last executing test programs: 4.838637328s ago: executing program 0 (id=1932): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000080)=0x4, 0x4) sendto$inet(r0, &(0x7f0000000040)="0400", 0xffec, 0x0, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10) 4.431169533s ago: executing program 0 (id=1935): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="540000004900010928bd700018dcdf250a001c00", @ANYRES32, @ANYBLOB="0000000014000100fe80000000000000000000000000001f14000100fe8000000000000000000000000000bb080002"], 0x54}}, 0x0) 4.23580424s ago: executing program 3 (id=1938): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_CT_DIRECTION={0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) 4.097165434s ago: executing program 0 (id=1939): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x6, 0x4, 0x3}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 3.857914882s ago: executing program 2 (id=1942): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000005600)={0x0, 0x0, &(0x7f00000055c0)={&(0x7f0000005540)={0x28, 0x2, 0x1, 0x101, 0x0, 0x0, {0x0, 0x0, 0x9}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x1006}, @CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x3}, @CTA_FILTER={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x8814}, 0xc0) 3.578228344s ago: executing program 0 (id=1943): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r0, 0x0, 0x1}, 0x18) move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0) 3.511895816s ago: executing program 4 (id=1944): syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000005b80)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@sys_tz}, {@gid}, {@zero_size_dir}, {@uid={'uid', 0x3d, 0xee00}}, {@gid}, {@allow_utime={'allow_utime', 0x3d, 0x2}}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@errors_continue}, {@sys_tz}, {@utf8}]}, 0x1, 0x152a, &(0x7f0000001f80)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL/T+Z1+x/mceb6fz/5Yz6z9rP287/Ne9t6YbzoOqtageuV6RAT/ErzwRxIAxAJAPwC4BgACACgdVzru/Hx2iUn/2kHYX+vh1CtdAbuSuP9ZG/c/a+P+Z23c/6yN+5+1cf+zNu5/1sb9Zywr2zg1/7W8Zd2N7///96vzhzP8/f9fJLPE6C9Wl7i+E0DMn03h/mdt3P//WsGf2Yn7n7Vx/7Oq2CtdAPsPwO//rCDbH85w/7M27j9jWdmVvv98pTeIZO3n4Eq//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ2n/GUKAC6Nr3RdjDHGGGOMMcYY++v4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/ZP7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFY1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiSjOl/If5b/9O/oCfj75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/TL4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufOnfYEIRKACFcQEMUFsEBvkCHIEOYOcQa4gVxAJIkFcEBfkDq4P8gR5g3xB/iA+KBAUDHRgAhuIi02PBjcERYIbg6LBTUGxoHjgghJBQnBzUDK4JSgV3BqUDm4LygS3B2WDckH5oEJwR1AxuDOoFNwVVA7uDqoEVYNqQfXgnqBGcG9QM7gvqBXcH9QOHgjqBA8GdYOHgnrBw0H94JGgQfBo0DB4LGgUNA6aBE2DZn/p+t6fyPuE66a76yTdQ/fUL+teurfuo/vqfvoV3V+/qgfo13SyHqgH6df1YP2GHqLf1EP1MD1cv6VH6JF6lB6tx+ixOkWP0+P123qCfkdP1JP0ZD1Fp+qpepp+V0/XM/RM/Z6epd/Xs/UcPVfP02n6Az1fL9Dp+kO9UH+kM/QivVgv0Uv1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9XX+sd+hP9E69S+/Wn+o9+jO9V3+u9+kv9H79pc7UX+kD+mt9UH+jD+lv9WH9nT6ij+pj+nt9XP+gT+iT+pQ+rc/oH/VZ/ZM+p/35k/vzX+9GGWViTIyJNbEmh8lhcpqcJpfJZSImYuJMnMltcps8Jo/JZ/KZeBNvCpqC5jwyZAqZQiZqoqaIKWKKmqKmmClmnHEmwSSYkqakKWVKmdKmtCljypiypqwpb8qbO8wd5k5zp7nL3GXuNnebqqaqqW6qmxqmhqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWKamGammWlumpsWpoVpZVqZ1qa1aWPamESTaNqatqadaWfam/amg+lgOpqOppPpZLqYLqar6Wq6mW4mySSZnqan6WV6mT6mj+ln+pn+pr8ZYAaYZJNsBplBZrAZbIaYIWaoGWaGnz9RNSPNKDPajDFjTYpJMePNeDPBTDATzUQz2Uw2qSbVTDPTzHQz3cw0M80sM8vMNrPNXDPXpJk0M9/MN+km3Sw0C02GyTCLzWKz1Cw1y81ys9KsNKvNarMW1pr1Zr3ZaDaazWaz2Wq2mu1mu9lhdpidZqfZbXabPWaP2Wv2mn1mn9lv9ptMk2kOmAPmoDloDplD5rA5bI6YI+aYOWaOm+PmhDlhTplT5ozJe/H70ptYm93msFfZnPZqm8teY/8+zmfz23hbwBa02uaxeX8VG2ttUXuTLWaLW2dL2AR782/isracLW8r2DtsRXunrfSbuIa919a099la9n5b3d7zq7i2fcDWsY/auogAtrGtb5vaBvZR29A+ZhvZxraJbWpb26dsG/u0TbTP2Lb22d/E8+0Cu9KusqvtGrvT7rKn7Gl70H5jz9gfbTfb3fazr9j+9lU7wL5mk+3A38TD7Vt2hB1pR9nRdowd+5t4sp1iU+1UO82+a6fbGb+J0+wHdpZNt7PtHDvXzvs5Pl9Tuv3QLrQf2QwbwGK7xC61y+xyu+L/17rErrPr7Qa7w35iN9stdqvdZrdfOhG2u+xu+6ndYz+zB+zXdp/9wu63h2ym/ern+PzjO2S/tYftd/aIPWqP2e/tcfuD+jl3ZC8A+6P93v5kz1lvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCXyitGxclRCUqgm6kk3UKl6FYqTbdRGbqdylI5Kk8V6A6qSHdSJbqLKtPdVIWqUjWqTvdQDbqXatJ9VIvup9r0ANWhB6kuPUT16GGqT49QA3qUGtJj1IgaUxNqSs3ocWpOT1ALakmt6ElqTU9RG3qaEukZakvPUjv6G7Wn56gDPU8d6QXqRJ2pC71IXekl6kbdKYl6UE96mXpRb+pDfakfvUL96VUaQK9RMg2kQfQ6DaY3aAi9SUNpGA2nt2gEjaRRNJrG0FhKoXE0nt6mCfQOTaRJNJmmUCpNpWn0Lk2nGTST3qNZ9D7Npjk0l+ZRGn1A82kBpdOHtJA+ogxaRItpCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ0+ph30Ce2kXbSbPqU99Bntpc9pH31B++lLyqSv6AB9TQfpGzpE3/ru9B0doaN0jL6n4/QDnaCTdIpO0xn6kc7ST3SOPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8O48Lowd3h9mCfMG+YL84fxYYGwYKhDE9qQwjAsFBYOo+ENYZHwxrBoiGGxsHjowhJhQnhzWDK8JSwV3hqWDm8Ly4S3h2XDcuGj91cI7wgrhneGlcK7wsrh3WGVsGpYLawe3hPWCO8Na4b3hbXC+8NS4QNhnfDBsG74UFgvfDisHz4SNggfDRuGj4WNwsZhk7Bp2Cx8PGwePhG2CFuGrcInw9bhU2Gb8OkwMXwmbBs++/P8Awv+eD4p7BH2DF8OXw69v0/Ojc6LpkU/iM6PLoimRz+MLox+FM2ILoouji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Iel89Gzh0wkmnXOBiXDYX67K7HO4ql9Nd7XK5a1zEXevi3HUut7ve5XF5XT6X38W7Aq6g084468iFrpAr7KLuBlfE3eiKuptcMVfcOVfCJbimrplr5pq7J1wL19K1ck+6J91T7in3tHvaPePaumddO/c319495zq4593z7gXXyXV2XdyLrqsbl+vCezLJ9XQ9XS/Xy/VxfVw/18/1d/3dADfAJbtkN8gNcoPdYDfEDXFD3VA33A13I9wIN8qNcmPcGJfiUtx4N95NcBPcRDfRTXaTXapLddPcNDfdTXcVZ1w4ymw32811c12aS3Pz3flzxnS30C10GS7DLXaL3VK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdDrfD7fTXXFjU7XF73V63z+1z+92XLtN95Q64r91B94075L51h9137og76o65791x94M74U66U+60O+N+dGfdT+6c8y4lMi4yPvJ2ZELkncjEyKTI5MiUSGpkamRa5N3I9MiMyMzIe5FZkfcjsyNzInMj8yJpkQ8i8yMLIumRDyMLIx9FMiKLIosjSyJLI8si3hfYHPpCvrCP+ht8EX+jL+pv8sV8ce98CZ/gb/Yl/S2+lL/Vl/a3+TL+dl/Wl/Pl/WO+kW/sm/imvpl/3Df3T/gWvqVv5Z/0rf1Tvo1/2if6Z3xb/6xv5//m2/vnfAf/vO/oX/CdfGffxb/ou/qXfDff3Sf5Hr6nf9n38r19H9/X9/Ov+P7+VT/Av+aT/UA/yL/uB/s3/BD/ph/qh/nhMW/5EZcukWGsT/Hj/Hj/tp/g3/ET/SQ/2U/xqX6qn+bf9dP9DD/Tv+dn+ff9bD/Hz/XzfJr/wM/3C3y6/9Av9B/5DL/o0k1lv9yv8Cv9Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/df+x3+E/8Tr/L7/af+j3+M7/Xf+73+S/8fv+lz/Rf+QP+a3/Qf+MP+W/9Yf+dP+KP+mP+e3/c/+BP+JP+lD/tz/gf/Vn/kz/H/2eNMcYYY+xPGXd5KH49c+F2fo/fyRG/2LknAFy9JX/mL+fPn1GuzXNh3FvEt44AwDPdOz58aatSJSkp6eK+GRKCwnMALv1N0HkxcDleBK3gKUiEllDyd+vvLTqfoX+wfvQ2gBy/yImFy/Hl9T8HwKTfWf/xJ4fPLxOeivsf1p8DULTw5ZzscDleBK1+vr/SEkr9Qf15m/+y/tjfrp/9ixSAFr/IyQmX48v1J8AT8Cwk/mpPxhhjjDHGGGPsgt6ifPtL15+X/sXn712fx6vLOdngcvyPrs8ZY4wxxhhjjDF25T3XucvTjycmtmz/zw8q/a+y/vSgIfxfrcyD3x14D3DpJwoA/sUFAc4P5L/zUWz6txwr+eJb5++nlp72AfxntPKvGFzhDybGGGOMMcbYX+7ySf+vf66uVEGMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlgW9O/4dWJX+jEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CwAA///UxgMC") renameat2(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0) rmdir(&(0x7f0000000040)='./file0\x00') 3.488764534s ago: executing program 3 (id=1945): r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/diskstats\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8) 3.298002872s ago: executing program 1 (id=1946): r0 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r0, &(0x7f0000000080), 0x10) poll(&(0x7f0000000500)=[{r0, 0xc080}], 0x1, 0x81) 3.112679904s ago: executing program 2 (id=1947): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000140)='./file2\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYRES16=0x0, @ANYRES8, @ANYRES8=0x0, @ANYBLOB="b71fe84fda50cf6fbefac5a5891d03a05027c0e6658ea94f09636160112a47b688552b72051bf0111daffbe0adef82589ee2fac726c31d20f98aa1f9761873cd604dab0d22b4b321f4c20044c5a8e018b51e52342814e4c33a7f4807781862b524b303c604203d95ef2faa04cfd7ddc4f2edca0adeae0088a8e16969e9000a6a9d85bf9d4ee333cf03763ad6506f66797f154f0923a63f106d908d1cf2a884e57ab63950b9883c40449a94847df80ca39e9394f8de077bfd7f0c81e773158bd33c339a0f92997d172adcde0c53c97cce8a0f42c862a0c88c9a25ccf6799b85dadc245f608d6cb5ded47e4a20ad821132952cc1884e1473794144bbd01594b306a04fc39f13202b4447f8bbccc51a6c4b555b46a2df7f0fe979ef6c31ef8c81a81c26e71f96ea1d8ed245277259bdf970db1f41c75d8384b6b23cf44e9b04527874daf6c34e4deda0da670addd7c8f5eab4410908517c88940d", @ANYRES16], 0xfe, 0x1518, &(0x7f00000022c0)="$eJzs3AuYjtX6MPB1r7UehqS3SQ7Dutf98KbBMkmSQ0IOSZIkSU4JSZMkCYkhp6QhCTlOmhyGkBymMWmcz4eckyZbmiQJySlZ38Vub7uv/W/v/7f39/e/9ty/61rXrPt93nu99zP3XPOu55lr3u96jqrXon7tZkQk/iXw5y9JQogYIcQwIcR1QohACFEptlLspeP5FCT9ay/C/r0eTrvaFbCrifufu3H/czfuf+7G/c/duP+5G/c/d+P+527cf8Zys22zi13PI/cOvv+fm/H7/3+QnPKTv9pQ/sZe/40U7n/uxv3P3bj/uRv3P3fj/udu3P//fLX+4Bj3P3fj/jOWm/31XvAF7/3/gvvRPP5nx9X++WOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxljuc9VdoIcRf5le7LsYYY4wxxhhjjP37+LxXuwLGGGOMMcYYY4z9/wdCCiW0CEQekVfEiHwiv7hGFBDXioLiOhER14tYcYMoJG4UhUURUVQUE3GiuCghjEBhBYlQlBSlRFTcJEqLm0W8KCPKinLCifIiQdwiKohbRUVxm6gkbheVxR2iiqgqqonq4k5RQ9wlaopaora4W9QRdUU9UV/cIxqIe0VDcZ9oJO4XjcUDool4UDQVD4lm4mHRXDwiWohHRUvxmGglWos2oq1o9/+U/5LoK14W/UR/kSQGiIHiFTFIDBZDxFAxTLwqhovXxAjxukgWI8Uo8YYYLd4UY8RbYqwYJ8aLt8UEMVFMEpPFFDFVpIh3xDTxrkgV74npYoaYKWaJNDFbzBHvi7linpgvPhALxIdioVgkFoslIl18JDLEUpEpPhbLxCciSywXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU18KraLHWKn2CV2iz1ir/hM7BOfi/3iC5Etvvxv5p/5v/J7gQABEiRo0JAH8kAMxEB+yA8FoAAUhIIQgQjEQiwUgkJQGApDUSgKcRAHJaAEICAQEJSEkhCFKJSG0hAP8VAWyoIDBwmQABXgVqgIFaESVILKUBmqQFWoCtWhOtSAGlATakJtqA11oA7Ug3pwD9wD90JDaAiNoBE0hsbQBJpAU2gKzaAZNIfm0AJaQEtoCa2gFbSBNtAO2kF7aA8doAN0gk7QGTpDF+gCiZAIXaErdINu0B26Qw/oAT2hJ/SC3tAbXoKX4GV4GfpDHTkABsJAGASDYAgMhaHwKgyH1+A1eB2SYSSMgjfgDXgTxsBpGAvjYDyMhxpyIkyCyUByKqRACkyDaZAKqTAdZsAMmAVpMBvmwByYC/NgHnwAC+BD+BAWwSJYAumQDhmwFDIhE5bBGciC5bACVsIqWA2rYC2sg7WwATbCBtgMm2ErbIVP4VPYATtgF+yCPbAHPoPP4HP4HJIhG7LhAByAg3AQDsEhyIEcOAyH4QgcgaNwFI7BMTgOJ+AknIBTcApOwxk4C2fhPJyHC/BC3DfN95RZnyzkJVpqmUfmkTEyRuaX+WUBWUAWlAVlREZkrIyVhWQhWVgWlkVlURkn42QJWUKiREkylCVlSRmVUVlalpbxMl6WlWWlk04myARZQVaQFWVFWUneLivLO2QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUT+aBsKgfAEHhYXupMCzkSWspR0Eq2lm1kW/kmPC7byzHQQXaUneSTchyMhS6yvUuUz8iuchJ0k8/JyfC87CGnQk/5ouwle8s+8iXZV3Zw/WR/OR0GyIFyFgySg+UQOVTOhbryUsfqyddlshwpR8k35BJ4U46Rb8mxcpwcL9+WE+REOUlOllPkVJki35HT5LsyVb4np8sZcqacJdPkbDlHvi/nynlyvvxALpAfyoVykVwsl8h0+ZHMkEtlpvxYLpOfyCy5XK6QK+UquVqukWvlOrlebpAb5Sa5WW6RW+U2+ancLnfInXKX3C33yL3yM7lPfi73yy9ktvxSHpB/kgflV/KQ/FrmyG/kYfmtPCK/k0fl9/KY/EEelyfkSfmjPCV/kqflGXlWnpPn5c/ygvxFXpReCgVKKqW0ClQelVfFqHwqv7pGFVDXqoLqOhVR16tYdYMqpG5UhVURVVQVU3GquCqhjEJlFalQlVSlVFTdpEqrm1W8KqPKqnLKqfIqQd2iKqhbVUV1m6qkbleV1R2qiqqqqqnq6k5VQ92laqpaqra6W9VRdVU9VV/doxqoe1VDdZ9qpO5XjdUDqol6UDVVD6lm6mHVXD2iWqhHVUv1mGqlWqs2qq1qpx5X7dUTqoPqqDqpJ1Vn9ZTqop5WieoZ1VU9q7qp51R39bzqoV5QPdWLqpfqrfqoX9RF5VU/1V8lqQFqoHpFDVKD1RA1VA1Tr6rh6jU1Qr2uktVINUq9oUarN9UY9ZYaq8ap8eptNUFNVJPUZDVFTVUp6h01Tb2rUtV7arqaoWaqWSpNzVZDfl1p/j+R/+7fyR9x+dW3qm3qU7Vd7VA71S61W+1Re9VetU/tU/vVfpWtstUBdUAdVAfVIXVI5agcdVgdVkfUEXVUHVXH1DF1XJ1Q59SP6pT6SZ1WZ9QZdU6dV+fVhV+/B0KDllpprQOdR+fVMTqfzq+v0QX0tbqgvk5H9PU6Vt+gC+kbdWFdRBfVxXScLq5LaKNRW0061CV1KR3VN+nS+mYdr8vosrqcdrq8TtC3/Mv5/6i+drqdbq/b6w66g+6kO+nOurPuorvoRJ2ou+quupvuprvr7rqH7qF76p66l+6l++g+uq/uq/vpfjpJJ+mB+hU9SA/WQ/RQPUy/qofr4XqEHqGTdbIepUfp0Xq0HqPH6LF6rB6vx+sJeoKepCfpKXqKTtEpepqeplN1qp6up+uZeqZO02l6jp6j5+q5er6erxfoBXqhXqgX68U6XafrDJ2hM3WmXqaX6Sy9XC/XK/VKvVqv1mv1Wr1er9cb9Ua9WW/WWXqb3qa36+16p96pd+vdeq/eq/fpfXq/3q+zdbY+oA/og/qgPqQP6Rydow/rw/qIPqKP6qP6mD6mj+vj+qQ+qU/pU/q0Pq3P6rP6vD6vL+gL+qK+eGnbF8hABjrQQZ4gTxATxAT5g/xBgaBAUDAoGESCSBAbxAaFghuDwkGRoGhQLIgLigclAhNgYAMKwqBkUCqIBjcFpYObg/igTFA2KBe4oHyQENwSVAhuDSoGtwWVgtuDysEdQZWgalAtqB7cGdQI7gpqBrWC2sHdQZ2g7l/+DhXcGzQM7gsaBfcHjYMHgibBg0HT4KGgWfBw0Dx4JGgRPBq0DB4LWgWtgzZB26DdP7t+UC+oH9wTNPjD9b0/XeQJ18/0N0lmgBloXjGDzGAzxAw1w8yrZrh5zYwwr5tkM9KMMm+Y0eZNM8a8ZcaacWa8edtMMBPNJDPZTDFTTYp5x0wz75pU856ZbmaYmWaWSTOzzRzzvplr5pn55gOzwHxoFppFZrFZYtLNRybDLDWZ5mOzzHxissxys8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMp2a72WF2ml1mt9lj9prPzD7zudlvvjDZ5ktzwPzJHDRfmUPma5NjvjGHzbfmiPnOHDXfm2PmB3PcnDAnzY/mlPnJnDZnzFlzzpw3P5sL5hdz0fhLm/tLb++oUWMezIMxGIP5MT8WwAJYEAtiBCMYi7FYCAthYSyMRbEoxmEclsASeAkhYUksiVGMYmksjfEYj2WxLDp0mIAJWAErYEWsiJWwElbGylgFq2A1rIZ34p14F96FtbAW3o13Y12si/WxPjbABtgQG2IjbISNsTE2wSbYFJtiM2yGzbE5tsAW2BJbYitshW2wDbbDdtge22MH7ICdsBN2xs7YBbtgIiZiV+yK3bAbdsfu2AN7YE/sib2wF/bBPtgX+2K/c/0wCZNwIA7EQTgIh+AQHIbDcDgOxxE4ApMxGUfhKByNo3EMjsGxOA7H49s4ASfiJJyMU3AqpmAKTsNpmIqpOB2n40yciWmYhnNwDs7FuTgf5+MCXIALcSEuxsWYjumYgRmYiZm4DJdhFmbhClyBq3AVrsE1uA7X4QbcgJtwE27BLbgNt+F23I47cSfuxt24F/fiPtyH+3E/ZmM2HsADeBAP4iE8hDmYg4fxMB7BI3gUj+IxPIbH8TiexJN4Ck/haTyNZ/Esnsef8QL+ghfRY4yVIr+9xhaw19qC9jobY/PZv42L2mI2zha3JayxhW2R38RorY23ZWxZW846W94m2Ft+F1exVW01W93eaWvYu2zN38UN7L22ob3PNrL32/r2nt/Eje0Dtol91Da1j9lmtrVtbtvaFvZR29I+ZlvZ1raNbWs726dsF/u0TbTP2K722d/FGXapXWfX2w12o91nP7dn7Tl7xH5nz9ufbT/b3w6zr9rh9jU7wr5ukxuN/G1sR9rx9m07wU60k+xkO8VO/V08086yaXa2nWPft3PtvN/F6fYju8Bm2oV2kV1sl1yOL9WUaT+2y+wnNssutyvsSrvKrrZr7Nq/1rrSbrZb7Fa7135mt9sddqfdZXfbPZfjS+ex335hs+2X9rD91h60X9lD9qjNsd9cji+d31H7vT1mf7DH7Ql70v5oT9mf7Gl75vL5Xzr3H+0v9qL1VhCQJEWaAspDeSmG8lF+uoYK0LVUkK6jCF1PsXQDFaIbqTAVoaJUjOKoOJUgQ0iWiEIqSaUoSjdRabqZ4qkMlaVy5Kg8JdAtVIFupYp0G1Wi26ky3UFVqCpVo+p0J9Wgu6gm1aLadDfVobpUj+rTPdSA7qWGdB81ovupMT1ATehBakoPUTN6mJrTI9SCHqWW9Bi1otbUhtpSO3qc2tMT1IE6Uid6kjrTU9SFnqZEeoa60rPUjZ6j7vQ89aAXqCe9SL2oN/Whl6gvvUz9qD8l0QAaSK/QIBpMQ2goDaNXaTi9RiPodUqmkTSK3qDR9CaNobdoLI2j8fQ2TaCJNIkm0xSaSin0Dk2jdymV3qPpNINm0ixKo9k0h96nuTSP5tMHtIA+pIW0iBbTEkqnjyiDllImfUzL6BPKouW0glbSKlpNa2gtraP1tIE20ibaTFtoK22jT2k77aCdtIt20x7aS5/RPvqc9tMXlE1f0gH6Ex2kr+gQfU059A0dpm/pCH1HR+l7OkY/0HE6QSfpRzpFP9FpOkNn6Rydp5/pAv1CF8mTCCGUoQp1GIR5wrxhTJgvzB9eExYIrw0LhteFkfD6MDa8ISwU3hgWDouERcNiYVxYPCwRmhBDG1IYhiXDUmE0vCksHd4cxodlwrJhudCF5cOE8JawQnhrWDG8LawU3h5WDu8Iq4RVw0fvrx7eGdYI7wprhrXC2uHdYZ2wblgvrB/eEzYI7w0bhveFjcL7w4rhA2GT8MGwafhQ2Cx8OGwePhK2CB8NW4aPha3C1mGbsG3YLnw8bB8+EXYIO4adwifDzuFTYZfw6TAxfCbsGj77D48nhQPCgeEr4Suh9/epxdEl0fToR9GM6NJoZvTj6LLoJ9Gs6PLoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujWqPf18woHTjrltAtcHpfXxbh8Lr+7xhVw17qC7joXcde7WHeDK+RudIVdEVfUFXNxrrgr4YxDZx250JV0pVzU3eRKu5tdvCvjyrpyzrnyLsG1de1cO9fePeE6uI6uk3vSPemeck+5p93T7hnX1T3rurnnXHf3vOvhXnAvuBddL9fb9XEvub7uZdfP9XdJLskNdAPdIDfIDXFD8vy6B3Mj3AiX7JLdKDfKjXaj3Rg3xo11Y914N95NcBPcJDfJTXFTXIpLcdPcNJfqUt10N93NdDNdmktzc9wcN9fNdfPdfLcgfoFb6Ba6xW6xS3fpLsNluEyX6Za5ZS7LZbkVboVb5Va5NW6NW+fWuQ1ug9vkNrktbovb5ra57W672+l2ut1ut9vr9rp9bp/b7/a7bJftDrgD7qA76A65r12O+8Yddt+6I+47d9R97465H9xxd8KddD+6U+4nd9qdcWfdOXfe/ewuuF/cReddSuSdyLTIu5HUyHuR6ZEZkZmRWZG0yOzInMj7kbmReZH5kQ8iCyIfRhZGFkUWR5ZE0iMfRTIiSyOZkY8jyyKfRLIiyyMrIisjqyKrI94X3x76kr6Uj/qbfGl/s4/3ZXxZX847X94n+Ft8BX+rr+hv85X87b6yv8NX8VV9Nf+Yb+Vb+za+rW/nH/ft/RO+g+/oO/knfWf/lO/in/aJ/hnf1T/ru/nnfHf/vO/hX/A9/Yu+l+/t+/iXfF//su/n+/skP8AP9K/4QX6wH+KH+mH+VT/cv+ZH+Nd9sh/pR/k3/Gj/ph/j3/Jj/Tg/3r/tJ/iJfpKf7Kf4qT7Fv+On+Xd9qn/PT/cz/Ew/y6f52X6Of9/P9fP8fP+BX+A/9Av9Ir/YL/Hp/iOf4Zf6TP+xX+Y/8Vl+uV/hV/pVfrVf49f6dX693+A3+k1+s9/it/pt/lO/3e/wO/0uv9vv8Xv9Z36f/9zv91/4bP+lP+D/5A/6r/wh/7XP8d/4w/5bf8R/54/67/0x/4M/7k/4k/5Hf8r/5E/7M/6sP+fP+5/9Bf+Lv8j/s8YYY4wx9k9JPfTHxwf8ncfkr+OSgUKIa3cUy/nb41oIsanwn+eDZVzniBDimf49H/7LqFMnKSnp1+dmKRGUWiSEiFzJv3wZ8mu8XHQST4lE0VFU+Lv1DZa9z9MfrA/HvY/eLkT+v8mJEVfiK+vf+l+s//iT4zMqh2djf7v+hV/3m5fqjy4SIr7UlZx84kp8Zf2K/8X6Rdr/Uf1ZSuT7KkWIDn+TU0Bcia+snyCeEM+KxN88kzHGGGOMMcYY+7PBslr3f3D9efn6PE5fDi8/nFf8Nf6H1+eMMcYYY4wxxhi7+p7v3efpxxMTO3bnCU94wpO/Tq72bybGGGOMMcbYv9uVTf/VroQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/ic+TuxqnyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2fAAAA///9QkNA") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 3.016684529s ago: executing program 3 (id=1948): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha384\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 2.941263966s ago: executing program 1 (id=1949): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x9}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x6}, 0x1c) 2.899076944s ago: executing program 4 (id=1950): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000005c40), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000005e40)={0x0, 0x0, &(0x7f0000005e00)={&(0x7f0000000080)={0x3c, r1, 0x21, 0x8d, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @ipv4={'\x00', '\xff\xff', @empty}}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x8004) 2.896572309s ago: executing program 0 (id=1951): mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, 0x0, 0x0, 0x41000004, &(0x7f0000000040)) 2.006141088s ago: executing program 1 (id=1952): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000a80)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6c733d63703835322c6e6f626172726965722c63726561746f723dbd3c66f52c626172726965722c706172743d3078303030303030303030303030303030322c756d61736b3d30303030303030303030303030303030303030363734352c00b08558549e3fb3af8feff2a5c10c825cef8ec0f1ddcd940f6058a48f0cc0887456a5b70061a195d3ed592d"], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9) openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40) 1.945310907s ago: executing program 2 (id=1953): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)={0x3c, r1, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x818}, 0x20000004) 1.712985163s ago: executing program 4 (id=1954): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async', 0x42, 0x0) io_setup(0x20, &(0x7f0000001140)=0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)='7', 0x1}]) 1.099534895s ago: executing program 1 (id=1955): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001800), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x0, 0x2}}) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000400)) 1.038630185s ago: executing program 3 (id=1956): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0xe, 