last executing test programs: 2m43.483707862s ago: executing program 3 (id=1039): syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f0000000540)='./file1\x00', 0x3010018, &(0x7f0000000040), 0x5, 0x4c3, &(0x7f0000000ac0)="$eJzs3U1oXNUeAPD/nXw0L01f8j54r3SV9wp9fZQmTad5pdAH7apQtGArKOjC0EzStJO2NCmYLMQP0IoK7aYbi6ALBekirlQEkS5ERXDRjaAUVBAbSKtVpAshcu/MxLSZpE1Tc2n8/eBwz7kzc89/5uSeueefSxLAH1ZnROyKiIaI2BIR7dX9hWqJJyslfV6pOHEoLUlMTx+4mkQSEXuLE4dqx0qq29XVA7RExIUPI1ob5/Y7MjZ+pK9cLp2otrtHh493j4yNbx4a7hssDZaOFnu2F4vF3h3F3rv2Xn/45fCZd67vef7sle8//ebi2+eT2BVt1cdmv4+7pTM6Zz6T2RqTiP/f7c5y1pJ3ACza+fvPvJR3DADA8kuv8f8aEf/Orv/boyEqF+uHJx+91h7XBuZ7XcfPr1xezjgBAACAOzcd7bEz3QIAAAArViEi2iIpdFXvBWiLQqGrq3IP79+jtVA+NjK6aeDYyaP9kd0r2xFNhYGhcql2r3BHNCVpuyer/9beelO7GBF/iYhT7X/K2l0Hj5X7805+AAAAwArXFnHpkWfe/efqedb/qS/b844SAAAAWIp0/b/mUmv2p7p+ss4HAACAFSld/1979srHYf0PAAAAK1Zt/T/zf7hUVFRUZip5z1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw1/R0EtMAAADAipZ3/gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHvL3uLEoVpZrj4n9yxXT8xnandEdFTGv1QtlUcaoyXbtkRTRLT+mETjrNclEdGwxL67NkR0xqbPTz/x3VtpierP4RIPyz1i4uu8IyBPzdvyjoA8rXsg7wjI02en8o6APF2cyjsC8rT/QN4RkKd9/8s7AvL08tW8I+CD3RGxpV7+rxBrs20lC3Rz/qchyxAtzSfnIjqj69vZ++bmfwqTS+yGBUztjtgZEaU5+b9C7SkdDdXWmixV2JQMDJVLWyLizxGxMZpWpe2eBfrYu/ZC3UzPi/9Ix//kvlr+Ly1p/7VcYDWOycZVN76uv2+0b6nvm4qppyLWNdYb/2Qm/5vMk/9ddZt9vPfV/uF6+69/lI7/C+8vPP78nqZfjfhP3fM/mXlOWuseHT7ePTI2vnlouG+wNFg6WuzZXiwWe3cUe7uz+aC7NivM9ebTr9f9pv/XwWz+HzP++UnP/9aFxz+b/0fGxo/0lculEyOL7+O5DWfrfoe/cTYd/+YLdzL/NycPZgE2V/c93jc6eqInojm5b+7+rYuPeaWqfR61zysd/43r63//167/KvN/Yc78/7fqtlD5FeK8/vva5br7vzidjn/xIed/ftLx77/F+Z/ccP4vvvLY+v0b6/X9cGTXf+duff5vy4KpHcT1363d7gDlHScAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMz2awAAAP//MEf3BQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) syz_usb_connect$hid(0x3, 0x0, 0x0, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) 2m40.134198884s ago: executing program 3 (id=1048): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r0, 0x0) r1 = socket$inet_smc(0x2b, 0x1, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) 2m39.181145647s ago: executing program 3 (id=1052): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb"], 0x190) syz_emit_ethernet(0x4e, &(0x7f0000000000)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0x1, @remote, @mcast2, {[], @mld={0x83, 0x0, 0x0, 0x9f23, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}}}}}}}, 0x0) 2m38.276183814s ago: executing program 3 (id=1055): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044e, &(0x7f0000000340)={[{@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)={[{@dyn}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000580)=""/174, 0x18) 2m36.986318114s ago: executing program 3 (id=1062): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0xc0400) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r0, 0xc01064bd, &(0x7f00000000c0)={&(0x7f00000003c0)="9e", 0x1, 0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000440)={0x0, 0x0, 0x0, r2, 0xbbbbbbbb}) 2m35.653384383s ago: executing program 3 (id=1068): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x8, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x78, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4c, 0x3, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0xb}, @NFTA_SET_ELEM_EXPRESSIONS={0x3c, 0xb, 0x0, 0x1, [{0x20, 0x7, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}, {0x18, 0x1, 0x0, 0x1, @connlimit={{0x4, 0x2}, @val={0x4}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xfc}}, 0x0) sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x14, 0xa, 0xa, 0x101}, 0x14}}, 0x0) 2m32.591130062s ago: executing program 32 (id=1068): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x8, &(0x7f0000000000)={&(0x7f0000000200)={{0x14, 0x10, 0xc00e}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x4000000, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSETELEM={0x78, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4c, 0x3, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0xb}, @NFTA_SET_ELEM_EXPRESSIONS={0x3c, 0xb, 0x0, 0x1, [{0x20, 0x7, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8}]}}}, {0x18, 0x1, 0x0, 0x1, @connlimit={{0x4, 0x2}, @val={0x4}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xfc}}, 0x0) sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x14, 0xa, 0xa, 0x101}, 0x14}}, 0x0) 28.639344136s ago: executing program 0 (id=1399): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="05"], 0x48}, 0x300}, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000000100"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="0016"], 0x48}, 0x300, 0x0, 0x0, 0x8800}, 0x0) 27.447892102s ago: executing program 0 (id=1404): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0) write$P9_RSTATu(r0, &(0x7f00000004c0)={0x232, 0x7d, 0x0, {{0x500, 0xf1, 0x0, 0x5000000, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05\xf7\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0xffffffffffffffff}}, 0x232) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r1, 0xc05c5340, &(0x7f0000000300)={0x0, 0xa, 0x7f, {0xfffffff8, 0x800}, 0x9, 0x5c3}) 26.27852265s ago: executing program 0 (id=1407): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x43}, 0x28) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2c}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r0, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f00000007c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', r1}, 0x94) 24.698551687s ago: executing program 0 (id=1412): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x5e, &(0x7f0000000380)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6c}}, {@lazytime}, {@nodioread_nolock}, {@minixdf}]}, 0x3, 0x44a, &(0x7f00000006c0)="$eJzs271vG2UYAPDn7CSlXyRU5aMfQKAgylfSpKV0YAGBxFAkJBjKGJK0CnUb1ASJVhEEhMqIKjGxIEYk/gImWBAwIbHCjipVKEsLk9HZd43t2E6dOnGpfz/p3Pe9O/d9nrt77ffujQPoW6PpSxKxKyL+iIjharV+h9HqPzdWlqb/WVmaTqJcfuvvpLLf9ZWl6XzX/H0788pAROGzJA40aXfh4qWzU6XS7IWsPr547v3xhYuXnp87N3Vm9szs+ckTJ44dnXjx+OQLXckzzev6/o/mD+57/Z0rb0yfuvLuL98lef4NeXTJaLuNT5bLXW6ut3bXlJOBHgZCR4rVbhqDlf4/HMVYPXnD8dqnPQ0O2FTlcrn8QOvNy2XgLpZEryMAeiP/ok/vf/Nli4Yed4RrL1dvgNK8b2RLdctAFLJ9Bhvub7tpNCJOLf/7dbrE5jyHAACo80M6/nmu2fivELXPhe7N5lBGIuK+iNgTEccjYm9E3B9R2ffBiHiow/YbJ0nWjn8KV2tr5aTDBtaRjv9eyua26sd/+egvRopZbXcl/8Hk9Fxp9kh2TA7H4La0PtGmjR9f/f2LVttqx3/pkrafjwWzOK4ObKt/z8zU4tTt5Fzr2icR+wca8j8ZlQm8fCYgPeT7ImL/BtuYe+bbg622rZ9/G12YZyp/E/FU9fwvR935X73Qkvbzk+P3RGn2yHh+Vaz162+X32zV/m3l3wXp+d/R9Pq/mf9IUjtfu9DJ//7V0+nr5T8/b3lPs9Hrfyh5u1IeytZ9OLW4eGEiYig5WQ26dv3k6nvzer5/mv/hQ837/55YPRIHIiK9iB+OiEci4tEs9sci4vGIONTmKPz8yhPvbTz/zZXmP9PR+V8tDEXjmuaF4tmfvq9rdKST/NPzf6xSOpytuZXPv1uJq9OrGQAAAP6vChGxK5LC2M1yoTA2Vv0b/r2xo1CaX1h89vT8B+dnqr8RGInBQv6ka7jmeehEdluf1ycb6kez58ZfFrdX6mPT86WZXicPfW5ni/6f+qvY6+iATef3WtC/9H/oX/o/9C/9H/pXk/6/vRdxAFuv2ff/xz2IA9h6Df3ftB/0Eff/0L820v99ZsDdoW1fHtq6OIAttbA91v+RvILCmkIU7ogwFDap0OtPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO74LwAA///lI+j0") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) chdir(&(0x7f00000001c0)='./file0\x00') newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', &(0x7f0000000280), 0x0) 22.464467815s ago: executing program 0 (id=1416): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480f0000005e140602000000000e000a001000000002800000121f", 0x2e}], 0x1}, 0x800) 21.047316237s ago: executing program 0 (id=1423): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x9, 0x5, 0x20ffd}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000) 18.407772461s ago: executing program 33 (id=1423): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x9, 0x5, 0x20ffd}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000) 6.929905483s ago: executing program 2 (id=1452): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99f0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20) 6.097290994s ago: executing program 2 (id=1454): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x2c, r1, 0x1, 0x72bd29, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HT={0x4}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 5.469491134s ago: executing program 4 (id=1457): r0 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380), 0x0, 0x0}) ptrace(0x10, r0) ptrace$setsig(0x4203, r0, 0xf51, &(0x7f0000000100)={0xd, 0x4, 0x9}) 5.102340294s ago: executing program 2 (id=1458): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x20, 0x4b3, 0x3108, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x20, "", [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x80, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x0, 0x45, 0xfe}}}}}]}}]}}, 0x0) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000140)={0x2c, &(0x7f0000000240)=ANY=[@ANYBLOB="0021280000002831f70ba38103000000000090f993e0"], 0x0, 0x0, 0x0, 0x0}, 0x0) 4.962573269s ago: executing program 4 (id=1459): connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x4, 0x6, 0x1, 0xffffffffffffffff, 0x6da443c8}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r0}, 0x20) 4.615754125s ago: executing program 1 (id=1460): sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x18, 0x0, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x24040085) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="59cf000000000100000008"], 0x28}, 0x1, 0x0, 0x0, 0x400c081}, 0x0) 4.316739814s ago: executing program 4 (id=1461): openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) io_setup(0x1, &(0x7f0000000200)=0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') io_submit(r0, 0x1, &(0x7f0000000880)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r1, 0x0}]) 3.850174042s ago: executing program 1 (id=1462): r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000040)=0xb, 0x4) sendmmsg$inet(r0, &(0x7f00000053c0)=[{{&(0x7f0000000200)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)='\b\x00\x00\x00(\x00\x00\x00', 0x8}], 0x1}}], 0x1, 0x4800) recvfrom(r0, 0x0, 0x0, 0x40000040, 0x0, 0x0) 3.449771912s ago: executing program 4 (id=1463): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nombcache}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") syz_open_procfs(0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x46942, 0x0) pwrite64(r0, &(0x7f0000000000)="86", 0x1, 0x20404042ffc) 3.039284983s ago: executing program 1 (id=1464): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18) syz_emit_ethernet(0xc2, &(0x7f00000000c0)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x17}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb4, 0x0, 0x0, 0xfd, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x37}, {[@cipso={0x86, 0x71, 0x0, [{0x0, 0xc, "e256b28c04000000fb52"}, {0x0, 0x9, "789607675ca638"}, {0x5, 0xe, "7434954373561de584b703c8"}, {0x2, 0x9, "e706d30bd2fe9d"}, {0x6, 0x7, "cfa11cab1a"}, {0x0, 0x10, "c600"/14}, {0x0, 0xa, "65807fe97612fe86"}, {0x0, 0x12, "73bc00"/16}, {0x6, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x2, [{0x1, 0x6, "7f36c525"}]}]}}, "8d1170b9"}}}}}, 0x0) 2.6135711s ago: executing program 1 (id=1465): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005000400000000000900020073797a30000000001400078008000840000028590800064000000000050005000000400005000100060000000d000300686173683a6d6163"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000006000500010007000000080009400000000114000880100007800a001100b4"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000) 2.196596833s ago: executing program 2 (id=1466): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x0, 0x2, 0x9}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@private1={0xfc, 0x1, '\x00', 0x1}, 0x8000000, 0x2, 0xff, 0x0, 0x9, 0x3}, 0x20) 1.655973686s ago: executing program 4 (id=1467): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=ANY=[@ANYBLOB="28010000100007000000000000000000ff020000000000000000000000000001e00000020000000000000000000000004e200000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff010000000000000000000000000001000000002b000000fc000000000000000000edff0000000000000000000000000000000000000000020000000000000000000000000000000000001000000000ffffffffffffffff00000000000000000000000000000000000000000000000000002000000000000700000000000000000000000000000000000400fdffffffe80a000000000000000000000a000200340000000000000014000e"], 0x128}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x104, 0x10, 0x7, 0x80000000, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000, 0xffffffffffffffff}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) 1.467211719s ago: executing program 1 (id=1468): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x30, r1, 0x1, 0x70bd27, 0x3, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x4048014) 1.334091716s ago: executing program 2 (id=1469): madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000f9b000/0x4000)=nil) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x4c032, 0xffffffffffffffff, 0x0) 489.929266ms ago: executing program 4 (id=1470): fsopen(&(0x7f0000000180)='binfmt_misc\x00', 0x0) r0 = add_key$user(&(0x7f0000000000), &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000240)="bc30a071d8bcb8794f5d8e1334b133", 0xf, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) 275.492535ms ago: executing program 1 (id=1471): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x10840, &(0x7f00000001c0)=ANY=[@ANYBLOB='iocharset=utf8,shortname=winnt,shortname=win95,uni_xlate=1,shortname=winnt,shortname=winnt,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c73686f72746e616d653d77696e6e742c000000000000009e5fcf6469722c73687865d2068a008e48488cc8642c6e66733d6e6f73"], 0x1, 0x274, &(0x7f00000005c0)="$eJzs3cFrk2ccB/Bf2nRJCyM5DMrGYO/YZafQduyeMjoYC2xs5KAni01RmlpooaCHtrfi/6D/gh69Ch7Eq/+ACFIFL9ZTD0IkvmlNahIbbRqxn8+lP5739+V5nrcveemhTy79uLqytLaxvL+/F/l8JrLlKMdBJooxFuOR2gkA4Gty0GjEq0Zq1GsBAM6G9z8AnD/93v+ZnaOxf89+ZQDAsHzW3/9jQ1kSADBk/1+4+Pd8pbLwX5LkI1Z3N6ub1fRnen1+Oa5GPWoxE4V4E9E4ktZ//lVZmEmanhcjv7o9lua3N6vjnfnZKESxe342SUW1mTvMT8RUK/9kKmoxF4X4rnt+rmv+m/j1l7b5S1GIx5djLeqxFM1sms9FxNZskvzxT+VYPveuDwAAAAAAAAAAAAAAAAAAAAAAhqGUHCl2nn+Tnt9TKvW6nubbzwea7Hc+UGP72Pk62fghO9q9AwAAAAAAAAAAAAAAAAAAwJdi4/qNlcV6vbber7j26M6DvVwa+Ghz/yLTmnew1G7fnsmT7eJY8e3Pz251u5SL3KD359OKiYhoH0laU97/aYiTnlbxcO/K979tTP/eqyey7SM3m1vt6OnxIGWHdcNfFiI6RyZat7ter+UHfiDbi7uHRfn1Bz2Hj1JtfXLUv7jp2+XFe1tPX5w01edDozF+2h9DAAAAAAAAAAAAAAAAAABAx/+3j3olAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA677//f9AiFx0j+Z7NmZ1RbxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHPvbQAAAP//Th2Rtg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000280)=""/59, 0x5e) ioctl$VFAT_IOCTL_READDIR_BOTH(r0, 0x82307201, &(0x7f0000000f80)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) 0s ago: executing program 2 (id=1472): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0xf, 0x40, 0x6, 0x3, 0x4, "a0e1c6beeb439eff56c42676bae174bc012837"}) kernel console output (not intermixed with test programs): 107] Registered IR keymap rc-empty [ 426.672838][ T6107] rc rc0: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0 [ 426.758857][ T6107] input: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input11 [ 426.846359][ T6107] dvb-usb: schedule remote query interval to 100 msecs. [ 426.877898][ T6107] dvb-usb: DViCO FusionHDTV5 USB Gold successfully initialized and connected. [ 426.998448][ T9] dvb-usb: bulk message failed: -22 (1/0) [ 427.013235][ T6107] usb 1-1: USB disconnect, device number 6 [ 427.526100][ T29] audit: type=1326 audit(1781187685.141:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7538 comm="syz.0.604" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9903f9ce59 code=0x7fc00000 [ 427.672329][ T6107] dvb-usb: DViCO FusionHDTV5 USB Gold successfully deinitialized and disconnected. [ 427.674103][ T7537] loop3: detected capacity change from 0 to 2048 [ 427.870274][ T7537] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 429.253942][ T29] audit: type=1804 audit(1781187686.871:49): pid=7555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.609" name="/newroot/141/cgroup.controllers" dev="tmpfs" ino=757 res=1 errno=0 [ 429.399299][ T29] audit: type=1800 audit(1781187686.871:50): pid=7555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.609" name="cgroup.controllers" dev="tmpfs" ino=757 res=0 errno=0 [ 429.800037][ T6107] usb 