last executing test programs:

26.206766283s ago: executing program 0 (id=9218):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x5, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f00000011c0)={0x0, 0x1014, 0x1, @discrete={0x9, 0xfffffffe}})

25.956962027s ago: executing program 0 (id=9220):
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f00000006c0)={0x2, 0xf, 0x4, 0x1, 0x0, 0x5, 0x0})

25.688895913s ago: executing program 0 (id=9223):
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)

25.613828307s ago: executing program 0 (id=9224):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=")
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x80, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

25.117069256s ago: executing program 0 (id=9230):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read(r0, 0x0, 0x0)

24.596247686s ago: executing program 0 (id=9238):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)

24.242211767s ago: executing program 32 (id=9238):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)

2.912983102s ago: executing program 2 (id=9440):
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x10, &(0x7f0000000c80)={[{0xa, 0x4e00, "007fbbedb386554d7f18"}]})

1.945422358s ago: executing program 4 (id=9455):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=@newsa={0x150, 0x10, 0x413, 0x0, 0x0, {{@in=@multicast1, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x0, 0x32}, @in=@dev, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x20000000008}, {0x0, 0x8, 0xcc}, {0xf6}, 0x0, 0x0, 0xa, 0x1, 0x1}, [@algo_aead={0x60, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0xa0, 0x80, "25cac5216d1c8af0a976902918bf448c5d9f5459"}}]}, 0x150}, 0x1, 0x0, 0x0, 0x20000004}, 0x0)

1.526546362s ago: executing program 1 (id=9460):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
quotactl$Q_SETINFO(0xffffffff80000600, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

1.238065539s ago: executing program 3 (id=9462):
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x7b, 0x40002)
pread64(r0, 0x0, 0x0, 0x4f)

1.140552164s ago: executing program 2 (id=9463):
r0 = syz_open_procfs(0x0, &(0x7f00000012c0)='coredump_filter\x00')
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000140)="81", 0x1}], 0x1)

1.04755042s ago: executing program 3 (id=9464):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x80, 0x20, 0x88}, {0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x7a}, {0x0, 0xaf55, 0x0, 0xfffffffffffffffc}}, {{@in=@broadcast, 0x0, 0x6c}, 0x0, @in=@broadcast, 0x3507, 0x0, 0x0, 0x0, 0x0, 0x80000000}}, 0xe8)

1.018752731s ago: executing program 4 (id=9465):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)={0x5c, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x2}]}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0)

1.017934051s ago: executing program 1 (id=9466):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000d80)={[{@nls={'nls', 0x3d, 'maccenteuro'}}, {}, {@gid}, {@force}, {@type={'type', 0x3d, "02b5418d"}}, {@gid}, {@nobarrier}, {@gid}, {@nobarrier}]}, 0x44, 0x6fd, &(0x7f0000000500)="$eJzs3U1sHGf9B/DvrNcbbyq57nv/fyHFakQEDSR2TEmQkAgVQjlUKBKXXk3iNFacNLJdlESIuEDhCCeUQw9FKBx6Qj0gFXFAlDMSEleUeyTuEQcWzeysvV6/rRs7TsLnI83OMzPPy29+eWb2LdYG+J917u2MrqTIueNv3Si3792dWbh3d+Zqr5zkUJJG0uyuUlxLis+Ss+ku+b9yZ91dsdU4b9z/9MNjdz6e6W4166Wq39iu3ZrONiOs1Esmk4zU611qbtXfhby5ob/bu+q6WI27TNjRXuLgoHU2WNlN8yGuW+BxdzsZGd1k/0RyOMlY/Tog9d2h8YjD23O7ussBAADAY2iYN+fPPsiD3Mj4IwgHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnhpFMtJdVUujV55M0fv9/1a9r9RqHXC82/vKDsc/uPSIAgEAAAAAAACAffFJ/cX9kQd5kBsZ7+3vFNV3/q9VGy9Wj8/kvSxlLos5kRuZzXKWs5jpZHS8r8PWjdnl5cXpjS1/nbJlp9O5Xbc8lWRiQ8tTWwTa2OMTBwAAAAAAAICn009yLuMHHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPQrkpHuqlpe7JUn0mgmGUvSKuutJH/qlZ9kfz7oAAAAAGCf9b15Hy/+0y10iuo9/8vV+/6xvJdrWc58lrOQuVysPgvoNmz8fWVm4d7dmavlsrHvb/9r16E0kozk/S1GnqpqvLTa4ly+m+/neCZzPouZzw8zm+XMZTLt8iQymyIT7e6nFxO9ODeP9+y6rfODsR0Z2H61iqSdS5mvYjuRC610PzapzqEc89W+0f7QSgZGfL/MTvGt2pA5upikXZd/VX8uU+s8O2Qf+2OiOvPR1YxMlbmvs/Hc9rnf5TwZHGk6jXLuVGl/cW2UcnNwpF7Of7CbnB/ursbKh5+vz/le2+VHaYOZOJVGPfuSl9fn/PoX7zy/vvGX//GX85cb165cvrR0fB9P6WFM7lRhtFcYzMRMXyZe2X721ZlYKDOxMnwmRgd3jA3bcn+16mxUt6Ih75bfqUqzea1vCr6bi5nL6UxlOmcylW/kVGZWZ1i5vLQur82Zq+tzUl1rjY33t/Y2wR/9Ul+lX+xQ+dEq8/JcX17773QT1bF6z9lfZqpv9j2//ezb9bNAOf7/1+VyjJ+uPuM8DtZlor4396J7YftM/KZTPi4tXLuyeHn2+pDjHavX5WX7wfp782+Hj3rw2X0vlPOlvOM2q60qJ+3efCmPvbAa7fp8tepvXLrtGhuOvbR6bCLjmc/3trxSW/VruI09dY+90n/sn2t3zlb9+qZ3bN2rnLybhepVyMazBeCxcvj1w632/fbf2h+1f9a+3H5r7M1DZw59oZXRvzb/OPL7xu8a3yxez0f5ccYPOlIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgaLN28dWV2YWFucbWQscE9D1toDY7VSTJE8zR2rHP3meHCyESy/VhFXWjt7bk/iYV2Bvb0fmHpYXv+ZPt/99ZDB19sMp/3uFDmYU867HS6Sa32dEZ20bzZa7V5nWaWxnJltmhucnUfWrsKMnFlduHfnXXN2+m7ZICn3Mnlq9dPLt289dX5q7PvzL0zd+3UmdNnTs98ffprJy/NL8xNdR8POkpgPyzdvDWyye4Nv3QLAAAAAAAAAAAAPD7q//2//Ln/mKG5Q53W4tLmIx951KcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPKHOvZ3RlRSZnjoxVW7fuzuzUC698lrNZpJGkuJHSfFZcjbdJRN93RVbjfPG/U8/PHbn45m1vpq9+o3t2g1npV4ymWSkXu/s0CbdbOzvQl9/K58rvGL1DMuEHe0lDg7afwMAAP//6lP2Ew==")
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)

940.223166ms ago: executing program 2 (id=9467):
r0 = syz_open_dev$video4linux(&(0x7f0000000380), 0xffffffffffffffff, 0xa0400)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000140)={0x0, 0x0, 0x103, 0x0, {0x8, 0x0, 0x9, 0x109a}})

781.221555ms ago: executing program 4 (id=9468):
r0 = syz_open_dev$sndpcmp(&(0x7f0000000500), 0xb, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, &(0x7f0000001280)={0x0, [[0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f3], [0x2, 0x8005, 0xfffffffc, 0x2, 0x3, 0xecdc, 0x3, 0xfffffffc], [0xb, 0x5, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x20001]], '\x00', [{0x80}, {}, {0x40003, 0x4}, {0x0, 0x5}, {0x1000}, {0x7d98, 0xa7f5}, {0x1fffff, 0x2}, {}, {0x0, 0x4}, {0x5, 0xffffffff}, {0x150, 0x400000}, {0xe}], '\x00', 0x5, 0x0, 0x0, 0x2})

728.024228ms ago: executing program 3 (id=9469):
r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$CAPI_GET_ERRCODE(r0, 0x80024321, 0x0)

722.434258ms ago: executing program 2 (id=9470):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv6_newroute={0x30, 0x18, 0x309, 0x70bd2c, 0xfffffffd, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, [@RTA_GATEWAY={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}]}, 0x30}}, 0x1000c840)

586.300056ms ago: executing program 2 (id=9471):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$int_in(r0, 0x4b65, 0x0)

527.96096ms ago: executing program 1 (id=9472):
r0 = syz_open_dev$loop(&(0x7f0000000000), 0x7b, 0x40002)
pread64(r0, 0x0, 0x0, 0x4f)

527.835529ms ago: executing program 3 (id=9473):
setresuid(0xee01, 0x0, 0x0)
keyctl$get_persistent(0x16, 0x0, 0xfffffffffffffffb)

517.3111ms ago: executing program 4 (id=9474):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x8, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x78, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4c, 0x3, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0xb}, @NFTA_SET_ELEM_EXPRESSIONS={0x3c, 0xb, 0x0, 0x1, [{0x20, 0x7, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}, {0x18, 0x1, 0x0, 0x1, @connlimit={{0x4, 0x2}, @val={0x4}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xfc}}, 0x0)

431.180975ms ago: executing program 2 (id=9475):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000002c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c636f686572656e63793d66756c6c2c726573765f6c6576656c3d303030303030303030303030303030303030303000000000000000006f636b732c636f686572656e63793d66756c6c2c696e6f646536342c00bc223b43a5f0d5ec0cf95242"], 0x1, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000380)='.\x00', 0x2042023, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))

301.455783ms ago: executing program 3 (id=9476):
r0 = socket(0x28, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, 0x0, 0x0)

300.801943ms ago: executing program 1 (id=9477):
r0 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x101002)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000001c0)={"0400", 0x100, 0x5, 0x4, 0x8, 0x1, "00017555d000", "02000400", "03000006", '\x00', ['\x00', "ca8cacfffffffff4550400", "000000ff0000000000000020", "0000000000000000001000"]})

208.055688ms ago: executing program 4 (id=9478):
r0 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000600)={0x2, @pix={0x101, 0x9, 0x59565955, 0x0, 0xffffffff, 0x8, 0xc, 0x800, 0x0, 0x0, 0x3, 0x3}})

174.05326ms ago: executing program 1 (id=9479):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="600000000206030300000000000000000000000005000100070000000900020073797a3100000000140007800500150003000000080012400000000013000300686173683a6e65742c696661636500000500050002000000050004"], 0x60}}, 0x0)

114.501574ms ago: executing program 3 (id=9480):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x40001, 0x0)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})

70.920236ms ago: executing program 4 (id=9481):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x80, &(0x7f0000000d80)={[{@nls={'nls', 0x3d, 'maccenteuro'}}, {}, {@gid}, {@force}, {@type={'type', 0x3d, "02b5418d"}}, {@gid}, {@nobarrier}, {@gid}, {@nobarrier}]}, 0x44, 0x6fd, &(0x7f0000000500)="$eJzs3U1sHGf9B/DvrNcbbyq57nv/fyHFakQEDSR2TEmQkAgVQjlUKBKXXk3iNFacNLJdlESIuEDhCCeUQw9FKBx6Qj0gFXFAlDMSEleUeyTuEQcWzeysvV6/rRs7TsLnI83OMzPPy29+eWb2LdYG+J917u2MrqTIueNv3Si3792dWbh3d+Zqr5zkUJJG0uyuUlxLis+Ss+ku+b9yZ91dsdU4b9z/9MNjdz6e6W4166Wq39iu3ZrONiOs1Esmk4zU611qbtXfhby5ob/bu+q6WI27TNjRXuLgoHU2WNlN8yGuW+BxdzsZGd1k/0RyOMlY/Tog9d2h8YjD23O7ussBAADAY2iYN+fPPsiD3Mj4IwgHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnhpFMtJdVUujV55M0fv9/1a9r9RqHXC82/vKDsc/uPSIAgEAAAAAAACAffFJ/cX9kQd5kBsZ7+3vFNV3/q9VGy9Wj8/kvSxlLos5kRuZzXKWs5jpZHS8r8PWjdnl5cXpjS1/nbJlp9O5Xbc8lWRiQ8tTWwTa2OMTBwAAAAAAAICn009yLuMHHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPQrkpHuqlpe7JUn0mgmGUvSKuutJH/qlZ9kfz7oAAAAAGCf9b15Hy/+0y10iuo9/8vV+/6xvJdrWc58lrOQuVysPgvoNmz8fWVm4d7dmavlsrHvb/9r16E0kozk/S1GnqpqvLTa4ly+m+/neCZzPouZzw8zm+XMZTLt8iQymyIT7e6nFxO9ODeP9+y6rfODsR0Z2H61iqSdS5mvYjuRC610PzapzqEc89W+0f7QSgZGfL/MTvGt2pA5upikXZd/VX8uU+s8O2Qf+2OiOvPR1YxMlbmvs/Hc9rnf5TwZHGk6jXLuVGl/cW2UcnNwpF7Of7CbnB/ursbKh5+vz/le2+VHaYOZOJVGPfuSl9fn/PoX7zy/vvGX//GX85cb165cvrR0fB9P6WFM7lRhtFcYzMRMXyZe2X721ZlYKDOxMnwmRgd3jA3bcn+16mxUt6Ih75bfqUqzea1vCr6bi5nL6UxlOmcylW/kVGZWZ1i5vLQur82Zq+tzUl1rjY33t/Y2wR/9Ul+lX+xQ+dEq8/JcX17773QT1bF6z9lfZqpv9j2//ezb9bNAOf7/1+VyjJ+uPuM8DtZlor4396J7YftM/KZTPi4tXLuyeHn2+pDjHavX5WX7wfp782+Hj3rw2X0vlPOlvOM2q60qJ+3efCmPvbAa7fp8tepvXLrtGhuOvbR6bCLjmc/3trxSW/VruI09dY+90n/sn2t3zlb9+qZ3bN2rnLybhepVyMazBeCxcvj1w632/fbf2h+1f9a+3H5r7M1DZw59oZXRvzb/OPL7xu8a3yxez0f5ccYPOlIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgaLN28dWV2YWFucbWQscE9D1toDY7VSTJE8zR2rHP3meHCyESy/VhFXWjt7bk/iYV2Bvb0fmHpYXv+ZPt/99ZDB19sMp/3uFDmYU867HS6Sa32dEZ20bzZa7V5nWaWxnJltmhucnUfWrsKMnFlduHfnXXN2+m7ZICn3Mnlq9dPLt289dX5q7PvzL0zd+3UmdNnTs98ffprJy/NL8xNdR8POkpgPyzdvDWyye4Nv3QLAAAAAAAAAAAAPD7q//2//Ln/mKG5Q53W4tLmIx951KcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPKHOvZ3RlRSZnjoxVW7fuzuzUC698lrNZpJGkuJHSfFZcjbdJRN93RVbjfPG/U8/PHbn45m1vpq9+o3t2g1npV4ymWSkXu/s0CbdbOzvQl9/K58rvGL1DMuEHe0lDg7afwMAAP//6lP2Ew==")
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)