0x0, &(0x7f0000000340)) 948.702481ms ago: executing program 4 (id=1957): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x13) ioctl$TCXONC(r0, 0x540a, 0x0) 928.353703ms ago: executing program 0 (id=1958): r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x146b, 0x902, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x1, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0xff}}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x7, "77e8388d"}]}}, 0x0}, 0x0) 795.770408ms ago: executing program 2 (id=1959): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x78}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000) 706.800878ms ago: executing program 1 (id=1960): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4, 0x0, 0xfffffffd, 0x7}, 0xff14) sendmsg$nl_generic(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001a00)=ANY=[@ANYBLOB="1800000052000122"], 0x18}, 0x1, 0x0, 0x0, 0x4801c}, 0x0) 659.625809ms ago: executing program 3 (id=1961): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==") symlink(&(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0) 587.153642ms ago: executing program 4 (id=1962): prlimit64(0x0, 0xe, 0x0, 0x0) keyctl$set_reqkey_keyring(0xe, 0x7) request_key(&(0x7f0000000240)='asymmetric\x00', &(0x7f0000000780)={'syz', 0x0}, &(0x7f0000000740)='lon\x00', 0x0) 396.908155ms ago: executing program 2 (id=1963): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x400ad80, &(0x7f0000000080)={0xa, 0x4621, 0x0, @local}, 0x1c) sendmmsg$inet6(r0, &(0x7f00000034c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000001a00)={0xa, 0x4e21, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x9}, 0x1c, 0x0, 0x0, &(0x7f0000001d40)=ANY=[@ANYBLOB="1400000000000029"], 0x18}}], 0x2, 0x1) 350.945678ms ago: executing program 1 (id=1964): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = gettid() sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x1c, 0x43, 0x9, 0x70bd2b, 0x25dfdbfd, {0x1}, [@typed={0x8, 0x1, 0x0, 0x0, @pid=r1}]}, 0x1c}}, 0x40408d0) 179.526844ms ago: executing program 4 (id=1965): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x0, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000080}, 0x80) readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000480)=""/222, 0x1e}], 0x5b) 326.366µs ago: executing program 3 (id=1966): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8}, @IFLA_GTP_FD1={0x8, 0x2, @udp6=r1}]}}}]}, 0x40}}, 0x0) 0s ago: executing program 2 (id=1967): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x69, '\x00', 0x0, 0x2}, 0x94) r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl(r0, 0xfffff000, &(0x7f0000000000)) kernel console output (not intermixed with test programs): 294.752520][ T7326] bcachefs (loop0): btree node read error at btree alloc level 0/0 [ 294.752606][ T7326] u64s 11 type btree_ptr_v2 283673999966207:U64_MAX:U32_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 294.752702][ T7326] loop0 node offset 0/24 bset u64s 0: unsupported bset version 2.24 [ 294.752770][ T7326] loop0 btree validate error [ 294.752827][ T7326] flagging btree alloc lost data [ 294.752888][ T7326] running recovery pass check_topology (2), currently at recovery_pass_empty (0) [ 294.752964][ T7326] running recovery pass check_allocations (8), currently at recovery_pass_empty (0) [ 294.753040][ T7326] running recovery pass check_lrus (14), currently at recovery_pass_empty (0) [ 294.753116][ T7326] running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0) [ 294.753197][ T7326] running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0) [ 294.753270][ T7326] ret btree_node_read_err_incompatible [ 294.857770][ T7326] bcachefs (loop0): error reading btree root btree=alloc level=0: btree_node_read_error, fixing [ 294.914927][ T7326] bcachefs (loop0): bch2_write_super(): fatal error loop0: Superblock modified by another process (seq 43 expected 42) [ 294.928690][ T7326] bcachefs (loop0): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing [ 294.948179][ T7326] bcachefs (loop0): check_topology... [ 294.955332][ T7326] bcachefs (loop0): bch2_write_super(): fatal error loop0: Superblock modified by another process (seq 43 expected 42) [ 294.973944][ T7326] done [ 294.977085][ T7326] bcachefs (loop0): accounting_read... [ 294.981758][ T7326] bcachefs (loop0): bch2_write_super(): fatal error loop0: Superblock modified by another process (seq 43 expected 42) [ 295.000665][ T7326] done [ 295.003770][ T7326] bcachefs (loop0): Fixed errors, running fsck a second time to verify fs is clean [ 295.022099][ T7326] bcachefs (loop0): bch2_write_super(): fatal error loop0: Superblock modified by another process (seq 43 expected 42) [ 295.035371][ T7326] bcachefs (loop0): done starting filesystem [ 295.298267][ T5816] bcachefs (loop0): shutting down [ 295.503542][ T5816] bcachefs (loop0): shutdown complete [ 295.615276][ T7349] usb usb8: usbfs: process 7349 (syz.3.578) did not claim interface 0 before use [ 296.337347][ T7356] netlink: 12 bytes leftover after parsing attributes in process `syz.1.583'. [ 296.716800][ T7352] loop4: detected capacity change from 0 to 32768 [ 296.798092][ T7352] gfs2: fsid=commit: Trying to join cluster "lock_nolock", "commit" [ 296.806480][ T7352] gfs2: fsid=commit: Now mounting FS (format 1802)... [ 296.873711][ T7352] gfs2: fsid=commit.0: journal 0 mapped with 7 extents in 0ms [ 296.920773][ T1862] gfs2: fsid=commit.0: jid=0, already locked for use [ 296.928526][ T1862] gfs2: fsid=commit.0: jid=0: Looking at journal... [ 296.942562][ T1862] kworker/1:2: attempt to access beyond end of device [ 296.942562][ T1862] loop4: rw=0, sector=19193135816, nr_sectors = 8 limit=32768 [ 297.288575][ T1862] gfs2: fsid=commit.0: jid=0: Failed [ 297.294864][ T7352] gfs2: fsid=commit.0: error recovering journal 0: -5 [ 297.466028][ T7370] netlink: 168 bytes leftover after parsing attributes in process `syz.3.588'. [ 297.789356][ T7373] loop2: detected capacity change from 0 to 64 [ 298.442668][ T5111] Bluetooth: hci2: command 0x0406 tx timeout [ 298.449721][ T5111] Bluetooth: hci0: command 0x0406 tx timeout [ 298.458125][ T5111] Bluetooth: hci3: command 0x0406 tx timeout [ 298.464951][ T5111] Bluetooth: hci1: command 0x0406 tx timeout [ 299.366217][ T7402] loop0: detected capacity change from 0 to 64 [ 299.554785][ T5133] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 299.643530][ T7409] sp0: Synchronizing with TNC [ 299.649966][ T7410] loop2: detected capacity change from 0 to 256 [ 299.688702][ T7413] netlink: 4 bytes leftover after parsing attributes in process `syz.4.604'. [ 299.747710][ T7407] [U] è [ 299.770331][ T5133] usb 2-1: config 0 has no interfaces? [ 299.790904][ T5133] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 299.801216][ T5133] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 299.809801][ T5133] usb 2-1: Manufacturer: syz [ 299.885196][ T5133] usb 2-1: config 0 descriptor?? [ 300.137891][ T1862] usb 2-1: USB disconnect, device number 2 [ 300.517535][ T7429] loop4: detected capacity change from 0 to 512 [ 300.558683][ T7429] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 300.595416][ T7429] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002] [ 300.608942][ T7429] System zones: 1-12 [ 300.635740][ T7429] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.612: corrupted in-inode xattr: e_value size too large [ 300.667239][ T7429] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.612: couldn't read orphan inode 15 (err -117) [ 300.702717][ T7429] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 300.819750][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.167390][ T7445] loop2: detected capacity change from 0 to 128 [ 301.606079][ T7455] netlink: 364 bytes leftover after parsing attributes in process `syz.2.623'. [ 301.615634][ T7455] sch_tbf: burst 0 is lower than device veth1_virt_wifi mtu (1514) ! [ 301.787279][ T7457] geneve2: entered promiscuous mode [ 302.252786][ T7468] loop0: detected capacity change from 0 to 512 [ 302.353216][ T7468] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.366505][ T7468] ext4 filesystem being mounted at /126/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 302.400918][ T7473] loop4: detected capacity change from 0 to 128 [ 302.508187][ T7468] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.629: corrupted xattr block 33: invalid header [ 302.545179][ T7468] fscrypt (loop0, inode 15): Error -117 getting encryption context [ 302.832385][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.066997][ T7485] binder: 7484:7485 ioctl 400c620e 2000000001c0 returned -22 [ 303.145374][ T7487] netlink: 25 bytes leftover after parsing attributes in process `syz.0.635'. [ 303.540521][ T1862] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 303.711196][ T1862] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 303.726977][ T1862] usb 5-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 303.740885][ T1862] usb 5-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 303.754567][ T1862] usb 5-1: config 0 interface 0 has no altsetting 0 [ 303.761406][ T1862] usb 5-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.00 [ 303.771055][ T1862] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 303.790557][ T1862] usb 5-1: config 0 descriptor?? [ 304.285606][ T1862] lenovo 0003:17EF:60A3.0006: hidraw0: USB HID v0.00 Device [HID 17ef:60a3] on usb-dummy_hcd.4-1/input0 [ 304.457241][ T1862] usb 5-1: USB disconnect, device number 5 [ 304.655929][ T7516] netlink: 128 bytes leftover after parsing attributes in process `syz.1.651'. [ 304.665939][ T7516] netlink: 8 bytes leftover after parsing attributes in process `syz.1.651'. [ 304.678169][ T7518] netdevsim netdevsim2: Direct firmware load for ..€ failed with error -2 [ 304.687212][ T7518] netdevsim netdevsim2: Falling back to sysfs fallback for: ..€ [ 305.496652][ T7522] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 305.502975][ T7522] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 305.581037][ T7522] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 305.587640][ T7522] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 305.626141][ T7522] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 305.632483][ T7522] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 305.692359][ T7522] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 305.698872][ T7522] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 305.760196][ T7522] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 305.771756][ T7522] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 305.837002][ T7522] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 306.343889][ T7555] loop3: detected capacity change from 0 to 512 [ 306.419856][ T7555] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 306.495547][ T7555] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 306.514019][ T7555] EXT4-fs (loop3): 1 truncate cleaned up [ 306.540595][ T7555] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 306.844973][ T5828] Bluetooth: hci0: command 0x0406 tx timeout [ 306.921783][ T7568] loop2: detected capacity change from 0 to 1024 [ 306.948609][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 307.234960][ T5133] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 307.263154][ T7567] loop4: detected capacity change from 0 to 4096 [ 307.417878][ T7575] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 307.466897][ T5133] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 307.477161][ T5133] usb 1-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00 [ 307.486585][ T5133] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 307.596464][ T5133] usb 1-1: config 0 descriptor?? [ 307.635182][ T5828] Bluetooth: hci2: command 0x0406 tx timeout [ 307.641644][ T5111] Bluetooth: hci1: command 0x0406 tx timeout [ 307.716478][ T5828] Bluetooth: hci3: command 0x0406 tx timeout [ 307.797150][ T5828] Bluetooth: hci4: command 0x0405 tx timeout [ 308.128065][ T5133] logitech-djreceiver 0003:046D:C71F.0007: unknown main item tag 0x2 [ 308.352747][ T5133] usb 1-1: USB disconnect, device number 4 [ 308.935191][ T5828] Bluetooth: hci0: command 0x0406 tx timeout [ 309.237599][ T7610] loop0: detected capacity change from 0 to 256 [ 309.292797][ T7611] loop3: detected capacity change from 0 to 512 [ 309.359832][ T7610] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x2f9e4978, utbl_chksum : 0xe619d30d) [ 309.364652][ T7611] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 309.433676][ T7611] EXT4-fs (loop3): 1 truncate cleaned up [ 309.441507][ T7611] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 309.714875][ T5828] Bluetooth: hci2: command 0x0406 tx timeout [ 309.721225][ T5111] Bluetooth: hci1: command 0x0406 tx timeout [ 309.794724][ T5828] Bluetooth: hci3: command 0x0406 tx timeout [ 309.874670][ T5828] Bluetooth: hci4: command 0x0405 tx timeout [ 309.934211][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.097030][ T7629] loop2: detected capacity change from 0 to 256 [ 310.205301][ T7629] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 310.504072][ T7632] loop3: detected capacity change from 0 to 4096 [ 310.763065][ T7644] syz.2.708 uses obsolete (PF_INET,SOCK_PACKET) [ 311.307771][ T7654] loop0: detected capacity change from 0 to 512 [ 311.365454][ T7654] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 311.445411][ T7654] EXT4-fs (loop0): warning: mounting unchecked fs, running e2fsck is recommended [ 311.536239][ T7654] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 311.545612][ T7654] System zones: 0-2, 18-18, 34-35 [ 311.564666][ T7654] EXT4-fs (loop0): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 311.751340][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0700-0000-0000-000000000000. [ 311.955148][ T5828] Bluetooth: hci4: command 0x0405 tx timeout [ 313.715182][ T1862] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 313.783023][ T7686] syz.3.727 (7686): drop_caches: 2 [ 313.904801][ T1862] usb 2-1: Using ep0 maxpacket: 32 [ 313.920633][ T1862] usb 2-1: config 0 interface 0 has no altsetting 0 [ 313.963272][ T1862] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 313.973087][ T1862] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 313.981828][ T1862] usb 2-1: Product: syz [ 313.986317][ T1862] usb 2-1: Manufacturer: syz [ 313.991072][ T1862] usb 2-1: SerialNumber: syz [ 314.048853][ T1862] usb 2-1: config 0 descriptor?? [ 314.517896][ T1862] gs_usb 2-1:0.0: Configuring for 49 interfaces [ 314.524594][ T1862] gs_usb 2-1:0.0: Driver cannot handle more that 3 CAN interfaces [ 314.532584][ T1862] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -22 [ 314.762071][ T1862] usb 2-1: USB disconnect, device number 3 [ 315.252031][ T7717] loop2: detected capacity change from 0 to 128 [ 315.262713][ T7717] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 315.311646][ T7717] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 315.470362][ T30] audit: type=1800 audit(1759086851.640:7): pid=7717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.740" name="file1" dev="loop2" ino=1048655 res=0 errno=0 [ 315.617657][ T7721] netlink: 16 bytes leftover after parsing attributes in process `syz.1.743'. [ 315.770911][ T1897] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 315.796667][ T7727] loop0: detected capacity change from 0 to 256 [ 315.947583][ T7727] FAT-fs (loop0): Directory bread(block 64) failed [ 315.954772][ T7727] FAT-fs (loop0): Directory bread(block 65) failed [ 315.961589][ T7727] FAT-fs (loop0): Directory bread(block 66) failed [ 315.968401][ T7727] FAT-fs (loop0): Directory bread(block 67) failed [ 315.975322][ T7727] FAT-fs (loop0): Directory bread(block 68) failed [ 315.982008][ T7727] FAT-fs (loop0): Directory bread(block 69) failed [ 315.988993][ T7727] FAT-fs (loop0): Directory bread(block 70) failed [ 315.995796][ T7727] FAT-fs (loop0): Directory bread(block 71) failed [ 316.002599][ T7727] FAT-fs (loop0): Directory bread(block 72) failed [ 316.013353][ T7727] FAT-fs (loop0): Directory bread(block 73) failed [ 316.082069][ T7731] netlink: 56 bytes leftover after parsing attributes in process `syz.2.747'. [ 316.103656][ T7727] syz.0.745: attempt to access beyond end of device [ 316.103656][ T7727] loop0: rw=524288, sector=1768, nr_sectors = 4 limit=256 [ 316.122894][ T7727] syz.0.745: attempt to access beyond end of device [ 316.122894][ T7727] loop0: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 316.138520][ T30] audit: type=1800 audit(1759086852.320:8): pid=7727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.745" name="file1" dev="loop0" ino=1048656 res=0 errno=0 [ 316.553258][ T7742] loop3: detected capacity change from 0 to 64 [ 316.734879][ T1862] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 316.961309][ T1862] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 316.972785][ T1862] usb 2-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 316.984064][ T1862] usb 2-1: config 0 interface 0 has no altsetting 0 [ 316.991059][ T1862] usb 2-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00 [ 317.000467][ T1862] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 317.681471][ T7752] loop0: detected capacity change from 0 to 32768 [ 317.694795][ T1862] usb 2-1: config 0 descriptor?? [ 317.701686][ T7739] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 317.735895][ T7752] JBD2: Ignoring recovery