last executing test programs: 4m12.276329377s ago: executing program 1 (id=2419): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0x5, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]}) 4m11.055094325s ago: executing program 1 (id=2427): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f00000000c0), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64, @ANYBLOB="0000000001"], 0x48}}, 0x0) 4m10.300607119s ago: executing program 1 (id=2433): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2540, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe) ioctl$TIOCSSOFTCAR(r0, 0x541a, 0x0) 4m9.690398427s ago: executing program 1 (id=2438): syz_mount_image$ext4(&(0x7f0000000100)='ext3\x00', &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=") syz_mount_image$fuse(0x0, &(0x7f0000000140)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) 4m8.420058124s ago: executing program 1 (id=2445): unshare(0x20000400) r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x7ffffffe, 0x0, 0x0) 4m7.516035247s ago: executing program 1 (id=2452): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r0) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0b060020000000000000300f00000500360000000000050035000400000005003300040000000a0001007770616e30"], 0x38}}, 0x8000) 4m5.387150038s ago: executing program 32 (id=2452): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r0) sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0b060020000000000000300f00000500360000000000050035000400000005003300040000000a0001007770616e30"], 0x38}}, 0x8000) 4m5.338111034s ago: executing program 2 (id=2455): set_mempolicy(0x4005, &(0x7f0000000080)=0x3, 0x2) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000000)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xa}, 0x1c) 4m3.976569961s ago: executing program 2 (id=2460): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1ad7498, 0x0) mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x84022, &(0x7f00000000c0)={[{@nr_inodes={'nr_inodes', 0x3d, [0x35]}}]}) 4m3.250716322s ago: executing program 2 (id=2464): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_IMMEDIATE_DATA={0x8, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0) 4m2.318307298s ago: executing program 2 (id=2467): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c}) 4m1.322472454s ago: executing program 2 (id=2472): mmap(&(0x7f0000436000/0x1000)=nil, 0x1000, 0x2, 0x31, 0xffffffffffffffff, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) syz_open_dev$sndctrl(0x0, 0x1, 0x400) 4m0.334493557s ago: executing program 2 (id=2476): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = gettid() sendmmsg$unix(r0, &(0x7f0000001b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x18, 0x1, 0x2, {r1}}}, @rights={{0x10, 0x1, 0x1, [r0]}}], 0x28, 0x20000000}}], 0x1, 0x20004841) 3m58.824469497s ago: executing program 33 (id=2476): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = gettid() sendmmsg$unix(r0, &(0x7f0000001b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x18, 0x1, 0x2, {r1}}}, @rights={{0x10, 0x1, 0x1, [r0]}}], 0x28, 0x20000000}}], 0x1, 0x20004841) 1m33.452554392s ago: executing program 5 (id=3532): r0 = io_uring_setup(0x6b3, &(0x7f0000000000)={0x0, 0xf322, 0x100, 0x2, 0x213}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x582, 0x0) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f00000001c0)=[r1, r0], 0x2) 1m32.864638881s ago: executing program 5 (id=3535): io_setup(0x8, &(0x7f0000000600)=0x0) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) io_submit(r0, 0x1, &(0x7f0000000080)=[&(0x7f0000000140)={0x0, 0x4, 0x0, 0x1, 0x0, r1, &(0x7f0000000180)="f881829c22967eadca51d5b78c4399009c2d4a3de85497741ea42e0d1cb0fd51", 0x20, 0xc3}]) 1m32.224728091s ago: executing program 5 (id=3541): r0 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c) setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000100)=0x2, 0x4) 1m31.894831358s ago: executing program 5 (id=3543): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v") mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) 1m30.995893979s ago: executing program 5 (id=3549): r0 = io_uring_setup(0xad5, &(0x7f0000000040)={0x0, 0xfffffffc}) close(r0) clock_nanosleep(0x2, 0x1, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe) 1m30.222016395s ago: executing program 5 (id=3556): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") creat(0x0, 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000, 0x0) 1m28.597342941s ago: executing program 34 (id=3556): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO") creat(0x0, 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000, 0x0) 4.578552031s ago: executing program 3 (id=4179): r0 = memfd_create(&(0x7f0000000100)='ns/usr\x00\xa5-Oz\xba^\xd0\xe3\xeb\xddC\xc4G\x19\xe3I#\xc7YZD\x82\xb9\xc3h\x14\x7f\x8e\x9d\x19\a\x809Fw?N\xe0\xd4\xbc\x80\xc1\x99\xberXt\xd8\xee\xee%\x89\x9a\xf9\xc3\xee\x9e0\xec\x8b\xd0\xdb\x10.\x1b%\x9d\x1c\x83\x84\xb7\xdbH\".gR\xac\f\xf9w)f\xd5B\x05M\xb6\xe1\x92\xe9\x82\x9ekB#\x9c\x13\xe2Dp/P#\x14w\'w>\x80@-e\v\x9d\xa0c\xc1\x17\xcb\xc3\xb4\xf4)\x88V\xe0\xf6\x93v\xe8\x7f\x12*Q\xaa3Y\x00\xed\xfbh\xe7b\x15z\xb8\xb7\xd8E{\xfa\x85-q\x97\x8e\xd85\xc4$\aw\xc1\xd8\xed\xcf\x935\xd7\x87\xbb&\xf8\xd4\x05Y\xaf}4\xff7WD\xf1\x969\xacu\x83\xac\x852\xef\x9b\v\xb5\x0fO\xc3.\xee\xb97\x9c)C', 0x6) io_setup(0x8, &(0x7f0000000000)=0x0) io_submit(r1, 0x2, &(0x7f0000000e80)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x7, 0x8, r0, 0x0, 0x0, 0x9, 0x0, 0x2}, &(0x7f0000000ec0)={0x0, 0x0, 0x300, 0x1, 0x40, r0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x2}]) 3.875230457s ago: executing program 6 (id=4184): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) poll(&(0x7f0000000000)=[{r0}, {r0}], 0x2, 0x5e5b) shutdown(r0, 0x0) 3.750672797s ago: executing program 3 (id=4185): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, 0x0) mq_timedsend(r0, 0x0, 0x0, 0x0, 0x0) 3.191499354s ago: executing program 3 (id=4190): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000001780)=0x100000, 0x4) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f00000001c0)=0x304214, 0x4) 2.788561051s ago: executing program 0 (id=4192): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="59cf0000008000000000080000001400018006000100020000dd070005"], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 2.676940407s ago: executing program 4 (id=4193): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x101d0}], 0x1, 0x0, 0xd66, 0xf5ffffff}, 0x0) sendmsg$inet(r1, &(0x7f0000002700)={0x0, 0x0, &(0x7f0000002680)=[{&(0x7f0000000180)="c9fe6524657e5d0b1b0c795703232da2308c221b419a7e00ffe61bbdf51156380461cc3f288abc4fc857d78d81bd9888c37ecbdab40de766512e88c0928f71007906787a33eb6abdae6fec73787b35f5b5ac33dfff68477f002b912e73ecd051cb2342753731f96b41c76d5ac3e36b443f415be4750903ae5627", 0x7a}, {&(0x7f0000000300)="e305516b65e4cc87e82de8a4e419acf6b10f4280cad4156714de113426f9b5979f7cd40a94428d4072aa6bfd298a48c67340c1406aed5ac431ab6b63cbfa967c44805be02ac1c385a1adb7a703069a1a26f572b8f90481d1add3c93a2e35e6fe867074c1024aafaf83fd602745b19d397fb09af1e95f79ac05bf8c708c20d179cc693891df22a3ddbb6165dabbfe", 0x8e}], 0x2}, 0x10) 2.521195198s ago: executing program 7 (id=4194): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'virt_wifi0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0xffffffffffffff2a, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r1, {0xb, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x44080) 2.474609703s ago: executing program 6 (id=4195): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001030000000000000000fc0100000000000000000000000000003ed300000000000000000000000000000000000000000000020010"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x30, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[], 0x188}}, 0x0) 2.346645786s ago: executing program 0 (id=4196): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r0, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)=ANY=[], 0x10) 2.196793603s ago: executing program 4 (id=4197): r0 = socket(0x2, 0x80805, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000000)={'veth0_to_team\x00', 0x400}) getsockopt$bt_hci(r0, 0x84, 0x80, &(0x7f0000000000)=""/4103, &(0x7f0000001080)=0x1007) 2.048848541s ago: executing program 6 (id=4198): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="bfc628bd7000ffdbdf251a00000005009200800000000700210062620008100022"], 0x34}, 0x1, 0x0, 0x0, 0x20044044}, 0x800) 1.902637396s ago: executing program 7 (id=4199): r0 = socket(0x840000000002, 0x3, 0xff) setsockopt$inet_int(r0, 0x0, 0x13, &(0x7f0000000000)=0xd, 0x4) sendto$inet(r0, &(0x7f0000000340)="b71785b0babdcee978c9cfec81daf21597a06f7ea8c38ef3a81616ac", 0x1c, 0x0, &(0x7f00000001c0)={0x2, 0x4e21, @empty}, 0x10) 1.884144077s ago: executing program 0 (id=4200): io_setup(0xeb0, &(0x7f0000000140)=0x0) io_cancel(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x100000000}, 0x0) migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000040)=0x272) 1.682985887s ago: executing program 4 (id=4201): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x12}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) 1.552063715s ago: executing program 3 (id=4202): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_udp_encap(r0, 0x11, 0x68, &(0x7f0000000040)=0x2, 0x4) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000080)=0x2, 0x4) 1.54741049s ago: executing program 6 (id=4203): munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000f80)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x2c, 0x2, @in={0x2, 0x4e24, @broadcast}}}, 0x90) 1.408814661s ago: executing program 7 (id=4204): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0xf2, 0x0) 1.262630372s ago: executing program 4 (id=4205): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xf, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000f9850000008600000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94) bpf$PROG_BIND_MAP(0x23, &(0x7f00000001c0)={r1, r0}, 0xc) 1.106654039s ago: executing program 0 (id=4206): r0 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x20008000) recvmsg(r0, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x0) 1.040763689s ago: executing program 6 (id=4207): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@newlink={0x80, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, 0x8000, 0x3}, [@IFLA_MTU={0x8, 0x4, 0x27a}, @IFLA_PORT_SELF={0x58, 0x19, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x54, 0x2, '\x00\x00\x00~\x00\x00\xcf>zYV\xf2\x14\xaaR\xfd\xd7\xcc}\xa0\xd4\xaf\xc3\x93Yt>T\xa6\xce\x93!\xe6\x1f\xd2\xe4t_+\x8f\n\xa5;\xe8\xadQ\xe1\xe8\xca\xb2\xc7b\xe5}\xf4^\x1cT\xe4\x06\xf4\x93\xb1\x90\xf2\x86\x0e\xf5 +e\x9f\xf1\x00\x7f\x83\xac\xf4\xefW'}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x85}, 0x4000000) 1.027321702s ago: executing program 3 (id=4208): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="b8000000", @ANYRES16=r1, @ANYBLOB="59cf00000000000000000800000014000180060001000220000008000500030000004c00038014000600fe8000000000000000000000000000a2060007004e20000014000600fc00000000000000000000000000000108000300000000000800010001000000080003000100000044000180060001000a0000000c0007000800000018000000060004004e200000060002003b000000140003"], 0xb8}, 0x1, 0x0, 0x0, 0x4000004}, 0x80) 902.693932ms ago: executing program 7 (id=4209): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000280)={r1, 0x1000}, 0x8) 668.392795ms ago: executing program 4 (id=4210): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', 0x0}) sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f00000000c0)={0x1d, r1}, 0x10, &(0x7f0000000100)={&(0x7f0000000140)=@canfd={{0x2, 0x1, 0x0, 0x1}, 0xc, 0x1, 0x0, 0x0, "f0176b837b6e8af543890979635e1bfe64a0b801d970cab5e645a0e4ba5414b0219ea699062ab89a6ac299679f82eec9ae31e3a62528d879dc70017b089c38c8"}, 0x48}, 0x2, 0x0, 0x0, 0x4880}, 0x8000) 509.749635ms ago: executing program 7 (id=4211): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000007c0)={0x3c, r1, 0x1, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x64}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20009005}, 0x0) 453.93912ms ago: executing program 3 (id=4212): syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000280)={[{@sysvgroups}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@resgid}, {@grpjquota}, {@init_itable}, {@jqfmt_vfsold}]}, 0x1, 0x793, &(0x7f0000001600)="$eJzs3MFLXNcaAPDvXp0YE/PGB2/x3ibvQQIJhIwaN8nq+TZvFwgEuk1FRxGvTnDGVG0gprtCIY2bthRKu++y20JI/4DuSqCF7gulTe2i7WbKHUdt4owZ45hJ098PrnPOveee73z3Xo/3gncC+Mv6T/4jiRiKiGsRUWyuTyPiWKN0PGJ9q93m49tT+ZJEvX79hyTfLTbrxZ2+kubnyWjsEv+MiIeFiAtv7Y1bXV2bn8yy8lKzPlJbuDlSXV27OLcwOVueLS+OjV8ZvTw+fnl0vGu5nn3tyuD9L/+/sfHVZ7V7p/svJjHRyDuauXUt0B9sHZNCTDy1fvEogvVQ0kGb/oM0BgDgSOT3+X3Ne7NCFKNv9y5tr302AQAAAC+v+kC9U7923BIAAAB4ySTR6xEAAAAAR2v7/wC23+09qvdg2/n+fxEx3Cp+f+Md4ojjUYiIE5vJE68fJFu7waGs342IBxMtrr/Dv6Q8ulsc7E6PdNuDfP6ZaDX/pDvzT7SYf/q3vzvhkNrPf7vx+9rMf9c6jPH5R/8qtI1/t7ry9ulW8ZOd+Emb+K93GP/exjv3222rfxJxruXfn+SJWPt8P8TIzFzW6ldrZ7gPfzv/qH3+ESf2xE+SRtRk//xvdpj/m5s/za/vE//8mf3P/1b8gSf2y6+Jd5vjSCPifvMzr288FePMwtdf7I2crG/Hn25z/Fue//G+nR4+7jD/bz8dWOmwKQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADSkETEUSVraKadpqRRxMiL+ESfSrFKtXZipLC9O59sihqOQzsxl5dGIKG7Vk7w+1ijv1i/l5cHd+nhE/P2bwa2gc1m5NFXJpnudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADtORsRQJGkpItKI+LmYpqVSr0cFAAAAdN1wrwcAAAAAHDnP/wAAAPDqe97n/6TL4wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABeadeuXs2X+ubj21N5ffrW6vJ85dbF6XJ1vrSwPFWaqizdLM1WKrNZuTRVWXhWf2lEjF2J5ZWRWrlaG6murt1YqCwv1m7MLUzOlm+UCy8kKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5qqLEkA6WISBvlNC2VIk5FxHAUkpm5rDwaEX+LiEfFwkBeH+v1oAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi66ura/GSWlZf+3IX6i0inLyK612FfdKGfSCJeklPQovBB86zs1yZZj+j5UNPmQA/Tz8GujTvPOCy9Lvy7R/MRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC9VV1dm5/MsvJStdcjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoLfS75KIyJdzxbNDT289lvxSjMGt8hsfXn9vZbJWWxrL1/9YbGyPiNr7zfWXIuJUc8c7LzYLAAAAeMX99yCNt5/Tt5/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOlVdXZufzLLy0hEW4m6vswQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7H7wEAAP//YEa3Uw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0xdc79058c513c3ca0) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000180)={0x1, 0x1, 0x1000, 0x0, 0x0, 0x0, 0x20, 0x0}) 439.803728ms ago: executing program 0 (id=4213): r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4, 0x7ff, @mcast2, 0x9}, 0x1c) sendmmsg$inet(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000800)="33ae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dea658eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a01044af7aaecb20d5570ebf24b30bbc6dfc3f70d85cd9f0d60ebd8fedd161d199d9997a0e2d18d1c99bc7158564e0ddb4673055de196535d706d142e1dc7d404583923cb1b286cfc5418884ac7e605d93652dc48ff690894405a0b6abc3c4d0f6a16c0a95c0508bd7eeffcd1da0b17f7701448658864b429e9472edfeffbf34d6e7c78f4aa73c0", 0x2de}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb793a610b3738b393eed8633fc8e8f630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc47ed2537681827f6129759272574cf58f2f33e47a0e416573cfdcfb44ed9dd4ce41af4de9c471c49f12f090934c3b32f2f4777c65b1574826727f5f62", 0x1e9}, {&(0x7f0000000240)="05437c98b91b1455046f57b5fc913814bde2bbeac2104eaea9c9d01a7838d859207067c10aa7352abbdf98e9bf033a3184a11e84639d3b9164d9c5d729f3dd409d39ff041e657c8df4050d43d58c863d5f323f6d5cf367cd939f790732e8d2310e876fcb299cd44b72bda697035b7b475bc35afbb483db39ac864dbee0c9760c22a1d32d83588afd7c994652413b22db76874ca052ef2013317eb7fcc5677e9d", 0xa0}, {&(0x7f00000000c0)="f6fde6166ead37dba606ba7e3e1fc81cc3edc86fff2cf1880b0d00000000", 0x1e}], 0x4, 0x0, 0x0, 0x900}}], 0x2, 0x2c040804) 428.137793ms ago: executing program 6 (id=4214): syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./file3\x00', 0x4098, &(0x7f0000002700)=ANY=[], 0x1, 0x295, &(0x7f0000000700)="$eJzs3U1rE0Ecx/HfbFIbbanbBxHEU7XgSdp6ES+C9B148SRqE6EYKmgF9VQ9iy/Au/gOfBGexJsgePPkC8gtMrOzzWySzcaQdZv4/UDCZnces7OZ+acNKwD/rTt7Pz/e+GUfRrVk1y0pktSQ6pIu6GLjxeHRwVG71RxVUM3lsA+jJKcZSLN/2BqW1eZzObzYvqprOdyHcjR+VN0CnAZG6eWfdSwt+qvTHW/885aV47jqBkzZ4IdtQfqOOnqplZKaAwCYEX7+j/w8v+ynlCiStvy0n53/Z3wC7VTdgIoF87+Lsrou/DvvDvXiPTsEvtvjURolTlLXGSUjK7PANEVRpWtLdPbxQbt1ff9puxnprW57QbIN99xMhm4qbO2bwaI3/265NHnfl1wfFmwfdnPav55ufJpKjcXMF/PV3DexPqh5sv6rd409Te5MxX1nKmn/dn6Jrpdxkiqnl6uukku+Bm9kL2vKiUiUjqhVZb8giIva6XKt9eVKerdTkGt9aK7dglwb/bl6ozk/Z4ncqDfvzT2zqd/6rL1g/R/Zd3tL41yZNo1L6UfGyP7UXcrY1e6vuuPLQ1NGE/YKJxYWx076To90UyvPX71+8rDdbj0LN+x1l92T3UjP1Kg0bJSzUZ9GOekgqL47c75h3+RKak/nncnLmfJHE06l3kkvStk3PfO3mXlhT6xJ4r8gXtlOFot27dZbpw8syLtFhQcl7uTEBmvu+Vw4wkx+bGDcVw9L+RHcuDHXlWvS1WBnQcwV+3bOCbOnb3rA9/8AAAAAAAAAAAAAAAAAAACzZno/OWgo75CvKvfXfAAAAAAAAAAAAAAAAAAAAAAAYLTw/r+quf/Rr/b+v3eVvOL+v0Dp/gQAAP///vhzdw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000180)="f7", 0x1, 0x200980) 211.337256ms ago: executing program 4 (id=4215): r0 = socket$inet(0x2, 0x2, 0x1) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000002c0)='xfrm0\x00', 0x10) sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000100)=[{&(0x7f00000001c0)="08001efb3e6f0000", 0x8}], 0x1, 0x0, 0x0, 0xe0000000}, 0x0) 17.761445ms ago: executing program 0 (id=4216): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r0) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000100)={0x0, 