last executing test programs: 1m0.379317585s ago: executing program 2 (id=1429): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f00000003c0)='cgroup.freeze\x00', 0x275a, 0x0) read$rfkill(r1, &(0x7f0000000140), 0x8) 59.863947773s ago: executing program 2 (id=1431): r0 = syz_open_procfs(0x0, &(0x7f0000000100)='comm\x00') write$binfmt_script(r0, &(0x7f0000000980)={'#! ', './file0'}, 0xb) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='status\x00') preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000240)=""/133, 0x85}], 0x1, 0x2, 0x0) 59.491571668s ago: executing program 2 (id=1433): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="dc00000000010104000000000000000002000000240002801400018008000100e000000108000200e00000010c000280050001000000000008000480040003800800084000000000080008400000000034000f"], 0xdc}}, 0x0) 59.067624848s ago: executing program 2 (id=1437): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000003c0)={'ip6tnl0\x00', &(0x7f0000000400)={'syztnl0\x00', r1, 0x0, 0x10, 0x0, 0x4, 0x43, @mcast2, @loopback={0xfec0ffff00000000, 0xffff8881114a4aa8}, 0x40, 0x0, 0x0, 0x6}}) 58.547235868s ago: executing program 2 (id=1440): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="02000000010000000000000302000000", @ANYRES32=0x0, @ANYBLOB="0400000000000000100000000000000020"], 0x2c, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x20080, 0x51) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) 58.198590225s ago: executing program 2 (id=1442): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/102, 0x66}, {0x0}], 0x2}, 0x300}], 0x1, 0x2b, 0x0) syz_emit_ethernet(0x9a, &(0x7f00000001c0)={@random="ed4e0300", @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, "6bbe4d", 0x64, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], {0x4e20, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x2, "8c7c8db45d2c0ba8decba26565b12e6b32dd8c20597f6a5959d0921165374b57", "30ffdcbac90c2e58724369f6012f4b84", {"6854dedc3e3710b7a86a6efb5f14d84d", "18e136787f03e12095dc39942fb20364"}}}}}}}}, 0x0) 42.384113956s ago: executing program 32 (id=1442): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000280)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/102, 0x66}, {0x0}], 0x2}, 0x300}], 0x1, 0x2b, 0x0) syz_emit_ethernet(0x9a, &(0x7f00000001c0)={@random="ed4e0300", @multicast, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, "6bbe4d", 0x64, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], {0x4e20, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x2, 0x2, "8c7c8db45d2c0ba8decba26565b12e6b32dd8c20597f6a5959d0921165374b57", "30ffdcbac90c2e58724369f6012f4b84", {"6854dedc3e3710b7a86a6efb5f14d84d", "18e136787f03e12095dc39942fb20364"}}}}}}}}, 0x0) 8.901307566s ago: executing program 3 (id=1648): syz_mount_image$cramfs(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000080)=ANY=[], 0xfc, 0x15e, &(0x7f0000000480)="$eJzs0U1rE0Ecx/Hv7E4ewIQoRggeTG5Gg5AH9CYhKwYDxgVFEE+BuKKQEDGgPTb02kOg1xz6cC19C0nbQ2lJLn0VveRW6HHL7CYs7Wv4f27zm+H3n519/3ZRVETeDfp//nrDofej8NltN79cTacNk8eB5J398PysAb/QzDQsR2Di0zT8/N3zrO6gZ9bLBiQA58Eqp59Zz3OympGGCr69zk4SwTlrNTLMnsA3el6NWLB+qsHJhH1lYL4Hz/FxHoVZBbgGbFDKXN5PhEWtUv6xgo1J6ejw4tP8vPXqZd3brjbHL1I5uwTs46jkmRU9yWLe/ui23UWtWn2TLFcsXl+aQjbH6A+pf/BdgTZ9FkFfnNwz/RW2FOwEs5bHKm0+YvfG7Yf3qJuC/3YBVH7S7eRiB53sQwu7qM2uzz3mFwU70YsIIYQQQgghhBBCCCGEEEIIIYQQkdsAAAD//7ILTbU=") syz_mount_image$tmpfs(&(0x7f0000000080), &(0x7f0000001080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20c28, 0x0, 0x3, 0x0, &(0x7f0000000080)) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) 8.79735595s ago: executing program 1 (id=1649): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000e3a000/0x2000)=nil, 0x2000, 0x17) move_pages(0x0, 0x1, &(0x7f0000000080)=[&(0x7f0000ffc000/0x1000)=nil], &(0x7f0000002640)=[0x1], &(0x7f0000000000), 0x0) syz_clone(0x5400, 0x0, 0x0, &(0x7f0000001d40), 0x0, 0x0) 8.571447513s ago: executing program 0 (id=1652): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@nr_inodes={'nr_inodes', 0x3d, [0x31]}}]}) chdir(&(0x7f0000000200)='./file0\x00') symlink(&(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00') 8.105186532s ago: executing program 3 (id=1654): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 7.943500871s ago: executing program 0 (id=1656): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d05000500020000000500010006"], 0x50}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x6}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000004) 7.614489987s ago: executing program 5 (id=1657): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000180)={0xc0, 0x0, 0x1000}) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x4000}) 7.234621597s ago: executing program 1 (id=1658): socket(0x18, 0x803, 0x0) r0 = syz_io_uring_setup(0x1e1f, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x3}, &(0x7f0000002000)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22}) io_uring_enter(r0, 0x48e9, 0x4251, 0x2, 0x0, 0x0) 6.975370872s ago: executing program 0 (id=1660): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x78, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xd9, 0x0, 0x1}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}}]}, 0x78}}, 0x0) 6.514224456s ago: executing program 5 (id=1661): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x43}}, 0x10) sendmmsg$inet(r0, &(0x7f0000000840)=[{{&(0x7f0000000c00)={0x2, 0x4e22, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044) sendto$inet(r0, 0x0, 0x0, 0x400c012, 0x0, 0x0) 6.137477514s ago: executing program 1 (id=1662): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, r1, 0x4, 0x0, @void}, 0x10) 5.883348808s ago: executing program 0 (id=1663): syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x3eac, 0x400, 0x2, 0x105}, 0x0, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, 0x0, &(0x7f0000000100)) 5.729797657s ago: executing program 5 (id=1664): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4e20, 0xd, @remote, 0x1}, 0x1c) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x4, 0x20}, &(0x7f0000000300)=0xc) 5.241949478s ago: executing program 0 (id=1665): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000340)={r1, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, &(0x7f0000000040)=0x84) 4.961988582s ago: executing program 1 (id=1666): r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.empty_time\x00', 0x275a, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0001}]}) copy_file_range(r1, 0x0, r0, 0x0, 0xfffffffffffffff8, 0x0) 4.62824624s ago: executing program 5 (id=1668): timer_create(0x3, 0x0, &(0x7f0000000080)=0x0) timer_settime(r0, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mlock(&(0x7f00007fe000/0x800000)=nil, 0x800000) timer_settime(r0, 0x1, &(0x7f00000002c0)={{}, {0x0, 0x989680}}, &(0x7f0000000500)) 3.885245556s ago: executing program 1 (id=1669): unshare(0x62040200) syz_usb_connect(0x2, 0x56, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000084a48e08d112f74247aa000000010902"], 0x0) r0 = socket$inet(0xa, 0x801, 0x84) getsockopt$IPT_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f00000000c0)={'mangle\x00', 0x0, [0x1, 0x80, 0x207, 0x80004, 0xe]}, &(0x7f0000000040)=0x54) 3.865825638s ago: executing program 4 (id=1670): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000021c0)='/proc/sysvipc/sem\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000000180)={0x2020}, 0x2020) semget$private(0x0, 0x7, 0x180) read$FUSE(r0, &(0x7f000000a2c0)={0x2020}, 0x2020) 3.045059868s ago: executing program 0 (id=1671): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 2.905471791s ago: executing program 4 (id=1672): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r2, 0xd}, &(0x7f0000000180)=0x8) 2.213898412s ago: executing program 3 (id=1673): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4) syz_emit_ethernet(0x2b, &(0x7f0000000200)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x9, 0x0, @opaque="df"}}}}}, 0x0) 1.985779582s ago: executing program 4 (id=1674): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = epoll_create1(0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f00000000c0)={0x70000011}) 1.714559062s ago: executing program 3 (id=1675): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x50, 0x10, 0x1, 0x470bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r2, 0x64e10, 0x36a01}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x18, 0x5, 0x0, 0x1, [@IFLA_BRPORT_FLUSH={0x4}, @IFLA_BRPORT_PROXYARP_WIFI={0x5}, @IFLA_BRPORT_MULTICAST_ROUTER={0x5}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c080}, 0x8002) 1.611672439s ago: executing program 5 (id=1676): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f00000005c0)='\"', 0x1, 0x4fed0) sendfile(r0, r0, 0x0, 0xe3aa6ea) 1.41495269s ago: executing program 4 (id=1677): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x50, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "1ace22badaffd86c93291a1e9e85e74e28a13e2ac0f6ccc0"}, @NL80211_ATTR_MNTR_FLAGS={0x4}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}]]}, 0x50}, 0x1, 0x0, 0x0, 0x10040}, 0x48000) 1.229939877s ago: executing program 1 (id=1678): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r1, 0x0) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f00000000c0)={0x4000, 0x80600}) 844.714613ms ago: executing program 3 (id=1679): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600), 0x41) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000014000000080016000000000018000180140002006e657464657673696d3000000000000008001500170000000800130000170000080014"], 0x4c}}, 0x0) 721.012451ms ago: executing program 4 (id=1680): openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000080)={0x80040, 0x0, 0x3a}, 0x18) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x2, 0x1, "fa"}, 0x9) 261.242765ms ago: executing program 3 (id=1681): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40008) 210.092796ms ago: executing program 4 (id=1682): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x561, &(0x7f0000000f80)="$eJzs3U1rG0cfAPD/ylbenycOhNCWUgw9NCWNHNt9SaGH9NyGBtp7KuyNCZajYMkhdgNNDs25hF5KA6X30nOPoV+gh36GQBsIJZj20IvLyivFL5ItJ7KtVL8frJnZXWl2NPsfz2gkFMDAGs3+FCJejoivk4jjEZHkx4YjPzi6et7yk1tT2ZbEysqnfyaN87J887majzuaZ16KiF++ijhT2FxubXFptlyppPN5fqw+d32strh09upceSadSa9NTE6ef2dy4v333u1ZXd+89Pe3nzwYynMn7iVxIY7lubX1eA6312ZGYzR/TYpxYcOJ4z0orJ8kbff+tOfXwc4M5XFejKwPOB5DedQD/31fRsQKMKCSHcf/b8XduRJgbzXHAc25fY/mwS+Mxx+uToA213949b2RONSYGx1ZTtbNjLL57kgPys/K+PmP+/eyLXr3PgTAtm7fiYhzw8Ob+78k7/+e3bkuztlYhv4P9s6DbPzzVrvxT6E1/ok245+jbWL3WWwf/4VHPSimo2z890Hb8W9r0WpkKM/9rzHmKyZXrlbSrG/7f0ScjuLBLL/Ves755YcrnY6tHf9lW1Z+cyyYX8ej4YPrHzNdrpefp85rPb4T8Urb8W/Sav+kTftnr8elLss4ld5/rdOx7eu/u1Z+iHijbfs/XdFKtl6fHGvcD2PNu2Kzv+6e+rVT+ftd/6z9j2xd/5Fk7XptbedlfH/onzRa68nrrat/dH//H0g+a6QP5Ptuluv1+fGIA8nHrf2F5v6Jp49t5pvnZ/U//frW/V+7+/9wRHzeZf3vnvzx1U7H+qH9p9u2f2t2u6H9d554+NEX33Uqv7v+7+1G6nS+p5v+r9sLfJ7XDgAAAAAAAPpNISKORVIotdKFQqm0+vmOk3GkUKnW6meuVBeuTUfju7IjUSw0V7qPr/k8xHi+YtjMT2zIT0bEiYj4ZuhwI1+aqlam97vyAAAAAAAAAAAAAAAAAAAA0CeOdvj+f+b3of2+OmDX+clvGFzbxn8vfukJ6Ev+/8PgEv8wuMQ/DC7xD4NL/MPgEv8wuMQ/DC7xDwAAAAAAAAAAAAAAAAAAAAAAAAAAAD116eLFbFtZfnJrKstP31hcmK3eODud1mZLcwtTpanq/PXSTLU6U0lLU9W57Z6vUq1eH5+IhZtj9bRWH6stLl2eqy5cq1++OleeSS+nxT2pFQAAAAAAAAAAAAAAAAAAALxYaotLs+VKJZ2XkHimxHB/XIZEjxP73TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFP/BgAA//9q6zMB") setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000000)=ANY=[], 0x361, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000000)=ANY=[], 0xfe37, 0x0) 0s ago: executing program 5 (id=1683): r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x0, 0x3080, 0x8003, 0x25f}, &(0x7f0000000240)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x3, r0, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}}) io_uring_enter(r0, 0x6e2, 0x620, 0x1, 0x0, 0x0) kernel console output (not intermixed with test programs): 6] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 237.182992][ T6256] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 237.222722][ T2034] kernel write not supported for file /dsp (pid: 2034 comm: kworker/0:2) [ 237.900818][ T6270] loop3: detected capacity change from 0 to 256 [ 238.078968][ T30] kauditd_printk_skb: 8 callbacks suppressed [ 238.079044][ T30] audit: type=1800 audit(1763742198.562:20): pid=6270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.124" name="file0" dev="loop3" ino=1048611 res=0 errno=0 [ 238.106830][ T30] audit: type=1800 audit(1763742198.582:21): pid=6270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.124" name="file0" dev="loop3" ino=1048611 res=0 errno=0 [ 239.357309][ T6289] bridge0: port 3(hsr0) entered blocking state [ 239.364171][ T6289] bridge0: port 3(hsr0) entered disabled state [ 239.371381][ T6289] hsr0: entered allmulticast mode [ 239.376835][ T6289] hsr_slave_0: entered allmulticast mode [ 239.382648][ T6289] hsr_slave_1: entered allmulticast mode [ 239.490536][ T6289] hsr0: entered promiscuous mode [ 239.498890][ T6289] bridge0: port 3(hsr0) entered blocking state [ 239.505634][ T6289] bridge0: port 3(hsr0) entered forwarding state [ 239.772131][ T6295] loop4: detected capacity change from 0 to 1024 [ 240.031976][ T30] audit: type=1800 audit(1763742200.522:22): pid=6295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.135" name="file1" dev="loop4" ino=20 res=0 errno=0 [ 240.148399][ T6300] loop0: detected capacity change from 0 to 8 [ 241.806086][ T6313] netlink: 'syz.0.143': attribute type 12 has an invalid length. [ 241.814064][ T6313] netlink: 9472 bytes leftover after parsing attributes in process `syz.0.143'. [ 242.159763][ T5798] Bluetooth: hci5: command 0x1003 tx timeout [ 242.171819][ T5093] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 244.808115][ T6346] process 'syz.0.159' launched './file0' with NULL argv: empty string added [ 246.451219][ T6376] mmap: syz.0.173 (6376) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 247.012566][ T6382] loop1: detected capacity change from 0 to 256 [ 247.058419][ T6382] exfat: Deprecated parameter 'utf8' [ 247.064267][ T6382] exfat: Deprecated parameter 'namecase' [ 247.070982][ T6382] exfat: Deprecated parameter 'namecase' [ 247.077108][ T6382] exfat: Deprecated parameter 'utf8' [ 247.291343][ T6382] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffad0, utbl_chksum : 0xe619d30d) [ 247.733857][ T6392] netlink: 8 bytes leftover after parsing attributes in process `syz.3.180'. [ 247.967399][ T6394] netlink: 4 bytes leftover after parsing attributes in process `syz.2.181'. [ 248.176152][ T6396] loop4: detected capacity change from 0 to 512 [ 248.218393][ T6396] EXT4-fs: Ignoring removed nomblk_io_submit option [ 248.285560][ T6396] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 248.299238][ T6396] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 248.573287][ T6396] EXT4-fs (loop4): 1 truncate cleaned up [ 248.581520][ T6396] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 248.957954][ T6408] capability: warning: `syz.0.186' uses deprecated v2 capabilities in a way that may be insecure [ 249.108659][ T5809] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.124148][ T6411] loop1: detected capacity change from 0 to 512 [ 249.367538][ T6411] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 249.380950][ T6411] ext4 filesystem being mounted at /34/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 249.964661][ T5808] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.007889][ T6420] loop0: detected capacity change from 0 to 256 [ 250.277307][ T6420] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012c80, chksum : 0x8ff561f5, utbl_chksum : 0xe619d30d) [ 251.437316][ T6426] overlayfs: failed to resolve './file0': -2 [ 252.450501][ T6452] program syz.0.206 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 252.685377][ T6455] sit0: entered promiscuous mode [ 252.706600][ T6455] netlink: 'syz.1.208': attribute type 1 has an invalid length. [ 252.719783][ T6455] netlink: 