][T20226] usb 3-1: Manufacturer: syz
[ 675.492584][T20226] usb 3-1: SerialNumber: syz
[ 675.519059][T28213] loop0: detected capacity change from 0 to 64
[ 675.541187][T28213] hfs: unable to locate alternate MDB
[ 675.555304][T28213] hfs: continuing without an alternate MDB
[ 675.570822][T28213] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only.
[ 675.626192][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 676.025995][T20226] usb 3-1: USB disconnect, device number 31
[ 676.581448][T28275] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8078'.
[ 677.089600][T28305] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8088'.
[ 677.485454][T28327] loop0: detected capacity change from 0 to 256
[ 677.541272][T28327] FAT-fs (loop0): Directory bread(block 64) failed
[ 677.562557][T28327] FAT-fs (loop0): Directory bread(block 65) failed
[ 677.598249][T28327] FAT-fs (loop0): Directory bread(block 66) failed
[ 677.616338][T28327] FAT-fs (loop0): Directory bread(block 67) failed
[ 677.640841][T28327] FAT-fs (loop0): Directory bread(block 68) failed
[ 677.663340][T28327] FAT-fs (loop0): Directory bread(block 69) failed
[ 677.684766][T28327] FAT-fs (loop0): Directory bread(block 70) failed
[ 677.691468][T28327] FAT-fs (loop0): Directory bread(block 71) failed
[ 677.719318][T28327] FAT-fs (loop0): Directory bread(block 72) failed
[ 677.726503][T28327] FAT-fs (loop0): Directory bread(block 73) failed
[ 678.130190][T28349] loop3: detected capacity change from 0 to 4096
[ 678.198068][T28349] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[ 678.388383][T28349] ntfs3: loop3: Failed to load $Extend (-22).
[ 678.412179][T28349] ntfs3: loop3: Failed to initialize $Extend.
[ 678.689063][T28381] loop2: detected capacity change from 0 to 512
[ 678.728735][T28381] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 678.914298][T28381] EXT4-fs (loop2): 1 truncate cleaned up
[ 678.921404][T28381] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 678.936740][T28397] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8116'.
[ 679.000842][T28381] EXT4-fs error (device loop2): ext4_get_parent:1910: comm syz.2.8110: inode #2: comm syz.2.8110: iget: illegal inode #
[ 679.143919][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 679.943944][T28441] xt_ecn: cannot match TCP bits for non-tcp packets
[ 680.028016][T28375] loop0: detected capacity change from 0 to 32768
[ 680.070429][T28375] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 680.142371][T28375] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 680.229770][T28375] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[ 680.279923][ T788] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 680.299483][ T788] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 680.360359][T28461] netlink: 'syz.3.8135': attribute type 8 has an invalid length.
[ 680.493280][ T788] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 181ms
[ 680.514700][ T788] gfs2: fsid=syz:syz.0: jid=0: Done
[ 680.528474][T28375] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 680.663385][T28375] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[ 680.699484][T28375] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 680.699484][T28375] inode = 12 2341
[ 680.699484][T28375] function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602
[ 680.752907][T28480] netlink: 'syz.2.8138': attribute type 62 has an invalid length.
[ 680.758383][T28375] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[ 680.785505][T28375] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:28375 [syz.0.8109] __gfs2_lookup+0x90/0x270
[ 680.806351][T28375] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0
[ 680.838782][T28375] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 680.847338][T28375] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 680.891813][T28375] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 680.931619][T28375] gfs2: fsid=syz:syz.0: File system withdrawn
[ 680.977532][T28375] CPU: 0 PID: 28375 Comm: syz.0.8109 Not tainted syzkaller #0
[ 680.985085][T28375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 680.995221][T28375] Call Trace:
[ 680.998534][T28375]
[ 681.001501][T28375] dump_stack_lvl+0x16c/0x230
[ 681.006234][T28375] ? kobject_uevent_env+0x359/0x8c0
[ 681.011503][T28375] ? show_regs_print_info+0x20/0x20
[ 681.017054][T28375] ? load_image+0x3b0/0x3b0
[ 681.021601][T28375] ? kobject_uevent_env+0x363/0x8c0
[ 681.026830][T28375] gfs2_withdraw+0xe50/0x13b0
[ 681.031534][T28375] ? gfs2_lm+0x220/0x220
[ 681.035990][T28375] ? load_image+0x3b0/0x3b0
[ 681.040517][T28375] ? gfs2_consist_inode_i+0xf5/0x110
[ 681.045904][T28375] gfs2_dirent_scan+0x525/0x650
[ 681.050770][T28375] ? gfs2_dirent_search+0x7e0/0x7e0
[ 681.055981][T28375] ? gfs2_dirent_search+0x7e0/0x7e0
[ 681.061188][T28375] gfs2_dirent_search+0x2e1/0x7e0
[ 681.066262][T28375] ? gfs2_permission+0x370/0x430
[ 681.071241][T28375] ? __might_sleep+0xe0/0xe0
[ 681.075860][T28375] ? gfs2_dir_search+0x220/0x220
[ 681.080900][T28375] ? gfs2_lookupi+0x5a0/0x5a0
[ 681.085595][T28375] ? do_raw_spin_lock+0x121/0x2c0
[ 681.090643][T28375] gfs2_dir_search+0x4d/0x220
[ 681.095334][T28375] gfs2_lookupi+0x3d9/0x5a0
[ 681.099859][T28375] ? gfs2_lookup_meta+0x170/0x170
[ 681.104896][T28375] ? __gfs2_lookup+0x90/0x270
[ 681.109602][T28375] __gfs2_lookup+0x90/0x270
[ 681.114126][T28375] ? __lock_acquire+0x7c80/0x7c80
[ 681.119172][T28375] ? gfs2_atomic_open+0x220/0x220
[ 681.124234][T28375] ? do_raw_spin_unlock+0x121/0x230
[ 681.129446][T28375] ? _raw_spin_unlock+0x28/0x40
[ 681.134359][T28375] ? d_alloc+0x173/0x1b0
[ 681.138645][T28375] lookup_one_qstr_excl+0x112/0x250
[ 681.143864][T28375] filename_create+0x222/0x460
[ 681.148648][T28375] ? kern_path_create+0x50/0x50
[ 681.153693][T28375] ? __virt_addr_valid+0x469/0x540
[ 681.158826][T28375] do_mkdirat+0xa1/0x440
[ 681.163091][T28375] ? vfs_mkdir+0x440/0x440
[ 681.167526][T28375] ? getname_flags+0x20a/0x500
[ 681.172322][T28375] __x64_sys_mkdir+0x6e/0x80
[ 681.177028][T28375] do_syscall_64+0x55/0xb0
[ 681.181628][T28375] ? clear_bhb_loop+0x40/0x90
[ 681.186312][T28375] ? clear_bhb_loop+0x40/0x90
[ 681.191088][T28375] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 681.197190][T28375] RIP: 0033:0x7f9efab8ebe9
[ 681.201622][T28375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 681.221240][T28375] RSP: 002b:00007f9efba4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 681.229664][T28375] RAX: ffffffffffffffda RBX: 00007f9efadc5fa0 RCX: 00007f9efab8ebe9
[ 681.237650][T28375] RDX: 0000000000000000 RSI: 00000000000001ad RDI: 0000200000000180
[ 681.245631][T28375] RBP: 00007f9efac11e19 R08: 0000000000000000 R09: 0000000000000000
[ 681.253616][T28375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 681.261771][T28375] R13: 00007f9efadc6038 R14: 00007f9efadc5fa0 R15: 00007ffe95df86f8
[ 681.269854][T28375]
[ 681.608350][T28508] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8148'.
[ 682.365352][T28544] loop3: detected capacity change from 0 to 164
[ 682.404954][T28544] ISOFS: unable to read i-node block
[ 682.415713][T28544] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[ 683.230684][T28584] loop2: detected capacity change from 0 to 164
[ 683.288270][T28584] ISOFS: unable to read i-node block
[ 683.299097][T28589] netlink: 'syz.3.8172': attribute type 1 has an invalid length.
[ 683.318335][T28584] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[ 683.319755][T28589] netlink: 224 bytes leftover after parsing attributes in process `syz.3.8172'.
[ 683.371335][T28589] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8172'.
[ 683.497840][T28601] loop0: detected capacity change from 0 to 256
[ 684.298477][T28642] loop0: detected capacity change from 0 to 512
[ 684.358817][T28642] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 684.396745][T28642] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c018, mo2=0002]
[ 684.454443][T28642] EXT4-fs (loop0): 1 truncate cleaned up
[ 684.462214][T28642] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 684.725746][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 684.923680][T28679] loop2: detected capacity change from 0 to 512
[ 684.934978][T28679] EXT4-fs: Ignoring removed bh option
[ 685.000185][T28679] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[ 685.048412][T28679] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[ 685.065955][T28679] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[ 685.110192][T28679] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[ 685.183873][T28679] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 685.312466][T28679] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.8200: bg 0: block 353: padding at end of block bitmap is not set
[ 685.448750][T28696] netlink: 44 bytes leftover after parsing attributes in process `syz.0.8204'.
[ 685.462380][T28673] loop3: detected capacity change from 0 to 32768
[ 685.476721][T28696] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8204'.
[ 685.485350][T28673] (syz.3.8199,28673,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 685.501964][T28696] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8204'.
[ 685.535891][T28673] (syz.3.8199,28673,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 685.562120][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 685.632090][T28673] JBD2: Ignoring recovery information on journal
[ 685.847824][T28673] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[ 686.050154][T28712] loop0: detected capacity change from 0 to 256
[ 686.149646][T28712] FAT-fs (loop0): Directory bread(block 64) failed
[ 686.181682][T28712] FAT-fs (loop0): Directory bread(block 65) failed
[ 686.192993][ T5784] ocfs2: Unmounting device (7,3) on (node local)
[ 686.215288][T28712] FAT-fs (loop0): Directory bread(block 66) failed
[ 686.241891][T28712] FAT-fs (loop0): Directory bread(block 67) failed
[ 686.251949][T28712] FAT-fs (loop0): Directory bread(block 68) failed
[ 686.280758][T28712] FAT-fs (loop0): Directory bread(block 69) failed
[ 686.287560][T28712] FAT-fs (loop0): Directory bread(block 70) failed
[ 686.322555][T28712] FAT-fs (loop0): Directory bread(block 71) failed
[ 686.329260][T28712] FAT-fs (loop0): Directory bread(block 72) failed
[ 686.344686][T28712] FAT-fs (loop0): Directory bread(block 73) failed
[ 687.003992][T28748] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8217'.
[ 687.384119][T28766] loop0: detected capacity change from 0 to 512
[ 687.413435][T28766] EXT4-fs: Ignoring removed bh option
[ 687.447025][T28766] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 687.472749][T28766] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[ 687.508317][T28766] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended
[ 687.542490][T28766] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[ 687.585759][T28766] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 687.679492][T28766] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.8224: bg 0: block 353: padding at end of block bitmap is not set
[ 687.833561][ T5785] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 687.915318][T28792] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8230'.