1-1: new low-speed USB device number 7 using dummy_hcd [ 430.034495][ T6107] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 430.072003][ T7562] loop2: detected capacity change from 0 to 8 [ 430.072589][ T6107] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 430.154732][ T6107] usb 1-1: config 0 has no interface number 0 [ 430.196972][ T6107] usb 1-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 430.273078][ T6107] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 430.346308][ T6107] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 430.390464][ T6107] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 430.465088][ T6107] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.482759][ T7562] SQUASHFS error: Failed to read block 0x1ec: -5 [ 430.541073][ T6107] usb 1-1: config 0 descriptor?? [ 430.550789][ T7562] SQUASHFS error: Unable to read metadata cache entry [1ea] [ 430.596967][ T7557] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 431.337399][ T6107] input: USB Keyspan Remote 06cd:0202 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.21/input/input12 [ 431.627995][ C0] keyspan_remote 1-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19 [ 431.638260][ T6107] usb 1-1: USB disconnect, device number 7 [ 432.110081][ T7579] loop3: detected capacity change from 0 to 512 [ 432.190812][ T7579] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 432.322195][ T7579] EXT4-fs (loop3): 1 truncate cleaned up [ 432.379211][ T7579] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 432.413018][ T7584] loop2: detected capacity change from 0 to 256 [ 432.422832][ T7579] EXT4-fs error (device loop3): ext4_append:79: inode #2: comm syz.3.621: Logical block already allocated [ 432.482175][ T7579] EXT4-fs (loop3): Remounting filesystem read-only [ 432.855986][ T5591] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 432.906743][ T40] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 433.096750][ T40] usb 2-1: Using ep0 maxpacket: 16 [ 433.128632][ T40] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 433.143496][ T807] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 433.183319][ T40] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 433.226842][ T40] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.291950][ T40] usb 2-1: config 0 descriptor?? [ 433.301885][ T7591] netlink: 277 bytes leftover after parsing attributes in process `syz.3.624'. [ 433.336222][ T807] usb 1-1: Using ep0 maxpacket: 8 [ 433.365353][ T807] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 433.431746][ T807] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.765350][ T807] pvrusb2: Hardware description: Terratec Grabster AV400 [ 433.775279][ T7593] erspan0: entered promiscuous mode [ 433.819251][ T807] pvrusb2: ********** [ 433.873109][ T807] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 433.956268][ T807] pvrusb2: Important functionality might not be entirely working. [ 434.023043][ T807] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 434.035764][ T40] mcp2221 0003:04D8:00DD.0004: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 434.106641][ T807] pvrusb2: ********** [ 434.187146][ T2354] pvrusb2: Invalid write control endpoint [ 434.393902][ T7595] i2c i2c-1: unsupported multi-msg i2c transaction [ 434.473888][ T807] usb 1-1: USB disconnect, device number 8 [ 434.493844][ T40] usb 2-1: USB disconnect, device number 5 [ 435.063417][ T2354] pvrusb2: Invalid write control endpoint [ 435.109209][ T2354] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 435.205870][ T2354] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 435.278484][ T2354] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 435.365907][ T2354] pvrusb2: Device being rendered inoperable [ 435.410949][ T2354] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 435.468126][ T7601] loop2: detected capacity change from 0 to 512 [ 435.475314][ T2354] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 435.532449][ T2354] pvrusb2: Attached sub-driver cx25840 [ 435.588752][ T2354] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 435.691718][ T2354] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 435.791429][ T7601] EXT4-fs (loop2): 1 truncate cleaned up [ 435.907987][ T7601] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 436.199765][ T29] audit: type=1800 audit(1781187693.821:51): pid=7601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.626" name="file0" dev="loop2" ino=13 res=0 errno=0 [ 437.183735][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 437.252642][ T7623] loop4: detected capacity change from 0 to 64 [ 438.174945][ T807] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 438.198849][ T7628] loop0: detected capacity change from 0 to 1024 [ 438.262738][ T7628] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 438.276158][ T7628] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 438.406473][ T807] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 438.422174][ T807] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 438.434142][ T807] usb 4-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00 [ 438.485923][ T29] audit: type=1800 audit(1781187696.101:52): pid=7628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.638" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 438.509193][ T807] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.526865][ T807] usb 4-1: config 0 descriptor?? [ 438.547540][ T7628] EXT4-fs (loop0): Online defrag not supported with bigalloc [ 438.617823][ T29] audit: type=1800 audit(1781187696.161:53): pid=7628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.638" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 439.145488][ T807] hid_parser_main: 30 callbacks suppressed [ 439.145607][ T807] razer 0003:1532:010E.0005: unknown main item tag 0x5 [ 439.339538][ T5593] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 439.366655][ T807] razer 0003:1532:010E.0005: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.3-1/input0 [ 439.512870][ T807] usb 4-1: USB disconnect, device number 5 [ 440.100171][ T7644] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 440.399811][ T7649] loop1: detected capacity change from 0 to 64 [ 440.629377][ T7652] loop4: detected capacity change from 0 to 64 [ 440.824594][ T7645] fido_id[7645]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 441.377160][ T7657] loop0: detected capacity change from 0 to 8 [ 441.681416][ T7661] loop4: detected capacity change from 0 to 64 [ 442.190512][ T6107] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 442.399778][ T6107] usb 4-1: Using ep0 maxpacket: 32 [ 442.436948][ T6107] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 442.502850][ T6107] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 442.568327][ T6107] usb 4-1: config 0 descriptor?? [ 442.950865][ T6107] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 443.082705][ T6107] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 443.183270][ T6107] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 443.265477][ T6107] usb 4-1: media controller created [ 443.647970][ T6107] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 444.072985][ T6107] az6027: usb out operation failed. (-71) [ 444.107856][ T6107] az6027: usb out operation failed. (-71) [ 444.152389][ T6107] stb0899_attach: Driver disabled by Kconfig [ 444.193208][ T6107] az6027: no front-end attached [ 444.193208][ T6107] [ 444.238446][ T6107] az6027: usb out operation failed. (-71) [ 444.275372][ T6107] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 444.328777][ T6107] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input13 [ 444.469408][ T6107] dvb-usb: schedule remote query interval to 400 msecs. [ 444.515401][ T6107] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 444.624063][ T6107] usb 4-1: USB disconnect, device number 6 [ 444.824507][ T7684] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 444.927266][ T7684] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 445.513000][ T6107] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 445.720840][ T7687] loop0: detected capacity change from 0 to 1024 [ 446.021771][ T7693] netlink: 4 bytes leftover after parsing attributes in process `syz.3.663'. [ 447.029065][ T7701] loop0: detected capacity change from 0 to 128 [ 447.160621][ T7701] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 447.195216][ T7701] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 447.781550][ T5593] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 449.229158][ T7715] netlink: 32 bytes leftover after parsing attributes in process `syz.3.673'. [ 449.830767][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.837611][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 450.733648][ T7723] loop4: detected capacity change from 0 to 4096 [ 451.677447][ T7741] loop2: detected capacity change from 0 to 128 [ 451.797393][ T7741] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 452.445053][ T29] audit: type=1800 audit(1781187710.061:54): pid=7741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.682" name="file1" dev="loop2" ino=94 res=0 errno=0 [ 453.645950][ T7748] loop3: detected capacity change from 0 to 4096 [ 456.311274][ T7773] netlink: 8 bytes leftover after parsing attributes in process `syz.1.696'. [ 456.446417][ T7775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.697'. [ 457.039784][ T7777] loop4: detected capacity change from 0 to 512 [ 457.176984][ T7777] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 457.228862][ T7777] EXT4-fs (loop4): orphan cleanup on readonly fs [ 457.293331][ T7777] EXT4-fs warning (device loop4): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 457.327204][ T7777] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 457.372411][ T7777] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.698: bg 0: block 40: padding at end of block bitmap is not set [ 457.471959][ T7777] loop4: lost filesystem error report for type 5 error -117 [ 457.474428][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 457.488731][ C0] EXT4-fs (loop4): initial error at time 1781187715: ext4_validate_block_bitmap:441 [ 457.498593][ C0] EXT4-fs (loop4): last error at time 1781187715: ext4_validate_block_bitmap:441 [ 457.517382][ T7777] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 457.535113][ T7777] loop4: lost filesystem error report for type 5 error -117 [ 457.555295][ T7777] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #16: comm syz.4.698: data will be lost [ 457.586234][ T7777] EXT4-fs (loop4): 1 truncate cleaned up [ 457.631048][ T7777] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 457.653672][ T7779] loop0: detected capacity change from 0 to 2048 [ 457.760001][ T7777] EXT4-fs error (device loop4): ext4_get_link:106: inode #16: comm syz.4.698: bad symlink. [ 457.811235][ T7788] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 458.257694][ T5580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 458.437155][ T7792] loop3: detected capacity change from 0 to 64 [ 458.934729][ T807] kernel write not supported for file /sg0 (pid: 807 comm: kworker/1:2) [ 459.483287][ T7796] bond1: option primary: mode dependency failed, not supported in mode 802.3ad(4) [ 459.645725][ T7796] bond1 (unregistering): Released all slaves [ 461.458403][ T7815] loop2: detected capacity change from 0 to 512 [ 461.561993][ T7815] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 461.776116][ T7815] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.714: invalid indirect mapped block 4294967295 (level 0) [ 461.930640][ T7815] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 461.934467][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 461.951373][ C0] EXT4-fs (loop2): initial error at time 1781187719: ext4_free_branches:1023: inode 16 [ 461.961650][ C0] EXT4-fs (loop2): last error at time 1781187719: ext4_free_branches:1023: inode 16 [ 461.982573][ T7815] EXT4-fs (loop2): Remounting filesystem read-only [ 462.012640][ T7815] EXT4-fs (loop2): 1 orphan inode deleted [ 462.078746][ T7815] EXT4-fs (loop2): 1 truncate cleaned up [ 462.139917][ T7815] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 462.418974][ T7819] loop1: detected capacity change from 0 to 4096 [ 462.617665][ T7833] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 462.841307][ T7837] NILFS (loop1): nilfs_sufile_do_free: segment 9 is already clean [ 463.666639][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 465.170310][ T7842] loop3: detected capacity change from 0 to 8192 [ 465.273721][ T7842] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 465.406204][ T29] audit: type=1800 audit(1781187723.021:55): pid=7842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.726" name="file1" dev="loop3" ino=1048633 res=0 errno=0 [ 466.207622][ T29] audit: type=1326 audit(1781187723.821:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.1.733" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f768159ce59 code=0x7ffc0000 [ 466.382667][ T29] audit: type=1326 audit(1781187723.821:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.1.733" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f768159ce59 code=0x7ffc0000 [ 466.504665][ T29] audit: type=1326 audit(1781187723.951:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.1.733" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f768159ce59 code=0x7ffc0000 [ 466.591312][ T29] audit: type=1326 audit(1781187723.961:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.1.733" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f768159ce59 code=0x7ffc0000 [ 466.716211][ T29] audit: type=1326 audit(1781187723.981:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.1.733" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f768159ce59 code=0x7ffc0000 [ 466.877016][ T29] audit: type=1326 audit(1781187724.001:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.1.733" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f768159ce59 code=0x7ffc0000 [ 467.007467][ T29] audit: type=1326 audit(1781187724.001:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.1.733" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f768159ce59 code=0x7ffc0000 [ 467.138176][ T29] audit: type=1326 audit(1781187724.031:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.1.733" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f768159ce59 code=0x7ffc0000 [ 467.243315][ T29] audit: type=1326 audit(1781187724.031:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.1.733" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f768159ce59 code=0x7ffc0000 [ 467.370699][ T7866] loop1: detected capacity change from 0 to 512 [ 467.636610][ T7866] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #12: comm syz.1.737: missing EA_INODE flag [ 467.660191][ T7866] loop1: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 467.664439][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 467.680991][ C0] EXT4-fs (loop1): initial error at time 1781187725: ext4_xattr_inode_iget:441: inode 12 [ 467.691466][ C0] EXT4-fs (loop1): last error at time 1781187725: ext4_xattr_inode_iget:441: inode 12 [ 467.774641][ T7866] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.737: error while reading EA inode 12 err=-117 [ 467.883267][ T7866] loop1: lost filesystem error report for type 5 error -117 [ 467.900872][ T7866] EXT4-fs (loop1): 1 orphan inode deleted [ 468.072159][ T7866] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.546902][ T7870] loop3: detected capacity change from 0 to 32768 [ 468.639966][ T7870] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 469.093515][ T7870] XFS (loop3): Ending clean mount [ 469.146168][ T7870] XFS (loop3): Quotacheck needed: Please wait. [ 469.226769][ T6276] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 469.278921][ T7870] XFS (loop3): Quotacheck: Done. [ 469.455632][ T5591] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 472.852077][ T7919] sctp: [Deprecated]: syz.3.745 (pid 7919) Use of struct sctp_assoc_value in delayed_ack socket option. [ 472.852077][ T7919] Use struct sctp_sack_info instead [ 472.948267][ T7914] loop1: detected capacity change from 0 to 