0x4100, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}]}, 0x3c}}, 0x0) 0s ago: executing program 7 (id=4217): syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)=ANY=[], 0x1, 0x67b, &(0x7f0000000700)="$eJzs3c1vHGcdB/DvbDbrbFpSt03agCrVaiRARCR2LBfMhYAQ8qFCVTlwthKnsbJJi+0it0LU4fXaQ/+AcvAFcULiHqlw4AK33pAlLpWQuPSCOS3a2dn1ev3SNWm8Tvl8otnnmXlmnuf3/GZn9sWKNsD/rYXLqT9IkYXLr6x31rc2Z1tbm7N3e/UkE0k2knqSWpLi3+12+8PkelL0uymGyj3eX55/7aNPtj7urtWrpdy/dthxQ6r9NoY2b/S2TSU5VZUPYVd/Nx66v6If+fUkl6oSxu50kvYuP/7Lk/2WAc39jj5zLDECj1bRfd3cYzI5W13onfcBvVfe2vFGN7qJEfcbfgcBAAAAj5tRPgM/tZ3trBfnjiEcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+FzY2Pn9/6Jaar36VIre7/83qm2p6ifLi0fb/cGjigMAAAAAAAAAjtGL29nOes711ttF+Tf/l8qV8+XjE3krq1nKSq5kPYtZy1pWMpNkcqCjxvri2trKzAhHXtv3yGufEuhEVTY/m3kDAAAAAAAAwOfMz7Ow8/d/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CYrkVLdIcX9g82Rq9SRnkjQ6GzaSv/Xqj7MH4w4AAAAAjsFEsp31nEvyj1qSdpHzSZ4rvwM4k7dyL2tZzlpaWcrN8nuB7qf+2tbmbGtrc/ZuZ9nb73f+daQwyh7T/e5h/5Evlns0cyvL5ZYruZE30srN1MojOy5W8fR6HYjrTJL7nZiKb1f6Rx3uZlV2Zv5eVe7x7pEme5AjfpkyWWbkdD8j01VsnXk93Tsz+5+hI56d4ZFmUusHe35opMbuyQzlfDRnq7Izn18flPOxGM7EtYFn33OH5zz5yh9//6Ppqn5ypjSaU1XZLh+bezMxO5CJ50fJxO3WvTu3b61eftwyscd0mYkL/fWFfD8/zOVM5dWsZDk/yWLWspSpfK+sLVYnvxi45A/I1PVda69+WiSN6hnaPVlHi+ml8thzWc4P8kZuZikvl/+uZSbfyFzmMj9whi8cfobLq752wFXf/sK+wV/6alVpJvlNVZ4Mnbw+PZDXwXvuZNk2uGUnS8+MkKUj3hvrX6oqnTF+UZUnw3AmZgYy8ezhmfhteVtZbd27s3J78c3RhnvmvarSuY5+lUyN90bSGKo/0zlZ5druZ0en7dl922bKtvP9ttqetgv9tu6VunHgldqo3sPt7ela2fb8vm2zZdvFgbb93m8BcOKd/drZRvOfzb82P2j+snm7+cqZ7058c+KFRk7/6fS36tOnvlx7ofhDPsjPys//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAQ1p9+507i63W0kq30khSVtrt9ru7m45aqVcj/I+HP0QlU39/ojPyPk29nzN7dKO3n+qO0N/yxSeT45v7Sa38p91uV1uKA/b53Z9PTKLalRORujFVxnRDAo7N1bW7b15dffudry/fXXx96fWle/Nzc/PT83Mvz169tdxamu4+jjtK4FHYedEfdyQAAAAAAAAAAADAqI7jvxOMe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA423hcuoPUmRm+sp0Z31rc7bVWXr1nT3rSWpJip8mxYfJ9XSXTA50Vxw0zvvL86999MnWxzt91Xv71w47bjQb1ZKpJKe65f3Pqr8bVXmo4rApFP0ZdhJ2qZc4GLf/BgAA//8XMgNa") mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1, 0x0) rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') kernel console output (not intermixed with test programs): ] loop0: detected capacity change from 0 to 64 [ 603.728219][T11679] loop4: detected capacity change from 0 to 2048 [ 603.803839][T11679] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 603.984102][T11688] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 604.075941][ T4263] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 604.084881][ T4263] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 604.146049][T11679] NILFS error (device loop4): nilfs_check_folio: size of directory #12 is not a multiple of chunk size [ 604.178356][T11679] Remounting filesystem read-only [ 604.199310][ T4263] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 604.207661][ T4263] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 604.945067][T11697] atomic_op ffff88804f702128 conn xmit_atomic 0000000000000000 [ 606.155272][T11726] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0 [ 606.735869][T11735] netlink: 'syz.5.2576': attribute type 27 has an invalid length. [ 606.890583][ T1861] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 606.899003][ T1861] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 607.089008][ T1861] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 607.097472][ T1861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 608.204391][T11761] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2589'. [ 608.241388][T11761] Zero length message leads to an empty skb [ 608.287184][T11760] loop0: detected capacity change from 0 to 1024 [ 608.373654][T11760] hfsplus: bad catalog entry type [ 608.593374][ T4263] hfsplus: b-tree write err: -5, ino 4 [ 609.360624][T11775] loop3: detected capacity change from 0 to 1764 [ 609.433999][T11775] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 609.887737][T11785] loop5: detected capacity change from 0 to 64 [ 611.586213][T11818] loop3: detected capacity change from 0 to 512 [ 611.630817][T11818] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 611.679335][T11818] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002] [ 611.779787][T11818] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.2616: corrupted in-inode xattr: e_value size too large [ 611.819036][T11818] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2616: couldn't read orphan inode 15 (err -117) [ 611.866678][T11818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 611.935438][T11818] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 863271013 > max in inode 18 [ 612.149613][T11830] loop6: detected capacity change from 0 to 512 [ 612.184390][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 612.308433][T11830] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 612.367331][T11830] EXT4-fs (loop6): orphan cleanup on readonly fs [ 612.517012][T11830] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #16: comm syz.6.2620: corrupted inode contents [ 612.590331][T11830] EXT4-fs (loop6): Remounting filesystem read-only [ 612.618857][T11830] EXT4-fs (loop6): 1 truncate cleaned up [ 612.682961][ T1861] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 612.697210][ T1861] Quota error (device loop6): write_blk: dquota write failed [ 612.705509][ T1861] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries [ 612.715907][ T1861] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 612.726795][ T1861] Quota error (device loop6): write_blk: dquota write failed [ 612.734627][ T1861] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list [ 612.745058][ T1861] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started [ 612.755691][ T1861] Quota error (device loop6): v2_write_file_info: Can't write info structure [ 612.765232][ T1861] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 612.948686][T11830] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 613.302954][T11844] loop4: detected capacity change from 0 to 512 [ 613.324869][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.824215][T11855] loop3: detected capacity change from 0 to 512 [ 614.077405][T11859] loop4: detected capacity change from 0 to 256 [ 614.125618][T11859] exfat: Deprecated parameter 'utf8' [ 614.131892][T11859] exfat: Deprecated parameter 'utf8' [ 614.291275][T11859] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011ded, chksum : 0x9858084d, utbl_chksum : 0xe619d30d) [ 614.327056][T11861] loop6: detected capacity change from 0 to 1764 [ 614.399291][T11861] isofs: isofs_export_get_parent(): child directory not normalized! [ 614.542827][T11867] loop3: detected capacity change from 0 to 1024 [ 614.988742][T11067] hfsplus: b-tree write err: -5, ino 4 [ 615.386415][T11881] loop0: detected capacity change from 0 to 128 [ 615.419462][T11881] EXT4-fs: Ignoring removed nomblk_io_submit option [ 615.432370][T11881] EXT4-fs: Ignoring removed nomblk_io_submit option [ 615.495666][T11881] EXT4-fs (loop0): Test dummy encryption mode enabled [ 615.575841][T11881] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 616.193047][T11881] fscrypt (loop0): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 616.320231][T11899] loop5: detected capacity change from 0 to 512 [ 616.373805][T11899] EXT4-fs: Ignoring removed bh option [ 616.432147][T11888] loop6: detected capacity change from 0 to 8192 [ 616.447993][T11899] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 616.461305][ T5823] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 616.527291][T11899] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 616.548519][T11888] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 616.561814][T11899] EXT4-fs (loop5): orphan cleanup on readonly fs [ 616.568487][T11899] EXT4-fs error (device loop5): ext4_quota_enable:7120: comm syz.5.2652: Bad quota inum: 4294967291, type: 0 [ 616.613499][T11899] EXT4-fs (loop5): Remounting filesystem read-only [ 616.620411][T11899] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967291). Please run e2fsck to fix. [ 616.636653][T11899] EXT4-fs (loop5): Cannot turn on quotas: error -117 [ 616.647761][T11899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 616.917691][T11908] loop0: detected capacity change from 0 to 22 [ 616.932181][T11910] loop4: detected capacity change from 0 to 128 [ 616.981235][T11908] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 617.031333][T11397] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 618.013926][T11919] loop4: detected capacity change from 0 to 4096 [ 618.202649][T11926] loop6: detected capacity change from 0 to 2048 [ 618.299457][T11933] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 618.364529][T11932] loop5: detected capacity change from 0 to 1024 [ 618.438003][T11926] NILFS (loop6): error -2 truncating bmap (ino=16) [ 618.503366][ T5827] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 618.514375][ T5827] CPU: 1 UID: 0 PID: 5827 Comm: kworker/u9:5 Tainted: G W 6.16.0-rc6-syzkaller-00253-g4871b7cb27f4 #0 PREEMPT(none) [ 618.514541][ T5827] Tainted: [W]=WARN [ 618.514585][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 618.514683][ T5827] Workqueue: hci4 hci_rx_work [ 618.514808][ T5827] Call Trace: [ 618.514854][ T5827] [ 618.514900][ T5827] __dump_stack+0x26/0x30 [ 618.515050][ T5827] dump_stack_lvl+0x1df/0x270 [ 618.515206][ T5827] dump_stack+0x1e/0x25 [ 618.515340][ T5827] sysfs_create_dir_ns+0x46c/0x540 [ 618.515505][ T5827] kobject_add_internal+0xeed/0x1840 [ 618.515686][ T5827] kobject_add+0x2c1/0x410 [ 618.515849][ T5827] ? kmsan_get_metadata+0xfb/0x160 [ 618.515977][ T5827] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 618.516128][ T5827] device_add+0xa70/0x1c10 [ 618.516267][ T5827] hci_conn_add_sysfs+0x15f/0x2f0 [ 618.516431][ T5827] le_conn_complete_evt+0x1b35/0x21b0 [ 618.516602][ T5827] hci_le_enh_conn_complete_evt+0x158/0x260 [ 618.516763][ T5827] hci_le_meta_evt+0x6eb/0x960 [ 618.516891][ T5827] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 618.517060][ T5827] hci_event_packet+0xce2/0x1e40 [ 618.517220][ T5827] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 618.517386][ T5827] hci_rx_work+0x9a8/0x12b0 [ 618.517520][ T5827] ? __pfx_hci_rx_work+0x10/0x10 [ 618.517642][ T5827] process_scheduled_works+0xb91/0x1d80 [ 618.517860][ T5827] worker_thread+0xedf/0x1590 [ 618.518062][ T5827] kthread+0xd59/0xf00 [ 618.518178][ T5827] ? __pfx_worker_thread+0x10/0x10 [ 618.518362][ T5827] ? __pfx_kthread+0x10/0x10 [ 618.518489][ T5827] ret_from_fork+0x1e0/0x310 [ 618.518612][ T5827] ? __pfx_kthread+0x10/0x10 [ 618.518738][ T5827] ret_from_fork_asm+0x1a/0x30 [ 618.518918][ T5827] [ 618.694686][ T5827] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 618.714179][ T5827] Bluetooth: hci4: failed to register connection device [ 618.904452][ T1861] hfsplus: b-tree write err: -5, ino 4 [ 618.923637][T11933] NILFS (loop6): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 618.938001][T11933] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=16) [ 619.008932][T11933] Remounting filesystem read-only [ 619.022011][T11456] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer [ 619.287529][T11941] loop5: detected capacity change from 0 to 64 [ 619.361863][T11941] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing [ 619.990210][T11957] loop4: detected capacity change from 0 to 256 [ 620.166055][T11957] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 620.176660][T11957] FAT-fs (loop4): Filesystem has been set read-only [ 620.183648][T11957] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 620.194278][T11957] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 620.566123][T11964] vivid-000: disconnect [ 620.576371][T11963] vivid-000: reconnect [ 620.709866][T11966] program syz.0.2683 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 620.801725][T11096] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 620.908774][ T24] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 620.916905][ T24] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 620.924837][ T24] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 621.000392][ T24] hid-generic 0000:0000:0000.0012: hidraw0: HID v0.00 Device [syz1] on syz1 [ 621.013772][T11096] usb 6-1: Using ep0 maxpacket: 16 [ 621.024975][T11096] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 621.036382][T11096] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 621.049032][T11096] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 621.063308][T11096] usb 6-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 621.075386][T11096] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 621.124633][T11096] usb 6-1: config 0 descriptor?? [ 621.581397][T11096] ryos 0003:1E7D:31CE.0013: hidraw0: USB HID v0.00 Device [HID 1e7d:31ce] on usb-dummy_hcd.5-1/input0 [ 621.779765][T11096] usb 6-1: USB disconnect, device number 2 [ 622.465412][ T30] audit: type=1326 audit(622.425:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11980 comm="syz.4.2690" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f07539 code=0x7fc00000 [ 622.794514][T11999] netlink: 'syz.3.2697': attribute type 3 has an invalid length. [ 623.911055][T12021] loop6: detected capacity change from 0 to 512 [ 624.042968][T12021] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 624.117173][T12028] loop0: detected capacity change from 0 to 256 [ 624.426938][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 624.475240][T12035] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2714'. [ 624.679947][T12037] loop6: detected capacity change from 0 to 256 [ 624.723791][T12041] loop0: detected capacity change from 0 to 8 [ 624.823269][T12041] SQUASHFS error: Unable to read directory block [1d0:32] [ 624.828109][T12037] FAT-fs (loop6): Directory bread(block 64) failed [ 624.840067][T12037] FAT-fs (loop6): Directory bread(block 65) failed [ 624.847656][T12037] FAT-fs (loop6): Directory bread(block 66) failed [ 624.854559][T12037] FAT-fs (loop6): Directory bread(block 67) failed [ 624.864003][T12037] FAT-fs (loop6): Directory bread(block 68) failed [ 624.871724][T12037] FAT-fs (loop6): Directory bread(block 69) failed [ 624.880544][T12037] FAT-fs (loop6): Directory bread(block 70) failed [ 624.888006][T12037] FAT-fs (loop6): Directory bread(block 71) failed [ 624.897307][T12037] FAT-fs (loop6): Directory bread(block 72) failed [ 624.904200][T12037] FAT-fs (loop6): Directory bread(block 73) failed [ 625.334978][T12049] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2721'. [ 625.344615][T12049] netlink: 'syz.4.2721': attribute type 6 has an invalid length. [ 625.352807][T12049] netlink: 'syz.4.2721': attribute type 5 has an invalid length. [ 625.360730][T12049] netlink: 'syz.4.2721': attribute type 4 has an invalid length. [ 625.756924][T12051] loop0: detected capacity change from 0 to 4096 [ 625.857233][T12059] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 625.914095][T12062] netdevsim netdevsim3: Firmware load for '../file0' refused, path contains '..' component [ 625.971139][ T24] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 626.206638][ T24] usb 7-1: config 0 interface 0 altsetting 253 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 626.219010][ T24] usb 7-1: config 0 interface 0 altsetting 253 endpoint 0x81 has invalid maxpacket 991, setting to 64 [ 626.231254][ T24] usb 7-1: config 0 interface 0 has no altsetting 0 [ 626.238141][ T24] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00 [ 626.247923][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 626.343158][ T24] usb 7-1: config 0 descriptor?? [ 626.350393][T12056] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 626.880129][ T24] pyra 0003:1E7D:2C24.0014: unknown main item tag 0x0 [ 626.954363][ T24] pyra 0003:1E7D:2C24.0014: hidraw0: USB HID v7d.d9 Device [HID 1e7d:2c24] on usb-dummy_hcd.6-1/input0 [ 627.107689][ T24] usb 7-1: USB disconnect, device number 2 [ 627.156539][T12078] delete_channel: no stack [ 627.979494][T12093] loop5: detected capacity change from 0 to 256 [ 627.990314][T12092] loop0: detected capacity change from 0 to 128 [ 628.024192][T12092] ufs: You didn't specify the type of your ufs filesystem [ 628.024192][T12092] [ 628.024192][T12092] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 628.024192][T12092] [ 628.024192][T12092] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 628.099823][T12092] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2 [ 628.180682][T12092] netlink: zone id is out of range [ 628.186349][T12092] netlink: zone id is out of range [ 628.191776][T12092] netlink: zone id is out of range [ 628.197070][T12092] netlink: zone id is out of range [ 628.202636][T12092] netlink: zone id is out of range [ 628.207931][T12092] netlink: zone id is out of range [ 628.213381][T12092] netlink: zone id is out of range [ 628.218669][T12092] netlink: zone id is out of range [ 628.224116][T12092] netlink: zone id is out of range [ 628.229397][T12092] netlink: zone id is out of range [ 628.429111][T12093] FAT-fs (loop5): Directory bread(block 64) failed [ 628.436112][T12093] FAT-fs (loop5): Directory bread(block 65) failed [ 628.443354][T12093] FAT-fs (loop5): Directory bread(block 