[ 687.963036][T28792] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[ 688.035817][T28733] loop2: detected capacity change from 0 to 40427
[ 688.062471][T28733] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x7ffff
[ 688.101050][T28733] F2FS-fs (loop2): invalid crc value
[ 688.156222][T28803] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: invalid value (0)
[ 688.188934][T28803] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: allowed values 1 - 65535
[ 688.200535][T28733] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 688.342728][T28733] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 688.353603][T28807] bond2: entered promiscuous mode
[ 688.359772][T28807] bond2: entered allmulticast mode
[ 688.366280][T28807] 8021q: adding VLAN 0 to HW filter on device bond2
[ 688.379583][T28811] netlink: 'syz.0.8234': attribute type 21 has an invalid length.
[ 688.414649][T28811] netlink: 144 bytes leftover after parsing attributes in process `syz.0.8234'.
[ 689.854335][T28933] xt_TCPMSS: Only works on TCP SYN packets
[ 690.003438][T28938] loop3: detected capacity change from 0 to 512
[ 690.074506][T28938] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 690.094303][T28938] ext4 filesystem being mounted at /2108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 690.160241][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 690.645686][T28971] loop3: detected capacity change from 0 to 164
[ 690.910620][T28950] loop2: detected capacity change from 0 to 32768
[ 690.926265][T28950] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 690.947857][T28950] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 690.971285][T28950] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[ 691.001143][ T9] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 691.011317][ T9] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 691.090311][ T9] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 73ms
[ 691.098531][ T9] gfs2: fsid=syz:syz.0: jid=0: Done
[ 691.104331][T28950] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 691.186993][T28950] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[ 691.207702][T28950] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[ 691.207702][T28950] inode = 12 2341
[ 691.207702][T28950] function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602
[ 691.250557][T28950] gfs2: fsid=syz:syz.0: G: s:SH n:2/925 f:qob t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[ 691.267167][T28950] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:28950 [syz.2.8262] __gfs2_lookup+0x90/0x270
[ 691.277610][T28950] gfs2: fsid=syz:syz.0: I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0
[ 691.290974][T28950] gfs2: fsid=syz:syz.0: about to withdraw this file system
[ 691.308193][T28950] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[ 691.326315][T28950] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[ 691.385916][T28950] gfs2: fsid=syz:syz.0: File system withdrawn
[ 691.401406][T28950] CPU: 0 PID: 28950 Comm: syz.2.8262 Not tainted syzkaller #0
[ 691.409163][T28950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 691.419270][T28950] Call Trace:
[ 691.422572][T28950]
[ 691.425515][T28950] dump_stack_lvl+0x16c/0x230
[ 691.430315][T28950] ? kobject_uevent_env+0x359/0x8c0
[ 691.435616][T28950] ? show_regs_print_info+0x20/0x20
[ 691.440861][T28950] ? load_image+0x3b0/0x3b0
[ 691.445385][T28950] ? kobject_uevent_env+0x363/0x8c0
[ 691.450626][T28950] gfs2_withdraw+0xe50/0x13b0
[ 691.455334][T28950] ? gfs2_lm+0x220/0x220
[ 691.459589][T28950] ? load_image+0x3b0/0x3b0
[ 691.464105][T28950] ? gfs2_consist_inode_i+0xf5/0x110
[ 691.469494][T28950] gfs2_dirent_scan+0x525/0x650
[ 691.474355][T28950] ? gfs2_dirent_search+0x7e0/0x7e0
[ 691.479562][T28950] ? gfs2_dirent_search+0x7e0/0x7e0
[ 691.484767][T28950] gfs2_dirent_search+0x2e1/0x7e0
[ 691.489815][T28950] ? gfs2_permission+0x370/0x430
[ 691.494768][T28950] ? __might_sleep+0xe0/0xe0
[ 691.499378][T28950] ? gfs2_dir_search+0x220/0x220
[ 691.504338][T28950] ? gfs2_lookupi+0x5a0/0x5a0
[ 691.509116][T28950] ? do_raw_spin_lock+0x121/0x2c0
[ 691.514251][T28950] gfs2_dir_search+0x4d/0x220
[ 691.519238][T28950] gfs2_lookupi+0x3d9/0x5a0
[ 691.523765][T28950] ? gfs2_lookup_meta+0x170/0x170
[ 691.528821][T28950] ? __gfs2_lookup+0x90/0x270
[ 691.533533][T28950] __gfs2_lookup+0x90/0x270
[ 691.538053][T28950] ? __lock_acquire+0x7c80/0x7c80
[ 691.543087][T28950] ? gfs2_atomic_open+0x220/0x220
[ 691.548212][T28950] ? do_raw_spin_unlock+0x121/0x230
[ 691.553425][T28950] ? _raw_spin_unlock+0x28/0x40
[ 691.558815][T28950] ? d_alloc+0x173/0x1b0
[ 691.563076][T28950] lookup_one_qstr_excl+0x112/0x250
[ 691.568729][T28950] filename_create+0x222/0x460
[ 691.573516][T28950] ? kern_path_create+0x50/0x50
[ 691.578386][T28950] ? __virt_addr_valid+0x469/0x540
[ 691.583521][T28950] do_mkdirat+0xa1/0x440
[ 691.587870][T28950] ? vfs_mkdir+0x440/0x440
[ 691.592320][T28950] ? getname_flags+0x20a/0x500
[ 691.597105][T28950] __x64_sys_mkdir+0x6e/0x80
[ 691.601717][T28950] do_syscall_64+0x55/0xb0
[ 691.606184][T28950] ? clear_bhb_loop+0x40/0x90
[ 691.610879][T28950] ? clear_bhb_loop+0x40/0x90
[ 691.615593][T28950] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 691.621592][T28950] RIP: 0033:0x7f605838ebe9
[ 691.626024][T28950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 691.645764][T28950] RSP: 002b:00007f605922f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 691.654223][T28950] RAX: ffffffffffffffda RBX: 00007f60585c5fa0 RCX: 00007f605838ebe9
[ 691.662210][T28950] RDX: 0000000000000000 RSI: 00000000000001ad RDI: 0000200000000180
[ 691.670280][T28950] RBP: 00007f6058411e19 R08: 0000000000000000 R09: 0000000000000000
[ 691.678264][T28950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 691.686364][T28950] R13: 00007f60585c6038 R14: 00007f60585c5fa0 R15: 00007ffe24466c48
[ 691.694364][T28950]
[ 691.697474][ C0] vkms_vblank_simulate: vblank timer overrun
[ 692.417677][T29033] netlink: 'syz.3.8283': attribute type 21 has an invalid length.
[ 692.435812][T29033] netlink: 128 bytes leftover after parsing attributes in process `syz.3.8283'.
[ 692.460240][T29033] netlink: 'syz.3.8283': attribute type 5 has an invalid length.
[ 692.476049][T29033] netlink: 'syz.3.8283': attribute type 6 has an invalid length.
[ 692.500278][T29033] netlink: 3 bytes leftover after parsing attributes in process `syz.3.8283'.
[ 693.188379][T29068] netlink: 'syz.0.8293': attribute type 29 has an invalid length.
[ 693.196341][T29068] netlink: 'syz.0.8293': attribute type 29 has an invalid length.
[ 694.070070][T29105] gtp0: entered promiscuous mode
[ 695.051354][T29161] loop3: detected capacity change from 0 to 64
[ 695.340484][T29173] netlink: 32 bytes leftover after parsing attributes in process `syz.5.8331'.
[ 695.378758][T29173] netlink: 48 bytes leftover after parsing attributes in process `syz.5.8331'.
[ 695.391800][T29173] netlink: 48 bytes leftover after parsing attributes in process `syz.5.8331'.
[ 695.545569][T29184] tmpfs: Bad value for 'mpol'
[ 695.579719][T29189] loop0: detected capacity change from 0 to 128
[ 695.644785][T29189] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[ 695.716990][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 695.757179][T29189] FAT-fs (loop0): Filesystem has been set read-only
[ 695.774895][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 695.815518][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 695.852625][T29201] loop2: detected capacity change from 0 to 256
[ 695.859254][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 695.876536][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 695.906548][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 695.939362][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 695.952466][T29201] FAT-fs (loop2): Directory bread(block 64) failed
[ 695.952508][T29201] FAT-fs (loop2): Directory bread(block 65) failed
[ 695.952604][T29201] FAT-fs (loop2): Directory bread(block 66) failed
[ 695.997763][T29201] FAT-fs (loop2): Directory bread(block 67) failed
[ 696.004555][T29201] FAT-fs (loop2): Directory bread(block 68) failed
[ 696.017467][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 696.040455][T29201] FAT-fs (loop2): Directory bread(block 69) failed
[ 696.047186][T29201] FAT-fs (loop2): Directory bread(block 70) failed
[ 696.054270][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 696.073135][T29189] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 550)
[ 696.089333][T29201] FAT-fs (loop2): Directory bread(block 71) failed
[ 696.104718][T29201] FAT-fs (loop2): Directory bread(block 72) failed
[ 696.112355][T29201] FAT-fs (loop2): Directory bread(block 73) failed
[ 696.119557][T29211] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8333'.
[ 696.132948][ T28] audit: type=1800 audit(1756509903.372:283): pid=29189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.8334" name="file2" dev="loop0" ino=1048676 res=0 errno=0
[ 696.139734][T29189] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[ 696.842254][ T9] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 697.056329][ T9] usb 4-1: Using ep0 maxpacket: 16
[ 697.071220][ T9] usb 4-1: config 0 has an invalid interface number: 214 but max is 0
[ 697.102800][ T9] usb 4-1: config 0 has no interface number 0
[ 697.127808][ T9] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 697.149627][ T9] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[ 697.192111][ T9] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3
[ 697.219636][ T9] usb 4-1: Manufacturer: syz
[ 697.224304][ T9] usb 4-1: SerialNumber: syz
[ 697.258233][ T9] usb 4-1: config 0 descriptor??
[ 697.546347][ T28] audit: type=1326 audit(1756509904.691:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29291 comm="syz.0.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 697.590216][ T28] audit: type=1326 audit(1756509904.691:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29291 comm="syz.0.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 697.619431][ T28] audit: type=1326 audit(1756509904.728:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29291 comm="syz.0.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 697.678696][ T28] audit: type=1326 audit(1756509904.728:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29291 comm="syz.0.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 697.684237][T29289] loop2: detected capacity change from 0 to 4096
[ 697.732411][T29289] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[ 697.764887][ T9] usbtouchscreen: probe of 4-1:0.214 failed with error -71
[ 697.797672][ T28] audit: type=1326 audit(1756509904.728:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29291 comm="syz.0.8357" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 697.801853][ T9] usb 4-1: USB disconnect, device number 29
[ 697.837416][T29289] ntfs: (device loop2): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[ 697.857941][T29289] ntfs: (device loop2): ntfs_read_locked_inode(): $DATA attribute is missing.
[ 697.888569][T29289] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk.
[ 697.937767][T29289] ntfs: volume version 3.1.
[ 698.423423][T29328] netlink: 'syz.0.8365': attribute type 10 has an invalid length.
