last executing test programs: 3m42.256310715s ago: executing program 2 (id=574): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f00000005c0)=[{0x6}]}) socket$inet6(0xa, 0x2, 0x3a) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0502103, &(0x7f0000000180)={0x0, 0xfff, 0x100fe}) 3m40.835856699s ago: executing program 2 (id=578): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002280)=@newtaction={0x84, 0x30, 0x800, 0x70bd2b, 0x25dfd3fe, {}, [{0x70, 0x1, [@m_police={0x6c, 0x15, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x20000, 0x6, 0x200, 0x0, 0x1, {0x9, 0x1, 0x7, 0x8, 0x1}, {0x7, 0x2, 0x3, 0x2, 0x6, 0x1000}, 0xf, 0x0, 0x5}}]]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000) 3m40.115858205s ago: executing program 2 (id=579): syz_mount_image$hfs(&(0x7f0000001600), &(0x7f0000000000)='./file0\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB="71756965742c696f636861727365743d69736f383835392d372c63726561746f723d8761b3312c636f6465706167653d6370313235302c7569643d", @ANYRESHEX=0x0, @ANYBLOB='F\x00'], 0x5, 0x2fb, &(0x7f0000000240)="$eJzs3b9u00AcB/DvnZ02pVUxbRESC6hQCZaKAgNiCUJZ2ZkQkKRShFVEWyRgIVSMiAdg5xV4CBYQLwAsTDxANqM7nx07OV9SSOImfD9SIud8f36H/91Zogci+m/drX//eOOX+gjAgwfgNiABVAEfwFmcqz7fO2wfhq2mqyJPl1AfgbikGMjT2GvZiqpyuoQRqF8+VrJpNBlRFN35UXYQVDp99VtIYNFch3p/dcpxjUt/5zrAhZJCKU3230B00cULrJYYDhERnQDm+S/NY2JFJwlICWyZx/5MP//7dcsOYLxuhgNJkbNA5vmvR3eRUMf3tN7Vm+/pKZzaL5NZ4ijBVPp+LyA+s3JjMGGfVf6MYiYWubTb9rHdeIOmxBFqRqbAhv5uxqduYki0m5a5qUNxbRXcOxX3Ro0ol/p3JyHttsPWotqwxL9+vBb/nfgsvooHIsAHNNPxnx8JdZj0kQr6jpSsqPivFde4rEupXDDT/lqtJnNZzuhGzpsWjCG9rNpnJNk6kxcEnTQCS5xHyYZuew351wpx73ZsDYhe5eu2UkH6a7CsbmsjV8ozZ8J242nofJXytzrOvUkXxXtxX2ziNz6hnhn/SxXfFjJXputWL3ROc2bE/Vmw5/R1zmDgydEL9mIagbHo7AcVON7bsnd4jFtYPXj56okXhq19tfHIsvFsZV+YlMpbwJpn8hseHHnQSVMiTz08XkfRqDVHkwz+6lgrVPePNEVdPrbM6ipLU+S0D9P8bfiw7ap/geuEnOhGMnQZS4VqoFWwayL3KDphDkRy0E3CwCCW5pwad4l4/qdH8mZUp+8z6itwjNPdk0zkatxJZ3D5oeCabewyZG6wXDyDy7R4vWDOqOdcl64AlzOJAs4WAx3n3BB1fMNDvv8nIiIiIiIiIiIiIiIiIiIiIiIiIpo10/gfC2X3kYiIiIiIiIiIiIiIiIiIiIiIiIiIiIho1o2+/u9Sb6Um29+I1+v/BkPX/80tAGwWiuL6v0Tl+BMAAP//CpR9aw==") mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) unlinkat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0) 3m39.383731905s ago: executing program 2 (id=583): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2DbiUIqE4FQJKPcSEieK4sRR7LRNVEEqPgASQoDECS5ckPgASKgSF44IqRKcQYBACFo4cIDOyvY4TVM7cVs3TuPfT5rMmzfz/H/P0YznzTzNBDC03oqIqxHxKE3TCxExnuXnsil2WlNju4cP7sw3piTS9Po/k0iyvPZnJdn8bFbsdER87csR30yejlvb2l6Zq1TKG9lyqb66XqptbV9cXp1bKi+V12Zmpi/NXp59b3aqL+08FxFXvvjXH3z3Z1+68qvP3PrTjb+f/1ajWmPZ+r3teEb5g1a2ml5ofhd7C2w8Z7DjKN9sYWa00xYjT+Xcfcl1AgCgs8Y5/gcj4pMRcSHGY+Tg01kAAADgFZR+fiz+l0SknZ3qkg8AAAC8QnLNMbBJrpiNBRiLXK5YbI3h/XCcyVWqtfqnF6ubawutsbITUcgtLlfKU9lY4YkoJI3l6Wb68fK7+5ZnIuL1iPj++GhzuThfrSwM+uIHAAAADImz+/r//xlv9f8BAACAE2Zi0BUAAAAAXjr9fwAAADj59P8BAADgRPvKtWuNKW2//3rh5tbmSvXmxYVybaW4ujlfnK9urBeXqtWl5jP7Vg/7vEq1uv7ZWNu8XaqXa/VSbWv7xmp1c61+Y/mJV2ADAAAAR+j1j9/7QxIRO58bbU4Np3or2uNmwHGV300l2bzDbv3H11rzvxxRpYAjMTLoCgADkx90BYCBKQy6AsDAJYes7zp457fZ/BP9rQ8AANB/kx/tfv8/d2DJnYNXA8eenRiGl/v/MLya9/97HcnrZAFOlIIzABh6L3z//1Bp+kwVAgAA+m6sOSW5YnZ5byxyuWIx4lzztQCFZHG5Up6KiNci4vfjhQ80lqebJZND+wwAAAAAAAAAAAAAAAAAAAAAAAAAQEuaJpECAAAAJ1pE7m/Jr1vP8p8cf2ds//WBU8l/xyN7ReitH1//4e25en1jupH/r938+o+y/HcHcQUDAAAAhsIzvcC/3U9v9+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ8ePrgz356OMu4/vhARE53i5+N0c346ChFx5t9J5PeUy0XESB/ijzb+fKRT/KRRrd2Q++Mn7bIvaOfugfFjIvsWOsU/24f4MMzuNY4/Vzvtf7l4qznvvP/lI55Yfl7dj3+xe/wb6bL/n+sxxhv3f1HqGv9uxBv5zsefdvykS/y3e4z/ja9vb3dbl/4kYrLj70/yRKxSfXW9VNvavri8OrdUXiqvzcxMX5q9PPve7FRpcblSzv52jPG9j/3y0UHtP9Ml/sQh7X+nx/b///7tBx9qJQud4p9/u0P83/w02+Lp+O3fvk9l6cb6yXZ6p5Xe682f/+7Ng9q/0KX9h/3/z/fY/gtf/c6fe9wUADgCta3tlblKpbxxYhONXvoxqIbEMUx8u68fmKZp2tinXuBzkjgOX0szMegjEwAA0G+PT/oHXRMAAAAAAAAAAAAAAAAAAAAYXkfxOLH9MXd2U0k/HqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAX7wcAAP//ZWfZVg==") r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$binfmt_register(r0, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x46, 0x43, 0x4f]}, 0x2c) 3m37.454708449s ago: executing program 2 (id=591): prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)) io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x371, 0xc000, 0x2c, 0xa0002f4}) 3m36.678996189s ago: executing program 2 (id=594): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendmmsg$inet(r0, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000240)="d2a7b3", 0x3}, {&(0x7f0000000400)="e06bd3f745", 0xfcfd}, {&(0x7f0000000500)="86e9a0d8", 0x4}, {&(0x7f00000005c0)="25062456", 0x4}], 0x4}}], 0x1, 0x4000800) 3m34.310992731s ago: executing program 32 (id=594): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendmmsg$inet(r0, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000240)="d2a7b3", 0x3}, {&(0x7f0000000400)="e06bd3f745", 0xfcfd}, {&(0x7f0000000500)="86e9a0d8", 0x4}, {&(0x7f00000005c0)="25062456", 0x4}], 0x4}}], 0x1, 0x4000800) 2m38.577693692s ago: executing program 5 (id=795): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000002680), 0x4) getsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, 0x0, &(0x7f0000002700)) 2m37.547099499s ago: executing program 5 (id=798): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0xb15, 0x2) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0xf0f03e, 0x1}) 2m36.582060509s ago: executing program 5 (id=802): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x2}) ioctl$sock_netdev_private(r0, 0x89f1, &(0x7f0000000000)) 2m35.792724541s ago: executing program 5 (id=805): r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000003c0)={0x101, 0x2, 0x2}) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405668, &(0x7f0000000100)={0x0, 0x80000001, 0x2}) 2m34.658612756s ago: executing program 5 (id=809): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f00000007c0)={[{@dioread_nolock}, {@norecovery}, {@resgid}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x1}}, {@grpid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@subj_user={'subj_user', 0x3d, '('}}, {@measure}, {@smackfsfloor}, {@appraise_type}]}, 0xfd, 0x573, &(0x7f0000000240)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c}) 2m33.191066449s ago: executing program 5 (id=814): writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000480)}, {0x0}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead9", 0x101}], 0x3) r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x8002) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000)) 2m20.062978838s ago: executing program 0 (id=873): r0 = syz_open_dev$media(&(0x7f00000006c0), 0x4, 0x0) ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000940)=0xffffffffffffffff) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0x541b, 0x0) 2m19.231223293s ago: executing program 0 (id=876): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r1 = fcntl$dupfd(r0, 0x406, r0) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f00000003c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0x26}, 0x2}, {0xa, 0x4e24, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x7ff}, 0xffffffffffffffff, 0x9}}, 0x48) 2m18.496344847s ago: executing program 0 (id=880): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1020affff20c311df259149e300", 0x10) shutdown(r0, 0x0) 2m17.929156153s ago: executing program 33 (id=814): writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000480)}, {0x0}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead9", 0x101}], 0x3) r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x8002) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000)) 2m17.769920631s ago: executing program 0 (id=885): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, &(0x7f0000001180)=ANY=[@ANYBLOB='quota,usrquota_inode_hardlimit=7']) fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xee01, 0xee00, 0x1000) 2m16.768368172s ago: executing program 0 (id=888): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f00000007c0)={[{@dioread_nolock}, {@norecovery}, {@resgid}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x1}}, {@grpid}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@subj_user={'subj_user', 0x3d, '('}}, {@measure}, {@smackfsfloor}, {@appraise_type}]}, 0xfd, 0x573, &(0x7f0000000240)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c}) 2m14.674254741s ago: executing program 0 (id=893): syz_mount_image$squashfs(&(0x7f0000000100), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000013c0)=ANY=[@ANYRES16=0x0, @ANYRESDEC, @ANYRES16, @ANYRES16, @ANYRES64=0x0, @ANYBLOB="0e6e2917ed29acb17206eaaa257b06847e3966cfa706df4bd056b1d857f3fd63cc97edd5de08ea02c5c7912b06fb2367c78255b4969d0e49007cf95ac5f0", @ANYBLOB="01ce6671a3b30f673148672100038bbb4413ea284b893f38cdddda3da4c78d6059c5766f98f8020013503eaf8c90a24dda1e09f68cd741168d69dae50652ca7b67c5b0a27a1d5beabee7c1346b215f641ae190d56ea4ab81bacd909929deb5757040e8d5b2752ea779c30f600bd516a68d881e7fc7289826cbd840ffdb008356c72319cceb43ccb1281556efdf0fdf582fcdcfc830dff178a068d9dcbfde7af6012383adb085c40e4c295c2a3be750a42400e58523d24b8eecd75caabaee22347bdb78b72b400d080a044ebde5d39ad91ff0ef75aa244381cf00cd6fe9b9a92a996810eef02481022af426853287e521a4e3cfe480f90300cea1359ff932eb34bc75aefea41074799f3502a7472a6686b4011a41d7f0cfb25b3dc3077b4e8ded17cfff2b1d41bc12f637c36690f5ca91ee999ec138f6ce76522ed2b73c8160b299f0d123f1721171bd72c012623f06d8965d3e5785d0570a0098ab36af821c9b308731422ba385b46bf5348b9895ace14068ea58f8cb4060c205cab0f2a73628eff5b9270a4a55c2d7fc59a4fe6e023bd424d8fe06e2232d1b2e6ca603b466b2c82afff4a8cc46ab3656c1fab1035a18fc9e8664d5aa34222070bc7b8878741962e638d7028a8e3fad41243aaaa76785624cbf48f1f8bda736909d3e3084602a37b21938674204ae1cd9cd0f5061f41718f090cb4577ab4ce77583", @ANYRES8, @ANYRES32], 0xfd, 0x1ef, &(0x7f0000000140)="$eJzsVctqFEEUPVVdk24faNZuHUw2OpMOiH9gPsNh0sZgx0e6QWcI2LowGxfiTwT8Chei7l2ICG6ShYIu4jIgI7fqVk81lkzrbEaoAzP31H3Vrb71uFXcL2IAP4/3hliGhsBZfBICCsCKMLqTJSN/sJwwvigzXmP9S5ZHLIvR+P0zIhLj24M8z3aL0QwiBDDLp0Ec1eQ80DbsT+Tdk6ZGYM6E8xJIwGsqI/ORfzc9b2hinw/H+jMvAKH6PCb5Twm/tnHmrd6q3R24GoqqIugtnpgj5GmKMXn75SEAkQ6HzCz+44v2xXvXPlrYneAS+VdRBbinxfXHEt/14MPx3pDIDb7FSLdpfvZIaB8avHZ8LiigAkSESZ1HmVZjBUCv3LnXUxhf3t4ZbGVb2Z00Xb/af3uGW571eze38+zROWcKSUShBp3TU06Z1PzPU3sFB8IpjXAaEG4s3b/2cl696EbRXTyNdXMYj1d1jph15rtcAu3fBxWZU9Z2dbaniV7gBgQiKNA611RjxhMcIdGGK8O7+eY+BAR79g+gIPHGFtCBZEt66AzWr9XL32fZZbmh/xMc8PiQpX277JukdIZvPFqtgCU8HJTlrn68DKt1qdUhXa5nljyrfQ3tjdGNERAQEBAQEBDwn+BXAAAA//+8IT1V") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x100) syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000001080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800800, 0x0, 0x6, 0x0, &(0x7f0000000000)) 1m59.305309186s ago: executing program 34 (id=893): syz_mount_image$squashfs(&(0x7f0000000100), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000013c0)=ANY=[@ANYRES16=0x0, @ANYRESDEC, @ANYRES16, @ANYRES16, @ANYRES64=0x0, @ANYBLOB="0e6e2917ed29acb17206eaaa257b06847e3966cfa706df4bd056b1d857f3fd63cc97edd5de08ea02c5c7912b06fb2367c78255b4969d0e49007cf95ac5f0", @ANYBLOB="01ce6671a3b30f673148672100038bbb4413ea284b893f38cdddda3da4c78d6059c5766f98f8020013503eaf8c90a24dda1e09f68cd741168d69dae50652ca7b67c5b0a27a1d5beabee7c1346b215f641ae190d56ea4ab81bacd909929deb5757040e8d5b2752ea779c30f600bd516a68d881e7fc7289826cbd840ffdb008356c72319cceb43ccb1281556efdf0fdf582fcdcfc830dff178a068d9dcbfde7af6012383adb085c40e4c295c2a3be750a42400e58523d24b8eecd75caabaee22347bdb78b72b400d080a044ebde5d39ad91ff0ef75aa244381cf00cd6fe9b9a92a996810eef02481022af426853287e521a4e3cfe480f90300cea1359ff932eb34bc75aefea41074799f3502a7472a6686b4011a41d7f0cfb25b3dc3077b4e8ded17cfff2b1d41bc12f637c36690f5ca91ee999ec138f6ce76522ed2b73c8160b299f0d123f1721171bd72c012623f06d8965d3e5785d0570a0098ab36af821c9b308731422ba385b46bf5348b9895ace14068ea58f8cb4060c205cab0f2a73628eff5b9270a4a55c2d7fc59a4fe6e023bd424d8fe06e2232d1b2e6ca603b466b2c82afff4a8cc46ab3656c1fab1035a18fc9e8664d5aa34222070bc7b8878741962e638d7028a8e3fad41243aaaa76785624cbf48f1f8bda736909d3e3084602a37b21938674204ae1cd9cd0f5061f41718f090cb4577ab4ce77583", @ANYRES8, @ANYRES32], 0xfd, 0x1ef, &(0x7f0000000140)="$eJzsVctqFEEUPVVdk24faNZuHUw2OpMOiH9gPsNh0sZgx0e6QWcI2LowGxfiTwT8Chei7l2ICG6ShYIu4jIgI7fqVk81lkzrbEaoAzP31H3Vrb71uFXcL2IAP4/3hliGhsBZfBICCsCKMLqTJSN/sJwwvigzXmP9S5ZHLIvR+P0zIhLj24M8z3aL0QwiBDDLp0Ec1eQ80DbsT+Tdk6ZGYM6E8xJIwGsqI/ORfzc9b2hinw/H+jMvAKH6PCb5Twm/tnHmrd6q3R24GoqqIugtnpgj5GmKMXn75SEAkQ6HzCz+44v2xXvXPlrYneAS+VdRBbinxfXHEt/14MPx3pDIDb7FSLdpfvZIaB8avHZ8LiigAkSESZ1HmVZjBUCv3LnXUxhf3t4ZbGVb2Z00Xb/af3uGW571eze38+zROWcKSUShBp3TU06Z1PzPU3sFB8IpjXAaEG4s3b/2cl696EbRXTyNdXMYj1d1jph15rtcAu3fBxWZU9Z2dbaniV7gBgQiKNA611RjxhMcIdGGK8O7+eY+BAR79g+gIPHGFtCBZEt66AzWr9XL32fZZbmh/xMc8PiQpX277JukdIZvPFqtgCU8HJTlrn68DKt1qdUhXa5nljyrfQ3tjdGNERAQEBAQEBDwn+BXAAAA//+8IT1V") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x100) syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f0000001080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800800, 0x0, 0x6, 0x0, &(0x7f0000000000)) 56.027803475s ago: executing program 7 (id=1106): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = getpgrp(0x0) kcmp(r1, r0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) 54.467718433s ago: executing program 7 (id=1110): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000280), 0x80a00, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000180)={0x80000001, "0600000000000000c64c3b6e6ff82a75e5318fca4288c2ffbdbec772020acd2c"}) close_range(r0, 0xffffffffffffffff, 0x0) 53.047959841s ago: executing program 7 (id=1114): pwritev(0xffffffffffffffff, 0x0, 0x0, 0xee, 0x4200008) syz_mount_image$hfsplus(&(0x7f0000001140), &(0x7f00000004c0)='./file1\x00', 0x804c10, &(0x7f0000000180)=ANY=[], 0xfe, 0x66b, &(0x7f0000001180)="$eJzs3c1vHGcdB/DvbDZ2Ni3BTZM2oEq1GgkQFolf5IK5YBBCPlSoKgfOVuI0VjZpsV3kVog6vF576B9QDr4gTkjcIxUOXODWG/KxEhKXXjCnRTuetdfrl66TxrtpP59o93lmnplnfs/vmZl9saIN8IW1MJH6gxRZmHhlvb28tTnT3NqcudupJxlNspHUk9SSFP9ttVofJvNJsdtN0VMe8P7y3GsffbL18c5SvXqU29eO269Htd1Gz+qNzrrxJGeq8hHs6+/GI/dX7EY+n+RqVcLAnU3S2udnf396t6VL47C9z51KjMDjVey8bh4wlpyvLvT2+4DOK2/tdKPr32if2/W+gwAAAIAnTT+fgb+8ne2sFxdOIRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4XNjY+/3/onrUOvXxFJ3f/x+p1qWqD5cXT7b5g8cVBwAAAAAAAACcohe3s531XOgst4ryb/4vlQuXyuen8lZWs5SVXMt6FrOWtaxkKslYV0cj64traytTfew5feie058S6GhVNj6bcQMAAAAAAADA58yvsrD3938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgGRXJmp0hxv2v1WGr1JOeSjLRXbCT/7NSfZA8GHQAAAACcgtFkO+u50FluFbmU5LnyO4BzeSv3spblrKWZpdwsvxfY+dRf29qcaW5tztxtPw72+/3/nCiMssfsfPdw+JGvlFs0civL5ZpruZE30szN1Mo9265U8XR67Ynrfjum4nuVPiO7WZXtkb9XlQe8e6LBHuWEX6aMlRk5u5uRySq2djae6czM4TN0wtnpPdJUarvBXuo50sj+wTxUzs9XZXs8vzsq5wPRm4nprrPvueNznnz9L3/66WRVH54h9edMVbbK58bBTMx0ZeL5fjJxu3nvzu1bqxNPWiYOmCwzcXl3eSE/yk8ykfG8mpUs5+dZzFqWMp4flrXFavKLrkv+iEzN71t69dMiGanO0J3JOllML5X7Xshyfpw3cjNLebn8N52pfDuzmc1c1wxfPn6Gy6u+tu+q35vm1pcODf7qN6pKI8nvq3I4tPP6TFdeu++5Y2Vb95q9LF3sI0snvDfWv1pV2sf4dVUOh95MTHVl4tnjM/GH8ray2rx3Z+X24pv9He7ie1WlfWb9NhkfnhtJ+3y52J6scmn/2dFue/bQtqmy7dJuW+1A2+Xdtp0rdePIK3Wkeg93sKfpsu35Q9tmyrYrXW2Hvd8CYOid/+b5kca/G/9ofND4TeN245VzPxj9zugLIzn717PfrU+e+VrtheLP+SC/3Pv8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzVt9+5s9hsLq30VFqt1rtHNPVZqVdHeMjdH6GS8X891T7yIU2dnzM7xXi+8nRyemMf1sr/Wq1WtaY4Yps//m1oEtWqDEXqBlQZ3D0JOB3X1+6+eX317Xe+tXx38fWl15fuzc3Ozk3Ozb48c/3WcnNpcud50FECj8Pei/6gIwEAAAAAAAAAAAD6dRr/nWDQYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACebAsTqT9IkanJa5Pt5a3NmWb70anvbVlPUktS/CIpPkzmi6phrKu74qjjvL8899pHn2x9vNdXvbN97bj9+rNRPTKe5MxOef+z6u9GVR6rOG4Ixe4I55NcrUoYuP8HAAD//xokBkA=") statfs(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=""/62) 51.830538486s ago: executing program 7 (id=1118): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000003c0)='./file1\x00', 0x1c, &(0x7f0000000a00), 0x3, 