last executing test programs: 4.688074831s ago: executing program 0 (id=3297): unshare(0x22020600) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xb, 0x13, 0x200cc, 0x6, 0x5}, 0x50) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x2, r0, 0x78}, 0x38) 4.036078105s ago: executing program 3 (id=3301): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a09040000000000000000020000000900020073797a32000000000900010073797a30000000002400048020000180080001006c6f6700140002800800064000008801080005400000000814000000110001"], 0x78}}, 0x0) 3.995654259s ago: executing program 0 (id=3302): syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) 3.543909027s ago: executing program 3 (id=3306): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) open$dir(&(0x7f0000000140)='./file0\x00', 0x103, 0x0) 3.23137887s ago: executing program 2 (id=3307): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000003c0)={'ip6gre0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2d, 0x0, 0x0, 0xcbf, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, 0x700, 0x8, 0x101, 0xd66}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x4, 0xfe, 0x2, 0x4038a09, 0x4, @loopback={0xe0}, @mcast2={0xff, 0x5}, 0x0, 0x0, 0x0, 0x5}}) 3.143838952s ago: executing program 1 (id=3308): ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000080)={0xfffffffc, 0x1, 0x0, 0x0, 0x0, "cf0da7087b9539556f7ab2a8bf68b63bfcbea9"}) r0 = fanotify_init(0x0, 0x0) writev(r0, &(0x7f0000000500)=[{&(0x7f0000000080)="88", 0x8}, {0x0}], 0x2) 3.137884426s ago: executing program 4 (id=3309): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) sendfile(r1, r0, 0x0, 0x1d) 2.664890212s ago: executing program 2 (id=3310): r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4) setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd1, 0x0, 0x0) 2.648252931s ago: executing program 1 (id=3311): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000040000000160a01010000000000000000010000000900010073797a30000000000900020073797a3000000000140003"], 0xc8}}, 0x0) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001f0001000000000000000000060100800c0001"], 0x114}], 0x1}, 0x0) 2.618109902s ago: executing program 4 (id=3312): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1010082, &(0x7f0000001980)={[{@gid}, {@discard}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@discard}, {@umask={'umask', 0x3d, 0x2bf}}, {@utf8}, {@errors_continue}, {@gid}, {}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}]}, 0x3, 0x1507, &(0x7f0000000440)="$eJzs3Au8TtXWMPAx5pyLTdKT5D7HHIsnuUySJJeEXJIkOZIkJCRJkhwkt9ySkITcQ+4hucVO7vf7PUmOJElCQpL5/VTndc7Xe7763nO+z3vePf6/39p7jr3WGM9ca+z9rMtv7/11+0FV6lWtWIeZ4Z+Cv3zqBgApANAXAK4DgAgASmQpkeXy+gwau/1zLyL+tR6adrVnIK4m6X/aJv1P26T/aZv0P22T/qdt0v+0Tfqftkn/hUjLtk7Peb0saXf548//3f95tTz//zck5///sf7QT5r0P22T/qdt0v+0Tfqftkn/0zbpf9om/U/bpP9CpGVX+/nzv8Hy10P1u9te3eMZ/Zfyruo3nxBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKINON8uMIAwF/HV3teQgghhBBCCCGE+NcJ6a/2DIQQQgghhBBCCPH/HgIYDQYiSAfpIQUyQEa4BjLBtZAZroMEXA9Z4AbICjdCNsgOOSAn5ILckAcsEDhgiCEv5IMk3AT54WYoAAWhEBQGD0WgKNwCxeBWKA63QQmYswjgDigFpaEMlIU7oRzcBeWhAlSEu6ESVIYqUBXugWpwL1SH+6AG3A814QGoBQ9CbfgT1IGHoC48DPXgEagPj0IDeAwaQiNo/F/KfxE6w0vQBbpCN+gOPeBl6Am9oDf0gb7wCvSDV6E/vAYDYCAMgtdhMLwBQ+BNGArDYDi8BSNgJIyC0TAGxsI4eBvGwwSYCO/AJJgMU2AqTIPpMAPehZkwC2bDezAH3oe5MA/mwwJYCB/AIlgMqfAhLIGPYCksg+WwAlbCKlgNa2AtrIP1sAE2wibYDFtgK2yD7bADdsIu2A17KuyFj2EffAL74VM4AJ/9X+afg7/P74CAgAoVGjSYDtNhCqZgRsyImTATZsbMmMAEZsEsmBWzYjbMhjkwB+bCXJgH8yAhISNjXsyLSUxifsyPBbAAFsJC6NFjUSyKxfBWLI7FsQSWwJJYEkthaSyNZbEslsNyWB7LY8U75gFgJayCVfAevAfvxepYHWtgDayJNbEW1sLaWBvrYB2si3WxHtbD+lgfG2ADbIgNsTE2xibYBJtiU2yOzbEFtsCW2BJbYStsja2xDbbBttgW22E7bI/tsQN2xI74Ir6IL+FL2BUrqe7YA3tgT+yJvbEP9sFXsB++iq/iazgAB+IgfB1fxzdwCJ7FoTgMh+NwLKdG4igcjazG4jgch+NxPE7EiTgJJ+NknIrTcDrOwBk4E2fhLHwP5+D7+D7Ow3m4ABfiQlyEizEVU3EJnsOluAyX4wpciatwJa7BtbgG1+MGXI+bcBNuwS24DbfhDtyBu3AX7sE9+DF+jJ/gJzgAD+ABPIgH8RAewsN4GI/gETyKR7ddA4DH8TiewBN4Ek/haTyFZ/AMnsVzeB7P4wW8gBfxhVxf1t1TcN0AUJcZZVQ6lU6lqBSVUWVUmVQmlVllVgmVUFlUFpVVZVXZVDaVQ+VQuVQulUflUaRIsYpVXpVXJVVS5Vf5VQFVQBVShZRXXhVVRVUxVUwVV8VVCXW7KqnuUKVUadXMl1VlVTnV3JdXFVRFVVFVUpVVFVVVVVXVVDVVXVVXNVQNVVPVVLXUg6q26o698SF1uTP11ECsrwZhA/WYaqgaqTfwcdVEDcGmqplqrp5Uw3AotlRNfCv1jGqtRmEb9Zwajc+rdmostld/Vh1UR9VJvag6q6a+i+qqJmF31UNNxZ6ql+qt+qiZWFld7lgV9ZoaoAaqQep1tQDfUEPUm2qoGqaGq7fUCDVSjVKj1Rg1Vo1Tb6vxaoKaqN5Rk9RkNUVNVdPUdDVDvatmqllqtnpPzVHvq7lqnpqvFqiF6gO1SC1WqepDtUR9pJaqZWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qm1qu9qhdqpdarfao/aqj9U+9Ynarz5VB9Rn6qD6izqkPleH1RfqiPpSHVVfqWPqa3VcfaNOqK7qpDqlTqvv1Bn1vTqrzqnz6gd1Qf2oLqqf1CUVFGjUSmttdKTT6fQ6RWfQGfU1OpO+VmfW1+mEvl5n0TforPpGnU1n1zl0Tp1L59Z5tNWknWYd67w6n07qm3R+fbMuoAvqQrqw9rqILqpv0cX0rbq4vk2X0LfrkvoOXUqX1mV0WX2nLqfv0uV1BV1R360r6cq6iq6q79HV9L26ur5P19D365r6AV1LP6hr6z/pOvohXVc/rOvpR3R9/ahuoKNfz1+P6yb6Cd1UN9PN9ZO6hX5Kt9RP61b6Gd1aP6vb6Od0W/28bqdf0O31n3UH3VF30j/pSzroLrqr7qa76x76Zd1T99K9dR/dV7+i++lXdX/9mh6gB+pB+nU9WL+hh+g39VA9TA/Xb+kReqQepUfrMXqsHqff1uP1BD1Rv6Mn6cl6ip6qp+npuvevlWb/gfwJ/0l+/59ffYveqrfp7XqH3ql36d16j96r9+p9ep/er/frA/qAPqgP6kP6kD6sD+sj+og+qo/qY/qYPq6P6xP6hD6pT+kf9Hf6jP5en9Xn9Dn9g76gL+iLvx4DMGiU0caYyKQz6U2KyWAymmtMJnOtyWyuMwlzvclibjBZzY0mm8lucpicJpfJbfIYa8g4wyY2eU0+kzQ3mfzmZlPAFDSFTGHjTRFT1NzyT+f/g/mtmPJL801j09g0MU1MU9PUNDfNTQvTwrQ0LU0r08q0Nq1NG9PGtDVtTTvTzrQ37U0H08F0Mp1MZ9PZdEEw3Uw308O8bHqaXqa36WP6mldMP9PP9Df9zQAzwAwyg8xgM9gMMUPMUDPUGAAYYUaYUWaUGWPGmHFmnBlvxpuJZqKZZCaZKWaKmWammRlmhplpZprZZraZY+aYuWaumW/mm4VmoVlkFplUk2qWmCVmqVlmlpkVZoVZZVaZNWaNWWfWmQ1mg9lkNpmlZqvZarab7Wan2Wl2m91mr9lr9pl9Zr/Zbw6YA+agOWgOmUPmsDlsjpgj5qg5ao6ZY+a4OW5OmBPmpDlpTpvT5ow5Y86as+a8OW8umAvmorloLplLly/7IhWpyEQmSheli1KilChjlDHKFGWKMkeZo0SUiLJEWaKs0Y1Rtih7lCPKGeWKckd5IhtR5CKO4ihvlC9KRjdF+aObowJRwahQVDjyUZGoaHRLVCy6NSoe3RaViG6PSkZ3RKWi0lGZqGx0Z1QuuisqH1WIKkZ3R5WiylGVqGp0T1QtujeqHt0X1Yjuj2pGD0S1ogej2tGfojrRQ1Hd6OGoXvRIVD96NGoQPRY1jBpFjf+l9UM4m/0J38V2temhu+1hX7Y9bS/b2/axfe0rtp991fa3r9kBdqAdZF+3g+0bdoh90w61w+xw+5YdYUfaUXa0HWPH2nH2bTveTrAT7Tt2kp1sp9ipdpqdbmfYd+1MO8vOtu/ZOfZ9O9fOs/PtArvQfmAX2cU21X5ol9iP7FK7zC63K+xKu8qutmvsWrvOrrcb7Ea7yW62W+xWu81utzvsTrvL7rZ77F77sd1nP7H77af2gP3MHrQpv74/fmGP2C/tUfuVPWa/tsftN/aE/daetKfsafudPWO/t2ftOXve/mAv2B/tRfuTvWTD5Yv7y6d3MmQoHaWjFEqhjJSRMlEmykyZKUEJykJZKCtlpWyUjXJQDspFuSgP5aHLmJjyUl5KUpLyU34qQAWoEBUiT56KUlEqRsWoOBWnElSCSlJJKkWlqAyVoTvpTrqL7qIKVIHuprupMlWmqlSVqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATU49+uvMFMTakJNqSk1p+bUglpQS2pJragVtabW1IbaUFtqS+2oHbWn9tSBOlAn6kSdqTN1oS7UjbpRD+pBPakn9abe1Jf6Uj/qR/2pPw2gATSIBtFgGkxDaAgNpWE0nN6iETSSRtFoGkNjaRyNo/E0nibSRJpEk2gKTaFpNI1m0AyaSTNpNs2mOTSH5tJcmk/zaSEtpEW0iFIplZbQElpKS2k5LaeVtJJW02paS2tpPa2njbSRNtNm2kpbaTttp520k3bTbtpLe2kf7aP9tJ8O0AE6SAfpEB2iw3SYjtAROkpH6Rgdo+N0nE7QCTpJJ+k0naYzdIbO0lk6T+fpAv1IF+knukSBUlwGl9Fd4zK5a11md5373+McLqfL5XK7PM66bC7738XknCvgCrpCrrDzrogr6m75TVzKlXZlXFl3pyvn7nLlfxNXW7vzly66+11Vd4+r5u511d19roa739V0D7ha7hFX2z3q6rjHXF3XyNVzj7j67lHXwD3mGrpGroV7yrV0T7tW7hnX2j37m3iRW+zWunVuvdvg9rlP3Hn3gzvmvnYX3I+ui+vq+rpXXD/3quvvXnMD3MDfxMPdW26EG+lGudFujBv7m3iKm+oyuOluhnvXzXSzfo6n/U280H3g5rhUN9fNc/Pdgp/jy3NKdR+6Je4jt9Qtc8vdCrfSrXKr3Zr/mOsKt8ltdlvcXvex2+52uJ1ul9vt9vwcX96P/e5Td8B95o66r9wh97k77I67I+7Ln+PL+3fcfeNOuG/dSXfKnXbfuTPue3fWnft5/y/v+3fuJ3fJBQeMrFiz4YjTcXpO4Qycka/hTHwtZ+brOMHXcxa+gbPyjZyNs3MOzsm5ODfnYcvEjpljzsv5OMk3cX6+mQtwQS7EhdlzES7Kt3AxvpWL821cgm/nknwHl+LSXIbL8p1cju/i8lyBK/LdXIkrcxWuyvdwNb6Xq/N9XIPv55r8ANfiB7k2/4nr8ENclx/mevwI1+dHuQE/xg25ETfmx7kJP8FNuRk35ye5BT/FLflpbsXPcGt+ltvwc9yWn+d2/AK35/IA0JE78YvcmV/iLtyVu3F37sEvc0/uxb25D/flV7gfv8r9+TUewAN5EL/Og/kNHsJv8lAexsP5LR7BI3kUj+YxPJbH8ds8nifwRH6HJ/FknsJTeRpP5xn8Ls/kWTyb3+M5/D7P5Xk8nxfwQv6AF/FiTuUPeQl/xEt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7CW3kbb+cdjLyLd/Me3ssf8z7+hPfzp3yAP+OD/Bc+xJ/zYf6Cj/CXfJS/4mP8NR/nb/gEf8sn+RSf5u/4DH/PZ/kcn+cf+AL/yBf5J77EgSHGWMU6NnEUp4vTxylxhjhjfE2cKb42zhxfFyfi6+Ms8Q1x1vjGOFucPc4R54xzxbnjPLGNKXYxx3GcN84XJ+Ob4vzxzXGBuGBcKC4c+7hIXDS+JS4W3xoXj2+LS8S3xyXjO+JScen4kfvLxnfG5eK74vJxhbhifHdcKa4cV4mrxvfE1eJ74+rxfXGN+P64ePxAXCt+MK4d/ymuEz8U140fjuvFj8T140fjBvFjccO4Udw4fjxuEj8RN42bxc3jJ+MW8VNxy/jpuFX8TNw6fvZ313eLu8c94pfjl+MQ7tPzkwuSC5MfJBclFydTkx8mlyQ/Si5NLksuT65IrkyuSq5OrkmuTa5Lrk9uSG5MbkpuTm5JhlA1PXj0ymtvfOTT+fQ+xWfwGf01PpO/1mf21/mEv95n8Tf4rP5Gn81n9zl8Tp/L5/Z5vPXknWcf+7w+n0/6m3x+f7Mv4Av6Qr6w976IL+ob+ca+sW/in/BNfTPf3D/pn/RP+af80/5p/4xv7Z/1bfxzvq1/3rfzL/gX/J99B9/Rd/Iv+s7+pRB8V9/Nd/M9fA/f0/f0vX1v39f39f18P9/f9/cD/AA/yA/yg/1gP8QP8UP9UD/cD/cj/Ag/yo/yY/wYP86P8+P9eD/RT/ST/CQ/xU/x0/w0P8PP8DP9TD/bz/ZzCszxc/1cP9/P9wv9Qr/IL/KpPtUv8Uv8Ur/UL/fL/Uq/0q/2q/1av9av9+v9Rr/Rb/ab/Va/1W/32/1Ov9Pv9rv9Xr/X7/P7/H6/3x/wB/xBf/B88If8Yf+FP+K/9Ef9V/6Y/9of99/4E/5bf9Kf8qf9d/6M/96f9ef8ef+Dv+B/9Bf9T/6SD35c4u3E+MSExMTEO4lJicmJKYmpiWmJ6YkZiXcTMxOzErMT7yXmJN5PzE3MS8xPLEgsTHyQWJRYnEhNfJhYkvgosTSxLLE8sSKxMrEqEULu7XHIG/KFZLgp5A83hwKhYCgUCgcfioSi4ZZQLNwaiofbQolweygZ7gilQulQJjwaGoTHQsPQKDQOj4cm4YnQNDQLzcOToUV4KrQMT4dW4ZnQOjwb2oTnQtvwfGgXXgjtw59Dh9AxdAovhs7hpdAl6NAtdA89wsuhZ+gVeoc+oW94JfQLr4b+4bUwIAwMg8LrYXB4IwwJb4ahYVgYHt4KI8LIMCqMDmPC2DAuvB3GhwlhYngnTAqTw5QwNUwL08OM8G6YGWaF2eG9MCe8H+aGeWF+WBAWhg/CorA4pIYPw5LwUVgaloXlYUWAlFVhdVgT1oZ1YX3YEDaGTWFz2BK2hm1he9gRdoZdYXfYE/aGj8O+8EnYHz4NB8Jn4WD4SzgUPg+HwxfhSPgyHA1fhWPh63A8fBNOhG/DyXAqnA7fhTPh+3A2nAvnww/hQvgxXAw/hUvyN2tCCCGEEH/IhN9Z3/3vIvUfH9WvX+kBANfuyHnkb7fSALAx2y/jXipXiwQAPNO1/UN/XSpV6tat26/bLtUQ5ZsHAIkr+engSrwMmsNT0AqaQbH/dH69VMcL/Dv1k7cDZPybnBS4El+pf+s/qD9yzu/WnwdQIN+VnAxwJb5Sv/hvakc/18/e5HfqZ/h8HEDTv8nLBFfiK/WLwhPwLLT6uy2FEEIIIYQQQohf9FJl2v7e/e3l+/Nc5kpOergS/979uRBCCCGEEEIIIa6+5zt2evrxVq2atf0Hgwr/eJUM0sog3X+PafzbDwD+W0zjjw2u9juTEEIIIYQQ4l/tykX/1Z6JEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRdv3/+HdiV3sfhRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiKvtfwUAAP//JJI07Q==") r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 2.585847773s ago: executing program 0 (id=3313): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)={0x20, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000) 2.204069071s ago: executing program 3 (id=3314): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000100)={@link_local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @remote, @multicast1}, {0x400, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) 2.141263419s ago: executing program 2 (id=3315): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000215c1800000c0a010300000000000000000700000a0900020073797a31000000000900010073797a3000000000301803802c180080080003400000000220180b801c18018008000100636d70001018028034040380f40001001a536cc601903447c4d1316b434f0f0df7197676fbac4b653eb16a126741d889f7a11ce74f2e0aabbeb14220b3c221ce781b97b9ea076645dd970c3d9b03ffb67b5f8037799d5e4243a71751b7fd608d1dc64071d88de5a46bd6b21e8f5402cd8917c3308d3a9fd1a71d67f8aaff5484991f8ab3eb94f1ccc8d13435a10d8cf7518745620643bba6bd2bd5a12db61ebe50941d4f11c1225c3b2284a63addf87d3c6490a7adb1bb4efa8515aba6be408482710359becce142b796e52c933d11eec49585f4cecd3be276956e0dda85fea617518663c5a72a18942df8aa94b16e7221854bd25b341b129a23dc34fc37b017300002800900020073797a32000000000900020073797a300000000008000340000000040900020073797a3000000000180002800900020073797a300000000008000180fffffffb3800028008000180fffffffb080003400000000408000340000000020900020073797a310000000008000180ffffffff08000180fffffffb3d000100c47132f09de91a2c2ad60d846673bc985da578ff0ac797eb590e88f0ba59120850df808b04657e9deed8c2f02a55f7a08a9c7c30c64a8578e9000000480002800900020073797a320000000008000340000000010900020073797a3000000000080003400000000408000340000000020900020073797a310000000008000340000000035c00028008000180fffffffb08000180ff01fffc08000180ffffffff08000180ffffffff0900020073797a30000000000900020073797a320000000008000180fffffffb0900020073797a31000000000900020073797a300000000076000100156dd322c380d6c9eb71c50da0a3910316bf780e141b8de94f99ae287d972eb68d4455e535cb0400b0134a131169d49562691c68efe7d6193fbf2131b443b379b38a7af7c62da82a0906faeb6a57290107fd6146d57bdea9093c605b72135fb347eda914384b6c964737b04b75a8fa192bfb0000f5000100ad1903d694187989570830a686e475a7bd3959fda066a830982371b41bc3b51a8b6291b7558a355aa0e605cc13b7ba4439a13016143383e757c174a1fc08e5f6d09b28e63bc31e4e6500bce17d0b21cbf63a98fd38a08443ed21fb10c6a47967b9ccfb678580ac1a962f1b5b978d2a7caa91fbdf448f4d94464430ad2f09951961a51b5a8df1d772ab84b0e0ba715dd3876afaa1c88d2f2b59407945d5d43fa60c569aa4ba212ca938ccca8362b3a6e0f55658bf4e971dd2f5fb3af367845fad6a69d82dd424e664789d7217c0e06ee19a3e8b96fe5471adda8228d4a45008761c68326e66e6036e90eca6cf8f70f181060000006800028008000180fffffffb0900020073797a300000000008000340000000020900020073797a300000000008000180fffffffb080003400000000308000180fffffffc0900020073797a31000000000900020073797a32000000000900020073797a3100000000080001400000000b080002"], 0x18e0}}, 0x0) 1.910223225s ago: executing program 1 (id=3316): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000001f0900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000010c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0104000000000000000002000000400004803c0001800e000100696d6d6564696174650000002800028008000140000000001c000280180002800900020073797a320100000008000180fffffffd0900010073797a30000000000900020073797a32"], 0x94}}, 0x0) 1.807886369s ago: executing program 0 (id=3317): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) setsockopt$sock_timeval(r0, 0x1, 0x42, &(0x7f00000000c0)={0x0, 0x2710}, 0x10) recvmsg(r0, &(0x7f0000002540)={0x0, 0x0, 0x0}, 0x0) 1.663700883s ago: executing program 4 (id=3318): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='system.posix_acl_default\x00', &(0x7f0000000000)={{}, {}, [{}]}, 0x2c, 0x0) lgetxattr(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f00000001c0)=@known='system.posix_acl_default\x00', 0x0, 0x24) 1.607143763s ago: executing program 3 (id=3319): r0 = socket$kcm(0x10, 0x2, 0x4) socket$inet(0x2, 0x3, 0x5) sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000150097f87059ae08060c040002ff0f020000000000000187ac1414aaa69d35a2cca84708f7abca1bac1414aabd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0) 1.516354085s ago: executing program 2 (id=3320): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040)) ioctl$PPPIOCSNPMODE(r0, 0x4008744b, &(0x7f0000000000)={0x2b}) 1.284353544s ago: executing program 1 (id=3321): r0 = socket$l2tp6(0xa, 0x2, 0x73) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) connect$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty, 0x0, 0x4}, 0x20) 1.225400827s ago: executing program 0 (id=3322): syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x14, &(0x7f0000002440)=ANY=[], 0xff, 0xc0c, &(0x7f00000008c0)="$eJzs3V9sHVdaAPDvjO3YSdHupduk3aVa3RapG7JssJ1t08or0VBjsWy2NXW8C5SH3sROuMS5vrKdblrBbnjqA0iYReKFRUJCiyoeVkZoH+BpkZB4tdC+IaSwLKUIId2HrfqCajRzz42vHacJdRznz+8nJd/cme/MnDlnMjN3zh0lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIX/rlU6Njab9rAQDcTS/PvDo67voPAA+VM77/AwAAAAAAAAAAAADAvS5FEe9Fim882UmvV5+7Rk43W5evzE5O7VzsYKpKDlT55Z+RsfETX3z2uZPP9+JHl7/TPh2vzJw5VX9p8VJ7aX55eX6uPttqnlucm7/tNey2/HbHqgaoX7p4ee78+eX6+PETWxZfqb07/MiR2sTJsdcO93JnJ6emZvpyBoc+9tZvcLM3PA5EEecjxcV33kuNiChi921xi2Nnrx2sduJYtROzk1PVjiw0G62VcuF0ryGKiFpfoRd7bXQX+mJX6hFXy+qXFT5W7t5Mu7HUOLswX59uLK00V5qLrenUrW2q0ot4PkW0I6IzfOPqhqKIb0aKt7/TSWcjYqDXDp+vXgy+dX2KPdjH2zAYEbWhiPXiPuize9hwFPG9SPHtb43GudyuVbM9E/HVMh6JuFzGaxGrZfxsRCoPkMci3t/heOL+MhhF/EGk+MlEJ831+r46r5z+Wv3LrfOLfbm988p9f324m+7xc9NIFNGozvid9PFvdgAAAAAAuPcU8ceR4qkfHk3t6B9TbLYu1M80zi50nwr3nv3Xc6mNjY2NWurG0Rync2znuJrjWo7rZYzNFdSKXD7H6RzbOa7muJbjeo6dHGsDuXyO0zm2c1zNcS3H9Rw7OdYGc/kcpwerml1t58+rOa7luJ5jZ3A/+gkAAAAAAAAAbu5gFPH1SPHML7xRvVcc1Xvpn5w4+erxX+1/Z/yJW6ynzD0eEWvF7b2TeyC/OjydplPap3eI6b7/93v5/b/f3+/KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+6qIIp6OFG98v5MiRUQ94vXoxmvD+107AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgThhJRbwfKf70KyPV5/Ui4jcj4sONDzci4tqHG3fafu8xAAAAAAAAADyAUhFvRoqnX+2kWkRcqb07/MiR2sTJsdcOD8RApDKlP/+VmTOn6i8tXmovzS8vz8/VZ1vNc4tz87e7uZHTzdblK7OTU3uyM7d0cI/rf3DkpcX2m0vNC7+9suPyQyOnzi6vLDXO7bw4DkYRUe+fc6yq8OzkVFXphWajVRWdTrdbYwAAAAAAAAAeBkOpiA8jxdt/9c71cefB7pj/4Pbc734posjTk3n8+fowdPW7gU9UvxvoTn9y4uSvjX+mf3rHIetj1YB6fXZyamqmb/bg0I2pI3m7o7vbZfqU/b8SKf7wz+vpqTxva/8PXM/97u9u9vfV7Su6SZ//P/p/S4/3+v+n++aV20ypiL+JFD/z60/EU1U9D8UNv5nIeV+JFL+x9mTOiwNl3tN5+aPV3yPnmwvzo2XulUjxD5e35j6Tcz+1mTt2u+16vyj7/+lI8d+/tXa9bXL/5x7Y7LX+/v/M9qNj9/2/47//R/vm1fJ2f/bO7DoRsfzmWxcbCwvzSw/jxMC9UQ0TJnaeiKv7t/X9PjNxN5TX/69Hir//k3+5fr+Tr/8/FdVt1eb93wff3Lz+T2xf0R5d/z/VN28i340MDUaMrFxqDz0eMbL85ltfaF5qXJi/MN86cfKF58ZHXxgbPTF0oHdztzm1fcs3fL95GJX9/zuR4ns/+uv4XJ639f5v5/v/Q9tXtEf9/1jfvENb7ld2vevk/v/fSPFPkz+Io3neR93/977/H8034dfvz/eo/w/3zau+430i4uf65h09HPHAfSkDAACAOyylIn6Qx1NHbzGe+o+R4q3/+vmcl46UeS/m5bXq75GXF1tfOLWwsHiusdI4uzBfn2k3zs2XZX8cKTp/+WQuW1Tjq73x5u4Y7+ZY7D9Hihd+pZfbHYvtPZt6bDN3rMw9Hin+6OWtub3nGIc3c8fL3H+NFGOv7Zx7ZDP3RJn7n5Higz+r93IPlblfyrmPb+YeP7e4MLcH3QIAAAAAALsylIp4LlL83YnB1Hu+fTu//7zhofce/f7v8b55c3fpfZVdNyoA3OPK6//R8qr+i39xfSx/6/V/8z2Z/uv/dv3/b8DNpj/O9b92Z3YTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KGToojFSPGNJzvp2nD5uWvkdLN1+crs5NTOxQ6mquRAlV/+GRkbP/HFZ587+XwvfnT5O+3T8crMmVP1lxYvtZfml5fn5+qzrea5xbn5217Dbstvd6xqgPqli5fnzp+PGD9+YsviK7V3hx85Ups4Ofba4V7u7OTU1ExfzuDQx976DXr9WmybfyCK+J9IcfGd99K/Deflu2yLWxw7e+1gFPG3EVHuxOzkVLUjC81Ga6VcON3XELW+Qi/22ugu9MWu1COultUvK3ys3L2ZdmOpcXZhvj7dWFpprjQXW9OpW9tUpRfxfIpoR0Rn+MbVDUURQ5Hi7e900o+GIwZ67fD5l2deHR2/SSVGNie3H1B3yWBE1IYi1ov7oM/uYcNRxLOR4tvfGo1/H+62a9Vsz0R8tYxHIi6X8VrEahk/G5HKA+SxiPd3OJ64vwxGEY9Gip9MdNKPh3PfV+eV01+rf7l1frEvt3deue+vD3fTPX5uGoki3qvO+J30H/49AwAAAAA8QIp4IlI89cOjqRofvD6m2GxdqJ9pnF3oPtbvPfuv51IbGxsbtdSNozlO59jOcTXHtRzXc+zkWCty+Rync2znuJrjWo7rOXZyrA3k8jlO59jOcTXHtRzXc+zkWBvM5XOczrGd42qOazmu59gZ3M/+AgAAAAAAANhZEUV8LlK88f1O2hjuDvC+Ht14zftAD7z/CwAA//9v9lF3") timer_create(0xfffffffffffffffc, &(0x7f0000000140)={0x0, 0x7}, &(0x7f0000001400)) timer_settime(0x0, 0x1, &(0x7f0000000500)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) 1.10986028s ago: executing program 3 (id=3323): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000240), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="050000009f6000"/16, @ANYRES64=0x0, @ANYRES64, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0000000003"], 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x8800) 1.007661619s ago: executing program 4 (id=3324): r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x2000006, 0x1, 0x4}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000140)=@multiplanar_fd={0x0, 0x1, 0x4, 0x10, 0x7, {0x77359400}, {0x3, 0x1, 0x3, 0x6, 0x7, 0x8, "b5cc4fbb"}, 0x8, 0x4, {0x0}, 0x9}) 704.910128ms ago: executing program 1 (id=3325): pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) splice(r1, &(0x7f0000000040), r0, 0x0, 0x800000000ff, 0x0) 655.891378ms ago: executing program 2 (id=3326): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}, 