0s ago: executing program 1 (id=9482):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000200)={[{@dots}, {@dots}, {@fat=@uid}, {@fat=@uid={'uid', 0x3d, 0xee00}}, {@dots}, {@nodots}, {@fat=@gid={'gid', 0x3d, 0xee00}}, {@nodots}, {@nodots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {}, {@fat=@check_strict}, {@fat=@sys_immutable}, {@nodots}, {@fat=@showexec}, {@fat=@flush}, {@fat=@umask={'umask', 0x3d, 0x7}}, {@nodots}, {@dots}]}, 0x1, 0x1f5, &(0x7f0000000600)="$eJzs3cFqE1EUANCbmCYTcdGdIAgjLnRV1C+oSAUxIFSy0J2gK7NqN6mb9jP8Bf/LD5CuspEncSadmKYxBDKj7Tmb3pn7Xt+7M2SSTW5SFL7f/RpZ1or2fuzHpBW70Y6ZswAArpNJSvEjFZreCwBQjzXe/3/WvCUAYMvevnv/+vlgcHCY51nE+dl4OB4Wf4v8y1eDgyf5b7vVrPPxeHjrIv80X/zsMM3vxO0y/6yYn1+kuxEx7Mbjh0V+mnvxZpD/Ob8XH7dcOwAAAAAAAAAAAAAAAAAAAAAANOV+5DNL+/vs7S3m+2W+OJrrD7TQv6cT9zrlYdUeKJ3WURQAAAAAAAAAAAAAAAAAAAD8Z45Pvnz+MBp9OqqCXkTMn+ksGXN10Cr/8VqDmw/asdn0flnmBou2yku03QL7y2/uOkF0/pW7s2mQ17BWf+XlTWkaLH8VzNpiXDm9GxGrV390uOnmJyml0bcHR8cnkVYOrp4RvVqfSAAAAAAAAAAAAAAAAAAAcHPNfev7kqyJDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAA6rf/58Gl8+sDE4j4k78dfBsrZ3IGq0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+tXAAAA//85ziI4")
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1e17c3, 0x199)

kernel console output (not intermixed with test programs):