0x455, &(0x7f0000001040)="$eJzs3M1vFGUYAPBnZtsiX7YifvChVtHY+NFCQeXgQY0mHjQx0QMea1sIslBDayKEaDUGj4bEu/Fo4l/gSS9GPZl41bshIYYL6GnN7M603WW70GXbqezvlwy8785M3+eZmXf3nXm7DaBvjWb/JBE7IuKPiBhuVJs3GG38d/3qhel/rl6YTqJWe/vvpL7dtasXpotNi/2255WxNCL9PIl9bdqdP3f+1FS1Ons2r08snP5gYv7c+WdPnp46MXti9szk0aNHDh964fnJ53qSZxbTtb0fz+3f8/q7l96cPnbpvV++S4r8W/Josth1k6OdVj5Rq3X9gzejnSvKyUCJgbAmlYjITtdgvf8PRyWWT95wvPZZqcEB66pWq9W2r756sQbcwZIoOwKgHMUHfXb/WywbNPTYFK683LgByvK+ni+NNQOR5tsMttzf9tJoRBxb/PfrbIlOzyEAAHrkh2z880y78V8a96/Y7u58bmgkIu6JiF0RcW9E7I6I+yLq2z4QEQ+usf3WSZIbxz/p5a4Su0XZ+O/FfG6refxXjP5ipJLXdtbzH0yOn6zOHsyPyVgMbjl+k/mOH1/9/cvV1q0c/2VL1n4xFszjuDywpXmfmamFqa4TbnHl04i9A+3yT5ZmApKI2BMRe7ts4+RT3+5fbd3N8++gB/NMtW8inmyc/8Voyb+QdJ6fnLgrqrMHJ4qr4ka//nbxrdXav638eyA7/9vaXv9L+Y8kK+dr59fexsU/v1j1nqbb638oeadeHspf+2hqYeHsoYih5I1G0Ctfn1zet6gX22f5jx1o3/93xfKR2BcR2UX8UEQ8HBGP5LE/GhGPRcSBDvn//Mrj73ef//rK8p9Z0/lfLgxFo5Cdg5ZVTYXKqZ++b2p0ZC35Z+f/SL00lr9yK+9/HcJpKtzu8QMAAID/gzQidkSSji+V03R8vPH78rtjW1qdm194+vjch2dmGt8RGInBtHjSNbzieeih/La+qE+21A/nz42/qmyt18en56ozZScPfW77Kv0/81el7OiAdef7WtC/9H/oX/o/9C/9H/pXm/6/tYw4gI3X7vP/kxLiADZeS/9fmvZ7qYRYgI3l/h/6l/4P/Uv/h740vzVu/iV5hXUoFH9fodwwKtHt7pGWfwzvmMJgfjFslnhOTVVLfFMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoof8CAAD//4xf3L0=") mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0) mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x28a5291, 0x0) 50.291512043s ago: executing program 7 (id=1124): r0 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x10001, 0x1, 0x2}) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000003c0)={0x2, @vbi={0x4, 0x991, 0xfff, 0x49433553, [0x200000], [0x0, 0x10001], 0x2}}) 49.042042774s ago: executing program 7 (id=1131): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x2800010, &(0x7f0000000300)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d60edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b49057d94f10f7b5e35ead0a38", @ANYRES8=0x0], 0x3, 0x21f, &(0x7f0000000940)="$eJzs2j+LXFUcBuDfXRMSN2xmxH8kIB60UJtLZmqLLJKAOKBoRoiC5Ma9o8NcZ5a5w8KImK209SNYi6WdIClttvETWNhts2UK8Uoya5INY7GIO2Kep5kXzrzccziXwynu/uvffDYa1PmgmMValsXa5diNO1m0Yy3+shuvvXL95xfeu/7BW5u93pV3U7q6ea3TTSmdf/GnD7/4/qXbs3Pv/3D+xzOx1/5o/6D7295zexf2/7j26bBOwzqNJ7NUpJuTyay4WZVpa1iP8pTeqcqiLtNwXJfTI+ODarK9PU/FeGtjfXta1nUqxvM0KudpNkmz6TwVnxTDccrzPG2sB/9E/7s7TRMHzekb0TTNk9/Gudux8Wu0InsqZU9fzp69kT2/m104aJrWqqfKv8L+P94eOtTPRlRf7/R3+ovfxfjmIIZRRRmXohW/x93X5NAiX32zd+VSuqcdX1W3Dvu3dvpPHO13ohXt5f3Oop+O9s/EesTpiMN+N1rxzPJ+d2n/bLz68kPPz6MVv3wck6hiK+52H/S/7KT0xtu9R/oX7/0PAOD/Jk/3Lb2/5fnfjS/6x7gfPnK/OhUXT6127UTU889HRVWVU0EQhPth1ScTJ+HBpq96JgAAAAAAAAAAABzHSXxOuOo1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/21/BgAA//9DWtUg") mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 45.566760236s ago: executing program 35 (id=1131): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x2800010, &(0x7f0000000300)=ANY=[@ANYBLOB="636865636b3d7374726963742c757466383d312c757466383d302c757466383d312c6e66732c6572726f72733d72656d6f756e742d726f2c73686f72746e616d653d77696e6e742c00043518f9aad8a4f2c1cdb3e993cf0444d9d2d40bb509d4da042c2c85e3650de97db42c38cafa7a9d7503c3c985486cf7fc80515e9bef7e9e56fb346de370b3eb3ecbc59d343c36bf04efc3d68033308b0014b0c677ae5ef2932cc05f566112668fa4f6844dcf823618a2993da771384e8fc12467a56b33e3b00030dbfd82ea2f8ddbeb1d04bac86815ebe0b9d084d60edf56b15e74589892dce86962f611a4313120b738dddfd38d20b443570197dc795020ecf541601ef9a5618869febf769dd50261849a47e170ba166b97e76a0261d0dc1fb3e2646595f1c8b49057d94f10f7b5e35ead0a38", @ANYRES8=0x0], 0x3, 0x21f, &(0x7f0000000940)="$eJzs2j+LXFUcBuDfXRMSN2xmxH8kIB60UJtLZmqLLJKAOKBoRoiC5Ma9o8NcZ5a5w8KImK209SNYi6WdIClttvETWNhts2UK8Uoya5INY7GIO2Kep5kXzrzccziXwynu/uvffDYa1PmgmMValsXa5diNO1m0Yy3+shuvvXL95xfeu/7BW5u93pV3U7q6ea3TTSmdf/GnD7/4/qXbs3Pv/3D+xzOx1/5o/6D7295zexf2/7j26bBOwzqNJ7NUpJuTyay4WZVpa1iP8pTeqcqiLtNwXJfTI+ODarK9PU/FeGtjfXta1nUqxvM0KudpNkmz6TwVnxTDccrzPG2sB/9E/7s7TRMHzekb0TTNk9/Gudux8Wu0InsqZU9fzp69kT2/m104aJrWqqfKv8L+P94eOtTPRlRf7/R3+ovfxfjmIIZRRRmXohW/x93X5NAiX32zd+VSuqcdX1W3Dvu3dvpPHO13ohXt5f3Oop+O9s/EesTpiMN+N1rxzPJ+d2n/bLz68kPPz6MVv3wck6hiK+52H/S/7KT0xtu9R/oX7/0PAOD/Jk/3Lb2/5fnfjS/6x7gfPnK/OhUXT6127UTU889HRVWVU0EQhPth1ScTJ+HBpq96JgAAAAAAAAAAABzHSXxOuOo1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/21/BgAA//9DWtUg") mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) rename(&(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 6.756632606s ago: executing program 4 (id=1259): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) landlock_restrict_self(r0, 0x2) 6.145899429s ago: executing program 6 (id=1261): r0 = socket(0x2, 0x3, 0xff) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000240)=0x7db7, 0x4) sendto$inet(r0, &(0x7f00000002c0)="b401fcc8cd1bb8b66f7ee68e052af9c34b7d7494", 0x14, 0x0, &(0x7f0000000040)={0x2, 0xffff, @dev}, 0x10) 5.890902342s ago: executing program 4 (id=1263): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2) 5.433291022s ago: executing program 1 (id=1264): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newlink={0x58, 0x10, 0xffffffffffffffff, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x1ba20, 0x106f}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x11, 0x13}}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_LINKMODE={0x5, 0x11, 0x1}]}, 0x58}}, 0x8004002) 5.218988808s ago: executing program 6 (id=1265): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000e3"], 0x48) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000840)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x64}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7000000}}, {}, [@jmp={0x5, 0x1, 0x1, 0xa, 0x0, 0xfffffffffffffff5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x100a, &(0x7f00000009c0)=""/4106, 0x41100, 0x24}, 0x94) 5.004651591s ago: executing program 3 (id=1266): setuid(0xee01) r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x8, @loopback}], 0x10) 4.323704327s ago: executing program 1 (id=1267): r0 = socket(0xa, 0x3, 0x3a) recvmmsg(r0, &(0x7f00000091c0)=[{{0x0, 0x0, 0x0}, 0x10}], 0x2f, 0x2, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000140)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c6dd00", 0x10, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @mcast2, {[], @ndisc_ra={0x89, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0xffffffff}}}}}}, 0x0) 4.163253426s ago: executing program 3 (id=1268): r0 = msgget$private(0x0, 0x2) msgsnd(r0, &(0x7f00000000c0)={0x2}, 0x8, 0x800) msgrcv(r0, &(0x7f00000001c0)={0x0, ""/214}, 0xde, 0x0, 0x4800) 4.121924273s ago: executing program 6 (id=1269): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$XFS_IOC_FREE_EOFBLOCKS(r0, 0x8080583a, 0x0) ioctl$UI_END_FF_ERASE(r0, 0x400c55cb, &(0x7f0000000000)={0x10, 0xfffffff7, 0x4}) 3.471468807s ago: executing program 4 (id=1270): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000140), 0x10) sendmsg$can_bcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x5, 0x4c3, 0x0, {}, {0x0, 0xea60}, {0x0, 0x0, 0x1}, 0x1, @can={{0x0, 0x0, 0x1}, 0x0, 0x5, 0x0, 0x0, "d5bea2784d005b17"}}, 0x48}, 0x1, 0x0, 0x0, 0x5}, 0x40040090) 3.395366276s ago: executing program 1 (id=1271): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a7c000000060a0104000000000000000002000000500004804c0001800c0001007061796c6f6164003c00028008000440000000000800054000000000080003400000005708000240000000010800064000000002080007400000000d08000840000000000900010073797a30000000000900020073797a32"], 0xa4}}, 0x4) 3.37172041s ago: executing program 3 (id=1272): r0 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000040)='\x00', 0x0, r0) 3.142691015s ago: executing program 6 (id=1273): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000000104010200000180000000000000000008000540000000000500010001"], 0x24}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000280)={0x1c, 0x1, 0x4, 0x5, 0x0, 0x0, {}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x3}]}, 0x1c}}, 0x0) 2.435908662s ago: executing program 4 (id=1274): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000000c0)={0x3, [0x3, 0x1, 0x3]}, 0xa) 2.390723976s ago: executing program 1 (id=1275): mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40) 2.355837905s ago: executing program 3 (id=1276): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) pipe2(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) sendfile(r1, r0, 0x0, 0x437c) 2.180470612s ago: executing program 6 (id=1277): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0xa002, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000100)=0x12) ioctl$SNDCTL_DSP_GETFMTS(r0, 0x8004500b, 0x0) 1.539644987s ago: executing program 1 (id=1278): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0x96, 0x4}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 1.475365783s ago: executing program 4 (id=1279): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000004c0)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0xa, 0x4e20, 0x7, @mcast2, 0x3}, r1}}, 0x48) 1.378165465s ago: executing program 3 (id=1280): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) 613.082652ms ago: executing program 1 (id=1281): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) 581.857108ms ago: executing program 4 (id=1282): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) 211.150131ms ago: executing program 3 (id=1283): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/zoneinfo\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) 0s ago: executing program 6 (id=1284): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c000000020603000000000000000000000000001400078008001240000000000500150002000000050001000600000005000500020000000500040000000000090002"], 0x4c}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0) kernel console output (not intermixed with test programs): from 0 to 64 [ 332.413913][ T7219] loop2: detected capacity change from 0 to 512 [ 332.525431][ T5924] hid-generic 0C99:07FF:0006.0004: unknown main item tag 0x0 [ 332.537126][ T7219] EXT4-fs (loop2): orphan cleanup on readonly fs [ 332.547717][ T5924] hid-generic 0C99:07FF:0006.0004: unknown main item tag 0x0 [ 332.559444][ T5924] hid-generic 0C99:07FF:0006.0004: unknown main item tag 0x0 [ 332.575815][ T5924] hid-generic 0C99:07FF:0006.0004: hidraw0: HID v0.09 Device [syz0] on syz1 [ 332.604502][ T7219] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.583: bg 0: block 248: padding at end of block bitmap is not set [ 332.690056][ T7219] loop2: lost filesystem error report for type 5 error -117 [ 332.691962][ T7219] Quota error (device loop2): write_blk: dquota write failed [ 332.699708][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 332.699830][ C1] EXT4-fs (loop2): last error at time 1772463169: ext4_validate_block_bitmap:441 [ 332.789445][ T7219] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 332.807903][ T7219] EXT4-fs error (device loop2): ext4_acquire_dquot:7001: comm syz.2.583: Failed to acquire dquot type 1 [ 332.939069][ T7219] loop2: lost filesystem error report for type 5 error -117 [ 332.959628][ T7219] EXT4-fs (loop2): 1 truncate cleaned up [ 333.080636][ T7219] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 333.560306][ T7232] netlink: 16 bytes leftover after parsing attributes in process `syz.3.588'. [ 333.811879][ T7219] syz.2.583 (7219) used greatest stack depth: 2912 bytes left [ 333.853086][ T7228] fido_id[7228]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 333.868469][ T5778] EXT4-fs error (device loop2): ext4_lookup:1789: inode #2: comm syz-executor: deleted inode referenced: 12 [ 333.934616][ T5778] EXT4-fs error (device loop2): ext4_lookup:1789: inode #2: comm syz-executor: deleted inode referenced: 12 [ 336.013910][ T12] bridge_slave_1: left allmulticast mode [ 336.021024][ T12] bridge_slave_1: left promiscuous mode [ 336.056400][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 336.101068][ T12] bridge_slave_0: left allmulticast mode [ 336.107070][ T12] bridge_slave_0: left promiscuous mode [ 336.147104][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 336.667932][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 336.712454][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 336.732767][ T12] bond0 (unregistering): Released all slaves [ 336.759168][ T12] bond1 (unregistering): Released all slaves [ 337.391886][ T7256] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 337.461077][ T12] hsr_slave_0: left promiscuous mode [ 337.507784][ T12] hsr_slave_1: left promiscuous mode [ 337.556376][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 337.622325][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 338.534524][ T5771] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 338.547829][ T5771] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 338.558105][ T5771] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 338.581044][ T5771] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 338.602065][ T5771] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 338.826712][ T12] team0 (unregistering): Port device team_slave_1 removed [ 338.974400][ T12] team0 (unregistering): Port device team_slave_0 removed [ 340.722949][ T5777] Bluetooth: hci3: command tx timeout [ 341.478039][ T7292] loop1: detected capacity change from 0 to 256 [ 341.536518][ T7292] exfat: Deprecated parameter 'utf8' [ 341.614944][ T7297] netlink: 'syz.0.612': attribute type 2 has an invalid length. [ 341.704764][ T7297] netlink: 48 bytes leftover after parsing attributes in process `syz.0.612'. [ 341.728582][ T7292] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 342.281609][ T7268] chnl_net:caif_netlink_parms(): no params data found [ 342.744997][ T7308] loop0: detected capacity change from 0 to 1024 [ 342.786021][ T7308] EXT4-fs: Ignoring removed nomblk_io_submit option [ 342.801953][ T5777] Bluetooth: hci3: command tx timeout [ 342.941862][ T7308] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 343.019566][ T7308] System zones: 0-1, 3-36 [ 343.082960][ T7308] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 343.489871][ T7308] EXT4-fs: Can't set or change test_dummy_encryption on remount [ 343.952034][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.504714][ T7335] loop0: detected capacity change from 0 to 512 [ 344.693330][ T7335] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.623: invalid indirect mapped block 4294967295 (level 1) [ 344.719720][ T7268] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.727721][ T7268] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.744153][ T7268] bridge_slave_0: entered allmulticast mode [ 344.753157][ T7337] loop3: detected capacity change from 0 to 64 [ 344.758139][ T7268] bridge_slave_0: entered promiscuous mode [ 344.777626][ T7268] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.786005][ T7268] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.795963][ T7268] bridge_slave_1: entered allmulticast mode [ 344.809071][ T7335] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 344.818751][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 344.835267][ C1] EXT4-fs (loop0): initial error at time 1772463181: ext4_free_branches:1023: inode 11 [ 344.845460][ C1] EXT4-fs (loop0): last error at time 1772463181: ext4_free_branches:1023: inode 11 [ 344.875958][ T7268] bridge_slave_1: entered promiscuous mode [ 344.883010][ T5777] Bluetooth: hci3: command tx timeout [ 344.917682][ T7335] EXT4-fs (loop0): Remounting filesystem read-only [ 344.946247][ T7335] EXT4-fs (loop0): 2 truncates cleaned up [ 345.007885][ T7335] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 345.378187][ T7268] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 345.477393][ T7268] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.603902][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.977792][ T7268] team0: Port device team_slave_0 added [ 346.048920][ T7268] team0: Port device team_slave_1 added [ 346.520539][ T7268] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 346.527746][ T7268] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 346.685269][ T7268] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 346.823660][ T7268] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 346.892401][ T7268] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 346.928415][ T7363] netlink: 'syz.4.631': attribute type 3 has an invalid length. [ 346.961272][ T5777] Bluetooth: hci3: command tx timeout [ 346.963765][ T7268] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 347.123529][ T7366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.634'. [ 348.104647][ T7268] hsr_slave_0: entered promiscuous mode [ 348.191270][ T7268] hsr_slave_1: entered promiscuous mode [ 348.277587][ T7268] debugfs: 'hsr0' already exists in 'hsr' [ 348.348920][ T7268] Cannot create hsr debugfs directory [ 348.982096][ T7390] loop3: detected capacity change from 0 to 512 [ 348.993832][ T7388] netlink: 32 bytes leftover after parsing attributes in process `syz.1.641'. [ 349.021962][ T7390] EXT4-fs (loop3): Test dummy encryption mode enabled [ 349.042435][ T7390] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 349.090187][ T7390] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 349.114219][ T7388] netlink: 56 bytes leftover after parsing attributes in process `syz.1.641'. [ 349.182194][ T7390] EXT4-fs (loop3): orphan cleanup on readonly fs [ 349.281096][ T7390] EXT4-fs error (device loop3): xattr_find_entry:337: inode #15: comm syz.3.643: corrupted xattr entries [ 349.376169][ T7390] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 349.378856][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 349.395064][ C0] EXT4-fs (loop3): initial error at time 1772463185: xattr_find_entry:337: inode 15 [ 349.404998][ C0] EXT4-fs (loop3): last error at time 1772463185: xattr_find_entry:337: inode 15 [ 349.415963][ T7390] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 349.459449][ T7390] EXT4-fs (loop3): 1 orphan inode deleted [ 349.510315][ T7390] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 350.051356][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.437767][ T7400] syz_tun: entered promiscuous mode [ 350.471144][ T7400] macvtap1: entered promiscuous mode [ 350.477763][ T7400] macvtap1: entered allmulticast mode [ 350.556948][ T7400] syz_tun: entered allmulticast mode [ 350.819179][ T7400] syz_tun: left allmulticast mode [ 350.826509][ T7400] syz_tun: left promiscuous mode [ 351.393151][ T7412] loop3: detected capacity change from 0 to 1024 [ 351.403584][ T7415] netlink: 4 bytes leftover after parsing attributes in process `syz.1.651'. [ 351.529696][ T7412] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 351.786598][ T7268] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 351.982536][ T7268] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 352.201274][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.270419][ T7268] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 352.474850][ T7268] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 352.663970][ T7429] loop0: detected capacity change from 0 to 512 [ 352.742410][ T7429] EXT4-fs: Ignoring removed i_version option [ 352.769678][ T7429] EXT4-fs: Ignoring removed nobh option [ 352.802669][ T7429] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 353.094915][ T7429] EXT4-fs (loop0): 1 truncate cleaned up [ 353.146990][ T7429] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 353.836745][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.436859][ T7447] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 354.523608][ T5830] Process accounting resumed [ 354.701814][ T7268] 8021q: adding VLAN 0 to HW filter on device bond0 [ 354.935230][ T7451] Process accounting resumed [ 355.097509][ T7268] 8021q: adding VLAN 0 to HW filter on device team0 [ 355.227494][ T1099] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.235322][ T1099] bridge0: port 1(bridge_slave_0) entered forwarding state [ 355.410455][ T1003] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.418151][ T1003] bridge0: port 2(bridge_slave_1) entered forwarding state [ 356.189860][ T1882] usb 2-1: new low-speed USB device number 4 using dummy_hcd [ 356.422588][ T1882] usb 2-1: config 0 has an invalid interface number: 55 but max is 0 [ 356.471646][ T1882] usb 2-1: config 0 has no interface number 0 [ 356.501162][ T1882] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 356.584870][ T1882] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 356.637877][ T1882] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 356.692706][ T1882] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 356.755414][ T1882] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 356.802894][ T1882] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 356.877032][ T1882] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 356.942571][ T1882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.005832][ T1882] usb 2-1: config 0 descriptor?? [ 357.062471][ T7465] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 357.110240][ T7465] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 357.199528][ T1882] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 357.503530][ T5830] usb 2-1: USB disconnect, device number 4 [ 357.540159][ T5830] ldusb 2-1:0.55: LD USB Device #0 now disconnected [ 357.747960][ T7486] loop0: detected capacity change from 0 to 512 [ 357.855812][ T7486] EXT4-fs: Ignoring removed bh option [ 357.882694][ T7486] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 358.070510][ T7486] EXT4-fs (loop0): 1 truncate cleaned up [ 358.078604][ T7486] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 358.810372][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.977809][ T7498] loop1: detected capacity change from 0 to 64 [ 359.001484][ T7268] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 359.384066][ T7503] loop3: detected capacity change from 0 to 64 [ 360.852130][ T7521] loop3: detected capacity change from 0 to 2048 [ 360.927409][ T7521] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 361.050598][ T7524] netlink: 60 bytes leftover after parsing attributes in process `syz.1.686'. [ 361.051174][ T7527] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 361.187229][ T7524] netlink: 60 bytes leftover after parsing attributes in process `syz.1.686'. [ 362.579007][ T5830] usb 4-1: new low-speed USB device number 6 using dummy_hcd [ 362.853905][ T5830] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 362.867535][ T5830] usb 4-1: config 0 has no interface number 0 [ 362.928180][ T5830] usb 4-1: config 0 interface 1 altsetting 19 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 362.982687][ T5830] usb 4-1: config 0 interface 1 altsetting 19 endpoint 0x81 has invalid wMaxPacketSize 0 [ 363.078928][ T5830] usb 4-1: config 0 interface 1 has no altsetting 0 [ 363.098926][ T5830] usb 4-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00 [ 363.148975][ T5830] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.206183][ T5830] usb 4-1: config 0 descriptor?? [ 363.244543][ T7268] veth0_vlan: entered promiscuous mode [ 363.414083][ T7268] veth1_vlan: entered promiscuous mode [ 363.944616][ T5830] uclogic 0003:2179:0053.0005: failed retrieving string descriptor #100: -71 [ 364.016470][ T5830] uclogic 0003:2179:0053.0005: failed retrieving pen parameters: -71 [ 364.052915][ T7268] veth0_macvtap: entered promiscuous mode [ 364.064344][ T5830] uclogic 0003:2179:0053.0005: pen probing failed: -71 [ 364.101740][ T5830] uclogic 0003:2179:0053.0005: failed probing parameters: -71 [ 364.118596][ T7268] veth1_macvtap: entered promiscuous mode [ 364.132949][ T7543] loop1: detected capacity change from 0 to 4096 [ 364.140432][ T5830] uclogic 0003:2179:0053.0005: probe with driver uclogic failed with error -71 [ 364.215087][ T7543] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 364.241991][ T5830] usb 4-1: USB disconnect, device number 6 [ 364.536476][ T7268] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 364.874732][ T7268] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 365.152741][ T1003] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.214385][ T1003] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.260032][ T1090] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.345025][ T1090] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.420035][ T7576] loop0: detected capacity change from 0 to 1024 [ 367.456664][ T7576] EXT4-fs: Ignoring removed orlov option [ 367.486643][ T5822] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 367.720515][ T5822] usb 4-1: config index 0 descriptor too short (expected 23569, got 27) [ 367.756330][ T7576] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.801424][ T5822] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 367.908579][ T5822] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 367.979079][ T5822] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 367.987468][ T5822] usb 4-1: Manufacturer: syz [ 368.052303][ T5822] usb 4-1: config 0 descriptor?? [ 368.274591][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.316987][ T7587] loop1: detected capacity change from 0 to 256 [ 368.464779][ T5822] rc_core: IR keymap rc-hauppauge not found [ 368.518986][ T5822] Registered IR keymap rc-empty [ 368.527248][ T5822] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 368.622650][ T5822] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input6 [ 368.756339][ T7587] FAT-fs (loop1): Directory bread(block 64) failed [ 368.775223][ C0] igorplugusb 4-1:0.0: receive overflow invalid: 186 [ 368.816207][ T7587] FAT-fs (loop1): Directory bread(block 65) failed [ 368.844753][ T7587] FAT-fs (loop1): Directory bread(block 66) failed [ 368.939260][ T7587] FAT-fs (loop1): Directory bread(block 67) failed [ 369.010756][ T7587] FAT-fs (loop1): Directory bread(block 68) failed [ 369.073267][ T7587] FAT-fs (loop1): Directory bread(block 69) failed [ 369.119490][ T5830] usb 4-1: USB disconnect, device number 7 [ 369.140494][ T7587] FAT-fs (loop1): Directory bread(block 70) failed [ 369.173957][ T7587] FAT-fs (loop1): Directory bread(block 71) failed [ 369.226145][ T7587] FAT-fs (loop1): Directory bread(block 72) failed [ 369.257955][ T7587] FAT-fs (loop1): Directory bread(block 73) failed [ 370.792751][ T7611] loop0: detected capacity change from 0 to 512 [ 370.915019][ T7611] EXT4-fs (loop0): 1 truncate cleaned up [ 370.933923][ T7604] loop3: detected capacity change from 0 to 4096 [ 370.965087][ T7611] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 371.173531][ T7611] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.712: bg 0: block 465: padding at end of block bitmap is not set [ 371.290592][ T7611] EXT4-fs (loop0): Remounting filesystem read-only [ 371.748557][ T7604] ntfs3(loop3): failed to convert "0000" to iso8859-6 [ 371.821237][ T7604] ntfs3(loop3): failed to convert "0030" to iso8859-6 [ 371.841920][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.859114][ T7604] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 372.612374][ T7630] loop4: detected capacity change from 0 to 256 [ 372.677553][ T7630] exfat: Deprecated parameter 'utf8' [ 372.713660][ T7630] exfat: Deprecated parameter 'namecase' [ 372.749753][ T7630] exfat: Deprecated parameter 'namecase' [ 372.794919][ T7630] exfat: Deprecated parameter 'utf8' [ 373.092187][ T7630] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xf17e4aaa, utbl_chksum : 0xe619d30d) [ 373.093648][ T7630] exFAT-fs (loop4): failed to test first cluster bit of root dir(5) [ 373.805479][ T7641] loop3: detected capacity change from 0 to 512 [ 373.863230][ T7641] EXT4-fs: Ignoring removed i_version option [ 373.917093][ T7641] EXT4-fs: Ignoring removed oldalloc option [ 374.061584][ T7645] netlink: 12 bytes leftover after parsing attributes in process `syz.4.722'. [ 374.104891][ T7641] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 374.834165][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.876725][ T106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 374.930822][ T106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 375.238419][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 375.289353][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 379.436301][ T7704] loop1: detected capacity change from 0 to 32768 [ 379.950357][ T7717] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 379.957735][ T7717] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 380.895017][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.3.755'. [ 382.905937][ T7765] loop5: detected capacity change from 0 to 64 [ 382.909127][ C0] hrtimer: interrupt took 617407 ns [ 384.250367][ T7767] loop3: detected capacity change from 0 to 32768 [ 384.300549][ T7767] workqueue: name exceeds WQ_NAME_LEN. Truncating to: gfs2-glock/__Š°"_½z#²˱1Ä [ 384.343897][ T7767] gfs2: fsid=__Š°"_½z#²˱1Ä ¢ “I¡3ØÆÆåwÕÊ‚X9: Trying to join cluster "lock_nolock", "__Š°"_½z#²˱1Ä ¢ “I¡3ØÆÆåwÕÊ‚X9" [ 384.369309][ T7767] gfs2: fsid=__Š°"_½z#²˱1Ä ¢ “I¡3ØÆÆåwÕÊ‚X9: Now mounting FS (format 1801)... [ 384.438168][ T7767] gfs2: fsid=__Š°"_½z#²˱1Ä ¢ “I¡3ØÆÆåwÕÊ‚X9.0: no journals! [ 385.267159][ T7775] loop0: detected capacity change from 0 to 4096 [ 385.419213][ T7775] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 385.825155][ T7786] loop4: detected capacity change from 0 to 256 [ 385.977892][ T7775] ntfs3(loop0): ino=1c, mi_enum_attr [ 386.012112][ T7775] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 386.373831][ T7786] FAT-fs (loop4): Directory bread(block 64) failed [ 386.428968][ T7786] FAT-fs (loop4): Directory bread(block 65) failed [ 386.436075][ T7786] FAT-fs (loop4): Directory bread(block 66) failed [ 386.499532][ T7786] FAT-fs (loop4): Directory bread(block 67) failed [ 386.544345][ T7786] FAT-fs (loop4): Directory bread(block 68) failed [ 386.622391][ T7786] FAT-fs (loop4): Directory bread(block 69) failed [ 386.669304][ T7786] FAT-fs (loop4): Directory bread(block 70) failed [ 386.676132][ T7786] FAT-fs (loop4): Directory bread(block 71) failed [ 386.799303][ T7786] FAT-fs (loop4): Directory bread(block 72) failed [ 386.806121][ T7786] FAT-fs (loop4): Directory bread(block 73) failed [ 387.088828][ T7786] syz.4.773: attempt to access beyond end of device [ 387.088828][ T7786] loop4: rw=8912896, sector=1160, nr_sectors = 4 limit=256 [ 387.184073][ T7786] syz.4.773: attempt to access beyond end of device [ 387.184073][ T7786] loop4: rw=8388608, sector=1160, nr_sectors = 4 limit=256 [ 387.209639][ T5822] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 387.299627][ T29] audit: type=1800 audit(1772463223.861:16): pid=7786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.773" name="file0" dev="loop4" ino=1048660 res=0 errno=0 [ 387.429159][ T5822] usb 6-1: Using ep0 maxpacket: 32 [ 387.519536][ T5822] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 387.551719][ T5822] usb 6-1: config 0 has no interface number 0 [ 387.628501][ T5822] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 387.666280][ T5822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 387.702370][ T5822] usb 6-1: Product: syz [ 387.706949][ T5822] usb 6-1: Manufacturer: syz [ 387.759808][ T5822] usb 6-1: SerialNumber: syz [ 387.781102][ T7804] loop1: detected capacity change from 0 to 512 [ 387.806803][ T5822] usb 6-1: config 0 descriptor?? [ 387.868909][ T7804] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 387.890101][ T7802] loop0: detected capacity change from 0 to 2048 [ 388.036326][ T7802] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 388.119919][ T7804] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 388.199348][ T7802] NILFS (loop0): mounting unchecked fs [ 388.213335][ T7804] EXT4-fs (loop1): 1 truncate cleaned up [ 388.264035][ T7804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 388.434108][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.442125][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 388.528487][ T7802] NILFS (loop0): recovery complete [ 388.572643][ T7813] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 388.714740][ T5822] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71 [ 388.819969][ T5822] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 388.849212][ T7812] loop4: detected capacity change from 0 to 512 [ 388.869755][ T7804] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 388.882939][ T5822] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 388.929135][ T5822] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 389.066274][ T5822] usb 6-1: USB disconnect, device number 2 [ 389.118988][ T7812] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 389.180296][ T7812] System zones: 1-12 [ 389.185511][ T7812] EXT4-fs error (device loop4): dx_probe:791: inode #2: comm syz.4.783: Directory hole found for htree index block 0 [ 389.199580][ T7812] loop4: lost file I/O error report for ino 2 type 5 pos 0x0 len 0x0 error -117 [ 389.208778][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 389.224969][ C0] EXT4-fs (loop4): initial error at time 1772463225: dx_probe:791: inode 2 [ 389.234089][ C0] EXT4-fs (loop4): last error at time 1772463225: dx_probe:791: inode 2 [ 389.302728][ T7812] EXT4-fs (loop4): Remounting filesystem read-only [ 389.474113][ T7812] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -117 [ 389.560302][ T7812] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 389.645940][ T7812] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 389.672866][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.925480][ T7812] EXT4-fs: user quota file already specified [ 390.266669][ T7821] loop0: detected capacity change from 0 to 256 [ 390.355183][ T7821] exfat: Deprecated parameter 'utf8' [ 390.377339][ T29] audit: type=1326 audit(1772463226.951:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7822 comm="syz.5.