last executing test programs: 5.962993485s ago: executing program 1 (id=2709): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000040)=0x5, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 5.451755667s ago: executing program 1 (id=2713): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='cruft,block=0x0000000000000400\x00session=0x0000000000000006,check=relaxed,utf8,cruftAuid=', @ANYRESDEC=r1, @ANYBLOB="2c8ef6fff25f71854bb02441c2edff2c66736dbdda08da0968bf8783e49a23113d307830303030303000bd2551db78fc65240062c543fd92499a55c4676e4ab57351fab1f21354c2000000000000a36961e03f1f9b339e1208fe76adf824d531e4f11e82cd11bccd3e4d4cd5b4502ba9708a2827923cada4e88ec20e806b355ece7f4afbb71f1eafd72d05729509434e51cc55317bb19441bd11c979ca9786b51118d9b1c2246f0b40ab6700000000000000da855836b2ae2ca015a89c5a93917ce89bf9b25873b64212817b398012e71c56a6e54fff0f5a90c26a2b31fa0443dc5e59649e4678b04b917313b3ae5df833cf837087331201356ac926fc24fb7c21d65244421f457d954663ffc16a2f5eaf7a3033e71490413eb81a78125fbe905813b0fa518e44ce2779b29087ca0c5af3a3c05c64d6d98098d8d6c16eaa61179eb9acdbb0b8523c0fb26684c472244428cd27b2c4fa7d92d28776bff943ac830c7f4e70aa6cb4352cc2c57f79ae038939e36a954e5db9ed0cd416f21922632de28ceabe2930fc2f646809fa96a6f2e6eebdcef590508b859cb3bbefab67826828f4b7a7161e15b7b6333643fd5c2f023e5fcc4d97b3c68aaff91f7d85b5d3ea153079a7fc71cb6e8675d03eb5e1dce7d6aefde356c9b1122b888d45a8e636648a127ab8b100b7aa18234d", @ANYRES16, @ANYRESHEX, @ANYRES64=r1], 0x1, 0x648, &(0x7f00000019c0)="$eJzs3c9u29gVx/EfZdlWXCAo2mIQBJnkTtIBHDRVJHniQEgXZSlK5lQSBZIubKDAIJ3YgyBypnVSoPFm6k3/ANMX6G42XfQh+gJ9iy4LFO2uQDcqSIqWbEmW7MhOZvL9GI4o3iPeQ15FB7T4RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJZTK5XKlppee3PLTObUAr91Snu6tEXdTSfuTu1XsuJfFQq6ls669r1B83vxP7d1I312Q4X4oaCDb7337Uffzeey15+S0HnorAt88erg2eNud2d/zom8BZSbIajhtr3Q91p2wzVe6Jvq+nrp/kY9NHWv6YbbYeS2jBO4ucgPzKpz15Sr1TXjFrf9zXajZjfdbObDH1ZKpXXz8XJ/+O9/XAydDa/Z9NqNJCZujmMemi9/noa4dsuY3afdnbVpScZB5VmCKtOCKqVKpVyuVMrrD6oPHpZK+ZEZpRM0EjH3Ny2+Zub34Q28plxc//9hSU0V1NamtmTG/jiqKZCv1oT2vqz+f3jfPbXf4fqfVflrg+brSur/zfTZzUn1f0IuRiZ5wbgWa8L88/280Csd6Jkeq6uudrQ/8yuv9Nd0bOut+WV4sT8NKS95CuXLU0u2GnJl+nOMqlrXukr6RBuqK5RRXZ6achVqW6EiuWolYxLIla1IvgIZrcrRXRmVVVVVazJyVdS2fG2qrYZqsvXfXq+3q6fJdl87JUdlQeVZgiqTQ/TbeMDG1P9ffJGOJfX/Xaah2n5qHPC26PX3/8/o1sVkAwAAAAAALoKV/PXdSr67f19ST3Wv6ZbedFoAAAAAAGCOkm/+b8QPi/HU+7Im7P/3Lj83AAAAAAAwH1Zyjp0laSU5qN8anAk1y0EAC5eQIgAAAAAAeE3J9/83l6Recu21W7LOtP8PAAAAAAC+Bv4wdI39fHaN3V72tX5OUthZtv7272UFi9ZhZ+v71p4dt9h7/ZiRIwCi+nXrav9CvcnDkqTkmePesAY3BrCS30L65F+70671bwUnElhayP58MS2B9Xz/mb7UB2nMB/1+nxzklLSkvazUvaZbdPzmo7Js+2oucreiXz9/+hspOFrP3afdneKnn3efJLkcxrMO9+I8vjiWTm5aLi+T6y0k51yMW+Mrqmdd/rHdWrGSfkvZ+i/I3ssNdzTb+v9Ot9OY2yvp48pBNgLJ+hfi9S8XkyEbrH1ydQhrkEX55JqPG4ixWSgvxVncSWPurN5JH7L8+ln8YEGqFEfHIBjOojKcxfRtYf1nZFtMySLeFmvFxf6SJmSxdrYsRkYEAN6U3UEVSi5iPnqN/ZN19zyfctOr+4+Pekm+h3j55156wuFCXDAK03spJHVlNY1ZUvLBmr8+5hO9lNaVpcKkT/TSuatb2tdfB/dA6t/OZiSL//V6vUflpN8/naiqX8Uv+Gpiv2GzshBvjvsv936ZXAA/9tnOZzvPK5W19dJHpdKDihaT1eg/UHsAAGNMv8fO1Ajro6O96if//DCdOlbxvnN0SEFRn+pzdfVE97JbCNwav9SVocMQ7o3utcaxyR10jseWdW/iXl1SS4diK0ex2S7eyT3AQezaBY8CAACX6/aUOjxL/b+X7XevXh+73328lp+8Q/Ck2PIlbwkAAN4dbmCslej3VhB4nU/K1WrZjjZcE/jOT03g1Rqu8dqRGzgbdrvhmk7gR77jN00n0LJXc0MTbnY6fhCZuh+Yjh96W8md303/1u+h27LbkeeEnaZrh65x/HZkO5GpeaFjOps/aXrhhhskLw47ruPVPceOPL9tQn8zcNyiMaHrDgV6NbcdeXUvnmybTuC17GDb/MxvbrZcU3NDJ/A6kZ8uMOvLa9f9oJUstqjemW90CADAN9GLVwfPHne7O/unTBxqaE52bOD44KVxC3zT6wgAAI6jSgMAAAAAAAAAAAAAAAAAAAAA8Pab5fy/M00sakyTdDTnV1dnWo6leSc2aWKpvyWGm3LnX+DfR+YsK5tz5ahJYzo9nKWLvKQ5bgSlE/n5b94r0rh3woVN/Gg33aLjYpTvdnc06aTV5aOxyM//v0M88fwvE5p6vV7v9Jcva+S9OmOn8Rtlf+k1huDyP4sAXK7/BwAA//+otjXF") 4.802053897s ago: executing program 1 (id=2718): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000300)='cgroup.clone_children\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x60) 4.182637752s ago: executing program 1 (id=2720): io_setup(0x9, &(0x7f0000000b80)=0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) io_submit(r0, 0x1, &(0x7f00000002c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 3.525180931s ago: executing program 4 (id=2724): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000750000002a00080095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='percpu_free_percpu\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) 3.022748632s ago: executing program 4 (id=2726): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000200)={@link_local={0x1, 0x80, 0xc2, 0x3}, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @private2, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0) 2.955231901s ago: executing program 0 (id=2727): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x17, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8}, 0x90) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="1200000007"], 0xd) 2.819833625s ago: executing program 3 (id=2728): syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000006500)={[{@dots}, {@dots}, {@dots}, {@nodots}, {@dots}, {@nodots}, {@dots}, {@fat=@quiet}, {@nodots}, {@dots}, {@fat=@showexec}, {@dots}, {@dots}, {@fat=@umask={'umask', 0x3d, 0x7fff}}, {@fat=@nfs}, {@dots}, {@fat=@tz_utc}, {@fat=@errors_continue}, {@nodots}, {@fat=@nocase}, {@fat=@check_strict}, {@dots}]}, 0xfd, 0x1bf, &(0x7f0000000680)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x5c, 0x1, 0x1, 0x101, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @rand_addr=' \x01\x00'}}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0xcd}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x800) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80205b, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) 2.819619619s ago: executing program 1 (id=2729): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='map_files\x00') fchdir(r0) syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRESDEC, @ANYRES64], 0x0, 0x17a, &(0x7f0000000600)="$eJzsVb1OKkEU/mYZdu+9uQW1rSRgocCSEN9AKisfQAIrEhd/WAohFGvFo5D4FBS+grEwscHCQgssTcyamTm7Odgajcb5kuU758z5mZmEbw6js8gD8LqctFGAhsB/3AqBPICSMLFdz/Cza7hB/oM0XKP4JfE9cTQaH7XCMBh8ovEVM6xhjd9gXM/N//a77OcjhsPUZ+fCwZPWspvlpK2MfQBJkiQq1jGf4Dk5AFcsZ03qT+SQZDlSqyVQAlAZ9k8r0Wi82eu3ukE3OPb9eqMKIPYrB70wqJpfwUY45q6heAOA0tS/bF0J8B0J7D+sQrCt0brgtS4T5/L6aq3DankP03ee9SCNh7qKPXhschot6m4S+mhNCOTIqcl32Q7+6IWt9knYmUJApGUzyKxHbYF85vjcqW/H6RanxEXiJvGMeEGcvl3pmyR1h0fyyjHg4rw1HA7042WsLOZnMb8Q84tTU1/c1cMVPVhYWFhYWFhY/BC8BQAA///JbV5Q") openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) 2.543394473s ago: executing program 4 (id=2730): r0 = syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f00000002c0)=0x0, &(0x7f0000000000)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 2.529381598s ago: executing program 2 (id=2731): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="14002c"], 0x30}}, 0x0) 2.44392935s ago: executing program 0 (id=2732): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000640), r0) sendmsg$NET_DM_CMD_STOP(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000680)={0x14, r1, 0xb, 0x0, 0x0, {0x6}}, 0x14}}, 0x0) 2.362944117s ago: executing program 3 (id=2733): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26}, 0x20) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r0, 0x58, &(0x7f0000003fc0)}, 0xe) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) 2.30729228s ago: executing program 1 (id=2734): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) fchown(0xffffffffffffffff, 0x0, 0x0) 1.976438926s ago: executing program 2 (id=2735): unshare(0x24020400) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r1, 0xc0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0}}, 0x10) 1.976244828s ago: executing program 4 (id=2736): capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb}) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000070000b7020000000000007b9a88ff0000000066090000000000007baaf0ff00000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffff570200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000190500000000000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.94136249s ago: executing program 0 (id=2737): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000400008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x17, 0x4, &(0x7f0000000740)=ANY=[@ANYBLOB="85000000a0000000150000000000000045000000ffffffff9500000000000000906ba1c4bc5bf3bfd17c3fb4fa89fa3b61034091e62ab03a8e360545df1c0d3f12e9fcfc25c51896c01625af6652052140edba556061674f927bdb7d1835465dca69fc1b9ab634673f2ed0f49042aa8f86f67bc1f8383446bb1674261b43ee1b1fbdba5c5bf4480c8882355fd2cac9ca5687dc43238c9d841d62cb9b431ee1a6bf0b7b7921ba642112cab20a7082f406556dc5cecec15f72ca4072f33bf417880fa5858901daf2c6a3b0e662ba93baa02af10720bdd8e2f7"], &(0x7f0000000140)='GPL\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x1e}, 0x64) 1.917302421s ago: executing program 3 (id=2738): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48) unshare(0x22020400) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x7, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@map_fd={0x18, 0x0, 0x1, 0x0, r1}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000000)='GPL\x00', 0x6, 0xb, &(0x7f0000000340)=""/221}, 0x90) 1.450433393s ago: executing program 2 (id=2739): openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0) openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000500), 0x0, 0x0) r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000003f00), 0x0, 0x0) read$FUSE(r0, &(0x7f00000040c0)={0x2020}, 0x2020) 1.450260041s ago: executing program 0 (id=2740): r0 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000000280)={0x10, 0x0, 0xfffffffc}, 0xc) r1 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r1, &(0x7f0000000340)={0x10, 0x0, 0xfffffffc}, 0xc) 1.410644892s ago: executing program 3 (id=2741): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB=' \x00\x00\x00^\x00', @ANYRES16], 0x20}], 0x1}, 0x0) 1.013686552s ago: executing program 2 (id=2742): socket$can_j1939(0x1d, 0x2, 0x7) r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0) mq_notify(r0, &(0x7f0000000040)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}) mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0) 923.791089ms ago: executing program 0 (id=2743): r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000080)={0x2, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000480)={0x2, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @dev}}}, 0x108) 916.706358ms ago: executing program 3 (id=2744): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "0000002000000010000080ffff09ff73e9363b"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCNXCL(r1, 0x540d) 624.286999ms ago: executing program 4 (id=2745): unshare(0x26000400) r0 = socket$inet_udp(0x2, 0x2, 0x0) setreuid(0xffffffffffffffff, 0xee01) fcntl$setstatus(r0, 0x4, 0x46000) 499.82391ms ago: executing program 0 (id=2746): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000001740)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000001780)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2, @ANYBLOB="1c00238006000100be"], 0x38}}, 0x0) 499.63093ms ago: executing program 2 (id=2747): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = io_uring_setup(0x63d6, &(0x7f0000000340)) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0x14, &(0x7f0000003480)={0x4, 0x0, 0x4, &(0x7f00000001c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x0}, 0x2) io_uring_enter(r0, 0x18000000, 0x0, 0x1b, 0x0, 0x0) 433.646198ms ago: executing program 3 (id=2748): ioprio_set$pid(0x2, 0x0, 0x4004) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000008c0), 0x88242, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/vmstat\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) 60.423028ms ago: executing program 2 (id=2749): openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000480), 0x20800) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) 0s ago: executing program 4 (id=2750): r0 = mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, 0x0) ppoll(&(0x7f0000001180)=[{r0}], 0x1, 0x0, 0x0, 0x0) mq_notify(r0, &(0x7f0000001400)) mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 403.097379][ T8005] ext4 filesystem being mounted at /230/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 403.157289][ T8009] loop2: detected capacity change from 0 to 64 [ 403.172607][ T8009] MINIX-fs: bad superblock [ 403.289907][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.363540][ T5270] hdpvr 2-1:0.0: firmware version 0x0 dated [ 403.369804][ T5270] hdpvr 2-1:0.0: untested firmware, the driver might not work. [ 403.510595][ T5185] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.607323][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.614387][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.707574][ T8014] netlink: 'syz.0.1168': attribute type 8 has an invalid length. [ 403.877248][ T5270] hdpvr 2-1:0.0: Could not setup controls [ 403.886139][ T5270] hdpvr 2-1:0.0: registering videodev failed [ 403.962330][ T5270] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -71 [ 404.028442][ T5270] usb 2-1: USB disconnect, device number 13 [ 404.294236][ T8021] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1171'. [ 404.924782][ T8025] loop1: detected capacity change from 0 to 1024 [ 404.954220][ T8025] EXT4-fs: Ignoring removed orlov option [ 404.960184][ T8025] ext4: Unknown parameter 'noacl' [ 405.519988][ T8040] loop4: detected capacity change from 0 to 512 [ 405.539266][ T8044] loop1: detected capacity change from 0 to 64 [ 405.602332][ T8044] MINIX-fs: bad superblock [ 405.613213][ T8040] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 405.626542][ T8040] ext4 filesystem being mounted at /248/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 406.059464][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.125070][ T8055] loop1: detected capacity change from 0 to 1024 [ 406.158107][ T8055] EXT4-fs: Ignoring removed nobh option [ 406.312356][ T8055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 406.628108][ T5182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.184287][ T8075] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 408.824721][ T44] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 409.070723][ T44] usb 3-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a [ 409.080193][ T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.096981][ T8108] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1209'. [ 409.138490][ T44] usb 3-1: config 0 descriptor?? [ 409.155028][ T44] gspca_main: sn9c2028-2.14.0 probing 0c45:8001 [ 409.453228][ T44] gspca_sn9c2028: read1 error -32 [ 409.668737][ T44] gspca_sn9c2028: read1 error -71 [ 409.680530][ T44] sn9c2028 3-1:0.0: probe with driver sn9c2028 failed with error -71 [ 409.702846][ T5270] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 409.754697][ T44] usb 3-1: USB disconnect, device number 6 [ 409.937866][ T5270] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 409.947355][ T5270] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.978780][ T5270] usb 4-1: config 0 descriptor?? [ 410.004054][ T5270] cp210x 4-1:0.0: cp210x converter detected [ 410.438620][ T5270] cp210x 4-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 410.483052][ T5270] usb 4-1: cp210x converter now attached to ttyUSB0 [ 410.631681][ T8125] loop2: detected capacity change from 0 to 8 [ 410.658407][ T44] usb 4-1: USB disconnect, device number 12 [ 410.703558][ T44] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 410.763550][ T44] cp210x 4-1:0.0: device disconnected [ 411.527169][ T8138] Invalid/unusable pipe [ 411.712560][ T5244] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 411.877677][ T8143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1227'. [ 