[ 698.465836][T29328] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 698.483959][T29328] batadv0: entered promiscuous mode
[ 698.490268][T29328] batadv0: entered allmulticast mode
[ 698.510981][T29328] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 698.702421][T29335] 9pnet_fd: p9_fd_create_unix (29335): problem connecting socket: ./file0: -111
[ 699.017017][T29316] loop2: detected capacity change from 0 to 32768
[ 699.077701][T29316] ERROR: (device loop2): dbAllocNext: Corrupt dmap page
[ 699.077701][T29316]
[ 699.317952][T29363] netlink: 68 bytes leftover after parsing attributes in process `syz.0.8377'.
[ 699.337662][T29363] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8377'.
[ 699.382133][T29367] netlink: 'syz.3.8379': attribute type 6 has an invalid length.
[ 699.620460][T29377] loop0: detected capacity change from 0 to 2048
[ 699.642505][T29377] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 699.739330][T29385] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 699.791970][T29388] loop3: detected capacity change from 0 to 256
[ 699.836597][T29388] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[ 700.215243][T29408] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8387'.
[ 700.405329][T29420] 9pnet_fd: p9_fd_create_unix (29420): problem connecting socket: ./file0: -111
[ 700.553239][T29427] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8395'.
[ 700.574021][T29428] sctp: [Deprecated]: syz.0.8394 (pid 29428) Use of int in maxseg socket option.
[ 700.574021][T29428] Use struct sctp_assoc_value instead
[ 700.656369][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 700.662941][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 700.968814][T20229] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[ 701.175327][T20229] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 701.200425][T20229] usb 3-1: config 1 has no interface number 1
[ 701.222006][T20229] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 701.253664][T29467] ax25_connect(): syz.5.8406 uses autobind, please contact jreuter@yaina.de
[ 701.255769][T20229] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[ 701.283512][T20229] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 701.297352][T20229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 701.325154][T20229] usb 3-1: Product: syz
[ 701.329480][T20229] usb 3-1: Manufacturer: syz
[ 701.357198][T20229] usb 3-1: SerialNumber: syz
[ 701.604051][T20229] usb 3-1: 2:1 : unsupported format bits 0x80
[ 701.668457][T20229] usb 3-1: USB disconnect, device number 32
[ 701.772363][ T5794] udevd[5794]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 702.495847][T29545] xt_hashlimit: invalid rate
[ 702.924458][T29567] misc userio: No port type given on /dev/userio
[ 703.791641][T29620] netlink: 'syz.3.8452': attribute type 6 has an invalid length.
[ 703.895568][T29625] netlink: 84 bytes leftover after parsing attributes in process `syz.5.8453'.
[ 703.966379][T29631] netlink: 48 bytes leftover after parsing attributes in process `syz.0.8454'.
[ 704.846264][T29680] netlink: zone id is out of range
[ 704.919524][T29680] netlink: set zone limit has 4 unknown bytes
[ 705.048007][T29689] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8473'.
[ 705.116996][T29694] openvswitch: netlink: Actions may not be safe on all matching packets
[ 705.668026][T29724] netlink: 'syz.2.8485': attribute type 15 has an invalid length.
[ 705.822409][T29736] netlink: 172 bytes leftover after parsing attributes in process `syz.5.8488'.
[ 705.844830][T29736] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8488'.
[ 705.857110][T29736] netlink: 172 bytes leftover after parsing attributes in process `syz.5.8488'.
[ 705.868615][T29736] netlink: 100 bytes leftover after parsing attributes in process `syz.5.8488'.
[ 705.874083][T29738] tipc: Trying to set illegal importance in message
[ 705.899498][T29736] netlink: 32 bytes leftover after parsing attributes in process `syz.5.8488'.
[ 706.057539][ T5870] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 706.330052][ T5870] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 706.357030][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 706.386866][ T5870] usb 4-1: Product: syz
[ 706.396727][ T5870] usb 4-1: Manufacturer: syz
[ 706.403747][ T5870] usb 4-1: SerialNumber: syz
[ 706.414571][ T5870] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 706.443223][ T9] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 706.805048][T29788] netlink: 'syz.5.8504': attribute type 21 has an invalid length.
[ 706.817494][T29788] netlink: 132 bytes leftover after parsing attributes in process `syz.5.8504'.
[ 706.904849][T20226] usb 4-1: USB disconnect, device number 30
[ 707.046833][T29805] netlink: 'syz.2.8508': attribute type 21 has an invalid length.
[ 707.059273][T29805] netlink: 132 bytes leftover after parsing attributes in process `syz.2.8508'.
[ 707.454260][T29828] netlink: 'syz.2.8515': attribute type 5 has an invalid length.
[ 707.607616][ T9] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 707.614749][ T9] ath9k_htc: Failed to initialize the device
[ 707.673070][T20226] usb 4-1: ath9k_htc: USB layer deinitialized
[ 707.792401][ T28] kauditd_printk_skb: 1 callbacks suppressed
[ 707.792417][ T28] audit: type=1326 audit(1756509914.269:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29848 comm="syz.0.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 707.853526][ T28] audit: type=1326 audit(1756509914.269:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29848 comm="syz.0.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 707.875904][ C0] vkms_vblank_simulate: vblank timer overrun
[ 707.927476][ T28] audit: type=1326 audit(1756509914.307:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29848 comm="syz.0.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=107 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 707.949857][ C0] vkms_vblank_simulate: vblank timer overrun
[ 708.025565][ T28] audit: type=1326 audit(1756509914.307:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29848 comm="syz.0.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 708.124471][ T28] audit: type=1326 audit(1756509914.307:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29848 comm="syz.0.8521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 709.358789][T29926] netlink: 9 bytes leftover after parsing attributes in process `syz.2.8546'.
[ 709.427181][T29926] gretap0: entered promiscuous mode
[ 709.480830][T29873] loop3: detected capacity change from 0 to 40427
[ 709.548302][T29934] comedi: valid board names for 8255 driver are:
[ 709.558780][T29934] 8255
[ 709.574701][T29934] comedi: valid board names for vmk80xx driver are:
[ 709.592632][T29934] vmk80xx
[ 709.595805][T29934] comedi: valid board names for usbduxsigma driver are:
[ 709.649573][T29934] usbduxsigma
[ 709.658364][T29934] comedi: valid board names for usbduxfast driver are:
[ 709.690809][T29934] usbduxfast
[ 709.701629][T29934] comedi: valid board names for usbdux driver are:
[ 709.727995][T29934] usbdux
[ 709.745945][T29934] comedi: valid board names for ni6501 driver are:
[ 709.767182][T29934] ni6501
[ 709.778463][T29934] comedi: valid board names for dt9812 driver are:
[ 709.799238][T29934] dt9812
[ 709.810719][T29934] comedi: valid board names for ni_labpc_cs driver are:
[ 709.832402][T29934] ni_labpc_cs
[ 709.836870][T29934] comedi: valid board names for ni_daq_700 driver are:
[ 709.874218][T29934] ni_daq_700
[ 709.881607][T29934] comedi: valid board names for labpc_pci driver are:
[ 709.902676][T29950] program syz.5.8553 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 709.905229][T29934] labpc_pci
[ 709.925711][T29934] comedi: valid board names for adl_pci9118 driver are:
[ 709.949394][T29934] pci9118dg
[ 709.955384][T29934] pci9118hg
[ 709.968459][T29934] pci9118hr
[ 709.982606][T29934] comedi: valid board names for 8255_pci driver are:
[ 710.029597][T29934] 8255_pci
[ 710.040406][T29934] comedi: valid board names for s526 driver are:
[ 710.058353][T29934] s526
[ 710.066529][T29934] comedi: valid board names for multiq3 driver are:
[ 710.091085][T29934] multiq3
[ 710.103015][T29934] comedi: valid board names for pcmuio driver are:
[ 710.120107][T29934] pcmuio48
[ 710.125789][T29934] pcmuio96
[ 710.151483][T29934] comedi: valid board names for pcmmio driver are:
[ 710.178703][T29934] pcmmio
[ 710.188979][T29934] comedi: valid board names for pcmda12 driver are:
[ 710.216169][T29934] pcmda12
[ 710.216565][T29961] delete_channel: no stack
[ 710.221620][T29934] comedi: valid board names for pcmad driver are:
[ 710.269428][T29934] pcmad12
[ 710.275420][T29934] pcmad16
[ 710.289877][T29934] comedi: valid board names for ni_labpc driver are:
[ 710.303819][T29934] lab-pc-1200
[ 710.334024][T29934] lab-pc-1200ai
[ 710.348680][T29934] lab-pc+
[ 710.353228][T29934] comedi: valid board names for atmio16 driver are:
[ 710.370599][T29934] atmio16
[ 710.378557][T29934] atmio16d
[ 710.389012][T29934] comedi: valid board names for ni_at_ao driver are:
[ 710.426982][T29934] at-ao-6
[ 710.436817][T29934] at-ao-10
[ 710.440127][T29934] comedi: valid board names for ni_at_a2150 driver are:
[ 710.462656][T29934] ni_at_a2150
[ 710.466103][T29934] comedi: valid board names for adq12b driver are:
[ 710.492800][T29934] adq12b
[ 710.514456][T29934] comedi: valid board names for mpc624 driver are:
[ 710.537195][T29934] mpc624
[ 710.544963][T29934] comedi: valid board names for c6xdigio driver are:
[ 710.554492][T29934] c6xdigio
[ 710.557763][T29934] comedi: valid board names for aio_iiro_16 driver are:
[ 710.565800][T29934] aio_iiro_16
[ 710.570697][T29934] comedi: valid board names for aio_aio12_8 driver are:
[ 710.577679][T29934] aio_aio12_8
[ 710.581741][T29934] aio_ai12_8
[ 710.585089][T29934] aio_ao12_4
[ 710.588398][T29934] comedi: valid board names for fl512 driver are:
[ 710.633023][T29934] fl512
[ 710.635995][T29934] comedi: valid board names for dmm32at driver are:
[ 710.642620][T29934] dmm32at
[ 710.667681][T29934] comedi: valid board names for dt282x driver are:
[ 710.674392][T29934] dt2821
[ 710.682391][T29934] dt2821-f
[ 710.685582][T29934] dt2821-g
[ 710.704946][T29934] dt2823
[ 710.715060][T29934] dt2824-pgh
[ 710.720332][T29934] dt2824-pgl
[ 710.724748][T29934] dt2825
[ 710.727773][T29934] dt2827
[ 710.731455][T29934] dt2828
[ 710.734432][T29934] dt2829
[ 710.737394][T29934] dt21-ez
[ 710.742268][T29934] dt23-ez
[ 710.745367][T29934] dt24-ez
[ 710.748414][T29934] dt24-ez-pgl
[ 710.753722][T29934] comedi: valid board names for dt2817 driver are:
[ 710.760454][T29934] dt2817
[ 710.763891][T29934] comedi: valid board names for dt2815 driver are:
[ 710.781660][T29934] dt2815
[ 710.793072][T29934] comedi: valid board names for dt2814 driver are:
[ 710.825496][T29934] dt2814
[ 710.828509][T29934] comedi: valid board names for dt2811 driver are:
[ 710.835074][T29934] dt2811-pgh
[ 710.858839][T29934] dt2811-pgl
[ 710.862385][T29934] comedi: valid board names for dt2801 driver are:
[ 710.900704][T29994] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8567'.