66) failed [ 628.454423][T12093] FAT-fs (loop5): Directory bread(block 67) failed [ 628.464427][T12093] FAT-fs (loop5): Directory bread(block 68) failed [ 628.471823][T12093] FAT-fs (loop5): Directory bread(block 69) failed [ 628.478690][T12093] FAT-fs (loop5): Directory bread(block 70) failed [ 628.485572][T12093] FAT-fs (loop5): Directory bread(block 71) failed [ 628.492578][T12093] FAT-fs (loop5): Directory bread(block 72) failed [ 628.499311][T12093] FAT-fs (loop5): Directory bread(block 73) failed [ 628.591263][T12100] loop4: detected capacity change from 0 to 1024 [ 628.993046][ T4444] hfsplus: b-tree write err: -5, ino 4 [ 629.299503][T12110] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2750'. [ 631.708485][T12149] loop3: detected capacity change from 0 to 64 [ 631.868206][T12149] hfs: hfs: Invalid key length: 94 [ 632.544439][T12167] loop5: detected capacity change from 0 to 764 [ 632.607705][T12167] Symlink component flag not implemented [ 632.614181][T12167] Symlink component flag not implemented [ 632.620187][T12167] Symlink component flag not implemented (129) [ 632.626847][T12167] Symlink component flag not implemented (6) [ 632.948440][T12174] loop0: detected capacity change from 0 to 512 [ 632.987461][T12174] EXT4-fs: Ignoring removed bh option [ 632.994020][T12174] EXT4-fs: Ignoring removed i_version option [ 633.028692][T12174] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 633.040351][T12174] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 2)! [ 633.051042][T12174] EXT4-fs (loop0): group descriptors corrupted! [ 633.875099][T12190] netlink: 300 bytes leftover after parsing attributes in process `syz.4.2790'. [ 633.950030][T12193] loop3: detected capacity change from 0 to 16 [ 633.970025][T12193] erofs (device loop3): mounted with root inode @ nid 36. [ 634.031614][ T30] audit: type=1800 audit(633.985:61): pid=12193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2792" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 634.741681][T12205] loop0: detected capacity change from 0 to 256 [ 634.869859][T12205] FAT-fs (loop0): Directory bread(block 64) failed [ 634.877048][T12205] FAT-fs (loop0): Directory bread(block 65) failed [ 634.884229][T12205] FAT-fs (loop0): Directory bread(block 66) failed [ 634.891366][T12205] FAT-fs (loop0): Directory bread(block 67) failed [ 634.898267][T12205] FAT-fs (loop0): Directory bread(block 68) failed [ 634.901507][T12209] loop4: detected capacity change from 0 to 64 [ 634.909399][T12205] FAT-fs (loop0): Directory bread(block 69) failed [ 634.921777][T12205] FAT-fs (loop0): Directory bread(block 70) failed [ 634.928624][T12205] FAT-fs (loop0): Directory bread(block 71) failed [ 634.935688][T12205] FAT-fs (loop0): Directory bread(block 72) failed [ 634.942587][T12205] FAT-fs (loop0): Directory bread(block 73) failed [ 635.703905][ T5876] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 635.794832][T12220] loop3: detected capacity change from 0 to 2048 [ 635.810418][T12225] loop5: detected capacity change from 0 to 64 [ 635.877098][T12226] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 635.878393][ T5876] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 635.899458][ T5876] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 635.909970][ T5876] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 635.919519][ T5876] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x69, changing to 0x9 [ 635.935859][ T5876] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 101, changing to 10 [ 635.947955][ T5876] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x9 has invalid maxpacket 18286, setting to 1024 [ 635.989244][ T5876] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 636.001423][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 636.009673][ T5876] usb 5-1: Product: syz [ 636.014200][ T5876] usb 5-1: Manufacturer: syz [ 636.072694][T12217] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 636.094347][ T5876] cdc_wdm 5-1:1.0: skipping garbage [ 636.099787][ T5876] cdc_wdm 5-1:1.0: skipping garbage [ 636.105675][ T5876] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 636.146026][T12220] NILFS (loop3): error -2 truncating bmap (ino=16) [ 636.219015][T12228] loop6: detected capacity change from 0 to 512 [ 636.299325][ T5876] usb 5-1: USB disconnect, device number 8 [ 636.356323][T12228] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 636.403157][T12226] NILFS (loop3): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 636.417964][T12226] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=16) [ 636.467787][T12226] Remounting filesystem read-only [ 636.475821][T12228] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.2807: corrupted xattr block 33: invalid header [ 636.502002][ T5814] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer [ 636.506026][T12228] EXT4-fs error (device loop6): ext4_xattr_block_get:593: inode #15: comm syz.6.2807: corrupted xattr block 33: invalid header [ 636.532321][T12228] fscrypt (loop6, inode 15): Error -117 getting encryption context [ 636.623867][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 636.901716][ T30] audit: type=1326 audit(636.855:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12238 comm="syz.3.2810" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 636.924182][ T30] audit: type=1326 audit(636.855:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12238 comm="syz.3.2810" exe="/root/syz-executor" sig=0 arch=40000003 syscall=250 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 636.946080][ T30] audit: type=1326 audit(636.855:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12238 comm="syz.3.2810" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 637.022632][T12242] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 637.033084][T12242] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 637.043514][T12243] loop6: detected capacity change from 0 to 8 [ 637.192941][T12243] SQUASHFS error: Unable to read directory block [2c0:35] [ 637.397765][T12237] loop0: detected capacity change from 0 to 4096 [ 637.495900][T12249] loop5: detected capacity change from 0 to 8 [ 637.652600][T12237] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 637.693740][ T11] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 637.764328][T12237] ntfs3(loop0): Failed to load $Extend (-22). [ 637.771634][T12237] ntfs3(loop0): Failed to initialize $Extend. [ 637.873488][ T11] usb 5-1: Using ep0 maxpacket: 8 [ 637.907123][ T11] usb 5-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 637.918504][ T11] usb 5-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 637.928622][ T11] usb 5-1: config 0 interface 0 has no altsetting 0 [ 637.937944][ T11] usb 5-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 637.947353][ T11] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 638.029945][ T11] usb 5-1: config 0 descriptor?? [ 638.298927][T12257] loop6: detected capacity change from 0 to 64 [ 638.396400][T12257] syz.6.2822: attempt to access beyond end of device [ 638.396400][T12257] loop6: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 638.410745][T12257] Buffer I/O error on dev loop6, logical block 134217734, async page read [ 638.490520][ T11] waltop 0003:172F:0037.0015: unknown main item tag 0x0 [ 638.502006][ T11] waltop 0003:172F:0037.0015: unknown main item tag 0x0 [ 638.509281][ T11] waltop 0003:172F:0037.0015: unknown main item tag 0x0 [ 638.519968][ T11] waltop 0003:172F:0037.0015: unknown main item tag 0x0 [ 638.527361][ T11] waltop 0003:172F:0037.0015: unknown main item tag 0x0 [ 638.545841][ T11] waltop 0003:172F:0037.0015: hidraw0: USB HID v0.00 Device [HID 172f:0037] on usb-dummy_hcd.4-1/input0 [ 638.563606][T12261] loop5: detected capacity change from 0 to 512 [ 638.601537][T12261] EXT4-fs error (device loop5): ext4_get_journal_inode:5796: comm syz.5.2824: inode #1792: comm syz.5.2824: iget: illegal inode # [ 638.701512][ T11] usb 5-1: USB disconnect, device number 9 [ 638.721499][T12261] EXT4-fs (loop5): Remounting filesystem read-only [ 638.728272][T12261] EXT4-fs (loop5): no journal found [ 638.734082][T12261] EXT4-fs (loop5): can't get journal size [ 638.742162][T12257] Trying to free block not in datazone [ 638.755802][T12261] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended [ 638.826579][T12261] EXT4-fs (loop5): Errors on filesystem, clearing orphan list. [ 638.836829][T12261] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 638.925691][T11397] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.946761][T12263] loop0: detected capacity change from 0 to 2048 [ 639.023295][T12267] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 639.164997][T12263] NILFS (loop0): error -2 truncating bmap (ino=16) [ 639.449919][T12267] NILFS (loop0): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 639.460926][T12267] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=16) [ 639.535657][T12267] Remounting filesystem read-only [ 639.557104][ T5823] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 640.313563][T12289] loop3: detected capacity change from 0 to 256 [ 640.604293][T12287] loop5: detected capacity change from 0 to 4096 [ 640.652325][T12287] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 640.855184][T12287] ntfs3(loop5): ino=19, mi_enum_attr [ 640.860772][T12287] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 640.877631][T12296] loop6: detected capacity change from 0 to 256 [ 640.898866][T12296] exfat: Deprecated parameter 'namecase' [ 640.988454][T12296] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 641.928012][T12315] atomic_op ffff88804b893928 conn xmit_atomic 0000000000000000 [ 642.951531][T12334] loop4: detected capacity change from 0 to 128 [ 643.188116][T12334] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 643.266712][T12334] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 643.618864][T12345] netlink: 'syz.3.2863': attribute type 2 has an invalid length. [ 646.791540][T12405] loop6: detected capacity change from 0 to 256 [ 647.128150][T12412] loop5: detected capacity change from 0 to 256 [ 647.316133][T12412] FAT-fs (loop5): Directory bread(block 64) failed [ 647.323220][T12412] FAT-fs (loop5): Directory bread(block 65) failed [ 647.330104][T12412] FAT-fs (loop5): Directory bread(block 66) failed [ 647.339384][T12412] FAT-fs (loop5): Directory bread(block 67) failed [ 647.346492][T12412] FAT-fs (loop5): Directory bread(block 68) failed [ 647.353388][T12412] FAT-fs (loop5): Directory bread(block 69) failed [ 647.360256][T12412] FAT-fs (loop5): Directory bread(block 70) failed [ 647.369768][T12412] FAT-fs (loop5): Directory bread(block 71) failed [ 647.376755][T12412] FAT-fs (loop5): Directory bread(block 72) failed [ 647.383737][T12412] FAT-fs (loop5): Directory bread(block 73) failed [ 647.705256][T12420] loop3: detected capacity change from 0 to 512 [ 648.073867][ T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 648.176139][T12428] loop3: detected capacity change from 0 to 1024 [ 648.239981][T12428] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 648.299779][ T24] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 648.376392][ T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 648.386012][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 648.394514][ T24] usb 6-1: SerialNumber: syz [ 648.446510][T12428] EXT4-fs (loop3): stripe (248) is not aligned with cluster size (16), stripe is disabled [ 648.511264][T12428] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 648.692509][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 649.292892][ T24] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 649.301803][ T24] usb 6-1: USB disconnect, device number 3 [ 649.485215][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 649.485452][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 649.915616][T12454] loop3: detected capacity change from 0 to 1024 [ 649.973061][T12454] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 650.079918][T12454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 650.147647][T12454] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: inode #11: comm syz.3.2914: missing EA_INODE flag [ 650.171949][T12461] loop0: detected capacity change from 0 to 512 [ 650.204228][T12454] EXT4-fs (loop3): Remounting filesystem read-only [ 650.231117][T12461] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 650.322024][T12461] EXT4-fs (loop0): orphan cleanup on readonly fs [ 650.328623][T12461] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.2917: Invalid inode bitmap blk 4 in block_group 0 [ 650.383414][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 650.404392][T12461] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 650.602146][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 650.743290][ T30] audit: type=1326 audit(650.685:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12469 comm="syz.5.2922" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f52539 code=0x0 [ 651.059688][T12480] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2924'. [ 651.094936][T12479] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2924'. [ 651.201306][ T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 651.401562][ T24] usb 7-1: Using ep0 maxpacket: 8 [ 651.422439][ T24] usb 7-1: New USB device found, idVendor=0757, idProduct=0a00, bcdDevice= 0.00 [ 651.432443][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 651.472051][ T24] usb 7-1: config 0 descriptor?? [ 651.961836][ T24] nti 0003:0757:0A00.0016: unknown main item tag 0x6 [ 651.968961][ T24] nti 0003:0757:0A00.0016: item fetching failed at offset 3/5 [ 652.041541][ T24] nti 0003:0757:0A00.0016: probe with driver nti failed with error -22 [ 652.153685][ T11] usb 7-1: USB disconnect, device number 3 [ 652.537175][T12503] loop5: detected capacity change from 0 to 128 [ 652.648032][T12503] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 652.736434][T12509] IPVS: set_ctl: invalid protocol: 98 172.20.20.170:20001 [ 652.832000][ T11] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 652.968821][T11397] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 653.011059][ T11] usb 5-1: Using ep0 maxpacket: 16 [ 653.056854][ T11] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 653.065581][ T11] usb 5-1: config 0 has no interface number 0 [ 653.072169][ T11] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 653.085740][ T11] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 33050, setting to 1024 [ 653.175997][ T11] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 653.187841][ T11] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 653.196603][ T11] usb 5-1: Product: syz [ 653.201087][ T11] usb 5-1: SerialNumber: syz [ 653.224715][ T11] usb 5-1: config 0 descriptor?? [ 653.260782][ T11] cm109 5-1:0.8: invalid payload size 1024, expected 4 [ 653.270618][ T11] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input15 [ 653.422483][T12519] netlink: 'syz.3.2941': attribute type 25 has an invalid length. [ 653.454977][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.464565][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.474857][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.482449][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.490019][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.497506][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.508088][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.515594][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.524023][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.534513][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 653.542006][ T11] usb 5-1: USB disconnect, device number 10 [ 653.550654][ C0] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 653.573152][ T11] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 654.621244][T12533] loop4: detected capacity change from 0 to 1024 [ 654.707401][T12533] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 655.087528][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.600143][T12558] loop6: detected capacity change from 0 to 256 [ 655.637008][T12558] exfat: Deprecated parameter 'namecase' [ 655.723057][T12558] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d) [ 656.181673][ T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 656.374762][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 656.386280][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 656.396555][ T24] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 656.413441][ T24] usb 5-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00 [ 656.428018][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 656.450167][T12568] loop5: detected capacity change from 0 to 1024 [ 656.518622][ T24] usb 5-1: config 0 descriptor?? [ 656.898995][ T4026] hfsplus: b-tree write err: -5, ino 4 [ 656.973787][ T24] hid-udraw 0003:20D6:CB17.0017: item fetching failed at offset 5/7 [ 657.031390][ T24] hid-udraw 0003:20D6:CB17.0017: parse failed [ 657.038195][ T24] hid-udraw 0003:20D6:CB17.0017: probe with driver hid-udraw failed with error -22 [ 657.170155][ T24] usb 5-1: USB disconnect, device number 11 [ 657.760524][T12590] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2975'. [ 