1 bytes leftover after parsing attributes in process `syz.1.208'. [ 253.284253][ T6466] loop1: detected capacity change from 0 to 512 [ 253.303967][ T6466] EXT4-fs: Ignoring removed nobh option [ 253.358574][ T6466] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 253.718970][ T5808] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.027526][ T5922] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 255.233484][ T5922] usb 2-1: unable to get BOS descriptor or descriptor too short [ 255.241636][ T5922] usb 2-1: no configurations [ 255.246644][ T5922] usb 2-1: can't read configurations, error -22 [ 255.356111][ T6506] loop0: detected capacity change from 0 to 1024 [ 255.388611][ T6506] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 255.677176][ T6510] vxcan1: tx address claim with dest, not broadcast [ 256.025488][ T5851] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 256.197946][ T5851] usb 5-1: Using ep0 maxpacket: 32 [ 256.231044][ T5851] usb 5-1: config 0 has an invalid interface number: 67 but max is 0 [ 256.239658][ T5851] usb 5-1: config 0 has no interface number 0 [ 256.306901][ T5851] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 256.316955][ T5851] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.325426][ T5851] usb 5-1: Product: syz [ 256.329755][ T5851] usb 5-1: Manufacturer: syz [ 256.334521][ T5851] usb 5-1: SerialNumber: syz [ 256.385448][ T6514] loop0: detected capacity change from 0 to 8192 [ 256.421168][ T5851] usb 5-1: config 0 descriptor?? [ 256.446213][ T5851] smsc95xx v2.0.0 [ 256.830949][ T2034] kernel read not supported for file /media0 (pid: 2034 comm: kworker/0:2) [ 256.884677][ T5851] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 256.896540][ T5851] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 257.137639][ T5851] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 257.149740][ T5851] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71 [ 257.183246][ T5851] usb 5-1: USB disconnect, device number 2 [ 257.616362][ T6532] loop1: detected capacity change from 0 to 1764 [ 258.182179][ T6538] loop3: detected capacity change from 0 to 512 [ 258.198825][ T6538] EXT4-fs: Ignoring removed nomblk_io_submit option [ 258.285761][ T6538] EXT4-fs error (device loop3): __ext4_iget:5443: inode #11: block 1: comm syz.3.247: invalid block [ 258.405904][ T6538] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.247: couldn't read orphan inode 11 (err -117) [ 258.437713][ T6538] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.573162][ T6538] EXT4-fs (loop3): shut down requested (2) [ 258.806934][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.372490][ T6559] netlink: 132 bytes leftover after parsing attributes in process `syz.0.256'. [ 260.360746][ T6576] netlink: 4 bytes leftover after parsing attributes in process `syz.2.263'. [ 260.384551][ T6578] input: syz1 as /devices/virtual/input/input6 [ 260.773176][ T6581] netlink: 4 bytes leftover after parsing attributes in process `syz.1.268'. [ 260.817368][ T6581] netlink: 72 bytes leftover after parsing attributes in process `syz.1.268'. [ 260.863708][ T6584] loop0: detected capacity change from 0 to 512 [ 261.023356][ T6584] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 261.080835][ T6588] loop3: detected capacity change from 0 to 512 [ 261.114798][ T6586] block device autoloading is deprecated and will be removed. [ 261.215802][ T6588] EXT4-fs (loop3): orphan cleanup on readonly fs [ 261.265868][ T6588] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.270: bg 0: block 248: padding at end of block bitmap is not set [ 261.372358][ T6588] Quota error (device loop3): write_blk: dquota write failed [ 261.381230][ T6588] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 261.391667][ T6588] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.270: Failed to acquire dquot type 1 [ 261.460243][ T6588] EXT4-fs (loop3): 1 truncate cleaned up [ 261.540465][ T6588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 261.609788][ T6588] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 261.668712][ T6588] EXT4-fs warning (device loop3): read_mmp_block:115: Error -117 while reading MMP block 0 [ 261.729515][ T3018] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 261.882109][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.383939][ T6606] loop3: detected capacity change from 0 to 1024 [ 262.756279][ T6611] loop1: detected capacity change from 0 to 4096 [ 262.826082][ T3885] hfsplus: bad catalog file entry [ 262.837039][ T3885] hfsplus: b-tree write err: -5, ino 3 [ 263.122559][ T6622] loop3: detected capacity change from 0 to 1024 [ 263.163659][ T6611] overlayfs: upper fs does not support tmpfile. [ 263.179256][ T6611] overlayfs: workdir/#2 already exists [ 263.285352][ T2034] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 263.402340][ T135] hfsplus: b-tree write err: -5, ino 8 [ 263.496561][ T2034] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 263.504576][ T2034] usb 1-1: can't read configurations, error -71 [ 264.400647][ T6643] loop0: detected capacity change from 0 to 256 [ 264.578650][ T6643] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011ed8, chksum : 0xfabc9ed3, utbl_chksum : 0xe619d30d) [ 264.986616][ T2034] kernel read not supported for file /dsp1 (pid: 2034 comm: kworker/0:2) [ 266.110032][ T6661] loop3: detected capacity change from 0 to 1024 [ 266.247876][ T6661] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.711496][ T6677] netlink: 4 bytes leftover after parsing attributes in process `syz.2.309'. [ 266.766700][ T6678] serio: Serial port ttyS3 [ 266.795645][ T6676] nbd0: detected capacity change from 0 to 549764202496 [ 266.808649][ T6680] loop0: Can't mount, would change RO state [ 266.824742][ T5093] block nbd0: Receive control failed (result -32) [ 266.976274][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.498589][ T6689] loop1: detected capacity change from 0 to 1024 [ 267.562436][ T6689] hfsplus: invalid length 32517 has been corrected to 255 [ 267.634828][ T6689] hfsplus: invalid length 32517 has been corrected to 255 [ 267.682656][ T6689] hfsplus: invalid length 32517 has been corrected to 255 [ 267.845494][ T6698] loop4: detected capacity change from 0 to 512 [ 267.905386][ T6698] EXT4-fs (loop4): Test dummy encryption mode enabled [ 267.913863][ T6698] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 267.952801][ T135] hfsplus: b-tree write err: -5, ino 4 [ 267.975899][ T6698] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 267.995745][ T6698] EXT4-fs (loop4): 1 truncate cleaned up [ 268.003448][ T6698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 268.682884][ T6698] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 268.968883][ T5809] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 269.290991][ T6722] loop0: detected capacity change from 0 to 128 [ 269.318144][ T6722] EXT4-fs: Ignoring removed orlov option [ 269.395545][ T6720] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 269.407123][ T6720] syzkaller1: linktype set to 1 [ 269.442314][ T6722] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 269.501470][ T6722] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 269.555283][ T6722] EXT4-fs error (device loop0): __ext4_find_entry:1626: inode #2: comm syz.0.328: checksumming directory block 0 [ 269.833976][ T5805] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 270.480166][ T6743] loop3: detected capacity change from 0 to 64 [ 270.523927][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.536326][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.545591][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.553274][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.561305][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.569102][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.576926][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.584572][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.592408][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.600142][ T5851] hid-generic 0003:0004:0000.0001: unknown main item tag 0x0 [ 270.620173][ T5851] hid-generic 0003:0004:0000.0001: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 270.953805][ T6753] loop0: detected capacity change from 0 to 1024 [ 271.029308][ T6753] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 271.241822][ T6753] EXT4-fs error (device loop0): ext4_get_first_dir_block:3552: inode #11: comm syz.0.340: directory missing '..' [ 271.545885][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.888783][ T2034] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 273.065187][ T2034] usb 1-1: Using ep0 maxpacket: 32 [ 273.078190][ T2034] usb 1-1: config 0 has an invalid interface number: 188 but max is 0 [ 273.087118][ T2034] usb 1-1: config 0 has no interface number 0 [ 273.096711][ T2034] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 273.167876][ T2034] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 273.177482][ T2034] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.187286][ T2034] usb 1-1: Product: syz [ 273.196520][ T2034] usb 1-1: Manufacturer: syz [ 273.201351][ T2034] usb 1-1: SerialNumber: syz [ 273.261746][ T2034] usb 1-1: config 0 descriptor?? [ 273.270453][ T6785] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 273.512292][ T6785] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 274.177590][ T2034] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 274.188971][ T2034] asix 1-1:0.188: probe with driver asix failed with error -71 [ 274.257137][ T2034] usb 1-1: USB disconnect, device number 5 [ 274.872898][ T6818] bond0: entered promiscuous mode [ 274.878306][ T6818] bond_slave_0: entered promiscuous mode [ 274.885540][ T6818] bond_slave_1: entered promiscuous mode [ 275.175198][ T6821] binder: Binderfs stats mode cannot be changed during a remount [ 275.608489][ T6829] block nbd1: Unsupported socket: should be TCP or UNIX. [ 275.717159][ T6832] netlink: 'syz.1.375': attribute type 8 has an invalid length. [ 276.115648][ T6839] loop3: detected capacity change from 0 to 1024 [ 276.172021][ T6839] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 not in group (block 5)! [ 276.182520][ T6839] EXT4-fs (loop3): group descriptors corrupted! [ 276.402423][ T6839] loop3: detected capacity change from 0 to 1024 [ 276.442807][ T6839] EXT4-fs (loop3): failed to parse options in superblock:  [ 276.451370][ T6839] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 276.461701][ T6839] EXT4-fs (loop3): Unsupported encryption level 161 [ 277.066497][ T6858] netlink: 'syz.3.387': attribute type 2 has an invalid length. [ 279.296969][ T6885] loop1: detected capacity change from 0 to 4096 [ 279.345505][ T6885] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 279.531578][ T6885] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 279.604542][ T6885] ntfs3(loop1): ino=1e, "file1" The size of extended attributes must not exceed 64KiB [ 281.892001][ T6936] loop0: detected capacity change from 0 to 128 [ 282.016452][ T6941] netlink: 4 bytes leftover after parsing attributes in process `syz.2.422'. [ 282.382173][ T2034] kernel read not supported for file /rfkill (pid: 2034 comm: kworker/0:2) [ 282.487425][ T6942] loop4: detected capacity change from 0 to 4096 [ 282.528162][ T6942] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 282.926704][ T2034] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 283.127594][ T2034] usb 3-1: Using ep0 maxpacket: 32 [ 283.152343][ T2034] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 283.161796][ T2034] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.207715][ T2034] usb 3-1: config 0 descriptor?? [ 283.445082][ T2034] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 283.486707][ T2034] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 283.508265][ T2034] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 283.516016][ T2034] usb 3-1: media controller created [ 283.597148][ T2034] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 283.705281][ T2034] az6027: usb out operation failed. (-71) [ 283.717972][ T2034] az6027: usb out operation failed. (-71) [ 283.723880][ T2034] stb0899_attach: Driver disabled by Kconfig [ 283.730484][ T2034] az6027: no front-end attached [ 283.730484][ T2034] [ 283.792767][ T2034] az6027: usb out operation failed. (-71) [ 283.798794][ T2034] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 283.809080][ T2034] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input7 [ 283.867928][ T2034] dvb-usb: schedule remote query interval to 400 msecs. [ 283.875444][ T2034] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 283.912398][ T2034] usb 3-1: USB disconnect, device number 3 [ 284.136975][ T2034] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 284.816405][ T6981] netlink: 'syz.0.440': attribute type 21 has an invalid length. [ 284.826874][ T6981] IPv6: NLM_F_CREATE should be specified when creating new route [ 284.835163][ T6981] IPv6: Can't replace route, no match found [ 285.498009][ T6991] loop0: detected capacity change from 0 to 64 [ 285.671846][ T6996] loop1: detected capacity change from 0 to 128 [ 285.779225][ T6996] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 285.811248][ T6996] ext4 filesystem being mounted at /86/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 286.268486][ T7002] loop4: detected capacity change from 0 to 2048 [ 286.288690][ T5808] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 286.381949][ T7002] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.450: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 286.454962][ T7002] EXT4-fs (loop4): get root inode failed [ 286.460823][ T7002] EXT4-fs (loop4): mount failed [ 286.750729][ T7001] netlink: 'syz.4.450': attribute type 6 has an invalid length. [ 289.867310][ T7075] loop4: detected capacity change from 0 to 1 [ 289.902643][ T7075] Dev loop4: unable to read RDB block 1 [ 289.908758][ T7075] loop4: unable to read partition table [ 289.954361][ T7075] loop4: partition table beyond EOD, truncated [ 289.961211][ T7075] loop_reread_partitions: partition scan of loop4 (þ被xü^>Ñà– ) failed (rc=-5) [ 290.606592][ T7088] netlink: 12 bytes leftover after parsing attributes in process `syz.1.488'. [ 290.615970][ T7088] netlink: 24 bytes leftover after parsing attributes in process `syz.1.488'. [ 290.841816][ T7093] sp0: Synchronizing with TNC [ 290.847706][ T7094] netlink: 8 bytes leftover after parsing attributes in process `syz.4.490'. [ 290.972502][ T7095] sp0: Synchronizing with TNC [ 292.760627][ T3885] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 293.403541][ T7147] loop0: detected capacity change from 0 to 128 [ 293.517665][ T7147] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 293.575939][ T7147] ext4 filesystem being mounted at /95/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 293.997989][ T5805] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 294.775571][ T7173] netlink: 24 bytes leftover after parsing attributes in process `syz.0.526'. [ 295.318043][ T7181] netlink: 40 bytes leftover after parsing attributes in process `syz.2.531'. [ 295.706492][ T5922] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 295.745768][ T5851] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 295.783022][ T7193] loop3: detected capacity change from 0 to 512 [ 295.792332][ T7193] EXT4-fs: inline encryption not supported [ 295.798588][ T7193] EXT4-fs: Ignoring removed i_version option [ 295.834324][ T7193] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.537: inode has both inline data and extents flags [ 295.884451][ T7193] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.537: couldn't read orphan inode 15 (err -117) [ 295.907335][ T5922] usb 2-1: Using ep0 maxpacket: 32 [ 295.922233][ T7193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 295.940417][ T5922] usb 2-1: config 0 interface 0 has no