last executing test programs: 12m22.794293409s ago: executing program 32 (id=2859): r0 = syz_io_uring_setup(0x49e, &(0x7f0000000400)={0x0, 0x79ac, 0x0, 0x7, 0xaa}, &(0x7f0000000140)=0x0, &(0x7f0000000040)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) io_uring_enter(r0, 0x627, 0x4c1, 0x9, 0x0, 0x18) 10m32.869864528s ago: executing program 5 (id=3479): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYRES32=r1, @ANYRES16=r1, @ANYBLOB="010326bd6000000000002d"], 0x20}, 0x1, 0x0, 0x0, 0x40904}, 0x20040814) 10m31.940394712s ago: executing program 5 (id=3482): r0 = socket$kcm(0x2d, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000100)={r0}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x11d, 0xf, 0x0, &(0x7f0000000240)) 10m31.217441585s ago: executing program 5 (id=3486): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x441, 0x108) fallocate(r0, 0x22, 0x8, 0x8000) 10m30.522596923s ago: executing program 5 (id=3490): syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000000)={[{@noadinicb}, {@mode={'mode', 0x3d, 0xc002}}, {@dmode={'dmode', 0x3d, 0x8}}, {@gid_forget}, {@longad}, {@volume={'volume', 0x3d, 0xe}}, {}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@gid_forget}]}, 0x1, 0xc32, &(0x7f0000001a40)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 10m28.999563088s ago: executing program 5 (id=3498): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = mq_open(&(0x7f00000019c0)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x0, 0x0) mq_getsetattr(r0, 0x0, 0x0) 10m28.169173518s ago: executing program 5 (id=3504): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) listen(r0, 0x0) ioctl$SIOCX25SDTEFACILITIES(r0, 0x89eb, &(0x7f0000000000)={0x3d, 0x101, 0x100, 0x1, 0x4, 0x18, 0x36, "e75867a0aa45de1500", "39e8799918f836f17fc65c8b001f00"}) 10m26.495558451s ago: executing program 33 (id=3504): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) listen(r0, 0x0) ioctl$SIOCX25SDTEFACILITIES(r0, 0x89eb, &(0x7f0000000000)={0x3d, 0x101, 0x100, 0x1, 0x4, 0x18, 0x36, "e75867a0aa45de1500", "39e8799918f836f17fc65c8b001f00"}) 7m25.461809987s ago: executing program 4 (id=4431): r0 = socket(0x2d, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000440)={0x2d, 0x0, 0x1}, 0xc) bind$xdp(r0, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0x1c, r0}, 0x10) 7m24.826957673s ago: executing program 4 (id=4435): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c) recvmmsg(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)=""/77, 0x4d}], 0x1}, 0x8}], 0x1, 0x40004122, 0x0) 7m24.259346433s ago: executing program 4 (id=4439): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x800448d2, &(0x7f0000000000)) 7m23.615717563s ago: executing program 4 (id=4443): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x2004082, &(0x7f0000000240)={[{@type={'type', 0x3d, "699a1c87"}}, {@gid}, {@umask={'umask', 0x3d, 0x11}}, {@uid}, {@force}, {@force}, {@nls={'nls', 0x3d, 'iso8859-13'}}, {@nobarrier}, {@creator={'creator', 0x3d, "ae5dd5f7"}}, {@nodecompose}]}, 0x47, 0x6f7, &(0x7f00000010c0)="$eJzs3U1sHGcZAOB31uu1N5XcbZu0BSHFakQEDSS2l5IgIREqhHyoUCQuvS6J01heu5HtIidCxAUKRzihHDgUIXPoCfWABOKAKGckJK4o90jcIw4smtmZ9f7Y693GP0n6PNJ4vpn5ft55O/Pt7myjDeAza/HtmNyOJBYvvLWVbj/YqTcf7NRXi3JETEVEKaLcXkWyFpF8EnE12kt8Lt2Zd5fsN84bD//0m/P3P6q3t8r5ktUvDWu3qzVkhO18idmImMjXYyrv19/1eHOgv3tjdZ104k4Tdq5IHJy01oDtcZqPcN8CT7p7EROTe+yvRZyKiOn8fUDks0PpmMM7dGPNcgAAAPBkmjiowvOP4lFsxczxhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPhqT9m4FJvpSK8mwkxe//V/J9qUrlhOMd7isHHP/g5jEFAgAAAAAAAABH4uP8i/uzj+JRbMVMsb+VZN/5v5ZtnM7+PhfvxUYsxXpcjK1oxGZsxnrMR0zOdHVY2Wpsbq7PD7b8daQtW63WvbzlQkTUBlouHMNJAwAAAAAAAMCz6yexGDMnHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRLIibaq2w5XZRrUSpHxHREVNJ62xF/KcpPuuqQY389xjgAAADghBQfjWeS/7ULrST7zP9y9rl/Ot6LtdiM5diMZizFjexZQPtTf+mf2/Xmg536aroMdvzt/4wVR9ZjREzE+/uMPJfVONNpsRjfje/HhZiNa7Eey/HDaMRmLMVsVNOTiEYkUau2n17Uijj3jvdqz9a1/tjO9m2/mkVSjZuxnMV2Ma5Xov3YJDuHdMxXu0b7YyWib8T30+wk38qNmKMbXf+9fpU/l8m1nh+xj6NRy858spORuTT3eTZeGJ77Ma+T/pHmo9R5BnV6d5R0s3+kIuc/GCfnp/J1muuf9+b8sI35KK0/EwtRyq++iJd7c377i/df7G385X/97dqt0trKrZsbF47wlB7H7EEVJotCfybqXZl4ZfjVl2eimWZie/RMTPbvmB615dGq5NnIpqIRZ8vvZKVGvNZ1Cb4bN2IpLsdczMeVmItvxELUO1dYupzpyWu5vtqbk+xeKw3Ob8OexJ77UlelXxxQ+XileXmhK6/dM10tO5bvufrLmOu6+l4cfvWN/SqQjv/5vJyO8dPOK86ToCcT+dxcRPfS8Ez8tpX+3Wiurazfatwecbzz+Tq9bT/onZt/N3rU/a/uhyG9XtIZt5xtZTmpFtdLeuylTrS9+ark37i025UGjp3pHKvFTCzH9/a9Uyv5e7jBntrHXuk+9u/dmbOSv78pjvW8y4l3o5m9C+lz4FQNwDE79fqpSvVh9R/VD6s/q96qvjX95tSVqS9UYvLv5T9P/KH0+9I3k9fjw/hxzJx0pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CzYuHN3pdFsLq13CjHdv+dxC5V9xxpeiNKBdXaeG63DqEUMHyvJC5XDPfensVCNvj3FLyw9bs8fR8SQOpXHDj4Z+xobu5Dm4VA6LH44LdvTmhijeblotXedcmxMx0ojKe9xx03t3gVRW2k0/9vqaV6NrlsGeMZd2ly9fWnjzt2vLq823ll6Z2lt4crlK5frX5//2qWby82lufbfk44SOAobd+5OnHQMAAAAAAAAAAAAwHjy//t/81P/Y4byAXUq6xt7j3z2uE8VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeEotvh2T25HE/NzFuXT7wU69mS5FebdmOSJKEZH8KCL5JOJqtJeodXWX7DfOGw+jdP7+R/XdvspF/dKwdqPZzpeYjYiJfH2wqT26Gezveld/258qvKRzhmnCzhWJg5P2/wAAAP//vnbzsA==") mount$nfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x123b058, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='tmpfs\x00', 0x0, 0x0) 7m22.728050727s ago: executing program 4 (id=4449): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3fab00000000000000002e000000080001"], 0x4c}}, 0x8000) 7m21.670291989s ago: executing program 4 (id=4453): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) connect$rose(r0, &(0x7f0000000380)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x1, @null}, 0x1c) 7m19.097391762s ago: executing program 34 (id=4453): r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) connect$rose(r0, &(0x7f0000000380)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x1, @null}, 0x1c) 3m39.894902848s ago: executing program 3 (id=5959): setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='bbr', 0x3) r0 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x25, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006) 3m39.289761639s ago: executing program 3 (id=5964): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20004080}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c0001"], 0xdc}}, 0x0) 3m38.72251392s ago: executing program 3 (id=5968): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0) mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x100000000) 3m38.152513526s ago: executing program 3 (id=5972): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1bb30000000000000000010000000c0006000100000001f600"], 0x20}, 0x1, 0x0, 0x0, 0x8040}, 0x0) 3m37.376473042s ago: executing program 3 (id=5977): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x10) mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file5\x00', 0x61c0, 0x700) 3m36.715640846s ago: executing program 3 (id=5980): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001030000000000000000fc0100000000000000000000000000003ed300000000000000000000000000000000000000000000020010"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0) 3m21.395028682s ago: executing program 35 (id=5980): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001030000000000000000fc0100000000000000000000000000003ed300000000000000000000000000000000000000000000020010"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="8801000014"], 0x188}}, 0x0) 2m34.137225379s ago: executing program 0 (id=6327): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xd76}, 0x18) lsetxattr$system_posix_acl(0x0, &(0x7f0000000440)='system.posix_acl_default\x00', 0x0, 0x5c, 0x0) 2m33.495404206s ago: executing program 0 (id=6331): capset(&(0x7f0000000080)={0x20080522}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) 2m32.899502301s ago: executing program 0 (id=6336): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000010000004000018007000600666f00000800080000000000060001000200000008000500000000000c0007000000000000000000080009000000000008000b"], 0x54}}, 0x0) 2m32.430010749s ago: executing program 0 (id=6340): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000001880)=0x40, 0x4) sendmmsg$inet6(r0, &(0x7f0000000900)=[{{&(0x7f0000000100)={0xa, 0x4e21, 0x0, @loopback, 0x10}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e61, 0x80, @mcast2, 0x81}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1400000000000000290000000b000000ff"], 0x18}}], 0x2, 0x0) 2m31.998800631s ago: executing program 0 (id=6344): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30) mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0) 2m30.610337886s ago: executing program 0 (id=6351): r0 = socket(0x10, 0x803, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000000)=[{0x3, 0x9, 0x2, 0x8}, {0x6, 0xd, 0x8, 0x9}]}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0x7, 0xfff3}}}, 0x24}}, 0x24040084) 2m15.259863762s ago: executing program 36 (id=6351): r0 = socket(0x10, 0x803, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000000)=[{0x3, 0x9, 0x2, 0x8}, {0x6, 0xd, 0x8, 0x9}]}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newtfilter={0x24, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0x7, 0xfff3}}}, 0x24}}, 0x24040084) 41.489271513s ago: executing program 8 (id=7048): unshare(0x20040400) r0 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x3, {0x1, 0x0, 0x2}, 0x2}, 0x18) 41.202932297s ago: executing program 8 (id=7050): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000100)={0x11, @empty, 0x15, 0x0, 'wlc\x00', 0x3c, 0xc, 0x80}, 0x2c) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000180)={0x2, 0x14, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10) 40.831303758s ago: executing program 8 (id=7053): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet6(r0, &(0x7f0000001580)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x6a3, @private1, 0x2}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000040)="1b", 0x1}], 0x1}}], 0x1, 0x40881) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000080)="020000000d800000", 0x8) 39.607836897s ago: executing program 8 (id=7065): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000600)='./file0\x00', 0xc8d0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=") r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32) 39.023829446s ago: executing program 8 (id=7070): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000), 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000080)={0x5, 0x40, 0xfa00, {{0xa, 0x0, 0x8001, @empty}, {0xa, 0x0, 0x0, @empty}}}, 0x48) 38.519793331s ago: executing program 8 (id=7072): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs\x00') read$sequencer(r0, &(0x7f0000000180)=""/186, 0xba) preadv(r0, &(0x7f0000000380)=[{&(0x7f0000000680)=""/98, 0x62}], 0x1, 0xc5, 0x1) 36.728808308s ago: executing program 37 (id=7072): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs\x00') read$sequencer(r0, &(0x7f0000000180)=""/186, 0xba) preadv(r0, &(0x7f0000000380)=[{&(0x7f0000000680)=""/98, 0x62}], 0x1, 0xc5, 0x1) 7.368854557s ago: executing program 2 (id=7256): set_mempolicy(0x4005, &(0x7f0000000080)=0x4, 0x8) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c) 5.675312075s ago: executing program 1 (id=7267): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="12000000470000000400000002"], 0x50) socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000380)={r0, &(0x7f0000000600), &(0x7f0000000a40)=@udp=r1, 0x2}, 0x20) 4.988933845s ago: executing program 1 (id=7271): r0 = syz_usb_connect$hid(0x1, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="12011001000000086666028800000000000109022d0001000040090904000002030002000921000406012205000905810300000004fd09058203"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000200)={0x20, 0xd, 0xf, {0xf, 0x7, "0de62e76ab186ee41e9bed275c"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) 4.382834794s ago: executing program 9 (id=7275): sendmmsg(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x28}}], 0x1, 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt(r0, 0x28, 0x2, &(0x7f0000001680)=""/56, &(0x7f0000000280)=0x38) 3.794292568s ago: executing program 9 (id=7278): syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000011620140480b05101e8c00000001090212000100000000090401"], 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) readv(r0, &(0x7f0000000640)=[{&(0x7f0000000440)=""/146, 0x92}], 0x1) 3.387997208s ago: executing program 7 (id=7280): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00') writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8) 2.871759282s ago: executing program 7 (id=7282): syz_mount_image$minix(&(0x7f0000000440), &(0x7f0000000280)='./file2\x00', 0x16, &(0x7f0000019680)=ANY=[@ANYRES32=0x0], 0x5, 0x1d3, &(0x7f0000000d80)="$eJzs291u0mAcx/FfW2i3+f524pGJB3oiVUaiO3MX4A14tmx1WezUOE9GTJQT78PL8Mw78QYg0SuoaSmBAi2lDS2M7yfZ+vCkvz4PhH952oAAbK3b0X9DhppRKwiCb48kvX0jqZEZtSuZIICVCYxh0aex53fvZKcAbAbr7/x+J7XAf40aJmcBYJMNDq1oHfDbkP78+3rcj/+aOdcPg0NTsuIHE3lb2smV7xnR9mFD6k/kHSUPYHxPWb/8HOafKJnfzTv/ePy9qfzeomB4yRTqmdHm6eNk/pqk65JuSLop6VZ8rXVH0t05459Mjf8g5/yBMsJ3XyvRk6tsk/lWxg5Odj6snndnvvd8qVHHmnH+RcG8HefbJfP7BfNOnG8df/RPUvd6XfDoQDZzpv6Xs7D+U41vH87Wf/5bi42S9Q9ss4vL7vsj3/c+L98wC6VobEtjtJAMe8LT9OLUjyomZq3H67O7HtNIb9R8YgKwcu6X80/uxWX32dn50al36n1odw5edfbbnZcHbrQud8tcnQNYZ+MP/Xz7Z38lCAAAAAAAAAAAAAAA1OGepPt1TwIAAABAJar4OVHdzxEAAAAAAAAAAAAAAAAAAAC4Kv4HAAD///noO60=") mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) rename(&(0x7f0000000180)='./bus\x00', &(0x7f0000000140)='./file0/file0\x00') 2.867227444s ago: executing program 6 (id=7283): syz_mount_image$iso9660(&(0x7f00000002c0), &(0x7f0000000540)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0016150b3f000000000000f0d4354b5a255ada7999001fc8f9e982365349739b3c7c9b5e8deb88405cc272b3be8ccfb503a2273297f601e86c6be6fb632414e1d0e9b21ce82dbf007799fe5492a936da23ab3b6539199a736055c647615f7cac5c45e94860a05844b846a6f8254252a17f35c8f5355bfdd3f62dd2f30f129a"], 0x1, 0x521, &(0x7f00000013c0)="$eJzs3MFu3MYZAGBSlmBBBYQCQWJF8YFxelAP2XBXtQwhJ5bLlZjsLhckFcinIqilQKiUFk0LNL754rZA+xC+9gl66msUfQijj9CCy1Ut25Ll2q7WNb4PkGZ2+XPmH2I1g6UwDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAIEz7cdwNg2E+3tuPLpb2y2L0guOn7f31qeIF/QZB2PwEy8vBWvvW2ntPDr/f/LoV3Ghf3QiWm2I5uP+DD374+XuLC6fnvyChK/Hd9/d/8fXx8cGv553InOxk47wq8lGyk0V5VUTbW1vxZ7uDKhrkw6y6W9XZKErLLKmLMtpIfxx1t7c3o6xzt9gb7/STYXb65p1Pe3G8FX3RmWRJWRXjz77oVOluPhzm451pTHO4ibnTfBC/zOuozpJRFB0eHR9sXpZkE9R9maDeZUG9uNfrdnu97tbt7dt34njxuTfiZwS9uPf+ahA8iZj/h5b5esMzOLy6f83WfwAAAODdFU7vsTff/5em9+HDYJAPs3jeaQEAAABv0PQ//zeaYqmprQWh7/8AAADwrvnD2T1218/bY1dNrod/+2dQlkvhg8n+j8KTpAlPTq615117tsV6sB6uzhqZFluLs1dpdjP8sA368DT68aw4vGyvX/gGEgj+FKy3Mev32vLe6ZG2l5VBPsw6aTH8vBskyepCne3Xv/326HfBdPh/HI9Ww+Dw6Pig8/NfHt+b5vKgaeXByWwDxXP7KJpcNq639bO5/P0f05stU2vnj3hpeiNm1u9K2298dvwL7ekL/8X4HwYftTEfrbTlytPjX2767HYuGv0si+7LjvzCLG62MTc3PmmKTzbOyaJ3WRa9s1m80rV4iSw2L8ti8zWzAJiXw0tWofD5hf8VZrmrWd0fBh+3MR+vTyfWxfVzZvT4shk9fs3V7S/BrTbm1mnwRWts0++fn1lVHzUnPLqw32rYC5tLeO03J78KPvju+/ufHp18/c3BNwff9nqbW/FP4vh2L1iaDmNWWHsAOEdWPg5X6t+HZZlPftbd3u4m9W4WlUX6ZVTm/Z0sysd1Vqa7yXgniyZlURdpMWwqX+X9rIqqvcmkKOtoUJTRpKjy/emTX6LZo1+qbJSM6zytJsMsqbIoLcZ1ktZRP6/SaLL302Fe7Wbl9ORqkqX5IE+TOi/GUVXslWnWiaIqy84E5v1sXOeDvKmOo0mZj5LybvRVMdwbZVE/q9Iyn9RF2+BpX/l4UJSjabOdeV9sAHhL/OcJdv/DyrzHCAA8zSoNAAAAAAAAAAAAAABvv6vY/6fyllUWgnmnEQRzvwhXXVn+P/uLm/PEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn+HcAAAD//6wfn3A=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, 0x0, 0x0) 2.625600003s ago: executing program 2 (id=7284): openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, 0x0) 2.568145069s ago: executing program 1 (id=7285): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x1, &(0x7f0000000000)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], 0x0, 0x9, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) r0 = socket(0x2, 0x80805, 0x0) getsockopt$bt_hci(r0, 0x84, 0x72, &(0x7f0000000000)=""/4071, &(0x7f0000001080)=0xfe7) 2.309470429s ago: executing program 6 (id=7286): r0 = socket$inet(0x2, 0x2, 0x1) setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000340)=0x6, 0x4) sendmsg$inet(r0, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @broadcast}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000940b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20008024) 2.223448111s ago: executing program 7 (id=7287): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x7836c2, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={r0, 0x0}, 0x20) 1.998785498s ago: executing program 1 (id=7288): r0 = socket$inet(0x2, 0x2, 0x1) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @remote}, 0x10) sendmmsg$inet(r0, &(0x7f0000000540)=[{{0x0, 0x2, &(0x7f0000000000)=[{&(0x7f00000000c0)="08001497733f5d3e", 0x6c6d}], 0x5}}, {{0x0, 0x0, &(0x7f0000000440), 0x56}}], 0x2, 0x2004000) 1.962141156s ago: executing program 2 (id=7289): r0 = socket(0x10, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9, 0xfffffffe, 0x0, 0x2}, 0x10) write(r0, &(0x7f00000001c0)="240000001e005f0214fffffffffffff80700000001000000000080000500090002000000", 0x24) 1.856184931s ago: executing program 9 (id=7290): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) flistxattr(r0, 0x0, 0x0) 1.738836877s ago: executing program 6 (id=7291): r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xd) ioctl$TIOCOUTQ(r0, 0x5411, 0x0) 1.571056563s ago: executing program 1 (id=7292): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) connect$packet(r0, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x82}, 0x14) getpeername$packet(r0, 0x0, 0x0) 1.540707227s ago: executing program 7 (id=7293): syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000400)='./file0\x00', 0x94, &(0x7f0000003280)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0186e87, 0x0) 1.469488173s ago: executing program 9 (id=7294): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_VIF(r0, 0x0, 0xd0, 0x0, 0x0) 1.415398949s ago: executing program 2 (id=7295): unshare(0x600) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/keycreate\x00') preadv(r0, 0x0, 0x0, 0xa, 0xffffffff) 1.17907776s ago: executing program 6 (id=7296): io_setup(0x1, &(0x7f00000012c0)=0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0xaa201, 0x0) io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r1, 0x0, 0x0, 0x200000000004}]) 1.001256198s ago: executing program 9 (id=7297): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041) openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) write$sndseq(r0, &(0x7f00000006c0)=[{0xf, 0x0, 0x0, 0xfd, @tick, {}, {0xe}, @raw8={"1f000e0000000100"}}], 0x1c) 886.636287ms ago: executing program 2 (id=7298): r0 = socket$inet(0x2, 0x3, 0x6) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000380)={'syztnl2\x00', 0x0, 0x2100, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x60, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0xfe, 0x0}}}}}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000000)={'tunl0\x00', r1, 0x20, 0x40, 0x1001000, 0x6, {{0x5, 0x4, 0x2, 0x6, 0x14, 0x67, 0x0, 0xf9, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0xfe, 0x0}}}}}) 879.707993ms ago: executing program 7 (id=7299): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), r0) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000ffdbdf25010000000800010003000000080002"], 0x24}, 0x1, 0x0, 0x0, 0xc840}, 0x20020000) 551.132322ms ago: executing program 6 (id=7300): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000ec0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWCHAIN={0x30, 0x3, 0xa, 0x3, 0x0, 0x0, {0xa, 0x0, 0x2008}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_COUNTERS={0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x58}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) 518.036934ms ago: executing program 9 (id=7301): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) writev(r0, &(0x7f0000000b00)=[{&(0x7f0000000940)='\r', 0xfdef}], 0x2) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) 323.074186ms ago: executing program 2 (id=7302): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/cpuinfo\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) 220.822568ms ago: executing program 7 (id=7303): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x20, r1, 0x239, 0x70bd27, 0x0, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xe973}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000802}, 0x20008810) 215.157976ms ago: executing program 1 (id=7304): capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x7}) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x6, &(0x7f0000000140)={0x7d, {{0x29, 0x0, 0x3b000000, @mcast1, 0x5}}}, 0x88) 0s ago: executing program 6 (id=7305): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x14, r1, 0x301, 0x70bd2a, 0x25dfdbfd, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x40014}, 0x0) kernel console output (not intermixed with test programs): 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 1218.334866][T18862] exfat: Deprecated parameter 'utf8' [ 1218.347411][T18862] exfat: Deprecated parameter 'utf8' [ 1218.362071][T18862] exfat: Deprecated parameter 'utf8' [ 1218.701387][T18872] loop3: detected capacity change from 0 to 64 [ 1219.927338][T18882] loop6: detected capacity change from 0 to 4096 [ 1220.112361][T18882] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1220.217290][T18882] ntfs3(loop6): Failed to load $Extend (-22). [ 1220.223821][T18882] ntfs3(loop6): Failed to initialize $Extend. [ 1220.509714][ T5857] kernel write not supported for file /sequencer (pid: 5857 comm: kworker/1:5) [ 1221.076497][T18902] loop7: detected capacity change from 0 to 256 [ 1221.094858][T18902] exfat: Deprecated parameter 'utf8' [ 1221.104323][T18902] exfat: Deprecated parameter 'namecase' [ 1221.295378][T18902] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xc465a08c, utbl_chksum : 0xe619d30d) [ 1222.157157][ T5857] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 1222.337884][ T5857] usb 4-1: Using ep0 maxpacket: 8 [ 1222.368394][ T5857] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1222.379044][ T5857] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 1222.398154][ T5857] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 1222.410091][ T5857] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 1222.422857][ T5857] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 1222.526077][ T5857] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 1222.541417][ T5857] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 1222.553253][ T5857] usb 4-1: Product: syz [ 1222.558731][ T5857] usb 4-1: Manufacturer: syz [ 1222.563558][ T5857] usb 4-1: SerialNumber: syz [ 1222.636296][ T5857] usb 4-1: config 0 descriptor?? [ 1222.877315][ T5857] radio-si470x 4-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 1222.884453][ T5857] radio-si470x 4-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 1222.994397][T18928] loop6: detected capacity change from 0 to 128 [ 1223.078666][T18928] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1223.096132][ T5857] radio-si470x 4-1:0.0: software version 0, hardware version 0 [ 1223.104130][ T5857] radio-si470x 4-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 1223.122747][ T5857] radio-si470x 4-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 1223.137888][T18928] ext4 filesystem being mounted at /421/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1223.304116][ T5857] radio-si470x 4-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 1223.313118][ T5857] radio-si470x 4-1:0.0: submitting int urb failed (-90) [ 1223.321951][ T5857] radio-si470x 4-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 1223.337916][ T5857] radio-si470x 4-1:0.0: probe with driver radio-si470x failed with error -22 [ 1223.414717][ T5857] usb 4-1: USB disconnect, device number 33 [ 1223.476801][T13588] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1223.925827][T18940] veth1_macvtap: left allmulticast mode [ 1223.935707][T18940] veth1_macvtap: left promiscuous mode [ 1223.941830][T18940] macsec0: left allmulticast mode [ 1224.061910][T18941] veth1_macvtap: entered promiscuous mode [ 1224.069577][T18941] macsec0: left promiscuous mode [ 1224.330263][T18943] sp0: Synchronizing with TNC [ 1224.449283][T18948] loop3: detected capacity change from 0 to 256 [ 1224.458778][T18948] exfat: Deprecated parameter 'namecase' [ 1224.465133][T18948] exfat: Deprecated parameter 'utf8' [ 1224.631428][T18948] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d) [ 1224.781165][T18952] loop0: detected capacity change from 0 to 256 [ 1224.930704][T18952] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 1225.036045][T18952] exFAT-fs (loop0): start_clu is invalid cluster(0x0) [ 1225.593693][T18960] loop3: detected capacity change from 0 to 2048 [ 1225.661285][T18960] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1225.771445][T18969] batadv0: entered promiscuous mode [ 1225.777196][T18969] macvtap1: entered promiscuous mode [ 1225.791884][T18969] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 1225.824461][T18960] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1225.839192][T18969] batadv0: left promiscuous mode [ 1226.206703][T18974] loop6: detected capacity change from 0 to 256 [ 1227.742216][T18996] loop3: detected capacity change from 0 to 256 [ 1227.838578][T18996] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1227.848423][T18999] program syz.1.5929 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1227.980822][ T30] audit: type=1400 audit(1765614103.947:264): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147C8A3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 1228.014163][T19003] loop7: detected capacity change from 0 to 1024 [ 1228.824900][T19011] loop3: detected capacity change from 0 to 512 [ 1229.028061][T19011] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1229.041349][T19011] ext4 filesystem being mounted at /1202/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1229.076693][ T4079] hfsplus: b-tree write err: -5, ino 4 [ 1229.554344][T19027] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5938'. [ 1229.563920][T19027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5938'. [ 1229.576421][T19027] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5938'. [ 1229.585787][T19027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5938'. [ 1229.595096][T19027] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5938'. [ 1229.737835][ T5812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1230.051423][T19033] netlink: 'syz.7.5942': attribute type 5 has an invalid length. [ 1230.066190][T19033] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5942'. [ 1230.860857][T19048] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5950'. [ 1231.918370][T19068] loop0: detected capacity change from 0 to 64 [ 1233.091730][T19086] binder_alloc: binder_alloc_mmap_handler: 19085 200000ffd000-200000fff000 already mapped failed -16 [ 1233.787772][T19094] loop7: detected capacity change from 0 to 1024 [ 1233.842166][T19094] EXT4-fs: Ignoring removed bh option [ 1233.966490][T19094] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1234.053290][T19103] loop6: detected capacity change from 0 to 16 [ 1234.151953][T19094] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4215: comm syz.7.5971: Allocating blocks 385-513 which overlap fs metadata [ 1234.176915][T19103] erofs (device loop6): mounted with root inode @ nid 36. [ 1234.259642][T19091] EXT4-fs (loop7): pa ffff88812281e310: logic 16, phys. 129, len 24 [ 1234.271124][T19091] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 8 [ 1234.552353][T19108] loop0: detected capacity change from 0 to 64 [ 1234.652254][T19108] Trying to free block not in datazone [ 1234.730698][T19108] Trying to free block not in datazone [ 1234.731212][T15716] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1234.736448][T19108] Trying to free block not in datazone [ 1234.747945][T19108] Trying to free block not in datazone [ 1235.660049][T19119] loop0: detected capacity change from 0 to 1024 [ 1237.336141][T19142] loop6: detected capacity change from 0 to 512 [ 1237.412115][T19142] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 1237.537053][T19142] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.5992: corrupted in-inode xattr: invalid ea_ino [ 1237.556471][T19142] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.5992: couldn't read orphan inode 15 (err -117) [ 1237.611255][T19142] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1238.071285][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1238.461303][T19154] loop0: detected capacity change from 0 to 128 [ 1238.486182][T19149] nvme_fabrics: missing parameter 'transport=%s' [ 1238.494255][T19149] nvme_fabrics: missing parameter 'nqn=%s' [ 1238.517761][T19155] pim6reg: entered allmulticast mode [ 1238.569734][T19154] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 1238.833221][T19151] nvme_fabrics: missing parameter 'transport=%s' [ 1238.840462][T19151] nvme_fabrics: missing parameter 'nqn=%s' [ 1239.735228][T19167] loop6: detected capacity change from 0 to 512 [ 1239.790551][T19167] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 1239.833169][T19167] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c119, mo2=0002] [ 1239.882287][T19167] System zones: 1-12 [ 1239.930305][T19167] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.6002: corrupted in-inode xattr: e_value size too large [ 1239.964897][T19167] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.6002: couldn't read orphan inode 15 (err -117) [ 1239.999593][T19167] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1240.330443][T19177] loop0: detected capacity change from 0 to 1024 [ 1240.434926][T19177] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1240.439334][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1240.963777][ T5796] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1240.995251][T19186] loop6: detected capacity change from 0 to 1024 [ 1241.020944][T19186] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1241.111800][T19186] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 1241.194767][T19186] System zones: 0-1, 3-36 [ 1241.284838][T19186] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1241.801173][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1244.769414][T19229] loop6: detected capacity change from 0 to 1024 [ 1244.874857][T19229] hfsplus: bad catalog entry type [ 1245.147261][ T3880] hfsplus: b-tree write err: -5, ino 4 [ 1245.245068][T19235] autofs: Bad value for 'fd' [ 1245.545785][T19238] loop6: detected capacity change from 0 to 128 [ 1245.702156][T19239] loop7: detected capacity change from 0 to 512 [ 1245.908318][T19239] EXT4-fs (loop7): revision level too high, forcing read-only mode [ 1245.916577][T19239] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 1246.034935][T19239] System zones: 0-1, 15-15, 18-18, 34-34 [ 1246.046445][T19239] EXT4-fs (loop7): orphan cleanup on readonly fs [ 1246.053371][T19239] Quota error (device loop7): v2_read_header: Failed header read: expected=8 got=0 [ 1246.066036][T19239] EXT4-fs warning (device loop7): ext4_enable_quotas:7221: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 1246.081228][T19239] EXT4-fs (loop7): Cannot turn on quotas: error -22 [ 1246.102081][T19239] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.6032: bg 0: block 40: padding at end of block bitmap is not set [ 1246.125458][T19239] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 1246.135844][T19239] EXT4-fs (loop7): 1 truncate cleaned up [ 1246.144049][T19239] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1246.292223][T19239] EXT4-fs error (device loop7): ext4_encrypted_get_link:46: inode #16: comm syz.7.6032: bad symlink. [ 1246.581101][T15716] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1247.300489][ T793] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 1247.558193][ T793] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1247.571062][ T793] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1247.587311][ T793] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 1247.596826][ T793] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1247.752232][ T793] usb 1-1: config 0 descriptor?? [ 1248.288689][ T793] kovaplus 0003:1E7D:2D50.0027: unknown main item tag 0x0 [ 1248.296170][ T793] kovaplus 0003:1E7D:2D50.0027: unknown main item tag 0x0 [ 1248.309539][ T793] kovaplus 0003:1E7D:2D50.0027: unknown main item tag 0x0 [ 1248.317005][ T793] kovaplus 0003:1E7D:2D50.0027: unknown main item tag 0x0 [ 1248.324919][ T793] kovaplus 0003:1E7D:2D50.0027: unknown main item tag 0x0 [ 1248.363938][ T793] kovaplus 0003:1E7D:2D50.0027: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.0-1/input0 [ 1248.486538][ T793] kovaplus 0003:1E7D:2D50.0027: couldn't init struct kovaplus_device [ 1248.495331][ T793] kovaplus 0003:1E7D:2D50.0027: couldn't install mouse [ 1248.562122][ T793] kovaplus 0003:1E7D:2D50.0027: probe with driver kovaplus failed with error -71 [ 1248.631660][ T793] usb 1-1: USB disconnect, device number 27 [ 1249.745299][T19291] loop7: detected capacity change from 0 to 128 [ 1249.844196][T19291] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000001) [ 1249.854942][T19291] FAT-fs (loop7): Filesystem has been set read-only [ 1249.936590][T19291] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000001) [ 1251.245918][T19304] loop6: detected capacity change from 0 to 16 [ 1251.257345][T19304] erofs (device loop6): mounted with root inode @ nid 36. [ 1251.528250][T11471] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1251.540917][T11471] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1251.550602][T11471] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1251.564242][T11471] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1251.638064][T11471] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1251.968511][T19308] lo speed is unknown, defaulting to 1000 [ 1252.778487][T19308] chnl_net:caif_netlink_parms(): no params data found [ 1253.395626][T11471] Bluetooth: hci1: unexpected cc 0x2031 length: 9 > 1 [ 1253.405928][T11471] Bluetooth: hci1: unexpected event for opcode 0x2031 [ 1253.750424][T11471] Bluetooth: hci5: command tx timeout [ 1254.464821][T19344] netlink: 27 bytes leftover after parsing attributes in process `syz.7.6077'. [ 1254.697261][T19308] bridge0: port 1(bridge_slave_0) entered blocking state [ 1254.705034][T19308] bridge0: port 1(bridge_slave_0) entered disabled state [ 1254.715606][T19308] bridge_slave_0: entered allmulticast mode [ 1254.728327][T19308] bridge_slave_0: entered promiscuous mode [ 1254.905468][T19308] bridge0: port 2(bridge_slave_1) entered blocking state [ 1254.913164][T19308] bridge0: port 2(bridge_slave_1) entered disabled state [ 1254.932228][T19308] bridge_slave_1: entered allmulticast mode [ 1254.942366][T19308] bridge_slave_1: entered promiscuous mode [ 1255.112316][ T1875] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1255.323299][ T1875] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1255.561127][ T1875] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1255.600031][T19308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1255.646482][T19308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1255.681074][ T1875] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1255.828102][T11471] Bluetooth: hci5: command tx timeout [ 1255.930459][T19308] team0: Port device team_slave_0 added [ 1255.956684][T19308] team0: Port device team_slave_1 added [ 1256.450634][T19308] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1256.459444][T19308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1256.489217][T19308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1256.597370][ T1875] bridge_slave_1: left allmulticast mode [ 1256.603585][ T1875] bridge_slave_1: left promiscuous mode [ 1256.613309][ T1875] bridge0: port 2(bridge_slave_1) entered disabled state [ 1256.646016][ T1875] bridge_slave_0: left allmulticast mode [ 1256.655457][ T1875] bridge_slave_0: left promiscuous mode [ 1256.662463][ T1875] bridge0: port 1(bridge_slave_0) entered disabled state [ 1257.284046][T19377] netlink: 504 bytes leftover after parsing attributes in process `syz.1.6090'. [ 1257.377762][ T1875] dvmrp0 (unregistering): left allmulticast mode [ 1257.617673][ T1875] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1257.730979][ T1875] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1257.790891][ T1875] bond0 (unregistering): Released all slaves [ 1257.816601][ T1875] bond1 (unregistering): Released all slaves [ 1257.933285][T11471] Bluetooth: hci5: command tx timeout [ 1257.992177][T19308] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1258.004937][T19308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1258.036940][T19308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1258.306947][ T1875] tipc: Left network mode [ 1258.543812][ T1875] mac80211_hwsim hwsim5 wlan1 (unregistering): left allmulticast mode [ 1258.760124][T19395] netlink: 68 bytes leftover after parsing attributes in process `syz.7.6099'. [ 1258.865652][T19308] hsr_slave_0: entered promiscuous mode [ 1258.885361][T19308] hsr_slave_1: entered promiscuous mode [ 1258.898485][T19308] debugfs: 'hsr0' already exists in 'hsr' [ 1258.904452][T19308] Cannot create hsr debugfs directory [ 1259.214761][ T1875] hsr_slave_0: left promiscuous mode [ 1259.246292][ T1875] hsr_slave_1: left promiscuous mode [ 1259.254740][ T1875] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1259.265496][ T1875] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1259.350880][ T1875] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1259.358974][ T1875] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1259.465472][ T1875] veth1_vlan: left promiscuous mode [ 1259.471245][ T1875] veth0_vlan: left promiscuous mode [ 1259.573635][T19409] loop0: detected capacity change from 0 to 512 [ 1259.585151][T19409] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1259.600880][T19409] EXT4-fs (loop0): group descriptors corrupted! [ 1259.792767][T19410] ALSA: mixer_oss: invalid OSS volume '' [ 1260.001034][T11471] Bluetooth: hci5: command tx timeout [ 1260.358209][ T1875] team0 (unregistering): Port device team_slave_1 removed [ 1260.386310][ T1875] team0 (unregistering): Port device team_slave_0 removed [ 1260.813092][T19420] loop7: detected capacity change from 0 to 256 [ 1260.913883][T19419] loop6: detected capacity change from 0 to 2048 [ 1261.110834][T19419] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1261.240226][T19423] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1261.368683][T19420] FAT-fs (loop7): Directory bread(block 64) failed [ 1261.375483][T19420] FAT-fs (loop7): Directory bread(block 65) failed [ 1261.382814][T19420] FAT-fs (loop7): Directory bread(block 66) failed [ 1261.389796][T19420] FAT-fs (loop7): Directory bread(block 67) failed [ 1261.396695][T19420] FAT-fs (loop7): Directory bread(block 68) failed [ 1261.403613][T19420] FAT-fs (loop7): Directory bread(block 69) failed [ 1261.410678][T19420] FAT-fs (loop7): Directory bread(block 70) failed [ 1261.417743][T19420] FAT-fs (loop7): Directory bread(block 71) failed [ 1261.424657][T19420] FAT-fs (loop7): Directory bread(block 72) failed [ 1261.431728][T19420] FAT-fs (loop7): Directory bread(block 73) failed [ 1261.937116][T19308] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 1262.015976][T19308] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 1262.078122][T19308] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 1262.134882][T19308] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1262.424730][T19425] loop0: detected capacity change from 0 to 4096 [ 1262.886636][T19425] ntfs3(loop0): failed to convert "0080" to maccyrillic [ 1262.921213][T19425] ntfs3(loop0): failed to convert name for inode 1e. [ 1262.941927][T19425] ntfs3(loop0): ino=1f, mi_enum_attr [ 1262.947809][T19425] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 1263.146533][T19308] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1263.356689][T19308] 8021q: adding VLAN 0 to HW filter on device team0 [ 1263.432775][ T1863] bridge0: port 1(bridge_slave_0) entered blocking state [ 1263.440552][ T1863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1263.552233][ T1863] bridge0: port 2(bridge_slave_1) entered blocking state [ 1263.559925][ T1863] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1265.333181][T19308] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1266.108094][T19485] netlink: 'syz.6.6138': attribute type 3 has an invalid length. [ 1266.116357][T19485] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6138'. [ 1266.635510][T19488] loop7: detected capacity change from 0 to 4096 [ 1266.691537][T19496] sp0: Synchronizing with TNC [ 1266.783757][T19493] [U] è [ 1266.800584][T19501] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1267.524280][T19308] veth0_vlan: entered promiscuous mode [ 1267.620910][T19308] veth1_vlan: entered promiscuous mode [ 1267.825830][T19308] veth0_macvtap: entered promiscuous mode [ 1267.870592][T19308] veth1_macvtap: entered promiscuous mode [ 1267.954180][T19308] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1268.091546][T19308] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1268.182844][ T1863] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1268.229600][ T1863] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1268.281398][ T1863] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1268.330574][ T1863] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1269.645537][T19535] genirq: Flags mismatch irq 4. 00200000 (aio_iiro_16) vs. 00200080 (ttyS0) [ 1269.691511][T19525] loop6: detected capacity change from 0 to 32768 [ 1269.713544][T19525] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6151 (19525) [ 1269.738438][T19525] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 1269.753313][T19525] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm [ 1269.822661][ T1014] BTRFS warning (device loop6): checksum verify failed on logical 1052672 mirror 1 wanted 0x11f3e929624b680852cd2754314153a53c00b22ae8936d589814e00d5ed09030 found 0x91ceb7e524c2b935eec5771d4325ab64c459d3fc4aa7fa7bc60dfdcb0d3b7844 level 0 [ 1269.851246][T19525] BTRFS error (device loop6): failed to read chunk root [ 1269.943013][T19525] BTRFS error (device loop6): open_ctree failed: -5 [ 1270.932707][T19559] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 1271.408430][T19561] loop6: detected capacity change from 0 to 512 [ 1271.532746][T19561] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 1271.603529][T19561] EXT4-fs (loop6): invalid journal inode [ 1271.616043][T19561] EXT4-fs (loop6): can't get journal size [ 1271.664090][T19561] EXT4-fs (loop6): 1 truncate cleaned up [ 1271.676599][T19561] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1271.837205][T12277] usb 2-1: new full-speed USB device number 30 using dummy_hcd [ 1271.854594][T19555] loop0: detected capacity change from 0 to 32768 [ 1271.879163][T19555] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1271.887741][T19555] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1271.928604][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1271.942662][T19555] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 1 18, function = gfs2_check_internal_file_size, file = fs/gfs2/inode.h, line = 85 [ 1271.958467][T19555] gfs2: fsid=syz:syz.0: G: s:SH n:2/12 f:aqo t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 1271.968019][T19555] gfs2: fsid=syz:syz.0: H: s:SH f:eEcH e:0 p:0 [(none)] init_inodes+0x124/0x510 [ 1271.977741][T19555] gfs2: fsid=syz:syz.0: I: n:1/18 t:8 f:0x00 d:0x00000200 s:98304 p:0 [ 1271.986299][T19555] CPU: 0 UID: 0 PID: 19555 Comm: syz.0.6157 Tainted: G W L syzkaller #0 PREEMPT(none) [ 1271.986643][T19555] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 1271.986715][T19555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1271.987034][T19555] Call Trace: [ 1271.987096][T19555] [ 1271.987155][T19555] __dump_stack+0x26/0x30 [ 1271.987348][T19555] dump_stack_lvl+0x1df/0x270 [ 1271.987547][T19555] dump_stack+0x1e/0x25 [ 1271.987713][T19555] gfs2_withdraw+0xd5/0x270 [ 1271.987930][T19555] gfs2_consist_inode_i+0x1a9/0x240 [ 1271.988177][T19555] gfs2_jdesc_check+0x170/0x440 [ 1271.988342][T19555] init_journal+0x1371/0x3890 [ 1271.988569][T19555] ? init_inodes+0x124/0x510 [ 1271.988752][T19555] ? init_inodes+0x124/0x510 [ 1271.988963][T19555] ? kmsan_get_metadata+0xfb/0x160 [ 1271.989179][T19555] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1271.989383][T19555] init_inodes+0x124/0x510 [ 1271.989567][T19555] gfs2_fill_super+0x38ee/0x3ff0 [ 1271.989759][T19555] ? init_locking+0xed/0x500 [ 1271.989983][T19555] get_tree_bdev_flags+0x6e6/0x920 [ 1271.990169][T19555] ? __pfx_gfs2_fill_super+0x10/0x10 [ 1271.990358][T19555] ? __pfx_gfs2_fill_super+0x10/0x10 [ 1271.990540][T19555] ? __pfx_gfs2_get_tree+0x10/0x10 [ 1271.990713][T19555] get_tree_bdev+0x38/0x50 [ 1271.990880][T19555] gfs2_get_tree+0x57/0x350 [ 1271.991106][T19555] ? __pfx_gfs2_get_tree+0x10/0x10 [ 1271.991307][T19555] vfs_get_tree+0xb3/0x5c0 [ 1271.991507][T19555] do_new_mount+0x879/0x1700 [ 1271.991704][T19555] ? kmsan_get_metadata+0xfb/0x160 [ 1271.991957][T19555] path_mount+0x749/0x1fb0 [ 1271.992185][T19555] ? user_path_at+0x241/0x3e0 [ 1271.992353][T19555] __se_sys_mount+0x6f7/0x7e0 [ 1271.992526][T19555] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1271.992705][T19555] ? kmsan_get_metadata+0xfb/0x160 [ 1271.992900][T19555] __x64_sys_mount+0xe4/0x150 [ 1271.993080][T19555] x64_sys_call+0x38cb/0x3e70 [ 1271.993242][T19555] do_syscall_64+0xd9/0xf80 [ 1271.993392][T19555] ? clear_bhb_loop+0x40/0x90 [ 1271.993533][T19555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1271.993671][T19555] RIP: 0033:0x7fca3e790eea [ 1271.993766][T19555] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1271.993876][T19555] RSP: 002b:00007fca3f673e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1271.993999][T19555] RAX: ffffffffffffffda RBX: 00007fca3f673ef0 RCX: 00007fca3e790eea [ 1271.994092][T19555] RDX: 0000200000000200 RSI: 00002000000001c0 RDI: 00007fca3f673eb0 [ 1271.994184][T19555] RBP: 0000200000000200 R08: 00007fca3f673ef0 R09: 0000000000000000 [ 1271.994267][T19555] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000001c0 [ 1271.994363][T19555] R13: 00007fca3f673eb0 R14: 00000000000125fe R15: 0000200000000180 [ 1271.994493][T19555] [ 1272.275693][T19555] gfs2: fsid=syz:syz.0: my journal (0) is bad: -5 [ 1272.468170][T12277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1272.482728][T12277] usb 2-1: New USB device found, idVendor=05ac, idProduct=0241, bcdDevice= 0.00 [ 1272.492368][T12277] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1272.592334][T12277] usb 2-1: config 0 descriptor?? [ 1272.615267][T19564] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1273.215819][T12277] apple 0003:05AC:0241.0028: unknown main item tag 0x0 [ 1273.224258][T12277] apple 0003:05AC:0241.0028: item fetching failed at offset 3/5 [ 1273.275404][T12277] apple 0003:05AC:0241.0028: parse failed [ 1273.282095][T12277] apple 0003:05AC:0241.0028: probe with driver apple failed with error -22 [ 1273.417226][T12277] usb 2-1: USB disconnect, device number 30 [ 1275.609971][ T1014] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1275.618185][ T1014] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1276.130615][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1276.139977][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1276.464888][T19619] loop0: detected capacity change from 0 to 32768 [ 1276.522998][T19619] OCFS2: ERROR (device loop0): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode 4101: suballoc slot 1279 [ 1276.538481][T19619] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1276.551364][T19619] OCFS2: File system is now read-only. [ 1276.557094][T19619] (syz.0.6175,19619,1):ocfs2_read_locked_inode:599 ERROR: status = -30 [ 1276.566052][T19619] (syz.0.6175,19619,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30 [ 1276.575620][T19619] (syz.0.6175,19619,1):ocfs2_init_global_system_inodes:465 ERROR: status = -30 [ 1276.588296][T19619] (syz.0.6175,19619,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 2, possibly corrupt fs? [ 1276.588472][T19619] (syz.0.6175,19619,1):ocfs2_init_global_system_inodes:476 ERROR: status = -30 [ 1276.613050][T19619] (syz.0.6175,19619,1):ocfs2_initialize_super:2198 ERROR: status = -30 [ 1276.622880][T19619] (syz.0.6175,19619,1):ocfs2_fill_super:1177 ERROR: status = -30 [ 1277.886883][T19641] loop0: detected capacity change from 0 to 256 [ 1277.900078][T19644] loop7: detected capacity change from 0 to 64 [ 1277.901451][T19641] exfat: Deprecated parameter 'utf8' [ 1277.913006][T19641] exfat: Deprecated parameter 'utf8' [ 1277.921712][T19641] exfat: Deprecated parameter 'utf8' [ 1277.982082][T19644] BFS-fs: bfs_fill_super(): loop7 is unclean, continuing [ 1278.014215][T19641] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 1278.165081][T19641] exfat: Deprecated parameter 'utf8' [ 1278.171147][T19641] exfat: Deprecated parameter 'utf8' [ 1278.177266][T19641] exfat: Deprecated parameter 'utf8' [ 1279.373622][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 1279.380512][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 1280.592967][T19690] loop7: detected capacity change from 0 to 2048 [ 1280.692847][T19695] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1283.491571][T19738] netlink: 'syz.0.6242': attribute type 322 has an invalid length. [ 1284.069354][T12277] kernel write not supported for file /sequencer (pid: 12277 comm: kworker/1:0) [ 1284.170823][T19753] loop8: detected capacity change from 0 to 512 [ 1284.217001][T19753] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 1284.305796][T19753] EXT4-fs (loop8): orphan cleanup on readonly fs [ 1284.349109][T19753] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.6237: Block bitmap for bg 0 marked uninitialized [ 1284.365345][T19753] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 1284.405590][T19753] EXT4-fs (loop8): 1 orphan inode deleted [ 1284.421819][T19753] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1284.482415][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 1284.793331][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1284.952179][T19765] veth1_macvtap: left promiscuous mode [ 1284.960732][T19765] macsec0: entered promiscuous mode [ 1285.004525][T19765] veth1_macvtap: entered promiscuous mode [ 1285.012553][T19765] macsec0: left promiscuous mode [ 1285.470633][T19775] loop8: detected capacity change from 0 to 512 [ 1285.585894][T19775] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1285.604361][T19775] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1285.613061][T19779] loop7: detected capacity change from 0 to 256 [ 1285.810936][T19779] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 1285.940368][T19769] overlayfs: failed to resolve './file0': -2 [ 1286.089043][T19787] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6252'. [ 1286.101530][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1286.362487][T19792] loop7: detected capacity change from 0 to 256 [ 1286.473395][T19792] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 1286.576358][T19792] exFAT-fs (loop7): start_clu is invalid cluster(0x0) [ 1287.298969][T19808] netlink: 'syz.1.6263': attribute type 1 has an invalid length. [ 1287.486480][T19812] loop8: detected capacity change from 0 to 512 [ 1287.635136][T19812] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1287.648598][T19812] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1288.021685][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1288.502346][T19833] batadv0: entered promiscuous mode [ 1288.502701][T19833] macvtap1: entered promiscuous mode [ 1288.511771][T19833] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 1288.537315][T19833] batadv0: left promiscuous mode [ 1289.029903][T12277] usb 1-1: new full-speed USB device number 28 using dummy_hcd [ 1289.247816][T12277] usb 1-1: config 0 has an invalid interface number: 128 but max is 0 [ 1289.256404][T12277] usb 1-1: config 0 has no interface number 0 [ 1289.332634][T12277] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 1289.332802][T12277] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1289.332938][T12277] usb 1-1: Product: syz [ 1289.333052][T12277] usb 1-1: Manufacturer: syz [ 