4096 [ 473.228047][ T7921] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 473.352857][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 473.352947][ T29] audit: type=1800 audit(1781187730.971:71): pid=7914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.754" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 473.709151][ T7924] loop4: detected capacity change from 0 to 512 [ 473.879305][ T7928] wlan0 speed is unknown, defaulting to 1000 [ 473.937832][ T7928] wlan0 speed is unknown, defaulting to 1000 [ 473.960711][ T7928] wlan0 speed is unknown, defaulting to 1000 [ 473.987066][ T7928] smbdirect: ib_dev[syz0]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 474.023103][ T7928] smbdirect: ib_dev[syz0]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 474.085925][ T7928] smbdirect: ib_dev[syz0]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 474.180263][ T7928] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 474.233003][ T7927] loop0: detected capacity change from 0 to 2048 [ 474.357753][ T7927] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 474.416830][ T7928] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 474.821852][ T7928] wlan0 speed is unknown, defaulting to 1000 [ 474.939478][ T7928] wlan0 speed is unknown, defaulting to 1000 [ 475.017994][ T7928] wlan0 speed is unknown, defaulting to 1000 [ 475.112271][ T7928] wlan0 speed is unknown, defaulting to 1000 [ 475.180646][ T7928] wlan0 speed is unknown, defaulting to 1000 [ 476.022078][ T7941] loop0: detected capacity change from 0 to 512 [ 476.153980][ T7941] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 476.559710][ T7948] netlink: 24 bytes leftover after parsing attributes in process `syz.1.763'. [ 476.647144][ T7948] netlink: 24 bytes leftover after parsing attributes in process `syz.1.763'. [ 477.045276][ T7950] loop4: detected capacity change from 0 to 128 [ 477.395633][ T7957] netlink: 8 bytes leftover after parsing attributes in process `syz.3.766'. [ 477.506246][ T7959] syz.1.768 uses obsolete (PF_INET,SOCK_PACKET) [ 477.686671][ T6107] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 477.928363][ T6107] usb 1-1: Using ep0 maxpacket: 16 [ 477.960869][ T6107] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 478.019714][ T6107] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 478.099310][ T6107] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.192502][ T6107] usb 1-1: config 0 descriptor?? [ 478.836071][ T6107] mcp2221 0003:04D8:00DD.0006: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 479.193872][ T6107] usb 1-1: USB disconnect, device number 9 [ 479.509067][ T807] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 479.736196][ T807] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88 [ 479.756327][ T7969] batman_adv: batadv0: Adding interface: macvtap1 [ 479.810657][ T7969] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 479.816575][ T7971] loop2: detected capacity change from 0 to 128 [ 479.851593][ T807] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 479.898578][ T807] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7 [ 479.931707][ T7969] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active [ 479.966391][ T807] usb 5-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49 [ 480.007123][ T807] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 480.039540][ T7971] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 480.052617][ T807] usb 5-1: Product: syz [ 480.081893][ T807] usb 5-1: Manufacturer: syz [ 480.102691][ T807] usb 5-1: SerialNumber: syz [ 480.181715][ T807] usb 5-1: config 0 descriptor?? [ 480.323467][ T7971] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 482.921222][ T7985] netlink: 'syz.1.781': attribute type 10 has an invalid length. [ 483.008562][ T7985] netlink: 152 bytes leftover after parsing attributes in process `syz.1.781'. [ 484.306534][ T6107] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 484.619267][ T6107] usb 3-1: Using ep0 maxpacket: 32 [ 485.409376][ T7992] wlan0 speed is unknown, defaulting to 1000 [ 487.981040][ T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 488.492052][ T9] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 488.607718][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 488.723022][ T9] usb 4-1: Product: syz [ 488.823774][ T9] usb 4-1: Manufacturer: syz [ 488.872029][ T9] usb 4-1: SerialNumber: syz [ 489.261021][ T9] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 489.732065][ T8010] loop1: detected capacity change from 0 to 512 [ 489.843063][ T6107] usb 3-1: unable to get BOS descriptor or descriptor too short [ 489.899528][ T6106] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 489.943502][ T6107] usb 3-1: unable to read config index 0 descriptor/start: -32 [ 490.015410][ T6107] usb 3-1: chopping to 0 config(s) [ 490.103428][ T6107] usb 3-1: can't read configurations, error -32 [ 490.435628][ T6107] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 490.748882][ T6107] usb 3-1: device descriptor read/64, error -32 [ 490.801183][ T807] iguanair 5-1:0.0: failed to get version [ 490.812182][ T807] iguanair 5-1:0.0: probe with driver iguanair failed with error -110 [ 490.969753][ T6107] usb usb3-port1: attempt power cycle [ 490.978017][ T807] usb 5-1: USB disconnect, device number 5 [ 491.420001][ T6107] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 491.460860][ T5680] usb 4-1: USB disconnect, device number 7 [ 491.495763][ T6107] usb 3-1: device descriptor read/8, error -32 [ 491.502678][ T6106] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 491.513806][ T6106] ath9k_htc: Failed to initialize the device [ 491.615194][ T5680] usb 4-1: ath9k_htc: USB layer deinitialized [ 491.735417][ T6107] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 491.819868][ T6107] usb 3-1: device descriptor read/8, error -32 [ 491.975686][ T6107] usb usb3-port1: unable to enumerate USB device [ 492.689485][ T8026] loop0: detected capacity change from 0 to 128 [ 495.020283][ T8032] loop4: detected capacity change from 0 to 8192 [ 495.092087][ T8032] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 495.411255][ T8043] netlink: 8 bytes leftover after parsing attributes in process `syz.3.805'. [ 495.846729][ T8046] loop0: detected capacity change from 0 to 2048 [ 496.093330][ T8046] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 496.205854][ T8046] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 496.234872][ T8054] netem: incorrect ge model size [ 496.267454][ T8054] netem: change failed [ 496.389796][ T8046] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.806: bg 0: block 345: padding at end of block bitmap is not set [ 496.475586][ T8046] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117 [ 496.521578][ T8046] EXT4-fs (loop0): This should not happen!! Data will be lost [ 496.521578][ T8046] [ 497.118587][ T5593] EXT4-fs warning (device loop0): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 497.189882][ T5593] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 497.795355][ T5680] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 498.006438][ T5680] usb 2-1: Using ep0 maxpacket: 16 [ 498.053412][ T5680] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 498.144734][ T5680] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 498.178141][ T5680] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 498.212660][ T5680] usb 2-1: Product: syz [ 498.231768][ T5680] usb 2-1: Manufacturer: syz [ 498.248926][ T5680] usb 2-1: SerialNumber: syz [ 498.288328][ T5680] usb 2-1: config 0 descriptor?? [ 498.391062][ T5680] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 498.450024][ T5680] usb 2-1: Detected FT232R [ 498.588919][ T5680] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 498.890996][ T5680] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 499.055828][ T8076] loop3: detected capacity change from 0 to 256 [ 499.093226][ T5680] usb 2-1: USB disconnect, device number 6 [ 499.189251][ T5680] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 499.247130][ T5680] ftdi_sio 2-1:0.0: device disconnected [ 499.448136][ T8076] FAT-fs (loop3): Directory bread(block 64) failed [ 499.466705][ T8076] FAT-fs (loop3): Directory bread(block 65) failed [ 499.487950][ T8076] FAT-fs (loop3): Directory bread(block 66) failed [ 499.513219][ T8076] FAT-fs (loop3): Directory bread(block 67) failed [ 499.548534][ T8076] FAT-fs (loop3): Directory bread(block 68) failed [ 499.581676][ T8076] FAT-fs (loop3): Directory bread(block 69) failed [ 499.622574][ T8076] FAT-fs (loop3): Directory bread(block 70) failed [ 499.672623][ T8076] FAT-fs (loop3): Directory bread(block 71) failed [ 499.699675][ T8076] FAT-fs (loop3): Directory bread(block 72) failed [ 499.721369][ T8076] FAT-fs (loop3): Directory bread(block 73) failed [ 499.762677][ T8078] loop2: detected capacity change from 0 to 256 [ 499.924893][ T5680] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 499.990844][ T8078] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 500.129773][ T5680] usb 1-1: Using ep0 maxpacket: 32 [ 500.208240][ T5680] usb 1-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 500.237235][ T5680] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 500.379566][ T5680] usb 1-1: config 0 descriptor?? [ 500.479216][ T5680] gspca_main: sq930x-2.14.0 probing 041e:403c [ 501.459046][ T5680] gspca_sq930x: reg_w 0105 bf00 failed -71 [ 501.562675][ T5680] sq930x 1-1:0.0: probe with driver sq930x failed with error -71 [ 501.672287][ T5680] usb 1-1: USB disconnect, device number 10 [ 502.909028][ T8103] netlink: 'syz.0.831': attribute type 1 has an invalid length. [ 503.382131][ T8111] netlink: 8 bytes leftover after parsing attributes in process `syz.3.834'. [ 503.435188][ T8111] netlink: 'syz.3.834': attribute type 21 has an invalid length. [ 504.274886][ T8116] loop1: detected capacity change from 0 to 256 [ 505.397850][ T8131] netlink: 52 bytes leftover after parsing attributes in process `syz.0.844'. [ 506.963843][ T8145] netlink: 76 bytes leftover after parsing attributes in process `syz.3.849'. [ 507.567883][ T8147] loop0: detected capacity change from 0 to 4096 [ 507.779751][ T8153] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 507.875844][ T29] audit: type=1800 audit(1781187765.491:72): pid=8147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.850" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 507.953281][ T29] audit: type=1800 audit(1781187765.521:73): pid=8147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.850" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 508.001554][ T55] Bluetooth: hci5: Frame reassembly failed (-84) [ 508.038125][ T8154] loop2: detected capacity change from 0 to 512 [ 510.055043][ T5583] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 510.601351][ T8178] loop1: detected capacity change from 0 to 64 [ 510.882505][ T29] audit: type=1800 audit(1781187768.501:74): pid=8178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.863" name="file1" dev="loop1" ino=22 res=0 errno=0 [ 510.915596][ T8178] hfs: keylen 1794 too large [ 510.958116][ T8178] hfs: keylen 1794 too large [ 510.958879][ T8181] option changes via remount are deprecated (pid=8179 comm=syz.0.864) [ 511.017631][ T8181] cgroup: option or name mismatch, new: 0x2 "nofavordynmods", old: 0x0 "" [ 511.267557][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.274857][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 512.204750][ T40] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 512.406294][ T40] usb 2-1: Using ep0 maxpacket: 16 [ 512.445224][ T40] usb 2-1: config 0 has an invalid interface number: 34 but max is 0 [ 512.472887][ T40] usb 2-1: config 0 has no interface number 0 [ 512.505430][ T40] usb 2-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023 [ 512.562840][ T40] usb 2-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80 [ 512.628891][ T40] usb 2-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 512.674482][ T40] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 512.714605][ T40] usb 2-1: Product: syz [ 512.730117][ T40] usb 2-1: Manufacturer: syz [ 512.757343][ T40] usb 2-1: SerialNumber: syz [ 512.808004][ T40] usb 2-1: config 0 descriptor?? [ 512.848794][ T8188] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 512.875750][ T8188] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 513.212784][ T8188] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 513.291002][ T8188] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 513.568656][ T40] asix 2-1:0.34 (unnamed net_device) (uninitialized): invalid hw address, using random [ 513.603773][ T8201] loop0: detected capacity change from 0 to 2048 [ 513.758451][ T40] asix 2-1:0.34 (unnamed net_device) (uninitialized): invalid PHY address: 38 [ 513.782659][ T8201] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 513.806710][ T8201] ext4 filesystem being mounted at /184/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 514.029045][ T40] usb 2-1: USB disconnect, device number 7 [ 514.607014][ T5593] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.492085][ T8234] loop3: detected capacity change from 0 to 128 [ 516.675421][ T29] audit: type=1800 audit(1781187774.291:75): pid=8234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.887" name="bus" dev="loop3" ino=1048658 res=0 errno=0 [ 517.874653][ T29] audit: type=1400 audit(1781187775.491:76): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=262620801B pid=8245 comm="syz.1.893" [ 519.109444][ T8256] loop2: detected capacity change from 0 to 32768 [ 519.132259][ T8256] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.896 (8256) [ 519.166581][ T8256] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 519.179788][ T8256] BTRFS info (device loop2): using xxhash64 checksum algorithm [ 519.346377][ T8256] BTRFS info (device loop2): setting nodatasum [ 519.352866][ T8256] BTRFS info (device loop2): allowing degraded mounts [ 519.360112][ T8256] BTRFS info (device loop2): turning on async discard [ 519.367380][ T8256] BTRFS info (device loop2): enabling free space tree [ 519.374616][ T8256] BTRFS info (device loop2): force zlib compression, level 3 [ 519.526896][ T8256] BTRFS info (device loop2): balance: start [ 519.533857][ T8256] BTRFS info (device loop2): balance: ended with status: 0 [ 519.959957][ T8278] loop4: detected capacity change from 0 to 16 [ 520.060929][ T5585] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 520.096488][ T8278] erofs (device loop4): mounted with root inode @ nid 36. [ 520.551074][ T8283] netlink: 60 bytes leftover after parsing attributes in process `syz.0.902'. [ 520.812029][ T8285] comedi comedi3: 8255: I/O base address not correctly aligned [ 523.384746][ T8313] can0: slcan on ttyS3. [ 523.656099][ T8313] can0 (unregistered): slcan off ttyS3. [ 525.823080][ T8325] loop1: detected capacity change from 0 to 32768 [ 525.900334][ T8325] btrfs: Deprecated parameter 'usebackuproot' [ 525.907297][ T8325] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 525.920332][ T8325] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.921 (8325) [ 525.964731][ T8325] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 525.975395][ T8325] BTRFS info (device loop1): using crc32c checksum algorithm [ 525.983205][ T8325] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 526.169944][ T1044] BTRFS warning (device loop1): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb0e5ffa5 level 0 [ 526.301010][ T8325] BTRFS warning (device loop1): couldn't read tree root [ 526.310318][ T8325] BTRFS warning (device loop1): try to load backup roots slot 1 [ 526.323994][ T55] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x32d10ca2 level 0 [ 526.362801][ T6106] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 526.443271][ T8325] BTRFS warning (device loop1): couldn't read tree root [ 526.457436][ T8325] BTRFS warning (device loop1): try to load backup roots slot 2 [ 526.488748][ T5708] BTRFS warning (device loop1): checksum verify failed on logical 5255168 mirror 1 wanted 0x9df47653 found 0x6344b7f5 level 1 [ 526.567961][ T8325] BTRFS warning (device loop1): couldn't read