[ 710.922271][T29934] dt2801
[ 710.925309][T29934] comedi: valid board names for das6402 driver are:
[ 710.931943][T29934] das6402-12
[ 710.972572][T29934] das6402-16
[ 710.985858][T29934] comedi: valid board names for das1800 driver are:
[ 710.997155][T29934] das-1701st
[ 711.000499][T29934] das-1701st-da
[ 711.021251][T29934] das-1702st
[ 711.032730][T29934] das-1702st-da
[ 711.058382][T29934] das-1702hr
[ 711.064780][T29934] das-1702hr-da
[ 711.068389][T29934] das-1701ao
[ 711.089946][T29934] das-1702ao
[ 711.098139][T29934] das-1801st
[ 711.101561][T29934] das-1801st-da
[ 711.108298][T29934] das-1802st
[ 711.111660][T29934] das-1802st-da
[ 711.126975][T29934] das-1802hr
[ 711.130330][T29934] das-1802hr-da
[ 711.133909][T29934] das-1801hc
[ 711.136212][T30006] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[ 711.146301][T29934] das-1802hc
[ 711.149948][T29934] das-1801ao
[ 711.153271][T29934] das-1802ao
[ 711.156600][T29934] comedi: valid board names for das800 driver are:
[ 711.187819][T29934] das-800
[ 711.199155][T29934] cio-das800
[ 711.203294][T29934] das-801
[ 711.206365][T29934] cio-das801
[ 711.215426][T29934] das-802
[ 711.218533][T29934] cio-das802
[ 711.223610][T29934] cio-das802/16
[ 711.227203][T29934] comedi: valid board names for isa-das08 driver are:
[ 711.235865][T29934] isa-das08
[ 711.239112][T29934] das08-pgm
[ 711.242696][T29934] das08-pgh
[ 711.249222][T29934] das08-pgl
[ 711.252661][T29934] das08-aoh
[ 711.268967][T29934] das08-aol
[ 711.272239][T29934] das08-aom
[ 711.285564][T29934] das08/jr-ao
[ 711.292674][T29934] das08jr-16-ao
[ 711.296663][T29934] pc104-das08
[ 711.300067][T29934] das08jr/16
[ 711.303377][T29934] comedi: valid board names for das16m1 driver are:
[ 711.323914][T29934] das16m1
[ 711.327019][T29934] comedi: valid board names for dac02 driver are:
[ 711.339429][T29934] dac02
[ 711.343710][T29934] comedi: valid board names for rti802 driver are:
[ 711.368446][T29934] rti802
[ 711.382337][T29934] comedi: valid board names for rti800 driver are:
[ 711.388908][T29934] rti800
[ 711.397721][T29934] rti815
[ 711.400726][T29934] comedi: valid board names for pcm3724 driver are:
[ 711.410278][T29934] pcm3724
[ 711.417665][T29934] comedi: valid board names for pcl818 driver are:
[ 711.426388][T29934] pcl818l
[ 711.429524][T29934] pcl818h
[ 711.432654][T29934] pcl818hd
[ 711.439323][T29934] pcl818hg
[ 711.442544][T29934] pcl818
[ 711.448030][T29934] pcl718
[ 711.451565][T29934] pcm3718
[ 711.455046][T29934] comedi: valid board names for pcl816 driver are:
[ 711.477799][T29934] pcl816
[ 711.480810][T29934] pcl814b
[ 711.483878][T29934] comedi: valid board names for pcl812 driver are:
[ 711.529507][T29934] pcl812
[ 711.541306][T29934] pcl812pg
[ 711.545879][T29934] acl8112pg
[ 711.549121][T29934] acl8112dg
[ 711.552812][T29934] acl8112hg
[ 711.556038][T29934] a821pgl
[ 711.559092][T29934] a821pglnda
[ 711.562441][T29934] a821pgh
[ 711.570708][T29934] a822pgl
[ 711.574045][T29934] a822pgh
[ 711.577186][T29934] a823pgl
[ 711.580733][T29934] a823pgh
[ 711.584221][T29934] pcl813
[ 711.619834][T29934] pcl813b
[ 711.623102][T29934] acl8113
[ 711.626160][T29934] iso813
[ 711.665048][T29934] acl8216
[ 711.668156][T29934] a826pg
[ 711.685377][T29934] comedi: valid board names for pcl730 driver are:
[ 711.702335][T29934] pcl730
[ 711.705375][T29934] iso730
[ 711.708345][T29934] acl7130
[ 711.711395][T29934] pcm3730
[ 711.735010][T29934] pcl725
[ 711.738025][T29934] p8r8dio
[ 711.765237][T29934] acl7225b
[ 711.776961][T29934] p16r16dio
[ 711.780231][T29934] pcl733
[ 711.783196][T29934] pcl734
[ 711.786161][T29934] opmm-1616-xt
[ 711.809558][T29934] pearl-mm-p
[ 711.814390][T29934] ir104-pbf
[ 711.814406][T29934] comedi: valid board names for pcl726 driver are:
[ 711.814420][T29934] pcl726
[ 711.814429][T29934] pcl727
[ 711.814436][T29934] pcl728
[ 711.814443][T29934] acl6126
[ 711.814451][T29934] acl6128
[ 711.814460][T29934] comedi: valid board names for pcl724 driver are:
[ 711.814469][T29934] pcl724
[ 711.814476][T29934] pcl722
[ 711.814484][T29934] pcl731
[ 711.814491][T29934] acl7122
[ 711.814499][T29934] acl7124
[ 711.814507][T29934] pet48dio
[ 711.814516][T29934] pcmio48
[ 711.814524][T29934] onyx-mm-dio
[ 711.814532][T29934] comedi: valid board names for pcl711 driver are:
[ 711.814542][T29934] pcl711
[ 711.814550][T29934] pcl711b
[ 711.814558][T29934] acl8112hg
[ 711.814566][T29934] acl8112dg
[ 711.814575][T29934] comedi: valid board names for amplc_pc263 driver are:
[ 711.814585][T29934] pc263
[ 711.814593][T29934] comedi: valid board names for amplc_pc236 driver are:
[ 711.814603][T29934] pc36at
[ 711.814611][T29934] comedi: valid board names for amplc_dio200 driver are:
[ 711.814622][T29934] pc212e
[ 711.814630][T29934] pc214e
[ 711.814638][T29934] pc215e
[ 711.814646][T29934] pc218e
[ 711.814653][T29934] pc272e
[ 711.814661][T29934] comedi: valid board names for comedi_parport driver are:
[ 711.814672][T29934] comedi_parport
[ 711.814680][T29934] comedi: valid board names for comedi_test driver are:
[ 711.814689][T29934] comedi_test
[ 711.814698][T29934] comedi: valid board names for comedi_bond driver are:
[ 711.980622][T29934] comedi_bond
[ 712.697170][T30070] ieee802154 phy0 wpan0: encryption failed: -22
[ 713.664131][T30119] loop2: detected capacity change from 0 to 256
[ 713.712993][T30119] exfat: Deprecated parameter 'namecase'
[ 713.718788][T30119] exfat: Deprecated parameter 'utf8'
[ 713.760665][T30127] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8611'.
[ 713.808293][T30119] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[ 713.824693][T30127] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8611'.
[ 713.872338][T30127] netlink: 56 bytes leftover after parsing attributes in process `syz.3.8611'.
[ 714.507084][T30167] PKCS7: Unknown OID: [4] 0.0
[ 714.523347][T30167] PKCS7: Only support pkcs7_signedData type
[ 714.645068][T30171] netlink: 'syz.2.8625': attribute type 1 has an invalid length.
[ 714.653552][T30173] tmpfs: Bad value for 'mpol'
[ 714.674342][T30171] netlink: 224 bytes leftover after parsing attributes in process `syz.2.8625'.
[ 714.889232][T30181] bridge7: entered allmulticast mode
[ 714.896772][T30186] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8629'.
[ 715.290912][T30159] loop3: detected capacity change from 0 to 32768
[ 715.317841][T30159] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.8621 (30159)
[ 715.356502][T30159] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 715.388792][T30159] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[ 715.421274][T30159] BTRFS info (device loop3): using free space tree
[ 715.603029][T30159] BTRFS info (device loop3): enabling ssd optimizations
[ 715.646985][T30159] BTRFS info (device loop3): auto enabling async discard
[ 715.889180][T30159] BTRFS info (device loop3): resizing devid 73709551615
[ 715.905309][T30159] BTRFS info (device loop3): resizer unable to find device 73709551615
[ 716.065266][ T5784] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 716.576782][T30275] netlink: 'syz.2.8652': attribute type 1 has an invalid length.
[ 716.610289][T30275] netlink: 216 bytes leftover after parsing attributes in process `syz.2.8652'.
[ 717.826564][T30278] loop3: detected capacity change from 0 to 32768
[ 717.910407][T30278] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 718.177275][T30278] XFS (loop3): Ending clean mount
[ 718.369132][ T5784] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 718.678929][T30371] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 718.967372][T30352] loop0: detected capacity change from 0 to 32768
[ 719.068589][T30352] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 719.079617][T30386] netlink: 'syz.3.8682': attribute type 3 has an invalid length.
[ 719.194947][T30352] OCFS2: ERROR (device loop0): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature �������
[ 719.302026][T30352] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 719.318421][T30397] loop3: detected capacity change from 0 to 128
[ 719.343520][T30352] OCFS2: File system is now read-only.
[ 719.357851][T30352] (syz.0.8674,30352,0):ocfs2_find_entry_dx:1029 ERROR: status = -30
[ 719.520583][T30405] loop2: detected capacity change from 0 to 128
[ 719.573214][T30405] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 719.596778][ T5785] ocfs2: Unmounting device (7,0) on (node local)
[ 719.616347][T30405] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 719.697483][T30405] ext4 filesystem being mounted at /2228/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 719.807066][ T5786] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 720.329684][T30448] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[ 720.371358][T30448] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 720.616471][T30464] loop2: detected capacity change from 0 to 8
[ 720.695024][T30464] SQUASHFS error: Unable to read directory block [1d0:0]
[ 720.829580][T30479] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8708'.
[ 720.902119][T30471] Bluetooth: hci0: unexpected event for opcode 0x2005
[ 721.051630][T30492] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8714'.
[ 721.104420][T30495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8715'.
[ 721.682437][T30522] loop2: detected capacity change from 0 to 4096
[ 721.856251][T30522] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[ 722.302592][T30559] netlink: 64 bytes leftover after parsing attributes in process `syz.5.8734'.
[ 722.396958][T30564] program syz.0.8736 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 722.426970][T30564] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 722.896289][T30471] Bluetooth: hci3: command 0x0406 tx timeout
[ 722.916200][T30591] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8745'.
[ 722.922850][T30584] loop2: detected capacity change from 0 to 4096
[ 722.962282][T30584] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[ 723.302952][T30602] xt_bpf: check failed: parse error
[ 723.702606][T30576] loop0: detected capacity change from 0 to 32768
[ 723.790954][T30576] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 723.865399][T30639] netlink: 'syz.3.8757': attribute type 29 has an invalid length.
[ 724.077968][T30576] XFS (loop0): Ending clean mount
[ 724.118530][T30576] XFS (loop0): Quotacheck needed: Please wait.
[ 724.240289][T30576] XFS (loop0): Quotacheck: Done.