411.931121][ T5244] usb 3-1: Using ep0 maxpacket: 16 [ 411.950296][ T5244] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 411.961439][ T5244] usb 3-1: config 0 interface 0 has no altsetting 0 [ 411.968733][ T5244] usb 3-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00 [ 411.978201][ T5244] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.010928][ T5244] usb 3-1: config 0 descriptor?? [ 412.044446][ T8145] loop1: detected capacity change from 0 to 1024 [ 412.091620][ T8145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 412.104704][ T8145] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 412.388018][ T5182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 412.392033][ T8153] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1230'. [ 412.487549][ T5244] kye 0003:0458:0138.0008: unknown main item tag 0x0 [ 412.494860][ T5244] kye 0003:0458:0138.0008: unknown main item tag 0x0 [ 412.501910][ T5244] kye 0003:0458:0138.0008: unexpected long global item [ 412.570386][ T5244] kye 0003:0458:0138.0008: parse failed [ 412.577030][ T5244] kye 0003:0458:0138.0008: probe with driver kye failed with error -22 [ 412.743411][ T5244] usb 3-1: USB disconnect, device number 7 [ 413.044325][ T8163] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 413.863787][ T8176] Â: renamed from pim6reg1 [ 414.123198][ T8183] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1254'. [ 414.248875][ T8185] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1245'. [ 414.722509][ T8192] loop3: detected capacity change from 0 to 1024 [ 414.754131][ T8192] EXT4-fs: Ignoring removed nobh option [ 414.847595][ T8196] tap0: tun_chr_ioctl cmd 1074025677 [ 414.853926][ T8196] tap0: linktype set to 775 [ 414.860880][ T8192] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.134198][ T5185] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.258380][ T8207] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1255'. [ 416.063888][ T8222] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1262'. [ 416.402533][ T5244] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 416.548420][ T8232] loop4: detected capacity change from 0 to 1024 [ 416.579906][ T8232] EXT4-fs: Ignoring removed nobh option [ 416.621790][ T8236] loop1: detected capacity change from 0 to 164 [ 416.628132][ T5244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 416.628284][ T5244] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 416.628452][ T5244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 416.628596][ T5244] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 416.628807][ T5244] usb 1-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 416.628963][ T5244] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.723428][ T5244] usb 1-1: config 0 descriptor?? [ 416.725337][ T8236] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 416.785752][ T8232] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 416.799559][ T8236] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 417.002729][ T5244] hdpvr 1-1:0.0: firmware version 0x0 dated [ 417.009048][ T5244] hdpvr 1-1:0.0: untested firmware, the driver might not work. [ 417.205284][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 417.504402][ T5244] hdpvr 1-1:0.0: Could not setup controls [ 417.513904][ T5244] hdpvr 1-1:0.0: registering videodev failed [ 417.591990][ T5244] hdpvr 1-1:0.0: probe with driver hdpvr failed with error -71 [ 417.697369][ T5244] usb 1-1: USB disconnect, device number 11 [ 419.027239][ T8263] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1279'. [ 419.974668][ T8281] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1286'. [ 420.299111][ T8283] loop4: detected capacity change from 0 to 1024 [ 420.361039][ T8283] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 420.374248][ T8283] ext4 filesystem being mounted at /274/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 420.708612][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.997498][ T8298] netlink: 'syz.1.1296': attribute type 12 has an invalid length. [ 421.005892][ T8298] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1296'. [ 421.519387][ T8306] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1300'. [ 422.018893][ T8320] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1304'. [ 422.202436][ T8324] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1305'. [ 422.227146][ T8324] veth0_to_hsr: entered promiscuous mode [ 422.233411][ T8324] macsec1: entered allmulticast mode [ 422.238926][ T8324] veth0_to_hsr: entered allmulticast mode [ 422.361885][ T8324] veth0_to_hsr: left allmulticast mode [ 422.368815][ T8324] veth0_to_hsr: left promiscuous mode [ 423.123578][ T8340] loop3: detected capacity change from 0 to 256 [ 423.232364][ T44] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 423.458927][ T44] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 423.468493][ T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.488340][ T44] usb 5-1: config 0 descriptor?? [ 423.532984][ T44] cp210x 5-1:0.0: cp210x converter detected [ 423.962713][ T44] cp210x 5-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 424.023868][ T44] usb 5-1: cp210x converter now attached to ttyUSB0 [ 424.245079][ T1599] usb 5-1: USB disconnect, device number 6 [ 424.274183][ T1599] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 424.343758][ T1599] cp210x 5-1:0.0: device disconnected [ 424.974758][ T8358] loop1: detected capacity change from 0 to 256 [ 425.030631][ T8363] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 425.084347][ T8363] mac80211_hwsim hwsim5 wlan1: left allmulticast mode [ 425.278159][ T1599] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 425.407306][ T8366] loop2: detected capacity change from 0 to 164 [ 425.439093][ T8366] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 425.488871][ T8366] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 425.519789][ T1599] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 425.530319][ T1599] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 425.585008][ T1599] usb 1-1: config 0 descriptor?? [ 425.604609][ T1599] cp210x 1-1:0.0: cp210x converter detected [ 426.108813][ T1599] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 426.195518][ T1599] usb 1-1: cp210x converter now attached to ttyUSB0 [ 426.359627][ T5244] usb 1-1: USB disconnect, device number 12 [ 426.407724][ T5244] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 426.449121][ T5244] cp210x 1-1:0.0: device disconnected [ 426.464399][ T8384] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1332'. [ 427.362373][ T8394] loop3: detected capacity change from 0 to 128 [ 427.374859][ T8394] efs: Unknown parameter 'iocharset' [ 427.517592][ T8396] [U] [ 427.520647][ T8396] [U] [ 427.523656][ T8396] [U] [ 427.526646][ T8396] [U] [ 427.546031][ T8400] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1341'. [ 427.582704][ T8396] [U] [ 427.585742][ T8396] [U] [ 427.588734][ T8396] [U] [ 427.591726][ T8396] [U] [ 427.627341][ T8396] [U] [ 427.630396][ T8396] [U] [ 427.633390][ T8396] [U] [ 427.674359][ T8395] [U] [ 428.129852][ T8409] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 428.497826][ T8414] loop4: detected capacity change from 0 to 256 [ 428.557669][ T8414] exfat: Deprecated parameter 'namecase' [ 428.564023][ T8414] exfat: Deprecated parameter 'namecase' [ 428.690626][ T8414] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1fdf94bc, utbl_chksum : 0xe619d30d) [ 428.784455][ T8414] syz.4.1350: attempt to access beyond end of device [ 428.784455][ T8414] loop4: rw=0, sector=34225520824, nr_sectors = 1 limit=256 [ 428.799257][ T8414] syz.4.1350: attempt to access beyond end of device [ 428.799257][ T8414] loop4: rw=0, sector=34225520824, nr_sectors = 1 limit=256 [ 428.813762][ T8414] syz.4.1350: attempt to access beyond end of device [ 428.813762][ T8414] loop4: rw=0, sector=34225520824, nr_sectors = 1 limit=256 [ 428.833940][ T8414] Buffer I/O error on dev loop4, logical block 34225520824, async page read [ 428.898394][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 428.898475][ T29] audit: type=1800 audit(1725404075.231:73): pid=8414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1350" name="file1" dev="loop4" ino=1048633 res=0 errno=0 [ 429.494662][ T8428] loop2: detected capacity change from 0 to 1024 [ 430.735199][ T8448] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1366'. [ 430.856825][ T8452] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1367'. [ 431.083958][ T5244] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 431.299598][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 431.311125][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 431.321366][ T5244] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 431.330871][ T5244] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 431.340204][ T8460] loop0: detected capacity change from 0 to 512 [ 431.378134][ T5244] usb 3-1: config 0 descriptor?? [ 431.396504][ T8460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 431.499268][ T29] audit: type=1800 audit(1725404077.871:74): pid=8460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1372" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 431.660192][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 431.779806][ T8465] hsr0: entered promiscuous mode [ 431.891206][ T5244] cm6533_jd 0003:0D8C:0022.0009: unknown main item tag 0x0 [ 431.905857][ T5244] cm6533_jd 0003:0D8C:0022.0009: unknown main item tag 0x0 [ 431.915418][ T5244] cm6533_jd 0003:0D8C:0022.0009: item fetching failed at offset 2/5 [ 431.972819][ T5244] cm6533_jd 0003:0D8C:0022.0009: parse failed [ 431.979706][ T5244] cm6533_jd 0003:0D8C:0022.0009: probe with driver cm6533_jd failed with error -22 [ 432.088605][ T5244] usb 3-1: USB disconnect, device number 8 [ 433.000253][ T8484] loop3: detected capacity change from 0 to 256 [ 434.692372][ T8514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1406'. [ 434.909053][ T8519] loop0: detected capacity change from 0 to 256 [ 434.958993][ T8520] [U] [ 434.962054][ T8520] [U] [ 434.965051][ T8520] [U] [ 434.968048][ T8520] [U] [ 434.987449][ T8520] [U] [ 434.990488][ T8520] [U] [ 434.993466][ T8520] [U] [ 434.996440][ T8520] [U] [ 435.000023][ T8520] [U] [ 435.003038][ T8520] [U] [ 435.006050][ T8520] [U] [ 435.020115][ T8518] [U] [ 435.338621][ T8526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1401'. [ 436.161069][ T8544] loop1: detected capacity change from 0 to 128 [ 436.449086][ T8546] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1411'. [ 437.007770][ T8556] loop2: detected capacity change from 0 to 64 [ 437.438208][ T8561] loop1: detected capacity change from 0 to 128 [ 437.578047][ T8563] overlayfs: workdir and upperdir must be separate subtrees [ 439.329888][ T5183] Bluetooth: hci2: unexpected event for opcode 0x1804 [ 439.516574][ T8598] loop4: detected capacity change from 0 to 128 [ 439.871098][ T8602] loop3: detected capacity change from 0 to 64 [ 441.653423][ T8632] loop3: detected capacity change from 0 to 1024 [ 442.118129][ T8642] loop1: detected capacity change from 0 to 64 [ 442.792371][ T8655] loop1: detected capacity change from 0 to 512 [ 442.922610][ T8655] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 443.029085][ T29] audit: type=1800 audit(1725404089.351:75): pid=8655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1462" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 443.045570][ T8663] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1465'. [ 443.220410][ T5182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.352659][ T5183] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 443.361254][ T5183] Bluetooth: hci2: Injecting HCI hardware error event [ 443.374041][ T5183] Bluetooth: hci2: hardware error 0x00 [ 444.518629][ T8693] loop0: detected capacity change from 0 to 128 [ 444.589143][ T8692] loop4: detected capacity change from 0 to 512 [ 444.650472][ T8692] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 444.779751][ T29] audit: type=1800 audit(1725404091.141:76): pid=8692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1478" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 444.800300][ C0] vkms_vblank_simulate: vblank timer overrun [ 444.921275][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 445.448178][ T5183] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 446.080390][ T8720] loop4: detected capacity change from 0 to 128 [ 446.093594][ T8715] overlayfs: workdir and upperdir must be separate subtrees [ 447.241925][ T8741] process 'syz.0.1500' launched './file1' with NULL argv: empty string added [ 448.045554][ T8755] overlayfs: workdir and upperdir must be separate subtrees [ 448.567067][ T8766] loop0: detected capacity change from 0 to 128 [ 448.613910][ T8768] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1511'. [ 448.782017][ T8770] loop3: detected capacity change from 0 to 512 [ 448.856641][ T8770] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1514: corrupted in-inode xattr: invalid ea_ino [ 448.898231][ T8770] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1514: couldn't read orphan inode 15 (err -117) [ 448.945120][ T8770] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 449.102641][ T5244] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 449.223104][ T5185] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 449.317693][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 449.329060][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 449.339311][ T5244] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 449.348904][ T5244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 449.410360][ T5244] usb 5-1: config 0 descriptor?? [ 449.430345][ T8785] sctp: [Deprecated]: syz.1.1521 (pid 8785) Use of int in max_burst socket option. [ 449.430345][ T8785] Use struct sctp_assoc_value instead [ 449.933924][ T5244] cm6533_jd 0003:0D8C:0022.000A: unknown main item tag 0x0 [ 449.941609][ T5244] cm6533_jd 0003:0D8C:0022.000A: unknown main item tag 0x0 [ 449.950144][ T5244] cm6533_jd 0003:0D8C:0022.000A: item fetching failed at offset 2/5 [ 450.029786][ T5244] cm6533_jd 0003:0D8C:0022.000A: parse failed [ 450.036682][ T5244] cm6533_jd 0003:0D8C:0022.000A: probe with driver cm6533_jd failed with error -22 [ 450.162969][ T5244] usb 5-1: USB disconnect, device number 7 [ 450.680874][ T8806] loop3: detected capacity change from 0 to 128 [ 450.963067][ T5244] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 451.255509][ T5244] usb 1-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 451.265082][ T5244] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 451.273827][ T5244] usb 1-1: Product: syz [ 451.278232][ T5244] usb 1-1: Manufacturer: syz [ 451.283298][ T5244] usb 1-1: SerialNumber: syz [ 451.334601][ T5244] usb 1-1: config 0 descriptor?? [ 451.601994][ T44] usb 1-1: USB disconnect, device number 13 [ 453.037331][ T8842] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1543'. [ 455.107955][ T8872] loop4: detected capacity change from 0 to 1024 [ 455.426740][ T1281] hfsplus: b-tree write err: -5, ino 8 [ 455.503253][ T8874] loop3: detected capacity change from 0 to 2048 [ 455.668599][ T8874] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 455.681791][ T8874] ext4 filesystem being mounted at /309/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 455.805515][ T8874] fs-verity: sha512 using implementation "sha512-generic" [ 455.831767][ T8874] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1557: bg 0: block 288: padding at end of block bitmap is not set [ 455.870848][ T8874] fs-verity (loop3, inode 