information on journal [ 317.841247][ T7752] (syz.0.758,7752,1):ocfs2_load_local_alloc:320 ERROR: Local alloc size is invalid (la_size = 0) [ 317.856332][ T7752] (syz.0.758,7752,1):ocfs2_load_local_alloc:356 ERROR: status = -22 [ 317.866001][ T7752] (syz.0.758,7752,1):ocfs2_check_volume:2404 ERROR: status = -22 [ 317.874066][ T7752] (syz.0.758,7752,1):ocfs2_check_volume:2432 ERROR: status = -22 [ 317.882263][ T7752] (syz.0.758,7752,1):ocfs2_mount_volume:1764 ERROR: status = -22 [ 317.901959][ T7752] (syz.0.758,7752,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 318.191517][ T7755] loop3: detected capacity change from 0 to 4096 [ 318.383873][ T1862] logitech 0003:046D:C24F.0008: hidraw0: USB HID v0.07 Device [HID 046d:c24f] on usb-dummy_hcd.1-1/input0 [ 318.395961][ T1862] logitech 0003:046D:C24F.0008: no inputs found [ 318.617320][ T5133] usb 2-1: USB disconnect, device number 4 [ 320.275376][ T5133] kernel write not supported for file /sequencer (pid: 5133 comm: kworker/0:2) [ 321.299865][ T7830] loop4: detected capacity change from 0 to 1024 [ 321.596085][ T7830] hfsplus: bad catalog entry type [ 321.908645][ T7831] loop3: detected capacity change from 0 to 32768 [ 321.941433][ T3945] hfsplus: b-tree write err: -5, ino 4 [ 322.075729][ T7831] (syz.3.791,7831,0):ocfs2_load_local_alloc:339 ERROR: inconsistent detected, clean journal with unrecovered local alloc, please run fsck.ocfs2! [ 322.075729][ T7831] found = 8, set = 0, taken = 0, off = 0 [ 322.096328][ T7831] (syz.3.791,7831,0):ocfs2_load_local_alloc:356 ERROR: status = -22 [ 322.104902][ T7831] (syz.3.791,7831,0):ocfs2_check_volume:2404 ERROR: status = -22 [ 322.113174][ T7831] (syz.3.791,7831,0):ocfs2_check_volume:2432 ERROR: status = -22 [ 322.121244][ T7831] (syz.3.791,7831,0):ocfs2_mount_volume:1764 ERROR: status = -22 [ 322.138922][ T7831] (syz.3.791,7831,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 322.791213][ T7850] loop0: detected capacity change from 0 to 512 [ 322.934152][ T7850] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 322.948989][ T7850] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 323.256200][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.567069][ T7876] netlink: 60 bytes leftover after parsing attributes in process `syz.0.808'. [ 323.630674][ T7877] netlink: 60 bytes leftover after parsing attributes in process `syz.0.808'. [ 323.813422][ T7881] loop2: detected capacity change from 0 to 164 [ 323.941477][ T7881] rock: directory entry would overflow storage [ 323.948190][ T7881] rock: sig=0x4f50, size=4, remaining=3 [ 323.954059][ T7881] isofs: Unable to find the ".." directory for NFS. [ 324.798385][ T7900] zonefs (nullb0) ERROR: Not a zoned block device [ 325.032467][ T7903] batadv0: entered promiscuous mode [ 325.038355][ T7903] macvtap1: entered promiscuous mode [ 325.049498][ T7903] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 325.098576][ T7907] netlink: 20 bytes leftover after parsing attributes in process `syz.4.825'. [ 325.108278][ T7907] netlink: 36 bytes leftover after parsing attributes in process `syz.4.825'. [ 325.131345][ T7903] batadv0: left promiscuous mode [ 325.174216][ T1862] hid-generic 0000:0003:0001.0009: unknown main item tag 0x0 [ 325.182449][ T1862] hid-generic 0000:0003:0001.0009: unknown main item tag 0x0 [ 325.242150][ T1862] hid-generic 0000:0003:0001.0009: hidraw0: HID v0.03 Device [syz0] on syz1 [ 325.582795][ T7914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.828'. [ 325.606496][ T7914] ip6gretap0: entered promiscuous mode [ 325.645070][ T7914] ip6gretap0: left promiscuous mode [ 325.656763][ T7917] loop4: detected capacity change from 0 to 256 [ 325.761080][ T7922] loop3: detected capacity change from 0 to 1024 [ 325.868138][ T7922] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 325.881059][ T7922] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 326.162672][ T7929] loop0: detected capacity change from 0 to 1024 [ 326.423950][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.585152][ T1862] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 326.771346][ T67] hfsplus: b-tree write err: -5, ino 4 [ 326.791257][ T1862] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 326.802800][ T1862] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 326.812944][ T1862] usb 3-1: config 0 interface 0 has no altsetting 0 [ 326.820012][ T1862] usb 3-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00 [ 326.829415][ T1862] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 327.016993][ T1862] usb 3-1: config 0 descriptor?? [ 327.516664][ T1862] input: HID 054c:03d5 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:054C:03D5.000A/input/input10 [ 327.615538][ T1862] sony 0003:054C:03D5.000A: input,hidraw0: USB HID v1d.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.2-1/input0 [ 327.673909][ T7946] loop0: detected capacity change from 0 to 256 [ 327.721264][ T1862] usb 3-1: USB disconnect, device number 6 [ 327.744569][ T7951] netlink: 8 bytes leftover after parsing attributes in process `syz.4.843'. [ 328.154631][ T7954] rdma_op ffff88801e80b980 conn xmit_rdma 0000000000000000 [ 328.693698][ T7969] netlink: 8 bytes leftover after parsing attributes in process `syz.1.852'. [ 328.707394][ T7969] netlink: 4 bytes leftover after parsing attributes in process `syz.1.852'. [ 328.717997][ T7969] netlink: 'syz.1.852': attribute type 6 has an invalid length. [ 329.995302][ T7996] netlink: 8 bytes leftover after parsing attributes in process `syz.3.865'. [ 330.122189][ T8002] loop2: detected capacity change from 0 to 8 [ 330.163219][ T8002] SQUASHFS error: lzo decompression failed, data probably corrupt [ 330.171558][ T8002] SQUASHFS error: Failed to read block 0x144: -5 [ 330.178254][ T8002] SQUASHFS error: Unable to read metadata cache entry [142] [ 330.185777][ T8002] SQUASHFS error: Unable to read inode 0x11f [ 330.228790][ T8001] loop0: detected capacity change from 0 to 1024 [ 330.952010][ T8004] loop4: detected capacity change from 0 to 32768 [ 331.116925][ T8001] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 331.233446][ T8004] (syz.4.869,8004,1):ocfs2_init_local_system_inodes:496 ERROR: status=-22, sysfile=11, slot=0 [ 331.244570][ T8004] (syz.4.869,8004,1):ocfs2_init_local_system_inodes:505 ERROR: status = -22 [ 331.253459][ T8004] (syz.4.869,8004,1):ocfs2_mount_volume:1758 ERROR: status = -22 [ 331.267945][ T8004] (syz.4.869,8004,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 331.519671][ T3632] wlan1: Trigger new scan to find an IBSS to join [ 331.914648][ T5133] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 331.927763][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.928767][ T8018] sp0: Synchronizing with TNC [ 332.008739][ T8020] loop2: detected capacity change from 0 to 256 [ 332.138410][ T5133] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 332.148065][ T5133] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 332.156390][ T5133] usb 4-1: Product: syz [ 332.160709][ T5133] usb 4-1: Manufacturer: syz [ 332.165567][ T5133] usb 4-1: SerialNumber: syz [ 332.218366][ T8024] Bluetooth: MGMT ver 1.23 [ 332.236382][ T5133] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 332.349797][ T11] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 333.058112][ T1862] usb 4-1: USB disconnect, device number 4 [ 333.285655][ T8040] loop0: detected capacity change from 0 to 1024 [ 333.487171][ T8046] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 333.717910][ T11] usb 4-1: Service connection timeout for: 256 [ 333.728800][ T11] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services [ 333.740289][ T11] ath9k_htc: Failed to initialize the device [ 333.788830][ T8048] netlink: 4 bytes leftover after parsing attributes in process `syz.2.889'. [ 333.825836][ T1862] usb 4-1: ath9k_htc: USB layer deinitialized [ 333.867519][ T8053] loop0: detected capacity change from 0 to 512 [ 333.882817][ T8053] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 333.892053][ T8053] EXT4-fs (loop0): orphan cleanup on readonly fs [ 333.901855][ T8053] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated! [ 333.911215][ T8053] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota [ 333.921678][ T8053] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.890: Failed to acquire dquot type 1 [ 333.949219][ T8053] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.890: bg 0: block 40: padding at end of block bitmap is not set [ 333.965811][ T8053] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 333.978156][ T8053] EXT4-fs (loop0): 1 truncate cleaned up [ 333.986309][ T8053] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 334.067109][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.455776][ T8057] loop4: detected capacity change from 0 to 4096 [ 334.528309][ T8057] EXT4-fs: Ignoring removed mblk_io_submit option [ 334.588228][ T8057] EXT4-fs (loop4): Test dummy encryption mode enabled [ 334.663681][ T8057] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 335.378850][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.475044][ T3632] wlan1: Trigger new scan to find an IBSS to join [ 335.653924][ T8076] kernel profiling enabled (shift: 34) [ 335.659985][ T8076] profiling shift: 34 too large [ 335.926400][ T8082] netlink: 40 bytes leftover after parsing attributes in process `syz.3.904'. [ 336.047652][ T8085] netlink: 24 bytes leftover after parsing attributes in process `syz.2.905'. [ 336.291655][ T8091] loop0: detected capacity change from 0 to 512 [ 336.373758][ T8091] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.390488][ T8091] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 336.527387][ T3791] wlan1: Creating new IBSS network, BSSID 9a:b9:90:6b:14:cf [ 336.759334][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.768120][ T8101] loop2: detected capacity change from 0 to 512 [ 336.807291][ T8101] EXT4-fs: Ignoring removed orlov option [ 336.813209][ T8101] EXT4-fs: Ignoring removed nobh option [ 336.877016][ T8101] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 336.931074][ T8105] loop4: detected capacity change from 0 to 512 [ 336.955694][ T8101] EXT4-fs (loop2): orphan cleanup on readonly fs [ 336.984884][ T8105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.985086][ T8101] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.911: bg 0: block 248: padding at end of block bitmap is not set [ 337.089658][ T8101] Quota error (device loop2): write_blk: dquota write failed [ 337.097911][ T8101] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 337.113011][ T8101] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.911: Failed to acquire dquot type 1 [ 337.180150][ T8101] EXT4-fs (loop2): 1 truncate cleaned up [ 337.211727][ T8101] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 337.363105][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.432423][ T8113] loop0: detected capacity change from 0 to 1024 [ 337.568960][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.653706][ T8117] Invalid option length (3717) for dns_resolver key [ 337.781296][ T3791] hfsplus: b-tree write err: -5, ino 4 [ 338.467579][ T8138] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode [ 338.475014][ T8138] macsec1: entered promiscuous mode [ 338.512027][ T8138] mac80211_hwsim hwsim9 wlan1: left promiscuous mode [ 339.293781][ T8157] tipc: Started in network mode [ 339.299571][ T8157] tipc: Node identity 00000000000000000000ffffe000002e, cluster identity 4711 [ 339.309131][ T8157] tipc: Enabling of bearer rejected, failed to enable media [ 339.375638][ T8159] loop2: detected capacity change from 0 to 512 [ 339.426095][ T8159] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 339.513344][ T8159] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 339.547594][ T8165] sock: sock_set_timeout: `syz.4.941' (pid 8165) tries to set negative timeout [ 339.584859][ T8159] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.938: bg 0: block 248: padding at end of block bitmap is not set [ 339.632898][ T8159] Quota error (device loop2): write_blk: dquota write failed [ 339.641654][ T8159] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 339.651935][ T8159] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.938: Failed to acquire dquot type 1 [ 339.700213][ T8159] EXT4-fs (loop2): 1 truncate cleaned up [ 339.708954][ T8159] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 340.075974][ T8177] netlink: 'syz.0.946': attribute type 3 has an invalid length. [ 340.079850][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 340.779138][ T8188] loop3: detected capacity change from 0 to 128 [ 340.818989][ T8185] loop0: detected capacity change from 0 to 16384 [ 340.838101][ T8185] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section members_v2: section too small (28 > 8) [ 340.838101][ T8185] members_v2 (size 8): [ 340.838101][ T8185] field ends before start of entries [ 340.856155][ T8186] loop4: detected capacity change from 0 to 1024 [ 340.861049][ T8185] bcachefs: bch2_fs_get_tree() error: invalid_sb_members [ 340.885166][ T8188] EXT4-fs: Ignoring removed nobh option [ 340.977219][ T8188] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 341.063296][ T8188] ext4 filesystem being mounted at /191/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 341.111091][ T8188] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 1073741831 (only 1 groups) [ 341.450023][ T5818] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 341.635437][ T11] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 341.806766][ T11] usb 5-1: Using ep0 maxpacket: 32 [ 341.818927][ T8205] loop2: detected capacity change from 0 to 64 [ 341.846459][ T11] usb 5-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 341.859938][ T11] usb 5-1: config 0 interface 0 has no altsetting 0 [ 341.866856][ T11] usb 5-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00 [ 341.876302][ T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 341.918003][ T11] usb 5-1: config 0 descriptor?? [ 342.360371][ T8211] loop2: detected capacity change from 0 to 128 [ 342.392196][ T11] elecom 0003:056E:00E6.000B: unknown main item tag 0x7 [ 342.406842][ T8211] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 342.443795][ T11] elecom 0003:056E:00E6.000B: hidraw0: USB HID v10.00 Device [HID 056e:00e6] on usb-dummy_hcd.4-1/input0 [ 342.475323][ T8211] hpfs: filesystem error: improperly stopped [ 342.481644][ T8211] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 342.490039][ T8211] hpfs: You really don't want any checks? You are crazy... [ 342.520240][ T8211] hpfs: hpfs_map_sector(): read error [ 342.530172][ T8211] hpfs: code page support is disabled [ 342.549069][ T8211] hpfs: hpfs_map_4sectors(): unaligned read [ 342.566995][ T1862] usb 5-1: USB disconnect, device number 6 [ 342.584121][ T8211] hpfs: hpfs_map_4sectors(): unaligned read [ 342.591634][ T8211] hpfs: filesystem error: unable to find root dir [ 342.639820][ T8215] loop0: detected capacity change from 0 to 1024 [ 342.664812][ T8215] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 342.839396][ T8215] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 342.840415][ T8215] EXT4-fs (loop0): orphan cleanup on readonly fs [ 342.841688][ T8215] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.964: Freeing blocks not in datazone - block = 0, count = 4096 [ 342.842717][ T8215] EXT4-fs (loop0): 1 orphan inode deleted [ 342.844765][ T8215] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 342.887456][ T8215] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.964: iget: bad i_size value: 1970324836974602 [ 342.893150][ T8215] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.964: iget: bad i_size value: 1970324836974602 [ 342.987323][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.700599][ T8233] loop0: detected capacity change from 0 to 1024 [ 343.789006][ T8233] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 343.956003][ T11] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 344.158937][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.215439][ T11] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 248, changing to 11 [ 344.227017][ T11] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 344.237098][ T11] usb 3-1: New USB device found, idVendor=056e, idProduct=010c, bcdDevice= 0.00 [ 344.246535][ T11] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.262268][ T11] usb 3-1: config 0 descriptor?? [ 344.723319][ T11] elecom 0003:056E:010C.000C: item fetching failed at offset 5/7 [ 344.746900][ T11] elecom 0003:056E:010C.000C: probe with driver elecom failed with error -22 [ 344.825526][ T30] audit: type=1326 audit(1759086881.000:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8255 comm="syz.3.982" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcce518eec9 code=0x0 [ 344.847102][ C0] vkms_vblank_simulate: vblank timer overrun [ 344.924105][ T1862] usb 3-1: USB disconnect, device number 7 [ 345.012606][ T8261] netlink: 12 bytes leftover after parsing attributes in process `syz.0.984'. [ 346.170189][ T8281] loop3: detected capacity change from 0 to 1764 [ 346.272771][ T8289] binder: 8288:8289 ioctl c0306201 200000000080 returned -22 [ 346.603043][ T8295] loop0: detected capacity change from 0 to 128 [ 346.672716][ T8295] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 346.737713][ T8295] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 