input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input52
[ 1067.975753][T26490] geneve3: entered promiscuous mode
[ 1068.005593][T26516] loop2: detected capacity change from 0 to 2048
[ 1068.058622][T26516] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1068.186079][T11089] usb 2-1: USB disconnect, device number 82
[ 1068.226132][T11089] appletouch 2-1:1.0: input: appletouch disconnected
[ 1068.294992][T26544] x_tables: unsorted underflow at hook 3
[ 1068.476791][   T28] audit: type=1326 audit(1769602411.307:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26553 comm="syz.3.7665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1068.505372][   T28] audit: type=1326 audit(1769602411.339:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26553 comm="syz.3.7665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1068.538980][   T28] audit: type=1326 audit(1769602411.371:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26553 comm="syz.3.7665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1068.719191][   T28] audit: type=1326 audit(1769602411.543:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26553 comm="syz.3.7665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1069.034929][T26582] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7674'.
[ 1069.208926][T26592] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7678'.
[ 1069.270836][T26596] loop2: detected capacity change from 0 to 8
[ 1069.326984][T26596] SQUASHFS error: Unknown inode type 257 in squashfs_iget!
[ 1069.417723][T10806] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1069.621655][T26610] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[ 1069.889943][T26624] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[ 1069.925435][T26624] overlayfs: missing 'lowerdir'
[ 1069.996423][T26588] loop3: detected capacity change from 0 to 32768
[ 1070.063484][T26588] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1070.188548][T26628] loop2: detected capacity change from 0 to 4096
[ 1070.228688][T26628] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[ 1070.280104][T26588] XFS (loop3): Ending clean mount
[ 1070.339559][T26588] XFS (loop3): Quotacheck needed: Please wait.
[ 1070.474840][T26628] ntfs: volume version 3.1.
[ 1070.490625][T26588] XFS (loop3): Quotacheck: Done.
[ 1070.623712][ T5778] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1070.663532][T26628] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5).
[ 1070.703186][T26628] ntfs: (device loop2): ntfs_read_block(): Failed to read from inode 0x6, attribute type 0x80, vcn 0x0, offset 0x800 because its location on disk could not be determined even after retrying (error code -5).
[ 1070.733190][T26628] ntfs: (device loop2): ntfs_cluster_alloc(): Failed to map page.
[ 1070.751856][T26628] ntfs: (device loop2): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -5).
[ 1070.762718][T26628] ntfs: (device loop2): ntfs_truncate(): Cannot truncate inode 0x43, attribute type 0x80, because the conversion from resident to non-resident attribute failed with error code -5.
[ 1070.848037][ T5777] ntfs: (device loop2): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[ 1071.426764][T26692] loop1: detected capacity change from 0 to 1024
[ 1071.650622][ T2969] hfsplus: b-tree write err: -5, ino 4
[ 1072.158860][T26725] netlink: 'syz.3.7714': attribute type 10 has an invalid length.
[ 1072.190752][T26725] netlink: 152 bytes leftover after parsing attributes in process `syz.3.7714'.
[ 1072.376786][T26735] netlink: 'syz.0.7716': attribute type 1 has an invalid length.
[ 1072.436975][T26740] netlink: 52 bytes leftover after parsing attributes in process `syz.1.7719'.
[ 1072.752743][T26759] netlink: 144 bytes leftover after parsing attributes in process `syz.3.7723'.
[ 1073.749399][T26813] libceph: resolve 'c' (ret=-3): failed
[ 1074.084540][T26834] netlink: 'syz.3.7748': attribute type 1 has an invalid length.
[ 1074.106098][T26833] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7749'.
[ 1074.122636][T26834] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.7748'.
[ 1074.146397][T26833] openvswitch: netlink: Missing key (keys=40, expected=100)
[ 1074.469804][T26855] tipc: Trying to set illegal importance in message
[ 1075.030921][T25914] Bluetooth: hci3: command 0x0406 tx timeout
[ 1075.948126][T26943] loop0: detected capacity change from 0 to 256
[ 1076.034387][T26943] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1076.619083][T26987] mac80211_hwsim hwsim7 wlan0: left promiscuous mode
[ 1076.629635][T26987] mac80211_hwsim hwsim7 wlan0: entered allmulticast mode
[ 1076.636867][T26987] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[ 1077.039684][T27042] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7803'.
[ 1077.074222][T27042] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7803'.
[ 1077.190744][T27050] loop2: detected capacity change from 0 to 2048
[ 1077.211838][T27050] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[ 1077.228481][T27050] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1077.739064][T27080] loop1: detected capacity change from 0 to 256
[ 1077.809155][T27080] FAT-fs (loop1): Directory bread(block 64) failed
[ 1077.819932][T27085] netlink: 'syz.3.7816': attribute type 46 has an invalid length.
[ 1077.833730][T27080] FAT-fs (loop1): Directory bread(block 65) failed
[ 1077.842556][T27085] netlink: 'syz.3.7816': attribute type 19 has an invalid length.
[ 1077.852189][T27080] FAT-fs (loop1): Directory bread(block 66) failed
[ 1077.858785][T27080] FAT-fs (loop1): Directory bread(block 67) failed
[ 1077.866823][T27085] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7816'.
[ 1077.886650][T27080] FAT-fs (loop1): Directory bread(block 68) failed
[ 1077.893396][T27080] FAT-fs (loop1): Directory bread(block 69) failed
[ 1077.904852][T27080] FAT-fs (loop1): Directory bread(block 70) failed
[ 1077.924300][T27080] FAT-fs (loop1): Directory bread(block 71) failed
[ 1077.931043][T27080] FAT-fs (loop1): Directory bread(block 72) failed
[ 1077.953536][T27080] FAT-fs (loop1): Directory bread(block 73) failed
[ 1078.454213][T27102] loop3: detected capacity change from 0 to 4096
[ 1078.554112][T27102] ntfs3: loop3: MFT: r=b, expect seq=b instead of 1ff!
[ 1078.569360][T27115] netlink: 'syz.0.7823': attribute type 5 has an invalid length.
[ 1078.584947][T27102] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[ 1078.611789][T27102] ntfs3: loop3: Failed to load $Extend (-22).
[ 1078.625500][T27102] ntfs3: loop3: Failed to initialize $Extend.
[ 1079.406499][T27166] loop1: detected capacity change from 0 to 16
[ 1079.475935][T27166] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1079.484463][T27171] ieee802154 phy1 wpan1: encryption failed: -22
[ 1079.556579][T27174] netlink: 'syz.2.7841': attribute type 1 has an invalid length.
[ 1079.590250][T27174] netlink: 216 bytes leftover after parsing attributes in process `syz.2.7841'.
[ 1079.631607][T27174] NCSI netlink: No device for ifindex 0
[ 1079.675426][T27184] loop3: detected capacity change from 0 to 1024
[ 1079.723830][T27184] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1079.790466][T27184] EXT4-fs error (device loop3): ext4_empty_dir:3166: inode #11: block 623: comm syz.3.7843: Attempting to read directory block (623) that is past i_size (638464)
[ 1079.876398][T27184] EXT4-fs (loop3): Remounting filesystem read-only
[ 1079.969125][T27205] loop1: detected capacity change from 0 to 512
[ 1079.976768][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1080.004054][T27205] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1080.019228][T27205] ext4 filesystem being mounted at /1937/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1080.085578][   T13] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[ 1080.103584][T27205] Quota error (device loop1): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[ 1080.115855][ T5843] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[ 1080.124824][T27205] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1080.135205][T27205] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.7847: Failed to acquire dquot type 0
[ 1080.230617][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1080.299759][   T13] usb 3-1: Using ep0 maxpacket: 32
[ 1080.314820][ T5843] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1080.334913][   T13] usb 3-1: config 0 has an invalid interface number: 119 but max is 0
[ 1080.345808][ T5843] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1080.354044][   T13] usb 3-1: config 0 has no interface number 0
[ 1080.366174][ T5843] usb 1-1: Product: syz
[ 1080.371138][ T5843] usb 1-1: Manufacturer: syz
[ 1080.381505][ T5843] usb 1-1: SerialNumber: syz
[ 1080.387649][   T13] usb 3-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=d9.19
[ 1080.404770][   T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1080.431262][   T13] usb 3-1: Product: syz
[ 1080.435704][   T13] usb 3-1: Manufacturer: syz
[ 1080.445148][   T13] usb 3-1: SerialNumber: syz
[ 1080.454935][   T13] usb 3-1: config 0 descriptor??
[ 1080.468362][   T13] gspca_main: sn9c2028-2.14.0 probing 0458:7003
[ 1080.567183][T27231] netlink: 132 bytes leftover after parsing attributes in process `syz.1.7860'.
[ 1080.644234][T27233] loop3: detected capacity change from 0 to 256
[ 1080.734797][T27233] FAT-fs (loop3): Directory bread(block 64) failed
[ 1080.751654][T27233] FAT-fs (loop3): Directory bread(block 65) failed
[ 1080.783802][T27233] FAT-fs (loop3): Directory bread(block 66) failed
[ 1080.790521][T27233] FAT-fs (loop3): Directory bread(block 67) failed
[ 1080.828615][ T5843] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71
[ 1080.846910][T27233] FAT-fs (loop3): Directory bread(block 68) failed
[ 1080.865046][ T5843] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000098. ret = -71
[ 1080.876916][T27233] FAT-fs (loop3): Directory bread(block 69) failed
[ 1080.877067][T27233] FAT-fs (loop3): Directory bread(block 70) failed
[ 1080.877098][T27233] FAT-fs (loop3): Directory bread(block 71) failed
[ 1080.877194][T27233] FAT-fs (loop3): Directory bread(block 72) failed
[ 1080.894532][   T13] gspca_sn9c2028: read1 error -71
[ 1080.923845][ T5843] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71
[ 1080.939697][   T13] gspca_sn9c2028: read1 error -71
[ 1080.946809][   T13] sn9c2028: probe of 3-1:0.119 failed with error -71
[ 1080.948213][T27233] FAT-fs (loop3): Directory bread(block 73) failed
[ 1080.953622][ T5843] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1080.972900][   T13] usb 3-1: USB disconnect, device number 71
[ 1081.010845][ T5843] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1081.046863][ T5843] lan78xx: probe of 1-1:1.0 failed with error -71
[ 1081.091477][ T5843] usb 1-1: USB disconnect, device number 55
[ 1081.180791][T27259] netlink: 'syz.1.7855': attribute type 46 has an invalid length.
[ 1081.192063][T27259] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7855'.
[ 1081.651852][T27287] loop0: detected capacity change from 0 to 64
[ 1081.853747][T27297] loop1: detected capacity change from 0 to 256
[ 1081.903809][T27297] exfat: Deprecated parameter 'utf8'
[ 1081.973949][T27306] loop2: detected capacity change from 0 to 256
[ 1081.987986][T27307] loop0: detected capacity change from 0 to 8
[ 1082.024242][T27297] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[ 1082.067405][T27297] exFAT-fs (loop1): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 5, cur_clu : 5)
[ 1082.808794][T27355] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7883'.
[ 1082.971817][T27354] loop0: detected capacity change from 0 to 8192
[ 1083.007340][T27354] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 1083.036635][T27354] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[ 1083.101454][T27354] REISERFS (device loop0): using ordered data mode
[ 1083.118460][T27354] reiserfs: using flush barriers
[ 1083.166652][T27354] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 1083.267174][T27354] REISERFS (device loop0): checking transaction log (loop0)
[ 1083.305089][T27354] REISERFS (device loop0): Using r5 hash to sort names
[ 1083.356795][T27354] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 1083.655050][T27399] netlink: 76 bytes leftover after parsing attributes in process `syz.3.7895'.
[ 1083.690942][   T13] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 1083.793213][T27407] loop3: detected capacity change from 0 to 8
[ 1083.895944][   T13] usb 2-1: Using ep0 maxpacket: 8
[ 1083.930962][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1083.951273][  T968] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[ 1083.962338][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1083.987855][   T13] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1083.999347][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[ 1084.012109][   T13] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1084.022440][   T13] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1084.034195][   T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1084.053207][   T13] usb 2-1: config 0 descriptor??
[ 1084.063682][T27384] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1084.141481][  T968] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1084.161815][  T968] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[ 1084.184172][  T968] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1084.215616][  T968] gspca_main: stv0680-2.14.0 probing 041e:4007
[ 1084.302320][T27394] loop2: detected capacity change from 0 to 32768
[ 1084.355847][T27394] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1084.410945][T27394] XFS (loop2): Ending clean mount
[ 1084.562908][T25914] Bluetooth: hci4: Opcode 0x0c03 failed: -71
[ 1084.577514][T14196] usb 2-1: USB disconnect, device number 83
[ 1084.643944][T27446] netlink: 'syz.3.7900': attribute type 21 has an invalid length.
[ 1084.652441][T27446] netlink: 'syz.3.7900': attribute type 15 has an invalid length.
[ 1084.660820][T27446] netlink: 156 bytes leftover after parsing attributes in process `syz.3.7900'.
[ 1084.670368][T27446] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1084.684972][T27446] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1084.692335][T27446] IPv6: NLM_F_CREATE should be set when creating new route
[ 1084.699725][T27446] IPv6: NLM_F_CREATE should be set when creating new route
[ 1084.707050][T27446] IPv6: NLM_F_CREATE should be set when creating new route
[ 1084.776556][T11089] XFS (loop2): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair.
[ 1084.806341][ T5777] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1085.200815][T27466] netlink: 128 bytes leftover after parsing attributes in process `syz.1.7905'.
[ 1085.210254][T27466] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1085.238067][  T968] stv0680 1-1:4.0: STV(e): camera ping failed!!
[ 1085.426230][  T968] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[ 1085.435777][  T968] stv0680 1-1:4.0: last error: 86,  command = 0x70
[ 1085.458193][  T968] usb 1-1: USB disconnect, device number 56
[ 1085.764531][T27498] loop3: detected capacity change from 0 to 1024
[ 1085.913387][ T2993] hfsplus: b-tree write err: -5, ino 4
[ 1086.396619][T27528] overlayfs: conflicting options: nfs_export=on,index=off
[ 1086.440272][   T13] usb 1-1: new full-speed USB device number 57 using dummy_hcd
[ 1086.564807][T27533] loop2: detected capacity change from 0 to 4096
[ 1086.636856][   T13] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1086.654095][   T13] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1086.679389][   T13] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 1086.699206][   T13] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1086.735419][   T13] usb 1-1: SerialNumber: syz
[ 1086.765240][   T13] usb 1-1: 0:2 : does not exist
[ 1086.795129][T27549] netlink: 'syz.1.7925': attribute type 1 has an invalid length.
[ 1086.845334][T27549] netlink: 'syz.1.7925': attribute type 2 has an invalid length.
[ 1086.933922][T27552] xt_hashlimit: invalid interval
[ 1087.237391][ T5843] usb 1-1: USB disconnect, device number 57
[ 1087.347746][T27585] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7931'.
[ 1087.406867][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1087.894516][T27607] random: crng reseeded on system resumption
[ 1087.925213][T27612] kcapi: manufacturer command 52776558133248 unknown.
[ 1087.970343][T27595] loop3: detected capacity change from 0 to 32768
[ 1087.999405][T27595] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.7935 (27595)
[ 1088.074378][T27595] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1088.101714][T27595] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[ 1088.137994][T27595] BTRFS info (device loop3): force zlib compression, level 3
[ 1088.157950][T27595] BTRFS info (device loop3): turning on flush-on-commit
[ 1088.174344][T27595] BTRFS info (device loop3): max_inline at 4096
[ 1088.197851][T27595] BTRFS info (device loop3): using free space tree
[ 1088.212396][T27620] loop0: detected capacity change from 0 to 1024
[ 1088.261975][T27620] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1088.340908][T27620] EXT4-fs error (device loop0): ext4_get_first_dir_block:3606: inode #11: comm syz.0.7942: directory missing '..'
[ 1088.463589][T27649] netlink: 'syz.2.7945': attribute type 10 has an invalid length.
[ 1088.465492][T27595] BTRFS info (device loop3): enabling ssd optimizations
[ 1088.472003][T27649] netlink: 55 bytes leftover after parsing attributes in process `syz.2.7945'.
[ 1088.521830][T27595] BTRFS info (device loop3): auto enabling async discard
[ 1088.611364][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1088.874180][ T5778] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1089.022171][T27664] loop2: detected capacity change from 0 to 2048
[ 1089.136503][T27664] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1089.174069][T27673] tmpfs: Bad value for 'mpol'
[ 1089.250444][T27674] bridge3: entered promiscuous mode
[ 1089.513387][  T968] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 1089.557530][T27693] loop2: detected capacity change from 0 to 256
[ 1089.620677][T27691] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[ 1089.668277][T27693] FAT-fs (loop2): Directory bread(block 64) failed
[ 1089.697319][T27693] FAT-fs (loop2): Directory bread(block 65) failed
[ 1089.718143][  T968] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[ 1089.733439][T27693] FAT-fs (loop2): Directory bread(block 66) failed
[ 1089.744791][T27693] FAT-fs (loop2): Directory bread(block 67) failed
[ 1089.757279][  T968] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1089.771686][T27693] FAT-fs (loop2): Directory bread(block 68) failed
[ 1089.779178][  T968] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1089.806402][T27693] FAT-fs (loop2): Directory bread(block 69) failed
[ 1089.813261][  T968] usb 2-1: Product: syz
[ 1089.820614][  T968] usb 2-1: Manufacturer: syz
[ 1089.825274][  T968] usb 2-1: SerialNumber: syz
[ 1089.840248][T27693] FAT-fs (loop2): Directory bread(block 70) failed
[ 1089.846856][T27693] FAT-fs (loop2): Directory bread(block 71) failed
[ 1089.875190][  T968] usb 2-1: config 0 descriptor??
[ 1089.902513][T27693] FAT-fs (loop2): Directory bread(block 72) failed
[ 1089.931278][T27693] FAT-fs (loop2): Directory bread(block 73) failed
[ 1089.961024][  T968] snd-usb-audio: probe of 2-1:0.0 failed with error -22
[ 1090.156898][T10806] udevd[10806]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1090.215096][  T968] usb 2-1: USB disconnect, device number 84
[ 1090.521481][T27736] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[ 1090.548718][T27736] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1090.774087][T27744] netlink: 'syz.0.7964': attribute type 4 has an invalid length.
[ 1090.878840][T27729] loop3: detected capacity change from 0 to 32768
[ 1091.471603][T27780] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1091.489434][T27780] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1091.863266][T27799] netlink: 'syz.3.7981': attribute type 3 has an invalid length.
