last executing test programs: 12m9.165652065s ago: executing program 0 (id=304): r0 = syz_io_uring_setup(0xa8b, &(0x7f0000000100)={0x0, 0xe34e, 0x1000, 0x1, 0x3d4}, &(0x7f0000000080), &(0x7f00000001c0)) io_uring_register$IORING_UNREGISTER_RING_FDS(r0, 0x15, &(0x7f00000005c0)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1) 12m8.35835743s ago: executing program 0 (id=310): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000020c0), 0x180, 0x0) ioctl$IOMMU_TEST_OP_SET_TEMP_MEMORY_LIMIT(r0, 0x3ba0, &(0x7f0000000000)={0x48, 0x9, 0x0, 0x0, 0x19a7}) 12m7.523330597s ago: executing program 0 (id=314): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=@newsa={0x140, 0x10, 0x1, 0x0, 0x0, {{@in=@rand_addr=0x64010101, @in6=@remote, 0xffff}, {@in6=@mcast1, 0x0, 0x6c}, @in6=@local, {0x0, 0x0, 0x0, 0x8, 0x0, 0x8}, {0x0, 0x2}, {0x0, 0x3, 0xfffffffc}, 0x0, 0x4000, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @tfcpad={0x8, 0x16, 0x101}]}, 0x140}}, 0x0) 12m6.834737663s ago: executing program 0 (id=319): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x800800, &(0x7f0000000740)={[{@errors_remount}, {@discard}, {@dmask={'dmask', 0x3d, 0x2}}, {@errors_continue}, {@errors_remount}, {@keep_last_dots}, {@gid}, {@gid={'gid', 0x3d, 0xee01}}, {@errors_continue}, {@fmask={'fmask', 0x3d, 0x7}}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}]}, 0x1, 0x152a, &(0x7f0000002900)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL/T+Z1+x/mceb6fz/5Yz6z9rP287/Ne9t6YbzoOqtageuV6RAT/ErzwRxIAxAJAPwC4BgACACgdVzru/Hx2iUn/2kHYX+vh1CtdAbuSuP9ZG/c/a+P+Z23c/6yN+5+1cf+zNu5/1sb9Zywr2zg1/7W8Zd2N7///96vzhzP8/f9fJLPE6C9Wl7i+E0DMn03h/mdt3P//WsGf2Yn7n7Vx/7Oq2CtdAPsPwO//rCDbH85w/7M27j9jWdmVvv98pTeIZO3n4Eq//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMZQ2n/GUKAC6Nr3RdjDHGGGOMMcYY++v4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/ZP7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFY1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiSjOl/If5b/9O/oCfj75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/TL4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufOnfYEIRKACFcQEMUFsEBvkCHIEOYOcQa4gVxAJIkFcEBfkDq4P8gR5g3xB/iA+KBAUDHRgAhuIi02PBjcERYIbg6LBTUGxoHjgghJBQnBzUDK4JSgV3BqUDm4LygS3B2WDckH5oEJwR1AxuDOoFNwVVA7uDqoEVYNqQfXgnqBGcG9QM7gvqBXcH9QOHgjqBA8GdYOHgnrBw0H94JGgQfBo0DB4LGgUNA6aBE2DZn/p+t6fyPuE66a76yTdQ/fUL+teurfuo/vqfvoV3V+/qgfo13SyHqgH6df1YP2GHqLf1EP1MD1cv6VH6JF6lB6tx+ixOkWP0+P123qCfkdP1JP0ZD1Fp+qpepp+V0/XM/RM/Z6epd/Xs/UcPVfP02n6Az1fL9Dp+kO9UH+kM/QivVgv0Uv1Mr1cr9Ar9Sq9Wq/Ra/U6vV5v0Bv1Jr1Zb9Fb9Ta9XX+sd+hP9E69S+/Wn+o9+jO9V3+u9+kv9H79pc7UX+kD+mt9UH+jD+lv9WH9nT6ij+pj+nt9XP+gT+iT+pQ+rc/oH/VZ/ZM+p/35k/vzX+9GGWViTIyJNbEmh8lhcpqcJpfJZSImYuJMnMltcps8Jo/JZ/KZeBNvCpqC5jwyZAqZQiZqoqaIKWKKmqKmmClmnHEmwSSYkqakKWVKmdKmtCljypiypqwpb8qbO8wd5k5zp7nL3GXuNnebqqaqqW6qmxqmhqlpappappapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWKamGammWlumpsWpoVpZVqZ1qa1aWPamESTaNqatqadaWfam/amg+lgOpqOppPpZLqYLqar6Wq6mW4mySSZnqan6WV6mT6mj+ln+pn+pr8ZYAaYZJNsBplBZrAZbIaYIWaoGWaGnz9RNSPNKDPajDFjTYpJMePNeDPBTDATzUQz2Uw2qSbVTDPTzHQz3cw0M80sM8vMNrPNXDPXpJk0M9/MN+km3Sw0C02GyTCLzWKz1Cw1y81ys9KsNKvNarMW1pr1Zr3ZaDaazWaz2Wq2mu1mu9lhdpidZqfZbXabPWaP2Wv2mn1mn9lv9ptMk2kOmAPmoDloDplD5rA5bI6YI+aYOWaOm+PmhDlhTplT5ozJe/H70ptYm93msFfZnPZqm8teY/8+zmfz23hbwBa02uaxeX8VG2ttUXuTLWaLW2dL2AR782/isracLW8r2DtsRXunrfSbuIa919a099la9n5b3d7zq7i2fcDWsY/auogAtrGtb5vaBvZR29A+ZhvZxraJbWpb26dsG/u0TbTP2Lb22d/E8+0Cu9KusqvtGrvT7rKn7Gl70H5jz9gfbTfb3fazr9j+9lU7wL5mk+3A38TD7Vt2hB1pR9nRdowd+5t4sp1iU+1UO82+a6fbGb+J0+wHdpZNt7PtHDvXzvs5Pl9Tuv3QLrQf2QwbwGK7xC61y+xyu+L/17rErrPr7Qa7w35iN9stdqvdZrdfOhG2u+xu+6ndYz+zB+zXdp/9wu63h2ym/ern+PzjO2S/tYftd/aIPWqP2e/tcfuD+jl3ZC8A+6P93v5kz1lvgZCAJCkKKIayUSxlpxx0FeWkqykXXUMRupbi6DrKTddTHspL+Sg/xVMBKkiaDFkiCqkQFaYo3UCXyitGxclRCUqgm6kk3UKl6FYqTbdRGbqdylI5Kk8V6A6qSHdSJbqLKtPdVIWqUjWqTvdQDbqXatJ9VIvup9r0ANWhB6kuPUT16GGqT49QA3qUGtJj1IgaUxNqSs3ocWpOT1ALakmt6ElqTU9RG3qaEukZakvPUjv6G7Wn56gDPU8d6QXqRJ2pC71IXekl6kbdKYl6UE96mXpRb+pDfakfvUL96VUaQK9RMg2kQfQ6DaY3aAi9SUNpGA2nt2gEjaRRNJrG0FhKoXE0nt6mCfQOTaRJNJmmUCpNpWn0Lk2nGTST3qNZ9D7Npjk0l+ZRGn1A82kBpdOHtJA+ogxaRItpCS2lZbScVtBKWkWraQ2tpXW0njbQRtpEm2kLbaVttJ0+ph30Ce2kXbSbPqU99Bntpc9pH31B++lLyqSv6AB9TQfpGzpE3/ru9B0doaN0jL6n4/QDnaCTdIpO0xn6kc7ST3SOPEGIoQhlqMIgjAmzhbFh9jBHeFWYM7w6zBVeE0bCa8O48Lowd3h9mCfMG+YL84fxYYGwYKhDE9qQwjAsFBYOo+ENYZHwxrBoiGGxsHjowhJhQnhzWDK8JSwV3hqWDm8Ly4S3h2XDcuGj91cI7wgrhneGlcK7wsrh3WGVsGpYLawe3hPWCO8Na4b3hbXC+8NS4QNhnfDBsG74UFgvfDisHz4SNggfDRuGj4WNwsZhk7Bp2Cx8PGwePhG2CFuGrcInw9bhU2Gb8OkwMXwmbBs++/P8Awv+eD4p7BH2DF8OXw69v0/Ojc6LpkU/iM6PLoimRz+MLox+FM2ILoouji6JLo0uiy6ProiujK6Kro6uia6Nrouuj26Iel89Gzh0wkmnXOBiXDYX67K7HO4ql9Nd7XK5a1zEXevi3HUut7ve5XF5XT6X38W7Aq6g084468iFrpAr7KLuBlfE3eiKuptcMVfcOVfCJbimrplr5pq7J1wL19K1ck+6J91T7in3tHvaPePaumddO/c319495zq4593z7gXXyXV2XdyLrqsbl+vCezLJ9XQ9XS/Xy/VxfVw/18/1d/3dADfAJbtkN8gNcoPdYDfEDXFD3VA33A13I9wIN8qNcmPcGJfiUtx4N95NcBPcRDfRTXaTXapLddPcNDfdTXcVZ1w4ymw32811c12aS3Pz3flzxnS30C10GS7DLXaL3VK31C13y91Kt9KtdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdDrfD7fTXXFjU7XF73V63z+1z+92XLtN95Q64r91B94075L51h9137og76o65791x94M74U66U+60O+N+dGfdT+6c8y4lMi4yPvJ2ZELkncjEyKTI5MiUSGpkamRa5N3I9MiMyMzIe5FZkfcjsyNzInMj8yJpkQ8i8yMLIumRDyMLIx9FMiKLIosjSyJLI8si3hfYHPpCvrCP+ht8EX+jL+pv8sV8ce98CZ/gb/Yl/S2+lL/Vl/a3+TL+dl/Wl/Pl/WO+kW/sm/imvpl/3Df3T/gWvqVv5Z/0rf1Tvo1/2if6Z3xb/6xv5//m2/vnfAf/vO/oX/CdfGffxb/ou/qXfDff3Sf5Hr6nf9n38r19H9/X9/Ov+P7+VT/Av+aT/UA/yL/uB/s3/BD/ph/qh/nhMW/5EZcukWGsT/Hj/Hj/tp/g3/ET/SQ/2U/xqX6qn+bf9dP9DD/Tv+dn+ff9bD/Hz/XzfJr/wM/3C3y6/9Av9B/5DL/o0k1lv9yv8Cv9Kr/ar/Fr/Tq/3m/wG/0mv9lv8Vv9Nr/df+x3+E/8Tr/L7/af+j3+M7/Xf+73+S/8fv+lz/Rf+QP+a3/Qf+MP+W/9Yf+dP+KP+mP+e3/c/+BP+JP+lD/tz/gf/Vn/kz/H/2eNMcYYY+xPGXd5KH49c+F2fo/fyRG/2LknAFy9JX/mL+fPn1GuzXNh3FvEt44AwDPdOz58aatSJSkp6eK+GRKCwnMALv1N0HkxcDleBK3gKUiEllDyd+vvLTqfoX+wfvQ2gBy/yImFy/Hl9T8HwKTfWf/xJ4fPLxOeivsf1p8DULTw5ZzscDleBK1+vr/SEkr9Qf15m/+y/tjfrp/9ixSAFr/IyQmX48v1J8AT8Cwk/mpPxhhjjDHGGGPsgt6ifPtL15+X/sXn712fx6vLOdngcvyPrs8ZY4wxxhhjjDF25T3XucvTjycmtmz/zw8q/a+y/vSgIfxfrcyD3x14D3DpJwoA/sUFAc4P5L/zUWz6txwr+eJb5++nlp72AfxntPKvGFzhDybGGGOMMcbYX+7ySf+vf66uVEGMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlgW9O/4dWJX+jEyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjV9r/CwAA///UxgMC") mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) 12m5.900812873s ago: executing program 0 (id=326): r0 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2) read(r0, 0x0, 0x0) 12m5.206242655s ago: executing program 0 (id=329): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x303, 0xfffd, 0x13, 0x0, 0x0}) 12m2.745982019s ago: executing program 32 (id=329): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x303, 0xfffd, 0x13, 0x0, 0x0}) 3m52.003705036s ago: executing program 2 (id=3006): bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001680)=ANY=[@ANYBLOB="580100001000030400"/20, @ANYRES32=0x0, @ANYBLOB="15020000000000003001128009000100766c616e000000002001028006000100000000001c0004800c00010032d10000ffff00000c000100ae0200009e000000700004800c00010009000000010000e29b5d2a0008000000010100000c000100f8ffffff080000000c00010006000000040000000c00010007000000010000800c00010005000000060000000c00010001000000000000000c000100910a00000d0000000c0001000e00000032000000880003800c002100060000000c0000000c00010003000000400000000c00010004000000ffffffff0c00010002000000110000000c00010001000000022000000c0001000b000000270000000c000100ffff00005f0200000c000100ffffffff030000000c00010001000000030000000c000100000000000180000031fa4a8a090000000900000008000500", @ANYRES8=r0], 0x158}, 0x1, 0xba01, 0x0, 0x4008881}, 0x24000040) 3m50.853271852s ago: executing program 2 (id=3012): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 3m50.0616751s ago: executing program 2 (id=3017): creat(&(0x7f0000000000)='./bus\x00', 0x4) r0 = open(&(0x7f0000000780)='./bus\x00', 0x4c03c, 0x48) mmap(&(0x7f0000000000/0x600000)=nil, 0x600402, 0x7ffffe, 0x4002011, r0, 0x0) 3m49.062164808s ago: executing program 2 (id=3022): syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x10000, &(0x7f0000000180)=ANY=[@ANYBLOB='gid=forget,umask=00000000000000000000003,gid=', @ANYRESDEC=0x0, @ANYBLOB=',session=00000000000000043620,gid=ignore,iocharset=euc-jp,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c6164696e6963622c6d6f64653d30303030303030303030303030303030303030303030332c6e6f7374726963742c009b801a9990a34c426430bf3757fbcea5d9a21b29b41016bc74ff654722640a72d8cc5e210fef2b359e9e61ade82c3f025773de99df3af65485aaf7a5294368432400ba367a8a1c6dc334bf", @ANYRES32], 0xfe, 0xc2d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir") mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) 3m47.309557005s ago: executing program 2 (id=3031): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188) 3m46.244128727s ago: executing program 2 (id=3033): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x2, @multicast, 'ip_vti0\x00'}}, 0x1e) writev(r0, &(0x7f0000001700)=[{&(0x7f0000000380)="518f", 0x2}, {0x0}], 0x2) 3m43.427305524s ago: executing program 33 (id=3033): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x2, @multicast, 'ip_vti0\x00'}}, 0x1e) writev(r0, &(0x7f0000001700)=[{&(0x7f0000000380)="518f", 0x2}, {0x0}], 0x2) 6.961367333s ago: executing program 6 (id=3851): syz_mount_image$vfat(&(0x7f0000000580), &(0x7f0000000180)='./file0\x00', 0x1000802, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c6e6f6e756d7461696c003130dbbb3121258e322c262b537f5d0000006e695f7804590000000000003d312c696f63686172538c6c90392bc69373686f72746e616d65653ff959f53d6d697865642c636f6465706167653d3821332c696f6368617273650000000031323831e54f1bb0a3d72c007e3db5a829498e2a721ae5804ff8ccb41eff157cfdfcef90a6010100003ceeeac934b3165b4a0ea182cdd0666ab32f2d041a99ac9fc865ba946f1bb7759d02742dfcc68937ff86d7a54d6de8823119c767d45d6047209f4436383e7c37b59a34407d4a0e6a382108ddd52580281f1d8ad71c4ceafb49960f1429b090d1429f519f9c2b0cb88ffa6fc04fa61c275bf560b9eeeb2d0c8b3ddeb56783f9908c21cf9b2ba0b76b9b60c991bb17c7d0accad1cdaf3259b7dc405d72e2bc3abe0cf37bda3dbfc05e2e55f8aa272b5ea736019c3c0a9b34115a445e0c5da1bd7352ec9529f5caa71f1ae71b36b500c79fffb487ed081232b5d93d3162c7f71f4d5756c9e5442fa3692127266a0c15dac9171edda86b148d17a48d4d90470e79620eeab5acf6f78f807298315e2b80fe1874098d75ab47837a96699e2a7db456f2a4368bece813135ed970951c7471ac16703820a799421cb24f32a5f49ab45bec637c38bcbdae4da3a05f96b2162c47d0b1277e1b1bcc981cce8f6f7f3dd8d06352eb387997b498a732d8442115755ff14d508891abd401b3cafcba75a6901fbe08002674d8663b8c40e9cf13fa4c4a092cb8004a1d2a6fe18cd5d702493d52a7110b17e64b9fa22fb3ace98b9ca35cb98c65f0902dd430373f6ae43c4a60c423b6f65b5ecc2093698072abc857ab2d36a261a7fc5776d39c3d5d5fad291c88ff9726d5ee32c6bcac1799ade9459eb39b56d985d29b988c72c9ad7e82b589f454a58d7cd5ace9436cf69acc217737c863d8938cc95767a0c9b14cb79f5b45ea2408d1da65a2ed8cf55ac8953e5b6a2008336707ca72e7211dafa5"], 0x4, 0x24e, &(0x7f0000000a00)="$eJzs3cFLk38YAPBnOtGf8GMeAkmC3ug+1OiuhII0KJId6pSkUjgTEoQ6qJ06d+pS/0Jdgq5Bh+jaPxBBWNBFO3kIFvqq07nlrLZFfj6XPez7PPt+33cv+26HPe/NM/Nz0wuLsxsba9HTk+nKjsTLgc1M9EVHdEZqNQCAf8lmuRzr5VS71wIAtIb9HwBOnsr+nzm0/2dW974TXG39ygCAZvH7HwBOnsnrNy6PFgpj19aTnoj5R0vFpWL6mI6PzsadKMVMDEYuvkeU96Txk4nC2GCy5XNfFOdXdupXloqdB+uHIhd9h+vHJwpjQ0nqYH1X9O7Uf+iNmRiOXJyqXT9cq74rIs7vmz8fuXh/KxaiFNOxVVupXx5KkktXClXzd2/nAQAAAAAAAAAAAAAAAAAAAABAM+Q7tlvnlLuTpGb/nnw+2VU1ntbv7w/0X43+QON7/YGq+/tkYyDb3mMHAAAAAAAAAAAAAAAAAACAv8Xi/QdzU6XSzL2fBXffPX9zVE6DQWZn3po53RHx+1M0GPx/7tPT+jkPj3N+/mzw+myLJ9067cetert2+/SFxf6L9XIi27Q1d/zKm/I117RL68VuMPLtyOTHk626wjurn+l/NjL1avnjl0Zfp40fSgAAAAAAAAAAAAAAAAAAcEJV/vTb7pUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQPtU7v9fJ8hE3aEGg9V2HyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwIAAD//8pHpIo=") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100) getdents(r0, &(0x7f0000001fc0)=""/176, 0xb0) 6.576447937s ago: executing program 5 (id=3853): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r1}, @IFLA_HSR_SLAVE2={0x8, 0x2, r1}]}}}]}, 0x40}}, 0x0) 5.839486232s ago: executing program 6 (id=3857): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c00000003"], 0x7c}}, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) ptrace(0x10, 0x1) 5.684918331s ago: executing program 5 (id=3858): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x1d00) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000b00)=0x6) read(r0, 0x0, 0x0) 5.457503356s ago: executing program 1 (id=3859): getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) 4.964775513s ago: executing program 5 (id=3862): r0 = socket(0x2, 0x5, 0x0) sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0) sendmmsg$inet_sctp(r0, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@in={0x2, 0x84, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="300000000000000084000000010000000000ffff070200"/44, @ANYRES32=0x0, @ANYBLOB="18"], 0x48}], 0x1, 0x0) 4.919391286s ago: executing program 6 (id=3863): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff, 0x1c9ae7fffe9a6f34}}, 0x1c) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0) 4.377414472s ago: executing program 3 (id=3865): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f00000005c0)={0x15, 0x110, 0xfa00, {r1, 0xfffffffc, 0x0, 0x30, 0x0, @ib={0x1b, 0x8, 0x5, {}, 0x1, 0x2, 0x4}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x80000005}}}, 0x118) 4.042558262s ago: executing program 4 (id=3866): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100)={0x200000, 0x200000}) r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000840)={0x53, 0xfffffffffffffffb, 0x6, 0xff, @scatter={0x0, 0x0, 0x0}, &(0x7f00000006c0)="f7f12ad8b0bb", 0x0, 0x20, 0x11, 0xffffffffffffffff, 0x0}) 3.767463626s ago: executing program 3 (id=3867): capset(&(0x7f00000004c0)={0x20071026}, &(0x7f0000000100)) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000002c0)={0x53, 0xfffffffffffffffc, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000180)="b92b13f6b94d", 0x0, 0xfffffffc, 0x0, 0x0, 0x0}) 3.545416729s ago: executing program 6 (id=3868): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x20590e85}}, {@noextend}]}}) 3.43419173s ago: executing program 5 (id=3869): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2000080, &(0x7f0000000340)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c726f6469722c696f636861727365743d63703836342c756e695f786c6174653d312c636f6465706167653d313235302c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c726f6469722c6e6f6e756d7461696c3d302c696f636861727365743d63703836322c726f6469722c73686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c002aa220cdeeb5ba33c93123800bef80e5155d8840d88fc461c6"], 0x25, 0x336, &(0x7f0000000500)="$eJzs3T1sW9UXAPDjviROI/VvD3+pgsmwIaGqCWKAKVFVpIoMUGTxtWDRlI/YVIqFpTDE9QJiBLEgwcTWAcbOiAEhNgZWioQKiIVulVrxkP1e7OeP0BThlI/fb4iOzj3H976Xq/glSm5eWo/tC4tx8caN67G8XIqF9TPrcbMU1TgWSWQuBwDwb3IzTePXNHPn6vdX9qOlOa8LAJifwfv/KydGifK9XA0AcBQO+f3/UzOzl+a2LABgjqbe/x8cG574Mf/C8HcCAIB/rmeef+HJjc2I87XackTrnU69U4/HR+MbF+O1aMZWnI5K3I7IHhSyp4X+xyfObZ49Xev7sRr1fkenHtHqdurZk8JGMugvx2pUopr3p8P+pN+/OuivRcTl7mD+aJU69cVYyef/biW2Yi0q8f+p/ohzm2fXavkL1Fv7/d2IXizvX0R//aeiEt+8HJeiGRei3zta/95qrXYm3Rzr71wpD+oAAAAAAAAAAAAAAAAAAAAAAGAeTtWGqsPzb9JWt/P2+cmC6tj5OPVsOD8fqJedD5SW90/neTeZPB9o/HyeTn0hjt3TKwcAAAAAAAAAAAAAAAAAAIC/j/buUjSaza2d9u5b28WgW8i88dWnXxyPyZrXk1EmFrKXG6vJc1HoSmLYng7b02SsJg+SiFHxlavDFRdrysOrmGrvB+WpoVK+pkazeeKBHz6a1fXbKJPE1G0ZD0r5/IWh1v+y1B90HRys3aHmWpqmB7XvfTjdFaWIhalP3F8RfHn91fseaZ98dJD5PD/04aGHK89e++CTn7cbzchvTbO5tNO+nf7puZLC/inl97k0YyfMDnqjTG+nvdtIvv3lufvf+3qiOJm9f9Ji5s2D5/psMrOUBf1lHuZKF2ds/tnBi7eGu/fub+bJj9cbV/e+/+mwXYUvEg7qAAAAAAAAAAAAAAAAAACAI1H4W/G78NjT81sRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy90f//LwS9qcxhglvdmB4qb+20D5z8+JFeKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2G/BwAA//9pxHjs") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 3.343395868s ago: executing program 1 (id=3870): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0) 3.34302115s ago: executing program 4 (id=3871): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x100, 0x2}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000180)={0x3}) 3.153676491s ago: executing program 3 (id=3872): capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)) r0 = socket(0x10, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f0000000140)={'sit0\x00', 0x0}) 2.543407283s ago: executing program 1 (id=3873): ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0xa, 0xffffffffffffffff}) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x10, 0x0, &(0x7f0000000440)=[@request_death], 0x0, 0x100000000000000, 0x0}) 2.44008368s ago: executing program 4 (id=3874): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8}) semget$private(0x0, 0x6, 0x0) semop(0x0, &(0x7f0000000200), 0x53) 2.151343088s ago: executing program 3 (id=3875): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x48, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}, @NLBL_CIPSOV4_A_TAGLST={0x24, 0x4, 0x0, 0x1, [{0xfffffffffffffebe, 0x3, 0x1}, {0x5, 0x3, 0x3}, {0x5, 0x3, 0x80}, {0x5, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x48}}, 0x0) 2.000225459s ago: executing program 6 (id=3876): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f0000000800)={[{@fat=@sys_immutable}, {@numtail}, {@shortname_lower}, {@uni_xlateno}, {@shortname_mixed}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'cp737'}}, {@fat=@tz_utc}, {@numtail}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {@numtail}]}, 0x1, 0x356, &(0x7f0000000200)="$eJzs3U9oI9UfAPBvdrJJu7C/9vCDRUEYvQladise9NSydGExF5Xgn4MY3K5KUxcaDHYPzdaLeBQ86smbBz142LMIinjz4NUVxD940OOCiyPJTJJpk3a7QnYtfj6H8O1732/ee5mhmU6b15dXYqMWcTmNiLm5SlRXzq/EzUosRhJD12JSbUobAHA83Myy+CPLHbGkMuMpAQAzNnj/f/V0qeXtLw/Lz7z7A8CxV/z8P39YztxBHVdmMiUAYMYm7v8/tKe7tvdX/dXSXwUAAMfVsy+8+NRqI+KZNJ2L2Hyn2+w248lx/+rleD3asR5nYyFuReQXCv2HyuDxwsXG2tk0TXvx82I0+xXdZsRmr9vMrxRWk0F9Pc7FQiwW9cXVRpZlyYXPGmvn0oGIuNYbjB+blW7zZJwqxv/+VKzHcqTx/4n6iIuNteW0eILm5rC+F7E7vm/Rn/9SLMS3r8SVaMel6NcOL2saazvn0vR81thT323W5y6NXoUD74AAAAAAAAAAAAAAAAAAAAAAAMA/spSOLI72v8nG+/csLU3pH+yPk9cX+wPt5vsDZfUssuz3tx5tvpvEnv2B9u/P021W48S9XToAAAAAAAAAAAAAAAAAAAD8a3S2a9Fqt9e3OttXN8pBb6uzfSIi+i1vfP3JF/MxmXOboFqMUepKi6arG60sGSZnyZ6cIkj6gw9bPr4+mnE5pz5axdRp1A/uardPP/jjB+OWB5LhM/81zkli+gKTfdMoB5v/y6d0Jy/UKFi+Tc6NLMsOKt95abIqKhHVOz9whwdZP/jqp9fue6xz5vFBy+dZ7uFHFp678f5Hv2602v2RY3AEa1udW9lGq/h6+sl2cJCUzp9K5EGlfCZUDyvfLYL5iP6hbCXf/fb8/e99c7TRs3LLm1Nyknw5n+7vquVBJR+03DU/bayTU07+GQRnPlxpXd/54ZejVpW+SdioAwAAAAAAAAAAAAAAAAAA7orSZ8ULxYd9Tx5W9cTTs58ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANw94///Xwp2J1qOEvzZi8mu+vpWJ6J2r5cJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/3N8BAAD//zGNaeE=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 1.890641146s ago: executing program 5 (id=3877): r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0) io_setup(0x6, &(0x7f0000001380)=0x0) io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x1000000, 0x0, 0x0, 0x5, 0x8001, r0, 0x0}]) 1.777187324s ago: executing program 1 (id=3878): r0 = syz_open_procfs(0x0, &(0x7f0000000240)='pagemap\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip_tables_names\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 1.658109026s ago: executing program 4 (id=3879): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x0, 0x401, 0x0, 0x3, 0xe9, 0x4, 0x200}, 0xc) recvmsg(r0, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x41) 1.323119869s ago: executing program 3 (id=3880): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000280)='./bus\x00', 0x14927e, 0x0) copy_file_range(r1, 0x0, r0, 0x0, 0x401, 0x0) 983.609831ms ago: executing program 1 (id=3881): r0 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x800000) ioctl$NBD_DISCONNECT(r0, 0xab08) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') 924.163036ms ago: executing program 4 (id=3882): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000018000)=0x1, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000840)=[@in={0x2, 0x4e21, @private=0xa010102}, @in={0x2, 0x4e21, @remote}, @in6={0xa, 0x4e22, 0x2007, @private1, 0x7ff}], 0x3c) 791.351829ms ago: executing program 5 (id=3883): socket$packet(0x11, 0x3, 0x300) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x5, 0x14, 0x0, &(0x7f0000000100)="259a53f271a76d2608fff74588a80a3888ca2f15", 0x0, 0xd11, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 706.668825ms ago: executing program 3 (id=3884): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f626172726965722c63726561746f723d5c5d07842c63726561746f723dbd3cfff52c6e6c733d63703433372c756d61736b3d3030303030303030303030303030000000000000dc599bad22eebebb0002372c6e6f6465000000000000000000"], 0x1, 0x6a4, &(0x7f0000001380)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") mkdir(&(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xc4) rename(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 386.566597ms ago: executing program 6 (id=3885): r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) read$FUSE(r0, &(0x7f0000000140)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_DIRENT(r0, &(0x7f0000002540)=ANY=[@ANYBLOB="e0010000", @ANYRES64=r1], 0x1e0) 102.773208ms ago: executing program 1 (id=3886): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000380)={{0x1, 0x1}}) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0) 0s ago: executing program 4 (id=3887): unshare(0x2040400) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') read$FUSE(r0, &(0x7f000000ac40)={0x2020}, 0x2020) kernel console output (not intermixed with test programs): rror -3 while decompressing! [ 765.431551][T11994] cramfs: ffffffff95524fc8(453)->ffff88805798a000(4096) [ 767.937325][T12026] loop2: detected capacity change from 0 to 1764 [ 768.082737][T12018] loop5: detected capacity change from 0 to 4096 [ 768.206029][T12031] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 768.295105][T12018] NILFS (loop5): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 768.309142][T12018] NILFS error (device loop5): nilfs_bmap_truncate: broken bmap (inode number=12) [ 768.435645][T12018] Remounting filesystem read-only [ 768.441224][T12018] NILFS (loop5): error -5 truncating bmap (ino=12) [ 768.854310][ T6704] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 770.037055][T12047] loop2: detected capacity change from 0 to 64 [ 771.440328][T12057] loop2: detected capacity change from 0 to 512 [ 771.612134][T12060] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2701'. [ 772.662566][T12057] EXT4-fs (loop2): Test dummy encryption mode enabled [ 772.748729][T12057] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 772.783797][T12057] EXT4-fs (loop2): Errors on filesystem, clearing orphan list. [ 772.795242][T12057] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 773.001758][T12057] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 773.246103][ T5808] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 774.286385][T12087] netlink: 'syz.1.2712': attribute type 1 has an invalid length. [ 775.316436][T12102] loop2: detected capacity change from 0 to 1024 [ 775.962394][T11923] hfsplus: b-tree write err: -5, ino 4 [ 776.041924][T12110] loop1: detected capacity change from 0 to 128 [ 776.273961][T12110] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 776.367057][T12110] ext4 filesystem being mounted at /560/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 776.470260][T12110] EXT4-fs warning (device loop1): verify_group_input:137: Cannot add at group 3 (only 1 groups) [ 777.067211][ T5807] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 777.671096][T12126] loop2: detected capacity change from 0 to 1764 [ 777.709616][T12126] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 777.771403][T12126] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 777.919051][T12134] netlink: 'syz.4.2733': attribute type 12 has an invalid length. [ 778.603969][T12144] sg_write: data in/out 524252/14 bytes for SCSI command 0x1-- guessing data in; [ 778.603969][T12144] program syz.2.2736 not setting count and/or reply_len properly [ 779.974191][T12164] Bluetooth: MGMT ver 1.23 [ 780.345338][T12169] Bluetooth: MGMT ver 1.23 [ 782.358561][T12201] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2766'. [ 782.368596][T12201] netlink: 'syz.1.2766': attribute type 1 has an invalid length. [ 782.377059][T12201] netlink: 'syz.1.2766': attribute type 1 has an invalid length. [ 782.385247][T12201] netlink: 'syz.1.2766': attribute type 2 has an invalid length. [ 782.393510][T12201] netlink: 'syz.1.2766': attribute type 1 has an invalid length. [ 782.401561][T12201] netlink: 'syz.1.2766': attribute type 1 has an invalid length. [ 782.588709][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 782.595803][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 782.684626][T12197] loop5: detected capacity change from 0 to 4096 [ 783.174203][T12209] ipvlan0: entered promiscuous mode [ 783.209041][T12197] ntfs3(loop5): ino=18, mi_enum_attr [ 783.215008][T12197] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 783.401557][T12211] loop1: detected capacity change from 0 to 1024 [ 783.425624][T12213] loop4: detected capacity change from 0 to 1024 [ 783.541837][T12213] EXT4-fs: Ignoring removed oldalloc option [ 783.548816][T12213] EXT4-fs: Ignoring removed orlov option [ 783.748026][T12213] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 783.975647][T12213] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 784.182883][T12218] loop2: detected capacity change from 0 to 512 [ 784.367212][T11923] hfsplus: b-tree write err: -5, ino 4 [ 784.483421][T12218] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 784.499679][T12218] ext4 filesystem being mounted at /563/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 784.726223][T12218] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2774: corrupted inode contents [ 784.824849][T12218] EXT4-fs error (device loop2): ext4_dirty_inode:6459: inode #2: comm syz.2.2774: mark_inode_dirty error [ 784.865565][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 784.934988][T12218] EXT4-fs error (device loop2): ext4_do_update_inode:5568: inode #2: comm syz.2.2774: corrupted inode contents [ 784.995171][T12218] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.2774: mark_inode_dirty error [ 785.753408][ T5808] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 786.365945][T12239] loop5: detected capacity change from 0 to 64 [ 786.453918][T12241] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2782'. [ 787.212632][T12249] ptrace attach of "./syz-executor exec"[5799] was attempted by "\x22"[12249] [ 787.982809][T12260] sp0: Synchronizing with TNC [ 789.588466][T12286] loop3: detected capacity change from 0 to 256 [ 789.833067][T12286] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 790.716032][T12299] loop2: detected capacity change from 0 to 256 [ 790.757658][T12299] exfat: Deprecated parameter 'utf8' [ 790.871578][T12299] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 791.808926][T12311] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2817'. [ 791.836757][T12311] erspan0: entered promiscuous mode [ 791.850641][T12311] erspan0: left promiscuous mode [ 792.684707][T12324] loop5: detected capacity change from 0 to 64 [ 792.934605][T12329] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2826'. [ 793.578159][T12337] loop1: detected capacity change from 0 to 256 [ 793.854061][ T30] audit: type=1800 audit(1751192508.037:80): pid=12337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2830" name="file2" dev="loop1" ino=1048654 res=0 errno=0 [ 795.895476][T12365] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2844'. [ 796.516493][T12372] netlink: 'syz.4.2847': attribute type 3 has an invalid length. [ 796.722739][T12375] loop1: detected capacity change from 0 to 256 [ 796.762908][T12375] exfat: Deprecated parameter 'utf8' [ 796.763346][T12375] exfat: Deprecated parameter 'namecase' [ 796.955656][T12375] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 797.943226][T12384] loop1: detected capacity change from 0 to 1024 [ 798.497308][T12384] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 798.649016][T12384] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.2853: missing EA_INODE flag [ 798.796131][T12384] EXT4-fs (loop1): Remounting filesystem read-only [ 798.803639][T12384] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 799.280801][ T5807] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 799.763918][T12406] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 800.110243][T12397] loop2: detected capacity change from 0 to 8192 [ 800.588124][T12414] loop1: detected capacity change from 0 to 256 [ 800.645172][T12414] exfat: Bad value for 'gid' [ 800.650359][T12414] exfat: Bad value for 'gid' [ 800.693715][ T5881] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 800.957040][ T5881] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 800.968561][ T5881] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 800.983913][ T5881] usb 4-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 800.994874][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 801.290229][ T5881] usb 4-1: config 0 descriptor?? [ 801.449634][T12420] loop2: detected capacity change from 0 to 1024 [ 801.625428][T12420] hfsplus: Bad value for 'umask' [ 801.881699][ T5881] hkems 0003:2006:0118.0001: unknown main item tag 0x0 [ 801.889325][ T5881] hkems 0003:2006:0118.0001: unknown main item tag 0x0 [ 801.904717][ T5881] hkems 0003:2006:0118.0001: unknown main item tag 0x0 [ 801.913918][ T5881] hkems 0003:2006:0118.0001: unknown main item tag 0x0 [ 801.922489][ T5881] hkems 0003:2006:0118.0001: unknown main item tag 0x0 [ 801.929740][ T5881] hkems 0003:2006:0118.0001: unknown main item tag 0x0 [ 801.937183][ T5881] hkems 0003:2006:0118.0001: unknown main item tag 0x0 [ 801.963533][T12420] No control pipe specified [ 802.264863][ T5881] hkems 0003:2006:0118.0001: hidraw0: USB HID v0.00 Device [HID 2006:0118] on usb-dummy_hcd.3-1/input0 [ 802.277801][ T5881] hkems 0003:2006:0118.0001: no inputs found [ 802.285627][ T5881] hkems 0003:2006:0118.0001: force feedback init failed [ 802.409598][ T5881] usb 4-1: USB disconnect, device number 11 [ 802.650073][T12431] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2872'. [ 802.946887][T12433] hugetlbfs: Bad value for 'mode' [ 803.132893][T12435] loop2: detected capacity change from 0 to 1024 [ 803.264630][T12435] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 804.406101][T12436] fido_id[12436]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 804.597660][T12451] netlink: 'syz.3.2881': attribute type 16 has an invalid length. [ 805.708591][T12467] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2888'. [ 806.559467][T12477] loop1: detected capacity change from 0 to 2048 [ 806.641648][ T30] audit: type=1326 audit(1751192520.827:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12478 comm="syz.5.2893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6728d8e929 code=0x7ffc0000 [ 806.665005][ T30] audit: type=1326 audit(1751192520.827:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12478 comm="syz.5.2893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6728d8e929 code=0x7ffc0000 [ 806.835892][T12482] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 806.851704][ T30] audit: type=1326 audit(1751192520.917:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12478 comm="syz.5.2893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f6728d8e929 code=0x7ffc0000 [ 806.876826][ T30] audit: type=1326 audit(1751192520.917:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12478 comm="syz.5.2893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6728d8e929 code=0x7ffc0000 [ 806.899719][ T30] audit: type=1326 audit(1751192520.927:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12478 comm="syz.5.2893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7f6728d8e929 code=0x7ffc0000 [ 806.927182][ T30] audit: type=1326 audit(1751192520.927:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12478 comm="syz.5.2893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6728d8e929 code=0x7ffc0000 [ 806.951640][ T30] audit: type=1326 audit(1751192520.977:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12478 comm="syz.5.2893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6728d8e929 code=0x7ffc0000 [ 807.991824][T12494] loop2: detected capacity change from 0 to 128 [ 808.188179][T12496] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2899'. [ 808.279973][T12494] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 808.394387][T12494] ext4 filesystem being mounted at /587/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 808.790552][ T5808] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 809.077942][T12504] loop3: detected capacity change from 0 to 2048 [ 809.295697][T12504] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 809.693242][ T2069] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 809.948782][ T2069] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 809.963741][ T2069] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 809.974231][ T2069] usb 3-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 809.986467][ T2069] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 810.185599][ T2069] usb 3-1: config 0 descriptor?? [ 810.781495][ T2069] steelseries 0003:1038:12B6.0002: reserved main item tag 0xe [ 810.868144][ T2069] steelseries 0003:1038:12B6.0002: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.2-1/input0 [ 811.019201][ T2069] steelseries 0003:1038:12B6.0002: hid_hw_raw_request() failed with -71 [ 811.037426][T12526] loop5: detected capacity change from 0 to 8 [ 811.094152][ T2069] usb 3-1: USB disconnect, device number 12 [ 811.939058][T12533] fido_id[12533]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 813.142990][T12553] loop2: detected capacity change from 0 to 512 [ 813.323974][T12553] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 813.738234][T12553] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 813.860069][T12553] EXT4-fs (loop2): 1 truncate cleaned up [ 813.868959][T12553] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 814.783683][ T5808] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 814.966194][T12572] nbd: couldn't find