tree root [ 526.575815][ T8325] BTRFS warning (device loop1): try to load backup roots slot 3 [ 526.586739][ T6106] usb 5-1: Using ep0 maxpacket: 16 [ 526.623999][ T8325] BTRFS info (device loop1): enabling ssd optimizations [ 526.635696][ T8325] BTRFS info (device loop1): turning off barriers [ 526.642354][ T8325] BTRFS info (device loop1): turning on sync discard [ 526.649625][ T8325] BTRFS info (device loop1): enabling disk space caching [ 526.657017][ T8325] BTRFS info (device loop1): force clearing of disk cache [ 526.671794][ T8325] BTRFS info (device loop1): enabling auto defrag [ 526.678606][ T8325] BTRFS info (device loop1): trying to use backup root at mount time [ 526.687168][ T8325] BTRFS info (device loop1): max_inline set to 0 [ 526.728423][ T6106] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40 [ 526.747581][ T8348] ALSA: mixer_oss: invalid OSS volume '' [ 526.750545][ T6106] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 526.800133][ T8348] ALSA: mixer_oss: invalid OSS volume '' [ 526.818399][ T6106] usb 5-1: Product: syz [ 526.829720][ T8348] ALSA: mixer_oss: invalid OSS volume '' [ 526.841084][ T6106] usb 5-1: Manufacturer: syz [ 526.857850][ T6106] usb 5-1: SerialNumber: syz [ 526.885109][ T8348] ALSA: mixer_oss: invalid OSS volume '' [ 526.907117][ T8348] ALSA: mixer_oss: invalid OSS volume '' [ 527.011264][ T8348] ALSA: mixer_oss: invalid OSS volume '”' [ 527.425005][ T6106] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -71 [ 527.436326][ T6276] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 527.636423][ T6106] usb 5-1: USB disconnect, device number 6 [ 528.843318][ T8365] loop3: detected capacity change from 0 to 256 [ 529.093814][ T8365] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 529.306359][ T8368] loop4: detected capacity change from 0 to 2048 [ 529.348760][ T8365] exFAT-fs (loop3): start_clu is invalid cluster(0xffffffff) [ 529.439923][ T8368] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 530.156714][ T8375] loop0: detected capacity change from 0 to 1024 [ 530.229498][ T8375] EXT4-fs (loop0): bad geometry: first data block is 0 with a 1k block and cluster size [ 531.725297][ T8388] loop3: detected capacity change from 0 to 1024 [ 533.210832][ T8397] loop4: detected capacity change from 0 to 512 [ 533.387711][ T8397] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 534.218508][ T8406] loop3: detected capacity change from 0 to 256 [ 534.441958][ T5580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 535.228577][ T8417] netlink: 16 bytes leftover after parsing attributes in process `syz.4.950'. [ 535.336085][ T8418] loop2: detected capacity change from 0 to 256 [ 535.451699][ T8418] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 535.627867][ T29] audit: type=1800 audit(1781187793.251:77): pid=8418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.951" name="file1" dev="loop2" ino=1048663 res=0 errno=0 [ 535.756249][ T29] audit: type=1800 audit(1781187793.281:78): pid=8418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.951" name="file1" dev="loop2" ino=1048663 res=0 errno=0 [ 535.761223][ T8424] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008) [ 535.898486][ T8424] FAT-fs (loop2): Filesystem has been set read-only [ 535.970854][ T8424] FAT-fs (loop2): error, corrupted file size (i_pos 196, 16779008) [ 537.376103][ T8431] loop0: detected capacity change from 0 to 2048 [ 537.587592][ T8431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 537.608815][ T8431] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 538.311037][ T5593] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 538.477558][ T8448] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 538.484354][ T8448] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 538.535780][ T8448] vhci_hcd vhci_hcd.0: Device attached [ 538.661621][ T8452] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 538.668426][ T8452] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 538.780842][ T8452] vhci_hcd vhci_hcd.0: Device attached [ 538.835222][ T6106] usb 35-1: new low-speed USB device number 2 using vhci_hcd [ 538.892772][ T8448] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(8) [ 538.899571][ T8448] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 539.023126][ T8448] vhci_hcd vhci_hcd.0: Device attached [ 539.080026][ T8452] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(7) [ 539.086830][ T8452] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 539.147318][ T8452] vhci_hcd vhci_hcd.0: Device attached [ 539.175566][ T8458] vhci_hcd: connection closed [ 539.179745][ T8454] vhci_hcd: connection closed [ 539.191711][ T8449] vhci_hcd: connection reset by peer [ 539.206708][ T1044] vhci_hcd vhci_hcd.1: stop threads [ 539.229750][ T1044] vhci_hcd vhci_hcd.1: release socket [ 539.242859][ T1044] vhci_hcd vhci_hcd.1: disconnect device [ 539.288333][ T8463] vhci_hcd: connection closed [ 539.292769][ T1044] vhci_hcd vhci_hcd.1: stop threads [ 539.332393][ T1044] vhci_hcd vhci_hcd.1: release socket [ 539.400656][ T1044] vhci_hcd vhci_hcd.1: disconnect device [ 539.461098][ T1044] vhci_hcd vhci_hcd.1: stop threads [ 539.523179][ T1044] vhci_hcd vhci_hcd.1: release socket [ 539.582645][ T1044] vhci_hcd vhci_hcd.1: disconnect device [ 539.622184][ T1044] vhci_hcd vhci_hcd.1: stop threads [ 539.650325][ T1044] vhci_hcd vhci_hcd.1: release socket [ 539.695298][ T1044] vhci_hcd vhci_hcd.1: disconnect device [ 540.616105][ T8478] smbdirect: ib_dev[syz(]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 540.679162][ T8478] smbdirect: ib_dev[syz(]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 540.866085][ T8478] smbdirect: ib_dev[syz(]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 541.097427][ T8486] loop0: detected capacity change from 0 to 256 [ 541.398073][ T8478] infiniband syz(: RDMA CMA: cma_listen_on_dev, error -98 [ 541.426859][ T6107] kernel write not supported for file /input/event2 (pid: 6107 comm: kworker/0:9) [ 542.114885][ T8481] loop4: detected capacity change from 0 to 4096 [ 542.133005][ T8493] loop3: detected capacity change from 0 to 2048 [ 542.220364][ T8481] ntfs3(loop4): Failed to load $MFT (-22). [ 542.269360][ T8493] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 542.309332][ T8493] ext4 filesystem being mounted at /224/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 543.188417][ T5591] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 544.055656][ T6106] vhci_hcd vhci_hcd.1: vhci_device speed not set [ 544.192255][ T8512] nr0: tun_chr_ioctl cmd 1074025677 [ 544.253010][ T8512] nr0: linktype set to 270 [ 544.334016][ T8519] loop2: detected capacity change from 0 to 1024 [ 544.560550][ T8519] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 544.636300][ T8519] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 544.879955][ T8524] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 544.883628][ T8519] EXT4-fs error (device loop2): ext4_map_blocks:833: inode #15: block 3: comm syz.2.986: lblock 3 mapped to illegal pblock 3 (length 3) [ 545.000325][ T8519] EXT4-fs (loop2): Remounting filesystem read-only [ 545.017936][ T8524] EXT4-fs (loop2): Remounting filesystem read-only [ 545.542805][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 546.074120][ T8540] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1003'. [ 546.127859][ T8540] ip6gretap0: entered promiscuous mode [ 546.160387][ T8540] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1003'. [ 546.180173][ T8542] loop3: detected capacity change from 0 to 8 [ 546.480323][ T8543] loop4: detected capacity change from 0 to 2048 [ 546.782248][ T8543] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 546.815114][ T8543] ext4 filesystem being mounted at /213/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 547.603626][ T8554] dvmrp1: entered allmulticast mode [ 547.615944][ T5580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 547.668898][ T8556] dvmrp1: left allmulticast mode [ 550.068319][ T8576] tap0: tun_chr_ioctl cmd 1074025677 [ 550.185690][ T29] audit: type=1326 audit(1781187807.791:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.3.999" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe1df9ce59 code=0x7ffc0000 [ 550.223597][ T8576] tap0: linktype set to 804 [ 550.356548][ T8569] loop2: detected capacity change from 0 to 40427 [ 550.377150][ T8569] F2FS-fs (loop2): build fault injection rate: 771 [ 550.394528][ T8569] F2FS-fs (loop2): invalid crc value [ 550.443386][ T29] audit: type=1326 audit(1781187807.801:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8555 comm="syz.3.999" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe1df9ce59 code=0x7ffc0000 [ 550.839773][ T8569] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 550.875734][ T8569] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 551.488790][ T5585] syz-executor: attempt to access beyond end of device [ 551.488790][ T5585] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 551.496485][ T8588] loop4: detected capacity change from 0 to 128 [ 551.580580][ T5585] CPU: 1 UID: 0 PID: 5585 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(lazy) [ 551.580789][ T5585] Tainted: [L]=SOFTLOCKUP [ 551.580856][ T5585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 551.580966][ T5585] Call Trace: [ 551.581029][ T5585] [ 551.581086][ T5585] __dump_stack+0x26/0x30 [ 551.581345][ T5585] dump_stack_lvl+0x14c/0x1c0 [ 551.581523][ T5585] dump_stack+0x1e/0x25 [ 551.581693][ T5585] f2fs_stop_checkpoint+0xac3/0xc70 [ 551.581962][ T5585] f2fs_write_end_io+0x1207/0x2200 [ 551.582336][ T5585] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 551.582550][ T5585] bio_endio+0xfcc/0x1120 [ 551.582839][ T5585] submit_bio_noacct+0x533/0x2920 [ 551.583148][ T5585] submit_bio+0x57a/0x620 [ 551.583372][ T5585] f2fs_submit_write_bio+0x115/0x310 [ 551.583636][ T5585] __submit_merged_bio+0x16b/0x700 [ 551.583866][ T5585] ? kmsan_get_metadata+0xf1/0x160 [ 551.584174][ T5585] __submit_merged_write_cond+0x4ba/0xae0 [ 551.584446][ T5585] f2fs_write_data_pages+0x4f4d/0x5c60 [ 551.584801][ T5585] ? __put_seccomp_filter+0x150/0x1d0 [ 551.585014][ T5585] ? kmsan_get_metadata+0xf1/0x160 [ 551.585226][ T5585] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 551.585458][ T5585] ? folios_put_refs+0x31/0xb10 [ 551.585716][ T5585] ? filter_irq_stacks+0x49/0x190 [ 551.585947][ T5585] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 551.586170][ T5585] ? kmsan_get_metadata+0xf1/0x160 [ 551.586379][ T5585] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 551.586551][ T5585] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 551.586732][ T5585] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 551.586912][ T5585] do_writepages+0x3f2/0x860 [ 551.587096][ T5585] ? _raw_spin_unlock+0x30/0x50 [ 551.587344][ T5585] ? wbc_attach_and_unlock_inode+0x131/0x660 [ 551.587606][ T5585] filemap_fdatawrite+0x207/0x260 [ 551.587905][ T5585] f2fs_sync_dirty_inodes+0x2ad/0xa30 [ 551.588149][ T5585] f2fs_write_checkpoint+0x10e1/0x3c50 [ 551.588532][ T5585] kill_f2fs_super+0x320/0x990 [ 551.588774][ T5585] ? __pfx_kill_f2fs_super+0x10/0x10 [ 551.588973][ T5585] deactivate_locked_super+0xcb/0x3c0 [ 551.589244][ T5585] deactivate_super+0x12f/0x140 [ 551.589417][ T5585] cleanup_mnt+0x7eb/0x870 [ 551.589650][ T5585] ? __pfx___cleanup_mnt+0x10/0x10 [ 551.589836][ T5585] __cleanup_mnt+0x22/0x30 [ 551.590012][ T5585] task_work_run+0x208/0x2b0 [ 551.590209][ T5585] exit_to_user_mode_loop+0x505/0x2420 [ 551.590425][ T5585] ? user_path_at+0x1fc/0x330 [ 551.590643][ T5585] ? __x64_sys_umount+0x1dc/0x250 [ 551.590877][ T5585] do_syscall_64+0x261/0x3c0 [ 551.591050][ T5585] ? clear_bhb_loop+0x50/0xa0 [ 551.591244][ T5585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.591419][ T5585] RIP: 0033:0x7fc1d2f9e097 [ 551.591547][ T5585] Code: a2 c7 05 5c 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 [ 551.591688][ T5585] RSP: 002b:00007ffcb25be2e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 551.591857][ T5585] RAX: 0000000000000000 RBX: 00007fc1d30321ca RCX: 00007fc1d2f9e097 [ 551.591970][ T5585] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb25be3a0 [ 551.592071][ T5585] RBP: 00007ffcb25be3a0 R08: 00007ffcb25bf3a0 R09: 00000000ffffffff [ 551.592191][ T5585] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcb25bf430 [ 551.592296][ T5585] R13: 00007fc1d30321ca R14: 0000000000086853 R15: 00007ffcb25bf470 [ 551.592501][ T5585] [ 552.022860][ T5585] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 556.639443][ T8618] loop4: detected capacity change from 0 to 128 [ 556.775391][ T8618] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 556.895630][ T8618] ext4 filesystem being mounted at /223/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 557.439576][ T5580] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 558.900808][ T8641] loop1: detected capacity change from 0 to 256 [ 558.913055][ T8640] loop3: detected capacity change from 0 to 512 [ 559.026360][ T8640] EXT4-fs (loop3): 1 truncate cleaned up [ 559.102420][ T8640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 559.485458][ T29] audit: type=1800 audit(1781187817.101:81): pid=8640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1034" name="file1" dev="loop3" ino=13 res=0 errno=0 [ 560.002422][ T5591] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 560.285535][ T8650] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1038'. [ 560.323474][ T8650] netlink: 3 bytes leftover after parsing attributes in process `syz.1.1038'. [ 560.462721][ T8648] loop2: detected capacity change from 0 to 4096 [ 560.543682][ T8648] ntfs3(loop2): ino=3, mi_enum_attr [ 560.604899][ T8653] loop3: detected capacity change from 0 to 512 [ 560.848187][ T8653] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 562.046142][ T8660] loop4: detected capacity change from 0 to 1024 [ 562.398345][ T8659] loop1: detected capacity change from 0 to 4096 [ 563.176031][ T5591] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 563.217556][ T8664] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1044'. [ 563.310266][ T8665] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1044'. [ 563.696297][ T8670] loop2: detected capacity change from 0 to 512 [ 563.882382][ T8670] fscrypt (loop2, inode 2): Error -61 getting encryption context [ 563.927915][ T8670] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -61 [ 563.953118][ T8670] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #13: comm syz.2.1047: iget: bad i_size value: 12154757448730 [ 563.970098][ T8670] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 563.974420][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 563.990845][ C0] EXT4-fs (loop2): initial error at time 1781187821: ext4_orphan_get:1397: inode 13 [ 564.000824][ C0] EXT4-fs (loop2): last error at time 1781187821: ext4_orphan_get:1397: inode 13 [ 564.003961][ T8670] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1047: couldn't read orphan inode 13 (err -117) [ 564.095169][ T8670] loop2: lost filesystem error report for type 5 error -117 [ 564.122239][ T8670] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 564.587708][ T8670] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 565.185361][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 565.708596][ T8696] loop3: detected capacity change from 0 to 512 [ 565.722658][ T8696] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 565.727590][ T8693] loop0: detected capacity change from 0 to 256 [ 565.757134][ T8696] EXT4-fs (loop3): 1 truncate cleaned up [ 565.797989][ T8696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 565.879171][ T8693] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 566.626954][ T8705] bpf: Bad value for 'uid' [ 566.863233][ T5579] Bluetooth: hci4: ACL packet for unknown connection handle 201 [ 566.917939][ T8709] loop4: detected capacity change from 0 to 512 [ 567.059470][ T8709] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 567.113944][ T8709] ext4 filesystem being mounted at /232/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 567.256476][ T7784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 