13): ext4_end_enable_verity() failed with err -117 [ 456.130982][ T5185] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.969883][ T8907] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1569'. [ 458.038099][ T8920] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1574'. [ 460.225024][ T8953] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1589'. [ 461.300952][ T8965] Bluetooth: MGMT ver 1.23 [ 461.698068][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1599'. [ 462.655443][ T8977] loop1: detected capacity change from 0 to 4096 [ 462.752381][ T1599] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 462.987585][ T1599] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 462.997220][ T1599] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 463.005630][ T1599] usb 5-1: Product: syz [ 463.010023][ T1599] usb 5-1: Manufacturer: syz [ 463.014952][ T1599] usb 5-1: SerialNumber: syz [ 463.054555][ T1599] usb 5-1: config 0 descriptor?? [ 463.380381][ T44] usb 5-1: USB disconnect, device number 8 [ 464.502889][ T1599] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 464.748363][ T1599] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 464.752614][ T44] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 464.759632][ T1599] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 464.759835][ T1599] usb 1-1: New USB device found, idVendor=056a, idProduct=00d2, bcdDevice= 0.00 [ 464.791881][ T1599] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.840487][ T1599] usb 1-1: config 0 descriptor?? [ 465.049184][ T44] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 465.058784][ T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 465.067188][ T44] usb 4-1: Product: syz [ 465.075591][ T44] usb 4-1: Manufacturer: syz [ 465.080441][ T44] usb 4-1: SerialNumber: syz [ 465.089622][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 465.096635][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 465.168398][ T44] usb 4-1: config 0 descriptor?? [ 465.393135][ T1599] wacom 0003:056A:00D2.000B: unknown main item tag 0x0 [ 465.443074][ T1599] wacom 0003:056A:00D2.000B: Unknown device_type for 'HID 056a:00d2'. Assuming pen. [ 465.458732][ T1599] wacom 0003:056A:00D2.000B: hidraw0: USB HID v0.00 Device [HID 056a:00d2] on usb-dummy_hcd.0-1/input0 [ 465.473256][ T1599] input: Wacom Bamboo Craft Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:00D2.000B/input/input13 [ 465.552286][ T44] usb 4-1: USB disconnect, device number 13 [ 465.590711][ T1599] usb 1-1: USB disconnect, device number 14 [ 466.179066][ T9042] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1630'. [ 467.110825][ T9057] loop3: detected capacity change from 0 to 2048 [ 467.161975][ T9057] UDF-fs: warning (device loop3): udf_fill_super: No partition found (2) [ 467.405106][ T9053] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 467.512894][ T44] IPVS: starting estimator thread 0... [ 467.588491][ T9064] IPVS: wrr: SCTP 172.20.20.187:0 - no destination available [ 467.622767][ T9068] IPVS: using max 240 ests per chain, 12000 per kthread [ 468.027614][ T9070] loop1: detected capacity change from 0 to 1024 [ 468.084114][ T9070] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 468.094418][ T9070] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 468.138559][ T9070] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 468.244068][ T5182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.702038][ T9084] loop1: detected capacity change from 0 to 1024 [ 469.053511][ T59] hfsplus: b-tree write err: -5, ino 4 [ 469.399834][ T9097] loop1: detected capacity change from 0 to 256 [ 469.425657][ T9097] FAT-fs (loop1): bogus number of directory entries (4) [ 469.433637][ T9097] FAT-fs (loop1): Can't find a valid FAT filesystem [ 469.585014][ T9097] CUSE: unknown device info "name" [ 469.590374][ T9097] CUSE: unknown device info "./file0" [ 469.599276][ T9097] CUSE: DEVNAME unspecified [ 469.843634][ T59] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 469.922031][ T9103] vxcan3: entered promiscuous mode [ 470.080727][ T59] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.261824][ T59] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.447202][ T59] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.455512][ T9110] Process accounting resumed [ 470.728820][ T59] bridge_slave_1: left allmulticast mode [ 470.735024][ T59] bridge_slave_1: left promiscuous mode [ 470.741585][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.764689][ T59] bridge_slave_0: left allmulticast mode [ 470.770577][ T59] bridge_slave_0: left promiscuous mode [ 470.777308][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.313842][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 471.410248][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 471.466177][ T9119] loop4: detected capacity change from 0 to 128 [ 471.486331][ T59] bond0 (unregistering): Released all slaves [ 471.530409][ T9119] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 471.615096][ T9119] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 472.125474][ T5186] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 472.127688][ T5186] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 472.130844][ T5186] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 472.157191][ T5186] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 472.162396][ T5186] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 472.165976][ T5186] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 472.489626][ T59] hsr_slave_0: left promiscuous mode [ 472.510150][ T59] hsr_slave_1: left promiscuous mode [ 472.517745][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 472.517907][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 472.542699][ T59] veth1_macvtap: left promiscuous mode [ 472.542841][ T59] veth0_macvtap: left promiscuous mode [ 472.543131][ T59] veth1_vlan: left promiscuous mode [ 472.543346][ T59] veth0_vlan: left promiscuous mode [ 473.421586][ T9139] loop0: detected capacity change from 0 to 256 [ 473.450508][ T59] team0 (unregistering): Port device team_slave_1 removed [ 473.520525][ T59] team0 (unregistering): Port device team_slave_0 removed [ 474.102825][ T9137] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1675'. [ 474.324851][ T5183] Bluetooth: hci3: command tx timeout [ 474.786433][ T9125] chnl_net:caif_netlink_parms(): no params data found [ 475.180461][ T5185] bridge0: port 3(syz_tun) entered disabled state [ 475.230463][ T5185] syz_tun (unregistering): left allmulticast mode [ 475.237506][ T5185] syz_tun (unregistering): left promiscuous mode [ 475.248946][ T5185] bridge0: port 3(syz_tun) entered disabled state [ 475.525304][ T3343] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.675931][ T3343] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.879274][ T3343] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.101886][ T3343] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.400653][ T5183] Bluetooth: hci3: command tx timeout [ 476.447445][ T3343] bridge_slave_1: left allmulticast mode [ 476.447550][ T3343] bridge_slave_1: left promiscuous mode [ 476.448424][ T3343] bridge0: port 2(bridge_slave_1) entered disabled state [ 476.489569][ T3343] bridge_slave_0: left allmulticast mode [ 476.489674][ T3343] bridge_slave_0: left promiscuous mode [ 476.490652][ T3343] bridge0: port 1(bridge_slave_0) entered disabled state [ 477.093485][ T3343] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 477.168726][ T3343] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 477.192936][ T3343] bond0 (unregistering): Released all slaves [ 477.218477][ T9125] bridge0: port 1(bridge_slave_0) entered blocking state [ 477.219026][ T9125] bridge0: port 1(bridge_slave_0) entered disabled state [ 477.219617][ T9125] bridge_slave_0: entered allmulticast mode [ 477.223380][ T9125] bridge_slave_0: entered promiscuous mode [ 477.308584][ T9125] bridge0: port 2(bridge_slave_1) entered blocking state [ 477.309203][ T9125] bridge0: port 2(bridge_slave_1) entered disabled state [ 477.309785][ T9125] bridge_slave_1: entered allmulticast mode [ 477.313349][ T9125] bridge_slave_1: entered promiscuous mode [ 477.499490][ T9125] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 477.554250][ T9125] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 477.928060][ T5186] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 477.930743][ T5186] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 477.948518][ T5186] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 477.960332][ T5186] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 477.967740][ T5186] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 477.970330][ T5186] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 477.989082][ T9125] team0: Port device team_slave_0 added [ 478.069167][ T9125] team0: Port device team_slave_1 added [ 478.222525][ T9125] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 478.222599][ T9125] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 478.222750][ T9125] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 478.336679][ T3343] hsr_slave_0: left promiscuous mode [ 478.341175][ T3343] hsr_slave_1: left promiscuous mode [ 478.364999][ T3343] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 478.365177][ T3343] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 478.369737][ T3343] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 478.369872][ T3343] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 478.398761][ T3343] veth1_macvtap: left promiscuous mode [ 478.398896][ T3343] veth0_macvtap: left promiscuous mode [ 478.399180][ T3343] veth1_vlan: left promiscuous mode [ 478.399489][ T3343] veth0_vlan: left promiscuous mode [ 478.527460][ T5186] Bluetooth: hci3: command tx timeout [ 479.360757][ T3343] team0 (unregistering): Port device team_slave_1 removed [ 479.405667][ T3343] team0 (unregistering): Port device team_slave_0 removed [ 479.804474][ T9125] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 479.811845][ T9125] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 479.840442][ T9125] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 480.086759][ T9188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1696'. [ 480.098329][ T5186] Bluetooth: hci1: command tx timeout [ 480.556598][ T5186] Bluetooth: hci3: command tx timeout [ 480.816809][ T9125] hsr_slave_0: entered promiscuous mode [ 480.838904][ T9125] hsr_slave_1: entered promiscuous mode [ 480.934913][ T9200] IPVS: wrr: SCTP 172.20.20.187:0 - no destination available [ 480.961021][ T5240] IPVS: starting estimator thread 0... [ 481.146309][ T9201] IPVS: using max 240 ests per chain, 12000 per kthread [ 482.018742][ T9176] chnl_net:caif_netlink_parms(): no params data found [ 482.152644][ T5186] Bluetooth: hci1: command tx timeout [ 482.483608][ T25] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 482.508053][ T9125] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 482.565271][ T9125] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 482.634923][ T9125] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 482.703886][ T9125] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 482.724482][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 482.735970][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 482.746199][ T25] usb 2-1: New USB device found, idVendor=056a, idProduct=00d2, bcdDevice= 0.00 [ 482.755729][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 482.795309][ T25] usb 2-1: config 0 descriptor?? [ 482.903727][ T9212] loop0: detected capacity change from 0 to 4096 [ 483.058171][ T9176] bridge0: port 1(bridge_slave_0) entered blocking state [ 483.066022][ T9176] bridge0: port 1(bridge_slave_0) entered disabled state [ 483.073972][ T9176] bridge_slave_0: entered allmulticast mode [ 483.083066][ T9176] bridge_slave_0: entered promiscuous mode [ 483.156401][ T9176] bridge0: port 2(bridge_slave_1) entered blocking state [ 483.164777][ T9176] bridge0: port 2(bridge_slave_1) entered disabled state [ 483.172764][ T9176] bridge_slave_1: entered allmulticast mode [ 483.182014][ T9176] bridge_slave_1: entered promiscuous mode [ 483.281140][ T25] wacom 0003:056A:00D2.000C: unknown main item tag 0x0 [ 483.313094][ T25] wacom 0003:056A:00D2.000C: Unknown device_type for 'HID 056a:00d2'. Assuming pen. [ 483.345263][ T25] wacom 0003:056A:00D2.000C: hidraw0: USB HID v0.00 Device [HID 056a:00d2] on usb-dummy_hcd.1-1/input0 [ 483.359888][ T25] input: Wacom Bamboo Craft Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00D2.000C/input/input16 [ 483.446089][ T9176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 483.475189][ T25] usb 2-1: USB disconnect, device number 14 [ 483.481715][ T9176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 483.645529][ T9176] team0: Port device team_slave_0 added [ 483.720251][ T9176] team0: Port device team_slave_1 added [ 483.801665][ T9176] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 483.809093][ T9176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.839547][ T9176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 483.860785][ T9176] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 483.868081][ T9176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.894574][ T9176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 484.031685][ T9176] hsr_slave_0: entered promiscuous mode [ 484.042299][ T9176] hsr_slave_1: entered promiscuous mode [ 484.055711][ T9176] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 484.063701][ T9176] Cannot create hsr debugfs directory [ 484.238515][ T5186] Bluetooth: hci1: command tx timeout [ 484.313566][ T9125] 8021q: adding VLAN 0 to HW filter on device bond0 [ 484.453595][ T9125] 8021q: adding VLAN 0 to HW filter on device team0 [ 484.485539][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.493257][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 484.604654][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.612468][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 485.721584][ T9176] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 485.744226][ T9176] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 485.770988][ T9176] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 485.806654][ T9176] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 486.119537][ T9236] loop4: detected capacity change from 0 to 4096 [ 486.137378][ T9236] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 486.309876][ T9236] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 486.318315][ T5186] Bluetooth: hci1: command tx timeout [ 486.361734][ T9236] ntfs3: loop4: Failed to load $Extend (-22). [ 486.368254][ T9236] ntfs3: loop4: Failed to initialize $Extend. [ 486.439168][ T9125] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 486.492235][ T29] audit: type=1800 audit(1725404132.831:77): pid=9236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1715" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 486.643381][ T9176] 8021q: adding VLAN 0 to HW filter on device bond0 [ 486.853319][ T9176] 8021q: adding VLAN 0 to HW filter on device team0 [ 486.925937][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 486.933726][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 487.061223][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.068979][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 487.160494][ T9125] veth0_vlan: entered promiscuous mode [ 487.210985][ T25] IPVS: starting estimator thread 0... [ 487.334816][ T9247] IPVS: using max 288 ests per chain, 14400 per kthread [ 487.417307][ T9125] veth1_vlan: entered promiscuous mode [ 