altsetting 0 [ 295.974174][ T5851] usb 1-1: unable to get BOS descriptor or descriptor too short [ 295.982609][ T5851] usb 1-1: no configurations [ 295.987705][ T5851] usb 1-1: can't read configurations, error -22 [ 296.002260][ T5922] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 296.012298][ T5922] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 296.020700][ T5922] usb 2-1: Product: syz [ 296.027818][ T5922] usb 2-1: Manufacturer: syz [ 296.032597][ T5922] usb 2-1: SerialNumber: syz [ 296.044473][ T5922] usb 2-1: config 0 descriptor?? [ 296.187557][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.252849][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.259763][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 296.545419][ T5922] gs_usb 2-1:0.0: Configuring for 54 interfaces [ 296.747515][ T5922] gs_usb 2-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 296.781713][ T5922] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -22 [ 296.965137][ T2034] usb 2-1: USB disconnect, device number 5 [ 297.469252][ T7216] loop4: detected capacity change from 0 to 256 [ 297.547241][ T7216] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 297.558008][ T7216] FAT-fs (loop4): Filesystem has been set read-only [ 297.569513][ T7216] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 297.581271][ T7216] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 297.605206][ T30] audit: type=1800 audit(1763742258.092:23): pid=7216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.547" name="file1" dev="loop4" ino=1048632 res=0 errno=0 [ 297.613310][ T7216] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001) [ 297.781588][ T7209] loop3: detected capacity change from 0 to 8192 [ 298.134264][ T7225] netlink: 4 bytes leftover after parsing attributes in process `syz.2.551'. [ 299.129214][ T7246] loop0: detected capacity change from 0 to 128 [ 299.144260][ T7246] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 299.170901][ T7246] hpfs: filesystem error: improperly stopped [ 299.177467][ T7246] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 299.186159][ T7246] hpfs: You really don't want any checks? You are crazy... [ 299.210627][ T7246] hpfs: hpfs_map_sector(): read error [ 299.216612][ T7246] hpfs: code page support is disabled [ 299.230266][ T7246] hpfs: hpfs_map_4sectors(): unaligned read [ 299.237738][ T7246] hpfs: hpfs_map_4sectors(): unaligned read [ 299.243910][ T7246] hpfs: filesystem error: unable to find root dir [ 299.818892][ T7257] input: syz1 as /devices/virtual/input/input8 [ 301.458792][ T7288] nbd1: detected capacity change from 0 to 2 [ 301.481392][ T5093] block nbd1: Receive control failed (result -32) [ 301.987337][ T2034] kernel read not supported for file /usbmon9 (pid: 2034 comm: kworker/0:2) [ 302.075332][ T5851] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 302.269939][ T5851] usb 4-1: Using ep0 maxpacket: 32 [ 302.288229][ T7303] netlink: 8 bytes leftover after parsing attributes in process `syz.1.586'. [ 302.303437][ T5851] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 302.312506][ T5851] usb 4-1: config 0 has no interface number 0 [ 302.319169][ T5851] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 302.330389][ T5851] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 302.340581][ T5851] usb 4-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 302.349992][ T5851] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.368077][ T5851] usb 4-1: config 0 descriptor?? [ 302.460025][ T7306] loop0: detected capacity change from 0 to 16 [ 302.679627][ T7308] loop4: detected capacity change from 0 to 164 [ 302.739881][ T7308] Unable to read rock-ridge attributes [ 302.797942][ T7308] Unable to read rock-ridge attributes [ 302.873390][ T7312] loop1: detected capacity change from 0 to 128 [ 303.042975][ T5851] input: HID 28bd:0094 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/0003:28BD:0094.0002/input/input10 [ 303.144221][ T5851] uclogic 0003:28BD:0094.0002: input,hidraw0: USB HID v0.00 Device [HID 28bd:0094] on usb-dummy_hcd.3-1/input1 [ 303.183633][ T7314] sock: sock_set_timeout: `syz.0.592' (pid 7314) tries to set negative timeout [ 303.258057][ T5851] usb 4-1: USB disconnect, device number 2 [ 304.276345][ T7332] netlink: 12 bytes leftover after parsing attributes in process `syz.2.600'. [ 304.792108][ T7345] loop0: detected capacity change from 0 to 128 [ 304.867755][ T7345] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 304.895937][ T7345] ext4 filesystem being mounted at /112/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 305.062742][ T7345] fscrypt (loop0, inode 12): Unsupported encryption flags (0x34) [ 305.392527][ T5805] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 305.572451][ T7363] loop3: detected capacity change from 0 to 128 [ 305.681836][ T7363] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 305.721836][ T7363] ext4 filesystem being mounted at /132/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 306.070962][ T5800] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 306.531145][ T7380] loop1: detected capacity change from 0 to 64 [ 306.570671][ T7380] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 306.775234][ T7382] loop4: detected capacity change from 0 to 1024 [ 306.878162][ T7382] hfsplus: invalid length 32517 has been corrected to 255 [ 306.948035][ T7387] netlink: 20 bytes leftover after parsing attributes in process `syz.2.625'. [ 306.957534][ T7387] netlink: 20 bytes leftover after parsing attributes in process `syz.2.625'. [ 306.979997][ T7382] hfsplus: invalid length 32517 has been corrected to 255 [ 307.020766][ T7382] hfsplus: invalid length 32517 has been corrected to 255 [ 307.234714][ T3018] hfsplus: b-tree write err: -5, ino 4 [ 307.288274][ T7393] netlink: 24 bytes leftover after parsing attributes in process `syz.1.627'. [ 307.367456][ T7392] veth0_to_team: entered promiscuous mode [ 308.501083][ T7409] loop1: detected capacity change from 0 to 1024 [ 308.741163][ T135] hfsplus: b-tree write err: -5, ino 4 [ 309.322489][ T7425] loop0: detected capacity change from 0 to 2048 [ 309.349935][ T7425] EXT4-fs: Ignoring removed i_version option [ 309.483907][ T7425] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 309.559835][ T7425] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.643: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 309.580318][ T7425] EXT4-fs (loop0): Remounting filesystem read-only [ 309.791183][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 310.690960][ T7452] loop0: detected capacity change from 0 to 64 [ 311.736045][ T5851] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 311.961166][ T5851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 311.973629][ T5851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 312.039335][ T5851] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 312.049185][ T5851] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 312.057706][ T5851] usb 4-1: Manufacturer: syz [ 312.087707][ T5851] usb 4-1: config 0 descriptor?? [ 312.544707][ T5851] hid_parser_main: 8 callbacks suppressed [ 312.551069][ T5851] pyra 0003:1E7D:2CF6.0003: unknown main item tag 0x0 [ 312.558318][ T5851] pyra 0003:1E7D:2CF6.0003: unknown main item tag 0x0 [ 312.565495][ T5851] pyra 0003:1E7D:2CF6.0003: unknown main item tag 0x0 [ 312.572565][ T5851] pyra 0003:1E7D:2CF6.0003: unknown main item tag 0x0 [ 312.579854][ T5851] pyra 0003:1E7D:2CF6.0003: unknown main item tag 0x0 [ 312.587032][ T5851] pyra 0003:1E7D:2CF6.0003: unknown main item tag 0x0 [ 312.594102][ T5851] pyra 0003:1E7D:2CF6.0003: unknown main item tag 0x0 [ 312.766958][ T5851] pyra 0003:1E7D:2CF6.0003: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 312.957620][ T7485] netlink: 4 bytes leftover after parsing attributes in process `syz.0.669'. [ 312.992660][ T5851] pyra 0003:1E7D:2CF6.0003: couldn't init struct pyra_device [ 313.000707][ T5851] pyra 0003:1E7D:2CF6.0003: couldn't install mouse [ 313.041420][ T5851] pyra 0003:1E7D:2CF6.0003: probe with driver pyra failed with error -71 [ 313.095303][ T5851] usb 4-1: USB disconnect, device number 3 [ 313.154124][ T7489] loop1: detected capacity change from 0 to 128 [ 313.491794][ T7491] syzkaller0: tun_chr_ioctl cmd 1074025680 [ 313.668383][ T5802] Bluetooth: hci0: command 0x0406 tx timeout [ 313.675129][ T5802] Bluetooth: hci1: command 0x0406 tx timeout [ 313.683321][ T5802] Bluetooth: hci4: command 0x0406 tx timeout [ 313.689656][ T5802] Bluetooth: hci2: command 0x0406 tx timeout [ 314.029404][ T7502] loop3: detected capacity change from 0 to 128 [ 314.042795][ T7502] EXT4-fs: Ignoring removed nobh option [ 314.106136][ T7502] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 314.181905][ T7502] ext4 filesystem being mounted at /142/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 314.315821][ T5800] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 314.915582][ T5851] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 315.095799][ T5851] usb 5-1: Using ep0 maxpacket: 32 [ 315.127901][ T5851] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 315.137538][ T5851] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 315.180226][ T5851] usb 5-1: config 0 descriptor?? [ 315.427840][ T5851] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 315.446815][ T5851] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 315.476728][ T5851] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 315.487927][ T5851] usb 5-1: media controller created [ 315.581910][ T5851] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 315.772260][ T5851] az6027: usb out operation failed. (-71) [ 315.785893][ T5851] az6027: usb out operation failed. (-71) [ 315.795725][ T5851] stb0899_attach: Driver disabled by Kconfig [ 315.801873][ T5851] az6027: no front-end attached [ 315.801873][ T5851] [ 315.835278][ T5851] az6027: usb out operation failed. (-71) [ 315.841285][ T5851] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 315.851746][ T5851] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input11 [ 315.918313][ T5851] dvb-usb: schedule remote query interval to 400 msecs. [ 315.936486][ T5851] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 315.951203][ T5851] usb 5-1: USB disconnect, device number 3 [ 315.960358][ T7534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.691'. [ 316.011084][ T7534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.691'. [ 316.020133][ T5922] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 316.185382][ T5922] usb 4-1: Using ep0 maxpacket: 32 [ 316.229580][ T5922] usb 4-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 316.239075][ T5922] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 316.247672][ T5922] usb 4-1: Product: syz [ 316.252020][ T5922] usb 4-1: Manufacturer: syz [ 316.256954][ T5922] usb 4-1: SerialNumber: syz [ 316.283266][ T5851] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 316.327220][ T5922] usb 4-1: config 0 descriptor?? [ 316.805304][ T7545] loop4: detected capacity change from 0 to 512 [ 316.822293][ T7545] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 317.012645][ T5922] peak_usb 4-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 317.026887][ T5922] peak_usb 4-1:0.0 can0: sending command failure: -22 [ 317.035587][ T5922] peak_usb 4-1:0.0 can0: sending command failure: -22 [ 317.118002][ T5922] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -22 [ 317.243712][ T2034] usb 4-1: USB disconnect, device number 4 [ 317.321915][ T7549] sp0: Synchronizing with TNC [ 317.623580][ T7556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.701'. [ 318.377512][ T7568] netlink: 32 bytes leftover after parsing attributes in process `syz.2.706'. [ 318.389339][ T7568] netlink: 32 bytes leftover after parsing attributes in process `syz.2.706'. [ 319.242215][ T7588] loop4: detected capacity change from 0 to 64 [ 319.359903][ T30] audit: type=1800 audit(1763742279.862:24): pid=7588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.714" name="file2" dev="loop4" ino=22 res=0 errno=0 [ 319.384783][ T7588] syz.4.714: attempt to access beyond end of device [ 319.384783][ T7588] loop4: rw=34817, sector=39, nr_sectors = 125 limit=64 [ 319.399254][ T7588] syz.4.714: attempt to access beyond end of device [ 319.399254][ T7588] loop4: rw=34817, sector=167, nr_sectors = 1 limit=64 [ 319.413099][ T7588] syz.4.714: attempt to access beyond end of device [ 319.413099][ T7588] loop4: rw=34817, sector=169, nr_sectors = 1 limit=64 [ 319.427692][ T7588] syz.4.714: attempt to access beyond end of device [ 319.427692][ T7588] loop4: rw=34817, sector=171, nr_sectors = 7 limit=64 [ 319.453461][ T7588] syz.4.714: attempt to access beyond end of device [ 319.453461][ T7588] loop4: rw=34817, sector=179, nr_sectors = 263 limit=64 [ 319.979852][ T7596] ip6gretap1: entered promiscuous mode [ 319.985747][ T7596] ip6gretap1: entered allmulticast mode [ 320.145659][ T7600] loop3: detected capacity change from 0 to 256 [ 320.619304][ T30] audit: type=1326 audit(1763742281.122:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7607 comm="syz.2.723" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d539 code=0x0 [ 322.085393][ T7634] loop4: detected capacity change from 0 to 512 [ 322.247926][ T7627] loop3: detected capacity change from 0 to 4096 [ 322.263671][ T7634] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 322.263691][ T7627] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 322.298671][ T7634] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.735: invalid indirect mapped block 2683928664 (level 1) [ 322.350931][ T7634] EXT4-fs (loop4): Remounting filesystem read-only [ 322.366941][ T7634] EXT4-fs (loop4): 1 truncate cleaned up [ 322.378802][ T7634] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 322.513455][ T7627] ntfs3(loop3): Failed to load $Extend (-22). [ 322.519954][ T7627] ntfs3(loop3): Failed to initialize $Extend. [ 322.653075][ T7634] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.782053][ T35] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 323.853386][ T7653] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 324.080277][ T7656] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 324.197135][ T7663] loop4: detected capacity change from 0 to 1024 [ 324.598769][ T7669] loop0: detected capacity change from 0 to 256 [ 324.619540][ T59] hfsplus: b-tree write err: -5, ino 4 [ 324.773321][ T7672] vivid-007: disconnect [ 324.804568][ T7671] vivid-007: reconnect [ 325.417717][ T7681] loop3: detected capacity change from 0 to 2048 [ 325.446681][ T7684] loop4: detected capacity change from 0 to 128 [ 325.484548][ T7684] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 325.559057][ T7681] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.572330][ T7681] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 325.574359][ T7684] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 325.923777][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.231105][ T7700] netlink: 4 bytes leftover after parsing attributes in process `syz.2.764'. [ 326.298926][ T7703] netlink: 4 bytes leftover after parsing attributes in process `syz.2.764'. [ 326.485154][ T7705] loop3: detected capacity change from 0 to 1024 [ 326.634358][ T7705] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 326.650076][ T7705] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 326.687468][ T7705] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.772: lblock 3 mapped to illegal pblock 3 (length 3) [ 326.705515][ T7705] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 326.718623][ T7705] EXT4-fs (loop3): This should not happen!! Data will be lost [ 326.718623][ T7705] [ 326.749797][ T7712] EXT4-fs error (device loop3): ext4_ext_remove_space:2955: inode #15: comm syz.3.772: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0) [ 326.814633][ T7712] EXT4-fs error (device loop3) in