[ 724.358291][ T5785] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 724.384897][T30656] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8761'.
[ 724.394506][T30656] openvswitch: netlink: Message has 8 unknown bytes.
[ 724.639444][T30660] loop3: detected capacity change from 0 to 4096
[ 724.713423][T30660] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 724.986530][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 725.126533][T30689] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.8771'.
[ 725.750536][T30726] netlink: 'syz.3.8781': attribute type 3 has an invalid length.
[ 725.758464][T30726] netlink: 132 bytes leftover after parsing attributes in process `syz.3.8781'.
[ 725.782359][T30727] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8782'.
[ 726.465508][T30764] qrtr: Invalid version 195
[ 726.522656][T30771] netlink: 'syz.5.8795': attribute type 21 has an invalid length.
[ 726.583525][T30771] netlink: 'syz.5.8795': attribute type 20 has an invalid length.
[ 726.591683][T30771] IPv6: NLM_F_CREATE should be specified when creating new route
[ 726.998655][T30794] delete_channel: no stack
[ 727.006176][T30799] comedi comedi0: dt2815: I/O port conflict (0x3,2)
[ 727.495071][T30828] ip6t_REJECT: TCP_RESET illegal for non-tcp
[ 728.079461][T30849] netlink: 128 bytes leftover after parsing attributes in process `syz.2.8821'.
[ 728.122911][T30849] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 728.353594][T30834] loop3: detected capacity change from 0 to 40427
[ 728.373918][T30834] F2FS-fs (loop3): Invalid log sectors per block(0) log sectorsize(9)
[ 728.382659][T30834] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 728.397426][T30834] F2FS-fs (loop3): invalid crc value
[ 728.529703][T30834] F2FS-fs (loop3): Try to recover 1th superblock, ret: -30
[ 728.539149][T30834] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 728.581055][T30834] F2FS-fs (loop3): Try to recover all the superblocks, ret: 0
[ 728.956174][ T28] audit: type=1326 audit(1756509934.072:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30871 comm="syz.5.8826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 729.015511][ T28] audit: type=1326 audit(1756509934.072:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30871 comm="syz.5.8826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 729.074558][ T28] audit: type=1326 audit(1756509934.119:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30871 comm="syz.5.8826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 729.138662][ T28] audit: type=1326 audit(1756509934.119:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30871 comm="syz.5.8826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 729.211421][ T28] audit: type=1326 audit(1756509934.119:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30871 comm="syz.5.8826" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 729.566141][ T28] audit: type=1326 audit(1756509934.642:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30896 comm="syz.5.8834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 729.641713][ T28] audit: type=1326 audit(1756509934.642:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30896 comm="syz.5.8834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 729.672016][ T28] audit: type=1326 audit(1756509934.680:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30896 comm="syz.5.8834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 729.701402][ T28] audit: type=1326 audit(1756509934.680:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30896 comm="syz.5.8834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 729.731902][ T28] audit: type=1326 audit(1756509934.680:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30896 comm="syz.5.8834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 730.020060][T30881] loop2: detected capacity change from 0 to 32768
[ 730.067462][T30881] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 730.332026][T30881] XFS (loop2): Ending clean mount
[ 730.352450][T30881] XFS (loop2): Quotacheck needed: Please wait.
[ 730.481853][T30881] XFS (loop2): Quotacheck: Done.
[ 730.695726][ T5786] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 730.699483][T30946] bridge0: port 2(bridge_slave_1) entered disabled state
[ 730.717957][T30946] bridge_slave_1: left allmulticast mode
[ 730.724571][T30946] bridge_slave_1: left promiscuous mode
[ 730.733147][T30946] bridge0: port 2(bridge_slave_1) entered disabled state
[ 730.758295][T30946] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[ 732.713185][T31056] loop2: detected capacity change from 0 to 16
[ 732.748520][T31056] erofs: DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[ 732.989017][T31064] netlink: 11 bytes leftover after parsing attributes in process `syz.3.8882'.
[ 733.243945][T31056] erofs: DAX unsupported by block device. Turning off DAX.
[ 733.262501][T31056] erofs: (device loop2): mounted with root inode @ nid 36.
[ 733.765275][T31088] xt_HMARK: spi-set and port-set can't be combined
[ 734.440027][T31121] netlink: 'syz.3.8899': attribute type 1 has an invalid length.
[ 734.590242][T31128] loop2: detected capacity change from 0 to 1024
[ 734.632408][T31128] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[ 734.670898][T31128] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[ 734.714245][T31128] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 734.751579][T31128] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #3: comm syz.2.8902: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 2, max 15(4), depth 0(0)
[ 734.808629][T31128] EXT4-fs (loop2): no journal found
[ 734.826526][T31139] RDS: rds_bind could not find a transport for fe88::104, load rds_tcp or rds_rdma?
[ 734.841965][T31128] EXT4-fs (loop2): can't get journal size
[ 734.884516][T31128] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 735.164115][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 735.780813][T31145] loop3: detected capacity change from 0 to 32768
[ 735.788777][T31145] XFS: attr2 mount option is deprecated.
[ 735.828311][T31145] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[ 735.846183][T31145] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 736.099808][T31145] XFS (loop3): Ending clean mount
[ 736.117658][T31145] XFS (loop3): Quotacheck needed: Please wait.
[ 736.244093][T31145] XFS (loop3): Quotacheck: Done.
[ 736.576733][ T5784] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 737.368049][T31257] netlink: 'syz.5.8929': attribute type 21 has an invalid length.
[ 737.386305][T31257] netlink: 132 bytes leftover after parsing attributes in process `syz.5.8929'.
[ 737.400752][T31257] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8929'.
[ 737.626117][T20226] usb 3-1: new full-speed USB device number 33 using dummy_hcd
[ 737.841215][T31282] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[ 737.846803][T20226] usb 3-1: config 8 has an invalid interface number: 223 but max is 0
[ 737.879522][T20226] usb 3-1: config 8 contains an unexpected descriptor of type 0x1, skipping
[ 737.906150][T20226] usb 3-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 737.928757][T20226] usb 3-1: config 8 has no interface number 0
[ 737.947597][T20226] usb 3-1: config 8 interface 223 altsetting 0 endpoint 0x7 has invalid maxpacket 15872, setting to 64
[ 737.983271][T20226] usb 3-1: config 8 interface 223 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 738.044552][T20226] usb 3-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d
[ 738.053692][T20226] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 738.109531][T20226] usb 3-1: Product: syz
[ 738.113771][T20226] usb 3-1: Manufacturer: syz
[ 738.118415][T20226] usb 3-1: SerialNumber: syz
[ 738.442414][T20226] usb 3-1: USB disconnect, device number 33
[ 738.731622][T31326] netlink: 84 bytes leftover after parsing attributes in process `syz.0.8944'.
[ 738.822296][T31330] sctp: [Deprecated]: syz.3.8945 (pid 31330) Use of int in max_burst socket option.
[ 738.822296][T31330] Use struct sctp_assoc_value instead
[ 739.185563][T31343] loop0: detected capacity change from 0 to 2048
[ 739.218080][T31343] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 739.294732][T31354] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 739.310635][T31343] syz.0.8949: attempt to access beyond end of device
[ 739.310635][T31343] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[ 739.448785][T31343] syz.0.8949: attempt to access beyond end of device
[ 739.448785][T31343] loop0: rw=0, sector=9437254, nr_sectors = 2 limit=2048
[ 739.475342][T31343] NILFS (loop0): I/O error reading meta-data file (ino=6, block-offset=0)
[ 740.595568][T31419] loop3: detected capacity change from 0 to 128
[ 741.185126][T31400] loop0: detected capacity change from 0 to 32768
[ 741.246718][T31400] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 741.459803][T31400] XFS (loop0): Ending clean mount
[ 741.478896][T31400] XFS (loop0): Quotacheck needed: Please wait.
[ 741.664000][T31477] loop2: detected capacity change from 0 to 256
[ 741.683954][T31477] exfat: Deprecated parameter 'namecase'
[ 741.695846][T31400] XFS (loop0): Quotacheck: Done.
[ 741.717509][T31477] exfat: Deprecated parameter 'namecase'
[ 741.751231][T31477] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[ 742.016262][ T5785] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 742.919216][T31524] loop0: detected capacity change from 0 to 4096
[ 742.998638][T31539] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 743.299541][T31544] loop2: detected capacity change from 0 to 4096
[ 743.383575][T31544] NILFS (loop2): invalid segment: Checksum error in segment payload
[ 743.395758][T31544] NILFS (loop2): trying rollback from an earlier position
[ 743.420923][T31544] NILFS (loop2): recovery complete
[ 743.831665][T31576] loop2: detected capacity change from 0 to 164
[ 743.874158][T31576] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 744.329949][T31606] netlink: 'syz.2.9024': attribute type 21 has an invalid length.
[ 744.337888][T31606] netlink: 'syz.2.9024': attribute type 6 has an invalid length.
[ 744.378602][T31606] netlink: 132 bytes leftover after parsing attributes in process `syz.2.9024'.
[ 744.586673][T31622] netlink: 'syz.0.9030': attribute type 1 has an invalid length.
[ 744.605501][T31622] netlink: 154788 bytes leftover after parsing attributes in process `syz.0.9030'.
[ 744.631892][T31623] loop3: detected capacity change from 0 to 1764
[ 745.612341][T31686] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 745.900399][T31703] loop0: detected capacity change from 0 to 128
[ 745.942849][T31703] FAT-fs (loop0): Directory bread(block 32) failed
[ 745.976190][T31703] FAT-fs (loop0): Directory bread(block 33) failed
[ 745.985189][T31703] FAT-fs (loop0): Directory bread(block 34) failed
[ 745.993758][T31703] FAT-fs (loop0): Directory bread(block 35) failed
[ 746.007362][T31703] FAT-fs (loop0): Directory bread(block 36) failed
[ 746.017228][T31703] FAT-fs (loop0): Directory bread(block 37) failed
[ 746.029334][T31703] FAT-fs (loop0): Directory bread(block 38) failed
[ 746.038239][T31703] FAT-fs (loop0): Directory bread(block 39) failed
[ 746.048272][T31703] FAT-fs (loop0): Directory bread(block 40) failed
[ 746.067237][T31710] netlink: 32 bytes leftover after parsing attributes in process `syz.3.9056'.
[ 746.069238][T31703] FAT-fs (loop0): Directory bread(block 41) failed
[ 746.076436][T31710] netlink: 32 bytes leftover after parsing attributes in process `syz.3.9056'.
[ 746.247094][T31715] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9065'.
[ 746.300146][T31703] syz.0.9053: attempt to access beyond end of device
[ 746.300146][T31703] loop0: rw=0, sector=4108, nr_sectors = 4 limit=128
[ 746.314451][T31703] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 196)
[ 746.323628][T31703] FAT-fs (loop0): Filesystem has been set read-only
[ 747.535239][T31782] loop3: detected capacity change from 0 to 4096
[ 747.555052][T31782] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[ 747.760072][T31798] netlink: 'syz.2.9084': attribute type 4 has an invalid length.