658.363880][T12602] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2982'. [ 658.484437][T12601] loop6: detected capacity change from 0 to 2048 [ 658.545279][T12601] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 658.677097][T12604] @: renamed from vlan0 (while UP) [ 659.288137][T12618] tmpfs: Cannot change global quota limit on remount [ 659.812666][T12620] loop5: detected capacity change from 0 to 4096 [ 659.841151][T12620] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512). [ 660.022975][T12622] loop3: detected capacity change from 0 to 4096 [ 660.111300][T12620] ntfs3(loop5): Failed to initialize $Extend/$ObjId. [ 660.452009][T12622] ntfs3(loop3): ino=21, "bus" fiemap is not supported for compressed file (cp -r) [ 660.992476][T12638] netlink: 'syz.6.3000': attribute type 2 has an invalid length. [ 661.065345][T12641] [U] [ 661.068385][T12641] [U] [ 661.071388][T12641] [U] [ 661.074378][T12641] [U] [ 661.077374][T12641] [U] [ 661.080356][T12641] [U] [ 661.083348][T12641] [U] [ 661.086338][T12641] [U] [ 661.137992][T12641] [U] [ 661.141049][T12641] [U] [ 661.144054][T12641] [U] [ 661.170523][T12639] [U] [ 661.179821][ T30] audit: type=1800 audit(661.135:66): pid=12645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3002" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 661.675571][T12653] loop0: detected capacity change from 0 to 256 [ 661.786135][T12653] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001043e, chksum : 0xdd084882, utbl_chksum : 0xe619d30d) [ 661.962045][T12655] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3007'. [ 661.971666][T12655] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3007'. [ 661.980804][T12655] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3007'. [ 663.453960][T12669] loop3: detected capacity change from 0 to 2048 [ 663.601205][T12669] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 664.308671][T12678] loop6: detected capacity change from 0 to 16 [ 664.355974][T12678] erofs (device loop6): mounted with root inode @ nid 36. [ 664.572335][T12661] Invalid ELF header magic: != ELF [ 665.811159][ T30] audit: type=1326 audit(665.765:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12693 comm="syz.6.3025" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x0 [ 666.328538][T12705] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false [ 667.370525][T12722] IPVS: set_ctl: invalid protocol: 98 172.20.20.170:20001 [ 667.655062][T12726] netlink: 'syz.6.3040': attribute type 6 has an invalid length. [ 668.559930][T12744] loop0: detected capacity change from 0 to 256 [ 668.571547][T12744] exfat: Deprecated parameter 'utf8' [ 668.785927][T12744] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xd9b3646f, utbl_chksum : 0xe619d30d) [ 669.580003][ T30] audit: type=1326 audit(669.535:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12760 comm="syz.5.3056" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f52539 code=0x0 [ 669.927031][T12771] loop0: detected capacity change from 0 to 64 [ 669.964147][T12772] loop4: detected capacity change from 0 to 256 [ 670.444819][T12777] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3063'. [ 670.659045][T12779] loop4: detected capacity change from 0 to 764 [ 670.713794][T12779] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 670.757277][T12782] loop6: detected capacity change from 0 to 8 [ 670.821644][T12784] tmpfs: Cannot enable swap on remount if it was disabled on first mount [ 670.844316][T12782] SQUASHFS error: zlib decompression failed, data probably corrupt [ 670.854531][T12782] SQUASHFS error: Failed to read block 0x9b: -5 [ 670.864029][T12782] SQUASHFS error: Unable to read metadata cache entry [99] [ 670.871695][T12782] SQUASHFS error: Unable to read inode 0x127 [ 671.958003][T12807] loop6: detected capacity change from 0 to 128 [ 672.035867][T12807] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 672.263411][T11456] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 672.577690][T12819] loop0: detected capacity change from 0 to 128 [ 672.636933][T12819] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 672.734294][T12819] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 672.778735][T12819] EXT4-fs error (device loop0): htree_dirblock_to_tree:1051: inode #2: comm syz.0.3081: Directory block failed checksum [ 673.094065][ T5823] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 674.551956][T12851] loop0: detected capacity change from 0 to 1024 [ 675.112159][T12861] Bluetooth: MGMT ver 1.23 [ 675.483589][T12868] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3107'. [ 675.519393][T12871] loop3: detected capacity change from 0 to 128 [ 675.584370][T12871] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 675.645221][T12871] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 675.934624][ T4026] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 676.403625][T12885] loop6: detected capacity change from 0 to 1024 [ 677.117748][T12896] loop4: detected capacity change from 0 to 512 [ 677.395074][ T58] hfsplus: b-tree write err: -5, ino 4 [ 678.125487][T12915] loop3: detected capacity change from 0 to 512 [ 678.165778][T12915] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 678.399203][T12921] loop5: detected capacity change from 0 to 512 [ 678.622590][T12921] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 678.962220][T11397] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 681.207264][T12974] loop3: detected capacity change from 0 to 1024 [ 681.314441][T12974] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 681.502486][T12978] loop0: detected capacity change from 0 to 2048 [ 681.511591][T12974] EXT4-fs error (device loop3): ext4_generic_delete_entry:2668: inode #2: block 16: comm syz.3.3156: bad entry in directory: inode out of bounds - offset=12, inode=1282, rec_len=12, size=1024 fake=1 [ 681.534550][T12974] EXT4-fs error (device loop3) in ext4_delete_entry:2739: Corrupt filesystem [ 681.547661][T12978] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 681.575329][T12974] EXT4-fs warning (device loop3): ext4_rename_delete:3726: inode #2: comm syz.3.3156: Deleting old file: nlink 4, error=-117 [ 681.654448][T12985] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 681.654725][T12978] syz.0.3157: attempt to access beyond end of device [ 681.654725][T12978] loop0: rw=524288, sector=65534, nr_sectors = 2 limit=2048 [ 681.716933][T12978] syz.0.3157: attempt to access beyond end of device [ 681.716933][T12978] loop0: rw=0, sector=65534, nr_sectors = 2 limit=2048 [ 681.717103][T12978] NILFS (loop0): I/O error reading meta-data file (ino=6, block-offset=3) [ 681.717213][T12978] NILFS (loop0): error -5 reading inode: ino=12 [ 681.721787][ T30] audit: type=1800 audit(681.675:69): pid=12978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3157" name="bus" dev="loop0" ino=2097152 res=0 errno=0 [ 681.761379][T12987] tipc: Started in network mode [ 681.761558][T12987] tipc: Node identity 96a74e57c06c, cluster identity 4711 [ 681.762229][T12987] tipc: Enabled bearer , priority 10 [ 681.919113][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 682.456578][T12997] program syz.0.3164 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 682.761294][ T11] tipc: Node number set to 1456164439 [ 683.450045][T13013] tipc: Enabling of bearer rejected, failed to enable media [ 683.652164][ T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 683.677963][T13020] loop6: detected capacity change from 0 to 256 [ 683.799231][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.808425][T13020] FAT-fs (loop6): Filesystem has been set read-only [ 683.815515][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.821648][ T24] usb 6-1: Using ep0 maxpacket: 8 [ 683.827085][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.839751][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.850175][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.859569][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.873553][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.883464][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.885223][ T24] usb 6-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 683.892451][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.892620][T13020] FAT-fs (loop6): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 683.903982][ T24] usb 6-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 683.904116][ T24] usb 6-1: config 0 interface 0 has no altsetting 0 [ 683.904277][ T24] usb 6-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 683.904406][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 683.969502][T13023] vlan2: entered promiscuous mode [ 683.974971][T13023] bridge0: entered promiscuous mode [ 684.008100][ T24] usb 6-1: config 0 descriptor?? [ 684.058014][ T30] audit: type=1800 audit(684.015:70): pid=13020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.3177" name="file1" dev="loop6" ino=1048848 res=0 errno=0 [ 684.081585][T13026] loop4: detected capacity change from 0 to 256 [ 684.100287][T13020] FAT-fs (loop6): error, fat_free_clusters: deleting FAT entry beyond EOF [ 684.363544][T13026] FAT-fs (loop4): Directory bread(block 64) failed [ 684.372213][T13026] FAT-fs (loop4): Directory bread(block 65) failed [ 684.374042][T13020] syz.6.3177 (13020) used greatest stack depth: 3760 bytes left [ 684.379001][T13026] FAT-fs (loop4): Directory bread(block 66) failed [ 684.396768][T13026] FAT-fs (loop4): Directory bread(block 67) failed [ 684.403797][T13026] FAT-fs (loop4): Directory bread(block 68) failed [ 684.410570][T13026] FAT-fs (loop4): Directory bread(block 69) failed [ 684.419952][T13026] FAT-fs (loop4): Directory bread(block 70) failed [ 684.427873][T13026] FAT-fs (loop4): Directory bread(block 71) failed [ 684.438125][T13026] FAT-fs (loop4): Directory bread(block 72) failed [ 684.447439][T13026] FAT-fs (loop4): Directory bread(block 73) failed [ 684.483265][ T24] waltop 0003:172F:0037.0018: unknown main item tag 0x0 [ 684.490561][ T24] waltop 0003:172F:0037.0018: unknown main item tag 0x0 [ 684.502991][ T24] waltop 0003:172F:0037.0018: unknown main item tag 0x0 [ 684.510256][ T24] waltop 0003:172F:0037.0018: unknown main item tag 0x0 [ 684.518028][ T24] waltop 0003:172F:0037.0018: unknown main item tag 0x0 [ 684.584113][ T24] waltop 0003:172F:0037.0018: hidraw0: USB HID v0.00 Device [HID 172f:0037] on usb-dummy_hcd.5-1/input0 [ 684.699435][ T24] usb 6-1: USB disconnect, device number 4 [ 684.843497][T13031] loop6: detected capacity change from 0 to 512 [ 684.890195][T13031] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 684.979610][T13031] EXT4-fs error (device loop6): ext4_orphan_get:1419: comm syz.6.3182: bad orphan inode 131083 [ 685.022199][T13031] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 685.153996][T13041] batadv0: entered promiscuous mode [ 685.164847][T13041] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 685.180680][T13041] batadv0: left promiscuous mode [ 685.425668][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 685.719419][T13048] loop5: detected capacity change from 0 to 512 [ 685.779541][T13048] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 685.840497][T13048] System zones: 1-12 [ 685.859100][T13048] EXT4-fs error (device loop5): dx_probe:791: inode #2: comm syz.5.3190: Directory hole found for htree index block 0 [ 685.928760][T13055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3192'. [ 685.990649][T13048] EXT4-fs (loop5): Remounting filesystem read-only [ 686.029317][T13048] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -117 [ 686.066334][T13048] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 686.077082][T13048] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 686.347264][T11397] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 686.476141][T13063] tipc: Started in network mode [ 686.481531][T13063] tipc: Node identity aaaaaaaaaa4, cluster identity 4711 [ 686.490629][T13063] tipc: Enabled bearer , priority 10 [ 686.928231][T13071] [U] V3Fپ"S/4:XTZWTLW= [ 686.937739][T13071] [U] J"E:" [ 686.940177][T13070] loop6: detected capacity change from 0 to 1024 [ 686.941669][T13071] [U] [ 686.993769][T13070] EXT4-fs: Ignoring removed nobh option [ 686.999590][T13070] EXT4-fs: Ignoring removed bh option [ 687.107007][T13070] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 687.271980][ T30] audit: type=1800 audit(687.225:71): pid=13070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3199" name="file2" dev="loop6" ino=16 res=0 errno=0 [ 687.315510][ T11] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 687.489317][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 687.518286][ T11] usb 4-1: Using ep0 maxpacket: 8 [ 687.551747][ T11] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 687.563177][ T11] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 687.575573][ T11] usb 4-1: config 0 interface 0 has no altsetting 0 [ 687.582658][ T11] usb 4-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00 [ 687.592445][ T11] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 687.608719][ T24] tipc: Node number set to 15379114 [ 687.725540][ T11] usb 4-1: config 0 descriptor?? [ 688.185839][ T11] waltop 0003:172F:0037.0019: unknown main item tag 0x0 [ 688.193390][ T11] waltop 0003:172F:0037.0019: unknown main item tag 0x0 [ 688.200650][ T11] waltop 0003:172F:0037.0019: unknown main item tag 0x0 [ 688.210979][ T11] waltop 0003:172F:0037.0019: unknown main item tag 0x0 [ 688.218234][ T11] waltop 0003:172F:0037.0019: unknown main item tag 0x0 [ 688.242856][ T11] waltop 0003:172F:0037.0019: hidraw0: USB HID v0.00 Device [HID 172f:0037] on usb-dummy_hcd.3-1/input0 [ 688.371063][ T11] usb 4-1: USB disconnect, device number 15 [ 688.464833][T13098] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3212'. [ 688.498958][T13098] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3212'. [ 689.631706][T13123] loop4: detected capacity change from 0 to 256 [ 689.686756][T13122] loop3: detected capacity change from 0 to 1024 [ 689.742237][T13123] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 689.753325][T13123] FAT-fs (loop4): Filesystem has been set read-only [ 689.778621][T13123] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 689.834356][T13123] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 690.271341][T13129] loop3: detected capacity change from 0 to 1024 [ 691.053687][ T11] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 691.092286][T13147] loop3: detected capacity change from 0 to 128 [ 691.106964][T13147] FAT-fs (loop3): Directory bread(block 524322) failed [ 691.116801][T13147] FAT-fs (loop3): Directory bread(block 524323) failed [ 691.124976][T13147] FAT-fs (loop3): Directory bread(block 524324) failed [ 691.134239][T13147] FAT-fs (loop3): Directory bread(block 524325) failed [ 691.144358][T13147] FAT-fs (loop3): Directory bread(block 524326) failed [ 691.151596][T13147] FAT-fs (loop3): Directory bread(block 524327) failed [ 691.158689][T13147] FAT-fs (loop3): Directory bread(block 524328) failed [ 691.165928][T13147] FAT-fs (loop3): Directory bread(block 524329) failed [ 691.176613][ T5876] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 691.275743][ T11] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 691.287139][ T11] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 691.300757][ T11] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 691.310296][ T11] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.349839][ T11] usb 6-1: config 0 descriptor?? [ 691.362140][T13140] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 691.372406][ T5876] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 691.386234][ T5876] usb 7-1: New USB device found, idVendor=0c70, idProduct=f00d, bcdDevice= 0.00 [ 691.395645][ T5876] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 691.418268][ T5876] usb 7-1: config 0 descriptor?? [ 691.838415][ T11] koneplus 0003:1E7D:2D51.001A: item fetching failed at offset 5/7 [ 691.858736][ T11] koneplus 0003:1E7D:2D51.001A: parse failed [ 691.866096][ T11] koneplus 0003:1E7D:2D51.001A: probe with driver koneplus failed with error -22 [ 691.928231][ T5876] aquacomputer_d5next 0003:0C70:F00D.001B: hidraw0: USB HID v0.08 Device [HID 0c70:f00d] on usb-dummy_hcd.6-1/input0 [ 692.066715][ T11] usb 6-1: USB disconnect, device number 5 [ 692.085311][ T5876] usb 7-1: USB disconnect, device number 4 [ 692.708759][T13166] mkiss: ax0: crc mode is auto. [ 692.970494][T13168] loop5: detected capacity change from 0 to 512 [ 693.055339][T13168] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 693.459858][T11397] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.542332][T13182] netlink: 72 bytes leftover after parsing attributes in process `syz.6.3252'. [ 693.996257][T13183] loop3: detected capacity change from 0 to 4096 [ 694.027354][T13183] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 694.207503][T13183] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 694.263288][T13187] loop6: detected capacity change from 0 to 4096 [ 694.565147][T13187] ntfs3(loop6): ino=1a, mi_enum_attr [ 694.570731][T13187] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 694.699506][T13193] mkiss: ax0: crc mode is auto. [ 695.116306][ T30] audit: type=1326 audit(695.065:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13196 comm="syz.5.3260" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f52539 code=0x7ffc0000 [ 695.139875][ T30] audit: type=1326 audit(695.065:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13196 comm="syz.5.3260" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f52539 code=0x7ffc0000 [ 695.162121][ T30] audit: type=1326 audit(695.075:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13196 comm="syz.5.3260" exe="/root/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf7f52539 code=0x7ffc0000 [ 695.184132][ T30] audit: type=1326 audit(695.075:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13196 comm="syz.5.3260" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f52539 code=0x7ffc0000 [ 695.206377][ T30] audit: type=1326 audit(695.075:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13196 comm="syz.5.3260" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f52539 code=0x7ffc0000 [ 695.232628][ T30] audit: type=1326 audit(695.075:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13196 comm="syz.5.3260" exe="/root/syz-executor" sig=0 arch=40000003 syscall=316 compat=1 ip=0xf7f52539 code=0x7ffc0000 [ 695.256269][ T30] audit: type=1326 audit(695.075:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13196 comm="syz.5.3260" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f52539 code=0x7ffc0000 [ 696.413390][ T30] audit: type=1326 audit(696.365:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13218 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33539 code=0x7ffc0000 [ 696.435607][ T30] audit: type=1326 audit(696.365:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13218 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f33539 code=0x7ffc0000 [ 696.457055][ C1] vkms_vblank_simulate: vblank timer overrun [ 696.467983][ T30] audit: type=1326 audit(696.375:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13218 comm="syz.0.3270" exe="/root/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f33539 code=0x7ffc0000 [ 696.489523][ C1] vkms_vblank_simulate: vblank timer overrun [ 696.602554][T13225] program syz.3.3273 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 696.998791][T13229] loop0: detected capacity change from 0 to 256 [ 700.108226][T13270] loop0: detected capacity change from 0 to 64 [ 700.282001][T13272] tipc: Enabled bearer , priority 10 [ 701.162385][T13276] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3295'. [ 702.226145][ T5876] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 702.401603][ T5876] usb 4-1: Using ep0 maxpacket: 16 [ 702.420270][ T5876] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 702.432080][ T5876] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0 [ 702.444691][ T5876] usb 4-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 702.457960][ T5876] usb 4-1: config 0 interface 0 has no altsetting 0 [ 702.465028][ T5876] usb 4-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00 [ 702.476990][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 702.509494][ T5876] usb 4-1: config 0 descriptor?? [ 702.625566][T13300] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0 [ 702.742739][ T5827] Bluetooth: hci2: command 0x0406 tx timeout [ 702.979179][ T5876] mcp2200 0003:04D8:00DF.001C: item 0 4 0 9 parsing failed [ 703.050431][ T5876] mcp2200 0003:04D8:00DF.001C: can't parse reports [ 703.057840][ T5876] mcp2200 0003:04D8:00DF.001C: probe with driver mcp2200 failed with error -22 [ 703.148143][T13308] loop6: detected capacity change from 0 to 128 [ 703.215036][ T24] usb 4-1: USB disconnect, device number 16 [ 703.283854][T13308] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 703.490417][T11456] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 703.733532][T13318] netlink: 'syz.0.3315': attribute type 1 has an invalid length. [ 704.075833][T13324] (unnamed net_device) (uninitialized): (slave batadv0): Device is not bonding slave [ 704.085883][T13324] (unnamed net_device) (uninitialized): option active_slave: invalid value (batadv0) [ 704.096163][T13326] loop3: detected capacity change from 0 to 256 [ 704.406581][T13332] loop4: detected capacity change from 0 to 512 [ 704.424073][T13332] EXT4-fs: inline encryption not supported [ 704.434697][T13332] EXT4-fs: Ignoring removed mblk_io_submit option [ 704.543274][T13332] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.3322: inode #13: comm syz.4.3322: iget: illegal inode # [ 704.617670][T13332] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.3322: couldn't read orphan inode 13 (err -117) [ 704.724801][T13332] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 704.985745][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 705.083217][T13343] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3326'. [ 705.690386][T13351] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3331'. [ 706.359502][T13363] loop0: detected capacity change from 0 to 128 [ 706.909183][T13371] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3342'. [ 707.516503][T13381] loop3: detected capacity change from 0 to 2048 [ 707.601785][T13381] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 707.861827][ T5106] Bluetooth: hci3: command 0x0406 tx timeout [ 708.077574][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 708.424507][ T5876] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 708.623733][ T5876] usb 5-1: Using ep0 maxpacket: 32 [ 708.640430][ T5876] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 708.648874][ T5876] usb 5-1: config 0 has no interface number 0 [ 708.677793][T13407] ipvlan2: entered promiscuous mode [ 708.690040][T13407] bridge0: port 3(ipvlan2) entered blocking state [ 708.690523][ T5876] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 708.697054][T13407] bridge0: port 3(ipvlan2) entered disabled state [ 708.697622][T13407] ipvlan2: entered allmulticast mode [ 708.697703][T13407] bridge0: entered allmulticast mode [ 708.699832][T13407] ipvlan2: left allmulticast mode [ 708.708452][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 708.715070][T13407] bridge0: left allmulticast mode [ 708.750389][ T5876] usb 5-1: Product: syz [ 708.757813][ T5876] usb 5-1: Manufacturer: syz [ 708.762862][ T5876] usb 5-1: SerialNumber: syz [ 708.912462][ T5876] usb 5-1: config 0 descriptor?? [ 708.928272][ T5876] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 708.941425][ T5876] usb 5-1: selecting invalid altsetting 1 [ 708.949503][ T5876] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 709.015837][ T5876] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 709.029564][ T5876] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 709.039542][ T5876] usb 5-1: media controller created [ 709.186732][ T5876] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 709.315905][T13414] tipc: Enabling of bearer rejected, failed to enable media [ 709.377431][T13412] loop5: detected capacity change from 0 to 4096 [ 709.439907][ T5876] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 709.451476][ T5876] zl10353_read_register: readreg error (reg=127, ret==-71) [ 709.463418][T13412] NILFS (loop5): invalid segment: Checksum error in segment payload [ 709.474312][T13412] NILFS (loop5): trying rollback from an earlier position [ 709.517213][ T5876] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 709.691063][T13412] NILFS (loop5): recovery complete [ 709.715533][T13419] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 709.879712][ T5876] usb 5-1: USB disconnect, device number 12 [ 710.700678][T13435] loop6: detected capacity change from 0 to 256 [ 710.742408][T13435] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 710.754403][T13435] exFAT-fs (loop6): Medium has reported failures. Some data may be lost. [ 710.821517][T13437] loop3: detected capacity change from 0 to 512 [ 710.850353][T13437] EXT4-fs: Ignoring removed nobh option [ 710.925700][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 710.932580][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 710.961503][T13435] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 711.138773][T13437] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #16: comm syz.3.3371: corrupted inode contents [ 711.198937][T13437] EXT4-fs (loop3): Remounting filesystem read-only [ 711.221625][T13437] EXT4-fs (loop3): 1 truncate cleaned up [ 711.229488][T13437] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 711.261878][T11683] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 711.275242][T11683] __quota_error: 4 callbacks suppressed [ 711.275308][T11683] Quota error (device loop3): write_blk: dquota write failed [ 711.288883][T11683] Quota error (device loop3): remove_free_dqentry: Can't write block (5) with free entries [ 711.301658][T11683] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 711.315596][T11683] Quota error (device loop3): write_blk: dquota write failed [ 711.323285][T11683] Quota error (device loop3): free_dqentry: Can't move quota data block (5) to free list [ 711.334002][T11683] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 711.346713][T11683] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 711.356213][T11683] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 711.649495][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 712.558387][T13461] loop5: detected capacity change from 0 to 4096 [ 713.029276][T13476] loop0: detected capacity change from 0 to 1024 [ 713.281106][ T4444] hfsplus: b-tree write err: -5, ino 4 [ 714.524274][ T5827] Bluetooth: hci1: Malformed LE Event: 0x0d [ 715.192764][T13517] loop3: detected capacity change from 0 to 512 [ 715.314195][T13517] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 715.322817][T13517] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 715.383200][T13517] EXT4-fs (loop3): 1 truncate cleaned up [ 715.398322][T13517] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 715.667044][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 716.979393][T13551] loop6: detected capacity change from 0 to 128 [ 717.013462][T13551] EXT4-fs: Ignoring removed nobh option [ 717.072187][T13551] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 717.224933][ T30] audit: type=1800 audit(717.185:86): pid=13551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3424" name="file1" dev="loop6" ino=12 res=0 errno=0 [ 717.688078][T11456] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 718.974936][T13574] program syz.6.3438 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 719.009653][T13578] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3436'. [ 719.078747][T13581] program syz.6.3438 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 719.103228][T13581] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 719.750323][T13594] loop5: detected capacity change from 0 to 128 [ 719.833149][T13594] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 719.938654][T13596] loop3: detected capacity change from 0 to 512 [ 720.049574][T13596] EXT4-fs: Ignoring removed orlov option [ 720.122663][T13596] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #15: comm syz.3.3445: pblk 0 bad header/extent: invalid magic - magic 7973, entries 1402, max 27648(0), depth 25964(25964) [ 720.182119][T13594] EXT4-fs (loop5): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 ro. [ 720.204520][T13596] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3445: couldn't read orphan inode 15 (err -117) [ 720.343922][T13596] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 720.471888][T11397] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 720.753574][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 721.119506][T13617] loop4: detected capacity change from 0 to 1024 [ 721.327436][T13626] loop5: detected capacity change from 0 to 512 [ 721.360728][T13626] EXT4-fs: Ignoring removed orlov option [ 721.368696][T13626] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 721.446245][T13626] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 721.487211][T13626] EXT4-fs error (device loop5): ext4_iget_extra_inode:5035: inode #15: comm syz.5.3457: corrupted in-inode xattr: e_value size too large [ 721.509008][ T4444] hfsplus: b-tree write err: -5, ino 4 [ 721.605595][T13626] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.3457: couldn't read orphan inode 15 (err -117) [ 721.683011][T13626] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 722.005160][T11397] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 722.388660][T13641] loop3: detected capacity change from 0 to 512 [ 722.500376][T13641] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 722.521376][T13641] System zones: 1-12 [ 722.526568][T13641] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.3466: Directory hole found for htree index block 0 [ 722.565602][T13645] loop5: detected capacity change from 0 to 2048 [ 722.572154][T13641] EXT4-fs (loop3): Remounting filesystem read-only [ 722.572268][T13641] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 722.572601][T13641] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 722.598034][T13641] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 722.695339][T13645] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 722.916046][T13652] can0: slcan on pty28. [ 723.012762][T13651] can0 (unregistered): slcan off pty28. [ 723.038195][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.289578][T13656] loop0: detected capacity change from 0 to 1024 [ 723.351592][T13660] net_ratelimit: 50 callbacks suppressed [ 723.351662][T13660] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1340 [ 723.415381][T13656] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 724.913352][T13688] netlink: 'syz.5.3487': attribute type 30 has an invalid length. [ 724.952303][T13690] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3488'. [ 725.254028][T13696] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3489'. [ 725.263423][T13696] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3489'. [ 725.518319][T13699] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3492'. [ 725.621751][T13703] loop4: detected capacity change from 0 to 64 [ 725.864651][T13706] loop6: detected capacity change from 0 to 256 [ 727.362851][T13733] loop0: detected capacity change from 0 to 512 [ 727.385527][T13735] netlink: 65039 bytes leftover after parsing attributes in process `syz.4.3508'. [ 727.448486][T13733] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 727.611717][T13733] UDF-fs: error (device loop0): udf_verify_fi: directory (ino 21) has entry past directory size at pos 128 [ 728.056628][T13744] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3514'. [ 728.066121][T13744] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3514'. [ 728.075318][T13744] netlink: 'syz.5.3514': attribute type 14 has an invalid length. [ 728.260090][T13750] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.3516'. [ 728.869549][T13761] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 729.054842][T13766] loop3: detected capacity change from 0 to 64 [ 729.125500][ T30] audit: type=1800 audit(729.085:87): pid=13766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3525" name="bus" dev="loop3" ino=21 res=0 errno=0 [ 729.440451][T13771] netlink: 'syz.0.3526': attribute type 30 has an invalid length. [ 729.709941][ T30] audit: type=1326 audit(729.665:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13774 comm="syz.3.3528" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702e539 code=0x0 [ 729.937365][ T30] audit: type=1326 audit(729.885:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13778 comm="syz.6.3530" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x0 [ 730.466050][T13789] loop0: detected capacity change from 0 to 1024 [ 730.594382][ T30] audit: type=1800 audit(730.545:90): pid=13789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3534" name="bus" dev="loop0" ino=26 res=0 errno=0 [ 730.637065][T13791] qrtr: Invalid version 248 [ 731.607567][T13810] loop5: detected capacity change from 0 to 512 [ 731.618074][T13810] EXT4-fs: Ignoring removed bh option [ 731.629371][T13810] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 731.723586][T13810] EXT4-fs (loop5): 1 truncate cleaned up [ 731.731959][T13810] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 731.961667][T13810] overlayfs: upper fs needs to support d_type. [ 731.969113][ T11] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 732.020565][T13818] loop3: detected capacity change from 0 to 8 [ 732.214617][ T5827] Bluetooth: hci3: Unknown advertising packet type: 0x75 [ 732.214756][ T5827] Bluetooth: hci3: Malformed LE Event: 0x0d [ 732.236200][ T11] usb 7-1: unable to get BOS descriptor or descriptor too short [ 732.308613][ T11] usb 7-1: unable to read config index 0 descriptor/start: -71 [ 732.317460][ T11] usb 7-1: can't read configurations, error -71 [ 732.427001][T11397] EXT4-fs error (device loop5): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39 [ 732.453032][T11397] EXT4-fs error (device loop5): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39 [ 732.735649][T13828] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3550'. [ 