device at index 587202560 [ 816.355096][T12590] mkiss: ax0: crc mode is auto. [ 817.456193][T12607] loop3: detected capacity change from 0 to 256 [ 817.651119][T12607] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x467a0815, utbl_chksum : 0xe619d30d) [ 817.669825][T12607] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 818.131712][T12614] loop2: detected capacity change from 0 to 1024 [ 818.218176][T12614] EXT4-fs: Ignoring removed bh option [ 818.224250][T12614] EXT4-fs: inline encryption not supported [ 818.311693][T12614] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 818.335080][T12618] loop1: detected capacity change from 0 to 256 [ 818.470779][T12614] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 818.516109][T12614] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.2950: lblock 2 mapped to illegal pblock 2 (length 1) [ 818.539569][T12614] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 818.548187][T12614] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.2950: lblock 0 mapped to illegal pblock 48 (length 1) [ 818.613474][T12614] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 818.622934][T12614] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.2950: Failed to acquire dquot type 0 [ 818.674177][T12614] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 818.723493][T12614] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.2950: mark_inode_dirty error [ 818.782759][T12614] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 818.799476][T12614] EXT4-fs (loop2): 1 orphan inode deleted [ 818.814402][T12614] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 818.820981][T11961] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:21: lblock 1 mapped to illegal pblock 1 (length 1) [ 818.957148][T11961] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 818.969195][T11961] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:21: Failed to release dquot type 0 [ 819.217212][T12614] EXT4-fs: Cannot change journaled quota options when quota turned on [ 819.290200][T12623] loop4: detected capacity change from 0 to 4096 [ 819.311152][T12627] loop1: detected capacity change from 0 to 1024 [ 819.373148][T12627] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869) [ 819.386446][T12627] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 819.397513][T12623] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 819.465002][T12627] EXT4-fs (loop1): invalid journal inode [ 819.471211][T12627] EXT4-fs (loop1): can't get journal size [ 819.570543][T12627] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 819.636771][ T5808] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 819.756964][ T5808] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 819.865284][ T5808] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 819.882805][T12623] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 819.962013][ T5808] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 820.099986][ T5807] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 820.801179][T12637] loop3: detected capacity change from 0 to 1024 [ 821.201943][T12641] hfsplus: invalid extended attribute record [ 822.235028][ T1857] hfsplus: b-tree write err: -5, ino 4 [ 822.356809][T12643] loop4: detected capacity change from 0 to 32768 [ 822.381371][T12643] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 0 transid 8 /dev/loop4 (7:4) scanned by syz.4.2963 (12643) [ 823.477727][T12652] loop3: detected capacity change from 0 to 256 [ 823.509116][T12653] loop2: detected capacity change from 0 to 512 [ 823.565713][T12652] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 823.654389][T12656] netlink: 1268 bytes leftover after parsing attributes in process `syz.1.2970'. [ 823.664545][T12656] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 823.729647][T12657] overlayfs: missing 'workdir' [ 823.839609][T12649] loop5: detected capacity change from 0 to 40427 [ 823.861691][T12649] F2FS-fs (loop5): Fix alignment : internally, start(4096) end(16896) block(12288) [ 823.871759][T12653] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 823.872480][T12653] ext4 filesystem being mounted at /597/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 823.900215][T12649] F2FS-fs (loop5): Unrecognized mount option "discard_unitPx{“â¸ho°#”=section" or missing value [ 824.781291][ T5808] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 824.905073][ T30] audit: type=1326 audit(1751192539.097:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12663 comm="syz.3.2971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 824.992404][ T30] audit: type=1326 audit(1751192539.137:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12663 comm="syz.3.2971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 825.015625][ T30] audit: type=1326 audit(1751192539.137:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12663 comm="syz.3.2971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 825.043727][ T30] audit: type=1326 audit(1751192539.137:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12663 comm="syz.3.2971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 825.068675][ T30] audit: type=1326 audit(1751192539.147:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12663 comm="syz.3.2971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 825.449879][T12670] loop5: detected capacity change from 0 to 1024 [ 825.454926][T12672] nbd: couldn't find a device at index 17 [ 826.043165][T11961] hfsplus: b-tree write err: -5, ino 4 [ 826.244308][T12680] loop2: detected capacity change from 0 to 512 [ 826.507270][T12686] loop5: detected capacity change from 0 to 1024 [ 826.555016][T12680] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 826.568412][T12680] ext4 filesystem being mounted at /599/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 826.703916][T12676] loop1: detected capacity change from 0 to 4096 [ 827.680819][ T5808] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 828.901488][T12705] loop4: detected capacity change from 0 to 256 [ 828.999387][T12705] exfat: Deprecated parameter 'namecase' [ 829.232782][T12705] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 829.264677][ T2069] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 829.502762][ T2069] usb 6-1: Using ep0 maxpacket: 8 [ 829.546357][ T2069] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 829.611810][ T2069] usb 6-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 829.624841][ T2069] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 829.633809][ T2069] usb 6-1: SerialNumber: syz [ 829.736356][ T2069] usb 6-1: config 0 descriptor?? [ 829.760662][T12712] loop1: detected capacity change from 0 to 64 [ 829.807507][ T2069] usb 6-1: Found UVC 0.00 device (05ac:8501) [ 829.814928][ T2069] usb 6-1: No valid video chain found. [ 830.066992][ T2069] usb 6-1: USB disconnect, device number 11 [ 830.489640][T12715] loop2: detected capacity change from 0 to 1024 [ 830.716697][T12715] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 831.457473][ T5808] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 832.892010][T12745] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3006'. [ 832.905289][T12745] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3006'. [ 832.939803][T12745] vlan2: entered allmulticast mode [ 832.945518][T12745] gretap0: entered allmulticast mode [ 833.007627][T12748] loop5: detected capacity change from 0 to 8 [ 833.179588][T12753] pim6reg: entered allmulticast mode [ 833.448142][T10716] udevd[10716]: incorrect cramfs checksum on /dev/loop5 [ 833.899864][T12759] loop3: detected capacity change from 0 to 256 [ 833.967321][T12759] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 834.078678][T12763] smc: net device bond0 applied user defined pnetid SYZ2 [ 834.201618][T12759] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d) [ 834.793001][ T30] audit: type=1804 audit(1751192548.977:93): pid=12767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3017" name="/newroot/606/bus" dev="tmpfs" ino=3117 res=1 errno=0 [ 834.816080][ T30] audit: type=1800 audit(1751192548.977:94): pid=12767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3017" name="bus" dev="tmpfs" ino=3117 res=0 errno=0 [ 836.082473][T12778] loop2: detected capacity change from 0 to 2048 [ 836.177164][T12778] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18576, location=18576 [ 836.250735][T12785] loop4: detected capacity change from 0 to 128 [ 836.339554][T12778] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 836.481453][T12778] overlayfs: upper fs needs to support d_type. [ 836.565598][T12778] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 836.573360][T12778] overlayfs: failed to set xattr on upper [ 836.579733][T12778] overlayfs: ...falling back to redirect_dir=nofollow. [ 836.587105][T12778] overlayfs: ...falling back to index=off. [ 836.593445][T12778] overlayfs: ...falling back to uuid=null. [ 837.092698][T12791] loop3: detected capacity change from 0 to 512 [ 837.097540][ T5808] UDF-fs: error (device loop2): udf_read_inode: (ino 1317) failed !bh [ 837.138327][T12791] EXT4-fs: Ignoring removed i_version option [ 837.173161][ T5808] UDF-fs: error (device loop2): udf_read_inode: (ino 1317) failed !bh [ 837.191123][T12791] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 837.200789][T12793] loop1: detected capacity change from 0 to 64 [ 837.303037][T12791] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002] [ 837.333992][T12791] System zones: 1-12 [ 837.339085][T12791] EXT4-fs (loop3): orphan cleanup on readonly fs [ 837.346639][T12791] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.3028: invalid indirect mapped block 12 (level 1) [ 837.502943][T12791] EXT4-fs (loop3): Remounting filesystem read-only [ 837.510142][T12791] EXT4-fs (loop3): 1 truncate cleaned up [ 837.519140][T12791] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 838.051520][T11923] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 838.267020][T11923] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 838.405912][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 838.530959][T11923] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 838.778583][T11923] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 839.393979][T11923] bridge_slave_1: left allmulticast mode [ 839.399946][T11923] bridge_slave_1: left promiscuous mode [ 839.407406][T11923] bridge0: port 2(bridge_slave_1) entered disabled state [ 839.570248][T11923] bridge_slave_0: left allmulticast mode [ 839.583332][T11923] bridge_slave_0: left promiscuous mode [ 839.590134][T11923] bridge0: port 1(bridge_slave_0) entered disabled state [ 840.248761][T11923] team0: Port device bond0 removed [ 840.281998][T11923] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 840.316781][T11923] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 840.336584][T11923] bond0 (unregistering): Released all slaves [ 840.361625][T11923] bond1 (unregistering): Released all slaves [ 840.401381][T11923] bond2 (unregistering): Released all slaves [ 840.426558][T11923] bond3 (unregistering): Released all slaves [ 841.412666][T11923] hsr_slave_0: left promiscuous mode [ 841.452716][T11923] hsr_slave_1: left promiscuous mode [ 841.461008][T11923] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 841.469388][T11923] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 841.545461][T11923] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 841.553463][T11923] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 841.759619][T11923] veth1_macvtap: left promiscuous mode [ 841.765620][T11923] veth0_macvtap: left promiscuous mode [ 841.771581][T11923] veth1_vlan: left promiscuous mode [ 842.022860][ T2069] IPVS: starting estimator thread 0... [ 842.155529][T12822] IPVS: using max 192 ests per chain, 9600 per kthread [ 842.511968][T12828] loop1: detected capacity change from 0 to 2048 [ 842.660432][T11410] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 842.676530][T11410] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 842.686916][T11410] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 842.709209][T11410] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 842.721471][T11410] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 842.925213][T12828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 843.398299][T12828] EXT4-fs: Ignoring removed orlov option [ 843.430898][T12844] loop4: detected capacity change from 0 to 1024 [ 843.481074][T12828] EXT4-fs (loop1): can't enable nombcache during remount [ 843.536870][T11923] pim6reg (unregistering): left allmulticast mode [ 844.071258][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 844.078223][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 844.285467][ T5807] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 844.331481][T11923] team0 (unregistering): Port device team_slave_1 removed [ 844.362882][T11923] team0 (unregistering): Port device team_slave_0 removed [ 844.663156][T12850] loop3: detected capacity change from 0 to 1024 [ 844.792573][T11410] Bluetooth: hci4: command tx timeout [ 844.824075][T11961] hfsplus: b-tree write err: -5, ino 8 [ 845.458832][T12857] loop1: detected capacity change from 0 to 64 [ 846.886180][T11410] Bluetooth: hci4: command tx timeout [ 847.217177][T12830] chnl_net:caif_netlink_parms(): no params data found [ 848.428852][T12893] loop3: detected capacity change from 0 to 64 [ 848.541337][T12892] loop1: detected capacity change from 0 to 1024 [ 848.963381][T11410] Bluetooth: hci4: command tx timeout [ 849.260432][T12902] loop5: detected capacity change from 0 to 64 [ 849.466072][T12830] bridge0: port 1(bridge_slave_0) entered blocking state [ 849.476951][T12830] bridge0: port 1(bridge_slave_0) entered disabled state [ 849.484936][T12830] bridge_slave_0: entered allmulticast mode [ 849.494939][T12830] bridge_slave_0: entered promiscuous mode [ 849.744759][T12830] bridge0: port 2(bridge_slave_1) entered blocking state [ 849.752635][T12830] bridge0: port 2(bridge_slave_1) entered disabled state [ 849.760439][T12830] bridge_slave_1: entered allmulticast mode [ 849.771120][T12830] bridge_slave_1: entered promiscuous mode [ 850.063949][T12909] tmpfs: Cannot change global quota limit on remount [ 850.537088][T12830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 850.630796][T12830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 851.035521][T11410] Bluetooth: hci4: command tx timeout [ 851.150353][T12830] team0: Port device team_slave_0 added [ 851.216639][T12830] team0: Port device team_slave_1 added [ 851.297471][T12913] loop5: detected capacity change from 0 to 4096 [ 851.381094][T12913] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 851.869204][T12830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 851.876766][T12830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 851.897681][T12913] ntfs3(loop5): ino=0, attr_set_size [ 851.906651][T12830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 851.909516][T12913] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 852.133085][T12913] ntfs3(loop5): MFT: r=0, expect seq=0 instead of 1! [ 852.133461][T12830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 852.150736][T12830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 852.183363][T12830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 852.749644][T12937] loop1: detected capacity change from 0 to 1024 [ 853.006409][T12830] hsr_slave_0: entered promiscuous mode [ 853.020252][T12830] hsr_slave_1: entered promiscuous mode [ 853.029351][T12830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 853.037484][T12830] Cannot create hsr debugfs directory [ 853.138047][T12937] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 853.814678][ T5807] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 854.979890][T12953] loop4: detected capacity change from 0 to 32768 [ 855.001923][T12953] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3086 (12953) [ 855.057157][T12953] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 855.067953][T12953] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm [ 855.079693][T12953] BTRFS info (device loop4): using free-space-tree [ 855.255564][T12830] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 855.386912][T12830] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 855.420569][T11951] BTRFS warning (device loop4): checksum verify failed on logical 1052672 mirror 1 wanted 0x11f3e929624b680852cd2754314153a53c00b22ae8936d589814e00d5ed09030 found 0x4b2ece389771b429904bd855fb67e8b948b43d5f8b50d348b79542b59c66ed27 level 0 [ 855.450558][T12953] BTRFS error (device loop4): failed to read chunk root [ 855.531439][T12830] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 855.597863][T12830] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 855.609619][T12953] BTRFS error (device loop4): open_ctree failed: -5 [ 856.447802][T12977] sctp: failed to load transform for md5: -2 [ 857.638010][T13000] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 857.689875][T12994] loop5: detected capacity change from 0 to 1024 [ 857.721254][T12830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 858.074056][T12830] 8021q: adding VLAN 0 to HW filter on device team0 [ 858.195130][T11923] bridge0: port 1(bridge_slave_0) entered blocking state [ 858.202840][T11923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 858.429450][T11923] bridge0: port 2(bridge_slave_1) entered blocking state [ 858.437182][T11923] bridge0: port 2(bridge_slave_1) entered forwarding state [ 859.010390][T13011] loop5: detected capacity change from 0 to 64 [ 859.424517][ T11] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 859.698143][ T11] usb 2-1: config 8 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 859.712800][ T11] usb 2-1: config 8 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 859.723735][ T11] usb 2-1: config 8 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 859.737127][ T11] usb 2-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00 [ 859.749553][ T11] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 860.788043][ T11] megaworld 0003:07B5:0312.0003: hidraw0: USB HID v0.00 Device [HID 07b5:0312] on usb-dummy_hcd.1-1/input0 [ 860.804036][ T11] megaworld 0003:07B5:0312.0003: no inputs found [ 861.047318][ T11] usb 2-1: USB disconnect, device number 16 [ 861.354667][T13030] loop3: detected capacity change from 0 to 1024 [ 861.441323][T13030] EXT4-fs: Ignoring removed orlov option [ 861.539075][T13030] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 861.800018][T13030] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 862.334286][T13030] EXT4-fs error (device loop3): ext4_check_all_de:659: inode #12: block 7: comm syz.3.3106: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0 [ 862.527843][T12830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 862.716318][T13040] loop4: detected capacity change from 0 to 32768 [ 862.760454][T13032] fido_id[13032]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 863.185340][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid device 255,noinodes_use_key_cache,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names [ 863.185542][T13040] allowing incompatible features above 0.0: (unknown version) [ 863.185629][T13040] features: lz4 [ 863.185694][T13040] with devices loop4 [ 863.236389][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 863.241959][T13055] netlink: 'syz.5.3110': attribute type 11 has an invalid length. [ 863.247715][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem [ 863.269538][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write [ 863.372678][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks [ 863.439324][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace [ 863.474753][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace [ 863.511694][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table [ 863.521572][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done [ 863.619151][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 863.685463][T13040] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem [ 864.083609][T13040] syz.4.3108 (13040) used greatest stack depth: 1216 bytes left [ 864.146316][ T5799] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down [ 864.161362][ T5799] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only [ 864.170026][ T5799] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop [ 864.281765][ T5799] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 3 [ 864.534242][ T5799] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 3 [ 864.683982][ T5799] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 4 [ 864.774698][ T5799] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean [ 865.081045][ T5799] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 865.839599][T13075] loop3: detected capacity change from 0 to 128 [ 865.956332][T13075] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 866.184908][T13075] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 866.477249][T13075] overlayfs: failed to create directory ./file0/work (errno: 28); mounting read-only [ 866.487664][T13075] overlayfs: failed to get uuid (/bus, err=-95); falling back to uuid=null. [ 866.920126][T13083] loop5: detected capacity change from 0 to 1024 [ 867.015365][T13083] EXT4-fs: Ignoring removed bh option [ 867.867201][T13083] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 868.064616][T13083] EXT4-fs warning (device loop5): ext4_resize_begin:72: won't resize using backup superblock at 1 [ 868.141136][T12830] veth0_vlan: entered promiscuous mode [ 868.321517][T12830] veth1_vlan: entered promiscuous mode [ 868.638415][T13091] loop3: detected capacity change from 0 to 4096 [ 868.695617][ T6704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 868.734421][T12830] veth0_macvtap: entered promiscuous mode [ 868.826438][T13091] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 868.970351][T12830] veth1_macvtap: entered promiscuous mode [ 869.346822][T12830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 869.562807][T12830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 869.692868][T12830] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 869.705120][T12830] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 869.714341][T12830] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 869.723720][T12830] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 870.002043][T13103] loop1: detected capacity change from 0 to 64 [ 871.005752][T13112] loop5: detected capacity change from 0 to 8 [ 871.434953][ T30] audit: type=1326 audit(1751192585.607:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 871.458174][ T30] audit: type=1326 audit(1751192585.607:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 871.773840][ T30] audit: type=1326 audit(1751192585.697:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 871.796990][ T30] audit: type=1326 audit(1751192585.697:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 871.820509][ T30] audit: type=1326 audit(1751192585.697:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 871.846878][ T30] audit: type=1326 audit(1751192585.697:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 871.879032][ T30] audit: type=1326 audit(1751192585.697:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 871.902090][ T30] audit: type=1326 audit(1751192585.697:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 871.925795][ T30] audit: type=1326 audit(1751192585.697:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 871.951566][ T30] audit: type=1326 audit(1751192585.697:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.1.3127" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608358e929 code=0x7ff00000 [ 873.131165][T13126] loop4: detected capacity change from 0 to 1024 [ 873.399982][T13126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 873.927088][T13131] loop1: detected capacity change from 0 to 32768 [ 874.035208][T13131] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3131 (13131) [ 874.386980][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 874.389421][T13131] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 874.389691][T13131] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm [ 874.395047][T13131] BTRFS info (device loop1): using free-space-tree [ 874.695127][T11971] BTRFS warning (device loop1): checksum verify failed on logical 1052672 mirror 1 wanted 0x11f3e929624b680852cd2754314153a53c00b22ae8936d589814e00d5ed09030 found 0x4b2ece389771b429904bd855fb67e8b948b43d5f8b50d348b79542b59c66ed27 level 0 [ 874.696750][T13131] BTRFS error (device loop1): failed to read chunk root [ 874.838461][T13131] BTRFS error (device loop1): open_ctree failed: -5 [ 876.458569][T13173] netlink: 96 bytes leftover after parsing attributes in process `syz.4.3137'. [ 876.853910][T13167] loop3: detected capacity change from 0 to 4096 [ 877.288551][T13167] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 877.378074][T13167] ntfs3(loop3): Failed to load $Extend (-22). [ 877.387513][T13167] ntfs3(loop3): Failed to initialize $Extend. [ 879.479257][T13195] loop3: detected capacity change from 0 to 32768 [ 879.789926][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid device 255,noinodes_use_key_cache,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names [ 879.790125][T13195] allowing incompatible features above 0.0: (unknown version) [ 879.790207][T13195] features: lz4 [ 879.790270][T13195] with devices loop3 [ 879.845168][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 879.859375][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem [ 879.888070][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write [ 879.982934][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks [ 880.053605][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace [ 880.090058][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace [ 880.137526][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table [ 880.146862][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done [ 880.334401][T13195] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem [ 881.163151][ T5802] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down [ 881.171394][ T5802] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only [ 881.179944][ T5802] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop [ 881.318939][ T5802] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 3 [ 881.534770][ T5802] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 3 [ 881.578788][ T5802] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 4 [ 881.600913][ T5802] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean [ 881.828520][ T5802] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 882.051112][T13232] loop4: detected capacity change from 0 to 64 [ 882.778041][T13236] loop5: detected capacity change from 0 to 2048 [ 882.947268][T13236] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 883.182568][T13242] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 884.063386][T11927] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 884.071588][T11927] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 884.436881][T11967] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 884.445356][T11967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 885.678141][T13262] loop5: detected capacity change from 0 to 256 [ 885.956663][T13263] loop6: detected capacity change from 0 to 512 [ 885.982328][T13259] loop1: detected capacity change from 0 to 32768 [ 886.191800][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid device 255,noinodes_use_key_cache,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names [ 886.191993][T13259] allowing incompatible features above 0.0: (unknown version) [ 886.192077][T13259] features: lz4 [ 886.193632][T13259] with devices loop1 [ 886.240033][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 886.251448][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem [ 886.280293][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write [ 886.394769][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks [ 886.455391][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace [ 886.495393][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace [ 886.530899][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table [ 886.540183][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done [ 886.691938][T13259] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem [ 886.703869][T13263] EXT4-fs (loop6): 1 orphan inode deleted [ 886.712919][T13263] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 886.766262][T11961] __quota_error: 21 callbacks suppressed [ 886.766352][T11961] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 886.790098][T11961] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:21: Failed to release dquot type 1 [ 886.845911][T13263] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 886.861517][T13262] FAT-fs (loop5): Directory bread(block 64) failed [ 886.869337][T13262] FAT-fs (loop5): Directory bread(block 65) failed [ 886.881792][T13262] FAT-fs (loop5): Directory bread(block 66) failed [ 886.892902][T13262] FAT-fs (loop5): Directory bread(block 67) failed [ 886.899885][T13262] FAT-fs (loop5): Directory bread(block 68) failed [ 886.911553][T13262] FAT-fs (loop5): Directory bread(block 69) failed [ 886.918765][T13262] FAT-fs (loop5): Directory bread(block 70) failed [ 886.925794][T13262] FAT-fs (loop5): Directory bread(block 71) failed [ 886.935891][T13262] FAT-fs (loop5): Directory bread(block 72) failed [ 886.942911][T13262] FAT-fs (loop5): Directory bread(block 73) failed [ 887.117726][T13263] EXT4-fs warning (device loop6): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed [ 887.210005][ T5807] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down [ 887.218389][ T5807] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only [ 887.226896][ T5807] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop [ 887.357712][ T5807] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 3 [ 887.643498][ T5807] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 3 [ 887.715610][ T5807] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 4 [ 887.784415][ T5807] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean [ 887.867599][T12830] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 888.002971][T13284] loop4: detected capacity change from 0 to 256 [ 888.083691][ T5807] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 888.225000][T13284] exfat: Deprecated parameter 'utf8' [ 888.511713][T13284] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 895.916794][T13374] loop6: detected capacity change from 0 to 256 [ 896.595513][T13374] FAT-fs (loop6): Directory bread(block 64) failed [ 896.603926][T13374] FAT-fs (loop6): Directory bread(block 65) failed [ 896.612771][T13374] FAT-fs (loop6): Directory bread(block 66) failed [ 896.619594][T13374] FAT-fs (loop6): Directory bread(block 67) failed [ 896.634905][T13374] FAT-fs (loop6): Directory bread(block 68) failed [ 896.641718][T13374] FAT-fs (loop6): Directory bread(block 69) failed [ 896.650286][T13374] FAT-fs (loop6): Directory bread(block 70) failed [ 896.660149][T13374] FAT-fs (loop6): Directory bread(block 71) failed [ 896.667406][T13374] FAT-fs (loop6): Directory bread(block 72) failed [ 896.674390][T13374] FAT-fs (loop6): Directory bread(block 73) failed [ 897.992984][ T11] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 898.226077][ T11] usb 2-1: New USB device found, idVendor=046d, idProduct=08b6, bcdDevice=ca.8e [ 898.236365][ T11] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 898.377290][ T11] pwc: Logitech/Cisco VT Camera webcam detected. [ 898.411846][T13401] loop3: detected capacity change from 0 to 1024 [ 898.556153][T13397] loop6: detected capacity change from 0 to 4096 [ 898.602887][T13392] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 898.617636][T13392] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 898.674726][T13401] hfsplus: request for non-existent node 16777216 in B*Tree [ 898.682637][T13401] hfsplus: request for non-existent node 16777216 in B*Tree [ 898.918825][ T11] pwc: send_video_command error -71 [ 898.927547][ T11] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 898.936840][ T11] Philips webcam 2-1:127.0: probe with driver Philips webcam failed with error -71 [ 898.951976][T13406] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 899.060635][T13408] loop5: detected capacity change from 0 to 24 [ 899.085506][ T11] usb 2-1: USB disconnect, device number 17 [ 899.149840][T13408] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 900.363349][T13422] random: crng reseeded on system resumption [ 900.524335][ T11] IPVS: starting estimator thread 0... [ 900.634733][T13426] IPVS: using max 192 ests per chain, 9600 per kthread [ 900.789768][T13428] loop1: detected capacity change from 0 to 64 [ 900.928635][T13416] loop5: detected capacity change from 0 to 4096 [ 901.786527][ T30] audit: type=1800 audit(1751192615.967:126): pid=13416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3211" name="file1" dev="loop5" ino=33 res=0 errno=0 [ 903.666390][T13460] loop5: detected capacity change from 0 to 16 [ 903.717365][T13460] erofs (device loop5): mounted with root inode @ nid 36. [ 903.802943][ T30] audit: type=1800 audit(1751192617.987:127): pid=13460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3227" name="file1" dev="loop5" ino=86 res=0 errno=0 [ 904.457701][T13468] loop1: detected capacity change from 0 to 256 [ 905.019344][T13466] loop6: detected capacity change from 0 to 32768 [ 905.292866][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid device 255,noinodes_use_key_cache,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names [ 905.293071][T13466] allowing incompatible features above 0.0: (unknown version) [ 905.293155][T13466] features: lz4 [ 905.293222][T13466] with devices loop6 [ 905.343973][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 