487.428212][ T9176] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 487.461456][ T9250] loop0: detected capacity change from 0 to 512 [ 487.611728][ T9250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.626487][ T9250] ext4 filesystem being mounted at /344/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 487.708430][ T9125] veth0_macvtap: entered promiscuous mode [ 487.778277][ T9125] veth1_macvtap: entered promiscuous mode [ 487.921191][ T29] audit: type=1804 audit(1725404134.251:78): pid=9250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1719" name="/newroot/344/file0/file1" dev="loop0" ino=15 res=1 errno=0 [ 487.941490][ T9125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 487.954869][ T9125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 487.969977][ T9125] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 488.100332][ T9125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 488.115316][ T9125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.126648][ T9125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 488.137632][ T9125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.147835][ T9125] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 488.166664][ T9125] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 488.183831][ T9125] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 488.229045][ T9125] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 488.239401][ T9125] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 488.248738][ T9125] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 488.262904][ T9125] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 488.295712][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.042570][ T9176] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 489.594057][ T9176] veth0_vlan: entered promiscuous mode [ 489.669938][ T9176] veth1_vlan: entered promiscuous mode [ 489.979556][ T9176] veth0_macvtap: entered promiscuous mode [ 490.017694][ T9176] veth1_macvtap: entered promiscuous mode [ 490.198851][ T9176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.210036][ T9176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.220332][ T9176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 490.231305][ T9176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.250113][ T9176] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 490.336849][ T9176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 490.350657][ T9176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.362502][ T9176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 490.375467][ T9176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.386189][ T9176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 490.396993][ T9176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.407204][ T9176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 490.417979][ T9176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 490.433516][ T9176] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 490.489977][ T9176] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.500523][ T9176] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.509762][ T9176] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 490.518959][ T9176] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.893848][ T3343] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 491.905036][ T3343] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 491.988206][ T3343] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 491.996569][ T3343] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 492.890352][ T9318] IPVS: wrr: SCTP 172.20.20.187:0 - no destination available [ 492.901723][ T5240] IPVS: starting estimator thread 0... [ 493.024283][ T9320] IPVS: using max 240 ests per chain, 12000 per kthread [ 493.047042][ T9322] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1732'. [ 493.629364][ T5240] kernel write not supported for file /snd/seq (pid: 5240 comm: kworker/0:3) [ 494.317201][ T9339] loop0: detected capacity change from 0 to 1024 [ 494.334482][ T3343] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 494.342810][ T3343] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 494.393377][ T5183] Bluetooth: hci1: command 0x0405 tx timeout [ 494.418721][ T9339] EXT4-fs: Ignoring removed i_version option [ 494.427372][ T9339] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 494.463396][ T3343] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 494.471577][ T3343] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 494.535283][ T9339] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 494.584902][ T9338] loop2: detected capacity change from 0 to 2048 [ 494.689459][ T9347] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 495.001443][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 495.020113][ T9347] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 495.031190][ T9347] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4) [ 495.102954][ T9347] Remounting filesystem read-only [ 495.111272][ T9125] NILFS (loop2): discard dirty page: offset=0, ino=5 [ 495.119827][ T9125] NILFS (loop2): discard dirty block: blocknr=41, size=1024 [ 495.127552][ T9125] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 495.137164][ T9125] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 495.146396][ T9125] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 495.168966][ T9125] NILFS (loop2): discard dirty page: offset=0, ino=4 [ 495.176732][ T9125] NILFS (loop2): discard dirty block: blocknr=40, size=1024 [ 495.188415][ T9125] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 495.199693][ T9125] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 495.209509][ T9125] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024 [ 495.442353][ T9352] pim6reg: entered allmulticast mode [ 496.359573][ T1824] IPVS: starting estimator thread 0... [ 496.380783][ T9367] IPVS: wrr: SCTP 172.20.20.187:0 - no destination available [ 496.452741][ T9368] IPVS: using max 240 ests per chain, 12000 per kthread [ 497.301230][ T9379] loop2: detected capacity change from 0 to 1024 [ 497.349906][ T9379] EXT4-fs: Ignoring removed i_version option [ 497.393049][ T9379] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 497.468415][ T9379] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 497.799594][ T9125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 499.019365][ T9403] loop0: detected capacity change from 0 to 2048 [ 499.077484][ T9403] loop0: p3 < > p4 < > [ 499.082009][ T9403] loop0: partition table partially beyond EOD, truncated [ 499.089985][ T9403] loop0: p3 start 4284289 is beyond EOD, truncated [ 499.216953][ T9408] loop4: detected capacity change from 0 to 512 [ 499.305959][ T9414] IPVS: wrr: SCTP 172.20.20.187:0 - no destination available [ 499.341409][ T9408] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 499.443393][ T9406] loop1: detected capacity change from 0 to 4096 [ 499.447578][ T9408] EXT4-fs (loop4): 1 truncate cleaned up [ 499.460481][ T9408] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 499.464142][ T9406] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 499.847173][ T29] audit: type=1800 audit(1725404146.151:79): pid=9406 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1768" name="file1" dev="loop1" ino=30 res=0 errno=0 [ 499.847565][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 500.694072][ T29] audit: type=1326 audit(1725404147.051:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 500.719823][ T29] audit: type=1326 audit(1725404147.071:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 500.743386][ T29] audit: type=1326 audit(1725404147.071:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 500.765889][ T29] audit: type=1326 audit(1725404147.071:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 500.788693][ T29] audit: type=1326 audit(1725404147.071:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 500.814495][ T29] audit: type=1326 audit(1725404147.071:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 500.837899][ T29] audit: type=1326 audit(1725404147.071:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 500.860288][ T29] audit: type=1326 audit(1725404147.071:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=40000003 syscall=307 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 500.901008][ T29] audit: type=1326 audit(1725404147.081:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9430 comm="syz.2.1778" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 500.943396][ T5183] Bluetooth: hci1: command 0x0405 tx timeout [ 501.333689][ T9439] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 501.372635][ T9440] loop0: detected capacity change from 0 to 128 [ 501.661477][ T9444] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 502.481665][ T9456] IPVS: wrr: SCTP 172.20.20.187:0 - no destination available [ 503.018522][ T9450] loop0: detected capacity change from 0 to 4096 [ 503.072780][ T9450] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 503.516204][ T5196] Bluetooth: hci1: command 0x0405 tx timeout [ 504.199297][ T9469] loop1: detected capacity change from 0 to 4096 [ 504.237747][ T9469] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 504.514809][ T9469] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 504.549896][ T9469] ntfs3: loop1: Failed to load $Extend (-22). [ 504.559339][ T9469] ntfs3: loop1: Failed to initialize $Extend. [ 504.654849][ T9483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1803'. [ 505.100876][ T9489] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1805'. [ 506.949727][ T9516] loop1: detected capacity change from 0 to 2048 [ 506.978438][ T9504] loop3: detected capacity change from 0 to 4096 [ 507.029470][ T9519] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 507.041972][ T9504] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 507.303662][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 507.303735][ T29] audit: type=1800 audit(1725404153.681:92): pid=9504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1811" name="file1" dev="loop3" ino=30 res=0 errno=0 [ 507.413933][ T9519] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 507.428029][ T9519] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4) [ 507.510609][ T9519] Remounting filesystem read-only [ 507.535783][ T5182] NILFS (loop1): discard dirty page: offset=0, ino=5 [ 507.543013][ T5182] NILFS (loop1): discard dirty block: blocknr=41, size=1024 [ 507.550537][ T5182] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 507.559852][ T5182] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 507.575104][ T5182] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 507.631551][ T5182] NILFS (loop1): discard dirty page: offset=0, ino=4 [ 507.638757][ T5182] NILFS (loop1): discard dirty block: blocknr=40, size=1024 [ 507.646548][ T5182] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 507.658868][ T5182] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 507.668108][ T5182] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024 [ 508.257427][ T9521] syz.0.1818 (9521): drop_caches: 2 [ 510.023710][ T9554] netlink: 'syz.4.1830': attribute type 6 has an invalid length. [ 510.034472][ T9554] netlink: 'syz.4.1830': attribute type 30 has an invalid length. [ 510.046103][ T9554] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1830'. [ 510.055929][ T9554] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 510.065450][ T9554] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 512.162328][ T9581] loop4: detected capacity change from 0 to 512 [ 512.290993][ T9581] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 512.309495][ T9581] ext4 filesystem being mounted at /394/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 512.325534][ T9588] sctp: [Deprecated]: syz.1.1843 (pid 9588) Use of int in maxseg socket option. [ 512.325534][ T9588] Use struct sctp_assoc_value instead [ 512.500742][ T29] audit: type=1804 audit(1725404158.841:93): pid=9589 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1844" name="/newroot/394/file0/file1" dev="loop4" ino=15 res=1 errno=0 [ 512.621985][ T9591] vxcan0: tx drop: invalid da for name 0x0000000002000000 [ 512.725256][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 515.029527][ T9613] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1852'. [ 515.836130][ T9622] loop2: detected capacity change from 0 to 512 [ 516.071955][ T9622] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 516.085445][ T9622] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 516.128073][ T9633] loop0: detected capacity change from 0 to 512 [ 516.167504][ T9633] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 516.219710][ T9633] EXT4-fs (loop0): 1 truncate cleaned up [ 516.229918][ T9633] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 516.457231][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.515156][ T29] audit: type=1804 audit(1725404162.861:94): pid=9635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1857" name="/newroot/29/file0/file1" dev="loop2" ino=15 res=1 errno=0 [ 516.709012][ T9125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.982224][ T9640] netlink: 'syz.1.1862': attribute type 5 has an invalid length. [ 517.024137][ T9639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1863'. [ 517.267842][ T9641] loop0: detected capacity change from 0 to 2048 [ 517.450945][ T9649] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 517.663049][ T29] audit: type=1800 audit(1725404163.981:95): pid=9641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1874" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 518.148895][ T9654] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1867'. [ 518.741813][ T9664] loop3: detected capacity change from 0 to 128 [ 518.811205][ T9664] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 518.901728][ T9664] ext4 filesystem being mounted at /25/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 518.921946][ T9665] loop1: detected capacity change from 0 to 1024 [ 518.944200][ T9665] EXT4-fs: Ignoring removed orlov option [ 518.978797][ T9665] EXT4-fs (loop1): Test dummy encryption mode enabled [ 519.018300][ T9665] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 519.190926][ T9665] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 519.286983][ T9176] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 519.596274][ T9678] netlink: 'syz.2.1879': attribute type 6 has an invalid length. [ 519.604391][ T9678] netlink: 'syz.2.1879': attribute type 30 has an invalid length. [ 519.612830][ T9678] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1879'. [ 519.625089][ T9678] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0) [ 519.634566][ T9678] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255 [ 519.670230][ T5182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 519.825856][ T9681] netlink: 'syz.3.1878': attribute type 7 has an invalid length. [ 520.629058][ T9691] loop4: detected capacity change from 0 to 2048 [ 520.827660][ T9691] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 521.616662][ T9711] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1894'. [ 521.663868][ T9711] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1894'. [ 521.676264][ T9711] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1894'. [ 521.737579][ T9713] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1895'. [ 521.747215][ T9713] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1895'. [ 521.756666][ T9713] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1895'. [ 521.768794][ T9713] vlan0: entered allmulticast mode [ 