0x1c) bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe1e, 0xc, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c) 501.409967ms ago: executing program 3 (id=3327): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x490, &(0x7f0000000000), 0x2, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x44) 452.679843ms ago: executing program 4 (id=3328): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), r0) sendmsg$NLBL_CALIPSO_C_LISTALL(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={0x14, r1, 0x3d810686a7d95765, 0x70bd29, 0x25dfdbf9}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x24044042) 139.919357ms ago: executing program 4 (id=3329): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800000, &(0x7f0000005f80)=ANY=[@ANYBLOB='nls=cp949,barrier,uid=', @ANYRESHEX=0x0, @ANYBLOB="000800139e6ec30b2b99f47f097f267d35dc81666a63e7768c00aeecc11e3d8dd215e24988d111429ce29e60b1481b4454b6c882e8b9de8fa5ff541d3f0470f9a71ac6e14f74c9c65ca943b2e922748c5955a3428550d6fdae754bea64db124b811d06bda34e3f366148a417d90f5120", @ANYBLOB="430d76b2a3a8a45bf91f7dd47325436e81cc16066d5f65a8889719b5430abd0ed1a9b132a573a9cdbab70e678daeede0826c76057559831505352707f466167da3f02a2b8537e7cbb5610818a66a16173c488d0398a0c2e38e06bd168a107cd7f3656c26bc446c2a1c38defe149ad7acc87376bfddb5b270ee1e78072999ccee86dda0422fb89b412e258c88a55fa3f42ab1f3c78e476d7b8e36810f8bdad2f25ef7d8db4a7958f77cfdb6baf816f197ad1467986bd780f84b620ef300b73fed2ca92d22818d51b78bb83881c6bed14cd98e7f00a60350be1d048627a334d985a806367be6be637b84c8b7d08d25573debaa57c5dcdf83828751fa415b9dc6ca5b64200ed42b740358dacba9d7f3bacf8b8c1e35a548a5252b00f85f2cfc4ae2ce5314ee9278c79b407bc396951f0b21311f7fa2d15096f74204add5b32c6c88933b1ec576f619b55df538e3ae228eab7e8c7d2cb7ae4d60210f097912896741b512e0671a26d2e40c57197a8bfc00a5528bac1064061644a711d61942e8ec44a1f3b7550527a8d26f9a347f2bf87738653677be6af6fa6fc8f2349b7ec15d0cfeb7b0bc2c9a2301062755e70bd83fc3288152a3102b7a259a09955823f421131d24a9d484b7f0b01968ad0b30326fa73eb4170b6bc20e8f17afab1596a2a40b6ffff527af84ded2c4da65cba7d34f3c1ab96db4bac52f0b501f748532bd450b7803683d224df843275178d27535a6009e36cfd10bfa1fa4abc1dc5477e08cff848a8541a9f4fad0183a0b8425664b19a5454751d34469bd84e39b070908d6074e8d3106bb4cd09725ea87cb8bf5f084cf3e26d0d98a9437fe7b45778c04dbd2b9f53f21d45b0a46809ee37c9e56f7e90ecb194dc680cf5b7b260d5c84480ad24e04be52840ed4d0fcb57864c82fc86eb117f92daf893dae0797a228e541751b288f62fcf651c1b0d0d10ada0695d99a548cbb485cee7db108c33ddff788af332995a70ee77c55975d7908aaf2faa0ea8793e486893727decf916fd6a5fc20f597dff647c407033db5a43750753997cfbd62c6836f1dff6c0846e9f0a67ac5ae34f295b82e13bdab0807d96d9c2355f220df9cd415a24644a536457989b522d3a9cb59515f5cb200000000a312482c668d038b2b45fab218d49f62afb9ffebf320dcc12e0f37c0ee863cb4292d6046c1b2a6520de63fce58e8202ce36951c04be9f04cfbfc4e8eed11ca251c6b47d3665ed72ae56a7980364778fe0f79e938c63d22baabc68d1b0fd63fbca37c906a3cf2cea68fa31a0516d5a98b2c9034b85baacfdd7023c83f9aa3407a504a73ecf4a7a60820f8f1b1e3bfd94a1c636ed78eac35f3d56e2fd28a09213dc8dcf82d01bed6a60c14fdc1fca833934a92de3f41de3ee9e9ae3209977903109ace1d35862c0f9d603dbf76cc2fe940b612d34596876d1ff31d921e05935d2df4c8e53eee2f8796a6e3a83858b59e5ffc62be377217cab4218b055360ac524176abf85c6087c1d7c5136decca5a08fad845b7549c66822b3aaf23cc77f33a6a0a82083c05ad8e917bf43f42110dfac1e6e6726cbfc51be4755bde82f5aa61f2a1180f515e82b8c257f51bf33aaeee1e9cfdf74658f0e319d4d9644a997052fc2475c402de0c85748ef0304ba0f37246c6ab5398b8c923d462db73b12b015d75162180b98799d1a0b6fab8ff3d15e9b707552545a5eae7c89075b5893182a256e8735b57e55ac682ba553e8b4eb0167ec210e7ca7b057c282a1be9cebeb221975b7a5a4df159d76c9873ebe0112e1b2cf6dc44385e168e0b93b2ff6f469e3ac3464beb6d9a2242b57ce19b4426c9d13d257c77186784d7957d23383f95d1bd4852f703a8be06fb503d58b3e423f11b28e773cceef43f7e089bcc17aaa16e91596f12dd8611ff2d059a57af90d5bedc2a118448b670f84346bf8eb2eb4b18e6685e0a3b658d9f62eff918a222272cefda7c563ae3fb2adc0a21b4a8c5501ef09131e4295dd35c7b0e5fcf8c7d1f38d302b52361b823bacdb483c5b01ed2dca79b7327f1154a5e1b31baa1a9cc994b2d40de68e2cca278e6cc9c0489a510083b06224e298ca47d15cc320af6ecd0aa80b2cfd1ab21950715714948714d628d6db9fb527a23bd49ac0ccc4420ffa3683e4d289032b5f7c136478f61b2858451a96c776ac838e005d1a8b7d664e22e20e85726b4227a1acf161824abb4254d480799191da979d73d2ae3aa7be435e7c96408da31364486fdf0e4ff70624a5e2702b6f704a9521b03dd5b42e4da8aaf476b4258730d7e1e20232d76b52433ecd1f3f6c237e6f78ee92a67c60ba0ea78e2ca1c41ae7c5753837bff6b02ce7a6e668575b39b6bbc01a11d8fa0721f5818c9d7e839c5c45687b6be829c047059a3dd84be5f6666b14c48a8c208c22ccc9e8e82e694b0db6542908c99239f76fa3ecf59eeba404f5b3a3ec2b7f7c353ff26d7031a94817c8796eaa69754905d23a6a42893d4892d1a7ba36179941241d4d434644fea33ece11e0ee73ff54c0100dd546fa949ba4fc861ed414860f09b6d09b0c19db06e23c7cd621e6d609665d176d0ca810c07d5e052d06e623702d663c7c9aa01e8257f566654fe9349a3e70861c082347e289e5e6a8858ea5073787a53f9923b3c0768aa0f719245ca8882144df59356aff29550339b02bf719d7ff570114e6b0f2abcbd8d0c0d62a65cdc5e32cbdacdc500b477a890db2ee48ff3eaa255d95163a8dbe9c59d6d353941e1b1b288dbb56e4bc4f15b220e6e1372c24d84b461cd74d05fa9f80bd65bad53db1335fc99be4b22503d553ca92fbb4bcc66d4ba2693d1b56b2b655cf26a7d48e2449158bc2d7768def896f5ba321573c830255cc7894cf844faceff69129866eee970475c566435920812d9b0910b8e982e41bcbd5176eb333595fdf2caed71f8d6732bffea2954eb3894ff6c15593140e58445a276a3a10eea519b19e0af9990431dc21b2524a66f2b6032991f93ed0b25568a50b5ea76e9d4a5fae90a70d5c521e6ca635b741c0c3a52c648f628f9a96a6c74aab5d1c9c2ab695847b6e5bfe5868f8a2ff8e5e667e6a13888f1988e2541660dfc10124cfea45ca7003d7842b6f6a19a5983a37eabb8c90bf8b01914cb90f91dca33287cc9e3117f4f842337a5af1e78ab24045ac8ee9322729d664e3d53f60018db6cc779a3c1d03b14318ac53acc5930d92f3d726dcd82eb92dd9da1fb0d6940f5f33cbe65ae5578563685cd6c0daa1a27f0b2aa904377c271d4c5338c77f32ef007409ad4989f73d3318289d6fd9aaa7792c5476e7357b5ea8e40711fae7745946ca5db82223a97c1a5b654e789acd97700d1bc8a8db315aef2f16e64778211065810878e3a48728e6b94ede97ac533996f3a3e4ac1e7424afb0c42ced2a86713ca97e4da9c7133a88d8dcb1f3b37f5b7bca6a9147cd8ba7eb9bb23ac4f3a8b181d653ace3ba0ccd29580978601e9427b38b0aa682db49251b1f1bc09ef34d5968a0c28ba2a5b51c3399c2919868d747a26beccfd7e143fc121a22d16c06de3ba4ec01856fba08519f943ac701fd0cddddb213f22349cfe1fa42575678fa6ab93810a26370a3ab825d4be4f5383e81eaf40b72d1a87bcc38bc8f9d351206f778ff7505ca29c19d370c5b0d8688910b17913577df01041ce2e1ffde85d91242e7c2cfdf1acca66c23232708402776aa4bdfd4a9d7178dc6dac356ee67a445136266f44cb8a8af6c6ae14e0dadeacd4d8763bea189968eada7e1d03c32ea53716aa85a270d448b4b22fbcf3e2b6fad2939068b6d078da09878cd9ce734f65dead9958cb90fbb096b86a174afe406f6b5fb0be8d909b01d4bf5fbfa0a6ed11529e2df122854f6217bf02277613a2d453904ab297467b8172527abde206958d31424643e8693555c5cb24800729bca1f065c9a0b6a7b98e83921ea81e84137e1ce1e02adac69bc935da77625a1b1602e9294e122dc3ef4303ebd139a04e49714e1c462b0a9b3f9ad741e7c36ea8f2c9cb937ceac03eefc50fb639be0304ce69a2eb1e418cfa3ec04c56ffb9e437b5b7c1fd5db99f6abe2fb6f99fd0d36b926bb76097fabbb04cc6f033a33202daf4245f7826d819d50e024c689b73486d51d2dac5e0b6d6bfb138dbbe0b00a6dac1c950aea86fcd11e42bfd9e40702d13912e4066ff364438f3b371cb2d422eb5fcfc3f55ad6a14561eaec544aa5b85ae76c28171b8c0451bcbe473632bf4ad8920b244ec0e67306c4737a462ba0e6945e54b3b675ae29772e3edb41bdf08880242cc83e8ffecedfce60e0f4485dfa3b479f72c08832edb84e2595a56279e3fa586fcc0971991d442f34f5c868c681e640b4ad77fb45b3be8ed4b95c7246d62b9d4d6e6c84204f8081a54d998628af084695fad86e13c02163a8f4b29b07c6b73239e3680c73f80ae2fdbbf6cfb242e4cc75b62557f67e0d775f8e7dbcd5e1f26ef7b8966a14f27d637098a7bfc9d0554fb639bee707734bc7128d5bc2d4b4bb1f7628354d83734c6d0f3070add09e8046ce5f7cddba66079db4aee30d0b1f52f8afbd2fe634ad4b6b1d0211d019b29a8fa4d3266c5f2359fe0157574588b35645b4b9bf7ada3d9df83b6bef1802fb7dc2f58c9ee72b1d804b5fbe9d41eaef12040b7decccf10b2104ced7541f5ad7bd86820791d41ca7de9ac7cc6795bcfdee323e456ddc710bf7786b719ba15c8442db6d89bed883c1624a50b0e5ead037bc1385edb21324ca1b769609d0f840674f74705182c0c2a6e2e5de01ffd1969b3ad2559c4762697e4bca5bd2169d1ce017ff13f7f17aaa1061c7864b636ce5540454eb085b168ad2ad01a79e4b9146dac68983d97d092abea67710f4a713f6a45f71ec7f618d930b5248281df0e7b304f1a1a994ea296643272861d4a06c3c2409dbc2de354877b101ea891438e00a31d879b425c6af81ffa207ca104c54f03761dcd59c5593fdec744a22c7d10e7a1f9873635107bae83638b185f75c9f1270a79a57f07715e3fc2bc2fb2992a444bc1834f801ede021349a6c4bdb8a284236377d4a876278756209b9872c171d5e17d55a6a5560f9d0c2b8a5bfa1b45afc35165dffbc5aa55b8a85e5b4a6dc86d1749610c73c53503c9be85a51e7b7c170d09b7c4cbee1719fa27553c6d24a4ddbc1e2ca4526247a5021cc716001448071174887cb2d699a87ee4f96bd4eb439eecb94b9025303a0ca495181caf4008277727813e7e05dad48ab305bb4aa7adfb2feeae57cb4dd854db47efb3cdaa8f8be7a472b8511915e21613624e4689452bf20e08f91f8363bc68528617906d11ec1fca0c0224a9fdb920f5322a071d006254587180694836d0749b396d77e9ab5b3352f0e9ba8ae8b3e24a337e1f6953d2da2c765e9c4de318bfb89e061ee36adb397a4c7e217e8128d6c9fb76e5dbb93dadcc5dc5060e3b19bdf501b10de61afc0a46d9a0419d03b277ecaf4119ec9c75679f81bda9ea375b2dbc5d5a451e8b775f388919ea3f9546b6d90a721a5f712a92e571d83ee82fe196e3d3d202e77f73bba04111fb2f29586479a27e30bb29104b3f2b6117a05fd5bfa28a057a3399461aadf1a96b476286ae5bfe78b9bfc50f9b6f6f8756aa110443b811e5db48c017afdd14071b4274703998ecadd5367b5e8d6696b23868c3b7e8328cc6057c579b6b385cb87ed1eb10e6386dfffb49827f998763499af43ba8a487674174785c6ba74c76387781216686981dba4c8664dcab4d6c8a385c204de655d000008b76a122f7469c7aaa2abdb3ca99b78b5f4d1ae102982d2f1dcdbbf6917d0eb0bd4b871502040fb6e3dec37fe04401c51b48761de9ec10f36f63d638e2880937c842a8905c9ec82bbce4958d0ab91a4e65708502327b469373bc61f11046e6670acd3684eed59d9a756aed62b01f2726c1f5187e1efed47243a1b18f7bb9656fa14b", @ANYRES16, @ANYRESHEX, @ANYBLOB="2c6e6f626172726965722c00cd2c1a77bebe1941eb51308a0e1eefab7e5e16b355"], 0x1, 0x6bd, &(0x7f0000000cc0)="$eJzs3U+IXVcdB/DvfZm8mRchnf5LowgZGijaYDKTR00EoVFEsggSdNPtkEyaIZO0TKaSFjEvahVcuZIuXFQkLroSEaGuxLoWBDeusg+4c5GFOnL/vJk3b14mM51k3rT9fODOPfeee8753R/3z3v3JdwAn1nnX8vBXoqcP3HhVrl872536d7d7vV+OclkklYyUc9SdJLio+Rc6imfL1c23RUPG+eV+x8WE+990K2XJpqp2r61VbtNRm7ZS6bWFg4kmamL/9lGh63R/VVT1c+l9f4a7W1HWyvW4i4TdryfOBi31U1665WjTo2Ntn/eAvvW7fq+ucl0cij13bX8HJDm6vDoK8P4bXlt6u1dHAAAAPCkjPwuP+ipB3mQWzm8N+EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAp0NRvzOwaKZWvzyTov/+//bAO/XbYw53l969Us2++9S4AwEAAAAAAACAXTn2IA9yK4f7y6tF9Zv/i9XCc9Xfz+Wt3MxClnMytzKflaxkOXNJpgc6at+aX1lZntvc8pcpW66urt5uWp4e2fL0xrh6w4GO+pcGmzYCAAAAAAAAgM+sH+X8+u//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHxTJgXpWTc/1y9NpTSSZStIuZtY2b4812Mfgz+MOAAAAAJ68TjM/XPyvLqwW1Xf+I9X3/qm8lRtZyWJWspSFXK6eBdTf+lt/73WX7t3tXi+nzR1/4187iqPqMfWzh9Ejz1ZbPL/W4ny+ne/lRGZyMctZzPczn5UsZCbfqkrzKTLdPL2Yvne3k36sm+M9t2Hp4nBsxwbKZXxHq0g6uZLFKraTudTuh95qtjs6MNof28nQiHfK7BSvNraZo8vNvNyjXzTz/WG62vODaxmZbXJfZuPpwbxvzv0Oj5PhkebSWnsG9dz6KOXi8EgfK+eHmnmZ658+2Zzv8FHaxkz0fl4u9Y++I1vnPPnyP/5y8WrrxrWrV26e2D+H0cc0fEx0BzLxwrYysVRmoreLTEztJv7Hp91ko76K7uxq+WLV9nAW8528kctZyJnMZi5nM5uv5XS6OT2Q1+e3zmt1rrV2dq4d/1JTKO9JPxu4N+2ZyYdVlHl9eiCvg1e66apucM16lp7ZRpaKdkZn6Z8jQ7nzhaZQjvHjgTvO+A1nYm4gE89unYlf/3c1yc2lG9eWr86/uc3xXmrm5Wn77sZr828eyw7tXLO75fHyTJKJ1LeNwaOjrHu2XzeUr3bzi8tE09mGunaq87mue9SZWvZ05M6onuq6F0aO0q3qjg7UbfiUkzeytPYppLHnJykA23Do5UPtzv3O3zrvd37Sudq5MPXNybOTX2zn4F8n/nTgd63ftr5evJz388McHnekAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwaXDz7XeuzS8tLSwPFg5keM1YCmk95g7vjKzqp6Je0x6xzbHscvSpJGNO5qMLad6ltKt+Jrdq/vskWzRvj2PfO0nGnfmqkIk9GGsyI6ourK3pJK21eJJc2ycvuAOehFMr1988dfPtd76yeH3+9YXXF26cPnvm1TPdr87dPnVlcWlhtv477iiBJ2Hjxz8AAAAAAAAAAADgk2Cv/mPJkKI3hn0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpnOv5aDvRSZmz05Wy7fu9tdKqd+eX3LiSStJMUPkuKj5FzqKdMD3RUPG+eV+x/+6qX3Puiu9zXR37411O4P/15d3eFe9JopM0kONPNHm9xWf5cG+uvtMLBasbaHZcKO9xMH4/b/AAAA//9tywGy") mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) rename(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 94.000811ms ago: executing program 0 (id=3330): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[], 0x74}}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x6, &(0x7f0000000140)={0x7d, {{0x29, 0x0, 0x8000000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x5}}}, 0x88) 9.127774ms ago: executing program 2 (id=3331): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x3e, &(0x7f00000000c0)=0xb8, 0x4) sendmmsg$inet(r0, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014) 0s ago: executing program 1 (id=3332): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000003e00)={0x0, 0x0, &(0x7f0000003dc0)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000090000000a20000000000a05140000000000000000010000000900010073797a300000000058000000160a09000900000000000000010000000900010073797a30000000000900020073797a32000000002c00038018000380140001006d6163736563300000000000000000000800024000000000080001400000000014000000110001"], 0xa0}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x201}], {0x14}}, 0x3c}, 0x1, 0x1200}, 0x0) kernel console output (not intermixed with test programs): 65][T10499] batadv_slave_0: entered allmulticast mode [ 704.761018][ T30] audit: type=1326 audit(1751144102.199:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f139f58e929 code=0x7ffc0000 [ 704.866963][ T30] audit: type=1326 audit(1751144102.279:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f139f58e929 code=0x7ffc0000 [ 704.890138][ T30] audit: type=1326 audit(1751144102.279:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f139f58e963 code=0x7ffc0000 [ 704.913412][ T30] audit: type=1326 audit(1751144102.279:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f139f58d3df code=0x7ffc0000 [ 704.940821][ T30] audit: type=1326 audit(1751144102.309:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f139f58e9b7 code=0x7ffc0000 [ 704.990181][T10503] loop4: detected capacity change from 0 to 512 [ 705.063997][T10506] loop3: detected capacity change from 0 to 256 [ 705.101746][T10503] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 705.257018][ T30] audit: type=1326 audit(1751144102.449:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f139f58d290 code=0x7ffc0000 [ 705.281267][ T30] audit: type=1326 audit(1751144102.449:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f139f58e52b code=0x7ffc0000 [ 705.304449][ T30] audit: type=1326 audit(1751144102.489:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f139f58d58a code=0x7ffc0000 [ 705.327611][ T30] audit: type=1326 audit(1751144102.489:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f139f58d58a code=0x7ffc0000 [ 705.355376][ T30] audit: type=1326 audit(1751144102.489:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f139f58d197 code=0x7ffc0000 [ 705.458149][T10503] EXT4-fs (loop4): 1 truncate cleaned up [ 705.467125][T10503] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 705.553492][T10514] loop1: detected capacity change from 0 to 512 [ 705.620423][T10514] EXT4-fs (loop1): too many log groups per flexible block group [ 705.629683][T10514] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 705.637158][T10514] EXT4-fs (loop1): mount failed [ 706.287933][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 706.372312][T10522] loop3: detected capacity change from 0 to 1024 [ 706.444753][T10522] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 706.497255][T10522] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 706.564113][T10522] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 706.733452][T10522] EXT4-fs (loop3): orphan cleanup on readonly fs [ 706.828990][T10522] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.2003: Freeing blocks not in datazone - block = 0, count = 4096 [ 707.016970][T10522] EXT4-fs (loop3): Remounting filesystem read-only [ 707.024065][T10522] EXT4-fs (loop3): 1 orphan inode deleted [ 707.033754][T10522] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 707.564409][T10526] loop0: detected capacity change from 0 to 32768 [ 707.611334][T10526] bcachefs (/dev/loop0): error validating superblock: Not a bcachefs superblock layout [ 707.623315][T10526] bcachefs: bch2_fs_get_tree() error: invalid_sb_layout [ 708.119599][ T5808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 708.709197][T10540] loop4: detected capacity change from 0 to 2048 [ 708.931315][T10540] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 709.619708][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 710.007052][ T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 710.206862][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 710.291792][ T9] usb 2-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 710.302030][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 710.310810][ T9] usb 2-1: Product: syz [ 710.315260][ T9] usb 2-1: Manufacturer: syz [ 710.320286][ T9] usb 2-1: SerialNumber: syz [ 710.340621][ T9] usb 2-1: config 0 descriptor?? [ 710.616021][T10569] loop4: detected capacity change from 0 to 8192 [ 710.709916][T10569] loop4: p1 p2 < > p3 p4 < p5 > [ 710.715868][T10569] loop4: partition table partially beyond EOD, truncated [ 710.724412][T10569] loop4: p1 size 100663296 extends beyond EOD, truncated [ 710.788838][T10569] loop4: p2 start 591104 is beyond EOD, truncated [ 710.796017][T10569] loop4: p3 start 33572980 is beyond EOD, truncated [ 710.806249][T10569] loop4: p5 size 100663296 extends beyond EOD, truncated [ 711.043628][T10566] loop2: detected capacity change from 0 to 2048 [ 711.214106][T10566] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 711.623570][T10566] EXT4-fs: Ignoring removed orlov option [ 711.630575][T10566] EXT4-fs: can't change dax mount option while remounting [ 711.674472][T10570] loop0: detected capacity change from 0 to 32768 [ 711.685882][ T9] peak_usb 2-1:0.0 can0: unable to request usb[type=2 value=5] err=-71 [ 711.703518][T10570] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2018 (10570) [ 711.744994][T10570] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 711.755796][T10570] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm [ 711.767964][T10570] BTRFS error (device loop0): ignoresuperflags must be used with ro mount option [ 711.787365][T10570] BTRFS info (device loop0): using free-space-tree [ 711.802582][T10570] BTRFS error (device loop0): open_ctree failed: -22 [ 712.339065][ T9] peak_usb 2-1:0.0: probe with driver peak_usb failed with error -71 [ 712.360058][ T9] usb 2-1: USB disconnect, device number 8 [ 712.939958][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 714.028334][T10598] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2029'. [ 714.037877][T10598] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2029'. [ 714.195728][T10600] loop1: detected capacity change from 0 to 64 [ 714.272089][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 714.272177][ T30] audit: type=1800 