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ad199c799 code=0x7ffc0000 [ 390.436569][ T7821] exfat: Deprecated parameter 'namecase' [ 390.527212][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 390.549625][ T7821] exfat: Deprecated parameter 'namecase' [ 390.567968][ T29] audit: type=1326 audit(1772463226.951:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7822 comm="syz.5.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ad199c799 code=0x7ffc0000 [ 390.633144][ T7821] exfat: Deprecated parameter 'utf8' [ 390.775181][ T29] audit: type=1326 audit(1772463227.101:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7822 comm="syz.5.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7f3ad199c799 code=0x7ffc0000 [ 390.909594][ T7821] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 390.994393][ T29] audit: type=1326 audit(1772463227.101:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7822 comm="syz.5.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ad199c799 code=0x7ffc0000 [ 391.214004][ T29] audit: type=1326 audit(1772463227.791:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7829 comm="syz.4.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 391.410591][ T29] audit: type=1326 audit(1772463227.891:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7829 comm="syz.4.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 391.582530][ T29] audit: type=1326 audit(1772463227.891:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7829 comm="syz.4.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 391.662492][ T7833] loop1: detected capacity change from 0 to 512 [ 391.779652][ T29] audit: type=1326 audit(1772463227.891:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7829 comm="syz.4.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 391.839484][ T7833] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 391.876893][ T7833] EXT4-fs (loop1): orphan cleanup on readonly fs [ 392.129680][ T7833] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #16: comm syz.1.789: corrupted inode contents [ 392.200940][ T7833] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 392.202442][ T7833] EXT4-fs (loop1): Remounting filesystem read-only [ 392.212144][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 392.212251][ C1] EXT4-fs (loop1): initial error at time 1772463228: ext4_do_update_inode:5569: inode 16 [ 392.212424][ C1] EXT4-fs (loop1): last error at time 1772463228: ext4_do_update_inode:5569: inode 16 [ 392.303584][ T7833] EXT4-fs (loop1): 1 truncate cleaned up [ 392.338943][ T5771] Bluetooth: hci3: command 0x0406 tx timeout [ 392.351784][ T57] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 392.388817][ T57] Quota error (device loop1): write_blk: dquota write failed [ 392.396455][ T57] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries [ 392.599558][ T57] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 392.729084][ T57] Quota error (device loop1): write_blk: dquota write failed [ 392.736813][ T57] Quota error (device loop1): free_dqentry: Can't move quota data block (5) to free list [ 392.864276][ T57] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started [ 392.919038][ T57] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 392.928546][ T57] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 392.980295][ T7853] loop0: detected capacity change from 0 to 164 [ 393.005927][ T7833] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 393.320809][ T7853] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 393.851369][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.684950][ T7861] loop4: detected capacity change from 0 to 4096 [ 394.765087][ T7869] loop3: detected capacity change from 0 to 1024 [ 394.789989][ T7867] loop1: detected capacity change from 0 to 1764 [ 394.892307][ T7861] NILFS (loop4): mounting unchecked fs [ 394.940493][ T7861] NILFS (loop4): invalid segment: Sequence number mismatch [ 394.948014][ T7861] NILFS (loop4): trying rollback from an earlier position [ 394.992277][ T7867] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 395.091693][ T7869] hfsplus: b-tree write err: -5, ino 2 [ 395.167746][ T7861] NILFS (loop4): recovery complete [ 395.250514][ T7875] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 395.672316][ T12] hfsplus: b-tree write err: -5, ino 25 [ 395.709106][ T12] hfsplus: b-tree write err: -5, ino 4 [ 395.779485][ T12] hfsplus: b-tree write err: -5, ino 2 [ 395.805611][ T12] hfsplus: b-tree write err: -5, ino 26 [ 396.308927][ T24] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 396.604622][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 396.679299][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 396.772103][ T24] usb 2-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 396.819783][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.893172][ T24] usb 2-1: config 0 descriptor?? [ 397.255862][ T7891] loop5: detected capacity change from 0 to 1024 [ 397.502547][ T7891] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 397.577296][ T24] steelseries 0003:1038:12B6.0006: item fetching failed at offset 5/7 [ 397.604650][ T24] steelseries 0003:1038:12B6.0006: probe with driver steelseries failed with error -22 [ 397.789484][ T5822] usb 2-1: USB disconnect, device number 5 [ 398.381110][ T7905] loop3: detected capacity change from 0 to 24 [ 398.883472][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 399.656757][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 399.756862][ T7921] loop0: detected capacity change from 0 to 1024 [ 399.935395][ T7921] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 400.016264][ T7921] ext4 filesystem being mounted at /160/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 400.122197][ T7929] loop4: detected capacity change from 0 to 256 [ 400.681922][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 400.854191][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 401.365441][ T5777] Bluetooth: hci3: command 0x0406 tx timeout [ 401.649962][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 402.219382][ T5830] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 402.351347][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 402.455849][ T5830] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 402.498881][ T5830] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 402.591086][ T5830] usb 2-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06 [ 402.619343][ T5830] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.676930][ T5830] usb 2-1: config 0 descriptor?? [ 402.957097][ T5777] Bluetooth: hci0: Malformed LE Event: 0x0d [ 402.970196][ T5830] usb 2-1: string descriptor 0 read error: -71 [ 403.079166][ T5830] usb 2-1: USB disconnect, device number 6 [ 403.120522][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 403.399170][ T7957] loop0: detected capacity change from 0 to 128 [ 403.625068][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 404.382038][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 404.658872][ T7970] loop3: detected capacity change from 0 to 512 [ 404.769391][ T7970] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 404.912576][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 404.944358][ T7970] EXT4-fs (loop3): 1 truncate cleaned up [ 404.987614][ T7970] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 405.581362][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 405.651054][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 406.294700][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 406.416353][ T7990] netlink: 268 bytes leftover after parsing attributes in process `syz.4.848'. [ 406.947357][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 407.614553][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 408.165534][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 408.846848][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 408.923182][ T8021] tipc: Started in network mode [ 408.938103][ T8021] tipc: Node identity ff000001000000000000000000000001, cluster identity 4711 [ 408.954150][ T8021] tipc: Enabling of bearer rejected, failed to enable media [ 409.188461][ T8023] xt_hashlimit: size too large, truncated to 1048576 [ 409.595249][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 410.160880][ T8034] devtmpfs: Too few inodes for current use [ 410.284454][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 410.961133][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 411.525840][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 412.137879][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 412.821178][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 413.621438][ T7268] EXT4-fs error (device loop5): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 414.116001][ T8075] loop3: detected capacity change from 0 to 256 [ 414.186984][ T8077] loop1: detected capacity change from 0 to 16 [ 414.250909][ T8077] erofs (device loop1): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 414.325012][ T8077] erofs (device loop1): mounted with root inode @ nid 36. [ 414.454400][ T8077] syz.1.887: attempt to access beyond end of device [ 414.454400][ T8077] loop1: rw=0, sector=301990144, nr_sectors = 257 limit=16 [ 414.556472][ T8077] syz.1.887: attempt to access beyond end of device [ 414.556472][ T8077] loop1: rw=0, sector=301990400, nr_sectors = 1 limit=16 [ 414.597474][ T8071] loop4: detected capacity change from 0 to 4096 [ 414.650345][ T8077] erofs (device loop1): read error -5 @ 0 of nid 36 [ 414.722472][ T8077] syz.1.887: attempt to access beyond end of device [ 414.722472][ T8077] loop1: rw=0, sector=301990144, nr_sectors = 257 limit=16 [ 414.770111][ T8077] syz.1.887: attempt to access beyond end of device [ 414.770111][ T8077] loop1: rw=0, sector=301990400, nr_sectors = 1 limit=16 [ 414.940237][ T8077] erofs (device loop1): read error -5 @ 0 of nid 36 [ 415.184059][ T8079] loop0: detected capacity change from 0 to 1024 [ 415.581802][ T8079] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.605548][ T5771] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 415.617305][ T5771] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 415.629911][ T5771] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 415.699354][ T5771] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 415.720603][ T5771] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 417.099057][ T5822] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 417.286966][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 417.341270][ T5830] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 417.355664][ T5822] usb 5-1: config 0 interface 0 altsetting 11 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 417.389372][ T5822] usb 5-1: config 0 interface 0 altsetting 11 endpoint 0x81 has invalid wMaxPacketSize 0 [ 417.448478][ T5822] usb 5-1: config 0 interface 0 has no altsetting 0 [ 417.455596][ T5822] usb 5-1: New USB device found, idVendor=056a, idProduct=0144, bcdDevice= 0.00 [ 417.465387][ T5822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 417.488395][ T5822] usb 5-1: config 0 descriptor?? [ 417.606155][ T5830] usb 2-1: config 1 has an invalid interface number: 7 but max is 0 [ 417.678924][ T5830] usb 2-1: config 1 has no interface number 0 [ 417.699684][ T5830] usb 2-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 417.800562][ T5830] usb 2-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 417.861264][ T5830] usb 2-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 417.929714][ T5771] Bluetooth: hci5: command tx timeout [ 417.984617][ T5830] usb 2-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 418.072826][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 418.099193][ T5830] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.111679][ T5830] usb 2-1: Product: syz [ 418.116105][ T5830] usb 2-1: Manufacturer: syz [ 418.131749][ T5830] usb 2-1: SerialNumber: syz [ 418.220730][ T8094] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 418.314318][ T5822] usb 5-1: USB disconnect, device number 5 [ 418.512462][ T8094] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 418.797282][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 418.849232][ T5830] usb 2-1: Incompatible driver and firmware versions [ 419.103388][ T5830] usb 2-1: USB disconnect, device number 7 [ 419.398538][ T8084] chnl_net:caif_netlink_parms(): no params data found [ 419.475177][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 419.597111][ T7268] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 419.666930][ T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.990410][ T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.001923][ T5771] Bluetooth: hci5: command tx timeout [ 420.083996][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 420.418953][ T5830] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 420.563666][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 420.647113][ T5830] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 420.662356][ T5830] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 420.694625][ T5830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 420.752142][ T5830] usb 5-1: config 0 descriptor?? [ 420.788381][ T5830] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 420.941115][ T8114] loop1: detected capacity change from 0 to 764 [ 420.951702][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 420.994318][ T8114] iso9660: Unknown parameter '' [ 421.016000][ T8114] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 421.055520][ T5822] usb 5-1: USB disconnect, device number 6 [ 421.149479][ T8114] UDF-fs: Scanning with blocksize 512 failed [ 421.175018][ T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.219255][ T8114] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 421.291998][ T8114] UDF-fs: Scanning with blocksize 1024 failed [ 421.364572][ T8114] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 421.415256][ T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.450382][ T8114] UDF-fs: Scanning with blocksize 2048 failed [ 421.490780][ T8114] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 421.550058][ T8114] UDF-fs: Scanning with blocksize 4096 failed [ 421.711268][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 421.861641][ T8117] loop3: detected capacity change from 0 to 1024 [ 422.078903][ T5771] Bluetooth: hci5: command tx timeout [ 422.191692][ T8117] hfsplus: b-tree write err: -5, ino 2 [ 422.447813][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 422.505961][ T8122] loop4: detected capacity change from 0 to 64 [ 422.640694][ T1124] hfsplus: b-tree write err: -5, ino 25 [ 422.646875][ T1124] hfsplus: b-tree write err: -5, ino 4 [ 422.699186][ T1124] hfsplus: b-tree write err: -5, ino 2 [ 422.740775][ T1124] hfsplus: b-tree write err: -5, ino 26 [ 422.800666][ T8084] bridge0: port 1(bridge_slave_0) entered blocking state [ 422.829931][ T8084] bridge0: port 1(bridge_slave_0) entered disabled state [ 422.837882][ T8084] bridge_slave_0: entered allmulticast mode [ 422.933386][ T8084] bridge_slave_0: entered promiscuous mode [ 423.123468][ T8084] bridge0: port 2(bridge_slave_1) entered blocking state [ 423.173466][ T8084] bridge0: port 2(bridge_slave_1) entered disabled state [ 423.217484][ T8084] bridge_slave_1: entered allmulticast mode [ 423.285288][ T8084] bridge_slave_1: entered promiscuous mode [ 423.395245][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 423.511896][ T12] bridge_slave_1: left allmulticast mode [ 423.554279][ T12] bridge_slave_1: left promiscuous mode [ 423.619842][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 423.716866][ T12] bridge_slave_0: left allmulticast mode [ 423.724418][ T12] bridge_slave_0: left promiscuous mode [ 423.749960][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 424.116045][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 424.201591][ T5771] Bluetooth: hci5: command tx timeout [ 424.728138][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 425.454025][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 425.479309][ T5822] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 425.686448][ T5822] usb 4-1: config 0 has an invalid interface number: 8 but max is 0 [ 425.719870][ T5822] usb 4-1: config 0 has no interface number 0 [ 425.726274][ T5822] usb 4-1: config 0 interface 8 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 425.751973][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 425.780532][ T5822] usb 4-1: config 0 interface 8 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0 [ 425.792349][ T5822] usb 4-1: config 0 interface 8 has no altsetting 0 [ 425.807696][ T5822] usb 4-1: New USB device found, idVendor=28bd, idProduct=0934, bcdDevice= 0.00 [ 425.859083][ T5822] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 425.887247][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 425.949710][ T5822] usb 4-1: config 0 descriptor?? [ 426.031110][ T12] bond0 (unregistering): Released all slaves [ 426.068905][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 426.482801][ T8084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 426.519320][ T5822] uclogic 0003:28BD:0934.0008: interface is invalid, ignoring [ 426.644449][ T5830] usb 4-1: USB disconnect, device number 8 [ 426.675920][ T8084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 426.717488][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 427.250483][ T8084] team0: Port device team_slave_0 added [ 427.293810][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 427.599856][ T8084] team0: Port device team_slave_1 added [ 427.712040][ T8157] loop4: detected capacity change from 0 to 64 [ 427.821287][ T8157] syz.4.921: attempt to access beyond end of device [ 427.821287][ T8157] loop4: rw=8388608, sector=1024, nr_sectors = 2 limit=64 [ 427.846085][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 427.880630][ T8157] Buffer I/O error on dev loop4, logical block 512, async page read [ 427.914608][ T8157] syz.4.921: attempt to access beyond end of device [ 427.914608][ T8157] loop4: rw=8388608, sector=113152, nr_sectors = 2 limit=64 [ 427.959577][ T8157] Buffer I/O error on dev loop4, logical block 56576, async page read [ 428.021408][ T8159] loop1: detected capacity change from 0 to 2048 [ 428.052371][ T8159] EXT4-fs: Ignoring removed nomblk_io_submit option [ 428.111525][ T8084] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 428.148853][ T8084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 428.267560][ T8159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 428.281817][ T8084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 428.376978][ T8084] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 428.419534][ T8084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 428.446273][ T8159] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.923: bg 0: block 2: invalid block bitmap [ 428.459449][ T8159] EXT4-fs (loop1): Remounting filesystem read-only [ 428.521654][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 428.612422][ T8084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 428.656362][ T8164] netlink: 'syz.3.924': attribute type 21 has an invalid length. [ 428.833735][ T12] hsr_slave_0: left promiscuous mode [ 428.863298][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.911173][ T12] hsr_slave_1: left promiscuous mode [ 428.935242][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 428.949593][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 428.981922][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 429.003495][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 429.200320][ T12] veth1_macvtap: left promiscuous mode [ 429.206140][ T12] veth0_macvtap: left promiscuous mode [ 429.252112][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 429.271473][ T12] veth1_vlan: left promiscuous mode [ 429.307737][ T12] veth0_vlan: left promiscuous mode [ 429.736950][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 430.256325][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 430.789372][ T8178] loop1: detected capacity change from 0 to 2048 [ 430.814298][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 430.979010][ T8178] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 431.200484][ T29] audit: type=1800 audit(1772463267.781:25): pid=8178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.930" name="file1" dev="loop1" ino=1367 res=0 errno=0 [ 431.426778][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 431.547629][ T12] team0 (unregistering): Port device team_slave_1 removed [ 431.663037][ T12] team0 (unregistering): Port device team_slave_0 removed [ 431.992990][ T8185] loop1: detected capacity change from 0 to 8 [ 432.025468][ T5770] EXT4-fs error (device loop0): ext4_empty_dir:3107: inode #11: block 8192: comm syz-executor: Attempting to read directory block (8192) that is past i_size (8388864) [ 432.701267][ T8164] netlink: 164 bytes leftover after parsing attributes in process `syz.3.924'. [ 433.424973][ T8084] hsr_slave_0: entered promiscuous mode [ 433.477311][ T8084] hsr_slave_1: entered promiscuous mode [ 433.552468][ T8084] debugfs: 'hsr0' already exists in 'hsr' [ 433.558441][ T8084] Cannot create hsr debugfs directory [ 433.730628][ T5777] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 433.745033][ T5777] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 433.761759][ T5777] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 433.789999][ T5777] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 433.808166][ T5777] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 434.838966][ T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 435.068869][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 435.120160][ T9] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 435.168983][ T9] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83 [ 435.217477][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 435.261977][ T9] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 435.347218][ T9] usb 2-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 435.378831][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 435.387121][ T9] usb 2-1: Product: syz [ 435.428930][ T9] usb 2-1: Manufacturer: syz [ 435.433939][ T9] usb 2-1: SerialNumber: syz [ 435.500605][ T9] usb 2-1: config 0 descriptor?? [ 435.615863][ C0] imon 2-1:0.0: imon usb_rx_callback_intf0: status(-71) [ 435.633318][ T9] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input8 [ 435.920444][ T5771] Bluetooth: hci3: command tx timeout [ 436.380482][ T9] rc_core: IR keymap rc-imon-pad not found [ 436.386551][ T9] Registered IR keymap rc-empty [ 436.434686][ T8222] loop4: detected capacity change from 0 to 1024 [ 436.457754][ T9] imon 2-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 436.491757][ T9] imon 2-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 436.542183][ T9] rc rc0: iMON Remote (15c2:003b) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 436.626747][ T8222] hfsplus: bad catalog entry type [ 436.635007][ T9] input: iMON Remote (15c2:003b) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input9 [ 436.785955][ T9] imon 2-1:0.0: iMON device (15c2:003b, intf0) on usb<2:8> initialized [ 436.836478][ T9] usb 2-1: USB disconnect, device number 8 [ 437.014733][ T1090] hfsplus: b-tree write err: -5, ino 25 [ 437.027164][ T5770] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 437.106324][ T1090] hfsplus: b-tree write err: -5, ino 4 [ 437.113288][ T1090] hfsplus: b-tree write err: -5, ino 2 [ 437.407775][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 437.653801][ T8084] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 438.004291][ T5777] Bluetooth: hci3: command tx timeout [ 438.146211][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.237993][ T8084] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 438.369856][ T8084] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 438.715618][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 438.853378][ T8084] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 439.285640][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 439.456412][ T8194] chnl_net:caif_netlink_parms(): no params data found [ 439.695969][ T8252] netlink: 12 bytes leftover after parsing attributes in process `syz.1.955'. [ 439.741193][ T8251] loop4: detected capacity change from 0 to 1024 [ 439.848271][ T8251] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 439.960638][ T8251] EXT4-fs error (device loop4): ext4_xattr_inode_iget:441: inode #11: comm syz.4.954: missing EA_INODE flag [ 440.022280][ T8257] loop3: detected capacity change from 0 to 256 [ 440.045575][ T8251] EXT4-fs (loop4): Remounting filesystem read-only [ 440.054504][ T8257] exfat: Deprecated parameter 'utf8' [ 440.084843][ T5777] Bluetooth: hci3: command 0x040f tx timeout [ 440.105476][ T8257] exfat: Deprecated parameter 'utf8' [ 440.274483][ T8257] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 440.301297][ T8252] vlan2: entered promiscuous mode [ 440.307189][ T8252] gretap0: entered promiscuous mode [ 440.499653][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.006761][ T8262] loop4: detected capacity change from 0 to 512 [ 441.348308][ T12] bridge_slave_1: left allmulticast mode [ 441.359084][ T8267] loop3: detected capacity change from 0 to 512 [ 441.409281][ T12] bridge_slave_1: left promiscuous mode [ 441.423894][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 441.486061][ T8267] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.959: Invalid inode bitmap blk 4 in block_group 0 [ 441.541389][ T12] bridge_slave_0: left allmulticast mode [ 441.547294][ T12] bridge_slave_0: left promiscuous mode [ 441.591693][ T8267] loop3: lost filesystem error report for type 5 error -117 [ 441.594153][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 441.611321][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 441.618019][ C1] EXT4-fs (loop3): initial error at time 1772463278: ext4_read_inode_bitmap:139 [ 441.627643][ C1] EXT4-fs (loop3): last error at time 1772463278: ext4_read_inode_bitmap:139 [ 441.664046][ T8267] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 442.086988][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 442.159710][ T5771] Bluetooth: hci3: command 0x040f tx timeout [ 442.772302][ T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 442.997534][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 443.026843][ T9] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 443.069319][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 443.151818][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 443.167704][ T9] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5 [ 443.189662][ T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 443.197957][ T9] usb 4-1: Product: syz [ 443.230728][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 443.243074][ T9] usb 4-1: Manufacturer: syz [ 443.247935][ T9] usb 4-1: SerialNumber: syz [ 443.282805][ T12] bond0 (unregistering): Released all slaves [ 443.292401][ T9] usb 4-1: config 0 descriptor?? [ 443.550410][ T9] uvcvideo 4-1:0.0: Found UVC 34.00 device syz (8086:0b5b) [ 443.558263][ T9] uvcvideo 4-1:0.0: No valid video chain found. [ 443.625757][ T12] tipc: Disabling bearer [ 443.652944][ T12] tipc: Disabling bearer [ 443.675803][ T12] tipc: Left network mode [ 443.768791][ T5830] usb 4-1: USB disconnect, device number 9 [ 443.829563][ T8194] bridge0: port 1(bridge_slave_0) entered blocking state [ 443.874309][ T8194] bridge0: port 1(bridge_slave_0) entered disabled state [ 443.883896][ T8194] bridge_slave_0: entered allmulticast mode [ 443.899617][ T8194] bridge_slave_0: entered promiscuous mode [ 444.030863][ T8194] bridge0: port 2(bridge_slave_1) entered blocking state [ 444.049599][ T8194] bridge0: port 2(bridge_slave_1) entered disabled state [ 444.075347][ T8194] bridge_slave_1: entered allmulticast mode [ 444.102868][ T8194] bridge_slave_1: entered promiscuous mode [ 444.242629][ T5771] Bluetooth: hci3: command 0x040f tx timeout [ 444.506779][ T8194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 444.571604][ T8194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 445.034410][ T8295] loop4: detected capacity change from 0 to 128 [ 445.143957][ T8194] team0: Port device team_slave_0 added [ 445.174292][ T8295] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 445.237095][ T8194] team0: Port device team_slave_1 added [ 445.243915][ T8295] ext4 filesystem being mounted at /226/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 445.549107][ T5830] usb 4-1: new low-speed USB device number 10 using dummy_hcd [ 445.596349][ T5774] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 445.644404][ T12] hsr_slave_0: left promiscuous mode [ 445.681648][ T12] hsr_slave_1: left promiscuous mode [ 445.723900][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 445.739167][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 445.760862][ T5830] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 445.769844][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 445.777684][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 445.785242][ T5830] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 445.827957][ T5830] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 445.859569][ T5830] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 446.008504][ T12] veth1_macvtap: left promiscuous mode [ 446.021739][ T12] veth0_macvtap: left promiscuous mode [ 446.039885][ T12] veth1_vlan: left promiscuous