ext4_setattr:6050: Corrupt filesystem [ 327.153379][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 328.035473][ T7734] netlink: 4 bytes leftover after parsing attributes in process `syz.2.777'. [ 328.389598][ T5851] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 328.417805][ T7743] loop3: detected capacity change from 0 to 64 [ 328.440121][ T5922] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 328.556649][ T5851] usb 1-1: Using ep0 maxpacket: 32 [ 328.581515][ T5851] usb 1-1: config 0 has an invalid interface number: 51 but max is 0 [ 328.592935][ T5851] usb 1-1: config 0 has no interface number 0 [ 328.621981][ T7747] netlink: 68 bytes leftover after parsing attributes in process `syz.4.784'. [ 328.631851][ T7747] netlink: 8 bytes leftover after parsing attributes in process `syz.4.784'. [ 328.642222][ T5922] usb 2-1: Using ep0 maxpacket: 32 [ 328.665466][ T5922] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 328.675106][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.722488][ T5851] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 328.732719][ T5851] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.741142][ T5851] usb 1-1: Product: syz [ 328.745649][ T5851] usb 1-1: Manufacturer: syz [ 328.750463][ T5851] usb 1-1: SerialNumber: syz [ 328.760179][ T5922] usb 2-1: config 0 descriptor?? [ 328.783850][ T5851] usb 1-1: config 0 descriptor?? [ 328.806764][ T5851] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 329.012752][ T5922] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 329.043140][ T5851] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 329.062251][ T5922] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 329.099616][ T5922] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 329.111160][ T5922] usb 2-1: media controller created [ 329.120997][ T5851] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 329.216552][ T5922] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 329.346449][ T5922] az6027: usb out operation failed. (-71) [ 329.366017][ T5922] az6027: usb out operation failed. (-71) [ 329.372022][ T5922] stb0899_attach: Driver disabled by Kconfig [ 329.379797][ T5922] az6027: no front-end attached [ 329.379797][ T5922] [ 329.426046][ T5922] az6027: usb out operation failed. (-71) [ 329.432111][ T5922] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 329.441450][ C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 329.445226][ T2034] usb 1-1: USB disconnect, device number 8 [ 329.464592][ T5922] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input12 [ 329.505860][ T5922] dvb-usb: schedule remote query interval to 400 msecs. [ 329.516745][ T5922] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 329.526694][ T2034] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 329.546154][ T2034] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 329.559428][ T2034] quatech2 1-1:0.51: device disconnected [ 329.608949][ T5922] usb 2-1: USB disconnect, device number 6 [ 329.648538][ T7755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.788'. [ 329.787175][ T5922] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 330.292511][ T7767] netlink: 8 bytes leftover after parsing attributes in process `syz.1.792'. [ 331.738982][ T7795] loop0: detected capacity change from 0 to 1024 [ 332.265322][ T7806] loop4: detected capacity change from 0 to 512 [ 332.282971][ T7806] EXT4-fs: Ignoring removed orlov option [ 332.292201][ T7806] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 332.395360][ T7806] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.809: bad orphan inode 131083 [ 332.457431][ T7806] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 332.571752][ T7812] sp0: Synchronizing with TNC [ 332.645877][ T7816] veth0_macvtap: left promiscuous mode [ 332.669014][ T7816] macvtap0: refused to change device tx_queue_len [ 332.735653][ T7812] sp0: Synchronizing with TNC [ 332.783469][ T5809] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.957368][ T7819] netlink: 4 bytes leftover after parsing attributes in process `syz.0.814'. [ 333.031994][ T7819] netlink: 4 bytes leftover after parsing attributes in process `syz.0.814'. [ 333.247473][ T7826] loop4: detected capacity change from 0 to 128 [ 333.268799][ T7827] netlink: 'syz.1.818': attribute type 4 has an invalid length. [ 333.330055][ T7826] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 333.400314][ T7826] ext4 filesystem being mounted at /156/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 333.705267][ T5809] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 334.164654][ T7840] loop1: detected capacity change from 0 to 512 [ 334.345408][ T7840] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 334.713647][ T5808] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.123103][ T7860] sp0: Synchronizing with TNC [ 335.227251][ T7864] sp0: Synchronizing with TNC [ 336.405319][ T5922] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 336.625816][ T5922] usb 3-1: unable to get BOS descriptor or descriptor too short [ 336.633892][ T5922] usb 3-1: no configurations [ 336.639424][ T5922] usb 3-1: can't read configurations, error -22 [ 336.850888][ T7889] loop1: detected capacity change from 0 to 256 [ 336.903155][ T7889] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 337.242755][ T7897] netlink: 'syz.3.847': attribute type 1 has an invalid length. [ 337.250843][ T7897] netlink: 8 bytes leftover after parsing attributes in process `syz.3.847'. [ 337.465414][ T2034] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 337.630472][ T2034] usb 1-1: Using ep0 maxpacket: 8 [ 337.670857][ T2034] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 337.680755][ T2034] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.689221][ T2034] usb 1-1: Product: syz [ 337.693590][ T2034] usb 1-1: Manufacturer: syz [ 337.698475][ T2034] usb 1-1: SerialNumber: syz [ 337.767435][ T2034] usb 1-1: config 0 descriptor?? [ 337.818524][ T2034] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 337.826923][ T2034] usb 1-1: setting power ON [ 337.831625][ T2034] dvb-usb: bulk message failed: -22 (2/0) [ 337.849189][ T2034] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 337.938874][ T2034] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 337.948330][ T2034] usb 1-1: media controller created [ 337.992498][ T7898] dvb-usb: bulk message failed: -22 (3/0) [ 337.998692][ T7898] dvb-usb: bulk message failed: -22 (7/0) [ 338.046830][ T7911] dvb-usb: bulk message failed: -22 (3/0) [ 338.060913][ T2034] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 338.203258][ T5093] Bluetooth: hci4: unexpected event for opcode 0x2016 [ 338.294268][ T2034] usb 1-1: selecting invalid altsetting 6 [ 338.300445][ T2034] usb 1-1: digital interface selection failed (-22) [ 338.307628][ T2034] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 338.352323][ T2034] usb 1-1: setting power OFF [ 338.357366][ T2034] dvb-usb: bulk message failed: -22 (2/0) [ 338.363391][ T2034] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 338.373029][ T2034] (NULL device *): no alternate interface [ 338.585238][ T2034] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 338.609436][ T2034] usb 1-1: USB disconnect, device number 9 [ 338.842648][ T7925] netlink: 27 bytes leftover after parsing attributes in process `syz.3.857'. [ 339.081717][ T7930] netlink: 24 bytes leftover after parsing attributes in process `syz.2.859'. [ 339.212716][ T7932] loop1: detected capacity change from 0 to 64 [ 339.235380][ T7932] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 339.598545][ T7936] vivid-004: disconnect [ 339.607860][ T7935] vivid-004: reconnect [ 339.748696][ T7939] tipc: Started in network mode [ 339.758224][ T7939] tipc: Node identity ac14140f, cluster identity 4711 [ 339.765994][ T7939] tipc: New replicast peer: 255.255.255.255 [ 339.775792][ T7939] tipc: Enabled bearer , priority 10 [ 339.804441][ T7939] netlink: 12 bytes leftover after parsing attributes in process `syz.4.864'. [ 339.814104][ T7939] tipc: Disabling bearer [ 340.342168][ T7961] loop0: detected capacity change from 0 to 256 [ 340.714707][ T7966] netlink: 4 bytes leftover after parsing attributes in process `syz.4.871'. [ 341.644098][ T7983] netem: change failed [ 341.682309][ T7988] loop1: detected capacity change from 0 to 256 [ 341.929374][ T7988] FAT-fs (loop1): Directory bread(block 64) failed [ 341.936335][ T7988] FAT-fs (loop1): Directory bread(block 65) failed [ 341.943187][ T7988] FAT-fs (loop1): Directory bread(block 66) failed [ 341.950311][ T7988] FAT-fs (loop1): Directory bread(block 67) failed [ 341.957334][ T7988] FAT-fs (loop1): Directory bread(block 68) failed [ 341.964035][ T7988] FAT-fs (loop1): Directory bread(block 69) failed [ 341.971118][ T7988] FAT-fs (loop1): Directory bread(block 70) failed [ 341.978057][ T7988] FAT-fs (loop1): Directory bread(block 71) failed [ 341.985131][ T7988] FAT-fs (loop1): Directory bread(block 72) failed [ 341.991856][ T7988] FAT-fs (loop1): Directory bread(block 73) failed [ 342.872469][ T8005] netlink: 44 bytes leftover after parsing attributes in process `syz.2.891'. [ 343.521527][ T8019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.896'. [ 343.585559][ T8019] Zero length message leads to an empty skb [ 344.624255][ T8041] loop0: detected capacity change from 0 to 512 [ 344.717223][ T8041] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 344.882403][ T8041] overlayfs: invalid origin (0000) [ 345.328005][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.712028][ T8059] loop1: detected capacity change from 0 to 1024 [ 345.898802][ T8064] [U] [ 345.902132][ T8064] [U] )½0 [ 345.906277][ T8064] [U] [ 345.909304][ T8064] [U] [ 345.912310][ T8064] [U] [ 345.945220][ T8064] [U] [ 345.948281][ T8064] [U] [ 345.951331][ T8064] [U] [ 345.954393][ T8064] [U] [ 345.966641][ T3885] hfsplus: b-tree write err: -5, ino 4 [ 345.969146][ T8064] [U] [ 345.975225][ T8064] [U] [ 345.978235][ T8064] [U] [ 346.053212][ T8062] [U] [ 346.217612][ T8069] netlink: 56 bytes leftover after parsing attributes in process `syz.0.919'. [ 348.747620][ T8105] loop4: detected capacity change from 0 to 512 [ 348.818811][ T8105] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 348.897946][ T8105] EXT4-fs (loop4): orphan cleanup on readonly fs [ 348.952402][ T8105] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated! [ 348.962638][ T8105] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 348.977222][ T8105] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.935: Failed to acquire dquot type 1 [ 349.008484][ T30] audit: type=1400 audit(348.973:26): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=8114 comm="syz.0.939" [ 349.049829][ T8105] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.935: bg 0: block 40: padding at end of block bitmap is not set [ 349.136870][ T8105] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem [ 349.170359][ T8105] EXT4-fs (loop4): 1 truncate cleaned up [ 349.184288][ T8105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 349.260234][ T8105] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 349.561409][ T5809] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.651961][ T8132] overlayfs: statfs failed on './file0' [ 351.589719][ T8150] netlink: 1 bytes leftover after parsing attributes in process `syz.4.955'. [ 351.625308][ T5922] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 351.848047][ T5922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 351.862280][ T5922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 351.872552][ T5922] usb 2-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00 [ 351.882084][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.921980][ T5922] usb 2-1: config 0 descriptor?? [ 352.416805][ T5922] hid-led 0003:04D8:F372.0004: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.1-1/input0 [ 352.474240][ T5922] hid-led 0003:04D8:F372.0004: Greynut Luxafor initialized [ 352.614363][ T5922] usb 2-1: USB disconnect, device number 7 [ 352.658484][ T35] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38) [ 352.712960][ T35] leds luxafor0:green:led5: Setting an LED's brightness failed (-38) [ 352.748191][ T3018] leds luxafor0:red:led5: Setting an LED's brightness failed (-38) [ 352.790987][ T3018] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38) [ 352.820928][ T3018] leds luxafor0:green:led4: Setting an LED's brightness failed (-38) [ 352.873264][ T35] leds luxafor0:red:led4: Setting an LED's brightness failed (-38) [ 352.905240][ T35] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38) [ 352.924774][ T3018] leds luxafor0:green:led3: Setting an LED's brightness failed (-38) [ 352.953563][ T3885] leds luxafor0:red:led3: Setting an LED's brightness failed (-38) [ 353.017375][ T3885] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38) [ 353.040128][ T3885] leds luxafor0:green:led2: Setting an LED's brightness failed (-38) [ 353.078296][ T3885] leds luxafor0:red:led2: Setting an LED's brightness failed (-38) [ 353.094702][ T3885] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38) [ 353.128323][ T3018] leds luxafor0:green:led1: Setting an LED's brightness failed (-38) [ 353.153937][ T3018] leds luxafor0:red:led1: Setting an LED's brightness failed (-38) [ 353.208889][ T35] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38) [ 353.258504][ T3018] leds luxafor0:green:led0: Setting an LED's brightness failed (-38) [ 353.302764][ T35] leds luxafor0:red:led0: Setting an LED's brightness failed (-38) [ 353.400502][ T8178] sch_fq: defrate 0 ignored. [ 354.480578][ T8197] loop4: detected capacity change from 0 to 128 [ 354.817877][ T3018] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 354.939530][ T8204] netlink: 200 bytes leftover after parsing attributes in process `syz.3.978'. [ 355.049926][ T8208] loop1: detected capacity change from 0 to 128 [ 355.621127][ T8214] Falling back ldisc for ptm0. [ 357.045071][ T8237] netlink: 32 bytes leftover after parsing attributes in process `syz.3.993'. [ 357.706593][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 357.713354][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 358.075607][ T5922] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 358.167556][ T8252] loop4: detected capacity change from 0 to 128 [ 358.196854][ T8252] EXT4-fs: Ignoring removed nobh option [ 358.248558][ T5922] usb 2-1: Using ep0 maxpacket: 32 [ 358.297845][ T8252] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 358.324431][ T5922] usb 2-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 358.335738][ T5922] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.344046][ T5922] usb 2-1: Product: syz [ 358.348605][ T5922] usb 2-1: Manufacturer: syz [ 358.353393][ T5922] usb 2-1: SerialNumber: syz [ 358.499681][ T8252] fscrypt (loop4, inode 12): Sub-block data units not yet supported with IV_INO_LBLK_32 [ 358.501993][ T5922] usb 2-1: config 0 descriptor?? [ 358.740705][ T5922] RobotFuzz Open Source InterFace, OSIF 2-1:0.0: version d4.15 found at bus 002 address 008 [ 358.779313][ T5809] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 358.942615][ T8248] i2c i2c-1: adapter quirk: no zero length (addr 0x0001, size 0, read) [ 358.966953][ T5922] usb 2-1: USB disconnect, device number 8 [ 359.229294][ T8270] loop3: detected capacity change from 0 to 512 [ 359.993001][ T8284] loop3: detected capacity change from 0 to 256 [ 360.112529][ T8284] exFAT-fs (loop3): start_clu is invalid cluster(0x400) [ 360.169524][ T2034] kernel read not supported for file /vcs (pid: 2034 comm: kworker/0:2) [ 360.770221][ T8299] netem: change failed [ 361.126558][ T5093] Bluetooth: hci3: link tx timeout [ 361.131927][ T5093] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 361.323150][ T8307] syzkaller1: tun_chr_ioctl cmd 2147767511 [ 361.854129][ T8319] loop3: detected capacity change from 0 to 64 [ 361.958185][ T8323] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1033'. [ 361.968159][ T8323] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1033'. [ 362.001714][ T2034] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 362.185191][ T2034] usb 2-1: Using ep0 maxpacket: 32 [ 362.208133][ T2034] usb 2-1: config 0 has an invalid interface number: 184 but max is 0 [ 362.217803][ T2034] usb 2-1: config 0 has no interface number 0 [ 362.224565][ T2034] usb 2-1: config 0 interface 184 has no altsetting 0 [ 362.274448][ T2034] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 362.287448][ T2034] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 362.296780][ T2034] usb 2-1: Product: syz [ 362.301153][ T2034] usb 2-1: Manufacturer: syz [ 362.306153][ T2034] usb 2-1: SerialNumber: syz [ 362.339877][ T2034] usb 2-1: config 0 descriptor?? [ 362.352249][ T2034] smsc75xx v1.0.0 [ 362.492419][ T5922] IPVS: starting estimator thread 0... [ 362.595839][ T8329] IPVS: using max 192 ests per chain, 9600 per kthread [ 362.635338][ T2034] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71 [ 362.646653][ T2034] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71 [ 362.727582][ T2034] usb 2-1: USB disconnect, device number 9 [ 363.195280][ T50] Bluetooth: hci3: command 0x0406 tx timeout [ 363.907397][ T8348] MPI: mpi too large (16392 bits) [ 364.575547][ T5922] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 364.767963][ T5922] usb 5-1: Using ep0 maxpacket: 16 [ 364.821531][ T5922] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 364.832806][ T5922] usb 5-1: config 0 interface 0 has no altsetting 0 [ 364.840163][ T5922] usb 5-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00 [ 364.851384][ T5922] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 364.949274][ T5922] usb 5-1: config 0 descriptor?? [ 365.316789][ T8366] loop3: detected capacity change from 0 to 4096 [ 365.521699][ T5922] cougar 0003:060B:500A.0005: usage count exceeds max: fixing up report descriptor [ 365.532488][ T5922] cougar 0003:060B:500A.0005: unexpected long global item [ 365.615534][ T5922] cougar 0003:060B:500A.0005: parse failed [ 365.621970][ T5922] cougar 0003:060B:500A.0005: probe with driver cougar failed with error -22 [ 365.659564][ T5922] usb 5-1: USB disconnect, device number 4 [ 366.303559][ T30] audit: type=1800 audit(366.263:27): pid=8386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1062" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=17511 res=0 errno=0 [ 366.362249][ T8389] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1065'. [ 366.803841][ T8395] Failed to get privilege flags for destination (handle=0x2:0x10) [ 367.116339][ T2034] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 367.315285][ T2034] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 367.324700][ T2034] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 367.333194][ T2034] usb 4-1: Product: syz [ 367.338671][ T2034] usb 4-1: Manufacturer: syz [ 367.343437][ T2034] usb 4-1: SerialNumber: syz [ 367.450572][ T2034] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 367.613591][ T9] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 367.990844][ T8413] loop0: detected capacity change from 0 to 512 [ 368.129442][ T2034] usb 4-1: USB disconnect, device number 5 [ 368.219281][ T8413] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 213 vs 220 free clusters [ 368.235822][ T8413] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #11: comm syz.0.1076: corrupted inode contents [ 368.255587][ T8413] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #11: comm syz.0.1076: mark_inode_dirty error [ 368.268642][ T8413] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1076: invalid indirect mapped block 1 (level 1) [ 368.291019][ T8413] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #11: comm syz.0.1076: corrupted inode contents [ 368.360482][ T8413] EXT4-fs error (device loop0) in ext4_orphan_del:301: Corrupt filesystem [ 368.391973][ T8413] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #11: comm syz.0.1076: corrupted inode contents [ 368.443200][ T8413] EXT4-fs error (device loop0): ext4_truncate:4637: inode #11: comm syz.0.1076: mark_inode_dirty error [ 368.486154][ T8413] EXT4-fs error (device loop0) in ext4_process_orphan:343: Corrupt filesystem [ 368.515976][ T8413] EXT4-fs (loop0): 1 truncate cleaned up [ 368.526502][ T8413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 368.716869][ T9] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 368.724633][ T9] ath9k_htc: Failed to initialize the device [ 368.795865][ T2034] usb 4-1: ath9k_htc: USB layer deinitialized [ 368.867202][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.390292][ T8434] loop7: detected capacity change from 0 to 7 [ 369.401650][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 369.411260][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 369.420418][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 369.430116][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 369.452670][ T5922] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 369.454612][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 369.470098][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 369.484475][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 369.494175][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 369.505339][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 369.514881][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 369.528408][ T8436] loop4: detected capacity change from 0 to 2048 [ 369.555470][ T8437] loop7: detected capacity change from 7 to 0 [ 369.569148][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 369.578690][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 369.596472][ T8434] ldm_validate_partition_table(): Disk read failed. [ 369.603420][ T8434] Dev loop7: unable to read RDB block 0 [ 369.609672][ T8434] loop7: unable to read partition table [ 369.624361][ T8434] loop7: partition table beyond EOD, truncated [ 369.631999][ T8434] loop_reread_partitions: partition scan of loop7 (SJ…_+]Ö‹ ¸SûÁ'±(‹“ŠJ‚ñ^àÀZ ûÎ(îüŽ63Ÿ3)eeö½DÏ«ý?Æ¢4+ó) failed (rc=-5) [ 369.646487][ T5922] usb 1-1: Using ep0 maxpacket: 32 [ 369.647348][ T8436] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 369.666126][ T5922] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 369.675684][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 369.704487][ T5922] usb 1-1: config 0 descriptor?? [ 369.970052][ T8439] raw_sendmsg: syz.3.1087 forgot to set AF_INET. Fix it! [ 369.979953][ T5922] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 370.025449][ T5922] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 370.066179][ T5922] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 370.073577][ T5922] usb 1-1: media controller created [ 370.153200][ T5922] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 370.300808][ T8443] syz.2.1088 uses obsolete (PF_INET,SOCK_PACKET) [ 370.387690][ T5922] az6027: usb out operation failed. (-71) [ 370.396367][ T5922] az6027: usb out operation failed. (-71) [ 370.402379][ T5922] stb0899_attach: Driver disabled by Kconfig [ 370.408691][ T5922] az6027: no front-end attached [ 370.408691][ T5922] [ 370.459639][ T5922] az6027: usb out operation failed. (-71) [ 370.465866][ T5922] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 370.478545][ T5922] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input14 [ 370.498252][ T5922] dvb-usb: schedule remote query interval to 400 msecs. [ 370.505551][ T5922] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 370.655977][ T5922] usb 1-1: USB disconnect, device number 10 [ 371.030399][ T5922] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 372.031309][ T8470] loop3: detected capacity change from 0 to 64 [ 372.046583][ T8452] loop4: detected capacity change from 0 to 8192 [ 372.063606][ T8452] msdos: Unknown parameter 'audit' [ 372.999291][ T8480] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1106'. [ 373.256847][ T8484] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1108'. [ 373.530114][ T8487] trusted_key: encrypted_key: keyword 'à¹w' not recognized [ 373.710854][ T8491] Bluetooth: MGMT ver 1.23 [ 375.057604][ T8500] loop4: detected capacity change from 0 to 32768 [ 375.071739][ T8500] BTRFS error: device /dev/loop4 has incomplete metadata_uuid change, please use btrfstune to complete [ 375.082653][ T8499] loop1: detected capacity change from 0 to 4096 [ 375.151879][ T8499] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 375.510655][ T8499] ntfs3(loop1): Failed to initialize $Extend/$Reparse. [ 375.616068][ T5922] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 375.850156][ T5922] usb 3-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 375.860020][ T5922] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 375.868526][ T5922] usb 3-1: Product: syz [ 375.872893][ T5922] usb 3-1: Manufacturer: syz [ 375.877899][ T5922] usb 3-1: SerialNumber: syz [ 375.902848][ T2034] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 375.935147][ T5922] usb 3-1: config 0 descriptor?? [ 375.962969][ T5922] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 376.096533][ T2034] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 376.110793][ T2034] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 376.187399][ T2034] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 376.196948][ T2034] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 376.208640][ T2034] usb 4-1: SerialNumber: syz [ 376.491121][ T2034] usb 4-1: 0:2 : does not exist [ 376.628565][ T8518] loop4: detected capacity change from 0 to 256 [ 376.715914][ T8518] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f1c, chksum : 0x850fc7e5, utbl_chksum : 0xe619d30d) [ 376.777809][ T1870] usb 3-1: USB disconnect, device number 6 [ 376.845305][ T8518] exFAT-fs (loop4): error, exfat_zeroed_cluster: out of range(sect:224 len:8) [ 376.854739][ T8518] exFAT-fs (loop4): Filesystem has been set read-only [ 376.907446][ T2034] usb 4-1: USB disconnect, device number 6 [ 377.288256][ T8523] loop4: detected capacity change from 0 to 164 [ 377.378939][ T8523] rock: directory entry would overflow storage [ 377.385657][ T8523] rock: sig=0x66, size=4, remaining=3 [ 377.779181][ T8528] loop3: detected capacity change from 0 to 256 [ 377.881918][ T8528] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 378.027999][ T8533] vlan2: entered promiscuous mode [ 378.033279][ T8533] bond0: entered promiscuous mode [ 378.038696][ T8533] bond_slave_0: entered promiscuous mode [ 378.045885][ T8533] bond_slave_1: entered promiscuous mode [ 378.409456][ T8540] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1132'. [ 378.979594][ T8550] rtc_cmos 00:00: Alarms can be up to one day in the future [ 379.417426][ T1870] rtc_cmos 00:00: Alarms can be up to one day in the future [ 379.425624][ T1870] rtc_cmos 00:00: Alarms can be up to one day in the future [ 379.433475][ T1870] rtc_cmos 00:00: Alarms can be up to one day in the future [ 379.444345][ T1870] rtc_cmos 00:00: Alarms can be up to one day in the future [ 379.452058][ T1870] rtc rtc0: __rtc_set_alarm: err=-22 [ 379.568729][ T8552] loop3: detected capacity change from 0 to 4096 [ 379.619789][ T8552] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 379.902680][ T8552] ntfs3(loop3): Failed to load $Extend (-22). [ 379.909440][ T8552] ntfs3(loop3): Failed to initialize $Extend. [ 379.980868][ T8552] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 379.996818][ T8560] loop0: detected capacity change from 0 to 4096 [ 380.157613][ T8560] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 380.571012][ T2034] kernel write not supported for file /input/event2 (pid: 2034 comm: kworker/0:2) [ 380.597622][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 381.896895][ T8594] loop0: detected capacity change from 0 to 2048 [ 381.964295][ T8594] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 382.129206][ T8600] loop1: detected capacity change from 0 to 65 [ 382.205555][ T8600] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway [ 382.701136][ T8608] loop0: detected capacity change from 0 to 1024 [ 382.827676][ T8608] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 383.074410][ T8608] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 3: comm syz.0.1165: lblock 3 mapped to illegal pblock 3 (length 3) [ 383.125671][ T8608] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 383.138559][ T8608] EXT4-fs (loop0): This should not happen!! Data will be lost [ 383.138559][ T8608] [ 383.187673][ T8619] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: comm syz.0.1165: lblock 0 mapped to illegal pblock 0 (length 1) [ 383.225813][ T8619] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 383.238735][ T8619] EXT4-fs (loop0): This should not happen!! Data will be lost [ 383.238735][ T8619] [ 383.344325][ T8624] loop3: detected capacity change from 0 to 1024 [ 383.399170][ T8624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 383.518727][ T35] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:2: bg 0: block 112: padding at end of block bitmap is not set [ 383.563346][ T35] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 36 with error 117 [ 383.576282][ T35] EXT4-fs (loop0): This should not happen!! Data will be lost [ 383.576282][ T35] [ 383.650989][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 383.831808][ T35] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm kworker/u8:2: lblock 0 mapped to illegal pblock 0 (length 6) [ 383.886652][ T35] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117 [ 383.899427][ T35] EXT4-fs (loop3): This should not happen!! Data will be lost [ 383.899427][ T35] [ 383.912935][ T35] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:2: lblock 8 mapped to illegal pblock 8 (length 8) [ 383.931224][ T35] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 383.945171][ T35] EXT4-fs (loop3): This should not happen!! Data will be lost [ 383.945171][ T35] [ 383.990408][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 384.836209][ T8648] loop4: detected capacity change from 0 to 16 [ 384.870633][ T8648] erofs (device loop4): mounted with root inode @ nid 36. [ 385.835739][ T135] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 386.287154][ T8678] blkio.reset_stats is deprecated [ 386.695736][ T8684] loop1: detected capacity change from 0 to 16 [ 386.736912][ T8684] erofs (device loop1): mounted with root inode @ nid 36. [ 388.722467][ T8714] loop3: detected capacity change from 0 to 512 [ 388.815234][ T8714] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 388.990828][ T8714] EXT4-fs (loop3): 1 truncate cleaned up [ 388.999154][ T8714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 389.207401][ T8714] EXT4-fs error (device loop3): ext4_xattr_block_get:597: inode #15: comm syz.3.1213: corrupted xattr block 33: invalid header [ 389.233861][ T8714] EXT4-fs (loop3): Remounting filesystem read-only [ 389.569754][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.770098][ T8725] loop4: detected capacity change from 0 to 2048 [ 389.821479][ T8725] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 390.773215][ T8735] loop4: detected capacity change from 0 to 1024 [ 390.943653][ T8735] hfsplus: request for non-existent node 33423360 in B*Tree [ 390.943728][ T8735] hfsplus: request for non-existent node 33423360 in B*Tree [ 391.645913][ T8752] loop3: detected capacity change from 0 to 16 [ 391.707989][ T8752] erofs (device loop3): mounted with root inode @ nid 36. [ 391.782139][ T8752] erofs (device loop3): readahead error at folio 18 @ nid 36 [ 391.790463][ T8752] syz.3.1228: attempt to access beyond end of device [ 391.790463][ T8752] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16 [ 391.895812][ T8752] erofs (device loop3): invalid de[0].nameoff 0 @ nid 36 [ 392.444495][ T8762] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1234'. [ 393.017788][ T8773] netlink: 'syz.4.1239': attribute type 1 has an invalid length. [ 393.071331][ T8776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1241'. [ 393.138351][ T8775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1240'. [ 393.627591][ T8787] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1247'. [ 394.242292][ T8797] loop4: detected capacity change from 0 to 64 [ 395.286593][ T8820] random: crng reseeded on system resumption [ 396.195068][ T8834] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1265'. [ 396.477284][ T8839] evm: overlay not supported [ 396.859075][ T8848] loop1: detected capacity change from 0 to 1024 [ 397.037601][ T8848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 397.105432][ T1870] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 397.195949][ T5808] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 397.319972][ T1870] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 397.330551][ T1870] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 397.406135][ T1870] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 397.416184][ T1870] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 397.424412][ T1870] usb 5-1: SerialNumber: syz [ 397.434354][ T8860] tap0: tun_chr_ioctl cmd 1074025677 [ 397.441869][ T8860] tap0: linktype set to 825 [ 397.748668][ T1870] usb 5-1: 0:2 : does not exist [ 397.841493][ T1870] usb 5-1: USB disconnect, device number 5 [ 398.333650][ T8874] loop3: detected capacity change from 0 to 256 [ 398.944667][ T8883] loop0: detected capacity change from 0 to 512 [ 399.065636][ T8883] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 399.096005][ T8886] tap0: tun_chr_ioctl cmd 1074025675 [ 399.101638][ T8886] tap0: persist disabled [ 399.169928][ T8883] EXT4-fs (loop0): 1 truncate cleaned up [ 399.178440][ T8883] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 399.305508][ C0] hrtimer: interrupt took 244170 ns [ 399.784271][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.622911][ T8910] loop4: detected capacity change from 0 to 256 [ 400.632189][ T8913] loop0: detected capacity change from 0 to 512 [ 400.662648][ T8910] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 400.722854][ T8913] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 401.136968][ T8921] lo: Caught tx_queue_len zero misconfig [ 401.279037][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 402.686810][ T8940] loop3: detected capacity change from 0 to 4096 [ 402.713713][ T8940] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 403.011030][ T8940] ntfs3(loop3): ino=b, mi_enum_attr [ 403.017037][ T8940] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 403.055797][ T8940] ntfs3(loop3): Failed to load $Extend (-22). [ 403.062111][ T8940] ntfs3(loop3): Failed to initialize $Extend. [ 403.221847][ T8940] ntfs3(loop3): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr [ 404.147171][ T8971] loop0: detected capacity change from 0 to 64 [ 404.196234][ T8973] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1325'. [ 405.310033][ T8991] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1333'. [ 405.422786][ T8988] loop3: detected capacity change from 0 to 4096 [ 405.552595][ T8988] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 406.043943][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.080148][ T9007] loop0: detected capacity change from 0 to 256 [ 406.397270][ T9007] FAT-fs (loop0): Directory bread(block 64) failed [ 406.404206][ T9007] FAT-fs (loop0): Directory bread(block 65) failed [ 406.411320][ T9007] FAT-fs (loop0): Directory bread(block 66) failed [ 406.421984][ T9007] FAT-fs (loop0): Directory bread(block 67) failed [ 406.430046][ T9007] FAT-fs (loop0): Directory bread(block 68) failed [ 406.436902][ T9007] FAT-fs (loop0): Directory bread(block 69) failed [ 406.443778][ T9007] FAT-fs (loop0): Directory bread(block 70) failed [ 406.450610][ T9007] FAT-fs (loop0): Directory bread(block 71) failed [ 406.457629][ T9007] FAT-fs (loop0): Directory bread(block 72) failed [ 406.464341][ T9007] FAT-fs (loop0): Directory bread(block 73) failed [ 406.693298][ T1870] IPVS: starting estimator thread 0... [ 406.801863][ T9015] IPVS: using max 192 ests per chain, 9600 per kthread [ 407.281180][ T9020] loop4: detected capacity change from 0 to 128 [ 407.390711][ T9020] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 407.480140][ T9020] hpfs: filesystem error: improperly stopped [ 407.486768][ T9020] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 407.495243][ T9020] hpfs: You really don't want any checks? You are crazy... [ 407.585931][ T9020] hpfs: hpfs_map_sector(): read error [ 407.591536][ T9020] hpfs: code page support is disabled [ 407.667786][ T9020] hpfs: hpfs_map_4sectors(): unaligned read [ 407.695817][ T9020] hpfs: hpfs_map_4sectors(): unaligned read [ 407.702010][ T9020] hpfs: filesystem error: unable to find root dir [ 408.337505][ T9037] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1354'. [ 408.347021][ T9037] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1354'. [ 408.837941][ T9039] loop3: detected capacity change from 0 to 4096 [ 408.884231][ T9043] loop0: detected capacity change from 0 to 512 [ 408.929481][ T9043] EXT4-fs: inline encryption not supported [ 408.936078][ T9043] EXT4-fs: Ignoring removed i_version option [ 409.023631][ T9043] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.1357: inode has both inline data and extents flags [ 409.115572][ T9043] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.1357: couldn't read orphan inode 15 (err -117) [ 409.182766][ T9043] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 409.249344][ T9047] loop4: detected capacity change from 0 to 1024 [ 409.481312][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 409.529298][ T9047] hfsplus: bad catalog folder thread [ 409.939693][ T9056] loop3: detected capacity change from 0 to 2048 [ 410.001519][ T9056] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 410.518076][ T9064] loop0: detected capacity change from 0 to 128 [ 410.554559][ T9064] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 410.606141][ T9064] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 410.754411][ T30] audit: type=1800 audit(410.713:28): pid=9064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1366" name="file2" dev="loop0" ino=1048669 res=0 errno=0 [ 411.686123][ T137] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 412.969374][ T9086] loop0: detected capacity change from 0 to 2048 [ 413.405900][ T1870] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 413.476143][ T9105] loop0: detected capacity change from 0 to 256 [ 413.496398][ T9105] exfat: Deprecated parameter 'namecase' [ 413.503417][ T9105] exfat: Deprecated parameter 'namecase' [ 413.603645][ T9105] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 413.610987][ T1870] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 193, using maximum allowed: 30 [ 413.628334][ T1870] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 193 [ 413.642140][ T1870] usb 4-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00 [ 413.651596][ T1870] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.693693][ T1870] usb 4-1: config 0 descriptor?? [ 414.140561][ T1870] magicmouse 0003:05AC:0269.0006: unknown main item tag 0x0 [ 414.148340][ T1870] magicmouse 0003:05AC:0269.0006: unknown main item tag 0x0 [ 414.156141][ T1870] magicmouse 0003:05AC:0269.0006: unknown main item tag 0x0 [ 414.163725][ T1870] magicmouse 0003:05AC:0269.0006: unknown main item tag 0x0 [ 414.171759][ T1870] magicmouse 0003:05AC:0269.0006: unknown main item tag 0x0 [ 414.179513][ T1870] magicmouse 0003:05AC:0269.0006: unknown main item tag 0x0 [ 414.187199][ T1870] magicmouse 0003:05AC:0269.0006: unknown main item tag 0x0 [ 414.210963][ T1870] magicmouse 0003:05AC:0269.0006: hidraw0: USB HID v11.da Device [HID 05ac:0269] on usb-dummy_hcd.3-1/input0 [ 414.342050][ T1870] usb 4-1: USB disconnect, device number 7 [ 414.428575][ T9112] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1386'. [ 414.461839][ T9111] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1384'. [ 415.136049][ T9120] Bluetooth: hci0: unsupported parameter 512 [ 415.142358][ T9120] Bluetooth: hci0: unsupported parameter 65459 [ 415.148898][ T9120] Bluetooth: hci0: invalid length 0, exp 2 for type 0 [ 415.509402][ T9126] bridge0: port 2(bridge_slave_1) entered disabled state [ 415.519597][ T9126] bridge0: port 1(bridge_slave_0) entered disabled state [ 416.207560][ T9138] loop1: detected capacity change from 0 to 128 [ 416.270988][ T9138] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 416.296132][ T9138] hpfs: filesystem error: improperly stopped [ 416.302437][ T9138] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 416.313074][ T9138] hpfs: You really don't want any checks? You are crazy... [ 416.396004][ T9138] hpfs: hpfs_map_sector(): read error [ 416.401682][ T9138] hpfs: code page support is disabled [ 416.466640][ T9138] hpfs: hpfs_map_4sectors(): unaligned read [ 416.472962][ T9138] hpfs: hpfs_map_4sectors(): unaligned read [ 416.479272][ T9138] hpfs: filesystem error: unable to find root dir [ 416.560780][ T9138] hpfs: filesystem error: invalid bitmap block pointer 00000000 -> 7b3184b5 at trim [ 416.863632][ T35] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 417.033389][ T9148] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1404'. [ 417.133973][ T9140] loop0: detected capacity change from 0 to 8192 [ 417.182461][ T9140] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 417.243850][ T9150] Dead loop on virtual device ip6_vti0, fix it urgently! [ 419.155858][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 419.165130][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 420.105699][ T9180] loop0: detected capacity change from 0 to 512 [ 420.195354][ T9180] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 420.357575][ T9180] EXT4-fs (loop0): 1 orphan inode deleted [ 420.363534][ T9180] EXT4-fs (loop0): 1 truncate cleaned up [ 420.371736][ T9180] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 420.480901][ T9180] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 420.553804][ T9180] EXT4-fs (loop0): Remounting filesystem read-only [ 420.715675][ T1870] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 420.874069][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.903383][ T1870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 420.915642][ T1870] usb 3-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00 [ 420.925162][ T1870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.028495][ T1870] usb 3-1: config 0 descriptor?? [ 421.234210][ T9189] loop3: detected capacity change from 0 to 1024 [ 421.373535][ T9189] Quota error (device loop3): do_check_range: Getting block 64 out of range 1-5 [ 421.387513][ T9189] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 421.397504][ T9189] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1419: Failed to acquire dquot type 0 [ 421.459250][ T1870] cherry 0003:046A:0023.0007: bogus close delimiter [ 421.469536][ T1870] cherry 0003:046A:0023.0007: item 0 1 2 10 parsing failed [ 421.488465][ T1870] cherry 0003:046A:0023.0007: probe with driver cherry failed with error -22 [ 421.503375][ T9189] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 421.518686][ T9189] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #13: comm syz.3.1419: corrupted inode contents [ 421.574079][ T9189] EXT4-fs error (device loop3): ext4_dirty_inode:6517: inode #13: comm syz.3.1419: mark_inode_dirty error [ 421.590692][ T9189] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #13: comm syz.3.1419: corrupted inode contents [ 421.614160][ T9189] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.1419: mark_inode_dirty error [ 421.684620][ T2034] usb 3-1: USB disconnect, device number 7 [ 421.697864][ T9189] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #13: comm syz.3.1419: corrupted inode contents [ 421.751941][ T9189] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem [ 421.785131][ T9189] EXT4-fs error (device loop3): ext4_do_update_inode:5632: inode #13: comm syz.3.1419: corrupted inode contents [ 421.835496][ T9189] EXT4-fs error (device loop3): ext4_truncate:4637: inode #13: comm syz.3.1419: mark_inode_dirty error [ 421.911428][ T9189] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem [ 421.941115][ T9189] EXT4-fs (loop3): 1 truncate cleaned up [ 421.949285][ T9189] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 422.205824][ T9189] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 422.245741][ T9189] EXT4-fs: Ignoring removed orlov option [ 422.251893][ T9189] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 422.261819][ T9189] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 422.360359][ T9189] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 422.397411][ T9189] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 422.773322][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 422.988791][ T9207] loop0: detected capacity change from 0 to 512 [ 423.097536][ T9207] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.1427: ea_inode with extended attributes [ 423.190420][ T9207] EXT4-fs error (device loop0): ext4_xattr_inode_iget:446: comm syz.0.1427: error while reading EA inode 11 err=-117 [ 423.254211][ T9207] EXT4-fs (loop0): 1 orphan inode deleted [ 423.275280][ T9207] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 423.361226][ T9207] EXT4-fs (loop0): shut down requested (2) [ 423.569940][ T5805] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 423.995173][ T9221] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1433'. [ 424.004535][ T9221] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1433'. [ 424.871828][ T9229] loop3: detected capacity change from 0 to 4096 [ 425.054586][ T9236] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 425.141329][ T9229] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 425.203883][ T9229] Remounting filesystem read-only [ 425.891389][ T9244] loop7: detected capacity change from 0 to 7 [ 425.899806][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 425.909255][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 425.924933][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 425.934293][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 425.965550][ T9244] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 425.977707][ T9244] Buffer I/O error on dev loop7, logical block 0, async page read [ 425.986776][ T9244] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 425.996313][ T9244] Buffer I/O error on dev loop7, logical block 0, async page read [ 426.004495][ T9244] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 426.015321][ T9244] Buffer I/O error on dev loop7, logical block 0, async page read [ 426.023539][ T9244] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 426.033480][ T9244] Buffer I/O error on dev loop7, logical block 0, async page read [ 426.041917][ T9244] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 426.056995][ T9244] Buffer I/O error on dev loop7, logical block 0, async page read [ 426.066304][ T9244] ldm_validate_partition_table(): Disk read failed. [ 426.074132][ T9244] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 426.085968][ T9244] Buffer I/O error on dev loop7, logical block 0, async page read [ 426.095140][ T9244] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 426.104521][ T9244] Buffer I/O error on dev loop7, logical block 0, async page read [ 426.114222][ T9244] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 426.124147][ T9244] Buffer I/O error on dev loop7, logical block 0, async page read [ 426.132691][ T9244] Dev loop7: unable to read RDB block 0 [ 426.139288][ T9244] loop7: unable to read partition table [ 426.195716][ T9244] loop7: partition table