audit(1751144111.729:651): pid=10600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2030" name="file1" dev="loop1" ino=18 res=0 errno=0 [ 714.511939][T10606] loop4: detected capacity change from 0 to 256 [ 714.625752][T10608] loop3: detected capacity change from 0 to 256 [ 714.690182][T10608] exfat: Deprecated parameter 'utf8' [ 714.816945][T10608] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 714.950423][T10606] FAT-fs (loop4): Directory bread(block 64) failed [ 714.957496][T10606] FAT-fs (loop4): Directory bread(block 65) failed [ 714.970493][T10606] FAT-fs (loop4): Directory bread(block 66) failed [ 714.979415][T10606] FAT-fs (loop4): Directory bread(block 67) failed [ 714.986952][T10606] FAT-fs (loop4): Directory bread(block 68) failed [ 714.993787][T10606] FAT-fs (loop4): Directory bread(block 69) failed [ 715.001147][T10606] FAT-fs (loop4): Directory bread(block 70) failed [ 715.010805][T10606] FAT-fs (loop4): Directory bread(block 71) failed [ 715.018120][T10606] FAT-fs (loop4): Directory bread(block 72) failed [ 715.024967][T10606] FAT-fs (loop4): Directory bread(block 73) failed [ 716.391300][T10620] loop3: detected capacity change from 0 to 4096 [ 716.543962][T10620] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 717.059423][ T5808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 718.304235][T10660] loop4: detected capacity change from 0 to 1024 [ 718.730499][T10652] loop1: detected capacity change from 0 to 32768 [ 718.740251][T10652] btrfs: Deprecated parameter 'usebackuproot' [ 718.746852][T10652] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 718.809004][T10652] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2048 (10652) [ 718.837430][T10652] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 718.848344][T10652] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm [ 718.865580][T10652] BTRFS info (device loop1): disk space caching is enabled [ 718.873385][T10652] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 718.998007][ T30] audit: type=1800 audit(1751144116.449:652): pid=10660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2049" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 719.204128][T10652] BTRFS info (device loop1): rebuilding free space tree [ 719.238759][T10652] BTRFS info (device loop1): disabling free space tree [ 719.250897][T10652] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 719.261763][T10652] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 719.551116][ T5794] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 720.117933][T10690] RDS: rds_bind could not find a transport for ::4000:0:20:0, load rds_tcp or rds_rdma? [ 721.240004][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 723.085002][T10729] loop3: detected capacity change from 0 to 2048 [ 723.237109][T10729] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 723.247513][T10729] NILFS (loop3): mounting unchecked fs [ 723.307134][T10735] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2071'. [ 723.427804][T10729] NILFS (loop3): recovery complete [ 723.449483][T10736] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 724.894011][T10742] loop4: detected capacity change from 0 to 32768 [ 725.008599][T10742] bcachefs (/dev/loop4): error validating superblock: Invalid superblock: optional field with size 0 (type 1) [ 725.024345][T10742] bcachefs: bch2_fs_get_tree() error: invalid_sb_field_size [ 725.550682][T10758] macsec1: entered promiscuous mode [ 725.556600][T10758] macsec1: entered allmulticast mode [ 726.131563][ T30] audit: type=1326 audit(1751144123.579:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10762 comm="syz.3.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 726.244994][ T30] audit: type=1326 audit(1751144123.619:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10762 comm="syz.3.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 726.268592][ T30] audit: type=1326 audit(1751144123.619:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10762 comm="syz.3.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 726.292731][ T30] audit: type=1326 audit(1751144123.629:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10762 comm="syz.3.2077" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 727.147458][T10767] loop4: detected capacity change from 0 to 32768 [ 727.915356][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid device 255,noinodes_use_key_cache,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names [ 727.915583][T10767] allowing incompatible features above 0.0: (unknown version) [ 727.915677][T10767] features: lz4 [ 727.915748][T10767] with devices loop4 [ 727.962390][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 727.978893][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem [ 728.005619][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write [ 728.065611][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks [ 728.145076][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace [ 728.198896][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace [ 728.240308][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table [ 728.249719][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done [ 728.372846][T10767] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem [ 728.553065][T10793] loop2: detected capacity change from 0 to 1024 [ 728.795887][T10767] syz.4.2083 (10767) used greatest stack depth: 1216 bytes left [ 728.862944][ T5803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down [ 728.871379][ T5803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only [ 728.880015][ T5803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop [ 728.938513][ T5803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 3 [ 729.124180][T10798] loop1: detected capacity change from 0 to 1024 [ 729.146280][T10798] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 729.219348][T10798] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.2091: Invalid block bitmap block 0 in block_group 0 [ 729.239987][T10798] EXT4-fs (loop1): Remounting filesystem read-only [ 729.247528][T10798] Quota error (device loop1): write_blk: dquota write failed [ 729.255514][T10798] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 729.266289][T10798] EXT4-fs (loop1): 1 orphan inode deleted [ 729.275664][T10798] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 729.275811][ T5803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 3 [ 729.373750][ T5803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 4 [ 729.470912][ T5803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean [ 729.503589][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 729.684950][ T5803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 729.820965][T10809] cifs: Unknown parameter 'h}#úä [ 729.820965][T10809] Ü[—Íñ¦bšÿÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 729.820965][T10809] SÃȘØÈžZ§6ŸÂ' [ 730.657145][ T30] audit: type=1326 audit(1751144128.109:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10814 comm="syz.3.2097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 730.741644][ T30] audit: type=1326 audit(1751144128.159:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10814 comm="syz.3.2097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 730.764772][ T30] audit: type=1326 audit(1751144128.159:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10814 comm="syz.3.2097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 730.788181][ T30] audit: type=1326 audit(1751144128.159:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10814 comm="syz.3.2097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 731.149491][T10825] loop3: detected capacity change from 0 to 16 [ 731.195690][T10825] erofs (device loop3): mounted with root inode @ nid 36. [ 731.267928][T10825] erofs (device loop3): bogus lookback distance 0 @ lcn 1 of nid 89 [ 731.276991][T10825] erofs (device loop3): readahead error at folio 0 @ nid 89 [ 731.317742][T10825] erofs (device loop3): bogus lookback distance 0 @ lcn 1 of nid 89 [ 731.327325][T10825] erofs (device loop3): read error -117 @ 0 of nid 89 [ 731.376692][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 731.376781][ T30] audit: type=1800 audit(1751144128.789:664): pid=10825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2101" name="file2" dev="loop3" ino=89 res=0 errno=0 [ 732.131182][T10836] ipt_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 732.881426][T10844] netlink: 1268 bytes leftover after parsing attributes in process `syz.1.2110'. [ 732.897398][T10844] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 735.554125][T10876] loop0: detected capacity change from 0 to 512 [ 735.810508][T10876] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 735.824364][T10876] ext4 filesystem being mounted at /431/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 736.149096][T10887] loop1: detected capacity change from 0 to 1764 [ 736.176716][ T30] audit: type=1400 audit(1751144133.629:665): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=2626207DFF2B7FFDF1F77FF9D5F77FF7F9DB7F9EFBFBB5EFA6CD1ACBD6EDCDA317BB3D6ED74EBDD0FA5974E42362F338C1CEB0A12C9FC2A01B02 pid=10875 comm="syz.0.2124" [ 736.178982][T10889] loop3: detected capacity change from 0 to 128 [ 736.292079][T10889] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 736.359715][T10889] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 736.634236][T10889] overlayfs: failed to create directory ./file0/work (errno: 28); mounting read-only [ 736.645103][T10889] overlayfs: failed to get uuid (/bus, err=-95); falling back to uuid=null. [ 736.752802][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 737.370222][T10895] loop3: detected capacity change from 0 to 1024 [ 737.543051][ T30] audit: type=1800 audit(1751144134.999:666): pid=10895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2133" name="bus" dev="loop3" ino=26 res=0 errno=0 [ 737.556275][T10898] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2132'. [ 737.740765][T10900] loop2: detected capacity change from 0 to 1024 [ 737.852263][ T3457] hfsplus: b-tree write err: -5, ino 4 [ 738.274030][T10904] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2137'. [ 738.288714][T10904] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2137'. [ 738.921645][T10915] loop3: detected capacity change from 0 to 256 [ 739.007263][T10915] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 739.022695][T10915] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 739.259291][T10915] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 740.009350][T10928] CIFS mount error: No usable UNC path provided in device string! [ 740.009350][T10928] [ 740.020154][T10928] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 740.301946][T10935] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2149'. [ 742.253650][T10958] loop2: detected capacity change from 0 to 512 [ 742.314903][T10958] EXT4-fs: Ignoring removed nomblk_io_submit option [ 742.475065][T10958] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 742.483902][T10958] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102] [ 742.597869][T10958] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80) [ 742.618987][T10958] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features [ 742.632896][T10958] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 743.179888][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 743.706988][T10977] loop2: detected capacity change from 0 to 128 [ 743.838260][T10977] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 744.215411][T10981] program syz.4.2169 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 745.285394][T10993] loop4: detected capacity change from 0 to 512 [ 745.419864][T10993] EXT4-fs warning (device loop4): dx_probe:861: inode #2: comm syz.4.2175: dx entry: limit 0 != root limit 125 [ 745.420060][T10993] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.2175: Corrupt directory, running e2fsck is recommended [ 745.420943][T10993] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 745.427833][T10993] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.2175: corrupted in-inode xattr: invalid ea_ino [ 745.431005][T10993] EXT4-fs (loop4): Remounting filesystem read-only [ 745.433821][T10993] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 745.550655][T10993] EXT4-fs warning (device loop4): dx_probe:861: inode #2: comm syz.4.2175: dx entry: limit 0 != root limit 125 [ 745.550851][T10993] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.2175: Corrupt directory, running e2fsck is recommended [ 745.899617][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 746.659284][T11002] loop1: detected capacity change from 0 to 4096 [ 746.978004][T11002] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 747.266788][T11014] loop2: detected capacity change from 0 to 256 [ 747.277891][T11014] exfat: Deprecated parameter 'utf8' [ 747.398456][T11014] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 748.019847][ T5801] Bluetooth: hci1: unexpected event for opcode 0x0c7b [ 748.157292][T11019] loop1: detected capacity change from 0 to 1024 [ 748.389001][T11026] loop3: detected capacity change from 0 to 128 [ 748.503368][T11026] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 748.607604][T11026] ext4 filesystem being mounted at /444/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 748.737714][ T1096] hfsplus: b-tree write err: -5, ino 4 [ 749.120599][ T5808] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 749.642717][T11042] loop4: detected capacity change from 0 to 512 [ 749.719906][T11042] EXT4-fs: Ignoring removed orlov option [ 749.726865][T11042] EXT4-fs: Ignoring removed nomblk_io_submit option [ 749.808981][T11042] EXT4-fs error (device loop4): ext4_init_orphan_info:585: comm syz.4.2197: inode #0: comm syz.4.2197: iget: illegal inode # [ 749.895789][T11042] EXT4-fs (loop4): Remounting filesystem read-only [ 749.903040][T11042] EXT4-fs (loop4): get orphan inode failed [ 749.943668][T11042] EXT4-fs (loop4): mount failed [ 752.057471][ T5801] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 752.057693][ T5801] Bluetooth: hci1: Injecting HCI hardware error event [ 752.058379][ T5801] Bluetooth: hci1: hardware error 0x00 [ 752.318603][T11081] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 752.319750][T11081] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 752.330911][T11082] loop0: detected capacity change from 0 to 47 [ 754.052064][ T30] audit: type=1326 audit(1751144151.399:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.2.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbefd8e929 code=0x7ffc0000 [ 754.052363][ T30] audit: type=1326 audit(1751144151.399:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.2.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbefd8e929 code=0x7ffc0000 [ 754.052643][ T30] audit: type=1326 audit(1751144151.469:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.2.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7fdbefd8e929 code=0x7ffc0000 [ 754.052912][ T30] audit: type=1326 audit(1751144151.469:670): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.2.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbefd8e929 code=0x7ffc0000 [ 754.055553][ T30] audit: type=1326 audit(1751144151.469:671): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.2.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbefd8e929 code=0x7ffc0000 [ 754.055828][ T30] audit: type=1326 audit(1751144151.469:672): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.2.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7fdbefd8e929 code=0x7ffc0000 [ 754.056100][ T30] audit: type=1326 audit(1751144151.469:673): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.2.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbefd8e929 code=0x7ffc0000 [ 754.056905][ T30] audit: type=1326 audit(1751144151.469:674): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=11100 comm="syz.2.