[ 1092.118526][T27805] bridge6: entered promiscuous mode
[ 1092.425073][T27823] loop2: detected capacity change from 0 to 8
[ 1092.485315][T27823] SQUASHFS error: Unable to read directory block [26067d:ffff]
[ 1092.906468][T27844] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[ 1092.946529][T27844] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[ 1092.978496][T27844] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1093.163181][T27851] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7996'.
[ 1093.237066][T27795] loop1: detected capacity change from 0 to 32768
[ 1093.664446][T27842] loop0: detected capacity change from 0 to 32768
[ 1093.702331][T27842] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.8002 (27842)
[ 1093.783548][T27842] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1093.810123][T27842] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 1093.835644][T27842] BTRFS info (device loop0): using free space tree
[ 1094.043672][T27842] BTRFS info (device loop0): enabling ssd optimizations
[ 1094.078674][T27842] BTRFS info (device loop0): auto enabling async discard
[ 1094.381669][ T5775] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1094.607597][   T28] audit: type=1326 audit(1769602439.355:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.8009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0af439aeb9 code=0x7ffc0000
[ 1094.720961][   T28] audit: type=1326 audit(1769602439.355:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.8009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0af439aeb9 code=0x7ffc0000
[ 1094.730929][T27916] x_tables: unsorted underflow at hook 4
[ 1094.753859][T27918] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8008'.
[ 1094.817938][   T28] audit: type=1326 audit(1769602439.398:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.8009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=31 compat=0 ip=0x7f0af439aeb9 code=0x7ffc0000
[ 1094.845718][T10807] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 9 /dev/loop0 scanned by udevd (10807)
[ 1094.903046][   T28] audit: type=1326 audit(1769602439.398:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.8009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0af439aeb9 code=0x7ffc0000
[ 1095.028708][   T28] audit: type=1326 audit(1769602439.398:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27909 comm="syz.2.8009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0af439aeb9 code=0x7ffc0000
[ 1095.305800][T27934] loop1: detected capacity change from 0 to 256
[ 1095.606084][T14196] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[ 1095.651388][T27938] loop3: detected capacity change from 0 to 8192
[ 1095.696300][T27938] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 1095.741484][T27938] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[ 1095.757192][T27938] REISERFS (device loop3): using journaled data mode
[ 1095.785055][T27938] reiserfs: using flush barriers
[ 1095.801852][T14196] usb 3-1: Using ep0 maxpacket: 8
[ 1095.839328][T14196] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1095.861439][T27938] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 1095.896265][T27938] REISERFS (device loop3): checking transaction log (loop3)
[ 1095.919931][T27938] REISERFS (device loop3): Using r5 hash to sort names
[ 1095.927016][T14196] usb 3-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b
[ 1095.927048][T14196] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1095.927069][T14196] usb 3-1: Product: syz
[ 1095.927084][T14196] usb 3-1: Manufacturer: syz
[ 1095.927100][T14196] usb 3-1: SerialNumber: syz
[ 1095.957983][T14196] usb 3-1: config 0 descriptor??
[ 1095.982951][T14196] gspca_main: stk014-2.14.0 probing 05e1:0893
[ 1095.993901][T27938] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[ 1096.007745][T14196] usb 3-1: selecting invalid altsetting 1
[ 1096.044672][T27938] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[ 1096.326142][T27973] loop0: detected capacity change from 0 to 512
[ 1096.407772][T27973] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1096.426005][ T5843] usb 3-1: USB disconnect, device number 72
[ 1096.482717][T27973] ext4 filesystem being mounted at /2016/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1096.659826][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1097.525166][T28037] loop3: detected capacity change from 0 to 512
[ 1097.598185][T28037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1097.640405][T28037] ext4 filesystem being mounted at /2070/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1097.728131][T28037] EXT4-fs error (device loop3): ext4_get_first_dir_block:3584: inode #12: comm syz.3.8039: Attempting to read directory block (0) that is past i_size (3)
[ 1097.783439][T28037] EXT4-fs (loop3): Remounting filesystem read-only
[ 1097.809506][T28051] loop1: detected capacity change from 0 to 256
[ 1097.913745][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1097.942205][T13251] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1097.991247][T13251] Quota error (device loop3): write_blk: dquota write failed
[ 1098.013813][T13251] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries
[ 1098.040711][T28059] No such timeout policy "syz1"
[ 1098.047229][T13251] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1098.085832][T13251] Quota error (device loop3): write_blk: dquota write failed
[ 1098.093340][T13251] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list
[ 1098.125103][T13251] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[ 1098.166276][T13251] Quota error (device loop3): v2_write_file_info: Can't write info structure
[ 1099.025846][T28062] loop0: detected capacity change from 0 to 32768
[ 1099.128774][T28103] deleting an unspecified loop device is not supported.
[ 1099.155898][T28062] jfs_strtoUCS: char2uni returned -22.
[ 1099.171391][T28062] charset = cp936, char = 0xd4
[ 1099.737822][T28134] netlink: 100 bytes leftover after parsing attributes in process `syz.3.8066'.
[ 1100.123499][   T28] kauditd_printk_skb: 5 callbacks suppressed
[ 1100.123515][   T28] audit: type=1326 audit(1769602445.280:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28157 comm="syz.0.8075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1100.182987][T28160] netlink: 136 bytes leftover after parsing attributes in process `syz.3.8077'.
[ 1100.234024][   T28] audit: type=1326 audit(1769602445.312:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28157 comm="syz.0.8075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1100.337420][   T28] audit: type=1326 audit(1769602445.344:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28157 comm="syz.0.8075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1100.410047][   T28] audit: type=1326 audit(1769602445.344:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28157 comm="syz.0.8075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1100.506676][   T28] audit: type=1326 audit(1769602445.355:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28157 comm="syz.0.8075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1100.615386][T28166] loop2: detected capacity change from 0 to 8192
[ 1100.655182][T28166] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 1100.683871][T28166] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[ 1100.711898][T28166] REISERFS (device loop2): using ordered data mode
[ 1100.718476][T28166] reiserfs: using flush barriers
[ 1100.732236][T28166] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 1100.777398][T28166] REISERFS (device loop2): checking transaction log (loop2)
[ 1100.817791][T28166] REISERFS (device loop2): Using rupasov hash to sort names
[ 1101.342432][T28215] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.8093'.
[ 1101.387516][T28215] openvswitch: netlink: Key type 2832 is out of range max 32
[ 1101.590837][T28232] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1101.596629][T28228] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8096'.
[ 1101.685195][T28227] loop2: detected capacity change from 0 to 4096
[ 1101.784064][T28227] ntfs: volume version 3.1.
[ 1101.805845][T28242] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8102'.
[ 1103.234858][T28329] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8126'.
[ 1103.245615][ T5843] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 1103.428860][T28338] wg1: entered promiscuous mode
[ 1103.436590][T28338] wg1: entered allmulticast mode
[ 1103.459631][ T5843] usb 2-1: Using ep0 maxpacket: 32
[ 1103.480782][ T5843] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[ 1103.496924][ T5843] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1103.535483][ T5843] usb 2-1: config 0 descriptor??
[ 1103.574030][ T5843] gspca_main: sq930x-2.14.0 probing 041e:403c
[ 1103.874167][T28362] loop2: detected capacity change from 0 to 64
[ 1103.946067][ T5843] gspca_sq930x: ucbus_write failed -71
[ 1103.965688][ T5843] sq930x: probe of 2-1:0.0 failed with error -71
[ 1104.003689][ T5843] usb 2-1: USB disconnect, device number 85
[ 1104.350701][T28386] loop3: detected capacity change from 0 to 8192
[ 1104.370701][T28386] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 1104.413083][T28386] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[ 1104.423131][T28386] REISERFS (device loop3): using ordered data mode
[ 1104.430424][T28386] reiserfs: using flush barriers
[ 1104.439623][T28386] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 1104.484963][T28386] REISERFS (device loop3): checking transaction log (loop3)
[ 1104.516657][T28386] REISERFS (device loop3): Using rupasov hash to sort names
[ 1105.356608][T28446] loop0: detected capacity change from 0 to 1024
[ 1105.555199][T28457] overlay: Unknown parameter 'fsname'
[ 1105.585546][   T12] hfsplus: b-tree write err: -5, ino 4
[ 1106.081837][T28488] x_tables: duplicate underflow at hook 1
[ 1106.673853][  T968] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[ 1106.819945][T28462] loop1: detected capacity change from 0 to 32768
[ 1106.843365][T28462] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1106.873099][T28462] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1106.883927][  T968] usb 1-1: Using ep0 maxpacket: 8
[ 1106.896039][  T968] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1106.922486][T28462] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[ 1106.940801][  T968] usb 1-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6
[ 1106.968708][   T23] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1106.983416][   T23] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1106.991537][  T968] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1107.039663][  T968] usb 1-1: config 0 descriptor??
[ 1107.100583][ T5843] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1107.124295][   T23] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 151ms
[ 1107.147866][   T23] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1107.167793][T28462] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1107.201659][T28490] loop2: detected capacity change from 0 to 32768
[ 1107.231463][T28490] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[ 1107.279424][T28490] CPU: 0 PID: 28490 Comm: syz.2.8170 Not tainted syzkaller #0
[ 1107.287005][T28490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1107.297117][T28490] Call Trace:
[ 1107.300447][T28490]  <TASK>
[ 1107.303422][T28490]  dump_stack_lvl+0x18c/0x250
[ 1107.308162][T28490]  ? show_regs_print_info+0x20/0x20
[ 1107.313416][T28490]  ? load_image+0x400/0x400
[ 1107.317980][T28490]  sysfs_create_dir_ns+0x26e/0x2a0
[ 1107.323141][T28490]  ? sysfs_warn_dup+0xa0/0xa0
[ 1107.327788][  T968] usb 1-1: USB disconnect, device number 58
[ 1107.328102][T28490]  ? do_raw_spin_unlock+0x121/0x230
[ 1107.339388][T28490]  kobject_add_internal+0x61c/0xcc0
[ 1107.344635][T28490]  kobject_init_and_add+0x12c/0x1a0
[ 1107.349897][T28490]  ? lockdep_softirqs_off+0x430/0x430
[ 1107.355333][T28490]  ? kobject_add+0x240/0x240
[ 1107.359975][T28490]  ? __init_swait_queue_head+0xa9/0x150
[ 1107.365582][T28490]  gfs2_sys_fs_add+0x253/0x4b0
[ 1107.370407][T28490]  ? gfs2_recover_set+0x250/0x250
[ 1107.375512][T28490]  ? apply_workqueue_attrs+0x180/0x180
[ 1107.381033][T28490]  gfs2_fill_super+0x12b6/0x1f30
[ 1107.386028][T28490]  ? __might_sleep+0xe0/0xe0
[ 1107.390682][T28490]  ? gfs2_reconfigure+0xb10/0xb10
[ 1107.395872][T28490]  ? setup_bdev_super+0x56b/0x660
[ 1107.400949][T28490]  get_tree_bdev+0x3f3/0x520
[ 1107.405592][T28490]  ? end_current_label_crit_section+0x170/0x170
[ 1107.411965][T28490]  ? gfs2_reconfigure+0xb10/0xb10
[ 1107.417029][T28490]  ? setup_bdev_super+0x660/0x660
[ 1107.422102][T28490]  gfs2_get_tree+0x51/0x1e0
[ 1107.426651][T28490]  vfs_get_tree+0x8c/0x280
[ 1107.431118][T28490]  do_new_mount+0x24b/0xa40
[ 1107.435656][T28490]  __se_sys_mount+0x2e7/0x3d0
[ 1107.440452][T28490]  ? __x64_sys_mount+0xc0/0xc0
[ 1107.445241][T28490]  ? lockdep_hardirqs_on+0x98/0x150
[ 1107.450485][T28490]  ? __x64_sys_mount+0x20/0xc0
[ 1107.455290][T28490]  do_syscall_64+0x55/0xa0
[ 1107.459749][T28490]  ? clear_bhb_loop+0x40/0x90
[ 1107.464451][T28490]  ? clear_bhb_loop+0x40/0x90
[ 1107.469171][T28490]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1107.475106][T28490] RIP: 0033:0x7f0af439c14a
[ 1107.479550][T28490] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1107.499194][T28490] RSP: 002b:00007f0af25f5e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1107.507638][T28490] RAX: ffffffffffffffda RBX: 00007f0af25f5ee0 RCX: 00007f0af439c14a
[ 1107.515637][T28490] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007f0af25f5ea0
[ 1107.523659][T28490] RBP: 0000200000000400 R08: 00007f0af25f5ee0 R09: 0000000000210401
[ 1107.531661][T28490] R10: 0000000000210401 R11: 0000000000000246 R12: 0000200000012500
[ 1107.539658][T28490] R13: 00007f0af25f5ea0 R14: 00000000000125d8 R15: 0000200000000440
[ 1107.547670][T28490]  </TASK>
[ 1107.600209][T28490] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[ 1107.633522][ T5843] usb 4-1: Using ep0 maxpacket: 16
[ 1107.645055][T28490] gfs2: fsid=syz:syz: error -17 adding sysfs files
[ 1107.672334][ T5843] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1107.688982][ T5843] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1107.697154][ T5843] usb 4-1: Product: syz
[ 1107.707798][ T5843] usb 4-1: Manufacturer: syz
[ 1107.712490][ T5843] usb 4-1: SerialNumber: syz
[ 1107.746116][ T5843] r8152-cfgselector 4-1: config 0 descriptor??
[ 1107.977125][ T5843] usbip-host 4-1: 4-1 is not in match_busid table... skip!
[ 1108.192826][ T5843] usb 4-1: USB disconnect, device number 67
[ 1108.254401][T28557] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8181'.
[ 1108.344440][T28562] netlink: 172 bytes leftover after parsing attributes in process `syz.0.8183'.
[ 1108.371277][T28562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8183'.
[ 1108.388400][T28562] netlink: 172 bytes leftover after parsing attributes in process `syz.0.8183'.
[ 1108.405733][T28562] netlink: 100 bytes leftover after parsing attributes in process `syz.0.8183'.
[ 1108.434668][T28562] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8183'.
[ 1108.804745][T28584] xt_recent: Unsupported userspace flags (000000b1)
[ 1109.721905][T28592] loop2: detected capacity change from 0 to 32768
[ 1109.751655][T28630] loop0: detected capacity change from 0 to 4096
[ 1109.762957][T28592] 
[ 1109.762957][T28592]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1109.762957][T28592] 
[ 1109.778890][T28630] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[ 1109.851621][T28640] netlink: 'syz.1.8208': attribute type 1 has an invalid length.
[ 1109.888142][T28640] netlink: 224 bytes leftover after parsing attributes in process `syz.1.8208'.
[ 1109.926444][T28640] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8208'.
[ 1110.001711][ T5777] 
[ 1110.001711][ T5777]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1110.001711][ T5777] 
[ 1110.041437][T28630] ntfs3: loop0: failed to convert "c46c" to cp857
[ 1110.050173][ T5777] 
[ 1110.050173][ T5777]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1110.050173][ T5777] 
[ 1110.712945][T28679] syz.3.8219: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[ 1110.730414][T28679] CPU: 1 PID: 28679 Comm: syz.3.8219 Not tainted syzkaller #0
[ 1110.737971][T28679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1110.748128][T28679] Call Trace:
[ 1110.751449][T28679]  <TASK>
[ 1110.754416][T28679]  dump_stack_lvl+0x18c/0x250
[ 1110.759149][T28679]  ? show_regs_print_info+0x20/0x20
[ 1110.764401][T28679]  ? load_image+0x400/0x400
[ 1110.768959][T28679]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1110.775439][T28679]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[ 1110.782015][T28679]  warn_alloc+0x246/0x340
[ 1110.786427][T28679]  ? stack_trace_save+0xaa/0x100
[ 1110.791434][T28679]  ? zone_watermark_ok_safe+0x230/0x230
[ 1110.797057][T28679]  ? kasan_set_track+0x5f/0x70
[ 1110.801870][T28679]  ? kasan_set_track+0x4e/0x70
[ 1110.806708][T28679]  ? __kasan_kmalloc+0x8f/0xa0
[ 1110.811530][T28679]  ? xsk_init_queue+0xad/0x100
[ 1110.816351][T28679]  ? xsk_setsockopt+0x42e/0x760
[ 1110.821263][T28679]  ? do_sock_setsockopt+0x175/0x1a0
[ 1110.826516][T28679]  ? __x64_sys_setsockopt+0x182/0x200
[ 1110.831960][T28679]  __vmalloc_node_range+0x126/0x1330
[ 1110.837324][T28679]  ? free_vm_area+0x50/0x50
[ 1110.841889][T28679]  vmalloc_user+0x74/0x80
[ 1110.846251][T28679]  ? xskq_create+0xbf/0x170
[ 1110.850778][T28679]  xskq_create+0xbf/0x170
[ 1110.855215][T28679]  xsk_init_queue+0xad/0x100
[ 1110.859835][T28679]  xsk_setsockopt+0x42e/0x760
[ 1110.864540][T28679]  ? xsk_poll+0x680/0x680
[ 1110.868896][T28679]  ? __fget_files+0x28/0x4b0
[ 1110.873519][T28679]  ? __fget_files+0x28/0x4b0
[ 1110.878156][T28679]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[ 1110.883732][T28679]  ? security_socket_setsockopt+0x7e/0xa0
[ 1110.889477][T28679]  ? xsk_poll+0x680/0x680
[ 1110.893835][T28679]  do_sock_setsockopt+0x175/0x1a0
[ 1110.898891][T28679]  ? __fdget+0x180/0x210
[ 1110.903170][T28679]  __x64_sys_setsockopt+0x182/0x200
[ 1110.908439][T28679]  do_syscall_64+0x55/0xa0
[ 1110.912907][T28679]  ? clear_bhb_loop+0x40/0x90
[ 1110.917609][T28679]  ? clear_bhb_loop+0x40/0x90
[ 1110.922313][T28679]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1110.928251][T28679] RIP: 0033:0x7f44b7d9aeb9
[ 1110.932691][T28679] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1110.952320][T28679] RSP: 002b:00007f44b8d12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1110.960763][T28679] RAX: ffffffffffffffda RBX: 00007f44b8015fa0 RCX: 00007f44b7d9aeb9
[ 1110.968769][T28679] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[ 1110.976766][T28679] RBP: 00007f44b7e08c1f R08: 0000000000000004 R09: 0000000000000000
[ 1110.984767][T28679] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1110.992759][T28679] R13: 00007f44b8016038 R14: 00007f44b8015fa0 R15: 00007fff41ed2e98
[ 1111.000774][T28679]  </TASK>
[ 1111.046792][T28679] Mem-Info:
[ 1111.050319][T28679] active_anon:10105 inactive_anon:0 isolated_anon:0
[ 1111.050319][T28679]  active_file:11318 inactive_file:42860 isolated_file:0
[ 1111.050319][T28679]  unevictable:768 dirty:379 writeback:0
[ 1111.050319][T28679]  slab_reclaimable:11759 slab_unreclaimable:94369
[ 1111.050319][T28679]  mapped:25498 shmem:1366 pagetables:696
[ 1111.050319][T28679]  sec_pagetables:0 bounce:0
[ 1111.050319][T28679]  kernel_misc_reclaimable:0
[ 1111.050319][T28679]  free:1335021 free_pcp:6610 free_cma:0
[ 1111.098128][T28679] Node 0 active_anon:40220kB inactive_anon:0kB active_file:45272kB inactive_file:171236kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101992kB dirty:1516kB writeback:0kB shmem:3928kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11212kB pagetables:2784kB sec_pagetables:0kB all_unreclaimable? no
[ 1111.140149][T28679] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1111.176599][T28679] Node 0 DMA free:15356kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1111.208878][T28679] lowmem_reserve[]: 0 2521 2522 2522 2522