1289.333161][T12277] usb 1-1: SerialNumber: syz [ 1289.339142][T12277] usb 1-1: config 0 descriptor?? [ 1290.085281][T12277] usb 1-1: Firmware version (0.0) predates our first public release. [ 1290.094773][T12277] usb 1-1: Please update to version 0.2 or newer [ 1290.200158][T12277] usb 1-1: USB disconnect, device number 28 [ 1290.276826][T19859] sd 0:0:1:0: device reset [ 1291.262483][T19874] binder: 19873:19874 ioctl c018620b 200000000300 returned -14 [ 1291.773560][T19882] loop6: detected capacity change from 0 to 64 [ 1291.848246][T19882] Trying to free block not in datazone [ 1291.849061][T19882] Trying to free block not in datazone [ 1291.849128][T19882] Trying to free block not in datazone [ 1291.856029][T19882] Trying to free block not in datazone [ 1292.370857][T19893] ext3: block size(16384) > page size(4096) not supported by filesystem [ 1293.282972][T19894] loop8: detected capacity change from 0 to 4096 [ 1293.416380][T19907] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1293.582321][T19906] loop7: detected capacity change from 0 to 2048 [ 1293.613934][T19906] EXT4-fs: Ignoring removed bh option [ 1293.753029][T19906] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1293.861871][ T30] audit: type=1804 audit(1765614169.847:265): pid=19906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.6303" name="/newroot/349/file1/file1" dev="loop7" ino=15 res=1 errno=0 [ 1294.034501][T19918] netlink: 68 bytes leftover after parsing attributes in process `syz.6.6309'. [ 1294.193407][T15716] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1294.595105][T19928] gretap0: entered promiscuous mode [ 1294.600969][T19928] vlan3: entered promiscuous mode [ 1295.566211][T19926] loop6: detected capacity change from 0 to 40427 [ 1295.582809][T19926] F2FS-fs (loop6): Image doesn't support compression [ 1295.584075][T19932] tipc: Started in network mode [ 1295.589857][T19926] F2FS-fs (loop6): build fault injection rate: 690 [ 1295.589966][T19926] F2FS-fs (loop6): build fault injection type: 0x2 [ 1295.612403][T19932] tipc: Node identity aaaaaaaaaa35, cluster identity 4711 [ 1295.621569][T19932] tipc: Enabled bearer , priority 14 [ 1295.649793][T19926] F2FS-fs (loop6): invalid crc value [ 1296.031587][T19926] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1296.048105][T19926] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 1296.747955][T12277] tipc: Node number set to 10463914 [ 1297.226341][T19952] loop8: detected capacity change from 0 to 512 [ 1297.252536][T19952] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 1297.315340][T19952] EXT4-fs error (device loop8): ext4_iget_extra_inode:5073: inode #15: comm syz.8.6323: corrupted in-inode xattr: invalid ea_ino [ 1297.351827][T19952] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.6323: couldn't read orphan inode 15 (err -117) [ 1297.456348][T19952] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1297.733008][T19960] loop7: detected capacity change from 0 to 8 [ 1297.805384][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1299.044917][ T11] IPVS: starting estimator thread 0... [ 1299.138122][T19983] IPVS: using max 192 ests per chain, 9600 per kthread [ 1299.512156][T19992] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 1300.031627][T19995] loop6: detected capacity change from 0 to 2048 [ 1300.208537][T19995] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1301.475015][T20012] loop7: detected capacity change from 0 to 1024 [ 1301.530764][T20012] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1301.649529][T20012] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1301.847865][T20021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6356'. [ 1302.063901][T15716] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1303.250713][T20041] netlink: 'syz.1.6365': attribute type 1 has an invalid length. [ 1304.800539][T20062] loop8: detected capacity change from 0 to 4096 [ 1304.813509][T20062] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512). [ 1305.014744][T20062] [syz.8.6375/20062] FS: loop8 File: /file1 would truncate fibmap result [ 1305.549343][T20067] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1340 [ 1306.102181][T20075] loop7: detected capacity change from 0 to 512 [ 1306.115994][T20075] EXT4-fs (loop7): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 1306.133624][T20075] EXT4-fs error (device loop7): __ext4_get_inode_loc:4830: comm syz.7.6382: Invalid inode table block 1 in block_group 0 [ 1306.149430][T20075] EXT4-fs (loop7): get root inode failed [ 1306.155288][T20075] EXT4-fs (loop7): mount failed [ 1306.586626][T20081] loop8: detected capacity change from 0 to 512 [ 1306.682485][T20081] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2 [ 1306.696172][T20081] EXT4-fs (loop8): 1 truncate cleaned up [ 1306.707340][T20081] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1307.047900][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1308.933597][T20111] loop6: detected capacity change from 0 to 512 [ 1309.026566][T20111] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1309.040137][T20111] ext4 filesystem being mounted at /529/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1309.156560][T20111] EXT4-fs error (device loop6): ext4_map_blocks:783: inode #2: block 3: comm syz.6.6406: lblock 8 mapped to illegal pblock 3 (length 26) [ 1309.274759][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1311.192111][T11471] Bluetooth: hci2: Invalid handle: 0xfe00 > 0x0eff [ 1311.335689][T20152] vlan2: entered promiscuous mode [ 1311.343903][T20152] bridge0: entered promiscuous mode [ 1311.458413][T20150] loop6: detected capacity change from 0 to 512 [ 1311.561898][T20150] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 1311.573989][T20150] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it [ 1311.584950][T20150] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.6416: Corrupt directory, running e2fsck is recommended [ 1311.941646][T20150] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -2 [ 1311.955136][T20150] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.6416: corrupted in-inode xattr: invalid ea_ino [ 1312.016259][T20150] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.6416: couldn't read orphan inode 15 (err -117) [ 1312.053528][T20150] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1312.275499][T20161] bridge_slave_0: default FDB implementation only supports local addresses [ 1312.422626][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1313.128488][T20172] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6425'. [ 1313.139061][T20172] netlink: 43 bytes leftover after parsing attributes in process `syz.6.6425'. [ 1313.148483][T20172] netlink: 'syz.6.6425': attribute type 2 has an invalid length. [ 1313.156411][T20172] netlink: 'syz.6.6425': attribute type 2 has an invalid length. [ 1313.169951][T20172] netlink: 43 bytes leftover after parsing attributes in process `syz.6.6425'. [ 1313.200907][T20173] netdevsim netdevsim8 netdevsim0: entered promiscuous mode [ 1313.249266][T20173] netdevsim netdevsim8 netdevsim0: left promiscuous mode [ 1313.384549][T20175] netlink: 64 bytes leftover after parsing attributes in process `syz.1.6427'. [ 1313.896851][T20179] loop6: detected capacity change from 0 to 1024 [ 1313.950312][T20179] EXT4-fs: inline encryption not supported [ 1314.051097][T20179] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1314.539949][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1314.575498][T20191] loop8: detected capacity change from 0 to 128 [ 1314.621577][T20191] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1314.682867][T20191] ext4 filesystem being mounted at /57/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1315.080919][T19308] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1315.360166][ T30] audit: type=1326 audit(1765614191.347:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20199 comm="syz.1.6439" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffa9b98f749 code=0x0 [ 1316.311756][T20213] loop8: detected capacity change from 0 to 2048 [ 1316.374696][T20213] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1316.501602][T20217] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1317.275096][T11471] Bluetooth: hci3: command 0x0406 tx timeout [ 1317.458187][T20227] netlink: 'syz.8.6448': attribute type 1 has an invalid length. [ 1317.469105][T20227] netlink: 'syz.8.6448': attribute type 3 has an invalid length. [ 1317.477052][T20227] netlink: 212 bytes leftover after parsing attributes in process `syz.8.6448'. [ 1317.492579][ T5801] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1317.506561][ T5801] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1317.518985][ T5801] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1317.543959][ T5801] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1317.563053][ T5801] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1317.726333][T20228] lo speed is unknown, defaulting to 1000 [ 1318.719276][T20228] chnl_net:caif_netlink_parms(): no params data found [ 1319.107271][T20249] loop8: detected capacity change from 0 to 1024 [ 1319.141512][T20249] EXT4-fs: Ignoring removed orlov option [ 1319.224888][T20249] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1319.403262][T20258] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6459'. [ 1319.663754][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1319.675191][ T5801] Bluetooth: hci4: command tx timeout [ 1319.982404][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1320.113299][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1320.459087][T20228] bridge0: port 1(bridge_slave_0) entered blocking state [ 1320.466639][T20228] bridge0: port 1(bridge_slave_0) entered disabled state [ 1320.474680][T20228] bridge_slave_0: entered allmulticast mode [ 1320.487730][T20228] bridge_slave_0: entered promiscuous mode [ 1320.574233][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1320.662517][T20228] bridge0: port 2(bridge_slave_1) entered blocking state [ 1320.670361][T20228] bridge0: port 2(bridge_slave_1) entered disabled state [ 1320.680852][T20228] bridge_slave_1: entered allmulticast mode [ 1320.691225][T20228] bridge_slave_1: entered promiscuous mode [ 1320.818065][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1321.143381][T20228] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1321.243533][T20228] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1321.494163][T20228] team0: Port device team_slave_0 added [ 1321.619338][T20228] team0: Port device team_slave_1 added [ 1321.638711][ T35] bridge_slave_1: left allmulticast mode [ 1321.644745][ T35] bridge_slave_1: left promiscuous mode [ 1321.651691][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 1321.684282][ T35] bridge_slave_0: left allmulticast mode [ 1321.693180][ T35] bridge_slave_0: left promiscuous mode [ 1321.700494][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 1321.751284][ T5801] Bluetooth: hci4: command tx timeout [ 1322.505863][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1322.579811][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1322.655166][T20296] usb usb8: selecting invalid altsetting 2047 [ 1322.655944][ T35] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 1322.743140][ T35] bond0 (unregistering): Released all slaves [ 1322.767039][ T35] bond1 (unregistering): Released all slaves [ 1323.255977][T20228] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1323.263386][T20228] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1323.289873][T20228] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1323.406526][T20228] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1323.413993][T20228] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1323.441572][T20228] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1323.546810][T20302] loop6: detected capacity change from 0 to 4096 [ 1323.570978][T20302] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 1323.742616][T20228] hsr_slave_0: entered promiscuous mode [ 1323.756374][T20228] hsr_slave_1: entered promiscuous mode [ 1323.765878][T20228] debugfs: 'hsr0' already exists in 'hsr' [ 1323.772008][T20228] Cannot create hsr debugfs directory [ 1323.814043][ T35] hsr_slave_0: left promiscuous mode [ 1323.824652][ T35] hsr_slave_1: left promiscuous mode [ 1323.833166][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1323.842091][T20310] netlink: 'syz.1.6482': attribute type 3 has an invalid length. [ 1323.852377][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1323.860957][ T5801] Bluetooth: hci4: command tx timeout [ 1323.899137][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1323.906759][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1323.930010][ T35] veth1_macvtap: left promiscuous mode [ 1323.936697][ T35] veth0_macvtap: left promiscuous mode [ 1323.942859][ T35] veth1_vlan: left promiscuous mode [ 1323.948620][ T35] veth0_vlan: left promiscuous mode [ 1323.962639][T20302] ntfs3(loop6): ino=0, attr_set_size [ 1323.968828][T20302] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1324.033981][T20311] ntfs3(loop6): ino=0, attr_set_size [ 1324.893415][T20319] loop6: detected capacity change from 0 to 16 [ 1325.055635][ T35] team0 (unregistering): Port device team_slave_1 removed [ 1325.151046][ T35] team0 (unregistering): Port device team_slave_0 removed [ 1325.938245][ T5801] Bluetooth: hci4: command tx timeout [ 1326.169629][ T35] IPVS: stop unused estimator thread 0... [ 1326.922567][T20228] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1327.000196][T20228] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1327.081454][T20228] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1327.184991][T20228] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1328.129241][T20358] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6503'. [ 1328.155804][T20358] ip6gretap0: entered promiscuous mode [ 1328.177909][T20358] ip6gretap0: left promiscuous mode [ 1328.210455][T20361] loop7: detected capacity change from 0 to 512 [ 1328.232261][T20361] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 1328.257117][T20228] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1328.294253][T20361] EXT4-fs (loop7): 1 truncate cleaned up [ 1328.302618][T20361] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1328.357299][T20228] 8021q: adding VLAN 0 to HW filter on device team0 [ 1328.387624][ T4079] bridge0: port 1(bridge_slave_0) entered blocking state [ 1328.395297][ T4079] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1328.496685][ T4079] bridge0: port 2(bridge_slave_1) entered blocking state [ 1328.504441][ T4079] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1328.875862][T15716] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1329.789647][T20228] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1330.353259][T20385] loop8: detected capacity change from 0 to 8192 [ 1331.366461][T20228] veth0_vlan: entered promiscuous mode [ 1331.460834][T20228] veth1_vlan: entered promiscuous mode [ 1331.485956][T20404] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6518'. [ 1331.676081][T20228] veth0_macvtap: entered promiscuous mode [ 1331.722826][T20228] veth1_macvtap: entered promiscuous mode [ 1331.853296][T20228] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1331.956761][T20228] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1332.011940][ T4079] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1332.038946][T20410] netlink: 96 bytes leftover after parsing attributes in process `syz.6.6521'. [ 1332.047668][ T4079] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1332.048645][T20410] netlink: 96 bytes leftover after parsing attributes in process `syz.6.6521'. [ 1332.066428][T20410] netlink: 96 bytes leftover after parsing attributes in process `syz.6.6521'. [ 1332.073810][ T4079] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1332.111779][T20412] loop8: detected capacity change from 0 to 512 [ 1332.123242][T20412] EXT4-fs: Ignoring removed oldalloc option [ 1332.125927][ T4079] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1332.130129][T20412] EXT4-fs: Ignoring removed nobh option [ 1332.199004][T20412] EXT4-fs error (device loop8): ext4_orphan_get:1391: inode #15: comm syz.8.6522: inode has both inline data and extents flags [ 1332.351360][T20412] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.6522: couldn't read orphan inode 15 (err -117) [ 1332.471129][T20412] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1332.609248][T20412] EXT4-fs error (device loop8): ext4_map_blocks:783: inode #2: block 13: comm syz.8.6522: lblock 0 mapped to illegal pblock 13 (length 1) [ 1332.668836][T20412] EXT4-fs warning (device loop8): htree_dirblock_to_tree:1051: inode #2: lblock 0: comm syz.8.6522: error -117 reading directory block [ 1332.955926][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1333.399552][T20435] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6527'. [ 1334.298780][T20441] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6533'. [ 1334.490134][T20434] loop6: detected capacity change from 0 to 40427 [ 1334.516253][T20434] F2FS-fs (loop6): Corrupted extension count (64 + 1 > 64) [ 1334.523926][T20434] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 1334.564089][T20434] F2FS-fs (loop6): Image doesn't support compression [ 1334.572361][T20434] F2FS-fs (loop6): journaled quota format not specified [ 