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbefd8e929 code=0x7ffc0000 [ 754.157272][ T5801] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 754.674092][T11099] loop1: detected capacity change from 0 to 32768 [ 754.888391][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid device 255,noinodes_use_key_cache,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names [ 754.888613][T11099] allowing incompatible features above 0.0: (unknown version) [ 754.888705][T11099] features: lz4 [ 754.888779][T11099] with devices loop1 [ 754.888909][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 754.889101][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem [ 754.911243][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write [ 754.959386][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks [ 755.029783][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace [ 755.059257][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace [ 755.379386][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table [ 755.379726][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done [ 755.508142][T11099] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem [ 755.595033][T11120] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.2228' resets device [ 756.035530][ T5794] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down [ 756.035635][ T5794] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only [ 756.035776][ T5794] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop [ 756.051594][ T5794] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 3 [ 756.231183][ T5794] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 3 [ 756.256248][ T5794] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 4 [ 756.259049][ T5794] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean [ 756.394171][ T5794] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 756.762519][T11128] loop4: detected capacity change from 0 to 128 [ 757.011465][T11128] EXT4-fs (loop4): Test dummy encryption mode enabled [ 757.099254][T11128] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 757.104794][T11128] ext4 filesystem being mounted at /452/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 757.885073][T11128] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 757.932599][T11128] EXT4-fs (loop4): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09 ro. [ 758.410506][ T5803] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 758.930910][T11140] loop2: detected capacity change from 0 to 32768 [ 758.941271][T11140] btrfs: Deprecated parameter 'usebackuproot' [ 758.947854][T11140] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 759.004980][T11140] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2236 (11140) [ 759.047143][T11140] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 759.057940][T11140] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm [ 759.067594][T11140] BTRFS info (device loop2): disk space caching is enabled [ 759.075193][T11140] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 759.335554][T11140] BTRFS info (device loop2): rebuilding free space tree [ 759.378792][T11140] BTRFS info (device loop2): disabling free space tree [ 759.386207][T11140] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 759.397331][T11140] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 759.763962][ T5804] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 760.036998][ T24] kernel write not supported for file /amidi2 (pid: 24 comm: kworker/1:0) [ 760.825294][T11175] macvtap1: entered promiscuous mode [ 760.831129][T11175] vlan0: entered promiscuous mode [ 760.905971][T11175] vlan0: left promiscuous mode [ 761.037996][T11173] tipc: Enabling of bearer rejected, failed to enable media [ 762.270804][T11179] loop3: detected capacity change from 0 to 4096 [ 762.605672][T11190] netlink: 'syz.4.2252': attribute type 4 has an invalid length. [ 762.614643][T11190] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2252'. [ 763.290933][T11187] loop2: detected capacity change from 0 to 32768 [ 763.308194][T11187] ocfs2: Bad value for 'commit' [ 764.409556][T11203] loop4: detected capacity change from 0 to 512 [ 764.468740][T11203] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 764.548124][T11203] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.2259: bad orphan inode 131083 [ 764.667218][T11203] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 764.988336][T11213] loop1: detected capacity change from 0 to 128 [ 765.048383][T11213] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 765.113086][T11213] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 765.569486][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 766.444471][T11231] netlink: 'syz.3.2269': attribute type 2 has an invalid length. [ 767.770670][T11246] loop2: detected capacity change from 0 to 64 [ 768.140729][T11253] sp0: Synchronizing with TNC [ 768.668587][T11257] loop4: detected capacity change from 0 to 256 [ 769.043512][T11257] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 769.308953][T11250] loop1: detected capacity change from 0 to 32768 [ 769.370746][T11250] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 769.379454][T11250] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 769.402637][T11250] gfs2: fsid=syz:syz.s: fatal: filesystem consistency error - inode = 1 19, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 399 [ 769.421806][T11250] gfs2: fsid=syz:syz.s: G: s:SH n:2/13 f:aqobnN t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 769.427336][T11261] loop3: detected capacity change from 0 to 2048 [ 769.431598][T11250] gfs2: fsid=syz:syz.s: H: s:SH f:eEcH e:0 p:11250 [syz.1.2278] init_journal+0x332e/0x3a30 [ 769.456277][T11250] gfs2: fsid=syz:syz.s: I: n:1/19 t:8 f:0x00 d:0x00000000 s:0 p:0 [ 769.464891][T11250] gfs2: fsid=syz:syz.s: about to withdraw this file system [ 769.472678][T11250] gfs2: fsid=syz:syz.s: Journal recovery skipped for jid 0 until next mount. [ 769.481852][T11250] gfs2: fsid=syz:syz.s: Glock dequeues delayed: 0 [ 769.489076][T11250] gfs2: fsid=syz:syz.s: File system withdrawn [ 769.495463][T11250] CPU: 1 UID: 0 PID: 11250 Comm: syz.1.2278 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(undef) [ 769.495639][T11250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 769.495738][T11250] Call Trace: [ 769.495800][T11250] [ 769.495857][T11250] __dump_stack+0x26/0x30 [ 769.496059][T11250] dump_stack_lvl+0x1df/0x270 [ 769.496276][T11250] dump_stack+0x1e/0x25 [ 769.496459][T11250] gfs2_withdraw+0x1d26/0x22e0 [ 769.496751][T11250] gfs2_consist_inode_i+0x1b2/0x250 [ 769.496930][T11250] inode_go_instantiate+0x12a7/0x1cf0 [ 769.497220][T11250] ? __pfx_inode_go_instantiate+0x10/0x10 [ 769.497463][T11250] gfs2_instantiate+0x24f/0x4b0 [ 769.497650][T11250] gfs2_glock_wait+0x26a/0x3b0 [ 769.497840][T11250] gfs2_glock_nq+0x28cf/0x34a0 [ 769.498079][T11250] check_journal_clean+0xc1/0x4c0 [ 769.498321][T11250] ? init_journal+0x332e/0x3a30 [ 769.498475][T11250] ? kmsan_get_metadata+0xfb/0x160 [ 769.498698][T11250] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 769.498938][T11250] init_journal+0x332e/0x3a30 [ 769.499137][T11250] ? init_inodes+0x124/0x510 [ 769.499300][T11250] ? init_inodes+0x124/0x510 [ 769.499454][T11250] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 769.499694][T11250] init_inodes+0x124/0x510 [ 769.499861][T11250] gfs2_fill_super+0x384a/0x3f50 [ 769.500031][T11250] ? init_locking+0xed/0x500 [ 769.500247][T11250] get_tree_bdev_flags+0x6e6/0x920 [ 769.500479][T11250] ? __pfx_gfs2_fill_super+0x10/0x10 [ 769.500645][T11250] ? __pfx_gfs2_fill_super+0x10/0x10 [ 769.500799][T11250] ? __pfx_gfs2_get_tree+0x10/0x10 [ 769.500960][T11250] get_tree_bdev+0x38/0x50 [ 769.501173][T11250] gfs2_get_tree+0x57/0x350 [ 769.501343][T11250] ? __pfx_gfs2_get_tree+0x10/0x10 [ 769.501502][T11250] vfs_get_tree+0xb3/0x5c0 [ 769.501719][T11250] ? mount_capable+0x99/0x100 [ 769.501918][T11250] do_new_mount+0x738/0x1610 [ 769.502135][T11250] ? kmsan_get_metadata+0xfb/0x160 [ 769.502364][T11250] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 769.502622][T11250] path_mount+0x6db/0x1e90 [ 769.502847][T11250] ? user_path_at+0x32d/0x3d0 [ 769.503054][T11250] __se_sys_mount+0x6eb/0x7d0 [ 769.503288][T11250] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 769.503526][T11250] __x64_sys_mount+0xe4/0x150 [ 769.503769][T11250] x64_sys_call+0xfa7/0x3db0 [ 769.503979][T11250] do_syscall_64+0xd9/0x210 [ 769.504143][T11250] ? irqentry_exit+0x16/0x60 [ 769.504361][T11250] ? clear_bhb_loop+0x40/0x90 [ 769.504539][T11250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 769.504712][T11250] RIP: 0033:0x7fba549900ca [ 769.504836][T11250] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 769.504980][T11250] RSP: 002b:00007fba558c8e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 769.505135][T11250] RAX: ffffffffffffffda RBX: 00007fba558c8ef0 RCX: 00007fba549900ca [ 769.505261][T11250] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fba558c8eb0 [ 769.505377][T11250] RBP: 0000200000000400 R08: 00007fba558c8ef0 R09: 0000000000200001 [ 769.505485][T11250] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500 [ 769.505590][T11250] R13: 00007fba558c8eb0 R14: 00000000000125bb R15: 0000200000000180 [ 769.505738][T11250] [ 769.838353][T11250] gfs2: fsid=syz:syz.s: Error -5 locking journal for spectator mount. [ 769.933295][T11261] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 770.108556][T11264] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 771.377944][T11277] loop3: detected capacity change from 0 to 128 [ 774.791948][T11309] loop2: detected capacity change from 0 to 32768 [ 775.049982][T11309] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=xxhash,data_checksum=xxhash,compression=lz4,str_hash=crc64,norecovery,reconstruct_alloc [ 775.050146][T11309] allowing incompatible features above 0.0: (unknown version) [ 775.050251][T11309] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 775.097960][T11309] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0 [ 775.107585][T11309] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 775.116812][T11309] bcachefs (loop2): Version upgrade from 1.19: autofix_errors to 1.7: mi_btree_bitmap incomplete [ 775.116812][T11309] Doing compatible version upgrade from 1.19: autofix_errors to 1.28: inode_has_case_insensitive [ 775.116812][T11309] running recovery passes: check_extents_to_backpointers,check_inodes [ 775.148812][T11309] bcachefs (loop2): dropping and reconstructing all alloc info [ 775.262501][T11309] bcachefs (loop2): error reading btree root btree=dirents level=0: btree_node_read_error, fixing [ 775.307589][T11327] loop4: detected capacity change from 0 to 512 [ 775.325288][T11327] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 775.333538][T11327] UDF-fs: Scanning with blocksize 512 failed [ 775.348835][T11309] bcachefs (loop2): btree node read error at btree xattrs level 0/0 [ 775.348959][T11309] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0 [ 775.349086][T11309] loop2 node offset 0/16: got wrong btree node: got [ 775.349182][T11309] btree=xattrs level=0 seq ded0abe32 1 [ 775.349262][T11309] min: POS_MIN [ 775.349330][T11309] max: SPOS_MAX [ 775.349399][T11309] flagging btree xattrs lost data [ 775.349480][T11309] ret btree_node_read_validate_error [ 775.412402][T11309] bcachefs (loop2): error reading btree root btree=xattrs level=0: btree_node_read_error, fixing [ 775.424522][T11327] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 775.433251][T11327] UDF-fs: Scanning with blocksize 1024 failed [ 775.503551][T11327] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 775.512302][T11327] UDF-fs: Scanning with blocksize 2048 failed [ 775.540651][T11309] bcachefs (loop2): check_topology... [ 775.541785][T11309] bcachefs (loop2): btree root dirents unreadable, must recover from scan [ 775.557169][T11309] bcachefs (loop2): running recovery pass scan_for_btree_nodes (1), currently at check_topology (2) - rewinding [ 775.569837][T11309] bcachefs (loop2): bch2_check_root(): error restart_recovery [ 775.577780][T11309] bcachefs (loop2): scan_for_btree_nodes... [ 775.582519][T11327] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 775.659453][T11309] bcachefs (loop2): btree node scan found 3 nodes after overwrites [ 775.671825][T11309] done [ 775.674896][T11309] bcachefs (loop2): check_topology... [ 775.676022][T11309] bcachefs (loop2): btree root dirents unreadable, must recover from scan [ 775.697440][T11309] bcachefs (loop2): no nodes found for btree dirents, continuing [ 775.706066][T11309] bcachefs (loop2): btree root xattrs unreadable, must recover from scan [ 775.717628][T11309] bcachefs (loop2): bch2_get_scanned_nodes(): recovery btree=xattrs level=0 POS_MIN - SPOS_MAX [ 775.729414][T11309] bcachefs (loop2): bch2_get_scanned_nodes(): recovering u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ded0abe32 written 8 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0 [ 775.788455][T11309] done [ 775.796887][T11309] bcachefs (loop2): accounting_read... done [ 775.809488][T11309] bcachefs (loop2): alloc_read... done [ 775.818267][T11309] bcachefs (loop2): snapshots_read... done [ 775.827744][T11309] bcachefs (loop2): Fixed errors, running fsck a second time to verify fs is clean [ 775.840038][T11309] bcachefs (loop2): done starting filesystem [ 775.948494][T11327] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 776.116978][ T5804] bcachefs (loop2): shutting down [ 776.377773][T11076] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 776.387036][T11076] Bluetooth: hci2: Injecting HCI hardware error event [ 776.413926][ T5804] bcachefs (loop2): shutdown complete [ 776.428853][T11076] Bluetooth: hci2: hardware error 0x00 [ 777.050682][T11334] loop0: detected capacity change from 0 to 32768 [ 777.062468][T11334] XFS (loop0): invalid log iosize: -1 [not 12-30] [ 777.079335][ T24] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 777.406926][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 777.419209][ T24] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 777.436755][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64 [ 777.746654][ T24] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 777.756255][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 777.764901][ T24] usb 2-1: Product: syz [ 777.770143][ T24] usb 2-1: Manufacturer: syz [ 777.775039][ T24] usb 2-1: SerialNumber: syz [ 777.823196][ T24] usb 2-1: config 0 descriptor?? [ 777.831300][T11336] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 777.890788][T11336] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 777.915664][T11340] mkiss: ax0: crc mode is auto. [ 777.979917][ T24] usb 2-1: ucan: probing device on interface #0 [ 778.009292][T11341] rtc_cmos 00:00: Alarms can be up to one day in the future [ 778.462010][T11076] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 778.504630][ T32] rtc_cmos 00:00: Alarms can be up to one day in the future [ 778.513537][ T32] rtc_cmos 00:00: Alarms can be up to one day in the future [ 778.522372][ T32] rtc_cmos 00:00: Alarms can be up to one day in the future [ 778.530977][ T32] rtc_cmos 00:00: Alarms can be up to one day in the future [ 778.539340][ T32] rtc rtc0: __rtc_set_alarm: err=-22 [ 778.620218][ T24] ucan 2-1:0.0: probe with driver ucan failed with error -71 [ 778.677101][ T24] usb 2-1: USB disconnect, device number 9 [ 778.812317][T11347] loop3: detected capacity change from 0 to 8 [ 778.888329][T11349] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2320'. [ 780.690183][T11359] loop4: detected capacity change from 0 to 4096 [ 781.053999][T11359] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 781.173742][T11359] ntfs3(loop4): ino=1e, "file1" attr_set_size [ 781.197847][T11358] ntfs3(loop4): ino=1e, "file1" attr_set_size [ 782.199921][T11379] loop2: detected capacity change from 0 to 256 [ 782.435589][ T9] hid-generic 0000:0005:0009.000D: unknown main item tag 0x0 [ 782.435830][ T9] hid-generic 0000:0005:0009.000D: unknown main item tag 0x0 [ 782.436043][ T9] hid-generic 0000:0005:0009.000D: unknown main item tag 0x0 [ 782.464338][ T9] hid-generic 0000:0005:0009.000D: hidraw0: HID v0.02 Device [syz0] on syz1 [ 782.659751][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 782.735819][T11379] FAT-fs (loop2): Directory bread(block 64) failed [ 782.735968][T11379] FAT-fs (loop2): Directory bread(block 65) failed [ 782.736245][T11379] FAT-fs (loop2): Directory bread(block 66) failed [ 782.736848][T11379] FAT-fs (loop2): Directory bread(block 67) failed [ 782.737125][T11379] FAT-fs (loop2): Directory bread(block 68) failed [ 782.737253][T11379] FAT-fs (loop2): Directory bread(block 69) failed [ 782.737539][T11379] FAT-fs (loop2): Directory bread(block 70) failed [ 782.737659][T11379] FAT-fs (loop2): Directory bread(block 71) failed [ 782.737945][T11379] FAT-fs (loop2): Directory bread(block 72) failed [ 782.738073][T11379] FAT-fs (loop2): Directory bread(block 73) failed [ 783.026500][T11387] loop1: detected capacity change from 0 to 128 [ 783.029267][T11387] hpfs: Bad value for 'umask' [ 783.705522][T11393] loop1: detected capacity change from 0 to 64 [ 784.614863][T11402] loop4: detected capacity change from 0 to 1764 [ 784.691512][T11407] loop1: detected capacity change from 0 to 512 [ 784.721699][T11407] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 784.730035][T11407] UDF-fs: Scanning with blocksize 512 failed [ 784.744022][T11407] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 784.752457][T11407] UDF-fs: Scanning with blocksize 1024 failed [ 784.799756][T11407] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 784.814894][T11407] UDF-fs: Scanning with blocksize 2048 failed [ 784.832135][T11407] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 784.860591][T11407] UDF-fs: error (device loop1): udf_read_inode: (ino 28) failed !bh [ 784.869344][T11407] UDF-fs: Scanning with blocksize 4096 failed [ 785.948088][ T30] audit: type=1326 audit(1751144183.389:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.1.2354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 785.971570][ T30] audit: type=1326 audit(1751144183.389:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.1.2354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 786.051654][ T30] audit: type=1326 audit(1751144183.499:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.1.2354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 786.304139][ T30] audit: type=1326 audit(1751144183.759:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.1.2354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 786.327682][ T30] audit: type=1326 audit(1751144183.759:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11418 comm="syz.1.2354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 786.624644][T11427] loop3: detected capacity change from 0 to 256 [ 786.653072][T11427] exfat: Deprecated parameter 'utf8' [ 786.659977][T11427] exfat: Deprecated parameter 'namecase' [ 786.666966][T11427] exfat: Deprecated parameter 'namecase' [ 786.673001][T11427] exfat: Deprecated parameter 'utf8' [ 786.814039][T11427] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 788.336506][T11449] sp0: Synchronizing with TNC [ 788.376191][T11446] [U] è [ 788.419584][T11445] loop0: detected capacity change from 0 to 512 [ 788.506864][ T24] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 788.639601][T11445] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 788.656109][T11445] ext4 filesystem being mounted at /469/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 788.709742][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 788.721577][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 788.732087][ T24] usb 2-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00 [ 788.741597][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 788.756020][ T24] usb 2-1: config 0 descriptor?? [ 789.023365][T11457] ptrace attach of "./syz-executor exec"[5803] was attempted by "ß–é·´)Qoƒ ¬¶ ÿ\x0dvé”Ò¢Ï9T{¨-9È2\x0ap_3j ¥í…nòÐÞ­O³a“)b¡¿†k´ü¿—Òߟ.µ¸\x0aKæ~òœ›±¿´Øª¾³þKOkF^ªƒ3Üý¶òB3»ç)Ðùè«åç¦Æ{\x5cüäõrHBd¿,µÛX¨\x09\x0bì3îc›÷\x22¬&WÜ\x22Ð\x1b·T¾L'Á‡\x09êÁ!_†NÍhÙ¹=ún>ÒaÚõûð £(G6¨¶èŒ·…A+&ϋЈU©›ß¡a¾{@{ø\x0bî[ɸýÛYaºócßξA¯™ò¥ÁÈÌ„‰‡zœàÂGl:d<]ýu~v•!Â9÷,Ú?Å´‘>\x22ar\x1bªl¦KÚ¬ôYêüå*VÌßSŽ”8›…È6]àk‡½KÌ.¨=°’ÚÛ`#æòðåž\x07Ÿ„x!œ—‹g·MDôŒÉÿÿRå*áOLK\x0cÛ}oKáb¼A>{Ã@aÞM¨dÇnQj›ãÌ–—„óÂÀ5)üö]Ú;r¦­,L± \x0cÃ=\x0d«ûïW¢’¡ÓAE½ ¤nË`>åÆŸçòs-Ä3…ì`y«feH‹»¦½^/$¨L1&·¡™N‹P\x0d1ß‘D<­\x07c§Pd(ß·E¤ÓdžÛt¦¦çaÀE’!úÒ­ Ã\x09@¤ÝžHG—~è·H<ÜÒD$¥\x0crXŒ´œ`Ç-ͪ/‡IF¾þÈÑÚEÛàtIáìâˆ;{¬ÿ„Æ«—ë—*W\x0c÷¢\x0a¶:ßÒE­–Ì€«V'ˆ\x0cº†È8sÍejkþ¡ÅÓe~É«ÉÿRò ÊãîÜLìÒêôB*´\x0b-¡ræÈ@\x07ËÒV˜MÅ¡ývà¿ù%OymÇ‚WGüÜ•‹ó|òÈʤ=¨týƒ¦®»U§Þñ?‡£h£ØKÉ0uÓ£Ùœþ½0ÒG Ì'Ãb,‚þè\x22ߊåÿõ;2£Õˆ±'G/Þ³7ò´Wd\x5c!