905.356470][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem [ 905.379524][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write [ 905.471159][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 905.478599][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 905.513330][ T5805] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 905.526553][ T5805] Bluetooth: hci4: Injecting HCI hardware error event [ 905.535656][ T5805] Bluetooth: hci4: hardware error 0x00 [ 905.559099][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks [ 905.619934][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace [ 905.659750][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace [ 905.710284][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table [ 905.719905][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done [ 905.974518][T13466] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem [ 906.071481][T13490] loop1: detected capacity change from 0 to 256 [ 906.453204][T13490] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x72684843, utbl_chksum : 0xe619d30d) [ 906.517222][T12830] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down [ 906.525440][T12830] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only [ 906.535430][T12830] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop [ 906.617398][T12830] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 3 [ 906.974179][T12830] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 3 [ 907.056470][T12830] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 4 [ 907.115298][T12830] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean [ 907.300129][T12830] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 907.679834][ T5805] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 909.131559][T13519] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3246'. [ 909.878940][T13517] loop5: detected capacity change from 0 to 4096 [ 909.985852][T13517] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512). [ 910.611443][T13517] ntfs3(loop5): ino=1a, mi_enum_attr [ 910.620410][T13517] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 911.734432][ T3466] ntfs3(loop5): ino=1e, ntfs3_write_inode failed, -22. [ 913.664118][T13558] loop3: detected capacity change from 0 to 512 [ 913.763651][ T5881] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 913.891190][T13558] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 914.013201][T13558] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.3259: invalid indirect mapped block 2683928664 (level 1) [ 914.016698][ T5881] usb 6-1: Using ep0 maxpacket: 8 [ 914.100819][T13558] EXT4-fs (loop3): Remounting filesystem read-only [ 914.150553][ T5881] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 914.160875][ T5881] usb 6-1: config 179 has no interface number 0 [ 914.167852][ T5881] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 914.179532][ T5881] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 914.191270][ T5881] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 914.203342][ T5881] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 914.215348][ T5881] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 914.233082][ T5881] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 914.244341][ T5881] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 914.253015][T13558] EXT4-fs (loop3): 1 truncate cleaned up [ 914.261136][T13558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 914.473922][T13558] EXT4-fs (loop3): Quota file not on filesystem root. Journaled quota will not work [ 914.847585][T13559] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 915.325431][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 915.426734][T13559] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 915.437399][T13559] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 916.064821][ T11] usb 6-1: USB disconnect, device number 12 [ 916.064820][ C1] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 916.065014][ C1] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 916.088814][T13583] rdma_op ffff88804c5b0180 conn xmit_rdma 0000000000000000 [ 917.663374][T13600] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3273'. [ 917.850453][T13605] loop4: detected capacity change from 0 to 47 [ 918.051496][T13606] ptrace attach of "./syz-executor exec"[12830] was attempted by ""[13606] [ 919.123907][T13618] netlink: 'syz.6.3280': attribute type 1 has an invalid length. [ 919.132053][T13618] netlink: 244 bytes leftover after parsing attributes in process `syz.6.3280'. [ 923.245818][T12527] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 923.537653][T12527] usb 7-1: New USB device found, idVendor=1d50, idProduct=6089, bcdDevice=d0.1d [ 923.550705][T12527] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=16 [ 923.560478][T12527] usb 7-1: SerialNumber: syz [ 923.610996][T13674] loop5: detected capacity change from 0 to 1024 [ 923.700186][T12527] usb 7-1: config 0 descriptor?? [ 923.890559][T13674] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 924.001369][T13683] loop1: detected capacity change from 0 to 128 [ 924.125199][T13683] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 924.153794][T12527] hackrf 7-1:0.0: Board ID: 00 [ 924.164166][T12527] hackrf 7-1:0.0: Firmware version:  [ 924.219656][T13683] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 924.220292][T12527] hackrf 7-1:0.0: Registered as swradio24 [ 924.238614][T12527] videodev: could not get a free minor [ 924.248511][T12527] hackrf 7-1:0.0: Failed to register as video device (-23) [ 924.376344][T13683] EXT4-fs error (device loop1): __ext4_find_entry:1626: inode #2: comm syz.1.3303: checksumming directory block 0 [ 924.574734][T12527] hackrf 7-1:0.0: probe with driver hackrf failed with error -23 [ 924.664368][T12527] usb 7-1: USB disconnect, device number 2 [ 924.756795][ T5807] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 924.816658][ T6704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 924.843283][ T30] audit: type=1326 audit(1751192638.987:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.4.3305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee8138e929 code=0x7ffc0000 [ 924.869322][ T30] audit: type=1326 audit(1751192638.987:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.4.3305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee8138e929 code=0x7ffc0000 [ 925.060217][ T30] audit: type=1326 audit(1751192639.137:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.4.3305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fee8138e929 code=0x7ffc0000 [ 925.087400][ T30] audit: type=1326 audit(1751192639.137:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.4.3305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee8138e929 code=0x7ffc0000 [ 925.111496][ T30] audit: type=1326 audit(1751192639.167:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.4.3305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7fee8138e929 code=0x7ffc0000 [ 925.134902][ T30] audit: type=1326 audit(1751192639.167:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13687 comm="syz.4.3305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee8138e929 code=0x7ffc0000 [ 925.436941][T13693] netlink: 'syz.3.3308': attribute type 4 has an invalid length. [ 925.446627][T13693] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.3308'. [ 925.929779][T13698] loop5: detected capacity change from 0 to 128 [ 926.223724][T13698] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 926.337658][T13698] ext4 filesystem being mounted at /582/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 927.137430][ T6704] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 928.101618][T13728] loop4: detected capacity change from 0 to 1024 [ 928.396344][T13728] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 928.409087][T13721] loop5: detected capacity change from 0 to 4096 [ 928.409394][T13728] ext4 filesystem being mounted at /668/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 928.629506][ T30] audit: type=1800 audit(1751192642.807:134): pid=13728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3318" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 929.211275][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 930.157172][T13751] sctp: [Deprecated]: syz.3.3326 (pid 13751) Use of struct sctp_assoc_value in delayed_ack socket option. [ 930.157172][T13751] Use struct sctp_sack_info instead [ 930.632020][T13753] loop5: detected capacity change from 0 to 512 [ 930.715617][T13753] EXT4-fs: Ignoring removed bh option [ 930.722896][T13753] EXT4-fs: Ignoring removed mblk_io_submit option [ 930.729901][T13753] EXT4-fs: Ignoring removed nobh option [ 931.052904][T13749] loop6: detected capacity change from 0 to 4096 [ 931.112063][T13753] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 931.130848][T13753] ext4 filesystem being mounted at /584/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 931.152769][T13749] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 931.196919][T13759] loop4: detected capacity change from 0 to 512 [ 931.275052][T13759] EXT4-fs: Ignoring removed bh option [ 931.342724][T13759] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 931.516984][T13759] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.3328: corrupted in-inode xattr: bad e_name length [ 931.639604][T13759] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.3328: couldn't read orphan inode 15 (err -117) [ 931.697697][T13759] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 931.785609][T13749] ntfs3(loop6): ino=19, mi_enum_attr [ 931.791278][T13749] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 932.003417][ T6704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 932.023691][T13749] ntfs3(loop6): failed to convert "c46c" to cp857 [ 932.093618][T13749] ntfs3(loop6): ino=20, mi_enum_attr [ 932.143165][T13749] ntfs3(loop6): ino=1e, mi_enum_attr [ 932.623539][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 932.746491][T13776] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3331'. [ 933.570303][T13781] IPVS: dh: TCP 172.20.20.170:0 - no destination available [ 933.805336][T13779] loop1: detected capacity change from 0 to 32768 [ 933.815855][T13779] XFS: ikeep mount option is deprecated. [ 933.881516][T13779] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 934.750494][T13779] XFS (loop1): Ending clean mount [ 934.848222][T13779] XFS (loop1): Quotacheck needed: Please wait. [ 935.058137][T13779] XFS (loop1): Quotacheck: Done. [ 935.215614][ T5807] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 935.288046][T13800] loop3: detected capacity change from 0 to 512 [ 935.379715][T13800] EXT4-fs: Ignoring removed oldalloc option [ 935.407331][T13800] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 935.791836][T13800] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2856c018, mo2=0002] [ 935.868071][T13800] System zones: 1-3, 19-19, 35-38 [ 936.055192][T13800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 936.068554][T13800] ext4 filesystem being mounted at /675/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 936.438544][T13804] loop4: detected capacity change from 0 to 32768 [ 936.456475][T13804] XFS: ikeep mount option is deprecated. [ 936.582564][T13804] XFS (loop4): Metadata CRC error detected at xfs_sb_read_verify+0x5c7/0x640, xfs_sb_quiet block 0x0 [ 936.597230][T13804] XFS (loop4): Unmount and run xfs_repair [ 936.604823][T13804] XFS (loop4): First 128 bytes of corrupted metadata buffer: [ 936.612709][T13804] 00000000: 58 46 53 42 00 00 08 00 00 00 00 00 00 00 20 00 XFSB.......... . [ 936.621870][T13804] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 936.634255][T13804] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 936.643721][T13804] 00000030: 00 00 00 00 00 00 00 20 00 00 00 00 00 00 24 40 ....... ......$@ [ 936.658568][T13804] 00000040: 00 00 00 00 00 00 24 41 00 00 00 00 00 00 24 42 ......$A......$B [ 936.670728][T13804] 00000050: 00 00 00 01 00 00 20 00 00 00 00 01 00 00 00 00 ...... ......... [ 936.680084][T13804] 00000060: 00 00 12 00 b4 b5 02 00 04 00 00 02 00 00 00 00 ................ [ 936.689440][T13804] 00000070: 00 00 00 00 00 00 00 00 0b 09 0a 01 0d 00 00 32 ...............2 [ 937.147918][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 941.178602][T13853] loop4: detected capacity change from 0 to 32768 [ 941.264491][T13853] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 941.281293][T13853] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 941.343338][T13861] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3358'. [ 941.444317][T13853] gfs2: fsid=syz:syz.s: fatal: filesystem consistency error - inode = 1 19, function = gfs2_jdesc_check, file = fs/gfs2/super.c, line = 119 [ 941.461956][T13853] gfs2: fsid=syz:syz.s: G: s:SH n:2/13 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:6 [ 941.476037][T13853] gfs2: fsid=syz:syz.s: H: s:SH f:eEcH e:0 p:13853 [syz.4.3355] init_journal+0x332e/0x3a30 [ 941.493291][T13853] gfs2: fsid=syz:syz.s: I: n:1/19 t:8 f:0x00 d:0x00000200 s:50331648 p:0 [ 941.503577][T13853] gfs2: fsid=syz:syz.s: about to withdraw this file system [ 941.511044][T13853] gfs2: fsid=syz:syz.s: Journal recovery skipped for jid 0 until next mount. [ 941.523378][T13853] gfs2: fsid=syz:syz.s: Glock dequeues delayed: 0 [ 941.530999][T13853] gfs2: fsid=syz:syz.s: File system withdrawn [ 941.537508][T13853] CPU: 0 UID: 0 PID: 13853 Comm: syz.4.3355 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(undef) [ 941.537671][T13853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 941.537773][T13853] Call Trace: [ 941.537833][T13853] [ 941.537887][T13853] __dump_stack+0x26/0x30 [ 941.538087][T13853] dump_stack_lvl+0x1df/0x270 [ 941.538296][T13853] dump_stack+0x1e/0x25 [ 941.538476][T13853] gfs2_withdraw+0x1d26/0x22e0 [ 941.538765][T13853] gfs2_consist_inode_i+0x1b2/0x250 [ 941.538948][T13853] gfs2_jdesc_check+0x170/0x440 [ 941.539146][T13853] check_journal_clean+0x1b6/0x4c0 [ 941.539379][T13853] ? init_journal+0x332e/0x3a30 [ 941.539538][T13853] ? kmsan_get_metadata+0xfb/0x160 [ 941.539756][T13853] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 941.539994][T13853] init_journal+0x332e/0x3a30 [ 941.540192][T13853] ? init_inodes+0x124/0x510 [ 941.540357][T13853] ? init_inodes+0x124/0x510 [ 941.540516][T13853] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 941.540749][T13853] init_inodes+0x124/0x510 [ 941.540915][T13853] gfs2_fill_super+0x384a/0x3f50 [ 941.541083][T13853] ? init_locking+0xed/0x500 [ 941.541282][T13853] get_tree_bdev_flags+0x6e6/0x920 [ 941.541507][T13853] ? __pfx_gfs2_fill_super+0x10/0x10 [ 941.541673][T13853] ? __pfx_gfs2_fill_super+0x10/0x10 [ 941.541831][T13853] ? __pfx_gfs2_get_tree+0x10/0x10 [ 941.541991][T13853] get_tree_bdev+0x38/0x50 [ 941.542205][T13853] gfs2_get_tree+0x57/0x350 [ 941.542372][T13853] ? __pfx_gfs2_get_tree+0x10/0x10 [ 941.542529][T13853] vfs_get_tree+0xb3/0x5c0 [ 941.542744][T13853] ? mount_capable+0x99/0x100 [ 941.542937][T13853] do_new_mount+0x738/0x1610 [ 941.543150][T13853] ? kmsan_get_metadata+0xfb/0x160 [ 941.543372][T13853] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 941.543623][T13853] path_mount+0x6db/0x1e90 [ 941.543837][T13853] ? user_path_at+0x32d/0x3d0 [ 941.544041][T13853] __se_sys_mount+0x6eb/0x7d0 [ 941.544263][T13853] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 941.544490][T13853] __x64_sys_mount+0xe4/0x150 [ 941.544721][T13853] x64_sys_call+0xfa7/0x3db0 [ 941.544932][T13853] do_syscall_64+0xd9/0x210 [ 941.545098][T13853] ? irqentry_exit+0x16/0x60 [ 941.545314][T13853] ? clear_bhb_loop+0x40/0x90 [ 941.545494][T13853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 941.545682][T13853] RIP: 0033:0x7fee813900ca [ 941.545811][T13853] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 941.545946][T13853] RSP: 002b:00007fee82204e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 941.546089][T13853] RAX: ffffffffffffffda RBX: 00007fee82204ef0 RCX: 00007fee813900ca [ 941.546198][T13853] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fee82204eb0 [ 941.546314][T13853] RBP: 0000200000000400 R08: 00007fee82204ef0 R09: 0000000000200001 [ 941.546421][T13853] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500 [ 941.546522][T13853] R13: 00007fee82204eb0 R14: 00000000000125bb R15: 0000200000000180 [ 941.546654][T13853] [ 941.855494][T13853] gfs2: fsid=syz:syz.s: Error checking journal for spectator mount. [ 943.747215][T13877] loop1: detected capacity change from 0 to 32768 [ 943.887434][T13877] XFS (loop1): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 943.948467][T13877] XFS (loop1): Log size 624 blocks too small, minimum size is 816 blocks [ 943.957451][T13877] XFS (loop1): AAIEEE! Log failed size checks. Abort! [ 943.981345][T13877] XFS (loop1): log mount failed [ 944.295694][ T30] audit: type=1800 audit(1751192658.477:135): pid=13893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3365" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 945.126753][T13895] sctp: failed to load transform for md5: -2 [ 945.358633][ T1857] wlan1: Trigger new scan to find an IBSS to join [ 946.337132][T13916] nbd: must specify a size in bytes for the device [ 946.630784][T13925] loop1: detected capacity change from 0 to 128 [ 947.191427][T13920] loop4: detected capacity change from 0 to 4096 [ 947.629040][T13932] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3378'. [ 948.999676][T13946] loop3: detected capacity change from 0 to 512 [ 949.075864][T13946] EXT4-fs: Ignoring removed i_version option [ 949.378252][T13946] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 949.391456][T13946] ext4 filesystem being mounted at /684/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 949.855863][T12527] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 950.053144][T12527] usb 7-1: Using ep0 maxpacket: 32 [ 950.104883][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 950.119448][T12527] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 950.134597][T12527] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 950.144953][T12527] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 950.154641][T12527] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 950.313135][T11971] wlan1: Trigger new scan to find an IBSS to join [ 950.358106][T12527] usb 7-1: config 0 descriptor?? [ 950.417127][T12527] hub 7-1:0.0: USB hub found [ 950.603151][T12527] hub 7-1:0.0: 1 port detected [ 950.803761][T12527] hub 7-1:0.0: hub_hub_status failed (err = -71) [ 950.810441][T12527] hub 7-1:0.0: config failed, can't get hub status (err -71) [ 950.963249][T12527] usbhid 7-1:0.0: can't add hid device: -71 [ 950.970008][T12527] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 951.170353][T12527] usb 7-1: USB disconnect, device number 3 [ 951.279003][T13969] loop3: detected capacity change from 0 to 1024 [ 951.328919][T13974] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3393'. [ 951.457604][ T1857] wlan1: Creating new IBSS network, BSSID ae:9f:cd:af:94:85 [ 951.506392][T13969] EXT4-fs: inline encryption not supported [ 951.514629][T13969] EXT4-fs: Ignoring removed i_version option [ 951.678557][T13969] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 952.146928][T13969] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.3390: lblock 2 mapped to illegal pblock 2 (length 1) [ 952.293031][T13969] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 952.301542][T13969] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.3390: lblock 0 mapped to illegal pblock 48 (length 1) [ 952.393148][T13969] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 952.402633][T13969] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3390: Failed to acquire dquot type 0 [ 952.506812][T13969] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 952.591808][T13993] loop1: detected capacity change from 0 to 256 [ 952.630387][T13969] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.3390: mark_inode_dirty error [ 952.691602][T13969] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 952.702879][T13969] EXT4-fs (loop3): 1 orphan inode deleted [ 952.711097][T13969] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 952.773163][T11964] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:22: lblock 1 mapped to illegal pblock 1 (length 1) [ 952.838123][T11964] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 952.850151][T11964] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:22: Failed to release dquot type 0 [ 953.810751][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 953.826372][T13997] loop6: detected capacity change from 0 to 32768 [ 953.853344][T13997] Mount JFS Failure: -22 [ 953.863383][T13997] jfs_mount failed w/return code = -22 [ 954.018847][ T5802] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 954.135563][ T5802] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 954.238205][ T5802] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 954.933061][T14011] pimreg: entered allmulticast mode [ 955.984875][T14024] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3406'. [ 956.613652][T14031] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3409'. [ 956.850585][T14036] netlink: 332 bytes leftover after parsing attributes in process `syz.5.3411'. [ 956.860563][T14036] netlink: 'syz.5.3411': attribute type 9 has an invalid length. [ 956.868774][T14036] netlink: 108 bytes leftover after parsing attributes in process `syz.5.3411'. [ 956.878409][T14036] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3411'. [ 957.719285][T14044] loop1: detected capacity change from 0 to 256 [ 957.841173][T14046] loop5: detected capacity change from 0 to 256 [ 957.861313][T14044] exfat: Deprecated parameter 'utf8' [ 957.867449][T14044] exfat: Deprecated parameter 'utf8' [ 958.080197][T14042] loop4: detected capacity change from 0 to 32768 [ 958.091455][T14042] bcachefs: bch2_fs_parse_param() Error parsing option fsck_memory_usage_percent: option_value [ 958.221528][T14044] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001047b, chksum : 0x3ced02ab, utbl_chksum : 0xe619d30d) [ 959.641963][T14059] loop6: detected capacity change from 0 to 512 [ 959.678812][T14059] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 959.946121][T14059] EXT4-fs (loop6): 1 truncate cleaned up [ 959.954636][T14059] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 960.755447][T12830] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 961.730119][T14078] loop4: detected capacity change from 0 to 1024 [ 962.372390][ T30] audit: type=1326 audit(1751192676.547:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14084 comm="syz.1.3430" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f608358e929 code=0x0 [ 963.290713][T14099] loop4: detected capacity change from 0 to 1024 [ 963.554270][T14099] hfsplus: bad catalog entry type [ 964.040042][ T4211] hfsplus: b-tree write err: -5, ino 4 [ 964.508531][T14113] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3439'. [ 964.546117][T14113] bridge0: port 3(macvlan2) entered blocking state [ 964.554999][T14113] bridge0: port 3(macvlan2) entered disabled state [ 964.562511][T14113] macvlan2: entered allmulticast mode [ 964.568175][T14113] bridge0: entered allmulticast mode [ 964.675680][T14113] macvlan2: left allmulticast mode [ 964.681315][T14113] bridge0: left allmulticast mode [ 965.869508][T14124] loop3: detected capacity change from 0 to 32768 [ 965.895760][T14124] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3443 (14124) [ 965.933659][T14124] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 965.949964][T14124] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm [ 965.961443][T14124] BTRFS error (device loop3): nologreplay must be used with ro mount option [ 965.970538][T14124] BTRFS error (device loop3): cannot disable free-space-tree [ 965.979449][T14124] BTRFS error (device loop3): open_ctree failed: -22 [ 966.729094][T14132] loop1: detected capacity change from 0 to 1024 [ 966.867748][T14136] loop6: detected capacity change from 0 to 512 [ 966.912496][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 966.919246][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 967.006975][T14136] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 967.170701][ T30] audit: type=1800 audit(1751192681.347:137): pid=14132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3446" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 967.237621][T14136] EXT4-fs (loop6): 1 truncate cleaned up [ 967.246820][T14136] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 968.151712][T12830] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 968.219530][T14157] loop4: detected capacity change from 0 to 128 [ 968.321701][T14157] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 968.545125][T14157] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 968.686920][T14157] ext2 filesystem being mounted at /695/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 969.007593][ T30] audit: type=1800 audit(1751192683.187:138): pid=14157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3454" name="file1" dev="loop4" ino=12 res=0 errno=0 [ 969.437809][T14167] loop1: detected capacity change from 0 to 1024 [ 969.635055][ T5799] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 970.303522][ T5881] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 970.422552][ T11] kernel write not supported for file /1427/timerslack_ns (pid: 11 comm: kworker/0:1) [ 970.595437][ T5881] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 970.606997][ T5881] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 970.618593][ T5881] usb 7-1: New USB device found, idVendor=0c70, idProduct=f00d, bcdDevice= 0.00 [ 970.628235][ T5881] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 970.869887][ T30] audit: type=1326 audit(1751192685.037:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14178 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 970.893633][ T30] audit: type=1326 audit(1751192685.047:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14178 comm="syz.3.3464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 970.936299][ T5881] usb 7-1: config 0 descriptor?? [ 971.523200][ T5881] aquacomputer_d5next 0003:0C70:F00D.0004: unknown main item tag 0x0 [ 971.531704][ T5881] aquacomputer_d5next 0003:0C70:F00D.0004: unknown main item tag 0x0 [ 971.540476][ T5881] aquacomputer_d5next 0003:0C70:F00D.0004: unknown main item tag 0x0 [ 971.549046][ T5881] aquacomputer_d5next 0003:0C70:F00D.0004: unknown main item tag 0x0 [ 971.558403][ T5881] aquacomputer_d5next 0003:0C70:F00D.0004: unknown main item tag 0x0 [ 971.819651][ T5881] aquacomputer_d5next 0003:0C70:F00D.0004: hidraw0: USB HID v0.00 Device [HID 0c70:f00d] on usb-dummy_hcd.6-1/input0 [ 972.155568][ T5881] usb 7-1: USB disconnect, device number 4 [ 972.896180][T14194] fido_id[14194]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 974.243506][T14210] loop5: detected capacity change from 0 to 32768 [ 974.588351][T14210] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=xxhash,data_checksum=xxhash,compression=lz4,str_hash=crc64,norecovery,reconstruct_alloc [ 974.588494][T14210] allowing incompatible features above 0.0: (unknown version) [ 974.588591][T14210] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 974.638741][T14210] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0 [ 974.653322][T14210] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 974.662635][T14210] bcachefs (loop5): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete [ 974.662635][T14210] Doing compatible version upgrade from 1.19: autofix_errors to 1.28: inode_has_case_insensitive [ 974.662635][T14210] running recovery passes: check_extents_to_backpointers,check_inodes [ 974.693988][T14210] bcachefs (loop5): dropping and reconstructing all alloc info [ 974.764528][T14210] bcachefs (loop5): invalid bkey in btree_node btree=inodes level=0: u64s 18 type inode_v3 0:4098:U32_MAX len 0 ver 0: [ 974.764645][T14210] mode=0 [ 974.764712][T14210] flags=(15300000) [ 974.764778][T14210] journal_seq=4 [ 974.764846][T14210] hash_seed=ece93825deac2443 [ 974.764918][T14210] hash_type=siphash [ 974.765001][T14210] bi_size=0 [ 974.765063][T14210] bi_sectors=0 [ 974.765133][T14210] bi_version=0 [ 974.765200][T14210] bi_atime=2770562249 [ 974.765273][T14210] bi_ctime=2780562352 [ 974.765342][T14210] bi_mtime=2780562352 [ 974.765412][T14210] bi_otime=2770562249 [ 974.765481][T14210] bi_uid=0 [ 974.765544][T14210] bi_gid=0 [ 974.765614][T14210] bi_nlink=0 [ 974.765680][T14210] bi_generation=0 [ 974.765746][T14210] bi_dev=0 [ 974.765812][T14210] bi_data_checksum=0 [ 974.765877][T14210] bi_compression=0 [ 974.765951][T14210] bi_project=0 [ 974.766018][T14210] bi_background_compression=0 [ 974.766084][T14210] bi_data_replicas=0 [ 974.766154][T14210] bi_promote_target=0 [ 974.766224][T14210] bi_foreground_target=0 [ 974.766296][T14210] bi_background_target=0 [ 974.766365][T14210] bi_erasure_code=0 [ 974.766432][T14210] bi_fields_set=0 [ 974.766498][T14210] bi_dir=4096 [ 974.766566][T14210] bi_dir_offset=189491840996961599 [ 974.766661][T14210] bi_subvol=0 [ 974.766725][T14210] bi_parent_subvol=0 [ 974.766794][T14210] bi_nocow=0 [ 974.766859][T14210] bi_depth=0 [ 974.766929][T14210] bi_inodes_32bit=0 [ 974.767003][T14210] bi_casefold=0 [ 974.767074][T14210] invalid fields_start (got 18, min 6 max 13), deleting [ 974.850365][T14223] program syz.6.3475 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 975.033967][T14225] loop3: detected capacity change from 0 to 128 [ 975.118422][T14225] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 975.188697][T14210] bcachefs (loop5): accounting_read... done [ 975.205986][T14210] bcachefs (loop5): alloc_read... done [ 975.214229][T14210] bcachefs (loop5): snapshots_read... done [ 975.222862][T14210] bcachefs (loop5): Fixed errors, running fsck a second time to verify fs is clean [ 975.235060][T14210] bcachefs (loop5): done starting filesystem [ 975.422539][ T6704] bcachefs (loop5): shutting down [ 975.628202][ T6704] bcachefs (loop5): shutdown complete [ 976.857871][ T5153] udevd[5153]: worker [6053] terminated by signal 33 (Unknown signal 33) [ 976.936005][ T5153] udevd[5153]: worker [6053] failed while handling '/devices/virtual/block/loop5' [ 978.422205][ T5881] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 978.643319][ T5881] usb 7-1: Using ep0 maxpacket: 32 [ 978.681275][ T5881] usb 7-1: config 0 has an invalid interface number: 2 but max is 0 [ 978.690555][ T5881] usb 7-1: config 0 has no interface number 0 [ 978.698726][ T5881] usb 7-1: config 0 interface 2 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 978.710320][ T5881] usb 7-1: config 0 interface 2 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0 [ 978.721021][ T5881] usb 7-1: config 0 interface 2 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 978.734281][ T5881] usb 7-1: config 0 interface 2 has no altsetting 0 [ 978.745258][ T5881] usb 7-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00 [ 978.756504][ T5881] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 978.990355][ T5881] usb 7-1: config 0 descriptor?? [ 979.501809][ T5881] uclogic 0003:5543:0781.0005: unknown main item tag 0x0 [ 979.509380][ T5881] uclogic 0003:5543:0781.0005: unknown main item tag 0x0 [ 979.517495][ T5881] uclogic 0003:5543:0781.0005: unknown main item tag 0x0 [ 979.526359][ T5881] uclogic 0003:5543:0781.0005: unknown main item tag 0x0 [ 979.533832][ T5881] uclogic 0003:5543:0781.0005: unknown main item tag 0x0 [ 979.541223][ T5881] uclogic 0003:5543:0781.0005: unknown main item tag 0x0 [ 979.548837][ T5881] uclogic 0003:5543:0781.0005: unknown main item tag 0x0 [ 979.878305][ T5881] uclogic 0003:5543:0781.0005: hidraw0: USB HID v0.07 Device [HID 5543:0781] on usb-dummy_hcd.6-1/input2 [ 980.004408][ T5881] usb 7-1: USB disconnect, device number 5 [ 980.157106][T14253] netlink: 'syz.1.3488': attribute type 16 has an invalid length. [ 980.166485][T14253] netlink: 'syz.1.3488': attribute type 3 has an invalid length. [ 980.179581][T14253] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.3488'. [ 981.321830][T14256] loop4: detected capacity change from 0 to 40427 [ 981.336737][T14256] F2FS-fs (loop4): build fault injection rate: 16 [ 981.344550][T14256] F2FS-fs (loop4): build fault injection type: 0x12d9e [ 981.358392][T14256] F2FS-fs (loop4): invalid crc value [ 981.434693][T14256] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of build_curseg+0x272e/0x4180 [ 981.448977][T14256] F2FS-fs (loop4): inject kvmalloc in f2fs_kvmalloc of f2fs_build_segment_manager+0x53a7/0x54d0 [ 981.460099][T14256] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-12) [ 981.468127][T14255] fido_id[14255]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 981.524577][ T1857] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 982.825492][ T11] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 983.065959][ T11] usb 7-1: Using ep0 maxpacket: 32 [ 983.156867][ T11] usb 7-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 983.167027][ T11] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 983.175917][ T11] usb 7-1: Product: syz [ 983.180347][ T11] usb 7-1: Manufacturer: syz [ 983.188053][ T11] usb 7-1: SerialNumber: syz [ 983.326602][ T11] usb 7-1: config 0 descriptor?? [ 983.496486][ T11] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 984.082488][ T11] gspca_ov534_9: reg_w failed -71 [ 984.392704][ T11] gspca_ov534_9: Unknown sensor 0000 [ 984.393094][ T11] ov534_9 7-1:0.0: probe with driver ov534_9 failed with error -22 [ 984.499407][ T11] usb 7-1: USB disconnect, device number 6 [ 985.084317][T14294] loop4: detected capacity change from 0 to 512 [ 985.216650][T14294] EXT4-fs (loop4): Test dummy encryption mode enabled [ 985.343741][T14294] EXT4-fs error (device loop4): __ext4_iget:5379: inode #11: block 1: comm syz.4.3504: invalid block [ 985.426369][T14300] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3508'. [ 985.435966][T14300] netlink: 152 bytes leftover after parsing