521.774446][ T9713] veth0_vlan: entered allmulticast mode [ 523.243745][ T9740] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1907'. [ 524.240322][ T9738] loop2: detected capacity change from 0 to 4096 [ 524.255762][ T9738] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 524.345372][ T9738] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 524.539307][ T9758] ALSA: mixer_oss: invalid index -1404626105 [ 524.597785][ T3118] ntfs3: loop2: ino=5, "/" ntfs3_write_inode failed, -22. [ 525.191718][ T9764] loop4: detected capacity change from 0 to 512 [ 525.245560][ T9764] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 525.327773][ T9764] EXT4-fs (loop4): 1 truncate cleaned up [ 525.335483][ T9764] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 525.380473][ T9761] loop0: detected capacity change from 0 to 2048 [ 525.415461][ T9761] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 525.445482][ T9761] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 525.846630][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.890656][ T9775] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1923'. [ 525.995868][ T1599] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 526.241407][ T9781] netlink: 'syz.4.1925': attribute type 18 has an invalid length. [ 526.251808][ T1599] usb 4-1: Using ep0 maxpacket: 8 [ 526.327939][ T1599] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 526.340219][ T1599] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 526.350407][ T1599] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 526.363193][ T1599] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 526.444338][ T1599] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 526.456526][ T1599] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 526.465000][ T1599] usb 4-1: SerialNumber: syz [ 526.516375][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 526.525848][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 526.551460][ T9772] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 526.578127][ T1599] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22 [ 526.587868][ T1599] usb-storage 4-1:1.0: USB Mass Storage device detected [ 526.647387][ T1599] usb-storage 4-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 526.724888][ T9792] loop0: detected capacity change from 0 to 128 [ 526.747313][ T9792] VFS: Found a Xenix FS (block size = 512) on device loop0 [ 526.762869][ T1599] scsi host1: usb-storage 4-1:1.0 [ 526.910774][ T5187] sysv_free_block: trying to free block not in datazone [ 526.929010][ T1824] usb 4-1: USB disconnect, device number 14 [ 526.957803][ T5187] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 527.155048][ T9796] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1930'. [ 527.856672][ T9795] loop4: detected capacity change from 0 to 4096 [ 527.889798][ T9795] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 528.249431][ T9806] loop2: detected capacity change from 0 to 512 [ 528.285241][ T9795] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 528.315708][ T9806] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 528.338280][ T9795] ntfs3: loop4: mft corrupted [ 528.343730][ T9795] ntfs3: loop4: Failed to load $Extend (-22). [ 528.350170][ T9795] ntfs3: loop4: Failed to initialize $Extend. [ 528.419095][ T9795] ntfs3: loop4: ino=1e, "file1" failed to parse mft record [ 528.429742][ T9795] ntfs3: loop4: ino=1e, "file1" attr_set_size [ 528.437481][ T9806] EXT4-fs (loop2): 1 orphan inode deleted [ 528.443785][ T9806] EXT4-fs (loop2): 1 truncate cleaned up [ 528.451274][ T9806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 528.552538][ T9806] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1403: inode #12: block 7: comm syz.2.1935: path /46/bus/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 528.693024][ T9806] EXT4-fs (loop2): Remounting filesystem read-only [ 528.989346][ T9125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 529.085460][ T9816] loop1: detected capacity change from 0 to 128 [ 529.218962][ T9818] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1940'. [ 529.399457][ T9822] loop4: detected capacity change from 0 to 256 [ 529.461767][ T9822] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 529.540519][ T9821] loop2: detected capacity change from 0 to 1024 [ 530.433162][ T9832] loop2: detected capacity change from 0 to 128 [ 530.527522][ T9832] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 530.611013][ T9832] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 530.630910][ T9838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1947'. [ 531.025379][ T9125] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 531.057990][ T9845] loop3: detected capacity change from 0 to 64 [ 531.259489][ T9845] hfs: request for non-existent node 1280 in B*Tree [ 531.266613][ T9845] hfs: request for non-existent node 1280 in B*Tree [ 531.276581][ T9845] hfs: request for non-existent node 1280 in B*Tree [ 531.283617][ T9845] hfs: request for non-existent node 1280 in B*Tree [ 531.440813][ T9853] loop4: detected capacity change from 0 to 512 [ 531.508756][ T9853] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1954: corrupted in-inode xattr: invalid ea_ino [ 531.535773][ T9853] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1954: couldn't read orphan inode 15 (err -117) [ 531.555222][ T9853] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 531.679193][ T9853] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1954: invalid indirect mapped block 234881024 (level 0) [ 532.076085][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 532.558170][ T9870] netlink: 'syz.2.1961': attribute type 3 has an invalid length. [ 532.566462][ T9870] netlink: 'syz.2.1961': attribute type 3 has an invalid length. [ 532.740287][ T9878] binder: 9873:9878 ioctl 4018620d 0 returned -22 [ 532.761081][ T9877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1964'. [ 533.307293][ T5240] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 533.465248][ T1824] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 533.527894][ T5240] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 533.539356][ T5240] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 533.552766][ T5240] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1c0c, bcdDevice= 0.00 [ 533.562696][ T5240] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 533.637647][ T5240] usb 5-1: config 0 descriptor?? [ 533.670230][ T1824] usb 1-1: Using ep0 maxpacket: 16 [ 533.726687][ T1824] usb 1-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 533.738990][ T1824] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 533.747426][ T1824] usb 1-1: Product: syz [ 533.751809][ T1824] usb 1-1: Manufacturer: syz [ 533.756873][ T1824] usb 1-1: SerialNumber: syz [ 533.850121][ T1824] usb 1-1: config 0 descriptor?? [ 533.919596][ T1824] ssu100 1-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 533.981673][ T9895] loop1: detected capacity change from 0 to 512 [ 534.060719][ T9899] loop3: detected capacity change from 0 to 256 [ 534.129063][ T9895] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 534.141554][ T5240] corsair-psu 0003:1B1C:1C0C.000D: unknown main item tag 0x4 [ 534.152596][ T5240] corsair-psu 0003:1B1C:1C0C.000D: item fetching failed at offset 5/7 [ 534.164547][ T9895] EXT4-fs (loop1): orphan cleanup on readonly fs [ 534.222636][ T5240] corsair-psu 0003:1B1C:1C0C.000D: probe with driver corsair-psu failed with error -22 [ 534.235215][ T9895] Quota error (device loop1): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 534.250383][ T9895] EXT4-fs warning (device loop1): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 534.270981][ T9895] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 534.313761][ T1824] ssu100 1-1:0.0: probe with driver ssu100 failed with error -71 [ 534.336428][ T9895] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1973: bg 0: block 40: padding at end of block bitmap is not set [ 534.349290][ T5240] usb 5-1: USB disconnect, device number 9 [ 534.352675][ T1824] usb 1-1: USB disconnect, device number 15 [ 534.391557][ T9895] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 534.456056][ T9895] EXT4-fs (loop1): 1 truncate cleaned up [ 534.463844][ T9895] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 534.613829][ T9895] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.1973: bad symlink. [ 534.653366][ T9904] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.1973: bad symlink. [ 534.761049][ T9906] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1976'. [ 534.828784][ T5182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 535.276624][ T9915] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1980'. [ 535.303542][ T9914] loop4: detected capacity change from 0 to 256 [ 535.359114][ T9916] loop2: detected capacity change from 0 to 256 [ 535.405169][ T9916] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 535.884439][ T9921] loop1: detected capacity change from 0 to 256 [ 536.005696][ T9921] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011fbe, chksum : 0xeb6f636c, utbl_chksum : 0xe619d30d) [ 536.129314][ T9921] exFAT-fs (loop1): hint_cluster is invalid (1), rewind to the first cluster [ 536.145772][ T9921] exFAT-fs (loop1): error, invalid access to exfat cache (entry 0x00000000) [ 536.156163][ T9921] exFAT-fs (loop1): Filesystem has been set read-only [ 536.165997][ T9921] exFAT-fs (loop1): error, failed to bmap (inode : ffff8880132717f0 iblock : 9, err : -5) [ 536.197458][ T9921] exFAT-fs (loop1): error, tried to truncate zeroed cluster. [ 536.217272][ T9921] syz.1.1984: attempt to access beyond end of device [ 536.217272][ T9921] loop1: rw=2049, sector=34359738488, nr_sectors = 8 limit=256 [ 536.285008][ T9931] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1987'. [ 536.637837][ T9935] tun0: tun_chr_ioctl cmd 1074025677 [ 536.644062][ T9935] tun0: linktype set to 780 [ 536.894555][ T9934] loop0: detected capacity change from 0 to 2048 [ 537.875721][ T9950] loop0: detected capacity change from 0 to 1024 [ 537.966168][ T9950] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 538.076823][ T9950] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 538.290910][ T9950] EXT4-fs error (device loop0): ext4_read_inline_dir:1564: inode #12: block 16: comm syz.0.1996: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=40, inode=301989902, rec_len=0, size=80 fake=0 [ 538.604425][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.371830][ T9979] loop0: detected capacity change from 0 to 64 [ 539.503783][ T9979] Trying to free block not in datazone [ 539.511050][ T9979] Trying to free block not in datazone [ 539.519376][ T9979] Trying to free block not in datazone [ 539.528460][ T9979] Trying to free block not in datazone [ 539.534203][ T9979] Trying to free block not in datazone [ 539.539835][ T9979] minix_free_block (loop0:6): bit already cleared [ 539.546626][ T9979] Trying to free block not in datazone [ 539.555169][ T9979] Trying to free block not in datazone [ 540.890135][ T29] audit: type=1326 audit(1725404187.181:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.2015" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f36579 code=0x0 [ 542.461652][T10018] loop3: detected capacity change from 0 to 1024 [ 542.463805][ T25] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 542.732665][ T25] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 542.744973][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.787724][ T25] usb 2-1: config 0 descriptor?? [ 542.844089][ T25] cp210x 2-1:0.0: cp210x converter detected [ 543.284065][ T3118] hfsplus: b-tree write err: -5, ino 4 [ 543.288795][ T25] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 543.352928][ T25] usb 2-1: cp210x converter now attached to ttyUSB0 [ 543.511573][ T25] usb 2-1: USB disconnect, device number 15 [ 543.557391][ T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 543.632678][ T25] cp210x 2-1:0.0: device disconnected [ 543.792000][T10036] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2032'. [ 545.776904][T10064] loop3: detected capacity change from 0 to 2048 [ 545.895256][T10064] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.2047: bad orphan inode 8192 [ 545.986284][T10064] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 546.425986][ T9176] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 546.549009][T10086] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2057'. [ 547.592775][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 547.714354][ T29] audit: type=1326 audit(1725404194.101:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10103 comm="syz.2.2066" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x0 [ 548.214258][T10112] sctp: [Deprecated]: syz.1.2069 (pid 10112) Use of int in max_burst socket option deprecated. [ 548.214258][T10112] Use struct sctp_assoc_value instead [ 549.280127][T10114] loop0: detected capacity change from 0 to 4096 [ 549.542533][T10127] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 550.190427][T10135] loop2: detected capacity change from 0 to 64 [ 550.346585][T10141] loop1: detected capacity change from 0 to 164 [ 550.955048][T10148] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2086'. [ 550.979093][T10153] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2084'. [ 551.831457][T10165] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2093'. [ 552.547108][T10163] loop2: detected capacity change from 0 to 4096 [ 552.701366][T10181] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 554.047092][T10197] loop4: detected capacity change from 0 to 2048 [ 554.050784][T10200] loop0: detected capacity change from 0 to 256 [ 554.110067][T10197] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 554.111053][T10200] exfat: Deprecated parameter 'namecase' [ 554.128381][T10200] exfat: Bad value for 'fmask' [ 554.373017][T10200] loop0: detected capacity change from 0 to 512 [ 554.388837][T10200] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 554.509045][T10200] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 554.530666][T10200] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 554.556685][T10200] EXT4-fs (loop0): 1 truncate cleaned up [ 554.564476][T10200] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 554.896336][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 555.162987][ T29] audit: type=1326 audit(1725404201.501:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10214 comm="syz.1.2116" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x0 [ 555.760999][T10213] loop3: detected capacity change from 0 to 4096 [ 556.264922][T10222] syz.4.2119 (10222): drop_caches: 2 [ 556.745812][T10235] binder: 10234:10235 ioctl 40046210 0 returned -14 [ 556.849115][T10213] overlayfs: upper fs does not support tmpfile. [ 556.876860][T10213] overlayfs: workdir/#4 already exists [ 560.130961][T10262] syz.3.2135 (10262): drop_caches: 2 [ 560.209417][T10273] loop4: detected capacity change from 0 to 1024 [ 560.290751][T10273] hfsplus: bad catalog entry type [ 560.636743][ T3011] hfsplus: b-tree write err: -5, ino 4 [ 561.038096][T10283] loop4: detected capacity change from 0 to 47 [ 561.222745][ T29] audit: type=1800 audit(1725404207.551:99): pid=10283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2144" name="bus" dev="loop4" ino=8 res=0 errno=0 [ 561.248461][ T29] audit: type=1800 audit(1725404207.561:100): pid=10283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2144" name="bus" dev="loop4" ino=8 res=0 errno=0 [ 561.685376][T10293] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 562.077405][T10299] sctp: [Deprecated]: syz.4.2152 (pid 10299) Use of int in max_burst socket option deprecated. [ 562.077405][T10299] Use struct sctp_assoc_value instead [ 562.427973][T10308] bond0: Unable to set down delay as MII monitoring is disabled [ 562.452683][ T44] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 562.644744][T10303] syz.1.2154 (10303): drop_caches: 2 [ 562.677759][T10303] syz.1.2154 (10303): drop_caches: 2 [ 562.726583][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 562.738435][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 562.752530][ T44] usb 4-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 562.764383][ T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 562.789057][ T44] usb 4-1: config 0 descriptor?? [ 563.042669][ T1599] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 563.159028][T10313] loop0: detected capacity change from 0 to 1024 [ 563.268022][ T44] holtek 0003:1241:5015.000E: collection stack underflow [ 563.280112][ T44] holtek 0003:1241:5015.000E: item 0 4 0 12 parsing failed [ 563.295866][ T1599] usb 5-1: Using ep0 maxpacket: 16 [ 563.308116][ T44] holtek 0003:1241:5015.000E: parse failed [ 563.317372][ T44] holtek 0003:1241:5015.000E: probe with driver holtek failed with error -22 [ 563.327153][ T1599] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 563.341668][ T1599] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 563.351817][ T1599] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 563.367867][ T1599] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 563.379596][ T1599] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 563.410258][ T1599] usb 5-1: config 0 descriptor?? [ 563.441424][T10316] loop1: detected capacity change from 0 to 512 [ 563.491481][ T44] usb 4-1: USB disconnect, device number 15 [ 563.562456][T10316] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.2160: casefold flag without casefold feature [ 563.588884][T10316] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.2160: couldn't read orphan inode 15 (err -117) [ 563.605353][ T3118] hfsplus: b-tree write err: -5, ino 4 [ 563.721141][T10316] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 563.737958][T10322] netlink: 'syz.0.2162': attribute type 2 has an invalid length. [ 563.738050][T10322] netlink: 16142 bytes leftover after parsing attributes in process `syz.0.2162'. [ 563.782799][ T29] audit: type=1326 audit(1725404210.141:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10317 comm="syz.2.2161" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x0 [ 563.854502][T10316] EXT4-fs warning (device loop1): ext4_empty_dir:3096: inode #2: comm syz.1.2160: directory missing '.' [ 563.890260][ T1599] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0 [ 563.946265][ T1599] microsoft 0003:045E:07DA.000F: No inputs registered, leaving [ 563.976935][ T1599] microsoft 0003:045E:07DA.000F: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 563.988820][ T1599] microsoft 0003:045E:07DA.000F: no inputs found [ 563.999009][ T1599] microsoft 0003:045E:07DA.000F: could not initialize ff, continuing anyway [ 564.032870][ T5182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 564.091113][ T1599] usb 5-1: USB disconnect, device number 10 [ 564.609999][T10330] Illegal XDP return value 4294967294 on prog (id 162) dev N/A, expect packet loss! [ 565.025382][T10337] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2168'. [ 565.493668][T10346] syz.2.2170 (10346): drop_caches: 2 [ 565.533423][T10346] syz.2.2170 (10346): drop_caches: 2 [ 566.224863][T10358] loop3: detected capacity change from 0 to 256 [ 566.436618][ T29] audit: type=1800 audit(1725404212.791:102): pid=10358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2177" name="bus" dev="loop3" ino=1048658 res=0 errno=0 [ 567.065453][ T44] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 567.276061][T10374] sctp: [Deprecated]: syz.1.2184 (pid 10374) Use of struct sctp_assoc_value in delayed_ack socket option. [ 567.276061][T10374] Use struct sctp_sack_info instead [ 567.341467][ T44] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 567.355275][ T44] usb 3-1: New USB device found, idVendor=0582, idProduct=0000, bcdDevice= 0.00 [ 567.366830][ T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 567.383706][T10373] loop3: detected capacity change from 0 to 512 [ 567.463821][ T44] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 567.491392][T10373] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 567.508359][T10373] ext4 filesystem being mounted at /86/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 567.633274][ T1599] usb 3-1: USB disconnect, device number 9 [ 567.756846][ T9176] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.302892][T10383] loop3: detected capacity change from 0 to 1024 [ 568.334633][T10383] EXT4-fs: Ignoring removed i_version option [ 568.363053][T10383] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 568.488304][T10383] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 568.754000][T10392] netlink: 'syz.4.2193': attribute type 1 has an invalid length. [ 568.998723][ T9176] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 569.153148][T10399] ax25_connect(): syz.2.2194 uses autobind, please contact jreuter@yaina.de [ 569.182944][T10397] loop2: detected capacity change from 0 to 2048 [ 569.323040][T10397] loop2: p4 < > [ 569.487829][T10408] loop3: detected capacity change from 0 to 64 [ 569.947308][T10415] ALSA: mixer_oss: invalid OSS volume '¢¢ð½ñL²Îýþ‰XTp0þ¥œý¦' [ 569.955695][T10415] ALSA: mixer_oss: invalid OSS volume '' [ 570.105153][T10417] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 570.112956][T10417] IPv6: NLM_F_CREATE should be set when creating new route [ 570.248842][T10419] loop3: detected capacity change from 0 to 128 [ 571.111937][T10436] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2213'. [ 571.512682][T10444] loop3: detected capacity change from 0 to 1024 [ 571.539637][T10444] EXT4-fs: Ignoring removed nomblk_io_submit option [ 571.590892][T10444] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 571.602908][T10444] EXT4-fs (loop3): Test dummy encryption mode enabled [ 571.685994][T10444] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c855c01c, mo2=0003] [ 571.738286][T10444] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 571.936860][T10453] loop4: detected capacity change from 0 to 256 [ 572.124141][T10453] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 572.137647][T10453] FAT-fs (loop4): Filesystem has been set read-only [ 572.144643][T10453] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 572.155139][T10453] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 572.215940][ T29] audit: type=1800 audit(1725404218.551:103): pid=10453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2220" name="file1" dev="loop4" ino=1048659 res=0 errno=0 [ 572.360565][ T9176] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.930937][T10465] loop3: detected capacity change from 0 to 2048 [ 573.078510][T10472] loop0: detected capacity change from 0 to 64 [ 573.087362][T10473] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 573.895823][ T29] audit: type=1326 audit(1725404220.251:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10479 comm="syz.0.2231" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f36579 code=0x0 [ 574.075034][T10481] loop2: detected capacity change from 0 to 2048 [ 574.181213][T10481] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 574.311319][T10491] loop1: detected capacity change from 0 to 512 [ 574.435778][T10491] EXT4-fs: Ignoring removed nomblk_io_submit option [ 574.440453][T10491] EXT4-fs (loop1): Test dummy encryption mode enabled [ 574.440544][T10491] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 574.441249][T10491] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 574.441361][T10491] EXT4-fs (loop1): group descriptors corrupted! [ 574.596204][ T9125] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 574.654484][ T9125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.417390][T10505] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2241'. [ 575.730730][T10509] loop0: detected capacity change from 0 to 512 [ 575.779762][T10509] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 575.853907][T10509] EXT4-fs (loop0): 1 orphan inode deleted [ 575.859988][T10509] EXT4-fs (loop0): 1 truncate cleaned up [ 575.870553][T10509] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 575.964668][T10509] EXT4-fs error (device loop0): empty_inline_dir:1833: inode #12: block 7: comm syz.0.2243: bad entry in directory: directory entry overrun - offset=4, inode=13, rec_len=784, size=60 fake=0 [ 576.069571][T10509] EXT4-fs (loop0): Remounting filesystem read-only [ 576.083293][T10509] EXT4-fs warning (device loop0): empty_inline_dir:1840: bad inline directory (dir #12) - inode 13, rec_len 784, name_len 5inline size 60 [ 576.377430][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.429133][T10522] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2248'. [ 576.815241][T10529] loop0: detected capacity change from 0 to 128 [ 576.990584][T10535] netlink: 'syz.2.2252': attribute type 5 has an invalid length. [ 577.474305][T10541] loop0: detected capacity change from 0 to 1024 [ 577.680327][T10541] hfsplus: bad catalog entry type [ 578.042822][ T59] hfsplus: b-tree write err: -5, ino 4 [ 578.798255][T10555] loop2: detected capacity change from 0 to 128 [ 578.880274][T10555] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 578.970974][T10555] ext4 filesystem being mounted at /110/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 579.106518][T10563] netlink: 'syz.1.2266': attribute type 7 has an invalid length. [ 579.267371][ T9125] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 579.636343][T10567] loop2: detected capacity change from 0 to 1024 [ 579.651334][T10567] EXT4-fs: Ignoring removed orlov option [ 579.677190][T10567] EXT4-fs (loop2): Test dummy encryption mode enabled [ 579.697409][T10567] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 579.752576][T10567] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 580.071550][ T9125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.268395][T10579] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2273'. [ 580.281027][T10579] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2273'. [ 580.291390][T10579] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2273'. [ 580.303723][T10579] vlan0: entered allmulticast mode [ 580.309071][T10579] veth0_vlan: entered allmulticast mode [ 580.322450][ T44] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 580.413500][T10586] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2274'. [ 580.493245][T10586] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2274'. [ 580.502718][T10586] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2274'. [ 580.552745][ T44] usb 5-1: Using ep0 maxpacket: 8 [ 580.570645][ T44] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 580.587746][ T44] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 580.598732][ T44] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 580.608782][ T44] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0 [ 580.687925][ T44] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 580.697608][ T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 580.708743][ T44] usb 5-1: SerialNumber: syz [ 580.767928][T10577] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 580.815470][ T44] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22 [ 580.825133][ T44] usb-storage 5-1:1.0: USB Mass Storage device detected [ 580.857801][ T44] usb-storage 5-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 580.881089][ T44] scsi host1: usb-storage 5-1:1.0 [ 581.048071][T10592] loop3: detected capacity change from 0 to 2048 [ 581.150973][ T5240] usb 5-1: USB disconnect, device number 11 [ 581.180035][T10592] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 581.298149][T10598] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2277'. [ 581.345317][T10594] loop2: detected capacity change from 0 to 2048 [ 581.367375][T10594] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 581.418634][T10594] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 581.781732][T10602] loop0: detected capacity change from 0 to 128 [ 582.229726][T10608] loop4: detected capacity change from 0 to 128 [ 582.328693][T10608] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 582.582895][T10612] loop1: detected capacity change from 0 to 512 [ 582.619380][ T5195] sysv_free_block: trying to free block not in datazone [ 582.636437][T10616] ALSA: mixer_oss: invalid index -1404626105 [ 582.659577][T10612] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 582.675488][ T5195] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 582.801600][T10612] EXT4-fs (loop1): 1 truncate cleaned up [ 582.809859][T10612] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 582.866764][T10621] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2288'. [ 583.164549][T10628] loop2: detected capacity change from 0 to 64 [ 583.271060][T10628] hfs: request for non-existent node 1280 in B*Tree [ 583.272849][T10630] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2291'. [ 583.280725][T10628] hfs: request for non-existent node 1280 in B*Tree [ 583.294199][T10628] hfs: request for non-existent node 1280 in B*Tree [ 583.300977][T10628] hfs: request for non-existent node 1280 in B*Tree [ 583.440516][ T5182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 583.842356][T10635] netlink: 'syz.1.2294': attribute type 18 has an invalid length. [ 584.056575][T10623] loop4: detected capacity change from 0 to 4096 [ 584.145112][T10623] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 584.226506][T10641] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2296'. [ 584.258275][T10623] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 584.630886][ T13] ntfs3: loop4: ino=5, "/" ntfs3_write_inode failed, -22. [ 584.711136][T10649] loop3: detected capacity change from 0 to 128 [ 584.767388][T10649] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 584.803121][T10649] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 584.927418][T10655] loop1: detected capacity change from 0 to 256 [ 585.087638][T10655] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 585.343330][ T9176] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 585.587251][T10663] loop3: detected capacity change from 0 to 512 [ 585.610128][T10657] loop0: detected capacity change from 0 to 2048 [ 585.647208][T10663] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 585.756684][T10657] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 585.790874][T10663] EXT4-fs (loop3): 1 orphan inode deleted [ 585.799789][T10663] EXT4-fs (loop3): 1 truncate cleaned up [ 585.810584][T10663] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 585.928514][T10663] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1403: inode #12: block 7: comm syz.3.2309: path /108/bus/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 586.019079][T10663] EXT4-fs (loop3): Remounting filesystem read-only [ 586.246852][ T9176] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.320963][T10670] loop2: detected capacity change from 0 to 256 [ 586.624320][T10675] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2315'. [ 586.693133][T10678] netlink: 'syz.0.2314': attribute type 3 has an invalid length. [ 586.701215][T10678] netlink: 'syz.0.2314': attribute type 3 has an invalid length. [ 587.907347][T10698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2324'. [ 