ów%°èñxgŸ\x22âÍx•± ì[4!Nl’˜òQ(\x0a@é[Å+ ÌØÝǬ[[zN¨þ úîs¡B&ãµâÿ™XïƒÅ>%©ö3Š‘{¦- —^ÀÇQÇš4e3\x0b>ÊsFÌ—ÝH]+\x [ 789.238681][ T24] hkems 0003:2006:0118.000E: unknown main item tag 0x0 [ 789.349940][ T24] hkems 0003:2006:0118.000E: unknown main item tag 0x0 [ 789.357572][ T24] hkems 0003:2006:0118.000E: unknown main item tag 0x0 [ 789.364925][ T24] hkems 0003:2006:0118.000E: unknown main item tag 0x0 [ 789.372384][ T24] hkems 0003:2006:0118.000E: unknown main item tag 0x0 [ 789.379739][ T24] hkems 0003:2006:0118.000E: unknown main item tag 0x0 [ 789.387133][ T24] hkems 0003:2006:0118.000E: unknown main item tag 0x0 [ 789.430524][T11461] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2373'. [ 789.440487][T11461] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2373'. [ 789.555714][ T24] hkems 0003:2006:0118.000E: hidraw0: USB HID v0.00 Device [HID 2006:0118] on usb-dummy_hcd.1-1/input0 [ 789.567985][ T24] hkems 0003:2006:0118.000E: no inputs found [ 789.574281][ T24] hkems 0003:2006:0118.000E: force feedback init failed [ 789.693882][ T24] usb 2-1: USB disconnect, device number 10 [ 789.751025][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 789.816140][T11465] loop4: detected capacity change from 0 to 256 [ 790.010292][T11469] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2376'. [ 790.032415][ T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 790.137118][T11465] FAT-fs (loop4): Directory bread(block 64) failed [ 790.144150][T11465] FAT-fs (loop4): Directory bread(block 65) failed [ 790.151877][T11465] FAT-fs (loop4): Directory bread(block 66) failed [ 790.158865][T11465] FAT-fs (loop4): Directory bread(block 67) failed [ 790.165847][T11465] FAT-fs (loop4): Directory bread(block 68) failed [ 790.172864][T11465] FAT-fs (loop4): Directory bread(block 69) failed [ 790.180046][T11465] FAT-fs (loop4): Directory bread(block 70) failed [ 790.187066][T11465] FAT-fs (loop4): Directory bread(block 71) failed [ 790.194045][T11465] FAT-fs (loop4): Directory bread(block 72) failed [ 790.201071][T11465] FAT-fs (loop4): Directory bread(block 73) failed [ 790.279717][ T9] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 790.291521][ T9] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 790.302315][ T9] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 790.312069][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 790.367157][T11464] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 790.390719][ T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 790.563722][T11467] loop3: detected capacity change from 0 to 4096 [ 790.586108][T11471] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2378'. [ 790.767361][T11473] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 790.791173][ T24] usb 3-1: USB disconnect, device number 8 [ 790.891494][T11467] NILFS (loop3): error -2 reading inode: ino=47569271064100864 [ 791.201897][T11476] loop4: detected capacity change from 0 to 256 [ 791.415652][T11476] syz.4.2380: attempt to access beyond end of device [ 791.415652][T11476] loop4: rw=2051, sector=256, nr_sectors = 288 limit=256 [ 792.844173][T11491] netlink: 92 bytes leftover after parsing attributes in process `syz.3.2387'. [ 792.991420][T11484] loop2: detected capacity change from 0 to 40427 [ 793.724882][T11496] loop1: detected capacity change from 0 to 1024 [ 793.894493][T11496] hfsplus: bad catalog entry type [ 794.346195][ T3870] hfsplus: b-tree write err: -5, ino 4 [ 796.109696][T11533] sp0: Synchronizing with TNC [ 796.668569][T11537] loop3: detected capacity change from 0 to 2048 [ 796.775881][T11537] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 796.867757][T11537] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 796.875892][T11537] UDF-fs: Scanning with blocksize 512 failed [ 796.944952][T11537] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 798.986981][ T24] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 799.063897][T11570] loop2: detected capacity change from 0 to 512 [ 799.137151][ T24] usb 2-1: Using ep0 maxpacket: 16 [ 799.162654][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 799.162923][ T24] usb 2-1: New USB device found, idVendor=05ac, idProduct=027c, bcdDevice= 0.00 [ 799.163137][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 799.170547][ T24] usb 2-1: config 0 descriptor?? [ 799.229750][T11570] EXT4-fs (loop2): 1 orphan inode deleted [ 799.234276][T11570] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 799.253432][ T57] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 799.253914][ T57] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 1 [ 799.282510][T11570] ext4 filesystem being mounted at /501/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 799.704063][ T24] apple 0003:05AC:027C.000F: hidraw0: USB HID v0.05 Device [HID 05ac:027c] on usb-dummy_hcd.1-1/input0 [ 799.800431][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 799.897342][ T24] usb 2-1: USB disconnect, device number 11 [ 800.189370][T11583] loop4: detected capacity change from 0 to 256 [ 800.226025][T11581] loop2: detected capacity change from 0 to 512 [ 800.272769][T11581] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 800.360057][T11581] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2429: couldn't read orphan inode 26 (err -116) [ 800.382993][T11581] EXT4-fs (loop2): Remounting filesystem read-only [ 800.385572][T11581] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 800.386034][T11581] ext4 filesystem being mounted at /502/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 800.420395][T11587] loop0: detected capacity change from 0 to 64 [ 800.915457][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 801.839761][T11602] x_tables: ip_tables: udp match: only valid for protocol 17 [ 802.694630][T11610] loop2: detected capacity change from 0 to 1024 [ 802.698432][T11610] EXT4-fs: Ignoring removed orlov option [ 802.767184][T11610] EXT4-fs (loop2): stripe (8) is not aligned with cluster size (16), stripe is disabled [ 802.869557][T11610] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 803.369792][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 803.775036][T11624] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2446'. [ 803.784811][T11624] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2446'. [ 804.459024][T11634] lo speed is unknown, defaulting to 1000 [ 804.471108][T11634] lo speed is unknown, defaulting to 1000 [ 804.480591][T11634] lo speed is unknown, defaulting to 1000 [ 804.501189][T11634] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 804.547565][T11634] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 804.681263][T11634] lo speed is unknown, defaulting to 1000 [ 804.690734][T11634] lo speed is unknown, defaulting to 1000 [ 804.699824][T11634] lo speed is unknown, defaulting to 1000 [ 804.709112][T11634] lo speed is unknown, defaulting to 1000 [ 804.718863][T11634] lo speed is unknown, defaulting to 1000 [ 805.141221][T11643] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2455'. [ 806.832550][T11672] loop0: detected capacity change from 0 to 128 [ 806.909012][T11672] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 806.932108][T11672] ext4 filesystem being mounted at /490/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 807.079396][T11678] sp0: Synchronizing with TNC [ 807.438071][ T5795] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 807.708155][ T24] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 807.917952][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 807.974482][ T24] usb 4-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 807.990672][ T24] usb 4-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 808.001236][ T24] usb 4-1: config 7 interface 0 altsetting 5 endpoint 0x2 has invalid wMaxPacketSize 0 [ 808.011341][ T24] usb 4-1: config 7 interface 0 altsetting 5 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 808.024815][ T24] usb 4-1: config 7 interface 0 has no altsetting 0 [ 808.031950][ T24] usb 4-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 808.041691][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 808.941257][ T24] input: HID 0458:5010 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:7.0/0003:0458:5010.0010/input/input10 [ 809.051633][ T24] kye 0003:0458:5010.0010: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.3-1/input0 [ 809.128793][ T24] usb 4-1: USB disconnect, device number 12 [ 809.425773][T11705] loop0: detected capacity change from 0 to 2048 [ 809.471005][T11705] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=18576, location=18576 [ 809.565096][T11705] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 809.594837][T11707] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 811.078893][T11729] tipc: Failed to obtain node identity [ 811.084873][T11729] tipc: Enabling of bearer rejected, failed to enable media [ 811.420773][T11720] loop4: detected capacity change from 0 to 8192 [ 811.472541][T11720] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 814.680913][T11766] loop2: detected capacity change from 0 to 40427 [ 814.757635][T11766] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504) [ 814.764959][T11766] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 814.776553][T11766] F2FS-fs (loop2): build fault injection rate: 4 [ 814.783426][T11766] F2FS-fs (loop2): build fault injection type: 0x6 [ 814.799798][T11766] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of get_checkpoint_version+0x4a/0x9b0 [ 814.824557][T11766] F2FS-fs (loop2): invalid crc value [ 814.857687][T11766] F2FS-fs (loop2): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x7770/0xa380 [ 814.868013][T11766] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-12) [ 815.287735][T11779] loop4: detected capacity change from 0 to 512 [ 815.351039][T11779] EXT4-fs: Ignoring removed i_version option [ 815.520225][T11779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 815.539515][T11779] ext4 filesystem being mounted at /517/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 815.636069][T11784] loop1: detected capacity change from 0 to 512 [ 815.835258][T11784] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 815.850535][T11784] ext4 filesystem being mounted at /475/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 815.974187][T11784] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #2: comm syz.1.2517: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 816.102196][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 816.223225][T11791] loop2: detected capacity change from 0 to 1024 [ 816.363387][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 816.698072][T11076] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 817.197446][ T9] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 817.371450][ T9] usb 4-1: Using ep0 maxpacket: 16 [ 817.411388][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 817.423390][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 817.433759][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 817.447418][ T9] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 817.457332][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 817.601415][ T9] usb 4-1: config 0 descriptor?? [ 818.065109][ T9] shield 0003:0955:7214.0011: unknown main item tag 0x0 [ 818.118482][ T9] input: HID 0955:7214 Haptics as /devices/virtual/input/input11 [ 818.227352][ T9] shield 0003:0955:7214.0011: Registered Thunderstrike controller [ 818.240403][ T9] shield 0003:0955:7214.0011: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0 [ 818.353594][T11818] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 818.399607][ T9] usb 4-1: USB disconnect, device number 13 [ 818.418052][T11818] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 818.433686][T11818] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 818.445553][T11818] shield 0003:0955:7214.0011: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 819.128147][T11830] netlink: 'syz.1.2537': attribute type 2 has an invalid length. [ 819.136978][T11830] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2537'. [ 819.489725][T11838] sch_tbf: burst 0 is lower than device veth1 mtu (1514) ! [ 820.305242][T11848] loop0: detected capacity change from 0 to 1024 [ 821.435818][T11845] loop4: detected capacity change from 0 to 32768 [ 821.511650][T11845] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 821.521111][T11845] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 821.632784][T11845] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 821.692725][ T24] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 821.700806][ T24] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 822.128374][T11851] loop1: detected capacity change from 0 to 32768 [ 822.145198][T11851] Mount JFS Failure: -22 [ 822.150034][T11851] jfs_mount failed w/return code = -22 [ 822.501094][ T24] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 800ms [ 822.510406][ T24] gfs2: fsid=syz:syz.0: jid=0: Done [ 822.516102][T11845] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 823.257757][T11864] loop2: detected capacity change from 0 to 1024 [ 823.390416][T11864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 823.403366][T11864] ext4 filesystem being mounted at /529/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 823.472814][T11872] loop3: detected capacity change from 0 to 512 [ 823.568043][T11872] EXT4-fs (loop3): orphan cleanup on readonly fs [ 823.574949][T11872] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #3: comm syz.3.2557: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 823.700034][T11872] EXT4-fs error (device loop3): ext4_quota_enable:7127: comm syz.3.2557: Bad quota inode: 3, type: 0 [ 823.779026][T11872] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 823.794583][T11872] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 823.804246][T11872] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 823.899910][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 824.338594][ T5808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 824.786230][T11888] loop0: detected capacity change from 0 to 512 [ 824.815097][T11888] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 824.833619][T11889] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 824.849373][T11889] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 824.860555][T11889] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 824.869846][T11889] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 824.923252][T11888] EXT4-fs (loop0): 1 truncate cleaned up [ 824.932565][T11888] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 824.952140][ T9] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 825.118491][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 825.134754][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 825.145695][ T9] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 825.162605][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 825.176633][T11818] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 825.219560][ T9] usb 4-1: config 0 descriptor?? [ 825.271621][ T9] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 825.313778][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 825.367391][T11818] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 825.379297][T11818] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 825.390087][T11818] usb 2-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00 [ 825.400871][T11818] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 825.479823][T11818] usb 2-1: config 0 descriptor?? [ 825.682401][T11896] netlink: 'syz.4.2566': attribute type 1 has an invalid length. [ 825.691487][T11896] netlink: 244 bytes leftover after parsing attributes in process `syz.4.2566'. [ 825.701430][T11896] NCSI netlink: No device for ifindex 320 [ 825.716922][ T9] gspca_vc032x: reg_w err -71 [ 825.722213][ T9] vc032x 4-1:0.0: probe with driver vc032x failed with error -71 [ 825.750657][ T9] usb 4-1: USB disconnect, device number 14 [ 825.933780][T11818] stadia 0003:18D1:9400.0012: unknown main item tag 0x2 [ 825.942778][T11818] stadia 0003:18D1:9400.0012: item fetching failed at offset 3/5 [ 825.958181][T11818] stadia 0003:18D1:9400.0012: parse failed [ 825.964815][T11818] stadia 0003:18D1:9400.0012: probe with driver stadia failed with error -22 [ 826.158614][ T24] usb 2-1: USB disconnect, device number 12 [ 827.335581][T11917] loop3: detected capacity change from 0 to 64 [ 827.821146][T11925] loop0: detected capacity change from 0 to 64 [ 827.970327][ T30] audit: type=1800 audit(1751144225.409:680): pid=11925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2578" name="bus" dev="loop0" ino=21 res=0 errno=0 [ 828.916779][ T24] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 829.116924][ T24] usb 4-1: Using ep0 maxpacket: 8 [ 829.168543][ T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 829.182237][ T24] usb 4-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00 [ 829.191895][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 829.308891][ T24] usb 4-1: config 0 descriptor?? [ 829.588654][T11947] bpf: Bad value for 'gid' [ 829.847858][ T24] kye 0003:0458:4018.0013: unbalanced delimiter at end of report description [ 829.985441][ T24] kye 0003:0458:4018.0013: parse failed [ 829.992255][ T24] kye 0003:0458:4018.0013: probe with driver kye failed with error -22 [ 830.037522][T11818] usb 4-1: USB disconnect, device number 15 [ 830.292763][T11956] loop1: detected capacity change from 0 to 47 [ 830.334292][T11955] loop0: detected capacity change from 0 to 512 [ 830.376178][T11955] EXT4-fs: Ignoring removed orlov option [ 830.457573][T11955] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2592: casefold flag without casefold feature [ 830.599604][T11955] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2592: couldn't read orphan inode 15 (err -117) [ 830.635483][T11955] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 830.703960][T11951] loop4: detected capacity change from 0 to 4096 [ 831.125348][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 831.201888][T11964] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 832.142528][T11963] loop1: detected capacity change from 0 to 32768 [ 832.156181][T11963] workqueue: name exceeds WQ_NAME_LEN. Truncating to: gfs2-glock/#ãvúSÖñ^Ñ°Õ~oó»Á [ 832.193639][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®: Trying to join cluster "lock_nolock", "#ãvúSÖñ^Ñ°Õ~oó»Á$®" [ 832.205224][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®: Now mounting FS (format 1801)... [ 832.233666][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: fatal: filesystem consistency error - inode = 1 19, function = gfs2_jdesc_check, file = fs/gfs2/super.c, line = 119 [ 832.250308][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: G: s:SH