567.779425][ T8718] loop0: detected capacity change from 0 to 512 [ 567.859400][ T5580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.025840][ T6107] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 568.029113][ T8718] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 568.051143][ T8718] ext4 filesystem being mounted at /225/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 568.066736][ T14] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 568.361011][ T6107] usb 3-1: Using ep0 maxpacket: 32 [ 568.415933][ T6107] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 568.475071][ T6107] usb 3-1: config 0 has no interface number 0 [ 568.503010][ T14] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 568.567132][ T6107] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 568.603255][ T6107] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 568.665399][ T6107] usb 3-1: Product: syz [ 568.692041][ T6107] usb 3-1: Manufacturer: syz [ 568.719715][ T6107] usb 3-1: SerialNumber: syz [ 568.825217][ T6107] usb 3-1: config 0 descriptor?? [ 568.889126][ T5593] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 568.925426][ T6107] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 569.040909][ T14] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.177574][ T6107] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 569.310490][ T6107] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 569.350130][ T14] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 569.591224][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 569.592934][ T807] usb 3-1: USB disconnect, device number 13 [ 569.667109][ T807] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 569.769340][ T807] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 569.836524][ T807] quatech2 3-1:0.51: device disconnected [ 570.279787][ T14] bond2: left allmulticast mode [ 570.330804][ T14] bond2: left promiscuous mode [ 570.341092][ T14] bridge0: port 3(bond2) entered disabled state [ 570.380083][ T14] bridge_slave_1: left allmulticast mode [ 570.407260][ T14] bridge_slave_1: left promiscuous mode [ 570.431523][ T14] bridge0: port 2(bridge_slave_1) entered disabled state [ 570.467303][ T14] bridge_slave_0: left allmulticast mode [ 570.481293][ T14] bridge_slave_0: left promiscuous mode [ 570.509877][ T14] bridge0: port 1(bridge_slave_0) entered disabled state [ 571.391139][ T8733] loop1: detected capacity change from 0 to 512 [ 571.449777][ T8733] EXT4-fs: Ignoring removed oldalloc option [ 571.502980][ T8733] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8840c01c, mo2=0002] [ 571.551396][ T8733] EXT4-fs (loop1): orphan cleanup on readonly fs [ 571.583463][ T8733] EXT4-fs warning (device loop1): ext4_enable_quotas:7269: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix. [ 571.629230][ T8733] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 571.657869][ T8733] EXT4-fs error (device loop1): ext4_ext_check_inode:521: inode #13: comm syz.1.1072: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 571.766929][ T8733] loop1: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 571.772669][ T8733] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.1072: couldn't read orphan inode 13 (err -117) [ 571.782424][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 571.782664][ C0] EXT4-fs (loop1): last error at time 1781187829: ext4_ext_check_inode:521: inode 13 [ 571.947964][ T8733] loop1: lost filesystem error report for type 5 error -117 [ 571.963196][ T8733] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 572.083470][ T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 572.158942][ T8733] EXT4-fs (loop1): shut down requested (1) [ 572.255786][ T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 572.362289][ T14] bond0 (unregistering): (slave bond1): Releasing backup interface [ 572.416882][ T14] bond0 (unregistering): Released all slaves [ 572.490901][ T14] bond1 (unregistering): Released all slaves [ 572.523876][ T8740] loop4: detected capacity change from 0 to 512 [ 572.574929][ T8740] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 572.687066][ T8740] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz.4.1076: bad orphan inode 131083 [ 572.720282][ T6276] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.729989][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 572.741028][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 572.794025][ T8740] loop4: lost filesystem error report for type 5 error -117 [ 572.804290][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 572.818568][ C1] EXT4-fs (loop4): initial error at time 1781187830: ext4_orphan_get:1423 [ 572.827535][ C1] EXT4-fs (loop4): last error at time 1781187830: ext4_orphan_get:1423 [ 572.844022][ T5583] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 572.850183][ T8740] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 572.873730][ T14] bond2 (unregistering): Released all slaves [ 572.887362][ T5583] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 572.899027][ T5583] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 572.921420][ T5583] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 572.942982][ T5583] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 573.423303][ T8750] loop0: detected capacity change from 0 to 64 [ 573.715737][ T5580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.794913][ T5679] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 574.029083][ T5679] usb 2-1: Using ep0 maxpacket: 8 [ 574.056877][ T5679] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30 [ 574.123795][ T5679] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 574.192618][ T5679] usb 2-1: New USB device found, idVendor=056a, idProduct=037b, bcdDevice= 0.00 [ 574.244759][ T5679] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 574.354009][ T5708] smbdirect: ib_dev[syz0] removed [ 574.434959][ T5679] usb 2-1: config 0 descriptor?? [ 574.449873][ T6106] wlan0 speed is unknown, defaulting to 1000 [ 574.497203][ T6106] syz0: Port: 1 Link DOWN [ 574.960850][ T14] hsr_slave_0: left promiscuous mode [ 575.015267][ T5579] Bluetooth: hci3: command tx timeout [ 575.032178][ T14] hsr_slave_1: left promiscuous mode [ 575.080789][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 575.150649][ T14] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 575.211344][ T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 575.255305][ T14] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 575.275814][ T5679] usb 2-1: USB disconnect, device number 8 [ 575.451929][ T14] veth1_macvtap: left promiscuous mode [ 575.480348][ T14] veth0_macvtap: left promiscuous mode [ 575.523840][ T14] veth1_vlan: left promiscuous mode [ 575.573528][ T14] veth0_vlan: left promiscuous mode [ 576.849388][ T8780] loop2: detected capacity change from 0 to 512 [ 577.094752][ T5579] Bluetooth: hci3: command tx timeout [ 578.088405][ T8793] mmap: syz.0.1090 (8793) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 579.126444][ T14] team0 (unregistering): Port device team_slave_1 removed [ 579.178453][ T5579] Bluetooth: hci3: command tx timeout [ 579.346890][ T14] team0 (unregistering): Port device team_slave_0 removed [ 579.827557][ T6106] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 579.997558][ T6106] usb 3-1: Using ep0 maxpacket: 32 [ 580.021945][ T6106] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 580.063353][ T6106] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.160653][ T6106] usb 3-1: config 0 descriptor?? [ 580.474963][ T6106] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 580.514024][ T5233] 8021q: adding VLAN 0 to HW filter on device eth1 [ 580.571668][ T6106] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 580.655329][ T6106] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 580.662835][ T6106] usb 3-1: media controller created [ 581.072191][ T8816] input: syz0 as /devices/virtual/input/input15 [ 581.112916][ T6106] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 581.255088][ T5579] Bluetooth: hci3: command tx timeout [ 581.687652][ T6106] az6027: usb out operation failed. (-71) [ 581.723184][ T6106] az6027: usb out operation failed. (-71) [ 581.786737][ T6106] stb0899_attach: Driver disabled by Kconfig [ 581.839414][ T6106] az6027: no front-end attached [ 581.839414][ T6106] [ 581.872064][ T6106] az6027: usb out operation failed. (-71) [ 581.908874][ T6106] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 581.979898][ T6106] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input16 [ 582.042912][ T6106] dvb-usb: schedule remote query interval to 400 msecs. [ 582.098328][ T6106] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 582.203210][ T6106] usb 3-1: USB disconnect, device number 14 [ 582.306209][ T8817] loop0: detected capacity change from 0 to 4096 [ 582.503015][ T8825] loop2: detected capacity change from 0 to 1024 [ 582.742818][ T8825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 582.792584][ T8817] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 582.867564][ T8825] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 583.012631][ T8825] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1100: bg 0: block 112: padding at end of block bitmap is not set [ 583.115640][ T8825] EXT4-fs (loop2): Remounting filesystem read-only [ 583.126928][ T6106] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 583.133246][ T8817] ntfs3(loop0): Failed to load $Extend (-22). [ 583.204858][ T8817] ntfs3(loop0): Failed to initialize $Extend. [ 583.719293][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 585.382767][ T8857] loop1: detected capacity change from 0 to 128 [ 585.510399][ T8857] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 585.596638][ T8857] ext4 filesystem being mounted at /167/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 586.991029][ T8864] loop4: detected capacity change from 0 to 40427 [ 587.024441][ T8864] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 587.032453][ T8864] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 587.094818][ T8864] F2FS-fs (loop4): invalid crc value [ 587.150875][ T6276] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 587.541058][ T8864] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 587.580730][ T8864] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 587.588192][ T8864] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 588.074951][ T8880] loop7: detected capacity change from 0 to 7 [ 588.209869][ T8881] Invalid logical block size (229) [ 588.228894][ C0] blk_print_req_error: 24 callbacks suppressed [ 588.228985][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.245126][ C0] buffer_io_error: 40 callbacks suppressed [ 588.245212][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.261366][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.271103][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.291243][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.300820][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.322655][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.332300][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.352558][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.362347][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.387016][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.396788][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.418564][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.428249][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.436913][ T8880] ldm_validate_partition_table(): Disk read failed. [ 588.468620][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.478453][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.503065][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.512870][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.522951][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 588.532724][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 588.560250][ T8880] Dev loop7: unable to read RDB block 0 [ 588.627000][ T8880] loop7: unable to read partition table [ 588.669954][ T8880] loop7: partition table beyond EOD, truncated [ 588.743752][ T8880] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü¾CêjÌ–ã¢P=ý?ã}X‹ºÐ œëÜ%õ֘ȵ4FLQkÝŠ5) failed (rc=-5) [ 588.824900][ T6106] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 589.015124][ T6106] usb 3-1: Using ep0 maxpacket: 16 [ 589.071516][ T6106] usb 3-1: config 0 interface 0 altsetting 253 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 589.186035][ T6106] usb 3-1: config 0 interface 0 has no altsetting 0 [ 589.208504][ T6106] usb 3-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00 [ 589.274758][ T6106] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 589.389901][ T6106] usb 3-1: config 0 descriptor?? [ 589.460087][ T5233] 8021q: adding VLAN 0 to HW filter on device eth2 [ 589.507335][ T8742] bridge0: port 1(bridge_slave_0) entered blocking state [ 589.556744][ T8742] bridge0: port 1(bridge_slave_0) entered disabled state [ 589.585707][ T8742] bridge_slave_0: entered allmulticast mode [ 589.674144][ T8742] bridge_slave_0: entered promiscuous mode [ 589.766947][ T8891] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1118'. [ 589.813678][ T8742] bridge0: port 2(bridge_slave_1) entered blocking state [ 589.849974][ T8742] bridge0: port 2(bridge_slave_1) entered disabled state [ 589.872130][ T8742] bridge_slave_1: entered allmulticast mode [ 589.905964][ T8742] bridge_slave_1: entered promiscuous mode [ 590.072555][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.116080][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.158633][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.181188][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.203079][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.239086][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.270679][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.291245][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.320610][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.347571][ T6106] uclogic 0003:5543:0003.0008: unknown main item tag 0x0 [ 590.429667][ T8742] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 590.450291][ T6106] uclogic 0003:5543:0003.0008: hidraw0: USB HID vff.ff Device [HID 5543:0003] on usb-dummy_hcd.2-1/input0 [ 590.549005][ T8742] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 590.582598][ T6106] usb 3-1: USB disconnect, device number 15 [ 591.312590][ T8742] team0: Port device team_slave_0 added [ 591.415575][ T8742] team0: Port device team_slave_1 added [ 592.041021][ T8897] fido_id[8897]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 592.058710][ T8742] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 592.098852][ T8742] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 592.184730][ T8742] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 592.283188][ T8742] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 592.329023][ T8742] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 592.437848][ T8742] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 592.864748][ T8912] loop1: detected capacity change from 0 to 1024 [ 592.946896][ T8912] EXT4-fs (loop1): stripe (4) is not aligned with cluster size (4096), stripe is disabled [ 593.173780][ T8912] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 2: comm syz.1.1125: lblock 2 mapped to illegal pblock 2 (length 1) [ 593.244946][ T8912] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 593.250497][ T8912] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 593.260327][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 593.260519][ C0] EXT4-fs (loop1): initial error at time 1781187850: ext4_map_blocks:791: inode 3: block 2 [ 593.260750][ C0] EXT4-fs (loop1): last error at time 1781187850: ext4_map_blocks:791: inode 3: block 2 [ 593.404155][ T8912] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 48: comm syz.1.1125: lblock 0 mapped to illegal pblock 48 (length 1) [ 593.440554][ T8742] hsr_slave_0: entered promiscuous mode [ 593.486678][ T8742] hsr_slave_1: entered promiscuous mode [ 593.498511][ T8912] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 593.499519][ T8912] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 593.528516][ T8742] debugfs: 'hsr0' already exists in 'hsr' [ 593.583410][ T8742] Cannot create hsr debugfs directory [ 593.594610][ T8912] EXT4-fs error (device loop1): ext4_acquire_dquot:7034: comm syz.1.1125: Failed to acquire dquot type 0 [ 593.655490][ T8912] loop1: lost filesystem error report for type 5 error -117 [ 593.661538][ T8912] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 593.754536][ T8912] loop1: lost filesystem error report for type 5 error -117 [ 593.757727][ T8912] EXT4-fs error (device loop1): ext4_evict_inode:267: inode #11: comm syz.1.1125: mark_inode_dirty error [ 593.830607][ T8912] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 593.831637][ T8912] EXT4-fs warning (device loop1): ext4_evict_inode:270: couldn't mark inode dirty (err -117) [ 593.919681][ T8912] EXT4-fs (loop1): 1 orphan inode deleted [ 593.953571][ T94] EXT4-fs error (device loop1): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1) [ 593.957228][ T8912] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 594.049724][ T94] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 594.055790][ T94] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 594.142279][ T94] EXT4-fs error (device loop1): ext4_release_dquot:7070: comm kworker/u8:5: Failed to release dquot type 0 [ 594.684082][ T6276] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.731842][ T6276] EXT4-fs error (device loop1): __ext4_get_inode_loc:4885: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 594.806680][ T6276] loop1: lost filesystem error report for type 5 error -117 [ 594.811481][ T6276] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6383: Corrupt filesystem [ 594.839376][ T6276] loop1: lost filesystem error report for type 5 error -117 [ 594.840313][ T6276] EXT4-fs error (device loop1): ext4_quota_off:7318: inode #3: comm syz-executor: mark_inode_dirty error [ 594.947763][ T6276] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 596.656821][ T8742] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 596.835986][ T8742] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 596.883317][ T8742] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 596.972379][ T8956] loop0: detected capacity change from 0 to 256 [ 597.019226][ T8956] exfat: Deprecated parameter 'namecase' [ 597.047342][ T8742] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 597.111419][ T8742] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 597.221772][ T8956] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 597.270996][ T8742] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 597.376961][ T8742] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 597.572703][ T8742] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 597.717886][ T5233] 8021q: adding VLAN 0 to HW filter on device eth3 [ 598.797507][ T8969] netem: change failed [ 599.680968][ T8742] 8021q: adding VLAN 0 to HW filter on device bond0 [ 600.040896][ T8742] 8021q: adding VLAN 0 to HW filter on device team0 [ 600.256916][ T1135] bridge0: port 1(bridge_slave_0) entered blocking state [ 600.264681][ T1135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 600.540166][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 600.548076][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 601.186321][ T8987] loop4: detected capacity change from 0 to 2048 [ 601.398675][ T8987] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 601.480872][ T8987] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 602.362061][ T5580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 602.502803][ T9006] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1155'. [ 603.814860][ T9014] loop2: detected capacity change from 0 to 128 [ 603.886368][ T9009] loop1: detected capacity change from 0 to 32768 [ 603.956190][ T9009] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 603.994703][ T9009] JBD2: Ignoring recovery information on journal [ 604.161928][ T9009] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 604.244872][ T9009] ocfs2: Unmounting device (7,1) on (node local) [ 606.336424][ T9035] loop9: detected capacity change from 0 to 7 [ 606.382411][ C1] blk_print_req_error: 10 callbacks suppressed [ 606.382504][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.398723][ C1] buffer_io_error: 10 callbacks suppressed [ 606.398809][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.463405][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.473072][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.510097][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.519940][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.530986][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.540549][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.558321][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.567985][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.579041][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.588890][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.599805][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.609405][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.630081][ T9035] ldm_validate_partition_table(): Disk read failed. [ 606.685173][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.694885][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.709051][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.718661][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.732317][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 606.741943][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 606.769001][ T9035] Dev loop9: unable to read RDB block 0 [ 606.813446][ T9035] loop9: unable to read partition table [ 606.858098][ T9035] loop9: partition table beyond EOD, truncated [ 606.904467][ T9035] loop_reread_partitions: partition scan of loop9 (úù) failed (rc=-5) [ 608.260483][ T5233] 8021q: adding VLAN 0 to HW filter on device eth4 [ 608.776879][ T9062] overlayfs: conflicting lowerdir path [ 610.264592][ T8742] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 611.438031][ T9084] loop0: detected capacity change from 0 to 128 [ 611.541265][ T9084] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 611.651011][ T9084] hpfs: filesystem error: improperly stopped [ 611.718955][ T9084] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 611.804856][ T9084] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 611.891946][ T9084] hpfs: You really don't want any checks? You are crazy... [ 611.971026][ T9084] hpfs: hpfs_map_sector(): read error [ 612.012582][ T9084] hpfs: code page support is disabled [ 612.057987][ T9084] hpfs: hpfs_map_4sectors(): unaligned read [ 612.138472][ T9084] hpfs: hpfs_map_4sectors(): unaligned read [ 612.183615][ T9084] hpfs: filesystem error: unable to find root dir [ 613.033694][ T9089] loop4: detected capacity change from 0 to 4096 [ 613.114848][ T9089] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 613.606276][ T9101] loop2: detected capacity change from 0 to 1024 [ 615.202844][ T9115] netlink: 1304 bytes leftover after parsing attributes in process `syz.1.1187'. [ 615.336967][ T9118] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1188'. [ 615.357685][ T8742] veth0_vlan: entered promiscuous mode [ 615.558074][ T8742] veth1_vlan: entered promiscuous mode [ 615.623265][ T9117] loop2: detected capacity change from 0 to 2048 [ 615.844102][ T9124] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 616.227872][ T8742] veth0_macvtap: entered promiscuous mode [ 616.429112][ T8742] veth1_macvtap: entered promiscuous mode [ 616.883107][ T8742] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 617.079160][ T8742] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 617.384114][ T9136] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1195'. [ 617.440845][ T94] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 617.477995][ T94] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 617.629245][ T94] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 617.678831][ T94] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 618.339103][ T9144] netlink: 27 bytes leftover after parsing attributes in process `syz.2.1197'. [ 620.426659][ T9167] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1204'. [ 620.525299][ T9167] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.1204'. [ 620.821300][ T9172] loop0: detected capacity change from 0 to 256 [ 623.978079][ T5679] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 624.119284][ T9202] loop0: detected capacity change from 0 to 32768 [ 624.133864][ T9202] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1215 (9202) [ 624.242227][ T9202] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 624.256550][ T9202] BTRFS info (device loop0): using sha256 checksum algorithm [ 624.265952][ T9202] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 624.292481][ T5679] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30 [ 624.444831][ T5679] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 624.478425][ T9218] pim6reg: tun_chr_ioctl cmd 1074025676 [ 624.485334][ T9218] pim6reg: owner set to 769 [ 624.570174][ T5679] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 624.570395][ T9202] BTRFS info (device loop0): rebuilding free space tree [ 624.630865][ T9202] BTRFS info (device loop0): disabling free space tree [ 624.632207][ T5679] usb 2-1: New USB device found, idVendor=5543, idProduct=3031, bcdDevice= 0.00 [ 624.638307][ T9202] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 624.658047][ T9202] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 624.703057][ T9202] BTRFS info (device loop0): enabling ssd optimizations [ 624.710657][ T9202] BTRFS info (device loop0): enabling disk space caching [ 624.718256][ T9202] BTRFS info (device loop0): force clearing of disk cache [ 624.725843][ T9202] BTRFS info (device loop0): enabling auto defrag [ 624.732661][ T9202] BTRFS info (device loop0): max_inline set to 0 [ 624.782497][ T5679] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 624.895030][ T5679] usb 2-1: config 0 descriptor?? [ 624.947503][ T9204] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 625.729218][ T5593] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 625.775140][ T5679] usb 2-1: string descriptor 0 read error: -71 [ 625.793378][ T9230] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1219'. [ 625.839620][ T5679] uclogic 0003:5543:3031.0009: failed retrieving string descriptor #200: -71 [ 625.863404][ T9230] netem: unknown loss type 13 [ 625.928016][ T9230] netem: change failed [ 625.932712][ T5679] uclogic 0003:5543:3031.0009: failed retrieving pen parameters: -71 [ 626.025688][ T5679] uclogic 0003:5543:3031.0009: failed probing pen v2 parameters: -71 [ 626.072093][ T5679] uclogic 0003:5543:3031.0009: failed probing parameters: -71 [ 626.148810][ T5679] uclogic 0003:5543:3031.0009: probe with driver uclogic failed with error -71 [ 626.257532][ T5679] usb 2-1: USB disconnect, device number 9 [ 628.547105][ T9254] loop1: detected capacity change from 0 to 2048 [ 628.699992][ T9254] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 628.739678][ T9254] UDF-fs: Scanning with blocksize 512 failed [ 628.872137][ T9260] macvlan2: entered promiscuous mode [ 628.913947][ T9260] bridge0: entered promiscuous mode [ 628.915316][ T9254] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 629.834767][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 629.878230][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 630.482577][ T94] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.540726][ T94] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 634.143303][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 634.156780][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 634.249999][ T9311] loop4: detected capacity change from 0 to 128 [ 634.411494][ T9313] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 634.426207][ T9313] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 634.436536][ T9313] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 634.483425][ T9313] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 634.525109][ T9313] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 636.614612][ T5579] Bluetooth: hci5: command tx timeout [ 636.780504][ T9337] input: syz1 as /devices/virtual/input/input18 [ 638.695049][ T5579] Bluetooth: hci5: command tx timeout [ 638.978741][ T9357] netlink: 'syz.0.1257': attribute type 4 has an invalid length. [ 639.041831][ T9357] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1257'. [ 639.536388][ T34] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.032287][ T9363] 8021q: adding VLAN 0 to HW filter on device bond1 [ 640.236986][ T34] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.358558][ T9366] loop1: detected capacity change from 0 to 2048 [ 640.542541][ T34] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 640.612107][ T9366] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 640.779775][ T5579] Bluetooth: hci5: command tx timeout [ 640.806035][ T9366] EXT4-fs (loop1): shut down requested (2) [ 641.006328][ T34] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 641.329763][ T6276] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 641.782180][ T9373] loop2: detected capacity change from 0 to 4096 [ 641.856352][ T9373] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 642.420247][ T9373] ntfs3(loop2): ino=19, mi_enum_attr [ 642.463174][ T9373] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 642.856438][ T5579] Bluetooth: hci5: command tx timeout [ 642.863766][ T9389] loop0: detected capacity change from 0 to 2048 [ 643.008152][ T34] bridge_slave_1: left allmulticast mode [ 643.041197][ T34] bridge_slave_1: left promiscuous mode [ 643.070797][ T9395] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 643.073252][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 643.231552][ T34] bridge_slave_0: left allmulticast mode [ 643.280481][ T34] bridge_slave_0: left promiscuous mode [ 643.355962][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 644.184907][ T6106] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 644.408458][ T6106] usb 5-1: Using ep0 maxpacket: 8 [ 644.483758][ T6106] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 644.558165][ T6106] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 644.611895][ T6106] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 644.685074][ T6106] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 644.716286][ T6106] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 644.760852][ T6106] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 644.799597][ T6106] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.864721][ T6106] usb 5-1: config 0 descriptor?? [ 645.117610][ T5579] Bluetooth: hci3: urb ffff888050104e40 submission failed (90) [ 645.368810][ T6106] usb 5-1: USB disconnect, device number 7 [ 645.476871][ T9407] loop2: detected capacity change from 0 to 2048 [ 645.689236][ T9407] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 645.808757][ T9405] syz.0.1272 (9405): drop_caches: 2 [ 646.038655][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 646.157627][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 646.277125][ T34] bond0 (unregistering): Released all slaves [ 646.898793][ T9413] block nbd4: shutting down sockets [ 647.082418][ T9420] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 647.162042][ T9420] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 647.552018][ T9423] loop1: detected capacity change from 0 to 128 [ 648.191857][ T34] hsr_slave_0: left promiscuous mode [ 648.258165][ T34] hsr_slave_1: left promiscuous mode [ 648.305914][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 648.392547][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 648.507383][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 648.509621][ T9433] loop2: detected capacity change from 0 to 512 [ 648.566276][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 648.684652][ T9433] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 648.741782][ T6108] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 648.780707][ T34] veth1_macvtap: left promiscuous mode [ 648.815093][ T34] veth0_macvtap: left promiscuous mode [ 648.821792][ T34] veth1_vlan: left promiscuous mode [ 648.840179][ T34] veth0_vlan: left promiscuous mode [ 648.880137][ T9433] EXT4-fs (loop2): 1 orphan inode deleted [ 648.990321][ T9433] EXT4-fs (loop2): 1 truncate cleaned up [ 649.024921][ T6108] usb 1-1: Using ep0 maxpacket: 16 [ 649.037302][ T9433] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 649.162389][ T6108] usb 1-1: unable to get BOS descriptor or descriptor too short [ 649.215827][ T9433] EXT4-fs (loop2): shut down requested (1) [ 649.246187][ T6108] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 649.287507][ T6108] usb 1-1: can't read configurations, error -71 [ 649.846302][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 651.345465][ T9460] loop2: detected capacity change from 0 to 64 [ 651.373966][ T9460] minix: block size(59136) > page size(4096) not supported by filesystem [ 652.192383][ T34] team0 (unregistering): Port device team_slave_1 removed [ 652.229436][ T9464] loop2: detected capacity change from 0 to 512 [ 652.328619][ T34] team0 (unregistering): Port device team_slave_0 removed [ 652.419177][ T9464] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 652.542745][ T9464] ext4 filesystem being mounted at /239/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 652.692053][ T29] audit: type=1800 audit(1781187910.311:82): pid=9464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1290" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 652.813907][ T29] audit: type=1800 audit(1781187910.361:83): pid=9464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1290" name="bus" dev="loop2" ino=18 res=0 errno=0 [ 652.950886][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 654.798919][ T9481] loop1: detected capacity change from 0 to 4096 [ 654.913683][ T9481] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 654.937599][ T9481] UDF-fs: Scanning with blocksize 512 failed [ 655.112872][ T9481] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 656.686664][ T807] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 656.870668][ T807] usb 3-1: Using ep0 maxpacket: 32 [ 656.975720][ T807] usb 3-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15 [ 657.013007][ T807] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 657.080705][ T807] usb 3-1: Product: syz [ 657.097329][ T807] usb 3-1: Manufacturer: syz [ 657.123522][ T807] usb 3-1: SerialNumber: syz [ 657.176099][ T807] usb 3-1: config 0 descriptor?? [ 657.554750][ T807] RobotFuzz Open Source InterFace, OSIF 3-1:0.0: version d4.15 found at bus 003 address 016 [ 657.782177][ T9492] i2c i2c-1: adapter quirk: no zero length (addr 0x0000, size 0, read) [ 657.851149][ T5679] usb 3-1: USB disconnect, device number 16 [ 658.873455][ T9512] loop0: detected capacity change from 0 to 2048 [ 658.883410][ T9507] loop4: detected capacity change from 0 to 4096 [ 658.959114][ T9312] bridge0: port 1(bridge_slave_0) entered blocking state [ 659.007154][ T9312] bridge0: port 1(bridge_slave_0) entered disabled state [ 659.061567][ T9312] bridge_slave_0: entered allmulticast mode [ 659.098091][ T9512] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 659.108555][ T9312] bridge_slave_0: entered promiscuous mode [ 659.127753][ T9312] bridge0: port 2(bridge_slave_1) entered blocking state [ 659.136991][ T9312] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.147017][ T9312] bridge_slave_1: entered allmulticast mode [ 659.185925][ T9518] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 659.213999][ T9312] bridge_slave_1: entered promiscuous mode [ 659.495033][ T9521] loop2: detected capacity change from 0 to 512 [ 659.670468][ T9521] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 659.674385][ T5593] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 659.795311][ T9521] ext4 filesystem being mounted at /245/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 659.934940][ T9312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 660.138786][ T9521] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #2: comm syz.2.1308: corrupted inode contents [ 660.159783][ T9312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 660.191329][ T9521] EXT4-fs error (device loop2): ext4_dirty_inode:6587: inode #2: comm syz.2.1308: mark_inode_dirty error [ 660.291732][ T9521] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #2: comm syz.2.1308: corrupted inode contents [ 660.432358][ T9521] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #2: comm syz.2.1308: mark_inode_dirty error [ 660.512601][ T9528] veth1_macvtap: left promiscuous mode [ 660.547332][ T9528] macsec0: entered promiscuous mode [ 660.554968][ T9521] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #2: comm syz.2.1308: corrupted inode contents [ 660.653630][ T9521] EXT4-fs error (device loop2): ext4_setattr:5946: inode #2: comm syz.2.1308: mark_inode_dirty error [ 660.711850][ T9530] veth1_macvtap: entered promiscuous mode [ 660.761034][ T9530] macsec0: left promiscuous mode [ 661.305366][ T9312] team0: Port device team_slave_0 added [ 661.392693][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 661.486436][ T9312] team0: Port device team_slave_1 added [ 661.675287][ T9538] loop0: detected capacity change from 0 to 128 [ 661.866177][ T9538] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 661.959497][ T9538] ext4 filesystem being mounted at /290/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 662.301617][ T9312] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 662.361822][ T9312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 662.528507][ T9312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 662.669325][ T9312] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 662.713446][ T9312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 662.817253][ T5593] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 662.892168][ T9312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 664.735729][ T9556] loop0: detected capacity change from 0 to 40427 [ 664.751567][ T9556] F2FS-fs (loop0): build fault injection rate: 174 [ 664.758572][ T9556] F2FS-fs (loop0): build fault injection type: 0x3bfe8c [ 664.787007][ T9556] F2FS-fs (loop0): invalid crc value [ 664.870946][ T9312] hsr_slave_0: entered promiscuous mode [ 664.973720][ T9312] hsr_slave_1: entered promiscuous mode [ 665.071687][ T9312] debugfs: 'hsr0' already exists in 'hsr' [ 665.137281][ T9312] Cannot create hsr debugfs directory [ 665.176765][ T9556] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 665.190455][ T5233] 8021q: adding VLAN 0 to HW filter on device eth5 [ 665.200340][ T9556] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 669.296386][ T9312] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 669.414643][ T9312] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 669.452423][ T9312] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 669.578303][ T9312] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 669.647543][ T9312] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 669.771109][ T9312] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 669.830283][ T9312] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 669.965747][ T9312] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 671.793966][ T9610] loop2: detected capacity change from 0 to 4096 [ 671.880569][ T9610] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 672.008089][ T9312] 8021q: adding VLAN 0 to HW filter on device bond0 [ 672.300923][ T29] audit: type=1326 audit(1781188185.923:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9619 comm="syz.0.1339" exe="/root/ci-upstream-kmsan-gce-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9903f9ce59 code=0x0 [ 672.400175][ T9610] ntfs3(loop2): Failed to initialize $Extend/$ObjId. [ 672.430430][ T9312] 8021q: adding VLAN 0 to HW filter on device team0 [ 672.648025][ T3709] bridge0: port 1(bridge_slave_0) entered blocking state [ 672.656128][ T3709] bridge0: port 1(bridge_slave_0) entered forwarding state [ 672.918876][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 672.926980][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 678.193419][ T9676] netlink: 'syz.4.1352': attribute type 3 has an invalid length. [ 679.122026][ T9680] loop2: detected capacity change from 0 to 2048 [ 679.304658][ T9680] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 679.973469][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 680.615065][ T9312] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 680.629645][ T9698] loop0: detected capacity change from 0 to 512 [ 680.837582][ T5579] Bluetooth: hci5: link tx timeout [ 680.843118][ T5579] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa [ 680.874683][ T9698] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 681.170815][ T9705] loop1: detected capacity change from 0 to 128 [ 681.720916][ T5593] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 681.865278][ T9711] C: renamed from batadv_slave_0 (while UP) [ 682.023585][ T9711] netlink: 'syz.2.1362': attribute type 8 has an invalid length. [ 682.102675][ T9711] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 682.855586][ T9313] Bluetooth: hci5: command 0x0406 tx timeout [ 682.863426][ T9722] vxcan1: tx drop: invalid da for name 0x00000000000000c8 [ 682.935032][ T9719] loop0: detected capacity change from 0 to 2048 [ 683.056623][ T9719] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 683.177846][ T9719] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 683.462638][ T9730] loop1: detected capacity change from 0 to 8 [ 683.697501][ T9730] SQUASHFS error: Unable to read directory block [249:c] [ 684.819050][ T9740] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1371'. [ 685.533552][ T9312] veth0_vlan: entered promiscuous mode [ 685.753460][ T9312] veth1_vlan: entered promiscuous mode [ 686.494828][ T5679] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 686.593702][ T9312] veth0_macvtap: entered promiscuous mode [ 686.704902][ T5679] usb 2-1: Using ep0 maxpacket: 32 [ 686.766452][ T5679] usb 2-1: config 0 has no interfaces? [ 686.803499][ T5679] usb 2-1: New USB device found, idVendor=2040, idProduct=c612, bcdDevice=e5.51 [ 686.807611][ T9312] veth1_macvtap: entered promiscuous mode [ 686.829420][ T5679] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 686.852254][ T5679] usb 2-1: Product: syz [ 686.861859][ T5679] usb 2-1: Manufacturer: syz [ 686.868424][ T5679] usb 2-1: SerialNumber: syz [ 686.927452][ T5679] usb 2-1: config 0 descriptor?? [ 687.235775][ T40] usb 2-1: USB disconnect, device number 10 [ 687.301341][ T9312] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 687.544601][ T9312] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 687.721146][ T94] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 687.756244][ T94] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 687.788436][ T94] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 687.867054][ T94] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 688.563941][ T9772] sg_write: data in/out 348160/136 bytes for SCSI command 0x0-- guessing data in; [ 688.563941][ T9772] program syz.4.1382 not setting count and/or reply_len properly [ 689.587696][ T9785] loop4: detected capacity change from 0 to 256 [ 689.885545][ T9789] loop0: detected capacity change from 0 to 256 [ 689.960688][ T9789] exfat: Deprecated parameter 'utf8' [ 690.005264][ T9789] exfat: Deprecated parameter 'utf8' [ 690.143509][ T9789] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 690.634835][ T9790] loop1: detected capacity change from 0 to 4096 [ 690.897880][ T9798] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 690.915572][ T9796] loop2: detected capacity change from 0 to 512 [ 690.971899][ T9796] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 691.079751][ T9796] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 691.104281][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 691.110947][ C0] EXT4-fs (loop2): initial error at time 1781188204: ext4_mb_generate_buddy:1317 [ 691.120629][ C0] EXT4-fs (loop2): last error at time 1781188204: ext4_mb_generate_buddy:1317 [ 691.171385][ T9796] EXT4-fs (loop2): 1 truncate cleaned up [ 691.218040][ T9796] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 692.480465][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 692.480515][ T9803] loop0: detected capacity change from 0 to 32768 [ 692.484086][ T9803] btrfs: Deprecated parameter 'usebackuproot' [ 692.502868][ T9803] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 692.524888][ T9803] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1391 (9803) [ 692.561644][ T9803] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 692.572927][ T9803] BTRFS info (device loop0): using crc32c checksum algorithm [ 692.676344][ T94] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 692.690491][ T9803] BTRFS error (device loop0): failed to load root extent [ 692.698167][ T9803] BTRFS warning (device loop0): try to load backup roots slot 1 [ 692.707806][ T94] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 692.787673][ T9803] BTRFS warning (device loop0): couldn't read tree root [ 692.795287][ T9803] BTRFS warning (device loop0): try to load backup roots slot 2 [ 692.816474][ T55] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 692.888226][ T9803] BTRFS warning (device loop0): couldn't read tree root [ 692.896139][ T9803] BTRFS warning (device loop0): try to load backup roots slot 3 [ 692.952453][ T9803] BTRFS info (device loop0): rebuilding free space tree [ 693.011468][ T9803] BTRFS info (device loop0): disabling free space tree [ 693.019385][ T9803] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 693.030121][ T9803] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 693.061605][ T9803] BTRFS info (device loop0): checking UUID tree [ 693.077665][ T9803] BTRFS info (device loop0): enabling ssd optimizations [ 693.085165][ T9803] BTRFS info (device loop0): turning on async discard [ 693.092237][ T9803] BTRFS info (device loop0): force clearing of disk cache [ 693.099824][ T9803] BTRFS info (device loop0): enabling auto defrag [ 693.106962][ T9803] BTRFS info (device loop0): trying to use backup root at mount time [ 693.115411][ T9803] BTRFS info (device loop0): use zlib compression, level 3 [ 693.561683][ T5593] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 695.493956][ T9313] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 695.512026][ T9313] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 695.536654][ T9313] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 695.558988][ T9313] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 695.588290][ T9313] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 695.596464][ T1311] ieee802154 phy0 wpan0: encryption failed: -22 [ 695.609443][ T1311] ieee802154 phy1 wpan1: encryption failed: -22 [ 696.025928][ T9850] loop1: detected capacity change from 0 to 256 [ 696.106867][ T9850] exfat: Deprecated parameter 'utf8' [ 696.163696][ T9850] exfat: Deprecated parameter 'namecase' [ 696.202784][ T9850] exfat: Deprecated parameter 'namecase' [ 696.258610][ T9850] exfat: Deprecated parameter 'utf8' [ 696.375810][ T5579] block nbd1: Receive control failed (result -32) [ 696.412156][ T9850] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0x6a70c931, utbl_chksum : 0xe619d30d) [ 696.470179][ T9850] exFAT-fs (loop1): failed to test first cluster bit of root dir(5) [ 697.736961][ T5579] Bluetooth: hci3: command tx timeout [ 698.993904][ T9872] loop4: detected capacity change from 0 to 512 [ 699.280432][ T9872] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 699.389004][ T9872] ext4 filesystem being mounted at /319/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 699.504096][ T9881] loop0: detected capacity change from 0 to 512 [ 699.581396][ T9881] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 699.599065][ T5708] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 699.780377][ T9881] EXT4-fs error (device loop0): xattr_find_entry:337: inode #15: comm syz.0.1412: corrupted xattr entries [ 699.817246][ T5579] Bluetooth: hci3: command tx timeout [ 699.826797][ T9881] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 699.834300][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 699.850397][ C1] EXT4-fs (loop0): initial error at time 1781188213: xattr_find_entry:337: inode 15 [ 699.860262][ C1] EXT4-fs (loop0): last error at time 1781188213: xattr_find_entry:337: inode 15 [ 699.870023][ T9881] EXT4-fs (loop0): Remounting filesystem read-only [ 699.893647][ T9881] EXT4-fs (loop0): 1 truncate cleaned up [ 699.974535][ T5708] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 700.001209][ T9881] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 700.249232][ T5580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 700.361076][ T5708] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 700.633097][ T5708] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 701.631431][ T9894] TCP: TCP_TX_DELAY enabled [ 701.749828][ T6112] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 701.899696][ T5579] Bluetooth: hci3: command tx timeout [ 702.772867][ T9901] loop1: detected capacity change from 0 to 512 [ 702.959825][ T9901] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.1420: iget: bad i_size value: 38620345925642 [ 703.076337][ T9901] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 703.082642][ T9901] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.1420: couldn't read orphan inode 15 (err -117) [ 703.092702][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 703.092813][ C0] EXT4-fs (loop1): initial error at time 1781188216: ext4_orphan_get:1397: inode 15 [ 703.093012][ C0] EXT4-fs (loop1): last error at time 1781188216: ext4_orphan_get:1397: inode 15 [ 703.198666][ T9907] loop2: detected capacity change from 0 to 512 [ 703.225696][ T5708] bridge_slave_1: left allmulticast mode [ 703.257103][ T5708] bridge_slave_1: left promiscuous mode [ 703.286056][ T9901] loop1: lost filesystem error report for type 5 error -117 [ 703.290014][ T5708] bridge0: port 2(bridge_slave_1) entered disabled state [ 703.328612][ T9907] EXT4-fs: Ignoring removed oldalloc option [ 703.353138][ T9907] EXT4-fs (loop2): Test dummy encryption mode enabled [ 703.399238][ T9901] EXT4-fs (loop1): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 703.456048][ T5708] bridge_slave_0: left allmulticast mode [ 703.491502][ T5708] bridge_slave_0: left promiscuous mode [ 703.592312][ T5708] bridge0: port 1(bridge_slave_0) entered disabled state [ 703.665188][ T9907] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 703.833362][ T9907] EXT4-fs (loop2): shut down requested (2) [ 703.977221][ T5579] Bluetooth: hci3: command tx timeout [ 704.164480][ T6276] EXT4-fs (loop1): unmounting filesystem 00000000-0000-00a1-0000-000000000000. [ 704.336445][ T5585] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 705.068334][ T5708] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 705.090510][ T5708] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 705.131700][ T5708] bond0 (unregistering): Released all slaves [ 705.520340][ T9914] loop1: detected capacity change from 0 to 8 [ 705.773243][ T5708] hsr_slave_0: left promiscuous mode [ 705.845539][ T5708] hsr_slave_1: left promiscuous mode [ 705.899964][ T5708] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 705.936639][ T5708] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 705.997069][ T5708] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 706.021072][ T5708] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 706.191326][ T5708] veth1_macvtap: left promiscuous mode [ 706.212838][ T5708] veth0_macvtap: left promiscuous mode [ 706.233590][ T5708] veth1_vlan: left promiscuous mode [ 706.283808][ T5708] veth0_vlan: left promiscuous mode [ 706.915714][ T9313] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 706.931023][ T9313] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 706.941661][ T9313] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 706.975233][ T9313] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 707.007100][ T9313] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 707.561877][ T9934] loop4: detected capacity change from 0 to 256 [ 707.590585][ T9933] loop2: detected capacity change from 0 to 1024 [ 707.620723][ T9934] exfat: Deprecated parameter 'utf8' [ 707.658430][ T9934] exfat: Deprecated parameter 'namecase' [ 707.698018][ T9934] exfat: Deprecated parameter 'utf8' [ 707.818109][ T9934] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 708.574089][ T9936] loop2: detected capacity change from 0 to 1024 [ 708.679685][ T9938] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1434'. [ 709.095416][ T9313] Bluetooth: hci4: command tx timeout [ 709.220524][ T5708] team0 (unregistering): Port device team_slave_1 removed [ 709.359680][ T5708] team0 (unregistering): Port device team_slave_0 removed [ 709.896260][ T9945] loop2: detected capacity change from 0 to 256 [ 709.970653][ T9945] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x0f68ff13, utbl_chksum : 0xe619d30d) [ 710.236342][ T9938] ipvlan2: entered allmulticast mode [ 711.176272][ T9313] Bluetooth: hci4: command tx timeout [ 713.255373][ T9313] Bluetooth: hci4: command tx timeout [ 713.894558][ T9977] loop4: detected capacity change from 0 to 2048 [ 713.957787][ T9977] udf: Bad value for 'volume' [ 714.179419][ T9984] loop1: detected capacity change from 0 to 512 [ 714.186608][ T9844] bridge0: port 1(bridge_slave_0) entered blocking state [ 714.203020][ T9844] bridge0: port 1(bridge_slave_0) entered disabled state [ 714.247210][ T9844] bridge_slave_0: entered allmulticast mode [ 714.300017][ T9844] bridge_slave_0: entered promiscuous mode [ 714.332933][ T9984] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 714.358586][ T9844] bridge0: port 2(bridge_slave_1) entered blocking state [ 714.395352][ T9844] bridge0: port 2(bridge_slave_1) entered disabled state [ 714.403484][ T9844] bridge_slave_1: entered allmulticast mode [ 714.489674][ T9844] bridge_slave_1: entered promiscuous mode [ 714.798861][ T6276] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 715.198931][ T9844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 715.335254][ T9313] Bluetooth: hci4: command tx timeout [ 715.552508][ T9844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 716.160819][ T9844] team0: Port device team_slave_0 added [ 716.176600][ T9999] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1449'. [ 716.264379][ T9844] team0: Port device team_slave_1 added [ 716.948766][T10002] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1450'. [ 717.072929][ T9844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 717.103023][ T9844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 717.192503][ T9844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 717.311248][ T9844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 717.355830][ T9844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 717.420111][ T9844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 717.957444][ T5233] 8021q: adding VLAN 0 to HW filter on device eth5 [ 718.452004][ T9844] hsr_slave_0: entered promiscuous mode [ 718.520057][ T9844] hsr_slave_1: entered promiscuous mode [ 718.558133][ T9844] debugfs: 'hsr0' already exists in 'hsr' [ 718.583531][ T9844] Cannot create hsr debugfs directory [ 718.965323][ T6107] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 719.144972][ T6107] usb 3-1: Using ep0 maxpacket: 32 [ 719.188116][ T6107] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 719.224864][ T6107] usb 3-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 719.265394][T10027] netlink: 'syz.1.1460': attribute type 6 has an invalid length. [ 719.282808][ T6107] usb 3-1: config 0 interface 0 has no altsetting 0 [ 719.296032][ T6107] usb 3-1: New USB device found, idVendor=04b3, idProduct=3108, bcdDevice= 0.00 [ 719.342958][ T6107] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 719.415132][ T6107] usb 3-1: config 0 descriptor?? [ 720.005905][ T6107] hid_parser_main: 4 callbacks suppressed [ 720.006021][ T6107] lenovo 0003:04B3:3108.000A: unknown main item tag 0x3 [ 720.094747][ T6107] lenovo 0003:04B3:3108.000A: unknown main item tag 0x0 [ 720.114839][ T6107] lenovo 0003:04B3:3108.000A: unknown main item tag 0x0 [ 720.135013][ T6107] lenovo 0003:04B3:3108.000A: unknown main item tag 0x0 [ 720.170923][ T6107] lenovo 0003:04B3:3108.000A: unknown main item tag 0x0 [ 720.189770][ T6107] lenovo 0003:04B3:3108.000A: item fetching failed at offset 13/40 [ 720.257511][ T6107] lenovo 0003:04B3:3108.000A: hid_parse failed [ 720.264491][ T6107] lenovo 0003:04B3:3108.000A: probe with driver lenovo failed with error -22 [ 720.371004][ T6107] usb 3-1: USB disconnect, device number 17 [ 720.620253][T10036] loop4: detected capacity change from 0 to 512 [ 720.689338][T10036] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 720.891328][T10036] EXT4-fs (loop4): 1 truncate cleaned up [ 720.940305][T10036] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 721.174824][ T29] audit: type=1800 audit(1781188234.763:85): pid=10036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1463" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 721.763046][ T5580] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 722.469077][T10053] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1467'. [ 723.292715][ T9927] bridge0: port 1(bridge_slave_0) entered blocking state [ 723.344612][ T9927] bridge0: port 1(bridge_slave_0) entered disabled state [ 723.392854][ T9927] bridge_slave_0: entered allmulticast mode [ 723.449872][ T9927] bridge_slave_0: entered promiscuous mode [ 723.550268][ T9927] bridge0: port 2(bridge_slave_1) entered blocking state [ 723.593205][ T9927] bridge0: port 2(bridge_slave_1) entered disabled state [ 723.617707][ T9927] bridge_slave_1: entered allmulticast mode [ 723.655261][ T9927] bridge_slave_1: entered promiscuous mode [ 723.732653][T10066] loop1: detected capacity change from 0 to 256 [ 723.810504][T10066] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 723.931147][ T182] ===================================================== [ 723.939205][ T182] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xd32/0xc780 [ 723.950361][ T182] n_tty_receive_buf_standard+0xd32/0xc780 [ 723.956566][ T182] n_tty_receive_buf_common+0x1a63/0x25a0 [ 723.962510][ T182] n_tty_receive_buf2+0x4c/0x60 [ 723.967922][ T182] tty_ldisc_receive_buf+0xc6/0x2c0 [ 723.973374][ T182] tty_port_default_receive_buf+0xd7/0x1a0 [ 723.979814][ T182] flush_to_ldisc+0x43e/0xe40 [ 723.985634][ T182] process_scheduled_works+0xb65/0x1e40 [ 723.994850][ T182] worker_thread+0xee4/0x1590 [ 723.999771][ T182] kthread+0x53a/0x5f0 [ 724.005209][ T182] ret_from_fork+0x20f/0x8d0 [ 724.010141][ T182] ret_from_fork_asm+0x1a/0x30 [ 724.015308][ T182] [ 724.017722][ T182] Uninit was stored to memory at: [ 724.023122][ T182] n_tty_receive_buf_standard+0xd2b/0xc780 [ 724.029960][ T182] n_tty_receive_buf_common+0x1a63/0x25a0 [ 724.038008][ T182] n_tty_receive_buf2+0x4c/0x60 [ 724.043066][ T182] tty_ldisc_receive_buf+0xc6/0x2c0 [ 724.048794][ T182] tty_port_default_receive_buf+0xd7/0x1a0 [ 724.055239][ T182] flush_to_ldisc+0x43e/0xe40 [ 724.060157][ T182] process_scheduled_works+0xb65/0x1e40 [ 724.066125][ T182] worker_thread+0xee4/0x1590 [ 724.071018][ T182] kthread+0x53a/0x5f0 [ 724.075528][ T182] ret_from_fork+0x20f/0x8d0 [ 724.080360][ T182] ret_from_fork_asm+0x1a/0x30 [ 724.085599][ T182] [ 724.088034][ T182] Uninit was created at: [ 724.096177][ T182] __kmalloc_noprof+0x482/0x1660 [ 724.101651][ T182] __tty_buffer_request_room+0x3d4/0x7a0 [ 724.108526][ T182] __tty_insert_flip_string_flags+0x157/0x6e0 [ 724.115505][ T182] uart_insert_char+0x368/0x930 [ 724.120722][ T182] serial8250_read_char+0x1ba/0x670 [ 724.126285][ T182] serial8250_handle_irq_locked+0x6d4/0xa40 [ 724.132506][ T182] serial8250_handle_irq+0x189/0x710 [ 724.138146][ T182] serial8250_default_handle_irq+0x116/0x350 [ 724.144909][ T182] serial8250_interrupt+0xcb/0x3f0 [ 724.150276][ T182] __handle_irq_event_percpu+0x118/0xf30 [ 724.156240][ T182] handle_irq_event+0xe0/0x2a0 [ 724.161192][ T182] handle_edge_irq+0x2a9/0xaf0 [ 724.166311][ T182] __common_interrupt+0x9d/0x180 [ 724.171496][ T182] common_interrupt+0x94/0xb0 [ 724.176647][ T182] asm_common_interrupt+0x2b/0x40 [ 724.181870][ T182] [ 724.184421][ T182] CPU: 1 UID: 0 PID: 182 Comm: kworker/u8:6 Tainted: G L syzkaller #0 PREEMPT(lazy) [ 724.199422][ T182] Tainted: [L]=SOFTLOCKUP [ 724.203866][ T182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 724.215121][ T182] Workqueue: ttyS-serial_8250 flush_to_ldisc [ 724.221362][ T182] ===================================================== [ 724.228525][ T182] Disabling lock debugging due to kernel taint SYZFAIL: failed to send rpc fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe) [ 724.576645][ T9927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 724.879644][ T9927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 725.300126][ T182] Kernel panic - not syncing: kmsan.panic set ... [ 725.306748][ T182] CPU: 1 UID: 0 PID: 182 Comm: kworker/u8:6 Tainted: G B L syzkaller #0 PREEMPT(lazy) [ 725.318006][ T182] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP [ 725.323713][ T182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 725.334046][ T182] Workqueue: ttyS-serial_8250 flush_to_ldisc [ 725.340314][ T182] Call Trace: [ 725.343713][ T182] [ 725.346767][ T182] __dump_stack+0x26/0x30 [ 725.351327][ T182] dump_stack_lvl+0x50/0x1c0 [ 725.356134][ T182] ? dump_stack+0x12/0x25 [ 725.360845][ T182] dump_stack+0x1e/0x25 [ 725.365199][ T182] vpanic+0x7b4/0x1430 [ 725.369610][ T182] panic+0x15d/0x160 [ 725.373902][ T182] kmsan_report+0x31a/0x320 [ 725.378744][ T182] ? __msan_warning+0x1b/0x30 [ 725.383756][ T182] ? n_tty_receive_buf_standard+0xd32/0xc780 [ 725.390062][ T182] ? n_tty_receive_buf_common+0x1a63/0x25a0 [ 725.396363][ T182] ? n_tty_receive_buf2+0x4c/0x60 [ 725.401701][ T182] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 725.407340][ T182] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 725.413598][ T182] ? flush_to_ldisc+0x43e/0xe40 [ 725.418800][ T182] ? process_scheduled_works+0xb65/0x1e40 [ 725.424765][ T182] ? worker_thread+0xee4/0x1590 [ 725.429839][ T182] ? kthread+0x53a/0x5f0 [ 725.434325][ T182] ? ret_from_fork+0x20f/0x8d0 [ 725.439347][ T182] ? ret_from_fork_asm+0x1a/0x30 [ 725.444513][ T182] ? ret_from_fork_asm+0x1a/0x30 [ 725.449874][ T182] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 725.456465][ T182] ? __mutex_unlock_slowpath+0x43b/0x5b0 [ 725.462394][ T182] ? kmsan_get_metadata+0x146/0x160 [ 725.467839][ T182] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 725.474003][ T182] ? n_tty_receive_char+0xf83/0x14a0 [ 725.479499][ T182] ? __wake_up+0x29d/0x2f0 [ 725.484118][ T182] ? kmsan_get_metadata+0xf1/0x160 [ 725.489566][ T182] __msan_warning+0x1b/0x30 [ 725.494284][ T182] n_tty_receive_buf_standard+0xd32/0xc780 [ 725.500451][ T182] ? kmsan_get_metadata+0xf1/0x160 [ 725.505886][ T182] n_tty_receive_buf_common+0x1a63/0x25a0 [ 725.512017][ T182] n_tty_receive_buf2+0x4c/0x60 [ 725.517236][ T182] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 725.522985][ T182] tty_ldisc_receive_buf+0xc6/0x2c0 [ 725.528717][ T182] tty_port_default_receive_buf+0xd7/0x1a0 [ 725.535069][ T182] flush_to_ldisc+0x43e/0xe40 [ 725.539996][ T182] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 725.546671][ T182] ? __pfx_flush_to_ldisc+0x10/0x10 [ 725.552151][ T182] process_scheduled_works+0xb65/0x1e40 [ 725.557990][ T182] worker_thread+0xee4/0x1590 [ 725.562919][ T182] kthread+0x53a/0x5f0 [ 725.567228][ T182] ? __pfx_worker_thread+0x10/0x10 [ 725.573000][ T182] ? __pfx_kthread+0x10/0x10 [ 725.577903][ T182] ret_from_fork+0x20f/0x8d0 [ 725.582683][ T182] ? __switch_to+0x573/0x7a0 [ 725.587585][ T182] ? __pfx_kthread+0x10/0x10 [ 725.592419][ T182] ret_from_fork_asm+0x1a/0x30 [ 725.597525][ T182] [ 725.601105][ T182] Kernel Offset: disabled [ 725.605505][ T182] Rebooting in 86400 seconds..