[ 1111.215458][T28679] Node 0 DMA32 free:1430864kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:40380kB inactive_anon:0kB active_file:45272kB inactive_file:170420kB unevictable:1536kB writepending:1516kB present:3129332kB managed:2586972kB mlocked:0kB bounce:0kB free_pcp:7452kB local_pcp:6424kB free_cma:0kB
[ 1111.309979][T28679] lowmem_reserve[]: 0 0 0 0 0
[ 1111.316116][T28679] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:816kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB
[ 1111.345155][T28679] lowmem_reserve[]: 0 0 0 0 0
[ 1111.350363][T28679] Node 1 Normal free:3893860kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:18944kB local_pcp:8804kB free_cma:0kB
[ 1111.380732][T28679] lowmem_reserve[]: 0 0 0 0 0
[ 1111.385674][T28679] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15356kB
[ 1111.402949][T28679] Node 0 DMA32: 2418*4kB (UME) 1491*8kB (UME) 743*16kB (UME) 474*32kB (UME) 179*64kB (UME) 81*128kB (UME) 44*256kB (UME) 31*512kB (U) 38*1024kB (UM) 12*2048kB (UM) 310*4096kB (UM) = 1430864kB
[ 1111.422731][T28679] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[ 1111.435296][T28679] Node 1 Normal: 115*4kB (UME) 75*8kB (UE) 34*16kB (UE) 141*32kB (UE) 32*64kB (UME) 7*128kB (UME) 1*256kB (E) 1*512kB (E) 1*1024kB (U) 2*2048kB (UE) 947*4096kB (M) = 3893860kB
[ 1111.558406][T28679] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1111.587431][T28679] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1111.608563][T28679] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1111.639756][T28679] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1111.686182][T28679] 53344 total pagecache pages
[ 1111.691092][T28679] 0 pages in swap cache
[ 1111.715770][T28679] Free swap  = 124472kB
[ 1111.719998][T28679] Total swap = 124996kB
[ 1111.743895][T28679] 2097051 pages RAM
[ 1111.747833][T28679] 0 pages HighMem/MovableOnly
[ 1111.762173][T28679] 416922 pages reserved
[ 1111.766673][T28679] 0 pages cma reserved
[ 1111.954014][T28716] loop3: detected capacity change from 0 to 1024
[ 1112.001907][T28718] loop1: detected capacity change from 0 to 512
[ 1112.041904][T28724] loop0: detected capacity change from 0 to 1024
[ 1112.060071][T28718] EXT4-fs: Ignoring removed nobh option
[ 1112.232463][T28718] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #3: comm syz.1.8233: corrupted inode contents
[ 1112.245418][   T12] hfsplus: b-tree write err: -5, ino 4
[ 1112.270138][T28718] EXT4-fs (loop1): Remounting filesystem read-only
[ 1112.386170][T28718] Quota error (device loop1): write_blk: dquota write failed
[ 1112.394391][T28718] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota
[ 1112.436708][T28718] EXT4-fs (loop1): 1 truncate cleaned up
[ 1112.449178][T28718] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1112.487680][T28718] ext4 filesystem being mounted at /2022/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1112.753416][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1113.046087][T28772] loop1: detected capacity change from 0 to 2048
[ 1113.110599][T28778] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1113.214797][T28772] NILFS error (device loop1): nilfs_check_page: bad entry in directory #2: rec_len is too small for name_len - offset=16, inode=2, rec_len=16, name_len=255
[ 1113.307269][T28772] Remounting filesystem read-only
[ 1113.440284][T28760] loop0: detected capacity change from 0 to 32768
[ 1113.504408][T28760] (syz.0.8243,28760,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1113.549952][T28760] (syz.0.8243,28760,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1113.635834][T28794] loop3: detected capacity change from 0 to 1024
[ 1113.649392][T28760] JBD2: Ignoring recovery information on journal
[ 1113.721661][T28794] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[ 1113.742242][T28760] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 1113.766387][T28811] x_tables: duplicate entry at hook 2
[ 1113.940086][  T968] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 1114.106199][ T5775] ocfs2: Unmounting device (7,0) on (node local)
[ 1114.164801][  T968] usb 3-1: Using ep0 maxpacket: 8
[ 1114.190044][  T968] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1114.206709][  T968] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1114.219651][  T968] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1114.244048][  T968] usb 3-1: Product: syz
[ 1114.258640][  T968] usb 3-1: Manufacturer: syz
[ 1114.263319][  T968] usb 3-1: SerialNumber: syz
[ 1114.503257][  T968] usb 3-1: Invalid connection information received from device
[ 1114.693628][T28845] ip6t_srh: unknown srh invflags 4449
[ 1114.728234][  T968] usb 3-1: USB disconnect, device number 73
[ 1114.746222][T28842] loop3: detected capacity change from 0 to 4096
[ 1114.793944][T28854] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1115.066489][T28832] loop1: detected capacity change from 0 to 32768
[ 1115.099621][T28865] netlink: 'syz.3.8266': attribute type 4 has an invalid length.
[ 1115.108029][T28832] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.8262 (28832)
[ 1115.133413][T28865] netlink: 128124 bytes leftover after parsing attributes in process `syz.3.8266'.
[ 1115.154234][T28832] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1115.191284][T28832] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[ 1115.217443][T28832] BTRFS info (device loop1): turning off barriers
[ 1115.224029][T28832] BTRFS info (device loop1): enabling all of the rescue options
[ 1115.261898][T28832] BTRFS info (device loop1): ignoring data csums
[ 1115.277378][T28871] netlink: 'syz.0.8268': attribute type 10 has an invalid length.
[ 1115.290453][T28832] BTRFS info (device loop1): ignoring bad roots
[ 1115.320061][T28832] BTRFS info (device loop1): disabling log replay at mount time
[ 1115.327828][T28832] BTRFS info (device loop1): disabling tree log
[ 1115.390023][T28832] BTRFS info (device loop1): turning on flush-on-commit
[ 1115.411942][T28832] BTRFS info (device loop1): using free space tree
[ 1115.488106][T28871] veth0_vlan: left promiscuous mode
[ 1115.492918][T28883] netlink: 2384 bytes leftover after parsing attributes in process `syz.3.8270'.
[ 1115.513829][T28871] veth0_vlan: entered promiscuous mode
[ 1115.563552][T28871] team0: Device veth0_vlan failed to register rx_handler
[ 1115.620549][T28832] BTRFS info (device loop1: state C): enabling ssd optimizations
[ 1116.048839][ T5771] BTRFS info (device loop1: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1116.656665][    C1] sd 0:0:1:0: [sda] tag#2758 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 1116.667197][    C1] sd 0:0:1:0: [sda] tag#2758 CDB: Read(6) 08 00 00 00 03 44
[ 1117.035768][T28957] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8290'.
[ 1117.252214][T28966] bond3: entered promiscuous mode
[ 1117.257554][T28966] bond3: entered allmulticast mode
[ 1117.263099][T28966] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1117.272086][T28965] netlink: 'syz.3.8293': attribute type 10 has an invalid length.
[ 1117.281742][T28965] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 1117.304128][T28965] team0: Port device virt_wifi0 added
[ 1117.916260][T29038] loop3: detected capacity change from 0 to 256
[ 1117.956391][T29038] exfat: Deprecated parameter 'utf8'
[ 1117.961831][T29038] exfat: Deprecated parameter 'namecase'
[ 1118.041937][T29038] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[ 1118.155541][T29052] loop1: detected capacity change from 0 to 16
[ 1118.192831][T29052] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1118.524511][T29070] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8312'.
[ 1118.552142][T29070] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8312'.
[ 1118.754703][T29086] netlink: 20 bytes leftover after parsing attributes in process `syz.2.8317'.
[ 1118.932883][T29095] AppArmor: change_hat: Invalid input '0'
[ 1119.747039][T29130] loop2: detected capacity change from 0 to 4096
[ 1119.843941][T29143] loop3: detected capacity change from 0 to 512
[ 1119.873709][T29130] ntfs3: loop2: ino=3, ntfs_set_state failed, -22.
[ 1119.904117][T29130] ntfs3: loop2: Failed to initialize $Extend/$ObjId.
[ 1119.960066][T29143] FAT-fs (loop3): error, invalid access to FAT (entry 0x0fff7fff)
[ 1119.999836][T29143] FAT-fs (loop3): Filesystem has been set read-only
[ 1120.108271][T13251] ntfs3: loop2: ino=3, ntfs3_write_inode failed, -22.
[ 1120.115389][ T5777] ntfs3: loop2: ino=3, ntfs_set_state failed, -22.
[ 1120.150251][ T5777] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[ 1120.164849][ T5777] ntfs3: loop2: ino=3, ntfs_set_state failed, -22.
[ 1120.176368][   T32] ntfs3: loop2: ino=3, ntfs3_write_inode failed, -22.
[ 1121.088610][T29209] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 1121.266084][T29218] loop0: detected capacity change from 0 to 128
[ 1121.281359][T29219] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8359'.
[ 1121.309266][T29223] loop2: detected capacity change from 0 to 512
[ 1121.364578][T29223] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[ 1121.390249][T29223] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[ 1121.430556][T29223] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[ 1121.493162][T29223] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1121.522699][T29223] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=c042e01c, mo2=0000]
[ 1121.574849][T29223] EXT4-fs (loop2): orphan cleanup on readonly fs
[ 1121.614620][T29223] EXT4-fs warning (device loop2): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1121.632055][T29223] EXT4-fs (loop2): Cannot turn on quotas: error -22
[ 1121.663999][T29223] EXT4-fs (loop2): 1 truncate cleaned up
[ 1121.675112][T29223] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1121.828923][ T5777] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1121.960123][T29250] netlink: 'syz.3.8367': attribute type 10 has an invalid length.
[ 1121.992857][T29250] veth0_vlan: left allmulticast mode
[ 1122.120696][T29250] veth0_vlan: left promiscuous mode
[ 1122.127900][T29250] veth0_vlan: entered promiscuous mode
[ 1122.171054][T29250] team0: Device veth0_vlan failed to register rx_handler
[ 1122.230100][T29261] loop0: detected capacity change from 0 to 256
[ 1122.364672][T29226] loop1: detected capacity change from 0 to 32768
[ 1123.087619][T29303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1123.566782][T29326] netlink: 'syz.3.8389': attribute type 1 has an invalid length.
[ 1123.596577][T29326] netlink: 'syz.3.8389': attribute type 1 has an invalid length.
[ 1123.924033][T29356] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8397'.
[ 1123.935579][T29356] netlink: 'syz.2.8397': attribute type 1 has an invalid length.
[ 1123.950871][T29356] netlink: 'syz.2.8397': attribute type 2 has an invalid length.
[ 1123.969817][T29356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8397'.
[ 1124.252387][T29377] xt_connbytes: Forcing CT accounting to be enabled
[ 1124.337612][T14196] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1124.410180][T29385] IPVS: set_ctl: invalid protocol: 59 0.0.0.0:20000
[ 1124.535297][T14196] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1124.561133][T14196] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1124.585032][T29397] loop0: detected capacity change from 0 to 256
[ 1124.598611][T14196] usb 4-1: config 1 interface 1 has no altsetting 1
[ 1124.628377][T14196] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1124.652148][T14196] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1124.694563][T14196] usb 4-1: Product: syz
[ 1124.698856][T14196] usb 4-1: Manufacturer: syz
[ 1124.714692][T14196] usb 4-1: SerialNumber: syz
[ 1124.744093][T14196] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found
[ 1124.754609][T29397] FAT-fs (loop0): Directory bread(block 64) failed
[ 1124.765727][T14196] cdc_ncm 4-1:1.0: bind() failure
[ 1124.779320][T14196] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[ 1124.786763][T29397] FAT-fs (loop0): Directory bread(block 65) failed
[ 1124.793480][T29397] FAT-fs (loop0): Directory bread(block 66) failed
[ 1124.796929][T14196] cdc_ncm 4-1:1.1: bind() failure
[ 1124.812175][T29397] FAT-fs (loop0): Directory bread(block 67) failed
[ 1124.829152][T29397] FAT-fs (loop0): Directory bread(block 68) failed
[ 1124.837121][T29397] FAT-fs (loop0): Directory bread(block 69) failed
[ 1124.847379][T29397] FAT-fs (loop0): Directory bread(block 70) failed
[ 1124.856131][T29397] FAT-fs (loop0): Directory bread(block 71) failed
[ 1124.868834][T29397] FAT-fs (loop0): Directory bread(block 72) failed
[ 1124.875428][T29397] FAT-fs (loop0): Directory bread(block 73) failed
[ 1125.015848][T14196] usb 4-1: USB disconnect, device number 68
[ 1125.483467][   T23] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[ 1125.532081][T29445] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8419'.
[ 1125.693660][   T23] usb 2-1: Using ep0 maxpacket: 8
[ 1125.711871][   T23] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1125.727477][   T23] usb 2-1: config 8 has an invalid interface number: 61 but max is 2
[ 1125.744306][   T23] usb 2-1: config 8 has 1 interface, different from the descriptor's value: 3
[ 1125.763931][   T23] usb 2-1: config 8 has no interface number 0
[ 1125.770151][   T23] usb 2-1: config 8 interface 61 altsetting 8 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1125.805164][   T23] usb 2-1: config 8 interface 61 altsetting 8 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1125.827623][   T23] usb 2-1: config 8 interface 61 has no altsetting 0
[ 1125.847960][   T23] usb 2-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=e9.1f
[ 1125.873628][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1125.894894][   T23] usb 2-1: Product: syz
[ 1125.899138][   T23] usb 2-1: Manufacturer: syz
[ 1125.923787][   T23] usb 2-1: SerialNumber: syz
[ 1126.175791][   T23] bfusb: probe of 2-1:8.61 failed with error -5
[ 1126.185903][   T28] audit: type=1400 audit(1769602473.253:134): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=29475 comm="syz.0.8428"
[ 1126.204989][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1126.229800][   T23] usb 2-1: USB disconnect, device number 86
[ 1126.337901][T29491] netlink: 'syz.3.8431': attribute type 2 has an invalid length.
[ 1126.376762][T29491] netlink: 'syz.3.8431': attribute type 1 has an invalid length.
[ 1126.403223][T29496] loop2: detected capacity change from 0 to 164
[ 1126.514291][T29496] iso9660: Corrupted directory entry in block 2 of inode 1920
[ 1126.535810][T29502] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8434'.
[ 1127.617612][T29565] netlink: 'syz.0.8455': attribute type 1 has an invalid length.
[ 1127.684836][T29563] loop2: detected capacity change from 0 to 4096
[ 1128.149487][T29592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8463'.
[ 1128.601112][T29615] loop2: detected capacity change from 0 to 256
[ 1128.630255][T29613] loop3: detected capacity change from 0 to 512
[ 1128.685812][T29615] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d)
[ 1128.773852][T29613] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1128.969283][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1129.164321][T29599] loop0: detected capacity change from 0 to 32768
[ 1129.248851][T29599] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1129.346537][T29599] XFS (loop0): Ending clean mount
[ 1129.607740][T29667] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1129.625319][ T5775] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1130.802912][ T5843] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[ 1131.026071][ T5843] usb 2-1: Using ep0 maxpacket: 8
[ 1131.052406][ T5843] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[ 1131.082283][ T5843] usb 2-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[ 1131.110366][ T5843] usb 2-1: config 179 has no interface number 0
[ 1131.116889][ T5843] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid wMaxPacketSize 0
[ 1131.141069][ T5843] usb 2-1: config 179 interface 65 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[ 1131.179114][ T5843] usb 2-1: config 179 interface 65 has no altsetting 0
[ 1131.210606][ T5843] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1131.226872][ T5843] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1131.282386][T29711] loop0: detected capacity change from 0 to 32768
[ 1131.532886][  T968] usb 2-1: USB disconnect, device number 87
[ 1131.644889][T29778] cgroup: name respecified
[ 1132.012917][T29790] loop3: detected capacity change from 0 to 4096
[ 1132.036128][T29790] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[ 1132.132965][T29790] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[ 1132.163231][T29790] ntfs3: loop3: Failed to load $Extend (-22).
[ 1132.171035][T29790] ntfs3: loop3: Failed to initialize $Extend.
[ 1132.400045][T29810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8520'.
[ 1132.800756][T29838] loop2: detected capacity change from 0 to 64
[ 1132.837630][T29838] hfs: filesystem is marked locked, mounting read-only.
[ 1132.861902][T29839] netlink: 22 bytes leftover after parsing attributes in process `syz.0.8529'.
[ 1132.880836][T29838] hfs: filesystem is marked locked, leaving read-only.
[ 1133.297022][T29868] loop0: detected capacity change from 0 to 512
[ 1133.403348][T29868] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1133.429913][T29868] ext4 filesystem being mounted at /2147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1133.479683][T29877] loop1: detected capacity change from 0 to 64
[ 1133.561050][T29868] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0
[ 1133.621301][T29868] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[ 1133.674668][T29868] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.8537: Failed to acquire dquot type 0
[ 1133.815894][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.097010][T29859] loop3: detected capacity change from 0 to 32768
[ 1134.427066][   T13] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 1134.623392][   T13] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[ 1134.650646][   T13] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1134.669766][   T13] usb 2-1: Product: syz
[ 1134.678234][   T13] usb 2-1: Manufacturer: syz
[ 1134.682896][   T13] usb 2-1: SerialNumber: syz
[ 1134.723191][   T13] usb 2-1: config 0 descriptor??
[ 1134.958311][   T13] hso 2-1:0.0: Failed to find BULK IN ep
[ 1134.992232][   T13] usb-storage 2-1:0.0: USB Mass Storage device detected
[ 1135.051967][T29943] loop0: detected capacity change from 0 to 4096
[ 1135.113880][T29961] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8561'.
[ 1135.128590][T29961] netlink: 9 bytes leftover after parsing attributes in process `syz.3.8561'.
[ 1135.139633][T29961] netlink: 9 bytes leftover after parsing attributes in process `syz.3.8561'.
[ 1135.160700][T29943] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[ 1135.167391][T29961] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[ 1135.217365][   T13] usb 2-1: USB disconnect, device number 88
[ 1135.251870][T29965] loop2: detected capacity change from 0 to 16
[ 1135.293264][T29965] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1135.325342][T29965] erofs: (device loop2): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 86
[ 1135.355236][T29965] erofs: (device loop2): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 86
[ 1135.375807][   T28] audit: type=1800 audit(1769602483.117:135): pid=29965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.8562" name="file1" dev="loop2" ino=86 res=0 errno=0
[ 1136.027568][T30000] loop2: detected capacity change from 0 to 4096
[ 1136.047927][T30000] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[ 1136.133621][T30000] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[ 1136.135790][T30000] ntfs3: loop2: Failed to load $Extend (-22).
[ 1136.135816][T30000] ntfs3: loop2: Failed to initialize $Extend.
[ 1137.015441][T30037] xt_ecn: cannot match TCP bits for non-tcp packets