346.821654][ T8295] overlayfs: upper fs needs to support d_type. [ 346.835339][ T8295] overlayfs: upper fs does not support tmpfile. [ 347.276514][ T8312] loop0: detected capacity change from 0 to 512 [ 347.314145][ T8312] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1008: casefold flag without casefold feature [ 347.349231][ T8312] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1008: couldn't read orphan inode 15 (err -117) [ 347.435736][ T8312] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 347.450413][ T8319] loop2: detected capacity change from 0 to 128 [ 347.473815][ T8319] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 347.496642][ T8312] EXT4-fs error (device loop0): ext4_add_entry:2417: inode #2: comm syz.0.1008: Directory hole found for htree leaf block 0 [ 347.529430][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.536274][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 347.575746][ T8319] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 347.822674][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.103030][ T5828] Bluetooth: hci4: unknown advertising packet type: 0x1c [ 348.103142][ T5828] Bluetooth: hci4: unknown advertising packet type: 0x20 [ 348.110591][ T5828] Bluetooth: hci4: unknown advertising packet type: 0x34 [ 348.118089][ T5828] Bluetooth: hci4: unknown advertising packet type: 0x3a [ 348.125468][ T5828] Bluetooth: hci4: unknown advertising packet type: 0xb1 [ 348.132695][ T5828] Bluetooth: hci4: unknown advertising packet type: 0xbc [ 348.140911][ T5828] Bluetooth: hci4: unknown advertising packet type: 0xe6 [ 348.174183][ T8334] program syz.3.1018 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 349.043289][ T8350] loop4: detected capacity change from 0 to 128 [ 349.071463][ T8350] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 349.119291][ T8350] hpfs: filesystem error: improperly stopped [ 349.126204][ T8350] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 349.134461][ T8350] hpfs: You really don't want any checks? You are crazy... [ 349.140380][ T8354] loop3: detected capacity change from 0 to 256 [ 349.155368][ T8350] hpfs: hpfs_map_sector(): read error [ 349.160897][ T8350] hpfs: code page support is disabled [ 349.165783][ T8354] exfat: Deprecated parameter 'utf8' [ 349.172232][ T8354] exfat: Deprecated parameter 'namecase' [ 349.208698][ T8356] loop2: detected capacity change from 0 to 128 [ 349.211940][ T8354] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 349.227018][ T8350] hpfs: hpfs_map_4sectors(): unaligned read [ 349.233550][ T8350] hpfs: hpfs_map_4sectors(): unaligned read [ 349.243437][ T8350] hpfs: filesystem error: unable to find root dir [ 349.245195][ T8310] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 349.271926][ T5828] Bluetooth: hci0: command 0x0406 tx timeout [ 349.345853][ T8356] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 349.383904][ T8350] hpfs: hpfs_map_4sectors(): unaligned read [ 349.420105][ T8356] ext4 filesystem being mounted at /196/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 349.529428][ T8356] EXT4-fs warning (device loop2): ext4_group_extend:1886: will only finish group (8193 blocks, 8129 new) [ 349.541470][ T8356] EXT4-fs warning (device loop2): ext4_group_extend:1891: can't read last block, resize aborted [ 349.677389][ T8361] loop0: detected capacity change from 0 to 4096 [ 349.779677][ T8366] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 349.790188][ T5815] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 349.862633][ T8361] NILFS error (device loop0): nilfs_dotdot: directory #12 missing '.' [ 349.944819][ T8361] Remounting filesystem read-only [ 350.369794][ T8370] loop3: detected capacity change from 0 to 64 [ 350.629608][ T8365] loop4: detected capacity change from 0 to 40427 [ 350.645533][ T8365] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(6) root(3) [ 350.645567][ T5816] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 350.645661][ T8365] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 350.674579][ T8365] F2FS-fs (loop4): invalid crc value [ 350.977936][ T8365] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 350.989889][ T8365] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 350.997448][ T8365] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 351.043661][ T8378] loop3: detected capacity change from 0 to 1024 [ 351.625182][ T3816] hfsplus: b-tree write err: -5, ino 4 [ 352.094164][ T8382] loop2: detected capacity change from 0 to 32768 [ 352.173354][ T8382] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 352.308180][ T5815] ocfs2: Unmounting device (7,2) on (node local) [ 352.879115][ T8402] loop3: detected capacity change from 0 to 256 [ 353.113861][ T8402] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 353.275289][ T30] audit: type=1326 audit(1759086889.450:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfe558eec9 code=0x7ffc0000 [ 353.367175][ T8408] loop0: detected capacity change from 0 to 256 [ 353.378039][ T30] audit: type=1326 audit(1759086889.520:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fcfe558eec9 code=0x7ffc0000 [ 353.404006][ T30] audit: type=1326 audit(1759086889.530:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcfe558ef03 code=0x7ffc0000 [ 353.427480][ T30] audit: type=1326 audit(1759086889.530:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcfe558d97f code=0x7ffc0000 [ 353.449844][ T30] audit: type=1326 audit(1759086889.530:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fcfe558ef57 code=0x7ffc0000 [ 353.472484][ T30] audit: type=1326 audit(1759086889.530:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcfe558d710 code=0x7ffc0000 [ 353.498272][ T30] audit: type=1326 audit(1759086889.550:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcfe558eacb code=0x7ffc0000 [ 353.521790][ T30] audit: type=1326 audit(1759086889.550:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcfe558db2a code=0x7ffc0000 [ 353.544396][ T30] audit: type=1326 audit(1759086889.590:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcfe558db2a code=0x7ffc0000 [ 353.561714][ T8408] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001) [ 353.566807][ T30] audit: type=1326 audit(1759086889.590:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8407 comm="syz.0.1053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fcfe558d617 code=0x7ffc0000 [ 354.093723][ T8420] loop3: detected capacity change from 0 to 22 [ 354.491135][ T8430] loop4: detected capacity change from 0 to 256 [ 354.811789][ T8434] loop0: detected capacity change from 0 to 512 [ 354.828867][ T8420] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 354.950106][ T8434] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1064: iget: bad extended attribute block 1 [ 355.047397][ T8434] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1064: couldn't read orphan inode 15 (err -117) [ 355.106892][ T8434] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.142907][ T8436] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 13: invalid block bitmap [ 355.204691][ T8430] FAT-fs (loop4): Directory bread(block 64) failed [ 355.211419][ T8430] FAT-fs (loop4): Directory bread(block 65) failed [ 355.218511][ T8430] FAT-fs (loop4): Directory bread(block 66) failed [ 355.229276][ T8430] FAT-fs (loop4): Directory bread(block 67) failed [ 355.237587][ T8430] FAT-fs (loop4): Directory bread(block 68) failed [ 355.244540][ T8430] FAT-fs (loop4): Directory bread(block 69) failed [ 355.251368][ T8430] FAT-fs (loop4): Directory bread(block 70) failed [ 355.258148][ T8430] FAT-fs (loop4): Directory bread(block 71) failed [ 355.265109][ T8430] FAT-fs (loop4): Directory bread(block 72) failed [ 355.271795][ T8430] FAT-fs (loop4): Directory bread(block 73) failed [ 355.275567][ T8434] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 356.216979][ T8442] loop3: detected capacity change from 0 to 32768 [ 356.253190][ T8442] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1066 (8442) [ 356.272412][ T8442] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 356.282967][ T8442] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm [ 356.293065][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.498481][ T67] BTRFS warning (device loop3): checksum verify failed on logical 5267456 mirror 1 wanted 0x22fa3277 found 0x6637d952 level 0 [ 356.512402][ T8442] BTRFS warning (device loop3): failed to read fs tree: -5 [ 356.605418][ T8442] BTRFS error (device loop3): open_ctree failed: -5 [ 357.155428][ T8479] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1078'. [ 357.257330][ T8474] loop4: detected capacity change from 0 to 4096 [ 357.390908][ T8474] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 357.453132][ T8474] System zones: 0-5 [ 357.492349][ T8474] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 357.837827][ T8492] loop3: detected capacity change from 0 to 4096 [ 357.875944][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.893461][ T8492] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 358.040358][ T8497] loop0: detected capacity change from 0 to 16 [ 358.071809][ T8497] erofs (device loop0): mounted with root inode @ nid 36. [ 358.698748][ T8497] syz.0.1086: attempt to access beyond end of device [ 358.698748][ T8497] loop0: rw=0, sector=1152, nr_sectors = 257 limit=16 [ 358.717411][ T8497] erofs (device loop0): read error -5 @ 0 of nid 36 [ 359.557958][ T8527] loop3: detected capacity change from 0 to 1024 [ 359.644864][ T8527] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 359.947998][ T8542] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1107'. [ 360.032010][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.238078][ T24] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 360.425600][ T24] usb 3-1: Using ep0 maxpacket: 32 [ 360.458146][ T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10 [ 360.470656][ T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024 [ 360.482692][ T24] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 360.535669][ T8555] loop3: detected capacity change from 0 to 8 [ 360.578050][ T24] usb 3-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 360.587472][ T24] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 360.590775][ T8557] loop0: detected capacity change from 0 to 64 [ 360.596204][ T24] usb 3-1: Product: syz [ 360.596301][ T24] usb 3-1: Manufacturer: syz [ 360.596392][ T24] usb 3-1: SerialNumber: syz [ 360.623284][ T24] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input11 [ 360.645727][ T8555] SQUASHFS error: Failed to read block 0x4e8: -5 [ 360.657430][ T8555] SQUASHFS error: Failed to read block 0x4de: -5 [ 360.666012][ T8555] SQUASHFS error: Failed to read block 0x4de: -5 [ 360.670742][ T8557] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 360.673302][ T8555] SQUASHFS error: Failed to read block 0x4de: -5 [ 360.692840][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 360.692912][ T30] audit: type=1800 audit(1759086896.870:28): pid=8555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1113" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 360.865596][ T24] usb 3-1: USB disconnect, device number 8 [ 360.889898][ T24] appletouch 3-1:1.0: input: appletouch disconnected [ 361.315916][ T8568] loop0: detected capacity change from 0 to 512 [ 361.339327][ T8568] EXT4-fs: Ignoring removed mblk_io_submit option [ 361.402822][ T8568] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 361.448036][ T8568] EXT4-fs (loop0): orphan cleanup on readonly fs [ 361.500305][ T8568] Quota error (device loop0): v2_read_file_info: Block with free entry 1 out of range (1, 6). [ 361.511713][ T8568] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 361.585385][ T8568] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 361.620537][ T8568] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1119: bg 0: block 40: padding at end of block bitmap is not set [ 361.690451][ T8568] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 361.730487][ T8568] EXT4-fs (loop0): 1 truncate cleaned up [ 361.738290][ T8568] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 361.989858][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.035433][ T5828] Bluetooth: hci1: command 0x0406 tx timeout [ 362.045072][ T8540] Bluetooth: hci1: Opcode 0x080f failed: -110 [ 362.149738][ T8581] loop3: detected capacity change from 0 to 64 [ 362.270991][ T8581] overlayfs: upper fs needs to support d_type. [ 362.348040][ T8581] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 362.355702][ T8581] overlayfs: failed to set xattr on upper [ 362.361632][ T8581] overlayfs: ...falling back to redirect_dir=nofollow. [ 362.369086][ T8581] overlayfs: ...falling back to index=off. [ 362.375136][ T8581] overlayfs: ...falling back to uuid=null. [ 362.645238][ T24] IPVS: starting estimator thread 0... [ 362.651839][ T8591] IPVS: ip_vs_edit_dest(): server weight less than zero [ 362.745250][ T8593] IPVS: using max 240 ests per chain, 12000 per kthread [ 363.141172][ T8603] netlink: 'syz.3.1132': attribute type 6 has an invalid length. [ 363.720790][ T8616] loop0: detected capacity change from 0 to 512 [ 363.833174][ T8622] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1143'. [ 363.910716][ T8616] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.925007][ T8616] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 364.207577][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.026813][ T8632] loop3: detected capacity change from 0 to 40427 [ 365.095399][ T8632] F2FS-fs (loop3): build fault injection rate: 5 [ 365.102054][ T8632] F2FS-fs (loop3): build fault injection type: 0x3bfe8f [ 365.110141][ T8632] F2FS-fs (loop3): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x6d03/0xa750 [ 365.120371][ T8632] F2FS-fs (loop3): Failed to get valid F2FS checkpoint [ 365.241218][ T8642] netlink: 'syz.2.1152': attribute type 11 has an invalid length. [ 365.249689][ T8642] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1152'. [ 366.163049][ T8656] netlink: 27 bytes leftover after parsing attributes in process `syz.0.1157'. [ 366.209669][ T8655] support for cryptoloop has been removed. Use dm-crypt instead. [ 366.846005][ T3632] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 367.091872][ T8658] loop4: detected capacity change from 0 to 32768 [ 367.114681][ T8658] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1158 (8658) [ 367.133717][ T8658] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 367.146894][ T8658] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm [ 367.383286][ T73] BTRFS warning (device loop4): checksum verify failed on logical 5267456 mirror 1 wanted 0x22fa3277 found 0x6637d952 level 0 [ 367.399655][ T8658] BTRFS warning (device loop4): failed to read fs tree: -5 [ 368.176697][ T8678] loop3: detected capacity change from 0 to 32768 [ 368.185530][ T8678] XFS: noattr2 mount option is deprecated. [ 368.460028][ T8658] BTRFS error (device loop4): open_ctree failed: -5 [ 369.237158][ T8692] program syz.0.1168 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 369.335556][ T8696] program syz.0.1168 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 369.365711][ T8696] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 369.464500][ T8699] loop4: detected capacity change from 0 to 16 [ 369.525442][ T8699] erofs (device loop4): mounted with root inode @ nid 36. [ 370.217396][ T8711] loop4: detected capacity change from 0 to 2048 [ 370.252475][ T8717] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 370.304574][ T8711] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 370.453948][ T8721] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 370.817453][ T8726] loop0: detected capacity change from 0 to 1024 [ 370.860147][ T8726] EXT4-fs: Ignoring removed bh option [ 370.944197][ T8726] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 371.102766][ T8726] EXT4-fs: Ignoring removed orlov option [ 371.109402][ T8726] EXT4-fs: can't change dax mount option while remounting [ 371.138300][ T8731] loop4: detected capacity change from 0 to 1024 [ 371.385596][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 371.449694][ T8738] loop3: detected capacity change from 0 to 1024 [ 371.472722][ T8738] EXT4-fs: Ignoring removed i_version option [ 371.536830][ T3764] hfsplus: b-tree write err: -5, ino 4 [ 371.556189][ T8738] EXT4-fs (loop3): mounted filesystem 00010100-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 371.568858][ T8738] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 372.524978][ T8746] loop4: detected capacity change from 0 to 32768 [ 372.641164][ T3632] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 372.682358][ T8746] (syz.4.1191,8746,0):ocfs2_check_set_options:1265 ERROR: ACL support requested but extended attributes feature is not enabled [ 372.715432][ T8746] (syz.4.1191,8746,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 373.082174][ T3632] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 86 with error 28 [ 373.095715][ T3632] EXT4-fs (loop3): This should not happen!! Data will be lost [ 373.095715][ T3632] [ 373.108365][ T3632] EXT4-fs (loop3): Total free blocks count 0 [ 373.114834][ T3632] EXT4-fs (loop3): Free/Dirty block details [ 373.120870][ T3632] EXT4-fs (loop3): free_blocks=4293918720 [ 373.127019][ T3632] EXT4-fs (loop3): dirty_blocks=96 [ 373.132264][ T3632] EXT4-fs (loop3): Block reservation details [ 373.141245][ T3632] EXT4-fs (loop3): i_reserved_data_blocks=6 [ 373.298739][ T5818] EXT4-fs (loop3): unmounting filesystem 00010100-0000-0006-0000-000000000000. [ 373.823794][ T8765] loop0: detected capacity change from 0 to 512 [ 373.887336][ T8765] EXT4-fs: Ignoring removed nobh option [ 373.995093][ T8765] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1199: iget: bad i_size value: 38620345925642 [ 374.055567][ T8765] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1199: couldn't read orphan inode 15 (err -117) [ 374.088736][ T8765] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 374.440578][ T8778] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 374.486944][ T24] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 374.673651][ T24] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 374.686529][ T24] usb 2-1: config 0 has no interface number 0 [ 374.692820][ T24] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 374.708010][ T24] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 374.718138][ T24] usb 2-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 374.731432][ T24] usb 2-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 374.743304][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 374.774423][ T8772] loop3: detected capacity change from 0 to 32768 [ 374.867113][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.983604][ T24] usb 2-1: config 0 descriptor?? [ 375.504667][ T8788] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 375.511365][ T8788] comedi comedi3: 8255: I/O port conflict (0x401,4) [ 375.518503][ T8788] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 375.525282][ T8788] comedi comedi3: 8255: I/O port conflict (0x5c95239c,4) [ 375.532546][ T8788] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 375.539367][ T8788] comedi comedi3: 8255: I/O port conflict (0x3ff,4) [ 375.546281][ T8788] comedi comedi3: 8255: I/O port conflict (0xe,4) [ 375.552925][ T8788] comedi comedi3: 8255: I/O port conflict (0x3ff,4) [ 375.559979][ T8788] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 375.566782][ T8788] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 375.573561][ T8788] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 375.580576][ T8788] comedi comedi3: 8255: I/O port conflict (0x4,4) [ 375.587346][ T8788] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 375.594024][ T8788] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4) [ 375.606009][ T8788] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffe,4) [ 375.613985][ T8788] comedi comedi3: 8255: I/O port conflict (0xa,4) [ 375.621901][ T8788] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffff5,4) [ 376.132733][ T8786] loop2: detected capacity change from 0 to 32768 [ 376.158655][ T8786] read_mapping_page failed! [ 376.163425][ T8786] jfs_mount: dbMount failed w/rc = -5 [ 376.169520][ T8786] Mount JFS Failure: -5 [ 376.173811][ T8786] jfs_mount failed w/return code = -5 [ 376.278015][ T24] uclogic 0003:28BD:0042.000D: failed retrieving string descriptor #100: -71 [ 376.287485][ T24] uclogic 0003:28BD:0042.000D: failed retrieving pen parameters: -71 [ 376.295929][ T24] uclogic 0003:28BD:0042.000D: pen probing failed: -71 [ 376.302976][ T24] uclogic 0003:28BD:0042.000D: failed probing parameters: -71 [ 376.315565][ T24] uclogic 0003:28BD:0042.000D: probe with driver uclogic failed with error -71 [ 376.338147][ T24] usb 2-1: USB disconnect, device number 5 [ 378.679555][ T8838] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1234'. [ 379.684580][ T8863] loop0: detected capacity change from 0 to 128 [ 379.855318][ T8863] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 379.951833][ T8863] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 380.346468][ T5816] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 380.572593][ T8880] loop0: detected capacity change from 0 to 512 [ 380.643032][ T8880] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.1253: corrupted in-inode xattr: invalid ea_ino [ 380.703655][ T8880] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1253: couldn't read orphan inode 15 (err -117) [ 380.767764][ T8883] loop2: detected capacity change from 0 to 2048 [ 380.808849][ T8880] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 380.844581][ T8888] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 380.903599][ T8883] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #2: rec_len is too small for name_len - offset=16, inode=2, rec_len=16, name_len=255 [ 380.961890][ T8883] Remounting filesystem read-only [ 380.967499][ T8883] NILFS error (device loop2): nilfs_readdir: bad page in #2 [ 381.091448][ T8892] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 381.099836][ T8892] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 1th superblock [ 381.108403][ T8892] F2FS-fs (nullb0): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 381.116528][ T8892] F2FS-fs (nullb0): Can't find valid F2FS filesystem in 2th superblock [ 381.249735][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.795095][ T30] audit: type=1326 audit(1759086917.950:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.2.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216e38eec9 code=0x7ffc0000 [ 381.818334][ T30] audit: type=1326 audit(1759086917.950:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.2.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216e38eec9 code=0x7ffc0000 [ 381.933128][ T30] audit: type=1326 audit(1759086918.100:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.2.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f216e38eec9 code=0x7ffc0000 [ 381.959665][ T30] audit: type=1326 audit(1759086918.100:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.2.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216e38eec9 code=0x7ffc0000 [ 381.983431][ T30] audit: type=1326 audit(1759086918.100:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.2.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216e38eec9 code=0x7ffc0000 [ 382.006154][ T30] audit: type=1326 audit(1759086918.110:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.2.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f216e38eec9 code=0x7ffc0000 [ 382.028696][ T30] audit: type=1326 audit(1759086918.110:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.2.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216e38eec9 code=0x7ffc0000 [ 382.055207][ T30] audit: type=1326 audit(1759086918.110:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.2.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f216e38eec9 code=0x7ffc0000 [ 382.474982][ T11] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 382.624791][ T11] usb 3-1: Using ep0 maxpacket: 8 [ 382.632192][ T11] usb 3-1: config index 0 descriptor too short (expected 30, got 18) [ 382.682713][ T11] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 382.682860][ T11] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 382.682971][ T11] usb 3-1: Product: syz [ 382.683060][ T11] usb 3-1: Manufacturer: syz [ 382.683149][ T11] usb 3-1: SerialNumber: syz [ 382.700904][ T11] usb 3-1: config 0 descriptor?? [ 382.716434][ T11] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 382.716559][ T11] usb 3-1: setting power ON [ 382.716644][ T11] dvb-usb: bulk message failed: -22 (2/0) [ 382.731130][ T11] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 382.733851][ T11] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 382.734058][ T11] usb 3-1: media controller created [ 382.798385][ T11] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 382.953611][ T8917] dvb-usb: bulk message failed: -22 (3/0) [ 382.953700][ T8917] cxusb: i2c rd: len=169 is too big! [ 382.953700][ T8917] [ 382.957328][ T11] usb 3-1: selecting invalid altsetting 6 [ 382.957437][ T11] usb 3-1: digital interface selection failed (-22) [ 382.957516][ T11] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 382.964855][ T5133] usb 4-1: new low-speed USB device number 5 using dummy_hcd [ 382.969123][ T11] usb 3-1: setting power OFF [ 383.043459][ T11] dvb-usb: bulk message failed: -22 (2/0) [ 383.043538][ T11] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 383.043613][ T11] (NULL device *): no alternate interface [ 383.143871][ T8928] loop0: detected capacity change from 0 to 1764 [ 383.330575][ T5133] usb 4-1: unable to get BOS descriptor or descriptor too short [ 383.344936][ T5133] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 383.352988][ T5133] usb 4-1: can't read configurations, error -71 [ 383.364680][ T30] audit: type=1400 audit(1759086919.510:37): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A3A2F2F090401 pid=8923 comm="syz.3.1272" [ 383.599223][ T11] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 383.661497][ T11] usb 3-1: USB disconnect, device number 9 [ 383.944825][ T8930] loop4: detected capacity change from 0 to 32768 [ 384.047428][ T8930] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,background_compression=lz4,wide_macs,no_splitbrain_check,recovery_pass_last=accounting_read,nojournal_transaction_names,read_only,version_upgrade=incompatible,nocow,no_data_io [ 384.047585][ T8930] allowing incompatible features above 0.0: (unknown version) [ 384.047664][ T8930] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 384.105397][ T8930] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 384.118065][ T8930] bcachefs (loop4): invalid bkey in superblock btree=alloc level=0: u64s 11 type btree_ptr_v2 283673999966207:U64_MAX:U32_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 384.118194][ T8930] invalid key type for btree alloc (btree_ptr_v2), deleting [ 384.156050][ T8930] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 384.165399][ T8930] bcachefs (loop4): Version upgrade required: [ 384.165399][ T8930] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 384.165399][ T8930] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 384.165399][ T8930] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 384.245215][ T8930] bcachefs (loop4): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 0.0: (unknown version) [ 384.245215][ T8930] [ 384.422434][ T8930] bcachefs (loop4): accounting_read... done [ 384.435694][ T8930] bcachefs (loop4): Fixed errors, running fsck a second time to verify fs is clean [ 384.455008][ T8930] bcachefs (loop4): done starting filesystem [ 384.598005][ T5829] bcachefs (loop4): shutting down [ 384.722797][ T5829] bcachefs (loop4): shutdown complete [ 384.861030][ T8946] pim6reg99999999: entered allmulticast mode [ 385.103880][ T8952] netlink: 818 bytes leftover after parsing attributes in process `syz.2.1286'. [ 385.255727][ T8956] netlink: 'syz.1.1288': attribute type 2 has an invalid length. [ 385.263972][ T8956] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1288'. [ 385.439229][ T8950] loop0: detected capacity change from 0 to 4096 [ 385.467536][ T8950] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 385.702004][ T8950] ntfs3(loop0): ino=1a, mi_enum_attr [ 385.710426][ T8950] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 385.769649][ T8950] ntfs3(loop0): ino=1a, mi_enum_attr [ 385.775461][ T8950] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 386.214716][ T8970] usb usb5: usbfs: process 8970 (syz.2.1295) did not claim interface 0 before use [ 387.447684][ T5828] Bluetooth: hci3: Dropping invalid advertising data [ 387.457452][ T5828] Bluetooth: hci3: Malformed LE Event: 0x02 [ 389.163579][ T9007] loop4: detected capacity change from 0 to 40427 [ 389.196805][ T9007] F2FS-fs (loop4): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288) [ 389.207484][ T9007] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 389.217950][ T9007] F2FS-fs (loop4): Image doesn't support compression [ 389.230143][ T9007] F2FS-fs (loop4): build fault injection rate: 690 [ 389.237084][ T9007] F2FS-fs (loop4): build fault injection type: 0x35f7 [ 389.246826][ T9007] F2FS-fs (loop4): invalid crc value [ 389.510882][ T9007] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 389.565057][ T9007] F2FS-fs (loop4): Start checkpoint disabled! [ 389.607666][ T9007] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 389.615509][ T9007] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 389.798870][ T9027] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1319'. [ 389.902839][ T9031] loop2: detected capacity change from 0 to 256 [ 389.987491][ T9031] exfat: Deprecated parameter 'utf8' [ 390.120767][ T9031] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 390.285503][ T9033] loop3: detected capacity change from 0 to 1764 [ 390.477123][ T24] IPVS: starting estimator thread 0... [ 390.568674][ T9039] IPVS: using max 240 ests per chain, 12000 per kthread [ 391.177342][ T9047] loop3: detected capacity change from 0 to 2048 [ 391.257137][ T9051] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 391.295949][ T9052] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1331'. [ 391.650043][ T9056] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1333'. [ 392.008744][ T9058] loop4: detected capacity change from 0 to 1024 [ 392.213350][ T9064] loop0: detected capacity change from 0 to 512 [ 392.322682][ T3632] hfsplus: b-tree write err: -5, ino 4 [ 392.419454][ T9064] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 392.430368][ T9064] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 392.440849][ T9064] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1336: Failed to acquire dquot type 1 [ 392.470431][ T9064] EXT4-fs (loop0): 1 truncate cleaned up [ 392.478223][ T9064] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 392.491339][ T9064] ext4 filesystem being mounted at /269/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 392.673066][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.700493][ T9079] netlink: 766 bytes leftover after parsing attributes in process `syz.4.1339'. [ 393.851985][ T9090] loop4: detected capacity change from 0 to 4096 [ 393.891419][ T9096] netlink: 'syz.2.1349': attribute type 5 has an invalid length. [ 395.607409][ T9116] loop4: detected capacity change from 0 to 32768 [ 395.725153][ T9116] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow [ 395.725262][ T9116] allowing incompatible features above 0.0: (unknown version) [ 395.725339][ T9116] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 395.767464][ T9116] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 395.780665][ T9116] bcachefs (loop4): initializing new filesystem [ 395.800850][ T9116] bcachefs (loop4): going read-write [ 395.843145][ T9116] bcachefs (loop4): marking superblocks [ 395.908959][ T9116] bcachefs (loop4): initializing freespace [ 395.941430][ T9116] bcachefs (loop4): done initializing freespace [ 395.967416][ T9116] bcachefs (loop4): reading snapshots table [ 395.973663][ T9116] bcachefs (loop4): reading snapshots done [ 396.099577][ T9116] bcachefs (loop4): loop4: Superblock write was silently dropped! (seq 0 expected 42) [ 396.148253][ T9116] bcachefs (loop4): done starting filesystem [ 396.431100][ T5829] bcachefs (loop4): shutting down [ 396.437084][ T5829] bcachefs (loop4): going read-only [ 396.442466][ T5829] bcachefs (loop4): finished waiting for writes to stop [ 396.486948][ T5829] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2 [ 396.760872][ T5829] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3 [ 396.790361][ T5829] bcachefs (loop4): clean shutdown complete, journal seq 4 [ 396.845827][ T5829] bcachefs (loop4): marking filesystem clean [ 396.947020][ T5829] bcachefs (loop4): shutdown complete [ 397.136056][ T9158] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1375'. [ 397.409733][ T9163] ip6gre1: entered promiscuous mode [ 397.533818][ T9165] loop3: detected capacity change from 0 to 256 [ 397.538762][ T9161] loop0: detected capacity change from 0 to 4096 [ 397.639610][ T9168] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 397.672536][ T9165] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 397.710938][ T9165] exFAT-fs (loop3): error, data size is invalid(9000) [ 397.718125][ T9165] exFAT-fs (loop3): Filesystem has been set read-only [ 398.140397][ T4294] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 398.577143][ T9178] loop2: detected capacity change from 0 to 64 [ 398.664978][ T9178] hfs: unable to locate alternate MDB [ 398.670671][ T9178] hfs: continuing without an alternate MDB [ 398.741873][ T9174] loop3: detected capacity change from 0 to 32768 [ 398.825918][ T9174] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,background_compression=zstd,nochanges,read_only,no_data_io [ 398.826045][ T9174] allowing incompatible features above 0.0: (unknown version) [ 398.826116][ T9174] features: lz4 [ 398.862373][ T9174] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0 [ 398.871260][ T9174] bcachefs (loop3): superblock marked clean but clean section not present, fixing [ 398.881230][ T9174] bcachefs (loop3): error in recovery: invalid_sb_clean [ 398.881302][ T9174] emergency read only at seq 0 [ 398.893533][ T9174] bcachefs (loop3): bch2_fs_start(): error starting filesystem invalid_sb_clean [ 398.902797][ T9174] bcachefs (loop3): shutting down [ 398.925857][ T9174] bcachefs (loop3): shutdown complete [ 398.942192][ T9182] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. leaving read-only. [ 399.314158][ T9188] tmpfs: Cannot disable swap on remount [ 399.578821][ T9174] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean [ 399.791350][ T9194] loop2: detected capacity change from 0 to 256 [ 400.775826][ T9200] loop3: detected capacity change from 0 to 4096 [ 401.124181][ T9200] ntfs3(loop3): ino=b, mi_enum_attr [ 401.133179][ T9200] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 401.180144][ T9200] ntfs3(loop3): Failed to load $Extend (-22). [ 401.190975][ T9200] ntfs3(loop3): Failed to initialize $Extend. [ 401.299829][ T9200] ntfs3(loop3): ino=5, "/" ntfs_readdir [ 401.624114][ T9221] loop4: detected capacity change from 0 to 1024 [ 401.741670][ T9221] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 401.754448][ T9221] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 402.099023][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 402.661982][ T9246] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096 [ 402.761364][ T9247] loop3: detected capacity change from 0 to 1024 [ 403.140168][ T73] hfsplus: b-tree write err: -5, ino 4 [ 403.539403][ T9267] loop2: detected capacity change from 0 to 256 [ 403.571835][ T9267] exfat: Deprecated parameter 'namecase' [ 403.578423][ T9267] exfat: Deprecated parameter 'utf8' [ 403.716980][ T9267] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d) [ 403.809578][ T9272] loop4: detected capacity change from 0 to 128 [ 403.972936][ T9272] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 404.007015][ T9272] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 404.780733][ T9292] mac80211_hwsim hwsim11 wlan1: entered promiscuous mode [ 404.808016][ T9292] team0: Port device wlan1 added [ 405.026013][ T9298] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 405.314679][ T5878] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 405.507068][ T5878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 405.518432][ T5878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 405.528529][ T5878] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 405.537867][ T5878] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.629967][ T5878] usb 1-1: config 0 descriptor?? [ 405.991643][ T9317] loop3: detected capacity change from 0 to 256 [ 406.061014][ T9317] exfat: Deprecated parameter 'utf8' [ 406.141029][ T5878] elan 0003:04F3:0755.000E: failed to start in urb: -90 [ 406.172109][ T5878] elan 0003:04F3:0755.000E: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0 [ 406.199237][ T9319] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1449'. [ 406.248783][ T9317] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 406.311991][ T5878] usb 1-1: USB disconnect, device number 5 [ 406.650404][ T9327] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1453'. [ 406.764562][ T9331] tipc: Enabling of bearer rejected, failed to enable media [ 406.849292][ T9333] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1456'. [ 407.079994][ T9335] loop2: detected capacity change from 0 to 2048 [ 407.091803][ T9335] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 407.101789][ T9335] NILFS (loop2): too large filesystem blocksize: 2 ^ 347668480 KiB [ 407.473284][ T9345] loop2: detected capacity change from 0 to 1024 [ 407.538615][ T9345] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 407.853933][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 408.065243][ T5878] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 408.281873][ T5878] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 408.293824][ T5878] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 408.304044][ T5878] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 408.313359][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.356203][ T9357] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 408.383178][ T5878] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 408.637978][ T5878] usb 4-1: USB disconnect, device number 7 [ 408.949988][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 408.957231][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 409.145701][ T9371] loop0: detected capacity change from 0 to 4096 [ 409.483118][ T9377] loop4: detected capacity change from 0 to 40427 [ 409.513807][ T9377] F2FS-fs (loop4): build fault injection rate: 14 [ 409.520531][ T9377] F2FS-fs (loop4): build fault injection type: 0x0 [ 409.576007][ T9377] F2FS-fs (loop4): invalid crc value [ 409.832034][ T9377] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 409.842732][ T9377] F2FS-fs (loop4): Start checkpoint disabled! [ 409.856797][ T9377] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 410.468784][ T9389] loop0: detected capacity change from 0 to 512 [ 410.494953][ T9389] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 410.528740][ T24] usb 3-1: new full-speed USB device number 10 using dummy_hcd [ 410.634538][ T9389] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 410.645401][ T9389] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 410.655691][ T9389] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1479: Failed to acquire dquot type 1 [ 410.738694][ T24] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 410.741776][ T9389] EXT4-fs (loop0): 1 truncate cleaned up [ 410.748207][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 410.755745][ T9389] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 410.764503][ T24] usb 3-1: Product: syz [ 410.778606][ T24] usb 3-1: Manufacturer: syz [ 410.783362][ T24] usb 3-1: SerialNumber: syz [ 410.897467][ T24] usb 3-1: config 0 descriptor?? [ 410.959086][ T9389] Quota error (device loop0): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 410.970071][ T9389] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 410.980358][ T9389] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1479: Failed to acquire dquot type 1 [ 411.174769][ T24] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 411.336637][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.550480][ T24] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 411.579499][ T24] usb 3-1: USB disconnect, device number 10 [ 413.037350][ T9423] netlink: 'syz.3.1495': attribute type 2 has an invalid length. [ 413.554645][ T5878] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 413.755289][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 413.767163][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 413.777666][ T5878] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 413.787086][ T5878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.977854][ T5878] usb 2-1: config 0 descriptor?? [ 414.020947][ T9439] sch_tbf: burst 0 is lower than device veth1_virt_wifi mtu (1514) ! [ 414.273673][ T9433] loop3: detected capacity change from 0 to 40427 [ 414.290572][ T9433] F2FS-fs (loop3): FLUSH_MERGE not compatible with readonly mode [ 414.421131][ T5878] pyra 0003:1E7D:2CF6.000F: item fetching failed at offset 5/7 [ 414.510981][ T5878] pyra 0003:1E7D:2CF6.000F: parse failed [ 414.523527][ T5878] pyra 0003:1E7D:2CF6.000F: probe with driver pyra failed with error -22 [ 414.685982][ T5878] usb 2-1: USB disconnect, device number 6 [ 414.916762][ T9447] syz.2.1508 (9447): drop_caches: 4 [ 415.017363][ T9449] [U] „ [ 415.251388][ T9454] loop3: detected capacity change from 0 to 8 [ 416.794979][ T9484] loop0: detected capacity change from 0 to 256 [ 417.102753][ T9482] loop4: detected capacity change from 0 to 32768 [ 417.127016][ T9482] (syz.4.1524,9482,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 417.141370][ T9482] (syz.4.1524,9482,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 417.205154][ T9482] JBD2: Ignoring recovery information on journal [ 417.259611][ T9482] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 417.396025][ T5829] ocfs2: Unmounting device (7,4) on (node local) [ 417.438395][ T9484] FAT-fs (loop0): Directory bread(block 64) failed [ 417.450038][ T9484] FAT-fs (loop0): Directory bread(block 65) failed [ 417.459133][ T9484] FAT-fs (loop0): Directory bread(block 66) failed [ 417.466290][ T9484] FAT-fs (loop0): Directory bread(block 67) failed [ 417.473179][ T9484] FAT-fs (loop0): Directory bread(block 68) failed [ 417.485096][ T9484] FAT-fs (loop0): Directory bread(block 69) failed [ 417.495383][ T9484] FAT-fs (loop0): Directory bread(block 70) failed [ 417.502090][ T9484] FAT-fs (loop0): Directory bread(block 71) failed [ 417.512640][ T9484] FAT-fs (loop0): Directory bread(block 72) failed [ 417.521967][ T9484] FAT-fs (loop0): Directory bread(block 73) failed [ 417.756851][ T9499] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1532'. [ 418.748853][ T9517] input input12: cannot allocate more than FF_MAX_EFFECTS effects [ 420.261376][ T9533] loop0: detected capacity change from 0 to 40427 [ 420.273782][ T9533] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 420.281873][ T9533] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 420.390777][ T9533] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 420.650400][ T9533] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 420.680281][ T9533] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 420.687707][ T9533] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 422.065025][ T9557] loop4: detected capacity change from 0 to 32768 [ 422.190050][ T9557] XFS (loop4): Mounting V5 filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d in no-recovery mode. Filesystem will be inconsistent. [ 422.282910][ T30] audit: type=1326 audit(1759086958.450:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9566 comm="syz.1.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73b6f8eec9 code=0x7ffc0000 [ 422.309720][ T30] audit: type=1326 audit(1759086958.450:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9566 comm="syz.1.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73b6f8eec9 code=0x7ffc0000 [ 422.375291][ T5829] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 422.418191][ T30] audit: type=1326 audit(1759086958.570:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9566 comm="syz.1.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f73b6f8eec9 code=0x7ffc0000 [ 422.441504][ T30] audit: type=1326 audit(1759086958.570:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9566 comm="syz.1.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73b6f8eec9 code=0x7ffc0000 [ 422.464100][ T30] audit: type=1326 audit(1759086958.570:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9566 comm="syz.1.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73b6f8eec9 code=0x7ffc0000 [ 422.487402][ T30] audit: type=1326 audit(1759086958.630:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9566 comm="syz.1.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f73b6f8eec9 code=0x7ffc0000 [ 422.512859][ T30] audit: type=1326 audit(1759086958.630:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9566 comm="syz.1.1560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73b6f8eec9 code=0x7ffc0000 [ 422.791005][ T9578] sch_tbf: burst 0 is lower than device macvtap0 mtu (1514) ! [ 423.150303][ T24] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 423.324519][ T24] usb 2-1: Using ep0 maxpacket: 8 [ 423.337661][ T9588] loop2: detected capacity change from 0 to 64 [ 423.396546][ T24] usb 2-1: unable to get BOS descriptor or descriptor too short [ 423.419215][ T24] usb 2-1: config 4 has an invalid interface number: 30 but max is 0 [ 423.430769][ T24] usb 2-1: config 4 has no interface number 0 [ 423.442999][ T24] usb 2-1: config 4 interface 30 has no altsetting 0 [ 423.499540][ T24] usb 2-1: string descriptor 0 read error: -22 [ 423.506534][ T24] usb 2-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=ff.88 [ 423.515967][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 423.579557][ T24] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state. [ 423.589645][ T24] dw2102: su3000_power_ctrl: 1, initialized 0 [ 423.598424][ T24] dvb-usb: bulk message failed: -22 (2/0) [ 423.618248][ T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 423.671102][ T24] dvbdev: DVB: registering new adapter (TeVii S482 (tuner 2)) [ 423.681734][ T24] usb 2-1: media controller created [ 423.689655][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 423.695651][ T24] dw2102: i2c transfer failed. [ 423.700538][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 423.708950][ T24] dw2102: i2c transfer failed. [ 423.713840][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 423.722509][ T24] dw2102: i2c transfer failed. [ 423.728866][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 423.741565][ T24] dw2102: i2c transfer failed. [ 423.750146][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 423.756232][ T24] dw2102: i2c transfer failed. [ 423.767425][ T24] dvb-usb: bulk message failed: -22 (6/0) [ 423.773392][ T24] dw2102: i2c transfer failed. [ 423.783119][ T24] dvb-usb: MAC address: 02:02:02:02:02:02 [ 423.845264][ T9582] dw2102: i2c wr: len=66 is too big! [ 423.845264][ T9582] [ 424.039432][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 424.305494][ T24] dvb-usb: bulk message failed: -22 (3/0) [ 424.311394][ T24] dw2102: command 0x0e transfer failed. [ 424.324394][ T24] dvb-usb: bulk message failed: -22 (3/0) [ 424.334138][ T24] dw2102: command 0x0e transfer failed. [ 424.598082][ T9606] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1576'. [ 424.665420][ T24] dvb-usb: bulk message failed: -22 (3/0) [ 424.671438][ T24] dw2102: command 0x0e transfer failed. [ 424.682270][ T24] dvb-usb: bulk message failed: -22 (3/0) [ 424.687821][ T9609] loop4: detected capacity change from 0 to 64 [ 424.688282][ T24] dw2102: command 0x0e transfer failed. [ 424.697033][ T9610] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1577'. [ 424.700321][ T24] dvb-usb: bulk message failed: -22 (1/0) [ 424.720118][ T24] dw2102: command 0x51 transfer failed. [ 424.725994][ T24] dvb-usb: bulk message failed: -22 (5/0) [ 424.731871][ T24] dw2102: i2c probe for address 0x68 failed. [ 424.742855][ T24] dvb-usb: bulk message failed: -22 (5/0) [ 424.748869][ T24] dw2102: i2c probe for address 0x69 failed. [ 424.759630][ T24] dvb-usb: bulk message failed: -22 (5/0) [ 424.771437][ T24] dw2102: i2c probe for address 0x6a failed. [ 424.777830][ T24] dw2102: probing for demodulator failed. Is the external power switched on? [ 424.787020][ T24] dvb-usb: no frontend was attached by 'TeVii S482 (tuner 2)' [ 425.404828][ T24] rc_core: IR keymap rc-tt-1500 not found [ 425.410824][ T24] Registered IR keymap rc-empty [ 425.417919][ T24] rc rc0: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0 [ 425.436753][ T24] input: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input13 [ 425.550168][ T24] dvb-usb: schedule remote query interval to 250 msecs. [ 425.561923][ T24] dw2102: su3000_power_ctrl: 0, initialized 1 [ 425.568303][ T24] dvb-usb: TeVii S482 (tuner 2) successfully initialized and connected. [ 425.590282][ T24] usb 2-1: USB disconnect, device number 7 [ 425.903012][ T24] dvb-usb: TeVii S482 (tuner 2) successfully deinitialized and disconnected. [ 427.845027][ T9652] loop4: detected capacity change from 0 to 32768 [ 428.116017][ T9661] loop0: detected capacity change from 0 to 40427 [ 428.155808][ T3632] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 428.163978][ T3632] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 428.176387][ T9661] F2FS-fs (loop0): build fault injection rate: 0 [ 428.185264][ T5878] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 428.194415][ T9661] F2FS-fs (loop0): invalid crc value [ 428.201218][ T9652] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section journal: journal bucket 18446744073709549560 past end of device (nbuckets 128) [ 428.201218][ T9652] journal (size 40): [ 428.201218][ T9652] Buckets: 18446744073709549560 7 24 1 [ 428.201218][ T9652] [ 428.237909][ T9652] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal [ 428.239470][ T5870] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 428.946230][ T9661] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 428.962935][ T9661] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 429.163312][ T5870] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 429.261556][ T67] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 430.687911][ T30] audit: type=1800 audit(1759086966.840:45): pid=9699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1618" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 430.702288][ T9694] loop2: detected capacity change from 0 to 4096 [ 430.850850][ T9701] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 431.119922][ T9696] loop3: detected capacity change from 0 to 4096 [ 431.173779][ T9696] ntfs3(loop3): ino=3, Correct links count -> 2. [ 431.530013][ T9696] ntfs3(loop3): ino=1a, mi_enum_attr [ 431.536014][ T9696] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 431.688057][ T9696] ntfs3(loop3): failed to convert "0000" to iso8859-9 [ 431.701515][ T9696] ntfs3(loop3): failed to convert name for inode 1e. [ 431.703030][ T9696] ntfs3(loop3): ino=1f, mi_enum_attr [ 431.793661][ T9716] netlink: 240 bytes leftover after parsing attributes in process `syz.1.1625'. [ 431.793769][ T9716] NCSI netlink: No device for ifindex 1024 [ 432.194855][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 432.731206][ T9734] comedi comedi3: 8255: I/O port conflict (0xc,4) [ 432.738255][ T9734] comedi comedi3: 8255: I/O port conflict (0x3,4) [ 432.752805][ T9734] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 