732.775026][T11067] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 732.810164][T13828] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3550'. [ 732.827258][T11397] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 732.867212][T11067] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 732.989501][T11067] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 733.167367][T11067] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 733.593840][T11067] bridge_slave_1: left allmulticast mode [ 733.599727][T11067] bridge_slave_1: left promiscuous mode [ 733.606506][T11067] bridge0: port 2(bridge_slave_1) entered disabled state [ 733.701741][T11067] bridge_slave_0: left allmulticast mode [ 733.707696][T11067] bridge_slave_0: left promiscuous mode [ 733.717945][T11067] bridge0: port 1(bridge_slave_0) entered disabled state [ 733.780745][T11067] tipc: Resetting bearer [ 734.021971][T11067] tipc: Disabling bearer [ 734.221630][T11067] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 734.244168][T11067] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 734.258304][T11067] bond0 (unregistering): Released all slaves [ 734.395544][T11067] tipc: Left network mode [ 734.438232][T11067] IPVS: stopping backup sync thread 11726 ... [ 734.673678][T11067] hsr_slave_0: left promiscuous mode [ 734.701132][T11067] hsr_slave_1: left promiscuous mode [ 734.708853][T11067] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 734.717425][T11067] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 734.803959][T11067] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 734.812116][T11067] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 734.837724][T13847] loop3: detected capacity change from 0 to 256 [ 734.852280][T13848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 734.893236][T13847] exfat: Deprecated parameter 'utf8' [ 734.898891][T13847] exfat: Deprecated parameter 'utf8' [ 734.905414][T13847] exfat: Deprecated parameter 'utf8' [ 734.927628][T11067] veth1_macvtap: left promiscuous mode [ 734.933637][T11067] veth0_macvtap: left promiscuous mode [ 734.939621][T11067] veth1_vlan: left promiscuous mode [ 734.949859][T11067] veth0_vlan: left promiscuous mode [ 734.990421][T13847] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 735.871117][T11067] team0 (unregistering): Port device team_slave_1 removed [ 735.932810][T11067] team0 (unregistering): Port device team_slave_0 removed [ 736.093864][ T5106] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 736.103580][ T5106] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 736.113012][ T5106] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 736.128347][ T5106] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 736.139507][ T5106] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 736.835463][T13864] loop0: detected capacity change from 0 to 64 [ 736.918155][T13864] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 737.039628][T13863] minix_free_inode: bit 5 already cleared [ 737.317467][T13854] chnl_net:caif_netlink_parms(): no params data found [ 738.150640][T13889] loop3: detected capacity change from 0 to 64 [ 738.184072][ T5106] Bluetooth: hci2: command tx timeout [ 738.204600][T13891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3578'. [ 738.205019][T13889] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 738.285310][T13889] MINIX-fs warning: remounting unchecked fs, running fsck is recommended [ 738.548472][T13854] bridge0: port 1(bridge_slave_0) entered blocking state [ 738.556285][T13854] bridge0: port 1(bridge_slave_0) entered disabled state [ 738.564722][T13854] bridge_slave_0: entered allmulticast mode [ 738.573889][T13854] bridge_slave_0: entered promiscuous mode [ 738.596643][T13854] bridge0: port 2(bridge_slave_1) entered blocking state [ 738.604484][T13854] bridge0: port 2(bridge_slave_1) entered disabled state [ 738.612371][T13854] bridge_slave_1: entered allmulticast mode [ 738.621953][T13854] bridge_slave_1: entered promiscuous mode [ 738.762882][T13854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 738.774236][T13892] loop4: detected capacity change from 0 to 4096 [ 738.805841][T13854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 738.959530][T13892] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 739.082111][T13854] team0: Port device team_slave_0 added [ 739.105428][T13854] team0: Port device team_slave_1 added [ 739.303041][T13854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 739.310217][T13854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 739.340746][T13854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 739.383098][T13854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 739.390275][T13854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 739.417115][T13854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 739.791877][T13854] hsr_slave_0: entered promiscuous mode [ 739.802989][T13854] hsr_slave_1: entered promiscuous mode [ 739.811495][T13854] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 739.819256][T13854] Cannot create hsr debugfs directory [ 739.869737][T13907] loop0: detected capacity change from 0 to 4096 [ 739.941731][ T11] usb 7-1: new full-speed USB device number 7 using dummy_hcd [ 739.989090][T13912] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 740.146224][ T11] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 740.157557][ T11] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84 [ 740.172556][ T11] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 740.187448][ T11] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 740.197607][ T11] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 740.273503][ T5106] Bluetooth: hci2: command tx timeout [ 740.353297][ T11] usb 7-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 740.365042][ T11] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 740.374114][ T11] usb 7-1: Product: syz [ 740.378484][ T11] usb 7-1: Manufacturer: syz [ 740.383641][ T11] usb 7-1: SerialNumber: syz [ 740.397052][ T11] usb 7-1: config 0 descriptor?? [ 740.483344][ T11] input: KB Gear Tablet as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input16 [ 740.691686][ T1686] usb 7-1: USB disconnect, device number 7 [ 740.805997][T13919] loop3: detected capacity change from 0 to 512 [ 740.830237][T13854] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 740.832106][T13919] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 740.883505][T13854] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 740.926798][T13919] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.3593: corrupted in-inode xattr: overlapping e_value [ 740.969025][T13854] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 740.983381][T13919] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.3593: couldn't read orphan inode 15 (err -117) [ 741.016893][T13854] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 741.027684][T13919] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 741.168611][T13919] EXT4-fs warning (device loop3): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed [ 741.429430][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 741.625937][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 741.717551][T13854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 741.800299][T13854] 8021q: adding VLAN 0 to HW filter on device team0 [ 741.856073][ T4444] bridge0: port 1(bridge_slave_0) entered blocking state [ 741.863707][ T4444] bridge0: port 1(bridge_slave_0) entered forwarding state [ 741.926211][ T4444] bridge0: port 2(bridge_slave_1) entered blocking state [ 741.933915][ T4444] bridge0: port 2(bridge_slave_1) entered forwarding state [ 742.342887][ T5106] Bluetooth: hci2: command tx timeout [ 742.982686][T13854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 743.809328][T13962] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3607'. [ 743.862047][T13962] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3607'. [ 744.426547][ T5106] Bluetooth: hci2: command tx timeout [ 744.482039][T13976] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3613'. [ 744.963731][T13854] veth0_vlan: entered promiscuous mode [ 745.047962][T13854] veth1_vlan: entered promiscuous mode [ 745.261777][T13854] veth0_macvtap: entered promiscuous mode [ 745.322190][T13854] veth1_macvtap: entered promiscuous mode [ 745.479199][T13854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 745.537862][T13854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 745.585523][T13854] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.599635][T13854] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.610041][T13854] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.622842][T13854] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 746.935139][T14014] loop6: detected capacity change from 0 to 128 [ 747.112856][T14014] syz.6.3630: attempt to access beyond end of device [ 747.112856][T14014] loop6: rw=2051, sector=128, nr_sectors = 913 limit=128 [ 748.882733][T14047] [U]  [ 749.011108][T14052] IPVS: sync thread started: state = MASTER, mcast_ifn = vlan1, syncid = 4, id = 0 [ 749.404797][T14061] netlink: 'syz.3.3646': attribute type 1 has an invalid length. [ 749.413146][T14061] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3646'. [ 750.594778][T11607] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 750.603044][T11607] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 750.782566][ T1861] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 750.790643][ T1861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 751.488860][T14096] loop3: detected capacity change from 0 to 256 [ 751.790247][T14096] FAT-fs (loop3): Directory bread(block 64) failed [ 751.797310][T14096] FAT-fs (loop3): Directory bread(block 65) failed [ 751.806720][T14096] FAT-fs (loop3): Directory bread(block 66) failed [ 751.813610][T14096] FAT-fs (loop3): Directory bread(block 67) failed [ 751.820567][T14096] FAT-fs (loop3): Directory bread(block 68) failed [ 751.827542][T14096] FAT-fs (loop3): Directory bread(block 69) failed [ 751.837917][T14096] FAT-fs (loop3): Directory bread(block 70) failed [ 751.844998][T14096] FAT-fs (loop3): Directory bread(block 71) failed [ 751.853244][T14096] FAT-fs (loop3): Directory bread(block 72) failed [ 751.859981][T14096] FAT-fs (loop3): Directory bread(block 73) failed [ 752.708839][T14114] loop0: detected capacity change from 0 to 1024 [ 752.814656][T14114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 752.885151][ T30] audit: type=1800 audit(752.845:91): pid=14114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3669" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 753.107215][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 753.503495][T14131] program syz.7.3676 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 753.891653][ T5876] usb 4-1: new full-speed USB device number 17 using dummy_hcd [ 754.073862][ T5876] usb 4-1: config 5 has an invalid interface number: 123 but max is 0 [ 754.082523][ T5876] usb 4-1: config 5 has no interface number 0 [ 754.088835][ T5876] usb 4-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 754.104913][ T5876] usb 4-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid maxpacket 60849, setting to 64 [ 754.116777][ T5876] usb 4-1: config 5 interface 123 has no altsetting 0 [ 754.226789][ T5876] usb 4-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7 [ 754.236537][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 754.245016][ T5876] usb 4-1: Product: syz [ 754.249397][ T5876] usb 4-1: Manufacturer: syz [ 754.256789][ T5876] usb 4-1: SerialNumber: syz [ 754.317167][T14133] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 754.606942][ T5876] comedi comedi5: driver 'ni6501' has successfully auto-configured 'ni6501'. [ 754.660710][ T5876] usb 4-1: USB disconnect, device number 17 [ 756.132159][T14175] ip6_vti0 speed is unknown, defaulting to 1000 [ 756.145408][T14175] ip6_vti0 speed is unknown, defaulting to 1000 [ 756.155115][T14175] ip6_vti0 speed is unknown, defaulting to 1000 [ 756.519459][T14178] loop0: detected capacity change from 0 to 256 [ 756.592304][T14175] infiniband syz2: set active [ 756.597253][T14175] infiniband syz2: added ip6_vti0 [ 756.605868][ T5876] ip6_vti0 speed is unknown, defaulting to 1000 [ 756.613720][T14178] exfat: Deprecated parameter 'utf8' [ 756.693805][T14178] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 756.824459][T14175] RDS/IB: syz2: added [ 756.828925][T14175] smc: adding ib device syz2 with port count 1 [ 756.835544][T14175] smc: ib device syz2 port 1 has pnetid [ 756.843480][T14175] ip6_vti0 speed is unknown, defaulting to 1000 [ 756.870724][T14185] loop6: detected capacity change from 0 to 512 [ 756.899601][T14185] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 757.220535][ T1686] ip6_vti0 speed is unknown, defaulting to 1000 [ 757.248964][T14185] EXT4-fs error (device loop6): ext4_get_branch:178: inode #11: block 4294967295: comm syz.6.3699: invalid block [ 757.335230][T14185] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.3699: invalid indirect mapped block 4294967295 (level 1) [ 757.362866][T14175] ip6_vti0 speed is unknown, defaulting to 1000 [ 757.443959][T14185] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.3699: invalid indirect mapped block 4294967295 (level 1) [ 757.534816][T14185] EXT4-fs (loop6): 2 truncates cleaned up [ 757.544862][T14185] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 757.772745][T14118] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 757.836211][T14175] ip6_vti0 speed is unknown, defaulting to 1000 [ 757.930451][T14192] loop3: detected capacity change from 0 to 256 [ 757.965272][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 758.330977][T14175] ip6_vti0 speed is unknown, defaulting to 1000 [ 758.773315][T14175] ip6_vti0 speed is unknown, defaulting to 1000 [ 759.391497][T14202] loop3: detected capacity change from 0 to 512 [ 759.478618][T14202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 759.663325][T14202] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 759.673411][T14202] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 759.689896][T14202] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 759.898583][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 759.984769][T14213] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 760.353979][ T5876] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 760.538877][ T5876] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 760.552828][ T5876] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 760.563225][ T5876] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 760.573467][ T5876] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 760.588887][ T5876] usb 7-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 760.599049][ T5876] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 760.622401][ T5876] usb 7-1: config 0 descriptor?? [ 760.805969][T14231] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3720'. [ 760.851219][ T5876] hdpvr 7-1:0.0: firmware version 0x0 dated [ 760.858677][ T5876] hdpvr 7-1:0.0: untested firmware, the driver might not work. [ 761.341348][ T5876] hdpvr 7-1:0.0: Could not setup controls [ 761.349987][ T5876] hdpvr 7-1:0.0: registering videodev failed [ 761.408349][ T5876] hdpvr 7-1:0.0: probe with driver hdpvr failed with error -71 [ 761.461478][T14240] loop4: detected capacity change from 0 to 512 [ 761.517477][T14240] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 761.529063][ T5876] usb 7-1: USB disconnect, device number 8 [ 761.591724][T14240] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.3724: Invalid block bitmap block 0 in block_group 0 [ 761.617003][T14240] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 761.643596][T14243] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3726'. [ 761.691490][T14240] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #11: comm syz.4.3724: attempt to clear invalid blocks 983261 len 1 [ 761.750348][T14240] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.3724: Invalid inode table block 0 in block_group 0 [ 761.815987][T14239] loop7: detected capacity change from 0 to 4096 [ 761.821138][T14240] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 761.860020][T14240] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 761.919218][T14240] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.3724: Invalid inode table block 0 in block_group 0 [ 761.954322][T14240] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 762.016071][T14240] EXT4-fs error (device loop4): ext4_truncate:4597: inode #11: comm syz.4.3724: mark_inode_dirty error [ 762.071279][T14240] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 762.082924][T14239] ntfs3(loop7): ino=b, mi_enum_attr [ 762.083058][T14239] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 762.085504][T14239] ntfs3(loop7): Failed to load $Extend (-22). [ 762.109502][T14239] ntfs3(loop7): Failed to initialize $Extend. [ 762.149574][T14240] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.3724: Invalid inode table block 0 in block_group 0 [ 762.173693][ T30] audit: type=1800 audit(762.105:92): pid=14239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3725" name="file2" dev="loop7" ino=31 