[ 1137.941748][T30088] loop3: detected capacity change from 0 to 64
[ 1138.065943][T30093] loop2: detected capacity change from 0 to 512
[ 1138.145081][T30093] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1138.177730][T30093] ext4 filesystem being mounted at /2126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1138.332645][ T5777] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1138.546934][T30112] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8603'.
[ 1138.603122][T30074] loop0: detected capacity change from 0 to 32768
[ 1138.664140][T30074] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1138.719972][T30082] loop1: detected capacity change from 0 to 32768
[ 1138.779019][T30082] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1138.931344][T30074] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[ 1139.029943][T30074] XFS (loop0): Starting recovery (logdev: internal)
[ 1139.132661][T30074] XFS (loop0): Ending recovery (logdev: internal)
[ 1139.133933][ T5771] ocfs2: Unmounting device (7,1) on (node local)
[ 1139.177897][T30143] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8610'.
[ 1139.425316][T30154] netlink: 'syz.2.8614': attribute type 21 has an invalid length.
[ 1139.457351][T30154] netlink: 128 bytes leftover after parsing attributes in process `syz.2.8614'.
[ 1139.473951][ T5775] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1139.495208][T30154] netlink: 'syz.2.8614': attribute type 5 has an invalid length.
[ 1139.509728][T30154] netlink: 'syz.2.8614': attribute type 6 has an invalid length.
[ 1139.518264][T30154] netlink: 3 bytes leftover after parsing attributes in process `syz.2.8614'.
[ 1139.986963][T30176] netlink: 'syz.1.8621': attribute type 1 has an invalid length.
[ 1140.005821][T30176] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8621'.
[ 1140.190175][T30187] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8625'.
[ 1140.629756][T30181] loop2: detected capacity change from 0 to 32768
[ 1140.764985][T30181] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1141.067906][T30235] netlink: 'syz.0.8616': attribute type 5 has an invalid length.
[ 1141.219620][T30181] XFS (loop2): Ending clean mount
[ 1141.326911][T30244] mmap: syz.0.8636 (30244): VmData 49217536 exceed data ulimit 2. Update limits or use boot option ignore_rlimit_data.
[ 1141.468455][ T5777] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1141.865799][T30262] loop0: detected capacity change from 0 to 4096
[ 1141.924321][T30262] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match.  Run ntfsfix or chkdsk.
[ 1141.963434][T30262] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[ 1142.023614][T30262] ntfs: volume version 3.1.
[ 1142.034925][T30262] ntfs: (device loop0): ntfs_read_locked_attr_inode(): Failed with error code -2 while reading attribute inode (mft_no 0x1a, type 0x80, name_len 4).  Marking corrupt inode and base inode 0x1a as bad.  Run chkdsk.
[ 1142.079886][T30262] ntfs: (device loop0): load_and_init_usnjrnl(): Failed to load $UsnJrnl/$DATA/$Max attribute.
[ 1142.104330][T30262] ntfs: (device loop0): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[ 1142.281354][T30284] netlink: 152 bytes leftover after parsing attributes in process `syz.3.8648'.
[ 1142.552019][T30300] kAFS: unparsable volume name
[ 1142.566720][T30301] netlink: 'syz.3.8654': attribute type 10 has an invalid length.
[ 1142.589166][T30301] bridge0: port 3(macsec0) entered blocking state
[ 1142.596209][T30301] bridge0: port 3(macsec0) entered disabled state
[ 1142.618133][T30301] macsec0: entered allmulticast mode
[ 1142.623503][T30301] veth1_macvtap: entered allmulticast mode
[ 1142.660202][T30301] macsec0: entered promiscuous mode
[ 1142.736556][T30305] kernel profiling enabled (shift: 63)
[ 1142.755841][T30305] profiling shift: 63 too large
[ 1143.305399][T30338] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8664'.
[ 1143.332944][ T5843] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[ 1143.542851][ T5843] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1143.557699][ T5843] usb 3-1: config 129 has an invalid interface number: 135 but max is 0
[ 1143.575499][ T5843] usb 3-1: config 129 has an invalid interface number: 5 but max is 0
[ 1143.589911][ T5843] usb 3-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[ 1143.622997][ T5843] usb 3-1: config 129 has no interface number 0
[ 1143.639472][ T5843] usb 3-1: config 129 has no interface number 1
[ 1143.666625][ T5843] usb 3-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[ 1143.681099][T30354] loop0: detected capacity change from 0 to 64
[ 1143.705904][ T5843] usb 3-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[ 1143.729869][ T5843] usb 3-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[ 1143.766270][ T5843] usb 3-1: config 129 interface 135 has no altsetting 0
[ 1143.780169][ T5843] usb 3-1: config 129 interface 5 has no altsetting 0
[ 1143.791183][T30354] syz.0.8670: attempt to access beyond end of device
[ 1143.791183][T30354] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64
[ 1143.815833][T30354] Buffer I/O error on dev loop0, logical block 134217734, async page read
[ 1143.864883][ T5843] usb 3-1: string descriptor 0 read error: -22
[ 1143.871255][ T5843] usb 3-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[ 1143.893133][T30354] syz.0.8670: attempt to access beyond end of device
[ 1143.893133][T30354] loop0: rw=0, sector=268435468, nr_sectors = 2 limit=64
[ 1143.910393][ T5843] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1143.910693][T30362] netlink: 152 bytes leftover after parsing attributes in process `syz.3.8672'.
[ 1143.934666][T30354] Buffer I/O error on dev loop0, logical block 134217734, async page read
[ 1143.945786][T30362] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8672'.
[ 1143.975367][ T5843] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[ 1143.998262][ T5843] usb 3-1: MIDIStreaming interface descriptor not found
[ 1144.359820][   T23] usb 3-1: USB disconnect, device number 74
[ 1144.572772][T30417] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8680'.
[ 1144.642691][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1144.671705][T30419] loop1: detected capacity change from 0 to 2048
[ 1144.722450][T30419] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1145.782843][   T23] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 1145.962414][   T23] usb 2-1: Using ep0 maxpacket: 16
[ 1145.998910][   T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024
[ 1146.021853][   T23] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024
[ 1146.038619][   T23] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80
[ 1146.058227][   T23] usb 2-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[ 1146.081721][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1146.099948][   T23] usb 2-1: Product: syz
[ 1146.104201][   T23] usb 2-1: Manufacturer: syz
[ 1146.108851][   T23] usb 2-1: SerialNumber: syz
[ 1146.110192][T30516] binder: 30515:30516 ioctl c018620c 200000000380 returned -1
[ 1146.136575][   T23] usb 2-1: config 0 descriptor??
[ 1146.148786][T30482] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1146.156731][T30482] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1146.207335][    C1] port100 2-1:0.0: NFC: Urb failure (status -71)
[ 1146.249747][    C1] port100 2-1:0.0: NFC: Urb failure (status -71)
[ 1146.277113][   T23] port100 2-1:0.0: NFC: Could not get supported command types
[ 1146.303485][T30513] loop0: detected capacity change from 0 to 4096
[ 1146.333448][T30513] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[ 1146.442007][  T968] usb 2-1: USB disconnect, device number 89
[ 1146.489843][T30513] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[ 1146.714889][ T5775] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22.
[ 1147.259572][T30580] loop1: detected capacity change from 0 to 8
[ 1147.341398][T30580] SQUASHFS error: lzo decompression failed, data probably corrupt
[ 1147.366798][T30580] SQUASHFS error: Failed to read block 0x1dd: -5
[ 1147.382656][T30580] SQUASHFS error: Unable to read metadata cache entry [1db]
[ 1147.404327][T30580] SQUASHFS error: Unable to read inode 0xa7
[ 1147.806485][T30607] loop0: detected capacity change from 0 to 256
[ 1147.914019][T30571] loop2: detected capacity change from 0 to 32768
[ 1147.991422][T30571] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[ 1148.127490][T30571] OCFS2: ERROR (device loop2): int __ocfs2_find_path(struct ocfs2_caching_info *, struct ocfs2_extent_list *, u32, path_insert_t *, void *): Owner 65 has invalid tree depth 263 in extent list
[ 1148.204576][T30571] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 1148.227972][T30628] loop0: detected capacity change from 0 to 8
[ 1148.242270][T30571] OCFS2: Returning error to the calling process.
[ 1148.257908][T30628] MTD: Attempt to mount non-MTD device "/dev/loop0"
[ 1148.271623][T30571] (syz.2.8719,30571,0):ocfs2_find_leaf:1941 ERROR: status = -30
[ 1148.305979][T10807] udevd[10807]: incorrect cramfs checksum on /dev/loop0
[ 1148.320432][   T28] audit: type=1326 audit(1769602497.018:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30633 comm="syz.3.8735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1148.322188][T30571] (syz.2.8719,30571,0):ocfs2_get_clusters_nocache:421 ERROR: status = -30
[ 1148.356923][T30628] cramfs: Error -3 while decompressing!
[ 1148.369294][T30628] cramfs: ffffffff973f3348(18)->ffff888057000000(4096)
[ 1148.396709][T30628] cramfs: Error -3 while decompressing!
[ 1148.413752][   T28] audit: type=1326 audit(1769602497.050:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30633 comm="syz.3.8735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1148.416446][T30571] (syz.2.8719,30571,0):ocfs2_get_clusters:624 ERROR: status = -30
[ 1148.444711][T30628] cramfs: ffffffff973f3348(18)->ffff888057000000(4096)
[ 1148.454857][T10807] udevd[10807]: incorrect cramfs checksum on /dev/loop0
[ 1148.512337][T30571] (syz.2.8719,30571,0):ocfs2_extent_map_get_blocks:671 ERROR: status = -30
[ 1148.512794][   T28] audit: type=1326 audit(1769602497.061:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30633 comm="syz.3.8735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1148.559554][T30571] (syz.2.8719,30571,0):ocfs2_read_virt_blocks:995 ERROR: status = -30
[ 1148.567839][T30571] (syz.2.8719,30571,0):ocfs2_read_dir_block:511 ERROR: status = -30
[ 1148.603368][T30571] (syz.2.8719,30571,0):ocfs2_find_dir_space_el:3505 ERROR: status = -5
[ 1148.644319][T30571] (syz.2.8719,30571,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -5
[ 1148.653644][   T28] audit: type=1326 audit(1769602497.061:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30633 comm="syz.3.8735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1148.679968][T30571] (syz.2.8719,30571,0):ocfs2_mknod:298 ERROR: status = -5
[ 1148.687500][T30571] (syz.2.8719,30571,0):ocfs2_mknod:502 ERROR: status = -5
[ 1148.708234][   T28] audit: type=1326 audit(1769602497.061:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30633 comm="syz.3.8735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1148.736313][T30571] (syz.2.8719,30571,0):ocfs2_mkdir:659 ERROR: status = -5
[ 1148.779786][   T28] audit: type=1800 audit(1769602497.179:141): pid=30628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.8733" name="file1" dev="loop0" ino=324 res=0 errno=0
[ 1148.941331][ T5777] ocfs2: Unmounting device (7,2) on (node local)
[ 1149.054962][T30657] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.8743'.
[ 1149.154441][T30662] netlink: 'syz.1.8745': attribute type 15 has an invalid length.
[ 1149.516908][T30682] netlink: 'syz.0.8750': attribute type 3 has an invalid length.
[ 1150.112563][T30719] netlink: 36 bytes leftover after parsing attributes in process `syz.2.8763'.
[ 1150.158815][T30719] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8763'.
[ 1150.398572][T30737] netlink: 'syz.2.8769': attribute type 1 has an invalid length.
[ 1150.613186][T30752] loop0: detected capacity change from 0 to 512
[ 1151.156787][T30782] loop1: detected capacity change from 0 to 1764
[ 1151.468229][T30800] vim2m vim2m.0: Fourcc format (0x31384142) invalid.
[ 1151.527894][T30751] loop2: detected capacity change from 0 to 32768
[ 1151.610636][   T28] audit: type=1800 audit(1769602500.549:142): pid=30751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.8773" name="file1" dev="loop2" ino=4 res=0 errno=0
[ 1152.311242][T30847] loop2: detected capacity change from 0 to 64
[ 1152.448750][T30847] syz.2.8799: attempt to access beyond end of device
[ 1152.448750][T30847] loop2: rw=0, sector=65534, nr_sectors = 2 limit=64
[ 1152.509046][T30847] Buffer I/O error on dev loop2, logical block 32767, async page read
[ 1152.530719][T30847] syz.2.8799: attempt to access beyond end of device
[ 1152.530719][T30847] loop2: rw=0, sector=65534, nr_sectors = 2 limit=64
[ 1152.571276][T30847] Buffer I/O error on dev loop2, logical block 32767, async page read
[ 1152.646157][T30863] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8804'.
[ 1152.671719][T30863] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8804'.
[ 1153.764536][T30936] netlink: 129384 bytes leftover after parsing attributes in process `syz.2.8827'.
[ 1154.220291][T30964] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8837'.
[ 1154.368527][T30969] xt_hashlimit: overflow, try lower: 18446744073709551614/15680
[ 1154.561532][T30986] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1154.598270][T30984] C: renamed from lo (while UP)
[ 1154.658144][T30984] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[ 1154.735113][T30994] loop2: detected capacity change from 0 to 256
[ 1154.875222][T30994] FAT-fs (loop2): Directory bread(block 64) failed
[ 1154.907983][T30994] FAT-fs (loop2): Directory bread(block 65) failed
[ 1154.938453][T30994] FAT-fs (loop2): Directory bread(block 66) failed
[ 1154.951256][T30994] FAT-fs (loop2): Directory bread(block 67) failed
[ 1154.958037][T30994] FAT-fs (loop2): Directory bread(block 68) failed
[ 1154.985639][T30994] FAT-fs (loop2): Directory bread(block 69) failed
[ 1155.005995][T30994] FAT-fs (loop2): Directory bread(block 70) failed
[ 1155.012633][T30994] FAT-fs (loop2): Directory bread(block 71) failed
[ 1155.025178][T30994] FAT-fs (loop2): Directory bread(block 72) failed
[ 1155.062248][T30994] FAT-fs (loop2): Directory bread(block 73) failed
[ 1155.377914][T31023] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[ 1155.964686][T31089] loop0: detected capacity change from 0 to 16
[ 1155.989793][T31089] MTD: Attempt to mount non-MTD device "/dev/loop0"
[ 1156.047537][T31089] cramfs: empty filesystem
[ 1156.321542][T31105] loop0: detected capacity change from 0 to 128
[ 1156.406687][T31105] FAT-fs (loop0): Directory bread(block 162) failed
[ 1156.448071][T31105] FAT-fs (loop0): Directory bread(block 163) failed
[ 1156.471182][T31105] FAT-fs (loop0): Directory bread(block 164) failed
[ 1156.496367][T31105] FAT-fs (loop0): Directory bread(block 165) failed
[ 1156.523133][T31105] FAT-fs (loop0): Directory bread(block 166) failed
[ 1156.553929][T31076] loop3: detected capacity change from 0 to 32768
[ 1156.562319][T31105] FAT-fs (loop0): Directory bread(block 167) failed
[ 1156.569000][T31105] FAT-fs (loop0): Directory bread(block 168) failed
[ 1156.608556][T31105] FAT-fs (loop0): Directory bread(block 169) failed
[ 1156.624797][T31076] ialloc: diAlloc returned -5!
[ 1156.656691][T31105] FAT-fs (loop0): Directory bread(block 162) failed
[ 1156.664177][T31105] FAT-fs (loop0): Directory bread(block 163) failed
[ 1156.687879][T31105] syz.0.8869: attempt to access beyond end of device
[ 1156.687879][T31105] loop0: rw=3, sector=226, nr_sectors = 6 limit=128
[ 1156.749025][T31105] syz.0.8869: attempt to access beyond end of device
[ 1156.749025][T31105] loop0: rw=2051, sector=232, nr_sectors = 2 limit=128
[ 1157.269813][T31153] netlink: 'syz.2.8881': attribute type 21 has an invalid length.
[ 1157.300640][T31153] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1157.323269][T31153] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1157.330656][T31153] IPv6: NLM_F_CREATE should be set when creating new route
[ 1157.338001][T31153] IPv6: NLM_F_CREATE should be set when creating new route
[ 1157.345329][T31153] IPv6: NLM_F_CREATE should be set when creating new route
[ 1157.590482][T31169] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.8888'.
[ 1158.010476][T31191] loop0: detected capacity change from 0 to 4096
[ 1158.033530][T31191] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[ 1158.196594][T31191] ntfs3: loop0: failed to convert "c46c" to iso8859-6
[ 1158.226380][T31191] ntfs3: loop0: failed to convert "0030" to iso8859-6
[ 1158.245366][T31191] ntfs3: loop0: failed to convert "0031" to iso8859-6
[ 1158.511472][   T28] audit: type=1326 audit(1769602507.956:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31219 comm="syz.0.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1158.599547][   T28] audit: type=1326 audit(1769602507.956:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31219 comm="syz.0.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1158.621987][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1158.695547][   T28] audit: type=1326 audit(1769602507.999:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31219 comm="syz.0.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1158.717939][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1158.781747][   T28] audit: type=1326 audit(1769602507.999:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31219 comm="syz.0.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1158.843618][T31230] loop3: detected capacity change from 0 to 512
[ 1158.851625][T31227] netlink: 'syz.0.8905': attribute type 3 has an invalid length.
[ 1158.862885][   T28] audit: type=1326 audit(1769602507.999:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31219 comm="syz.0.8903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1158.895671][T31227] netlink: 201372 bytes leftover after parsing attributes in process `syz.0.8905'.
[ 1158.995699][T31230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1159.041884][T31230] ext4 filesystem being mounted at /2303/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1159.099383][T31230] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[ 1159.294920][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1159.326575][T31210] loop1: detected capacity change from 0 to 32768
[ 1159.341807][   T28] audit: type=1326 audit(1769602508.825:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31240 comm="syz.0.8908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1159.429392][T31216] loop2: detected capacity change from 0 to 32768
[ 1159.431155][   T28] audit: type=1326 audit(1769602508.825:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31240 comm="syz.0.8908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1159.463282][T31210] ERROR: (device loop1): xtSearch: XT_GETPAGE: xtree page corrupt
[ 1159.463282][T31210] 
[ 1159.502562][T31210] ERROR: (device loop1): remounting filesystem as read-only
[ 1159.512077][   T28] audit: type=1326 audit(1769602508.825:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31240 comm="syz.0.8908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1159.535388][T31210] xtLookup: xtSearch returned -5
[ 1159.544906][T31210] ERROR: (device loop1): xtTruncate: XT_GETPAGE: xtree page corrupt
[ 1159.544906][T31210] 
[ 1159.563513][T31250] ..0
ˆ: renamed from veth0_to_hsr (while UP)
[ 1159.570419][   T28] audit: type=1326 audit(1769602508.825:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31240 comm="syz.0.8908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4041d9aeb9 code=0x7ffc0000
[ 1160.356021][T31286] loop3: detected capacity change from 0 to 512
[ 1160.383953][T31286] EXT4-fs: Ignoring removed bh option
[ 1160.490155][T31294] loop0: detected capacity change from 0 to 512
[ 1160.537607][T31294] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1160.547766][T31298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8922'.