432.762871][ T9734] comedi comedi3: 8255: I/O port conflict (0xf,4) [ 432.770928][ T9734] comedi comedi3: 8255: I/O port conflict (0x800007,4) [ 432.780633][ T9734] comedi comedi3: 8255: I/O port conflict (0xa,4) [ 432.789808][ T9734] comedi comedi3: 8255: I/O port conflict (0x9,4) [ 432.796632][ T9734] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 432.803288][ T9734] comedi comedi3: 8255: I/O port conflict (0xffffffff80000001,4) [ 432.813780][ T9734] comedi comedi3: 8255: I/O port conflict (0xffffffffffffbffd,4) [ 432.824414][ T9734] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 432.892682][ T9739] netlink: 'syz.2.1636': attribute type 6 has an invalid length. [ 432.901333][ T9739] netlink: 'syz.2.1636': attribute type 3 has an invalid length. [ 432.909459][ T9739] netlink: 153952 bytes leftover after parsing attributes in process `syz.2.1636'. [ 432.935385][ T9740] loop4: detected capacity change from 0 to 256 [ 433.107030][ T9740] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 433.229369][ T30] audit: type=1800 audit(1759086969.410:46): pid=9740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1637" name="file1" dev="loop4" ino=1048704 res=0 errno=0 [ 433.594663][ T5870] usb 3-1: new full-speed USB device number 11 using dummy_hcd [ 433.687650][ T9754] loop3: detected capacity change from 0 to 512 [ 433.783098][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 433.794657][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 433.805495][ T5870] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 433.815319][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.832007][ T5870] usb 3-1: config 0 descriptor?? [ 433.839940][ T9754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 433.853552][ T9754] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 433.874535][ T5870] hub 3-1:0.0: USB hub found [ 434.083088][ T5870] hub 3-1:0.0: 2 ports detected [ 434.334045][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 434.536842][ T5870] usb 3-1: USB disconnect, device number 11 [ 434.572927][ T9765] netlink: 'syz.3.1648': attribute type 4 has an invalid length. [ 435.675977][ T9790] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1660'. [ 435.677790][ T9788] loop4: detected capacity change from 0 to 2048 [ 435.745948][ T9788] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 435.758624][ T9788] NILFS (loop4): mounting unchecked fs [ 435.924152][ T9788] NILFS (loop4): recovery complete [ 435.950370][ T9787] loop2: detected capacity change from 0 to 4096 [ 435.998250][ T9797] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 436.030057][ T9787] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 436.351351][ T9787] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 436.397264][ T9787] ntfs3(loop2): Failed to initialize $Extend/$Reparse. [ 436.573145][ T9805] ntfs3(loop2): ino=1b, mi_enum_attr [ 436.973262][ T9807] loop0: detected capacity change from 0 to 256 [ 437.468497][ T9807] FAT-fs (loop0): Directory bread(block 64) failed [ 437.475618][ T9807] FAT-fs (loop0): Directory bread(block 65) failed [ 437.482568][ T9807] FAT-fs (loop0): Directory bread(block 66) failed [ 437.489600][ T9807] FAT-fs (loop0): Directory bread(block 67) failed [ 437.496639][ T9807] FAT-fs (loop0): Directory bread(block 68) failed [ 437.503332][ T9807] FAT-fs (loop0): Directory bread(block 69) failed [ 437.510451][ T9807] FAT-fs (loop0): Directory bread(block 70) failed [ 437.517271][ T9807] FAT-fs (loop0): Directory bread(block 71) failed [ 437.524107][ T9807] FAT-fs (loop0): Directory bread(block 72) failed [ 437.531003][ T9807] FAT-fs (loop0): Directory bread(block 73) failed [ 437.940550][ T9815] xt_policy: too many policy elements [ 438.548071][ T9823] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1674'. [ 438.632435][ T9825] loop4: detected capacity change from 0 to 512 [ 438.815093][ T9825] EXT4-fs warning (device loop4): dx_probe:861: inode #2: comm syz.4.1675: dx entry: limit 0 != root limit 125 [ 438.827961][ T9825] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.1675: Corrupt directory, running e2fsck is recommended [ 438.954643][ T9825] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 439.012499][ T9825] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.1675: corrupted in-inode xattr: invalid ea_ino [ 439.064127][ T9825] EXT4-fs (loop4): Remounting filesystem read-only [ 439.073014][ T9825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 439.207281][ T9825] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 439.418042][ T5829] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 440.180962][ T9852] raw_sendmsg: syz.2.1688 forgot to set AF_INET. Fix it! [ 440.235408][ T9853] loop4: detected capacity change from 0 to 256 [ 440.914727][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 441.386291][ T9874] /dev/nullb0: Can't open blockdev [ 441.860151][ T9882] loop2: detected capacity change from 0 to 256 [ 441.915534][ T9882] exfat: Deprecated parameter 'utf8' [ 441.921043][ T9882] exfat: Deprecated parameter 'utf8' [ 441.931756][ T9882] exfat: Deprecated parameter 'utf8' [ 442.114593][ T9882] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d) [ 442.231188][ T9882] overlay: filesystem on ./file0 not supported [ 442.680421][ T24] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 442.845189][ T9897] loop3: detected capacity change from 0 to 1024 [ 442.868039][ T9897] EXT4-fs: Ignoring removed mblk_io_submit option [ 442.895963][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 442.906382][ T24] usb 2-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00 [ 442.921219][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.931881][ T9897] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 442.994480][ T24] usb 2-1: config 0 descriptor?? [ 443.009885][ T9897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 443.236236][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.347035][ T9906] loop0: detected capacity change from 0 to 2048 [ 443.401679][ T9906] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 443.454108][ T9911] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1713'. [ 443.465307][ T24] lenovo 0003:17EF:6047.0010: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.1-1/input0 [ 443.643094][ T24] lenovo 0003:17EF:6047.0010: Failed to switch F7/9/11 mode: -71 [ 443.685031][ T24] lenovo 0003:17EF:6047.0010: Failed to switch middle button: -71 [ 443.741157][ T24] lenovo 0003:17EF:6047.0010: Fn-lock setting failed: -71 [ 443.776031][ T24] lenovo 0003:17EF:6047.0010: Sensitivity setting failed: -71 [ 443.835117][ T24] usb 2-1: USB disconnect, device number 8 [ 444.055924][ T9918] bridge0: entered promiscuous mode [ 444.067667][ T9918] bridge0: port 3(macvlan2) entered blocking state [ 444.074705][ T9918] bridge0: port 3(macvlan2) entered disabled state [ 444.081860][ T9918] macvlan2: entered allmulticast mode [ 444.087600][ T9918] bridge0: entered allmulticast mode [ 444.132876][ T30] audit: type=1326 audit(1759086980.310:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfe558eec9 code=0x7ffc0000 [ 444.137009][ T9918] macvlan2: left allmulticast mode [ 444.161184][ T9918] bridge0: left allmulticast mode [ 444.168024][ T9918] bridge0: left promiscuous mode [ 444.205953][ T30] audit: type=1326 audit(1759086980.350:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcfe558eec9 code=0x7ffc0000 [ 444.228228][ C1] vkms_vblank_simulate: vblank timer overrun [ 444.242324][ T30] audit: type=1326 audit(1759086980.390:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfe558eec9 code=0x7ffc0000 [ 444.269747][ T30] audit: type=1326 audit(1759086980.390:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9919 comm="syz.0.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfe558eec9 code=0x7ffc0000 [ 444.292098][ C1] vkms_vblank_simulate: vblank timer overrun [ 444.431624][ T9922] loop2: detected capacity change from 0 to 4096 [ 445.252792][ T9938] loop3: detected capacity change from 0 to 64 [ 445.374568][ T9938] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 446.170537][ T9957] loop0: detected capacity change from 0 to 128 [ 446.363740][ T9961] loop3: detected capacity change from 0 to 1024 [ 446.670055][ T5878] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 446.835363][ T5878] usb 2-1: Using ep0 maxpacket: 16 [ 446.875475][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 446.886883][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 446.896939][ T5878] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 446.910185][ T5878] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 446.919596][ T5878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.082138][ T5878] usb 2-1: config 0 descriptor?? [ 447.169744][ T9980] netlink: 642 bytes leftover after parsing attributes in process `syz.2.1742'. [ 447.571182][ T5878] shield 0003:0955:7214.0011: item fetching failed at offset 4/5 [ 447.608717][ T5878] shield 0003:0955:7214.0011: Parse failed [ 447.615573][ T5878] shield 0003:0955:7214.0011: probe with driver shield failed with error -22 [ 447.816541][ T24] usb 2-1: USB disconnect, device number 9 [ 448.011700][ T9986] loop4: detected capacity change from 0 to 4096 [ 448.211678][ T9986] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 448.376466][ T9986] ntfs3(loop4): Failed to load $Extend (-22). [ 448.382742][ T9986] ntfs3(loop4): Failed to initialize $Extend. [ 448.451254][T10002] loop2: detected capacity change from 0 to 64 [ 448.655807][T10004] netlink: 3 bytes leftover after parsing attributes in process `syz.0.1753'. [ 448.997145][T10008] loop3: detected capacity change from 0 to 1764 [ 449.325259][ T5878] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 449.540991][ T5878] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 449.552361][ T5878] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 449.562604][ T5878] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 449.571919][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 449.622602][ T5878] usb 5-1: config 0 descriptor?? [ 449.790648][T10027] bridge: RTM_NEWNEIGH with unconfigured vlan 3 on bridge0 [ 449.810643][T10029] netlink: 'syz.0.1764': attribute type 31 has an invalid length. [ 450.078037][ T5878] cp2112 0003:10C4:EA90.0012: ignoring exceeding usage max [ 450.094677][ T5878] cp2112 0003:10C4:EA90.0012: item fetching failed at offset 5/7 [ 450.161356][ T5878] cp2112 0003:10C4:EA90.0012: parse failed [ 450.178869][ T5878] cp2112 0003:10C4:EA90.0012: probe with driver cp2112 failed with error -22 [ 450.289004][ T5878] usb 5-1: USB disconnect, device number 7 [ 450.383471][T10036] loop2: detected capacity change from 0 to 512 [ 450.406987][ T30] audit: type=1326 audit(1759086986.580:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10037 comm="syz.3.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce518eec9 code=0x7ffc0000 [ 450.504719][ T30] audit: type=1326 audit(1759086986.630:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10037 comm="syz.3.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce518eec9 code=0x7ffc0000 [ 450.515306][T10036] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.1767: bad orphan inode 11862016 [ 450.532327][ T30] audit: type=1326 audit(1759086986.640:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10037 comm="syz.3.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fcce518eec9 code=0x7ffc0000 [ 450.567968][ T30] audit: type=1326 audit(1759086986.640:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10037 comm="syz.3.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce518eec9 code=0x7ffc0000 [ 450.593822][ T30] audit: type=1326 audit(1759086986.640:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10037 comm="syz.3.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce518eec9 code=0x7ffc0000 [ 450.621634][ T30] audit: type=1326 audit(1759086986.650:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10037 comm="syz.3.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fcce518eec9 code=0x7ffc0000 [ 450.653385][ T30] audit: type=1326 audit(1759086986.650:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10037 comm="syz.3.1769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcce518eec9 code=0x7ffc0000 [ 450.686564][T10036] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 450.699689][T10036] ext4 filesystem being mounted at /351/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 451.180868][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 451.248883][T10054] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1775'. [ 451.424410][T10059] loop2: detected capacity change from 0 to 64 [ 453.503365][T10091] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bond, syncid = 0, id = 0 [ 454.462499][T10113] loop2: detected capacity change from 0 to 64 [ 454.489101][T10114] IPVS: sync thread started: state = BACKUP, mcast_ifn = bridge0, syncid = 0, id = 0 [ 455.604108][T10117] loop4: detected capacity change from 0 to 32768 [ 455.667063][T10117] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 455.739383][T10117] XFS (loop4): Internal error !uuid_equal(&mp->m_sb.sb_uuid, &head->h_fs_uuid) at line 254 of file fs/xfs/xfs_log_recover.c. Caller xlog_header_check_mount+0x17b/0x1d0 [ 455.760659][T10117] CPU: 1 UID: 0 PID: 10117 Comm: syz.4.1804 Not tainted syzkaller #0 PREEMPT(none) [ 455.760806][T10117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 455.760892][T10117] Call Trace: [ 455.760947][T10117] [ 455.760992][T10117] __dump_stack+0x26/0x30 [ 455.761153][T10117] dump_stack_lvl+0x1df/0x270 [ 455.761322][T10117] dump_stack+0x1e/0x25 [ 455.761466][T10117] xfs_corruption_error+0x28b/0x2a0 [ 455.761634][T10117] xlog_header_check_mount+0x1ae/0x1d0 [ 455.761777][T10117] ? xlog_header_check_mount+0x17b/0x1d0 [ 455.761921][T10117] xlog_find_verify_log_record+0x7a5/0xc90 [ 455.762106][T10117] xlog_find_zeroed+0x7fb/0x940 [ 455.762276][T10117] xlog_find_head+0xc7/0x1460 [ 455.762403][T10117] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 455.762555][T10117] ? xlog_find_tail+0xbd/0x1a50 [ 455.762688][T10117] xlog_find_tail+0xda/0x1a50 [ 455.762815][T10117] ? stack_depot_save_flags+0x35/0x7b0 [ 455.762942][T10117] ? kmsan_get_metadata+0xfb/0x160 [ 455.763088][T10117] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 455.763240][T10117] ? xfs_log_mount+0x4da/0x880 [ 455.763401][T10117] xlog_recover+0x6d/0x7f0 [ 455.763519][T10117] ? kmsan_get_metadata+0xfb/0x160 [ 455.763659][T10117] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 455.763824][T10117] xfs_log_mount+0x4da/0x880 [ 455.763996][T10117] xfs_mountfs+0x1599/0x2db0 [ 455.764151][T10117] xfs_fs_fill_super+0x2639/0x2c10 [ 455.764347][T10117] get_tree_bdev_flags+0x6e3/0x920 [ 455.764504][T10117] ? __pfx_xfs_fs_fill_super+0x10/0x10 [ 455.764671][T10117] ? __pfx_xfs_fs_fill_super+0x10/0x10 [ 455.764829][T10117] ? __pfx_xfs_fs_get_tree+0x10/0x10 [ 455.764990][T10117] get_tree_bdev+0x38/0x50 [ 455.765133][T10117] xfs_fs_get_tree+0x35/0x40 [ 455.765295][T10117] vfs_get_tree+0xb0/0x5c0 [ 455.765437][T10117] ? mount_capable+0x99/0x100 [ 455.765571][T10117] do_new_mount+0x733/0x1420 [ 455.765713][T10117] ? apparmor_capable+0x32d/0x410 [ 455.765876][T10117] ? kmsan_get_metadata+0xfb/0x160 [ 455.766040][T10117] path_mount+0x6db/0x1e90 [ 455.766189][T10117] ? user_path_at+0x32d/0x3d0 [ 455.766339][T10117] __se_sys_mount+0x6eb/0x7d0 [ 455.766493][T10117] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 455.766650][T10117] __x64_sys_mount+0xe4/0x150 [ 455.766818][T10117] x64_sys_call+0x3604/0x3e20 [ 455.766983][T10117] do_syscall_64+0xd9/0x210 [ 455.767106][T10117] ? irqentry_exit+0x16/0x60 [ 455.767264][T10117] ? clear_bhb_loop+0x40/0x90 [ 455.767404][T10117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.767550][T10117] RIP: 0033:0x7fd030d9066a [ 455.767653][T10117] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 455.767761][T10117] RSP: 002b:00007fd031cf7e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 455.767880][T10117] RAX: ffffffffffffffda RBX: 00007fd031cf7ef0 RCX: 00007fd030d9066a [ 455.767967][T10117] RDX: 0000200000009740 RSI: 0000200000000240 RDI: 00007fd031cf7eb0 [ 455.768051][T10117] RBP: 0000200000009740 R08: 00007fd031cf7ef0 R09: 0000000000000000 [ 455.768135][T10117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000240 [ 455.768216][T10117] R13: 00007fd031cf7eb0 R14: 0000000000009873 R15: 0000200000000280 [ 455.768339][T10117] [ 456.096438][T10117] XFS (loop4): Corruption detected. Unmount and run xfs_repair [ 456.104546][T10117] XFS (loop4): log has mismatched uuid - can't recover [ 456.111843][T10117] XFS (loop4): empty log check failed [ 456.122150][T10117] XFS (loop4): log mount/recovery failed: error -117 [ 456.129499][ T24] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 456.160580][T10117] XFS (loop4): log mount failed [ 456.699145][ T24] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 456.711601][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 456.723260][ T24] usb 4-1: Product: syz [ 456.730748][ T24] usb 4-1: Manufacturer: syz [ 456.738020][ T24] usb 4-1: SerialNumber: syz [ 457.564836][ C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 457.952653][T10149] loop4: detected capacity change from 0 to 32768 [ 457.970368][ T24] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -EPROTO [ 457.982847][ T24] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 