attributes in process `syz.3.3508'. [ 985.472911][T14294] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.3504: couldn't read orphan inode 11 (err -117) [ 985.523569][T14300] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check. [ 985.608131][T14294] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 986.179006][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 986.396083][ T5881] kernel write not supported for file /snd/midiC2D0 (pid: 5881 comm: kworker/1:5) [ 986.956443][T14317] netlink: 64 bytes leftover after parsing attributes in process `syz.5.3514'. [ 987.971765][T14333] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3522'. [ 987.999418][ T30] audit: type=1326 audit(1751192702.177:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14330 comm="syz.6.3521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f3658e929 code=0x7ffc0000 [ 988.123194][ T30] audit: type=1326 audit(1751192702.217:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14330 comm="syz.6.3521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f7f3658e929 code=0x7ffc0000 [ 988.146644][ T30] audit: type=1326 audit(1751192702.217:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14330 comm="syz.6.3521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f3658e929 code=0x7ffc0000 [ 988.385845][T14335] loop5: detected capacity change from 0 to 64 [ 989.073708][ T5881] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 989.299157][ T5881] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 989.310883][ T5881] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 989.321450][ T5881] usb 7-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00 [ 989.331005][ T5881] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 989.434454][ T5881] usb 7-1: config 0 descriptor?? [ 989.614153][T14353] loop4: detected capacity change from 0 to 16 [ 989.727466][T14353] erofs (device loop4): mounted with root inode @ nid 36. [ 990.032033][ T5881] magicmouse 0003:05AC:0265.0006: unbalanced delimiter at end of report description [ 990.169112][ T5881] magicmouse 0003:05AC:0265.0006: magicmouse hid parse failed [ 990.177429][ T5881] magicmouse 0003:05AC:0265.0006: probe with driver magicmouse failed with error -22 [ 990.324018][ T5881] usb 7-1: USB disconnect, device number 7 [ 990.437809][T14359] loop3: detected capacity change from 0 to 22 [ 990.506663][T14359] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 991.487886][T14370] loop3: detected capacity change from 0 to 2048 [ 991.571154][T14371] loop6: detected capacity change from 0 to 2048 [ 991.635182][T14370] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 991.880911][T14378] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 992.286527][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 992.836903][T14391] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3545'. [ 993.152766][ T5881] usb 7-1: new low-speed USB device number 8 using dummy_hcd [ 993.379040][ T5881] usb 7-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 993.393763][ T5881] usb 7-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0 [ 993.405251][ T5881] usb 7-1: config 0 interface 0 has no altsetting 0 [ 993.412397][ T5881] usb 7-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00 [ 993.421742][ T5881] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 993.609323][ T5881] usb 7-1: config 0 descriptor?? [ 994.184248][ T5881] holtek_mouse 0003:04D9:A067.0007: bogus close delimiter [ 994.191714][ T5881] holtek_mouse 0003:04D9:A067.0007: item 0 2 2 10 parsing failed [ 994.310716][ T5881] holtek_mouse 0003:04D9:A067.0007: hid parse failed: -22 [ 994.320040][ T5881] holtek_mouse 0003:04D9:A067.0007: probe with driver holtek_mouse failed with error -22 [ 994.422806][ T5881] usb 7-1: USB disconnect, device number 8 [ 996.545449][T14427] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0 [ 998.364264][T14450] tmpfs: User quota inode hardlimit too large. [ 998.474112][T14451] tipc: Enabling of bearer rejected, failed to enable media [ 999.544781][T14465] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3581'. [ 999.575021][T14465] vlan3: entered promiscuous mode [ 999.580349][T14465] gretap0: entered promiscuous mode [ 999.868733][T14470] loop1: detected capacity change from 0 to 1024 [ 1000.163440][ T30] audit: type=1800 audit(1751192714.337:144): pid=14470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3583" name="file1" dev="loop1" ino=20 res=0 errno=0 [ 1000.276551][T14472] loop6: detected capacity change from 0 to 2048 [ 1000.427236][T14472] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1000.774816][T12830] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1002.251897][T14500] loop5: detected capacity change from 0 to 16 [ 1002.324137][T14500] erofs (device loop5): mounted with root inode @ nid 36. [ 1002.574841][T14494] loop1: detected capacity change from 0 to 4096 [ 1002.639619][T14494] ntfs3(loop1): It is recommened to use chkdsk. [ 1002.693018][T14494] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1002.707078][T14494] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1002.721182][T14494] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1002.730695][T14494] ntfs3(loop1): try to read out of volume at offset 0x3fffffc0c00 [ 1002.739253][T14494] ntfs3(loop1): try to read out of volume at offset 0x3fffffc1c00 [ 1002.750513][T14494] ntfs3(loop1): try to read out of volume at offset 0x3fffffc2c00 [ 1002.759059][T14494] ntfs3(loop1): try to read out of volume at offset 0x3fffffc4c00 [ 1002.767485][T14494] ntfs3(loop1): try to read out of volume at offset 0x3fffffc8c00 [ 1002.778786][T14494] ntfs3(loop1): try to read out of volume at offset 0x3fffffd0c00 [ 1002.861565][ T30] audit: type=1326 audit(1751192717.027:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14501 comm="syz.6.3598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f3658e929 code=0x7ffc0000 [ 1003.066209][ T30] audit: type=1326 audit(1751192717.087:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14501 comm="syz.6.3598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f7f3658e929 code=0x7ffc0000 [ 1003.089480][ T30] audit: type=1326 audit(1751192717.087:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14501 comm="syz.6.3598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7f3658e929 code=0x7ffc0000 [ 1004.138183][ T11] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 1004.301152][T14514] loop1: detected capacity change from 0 to 1024 [ 1004.345901][ T11] usb 7-1: Using ep0 maxpacket: 16 [ 1004.389499][ T11] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1004.404102][ T11] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1004.414411][ T11] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1004.427875][ T11] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1004.440288][ T11] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1004.685629][ T11] usb 7-1: config 0 descriptor?? [ 1004.998820][T14519] loop5: detected capacity change from 0 to 512 [ 1005.119652][T11967] hfsplus: b-tree write err: -5, ino 4 [ 1005.135875][T14519] EXT4-fs: inline encryption not supported [ 1005.203272][ T11] microsoft 0003:045E:07DA.0008: item 0 4 0 9 parsing failed [ 1005.230031][ T11] microsoft 0003:045E:07DA.0008: parse failed [ 1005.237526][ T11] microsoft 0003:045E:07DA.0008: probe with driver microsoft failed with error -22 [ 1005.388744][T14519] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13 [ 1005.448938][ T11] usb 7-1: USB disconnect, device number 9 [ 1005.462950][T14519] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.3605: attempt to clear invalid blocks 2 len 1 [ 1005.563360][T14519] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1005.582951][T14519] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.3605: invalid indirect mapped block 1819239214 (level 0) [ 1005.690284][T14519] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.3605: invalid indirect mapped block 1819239214 (level 1) [ 1005.749026][T14519] EXT4-fs (loop5): 1 truncate cleaned up [ 1005.758786][T14519] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1005.845748][T14527] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3608'. [ 1006.408695][ T6704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1006.629815][ T11] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 1006.851026][ T11] usb 2-1: Using ep0 maxpacket: 32 [ 1006.875255][ T11] usb 2-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1006.889096][ T11] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1006.896525][ T11] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00 [ 1006.915828][ T11] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1006.969623][T14539] loop3: detected capacity change from 0 to 512 [ 1007.072443][ T11] usb 2-1: config 0 descriptor?? [ 1007.079384][T14539] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 1007.177762][T14539] EXT4-fs (loop3): orphan cleanup on readonly fs [ 1007.243718][T14539] EXT4-fs error (device loop3): __ext4_iget:5379: inode #11: block 8: comm syz.3.3614: invalid block [ 1007.382767][T14539] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3614: couldn't read orphan inode 11 (err -117) [ 1007.505824][T14539] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1007.645363][ T11] corsair-psu 0003:1B1C:1C09.0009: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.1-1/input0 [ 1007.715876][T14539] EXT4-fs (loop3): ext4_remount: Checksum for group 0 failed (57259!=33349) [ 1007.791926][ T11] corsair-psu 0003:1B1C:1C09.0009: unable to initialize device (-38) [ 1007.873010][ T11] corsair-psu 0003:1B1C:1C09.0009: probe with driver corsair-psu failed with error -38 [ 1008.075393][ T11] usb 2-1: USB disconnect, device number 18 [ 1008.168818][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1008.690473][ T30] audit: type=1326 audit(1751192722.857:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6728d8e929 code=0x7ffc0000 [ 1008.873253][ T30] audit: type=1326 audit(1751192722.917:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6728d8e929 code=0x7ffc0000 [ 1008.896758][ T30] audit: type=1326 audit(1751192722.917:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6728d8e963 code=0x7ffc0000 [ 1008.904199][T14556] loop5: detected capacity change from 0 to 512 [ 1008.919496][ T30] audit: type=1326 audit(1751192722.927:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6728d8d3df code=0x7ffc0000 [ 1008.919741][ T30] audit: type=1326 audit(1751192723.007:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f6728d8e9b7 code=0x7ffc0000 [ 1008.919994][ T30] audit: type=1326 audit(1751192723.087:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6728d8d290 code=0x7ffc0000 [ 1008.920251][ T30] audit: type=1326 audit(1751192723.097:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6728d8e52b code=0x7ffc0000 [ 1008.956678][T14547] fido_id[14547]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 1009.170438][ T30] audit: type=1326 audit(1751192723.357:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6728d8d58a code=0x7ffc0000 [ 1009.307749][ T30] audit: type=1326 audit(1751192723.477:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6728d8d58a code=0x7ffc0000 [ 1009.330839][ T30] audit: type=1326 audit(1751192723.477:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14554 comm="syz.5.3621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f6728d8d197 code=0x7ffc0000 [ 1009.383761][T14556] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 1009.398435][T14561] loop6: detected capacity change from 0 to 128 [ 1009.443592][T14561] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 1009.543842][T14556] EXT4-fs (loop5): 1 truncate cleaned up [ 1009.552303][T14556] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1009.686758][T14561] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1010.022861][ T6704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1010.957101][T14571] loop4: detected capacity change from 0 to 2048 [ 1011.246570][T14571] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1012.493152][T14593] netlink: 165 bytes leftover after parsing attributes in process `syz.1.3637'. [ 1012.788309][ T1857] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1013.276861][T14600] loop5: detected capacity change from 0 to 512 [ 1013.317665][T14600] EXT4-fs: Ignoring removed nobh option [ 1013.337663][ T5881] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 1013.395282][T14600] EXT4-fs (loop5): external journal device major/minor numbers have changed [ 1013.626163][ T5881] usb 5-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 1013.636415][ T5881] usb 5-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3 [ 1013.645078][ T5881] usb 5-1: Product: syz [ 1013.649530][ T5881] usb 5-1: Manufacturer: syz [ 1013.654733][ T5881] usb 5-1: SerialNumber: syz [ 1013.703515][T14605] netlink: 104 bytes leftover after parsing attributes in process `syz.6.3642'. [ 1013.841954][ T5881] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 1014.280071][ T5881] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1014.291550][ T5881] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 1014.369526][T14600] EXT4-fs (loop5): failed to open journal device unknown-block(4,0) -6 [ 1014.489808][ T5881] usb 5-1: USB disconnect, device number 11 [ 1014.798119][T14615] netlink: 420 bytes leftover after parsing attributes in process `syz.6.3646'. [ 1017.582703][T14653] loop4: detected capacity change from 0 to 256 [ 1017.698541][T14653] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1018.390548][T14664] tmpfs: Cannot retroactively limit size [ 1019.081544][T14672] loop5: detected capacity change from 0 to 512 [ 1019.275512][T14672] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1019.293465][T14672] ext4 filesystem being mounted at /656/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1019.324740][T14682] vcan0: MTU too low for tipc bearer [ 1019.330447][T14682] tipc: Enabling of bearer rejected, failed to enable media [ 1019.986341][ T6704] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1020.246772][T14689] loop6: detected capacity change from 0 to 1024 [ 1020.444907][T14689] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1020.614837][T14697] loop4: detected capacity change from 0 to 1024 [ 1020.835956][T14697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1020.995375][T12830] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1021.011533][T14703] loop1: detected capacity change from 0 to 256 [ 1021.333872][T14703] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 1021.830040][ T5799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1022.643153][T12527] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 1022.863980][T12527] usb 5-1: Using ep0 maxpacket: 32 [ 1022.914430][T12527] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 1022.924390][T12527] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1023.013794][T12527] usb 5-1: config 0 descriptor?? [ 1023.051569][T12527] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 1023.779749][T12527] usb 5-1: USB disconnect, device number 12 [ 1025.068397][T14731] loop3: detected capacity change from 0 to 4096 [ 1025.173540][T14731] ntfs3(loop3): ino=3, Correct links count -> 2. [ 1025.725758][T14731] ntfs3(loop3): failed to convert "0080" to cp874 [ 1025.759722][T14731] ntfs3(loop3): failed to convert name for inode 1e. [ 1025.826847][T14731] ntfs3(loop3): ino=1f, mi_enum_attr [ 1025.832815][T14731] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 1026.364298][T14752] loop4: detected capacity change from 0 to 1024 [ 1026.399968][T14752] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 1026.415132][T14752] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 not in group (block 6)! [ 1026.425713][T14752] EXT4-fs (loop4): group descriptors corrupted! [ 1026.792553][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 1026.792633][ T30] audit: type=1326 audit(1751192740.977:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14757 comm="syz.3.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 1026.929700][ T30] audit: type=1326 audit(1751192741.077:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14757 comm="syz.3.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 1026.955823][ T30] audit: type=1326 audit(1751192741.117:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14757 comm="syz.3.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 1026.982850][ T30] audit: type=1326 audit(1751192741.117:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14757 comm="syz.3.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 1027.010122][ T30] audit: type=1326 audit(1751192741.117:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14757 comm="syz.3.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 1027.036028][ T30] audit: type=1326 audit(1751192741.117:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14757 comm="syz.3.