[ 1160.571096][T31302] netlink: 'syz.2.8923': attribute type 7 has an invalid length.
[ 1160.580634][T31294] EXT4-fs: Ignoring removed bh option
[ 1160.606251][T31286] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1160.653080][T31286] ext4 filesystem being mounted at /2307/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1160.669317][T31294] EXT4-fs error (device loop0): mb_free_blocks:1954: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[ 1160.685492][T31294] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #11: comm syz.0.8921: corrupted inode contents
[ 1160.702948][T31298] ~ÿ: entered promiscuous mode
[ 1160.713198][T31294] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #11: comm syz.0.8921: mark_inode_dirty error
[ 1160.753090][ T5778] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1160.780527][T31294] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.8921: invalid indirect mapped block 1 (level 1)
[ 1160.835482][T31294] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #11: comm syz.0.8921: corrupted inode contents
[ 1160.915846][T31294] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[ 1160.960184][T31294] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #11: comm syz.0.8921: corrupted inode contents
[ 1161.015127][T31294] EXT4-fs error (device loop0): ext4_truncate:4294: inode #11: comm syz.0.8921: mark_inode_dirty error
[ 1161.040702][T31294] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[ 1161.066954][T31294] EXT4-fs (loop0): 1 truncate cleaned up
[ 1161.104793][T31294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1161.211960][T31294] EXT4-fs error (device loop0): ext4_find_dest_de:2115: inode #2: block 13: comm syz.0.8921: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0
[ 1161.417468][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1161.602937][T31348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8934'.
[ 1161.611375][  T968] usb 2-1: new full-speed USB device number 90 using dummy_hcd
[ 1161.790280][  T968] usb 2-1: config index 0 descriptor too short (expected 69, got 36)
[ 1161.799368][  T968] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1161.818965][  T968] usb 2-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89
[ 1161.830431][  T968] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1161.845559][  T968] usb 2-1: Product: syz
[ 1161.856563][  T968] usb 2-1: Manufacturer: syz
[ 1161.867452][  T968] usb 2-1: SerialNumber: syz
[ 1161.885588][  T968] usb 2-1: config 0 descriptor??
[ 1161.908206][  T968] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[ 1162.179374][ T1189] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[ 1162.297659][  T968] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71
[ 1162.313264][  T968] gspca_pac7302: probe of 2-1:0.0 failed with error -71
[ 1162.329316][  T968] usb 2-1: USB disconnect, device number 90
[ 1162.395421][ T1189] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1162.418108][ T1189] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1162.438507][ T1189] usb 1-1: Product: syz
[ 1162.446191][ T1189] usb 1-1: Manufacturer: syz
[ 1162.453203][ T1189] usb 1-1: SerialNumber: syz
[ 1162.467554][ T1189] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1162.503879][   T13] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1162.756443][T31413] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8949'.
[ 1162.999162][ T1189] usb 1-1: USB disconnect, device number 59
[ 1163.452994][T31412] loop3: detected capacity change from 0 to 32768
[ 1163.502871][   T13] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 1163.509985][   T13] ath9k_htc: Failed to initialize the device
[ 1163.554791][ T1189] usb 1-1: ath9k_htc: USB layer deinitialized
[ 1163.562581][T31412] ea_get: invalid extended attribute
[ 1164.901862][T31505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8977'.
[ 1164.947041][T31505] netlink: 56 bytes leftover after parsing attributes in process `syz.2.8977'.
[ 1165.481497][T31540] netlink: 'syz.3.8988': attribute type 4 has an invalid length.
[ 1165.632148][T31546] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[ 1165.652624][T31546] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1165.971027][T14196] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1166.116635][T31580] netlink: 36 bytes leftover after parsing attributes in process `syz.2.9001'.
[ 1166.160925][T14196] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1166.189903][T14196] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1166.241910][T14196] usb 4-1: config 0 descriptor??
[ 1166.508032][T31601] loop2: detected capacity change from 0 to 4096
[ 1166.553100][T31601] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512).
[ 1166.648513][T31601] ntfs3: loop2: Failed to initialize $Extend/$ObjId.
[ 1166.681184][T14196] ath6kl: Failed to read usb control message: -71
[ 1166.687807][T14196] ath6kl: Unable to read the bmi data from the device: -71
[ 1166.713477][T14196] ath6kl: Unable to recv target info: -71
[ 1166.744985][T14196] ath6kl: Failed to init ath6kl core: -71
[ 1166.763506][T14196] ath6kl_usb: probe of 4-1:0.0 failed with error -71
[ 1166.802534][T14196] usb 4-1: USB disconnect, device number 69
[ 1167.507139][T31650] loop0: detected capacity change from 0 to 4096
[ 1168.002232][T31695] netlink: 'syz.1.9027': attribute type 1 has an invalid length.
[ 1168.018991][T31694] loop3: detected capacity change from 0 to 736
[ 1168.051045][T31695] netlink: 220 bytes leftover after parsing attributes in process `syz.1.9027'.
[ 1168.708691][T31729] netlink: 'syz.3.9037': attribute type 2 has an invalid length.
[ 1168.734896][T31729] netlink: 'syz.3.9037': attribute type 3 has an invalid length.
[ 1168.750603][T31729] netlink: 132 bytes leftover after parsing attributes in process `syz.3.9037'.
[ 1169.200131][T31759] xt_connbytes: Forcing CT accounting to be enabled
[ 1169.224267][T31759] set match dimension is over the limit!
[ 1170.172608][T31819] loop3: detected capacity change from 0 to 64
[ 1171.167805][T31876] loop2: detected capacity change from 0 to 4096
[ 1171.237313][T31876] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1171.357558][   T28] audit: type=1326 audit(2000000000.214:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31888 comm="syz.3.9088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1171.439874][   T28] audit: type=1326 audit(2000000000.214:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31888 comm="syz.3.9088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1171.489018][ T5777] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1171.510624][   T28] audit: type=1326 audit(2000000000.257:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31888 comm="syz.3.9088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1171.578767][   T28] audit: type=1326 audit(2000000000.257:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31888 comm="syz.3.9088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1171.590957][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1171.660463][   T28] audit: type=1326 audit(2000000000.257:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31888 comm="syz.3.9088" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44b7d9aeb9 code=0x7ffc0000
[ 1171.682892][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1171.882301][T31883] loop1: detected capacity change from 0 to 32768
[ 1171.945734][T31909] loop2: detected capacity change from 0 to 16
[ 1171.968290][T31909] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1172.014878][T31915] loop0: detected capacity change from 0 to 512
[ 1172.027346][T31883] JBD2: Ignoring recovery information on journal
[ 1172.056040][T31915] EXT4-fs: Ignoring removed orlov option
[ 1172.103224][T31915] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1172.148205][T31883] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1172.196306][T31915] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1172.275529][T31915] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.9095: bg 0: block 248: padding at end of block bitmap is not set
[ 1172.373021][T31915] Quota error (device loop0): write_blk: dquota write failed
[ 1172.400865][T31915] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[ 1172.451967][T31915] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.9095: Failed to acquire dquot type 1
[ 1172.507308][T31915] EXT4-fs (loop0): 1 truncate cleaned up
[ 1172.519551][T31915] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1172.612056][T31915] EXT4-fs: Ignoring removed orlov option
[ 1172.642822][ T5771] ocfs2: Unmounting device (7,1) on (node local)
[ 1172.650560][T31915] EXT4-fs: can't change dax mount option while remounting
[ 1172.712824][T31941] loop3: detected capacity change from 0 to 256
[ 1172.831428][ T5775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1173.142355][T31962] loop2: detected capacity change from 0 to 1024
[ 1173.228820][   T48] hfsplus: b-tree write err: -5, ino 4
[ 1173.567102][T31989] netlink: 'syz.3.9113': attribute type 21 has an invalid length.
[ 1173.589414][T31989] netlink: 132 bytes leftover after parsing attributes in process `syz.3.9113'.
[ 1173.599701][T31989] netlink: 'syz.3.9113': attribute type 1 has an invalid length.
[ 1174.059008][T32016] loop2: detected capacity change from 0 to 128
[ 1174.119609][T32020] loop3: detected capacity change from 0 to 256
[ 1174.123249][T32016] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1174.151967][T32020] exfat: Deprecated parameter 'utf8'
[ 1174.185840][T32027] netlink: 40 bytes leftover after parsing attributes in process `syz.1.9125'.
[ 1174.214984][T32027] netlink: 40 bytes leftover after parsing attributes in process `syz.1.9125'.
[ 1174.251878][T32020] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[ 1174.434301][T32034] netlink: 56 bytes leftover after parsing attributes in process `syz.0.9127'.
[ 1174.455235][T32034] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9127'.
[ 1174.497695][T32034] netlink: 31 bytes leftover after parsing attributes in process `syz.0.9127'.
[ 1174.525105][T32034] netlink: 'syz.0.9127': attribute type 2 has an invalid length.
[ 1174.541891][T32034] netlink: 31 bytes leftover after parsing attributes in process `syz.0.9127'.
[ 1174.710150][T32051] netlink: 'syz.3.9131': attribute type 11 has an invalid length.
[ 1175.339253][T32042] loop1: detected capacity change from 0 to 32768
[ 1175.447226][T32042] ea_get: invalid extended attribute
[ 1175.463192][T32042] ffff8880561843f0: 04 00 00 00                                      ....
[ 1175.540046][T32084] ipt_REJECT: TCP_RESET invalid for non-tcp
[ 1177.287825][T32188] loop0: detected capacity change from 0 to 1764
[ 1177.482574][T32202] loop3: detected capacity change from 0 to 256
[ 1177.759822][T14196] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[ 1177.917436][T32231] netlink: 'syz.3.9186': attribute type 49 has an invalid length.
[ 1177.934292][T32231] netlink: 'syz.3.9186': attribute type 49 has an invalid length.
[ 1177.941032][T14196] usb 2-1: Using ep0 maxpacket: 16
[ 1177.957590][T14196] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1177.975437][T14196] usb 2-1: config 0 has no interface number 0
[ 1177.985999][T14196] usb 2-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[ 1177.999522][T14196] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1178.008452][T14196] usb 2-1: Product: syz
[ 1178.021912][T14196] usb 2-1: Manufacturer: syz
[ 1178.026617][T14196] usb 2-1: SerialNumber: syz
[ 1178.055513][T14196] usb 2-1: config 0 descriptor??
[ 1178.275506][T14196] usb 2-1: selecting invalid altsetting 1
[ 1178.301477][T14196] speedtch 2-1:0.1: speedtch_bind: setting interface to  1 failed (-22)!
[ 1178.319118][T14196] speedtch 2-1:0.1: usbatm_usb_probe: bind failed: -22!
[ 1178.334512][T14196] speedtch: probe of 2-1:0.1 failed with error -22
[ 1178.354380][T14196] usb 2-1: USB disconnect, device number 91
[ 1178.830493][T32288] netlink: 'syz.0.9201': attribute type 3 has an invalid length.
[ 1179.080253][T32303] netlink: 'syz.0.9205': attribute type 1 has an invalid length.
[ 1179.241509][T14196] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1179.429594][T14196] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1179.450018][T14196] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3
[ 1179.461906][T32325] loop1: detected capacity change from 0 to 2048
[ 1179.468988][T14196] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[ 1179.498261][T14196] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1179.534680][T14196] usb 4-1: config 0 descriptor??
[ 1179.651030][  T968] usb 3-1: new full-speed USB device number 75 using dummy_hcd
[ 1179.849418][  T968] usb 3-1: config index 0 descriptor too short (expected 39, got 27)
[ 1179.875191][  T968] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1179.901278][  T968] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1179.920538][  T968] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1179.937388][  T968] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1179.955903][  T968] usb 3-1: Product: syz
[ 1179.960324][  T968] usb 3-1: Manufacturer: syz
[ 1179.978970][T14196] Bluetooth: Can't get version to change to load ram patch err
[ 1179.986623][T14196] Bluetooth: Loading patch file failed
[ 1180.004098][  T968] usb 3-1: SerialNumber: syz
[ 1180.016001][  T968] usb 3-1: config 0 descriptor??
[ 1180.022141][T14196] ath3k: probe of 4-1:0.0 failed with error -71
[ 1180.037364][  T968] hub 3-1:0.0: bad descriptor, ignoring hub
[ 1180.058303][T14196] usb 4-1: USB disconnect, device number 70
[ 1180.070999][  T968] hub: probe of 3-1:0.0 failed with error -5
[ 1180.092010][  T968] usb 3-1: selecting invalid altsetting 0
[ 1180.189454][T32372] usb usb1: check_ctrlrecip: process 32372 (syz.0.9220) requesting ep 01 but needs 81
[ 1180.227947][T32372] usb usb1: usbfs: process 32372 (syz.0.9220) did not claim interface 0 before use
[ 1180.493387][T32389] loop0: detected capacity change from 0 to 128
[ 1180.511550][T32389] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1180.576401][T32389] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1180.596633][ T1189] usb 3-1: USB disconnect, device number 75
[ 1180.695824][T32389] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 93: 0x5d != 0x05
[ 1180.741916][T32389] UDF-fs: error (device loop0): udf_count_free_bitmap: udf_count_free failed
[ 1181.005101][ T5775] UDF-fs: error (device loop0): udf_read_inode: (ino 104) failed !bh
[ 1181.018965][ T5775] UDF-fs: error (device loop0): udf_read_inode: (ino 104) failed !bh
[ 1181.030036][T32424] netlink: 'syz.3.9232': attribute type 21 has an invalid length.
[ 1181.038759][T32424] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1181.046839][T32424] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1181.054157][T32424] IPv6: NLM_F_CREATE should be set when creating new route
[ 1181.061483][T32424] IPv6: NLM_F_CREATE should be set when creating new route
[ 1181.068777][T32424] IPv6: NLM_F_CREATE should be set when creating new route
[ 1181.599104][   T48] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1181.732494][   T48] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1181.883655][   T48] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1182.080175][   T48] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1182.159771][T14196] usb 4-1: new full-speed USB device number 71 using dummy_hcd
[ 1182.356386][T14196] usb 4-1: config index 0 descriptor too short (expected 39, got 27)
[ 1182.377328][T14196] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1182.403069][T14196] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1182.437017][T14196] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1182.459164][T14196] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1182.485186][T14196] usb 4-1: Product: syz
[ 1182.489441][T14196] usb 4-1: Manufacturer: syz
[ 1182.494084][T14196] usb 4-1: SerialNumber: syz
[ 1182.518315][T14196] usb 4-1: config 0 descriptor??
[ 1182.570202][T14196] hub 4-1:0.0: bad descriptor, ignoring hub
[ 1182.576300][T14196] hub: probe of 4-1:0.0 failed with error -5
[ 1182.647868][T14196] usb 4-1: selecting invalid altsetting 0
[ 1182.886100][T14196] usb 4-1: USB disconnect, device number 71
[ 1182.893595][ T5779] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1182.908860][ T5779] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1182.918852][ T5779] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1182.931185][ T5779] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1182.961758][ T5779] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1182.966173][T32517] usb usb1: check_ctrlrecip: process 32517 (syz.2.9249) requesting ep 01 but needs 81
[ 1182.979451][ T5779] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1183.021409][T32517] usb usb1: usbfs: process 32517 (syz.2.9249) did not claim interface 0 before use
[ 1183.054241][ T5787] udevd[5787]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1183.824417][T32581] loop3: detected capacity change from 0 to 4096
[ 1183.873008][T32581] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[ 1184.121019][T32581] ntfs3: loop3: failed to convert "c46c" to iso8859-6
[ 1184.164031][T32581] ntfs3: loop3: failed to convert "0030" to iso8859-6
[ 1184.197343][T32581] ntfs3: loop3: failed to convert "0031" to iso8859-6
[ 1184.238106][T32610] loop1: detected capacity change from 0 to 128
[ 1184.257708][T32610] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[ 1184.591335][T32638] netlink: 'syz.2.9263': attribute type 4 has an invalid length.
[ 1184.889578][ T5779] Bluetooth: hci2: command tx timeout
[ 1184.958504][   T48] dvmrp0 (unregistering): left allmulticast mode
[ 1184.986923][T32504] chnl_net:caif_netlink_parms(): no params data found
[ 1185.521747][T32504] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1185.558070][T32504] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1185.587291][T32504] bridge_slave_0: entered allmulticast mode
[ 1185.603834][T32504] bridge_slave_0: entered promiscuous mode
[ 1185.817729][T32504] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1185.838476][T32504] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1185.876095][T32504] bridge_slave_1: entered allmulticast mode
[ 1185.911980][T32504] bridge_slave_1: entered promiscuous mode
[ 1186.033382][T32504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1186.105044][T32504] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1186.241549][   T48] hsr_slave_0: left promiscuous mode
[ 1186.286542][   T48] hsr_slave_1: left promiscuous mode
[ 1186.308938][   T48] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1186.369573][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1186.399686][   T48] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1186.423351][   T48] macsec0: left allmulticast mode
[ 1186.437999][   T48] macsec0: left promiscuous mode
[ 1186.446623][   T48] bridge0: port 3(macsec0) entered disabled state
[ 1186.473679][   T48] bridge_slave_1: left allmulticast mode
[ 1186.488897][   T48] bridge_slave_1: left promiscuous mode
[ 1186.495008][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1186.512399][   T48] bridge_slave_0: left allmulticast mode
[ 1186.518265][   T48] bridge_slave_0: left promiscuous mode
[ 1186.528198][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1186.627517][   T48] veth1_vlan: left promiscuous mode
[ 1186.716614][T14196] usb 2-1: new high-speed USB device number 92 using dummy_hcd
[ 1186.828668][ T5779] Bluetooth: hci2: command tx timeout
[ 1186.905135][T14196] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[ 1186.914718][T14196] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1186.938997][T14196] usb 2-1: config 0 descriptor??
[ 1186.957397][T14196] gspca_main: spca508-2.14.0 probing 8086:0110
[ 1187.154188][ T5843] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1187.156247][   T48] bond1 (unregistering): Released all slaves
[ 1187.336521][ T5843] usb 4-1: Using ep0 maxpacket: 16
[ 1187.347791][T14196] gspca_spca508: reg_read err -71