n:2/13 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1 [ 832.261361][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: H: s:SH f:eEcH e:0 p:11963 [syz.1.2596] init_journal+0x332e/0x3a30 [ 832.273488][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: I: n:1/19 t:8 f:0x00 d:0x00000200 s:8388608 p:0 [ 832.283891][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: about to withdraw this file system [ 832.293173][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: Journal recovery skipped for jid 0 until next mount. [ 832.303709][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: Glock dequeues delayed: 0 [ 832.308475][T11968] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20001 - 0 [ 832.312400][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: File system withdrawn [ 832.327595][T11968] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20001 - 0 [ 832.334291][T11963] CPU: 1 UID: 0 PID: 11963 Comm: syz.1.2596 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(undef) [ 832.334460][T11963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 832.334551][T11963] Call Trace: [ 832.334606][T11963] [ 832.334665][T11963] __dump_stack+0x26/0x30 [ 832.334853][T11963] dump_stack_lvl+0x1df/0x270 [ 832.335061][T11963] dump_stack+0x1e/0x25 [ 832.335235][T11963] gfs2_withdraw+0x1d26/0x22e0 [ 832.335521][T11963] gfs2_consist_inode_i+0x1b2/0x250 [ 832.335697][T11963] gfs2_jdesc_check+0x170/0x440 [ 832.335885][T11963] check_journal_clean+0x1b6/0x4c0 [ 832.336115][T11963] ? init_journal+0x332e/0x3a30 [ 832.336263][T11963] ? kmsan_get_metadata+0xfb/0x160 [ 832.336476][T11963] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 832.336701][T11963] init_journal+0x332e/0x3a30 [ 832.336889][T11963] ? init_inodes+0x124/0x510 [ 832.337045][T11963] ? init_inodes+0x124/0x510 [ 832.337190][T11963] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 832.337416][T11963] init_inodes+0x124/0x510 [ 832.337575][T11963] gfs2_fill_super+0x384a/0x3f50 [ 832.337735][T11963] ? init_locking+0xed/0x500 [ 832.337932][T11963] get_tree_bdev_flags+0x6e6/0x920 [ 832.338149][T11963] ? __pfx_gfs2_fill_super+0x10/0x10 [ 832.338307][T11963] ? __pfx_gfs2_fill_super+0x10/0x10 [ 832.338453][T11963] ? __pfx_gfs2_get_tree+0x10/0x10 [ 832.338604][T11963] get_tree_bdev+0x38/0x50 [ 832.338805][T11963] gfs2_get_tree+0x57/0x350 [ 832.338968][T11963] ? __pfx_gfs2_get_tree+0x10/0x10 [ 832.339119][T11963] vfs_get_tree+0xb3/0x5c0 [ 832.339327][T11963] ? mount_capable+0x99/0x100 [ 832.339511][T11963] do_new_mount+0x738/0x1610 [ 832.339720][T11963] ? kmsan_get_metadata+0xfb/0x160 [ 832.339936][T11963] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 832.340176][T11963] path_mount+0x6db/0x1e90 [ 832.340387][T11963] ? user_path_at+0x32d/0x3d0 [ 832.340582][T11963] __se_sys_mount+0x6eb/0x7d0 [ 832.340792][T11963] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 832.341027][T11963] __x64_sys_mount+0xe4/0x150 [ 832.341254][T11963] x64_sys_call+0xfa7/0x3db0 [ 832.341452][T11963] do_syscall_64+0xd9/0x210 [ 832.341605][T11963] ? irqentry_exit+0x16/0x60 [ 832.341808][T11963] ? clear_bhb_loop+0x40/0x90 [ 832.341981][T11963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 832.342148][T11963] RIP: 0033:0x7fba549900ca [ 832.342262][T11963] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 832.342401][T11963] RSP: 002b:00007fba558c8e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 832.342548][T11963] RAX: ffffffffffffffda RBX: 00007fba558c8ef0 RCX: 00007fba549900ca [ 832.342664][T11963] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fba558c8eb0 [ 832.342772][T11963] RBP: 0000200000000400 R08: 00007fba558c8ef0 R09: 0000000000200001 [ 832.342880][T11963] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500 [ 832.342992][T11963] R13: 00007fba558c8eb0 R14: 00000000000125bb R15: 0000200000000f00 [ 832.343135][T11963] [ 832.344994][T11963] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: Error checking journal for spectator mount. [ 832.697633][T11968] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20001 - 0 [ 832.707235][T11968] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20001 - 0 [ 834.135702][T11977] loop3: detected capacity change from 0 to 32768 [ 834.213713][T11977] XFS (loop3): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 834.267960][T11977] XFS (loop3): Log size 624 blocks too small, minimum size is 816 blocks [ 834.277068][T11977] XFS (loop3): AAIEEE! Log failed size checks. Abort! [ 834.293157][T11977] XFS (loop3): log mount failed [ 836.539350][T12017] loop1: detected capacity change from 0 to 512 [ 836.574456][T12017] EXT4-fs: Ignoring removed bh option [ 837.227223][T12017] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 837.237517][T12013] loop3: detected capacity change from 0 to 32768 [ 837.240299][T12013] XFS: ikeep mount option is deprecated. [ 837.351880][T12013] XFS (loop3): Metadata CRC error detected at xfs_sb_read_verify+0x5c7/0x640, xfs_sb_quiet block 0x0 [ 837.363553][T12013] XFS (loop3): Unmount and run xfs_repair [ 837.372432][T12013] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 837.380465][T12013] 00000000: 58 46 53 42 00 00 08 00 00 00 00 00 00 00 20 00 XFSB.......... . [ 837.389832][T12013] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 837.399501][T12013] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 837.408913][T12013] 00000030: 00 00 00 00 00 00 00 20 00 00 00 00 00 00 24 40 ....... ......$@ [ 837.413694][T12017] EXT4-fs (loop1): 1 truncate cleaned up [ 837.419491][T12013] 00000040: 00 00 00 00 00 00 24 41 00 00 00 00 00 00 24 42 ......$A......$B [ 837.427411][T12017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 837.433549][T12013] 00000050: 00 00 00 01 00 00 20 00 00 00 00 01 00 00 00 00 ...... ......... [ 837.463500][T12013] 00000060: 00 00 12 00 b4 b5 02 00 04 00 00 02 00 00 00 00 ................ [ 837.472912][T12013] 00000070: 00 00 00 00 00 00 00 00 0b 09 0a 01 0d 00 00 32 ...............2 [ 837.663011][ T30] audit: type=1800 audit(1751144235.089:681): pid=12017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2618" name="file0" dev="loop1" ino=13 res=0 errno=0 [ 838.191342][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 838.283166][T12032] loop4: detected capacity change from 0 to 4096 [ 838.508216][T12038] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 838.754215][T12041] loop1: detected capacity change from 0 to 512 [ 838.887380][T12041] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 838.901016][T12041] ext4 filesystem being mounted at /496/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 839.375527][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 839.601215][T12054] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2632'. [ 841.192424][T12075] loop3: detected capacity change from 0 to 1024 [ 841.389140][T12075] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 841.402463][T12075] ext4 filesystem being mounted at /523/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 841.581982][T12075] EXT4-fs (loop3): resizing filesystem from 512 to 0 blocks [ 841.589946][T12075] EXT4-fs warning (device loop3): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 841.768896][T12084] loop2: detected capacity change from 0 to 1024 [ 841.801366][T12088] fuse: Bad value for 'group_id' [ 841.806892][T12088] fuse: Bad value for 'group_id' [ 841.987475][ T5808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 842.563607][T12096] netlink: 88 bytes leftover after parsing attributes in process `syz.4.2649'. [ 842.573944][T12096] tipc: New replicast peer: 172.20.20.170 [ 842.583305][T12096] tipc: Enabled bearer , priority 10 [ 844.086054][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 844.125867][T12121] loop2: detected capacity change from 0 to 128 [ 844.185426][T12121] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 844.236734][T12121] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 844.589968][T12129] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2663'. [ 844.599543][T12129] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2663'. [ 844.649818][T12130] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2665'. [ 844.660062][T12130] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2665'. [ 846.208428][T12150] netlink: 'syz.4.2675': attribute type 5 has an invalid length. [ 846.594595][T12153] loop0: detected capacity change from 0 to 2048 [ 846.838641][T12153] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 847.450626][T12158] loop1: detected capacity change from 0 to 32768 [ 847.501388][T12158] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section downgrade: downgrade entry with mismatched major version (0 != 1) [ 847.501388][T12158] downgrade (size 640): [ 847.501388][T12158] version: 0.0: (unknown version) [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.0: (unknown version) [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.35: (unknown version) [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.0: (unknown version) [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.47: (unknown version) [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.0: (unknown version) [ 847.501388][T12158] recovery passes: fs_freespace_init,bucket_gens_init,check_snapshots,check_subvols [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.11: inode_btree_change [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.0: (unknown version) [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.34: (unknown version) [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.0: (unknown version) [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.0: (unknown version) [ 847.501388][T12158] recovery passes: [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.0: (unknown version) [ 847.501388][T12158] recovery passes: fs_freespace_init,check_snapshot_trees [ 847.501388][T12158] errors: [ 847.501388][T12158] version: 0.0: (unknown version) [ 847.501388][T12158] recover [ 847.502824][T12158] bcachefs: bch2_fs_get_tree() error: invalid_sb_downgrade [ 848.110370][T12163] loop4: detected capacity change from 0 to 1024 [ 848.285070][T12164] loop3: detected capacity change from 0 to 2048 [ 848.487588][T12169] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 849.371902][T12182] loop2: detected capacity change from 0 to 256 [ 849.385482][T12182] exfat: Deprecated parameter 'namecase' [ 849.461574][T12182] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d) [ 850.077449][T12186] loop4: detected capacity change from 0 to 256 [ 850.423528][T12190] loop1: detected capacity change from 0 to 512 [ 850.480255][T12190] EXT4-fs: Ignoring removed orlov option [ 850.498630][T12190] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 850.513306][T12190] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 850.521998][T12190] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.2694: corrupted in-inode xattr: e_value size too large [ 850.524083][T12190] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2694: couldn't read orphan inode 15 (err -117) [ 850.528470][T12190] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 850.819372][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 851.138442][ T30] audit: type=1326 audit(1751144248.579:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12197 comm="syz.1.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 851.138733][ T30] audit: type=1326 audit(1751144248.579:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12197 comm="syz.1.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 851.165123][ T30] audit: type=1326 audit(1751144248.619:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12197 comm="syz.1.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 851.165409][ T30] audit: type=1326 audit(1751144248.619:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12197 comm="syz.1.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 851.172302][ T30] audit: type=1326 audit(1751144248.619:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12197 comm="syz.1.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 851.172608][ T30] audit: type=1326 audit(1751144248.629:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12197 comm="syz.1.2697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba5498e929 code=0x7ffc0000 [ 851.959371][ C1] vkms_vblank_simulate: vblank timer overrun [ 851.998822][T12208] devpts: Bad value for 'max' [ 852.259621][ C1] vkms_vblank_simulate: vblank timer overrun [ 856.044250][T12262] netlink: 71 bytes leftover after parsing attributes in process `syz.3.2727'. [ 857.107586][T12276] loop4: detected capacity change from 0 to 1024 [ 857.402837][T12283] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 857.665073][ T3492] hfsplus: b-tree write err: -5, ino 4 [ 857.981765][T12290] loop2: detected capacity change from 0 to 128 [ 858.030176][T12290] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 858.095011][T12290] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 858.701624][T12301] gretap0: entered promiscuous mode [ 858.707689][T12301] macsec1: entered promiscuous mode [ 858.782775][T12301] gretap0: left promiscuous mode [ 860.155877][T12320] loop2: detected capacity change from 0 to 1024 [ 860.368449][T12327] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 860.535436][T12325] loop3: detected capacity change from 0 to 2048 [ 860.629320][T12330] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 860.701217][T12330] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 860.717553][T12330] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4) [ 860.754009][T12330] Remounting filesystem read-only [ 861.122788][T12334] loop2: detected capacity change from 0 to 512 [ 861.169081][T12334] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 861.269168][T12334] EXT4-fs (loop2): orphan cleanup on readonly fs [ 861.302014][T12334] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:517: comm syz.2.2762: Block bitmap for bg 0 marked uninitialized [ 861.362313][T12334] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 861.374742][T12334] EXT4-fs (loop2): 1 orphan inode deleted [ 861.384134][T12334] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 861.719105][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 861.879589][T12343] nbd: must specify a size in bytes for the device [ 861.945814][T12346] loop0: detected capacity change from 0 to 64 [ 862.456866][ T24] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 862.574981][T12355] loop1: detected capacity change from 0 to 47 [ 862.646868][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 862.713274][ T24] usb 4-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47 [ 862.723191][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 862.736673][ T24] usb 4-1: Product: syz [ 862.743229][ T24] usb 4-1: Manufacturer: syz [ 862.748265][ T24] usb 4-1: SerialNumber: syz [ 862.822721][ T24] usb 4-1: config 0 descriptor?? [ 862.855972][T12355] MINIX-fs: deleted inode referenced: 9 [ 862.877175][T12355] MINIX-fs: deleted inode referenced: 9 [ 862.889065][ T24] gspca_main: sn9c2028-2.14.0 probing 0c45:800a [ 863.109544][ T24] gspca_sn9c2028: read1 error -32 [ 863.323901][ T24] gspca_sn9c2028: read1 error -71 [ 863.336846][ T24] sn9c2028 4-1:0.0: probe with driver sn9c2028 failed with error -71 [ 863.398394][ T24] usb 4-1: USB disconnect, device number 16 [ 864.144164][T12374] tmpfs: Cannot change global quota limit on remount [ 864.453289][T12377] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2783'. [ 864.463345][T12377] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2783'. [ 865.056176][T12386] tipc: Enabling of bearer rejected, failed to enable media [ 865.212572][T12389] CIFS mount error: No usable UNC path provided in device string! [ 865.212572][T12389] [ 865.223281][T12389] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 866.182790][T12401] openvswitch: netlink: Message has 1255 unknown bytes. [ 866.190600][T12401] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 866.821886][T12409] loop2: detected capacity change from 0 to 64 [ 866.868081][ T24] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 867.056711][ T24] usb 2-1: Using ep0 maxpacket: 8 [ 867.092504][ T24] usb 2-1: config 0 interface 0 has no altsetting 0 [ 867.100905][ T24] usb 2-1: New USB device found, idVendor=09da, idProduct=001a, bcdDevice= 0.00 [ 867.111003][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 867.129866][ T24] usb 2-1: config 0 descriptor?? [ 867.388897][ T5804] hfs: node 4:3 still has 1 user(s)! [ 867.665947][ T24] a4tech 0003:09DA:001A.0014: item fetching failed at offset 4/5 [ 867.710502][ T24] a4tech 0003:09DA:001A.0014: parse failed [ 867.719168][ T24] a4tech 0003:09DA:001A.0014: probe with driver a4tech failed with error -22 [ 867.869333][T12420] sock: sock_timestamping_bind_phc: sock not bind to device [ 867.870665][T11818] usb 2-1: USB disconnect, device number 13 [ 870.025642][T12440] loop1: detected capacity change from 0 to 256 [ 870.560643][T12445] loop4: detected capacity change from 0 to 1024 [ 871.083863][ T3492] hfsplus: b-tree write err: -5, ino 4 [ 871.630588][T12462] loop4: detected capacity change from 0 to 2048 [ 871.807700][T12462] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 873.070028][T12484] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2830'. [ 873.087669][T12484] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2830'. [ 874.209477][T12498] tmpfs: Bad value for 'mpol' [ 874.391534][T12495] loop0: detected capacity change from 0 to 4096 [ 874.909145][T12501] loop3: detected capacity change from 0 to 512 [ 875.038309][T12501] EXT4-fs: Mount option(s) incompatible with ext2 [ 875.566561][T12499] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 876.362202][T12508] loop1: detected capacity change from 0 to 512 [ 877.163908][ T5795] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 877.180128][ T5795] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=12) [ 877.348487][ T5795] Remounting filesystem read-only [ 877.353829][ T5795] NILFS (loop0): error -5 truncating bmap (ino=12) [ 877.449167][ T5795] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 878.056971][T12518] loop0: detected capacity change from 0 to 256 [ 878.355640][T12523] loop1: detected capacity change from 0 to 64 [ 878.539154][T12523] hfs: small file entry [ 878.915049][T12528] loop0: detected capacity change from 0 to 164 [ 878.960761][T12529] loop2: detected capacity change from 0 to 128 [ 878.979078][T12528] ISOFS: unable to read i-node block [ 878.984869][T12528] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 879.139552][T12529] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 879.177379][T12529] ext4 filesystem being mounted at /597/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 879.464555][T12535] loop1: detected capacity change from 0 to 1024 [ 879.629876][ T5804] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 879.820591][T12539] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2855'. [ 879.836731][T12539] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2855'. [ 880.519429][T12549] loop3: detected capacity change from 0 to 8 [ 880.617056][T12549] 9pnet_fd: p9_fd_create_unix (12549): problem connecting socket: ./file0: -30 [ 881.030043][T12555] loop0: detected capacity change from 0 to 1024 [ 881.388833][ T30] audit: type=1326 audit(1751144278.849:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12562 comm="syz.2.2867" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdbefd8e929 code=0x0 [ 883.964104][T12593] loop0: detected capacity change from 0 to 4096 [ 884.109519][T12602] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 884.876605][ T5801] Bluetooth: hci4: command 0x0406 tx timeout [ 884.944744][T12611] loop1: detected capacity change from 0 to 256 [ 884.978997][T12613] loop0: detected capacity change from 0 to 256 [ 885.279348][T12611] FAT-fs (loop1): Directory bread(block 64) failed [ 885.286787][T12611] FAT-fs (loop1): Directory bread(block 65) failed [ 885.293788][T12611] FAT-fs (loop1): Directory bread(block 66) failed [ 885.301033][T12611] FAT-fs (loop1): Directory bread(block 67) failed [ 885.308243][T12611] FAT-fs (loop1): Directory bread(block 68) failed [ 885.315155][T12611] FAT-fs (loop1): Directory bread(block 69) failed [ 885.322310][T12611] FAT-fs (loop1): Directory bread(block 70) failed [ 885.329420][T12611] FAT-fs (loop1): Directory bread(block 71) failed [ 885.336646][T12611] FAT-fs (loop1): Directory bread(block 72) failed [ 885.343473][T12611] FAT-fs (loop1): Directory bread(block 73) failed [ 885.685271][T12616] loop2: detected capacity change from 0 to 4096 [ 885.753168][T12621] loop0: detected capacity change from 0 to 512 [ 885.838485][T12616] NILFS (loop2): invalid segment: Checksum error in segment payload [ 885.848141][T12616] NILFS (loop2): trying rollback from an earlier position [ 885.923018][T12621] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.2893: iget: bad i_size value: 38620345925642 [ 885.957179][T12616] NILFS (loop2): recovery complete [ 886.007586][T12621] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.2893: couldn't read orphan inode 15 (err -117) [ 886.037348][T12626] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 886.085916][T12621] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 886.355195][T12621] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2893: bg 0: block 5: invalid block bitmap [ 886.428090][T12621] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 9 with max blocks 55 with error 28 [ 886.441303][T12621] EXT4-fs (loop0): This should not happen!! Data will be lost [ 886.441303][T12621] [ 886.451630][T12621] EXT4-fs (loop0): Total free blocks count 0 [ 886.458643][T12621] EXT4-fs (loop0): Free/Dirty block details [ 886.464927][T12621] EXT4-fs (loop0): free_blocks=0 [ 886.470463][T12621] EXT4-fs (loop0): dirty_blocks=55 [ 886.475931][T12621] EXT4-fs (loop0): Block reservation details [ 886.482434][T12621] EXT4-fs (loop0): i_reserved_data_blocks=55 [ 886.703018][T12634] loop2: detected capacity change from 0 to 64 [ 886.741322][T12633] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2898'. [ 886.892301][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 886.942172][ T5801] Bluetooth: hci4: command 0x0406 tx timeout [ 887.733146][T12649] loop4: detected capacity change from 0 to 1024 [ 887.858623][T12649] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 887.997931][T12649] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2905: bg 0: block 88: padding at end of block bitmap is not set [ 888.770032][ T5803] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 889.128720][T12654] loop3: detected capacity change from 0 to 40427 [ 889.140432][T12654] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504) [ 889.154800][T12654] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 889.165002][T12654] F2FS-fs (loop3): build fault injection rate: 17008 [ 889.172378][T12654] F2FS-fs (loop3): build fault injection type: 0x1f8 [ 889.181473][T12654] F2FS-fs (loop3): quotafile must be on filesystem root [ 889.549662][T12667] loop2: detected capacity change from 0 to 64 [ 892.753813][T12696] loop1: detected capacity change from 0 to 40427 [ 892.824234][T12696] F2FS-fs (loop1): invalid crc value [ 893.295069][T12696] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 894.505183][T12727] loop3: detected capacity change from 0 to 512 [ 894.666054][T12727] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 894.714009][T12727] EXT4-fs (loop3): 1 truncate cleaned up [ 894.722798][T12727] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 895.322650][ T5808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 895.723676][T12741] loop3: detected capacity change from 0 to 64 [ 897.337064][T12763] loop1: detected capacity change from 0 to 1024 [ 897.416209][T12763] EXT4-fs: Ignoring removed mblk_io_submit option [ 897.473043][T12763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 898.011228][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 898.180313][T12781] loop2: detected capacity change from 0 to 256 [ 898.209105][T12781] exfat: Deprecated parameter 'utf8' [ 898.214879][T12781] exfat: Deprecated parameter 'utf8' [ 898.221761][T12781] exfat: Deprecated parameter 'utf8' [ 898.425747][T12781] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 898.638976][T12786] loop1: detected capacity change from 0 to 1024 [ 898.807234][T12789] vivid-007: ================= START STATUS ================= [ 898.815451][T12789] vivid-007: Enable Output Cropping: true grabbed [ 898.822858][T12789] vivid-007: Enable Output Composing: true grabbed [ 898.830189][T12789] vivid-007: Enable Output Scaler: true grabbed [ 898.837073][T12789] vivid-007: Tx RGB Quantization Range: Automatic grabbed [ 898.844797][T12789] vivid-007: Transmit Mode: HDMI grabbed [ 898.851200][T12789] vivid-007: Hotplug Present: 0x00000000 [ 898.857556][T12789] vivid-007: RxSense Present: 0x00000000 [ 898.863615][T12789] vivid-007: EDID Present: 0x00000000 [ 898.870207][T12789] vivid-007: ================== END STATUS ================== [ 899.737149][T12802] loop4: detected capacity change from 0 to 64 [ 899.811672][T12802] hfs: unable to locate alternate MDB [ 899.818708][T12802] hfs: continuing without an alternate MDB [ 899.943487][T12806] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2974'. [ 900.302720][T12810] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2977'. [ 901.939140][T12830] netlink: 100 bytes leftover after parsing attributes in process `syz.2.2986'. [ 901.971405][T12831] netlink: 277 bytes leftover after parsing attributes in process `syz.4.2987'. [ 902.166910][ T32] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 902.341229][T12825] loop0: detected capacity change from 0 to 32768 [ 902.351600][T12825] XFS: noikeep mount option is deprecated. [ 902.366936][T12825] XFS (loop0): Invalid device [./bus], error=-2 [ 902.378856][ T32] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 902.389144][ T32] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 902.505099][ T32] usb 4-1: config 0 descriptor?? [ 902.597767][ T32] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 903.120390][ T32] gspca_cpia1: usb_control_msg 03, error -32 [ 903.147346][ T32] gspca_cpia1: usb_control_msg 03, error -71 [ 903.168320][T12838] tipc: Started in network mode [ 903.173627][T12838] tipc: Node identity _, cluster identity 4711 [ 903.210762][ T32] gspca_cpia1: usb_control_msg 01, error -71 [ 903.217381][ T32] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0) [ 903.287414][ T32] usb 4-1: USB disconnect, device number 17 [ 903.664580][T12844] loop1: detected capacity change from 0 to 512 [ 904.758269][T12844] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 904.771924][T12844] ext4 filesystem being mounted at /569/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 904.852246][T12844] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.2993: bg 0: block 18: invalid block bitmap [ 904.952917][T12846] loop2: detected capacity change from 0 to 40427 [ 904.971057][T12846] F2FS-fs (loop2): Corrupted extension count (64 + 1 > 64) [ 904.972331][T12844] Quota error (device loop1): write_blk: dquota write failed [ 904.978900][T12846] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 904.996554][T12844] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 905.006985][T12846] F2FS-fs (loop2): build fault injection rate: 17008 [ 905.007213][T12844] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2993: Failed to acquire dquot type 1 [ 905.013987][T12846] F2FS-fs (loop2): build fault injection type: 0x1f8 [ 905.041651][T12846] F2FS-fs (loop2): Encrypt feature is off [ 905.521040][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 905.825567][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 905.978050][ T30] audit: type=1326 audit(1751144303.429:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12862 comm="syz.3.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 906.001420][ T30] audit: type=1326 audit(1751144303.439:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12862 comm="syz.3.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 906.024708][ T30] audit: type=1326 audit(1751144303.439:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12862 comm="syz.3.3000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a9898e929 code=0x7ffc0000 [ 906.197389][T12867] syz.2.3004 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 906.440246][T12871] trusted_key: encrypted_key: key user:syz not found [ 906.861284][T12877] loop2: detected capacity change from 0 to 1024 [ 906.920225][T12877] EXT4-fs: inline encryption not supported [ 906.926819][T12877] EXT4-fs: Ignoring removed i_version option [ 906.977903][T12877] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 907.130734][T12877] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 2: comm syz.2.3007: lblock 2 mapped to illegal pblock 2 (length 1) [ 907.240803][T12877] Quota error (device loop2): qtree_write_dquot: dquota write failed [ 907.249506][T12877] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 48: comm syz.2.3007: lblock 0 mapped to illegal pblock 48 (length 1) [ 907.329493][T12877] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 907.340103][T12877] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.3007: Failed to acquire dquot type 0 [ 907.438990][T12877] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 907.463590][T12877] EXT4-fs error (device loop2): ext4_evict_inode:254: inode #11: comm syz.2.3007: mark_inode_dirty error [ 907.528672][T12877] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 907.539779][T12877] EXT4-fs (loop2): 1 orphan inode deleted [ 907.548556][T12877] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 907.589215][ T3870] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:21: lblock 1 mapped to illegal pblock 1 (length 1) [ 907.628311][ T3870] Quota error (device loop2): remove_tree: Can't read quota data block 1 [ 907.637672][ T3870] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:21: Failed to release dquot type 0 [ 907.759224][T12877] EXT4-fs error (device loop2): ext4_map_blocks:780: inode #2: block 16: comm syz.2.3007: lblock 0 mapped to illegal pblock 16 (length 1) [ 907.974952][T12894] loop3: detected capacity change from 0 to 512 [ 908.057347][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 908.107036][ T5804] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 908.137223][T12894] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 908.153145][ T5804] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 908.177058][T12894] System zones: 0-2, 18-18, 34-34 [ 908.201903][ T5804] EXT4-fs error (device loop2): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 908.278869][T12894] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3014: bg 0: block 248: padding at end of block bitmap is not set [ 908.358612][T12894] Quota error (device loop3): write_blk: dquota write failed [ 908.367108][T12894] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 908.378299][T12894] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.3014: Failed to acquire dquot type 1 [ 908.414792][T12894] EXT4-fs (loop3): 1 truncate cleaned up [ 908.423837][T12894] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 908.437668][T12894] ext4 filesystem being mounted at /590/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 908.868494][ T5808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 909.559317][T12919] loop0: detected capacity change from 0 to 512 [ 909.779510][T12919] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 909.797635][T12919] ext4 filesystem being mounted at /605/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 909.915209][T12925] loop2: detected capacity change from 0 to 512 [ 909.965917][T12925] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 910.025283][T12928] loop1: detected capacity change from 0 to 1024 [ 910.042589][T12928] EXT4-fs: Ignoring removed nobh option [ 910.050596][T12928] EXT4-fs: Ignoring removed bh option [ 910.064468][T12925] EXT4-fs (loop2): 1 truncate cleaned up [ 910.073868][T12925] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 910.235134][T12928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 910.318193][T12925] EXT4-fs error (device loop2): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.2.3026: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 910.355217][ T5795] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 910.405551][T12925] EXT4-fs (loop2): Remounting filesystem read-only [ 910.413280][T12925] EXT4-fs warning (device loop2): ext4_rename_delete:3726: inode #2: comm syz.2.3026: Deleting old file: nlink 5, error=-117 [ 910.830821][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 910.917048][T12941] loop4: detected capacity change from 0 to 8 [ 910.937913][ T5804] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 911.218508][T12944] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3037'. [ 913.586231][T12966] loop2: detected capacity change from 0 to 8192 [ 913.643853][T12966] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 914.102401][T12986] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3053'. [ 914.815635][T12995] loop4: detected capacity change from 0 to 1024 [ 914.923994][T12999] devtmpfs: Too few inodes for current use [ 915.198461][ T3870] hfsplus: b-tree write err: -5, ino 4 [ 916.260496][T13018] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3069'. [ 916.822551][T13028] loop3: detected capacity change from 0 to 64 [ 917.449975][T13036] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3078'. [ 917.683170][T13040] loop4: detected capacity change from 0 to 764 [ 917.804405][T13040] rock: directory entry would overflow storage [ 917.811225][T13040] rock: sig=0x4f50, size=4, remaining=3 [ 917.817463][T13040] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 918.354096][T13047] loop1: detected capacity change from 0 to 2048 [ 918.527995][T13047] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 918.629471][T13047] EXT4-fs error (device loop1): ext4_ext_precache:649: inode #2: comm syz.1.3084: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 918.676178][T13047] EXT4-fs (loop1): Remounting filesystem read-only [ 918.966673][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 919.324848][T13067] loop3: detected capacity change from 0 to 64 [ 919.646862][ T32] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 919.940501][ T32] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 919.950169][ T32] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 919.958734][ T32] usb 3-1: Product: syz [ 919.963189][ T32] usb 3-1: Manufacturer: syz [ 919.968180][ T32] usb 3-1: SerialNumber: syz [ 920.018601][ T32] usb 3-1: config 0 descriptor?? [ 920.262133][ T32] hso 3-1:0.0: Failed to find INT IN ep [ 920.272532][ T32] usb-storage 3-1:0.0: USB Mass Storage device detected [ 920.511892][ T32] usb 3-1: USB disconnect, device number 9 [ 921.399238][T13096] loop1: detected capacity change from 0 to 512 [ 921.545042][T13096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 921.558464][T13096] ext4 filesystem being mounted at /591/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 921.731835][T13104] loop2: detected capacity change from 0 to 256 [ 921.959632][ T5794] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 922.177367][T13104] FAT-fs (loop2): Directory bread(block 64) failed [ 922.184248][T13104] FAT-fs (loop2): Directory bread(block 65) failed [ 922.192527][T13104] FAT-fs (loop2): Directory bread(block 66) failed [ 922.199626][T13104] FAT-fs (loop2): Directory bread(block 67) failed [ 922.206743][T13104] FAT-fs (loop2): Directory bread(block 68) failed [ 922.213705][T13104] FAT-fs (loop2): Directory bread(block 69) failed [ 922.221134][T13104] FAT-fs (loop2): Directory bread(block 70) failed [ 922.233894][T13104] FAT-fs (loop2): Directory bread(block 71) failed [ 922.242860][T13104] FAT-fs (loop2): Directory bread(block 72) failed [ 922.250054][T13104] FAT-fs (loop2): Directory bread(block 73) failed [ 923.374698][T13127] loop0: detected capacity change from 0 to 256 [ 924.507318][T13145] loop3: detected capacity change from 0 to 512 [ 924.665495][T13145] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 924.685093][T13145] ext4 filesystem being mounted at /615/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 924.815644][T13151] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 924.826855][T13151] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 924.872684][T13145] EXT4-fs (loop3): resizing filesystem from 128 to 1 blocks [ 924.876603][T13151] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 924.880440][T13145] EXT4-fs warning (device loop3): ext4_resize_fs:2042: can't shrink FS - resize aborted [ 924.897030][T13151] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 925.311699][ T5808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 