[ 747.812776][T31782] ntfs3: loop3: failed to convert "c46c" to cp863
[ 748.079559][T31815] loop3: detected capacity change from 0 to 512
[ 748.081590][T31813] pim6reg: entered allmulticast mode
[ 748.103356][T31814] loop0: detected capacity change from 0 to 2048
[ 748.122065][T31815] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[ 748.162622][T31814] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 748.172939][T31815] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[ 748.183835][T31815] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 748.219390][T31824] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 748.230055][T31815] EXT4-fs error (device loop3): ext4_orphan_get:1425: comm syz.3.9087: bad orphan inode 267
[ 748.240393][T31815] EXT4-fs (loop3): Remounting filesystem read-only
[ 748.240862][T31814] syz.0.9089: attempt to access beyond end of device
[ 748.240862][T31814] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[ 748.290265][T31815] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[ 748.341989][T31815] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.9087: dx entry: limit 0 != root limit 125
[ 748.342839][T31814] syz.0.9089: attempt to access beyond end of device
[ 748.342839][T31814] loop0: rw=0, sector=9437254, nr_sectors = 2 limit=2048
[ 748.357042][T31815] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.9087: Corrupt directory, running e2fsck is recommended
[ 748.402193][T31814] NILFS (loop0): I/O error reading meta-data file (ino=6, block-offset=0)
[ 748.492779][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[ 748.629056][T31839] loop0: detected capacity change from 0 to 1024
[ 749.144610][T31869] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9100'.
[ 749.172796][T31869] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9100'.
[ 749.247342][T31873] netlink: 14 bytes leftover after parsing attributes in process `syz.2.9102'.
[ 749.287378][T31873] veth1_vlan: left allmulticast mode
[ 749.313585][T31873] veth1_vlan: left promiscuous mode
[ 749.381636][T31873] bond0: (slave macvlan0): Releasing backup interface
[ 750.308665][T31934] netlink: 'syz.3.9122': attribute type 1 has an invalid length.
[ 750.322287][T31916] loop2: detected capacity change from 0 to 8192
[ 750.329664][T31934] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.9122'.
[ 750.369284][T31916] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 750.399503][T31916] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[ 750.409487][T31916] REISERFS (device loop2): using ordered data mode
[ 750.418875][T31916] reiserfs: using flush barriers
[ 750.429728][T31916] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 750.488788][T31916] REISERFS (device loop2): checking transaction log (loop2)
[ 750.559427][T31916] REISERFS (device loop2): Using rupasov hash to sort names
[ 751.220887][T31978] loop2: detected capacity change from 0 to 512
[ 751.229313][T31981] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[ 751.240118][T31982] netlink: 14 bytes leftover after parsing attributes in process `syz.5.9134'.
[ 751.325680][T31978] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 751.396542][T31978] ext4 filesystem being mounted at /2337/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 751.438078][T31978] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz.2.9135: invalid size
[ 751.489706][T31995] loop3: detected capacity change from 0 to 64
[ 751.551238][ T5786] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 753.264278][T32055] loop3: detected capacity change from 0 to 32768
[ 753.304799][T32055] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 753.414435][T32055] XFS (loop3): Ending clean mount
[ 753.548104][T32112] loop0: detected capacity change from 0 to 256
[ 753.596519][T32116] netlink: 'syz.2.9171': attribute type 21 has an invalid length.
[ 753.606224][T32116] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 753.613633][T32116] IPv6: NLM_F_CREATE should be set when creating new route
[ 753.621069][T32116] IPv6: NLM_F_CREATE should be set when creating new route
[ 753.628327][T32116] IPv6: NLM_F_CREATE should be set when creating new route
[ 753.647508][ T5784] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 753.732947][T32112] FAT-fs (loop0): Directory bread(block 64) failed
[ 753.741458][T32112] FAT-fs (loop0): Directory bread(block 65) failed
[ 753.756702][T32112] FAT-fs (loop0): Directory bread(block 66) failed
[ 753.791112][T32112] FAT-fs (loop0): Directory bread(block 67) failed
[ 753.800442][T32112] FAT-fs (loop0): Directory bread(block 68) failed
[ 753.820378][T32112] FAT-fs (loop0): Directory bread(block 69) failed
[ 753.845846][T32112] FAT-fs (loop0): Directory bread(block 70) failed
[ 753.852799][T32112] FAT-fs (loop0): Directory bread(block 71) failed
[ 753.865297][T32112] FAT-fs (loop0): Directory bread(block 72) failed
[ 753.899198][T32112] FAT-fs (loop0): Directory bread(block 73) failed
[ 753.907445][T32122] loop2: detected capacity change from 0 to 256
[ 753.931426][T32122] exfat: Deprecated parameter 'namecase'
[ 753.951606][T32122] exfat: Deprecated parameter 'namecase'
[ 753.972913][T32122] exfat: Deprecated parameter 'namecase'
[ 754.002371][T32122] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[ 754.083703][T32122] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[ 754.377324][T32138] loop2: detected capacity change from 0 to 1024
[ 754.406688][T32138] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[ 754.955551][T32173] netlink: 460 bytes leftover after parsing attributes in process `syz.3.9186'.
[ 755.589646][T32207] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9196'.
[ 755.628818][ T28] kauditd_printk_skb: 15 callbacks suppressed
[ 755.628836][ T28] audit: type=1326 audit(1756509959.019:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32213 comm="syz.3.9198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 755.690766][ T28] audit: type=1326 audit(1756509959.019:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32213 comm="syz.3.9198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 755.736843][ T28] audit: type=1326 audit(1756509959.066:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32213 comm="syz.3.9198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 755.804562][ T28] audit: type=1326 audit(1756509959.066:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32213 comm="syz.3.9198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 755.867692][T32222] loop3: detected capacity change from 0 to 128
[ 755.881180][ T28] audit: type=1326 audit(1756509959.066:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32213 comm="syz.3.9198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc03238ebe9 code=0x7ffc0000
[ 755.922838][T32222] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 756.015290][T32222] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 756.112320][T32222] afs: Unexpected value for 'dyn'
[ 756.393959][T32253] netlink: 80 bytes leftover after parsing attributes in process `syz.3.9207'.
[ 756.799091][T32277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9215'.
[ 756.823165][T32277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9215'.
[ 757.215983][T32302] cgroup: Unknown subsys name 'smackfshat'
[ 757.411388][T32314] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9228'.
[ 757.547412][T32323] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9231'.
[ 757.657709][T32323] veth3: entered allmulticast mode
[ 758.092873][T32363] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9240'.
[ 758.714655][T32404] netlink: 'syz.3.9253': attribute type 5 has an invalid length.
[ 759.333190][ T28] audit: type=1326 audit(1756509962.480:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32439 comm="syz.0.9264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 759.393975][ T28] audit: type=1326 audit(1756509962.508:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32439 comm="syz.0.9264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 759.438560][ T28] audit: type=1326 audit(1756509962.517:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32439 comm="syz.0.9264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 759.473688][ T28] audit: type=1326 audit(1756509962.517:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32439 comm="syz.0.9264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 759.496611][ T28] audit: type=1326 audit(1756509962.517:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32439 comm="syz.0.9264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efab8ebe9 code=0x7ffc0000
[ 760.427762][T32483] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9274'.
[ 761.166787][T32524] netlink: 64 bytes leftover after parsing attributes in process `syz.0.9287'.
[ 761.270249][T32530] loop3: detected capacity change from 0 to 136
[ 761.290153][T32530] Attempt to read inode for relocated directory
[ 761.964650][T32578] loop0: detected capacity change from 0 to 64
[ 762.039251][T32578] syz.0.9301: attempt to access beyond end of device
[ 762.039251][T32578] loop0: rw=0, sector=3072, nr_sectors = 2 limit=64
[ 762.632239][ T9] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 762.771918][T32625] ip6t_srh: unknown srh match flags 4001
[ 762.858971][ T9] usb 3-1: config 1 has an invalid interface number: 28 but max is 0
[ 762.895740][ T9] usb 3-1: config 1 has no interface number 0
[ 762.917361][ T9] usb 3-1: config 1 interface 28 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0
[ 762.943850][ T9] usb 3-1: config 1 interface 28 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 0
[ 762.957794][ T9] usb 3-1: config 1 interface 28 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64
[ 762.969468][ T9] usb 3-1: config 1 interface 28 has no altsetting 0
[ 763.008990][ T9] usb 3-1: New USB device found, idVendor=045e, idProduct=0473, bcdDevice=e4.34
[ 763.029813][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 763.043980][ T9] usb 3-1: Product: syz
[ 763.048297][ T9] usb 3-1: Manufacturer: syz
[ 763.051986][T32640] xt_cluster: node mask cannot exceed total number of nodes
[ 763.063130][ T9] usb 3-1: SerialNumber: syz
[ 763.090014][T32600] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 763.147255][ T9] ipaq 3-1:1.28: PocketPC PDA converter detected
[ 763.197883][T32637] bond6: entered allmulticast mode
[ 763.215724][T32637] 8021q: adding VLAN 0 to HW filter on device bond6
[ 763.382298][ T9] usb 3-1: PocketPC PDA converter now attached to ttyUSB0
[ 763.594113][ T9] usb 3-1: USB disconnect, device number 34
[ 763.636592][ T9] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0
[ 763.671599][ T9] ipaq 3-1:1.28: device disconnected
[ 763.921093][T32728] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9331'.
[ 764.127802][T32736] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9333'.
[ 764.155940][T32736] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 764.163300][T32736] IPv6: NLM_F_CREATE should be set when creating new route
[ 764.170602][T32736] IPv6: NLM_F_CREATE should be set when creating new route
[ 764.621149][T32763] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.9341'.
[ 764.623766][T32765] netlink: 'syz.2.9343': attribute type 8 has an invalid length.
[ 764.917480][ T315] netlink: 'syz.2.9347': attribute type 1 has an invalid length.
[ 764.941452][ T315] netlink: 'syz.2.9347': attribute type 2 has an invalid length.
[ 764.961301][ T315] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9347'.
[ 765.068259][ T324] xt_hashlimit: overflow, try lower: 18446744073709551614/15680
[ 765.821652][ T354] loop2: detected capacity change from 0 to 4096
[ 766.160692][ T334] loop0: detected capacity change from 0 to 32768
[ 766.250748][ T334] JBD2: Ignoring recovery information on journal
[ 766.294053][ T377] xt_ecn: cannot match TCP bits for non-tcp packets
[ 766.338682][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 766.345291][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 766.438206][ T334] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 766.715514][ T392] 8021q: adding VLAN 0 to HW filter on device bond2
[ 766.743693][ T334] syz.0.9354 (334) used greatest stack depth: 18992 bytes left
[ 766.889793][ T5785] ocfs2: Unmounting device (7,0) on (node local)
[ 767.591819][ T474] netlink: 40 bytes leftover after parsing attributes in process `syz.2.9382'.
[ 767.900239][ T484] loop0: detected capacity change from 0 to 4096
[ 767.925364][ T484] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[ 767.986932][ T484] ntfs3: loop0: MFT: r=18, expect seq=1 instead of 0!