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 1027.060349][ T30] audit: type=1326 audit(1751192741.147:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14757 comm="syz.3.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab378e929 code=0x7ffc0000 [ 1027.967220][T14769] loop1: detected capacity change from 0 to 256 [ 1028.359316][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 1028.366479][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 1028.786971][T14777] loop3: detected capacity change from 0 to 256 [ 1028.873620][T14777] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1028.885178][T14777] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 1029.102778][T14777] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 1029.175904][T14783] loop6: detected capacity change from 0 to 256 [ 1029.269178][T14783] exfat: Deprecated parameter 'utf8' [ 1029.279063][T14783] exfat: Deprecated parameter 'namecase' [ 1029.286167][T14783] exfat: Deprecated parameter 'namecase' [ 1029.292296][T14783] exfat: Deprecated parameter 'utf8' [ 1029.579128][T14783] exFAT-fs (loop6): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 1031.420755][T14798] loop6: detected capacity change from 0 to 4096 [ 1031.928779][T14798] ntfs3(loop6): $Secure::$SII is corrupted. [ 1031.935468][T14798] ntfs3(loop6): Failed to initialize $Secure (-22). [ 1032.668318][T14814] loop3: detected capacity change from 0 to 512 [ 1032.778410][T14814] EXT4-fs warning (device loop3): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1032.794766][T14814] EXT4-fs warning (device loop3): dx_probe:849: Enable large directory feature to access it [ 1032.810936][T14814] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.3738: Corrupt directory, running e2fsck is recommended [ 1032.848197][T14814] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 1032.927364][T14814] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.3738: corrupted in-inode xattr: invalid ea_ino [ 1033.062382][T14814] EXT4-fs (loop3): Remounting filesystem read-only [ 1033.071482][T14814] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1033.433159][T14814] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 1033.944727][T14820] loop1: detected capacity change from 0 to 40427 [ 1034.028832][T14820] F2FS-fs (loop1): Image doesn't support compression [ 1034.043541][T14820] F2FS-fs (loop1): Invalid gid value -1 [ 1034.098959][ T5802] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1034.268532][ T30] audit: type=1400 audit(1751192748.427:174): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=14825 comm="syz.5.3743" [ 1035.185423][T14828] loop6: detected capacity change from 0 to 4096 [ 1035.597427][T14828] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1035.977443][T14828] ntfs3(loop6): Failed to load $Extend (-22). [ 1035.987459][T14828] ntfs3(loop6): Failed to initialize $Extend. [ 1038.351421][T14861] loop6: detected capacity change from 0 to 1024 [ 1038.429392][T14861] EXT4-fs: Ignoring removed nobh option [ 1038.435620][T14861] EXT4-fs: Ignoring removed bh option [ 1038.749909][T14861] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1038.905634][T14870] loop1: detected capacity change from 0 to 256 [ 1039.027324][T14870] exfat: Deprecated parameter 'namecase' [ 1039.273945][T14870] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 1039.423629][T12830] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1040.892742][T14884] loop6: detected capacity change from 0 to 8 [ 1041.070923][T14884] SQUASHFS error: Failed to read block 0x730: -5 [ 1041.080799][T14884] SQUASHFS error: Unable to read metadata cache entry [72e] [ 1042.013643][T14895] loop6: detected capacity change from 0 to 16 [ 1043.086875][T14904] sp0: Synchronizing with TNC [ 1043.852583][ T11] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 1043.875015][T11971] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 1043.980763][T14913] loop4: detected capacity change from 0 to 256 [ 1044.073581][T14913] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1044.087756][T14913] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 1044.108162][ T11] usb 6-1: Using ep0 maxpacket: 16 [ 1044.196390][ T11] usb 6-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1044.214611][ T11] usb 6-1: config 0 interface 0 has no altsetting 0 [ 1044.221610][ T11] usb 6-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00 [ 1044.231261][ T11] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1044.314806][T14913] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 1044.390159][ T11] usb 6-1: config 0 descriptor?? [ 1045.189574][ T11] usb 6-1: USB disconnect, device number 13 [ 1045.813744][T14917] loop3: detected capacity change from 0 to 40427 [ 1045.827946][T14917] F2FS-fs (loop3): Corrupted extension count (64 + 1 > 64) [ 1045.836954][T14917] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1045.847414][T14917] F2FS-fs (loop3): build fault injection rate: 17008 [ 1045.854835][T14917] F2FS-fs (loop3): build fault injection type: 0x1f8 [ 1045.861955][T14917] F2FS-fs (loop3): Encrypt feature is off [ 1048.690878][T14952] loop3: detected capacity change from 0 to 64 [ 1049.565663][ T11] usb 5-1: new full-speed USB device number 13 using dummy_hcd [ 1049.777673][T14967] loop5: detected capacity change from 0 to 256 [ 1049.811861][ T11] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1049.821430][ T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1049.878515][ T11] usb 5-1: config 0 descriptor?? [ 1049.901795][ T11] cp210x 5-1:0.0: cp210x converter detected [ 1050.264313][T14967] FAT-fs (loop5): Directory bread(block 64) failed [ 1050.271537][T14967] FAT-fs (loop5): Directory bread(block 65) failed [ 1050.279090][T14967] FAT-fs (loop5): Directory bread(block 66) failed [ 1050.289447][T14967] FAT-fs (loop5): Directory bread(block 67) failed [ 1050.296927][T14967] FAT-fs (loop5): Directory bread(block 68) failed [ 1050.304197][T14967] FAT-fs (loop5): Directory bread(block 69) failed [ 1050.311451][T14967] FAT-fs (loop5): Directory bread(block 70) failed [ 1050.326652][T14967] FAT-fs (loop5): Directory bread(block 71) failed [ 1050.335534][T14967] FAT-fs (loop5): Directory bread(block 72) failed [ 1050.345456][T14967] FAT-fs (loop5): Directory bread(block 73) failed [ 1050.416589][ T11] usb 5-1: cp210x converter now attached to ttyUSB0 [ 1050.571711][ T5881] usb 5-1: USB disconnect, device number 13 [ 1050.630610][ T5881] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1050.700590][ T5881] cp210x 5-1:0.0: device disconnected [ 1051.004426][T14978] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3812'. [ 1051.628808][T14988] loop4: detected capacity change from 0 to 8 [ 1051.874737][T14994] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3819'. [ 1052.483582][T15003] Zero length message leads to an empty skb [ 1054.353029][T15026] loop5: detected capacity change from 0 to 256 [ 1054.499148][T15026] exfat: Deprecated parameter 'namecase' [ 1054.505937][T15026] exfat: Deprecated parameter 'namecase' [ 1054.700011][T15026] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 1054.765438][T15033] loop3: detected capacity change from 0 to 128 [ 1057.765621][T15062] loop6: detected capacity change from 0 to 256 [ 1057.867808][T15062] FAT-fs (loop6): Directory bread(block 1285) failed [ 1058.011931][T15062] FAT-fs (loop6): Directory bread(block 1285) failed [ 1059.010321][T15076] ptrace attach of "./syz-executor exec"[12830] was attempted by " [ 1061.237371][T15101] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 1061.425649][T15105] loop5: detected capacity change from 0 to 256 [ 1061.755800][T15105] FAT-fs (loop5): Directory bread(block 64) failed [ 1061.763667][T15105] FAT-fs (loop5): Directory bread(block 65) failed [ 1061.770616][T15105] FAT-fs (loop5): Directory bread(block 66) failed [ 1061.777653][T15105] FAT-fs (loop5): Directory bread(block 67) failed [ 1061.792586][T15105] FAT-fs (loop5): Directory bread(block 68) failed [ 1061.799509][T15105] FAT-fs (loop5): Directory bread(block 69) failed [ 1061.808517][T15105] FAT-fs (loop5): Directory bread(block 70) failed [ 1061.818332][T15105] FAT-fs (loop5): Directory bread(block 71) failed [ 1061.825624][T15105] FAT-fs (loop5): Directory bread(block 72) failed [ 1061.833337][T15105] FAT-fs (loop5): Directory bread(block 73) failed [ 1062.511849][T15114] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3875'. [ 1062.775727][T15116] loop6: detected capacity change from 0 to 256 [ 1063.113534][T15116] FAT-fs (loop6): Directory bread(block 64) failed [ 1063.125726][T15116] FAT-fs (loop6): Directory bread(block 65) failed [ 1063.137556][T15116] FAT-fs (loop6): Directory bread(block 66) failed [ 1063.144560][T15116] FAT-fs (loop6): Directory bread(block 67) failed [ 1063.151581][T15116] FAT-fs (loop6): Directory bread(block 68) failed [ 1063.158747][T15116] FAT-fs (loop6): Directory bread(block 69) failed [ 1063.169260][T15116] FAT-fs (loop6): Directory bread(block 70) failed [ 1063.176275][T15116] FAT-fs (loop6): Directory bread(block 71) failed [ 1063.183431][T15116] FAT-fs (loop6): Directory bread(block 72) failed [ 1063.190220][T15116] FAT-fs (loop6): Directory bread(block 73) failed [ 1063.726940][T15127] block nbd1: NBD_DISCONNECT [ 1064.337832][T15133] loop3: detected capacity change from 0 to 1024 [ 1064.478537][T15133] ===================================================== [ 1064.489000][T15133] BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x1173/0x17e0 [ 1064.497432][T15133] hfsplus_rename_cat+0x1173/0x17e0 [ 1064.503045][T15133] hfsplus_rename+0x1fc/0x2f0 [ 1064.507994][T15133] vfs_rename+0x1e87/0x2460 [ 1064.515911][T15133] do_renameat2+0x175e/0x1d70 [ 1064.520817][T15133] __x64_sys_rename+0xd7/0x140 [ 1064.525970][T15133] x64_sys_call+0x3553/0x3db0 [ 1064.530920][T15133] do_syscall_64+0xd9/0x210 [ 1064.535953][T15133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.545087][T15133] [ 1064.547561][T15133] Uninit was stored to memory at: [ 1064.557508][T15133] hfsplus_rename_cat+0x10a9/0x17e0 [ 1064.564660][T15133] hfsplus_rename+0x1fc/0x2f0 [ 1064.569610][T15133] vfs_rename+0x1e87/0x2460 [ 1064.577385][T15133] do_renameat2+0x175e/0x1d70 [ 1064.582523][T15133] __x64_sys_rename+0xd7/0x140 [ 1064.587497][T15133] x64_sys_call+0x3553/0x3db0 [ 1064.592732][T15133] do_syscall_64+0xd9/0x210 [ 1064.597467][T15133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.606613][T15133] [ 1064.609075][T15133] Uninit was stored to memory at: [ 1064.614861][T15133] hfsplus_create_cat+0x18fb/0x1910 [ 1064.620318][T15133] hfsplus_mknod+0x208/0x560 [ 1064.625531][T15133] hfsplus_mkdir+0x5a/0x80 [ 1064.630220][T15133] vfs_mkdir+0x4e7/0x850 [ 1064.638321][T15133] do_mkdirat+0x41a/0xf30 [ 1064.643171][T15133] __x64_sys_mkdir+0x9a/0xf0 [ 1064.648085][T15133] x64_sys_call+0x29b6/0x3db0 [ 1064.657942][T15133] do_syscall_64+0xd9/0x210 [ 1064.667043][T15133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.673420][T15133] [ 1064.675889][T15133] Uninit was stored to memory at: [ 1064.681229][T15133] hfsplus_create_cat+0x18fb/0x1910 [ 1064.687143][T15133] hfsplus_fill_super+0x212e/0x2740 [ 1064.696032][T15133] get_tree_bdev_flags+0x6e6/0x920 [ 1064.701488][T15133] get_tree_bdev+0x38/0x50 [ 1064.706406][T15133] hfsplus_get_tree+0x35/0x40 [ 1064.711314][T15133] vfs_get_tree+0xb3/0x5c0 [ 1064.716320][T15133] do_new_mount+0x738/0x1610 [ 1064.721170][T15133] path_mount+0x6db/0x1e90 [ 1064.728908][T15133] __se_sys_mount+0x6eb/0x7d0 [ 1064.734071][T15133] __x64_sys_mount+0xe4/0x150 [ 1064.739031][T15133] x64_sys_call+0xfa7/0x3db0 [ 1064.744100][T15133] do_syscall_64+0xd9/0x210 [ 1064.748829][T15133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.762542][T15133] [ 1064.765025][T15133] Uninit was created at: [ 1064.769593][T15133] __alloc_frozen_pages_noprof+0x689/0xf00 [ 1064.777839][T15133] alloc_pages_mpol+0x328/0x860 [ 1064.785892][T15133] alloc_frozen_pages_noprof+0xf7/0x200 [ 1064.791741][T15133] allocate_slab+0x24d/0x1220 [ 1064.796991][T15133] ___slab_alloc+0xfec/0x3480 [ 1064.801922][T15133] kmem_cache_alloc_lru_noprof+0x922/0xed0 [ 1064.808280][T15133] hfsplus_alloc_inode+0x5a/0xd0 [ 1064.816535][T15133] alloc_inode+0x87/0x4a0 [ 1064.821154][T15133] iget_locked+0x239/0x12d0 [ 1064.826095][T15133] hfsplus_iget+0x5c/0xb80 [ 1064.830737][T15133] hfsplus_btree_open+0x134/0x1d00 [ 1064.836333][T15133] hfsplus_fill_super+0x1161/0x2740 [ 1064.841776][T15133] get_tree_bdev_flags+0x6e6/0x920 [ 1064.850154][T15133] get_tree_bdev+0x38/0x50 [ 1064.855063][T15133] hfsplus_get_tree+0x35/0x40 [ 1064.866035][T15133] vfs_get_tree+0xb3/0x5c0 [ 1064.870742][T15133] do_new_mount+0x738/0x1610 [ 1064.878544][T15133] path_mount+0x6db/0x1e90 [ 1064.883437][T15133] __se_sys_mount+0x6eb/0x7d0 [ 1064.888392][T15133] __x64_sys_mount+0xe4/0x150 [ 1064.893566][T15133] x64_sys_call+0xfa7/0x3db0 [ 1064.898447][T15133] do_syscall_64+0xd9/0x210 [ 1064.906108][T15133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.912476][T15133] [ 1064.914978][T15133] CPU: 0 UID: 0 PID: 15133 Comm: syz.3.3884 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(undef) [ 1064.928129][T15133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1064.941411][T15133] ===================================================== [ 1064.948744][T15133] Disabling lock debugging due to kernel taint [ 1064.955594][T15133] Kernel panic - not syncing: kmsan.panic set ... [ 1064.962222][T15133] CPU: 0 UID: 0 PID: 15133 Comm: syz.3.3884 Tainted: G B 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(undef) [ 1064.976233][T15133] Tainted: [B]=BAD_PAGE [ 1064.980548][T15133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1064.990812][T15133] Call Trace: [ 1064.994266][T15133] [ 1064.997366][T15133] __dump_stack+0x26/0x30 [ 1065.002026][T15133] dump_stack_lvl+0x53/0x270 [ 1065.006895][T15133] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.013035][T15133] dump_stack+0x1e/0x25 [ 1065.017461][T15133] panic+0x4bd/0xd50 [ 1065.021687][T15133] kmsan_report+0x31c/0x320 [ 1065.026485][T15133] ? __msan_memcpy+0x108/0x1c0 [ 1065.031513][T15133] ? __msan_warning+0x1b/0x30 [ 1065.036462][T15133] ? hfsplus_rename_cat+0x1173/0x17e0 [ 1065.042108][T15133] ? hfsplus_rename+0x1fc/0x2f0 [ 1065.047229][T15133] ? vfs_rename+0x1e87/0x2460 [ 1065.052282][T15133] ? do_renameat2+0x175e/0x1d70 [ 1065.057441][T15133] ? __x64_sys_rename+0xd7/0x140 [ 1065.062606][T15133] ? x64_sys_call+0x3553/0x3db0 [ 1065.067740][T15133] ? do_syscall_64+0xd9/0x210 [ 1065.072644][T15133] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1065.078978][T15133] ? kmsan_get_metadata+0xfb/0x160 [ 1065.084380][T15133] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.090503][T15133] ? hfsplus_bnode_dump+0x50a/0x560 [ 1065.096013][T15133] ? kmsan_get_metadata+0xfb/0x160 [ 1065.101414][T15133] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.107531][T15133] ? hfsplus_brec_remove+0x92f/0xa60 [ 1065.113142][T15133] ? kmsan_get_metadata+0xfb/0x160 [ 1065.118566][T15133] __msan_warning+0x1b/0x30 [ 1065.123338][T15133] hfsplus_rename_cat+0x1173/0x17e0 [ 1065.128843][T15133] ? kfree+0x121/0xec0 [ 1065.133146][T15133] ? filter_irq_stacks+0x49/0x190 [ 1065.138431][T15133] ? stack_depot_save_flags+0x35/0x7b0 [ 1065.144171][T15133] ? kmsan_get_metadata+0xfb/0x160 [ 1065.149665][T15133] ? kmsan_get_metadata+0xfb/0x160 [ 1065.155068][T15133] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1065.161671][T15133] ? kmsan_get_metadata+0xfb/0x160 [ 1065.167047][T15133] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.173143][T15133] ? kmsan_get_metadata+0xfb/0x160 [ 1065.178549][T15133] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1065.184678][T15133] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 1065.191389][T15133] hfsplus_rename+0x1fc/0x2f0 [ 1065.196341][T15133] ? __pfx_hfsplus_rename+0x10/0x10 [ 1065.201796][T15133] vfs_rename+0x1e87/0x2460 [ 1065.206581][T15133] ? end_current_label_crit_section+0x112/0x290 [ 1065.213122][T15133] do_renameat2+0x175e/0x1d70 [ 1065.218077][T15133] __x64_sys_rename+0xd7/0x140 [ 1065.223066][T15133] x64_sys_call+0x3553/0x3db0 [ 1065.227996][T15133] do_syscall_64+0xd9/0x210 [ 1065.232709][T15133] ? irqentry_exit+0x16/0x60 [ 1065.237545][T15133] ? clear_bhb_loop+0x40/0x90 [ 1065.242433][T15133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1065.248543][T15133] RIP: 0033:0x7f3ab378e929 [ 1065.253130][T15133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1065.273004][T15133] RSP: 002b:00007f3ab4543038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 1065.281648][T15133] RAX: ffffffffffffffda RBX: 00007f3ab39b5fa0 RCX: 00007f3ab378e929 [ 1065.289809][T15133] RDX: 0000000000000000 RSI: 0000200000000f40 RDI: 0000200000000000 [ 1065.297964][T15133] RBP: 00007f3ab3810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1065.306102][T15133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1065.314328][T15133] R13: 0000000000000000 R14: 00007f3ab39b5fa0 R15: 00007ffcc14cff58 [ 1065.322507][T15133] [ 1065.325987][T15133] Kernel Offset: disabled [ 1065.330411][T15133] Rebooting in 86400 seconds..