587.981623][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.988433][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 588.208664][T10700] qrtr: Invalid version 0 [ 588.642889][T10690] loop3: detected capacity change from 0 to 4096 [ 588.697491][T10690] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 588.908644][T10690] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 588.948063][T10690] ntfs3: loop3: mft corrupted [ 588.955984][T10690] ntfs3: loop3: Failed to load $Extend (-22). [ 588.962649][T10690] ntfs3: loop3: Failed to initialize $Extend. [ 589.011281][T10713] loop0: detected capacity change from 0 to 512 [ 589.084086][T10713] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 589.093952][T10713] EXT4-fs (loop0): orphan cleanup on readonly fs [ 589.101656][T10713] Quota error (device loop0): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 589.115411][T10713] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 589.132721][T10713] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 589.151523][T10713] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2333: bg 0: block 40: padding at end of block bitmap is not set [ 589.216947][T10713] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 589.227034][T10690] ntfs3: loop3: ino=1e, "file1" failed to parse mft record [ 589.237483][T10690] ntfs3: loop3: ino=1e, "file1" attr_set_size [ 589.287926][T10713] EXT4-fs (loop0): 1 truncate cleaned up [ 589.295718][T10713] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 589.479211][T10713] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz.0.2333: bad symlink. [ 589.525251][T10713] EXT4-fs error (device loop0): ext4_get_link:106: inode #16: comm syz.0.2333: bad symlink. [ 589.634500][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.800375][T10724] loop4: detected capacity change from 0 to 256 [ 590.452922][T10740] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2342'. [ 590.795140][T10737] loop4: detected capacity change from 0 to 2048 [ 591.009488][T10742] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2344'. [ 591.054927][T10745] binder: 10744:10745 ioctl 4018620d 0 returned -22 [ 591.548581][T10756] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2347'. [ 593.369427][T10787] loop2: detected capacity change from 0 to 1024 [ 593.436351][T10787] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 593.525716][T10787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 593.641152][T10791] loop1: detected capacity change from 0 to 1024 [ 593.739120][T10787] EXT4-fs error (device loop2): ext4_read_inline_dir:1564: inode #12: block 16: comm syz.2.2363: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=40, inode=301989902, rec_len=0, size=80 fake=0 [ 593.745323][T10791] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 594.199691][ T9125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.487817][T10799] loop1: detected capacity change from 0 to 256 [ 594.585679][T10803] loop0: detected capacity change from 0 to 8 [ 594.613689][T10799] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 594.763547][T10803] SQUASHFS error: Unable to read directory block [629:46] [ 595.112424][ T5196] Bluetooth: hci3: command 0x0406 tx timeout [ 596.096643][T10829] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2383'. [ 596.421183][T10833] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2384'. [ 596.617239][T10840] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2389'. [ 597.737263][T10861] loop3: detected capacity change from 0 to 16 [ 597.795063][T10861] erofs: (device loop3): mounted with root inode @ nid 36. [ 598.628214][T10879] loop1: detected capacity change from 0 to 256 [ 598.766196][T10879] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4f8593fa, utbl_chksum : 0xe619d30d) [ 599.568916][T10893] loop1: detected capacity change from 0 to 1024 [ 599.666905][T10893] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 599.821919][T10893] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 600.102374][ T5240] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 600.164392][ T5182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 600.233267][ T5196] Bluetooth: hci1: command 0x0405 tx timeout [ 600.360325][ T5240] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 600.373203][ T5240] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 600.381470][ T5240] usb 3-1: Product: syz [ 600.386123][ T5240] usb 3-1: Manufacturer: syz [ 600.390958][ T5240] usb 3-1: SerialNumber: syz [ 600.421283][ T5240] usb 3-1: config 0 descriptor?? [ 600.478458][T10911] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2422'. [ 600.553527][ T1599] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 600.659890][ T5240] usb 3-1: USB disconnect, device number 10 [ 600.779629][ T1599] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 600.793815][ T1599] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 600.804175][ T1599] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 600.817504][ T1599] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 600.829554][ T1599] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 600.903803][ T1599] usb 1-1: config 0 descriptor?? [ 601.028500][T10919] loop4: detected capacity change from 0 to 64 [ 601.360107][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.372468][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.383748][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.391553][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.399530][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.407388][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.417961][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.425938][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.433749][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.441531][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.452277][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.460021][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.471614][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.480076][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.490559][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.498391][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.506246][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.517118][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.524971][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.532753][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.540530][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.551292][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.559109][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.566977][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.581018][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.589654][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.597487][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.607894][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.615706][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.623594][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.631315][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.642017][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.650008][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.658471][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.669105][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.680476][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.689083][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.699458][ T1599] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0 [ 601.855859][ T1599] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving [ 601.909413][ T1599] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 601.927109][T10927] loop3: detected capacity change from 0 to 64 [ 601.978041][ T1599] usb 1-1: USB disconnect, device number 16 [ 602.591394][T10936] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 603.065904][T10944] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 603.080521][T10944] overlayfs: workdir and upperdir must be separate subtrees [ 603.185789][T10946] bridge0: port 3(syz_tun) entered blocking state [ 603.193278][T10946] bridge0: port 3(syz_tun) entered disabled state [ 603.200684][T10946] syz_tun: entered allmulticast mode [ 603.213807][T10946] syz_tun: entered promiscuous mode [ 603.221483][T10946] bridge0: port 3(syz_tun) entered blocking state [ 603.228691][T10946] bridge0: port 3(syz_tun) entered forwarding state [ 603.677919][T10951] loop0: detected capacity change from 0 to 512 [ 603.767862][T10951] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 603.996322][T10951] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 604.012561][T10951] ext4 filesystem being mounted at /499/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 604.327831][T10963] loop2: detected capacity change from 0 to 512 [ 604.367688][T10963] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 604.415821][T10963] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002] [ 604.417651][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 604.444866][T10963] System zones: 1-12 [ 604.509740][T10963] EXT4-fs (loop2): 1 truncate cleaned up [ 604.520100][T10963] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 604.602609][T10966] loop1: detected capacity change from 0 to 256 [ 604.739222][T10966] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 604.907004][ T9125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 605.145083][ T5244] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 605.366273][ T5244] usb 1-1: Using ep0 maxpacket: 8 [ 605.420133][ T5244] usb 1-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a [ 605.429650][ T5244] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 605.438108][ T5244] usb 1-1: Product: syz [ 605.445308][ T5244] usb 1-1: Manufacturer: syz [ 605.450145][ T5244] usb 1-1: SerialNumber: syz [ 605.497746][ T5244] usb 1-1: config 0 descriptor?? [ 605.520411][ T5244] gspca_main: sn9c2028-2.14.0 probing 0458:7003 [ 605.793560][ T5244] gspca_sn9c2028: read1 error -32 [ 605.816877][ T5244] gspca_sn9c2028: read1 error -32 [ 606.031652][ T44] usb 1-1: USB disconnect, device number 17 [ 606.072345][ T5244] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 606.227029][T10991] netlink: 'syz.3.2457': attribute type 29 has an invalid length. [ 606.268110][T10991] netlink: 'syz.3.2457': attribute type 29 has an invalid length. [ 606.302402][ T5244] usb 3-1: Using ep0 maxpacket: 16 [ 606.355346][ T5244] usb 3-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be [ 606.364808][ T5244] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 606.373405][ T5244] usb 3-1: Product: syz [ 606.377797][ T5244] usb 3-1: Manufacturer: syz [ 606.387270][ T5244] usb 3-1: SerialNumber: syz [ 606.447529][ T5244] usb 3-1: config 0 descriptor?? [ 606.701350][ T5244] peak_usb 3-1:0.0: PEAK-System PCAN-Chip USB v0 fw v0.0.0 (1 channels) [ 606.891793][ T5244] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 606.902592][ T5244] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 606.909621][ T5244] peak_usb 3-1:0.0 can0: sending command failure: -22 [ 607.019426][ T5244] peak_usb 3-1:0.0: probe with driver peak_usb failed with error -22 [ 607.132644][ T44] usb 3-1: USB disconnect, device number 11 [ 607.654868][T11007] netlink: 120 bytes leftover after parsing attributes in process `syz.1.2464'. [ 609.304796][ T1599] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 609.551063][ T1599] usb 3-1: Using ep0 maxpacket: 16 [ 609.586567][T11037] loop1: detected capacity change from 0 to 1024 [ 609.720552][ T1599] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 609.732961][ T1599] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 609.741352][ T1599] usb 3-1: Product: syz [ 609.745930][ T1599] usb 3-1: Manufacturer: syz [ 609.750811][ T1599] usb 3-1: SerialNumber: syz [ 609.797183][ T1599] usb 3-1: config 0 descriptor?? [ 609.985463][ T3011] hfsplus: b-tree write err: -5, ino 4 [ 610.357112][ T1599] dvb_usb_dtv5100 3-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -71 [ 610.403853][ T1599] usb 3-1: USB disconnect, device number 12 [ 611.114409][T11052] dummy0: entered promiscuous mode [ 611.149207][T11050] dummy0: left promiscuous mode [ 611.153506][T11047] loop0: detected capacity change from 0 to 2048 [ 611.226447][T11047] hpfs: Bad version 183,140. Mount readonly to go around [ 611.233936][T11047] hpfs: please try recent version of HPFS driver at http://artax.karlin.mff.cuni.cz/~mikulas/vyplody/hpfs/index-e.cgi and if it still can't understand this format, contact author - mikulas@artax.karlin.mff.cuni.cz [ 612.163836][T11071] loop4: detected capacity change from 0 to 16 [ 612.223560][T11071] erofs: (device loop4): mounted with root inode @ nid 36. [ 612.930913][T11082] delete_channel: no stack [ 612.951292][T11081] delete_channel: no stack [ 613.516267][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 613.929381][T11100] loop4: detected capacity change from 0 to 512 [ 614.014429][T11100] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.2508: casefold flag without casefold feature [ 614.053122][T11100] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.2508: couldn't read orphan inode 15 (err -117) [ 614.122898][T11100] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 614.142763][T11104] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2509'. [ 614.172847][T11104] vlan2: entered promiscuous mode [ 614.178144][T11104] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode [ 614.313772][T11110] EXT4-fs warning (device loop4): ext4_empty_dir:3096: inode #2: comm syz.4.2508: directory missing '.' [ 614.610973][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 615.117439][T11126] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2518'. [ 615.127356][T11126] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2518'. [ 615.531487][T11133] nbd: nbd1 already in use [ 616.229644][T11146] loop0: detected capacity change from 0 to 512 [ 616.277973][T11146] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.2526: casefold flag without casefold feature [ 616.307049][T11146] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.2526: couldn't read orphan inode 15 (err -117) [ 616.330682][T11146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 616.542812][T11146] EXT4-fs warning (device loop0): ext4_empty_dir:3096: inode #2: comm syz.0.2526: directory missing '.' [ 616.883150][ T5187] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 616.928442][T11155] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2531'. [ 617.110828][T11159] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 617.125613][T11159] overlayfs: workdir and upperdir must be separate subtrees [ 618.526052][ T29] audit: type=1326 audit(1725404264.861:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11166 comm="syz.2.2537" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x0 [ 618.879551][T11191] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 618.894427][T11191] overlayfs: workdir and upperdir must be separate subtrees [ 619.970058][T11199] loop4: detected capacity change from 0 to 2048 [ 620.114068][T11199] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 620.127276][T11199] ext4 filesystem being mounted at /533/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 620.377702][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 620.607084][T11218] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 620.624767][T11218] overlayfs: workdir and upperdir must be separate subtrees [ 621.508579][T11230] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2566'. [ 