[ 768.004922][ T484] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[ 768.023929][ T484] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[ 768.064783][ T500] geneve4: entered promiscuous mode
[ 768.092043][ T500] geneve4: entered allmulticast mode
[ 768.709842][ T539] cgroup: none used incorrectly
[ 768.907124][ T544] nvme_fabrics: missing parameter 'transport=%s'
[ 768.926083][ T544] nvme_fabrics: missing parameter 'nqn=%s'
[ 769.088187][ T560] netlink: 'syz.3.9408': attribute type 10 has an invalid length.
[ 769.096676][ T560] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[ 769.104541][ T560] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[ 769.112262][ T560] bridge0: port 3(netdevsim0) entered disabled state
[ 769.151823][ T560] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 770.607950][ T28] audit: type=1400 audit(1756509973.031:329): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A3A0AE10CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=644 comm="syz.3.9435"
[ 771.281238][ T680] netlink: 132 bytes leftover after parsing attributes in process `syz.2.9445'.
[ 771.363971][ T685] loop0: detected capacity change from 0 to 64
[ 771.806420][ T5870] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 772.042332][ T5870] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[ 772.072206][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 772.080274][ T5870] usb 4-1: Product: syz
[ 772.092915][ T5870] usb 4-1: Manufacturer: syz
[ 772.118406][ T5870] usb 4-1: SerialNumber: syz
[ 772.138089][ T5870] usb 4-1: config 0 descriptor??
[ 772.378703][ T5870] hso 4-1:0.0: Failed to find BULK IN ep
[ 772.413609][ T5870] usb-storage 4-1:0.0: USB Mass Storage device detected
[ 772.674023][T20227] usb 4-1: USB disconnect, device number 31
[ 772.763008][ T773] netlink: 'syz.2.9469': attribute type 8 has an invalid length.
[ 773.094361][ T791] netlink: 1088 bytes leftover after parsing attributes in process `syz.2.9474'.
[ 773.287790][ T798] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9476'.
[ 773.341360][ T798] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9476'.
[ 773.837677][ T28] audit: type=1400 audit(1756509976.043:330): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=26260A3A0CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A2F2C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=824 comm="syz.3.9485"
[ 774.368967][ T861] netlink: 52 bytes leftover after parsing attributes in process `syz.0.9495'.
[ 774.927061][ T889] binder: 887:889 ioctl c018620b 0 returned -14
[ 775.284336][ T919] loop2: detected capacity change from 0 to 256
[ 775.324979][ T922] loop3: detected capacity change from 0 to 256
[ 775.374735][ T919] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x586fd6de, utbl_chksum : 0xe619d30d)
[ 776.482800][ T1000] xt_hashlimit: Unknown mode mask E2, kernel too old?
[ 778.044822][ T28] audit: type=1326 audit(1756509979.991:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1090 comm="syz.2.9560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605838ebe9 code=0x7ffc0000
[ 778.133657][ T28] audit: type=1326 audit(1756509979.991:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1090 comm="syz.2.9560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605838ebe9 code=0x7ffc0000
[ 778.188751][ T28] audit: type=1326 audit(1756509980.028:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1090 comm="syz.2.9560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f605838ebe9 code=0x7ffc0000
[ 778.242946][ T28] audit: type=1326 audit(1756509980.028:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1090 comm="syz.2.9560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605838ebe9 code=0x7ffc0000
[ 778.336654][ T28] audit: type=1326 audit(1756509980.028:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1090 comm="syz.2.9560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605838ebe9 code=0x7ffc0000
[ 778.513077][ T1101] loop2: detected capacity change from 0 to 4096
[ 778.618102][ T1101] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[ 778.716484][ T1101] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[ 779.298974][ T1133] netlink: 'syz.3.9572': attribute type 15 has an invalid length.
[ 779.306901][ T1133] netlink: 25 bytes leftover after parsing attributes in process `syz.3.9572'.
[ 779.541587][ T1155] loop0: detected capacity change from 0 to 16
[ 779.588769][ T1155] erofs: (device loop0): mounted with root inode @ nid 36.
[ 779.642806][ T1155] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 32811 of nid 36
[ 779.919004][ T1170] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9581'.
[ 779.928199][ T1170] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9581'.
[ 780.273628][ T1180] bond7: entered allmulticast mode
[ 780.463570][ T1154] loop3: detected capacity change from 0 to 32768
[ 780.498346][ T1154] XFS: noikeep mount option is deprecated.
[ 780.550000][ T1154] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 780.791831][ T1154] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[ 780.796904][ T1251] netlink: 'syz.0.9591': attribute type 1 has an invalid length.
[ 780.859658][ T1251] netlink: 146340 bytes leftover after parsing attributes in process `syz.0.9591'.
[ 780.901633][ T1154] XFS (loop3): Starting recovery (logdev: internal)
[ 780.961612][ T1256] ALSA: mixer_oss: invalid OSS volume ''
[ 780.963148][ T1154] XFS (loop3): Ending recovery (logdev: internal)
[ 781.022210][ T1154] XFS (loop3): Metadata corruption detected at xfs_btree_lookup_get_block+0x516/0x640, xfs_finobt block 0x20
[ 781.053351][ T1154] XFS (loop3): Unmount and run xfs_repair
[ 781.059483][ T1154] XFS (loop3): Failed to initialize disk quotas.
[ 781.163717][ T1154] XFS (loop3): Metadata corruption detected at xfs_btree_lookup_get_block+0x516/0x640, xfs_finobt block 0x20
[ 781.231108][ T1154] XFS (loop3): Unmount and run xfs_repair
[ 781.328990][ T5784] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 781.562421][ T1286] sock: sock_timestamping_bind_phc: sock not bind to device
[ 781.597809][ T1287] cgroup: Unknown subsys name 'smackfshat'
[ 781.839070][ T28] audit: type=1326 audit(1756509983.536:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1295 comm="syz.5.9605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 781.937372][ T28] audit: type=1326 audit(1756509983.536:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1295 comm="syz.5.9605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 781.966308][ T1302] netlink: 'syz.2.9607': attribute type 5 has an invalid length.
[ 782.030127][ T28] audit: type=1326 audit(1756509983.592:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1295 comm="syz.5.9605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 782.121517][ T28] audit: type=1326 audit(1756509983.592:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1295 comm="syz.5.9605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 782.144176][ T28] audit: type=1326 audit(1756509983.592:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1295 comm="syz.5.9605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e92d8ebe9 code=0x7ffc0000
[ 782.315523][ T1318] comedi comedi1: adq12b: I/O port conflict (0x22f00,16)
[ 783.138489][ T1370] loop0: detected capacity change from 0 to 1024
[ 783.152509][ T1372] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9629'.
[ 783.219065][ T1370] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 783.255934][ T1372] ==================================================================
[ 783.264069][ T1372] BUG: KASAN: slab-use-after-free in __xfrm_state_lookup+0x6b2/0x8d0
[ 783.272181][ T1372] Read of size 2 at addr ffff88805b8d6522 by task syz.3.9629/1372
[ 783.280016][ T1372]
[ 783.282368][ T1372] CPU: 1 PID: 1372 Comm: syz.3.9629 Not tainted syzkaller #0
[ 783.289774][ T1372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 783.299862][ T1372] Call Trace:
[ 783.303255][ T1372]
[ 783.306210][ T1372] dump_stack_lvl+0x16c/0x230
[ 783.310930][ T1372] ? __lock_acquire+0x7c80/0x7c80
[ 783.315992][ T1372] ? show_regs_print_info+0x20/0x20
[ 783.321233][ T1372] ? load_image+0x3b0/0x3b0
[ 783.325772][ T1372] ? __virt_addr_valid+0x469/0x540
[ 783.330917][ T1372] print_report+0xac/0x220
[ 783.335454][ T1372] ? __xfrm_state_lookup+0x6b2/0x8d0
[ 783.340873][ T1372] kasan_report+0x117/0x150
[ 783.345419][ T1372] ? netlink_deliver_tap+0x19c/0x1b0
[ 783.345834][ T1386] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode
[ 783.350812][ T1372] ? __xfrm_state_lookup+0x6b2/0x8d0
[ 783.350847][ T1372] __xfrm_state_lookup+0x6b2/0x8d0
[ 783.350875][ T1372] ? xfrm_state_lookup+0x1a0/0x1a0
[ 783.350902][ T1372] xfrm_state_lookup+0xef/0x1a0
[ 783.378343][ T1372] ? xfrm_state_lookup+0x36/0x1a0
[ 783.383427][ T1372] xfrm_add_sa_expire+0x19d/0x4b0
[ 783.388484][ T1372] ? apparmor_capable+0x137/0x1a0
[ 783.393546][ T1372] ? xfrm_add_acquire+0xaf0/0xaf0
[ 783.398604][ T1372] ? __nla_parse+0x40/0x50
[ 783.403060][ T1372] xfrm_user_rcv_msg+0x596/0x870
[ 783.406722][ T1370] ext4 filesystem being mounted at /2422/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 783.408104][ T1372] ? lockdep_hardirqs_on+0x98/0x150
[ 783.408138][ T1372] ? xfrm_netlink_rcv+0x90/0x90
[ 783.428860][ T1372] ? __local_bh_enable_ip+0x12e/0x1c0
[ 783.434343][ T1372] ? __dev_queue_xmit+0x245/0x35a0
[ 783.439515][ T1372] ? __mutex_trylock_common+0x153/0x250
[ 783.445113][ T1372] netlink_rcv_skb+0x216/0x480
[ 783.449921][ T1372] ? xfrm_netlink_rcv+0x90/0x90
[ 783.454814][ T1372] ? netlink_ack+0x1110/0x1110
[ 783.459702][ T1372] ? netlink_deliver_tap+0x2e/0x1b0
[ 783.465023][ T1372] ? __lock_acquire+0x7c80/0x7c80
[ 783.470092][ T1372] xfrm_netlink_rcv+0x79/0x90
[ 783.474808][ T1372] netlink_unicast+0x751/0x8d0
[ 783.479619][ T1372] netlink_sendmsg+0x8c1/0xbe0
[ 783.484433][ T1372] ? netlink_getsockopt+0x580/0x580
[ 783.489763][ T1372] ? aa_sock_msg_perm+0x94/0x150
[ 783.494743][ T1372] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 783.500069][ T1372] ? security_socket_sendmsg+0x80/0xa0
[ 783.505164][ T1370] EXT4-fs warning (device loop0): ext4_empty_dir:3156: inode #12: comm syz.0.9628: directory missing '..'