925.340815][T13152] loop4: detected capacity change from 0 to 4096 [ 925.561950][T13157] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 926.568378][ T32] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 926.701957][T13173] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3137'. [ 926.786795][ T32] usb 3-1: Using ep0 maxpacket: 32 [ 926.840059][ T32] usb 3-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 926.853474][ T32] usb 3-1: config 0 interface 0 has no altsetting 0 [ 926.861639][ T32] usb 3-1: New USB device found, idVendor=0403, idProduct=97c1, bcdDevice= 0.00 [ 926.871312][ T32] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 926.904603][T13175] loop1: detected capacity change from 0 to 64 [ 927.012171][ T32] usb 3-1: config 0 descriptor?? [ 927.519760][ T32] hid-retrode 0003:0403:97C1.0015: unknown main item tag 0x0 [ 927.599050][ T32] hid-retrode 0003:0403:97C1.0015: hidraw0: USB HID v0.02 Device [HID 0403:97c1] on usb-dummy_hcd.2-1/input0 [ 927.750490][ T32] usb 3-1: USB disconnect, device number 10 [ 928.001105][T13185] loop0: detected capacity change from 0 to 64 [ 929.680614][T13197] loop2: detected capacity change from 0 to 32768 [ 929.759798][T13197] bcachefs (/dev/loop2): error reading default superblock: Unsupported superblock version 0.8: (unknown version) (min 0.9: (unknown version), max 1.28: inode_has_case_insensitive) [ 929.798700][T13197] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section replicas_v0: invalid device 11 in entry btree: 1/1 [11] [ 929.798700][T13197] replicas_v0 (size 24): [ 929.798700][T13197] btree: 1 [11] journal: 1 [0] user: 1 [0] [ 929.798700][T13197] [ 929.832013][T13197] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry [ 932.438405][T13237] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3168'. [ 932.448013][T13237] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3168'. [ 932.457502][T13237] netlink: 'syz.2.3168': attribute type 14 has an invalid length. [ 932.471249][T13237] netlink: 'syz.2.3168': attribute type 12 has an invalid length. [ 933.168279][T13251] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3175'. [ 933.660435][T13259] loop0: detected capacity change from 0 to 256 [ 933.801115][ T32] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 934.005648][ T32] usb 3-1: Using ep0 maxpacket: 32 [ 934.021599][T13259] FAT-fs (loop0): Directory bread(block 64) failed [ 934.027604][ T32] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 934.028641][T13259] FAT-fs (loop0): Directory bread(block 65) failed [ 934.036666][ T32] usb 3-1: config 0 has no interface number 0 [ 934.036828][ T32] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 934.043631][T13259] FAT-fs (loop0): Directory bread(block 66) failed [ 934.049964][ T32] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 934.061100][T13259] FAT-fs (loop0): Directory bread(block 67) failed [ 934.067956][ T32] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 934.078829][T13259] FAT-fs (loop0): Directory bread(block 68) failed [ 934.085512][ T32] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 934.094099][T13259] FAT-fs (loop0): Directory bread(block 69) failed [ 934.124955][T13259] FAT-fs (loop0): Directory bread(block 70) failed [ 934.132207][T13259] FAT-fs (loop0): Directory bread(block 71) failed [ 934.139382][T13259] FAT-fs (loop0): Directory bread(block 72) failed [ 934.146209][T13259] FAT-fs (loop0): Directory bread(block 73) failed [ 934.359195][ T32] usb 3-1: config 0 descriptor?? [ 934.997769][ T32] uclogic 0003:28BD:0094.0016: failed retrieving string descriptor #100: -71 [ 935.007756][ T32] uclogic 0003:28BD:0094.0016: failed retrieving pen parameters: -71 [ 935.016230][ T32] uclogic 0003:28BD:0094.0016: pen probing failed: -71 [ 935.037121][ T32] uclogic 0003:28BD:0094.0016: failed probing parameters: -71 [ 935.045447][ T32] uclogic 0003:28BD:0094.0016: probe with driver uclogic failed with error -71 [ 935.195353][ T32] usb 3-1: USB disconnect, device number 11 [ 936.635544][T13291] loop4: detected capacity change from 0 to 128 [ 936.799958][T13291] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 936.923422][T13283] loop1: detected capacity change from 0 to 4096 [ 936.949361][T13291] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 936.983239][T13287] loop3: detected capacity change from 0 to 32768 [ 936.996756][T13287] bcachefs (/dev/loop3): error reading default superblock: Invalid superblock: too big (got 4696 bytes, layout max 512) [ 937.021491][T13287] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section members_v2: device 0: not enough buckets (got 0, max 64) [ 937.021491][T13287] members_v2 (size 96): [ 937.021491][T13287] member_bytes 0 [ 937.050012][T13287] bcachefs: bch2_fs_get_tree() error: invalid_sb_members [ 937.556059][T13283] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 937.608453][T13283] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 939.115029][T13311] loop3: detected capacity change from 0 to 64 [ 939.481978][T13305] loop0: detected capacity change from 0 to 32768 [ 939.534138][T13305] ocfs2: Slot 0 on device (7,0) was already allocated to this node! [ 939.584363][T13305] (syz.0.3202,13305,0):ocfs2_read_journal_inode:1659 ERROR: status = -13 [ 939.593472][T13305] (syz.0.3202,13305,0):ocfs2_mark_dead_nodes:1942 ERROR: status = -13 [ 939.602822][T13305] (syz.0.3202,13305,0):ocfs2_check_volume:2420 ERROR: status = -13 [ 939.611200][T13305] (syz.0.3202,13305,0):ocfs2_check_volume:2432 ERROR: status = -13 [ 939.619765][T13305] (syz.0.3202,13305,0):ocfs2_mount_volume:1764 ERROR: status = -13 [ 939.661817][T13305] (syz.0.3202,13305,0):ocfs2_fill_super:1177 ERROR: status = -13 [ 939.776665][T13317] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3206'. [ 941.291289][T13335] loop3: detected capacity change from 0 to 1024 [ 941.444772][T13335] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 941.779482][T13345] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3218'. [ 941.872531][ T5808] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 943.370069][T13369] tipc: Enabled bearer , priority 10 [ 943.444466][T13371] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3231'. [ 943.685083][T13377] loop1: detected capacity change from 0 to 256 [ 943.782420][T13377] exfat: Bad value for 'uid' [ 943.787873][T13377] exfat: Bad value for 'uid' [ 944.496683][ T32] tipc: Node number set to 4278255617 [ 945.516694][T13405] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3246'. [ 946.099992][T13413] binder: 13412:13413 ioctl c018620c 200000000100 returned -22 [ 947.597357][T13433] usb usb8: usbfs: process 13433 (syz.3.3260) did not claim interface 0 before use [ 947.861615][T13438] loop2: detected capacity change from 0 to 1024 [ 948.116915][ T30] audit: type=1800 audit(1751144345.569:692): pid=13438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3262" name="file2" dev="loop2" ino=21 res=0 errno=0 [ 948.154235][T13442] loop1: detected capacity change from 0 to 64 [ 948.988638][T13440] loop4: detected capacity change from 0 to 32768 [ 949.218371][T13440] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names [ 949.218536][T13440] allowing incompatible features above 0.0: (unknown version) [ 949.218641][T13440] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 949.266558][T13440] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 949.275937][T13440] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 949.285998][T13440] bcachefs (loop4): Version upgrade required: [ 949.285998][T13440] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 949.285998][T13440] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 949.285998][T13440] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 949.427959][T13440] bcachefs (loop4): error reading btree root btree=alloc level=0: btree_node_read_error, fixing [ 949.488254][T13440] bcachefs (loop4): check_topology... done [ 949.502357][T13440] bcachefs (loop4): accounting_read... done [ 949.525631][T13440] bcachefs (loop4): alloc_read... done [ 949.534632][T13440] bcachefs (loop4): snapshots_read... done [ 949.544710][T13440] bcachefs (loop4): Fixed errors, running fsck a second time to verify fs is clean [ 949.557429][T13440] bcachefs (loop4): done starting filesystem [ 949.787436][ T5803] bcachefs (loop4): shutting down [ 949.911825][ T5803] bcachefs (loop4): shutdown complete [ 949.952049][T13460] loop0: detected capacity change from 0 to 2048 [ 950.988527][T13475] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3275'. [ 951.004016][T13475] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 952.146820][T11818] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 952.260097][T13491] loop0: detected capacity change from 0 to 1024 [ 952.390156][T11818] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 952.399933][T11818] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 952.408466][T11818] usb 2-1: Product: syz [ 952.412946][T11818] usb 2-1: Manufacturer: syz [ 952.418124][T11818] usb 2-1: SerialNumber: syz [ 952.464888][T11818] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 952.625462][ T9] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 952.681232][T13494] loop2: detected capacity change from 0 to 256 [ 952.857240][ T1892] hfsplus: b-tree write err: -5, ino 4 [ 952.885538][T13494] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011fde, chksum : 0x6fab550a, utbl_chksum : 0xe619d30d) [ 953.122949][T11818] usb 2-1: USB disconnect, device number 14 [ 953.758109][ T9] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 953.771164][ T9] ath9k_htc: Failed to initialize the device [ 953.856626][T11818] usb 2-1: ath9k_htc: USB layer deinitialized [ 954.075715][T13499] loop3: detected capacity change from 0 to 4096 [ 954.157937][T13499] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 954.641182][T13508] loop4: detected capacity change from 0 to 164 [ 955.644032][T13522] loop4: detected capacity change from 0 to 64 [ 957.573759][T13549] netlink: 'syz.1.3311': attribute type 1 has an invalid length. [ 957.583013][T13549] netlink: 'syz.1.3311': attribute type 3 has an invalid length. [ 957.591339][T13549] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3311'. [ 957.600951][T13552] loop4: detected capacity change from 0 to 256 [ 957.647382][T13552] exfat: Deprecated parameter 'utf8' [ 957.784451][T13552] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d) [ 957.980057][T13556] netlink: 5064 bytes leftover after parsing attributes in process `syz.2.3315'. [ 959.155519][T13571] loop0: detected capacity change from 0 to 2048 [ 959.358993][T13571] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 960.080204][T13583] loop3: detected capacity change from 0 to 2048 [ 960.153604][T13585] loop4: detected capacity change from 0 to 1024 [ 960.264833][T13583] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 960.302474][T13585] ===================================================== [ 960.310302][T13585] BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x1173/0x17e0 [ 960.323572][T13585] hfsplus_rename_cat+0x1173/0x17e0 [ 960.330999][T13585] hfsplus_rename+0x1fc/0x2f0 [ 960.335969][T13585] vfs_rename+0x1e87/0x2460 [ 960.341170][T13585] do_renameat2+0x175e/0x1d70 [ 960.346497][T13585] __x64_sys_rename+0xd7/0x140 [ 960.351746][T13585] x64_sys_call+0x3553/0x3db0 [ 960.357008][T13585] do_syscall_64+0xd9/0x210 [ 960.361946][T13585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.368484][T13585] [ 960.370970][T13585] Uninit was stored to memory at: [ 960.376578][T13585] hfsplus_rename_cat+0x10a9/0x17e0 [ 960.382097][T13585] hfsplus_rename+0x1fc/0x2f0 [ 960.387335][T13585] vfs_rename+0x1e87/0x2460 [ 960.392148][T13585] do_renameat2+0x175e/0x1d70 [ 960.398163][T13585] __x64_sys_rename+0xd7/0x140 [ 960.403213][T13585] x64_sys_call+0x3553/0x3db0 [ 960.408390][T13585] do_syscall_64+0xd9/0x210 [ 960.413171][T13585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.424646][T13585] [ 960.429617][T13585] Uninit was stored to memory at: [ 960.435026][T13585] hfsplus_create_cat+0x18fb/0x1910 [ 960.440734][T13585] hfsplus_mknod+0x208/0x560 [ 960.445621][T13585] hfsplus_mkdir+0x5a/0x80 [ 960.450446][T13585] vfs_mkdir+0x4e7/0x850 [ 960.454969][T13585] do_mkdirat+0x41a/0xf30 [ 960.459961][T13585] __x64_sys_mkdir+0x9a/0xf0 [ 960.465033][T13585] x64_sys_call+0x29b6/0x3db0 [ 960.470259][T13585] do_syscall_64+0xd9/0x210 [ 960.475153][T13585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.481491][T13585] [ 960.483998][T13585] Uninit was stored to memory at: [ 960.489851][T13585] hfsplus_create_cat+0x18fb/0x1910 [ 960.495647][T13585] hfsplus_fill_super+0x212e/0x2740 [ 960.501396][T13585] get_tree_bdev_flags+0x6e6/0x920 [ 960.506996][T13585] get_tree_bdev+0x38/0x50 [ 960.511710][T13585] hfsplus_get_tree+0x35/0x40 [ 960.517580][T13585] vfs_get_tree+0xb3/0x5c0 [ 960.527547][T13585] do_new_mount+0x738/0x1610 [ 960.532456][T13585] path_mount+0x6db/0x1e90 [ 960.539745][T13585] __se_sys_mount+0x6eb/0x7d0 [ 960.544781][T13585] __x64_sys_mount+0xe4/0x150 [ 960.550192][T13585] x64_sys_call+0xfa7/0x3db0 [ 960.555074][T13585] do_syscall_64+0xd9/0x210 [ 960.560127][T13585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.566424][T13585] [ 960.568911][T13585] Uninit was created at: [ 960.573615][T13585] __alloc_frozen_pages_noprof+0x689/0xf00 [ 960.580083][T13585] alloc_pages_mpol+0x328/0x860 [ 960.585236][T13585] alloc_frozen_pages_noprof+0xf7/0x200 [ 960.591342][T13585] allocate_slab+0x24d/0x1220 [ 960.596456][T13585] ___slab_alloc+0xfec/0x3480 [ 960.601425][T13585] kmem_cache_alloc_lru_noprof+0x922/0xed0 [ 960.607921][T13585] hfsplus_alloc_inode+0x5a/0xd0 [ 960.613496][T13585] alloc_inode+0x87/0x4a0 [ 960.618373][T13585] iget_locked+0x239/0x12d0 [ 960.628451][T13585] hfsplus_iget+0x5c/0xb80 [ 960.633137][T13585] hfsplus_btree_open+0x134/0x1d00 [ 960.640354][T13585] hfsplus_fill_super+0x1161/0x2740 [ 960.645851][T13585] get_tree_bdev_flags+0x6e6/0x920 [ 960.651648][T13585] get_tree_bdev+0x38/0x50 [ 960.656597][T13585] hfsplus_get_tree+0x35/0x40 [ 960.661526][T13585] vfs_get_tree+0xb3/0x5c0 [ 960.666984][T13585] do_new_mount+0x738/0x1610 [ 960.671877][T13585] path_mount+0x6db/0x1e90 [ 960.676858][T13585] __se_sys_mount+0x6eb/0x7d0 [ 960.681857][T13585] __x64_sys_mount+0xe4/0x150 [ 960.687031][T13585] x64_sys_call+0xfa7/0x3db0 [ 960.691914][T13585] do_syscall_64+0xd9/0x210 [ 960.698006][T13585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.704245][T13585] [ 960.706990][T13585] CPU: 1 UID: 0 PID: 13585 Comm: syz.4.3329 Not tainted 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(undef) [ 960.719560][T13585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 960.734927][T13585] ===================================================== [ 960.743836][T13585] Disabling lock debugging due to kernel taint [ 960.750325][T13585] Kernel panic - not syncing: kmsan.panic set ... [ 960.757211][T13585] CPU: 1 UID: 0 PID: 13585 Comm: syz.4.3329 Tainted: G B 6.16.0-rc3-syzkaller-00306-gaaf724ed6926 #0 PREEMPT(undef) [ 960.771305][T13585] Tainted: [B]=BAD_PAGE [ 960.775612][T13585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 960.785866][T13585] Call Trace: [ 960.789295][T13585] [ 960.792371][T13585] __dump_stack+0x26/0x30 [ 960.796970][T13585] dump_stack_lvl+0x53/0x270 [ 960.801843][T13585] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 960.807949][T13585] dump_stack+0x1e/0x25 [ 960.812349][T13585] panic+0x4bd/0xd50 [ 960.816579][T13585] kmsan_report+0x31c/0x320 [ 960.821387][T13585] ? __msan_memcpy+0x108/0x1c0 [ 960.826529][T13585] ? __msan_warning+0x1b/0x30 [ 960.831617][T13585] ? hfsplus_rename_cat+0x1173/0x17e0 [ 960.837282][T13585] ? hfsplus_rename+0x1fc/0x2f0 [ 960.842499][T13585] ? vfs_rename+0x1e87/0x2460 [ 960.847488][T13585] ? do_renameat2+0x175e/0x1d70 [ 960.852618][T13585] ? __x64_sys_rename+0xd7/0x140 [ 960.857839][T13585] ? x64_sys_call+0x3553/0x3db0 [ 960.862995][T13585] ? do_syscall_64+0xd9/0x210 [ 960.867901][T13585] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 960.874218][T13585] ? kmsan_get_metadata+0xfb/0x160 [ 960.879715][T13585] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 960.885835][T13585] ? hfsplus_bnode_dump+0x50a/0x560 [ 960.891332][T13585] ? kmsan_get_metadata+0xfb/0x160 [ 960.896762][T13585] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 960.903051][T13585] ? hfsplus_brec_remove+0x92f/0xa60 [ 960.908690][T13585] ? kmsan_get_metadata+0xfb/0x160 [ 960.914096][T13585] __msan_warning+0x1b/0x30 [ 960.918862][T13585] hfsplus_rename_cat+0x1173/0x17e0 [ 960.924355][T13585] ? kfree+0x121/0xec0 [ 960.928726][T13585] ? filter_irq_stacks+0x49/0x190 [ 960.934008][T13585] ? stack_depot_save_flags+0x35/0x7b0 [ 960.939755][T13585] ? kmsan_get_metadata+0xfb/0x160 [ 960.945158][T13585] ? kmsan_get_metadata+0xfb/0x160 [ 960.950670][T13585] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 960.957311][T13585] ? kmsan_get_metadata+0xfb/0x160 [ 960.962730][T13585] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 960.968843][T13585] ? kmsan_get_metadata+0xfb/0x160 [ 960.974331][T13585] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 960.980485][T13585] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 960.987125][T13585] hfsplus_rename+0x1fc/0x2f0 [ 960.992164][T13585] ? __pfx_hfsplus_rename+0x10/0x10 [ 960.997648][T13585] vfs_rename+0x1e87/0x2460 [ 961.002457][T13585] ? end_current_label_crit_section+0x112/0x290 [ 961.009046][T13585] do_renameat2+0x175e/0x1d70 [ 961.014109][T13585] __x64_sys_rename+0xd7/0x140 [ 961.019107][T13585] x64_sys_call+0x3553/0x3db0 [ 961.024073][T13585] do_syscall_64+0xd9/0x210 [ 961.029070][T13585] ? irqentry_exit+0x16/0x60 [ 961.033944][T13585] ? clear_bhb_loop+0x40/0x90 [ 961.038884][T13585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 961.045024][T13585] RIP: 0033:0x7f139f58e929 [ 961.049631][T13585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 961.069597][T13585] RSP: 002b:00007f13a045c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 961.078347][T13585] RAX: ffffffffffffffda RBX: 00007f139f7b5fa0 RCX: 00007f139f58e929 [ 961.086550][T13585] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000200000000040 [ 961.094899][T13585] RBP: 00007f139f610b39 R08: 0000000000000000 R09: 0000000000000000 [ 961.103097][T13585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 961.111273][T13585] R13: 0000000000000000 R14: 00007f139f7b5fa0 R15: 00007ffd85ce08f8 [ 961.119521][T13585] [ 961.122999][T13585] Kernel Offset: disabled [ 961.127426][T13585] Rebooting in 86400 seconds..