622.986288][T11243] loop2: detected capacity change from 0 to 1024 [ 622.990420][T11243] EXT4-fs: Ignoring removed nomblk_io_submit option [ 623.016766][T11243] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 623.016868][T11243] EXT4-fs (loop2): Test dummy encryption mode enabled [ 623.046514][T11243] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c855c01c, mo2=0003] [ 623.060245][T11247] loop4: detected capacity change from 0 to 512 [ 623.079222][T11243] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 623.243594][T11247] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 623.244065][T11247] ext4 filesystem being mounted at /537/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 623.492364][ T9125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 623.600927][ T5195] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 623.727508][T11255] netlink: 340 bytes leftover after parsing attributes in process `syz.0.2585'. [ 624.339998][T11261] cifs: Bad value for 'port' [ 624.522633][T11263] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 624.522725][T11263] overlayfs: workdir and upperdir must be separate subtrees [ 624.673192][T11265] ALSA: mixer_oss: invalid index -1404626105 [ 626.214513][T11286] loop3: detected capacity change from 0 to 128 [ 626.244694][T11286] affs: No valid root block on device loop3 [ 626.473791][T11290] loop4: detected capacity change from 0 to 8 [ 626.949064][T11297] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2594'. [ 627.368070][T11293] loop2: detected capacity change from 0 to 4096 [ 627.396460][T11293] ntfs3: loop2: Failed to load $Volume (-2). [ 628.646648][T11323] loop0: detected capacity change from 0 to 1024 [ 628.757813][T11323] hfsplus: request for non-existent node 2048 in B*Tree [ 628.765327][T11323] hfsplus: request for non-existent node 2048 in B*Tree [ 628.823915][T11328] hfsplus: request for non-existent node 2048 in B*Tree [ 628.831099][T11328] hfsplus: request for non-existent node 2048 in B*Tree [ 629.058576][T11331] loop1: detected capacity change from 0 to 256 [ 629.086442][T11331] exfat: Deprecated parameter 'namecase' [ 629.093710][T11331] exfat: Deprecated parameter 'namecase' [ 629.234007][T11331] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 629.355246][T11319] loop4: detected capacity change from 0 to 4096 [ 629.401737][T11319] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 629.782293][ T29] audit: type=1800 audit(1725404276.081:106): pid=11319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2604" name="file1" dev="loop4" ino=30 res=0 errno=0 [ 629.890047][T11337] loop3: detected capacity change from 0 to 2048 [ 630.004551][T11340] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 630.133527][T11337] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 630.190064][T11337] Remounting filesystem read-only [ 630.828582][T11357] loop3: detected capacity change from 0 to 128 [ 631.028206][ T29] audit: type=1800 audit(1725404277.341:107): pid=11357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2618" name="file2" dev="loop3" ino=1048678 res=0 errno=0 [ 631.049514][ C0] vkms_vblank_simulate: vblank timer overrun [ 631.093099][ T29] audit: type=1804 audit(1725404277.451:108): pid=11360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2618" name="/newroot/168/file0/file2" dev="loop3" ino=1048678 res=1 errno=0 [ 631.282562][ T1599] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 631.502650][ T1599] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 631.512032][ T1599] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 631.553219][ T1599] usb 3-1: config 0 descriptor?? [ 631.616916][ T5244] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 631.907709][ T5244] usb 5-1: config index 0 descriptor too short (expected 64575, got 13) [ 631.917207][ T5244] usb 5-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 631.931480][ T5244] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 631.979888][ T5244] usb 5-1: config index 1 descriptor too short (expected 64575, got 13) [ 631.996693][ T5244] usb 5-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config [ 632.007540][ T5244] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 632.033040][ T1599] [drm:udl_init] *ERROR* Selecting channel failed [ 632.074667][ T1599] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 632.081791][ T1599] [drm] Initialized udl on minor 2 [ 632.119008][ T1599] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 632.128370][ T1599] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 632.141367][ T5240] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 632.156052][ T5240] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 632.164865][ T5240] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 632.171967][ T5244] usb 5-1: string descriptor 0 read error: -71 [ 632.182023][ T5244] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 632.193611][ T5244] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 632.218200][ T1599] usb 3-1: USB disconnect, device number 13 [ 632.261584][ T5244] usb 5-1: can't set config #1, error -71 [ 632.276217][ T5244] usb 5-1: USB disconnect, device number 12 [ 632.384033][T11377] netlink: 'syz.3.2627': attribute type 4 has an invalid length. [ 632.587347][T11381] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2629'. [ 633.188591][T11392] netlink: 16126 bytes leftover after parsing attributes in process `syz.4.2633'. [ 633.198419][T11392] netlink: 105116 bytes leftover after parsing attributes in process `syz.4.2633'. [ 633.208356][T11392] netlink: 16126 bytes leftover after parsing attributes in process `syz.4.2633'. [ 633.651151][T11402] loop2: detected capacity change from 0 to 1024 [ 633.677139][T11402] EXT4-fs: Ignoring removed oldalloc option [ 633.738239][T11402] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 633.924261][T11402] EXT4-fs (loop2): shut down requested (0) [ 634.277192][ T9125] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.364521][T11398] loop0: detected capacity change from 0 to 4096 [ 634.418460][T11398] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 634.674733][T11398] ntfs3: loop0: Failed to load $Extend (-22). [ 634.681253][T11398] ntfs3: loop0: Failed to initialize $Extend. [ 635.319653][T11429] loop2: detected capacity change from 0 to 64 [ 636.581403][T11450] ax25_connect(): syz.1.2657 uses autobind, please contact jreuter@yaina.de [ 637.019191][T11460] loop1: detected capacity change from 0 to 8 [ 637.057371][T11459] loop4: detected capacity change from 0 to 64 [ 637.146758][T11460] SQUASHFS error: Failed to read block 0x260633: -5 [ 637.154155][T11460] SQUASHFS error: Unable to read metadata cache entry [260633] [ 637.162222][T11460] SQUASHFS error: Unable to read directory block [260633:0] [ 637.323669][T11462] netlink: 'syz.3.2662': attribute type 1 has an invalid length. [ 637.373766][T11464] Process accounting resumed [ 637.378663][T11464] kernel write not supported for file /403/clear_refs (pid: 11464 comm: syz.2.2663) [ 637.853591][T11468] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2664'. [ 638.511754][T11483] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2672'. [ 638.874669][T11487] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2674'. [ 638.884045][T11487] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2674'. [ 640.094224][T11507] netlink: 'syz.0.2682': attribute type 8 has an invalid length. [ 640.525283][T11513] loop1: detected capacity change from 0 to 64 [ 645.107554][T11569] loop4: detected capacity change from 0 to 256 [ 645.391461][T11569] FAT-fs (loop4): Directory bread(block 64) failed [ 645.401422][T11569] FAT-fs (loop4): Directory bread(block 65) failed [ 645.409260][T11569] FAT-fs (loop4): Directory bread(block 66) failed [ 645.418826][T11569] FAT-fs (loop4): Directory bread(block 67) failed [ 645.425954][T11569] FAT-fs (loop4): Directory bread(block 68) failed [ 645.432869][T11569] FAT-fs (loop4): Directory bread(block 69) failed [ 645.439766][T11569] FAT-fs (loop4): Directory bread(block 70) failed [ 645.449210][T11569] FAT-fs (loop4): Directory bread(block 71) failed [ 645.456290][T11569] FAT-fs (loop4): Directory bread(block 72) failed [ 645.463161][T11569] FAT-fs (loop4): Directory bread(block 73) failed [ 645.463674][T11572] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2712'. [ 645.628582][T11574] loop1: detected capacity change from 0 to 164 [ 645.662419][T11574] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 645.852836][ T44] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 645.914394][T11578] net veth1_virt_wifi virt_wifi0 (unregistering): left allmulticast mode [ 645.923419][T11578] net veth1_virt_wifi virt_wifi0 (unregistering): left promiscuous mode [ 645.996033][T11578] team0: Port device vlan2 removed [ 646.064779][ T44] usb 3-1: Using ep0 maxpacket: 16 [ 646.124023][ T44] usb 3-1: New USB device found, idVendor=0458, idProduct=704a, bcdDevice=3a.55 [ 646.133666][ T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 646.141939][ T44] usb 3-1: Product: syz [ 646.146532][ T44] usb 3-1: Manufacturer: syz [ 646.151357][ T44] usb 3-1: SerialNumber: syz [ 646.181171][ T44] usb 3-1: config 0 descriptor?? [ 646.205572][ T44] gspca_main: gspca_sn9c20x-2.14.0 probing 0458:704a [ 646.613982][T11586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2719'. [ 646.623453][T11586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2719'. [ 646.789934][ T44] gspca_sn9c20x: Write register 1000 failed -110 [ 646.796777][ T44] gspca_sn9c20x: Device initialization failed [ 646.804219][ T44] gspca_sn9c20x 3-1:0.0: probe with driver gspca_sn9c20x failed with error -110 [ 646.814831][ T44] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 646.845286][ T29] audit: type=1326 audit(1725404291.170:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11587 comm="syz.1.2720" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x0 [ 647.391674][ T44] usb 3-1: USB disconnect, device number 14 [ 647.923265][T11604] Bluetooth: hci0: load_link_keys: too big key_count value 65280 [ 647.961696][T11607] loop3: detected capacity change from 0 to 256 [ 648.143762][T11609] loop1: detected capacity change from 0 to 8 [ 649.384899][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 649.393310][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 650.543378][T11648] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2746'. [ 650.627866][ T3118] ===================================================== [ 650.635547][ T3118] BUG: KMSAN: uninit-value in n_tty_receive_buf_closing+0x539/0xb40 [ 650.644307][ T3118] n_tty_receive_buf_closing+0x539/0xb40 [ 650.650589][ T3118] n_tty_receive_buf_common+0x196b/0x2490 [ 650.660444][ T3118] n_tty_receive_buf2+0x4c/0x60 [ 650.666004][ T3118] tty_ldisc_receive_buf+0xd0/0x290 [ 650.671783][ T3118] tty_port_default_receive_buf+0xdf/0x190 [ 650.678288][ T3118] flush_to_ldisc+0x473/0xdb0 [ 650.687772][ T3118] process_scheduled_works+0xae0/0x1c40 [ 650.693901][ T3118] worker_thread+0xea7/0x14d0 [ 650.699203][ T3118] kthread+0x3e2/0x540 [ 650.704039][ T3118] ret_from_fork+0x6d/0x90 [ 650.709039][ T3118] ret_from_fork_asm+0x1a/0x30 [ 650.718608][ T3118] [ 650.721256][ T3118] Uninit was created at: [ 650.729599][ T3118] __kmalloc_noprof+0x661/0xf30 [ 650.735931][ T3118] __tty_buffer_request_room+0x36e/0x6d0 [ 650.742023][ T3118] __tty_insert_flip_string_flags+0x140/0x570 [ 650.752515][ T3118] uart_insert_char+0x39e/0xa10 [ 650.758402][ T3118] serial8250_read_char+0x1a7/0x5d0 [ 650.764380][ T3118] serial8250_handle_irq+0x77a/0xb80 [ 650.770336][ T3118] serial8250_default_handle_irq+0x120/0x2b0 [ 650.780730][ T3118] serial8250_interrupt+0xc5/0x360 [ 650.786606][ T3118] __handle_irq_event_percpu+0x118/0xca0 [ 650.792901][ T3118] handle_irq_event+0xef/0x2c0 [ 650.798259][ T3118] handle_edge_irq+0x340/0xfb0 [ 650.807158][ T3118] __common_interrupt+0x97/0x1f0 [ 650.812910][ T3118] common_interrupt+0x8f/0xa0 [ 650.818190][ T3118] asm_common_interrupt+0x2b/0x40 [ 650.823914][ T3118] [ 650.829908][ T3118] CPU: 0 UID: 0 PID: 3118 Comm: kworker/u8:16 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 650.846466][ T3118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 650.857267][ T3118] Workqueue: events_unbound flush_to_ldisc [ 650.863869][ T3118] ===================================================== [ 650.871391][ T3118] Disabling lock debugging due to kernel taint [ 650.884679][ T3118] Kernel panic - not syncing: kmsan.panic set ... [ 650.891224][ T3118] CPU: 0 UID: 0 PID: 3118 Comm: kworker/u8:16 Tainted: G B 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 650.903855][ T3118] Tainted: [B]=BAD_PAGE [ 650.908106][ T3118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 650.918308][ T3118] Workqueue: events_unbound flush_to_ldisc [ 650.924334][ T3118] Call Trace: [ 650.927735][ T3118] [ 650.930766][ T3118] dump_stack_lvl+0x216/0x2d0 [ 650.935648][ T3118] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 650.941675][ T3118] dump_stack+0x1e/0x30 [ 650.946015][ T3118] panic+0x4e2/0xcd0 [ 650.950098][ T3118] ? kmsan_get_metadata+0x101/0x1c0 [ 650.955522][ T3118] kmsan_report+0x2c7/0x2d0 [ 650.960229][ T3118] ? kmsan_get_metadata+0x13e/0x1c0 [ 650.965621][ T3118] ? kmsan_get_metadata+0x13e/0x1c0 [ 650.970997][ T3118] ? __msan_warning+0x95/0x120 [ 650.975929][ T3118] ? n_tty_receive_buf_closing+0x539/0xb40 [ 650.981895][ T3118] ? n_tty_receive_buf_common+0x196b/0x2490 [ 650.987945][ T3118] ? n_tty_receive_buf2+0x4c/0x60 [ 650.993117][ T3118] ? tty_ldisc_receive_buf+0xd0/0x290 [ 650.998669][ T3118] ? tty_port_default_receive_buf+0xdf/0x190 [ 651.004841][ T3118] ? flush_to_ldisc+0x473/0xdb0 [ 651.009867][ T3118] ? process_scheduled_works+0xae0/0x1c40 [ 651.015765][ T3118] ? worker_thread+0xea7/0x14d0 [ 651.020787][ T3118] ? kthread+0x3e2/0x540 [ 651.025215][ T3118] ? ret_from_fork+0x6d/0x90 [ 651.029961][ T3118] ? ret_from_fork_asm+0x1a/0x30 [ 651.035110][ T3118] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 651.041116][ T3118] ? kmsan_get_metadata+0x13e/0x1c0 [ 651.046499][ T3118] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 651.052506][ T3118] ? __update_load_avg_cfs_rq+0x121/0x10e0 [ 651.058498][ T3118] ? kmsan_get_metadata+0x13e/0x1c0 [ 651.063884][ T3118] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 651.069899][ T3118] ? kmsan_get_metadata+0x13e/0x1c0 [ 651.075287][ T3118] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 651.081294][ T3118] __msan_warning+0x95/0x120 [ 651.086058][ T3118] n_tty_receive_buf_closing+0x539/0xb40 [ 651.091888][ T3118] n_tty_receive_buf_common+0x196b/0x2490 [ 651.097799][ T3118] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 651.103824][ T3118] n_tty_receive_buf2+0x4c/0x60 [ 651.108818][ T3118] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 651.114516][ T3118] tty_ldisc_receive_buf+0xd0/0x290 [ 651.119909][ T3118] tty_port_default_receive_buf+0xdf/0x190 [ 651.125916][ T3118] flush_to_ldisc+0x473/0xdb0 [ 651.130779][ T3118] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 651.137399][ T3118] ? __pfx_flush_to_ldisc+0x10/0x10 [ 651.142778][ T3118] process_scheduled_works+0xae0/0x1c40 [ 651.148547][ T3118] worker_thread+0xea7/0x14d0 [ 651.153424][ T3118] kthread+0x3e2/0x540 [ 651.157674][ T3118] ? __pfx_worker_thread+0x10/0x10 [ 651.162967][ T3118] ? __pfx_kthread+0x10/0x10 [ 651.167739][ T3118] ret_from_fork+0x6d/0x90 [ 651.172301][ T3118] ? __pfx_kthread+0x10/0x10 [ 651.177078][ T3118] ret_from_fork_asm+0x1a/0x30 [ 651.182045][ T3118] [ 651.185385][ T3118] Kernel Offset: disabled [ 651.189760][ T3118] Rebooting in 86400 seconds..