1335.540232][T20453] loop6: detected capacity change from 0 to 256 [ 1335.551375][T20453] exfat: Deprecated parameter 'utf8' [ 1335.557829][T20453] exfat: Deprecated parameter 'namecase' [ 1335.655232][T20453] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x8b6193f0, utbl_chksum : 0xe619d30d) [ 1336.064517][T20461] Invalid ELF header magic: != ELF [ 1336.424897][T20467] loop8: detected capacity change from 0 to 128 [ 1336.547979][T20467] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1336.589066][T20467] ext4 filesystem being mounted at /83/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1337.403269][T19308] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1338.231197][T20493] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6551'. [ 1338.240947][T20493] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6551'. [ 1338.254707][T20493] netlink: 'syz.8.6551': attribute type 11 has an invalid length. [ 1338.264515][T20493] netlink: 'syz.8.6551': attribute type 13 has an invalid length. [ 1338.474073][ T1014] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1338.482245][ T1014] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1338.623515][ T4028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1338.632133][ T4028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1340.116480][T20525] loop7: detected capacity change from 0 to 128 [ 1340.329570][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.329570][T20525] loop7: rw=2049, sector=154, nr_sectors = 6 limit=128 [ 1340.379705][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.379705][T20525] loop7: rw=8390657, sector=158, nr_sectors = 2 limit=128 [ 1340.396233][T20525] Buffer I/O error on dev loop7, logical block 79, lost async page write [ 1340.405588][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.405588][T20525] loop7: rw=8390657, sector=160, nr_sectors = 2 limit=128 [ 1340.424882][T20525] Buffer I/O error on dev loop7, logical block 80, lost async page write [ 1340.494056][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.494056][T20525] loop7: rw=2049, sector=162, nr_sectors = 6 limit=128 [ 1340.574248][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.574248][T20525] loop7: rw=8390657, sector=166, nr_sectors = 2 limit=128 [ 1340.588861][T20525] Buffer I/O error on dev loop7, logical block 83, lost async page write [ 1340.598339][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.598339][T20525] loop7: rw=8390657, sector=168, nr_sectors = 2 limit=128 [ 1340.617642][T20525] Buffer I/O error on dev loop7, logical block 84, lost async page write [ 1340.653526][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.653526][T20525] loop7: rw=2049, sector=186, nr_sectors = 6 limit=128 [ 1340.722045][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.722045][T20525] loop7: rw=8390657, sector=190, nr_sectors = 2 limit=128 [ 1340.736375][T20525] Buffer I/O error on dev loop7, logical block 95, lost async page write [ 1340.745381][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.745381][T20525] loop7: rw=8390657, sector=192, nr_sectors = 2 limit=128 [ 1340.759559][T20525] Buffer I/O error on dev loop7, logical block 96, lost async page write [ 1340.814613][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 1340.821629][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 1340.849886][T20525] syz.7.6566: attempt to access beyond end of device [ 1340.849886][T20525] loop7: rw=2049, sector=194, nr_sectors = 6 limit=128 [ 1340.895908][T20525] Buffer I/O error on dev loop7, logical block 99, lost async page write [ 1340.905271][T20525] Buffer I/O error on dev loop7, logical block 100, lost async page write [ 1341.046140][T20525] Buffer I/O error on dev loop7, logical block 111, lost async page write [ 1341.055750][T20525] Buffer I/O error on dev loop7, logical block 112, lost async page write [ 1342.160605][T20555] loop9: detected capacity change from 0 to 512 [ 1342.197591][T20555] EXT4-fs error (device loop9): ext4_orphan_get:1417: comm syz.9.6580: bad orphan inode 15 [ 1342.205359][T20555] ext4_test_bit(bit=14, block=18) = 1 [ 1342.205472][T20555] is_bad_inode(inode)=0 [ 1342.205537][T20555] NEXT_ORPHAN(inode)=1023 [ 1342.205606][T20555] max_ino=32 [ 1342.205667][T20555] i_nlink=0 [ 1342.206791][T20555] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2971: inode #15: comm syz.9.6580: corrupted xattr block 19: invalid header [ 1342.224689][T20555] EXT4-fs warning (device loop9): ext4_evict_inode:273: xattr delete (err -117) [ 1342.227336][T20555] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 1342.255228][T20555] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1342.329945][T20555] EXT4-fs error (device loop9): ext4_add_entry:2415: inode #12: comm syz.9.6580: Directory hole found for htree leaf block 0 [ 1342.538040][T20228] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 1342.736260][T20564] program syz.7.6583 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1344.946028][T20580] netlink: 'syz.6.6591': attribute type 11 has an invalid length. [ 1344.968149][T20570] loop7: detected capacity change from 0 to 65536 [ 1345.006515][T20570] XFS (loop7): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 1345.173337][T20570] XFS (loop7): Ending clean mount [ 1345.285237][T15716] XFS (loop7): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 1346.430125][T20609] loop9: detected capacity change from 0 to 64 [ 1346.489390][T20609] BFS-fs: bfs_fill_super(): loop9 is unclean, continuing [ 1346.688029][T20612] netlink: 60 bytes leftover after parsing attributes in process `syz.1.6604'. [ 1346.699191][T20612] unsupported nlmsg_type 40 [ 1347.162972][T20615] mkiss: ax0: crc mode is auto. [ 1347.925629][ T5427] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 1348.021108][T20631] loop6: detected capacity change from 0 to 1024 [ 1348.095875][T20631] hfsplus: bad catalog entry type [ 1348.123883][ T5427] usb 10-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00 [ 1348.133817][ T5427] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1348.168370][ T5427] usb 10-1: config 0 descriptor?? [ 1348.363756][ T4061] hfsplus: b-tree write err: -5, ino 4 [ 1348.670201][ T5427] ryos 0003:1E7D:3138.0029: hidraw0: USB HID v1.01 Device [HID 1e7d:3138] on usb-dummy_hcd.9-1/input0 [ 1348.885844][ T5427] usb 10-1: USB disconnect, device number 2 [ 1350.998856][T20688] loop8: detected capacity change from 0 to 256 [ 1351.146334][T20688] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 1351.516989][T20691] netlink: 'syz.1.6640': attribute type 1 has an invalid length. [ 1351.525296][T20691] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6640'. [ 1351.534681][T20691] netlink: 'syz.1.6640': attribute type 1 has an invalid length. [ 1351.952379][T20689] loop7: detected capacity change from 0 to 40427 [ 1352.006770][T20689] F2FS-fs (loop7): invalid crc value [ 1352.335520][T20689] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 1352.352030][T20689] F2FS-fs (loop7): checkpoint=disable on readonly fs [ 1353.390615][T20700] loop9: detected capacity change from 0 to 40427 [ 1353.403101][T20700] F2FS-fs (loop9): Invalid log sectorsize (14) [ 1353.413543][T20700] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock [ 1353.426377][T20700] F2FS-fs (loop9): old and new quota format mixing [ 1354.608159][T20713] netlink: 'syz.6.6648': attribute type 10 has an invalid length. [ 1354.689941][T20713] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1354.714407][T20713] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 1355.365369][T20719] loop8: detected capacity change from 0 to 512 [ 1355.437340][T20719] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 1355.549071][T20719] EXT4-fs (loop8): orphan cleanup on readonly fs [ 1355.582368][T20719] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.6652: Block bitmap for bg 0 marked uninitialized [ 1355.650018][T20719] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 1355.726795][T20719] EXT4-fs (loop8): 1 orphan inode deleted [ 1355.735449][T20719] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1355.824182][T20719] EXT4-fs (loop8): warning: mounting fs with errors, running e2fsck is recommended [ 1355.925859][T20719] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 1355.946204][T20719] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.6652: Block bitmap for bg 0 marked uninitialized [ 1355.995268][T20719] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.6652: Block bitmap for bg 0 marked uninitialized [ 1356.023154][T20719] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.6652: Block bitmap for bg 0 marked uninitialized [ 1356.064383][T20719] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.6652: Block bitmap for bg 0 marked uninitialized [ 1356.085234][T20719] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.6652: Block bitmap for bg 0 marked uninitialized [ 1356.104450][T20719] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.6652: Block bitmap for bg 0 marked uninitialized [ 1356.299652][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1356.667758][T20734] loop8: detected capacity change from 0 to 512 [ 1356.708988][T20734] EXT4-fs: Ignoring removed oldalloc option [ 1356.836455][T20734] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1356.850010][T20734] ext4 filesystem being mounted at /104/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1357.072894][T20734] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.6658: bg 0: block 217: padding at end of block bitmap is not set [ 1357.128871][T20734] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6689: Corrupt filesystem [ 1357.216365][T20742] loop9: detected capacity change from 0 to 1024 [ 1357.355718][T20742] hfsplus: bad catalog entry type [ 1357.439292][T20747] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6662'. [ 1357.449053][T20747] netlink: 'syz.6.6662': attribute type 5 has an invalid length. [ 1357.450421][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1357.624777][ T4079] hfsplus: b-tree write err: -5, ino 4 [ 1358.406848][T20764] loop8: detected capacity change from 0 to 8 [ 1358.444376][T20766] bridge0: entered promiscuous mode [ 1358.459159][T20766] bridge0: port 3(vlan2) entered blocking state [ 1358.466034][T20766] bridge0: port 3(vlan2) entered disabled state [ 1358.473373][T20766] vlan2: entered allmulticast mode [ 1358.478892][T20766] bridge0: entered allmulticast mode [ 1358.541914][T20764] SQUASHFS error: lzo decompression failed, data probably corrupt [ 1358.550364][T20764] SQUASHFS error: Failed to read block 0x144: -5 [ 1358.556914][T20764] SQUASHFS error: Unable to read metadata cache entry [142] [ 1358.564661][T20764] SQUASHFS error: Unable to read inode 0x11f [ 1358.576166][T20766] vlan2: left allmulticast mode [ 1358.581669][T20766] bridge0: left allmulticast mode [ 1358.589407][T20766] bridge0: left promiscuous mode [ 1359.048453][T20774] loop8: detected capacity change from 0 to 256 [ 1359.356623][T20774] FAT-fs (loop8): Directory bread(block 64) failed [ 1359.364102][T20774] FAT-fs (loop8): Directory bread(block 65) failed [ 1359.371222][T20774] FAT-fs (loop8): Directory bread(block 66) failed [ 1359.378130][T20774] FAT-fs (loop8): Directory bread(block 67) failed [ 1359.385087][T20774] FAT-fs (loop8): Directory bread(block 68) failed [ 1359.392087][T20774] FAT-fs (loop8): Directory bread(block 69) failed [ 1359.399172][T20774] FAT-fs (loop8): Directory bread(block 70) failed [ 1359.405998][T20774] FAT-fs (loop8): Directory bread(block 71) failed [ 1359.413011][T20774] FAT-fs (loop8): Directory bread(block 72) failed [ 1359.420072][T20774] FAT-fs (loop8): Directory bread(block 73) failed [ 1362.028616][T20833] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6704'. [ 1363.981584][T20870] loop7: detected capacity change from 0 to 64 [ 1363.994946][T20871] loop6: detected capacity change from 0 to 64 [ 1364.183898][T20871] hfs: bad catalog entry type 65535 [ 1364.734342][T20882] loop7: detected capacity change from 0 to 512 [ 1364.804437][T20882] EXT4-fs: Ignoring removed orlov option [ 1364.943540][T20882] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1364.957076][T20882] ext4 filesystem being mounted at /434/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1364.993888][T20883] loop8: detected capacity change from 0 to 4096 [ 1365.054086][T20882] EXT4-fs error (device loop7): ext4_get_verity_descriptor_location:335: inode #15: comm syz.7.6728: verity file corrupted; can't find descriptor [ 1365.082001][T20882] EXT4-fs (loop7): Remounting filesystem read-only [ 1365.090015][T20892] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1365.105718][T20882] fs-verity (loop7, inode 15): Error -117 getting verity descriptor size [ 1365.262841][T20894] loop6: detected capacity change from 0 to 1024 [ 1365.310162][T20894] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1365.469219][T15716] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1365.493771][T20894] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1365.530451][T20894] EXT4-fs (loop6): Online resizing not supported with bigalloc [ 1365.632777][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1365.702465][T20901] bridge0: entered promiscuous mode [ 1365.713239][T20901] bridge0: port 4(vlan3) entered blocking state [ 1365.723317][T20901] bridge0: port 4(vlan3) entered disabled state [ 1365.730530][T20901] vlan3: entered allmulticast mode [ 1365.735940][T20901] bridge0: entered allmulticast mode [ 1365.799773][T20901] vlan3: left allmulticast mode [ 1365.805051][T20901] bridge0: left allmulticast mode [ 1365.870932][T20901] bridge0: left promiscuous mode [ 1366.136414][T20909] loop6: detected capacity change from 0 to 2048 [ 1366.144764][T20905] loop8: detected capacity change from 0 to 2048 [ 1366.152093][T20909] EXT4-fs: Ignoring removed i_version option [ 1366.194313][T20905] UDF-fs: error (device loop8): udf_process_sequence: Primary Volume Descriptor not found! [ 1366.276539][T20909] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1366.325826][T20905] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1366.471570][T20909] EXT4-fs error (device loop6): ext4_find_extent:939: inode #2: comm syz.6.6737: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 1366.727884][T12277] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 1366.811257][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1366.997098][T12277] usb 10-1: config 0 has too many interfaces: 204, using maximum allowed: 32 [ 1367.006587][T12277] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 204 [ 1367.016484][T12277] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1367.030647][T12277] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1367.041962][T12277] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1367.055298][T12277] usb 10-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00 [ 1367.064779][T12277] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1367.186852][T12277] usb 10-1: config 0 descriptor?? [ 1367.674224][T12277] input: HID 28bd:0909 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:28BD:0909.002A/input/input23 [ 1367.815558][T12277] uclogic 0003:28BD:0909.002A: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.9-1/input0 [ 1367.899785][T12277] usb 10-1: USB disconnect, device number 3 [ 1368.126143][T20938] netlink: 52 bytes leftover after parsing attributes in process `syz.7.6751'. [ 1368.135852][T20938] netlink: 'syz.7.6751': attribute type 1 has an invalid length. [ 1368.351100][ T30] audit: type=1326 audit(1765614244.337:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1368.380248][ T30] audit: type=1326 audit(1765614244.337:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1368.412458][ T30] audit: type=1326 audit(1765614244.367:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1368.438536][ T30] audit: type=1326 audit(1765614244.367:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffa9b98f783 code=0x7ffc0000 [ 1368.464449][ T30] audit: type=1326 audit(1765614244.367:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ffa9b98e1ff code=0x7ffc0000 [ 1368.496032][ T30] audit: type=1326 audit(1765614244.397:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ffa9b98f7d7 code=0x7ffc0000 [ 1368.522059][ T30] audit: type=1326 audit(1765614244.397:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffa9b98df90 code=0x7ffc0000 [ 1368.545488][ T30] audit: type=1326 audit(1765614244.397:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ffa9b98e3aa code=0x7ffc0000 [ 1368.571633][ T30] audit: type=1326 audit(1765614244.397:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1368.598756][ T30] audit: type=1326 audit(1765614244.457:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20942 comm="syz.1.6754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1368.639899][T20943] loop6: detected capacity change from 0 to 512 [ 1368.741993][T20943] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 1368.798139][T20943] System zones: 1-12 [ 1368.803273][T20943] EXT4-fs error (device loop6): dx_probe:791: inode #2: comm syz.6.6753: Directory hole found for htree index block 0 [ 1368.855845][T20943] EXT4-fs (loop6): Remounting filesystem read-only [ 1368.875425][T20949] netlink: 'syz.8.6755': attribute type 3 has an invalid length. [ 1368.915697][T20943] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -117 [ 1368.929405][T20943] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117 [ 1368.940919][T20943] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1369.270426][T20943] EXT4-fs: user quota file already specified [ 1369.574194][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1369.606882][T20960] loop9: detected capacity change from 0 to 1024 [ 1369.987357][ T4028] hfsplus: b-tree write err: -5, ino 4 [ 1370.164435][T20969] 8021q: adding VLAN 0 to HW filter on device bond2 [ 1370.186405][T20969] team0: Port device bond2 added [ 1370.568928][T20976] netlink: 'syz.7.6769': attribute type 11 has an invalid length. [ 1370.577132][T20976] netlink: 36 bytes leftover after parsing attributes in process `syz.7.6769'. [ 1371.297676][T20986] loop8: detected capacity change from 0 to 2048 [ 1371.367751][T20986] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1371.449601][T20991] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1371.585501][T20993] loop7: detected capacity change from 0 to 1024 [ 1371.926524][T20995] loop9: detected capacity change from 0 to 736 [ 1371.982405][ T1875] hfsplus: b-tree write err: -5, ino 4 [ 1372.785431][T21008] loop8: detected capacity change from 0 to 2048 [ 1372.864297][T21014] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1373.414696][T21027] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 3, id = 0 [ 1373.766130][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 1373.766209][ T30] audit: type=1326 audit(1765614249.747:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21030 comm="syz.9.6794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ae78f749 code=0x7ffc0000 [ 1373.893533][ T30] audit: type=1326 audit(1765614249.807:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21030 comm="syz.9.6794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f92ae78f749 code=0x7ffc0000 [ 1373.916685][ T30] audit: type=1326 audit(1765614249.807:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21030 comm="syz.9.6794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ae78f749 code=0x7ffc0000 [ 1373.942651][ T30] audit: type=1326 audit(1765614249.807:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21030 comm="syz.9.6794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ae78f749 code=0x7ffc0000 [ 1373.965565][ T30] audit: type=1326 audit(1765614249.837:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21030 comm="syz.9.6794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f92ae78f749 code=0x7ffc0000 [ 1373.976555][T21035] loop6: detected capacity change from 0 to 64 [ 1373.995467][ T30] audit: type=1326 audit(1765614249.857:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21030 comm="syz.9.6794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ae78f749 code=0x7ffc0000 [ 1374.024997][ T30] audit: type=1326 audit(1765614249.857:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21030 comm="syz.9.6794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ae78f749 code=0x7ffc0000 [ 1374.101848][T21037] netlink: 'syz.1.6797': attribute type 1 has an invalid length. [ 1374.110446][T21037] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6797'. [ 1374.148119][T21035] BFS-fs: bfs_fill_super(): loop6 is unclean, continuing [ 1374.374570][T21040] loop8: detected capacity change from 0 to 1024 [ 1374.414210][T21040] EXT4-fs: inline encryption not supported [ 1374.499588][T21040] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1374.607039][T21040] EXT4-fs error (device loop8): mb_free_blocks:2037: group 0, inode 15: block 369:freeing already freed block (bit 23); block bitmap corrupt. [ 1374.625470][T21040] EXT4-fs (loop8): Remounting filesystem read-only [ 1374.812791][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1375.290300][T21060] netlink: 'syz.1.6806': attribute type 1 has an invalid length. [ 1375.298547][T21060] netlink: 3 bytes leftover after parsing attributes in process `syz.1.6806'. [ 1375.769178][ T30] audit: type=1326 audit(1765614251.757:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21065 comm="syz.1.6809" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffa9b98f749 code=0x0 [ 1377.181959][ T30] audit: type=1326 audit(1765614253.167:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.7.6820" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2c958f749 code=0x0 [ 1377.760088][T21095] loop6: detected capacity change from 0 to 4096 [ 1378.063829][T21105] tipc: Enabling of bearer rejected, failed to enable media [ 1378.177852][T21095] ntfs3(loop6): ino=9, attr_set_size [ 1378.598706][T21115] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 1379.186637][T21124] loop6: detected capacity change from 0 to 512 [ 1379.272953][T21124] EXT4-fs (loop6): Test dummy encryption mode enabled [ 1379.504182][T21124] EXT4-fs error (device loop6): __ext4_iget:5426: inode #11: block 1: comm syz.6.6833: invalid block [ 1379.627866][T21124] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.6833: couldn't read orphan inode 11 (err -117) [ 1379.771307][T21124] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1379.838817][T21121] loop7: detected capacity change from 0 to 32768 [ 1379.865138][T21121] (syz.7.6835,21121,1):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 1379.875871][T21121] (syz.7.6835,21121,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 3, possibly corrupt fs? [ 1379.876074][T21121] (syz.7.6835,21121,1):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 1379.898046][T21121] (syz.7.6835,21121,1):ocfs2_initialize_super:2198 ERROR: status = -22 [ 1379.907029][T21121] (syz.7.6835,21121,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 1380.104016][T21127] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters [ 1380.559892][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1380.982267][T21143] loop6: detected capacity change from 0 to 8 [ 1381.224569][T21146] netlink: 216 bytes leftover after parsing attributes in process `syz.8.6845'. [ 1381.234143][T21146] netlink: 24 bytes leftover after parsing attributes in process `syz.8.6845'. [ 1381.243604][T21146] netlink: 16 bytes leftover after parsing attributes in process `syz.8.6845'. [ 1383.363864][T21185] loop8: detected capacity change from 0 to 256 [ 1383.386022][T21185] exfat: Deprecated parameter 'namecase' [ 1383.413305][T21187] program syz.7.6867 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1383.452201][T21190] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 1383.456870][T21185] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 1384.608751][ T5427] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 1384.818632][ T5427] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 1384.827498][ T5427] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1384.878523][ T5427] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 1384.888294][ T5427] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 1384.896511][ T5427] usb 2-1: Manufacturer: syz [ 1385.000041][ T5427] usb 2-1: config 0 descriptor?? [ 1385.426613][ T5427] rc_core: IR keymap rc-hauppauge not found [ 1385.433270][ T5427] Registered IR keymap rc-empty [ 1385.444501][ T5427] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 1385.464591][ T5427] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input24 [ 1386.143364][T21231] loop9: detected capacity change from 0 to 1024 [ 1386.219283][T21231] EXT4-fs: inline encryption not supported [ 1386.435281][T21231] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1386.525813][T21233] loop6: detected capacity change from 0 to 2048 [ 1386.546553][T21233] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1386.591298][T21225] loop8: detected capacity change from 0 to 32768 [ 1386.632392][T21242] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1386.668512][T21225] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1386.678536][T21233] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=15) [ 1386.693818][ T30] audit: type=1800 audit(1765614262.657:287): pid=21233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.6888" name="file1" dev="loop6" ino=15 res=0 errno=0 [ 1386.712521][T12277] usb 2-1: USB disconnect, device number 31 [ 1386.819889][T21233] Remounting filesystem read-only [ 1386.958884][T20228] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1387.142481][T21225] XFS (loop8): Ending clean mount [ 1387.171047][T21225] XFS (loop8): Quotacheck needed: Please wait. [ 1387.236825][ T1014] XFS (loop8): Metadata corruption detected at xfs_dinode_verify+0x252/0x21a0, inode 0x2445 dinode [ 1387.248461][ T1014] XFS (loop8): Unmount and run xfs_repair [ 1387.254403][ T1014] XFS (loop8): First 128 bytes of corrupted metadata buffer: [ 1387.262158][ T1014] 00000000: 49 4e a1 ff 03 01 00 00 00 00 00 00 00 00 00 00 IN.............. [ 1387.271378][ T1014] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 1387.280581][ T1014] 00000020: 34 07 00 00 00 e2 bf 3d 34 f7 58 68 a5 e2 bf 3d 4......=4.Xh...= [ 1387.290364][ T1014] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 27 4.Xh...=.......' [ 1387.302559][ T1014] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 1387.312752][ T1014] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 f2 b6 df a3 ................ [ 1387.322270][ T1014] 00000060: ff ff ff ff ad e7 93 1b 00 00 00 00 00 00 00 02 ................ [ 1387.331455][ T1014] 00000070: 00 00 00 01 00 00 00 80 00 00 00 00 00 00 00 08 ................ [ 1387.421188][T21225] XFS (loop8): Quotacheck: Unsuccessful (Error -117): Disabling quotas. [ 1387.627143][T19308] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1387.690124][T19308] XFS (loop8): Uncorrected metadata errors detected; please run xfs_repair. [ 1388.128023][T21263] sctp: [Deprecated]: syz.1.6898 (pid 21263) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1388.128023][T21263] Use struct sctp_sack_info instead [ 1388.999344][T21267] loop6: detected capacity change from 0 to 32768 [ 1389.069347][T21267] ocfs2: Slot 0 on device (7,6) was already allocated to this node! [ 1389.089680][T21267] OCFS2: ERROR (device loop6): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode 73: bits per cluster 32 [ 1389.104966][T21267] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 1389.115117][T21267] (syz.6.6899,21267,1):ocfs2_read_locked_inode:599 ERROR: status = -30 [ 1389.124088][T21267] (syz.6.6899,21267,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30 [ 1389.134545][T21267] (syz.6.6899,21267,1):ocfs2_init_local_system_inodes:496 ERROR: status=-30, sysfile=8, slot=0 [ 1389.148075][T21267] (syz.6.6899,21267,1):ocfs2_init_local_system_inodes:505 ERROR: status = -30 [ 1389.157298][T21267] (syz.6.6899,21267,1):ocfs2_mount_volume:1758 ERROR: status = -30 [ 1389.172086][T21267] (syz.6.6899,21267,1):ocfs2_fill_super:1177 ERROR: status = -30 [ 1390.067597][T21281] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6906'. [ 1390.501940][T21282] loop7: detected capacity change from 0 to 4096 [ 1390.725747][T21282] ntfs3(loop7): ino=3, ntfs_set_state failed, -22. [ 1390.732744][T21282] ntfs3(loop7): Failed to initialize $Extend/$ObjId. [ 1390.949915][T21294] loop9: detected capacity change from 0 to 512 [ 1390.967080][T21294] EXT4-fs warning (device loop9): read_mmp_block:111: Error -74 while reading MMP block 13 [ 1391.226622][T21299] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6913'. [ 1391.309049][T21300] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6912'. [ 1391.310239][T21302] syz_tun: entered promiscuous mode [ 1391.325023][T21302] macvtap1: entered promiscuous mode [ 1391.331830][T21302] macvtap1: entered allmulticast mode [ 1391.337526][T21302] syz_tun: entered allmulticast mode [ 1391.357802][ T12] ntfs3(loop7): ino=3, ntfs3_write_inode failed, -22. [ 1391.370959][T21302] syz_tun: left allmulticast mode [ 1391.377235][T21302] syz_tun: left promiscuous mode [ 1391.391300][T15716] ntfs3(loop7): ino=3, ntfs_set_state failed, -22. [ 1391.404611][T15716] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 1391.414189][T15716] ntfs3(loop7): ino=3, ntfs_set_state failed, -22. [ 1391.432608][ T12] ntfs3(loop7): ino=3, ntfs3_write_inode failed, -22. [ 1391.710778][T21304] loop8: detected capacity change from 0 to 64 [ 1391.765755][T21304] Trying to free block not in datazone [ 1391.777252][T21304] Trying to free block not in datazone [ 1392.018869][ T5427] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 1392.264888][ T5427] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1392.280126][ T5427] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1392.290612][ T5427] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 1392.301135][ T5427] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1392.602512][ T5427] usb 2-1: config 0 descriptor?? [ 1392.611610][T21308] loop7: detected capacity change from 0 to 32768 [ 1392.630168][T21308] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.6916 (21308) [ 1392.651232][T21308] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1392.661925][T21308] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm [ 1392.768153][ T35] BTRFS warning (device loop7): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x1bb46842 level 0 [ 1392.781900][T21308] BTRFS warning (device loop7): couldn't read tree root [ 1392.825890][T21308] BTRFS error (device loop7): open_ctree failed: -5 [ 1393.272170][ T5427] hid-led 0003:1D34:000A.002B: unknown main item tag 0x0 [ 1393.280198][ T5427] hid-led 0003:1D34:000A.002B: unknown main item tag 0x0 [ 1393.287715][ T5427] hid-led 0003:1D34:000A.002B: unknown main item tag 0x0 [ 1393.473644][ T5427] hid-led 0003:1D34:000A.002B: probe with driver hid-led failed with error -71 [ 1393.562524][ T5427] usb 2-1: USB disconnect, device number 32 [ 1394.205128][T21342] loop6: detected capacity change from 0 to 16 [ 1394.238485][T21342] erofs (device loop6): mounted with root inode @ nid 36. [ 1395.502207][T21369] loop8: detected capacity change from 0 to 1024 [ 1395.519114][T21369] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1395.614708][T21369] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1395.977870][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1396.382548][ T5427] kernel write not supported for file /amidi2 (pid: 5427 comm: kworker/0:3) [ 1396.700786][T21391] syz_tun: entered allmulticast mode [ 1396.725590][T21391] syz_tun: left allmulticast mode [ 1396.906773][ T5801] Bluetooth: hci4: link tx timeout [ 1396.913128][ T5801] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 1397.375842][T21401] loop8: detected capacity change from 0 to 1764 [ 1398.350693][T21421] loop8: detected capacity change from 0 to 8 [ 1398.907792][ T30] audit: type=1326 audit(1765614274.887:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21430 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1398.958530][ T5801] Bluetooth: hci4: command 0x0406 tx timeout [ 1399.067827][ T30] audit: type=1326 audit(1765614274.927:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21430 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1399.100990][ T30] audit: type=1326 audit(1765614274.927:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21430 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1399.128582][ T30] audit: type=1326 audit(1765614274.927:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21430 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1399.154648][ T30] audit: type=1326 audit(1765614274.927:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21430 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1399.180711][ T30] audit: type=1326 audit(1765614274.937:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21430 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1399.207196][ T30] audit: type=1326 audit(1765614274.937:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21430 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1399.235110][ T30] audit: type=1326 audit(1765614274.937:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21430 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1399.274837][T21433] loop9: detected capacity change from 0 to 64 [ 1399.519028][T21435] loop6: detected capacity change from 0 to 256 [ 1399.744209][T21435] FAT-fs (loop6): Directory bread(block 64) failed [ 1399.751468][T21435] FAT-fs (loop6): Directory bread(block 65) failed [ 1399.758746][T21435] FAT-fs (loop6): Directory bread(block 66) failed [ 1399.765480][T21435] FAT-fs (loop6): Directory bread(block 67) failed [ 1399.775528][T21435] FAT-fs (loop6): Directory bread(block 68) failed [ 1399.782543][T21435] FAT-fs (loop6): Directory bread(block 69) failed [ 1399.789683][T21435] FAT-fs (loop6): Directory bread(block 70) failed [ 1399.802324][T21435] FAT-fs (loop6): Directory bread(block 71) failed [ 1399.835964][T21435] FAT-fs (loop6): Directory bread(block 72) failed [ 1399.845859][T21435] FAT-fs (loop6): Directory bread(block 73) failed [ 1399.979076][T21445] netlink: 108 bytes leftover after parsing attributes in process `syz.9.6977'. [ 1400.494472][T21453] loop8: detected capacity change from 0 to 1024 [ 1400.633238][T21453] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1400.701396][ T30] audit: type=1326 audit(1765614276.687:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21459 comm="syz.1.6984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1400.774636][ T30] audit: type=1326 audit(1765614276.757:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21459 comm="syz.1.6984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1400.999533][T21466] loop9: detected capacity change from 0 to 64 [ 1401.065084][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1402.304418][ T1288] ieee802154 phy0 wpan0: encryption failed: -22 [ 1402.311334][ T1288] ieee802154 phy1 wpan1: encryption failed: -22 [ 1402.491889][T21470] loop7: detected capacity change from 0 to 32768 [ 1402.518346][T21470] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 1402.526738][T21470] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 1402.587079][T21470] gfs2: fsid=syz:syz.s: journal 0 mapped with 7 extents in 0ms [ 1402.843106][T21470] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 1402.860967][T21470] gfs2: fsid=syz:syz.s: can't initialize statfs subsystem: -30 [ 1402.916872][T21486] loop8: detected capacity change from 0 to 512 [ 1403.035948][T21486] EXT4-fs (loop8): Test dummy encryption mode enabled [ 1403.047541][T21486] EXT4-fs (loop8): couldn't mount as ext3 due to feature incompatibilities [ 1403.697215][ T5801] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260 [ 1404.010176][T21497] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7000'. [ 1404.027203][T21497] netlink: 32 bytes leftover after parsing attributes in process `syz.7.7000'. [ 1404.177768][T21500] loop8: detected capacity change from 0 to 1024 [ 1404.290706][T21500] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1404.312756][ T5801] Bluetooth: hci5: command 0x0406 tx timeout [ 1404.361056][T21500] EXT4-fs (loop8): revision level too high, forcing read-only mode [ 1404.381306][T21501] loop6: detected capacity change from 0 to 4096 [ 1404.402518][T21500] EXT4-fs (loop8): orphan cleanup on readonly fs [ 1404.416177][T21500] EXT4-fs error (device loop8): ext4_free_blocks:6728: comm syz.8.6999: Freeing blocks not in datazone - block = 0, count = 4096 [ 1404.488108][T21500] EXT4-fs (loop8): 1 orphan inode deleted [ 1404.496351][T21500] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1404.550040][T21507] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1404.799578][T19308] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1405.388227][T12277] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 1405.588799][T12277] usb 10-1: Using ep0 maxpacket: 8 [ 1405.622439][T12277] usb 10-1: config index 0 descriptor too short (expected 30, got 18) [ 1405.687126][T12277] usb 10-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 1405.697064][T12277] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1405.705567][T12277] usb 10-1: Product: syz [ 1405.710205][T12277] usb 10-1: Manufacturer: syz [ 1405.715118][T12277] usb 10-1: SerialNumber: syz [ 1405.781952][T21521] loop6: detected capacity change from 0 to 4096 [ 1405.820551][T12277] usb 10-1: config 0 descriptor?? [ 1405.859167][T12277] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 1405.867601][T12277] usb 10-1: setting power ON [ 1405.872369][T12277] dvb-usb: bulk message failed: -22 (2/0) [ 1405.880200][T21521] EXT4-fs: Ignoring removed mblk_io_submit option [ 1405.950456][T12277] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1405.951251][T21521] EXT4-fs (loop6): Test dummy encryption mode enabled [ 1405.980888][T12277] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 1405.990224][T12277] usb 10-1: media controller created [ 1406.064496][T21514] dvb-usb: bulk message failed: -22 (3/0) [ 1406.075663][T21514] dvb-usb: bulk message failed: -22 (4/0) [ 1406.129374][T12277] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1406.160663][T21521] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1406.355196][T12277] usb 10-1: selecting invalid altsetting 6 [ 1406.367792][T12277] usb 10-1: digital interface selection failed (-22) [ 1406.374762][T12277] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 1406.405572][T12277] usb 10-1: setting power OFF [ 1406.410819][T12277] dvb-usb: bulk message failed: -22 (2/0) [ 1406.418990][T12277] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 1406.428690][T12277] (NULL device *): no alternate interface [ 1406.704794][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1406.850985][T12277] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 1406.922388][T12277] usb 10-1: USB disconnect, device number 4 [ 1407.197170][T21545] loop6: detected capacity change from 0 to 164 [ 1407.225974][T21545] rock: corrupted directory entry. extent=32, offset=0, size=65773 [ 1407.234762][T21545] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 1407.751142][T21551] loop9: detected capacity change from 0 to 2048 [ 1407.932603][T21559] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1408.209347][T21559] NILFS (loop9): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 1408.220902][T21559] NILFS error (device loop9): nilfs_bmap_propagate: broken bmap (inode number=4) [ 1408.271292][T21559] Remounting filesystem read-only [ 1408.285378][T20228] NILFS (loop9): disposed unprocessed dirty file(s) when stopping log writer [ 1408.563409][T21569] loop6: detected capacity change from 0 to 8 [ 1408.663818][T21569] SQUASHFS error: Failed to read block 0x71: -5 [ 1408.677295][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 1408.683844][ T30] audit: type=1800 audit(1765614284.657:300): pid=21569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.7031" name="file1" dev="loop6" ino=1 res=0 errno=0 [ 1409.936890][T21592] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 1410.632965][T21608] netlink: 'syz.1.7051': attribute type 10 has an invalid length. [ 1410.641390][T21608] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7051'. [ 1410.682786][T21608] netlink: 'syz.1.7051': attribute type 10 has an invalid length. [ 1410.691225][T21608] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7051'. [ 1410.704483][T12277] IPVS: starting estimator thread 0... [ 1410.774936][T21613] tmpfs: Cannot change global quota limit on remount [ 1410.800701][T21612] IPVS: using max 192 ests per chain, 9600 per kthread [ 1411.825180][T21633] tmpfs: Cannot disable swap on remount [ 1412.271851][T21640] hsr0: entered promiscuous mode [ 1412.277741][T21640] macsec1: entered allmulticast mode [ 1412.283264][T21640] hsr0: entered allmulticast mode [ 1412.293378][T21640] hsr_slave_0: entered allmulticast mode [ 1412.306204][T21640] hsr_slave_1: entered allmulticast mode [ 1412.363486][T21643] loop8: detected capacity change from 0 to 128 [ 1412.615085][T19308] FAT-fs (loop8): error, invalid access to FAT (entry 0x0fff0000) [ 1412.623397][T19308] FAT-fs (loop8): Filesystem has been set read-only [ 1413.187903][ T4079] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1413.385193][ T4079] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1413.570202][ T4079] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1413.750014][ T4079] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1413.995777][ T4079] bridge_slave_1: left allmulticast mode [ 1414.002025][ T4079] bridge_slave_1: left promiscuous mode [ 1414.008951][ T4079] bridge0: port 2(bridge_slave_1) entered disabled state [ 1414.035442][ T4079] bridge_slave_0: left allmulticast mode [ 1414.041754][ T4079] bridge_slave_0: left promiscuous mode [ 1414.048504][ T4079] bridge0: port 1(bridge_slave_0) entered disabled state [ 1414.618972][ T4079] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1414.673578][ T4079] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1414.690683][ T4079] bond0 (unregistering): Released all slaves [ 1414.804703][ T4079] tipc: Disabling bearer [ 1414.812711][ T4079] tipc: Left network mode [ 1415.146704][T21664] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1415.171598][ T4079] hsr_slave_0: left promiscuous mode [ 1415.196092][ T4079] hsr_slave_1: left promiscuous mode [ 1415.204590][ T4079] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1415.212767][ T4079] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1415.284133][ T4079] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1415.292126][ T4079] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1415.438659][ T4079] veth1_macvtap: left promiscuous mode [ 1415.444428][ T4079] veth0_macvtap: left promiscuous mode [ 1415.450591][ T4079] veth1_vlan: left promiscuous mode [ 1415.456145][ T4079] veth0_vlan: left promiscuous mode [ 1415.984332][ T5801] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1416.029578][ T5801] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1416.041905][ T5801] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1416.098817][ T5801] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1416.130091][ T5801] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1416.981346][ T4079] team0 (unregistering): Port device team_slave_1 removed [ 1417.026698][ T4079] team0 (unregistering): Port device team_slave_0 removed [ 1417.224698][T21693] autofs: Bad value for 'uid' [ 1417.232933][T21693] autofs: Bad value for 'uid' [ 1417.244413][T21692] loop6: detected capacity change from 0 to 256 [ 1417.360509][T21692] exfat: Deprecated parameter 'namecase' [ 1417.366612][T21692] exfat: Deprecated parameter 'utf8' [ 1417.547091][T21692] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x3f800a9b, utbl_chksum : 0xe619d30d) [ 1417.988094][ T4079] IPVS: stop unused estimator thread 0... [ 1418.158266][T21700] netlink: 20 bytes leftover after parsing attributes in process `syz.9.7093'. [ 1418.227826][T11471] Bluetooth: hci0: command tx timeout [ 1418.859490][T21677] chnl_net:caif_netlink_parms(): no params data found [ 1419.354237][T21713] loop6: detected capacity change from 0 to 4096 [ 1419.400863][T21713] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 1419.879934][T21677] bridge0: port 1(bridge_slave_0) entered blocking state [ 1419.887939][T21677] bridge0: port 1(bridge_slave_0) entered disabled state [ 1419.895782][T21677] bridge_slave_0: entered allmulticast mode [ 1419.906043][T21677] bridge_slave_0: entered promiscuous mode [ 1419.995634][T21677] bridge0: port 2(bridge_slave_1) entered blocking state [ 1420.003625][T21677] bridge0: port 2(bridge_slave_1) entered disabled state [ 1420.011747][T21677] bridge_slave_1: entered allmulticast mode [ 1420.021644][T21677] bridge_slave_1: entered promiscuous mode [ 1420.308119][T11471] Bluetooth: hci0: command tx timeout [ 1420.341333][T21677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1420.449046][T21677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1420.763334][T21677] team0: Port device team_slave_0 added [ 1420.831543][T21677] team0: Port device team_slave_1 added [ 1421.172707][T21677] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1421.183397][T21677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1421.215509][T21677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1421.282942][T16410] IPVS: starting estimator thread 0... [ 1421.318518][T21677] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1421.325791][T21677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1421.355408][T21677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1421.403740][T21746] IPVS: using max 240 ests per chain, 12000 per kthread [ 1421.755439][T21756] new mount options do not match the existing superblock, will be ignored [ 1421.781253][T21756] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 "" [ 1421.810515][T21677] hsr_slave_0: entered promiscuous mode [ 1421.822271][T21677] hsr_slave_1: entered promiscuous mode [ 1421.835658][T21677] debugfs: 'hsr0' already exists in 'hsr' [ 1421.841735][T21677] Cannot create hsr debugfs directory [ 1422.402263][T11471] Bluetooth: hci0: command tx timeout [ 1422.983067][T21677] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1423.032613][T21677] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1423.101717][T21677] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1423.159437][T21677] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1423.185570][T21775] loop9: detected capacity change from 0 to 16 [ 1423.230977][T21775] erofs (device loop9): mounted with root inode @ nid 36. [ 1423.284184][T21775] erofs (device loop9): readahead error at folio 7 @ nid 36 [ 1423.292964][T21775] erofs (device loop9): bogus lookback distance 26160 @ lcn 6 of nid 36 [ 1423.301856][T21775] erofs (device loop9): readahead error at folio 6 @ nid 36 [ 1423.309657][T21775] erofs (device loop9): readahead error at folio 5 @ nid 36 [ 1423.317185][T21775] erofs (device loop9): readahead error at folio 4 @ nid 36 [ 1423.324883][T21775] erofs (device loop9): inconsistent algorithmtype 0 for nid 36 [ 1423.333090][T21775] erofs (device loop9): readahead error at folio 3 @ nid 36 [ 1423.341172][T21775] erofs (device loop9): inconsistent algorithmtype 0 for nid 36 [ 1423.352178][T21775] erofs (device loop9): readahead error at folio 1 @ nid 36 [ 1423.361229][T21775] erofs (device loop9): bogus lookback distance 0 @ lcn 0 of nid 36 [ 1423.369643][T21775] erofs (device loop9): readahead error at folio 0 @ nid 36 [ 1423.377577][T21775] bio_check_eod: 5 callbacks suppressed [ 1423.377659][T21775] syz.9.7125: attempt to access beyond end of device [ 1423.377659][T21775] loop9: rw=524288, sector=525136, nr_sectors = 8 limit=16 [ 1423.400930][T21775] erofs (device loop9): bogus lookback distance 0 @ lcn 0 of nid 36 [ 1423.409431][T21775] erofs (device loop9): bogus lookback distance 0 @ lcn 0 of nid 36 [ 1423.417794][T21775] erofs (device loop9): read error -117 @ 0 of nid 36 [ 1423.424788][T21775] erofs (device loop9): failed to readdir of logical block 0 of nid 36 [ 1423.627867][T21780] netlink: 332 bytes leftover after parsing attributes in process `syz.1.7128'. [ 1424.082794][T21677] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1424.312629][T21677] 8021q: adding VLAN 0 to HW filter on device team0 [ 1424.372837][ T3950] bridge0: port 1(bridge_slave_0) entered blocking state [ 1424.380530][ T3950] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1424.447195][ T3950] bridge0: port 2(bridge_slave_1) entered blocking state [ 1424.448926][T21790] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1424.454834][ T3950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1424.462002][T21790] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1424.493960][T11471] Bluetooth: hci0: command tx timeout [ 1425.263102][T21800] netlink: 'syz.6.7137': attribute type 27 has an invalid length. [ 1426.063366][T21815] loop9: detected capacity change from 0 to 64 [ 1426.220620][ T30] audit: type=1800 audit(1765614302.197:301): pid=21815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.7143" name="file2" dev="loop9" ino=22 res=0 errno=0 [ 1426.229302][T21815] syz.9.7143: attempt to access beyond end of device [ 1426.229302][T21815] loop9: rw=34817, sector=39, nr_sectors = 125 limit=64 [ 1426.259732][T21815] syz.9.7143: attempt to access beyond end of device [ 1426.259732][T21815] loop9: rw=34817, sector=167, nr_sectors = 1 limit=64 [ 1426.273856][T21815] syz.9.7143: attempt to access beyond end of device [ 1426.273856][T21815] loop9: rw=34817, sector=169, nr_sectors = 1 limit=64 [ 1426.291371][T21815] syz.9.7143: attempt to access beyond end of device [ 1426.291371][T21815] loop9: rw=34817, sector=171, nr_sectors = 7 limit=64 [ 1426.325614][T21815] syz.9.7143: attempt to access beyond end of device [ 1426.325614][T21815] loop9: rw=34817, sector=179, nr_sectors = 263 limit=64 [ 1426.602771][T21677] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1427.066732][T21677] veth0_vlan: entered promiscuous mode [ 1427.171532][T21677] veth1_vlan: entered promiscuous mode [ 1427.358066][T21831] loop6: detected capacity change from 0 to 1024 [ 1427.490708][T21677] veth0_macvtap: entered promiscuous mode [ 1427.539067][T21831] hfsplus: bad catalog entry type [ 1427.572102][T21677] veth1_macvtap: entered promiscuous mode [ 1427.778413][T21677] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1427.864687][T21677] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1427.887291][ T3478] hfsplus: b-tree write err: -5, ino 4 [ 1427.940692][ T3478] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1427.994095][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1428.041415][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1428.080975][T21840] netlink: 40 bytes leftover after parsing attributes in process `syz.7.7152'. [ 1428.101736][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1428.142323][T21841] netlink: 40 bytes leftover after parsing attributes in process `syz.7.7152'. [ 1428.657042][T21851] loop7: detected capacity change from 0 to 512 [ 1428.803773][T21851] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1428.818060][T21851] ext4 filesystem being mounted at /520/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1428.934216][ T30] audit: type=1800 audit(1765614304.917:302): pid=21851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.7157" name="file1" dev="loop7" ino=15 res=0 errno=0 [ 1428.980407][T21859] loop9: detected capacity change from 0 to 128 [ 1429.117744][T21859] syz.9.7158: attempt to access beyond end of device [ 1429.117744][T21859] loop9: rw=2049, sector=233, nr_sectors = 1 limit=128 [ 1429.340106][T15716] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1429.470821][ T3950] kworker/u8:19: attempt to access beyond end of device [ 1429.470821][ T3950] loop9: rw=1, sector=145, nr_sectors = 88 limit=128 [ 1430.391332][T21878] loop9: detected capacity change from 0 to 256 [ 1430.471927][T21878] exFAT-fs (loop9): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d) [ 1430.556003][T21878] exFAT-fs (loop9): error, data