[ 1187.367359][T14196] gspca_spca508: reg_read err -71
[ 1187.368884][ T5843] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1187.381345][ T5843] usb 4-1: config 0 has no interface number 0
[ 1187.388491][ T5843] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[ 1187.389878][T14196] gspca_spca508: reg_read err -71
[ 1187.399039][ T5843] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1187.410414][ T5843] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[ 1187.427357][T14196] gspca_spca508: reg_read err -71
[ 1187.432820][T14196] gspca_spca508: reg write: error -71
[ 1187.441775][T14196] spca508: probe of 2-1:0.0 failed with error -71
[ 1187.453874][ T5843] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1187.461930][ T5843] usb 4-1: Product: syz
[ 1187.466710][ T5843] usb 4-1: Manufacturer: syz
[ 1187.471603][ T5843] usb 4-1: SerialNumber: syz
[ 1187.499132][T14196] usb 2-1: USB disconnect, device number 92
[ 1187.511814][ T5843] usb 4-1: config 0 descriptor??
[ 1187.519754][  T356] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1187.777951][ T5843] usb 4-1: USB disconnect, device number 72
[ 1187.914079][  T380] netlink: 104 bytes leftover after parsing attributes in process `syz.1.9289'.
[ 1187.924203][  T380] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9289'.
[ 1187.933319][  T380] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9289'.
[ 1188.229223][   T48] team0 (unregistering): Port device team_slave_1 removed
[ 1188.291354][   T48] team0 (unregistering): Port device team_slave_0 removed
[ 1188.367436][   T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1188.452379][   T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1188.768725][ T5779] Bluetooth: hci2: command tx timeout
[ 1188.888878][   T48] team0 (unregistering): Port device bond0 removed
[ 1188.940051][   T48] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1188.949134][   T48] bond0 (unregistering): Released all slaves
[ 1189.226159][T32504] team0: Port device team_slave_0 added
[ 1189.244452][T32504] team0: Port device team_slave_1 added
[ 1189.363134][T32504] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1189.386597][T32504] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1189.427010][T32504] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1189.458839][T32504] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1189.465858][T32504] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1189.504086][T32504] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1189.805742][T32504] hsr_slave_0: entered promiscuous mode
[ 1189.839635][T32504] hsr_slave_1: entered promiscuous mode
[ 1189.881258][T32504] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1189.919980][T32504] Cannot create hsr debugfs directory
[ 1189.952044][  T472] netlink: 'syz.3.9293': attribute type 4 has an invalid length.
[ 1189.969689][  T475] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9294'.
[ 1190.523045][  T556] xt_hashlimit: overflow, rate too high: 1125899906842624
[ 1190.705790][ T5779] Bluetooth: hci2: command tx timeout
[ 1190.964245][T32504] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1191.052652][T32504] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1191.072590][T32504] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1191.111684][T32504] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1191.663259][  T638] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[ 1191.761723][T32504] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1191.828279][T32504] 8021q: adding VLAN 0 to HW filter on device team0
[ 1191.902964][  T651] loop1: detected capacity change from 0 to 16
[ 1191.929181][  T651] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1191.941068][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1191.948307][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1191.994567][  T651] erofs: (device loop1): z_erofs_readahead: readahead error at folio 2 @ nid 89
[ 1192.004695][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1192.011945][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1192.040327][ T5779] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[ 1192.060451][  T651] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192]
[ 1192.132592][   T28] audit: type=1800 audit(2000000022.509:157): pid=651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.9317" name="file3" dev="loop1" ino=89 res=0 errno=0
[ 1192.397025][  T671] loop3: detected capacity change from 0 to 256
[ 1192.508370][  T671] FAT-fs (loop3): Directory bread(block 64) failed
[ 1192.522783][  T671] FAT-fs (loop3): Directory bread(block 65) failed
[ 1192.556615][  T671] FAT-fs (loop3): Directory bread(block 66) failed
[ 1192.588534][  T671] FAT-fs (loop3): Directory bread(block 67) failed
[ 1192.595297][  T671] FAT-fs (loop3): Directory bread(block 68) failed
[ 1192.640433][  T671] FAT-fs (loop3): Directory bread(block 69) failed
[ 1192.663787][  T671] FAT-fs (loop3): Directory bread(block 70) failed
[ 1192.682791][  T671] FAT-fs (loop3): Directory bread(block 71) failed
[ 1192.689526][  T671] FAT-fs (loop3): Directory bread(block 72) failed
[ 1192.728286][  T671] FAT-fs (loop3): Directory bread(block 73) failed
[ 1192.788252][T32504] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1192.978166][   T28] audit: type=1800 audit(2000000023.410:158): pid=671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9322" name="file1" dev="loop3" ino=1048662 res=0 errno=0
[ 1193.811818][T32504] veth0_vlan: entered promiscuous mode
[ 1193.860406][T32504] veth1_vlan: entered promiscuous mode
[ 1193.994167][T32504] veth0_macvtap: entered promiscuous mode
[ 1194.012039][T32504] veth1_macvtap: entered promiscuous mode
[ 1194.078942][T32504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1194.126560][T32504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1194.154381][T32504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1194.199175][T32504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1194.217067][T32504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1194.232564][T32504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1194.256200][T32504] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1194.288846][T32504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1194.313396][T32504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1194.327531][T32504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1194.339546][T32504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1194.355493][T32504] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1194.367708][T32504] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1194.410799][T32504] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1194.459174][T32504] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.480418][T32504] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.517608][T32504] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.526868][T32504] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.844288][   T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1194.852158][   T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1195.005890][ T2969] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1195.033995][ T2969] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1195.603351][  T826] netlink: 'syz.4.9353': attribute type 4 has an invalid length.
[ 1195.911759][  T834] netdevsim netdevsim3 netdevsim0: left allmulticast mode
[ 1195.939368][  T834] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1196.173915][  T810] loop2: detected capacity change from 0 to 32768
[ 1196.248966][  T810] ea_get: invalid extended attribute
[ 1196.437707][T14196] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[ 1196.640332][T14196] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1196.680363][T14196] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1196.688443][T14196] usb 4-1: Product: syz
[ 1196.739708][T14196] usb 4-1: Manufacturer: syz
[ 1196.744397][T14196] usb 4-1: SerialNumber: syz
[ 1196.783047][T14196] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1196.814004][  T880] netlink: 'syz.1.9365': attribute type 4 has an invalid length.
[ 1196.865162][ T5894] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1197.078981][  T889] netlink: 'syz.2.9375': attribute type 4 has an invalid length.
[ 1197.401636][T14196] usb 4-1: USB disconnect, device number 73
[ 1197.872839][ T5894] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 1197.879950][ T5894] ath9k_htc: Failed to initialize the device
[ 1197.928597][T14196] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1198.094464][  T950] dns_resolver: Unsupported server list version (0)
[ 1198.773875][  T992] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[ 1198.861298][T14196] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[ 1199.055521][T14196] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1199.085166][T14196] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1199.106886][T14196] usb 3-1: config 0 descriptor??
[ 1199.528365][T14196] ath6kl: Failed to read usb control message: -71
[ 1199.551690][T14196] ath6kl: Unable to read the bmi data from the device: -71
[ 1199.558984][T14196] ath6kl: Unable to recv target info: -71
[ 1199.604492][T14196] ath6kl: Failed to init ath6kl core: -71
[ 1199.620546][T14196] ath6kl_usb: probe of 3-1:0.0 failed with error -71
[ 1199.656528][T14196] usb 3-1: USB disconnect, device number 76
[ 1199.895618][ T1070] loop1: detected capacity change from 0 to 4096
[ 1199.942121][ T1070] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512).
[ 1200.087501][ T1070] ntfs3: loop1: Failed to initialize $Extend/$ObjId.
[ 1200.265082][ T1088] bridge6: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[ 1200.773479][ T1111] netlink: 'syz.4.9405': attribute type 1 has an invalid length.
[ 1200.822445][ T1111] netlink: 220 bytes leftover after parsing attributes in process `syz.4.9405'.
[ 1200.882051][ T1119] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT
[ 1201.910451][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1202.346637][ T1184] bridge4: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[ 1202.376729][ T1145] loop3: detected capacity change from 0 to 32768
[ 1202.409731][ T1145] JBD2: Ignoring recovery information on journal
[ 1202.534110][ T1145] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[ 1202.907510][ T5778] ocfs2: Unmounting device (7,3) on (node local)
[ 1203.502445][T11089] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[ 1203.707036][T11089] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1203.724799][T11089] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1203.749168][T11089] usb 3-1: Product: syz
[ 1203.770631][T11089] usb 3-1: Manufacturer: syz
[ 1203.790430][T11089] usb 3-1: SerialNumber: syz
[ 1203.815684][T11089] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1203.863544][ T5843] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1204.318166][T11089] usb 3-1: USB disconnect, device number 77
[ 1204.704345][ T1313] loop1: detected capacity change from 0 to 4096
[ 1204.711463][ T1319] netlink: 20 bytes leftover after parsing attributes in process `syz.3.9461'.
[ 1204.724066][ T1319] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9461'.
[ 1204.774043][ T1313] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1204.881964][ T5843] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[ 1204.899252][ T5843] ath9k_htc: Failed to initialize the device
[ 1204.919260][T11089] usb 3-1: ath9k_htc: USB layer deinitialized
[ 1205.023370][ T5771] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1205.284006][ T1351] loop1: detected capacity change from 0 to 1024
[ 1205.506965][ T2969] hfsplus: b-tree write err: -5, ino 4
[ 1205.628433][ T1369] netlink: 'syz.4.9474': attribute type 3 has an invalid length.
[ 1205.636434][ T1369] netlink: 16 bytes leftover after parsing attributes in process `syz.4.9474'.
[ 1206.060167][ T1394] loop1: detected capacity change from 0 to 256
[ 1206.081929][ T1392] loop4: detected capacity change from 0 to 1024
[ 1206.171027][ T1392] ------------[ cut here ]------------
[ 1206.176750][ T1392] DEBUG_LOCKS_WARN_ON(lock->magic != lock)
[ 1206.189883][ T1392] WARNING: CPU: 1 PID: 1392 at kernel/locking/mutex.c:582 __mutex_lock+0xb85/0xcc0
[ 1206.205496][ T1392] Modules linked in:
[ 1206.209444][ T1392] CPU: 1 PID: 1392 Comm: syz.4.9481 Not tainted syzkaller #0
[ 1206.217463][ T1392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1206.227735][ T1392] RIP: 0010:__mutex_lock+0xb85/0xcc0
[ 1206.233277][ T1392] Code: 04 08 84 c0 0f 85 27 01 00 00 83 3d 94 58 fe 03 00 0f 85 95 f5 ff ff 48 c7 c7 a0 b3 ca 8a 48 c7 c6 40 b4 ca 8a e8 4b 21 c4 f6 <0f> 0b e9 7b f5 ff ff 0f 0b e9 5f f9 ff ff 0f 0b e9 18 f6 ff ff e8
[ 1206.253034][ T1392] RSP: 0018:ffffc9000ba5f6a0 EFLAGS: 00010246
[ 1206.259166][ T1392] RAX: 245e68b9e304f400 RBX: ffff88802df52828 RCX: 0000000000080000
[ 1206.267347][ T1392] RDX: ffffc9001ca31000 RSI: 0000000000004508 RDI: 0000000000004509
[ 1206.275733][ T1392] RBP: ffffc9000ba5f800 R08: ffff8880b8f28c13 R09: 1ffff110171e5182
[ 1206.284062][ T1392] R10: dffffc0000000000 R11: ffffed10171e5183 R12: 0000000000000000
[ 1206.292324][ T1392] R13: 1ffff9200174bee4 R14: dffffc0000000000 R15: 0000000000000000
[ 1206.300382][ T1392] FS:  00007f6ef59726c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1206.309568][ T1392] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1206.316211][ T1392] CR2: 00007f2a9035c000 CR3: 000000005843b000 CR4: 00000000003506e0
[ 1206.324317][ T1392] Call Trace:
[ 1206.327700][ T1392]  <TASK>
[ 1206.330674][ T1392]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1206.336759][ T1392]  ? reiserfs_write_lock+0x79/0xd0
[ 1206.341958][ T1392]  ? mutex_lock_nested+0x20/0x20
[ 1206.347038][ T1392]  ? d_alloc_parallel+0x33e/0x1530
[ 1206.352215][ T1392]  ? __lock_acquire+0x7d40/0x7d40
[ 1206.357361][ T1392]  reiserfs_write_lock+0x79/0xd0
[ 1206.362394][ T1392]  reiserfs_lookup+0x183/0x580
[ 1206.367499][ T1392]  ? reiserfs_init_priv_inode+0x1a0/0x1a0
[ 1206.373381][ T1392]  ? __init_waitqueue_head+0xa9/0x150
[ 1206.378816][ T1392]  __lookup_slow+0x2a1/0x400
[ 1206.383524][ T1392]  ? lookup_one_len+0x2e0/0x2e0
[ 1206.388439][ T1392]  ? try_to_unlazy+0x34c/0x5a0
[ 1206.393421][ T1392]  ? down_read+0x1ac/0x2e0
[ 1206.397928][ T1392]  lookup_slow+0x53/0x70
[ 1206.402455][ T1392]  walk_component+0x2be/0x3f0
[ 1206.407352][ T1392]  ? path_lookupat+0x15c/0x440
[ 1206.412216][ T1392]  path_lookupat+0x169/0x440
[ 1206.416897][ T1392]  filename_lookup+0x228/0x560
[ 1206.421775][ T1392]  ? hashlen_string+0x110/0x110
[ 1206.426695][ T1392]  ? strncpy_from_user+0x197/0x2d0
[ 1206.432272][ T1392]  ? getname_flags+0x20a/0x500
[ 1206.437094][ T1392]  user_path_at_empty+0x42/0x60
[ 1206.442113][ T1392]  do_sys_truncate+0xba/0x1c0
[ 1206.446896][ T1392]  ? lock_chain_count+0x20/0x20
[ 1206.451830][ T1392]  ? break_lease+0xd0/0xd0
[ 1206.456293][ T1392]  ? lockdep_hardirqs_on+0x98/0x150
[ 1206.461904][ T1392]  do_syscall_64+0x55/0xa0
[ 1206.466453][ T1392]  ? clear_bhb_loop+0x40/0x90
[ 1206.471187][ T1392]  ? clear_bhb_loop+0x40/0x90
[ 1206.475918][ T1392]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1206.481929][ T1392] RIP: 0033:0x7f6ef4b9aeb9
[ 1206.486550][ T1392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1206.506444][ T1392] RSP: 002b:00007f6ef5972028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[ 1206.515165][ T1392] RAX: ffffffffffffffda RBX: 00007f6ef4e15fa0 RCX: 00007f6ef4b9aeb9
[ 1206.523268][ T1392] RDX: 0000000000000000 RSI: 000000000000bf39 RDI: 0000200000000900
[ 1206.531291][ T1392] RBP: 00007f6ef4c08c1f R08: 0000000000000000 R09: 0000000000000000
[ 1206.539387][ T1392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1206.547476][ T1392] R13: 00007f6ef4e16038 R14: 00007f6ef4e15fa0 R15: 00007fff01d1a1c8
[ 1206.555772][ T1392]  </TASK>
[ 1206.558842][ T1392] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1206.566160][ T1392] CPU: 1 PID: 1392 Comm: syz.4.9481 Not tainted syzkaller #0
[ 1206.573577][ T1392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1206.583674][ T1392] Call Trace:
[ 1206.586998][ T1392]  <TASK>
[ 1206.589979][ T1392]  dump_stack_lvl+0x18c/0x250
[ 1206.594730][ T1392]  ? show_regs_print_info+0x20/0x20
[ 1206.599979][ T1392]  ? load_image+0x400/0x400
[ 1206.604547][ T1392]  panic+0x2dc/0x730
[ 1206.608533][ T1392]  ? bpf_jit_dump+0xd0/0xd0
[ 1206.613085][ T1392]  __warn+0x2e0/0x470
[ 1206.617083][ T1392]  ? __mutex_lock+0xb85/0xcc0
[ 1206.621810][ T1392]  ? __mutex_lock+0xb85/0xcc0
[ 1206.626521][ T1392]  report_bug+0x2be/0x4f0
[ 1206.630895][ T1392]  ? __mutex_lock+0xb85/0xcc0
[ 1206.635617][ T1392]  ? __mutex_lock+0xb85/0xcc0
[ 1206.640425][ T1392]  ? __mutex_lock+0xb87/0xcc0
[ 1206.645130][ T1392]  handle_bug+0xcf/0x120
[ 1206.649394][ T1392]  exc_invalid_op+0x1a/0x50
[ 1206.653925][ T1392]  asm_exc_invalid_op+0x1a/0x20
[ 1206.658801][ T1392] RIP: 0010:__mutex_lock+0xb85/0xcc0
[ 1206.664113][ T1392] Code: 04 08 84 c0 0f 85 27 01 00 00 83 3d 94 58 fe 03 00 0f 85 95 f5 ff ff 48 c7 c7 a0 b3 ca 8a 48 c7 c6 40 b4 ca 8a e8 4b 21 c4 f6 <0f> 0b e9 7b f5 ff ff 0f 0b e9 5f f9 ff ff 0f 0b e9 18 f6 ff ff e8
[ 1206.683758][ T1392] RSP: 0018:ffffc9000ba5f6a0 EFLAGS: 00010246
[ 1206.689845][ T1392] RAX: 245e68b9e304f400 RBX: ffff88802df52828 RCX: 0000000000080000
[ 1206.697838][ T1392] RDX: ffffc9001ca31000 RSI: 0000000000004508 RDI: 0000000000004509
[ 1206.705845][ T1392] RBP: ffffc9000ba5f800 R08: ffff8880b8f28c13 R09: 1ffff110171e5182
[ 1206.713841][ T1392] R10: dffffc0000000000 R11: ffffed10171e5183 R12: 0000000000000000
[ 1206.721846][ T1392] R13: 1ffff9200174bee4 R14: dffffc0000000000 R15: 0000000000000000
[ 1206.729853][ T1392]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 1206.735860][ T1392]  ? reiserfs_write_lock+0x79/0xd0
[ 1206.741005][ T1392]  ? mutex_lock_nested+0x20/0x20
[ 1206.745982][ T1392]  ? d_alloc_parallel+0x33e/0x1530
[ 1206.751127][ T1392]  ? __lock_acquire+0x7d40/0x7d40
[ 1206.756177][ T1392]  reiserfs_write_lock+0x79/0xd0
[ 1206.761149][ T1392]  reiserfs_lookup+0x183/0x580
[ 1206.765935][ T1392]  ? reiserfs_init_priv_inode+0x1a0/0x1a0
[ 1206.771693][ T1392]  ? __init_waitqueue_head+0xa9/0x150
[ 1206.777090][ T1392]  __lookup_slow+0x2a1/0x400
[ 1206.781704][ T1392]  ? lookup_one_len+0x2e0/0x2e0
[ 1206.786578][ T1392]  ? try_to_unlazy+0x34c/0x5a0
[ 1206.791359][ T1392]  ? down_read+0x1ac/0x2e0
[ 1206.795802][ T1392]  lookup_slow+0x53/0x70
[ 1206.800080][ T1392]  walk_component+0x2be/0x3f0
[ 1206.804774][ T1392]  ? path_lookupat+0x15c/0x440
[ 1206.809581][ T1392]  path_lookupat+0x169/0x440
[ 1206.814201][ T1392]  filename_lookup+0x228/0x560
[ 1206.818996][ T1392]  ? hashlen_string+0x110/0x110
[ 1206.823922][ T1392]  ? strncpy_from_user+0x197/0x2d0
[ 1206.829069][ T1392]  ? getname_flags+0x20a/0x500
[ 1206.833873][ T1392]  user_path_at_empty+0x42/0x60
[ 1206.838751][ T1392]  do_sys_truncate+0xba/0x1c0
[ 1206.843443][ T1392]  ? lock_chain_count+0x20/0x20
[ 1206.848399][ T1392]  ? break_lease+0xd0/0xd0
[ 1206.852843][ T1392]  ? lockdep_hardirqs_on+0x98/0x150
[ 1206.858063][ T1392]  do_syscall_64+0x55/0xa0
[ 1206.862510][ T1392]  ? clear_bhb_loop+0x40/0x90
[ 1206.867206][ T1392]  ? clear_bhb_loop+0x40/0x90
[ 1206.871906][ T1392]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1206.877823][ T1392] RIP: 0033:0x7f6ef4b9aeb9
[ 1206.882264][ T1392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1206.901890][ T1392] RSP: 002b:00007f6ef5972028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[ 1206.910321][ T1392] RAX: ffffffffffffffda RBX: 00007f6ef4e15fa0 RCX: 00007f6ef4b9aeb9
[ 1206.918314][ T1392] RDX: 0000000000000000 RSI: 000000000000bf39 RDI: 0000200000000900
[ 1206.926302][ T1392] RBP: 00007f6ef4c08c1f R08: 0000000000000000 R09: 0000000000000000
[ 1206.934296][ T1392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1206.942289][ T1392] R13: 00007f6ef4e16038 R14: 00007f6ef4e15fa0 R15: 00007fff01d1a1c8
[ 1206.950288][ T1392]  </TASK>
[ 1206.953912][ T1392] Kernel Offset: disabled
[ 1206.958243][ T1392] Rebooting in 86400 seconds..