beyond EOD, truncated [ 426.202138][ T9244] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 427.407701][ T9262] loop3: detected capacity change from 0 to 256 [ 427.499723][ T9262] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x9059ffb0, utbl_chksum : 0xe619d30d) [ 428.556616][ T9274] Bluetooth: MGMT ver 1.23 [ 428.602501][ T9272] loop3: detected capacity change from 0 to 1024 [ 428.849599][ T9272] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 428.857521][ T9272] hfsplus: xattr searching failed [ 428.902392][ T9272] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 428.909376][ T9272] hfsplus: xattr search failed [ 428.914701][ T9272] syz.3.1455: attempt to access beyond end of device [ 428.914701][ T9272] loop3: rw=0, sector=917504, nr_sectors = 2 limit=1024 [ 428.929610][ T9272] syz.3.1455: attempt to access beyond end of device [ 428.929610][ T9272] loop3: rw=0, sector=917504, nr_sectors = 2 limit=1024 [ 430.209736][ T9290] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1464'. [ 431.682149][ T9307] netlink: 'syz.3.1471': attribute type 2 has an invalid length. [ 431.933575][ T9309] overlayfs: upper fs does not support file handles, falling back to index=off. [ 431.944070][ T9309] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 432.645421][ T30] audit: type=1326 audit(432.603:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.1.1475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 432.723248][ T30] audit: type=1326 audit(432.633:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.1.1475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 432.746971][ T30] audit: type=1326 audit(432.643:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.1.1475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 432.770400][ T30] audit: type=1326 audit(432.643:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.1.1475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 432.793230][ T30] audit: type=1326 audit(432.643:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.1.1475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 432.815201][ T30] audit: type=1326 audit(432.683:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.1.1475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 432.836854][ T30] audit: type=1326 audit(432.733:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.1.1475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 432.860809][ T30] audit: type=1326 audit(432.733:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.1.1475" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70cd539 code=0x7ffc0000 [ 433.566310][ T9323] dvmrp1: tun_chr_ioctl cmd 1074025673 [ 434.927827][ T9335] loop3: detected capacity change from 0 to 2048 [ 435.036864][ T9335] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 435.083108][ T9335] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 435.095378][ T9335] UDF-fs: Scanning with blocksize 512 failed [ 435.276544][ T9335] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 435.393968][ T9341] Bluetooth: hci1: too big key_count value 34393 [ 436.493753][ T9353] netlink: 'syz.3.1490': attribute type 2 has an invalid length. [ 437.113490][ T9355] netlink: 468 bytes leftover after parsing attributes in process `syz.4.1493'. [ 438.169482][ T9] kernel write not supported for file /uinput (pid: 9 comm: kworker/0:0) [ 438.930777][ T9] kernel write not supported for file /dsp (pid: 9 comm: kworker/0:0) [ 439.867850][ T9378] netlink: 'syz.3.1504': attribute type 8 has an invalid length. [ 444.572005][ T5093] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 444.586812][ T5093] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 444.597271][ T5093] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 444.677860][ T5093] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 444.689557][ T5093] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 445.023690][ T9372] Set syz1 is full, maxelem 65536 reached [ 445.398326][ T9402] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1511'. [ 445.408371][ T9402] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1511'. [ 445.504004][ T9402] erspan0: entered promiscuous mode [ 445.515244][ T9402] gretap0: entered promiscuous mode [ 446.284372][ T9413] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1515'. [ 446.530987][ T3913] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 446.593224][ T9393] chnl_net:caif_netlink_parms(): no params data found [ 446.724427][ T3913] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 446.785749][ T5093] Bluetooth: hci5: command tx timeout [ 446.913442][ T3913] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.110734][ T3913] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.695845][ T3913] bridge_slave_1: left allmulticast mode [ 447.701733][ T3913] bridge_slave_1: left promiscuous mode [ 447.709207][ T3913] bridge0: port 2(bridge_slave_1) entered disabled state [ 447.772214][ T3913] bridge_slave_0: left allmulticast mode [ 447.778671][ T3913] bridge_slave_0: left promiscuous mode [ 447.788246][ T3913] bridge0: port 1(bridge_slave_0) entered disabled state [ 447.891542][ T3971] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 448.465977][ T3913] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 448.527443][ T3913] bond_slave_0: left promiscuous mode [ 448.562150][ T3913] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 448.593805][ T3913] bond_slave_1: left promiscuous mode [ 448.610974][ T3913] bond0 (unregistering): Released all slaves [ 448.873851][ T5093] Bluetooth: hci5: command tx timeout [ 449.226303][ T9445] bpf: Bad value for 'gid' [ 449.285373][ T3913] hsr_slave_0: left promiscuous mode [ 449.308058][ T3913] hsr_slave_1: left promiscuous mode [ 449.316965][ T3913] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 449.327492][ T3913] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 449.373126][ T3913] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 449.381064][ T3913] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 449.441017][ T3913] veth1_macvtap: left promiscuous mode [ 449.448623][ T3913] veth0_macvtap: left promiscuous mode [ 449.454523][ T3913] veth1_vlan: left promiscuous mode [ 449.461401][ T3913] veth0_vlan: left promiscuous mode [ 450.469796][ T3913] team0 (unregistering): Port device team_slave_1 removed [ 450.581379][ T3913] team0 (unregistering): Port device team_slave_0 removed [ 450.955318][ T5093] Bluetooth: hci5: command tx timeout [ 451.088261][ T9393] bridge0: port 1(bridge_slave_0) entered blocking state [ 451.096152][ T9393] bridge0: port 1(bridge_slave_0) entered disabled state [ 451.103806][ T9393] bridge_slave_0: entered allmulticast mode [ 451.113471][ T9393] bridge_slave_0: entered promiscuous mode [ 451.173154][ T9393] bridge0: port 2(bridge_slave_1) entered blocking state [ 451.180993][ T9393] bridge0: port 2(bridge_slave_1) entered disabled state [ 451.189174][ T9393] bridge_slave_1: entered allmulticast mode [ 451.198827][ T9393] bridge_slave_1: entered promiscuous mode [ 451.407993][ T9464] loop3: detected capacity change from 0 to 512 [ 451.426089][ T9393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 451.473158][ T9464] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 451.514012][ T9393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 451.515857][ T9464] System zones: 1-12 [ 451.602799][ T9464] EXT4-fs error (device loop3): dx_probe:791: inode #2: comm syz.3.1536: Directory hole found for htree index block 0 [ 451.666935][ T9464] EXT4-fs (loop3): Remounting filesystem read-only [ 451.696312][ T9464] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117 [ 451.703357][ T9393] team0: Port device team_slave_0 added [ 451.731448][ T9393] team0: Port device team_slave_1 added [ 451.749204][ T9464] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117 [ 451.774115][ T9464] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 451.925835][ T9393] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 451.933128][ T9393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 451.959728][ T9393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 452.061774][ T9393] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 452.069421][ T9393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 452.097034][ T9393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 452.147514][ T9464] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000. [ 452.425200][ T9393] hsr_slave_0: entered promiscuous mode [ 452.436041][ T9393] hsr_slave_1: entered promiscuous mode [ 452.445117][ T9393] debugfs: 'hsr0' already exists in 'hsr' [ 452.451038][ T9393] Cannot create hsr debugfs directory [ 452.459977][ T9472] loop1: detected capacity change from 0 to 4096 [ 452.518161][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.654534][ T9478] loop4: detected capacity change from 0 to 64 [ 452.710373][ T9478] hfs: request for non-existent node 131072 in B*Tree [ 452.718592][ T9478] hfs: request for non-existent node 131072 in B*Tree [ 452.834105][ T9479] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 452.997581][ T9472] NILFS (loop1): DAT doesn't have a block to manage vblocknr = 524288 [ 453.009652][ T9472] NILFS error (device loop1): nilfs_bmap_truncate: broken bmap (inode number=15) [ 453.026999][ T5093] Bluetooth: hci5: command tx timeout [ 453.075726][ T9472] Remounting filesystem read-only [ 453.081068][ T9472] NILFS (loop1): error -5 truncating bmap (ino=15) [ 453.362959][ T9393] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 453.388809][ T9393] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 453.449126][ T5808] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 453.480670][ T9393] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 453.541906][ T9393] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 453.803503][ T9488] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1546'. [ 453.857132][ T9488] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1546'. [ 453.871153][ T9488] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1546'. [ 454.433237][ T9393] 8021q: adding VLAN 0 to HW filter on device bond0 [ 454.459735][ T9496] loop3: detected capacity change from 0 to 256 [ 454.489924][ T9496] exfat: Deprecated parameter 'namecase' [ 454.549428][ T9393] 8021q: adding VLAN 0 to HW filter on device team0 [ 454.626122][ T3913] bridge0: port 1(bridge_slave_0) entered blocking state [ 454.633640][ T3913] bridge0: port 1(bridge_slave_0) entered forwarding state [ 454.699631][ T3913] bridge0: port 2(bridge_slave_1) entered blocking state [ 454.707243][ T3913] bridge0: port 2(bridge_slave_1) entered forwarding state [ 454.744430][ T9496] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x8cde1eff, utbl_chksum : 0xe619d30d) [ 454.995771][ T5922] usb 2-1: new full-speed USB device number 10 using dummy_hcd [ 455.169321][ T5922] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 455.180989][ T5922] usb 2-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00 [ 455.192225][ T5922] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 455.208845][ T9505] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1553'. [ 455.247900][ T5922] usb 2-1: config 0 descriptor?? [ 455.259271][ T9500] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 455.751731][ T5922] belkin 0003:050D:3201.0008: item fetching failed at offset 2/3 [ 455.799078][ T5922] belkin 0003:050D:3201.0008: parse failed [ 455.805670][ T5922] belkin 0003:050D:3201.0008: probe with driver belkin failed with error -22 [ 455.967694][ T5922] usb 2-1: USB disconnect, device number 10 [ 456.362623][ T9393] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 457.348956][ T5922] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 457.565447][ T5922] usb 4-1: Using ep0 maxpacket: 32 [ 457.581180][ T5922] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 457.591136][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.658362][ T5922] usb 4-1: config 0 descriptor?? [ 457.925392][ T5922] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 457.964555][ T5922] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 458.018278][ T5922] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 458.027034][ T5922] usb 4-1: media controller created [ 458.099027][ T5922] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 458.152846][ T9393] veth0_vlan: entered promiscuous mode [ 458.255606][ T5922] az6027: usb out operation failed. (-71) [ 458.262525][ T5922] az6027: usb out operation failed. (-71) [ 458.269292][ T5922] stb0899_attach: Driver disabled by Kconfig [ 458.275622][ T5922] az6027: no front-end attached [ 458.275622][ T5922] [ 458.293039][ T9393] veth1_vlan: entered promiscuous mode [ 458.316389][ T5922] az6027: usb out operation failed. (-71) [ 458.322308][ T5922] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 458.333889][ T5922] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input15 [ 458.425848][ T5922] dvb-usb: schedule remote query interval to 400 msecs. [ 458.434403][ T5922] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 458.447753][ T5922] usb 4-1: USB disconnect, device number 8 [ 458.579774][ T9393] veth0_macvtap: entered promiscuous mode [ 458.645997][ T9393] veth1_macvtap: entered promiscuous mode [ 458.747520][ T5922] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 458.815802][ T9393] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 458.905408][ T9393] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 458.983977][ T3885] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.025482][ T3885] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.034635][ T3885] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.083159][ T3885] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 459.497230][ T9555] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1571'. [ 460.316025][ T5876] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 460.495793][ T5876] usb 2-1: Using ep0 maxpacket: 16 [ 460.526377][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 460.537900][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 460.550514][ T5876] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 460.563710][ T5876] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 460.573114][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.747769][ T5876] usb 2-1: config 0 descriptor?? [ 461.211818][ T5876] shield 0003:0955:7214.0009: unknown main item tag 0x0 [ 461.219292][ T5876] shield 0003:0955:7214.0009: unknown main item tag 0x0 [ 461.226689][ T5876] shield 0003:0955:7214.0009: unknown main item tag 0x0 [ 461.233903][ T5876] shield 0003:0955:7214.0009: unknown main item tag 0x0 [ 461.243077][ T5876] shield 0003:0955:7214.0009: unknown main item tag 0x0 [ 461.310135][ T5876] input: HID 0955:7214 Haptics as /devices/virtual/input/input16 [ 461.372101][ T5876] shield 0003:0955:7214.0009: Registered Thunderstrike controller [ 461.381315][ T5876] shield 0003:0955:7214.0009: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0 [ 461.502083][ T5854] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 461.522031][ T5876] usb 2-1: USB disconnect, device number 11 [ 461.565198][ T5854] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 461.577886][ T5854] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 461.590487][ T5854] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 462.825298][ T5876] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 463.048150][ T5876] usb 2-1: config 220 has an invalid interface number: 76 but max is 2 [ 463.057523][ T5876] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 463.066907][ T5876] usb 2-1: config 220 has an invalid descriptor of length 36, skipping remainder of the config [ 463.077905][ T5876] usb 2-1: config 220 has no interface number 2 [ 463.086237][ T5876] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 463.099833][ T5876] usb 2-1: config 220 interface 0 has no altsetting 0 [ 