size is invalid(150994954) [ 1430.568511][T21878] exFAT-fs (loop9): Filesystem has been set read-only [ 1430.584369][T21878] exFAT-fs (loop9): error, data size is invalid(150994954) [ 1431.303679][T21895] loop9: detected capacity change from 0 to 2048 [ 1431.372369][T21895] udf: Unknown parameter 'i' [ 1431.644800][T11471] Bluetooth: hci4: unexpected event for opcode 0x1004 [ 1431.647276][T21903] loop6: detected capacity change from 0 to 512 [ 1431.797680][T16410] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 1431.814827][T21903] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1431.832411][T21903] ext4 filesystem being mounted at /676/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1431.997830][T16410] usb 2-1: Using ep0 maxpacket: 32 [ 1432.011670][T16410] usb 2-1: config 0 has an invalid interface number: 191 but max is 0 [ 1432.020662][T16410] usb 2-1: config 0 has no interface number 0 [ 1432.027002][T16410] usb 2-1: config 0 interface 191 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 24 [ 1432.078661][T16410] usb 2-1: New USB device found, idVendor=0789, idProduct=0160, bcdDevice=2c.d1 [ 1432.088186][T16410] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1432.097292][T16410] usb 2-1: Product: syz [ 1432.102002][T16410] usb 2-1: Manufacturer: syz [ 1432.106818][T16410] usb 2-1: SerialNumber: syz [ 1432.131679][T13588] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1432.227175][T16410] usb 2-1: config 0 descriptor?? [ 1432.238780][T21898] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1432.523874][T21898] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1433.025295][T16410] asix 2-1:0.191 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1433.036652][T16410] asix 2-1:0.191 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 1433.048394][T16410] asix 2-1:0.191: probe with driver asix failed with error -71 [ 1433.070950][T16410] usb 2-1: USB disconnect, device number 33 [ 1433.133401][ T3950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1433.144612][ T3950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1433.242364][ T3950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1433.251069][ T3950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1433.267624][T21922] loop9: detected capacity change from 0 to 512 [ 1433.331440][T21922] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1433.458095][ T30] audit: type=1800 audit(1765614309.437:303): pid=21922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.7181" name="file2" dev="loop9" ino=1048915 res=0 errno=0 [ 1433.494097][T21922] syz.9.7181: attempt to access beyond end of device [ 1433.494097][T21922] loop9: rw=8388608, sector=17179852721, nr_sectors = 1 limit=512 [ 1433.511453][T21922] FAT-fs (loop9): error, invalid access to FAT (entry 0x0fffff00) [ 1433.521848][T21922] FAT-fs (loop9): error, invalid access to FAT (entry 0x0fffff00) [ 1433.925969][ T30] audit: type=1326 audit(1765614309.907:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21930 comm="syz.1.7184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1433.949347][ T30] audit: type=1326 audit(1765614309.907:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21930 comm="syz.1.7184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1434.088461][ T30] audit: type=1326 audit(1765614309.967:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21930 comm="syz.1.7184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1434.115642][ T30] audit: type=1326 audit(1765614309.977:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21930 comm="syz.1.7184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1434.139489][ T30] audit: type=1326 audit(1765614309.977:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21930 comm="syz.1.7184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1434.162513][ T30] audit: type=1326 audit(1765614309.997:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21930 comm="syz.1.7184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1434.185423][ T30] audit: type=1326 audit(1765614309.997:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21930 comm="syz.1.7184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1434.210854][ T30] audit: type=1326 audit(1765614309.997:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21930 comm="syz.1.7184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1434.236017][ T30] audit: type=1326 audit(1765614310.007:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21930 comm="syz.1.7184" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ffa9b98f749 code=0x7ffc0000 [ 1434.960983][T21947] CIFS mount error: No usable UNC path provided in device string! [ 1434.960983][T21947] [ 1434.974418][T21947] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1435.623396][T21957] loop9: detected capacity change from 0 to 1024 [ 1435.668809][T11471] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 1435.677955][T11471] Bluetooth: hci4: Injecting HCI hardware error event [ 1435.689122][T11471] Bluetooth: hci4: hardware error 0x00 [ 1437.004345][T21980] loop6: detected capacity change from 0 to 1024 [ 1437.747961][T11471] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1438.688162][T20231] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 1438.819502][T22010] loop7: detected capacity change from 0 to 1024 [ 1438.878152][T20231] usb 3-1: Using ep0 maxpacket: 16 [ 1438.922024][T20231] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1438.933542][T20231] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1438.943710][T20231] usb 3-1: New USB device found, idVendor=046d, idProduct=c286, bcdDevice= 0.00 [ 1438.956247][T20231] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1438.993337][T20231] usb 3-1: config 0 descriptor?? [ 1439.309531][T20231] usbhid 3-1:0.0: can't add hid device: -71 [ 1439.316271][T20231] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1439.409270][T20231] usb 3-1: USB disconnect, device number 18 [ 1439.597976][T22024] loop6: detected capacity change from 0 to 128 [ 1439.667885][T22024] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1439.709096][T22024] hpfs: filesystem error: improperly stopped [ 1439.715537][T22024] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1439.724067][T22024] hpfs: You really don't want any checks? You are crazy... [ 1439.799807][T22024] hpfs: hpfs_map_sector(): read error [ 1439.805512][T22024] hpfs: code page support is disabled [ 1439.844734][T22024] hpfs: hpfs_map_4sectors(): unaligned read [ 1439.884940][T22024] hpfs: hpfs_map_4sectors(): unaligned read [ 1439.891444][T22024] hpfs: filesystem error: unable to find root dir [ 1439.927030][T22030] loop9: detected capacity change from 0 to 256 [ 1440.614732][T22034] can: request_module (can-proto-3) failed. [ 1440.809626][T22044] xt_hashlimit: max too large, truncated to 1048576 [ 1442.115860][T22062] loop9: detected capacity change from 0 to 2048 [ 1442.212888][T22062] NILFS (loop9): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1442.226440][T22062] NILFS (loop9): mounting unchecked fs [ 1442.485643][T22062] NILFS (loop9): recovery complete [ 1442.653981][T22065] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1443.182408][T22061] loop6: detected capacity change from 0 to 8192 [ 1443.235596][T22069] loop2: detected capacity change from 0 to 128 [ 1443.363819][T22071] netlink: 'syz.1.7248': attribute type 29 has an invalid length. [ 1443.427312][T22071] netlink: 'syz.1.7248': attribute type 29 has an invalid length. [ 1443.936574][T22075] loop2: detected capacity change from 0 to 1024 [ 1444.066998][T22075] hfsplus: bad catalog entry type [ 1444.434780][T22085] loop6: detected capacity change from 0 to 1024 [ 1444.635408][T22085] hfsplus: request for non-existent node 134217728 in B*Tree [ 1444.649045][T22085] hfsplus: request for non-existent node 134217728 in B*Tree [ 1445.227953][T22095] macsec1: entered promiscuous mode [ 1445.233434][T22095] macsec1: entered allmulticast mode [ 1446.176254][T22101] loop9: detected capacity change from 0 to 4096 [ 1447.148907][T22121] loop7: detected capacity change from 0 to 1024 [ 1447.178222][T16410] usb 2-1: new low-speed USB device number 34 using dummy_hcd [ 1447.384376][T16410] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1447.396068][T16410] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1447.406907][T16410] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1447.420981][T16410] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1447.432699][T16410] usb 2-1: New USB device found, idVendor=6666, idProduct=8802, bcdDevice= 0.00 [ 1447.442166][T16410] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1447.521718][T16410] usb 2-1: config 0 descriptor?? [ 1447.573582][T22127] Bluetooth: MGMT ver 1.23 [ 1448.038383][T16410] smartjoyplus 0003:6666:8802.002C: hidraw0: USB HID v4.00 Device [HID 6666:8802] on usb-dummy_hcd.1-1/input0 [ 1448.050968][T16410] smartjoyplus 0003:6666:8802.002C: no output reports found [ 1448.224420][T20231] usb 2-1: USB disconnect, device number 34 [ 1448.357886][T16410] usb 10-1: new full-speed USB device number 5 using dummy_hcd [ 1448.475349][T22136] syz.7.7280 (22136): /proc/22135/oom_adj is deprecated, please use /proc/22135/oom_score_adj instead. [ 1448.561458][T16410] usb 10-1: config 0 has an invalid interface number: 1 but max is 0 [ 1448.570171][T16410] usb 10-1: config 0 has no interface number 0 [ 1448.576757][T16410] usb 10-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 1448.586467][T16410] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1448.647827][T16410] usb 10-1: config 0 descriptor?? [ 1448.666360][T16410] usb 10-1: selecting invalid altsetting 1 [ 1448.673231][T16410] dvb_ttusb_budget: ttusb_init_controller: error [ 1448.679896][T16410] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 1449.035489][T22142] loop7: detected capacity change from 0 to 64 [ 1449.091365][T16410] DVB: Unable to find symbol cx22700_attach() [ 1449.111488][T22143] loop6: detected capacity change from 0 to 736 [ 1449.165235][T22142] syz.7.7282: attempt to access beyond end of device [ 1449.165235][T22142] loop7: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 1449.435943][T16410] DVB: Unable to find symbol tda10046_attach() [ 1449.443597][T16410] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 1449.510961][T16410] usb 10-1: USB disconnect, device number 5 [ 1450.567865][T22163] loop7: detected capacity change from 0 to 4096 [ 1450.640476][T22171] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1451.328848][T22182] [U] [ 1451.331945][T22182] [U] [ 1451.334979][T22182] [U] [ 1451.338026][T22182] [U] [ 1451.370404][T22182] [U] [ 1451.373482][T22182] [U] [ 1451.376494][T22182] [U] [ 1451.379488][T22182] [U] [ 1451.415646][T22182] [U] [ 1451.418718][T22182] [U] [ 1451.421744][T22182] [U] [ 1451.424746][T22182] [U] [ 1451.494071][T22181] [U] [ 1451.624437][ T3478] ===================================================== [ 1451.631901][ T3478] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xae2/0x98d0 [ 1451.640683][ T3478] n_tty_receive_buf_standard+0xae2/0x98d0 [ 1451.646775][ T3478] n_tty_receive_buf_common+0x1a7c/0x2630 [ 1451.653605][ T3478] n_tty_receive_buf2+0x4c/0x60 [ 1451.658850][ T3478] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1451.664390][ T3478] tty_port_default_receive_buf+0xd7/0x1a0 [ 1451.670584][ T3478] flush_to_ldisc+0x43e/0xe30 [ 1451.675455][ T3478] process_scheduled_works+0xb91/0x1d80 [ 1451.681728][ T3478] worker_thread+0xedf/0x1590 [ 1451.686582][ T3478] kthread+0xd5c/0xf00 [ 1451.691125][ T3478] ret_from_fork+0x208/0x710 [ 1451.695943][ T3478] ret_from_fork_asm+0x1a/0x30 [ 1451.701130][ T3478] [ 1451.703561][ T3478] Uninit was stored to memory at: [ 1451.712801][ T3478] n_tty_receive_buf_standard+0xadb/0x98d0 [ 1451.719918][ T3478] n_tty_receive_buf_common+0x1a7c/0x2630 [ 1451.725917][ T3478] n_tty_receive_buf2+0x4c/0x60 [ 1451.731186][ T3478] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1451.736607][ T3478] tty_port_default_receive_buf+0xd7/0x1a0 [ 1451.743127][ T3478] flush_to_ldisc+0x43e/0xe30 [ 1451.748150][ T3478] process_scheduled_works+0xb91/0x1d80 [ 1451.753943][ T3478] worker_thread+0xedf/0x1590 [ 1451.758963][ T3478] kthread+0xd5c/0xf00 [ 1451.763221][ T3478] ret_from_fork+0x208/0x710 [ 1451.768301][ T3478] ret_from_fork_asm+0x1a/0x30 [ 1451.773296][ T3478] [ 1451.775750][ T3478] Uninit was created at: [ 1451.780409][ T3478] __kmalloc_noprof+0xaf2/0x1c20 [ 1451.785527][ T3478] __tty_buffer_request_room+0x3d4/0x7a0 [ 1451.791548][ T3478] __tty_insert_flip_string_flags+0x157/0x6f0 [ 1451.797954][ T3478] uart_insert_char+0x368/0x930 [ 1451.802992][ T3478] serial8250_read_char+0x1ba/0x670 [ 1451.808669][ T3478] serial8250_handle_irq+0x930/0x1110 [ 1451.817168][ T3478] serial8250_default_handle_irq+0x116/0x370 [ 1451.824412][ T3478] serial8250_interrupt+0xcb/0x430 [ 1451.830308][ T3478] __handle_irq_event_percpu+0x122/0xf40 [ 1451.836170][ T3478] handle_irq_event+0xe0/0x2a0 [ 1451.841303][ T3478] handle_edge_irq+0x2a9/0xb50 [ 1451.846269][ T3478] __common_interrupt+0x9d/0x180 [ 1451.851562][ T3478] common_interrupt+0x4c/0xb0 [ 1451.856473][ T3478] asm_common_interrupt+0x2b/0x40 [ 1451.862243][ T3478] [ 1451.864697][ T3478] CPU: 1 UID: 0 PID: 3478 Comm: kworker/u8:13 Tainted: G W L syzkaller #0 PREEMPT(none) [ 1451.876228][ T3478] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 1451.881651][ T3478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1451.892151][ T3478] Workqueue: events_unbound flush_to_ldisc [ 1451.898327][ T3478] ===================================================== [ 1451.905372][ T3478] Disabling lock debugging due to kernel taint [ 1451.911866][ T3478] Kernel panic - not syncing: kmsan.panic set ... [ 1451.918439][ T3478] CPU: 1 UID: 0 PID: 3478 Comm: kworker/u8:13 Tainted: G B W L syzkaller #0 PREEMPT(none) [ 1451.929819][ T3478] Tainted: [B]=BAD_PAGE, [W]=WARN, [L]=SOFTLOCKUP [ 1451.936372][ T3478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1451.946603][ T3478] Workqueue: events_unbound flush_to_ldisc [ 1451.952664][ T3478] Call Trace: [ 1451.956070][ T3478] [ 1451.959115][ T3478] __dump_stack+0x26/0x30 [ 1451.963653][ T3478] dump_stack_lvl+0x53/0x270 [ 1451.968490][ T3478] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1451.974571][ T3478] dump_stack+0x1e/0x25 [ 1451.978940][ T3478] vpanic+0x435/0xd30 [ 1451.983118][ T3478] panic+0x15d/0x160 [ 1451.987240][ T3478] kmsan_report+0x31c/0x320 [ 1451.991961][ T3478] ? __msan_warning+0x1b/0x30 [ 1451.996821][ T3478] ? n_tty_receive_buf_standard+0xae2/0x98d0 [ 1452.003018][ T3478] ? n_tty_receive_buf_common+0x1a7c/0x2630 [ 1452.009134][ T3478] ? n_tty_receive_buf2+0x4c/0x60 [ 1452.014356][ T3478] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 1452.019915][ T3478] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 1452.026115][ T3478] ? flush_to_ldisc+0x43e/0xe30 [ 1452.031144][ T3478] ? process_scheduled_works+0xb91/0x1d80 [ 1452.037113][ T3478] ? worker_thread+0xedf/0x1590 [ 1452.042123][ T3478] ? kthread+0xd5c/0xf00 [ 1452.046533][ T3478] ? ret_from_fork+0x208/0x710 [ 1452.051515][ T3478] ? ret_from_fork_asm+0x1a/0x30 [ 1452.056660][ T3478] ? ret_from_fork_asm+0x1a/0x30 [ 1452.061808][ T3478] ? kmsan_get_metadata+0xfb/0x160 [ 1452.067130][ T3478] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1452.073144][ T3478] ? kmsan_get_metadata+0xfb/0x160 [ 1452.078473][ T3478] ? kmsan_get_metadata+0xfb/0x160 [ 1452.083774][ T3478] ? kmsan_get_metadata+0x150/0x160 [ 1452.089287][ T3478] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1452.095829][ T3478] ? kmsan_get_metadata+0x150/0x160 [ 1452.101266][ T3478] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1452.107311][ T3478] ? n_tty_receive_char+0x1223/0x14f0 [ 1452.112913][ T3478] ? kmsan_get_metadata+0xfb/0x160 [ 1452.118274][ T3478] __msan_warning+0x1b/0x30 [ 1452.122992][ T3478] n_tty_receive_buf_standard+0xae2/0x98d0 [ 1452.129071][ T3478] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1452.135129][ T3478] ? kmsan_get_metadata+0xfb/0x160 [ 1452.140478][ T3478] ? kmsan_get_metadata+0xfb/0x160 [ 1452.145795][ T3478] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1452.152325][ T3478] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1452.158584][ T3478] ? kmsan_get_metadata+0xfb/0x160 [ 1452.163929][ T3478] n_tty_receive_buf_common+0x1a7c/0x2630 [ 1452.169914][ T3478] ? stack_depot_save_flags+0x35/0x790 [ 1452.175603][ T3478] n_tty_receive_buf2+0x4c/0x60 [ 1452.180664][ T3478] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 1452.186412][ T3478] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1452.191812][ T3478] tty_port_default_receive_buf+0xd7/0x1a0 [ 1452.197831][ T3478] flush_to_ldisc+0x43e/0xe30 [ 1452.202698][ T3478] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 1452.209335][ T3478] ? __pfx_flush_to_ldisc+0x10/0x10 [ 1452.214735][ T3478] process_scheduled_works+0xb91/0x1d80 [ 1452.220576][ T3478] worker_thread+0xedf/0x1590 [ 1452.225475][ T3478] kthread+0xd5c/0xf00 [ 1452.229705][ T3478] ? __pfx_worker_thread+0x10/0x10 [ 1452.235022][ T3478] ? __pfx_kthread+0x10/0x10 [ 1452.239785][ T3478] ret_from_fork+0x208/0x710 [ 1452.244575][ T3478] ? __switch_to+0x53d/0x790 [ 1452.249345][ T3478] ? __pfx_kthread+0x10/0x10 [ 1452.254094][ T3478] ret_from_fork_asm+0x1a/0x30 [ 1452.259072][ T3478] [ 1452.262581][ T3478] Kernel Offset: disabled [ 1452.266977][ T3478] Rebooting in 86400 seconds..