res=0 errno=0 [ 762.225512][T14240] EXT4-fs (loop4): 1 truncate cleaned up [ 762.233662][T14240] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 762.662435][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 763.697261][T14274] sp0: Synchronizing with TNC [ 763.731183][ T5876] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 763.967363][ T5876] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 763.976982][ T5876] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 764.038660][ T5876] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 764.048512][ T5876] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 764.059231][ T5876] usb 5-1: Manufacturer: syz [ 764.090196][ T5876] usb 5-1: config 0 descriptor?? [ 764.401646][ T5876] rc_core: IR keymap rc-hauppauge not found [ 764.407892][ T5876] Registered IR keymap rc-empty [ 764.416645][ T5876] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 764.429640][ T5876] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input17 [ 764.571627][T14278] loop7: detected capacity change from 0 to 4096 [ 764.841423][T14284] syz.0.3743 (14284) used greatest stack depth: 2376 bytes left [ 764.918256][ T1686] usb 5-1: USB disconnect, device number 13 [ 764.958415][T14278] ntfs3(loop7): ino=1f, mi_enum_attr [ 764.964465][T14278] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 765.034066][T14292] ntfs3(loop7): ino=9, attr_set_size [ 765.188426][T14295] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 765.190557][T14294] IPVS: stopping master sync thread 14295 ... [ 765.891811][T14308] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 765.891811][T14308] program syz.7.3752 not setting count and/or reply_len properly [ 766.639459][T14322] loop0: detected capacity change from 0 to 128 [ 766.682212][T14322] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 767.040653][T14319] loop3: detected capacity change from 0 to 4096 [ 767.045519][ T5823] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 767.192335][T14319] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 767.223595][T14330] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 767.302692][T14319] NILFS (loop3): mounting fs with errors [ 767.429732][T14335] loop4: detected capacity change from 0 to 256 [ 767.500375][T14335] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d) [ 768.148272][T14345] loop4: detected capacity change from 0 to 512 [ 768.168141][T14345] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 768.237026][T14345] EXT4-fs (loop4): 1 truncate cleaned up [ 768.245311][T14345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 768.662130][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 769.089915][T14364] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3781'. [ 769.408335][T14366] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 769.423699][T14366] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 769.910633][T14378] smc: ib device syz2 ibport 1 applied user defined pnetid SYZ2 [ 770.041447][T14381] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3789'. [ 771.489095][ T30] audit: type=1326 audit(771.425:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14394 comm="syz.3.3795" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7fc00000 [ 772.128304][T14420] loop0: detected capacity change from 0 to 256 [ 772.178007][T14420] exfat: Deprecated parameter 'namecase' [ 772.224988][T14420] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 772.373685][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 772.380308][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 773.703331][T14450] loop0: detected capacity change from 0 to 512 [ 773.807824][T14450] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.3819: corrupted inode contents [ 773.839849][T14450] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #3: comm syz.0.3819: mark_inode_dirty error [ 773.876854][T14450] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #3: comm syz.0.3819: corrupted inode contents [ 773.910333][T14450] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #3: comm syz.0.3819: mark_inode_dirty error [ 773.946604][T14450] Quota error (device loop0): write_blk: dquota write failed [ 773.957531][T14450] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 773.969801][T14450] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.3819: Failed to acquire dquot type 0 [ 774.018502][T14450] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.3819: corrupted inode contents [ 774.054197][T14450] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #16: comm syz.0.3819: mark_inode_dirty error [ 774.069985][T14450] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.3819: corrupted inode contents [ 774.088259][T14450] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.3819: mark_inode_dirty error [ 774.113775][T14450] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.3819: corrupted inode contents [ 774.165193][T14450] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 774.204956][T14450] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #16: comm syz.0.3819: corrupted inode contents [ 774.260412][T14450] EXT4-fs error (device loop0): ext4_truncate:4597: inode #16: comm syz.0.3819: mark_inode_dirty error [ 774.272706][T14459] loop6: detected capacity change from 0 to 1024 [ 774.298780][T14450] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 774.342898][T14459] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 774.364017][T14450] EXT4-fs (loop0): 1 truncate cleaned up [ 774.373475][T14450] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 774.723495][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 774.740107][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 775.919586][T14490] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3838'. [ 777.173971][T14515] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3850'. [ 777.733414][T14522] tipc: Started in network mode [ 777.738759][T14522] tipc: Node identity 00000000000000004012000000003a2d, cluster identity 4711 [ 777.752918][T14522] tipc: Enabling of bearer rejected, failed to enable media [ 777.801830][T14523] loop4: detected capacity change from 0 to 1024 [ 777.900235][T14525] loop0: detected capacity change from 0 to 512 [ 778.023294][T14525] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 778.227599][T14525] EXT4-fs error (device loop0): ext4_get_first_dir_block:3525: inode #12: comm syz.0.3855: Attempting to read directory block (0) that is past i_size (3) [ 778.479101][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 779.068530][T14549] loop3: detected capacity change from 0 to 64 [ 779.125904][T14552] ALSA: mixer_oss: invalid OSS volume 'ߎAkX!`=UWW[' [ 779.134968][T14552] ALSA: mixer_oss: invalid OSS volume 'Ni)E{:T%cB' [ 779.151622][T14553] loop7: detected capacity change from 0 to 256 [ 779.336410][T14553] FAT-fs (loop7): Directory bread(block 64) failed [ 779.343626][T14553] FAT-fs (loop7): Directory bread(block 65) failed [ 779.352409][T14553] FAT-fs (loop7): Directory bread(block 66) failed [ 779.360303][T14553] FAT-fs (loop7): Directory bread(block 67) failed [ 779.369792][T14553] FAT-fs (loop7): Directory bread(block 68) failed [ 779.376681][T14553] FAT-fs (loop7): Directory bread(block 69) failed [ 779.383885][T14553] FAT-fs (loop7): Directory bread(block 70) failed [ 779.391579][T14553] FAT-fs (loop7): Directory bread(block 71) failed [ 779.398797][T14553] FAT-fs (loop7): Directory bread(block 72) failed [ 779.408825][T14553] FAT-fs (loop7): Directory bread(block 73) failed [ 780.420308][T14576] loop0: detected capacity change from 0 to 128 [ 781.270024][T14583] loop3: detected capacity change from 0 to 2048 [ 781.288570][T14583] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 781.357010][T14586] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 783.070267][T14610] loop0: detected capacity change from 0 to 1024 [ 783.589490][ T58] hfsplus: b-tree write err: -5, ino 4 [ 783.945997][T14622] loop4: detected capacity change from 0 to 128 [ 783.999629][T14622] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 784.071315][T14625] loop0: detected capacity change from 0 to 1024 [ 784.089052][T14622] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 784.308220][T14627] loop7: detected capacity change from 0 to 2048 [ 784.356842][T14627] EXT4-fs: Ignoring removed mblk_io_submit option [ 784.384314][T11067] hfsplus: b-tree write err: -5, ino 4 [ 784.453377][T14631] loop3: detected capacity change from 0 to 128 [ 784.504230][T14627] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 784.645591][T14631] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 784.716292][ T30] audit: type=1800 audit(784.625:94): pid=14627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3899" name="file0" dev="loop7" ino=13 res=0 errno=0 [ 784.767998][ T5106] Bluetooth: hci3: unexpected event for opcode 0x080d [ 784.886651][ T5814] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 784.986164][T13854] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 785.433909][T14651] loop7: detected capacity change from 0 to 64 [ 785.654985][T14656] loop6: detected capacity change from 0 to 64 [ 785.681716][T14657] netlink: 798 bytes leftover after parsing attributes in process `syz.4.3911'. [ 786.188640][T14664] loop4: detected capacity change from 0 to 1024 [ 786.267462][T14664] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 786.543164][T14664] EXT4-fs: can't change dax mount option while remounting [ 786.799983][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 786.802111][T14678] rdma_rxe: rxe_newlink: failed to add ip6_vti0 [ 787.425291][ T5106] Bluetooth: hci2: link tx timeout [ 787.430657][ T5106] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 787.559327][T14694] binder: 14693:14694 ioctl c018620b 80000240 returned -14 [ 787.702838][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 788.282168][ T5827] Bluetooth: hci3: unexpected event for opcode 0x042e [ 788.428837][T14707] loop6: detected capacity change from 0 to 512 [ 788.655623][T14712] loop0: detected capacity change from 0 to 512 [ 788.694360][T14712] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 788.728401][T14712] EXT4-fs (loop0): invalid journal inode [ 788.737097][T14712] EXT4-fs (loop0): can't get journal size [ 788.782792][T14712] EXT4-fs (loop0): 1 truncate cleaned up [ 788.790511][T14712] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 788.952227][T14718] loop4: detected capacity change from 0 to 512 [ 789.044931][T14718] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 789.111223][T14718] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3939: corrupted inode contents [ 789.173038][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 789.207630][T14718] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.3939: mark_inode_dirty error [ 789.257857][T14727] vivid-007: ================= START STATUS ================= [ 789.268613][T14727] vivid-007: Enable Output Cropping: true grabbed [ 789.275739][T14727] vivid-007: Enable Output Composing: true grabbed [ 789.283306][T14727] vivid-007: Enable Output Scaler: true grabbed [ 789.289941][T14727] vivid-007: Tx RGB Quantization Range: Automatic grabbed [ 789.299899][T14727] vivid-007: Transmit Mode: HDMI grabbed [ 789.306140][T14727] vivid-007: Hotplug Present: 0x00000000 [ 789.312671][T14727] vivid-007: RxSense Present: 0x00000000 [ 789.318630][T14727] vivid-007: EDID Present: 0x00000000 [ 789.328121][T14727] vivid-007: ================== END STATUS ================== [ 789.347925][T14718] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.3939: corrupted inode contents [ 789.461887][ T5827] Bluetooth: hci2: command 0x0406 tx timeout [ 789.649778][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 791.528557][T14759] loop0: detected capacity change from 0 to 64 [ 792.202816][T14770] netlink: 'syz.3.3964': attribute type 1 has an invalid length. [ 792.273028][T14774] netlink: 'syz.4.3965': attribute type 3 has an invalid length. [ 792.419243][T14776] loop7: detected capacity change from 0 to 128 [ 792.497906][T14776] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256 [ 792.944311][T14784] loop3: detected capacity change from 0 to 512 [ 793.012267][T14784] EXT4-fs (loop3): orphan cleanup on readonly fs [ 793.076568][T14784] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3969: bg 0: block 248: padding at end of block bitmap is not set [ 793.168797][T14784] Quota error (device loop3): write_blk: dquota write failed [ 793.176939][T14784] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 793.187763][T14784] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3969: Failed to acquire dquot type 1 [ 793.249155][T14794] ntfs3: Bad value for 'gid' [ 793.254245][T14794] ntfs3: Bad value for 'gid' [ 793.281578][T14784] EXT4-fs (loop3): 1 truncate cleaned up [ 793.305776][T14784] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 793.605961][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 793.736070][T14800] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3976'. [ 794.838251][T14804] loop3: detected capacity change from 0 to 8192 [ 794.943120][T14804] loop3: p1 p2[DM] p4 [ 794.947705][T14804] loop3: p1 size 196608 extends beyond EOD, truncated [ 795.006479][T14804] loop3: p2 start 4292936063 is beyond EOD, truncated [ 795.016634][T14804] loop3: p4 size 50331648 extends beyond EOD, truncated [ 797.266474][T14867] loop7: detected capacity change from 0 to 256 [ 798.165633][T14882] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4013'. [ 798.247733][T14885] loop6: detected capacity change from 0 to 512 [ 798.289289][T14885] EXT4-fs (loop6): Test dummy encryption mode enabled [ 798.373750][T14885] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.4015: corrupted in-inode xattr: invalid ea_ino [ 798.472482][T14885] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.4015: couldn't read orphan inode 15 (err -117) [ 798.523060][T14885] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 798.659855][T14885] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4015: bg 0: block 127: padding at end of block bitmap is not set [ 798.701464][T14889] loop0: detected capacity change from 0 to 4096 [ 798.751735][T14893] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4017'. [ 798.761337][T14893] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4017'. [ 798.770810][T14893] vlan1: entered allmulticast mode [ 798.776145][T14893] veth0_vlan: entered allmulticast mode [ 798.929110][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 798.961439][T14889] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 799.242638][T14897] loop4: detected capacity change from 0 to 512 [ 799.267971][T14889] ntfs3(loop0): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" attr_set_size [ 799.331225][T14897] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 799.392983][T14897] EXT4-fs (loop4): orphan cleanup on readonly fs [ 799.439261][T14897] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.4022: bad orphan inode 15 [ 799.512769][T14897] ext4_test_bit(bit=14, block=18) = 1 [ 799.518396][T14897] is_bad_inode(inode)=0 [ 799.523121][T14897] NEXT_ORPHAN(inode)=1023 [ 799.527626][T14897] max_ino=32 [ 799.531141][T14897] i_nlink=0 [ 799.591933][T14897] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2962: inode #15: comm syz.4.4022: corrupted xattr block 19: e_value size too large [ 799.650592][T14897] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 799.666352][T14897] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 799.831499][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 800.482900][T14920] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_team, syncid = 3, id = 0 [ 801.304039][T14936] tmpfs: Cannot change global quota limit on remount [ 801.867661][T14943] loop3: detected capacity change from 0 to 4096 [ 801.946277][T14948] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 801.983556][T14949] overlayfs: failed to resolve '/b [ 801.983556][T14949] tbF?! 4eUzS0voI/@B@_b./file0': -2 [ 802.042466][T14943] NILFS error (device loop3): nilfs_dotdot: directory #12 missing '.' [ 802.059452][T14943] Remounting filesystem read-only [ 802.256728][ T5814] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 802.522796][T14953] loop6: detected capacity change from 0 to 512 [ 802.567461][T14953] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 802.652820][T14953] EXT4-fs (loop6): 1 truncate cleaned up [ 802.660944][T14953] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 802.925047][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 803.141098][T14966] loop3: detected capacity change from 0 to 2048 [ 803.180231][T14966] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 803.192779][T14966] NILFS (loop3): mounting unchecked fs [ 803.268985][T14966] NILFS (loop3): recovery complete [ 803.284459][T14971] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 803.340539][T14970] loop6: detected capacity change from 0 to 512 [ 803.380868][T14970] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 803.420248][T14970] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 803.460249][T14970] EXT4-fs (loop6): 1 truncate cleaned up [ 803.468056][T14970] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 803.572356][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 804.908325][T14997] loop4: detected capacity change from 0 to 128 [ 804.950955][T14994] veth3: entered promiscuous mode [ 805.056577][T14997] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 805.270681][ T5815] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 805.277532][T15006] loop0: detected capacity change from 0 to 24 [ 805.305888][T15006] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 805.867335][T15016] sctp: [Deprecated]: syz.0.4075 (pid 15016) Use of struct sctp_assoc_value in delayed_ack socket option. [ 805.867335][T15016] Use struct sctp_sack_info instead [ 806.123310][T15020] loop6: detected capacity change from 0 to 164 [ 806.170672][T15024] netlink: 48 bytes leftover after parsing attributes in process `syz.7.4076'. [ 807.865641][T15049] netlink: 'syz.7.4091': attribute type 3 has an invalid length. [ 808.400350][T15061] loop7: detected capacity change from 0 to 64 [ 808.458000][T15061] hfs: bad catalog folder thread [ 808.902864][T15070] binder: 15068:15070 ioctl c0306201 80000480 returned -14 [ 808.968461][T15073] netlink: 504 bytes leftover after parsing attributes in process `syz.7.4102'. [ 809.566403][T15084] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4106'. [ 810.732345][T15104] loop3: detected capacity change from 0 to 1764 [ 810.996036][T15111] loop0: detected capacity change from 0 to 16 [ 811.069557][T15111] erofs (device loop0): mounted with root inode @ nid 36. [ 811.156127][T15111] syz.0.4120: attempt to access beyond end of device [ 811.156127][T15111] loop0: rw=0, sector=13478624032, nr_sectors = 8 limit=16 [ 811.171041][T15111] erofs (device loop0): read error -5 @ 0 of nid 36 [ 811.177885][T15111] erofs (device loop0): failed to readdir of logical block 0 of nid 36 [ 811.437999][T15119] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4124'. [ 811.646394][T15114] loop7: detected capacity change from 0 to 4096 [ 811.695758][T15114] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512). [ 811.951549][T15114] ntfs3(loop7): ino=1a, mi_enum_attr [ 811.962062][T15114] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 812.078594][T15114] ntfs3(loop7): ino=1e, "file1" ntfs3_write_inode failed, -22. [ 812.097500][T15129] loop6: detected capacity change from 0 to 64 [ 812.445073][T15133] loop4: detected capacity change from 0 to 256 [ 812.531529][T15135] loop3: detected capacity change from 0 to 512 [ 812.603425][T15133] FAT-fs (loop4): Directory bread(block 64) failed [ 812.606682][T15135] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 812.612805][T15133] FAT-fs (loop4): Directory bread(block 65) failed [ 812.631291][T15133] FAT-fs (loop4): Directory bread(block 66) failed [ 812.638132][T15133] FAT-fs (loop4): Directory bread(block 67) failed [ 812.644993][T15133] FAT-fs (loop4): Directory bread(block 68) failed [ 812.654280][T15133] FAT-fs (loop4): Directory bread(block 69) failed [ 812.661355][T15133] FAT-fs (loop4): Directory bread(block 70) failed [ 812.669080][T15133] FAT-fs (loop4): Directory bread(block 71) failed [ 812.676235][T15133] FAT-fs (loop4): Directory bread(block 72) failed [ 812.685458][T15133] FAT-fs (loop4): Directory bread(block 73) failed [ 812.858722][T15139] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #12: comm syz.3.4132: corrupted xattr block 6: invalid header [ 812.910843][T15139] overlayfs: failed to get uuid (/file0, err=-117); falling back to uuid=null. [ 812.922899][T15139] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #12: comm syz.3.4132: corrupted xattr block 6: invalid header [ 812.977206][T15139] overlayfs: failed to get origin (-117) [ 812.989989][T15139] EXT4-fs error (device loop3): ext4_xattr_block_find:1869: inode #12: comm syz.3.4132: corrupted xattr block 6: invalid header [ 813.015936][T15139] overlayfs: failed to verify upper root origin [ 813.314683][ T5814] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 813.678827][T15157] loop7: detected capacity change from 0 to 64 [ 814.566611][T15168] loop7: detected capacity change from 0 to 2048 [ 814.668937][T15168] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 814.850925][T15178] loop3: detected capacity change from 0 to 128 [ 814.894028][T15178] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 814.988604][T15178] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 815.080672][T13854] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 815.422381][T15182] loop6: detected capacity change from 0 to 512 [ 815.546264][T15188] loop3: detected capacity change from 0 to 128 [ 815.614043][T15182] EXT4-fs (loop6): 1 orphan inode deleted [ 815.624534][T15182] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 815.646315][ T4263] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 815.661269][ T4263] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:24: Failed to release dquot type 1 [ 815.674334][T15188] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 815.744704][T15188] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 815.767688][T15180] loop4: detected capacity change from 0 to 4096 [ 815.813024][T15182] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 815.833451][T15180] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512). [ 816.131416][T11456] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 816.309267][T15200] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave [ 816.319365][T15200] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1) [ 817.461846][T15217] loop4: detected capacity change from 0 to 512 [ 817.522539][T15217] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 817.612238][T15217] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 818.435205][T15239] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4174'. [ 818.735734][T15245] loop0: detected capacity change from 0 to 256 [ 818.944118][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 819.007187][T15245] FAT-fs (loop0): Directory bread(block 64) failed [ 819.023594][T15245] FAT-fs (loop0): Directory bread(block 65) failed [ 819.031634][T15245] FAT-fs (loop0): Directory bread(block 66) failed [ 819.038611][T15245] FAT-fs (loop0): Directory bread(block 67) failed [ 819.045488][T15245] FAT-fs (loop0): Directory bread(block 68) failed [ 819.052500][T15245] FAT-fs (loop0): Directory bread(block 69) failed [ 819.061685][T15245] FAT-fs (loop0): Directory bread(block 70) failed [ 819.068637][T15245] FAT-fs (loop0): Directory bread(block 71) failed [ 819.075505][T15245] FAT-fs (loop0): Directory bread(block 72) failed [ 819.082433][T15245] FAT-fs (loop0): Directory bread(block 73) failed [ 819.687738][ T30] audit: type=1326 audit(819.648:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4185" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 819.710624][ T30] audit: type=1326 audit(819.658:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4185" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 819.735719][ T30] audit: type=1326 audit(819.678:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4185" exe="/root/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 819.761075][ T30] audit: type=1326 audit(819.678:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4185" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 819.784568][ T30] audit: type=1326 audit(819.678:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4185" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 819.806704][ T30] audit: type=1326 audit(819.678:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4185" exe="/root/syz-executor" sig=0 arch=40000003 syscall=279 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 819.828926][ T30] audit: type=1326 audit(819.678:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4185" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e539 code=0x7ffc0000 [ 820.236194][T15268] loop7: detected capacity change from 0 to 1024 [ 820.303307][T15268] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 820.667795][T15279] netlink: 'syz.0.4192': attribute type 5 has an invalid length. [ 820.697778][T13854] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 820.919081][T15284] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4195'. [ 820.991111][T15284] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4195'. [ 821.718380][T15298] tipc: New replicast peer: 255.255.255.255 [ 821.727474][T15298] tipc: Enabled bearer , priority 0 [ 822.417469][T15310] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 822.459688][T15312] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4208'. [ 823.144934][T15324] loop6: detected capacity change from 0 to 64 [ 823.203970][T15322] loop3: detected capacity change from 0 to 2048 [ 823.325295][T15324] ===================================================== [ 823.332820][T15324] BUG: KMSAN: uninit-value in hfs_find_set_zero_bits+0x74d/0xb60 [ 823.341714][T15324] hfs_find_set_zero_bits+0x74d/0xb60 [ 823.347500][T15324] hfs_vbm_search_free+0x13c/0x5b0 [ 823.352826][T15324] hfs_extend_file+0x6a5/0x1b00 [ 823.358002][T15324] hfs_get_block+0x435/0x1150 [ 823.362833][T15324] __block_write_begin_int+0xa76/0x3030 [ 823.368731][T15324] cont_write_begin+0x10e1/0x1bc0 [ 823.373949][T15324] hfs_write_begin+0x85/0x130 [ 823.379520][T15324] cont_write_begin+0x35a/0x1bc0 [ 823.384681][T15324] hfs_write_begin+0x85/0x130 [ 823.389693][T15324] generic_perform_write+0x3f7/0x10c0 [ 823.395264][T15324] __generic_file_write_iter+0x213/0x460 [ 823.401247][T15324] generic_file_write_iter+0x131/0x980 [ 823.407380][T15324] vfs_write+0xb48/0x1580 [ 823.411880][T15324] ksys_pwrite64+0x1d6/0x2a0 [ 823.412867][T15322] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 823.421228][T15324] __ia32_sys_ia32_pwrite64+0xf0/0x150 [ 823.443301][T15324] ia32_sys_call+0x2228/0x42c0 [ 823.449657][T15324] __do_fast_syscall_32+0xb0/0x150 [ 823.454960][T15324] do_fast_syscall_32+0x38/0x80 [ 823.460141][T15324] do_SYSENTER_32+0x1f/0x30 [ 823.464822][T15324] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 823.471533][T15324] [ 823.473953][T15324] Uninit was created at: [ 823.478981][T15324] __kmalloc_cache_noprof+0x7f7/0xed0 [ 823.484541][T15324] hfs_mdb_get+0x1cc8/0x2a90 [ 823.489444][T15324] hfs_fill_super+0x3d0/0xb80 [ 823.494310][T15324] get_tree_bdev_flags+0x6e3/0x920 [ 823.499747][T15324] get_tree_bdev+0x38/0x50 [ 823.504327][T15324] hfs_get_tree+0x35/0x40 [ 823.509301][T15324] vfs_get_tree+0xb0/0x5c0 [ 823.513891][T15324] do_new_mount+0x738/0x1610 [ 823.523323][T15324] path_mount+0x6db/0x1e90 [ 823.532953][T15324] __se_sys_mount+0x6eb/0x7d0 [ 823.541513][T15324] __ia32_sys_mount+0xe2/0x150 [ 823.547509][T15324] ia32_sys_call+0x2733/0x42c0 [ 823.552449][T15324] __do_fast_syscall_32+0xb0/0x150 [ 823.557867][T15324] do_fast_syscall_32+0x38/0x80 [ 823.562898][T15324] do_SYSENTER_32+0x1f/0x30 [ 823.567704][T15324] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 823.574232][T15324] [ 823.576837][T15324] CPU: 1 UID: 0 PID: 15324 Comm: syz.6.4214 Tainted: G W 6.16.0-rc6-syzkaller-00253-g4871b7cb27f4 #0 PREEMPT(none) [ 823.590808][T15324] Tainted: [W]=WARN [ 823.594718][T15324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 823.605183][T15324] ===================================================== [ 823.612349][T15324] Disabling lock debugging due to kernel taint [ 823.623191][T15324] Kernel panic - not syncing: kmsan.panic set ... [ 823.629760][T15324] CPU: 1 UID: 0 PID: 15324 Comm: syz.6.4214 Tainted: G B W 6.16.0-rc6-syzkaller-00253-g4871b7cb27f4 #0 PREEMPT(none) [ 823.643632][T15324] Tainted: [B]=BAD_PAGE, [W]=WARN [ 823.648768][T15324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 823.658966][T15324] Call Trace: [ 823.662360][T15324] [ 823.665406][T15324] __dump_stack+0x26/0x30 [ 823.669928][T15324] dump_stack_lvl+0x53/0x270 [ 823.674691][T15324] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.680678][T15324] dump_stack+0x1e/0x25 [ 823.685003][T15324] panic+0x4bd/0xd50 [ 823.689112][T15324] kmsan_report+0x31c/0x320 [ 823.693769][T15324] ? __msan_warning+0x1b/0x30 [ 823.698596][T15324] ? hfs_find_set_zero_bits+0x74d/0xb60 [ 823.704337][T15324] ? hfs_vbm_search_free+0x13c/0x5b0 [ 823.709818][T15324] ? hfs_extend_file+0x6a5/0x1b00 [ 823.715018][T15324] ? hfs_get_block+0x435/0x1150 [ 823.720023][T15324] ? __block_write_begin_int+0xa76/0x3030 [ 823.726001][T15324] ? cont_write_begin+0x10e1/0x1bc0 [ 823.731376][T15324] ? hfs_write_begin+0x85/0x130 [ 823.736385][T15324] ? cont_write_begin+0x35a/0x1bc0 [ 823.741662][T15324] ? hfs_write_begin+0x85/0x130 [ 823.746673][T15324] ? generic_perform_write+0x3f7/0x10c0 [ 823.752413][T15324] ? __generic_file_write_iter+0x213/0x460 [ 823.758414][T15324] ? generic_file_write_iter+0x131/0x980 [ 823.764257][T15324] ? vfs_write+0xb48/0x1580 [ 823.768927][T15324] ? ksys_pwrite64+0x1d6/0x2a0 [ 823.773850][T15324] ? __ia32_sys_ia32_pwrite64+0xf0/0x150 [ 823.779674][T15324] ? ia32_sys_call+0x2228/0x42c0 [ 823.784762][T15324] ? __do_fast_syscall_32+0xb0/0x150 [ 823.790213][T15324] ? do_fast_syscall_32+0x38/0x80 [ 823.795421][T15324] ? do_SYSENTER_32+0x1f/0x30 [ 823.800267][T15324] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 823.806982][T15324] ? xas_load+0xcec/0xd70 [ 823.811492][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 823.816781][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 823.822055][T15324] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.828040][T15324] ? xas_find+0x661/0xd40 [ 823.832548][T15324] ? filter_irq_stacks+0x49/0x190 [ 823.837745][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 823.843026][T15324] __msan_warning+0x1b/0x30 [ 823.847667][T15324] hfs_find_set_zero_bits+0x74d/0xb60 [ 823.853228][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 823.858500][T15324] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.864476][T15324] hfs_vbm_search_free+0x13c/0x5b0 [ 823.869778][T15324] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.875756][T15324] hfs_extend_file+0x6a5/0x1b00 [ 823.880773][T15324] ? clean_bdev_aliases+0x9df/0xa40 [ 823.886151][T15324] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.892134][T15324] ? __mark_inode_dirty+0x371/0x1090 [ 823.897610][T15324] hfs_get_block+0x435/0x1150 [ 823.902443][T15324] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 823.908724][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 823.914003][T15324] __block_write_begin_int+0xa76/0x3030 [ 823.919775][T15324] ? __pfx_hfs_get_block+0x10/0x10 [ 823.925062][T15324] cont_write_begin+0x10e1/0x1bc0 [ 823.930253][T15324] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.936254][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 823.941656][T15324] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 823.947666][T15324] hfs_write_begin+0x85/0x130 [ 823.952505][T15324] ? __pfx_hfs_get_block+0x10/0x10 [ 823.957793][T15324] ? __pfx_hfs_write_begin+0x10/0x10 [ 823.963233][T15324] cont_write_begin+0x35a/0x1bc0 [ 823.968405][T15324] hfs_write_begin+0x85/0x130 [ 823.973230][T15324] ? __pfx_hfs_get_block+0x10/0x10 [ 823.978517][T15324] ? __pfx_hfs_write_begin+0x10/0x10 [ 823.983966][T15324] generic_perform_write+0x3f7/0x10c0 [ 823.989572][T15324] __generic_file_write_iter+0x213/0x460 [ 823.995410][T15324] generic_file_write_iter+0x131/0x980 [ 824.001064][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 824.006331][T15324] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 824.012301][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 824.017572][T15324] ? ksys_pwrite64+0x1d6/0x2a0 [ 824.022495][T15324] ? __msan_warning+0x1b/0x30 [ 824.027318][T15324] ? filter_irq_stacks+0x13f/0x190 [ 824.032608][T15324] ? stack_depot_save_flags+0x35/0x7b0 [ 824.038253][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 824.043525][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 824.048793][T15324] ? kmsan_get_metadata+0xfb/0x160 [ 824.054058][T15324] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 824.060610][T15324] vfs_write+0xb48/0x1580 [ 824.065123][T15324] ? __pfx_generic_file_write_iter+0x10/0x10 [ 824.071313][T15324] ksys_pwrite64+0x1d6/0x2a0 [ 824.076076][T15324] __ia32_sys_ia32_pwrite64+0xf0/0x150 [ 824.081723][T15324] ia32_sys_call+0x2228/0x42c0 [ 824.086638][T15324] __do_fast_syscall_32+0xb0/0x150 [ 824.091929][T15324] do_fast_syscall_32+0x38/0x80 [ 824.096935][T15324] do_SYSENTER_32+0x1f/0x30 [ 824.101592][T15324] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 824.108099][T15324] RIP: 0023:0xf710e539 [ 824.112280][T15324] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 824.132064][T15324] RSP: 002b:00000000f50fe55c EFLAGS: 00000206 ORIG_RAX: 00000000000000b5 [ 824.140643][T15324] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000180 [ 824.148742][T15324] RDX: 0000000000000001 RSI: 0000000000200980 RDI: 0000000000000000 [ 824.156834][T15324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 824.164922][T15324] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 824.173013][T15324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 824.181134][T15324] [ 824.184522][T15324] Kernel Offset: disabled [ 824.188910][T15324] Rebooting in 86400 seconds..