463.106979][ T5876] usb 2-1: config 220 interface 76 has no altsetting 0 [ 463.114056][ T5876] usb 2-1: config 220 interface 1 has no altsetting 0 [ 463.273703][ T5876] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 463.284254][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 463.293009][ T5876] usb 2-1: Product: syz [ 463.297543][ T5876] usb 2-1: Manufacturer: syz [ 463.302371][ T5876] usb 2-1: SerialNumber: syz [ 463.647400][ T5876] uvcvideo 2-1:220.0: Found UVC 7.01 device syz (8086:0b07) [ 463.658640][ T5876] uvcvideo 2-1:220.0: No valid video chain found. [ 463.666286][ T5876] usb 2-1: selecting invalid altsetting 0 [ 463.754479][ T5876] usb 2-1: selecting invalid altsetting 0 [ 463.768573][ T5876] usbtest 2-1:220.1: probe with driver usbtest failed with error -22 [ 463.834300][ T5876] usb 2-1: USB disconnect, device number 12 [ 464.115543][ T5851] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 464.368839][ T5851] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 464.379594][ T5851] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 464.388504][ T5851] usb 1-1: Product: syz [ 464.392855][ T5851] usb 1-1: Manufacturer: syz [ 464.397867][ T5851] usb 1-1: SerialNumber: syz [ 464.424136][ T5851] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 464.599195][ T1870] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 464.700654][ T3971] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 464.711688][ T3971] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 464.915145][ T3885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 464.924528][ T3885] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 465.392993][ T5851] usb 1-1: USB disconnect, device number 11 [ 465.986844][ T1870] usb 1-1: Service connection timeout for: 256 [ 465.993315][ T1870] ath9k_htc 1-1:1.0: ath9k_htc: Unable to initialize HTC services [ 466.004106][ T1870] ath9k_htc: Failed to initialize the device [ 466.077255][ T9626] loop5: detected capacity change from 0 to 4096 [ 466.106801][ T5851] usb 1-1: ath9k_htc: USB layer deinitialized [ 466.117473][ T9632] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1596'. [ 466.126968][ T9632] netem: change failed [ 466.130514][ T9626] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 466.199998][ T9628] loop3: detected capacity change from 0 to 4096 [ 466.256093][ T9628] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 466.333724][ T9626] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 466.349774][ T9626] ntfs3(loop5): mft corrupted [ 466.354975][ T9626] ntfs3(loop5): Failed to load $Extend (-22). [ 466.361329][ T9626] ntfs3(loop5): Failed to initialize $Extend. [ 466.426676][ T9626] ntfs3(loop5): ino=1e, mi_enum_attr [ 466.432232][ T9626] ntfs3(loop5): ino=1e, mi_enum_attr [ 466.438847][ T9626] ntfs3(loop5): ino=1e, "file1" mi_enum_attr [ 466.445483][ T9626] ntfs3(loop5): ino=1e, "file1" mi_enum_attr [ 466.459118][ T9626] ntfs3(loop5): ino=1e, "file1" mi_enum_attr [ 466.581376][ T9628] ntfs3(loop3): ino=1a, mi_enum_attr [ 466.587334][ T9628] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 466.636945][ T9628] ntfs3(loop3): ino=1a, mi_enum_attr [ 466.642579][ T9628] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 467.073431][ T9642] bridge1: entered allmulticast mode [ 467.086990][ T9642] team0: Device bridge1 is up. Set it down before adding it as a team port [ 468.456947][ T9663] loop1: detected capacity change from 0 to 2048 [ 468.496867][ T9663] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 468.517911][ T9668] loop3: detected capacity change from 0 to 8 [ 468.603378][ T9663] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 468.627121][ T9668] SQUASHFS error: Failed to read block 0x6e6: -5 [ 468.633860][ T9668] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 468.641519][ T9668] SQUASHFS error: Unable to read directory block [6e4:0] [ 470.838509][ T9703] io-wq is not configured for unbound workers [ 471.216208][ T9705] binder: 9704:9705 ioctl 4018620d 0 returned -22 [ 471.327430][ T9702] loop1: detected capacity change from 0 to 4096 [ 471.918941][ T9720] loop6: detected capacity change from 0 to 524288000 [ 472.005222][ T9720] support for the xor transformation has been removed. [ 472.005678][ T1870] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 472.099850][ T9722] loop3: detected capacity change from 0 to 512 [ 472.161924][ T9722] EXT4-fs warning (device loop3): ext4_xattr_inode_get:546: inode #11: comm syz.3.1636: ea_inode file size=0 entry size=6 [ 472.175940][ T9722] ------------[ cut here ]------------ [ 472.181564][ T9722] EA inode 11 i_nlink=2 [ 472.182577][ T9722] WARNING: CPU: 1 PID: 9722 at fs/ext4/xattr.c:1058 ext4_xattr_inode_update_ref+0x711/0x900 [ 472.197800][ T9722] Modules linked in: [ 472.201970][ T9722] CPU: 1 UID: 0 PID: 9722 Comm: syz.3.1636 Not tainted syzkaller #0 PREEMPT(none) [ 472.211760][ T9722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 472.222397][ T9722] RIP: 0010:ext4_xattr_inode_update_ref+0x711/0x900 [ 472.232388][ T9722] Code: 00 00 00 00 4d 85 ed 0f 85 e6 01 00 00 45 85 ff 0f 85 ee 01 00 00 48 c7 c7 6d 7c ba 91 48 8b 75 d0 8b 55 c0 e8 40 17 dd fd 90 <0f> 0b 90 90 4c 8b 6d a8 4c 8b 75 c8 4c 8b 7d b0 e9 6c fe ff ff e8 [ 472.255696][ T9722] RSP: 0018:ffff888035b4f140 EFLAGS: 00010283 [ 472.262088][ T9722] RAX: ffffffff8120833e RBX: ffff888025168ba0 RCX: 0000000000080000 [ 472.271970][ T9722] RDX: ffffc90009c07000 RSI: 0000000000004dcd RDI: 0000000000004dce [ 472.280695][ T9722] RBP: ffff888035b4f1c8 R08: ffffea000000000f R09: 0000000000000000 [ 472.289103][ T9722] R10: ffff888237abb028 R11: ffff88823f272d80 R12: 0000000000000000 [ 472.297467][ T9722] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 472.305828][ T9722] FS: 0000000000000000(0000) GS:ffff8881aae50000(0063) knlGS:00000000f542db40 [ 472.315133][ T9722] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 472.321935][ T9722] CR2: 00000000f74699b4 CR3: 000000001ffc4000 CR4: 00000000003526f0 [ 472.331126][ T9722] Call Trace: [ 472.334605][ T9722] [ 472.337859][ T9722] ext4_xattr_inode_dec_ref_all+0xf57/0x1670 [ 472.344179][ T9722] ? __ext4_journal_get_write_access+0x46b/0x900 [ 472.351058][ T9722] ext4_xattr_delete_inode+0xd0d/0x14b0 [ 472.357147][ T9722] ext4_evict_inode+0x1dc9/0x2480 [ 472.363641][ T9722] ? __pfx_ext4_evict_inode+0x10/0x10 [ 472.369797][ T9722] evict+0x700/0xd00 [ 472.374001][ T9722] ? kmsan_get_metadata+0xfb/0x160 [ 472.379608][ T9722] iput+0xba3/0xfa0 [ 472.383690][ T9722] ext4_process_orphan+0x49a/0x520 [ 472.389282][ T9722] ext4_orphan_cleanup+0x10a6/0x1e30 [ 472.395022][ T9722] ext4_fill_super+0xa788/0xb010 [ 472.400395][ T9722] get_tree_bdev_flags+0x6e6/0x920 [ 472.405962][ T9722] ? __pfx_ext4_fill_super+0x10/0x10 [ 472.411558][ T9722] ? __pfx_ext4_fill_super+0x10/0x10 [ 472.417410][ T9722] ? __pfx_ext4_get_tree+0x10/0x10 [ 472.422799][ T9722] get_tree_bdev+0x38/0x50 [ 472.427626][ T9722] ext4_get_tree+0x35/0x40 [ 472.432318][ T9722] vfs_get_tree+0xb3/0x5c0 [ 472.437179][ T9722] do_new_mount+0x839/0x15f0 [ 472.444594][ T9722] ? kmsan_get_metadata+0xfb/0x160 [ 472.450218][ T9722] path_mount+0x747/0x1fb0 [ 472.455121][ T9722] __se_sys_mount+0x6f7/0x7e0 [ 472.461608][ T9722] __ia32_sys_mount+0xe2/0x150 [ 472.467235][ T9722] ia32_sys_call+0x2c16/0x4310 [ 472.472340][ T9722] __do_fast_syscall_32+0xb0/0x150 [ 472.478382][ T9722] ? irqentry_exit_to_user_mode+0x7f/0xa0 [ 472.484400][ T9722] do_fast_syscall_32+0x38/0x80 [ 472.489814][ T9722] do_SYSENTER_32+0x1f/0x30 [ 472.494618][ T9722] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 472.501307][ T9722] RIP: 0023:0xf703d539 [ 472.506148][ T9722] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 472.526180][ T9722] RSP: 002b:00000000f542d3b0 EFLAGS: 00000206 ORIG_RAX: 0000000000000015 [ 472.535157][ T9722] RAX: ffffffffffffffda RBX: 00000000f542d410 RCX: 00000000800001c0 [ 472.543349][ T9722] RDX: 0000000080000180 RSI: 0000000000800700 RDI: 00000000f542d450 [ 472.551781][ T9722] RBP: 00000000f542d410 R08: 0000000000000000 R09: 0000000000000000 [ 472.560301][ T9722] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 472.569809][ T9722] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 472.578607][ T9722] [ 472.581790][ T9722] ---[ end trace 0000000000000000 ]--- [ 472.588362][ T9722] EXT4-fs (loop3): 1 orphan inode deleted [ 472.596701][ T9722] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 472.635138][ T1870] usb 6-1: Using ep0 maxpacket: 16 [ 472.678539][ T1870] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.689936][ T1870] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 472.699427][ T1870] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 472.778731][ T1870] usb 6-1: config 0 descriptor?? [ 472.829680][ T9730] loop1: detected capacity change from 0 to 512 [ 472.858512][ T9730] EXT4-fs (loop1): Test dummy encryption mode enabled [ 472.870901][ T9730] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 472.957486][ T9730] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1637: bad orphan inode 131083 [ 472.988882][ T9730] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 473.030381][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 473.310579][ T1870] mcp2221 0003:04D8:00DD.000A: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 473.397263][ T5808] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 473.774505][ T5876] usb 6-1: USB disconnect, device number 2 [ 474.646753][ T9753] loop3: detected capacity change from 0 to 16 [ 474.845195][ T9758] loop4: detected capacity change from 0 to 512 [ 474.882787][ T9758] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.1651: inode has both inline data and extents flags [ 474.904438][ T9758] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1651: couldn't read orphan inode 15 (err -117) [ 474.935056][ T9758] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 475.224270][ T5809] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 479.345325][ T135] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 480.325789][ T5876] usb 2-1: new full-speed USB device number 13 using dummy_hcd [ 480.585420][ T5876] usb 2-1: config 0 has no interfaces? [ 480.593319][ T5876] usb 2-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47 [ 480.602874][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 480.686713][ T9768] Set syz1 is full, maxelem 65536 reached [ 480.697404][ T1286] ieee802154 phy0 wpan0: encryption failed: -22 [ 480.703993][ T1286] ieee802154 phy1 wpan1: encryption failed: -22 [ 480.710723][ T5876] usb 2-1: config 0 descriptor?? [ 481.111210][ T1870] usb 2-1: USB disconnect, device number 13 [ 482.210599][ T9821] bridge0: port 2(bridge_slave_1) entered disabled state [ 482.443225][ T9825] loop5: detected capacity change from 0 to 2048 [ 482.583179][ T9825] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 482.773661][ T9825] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 482.836001][ T9825] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28 [ 482.848939][ T9825] EXT4-fs (loop5): This should not happen!! Data will be lost [ 482.848939][ T9825] [ 482.859043][ T9825] EXT4-fs (loop5): Total free blocks count 0 [ 482.865415][ T9825] EXT4-fs (loop5): Free/Dirty block details [ 482.871501][ T9825] EXT4-fs (loop5): free_blocks=2415919104 [ 482.877636][ T9825] EXT4-fs (loop5): dirty_blocks=32 [ 482.882926][ T9825] EXT4-fs (loop5): Block reservation details [ 482.889241][ T9825] EXT4-fs (loop5): i_reserved_data_blocks=2 [ 482.892210][ T9837] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 483.438420][ T9840] loop4: detected capacity change from 0 to 1024 [ 483.537714][ T9840] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 483.845141][ T59] ===================================================== [ 483.852530][ T59] BUG: KMSAN: uninit-value in skb_clone+0x51d/0x580 [ 483.859736][ T59] skb_clone+0x51d/0x580 [ 483.864282][ T59] batadv_iv_send_outstanding_bat_ogm_packet+0x9ea/0xde0 [ 483.871649][ T59] process_scheduled_works+0xb91/0x1d80 [ 483.877552][ T59] worker_thread+0xedf/0x1590 [ 483.882438][ T59] kthread+0xd5c/0xf00 [ 483.886819][ T59] ret_from_fork+0x1f5/0x4c0 [ 483.891637][ T59] ret_from_fork_asm+0x1a/0x30 [ 483.896932][ T59] [ 483.899343][ T59] Uninit was created at: [ 483.903851][ T59] __alloc_frozen_pages_noprof+0x689/0xf00 [ 483.910058][ T59] __alloc_pages_noprof+0x41/0xd0 [ 483.915411][ T59] __page_frag_cache_refill+0x57/0x2a0 [ 483.921064][ T59] __page_frag_alloc_align+0xca/0x6e0 [ 483.926762][ T59] __netdev_alloc_skb+0x626/0x6a0 [ 483.932893][ T59] batadv_iv_ogm_queue_add+0x1198/0x1aa0 [ 483.939167][ T59] batadv_iv_ogm_schedule+0xfa9/0x1570 [ 483.945010][ T59] batadv_iv_send_outstanding_bat_ogm_packet+0xc16/0xde0 [ 483.952242][ T59] process_scheduled_works+0xb91/0x1d80 [ 483.958708][ T59] worker_thread+0xedf/0x1590 [ 483.963603][ T59] kthread+0xd5c/0xf00 [ 483.967978][ T59] ret_from_fork+0x1f5/0x4c0 [ 483.972770][ T59] ret_from_fork_asm+0x1a/0x30 [ 483.977890][ T59] [ 483.980334][ T59] CPU: 1 UID: 0 PID: 59 Comm: kworker/u8:4 Tainted: G W syzkaller #0 PREEMPT(none) [ 483.991693][ T59] Tainted: [W]=WARN [ 483.995724][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 484.006058][ T59] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet [ 484.014101][ T59] ===================================================== [ 484.021421][ T59] Disabling lock debugging due to kernel taint [ 484.027766][ T59] Kernel panic - not syncing: kmsan.panic set ... [ 484.034314][ T59] CPU: 1 UID: 0 PID: 59 Comm: kworker/u8:4 Tainted: G B W syzkaller #0 PREEMPT(none) [ 484.045409][ T59] Tainted: [B]=BAD_PAGE, [W]=WARN [ 484.050539][ T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 484.060759][ T59] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet [ 484.068825][ T59] Call Trace: [ 484.072205][ T59] [ 484.075261][ T59] __dump_stack+0x26/0x30 [ 484.079786][ T59] dump_stack_lvl+0x53/0x270 [ 484.084560][ T59] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 484.090565][ T59] dump_stack+0x1e/0x25 [ 484.094985][ T59] vpanic+0x435/0xd30 [ 484.099110][ T59] panic+0x15d/0x160 [ 484.103165][ T59] kmsan_report+0x31c/0x320 [ 484.107797][ T59] ? __msan_warning+0x1b/0x30 [ 484.112577][ T59] ? skb_clone+0x51d/0x580 [ 484.117144][ T59] ? batadv_iv_send_outstanding_bat_ogm_packet+0x9ea/0xde0 [ 484.124503][ T59] ? process_scheduled_works+0xb91/0x1d80 [ 484.130387][ T59] ? worker_thread+0xedf/0x1590 [ 484.135387][ T59] ? kthread+0xd5c/0xf00 [ 484.139732][ T59] ? ret_from_fork+0x1f5/0x4c0 [ 484.144634][ T59] ? ret_from_fork_asm+0x1a/0x30 [ 484.149738][ T59] ? kmsan_get_metadata+0xfb/0x160 [ 484.154983][ T59] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 484.160924][ T59] ? __pfx__raw_spin_lock+0x1/0x10 [ 484.166246][ T59] ? filter_irq_stacks+0x49/0x190 [ 484.171424][ T59] ? stack_depot_save_flags+0x35/0x7b0 [ 484.177019][ T59] ? kmsan_get_metadata+0xfb/0x160 [ 484.182251][ T59] ? kmsan_get_metadata+0xfb/0x160 [ 484.187499][ T59] ? kmsan_get_metadata+0xfb/0x160 [ 484.192725][ T59] ? kmsan_get_metadata+0xfb/0x160 [ 484.197947][ T59] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 484.204418][ T59] ? kmsan_get_metadata+0xfb/0x160 [ 484.209669][ T59] __msan_warning+0x1b/0x30 [ 484.214285][ T59] skb_clone+0x51d/0x580 [ 484.218722][ T59] batadv_iv_send_outstanding_bat_ogm_packet+0x9ea/0xde0 [ 484.225951][ T59] ? __pfx_batadv_iv_send_outstanding_bat_ogm_packet+0x10/0x10 [ 484.233659][ T59] process_scheduled_works+0xb91/0x1d80 [ 484.239406][ T59] worker_thread+0xedf/0x1590 [ 484.244268][ T59] kthread+0xd5c/0xf00 [ 484.248439][ T59] ? __pfx_worker_thread+0x10/0x10 [ 484.253728][ T59] ? __pfx_kthread+0x10/0x10 [ 484.258436][ T59] ret_from_fork+0x1f5/0x4c0 [ 484.263620][ T59] ? __pfx_kthread+0x10/0x10 [ 484.268342][ T59] ret_from_fork_asm+0x1a/0x30 [ 484.273371][ T59] [ 486.073086][ T59] Shutting down cpus with NMI [ 486.078278][ T59] Kernel Offset: disabled [ 486.082661][ T59] Rebooting in 86400 seconds..