[ 783.505545][ T1372] ? netlink_getsockopt+0x580/0x580
[ 783.505577][ T1372] ____sys_sendmsg+0x5bf/0x950
[ 783.526854][ T1372] ? __asan_memset+0x22/0x40
[ 783.531495][ T1372] ? __sys_sendmsg_sock+0x30/0x30
[ 783.536562][ T1372] ? __import_iovec+0x5f2/0x860
[ 783.541464][ T1372] ? import_iovec+0x73/0xa0
[ 783.546013][ T1372] ___sys_sendmsg+0x220/0x290
[ 783.550733][ T1372] ? __sys_sendmsg+0x270/0x270
[ 783.555555][ T1372] __se_sys_sendmsg+0x1a5/0x270
[ 783.560450][ T1372] ? __x64_sys_sendmsg+0x80/0x80
[ 783.565453][ T1372] ? lockdep_hardirqs_on+0x98/0x150
[ 783.570694][ T1372] do_syscall_64+0x55/0xb0
[ 783.575183][ T1372] ? clear_bhb_loop+0x40/0x90
[ 783.579997][ T1372] ? clear_bhb_loop+0x40/0x90
[ 783.584700][ T1372] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 783.590631][ T1372] RIP: 0033:0x7fc03238ebe9
[ 783.595074][ T1372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 783.614694][ T1372] RSP: 002b:00007fc033159038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 783.623114][ T1372] RAX: ffffffffffffffda RBX: 00007fc0325c5fa0 RCX: 00007fc03238ebe9
[ 783.631089][ T1372] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 783.639064][ T1372] RBP: 00007fc032411e19 R08: 0000000000000000 R09: 0000000000000000
[ 783.647045][ T1372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 783.655021][ T1372] R13: 00007fc0325c6038 R14: 00007fc0325c5fa0 R15: 00007ffc25d39898
[ 783.663026][ T1372]
[ 783.666060][ T1372]
[ 783.668385][ T1372] Allocated by task 26334:
[ 783.672796][ T1372] kasan_set_track+0x4e/0x70
[ 783.677391][ T1372] __kasan_slab_alloc+0x6c/0x80
[ 783.682333][ T1372] slab_post_alloc_hook+0x6e/0x4d0
[ 783.687466][ T1372] kmem_cache_alloc+0x11e/0x2e0
[ 783.692409][ T1372] xfrm_state_alloc+0x22/0x2a0
[ 783.697181][ T1372] pfkey_add+0x6e1/0x2da0
[ 783.701526][ T1372] pfkey_sendmsg+0xbed/0x1050
[ 783.706218][ T1372] ____sys_sendmsg+0x5bf/0x950
[ 783.710991][ T1372] ___sys_sendmsg+0x220/0x290
[ 783.715670][ T1372] __se_sys_sendmsg+0x1a5/0x270
[ 783.720542][ T1372] do_syscall_64+0x55/0xb0
[ 783.724990][ T1372] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 783.730903][ T1372]
[ 783.733236][ T1372] The buggy address belongs to the object at ffff88805b8d6400
[ 783.733236][ T1372] which belongs to the cache xfrm_state of size 848
[ 783.747217][ T1372] The buggy address is located 290 bytes inside of
[ 783.747217][ T1372] freed 848-byte region [ffff88805b8d6400, ffff88805b8d6750)
[ 783.761021][ T1372]
[ 783.763344][ T1372] The buggy address belongs to the physical page:
[ 783.769852][ T1372] page:ffffea00016e3500 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5b8d4
[ 783.780095][ T1372] head:ffffea00016e3500 order:2 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 783.789033][ T1372] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 783.797030][ T1372] page_type: 0xffffffff()
[ 783.801369][ T1372] raw: 00fff00000000840 ffff888145645dc0 dead000000000122 0000000000000000
[ 783.809953][ T1372] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[ 783.818532][ T1372] page dumped because: kasan: bad access detected
[ 783.825041][ T1372] page_owner tracks the page as allocated
[ 783.830754][ T1372] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6202, tgid 6200 (syz.0.143), ts 90143490825, free_ts 89952345917
[ 783.851181][ T1372] post_alloc_hook+0x1cd/0x210
[ 783.855967][ T1372] get_page_from_freelist+0x195c/0x19f0
[ 783.861541][ T1372] __alloc_pages+0x1e3/0x460
[ 783.866149][ T1372] alloc_slab_page+0x5d/0x170
[ 783.870924][ T1372] new_slab+0x87/0x2e0
[ 783.875005][ T1372] ___slab_alloc+0xc6d/0x12f0
[ 783.879696][ T1372] kmem_cache_alloc+0x1b7/0x2e0
[ 783.884552][ T1372] xfrm_state_alloc+0x22/0x2a0
[ 783.889319][ T1372] pfkey_add+0x6e1/0x2da0
[ 783.893743][ T1372] pfkey_sendmsg+0xbed/0x1050
[ 783.898432][ T1372] ____sys_sendmsg+0x5bf/0x950
[ 783.903208][ T1372] ___sys_sendmsg+0x220/0x290
[ 783.907902][ T1372] __se_sys_sendmsg+0x1a5/0x270
[ 783.912769][ T1372] do_syscall_64+0x55/0xb0
[ 783.917203][ T1372] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 783.923106][ T1372] page last free stack trace:
[ 783.927779][ T1372] free_unref_page_prepare+0x7ce/0x8e0
[ 783.933253][ T1372] free_unref_page+0x32/0x2e0
[ 783.937939][ T1372] free_large_kmalloc+0x101/0x1a0
[ 783.942981][ T1372] bpf_check+0x62c6/0xe970
[ 783.947400][ T1372] bpf_prog_load+0x11cb/0x16d0
[ 783.952163][ T1372] __sys_bpf+0x55a/0x800
[ 783.956408][ T1372] __x64_sys_bpf+0x7c/0x90
[ 783.960840][ T1372] do_syscall_64+0x55/0xb0
[ 783.965259][ T1372] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 783.971163][ T1372]
[ 783.973483][ T1372] Memory state around the buggy address:
[ 783.979127][ T1372] ffff88805b8d6400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 783.987295][ T1372] ffff88805b8d6480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 783.995366][ T1372] >ffff88805b8d6500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 784.003432][ T1372] ^
[ 784.008630][ T1372] ffff88805b8d6580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 784.016689][ T1372] ffff88805b8d6600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 784.024746][ T1372] ==================================================================
[ 784.056906][ T1379] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 784.094065][ T1372] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 784.101346][ T1372] CPU: 0 PID: 1372 Comm: syz.3.9629 Not tainted syzkaller #0
[ 784.108747][ T1372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 784.118665][ T1378] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9630'.
[ 784.127754][ T1372] Call Trace:
[ 784.131121][ T1372]
[ 784.134081][ T1372] dump_stack_lvl+0x16c/0x230
[ 784.138760][ T1372] ? show_regs_print_info+0x20/0x20
[ 784.143983][ T1372] ? load_image+0x3b0/0x3b0
[ 784.148485][ T1372] panic+0x2c0/0x710
[ 784.152480][ T1372] ? bpf_jit_dump+0xd0/0xd0
[ 784.157011][ T1372] ? _raw_spin_unlock_irqrestore+0xfa/0x110
[ 784.162992][ T1372] ? _raw_spin_unlock+0x40/0x40
[ 784.167882][ T1372] ? print_memory_metadata+0x314/0x400
[ 784.173358][ T1372] ? __xfrm_state_lookup+0x6b2/0x8d0
[ 784.178663][ T1372] check_panic_on_warn+0x84/0xa0
[ 784.183667][ T1372] ? __xfrm_state_lookup+0x6b2/0x8d0
[ 784.188981][ T1372] end_report+0x6f/0x140
[ 784.193272][ T1372] kasan_report+0x128/0x150
[ 784.197798][ T1372] ? netlink_deliver_tap+0x19c/0x1b0
[ 784.203104][ T1372] ? __xfrm_state_lookup+0x6b2/0x8d0
[ 784.208424][ T1372] __xfrm_state_lookup+0x6b2/0x8d0
[ 784.213556][ T1372] ? xfrm_state_lookup+0x1a0/0x1a0
[ 784.218693][ T1372] xfrm_state_lookup+0xef/0x1a0
[ 784.223551][ T1372] ? xfrm_state_lookup+0x36/0x1a0
[ 784.228583][ T1372] xfrm_add_sa_expire+0x19d/0x4b0
[ 784.233614][ T1372] ? apparmor_capable+0x137/0x1a0
[ 784.238643][ T1372] ? xfrm_add_acquire+0xaf0/0xaf0
[ 784.243671][ T1372] ? __nla_parse+0x40/0x50
[ 784.248098][ T1372] xfrm_user_rcv_msg+0x596/0x870
[ 784.253083][ T1372] ? lockdep_hardirqs_on+0x98/0x150
[ 784.258322][ T1372] ? xfrm_netlink_rcv+0x90/0x90
[ 784.263207][ T1372] ? __local_bh_enable_ip+0x12e/0x1c0
[ 784.268627][ T1372] ? __dev_queue_xmit+0x245/0x35a0
[ 784.273752][ T1372] ? __mutex_trylock_common+0x153/0x250
[ 784.279490][ T1372] netlink_rcv_skb+0x216/0x480
[ 784.284269][ T1372] ? xfrm_netlink_rcv+0x90/0x90
[ 784.289221][ T1372] ? netlink_ack+0x1110/0x1110
[ 784.293998][ T1372] ? netlink_deliver_tap+0x2e/0x1b0
[ 784.299201][ T1372] ? __lock_acquire+0x7c80/0x7c80
[ 784.304238][ T1372] xfrm_netlink_rcv+0x79/0x90
[ 784.308925][ T1372] netlink_unicast+0x751/0x8d0
[ 784.313696][ T1372] netlink_sendmsg+0x8c1/0xbe0
[ 784.318468][ T1372] ? netlink_getsockopt+0x580/0x580
[ 784.323676][ T1372] ? aa_sock_msg_perm+0x94/0x150
[ 784.328616][ T1372] ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 784.333905][ T1372] ? security_socket_sendmsg+0x80/0xa0
[ 784.339372][ T1372] ? netlink_getsockopt+0x580/0x580
[ 784.344574][ T1372] ____sys_sendmsg+0x5bf/0x950
[ 784.349438][ T1372] ? __asan_memset+0x22/0x40
[ 784.354033][ T1372] ? __sys_sendmsg_sock+0x30/0x30
[ 784.359064][ T1372] ? __import_iovec+0x5f2/0x860
[ 784.363931][ T1372] ? import_iovec+0x73/0xa0
[ 784.368445][ T1372] ___sys_sendmsg+0x220/0x290
[ 784.373216][ T1372] ? __sys_sendmsg+0x270/0x270
[ 784.378019][ T1372] __se_sys_sendmsg+0x1a5/0x270
[ 784.382970][ T1372] ? __x64_sys_sendmsg+0x80/0x80
[ 784.387921][ T1372] ? lockdep_hardirqs_on+0x98/0x150
[ 784.393391][ T1372] do_syscall_64+0x55/0xb0
[ 784.397814][ T1372] ? clear_bhb_loop+0x40/0x90
[ 784.402516][ T1372] ? clear_bhb_loop+0x40/0x90
[ 784.407285][ T1372] entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 784.413195][ T1372] RIP: 0033:0x7fc03238ebe9
[ 784.417622][ T1372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 784.437318][ T1372] RSP: 002b:00007fc033159038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 784.445750][ T1372] RAX: ffffffffffffffda RBX: 00007fc0325c5fa0 RCX: 00007fc03238ebe9
[ 784.453728][ T1372] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 784.461791][ T1372] RBP: 00007fc032411e19 R08: 0000000000000000 R09: 0000000000000000
[ 784.470472][ T1372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 784.478456][ T1372] R13: 00007fc0325c6038 R14: 00007fc0325c5fa0 R15: 00007ffc25d39898
[ 784.486442][ T1372]
[ 784.489752][ T1372] Kernel Offset: disabled
[ 784.494160][ T1372] Rebooting in 86400 seconds..