457.995078][ T24] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 458.022468][ T24] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71 [ 458.051347][ T24] usb 4-1: USB disconnect, device number 8 [ 458.150014][T10149] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,background_compression=zstd,nochanges,recovery_pass_last=accounting_read,read_only,no_data_io [ 458.150150][T10149] allowing incompatible features above 0.0: (unknown version) [ 458.150222][T10149] features: lz4 [ 458.192175][T10149] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 458.201854][T10149] bcachefs (loop4): invalid journal entry, version=1.7: mi_btree_bitmap type=data_usage in superblock: invalid journal entry usage: bad size, fixing [ 458.223161][T10149] bcachefs (loop4): invalid journal entry, version=1.7: mi_btree_bitmap type=btree_keys in superblock: bad format 0, fixing [ 458.224933][ T5878] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 458.241278][T10149] bcachefs (loop4): invalid bkey in superblock btree=inodes level=0: u64s 4 type whiteout POS_MIN len 0 ver 141733920768: [ 458.241378][T10149] u64s too small (4 < 5), deleting [ 458.273022][T10149] bcachefs (loop4): invalid journal entry, version=1.7: mi_btree_bitmap type=btree_keys in superblock: k->u64s 0, fixing [ 458.291323][T10149] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 458.299524][T10149] bcachefs (loop4): feature new_extent_overwrite not set, filesystem no longer supported [ 458.309959][T10149] bcachefs (loop4): error in recovery: EINVAL [ 458.310027][T10149] emergency read only at seq 0 [ 458.326419][T10149] bcachefs (loop4): bch2_fs_start(): error starting filesystem EINVAL [ 458.334809][T10149] bcachefs (loop4): shutting down [ 458.369886][T10149] bcachefs (loop4): shutdown complete [ 458.540043][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 458.555661][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 458.567499][ T5878] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 458.580885][ T5878] usb 2-1: New USB device found, idVendor=6a6a, idProduct=49ee, bcdDevice= 0.09 [ 458.590299][ T5878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 458.791065][ T5878] usb 2-1: config 0 descriptor?? [ 458.989998][T10172] loop3: detected capacity change from 0 to 4096 [ 459.215674][T10149] bcachefs: bch2_fs_get_tree() error: EINVAL [ 459.344606][ T5878] hid-generic 0003:6A6A:49EE.0013: unbalanced collection at end of report description [ 459.430772][ T5878] hid-generic 0003:6A6A:49EE.0013: probe with driver hid-generic failed with error -22 [ 459.555867][ T5878] usb 2-1: USB disconnect, device number 10 [ 460.292127][ T4294] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 461.130409][T10206] netlink: 'syz.4.1840': attribute type 3 has an invalid length. [ 461.465681][T10213] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1844'. [ 461.557538][T10215] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1845'. [ 462.194090][T10219] loop4: detected capacity change from 0 to 4096 [ 462.253366][T10219] ntfs3(loop4): It is recommened to use chkdsk. [ 462.340311][T10219] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 462.349715][T10219] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 462.358833][T10219] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 462.367064][T10219] ntfs3(loop4): try to read out of volume at offset 0x3fffffc0c00 [ 462.375264][T10219] ntfs3(loop4): try to read out of volume at offset 0x3fffffc1c00 [ 462.383350][T10219] ntfs3(loop4): try to read out of volume at offset 0x3fffffc2c00 [ 462.391667][T10219] ntfs3(loop4): try to read out of volume at offset 0x3fffffc4c00 [ 462.399984][T10219] ntfs3(loop4): try to read out of volume at offset 0x3fffffc8c00 [ 462.408182][T10219] ntfs3(loop4): try to read out of volume at offset 0x3fffffd0c00 [ 463.613600][T10246] loop0: detected capacity change from 0 to 4096 [ 463.661954][T10248] loop4: detected capacity change from 0 to 2048 [ 463.776851][T10253] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 463.816050][T10248] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 463.839306][T10246] NILFS error (device loop0): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1 [ 463.898248][T10246] Remounting filesystem read-only [ 464.117924][T10259] Bluetooth: MGMT ver 1.23 [ 464.543267][T10270] ptrace attach of "./syz-executor exec"[5815] was attempted by "\x22"[10270] [ 465.161069][T10282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1876'. [ 465.211372][T10283] loop4: detected capacity change from 0 to 64 [ 465.729732][T10291] loop2: detected capacity change from 0 to 256 [ 465.850900][T10291] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 465.864394][T10291] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 465.983742][T10291] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff) [ 465.992158][T10291] exFAT-fs (loop2): Filesystem has been set read-only [ 466.142952][T10290] loop0: detected capacity change from 0 to 4096 [ 466.187023][T10290] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 466.279584][T10299] tipc: Enabling of bearer rejected, failed to enable media [ 466.719932][T10309] netlink: 'syz.4.1889': attribute type 2 has an invalid length. [ 466.746737][T10309] netlink: 'syz.4.1889': attribute type 2 has an invalid length. [ 467.201803][T10320] loop0: detected capacity change from 0 to 256 [ 467.234774][T10320] exfat: Deprecated parameter 'utf8' [ 467.378718][T10320] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 467.487715][T10324] rdma_op ffff888050dfd180 conn xmit_rdma 0000000000000000 [ 468.012802][T10335] loop4: detected capacity change from 0 to 64 [ 468.070567][T10335] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 468.082575][T10335] hfs: filesystem is marked locked, mounting read-only. [ 468.243991][T10338] loop3: detected capacity change from 0 to 1024 [ 468.302942][T10341] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1902'. [ 468.317268][T10341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1902'. [ 468.332128][T10338] EXT4-fs: Ignoring removed mblk_io_submit option [ 468.421739][T10338] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.450700][T10338] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.1900: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 468.472096][T10338] EXT4-fs (loop3): Remounting filesystem read-only [ 468.647096][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 469.155735][T10353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1908'. [ 469.165105][T10353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1908'. [ 469.188609][T10353] macvlan2: entered promiscuous mode [ 469.609850][T10351] loop2: detected capacity change from 0 to 32768 [ 469.638497][T10351] (syz.2.1905,10351,1):ocfs2_verify_volume:2303 ERROR: found superblock with bad version: found 64000.108, should be 0.90 [ 469.657301][T10351] (syz.2.1905,10351,1):ocfs2_verify_volume:2331 ERROR: status = -22 [ 469.665631][T10351] (syz.2.1905,10351,1):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 469.676934][T10351] (syz.2.1905,10351,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 470.378284][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 470.385141][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 470.672008][T10378] netlink: 4380 bytes leftover after parsing attributes in process `syz.0.1919'. [ 470.715569][T10378] netlink: 4380 bytes leftover after parsing attributes in process `syz.0.1919'. [ 471.222771][T10386] loop2: detected capacity change from 0 to 1024 [ 471.266747][T10386] EXT4-fs: Ignoring removed nomblk_io_submit option [ 471.305778][ T5828] Bluetooth: hci1: unexpected event for opcode 0x042e [ 471.410266][T10386] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 471.458631][T10394] loop4: detected capacity change from 0 to 1024 [ 471.491553][T10394] hfsplus: bad catalog entry type [ 471.558964][ T3816] hfsplus: b-tree write err: -5, ino 4 [ 471.770695][T10393] loop3: detected capacity change from 0 to 4096 [ 471.865328][ T5815] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.032033][T10407] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 472.032857][T10393] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 472.073600][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 472.106051][T10393] NILFS (loop3): mounting fs with errors [ 472.379174][T10411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1935'. [ 472.612381][T10417] nbd: must specify a size in bytes for the device [ 473.423466][T10431] loop4: detected capacity change from 0 to 256 [ 473.454440][T10431] exfat: Deprecated parameter 'utf8' [ 473.485297][T10431] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d) [ 473.741607][T10437] loop2: detected capacity change from 0 to 256 [ 473.842737][T10437] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 476.170771][ T24] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 476.238742][T10468] loop3: detected capacity change from 0 to 1024 [ 476.397044][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 476.413165][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 476.423635][ T24] usb 1-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00 [ 476.433080][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 476.516555][ T24] usb 1-1: config 0 descriptor?? [ 476.651669][ T3764] ===================================================== [ 476.659179][ T3764] BUG: KMSAN: uninit-value in hfsplus_cat_case_cmp_key+0xd9/0x190 [ 476.667515][ T3764] hfsplus_cat_case_cmp_key+0xd9/0x190 [ 476.677253][ T3764] hfs_find_rec_by_key+0xab/0x240 [ 476.682434][ T3764] __hfsplus_brec_find+0x274/0x840 [ 476.688831][ T3764] hfsplus_brec_find+0x4df/0x9f0 [ 476.693902][ T3764] hfsplus_brec_read+0x46/0x1f0 [ 476.699147][ T3764] hfsplus_find_cat+0xb5/0x4f0 [ 476.704066][ T3764] hfsplus_cat_write_inode+0x2ca/0xe20 [ 476.709801][ T3764] hfsplus_write_inode+0x178/0x960 [ 476.715175][ T3764] __writeback_single_inode+0x88f/0x1190 [ 476.720958][ T3764] writeback_sb_inodes+0xac1/0x1cb0 [ 476.726392][ T3764] wb_writeback+0x4ce/0xc00 [ 476.731023][ T3764] wb_workfn+0x397/0x1910 [ 476.735633][ T3764] process_scheduled_works+0xb91/0x1d80 [ 476.741437][ T3764] worker_thread+0xedf/0x1590 [ 476.746400][ T3764] kthread+0xd5c/0xf00 [ 476.750596][ T3764] ret_from_fork+0x233/0x380 [ 476.760138][ T3764] ret_from_fork_asm+0x1a/0x30 [ 476.765165][ T3764] [ 476.767544][ T3764] Uninit was created at: [ 476.775901][ T3764] __kmalloc_noprof+0x95f/0x1310 [ 476.781028][ T3764] hfsplus_find_init+0x90/0x1d0 [ 476.787374][ T3764] hfsplus_cat_write_inode+0x1a8/0xe20 [ 476.792997][ T3764] hfsplus_write_inode+0x178/0x960 [ 476.798343][ T3764] __writeback_single_inode+0x88f/0x1190 [ 476.804130][ T3764] writeback_sb_inodes+0xac1/0x1cb0 [ 476.809560][ T3764] wb_writeback+0x4ce/0xc00 [ 476.814423][ T3764] wb_workfn+0x397/0x1910 [ 476.819001][ T3764] process_scheduled_works+0xb91/0x1d80 [ 476.824891][ T3764] worker_thread+0xedf/0x1590 [ 476.829742][ T3764] kthread+0xd5c/0xf00 [ 476.833930][ T3764] ret_from_fork+0x233/0x380 [ 476.839331][ T3764] ret_from_fork_asm+0x1a/0x30 [ 476.844371][ T3764] [ 476.846781][ T3764] CPU: 0 UID: 0 PID: 3764 Comm: kworker/u8:15 Not tainted syzkaller #0 PREEMPT(none) [ 476.856557][ T3764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 476.866794][ T3764] Workqueue: writeback wb_workfn (flush-7:3) [ 476.872984][ T3764] ===================================================== [ 476.883973][ T3764] Disabling lock debugging due to kernel taint [ 476.891429][ T3764] Kernel panic - not syncing: kmsan.panic set ... [ 476.897961][ T3764] CPU: 0 UID: 0 PID: 3764 Comm: kworker/u8:15 Tainted: G B syzkaller #0 PREEMPT(none) [ 476.909237][ T3764] Tainted: [B]=BAD_PAGE [ 476.913464][ T3764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 476.923636][ T3764] Workqueue: writeback wb_workfn (flush-7:3) [ 476.929837][ T3764] Call Trace: [ 476.933188][ T3764] [ 476.936183][ T3764] __dump_stack+0x26/0x30 [ 476.940666][ T3764] dump_stack_lvl+0x53/0x270 [ 476.945392][ T3764] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 476.951348][ T3764] dump_stack+0x1e/0x25 [ 476.955730][ T3764] vpanic+0x361/0xc50 [ 476.959867][ T3764] panic+0x15d/0x160 [ 476.963946][ T3764] kmsan_report+0x31c/0x320 [ 476.968580][ T3764] ? __pfx_autoremove_wake_function+0x10/0x10 [ 476.974798][ T3764] ? __msan_warning+0x1b/0x30 [ 476.979596][ T3764] ? hfsplus_cat_case_cmp_key+0xd9/0x190 [ 476.985388][ T3764] ? hfs_find_rec_by_key+0xab/0x240 [ 476.990704][ T3764] ? __hfsplus_brec_find+0x274/0x840 [ 476.996176][ T3764] ? hfsplus_brec_find+0x4df/0x9f0 [ 477.001508][ T3764] ? hfsplus_brec_read+0x46/0x1f0 [ 477.006678][ T3764] ? hfsplus_find_cat+0xb5/0x4f0 [ 477.011877][ T3764] ? hfsplus_cat_write_inode+0x2ca/0xe20 [ 477.017671][ T3764] ? hfsplus_write_inode+0x178/0x960 [ 477.023119][ T3764] ? __writeback_single_inode+0x88f/0x1190 [ 477.029059][ T3764] ? writeback_sb_inodes+0xac1/0x1cb0 [ 477.034555][ T3764] ? wb_writeback+0x4ce/0xc00 [ 477.039362][ T3764] ? wb_workfn+0x397/0x1910 [ 477.044024][ T3764] ? process_scheduled_works+0xb91/0x1d80 [ 477.049898][ T3764] ? worker_thread+0xedf/0x1590 [ 477.054903][ T3764] ? kthread+0xd5c/0xf00 [ 477.059520][ T3764] ? ret_from_fork+0x233/0x380 [ 477.064486][ T3764] ? ret_from_fork_asm+0x1a/0x30 [ 477.069694][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.074945][ T3764] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 477.080917][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.086181][ T3764] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 477.092574][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.097823][ T3764] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 477.104200][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.109459][ T3764] __msan_warning+0x1b/0x30 [ 477.114080][ T3764] hfsplus_cat_case_cmp_key+0xd9/0x190 [ 477.119697][ T3764] hfs_find_rec_by_key+0xab/0x240 [ 477.124844][ T3764] ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10 [ 477.131083][ T3764] __hfsplus_brec_find+0x274/0x840 [ 477.136318][ T3764] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 477.142101][ T3764] hfsplus_brec_find+0x4df/0x9f0 [ 477.147152][ T3764] ? __pfx_hfs_find_rec_by_key+0x10/0x10 [ 477.152952][ T3764] hfsplus_brec_read+0x46/0x1f0 [ 477.157956][ T3764] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 477.163945][ T3764] hfsplus_find_cat+0xb5/0x4f0 [ 477.168848][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.174144][ T3764] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 477.180098][ T3764] ? should_fail_ex+0x45/0x8a0 [ 477.184981][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.190231][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.195504][ T3764] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 477.201971][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.207214][ T3764] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 477.213173][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.218426][ T3764] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 477.224887][ T3764] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 477.231079][ T3764] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 477.237023][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.242285][ T3764] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 477.248453][ T3764] hfsplus_cat_write_inode+0x2ca/0xe20 [ 477.254056][ T3764] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 477.260260][ T3764] ? _raw_spin_unlock+0x30/0x50 [ 477.265253][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.270510][ T3764] ? kmsan_get_shadow_origin_ptr+0x35/0xb0 [ 477.276456][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.281708][ T3764] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 477.288168][ T3764] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 477.294363][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.299616][ T3764] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 477.306084][ T3764] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 477.312289][ T3764] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 477.318261][ T3764] hfsplus_write_inode+0x178/0x960 [ 477.323501][ T3764] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 477.329956][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.335208][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.340468][ T3764] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 477.346416][ T3764] ? __pfx_hfsplus_write_inode+0x10/0x10 [ 477.352174][ T3764] ? __pfx_hfsplus_write_inode+0x10/0x10 [ 477.357933][ T3764] __writeback_single_inode+0x88f/0x1190 [ 477.363722][ T3764] writeback_sb_inodes+0xac1/0x1cb0 [ 477.369170][ T3764] wb_writeback+0x4ce/0xc00 [ 477.373815][ T3764] ? queue_io+0x431/0x790 [ 477.378268][ T3764] wb_workfn+0x397/0x1910 [ 477.382755][ T3764] ? kmsan_get_metadata+0xfb/0x160 [ 477.388045][ T3764] ? __pfx_wb_workfn+0x10/0x10 [ 477.392986][ T3764] process_scheduled_works+0xb91/0x1d80 [ 477.398767][ T3764] worker_thread+0xedf/0x1590 [ 477.403650][ T3764] kthread+0xd5c/0xf00 [ 477.407834][ T3764] ? __pfx_worker_thread+0x10/0x10 [ 477.413128][ T3764] ? __pfx_kthread+0x10/0x10 [ 477.417835][ T3764] ret_from_fork+0x233/0x380 [ 477.422593][ T3764] ? __pfx_kthread+0x10/0x10 [ 477.427317][ T3764] ret_from_fork_asm+0x1a/0x30 [ 477.432352][ T3764] [ 477.435797][ T3764] Kernel Offset: disabled [ 477.440163][ T3764] Rebooting in 86400 seconds..