mode [ 446.045534][ T12] veth0_vlan: left promiscuous mode [ 446.172702][ T9] usb 4-1: USB disconnect, device number 10 [ 446.719055][ T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 446.899180][ T9] usb 4-1: Using ep0 maxpacket: 8 [ 446.912312][ T9] usb 4-1: config index 0 descriptor too short (expected 301, got 45) [ 446.932029][ T9] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 446.969300][ T9] usb 4-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=61.23 [ 447.019979][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.077949][ T9] imon:imon_find_endpoints: no valid input (IR) endpoint found [ 447.092859][ T9] imon 4-1:16.0: unable to initialize intf0, err -19 [ 447.098521][ T8311] loop1: detected capacity change from 0 to 512 [ 447.120084][ T9] imon:imon_probe: failed to initialize context! [ 447.127019][ T9] imon 4-1:16.0: unable to register, err -19 [ 447.340257][ T5830] usb 4-1: USB disconnect, device number 11 [ 447.660356][ T12] team0 (unregistering): Port device team_slave_1 removed [ 447.711655][ T12] team0 (unregistering): Port device team_slave_0 removed [ 447.869373][ T5830] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 448.109353][ T5830] usb 2-1: Using ep0 maxpacket: 8 [ 448.126577][ T5830] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 448.170396][ T5830] usb 2-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00 [ 448.195887][ T5830] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.228424][ T5830] usb 2-1: config 0 descriptor?? [ 448.298420][ T5830] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 448.405752][ T8194] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 448.444427][ T8194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 448.493156][ T8315] loop3: detected capacity change from 0 to 1764 [ 448.506068][ T24] usb 2-1: USB disconnect, device number 9 [ 448.555063][ T8194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 448.637782][ T8194] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 448.679733][ T8194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 448.734635][ T8194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 449.060128][ T24] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 449.084754][ T8084] 8021q: adding VLAN 0 to HW filter on device bond0 [ 449.298772][ T24] usb 2-1: Using ep0 maxpacket: 8 [ 449.330795][ T24] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEF, changing to 0x8F [ 449.359137][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 256, setting to 64 [ 449.418911][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 449.422080][ T8194] hsr_slave_0: entered promiscuous mode [ 449.439277][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 449.463888][ T24] usb 2-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 449.478187][ T8194] hsr_slave_1: entered promiscuous mode [ 449.479445][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 449.511671][ T8194] debugfs: 'hsr0' already exists in 'hsr' [ 449.529481][ T8194] Cannot create hsr debugfs directory [ 449.550792][ T24] usb 2-1: SerialNumber: syz [ 449.580761][ T24] usb 2-1: config 0 descriptor?? [ 449.742645][ T24] hso 2-1:0.0: Can't find BULK IN endpoint [ 449.891882][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 449.909489][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 449.950763][ T24] usb 2-1: USB disconnect, device number 10 [ 449.973131][ T8084] 8021q: adding VLAN 0 to HW filter on device team0 [ 450.229926][ T106] bridge0: port 1(bridge_slave_0) entered blocking state [ 450.237917][ T106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 450.578208][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 450.585974][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 451.177445][ T5830] kernel write not supported for file /uinput (pid: 5830 comm: kworker/1:5) [ 452.491516][ T8194] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 452.547117][ T5822] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 452.624480][ T8194] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 452.750431][ T8194] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 452.759212][ T5822] usb 2-1: Using ep0 maxpacket: 8 [ 452.833854][ T5822] usb 2-1: unable to get BOS descriptor or descriptor too short [ 452.874851][ T8194] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 452.886955][ T5822] usb 2-1: config 0 has an invalid interface number: 125 but max is 2 [ 452.940591][ T5822] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 452.998946][ T5822] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 453.008126][ T5822] usb 2-1: config 0 has no interface number 0 [ 453.049454][ T5822] usb 2-1: config 0 interface 125 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 453.091971][ T5822] usb 2-1: config 0 interface 125 has no altsetting 0 [ 453.158185][ T5822] usb 2-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=8a.dd [ 453.219490][ T5822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 453.227777][ T5822] usb 2-1: Product: syz [ 453.268893][ T5822] usb 2-1: Manufacturer: syz [ 453.276026][ T5822] usb 2-1: SerialNumber: syz [ 453.331139][ T5822] usb 2-1: config 0 descriptor?? [ 453.585123][ T8349] loop3: detected capacity change from 0 to 4096 [ 453.631542][ T5822] hub 2-1:0.125: bad descriptor, ignoring hub [ 453.638004][ T5822] hub 2-1:0.125: probe with driver hub failed with error -5 [ 453.847612][ T5822] uvcvideo 2-1:0.125: Found UVC 0.00 device syz (17dc:0202) [ 453.855761][ T5822] uvcvideo 2-1:0.125: No valid video chain found. [ 454.038374][ T8349] ntfs3(loop3): ino=19, mi_enum_attr [ 454.103911][ T8349] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 454.172129][ T8349] ntfs3(loop3): ino=19, mi_enum_attr [ 454.177710][ T8349] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 454.203899][ T1882] usb 2-1: USB disconnect, device number 11 [ 454.950256][ T8084] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 455.137455][ T8194] 8021q: adding VLAN 0 to HW filter on device bond0 [ 455.582941][ T8194] 8021q: adding VLAN 0 to HW filter on device team0 [ 455.755128][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 455.762962][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 455.992415][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 456.000209][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 456.501907][ T8377] loop1: detected capacity change from 0 to 512 [ 456.590719][ T8377] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 456.758452][ T8383] genirq: Flags mismatch irq 4. 00200000 (pcmmio) vs. 00200080 (ttyS0) [ 456.822228][ T8377] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 456.940582][ T8377] ext4 filesystem being mounted at /227/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 457.707502][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 457.846368][ T8393] loop4: detected capacity change from 0 to 2048 [ 458.062525][ T8393] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 458.108414][ T8398] tipc: Started in network mode [ 458.130174][ T8398] tipc: Node identity 2d000000000000000000000000000001, cluster identity 4711 [ 458.185511][ T8398] tipc: Enabling of bearer rejected, failed to enable media [ 459.067335][ T8084] veth0_vlan: entered promiscuous mode [ 459.276032][ T8084] veth1_vlan: entered promiscuous mode [ 459.282041][ T5924] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 459.499071][ T5924] usb 4-1: Using ep0 maxpacket: 32 [ 459.523148][ T5924] usb 4-1: config 0 has an invalid interface number: 119 but max is 0 [ 459.578882][ T5924] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 459.645334][ T5924] usb 4-1: config 0 has no interface number 0 [ 459.699348][ T5924] usb 4-1: config 0 interface 119 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 459.776166][ T5924] usb 4-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 459.795930][ T8194] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 459.832590][ T5924] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 459.858330][ T5924] usb 4-1: Product: syz [ 459.868789][ T5924] usb 4-1: Manufacturer: syz [ 459.890060][ T5924] usb 4-1: SerialNumber: syz [ 459.913374][ T5924] usb 4-1: config 0 descriptor?? [ 460.027816][ T5924] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.119/input/input10 [ 460.075284][ T8084] veth0_macvtap: entered promiscuous mode [ 460.228510][ T5924] usb 4-1: USB disconnect, device number 12 [ 460.259525][ T8084] veth1_macvtap: entered promiscuous mode [ 460.280229][ T8417] loop4: detected capacity change from 0 to 1024 [ 460.586039][ T8084] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 460.843642][ T8084] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 461.089809][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 461.117438][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 461.295381][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 461.349025][ T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 462.428476][ T8430] loop1: detected capacity change from 0 to 4096 [ 463.269301][ T8445] loop3: detected capacity change from 0 to 16 [ 463.348157][ T8445] erofs (device loop3): mounted with root inode @ nid 36. [ 463.763580][ T8194] veth0_vlan: entered promiscuous mode [ 463.987719][ T8194] veth1_vlan: entered promiscuous mode [ 464.712974][ T8194] veth0_macvtap: entered promiscuous mode [ 464.865646][ T8194] veth1_macvtap: entered promiscuous mode [ 465.304354][ T8194] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 465.383231][ T8462] loop1: detected capacity change from 0 to 1024 [ 465.483672][ T8462] hfsplus: invalid length 32517 has been corrected to 255 [ 465.593292][ T8194] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 465.908955][ T1090] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 465.918287][ T1090] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 465.986136][ T1090] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 466.057386][ T8472] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1022'. [ 466.137457][ T106] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 466.161843][ T8472] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1022'. [ 466.211334][ T1090] hfsplus: b-tree write err: -5, ino 20 [ 466.227761][ T8472] netlink: 'syz.3.1022': attribute type 15 has an invalid length. [ 467.424241][ T8486] loop3: detected capacity change from 0 to 512 [ 467.668210][ T8486] EXT4-fs (loop3): 1 truncate cleaned up [ 467.701761][ T8486] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 467.833049][ T29] audit: type=1800 audit(1772463304.411:26): pid=8486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1025" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 468.015721][ T8485] loop4: detected capacity change from 0 to 4096 [ 468.080490][ T8486] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1025: bg 0: block 465: padding at end of block bitmap is not set [ 468.185424][ T8486] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 256 with error 28 [ 468.246278][ T8486] EXT4-fs (loop3): This should not happen!! Data will be lost [ 468.246278][ T8486] [ 468.289204][ T8486] EXT4-fs (loop3): Total free blocks count 0 [ 468.317318][ T8486] EXT4-fs (loop3): Free/Dirty block details [ 468.359156][ T8486] EXT4-fs (loop3): free_blocks=0 [ 468.409225][ T8486] EXT4-fs (loop3): dirty_blocks=257 [ 468.414869][ T8486] EXT4-fs (loop3): Block reservation details [ 468.539084][ T8486] EXT4-fs (loop3): i_reserved_data_blocks=257 [ 469.236562][ T106] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 471.119567][ T8527] loop1: detected capacity change from 0 to 1024 [ 471.182477][ T8527] EXT4-fs: inline encryption not supported [ 471.320900][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 471.378949][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 471.422125][ T8527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 471.829173][ T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 471.837467][ T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 472.217076][ T8543] loop4: detected capacity change from 0 to 64 [ 472.232749][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.574963][ T8543] hfs: request for non-existent node 24 in B*Tree [ 472.631180][ T8543] hfs: request for non-existent node 24 in B*Tree [ 473.170988][ T8552] loop6: detected capacity change from 0 to 128 [ 473.286803][ T8552] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 473.319229][ T1882] usb 2-1: new full-speed USB device number 12 using dummy_hcd [ 473.343178][ T8552] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 473.532167][ T8552] ------------[ cut here ]------------ [ 473.537908][ T8552] WARNING: fs/udf/truncate.c:224 at udf_truncate_extents+0x7b3/0x1d60, CPU#0: syz.6.883/8552 [ 473.552422][ T8552] Modules linked in: [ 473.556780][ T8552] CPU: 0 UID: 0 PID: 8552 Comm: syz.6.883 Tainted: G L syzkaller #0 PREEMPT(full) [ 473.569482][ T8552] Tainted: [L]=SOFTLOCKUP [ 473.574034][ T8552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 473.585059][ T8552] RIP: 0010:udf_truncate_extents+0x7b3/0x1d60 [ 473.591848][ T8552] Code: ff 44 89 ff 48 89 d3 e8 0b 9a 48 fe 89 03 e9 55 fd ff ff 44 89 e7 e8 1c 9e 48 fe 4d 85 ff 0f 84 38 fe ff ff e8 de 32 9d fd 90 <0f> 0b 90 e9 30 14 00 00 44 89 f7 e8 fd 9d 48 fe 45 85 ff 0f 84 7e [ 473.612384][ T8552] RSP: 0018:ffff8881341ab898 EFLAGS: 00010283 [ 473.619380][ T8552] RAX: ffffffff84628a12 RBX: ffffffffffffffff RCX: 0000000000080000 [ 473.627633][ T8552] RDX: ffffc900087ec000 RSI: 0000000000000775 RDI: 0000000000000776 [ 473.629538][ T1882] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 473.636410][ T8552] RBP: ffff8881341ab9f8 R08: ffffea000000000f R09: 0000000000000002 [ 473.658261][ T8552] R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000000 [ 473.667684][ T8552] R13: 0000000000000000 R14: 0000000000000000 R15: 000000000000000a [ 473.676231][ T8552] FS: 00007f323aa5c6c0(0000) GS:ffff8881aa3cd000(0000) knlGS:0000000000000000 [ 473.685731][ T8552] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 473.693188][ T8552] CR2: 00007f7bc3a17dac CR3: 0000000119f3c000 CR4: 00000000003526f0 [ 473.702658][ T8552] Call Trace: [ 473.706155][ T8552] [ 473.709523][ T8552] ? kmsan_get_metadata+0xf1/0x160 [ 473.715149][ T8552] ? kmsan_get_metadata+0xf1/0x160 [ 473.720871][ T8552] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 473.727690][ T8552] udf_write_failed+0x321/0x3d0 [ 473.733259][ T8552] udf_write_begin+0x2fa/0x370 [ 473.738388][ T8552] ? __pfx_udf_write_begin+0x10/0x10 [ 473.744248][ T8552] generic_perform_write+0x364/0x1050 [ 473.750394][ T8552] ? kmsan_get_metadata+0xf1/0x160 [ 473.759597][ T8552] __generic_file_write_iter+0x213/0x460 [ 473.765650][ T8552] udf_file_write_iter+0x53f/0xdb0 [ 473.772349][ T8552] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 473.779749][ T8552] vfs_write+0xbe1/0x15c0 [ 473.784748][ T8552] ? __pfx_udf_file_write_iter+0x10/0x10 [ 473.791113][ T8552] ksys_write+0x1d9/0x470 [ 473.795903][ T8552] __x64_sys_write+0x97/0xf0 [ 473.801048][ T8552] x64_sys_call+0x2ff0/0x3ea0 [ 473.806075][ T8552] do_syscall_64+0x134/0xf80 [ 473.811157][ T8552] ? clear_bhb_loop+0x50/0xa0 [ 473.816172][ T8552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 473.822620][ T8552] RIP: 0033:0x7f3239b9c799 [ 473.827411][ T8552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 473.841532][ T1882] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 473.847928][ T8552] RSP: 002b:00007f323aa5c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 473.870050][ T8552] RAX: ffffffffffffffda RBX: 00007f3239e15fa0 RCX: 00007f3239b9c799 [ 473.878473][ T8552] RDX: 00000000fffffdab RSI: 0000200000000000 RDI: 0000000000000004 [ 473.886990][ T8552] RBP: 00007f3239c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 473.895448][ T8552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 473.903967][ T8552] R13: 00007f3239e16038 R14: 00007f3239e15fa0 R15: 00007ffe5790caf8 [ 473.912510][ T8552] [ 473.915735][ T8552] ---[ end trace 0000000000000000 ]--- [ 473.983911][ T1882] usb 2-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06 [ 474.041138][ T1882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.145708][ T1882] usb 2-1: config 0 descriptor?? [ 474.443716][ T8549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 474.533653][ T8549] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 474.639679][ T5771] Bluetooth: hci0: adv larger than maximum supported [ 474.639835][ T5771] Bluetooth: hci0: Malformed LE Event: 0x0d [ 474.675813][ T1882] usb 2-1: string descriptor 0 read error: -71 [ 474.786129][ T1882] usb 2-1: USB disconnect, device number 12 [ 475.730369][ T8567] loop6: detected capacity change from 0 to 512 [ 475.730468][ T8563] loop4: detected capacity change from 0 to 32768 [ 475.745804][ T8563] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1043 (8563) [ 475.800890][ T8569] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1046'. [ 475.853377][ T8563] BTRFS info (device loop4 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 475.864837][ T8563] BTRFS info (device loop4 state S): using crc32c checksum algorithm [ 475.874020][ T8563] BTRFS error (device loop4 state S): ignoremetacsums must be used with ro mount option [ 475.884681][ T8563] BTRFS error (device loop4 state S): open_ctree failed: -22 [ 475.939992][ T8569] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1046'. [ 475.976568][ T8569] netlink: 'syz.3.1046': attribute type 13 has an invalid length. [ 476.649673][ T8567] EXT4-fs (loop6): 1 truncate cleaned up [ 476.810834][ T8567] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 477.229573][ T8573] loop1: detected capacity change from 0 to 40427 [ 477.246901][ T8573] F2FS-fs: heap/no_heap options were deprecated [ 477.255583][ T8573] F2FS-fs (loop1): Invalid log sectorsize (512) [ 477.262446][ T8573] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 477.289466][ T8573] F2FS-fs (loop1): invalid crc value [ 477.305190][ T8573] F2FS-fs (loop1): invalid crc_offset: 65535 [ 477.311626][ T8573] F2FS-fs (loop1): Failed to get valid F2FS checkpoint [ 477.959229][ T8579] loop3: detected capacity change from 0 to 256 [ 478.021425][ T8084] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 478.543106][ T8579] FAT-fs (loop3): Directory bread(block 64) failed [ 478.588084][ T8579] FAT-fs (loop3): Directory bread(block 65) failed [ 478.630495][ T8579] FAT-fs (loop3): Directory bread(block 66) failed [ 478.637289][ T8579] FAT-fs (loop3): Directory bread(block 67) failed [ 478.743683][ T8579] FAT-fs (loop3): Directory bread(block 68) failed [ 478.802717][ T8579] FAT-fs (loop3): Directory bread(block 69) failed [ 478.846996][ T106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.890258][ T8579] FAT-fs (loop3): Directory bread(block 70) failed [ 478.897110][ T8579] FAT-fs (loop3): Directory bread(block 71) failed [ 478.922645][ T106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.966243][ T8579] FAT-fs (loop3): Directory bread(block 72) failed [ 479.039261][ T8579] FAT-fs (loop3): Directory bread(block 73) failed [ 479.234036][ T8590] loop4: detected capacity change from 0 to 512 [ 479.331410][ T8590] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 479.359468][ T106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 479.367549][ T106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 479.457274][ T8590] EXT4-fs (loop4): 1 truncate cleaned up [ 479.523797][ T8590] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 480.162497][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.462458][ T8595] loop6: detected capacity change from 0 to 32768 [ 480.497944][ T8595] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1053 (8595) [ 480.541694][ T8595] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 480.552292][ T8595] BTRFS info (device loop6): using sha256 checksum algorithm [ 480.573621][ T8595] BTRFS error (device loop6): superblock checksum mismatch [ 480.581572][ T8595] BTRFS error (device loop6): open_ctree failed: -22 [ 481.170414][ T8605] warning: `syz.6.1058' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 481.210733][ T8606] loop4: detected capacity change from 0 to 64 [ 481.248932][ T5822] usb 2-1: new full-speed USB device number 13 using dummy_hcd [ 481.559362][ T5822] usb 2-1: config 0 has an invalid interface number: 34 but max is 0 [ 481.567745][ T5822] usb 2-1: config 0 has no interface number 0 [ 481.671955][ T5822] usb 2-1: config 0 interface 34 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 481.759987][ T5822] usb 2-1: New USB device found, idVendor=046d, idProduct=c517, bcdDevice= 0.00 [ 481.856943][ T5822] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.940870][ T5822] usb 2-1: config 0 descriptor?? [ 481.965381][ T8609] netlink: 224 bytes leftover after parsing attributes in process `syz.7.934'. [ 482.009254][ T8609] netlink: 28 bytes leftover after parsing attributes in process `syz.7.934'. [ 482.642226][ T5822] logitech-djreceiver 0003:046D:C517.0009: item fetching failed at offset 3/7 [ 482.747050][ T5822] logitech-djreceiver 0003:046D:C517.0009: logi_dj_probe: parse failed [ 482.842645][ T5822] logitech-djreceiver 0003:046D:C517.0009: probe with driver logitech-djreceiver failed with error -22 [ 482.909584][ T8614] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 483.006858][ T5822] usb 2-1: USB disconnect, device number 13 [ 483.590823][ T5822] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 483.838995][ T5822] usb 8-1: Using ep0 maxpacket: 16 [ 483.907721][ T5822] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 483.937405][ T5822] usb 8-1: config 0 has no interface number 0 [ 483.955972][ T5822] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 484.033876][ T5822] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 484.082196][ T5822] usb 8-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 484.145931][ T5822] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.215701][ T5822] usb 8-1: config 0 descriptor?? [ 484.870329][ T8634] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 485.004309][ T5822] uclogic 0003:28BD:0071.000A: failed retrieving string descriptor #100: -71 [ 485.053804][ T5822] uclogic 0003:28BD:0071.000A: failed retrieving pen parameters: -71 [ 485.078877][ T5822] uclogic 0003:28BD:0071.000A: pen probing failed: -71 [ 485.148960][ T5822] uclogic 0003:28BD:0071.000A: failed probing parameters: -71 [ 485.193829][ T5822] uclogic 0003:28BD:0071.000A: probe with driver uclogic failed with error -71 [ 485.291369][ T5822] usb 8-1: USB disconnect, device number 2 [ 485.610959][ T5830] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 485.875481][ T5830] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 485.970450][ T5830] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 486.068895][ T5830] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80 [ 486.078246][ T5830] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.192137][ T5830] usb 2-1: config 0 descriptor?? [ 486.750968][ T5830] cp2112 0003:10C4:EA90.000B: unknown main item tag 0x0 [ 486.843870][ T5830] cp2112 0003:10C4:EA90.000B: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0 [ 487.018352][ T5830] cp2112 0003:10C4:EA90.000B: error requesting version [ 487.064855][ T5830] cp2112 0003:10C4:EA90.000B: probe with driver cp2112 failed with error -71 [ 487.184618][ T5830] usb 2-1: USB disconnect, device number 14 [ 487.219293][ T5822] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 487.483681][ T5822] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 487.548479][ T5822] usb 5-1: config 0 has no interface number 0 [ 487.607023][ T5822] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 487.674215][ T5822] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 487.754729][ T5822] usb 5-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 487.835584][ T5822] usb 5-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00 [ 487.918958][ T5822] usb 5-1: New USB device strings: Mfr=0, Product=64, SerialNumber=0 [ 487.927468][ T5822] usb 5-1: Product: syz [ 488.025407][ T5822] usb 5-1: config 0 descriptor?? [ 488.413286][ T8658] fido_id[8658]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 488.556188][ T5822] chicony 0003:04F2:1421.000C: ignoring exceeding usage max [ 488.692895][ T5822] chicony 0003:04F2:1421.000C: collection stack underflow [ 488.731801][ T5822] chicony 0003:04F2:1421.000C: item 0 0 0 12 parsing failed [ 488.781317][ T8669] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 488.830247][ T5822] chicony 0003:04F2:1421.000C: Chicony hid parse failed: -22 [ 488.838535][ T5822] chicony 0003:04F2:1421.000C: probe with driver chicony failed with error -22 [ 488.991869][ T5822] usb 5-1: USB disconnect, device number 7 [ 489.025709][ T8673] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1081'. [ 489.099050][ T8673] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1081'. [ 489.816699][ T8676] loop1: detected capacity change from 0 to 2048 [ 489.911163][ T8676] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 490.004558][ T8681] Invalid ELF header magic: != ELF [ 490.018926][ T5830] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 490.109102][ T8676] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 490.230337][ T5830] usb 8-1: Using ep0 maxpacket: 16 [ 490.284720][ T5830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 490.317198][ T5830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 490.378867][ T5830] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 490.434399][ T5830] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 490.490669][ T5830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.565685][ T5830] usb 8-1: config 0 descriptor?? [ 491.152980][ T5830] microsoft 0003:045E:07DA.000D: collection stack underflow [ 491.188896][ T5830] microsoft 0003:045E:07DA.000D: item 0 4 0 12 parsing failed [ 491.272564][ T5830] microsoft 0003:045E:07DA.000D: parse failed [ 491.292717][ T5830] microsoft 0003:045E:07DA.000D: probe with driver microsoft failed with error -22 [ 491.323533][ T8692] loop3: detected capacity change from 0 to 764 [ 491.422414][ T5830] usb 8-1: USB disconnect, device number 3 [ 492.807242][ T8698] loop4: detected capacity change from 0 to 2048 [ 493.065549][ T8698] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 493.363346][ T8706] [U] ø [ 494.350270][ T8721] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1100'. [ 494.776001][ T8725] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 494.825711][ T8723] loop3: detected capacity change from 0 to 2048 [ 495.146025][ T8723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 495.367728][ T8730] loop1: detected capacity change from 0 to 1024 [ 495.419648][ T8731] loop6: detected capacity change from 0 to 1024 [ 495.865046][ T8730] hfsplus: bad catalog folder entry [ 495.941828][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 496.471112][ T106] hfsplus: bad catalog folder entry [ 496.539750][ T106] hfsplus: bad catalog file entry [ 496.961764][ T29] audit: type=1326 audit(1772463333.531:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3239b9c799 code=0x7ffc0000 [ 497.149248][ T29] audit: type=1326 audit(1772463333.581:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f3239b594fb code=0x7ffc0000 [ 497.265134][ T8750] loop3: detected capacity change from 0 to 1024 [ 497.274115][ T29] audit: type=1326 audit(1772463333.581:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3239b9c799 code=0x7ffc0000 [ 497.320216][ T29] audit: type=1326 audit(1772463333.581:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3239b9c799 code=0x7ffc0000 [ 497.440169][ T29] audit: type=1326 audit(1772463333.581:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3239b9c42b code=0x7ffc0000 [ 497.471211][ T8750] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 497.557056][ T29] audit: type=1326 audit(1772463333.581:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f3239b9c799 code=0x7ffc0000 [ 497.606923][ T8750] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 497.649847][ T8750] EXT4-fs (loop3): orphan cleanup on readonly fs [ 497.657809][ T29] audit: type=1326 audit(1772463333.581:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3239b9c799 code=0x7ffc0000 [ 497.682567][ T29] audit: type=1326 audit(1772463333.601:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3239b9c799 code=0x7ffc0000 [ 497.707009][ T29] audit: type=1326 audit(1772463333.621:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3239b9c799 code=0x7ffc0000 [ 497.775739][ T8750] EXT4-fs error (device loop3): __ext4_get_inode_loc:4782: comm syz.3.1107: Invalid inode table block 0 in block_group 0 [ 497.803647][ T29] audit: type=1326 audit(1772463333.621:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8745 comm="syz.6.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3239b9c799 code=0x7ffc0000 [ 497.880698][ T8750] loop3: lost filesystem error report for type 5 error -117 [ 497.883225][ T8750] EXT4-fs (loop3): Remounting filesystem read-only [ 497.891143][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 497.891261][ C1] EXT4-fs (loop3): initial error at time 1772463334: __ext4_get_inode_loc:4782 [ 497.891401][ C1] EXT4-fs (loop3): last error at time 1772463334: __ext4_get_inode_loc:4782 [ 497.936971][ T8750] EXT4-fs (loop3): 1 truncate cleaned up [ 497.991096][ T8750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 498.591576][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 498.832848][ T8757] loop4: detected capacity change from 0 to 4096 [ 498.940633][ T8765] loop7: detected capacity change from 0 to 1024 [ 500.124570][ T8778] loop6: detected capacity change from 0 to 1024 [ 500.180664][ T8777] loop7: detected capacity change from 0 to 512 [ 500.266461][ T8777] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 500.431764][ T8777] EXT4-fs (loop7): 1 truncate cleaned up [ 500.469940][ T8777] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 502.049569][ T8799] loop6: detected capacity change from 0 to 2048 [ 502.111000][ T8194] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 502.137851][ T8802] loop3: detected capacity change from 0 to 512 [ 502.254268][ T8799] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 502.290092][ T57] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.313145][ T8802] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 502.410488][ T8802] EXT4-fs (loop3): orphan cleanup on readonly fs [ 502.469976][ T8802] EXT4-fs warning (device loop3): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 502.581568][ T8802] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 502.659512][ T8802] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #16: comm syz.3.1128: invalid fast symlink length 9000 [ 502.749085][ T8802] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 502.750610][ T8802] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1128: couldn't read orphan inode 16 (err -117) [ 502.760580][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 502.760689][ C1] EXT4-fs (loop3): initial error at time 1772463339: ext4_orphan_get:1391: inode 16 [ 502.760870][ C1] EXT4-fs (loop3): last error at time 1772463339: ext4_orphan_get:1391: inode 16 [ 502.800601][ T57] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.927357][ T8802] loop3: lost filesystem error report for type 5 error -117 [ 502.935158][ T8802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 503.211380][ T57] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 503.674339][ T57] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 503.727431][ T5783] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 504.511694][ T57] bridge_slave_1: left allmulticast mode [ 504.517790][ T57] bridge_slave_1: left promiscuous mode [ 504.559921][ T57] bridge0: port 2(bridge_slave_1) entered disabled state [ 504.674120][ T57] bridge_slave_0: left allmulticast mode [ 504.728911][ T57] bridge_slave_0: left promiscuous mode [ 504.735933][ T57] bridge0: port 1(bridge_slave_0) entered disabled state [ 505.827971][ T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 505.857912][ T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 505.884538][ T57] bond0 (unregistering): Released all slaves [ 506.175378][ T8825] loop4: detected capacity change from 0 to 512 [ 506.360953][ T8825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 506.469261][ T1882] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 506.663977][ T1882] usb 4-1: Using ep0 maxpacket: 8 [ 506.687663][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 506.687752][ T29] audit: type=1800 audit(1772463343.211:43): pid=8825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1136" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 506.777935][ T1882] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 506.851617][ T1882] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 506.893811][ T1882] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 506.958833][ T1882] usb 4-1: Product: syz [ 506.963358][ T1882] usb 4-1: Manufacturer: syz [ 507.009598][ T1882] usb 4-1: SerialNumber: syz [ 507.067386][ T8832] [U] ^C [ 507.184251][ T5777] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 507.209915][ T5777] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 507.221026][ T5777] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 507.260930][ T5777] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 507.314347][ T5777] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 507.333032][ T1882] usb 4-1: Handspring Visor / Palm OS: port 13, is for unknown use [ 507.401159][ T1882] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 507.426306][ T1882] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2 [ 507.559953][ T5774] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 507.580456][ T1882] usb 4-1: palm_os_3_probe - error -71 getting bytes available request [ 507.629259][ T1882] visor 4-1:1.0: Handspring Visor / Palm OS converter detected [ 507.740615][ T1882] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 507.911609][ T8842] vxfs: block size(16384) > page size(4096) not supported by filesystem [ 507.965634][ T1882] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 507.989035][ T8842] vxfs: WRONG superblock magic 00000000 at 1 [ 508.026940][ T8842] vxfs: WRONG superblock magic 00000000 at 8 [ 508.043872][ T1882] usb 4-1: USB disconnect, device number 13 [ 508.068911][ T8842] vxfs: can't find superblock. [ 508.112542][ T1882] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 508.205168][ T1882] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 508.248995][ T1882] visor 4-1:1.0: device disconnected [ 508.363112][ T57] hsr_slave_0: left promiscuous mode [ 508.470625][ T57] hsr_slave_1: left promiscuous mode [ 508.521938][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 508.600833][ T57] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 508.676816][ T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 508.702220][ T57] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 508.899424][ T57] veth1_macvtap: left promiscuous mode [ 508.915869][ T57] veth0_macvtap: left promiscuous mode [ 508.959379][ T57] veth1_vlan: left promiscuous mode [ 508.965161][ T57] veth0_vlan: left promiscuous mode [ 509.442611][ T5777] Bluetooth: hci1: command tx timeout [ 509.956856][ T8862] loop1: detected capacity change from 0 to 512 [ 510.220028][ T8862] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1146: couldn't read orphan inode 26 (err -116) [ 510.299790][ T8862] loop1: lost filesystem error report for type 5 error -116 [ 510.326773][ T8862] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 510.400688][ T8862] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 510.660222][ T8871] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1149'. [ 511.020455][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 511.105915][ T8875] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1150'. [ 511.317835][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.326601][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 511.529486][ T5777] Bluetooth: hci1: command tx timeout [ 511.771106][ T8882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1151'. [ 512.090847][ T57] team0 (unregistering): Port device team_slave_1 removed [ 512.162807][ T57] team0 (unregistering): Port device team_slave_0 removed [ 512.727849][ T8869] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 512.834112][ T8882] ip6gretap0: entered promiscuous mode [ 512.975773][ T8882] ip6gretap0: left promiscuous mode [ 513.329669][ T8890] netlink: 'syz.6.1154': attribute type 9 has an invalid length. [ 513.343603][ T8890] netlink: 4848 bytes leftover after parsing attributes in process `syz.6.1154'. [ 513.448244][ T8891] sctp: [Deprecated]: syz.3.1155 (pid 8891) Use of struct sctp_assoc_value in delayed_ack socket option. [ 513.448244][ T8891] Use struct sctp_sack_info instead [ 513.603199][ T5777] Bluetooth: hci1: command tx timeout [ 514.279326][ T1882] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 514.519387][ T1882] usb 2-1: Using ep0 maxpacket: 32 [ 514.554361][ T1882] usb 2-1: config 0 has an invalid interface number: 132 but max is 0 [ 514.586027][ T1882] usb 2-1: config 0 has no interface number 0 [ 514.639305][ T1882] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 514.724449][ T1882] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 514.763759][ T8907] loop6: detected capacity change from 0 to 256 [ 514.773728][ T1882] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 514.810716][ T1882] usb 2-1: Product: syz [ 514.851376][ T1882] usb 2-1: Manufacturer: syz [ 514.856290][ T1882] usb 2-1: SerialNumber: syz [ 514.907611][ T1882] usb 2-1: config 0 descriptor?? [ 514.993680][ T1882] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 515.062336][ T8907] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001e4a3, chksum : 0xe65d9f0a, utbl_chksum : 0x7319d30d) [ 515.069222][ T1882] em28xx 2-1:0.132: Video interface 132 found: [ 515.192623][ T8835] chnl_net:caif_netlink_parms(): no params data found [ 515.306966][ T8903] loop4: detected capacity change from 0 to 4096 [ 515.375899][ T29] audit: type=1800 audit(1772463351.951:44): pid=8907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1160" name="file1" dev="loop6" ino=1048699 res=0 errno=0 [ 515.456954][ T1882] em28xx 2-1:0.132: chip ID is em2884 [ 515.465104][ T8903] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 515.679353][ T5777] Bluetooth: hci1: command tx timeout [ 515.787558][ T1882] em28xx 2-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5) [ 515.815911][ T1882] em28xx 2-1:0.132: board has no eeprom [ 515.931499][ T8903] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 515.950809][ T1882] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 515.980601][ T1882] em28xx 2-1:0.132: analog set to bulk mode. [ 515.993516][ T5825] em28xx 2-1:0.132: Registering V4L2 extension [ 516.002452][ T8903] ntfs3(loop4): Failed to load $Extend (-22). [ 516.062355][ T8903] ntfs3(loop4): Failed to initialize $Extend. [ 516.073405][ T1882] usb 2-1: USB disconnect, device number 15 [ 516.125218][ T1882] em28xx 2-1:0.132: Disconnecting em28xx [ 516.225970][ T8903] ntfs3(loop4): ino=0, attr_set_size_ex [ 516.364868][ T8903] ntfs3(loop4): ino=0, attr_set_size_ex [ 517.193683][ T8922] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1164'. [ 517.239244][ T8922] tipc: Started in network mode [ 517.244443][ T8922] tipc: Node identity 7f000001, cluster identity 4711 [ 517.325206][ T8922] tipc: Enabling of bearer rejected, failed to enable media [ 518.069683][ T5825] em28xx 2-1:0.132: Config register raw data: 0xffffffed [ 518.077088][ T5825] em28xx 2-1:0.132: AC97 chip type couldn't be determined [ 518.107982][ T8930] loop4: detected capacity change from 0 to 1024 [ 518.200026][ T5825] em28xx 2-1:0.132: No AC97 audio processor [ 518.253783][ T8930] hfsplus: b-tree write err: -5, ino 2 [ 518.261261][ T5825] usb 2-1: Decoder not found [ 518.317181][ T5825] em28xx 2-1:0.132: failed to create media graph [ 518.358850][ T5825] em28xx 2-1:0.132: V4L2 device video103 deregistered [ 518.414514][ T5825] em28xx 2-1:0.132: Remote control support is not available for this card. [ 518.459024][ T1882] em28xx 2-1:0.132: Closing input extension [ 518.553046][ T1882] em28xx 2-1:0.132: Freeing device [ 518.685934][ T8931] loop3: detected capacity change from 0 to 4096 [ 518.790908][ T13] hfsplus: b-tree write err: -5, ino 25 [ 518.826352][ T8931] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 518.842395][ T13] hfsplus: b-tree write err: -5, ino 4 [ 518.896394][ T13] hfsplus: b-tree write err: -5, ino 2 [ 518.941459][ T13] hfsplus: b-tree write err: -5, ino 26 [ 519.095691][ T8835] bridge0: port 1(bridge_slave_0) entered blocking state [ 519.136330][ T8835] bridge0: port 1(bridge_slave_0) entered disabled state [ 519.196097][ T8835] bridge_slave_0: entered allmulticast mode [ 519.244328][ T8835] bridge_slave_0: entered promiscuous mode [ 519.350553][ T8931] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 519.386372][ T8835] bridge0: port 2(bridge_slave_1) entered blocking state [ 519.399396][ T8931] ntfs3(loop3): ino=1a, mi_enum_attr [ 519.421805][ T8835] bridge0: port 2(bridge_slave_1) entered disabled state [ 519.446160][ T8931] ntfs3(loop3): Failed to initialize $Extend/$ObjId. [ 519.498317][ T8835] bridge_slave_1: entered allmulticast mode [ 519.564288][ T8835] bridge_slave_1: entered promiscuous mode [ 520.300526][ T8835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 520.444506][ T8835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 520.719676][ T8952] loop4: detected capacity change from 0 to 2048 [ 520.919567][ T8952] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 520.986273][ T8835] team0: Port device team_slave_0 added [ 521.103351][ T8835] team0: Port device team_slave_1 added [ 521.686764][ T8835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 521.745823][ T8835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 521.859117][ T8835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 521.940784][ T8835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 521.948160][ T8835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 522.007404][ T8964] loop3: detected capacity change from 0 to 64 [ 522.106464][ T8835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 522.157460][ T1882] kernel write not supported for file /snd/midiC2D0 (pid: 1882 comm: kworker/1:2) [ 522.238946][ T29] audit: type=1800 audit(1772463358.811:45): pid=8964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1177" name="file1" dev="loop3" ino=22 res=0 errno=0 [ 523.125731][ T8835] hsr_slave_0: entered promiscuous mode [ 523.217918][ T8835] hsr_slave_1: entered promiscuous mode [ 523.247660][ T8976] loop3: detected capacity change from 0 to 1024 [ 523.282979][ T8835] debugfs: 'hsr0' already exists in 'hsr' [ 523.323576][ T8835] Cannot create hsr debugfs directory [ 523.462053][ T8976] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 523.553533][ T8978] No buffer was provided with the request [ 523.873084][ T8980] loop6: detected capacity change from 0 to 1024 [ 525.935849][ T9002] loop1: detected capacity change from 0 to 1024 [ 526.057339][ T9002] hfsplus: b-tree write err: -5, ino 2 [ 526.270100][ T8835] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 526.397929][ T8835] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 526.569336][ T1090] hfsplus: b-tree write err: -5, ino 25 [ 526.575554][ T1090] hfsplus: b-tree write err: -5, ino 4 [ 526.677574][ T1090] hfsplus: b-tree write err: -5, ino 2 [ 526.686313][ T8835] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 526.730321][ T1090] hfsplus: b-tree write err: -5, ino 26 [ 526.850621][ T8835] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 527.948480][ T9024] loop6: detected capacity change from 0 to 1024 [ 528.113445][ T9024] hfsplus: b-tree write err: -5, ino 2 [ 528.259455][ T5822] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 528.320137][ T9031] loop3: detected capacity change from 0 to 256 [ 528.409674][ T9031] exfat: Deprecated parameter 'utf8' [ 528.444885][ T9031] exfat: Deprecated parameter 'utf8' [ 528.474607][ T5822] usb 5-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 528.506848][ T1124] hfsplus: b-tree write err: -5, ino 25 [ 528.516268][ T9031] exfat: Deprecated parameter 'utf8' [ 528.579432][ T5822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 528.607756][ T1124] hfsplus: b-tree write err: -5, ino 4 [ 528.628360][ T1124] hfsplus: b-tree write err: -5, ino 2 [ 528.666394][ T5822] usb 5-1: config 0 descriptor?? [ 528.695015][ T1124] hfsplus: b-tree write err: -5, ino 26 [ 528.804987][ T5822] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 528.825834][ T9031] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 528.931878][ T8835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 529.270644][ T8835] 8021q: adding VLAN 0 to HW filter on device team0 [ 529.406251][ T5822] gspca_sunplus: reg_w_riv err -71 [ 529.430961][ T5822] sunplus 5-1:0.0: probe with driver sunplus failed with error -71 [ 529.475539][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 529.483319][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 529.609660][ T5822] usb 5-1: USB disconnect, device number 8 [ 529.828435][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 529.836269][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 530.983343][ T9050] xt_hashlimit: max too large, truncated to 1048576 [ 531.216072][ T9054] loop1: detected capacity change from 0 to 512 [ 531.535863][ T9054] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13 [ 531.557036][ T9054] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #13: comm syz.1.1211: iget: bad i_size value: 12154757448730 [ 531.615294][ T9054] loop1: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 531.618723][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 531.635074][ C1] EXT4-fs (loop1): initial error at time 1772463368: ext4_orphan_get:1391: inode 13 [ 531.644975][ C1] EXT4-fs (loop1): last error at time 1772463368: ext4_orphan_get:1391: inode 13 [ 531.669043][ T9054] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1211: couldn't read orphan inode 13 (err -117) [ 531.747223][ T9054] loop1: lost filesystem error report for type 5 error -117 [ 531.869830][ T9054] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 532.205803][ T9067] loop6: detected capacity change from 0 to 256 [ 532.563563][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 532.629243][ T9067] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001e4a3, chksum : 0xe65d9f0a, utbl_chksum : 0x7319d30d) [ 533.265153][ T8835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 533.381149][ T9076] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1217'. [ 535.937739][ T9110] loop1: detected capacity change from 0 to 256 [ 535.960325][ T9111] loop3: detected capacity change from 0 to 256 [ 535.986488][ T9111] exfat: Deprecated parameter 'namecase' [ 536.022078][ T9110] exfat: Deprecated parameter 'namecase' [ 536.063707][ T9110] exfat: Deprecated parameter 'utf8' [ 536.071613][ T9111] exfat: Deprecated parameter 'namecase' [ 536.356801][ T9111] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 536.443005][ T9110] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xffade8b4, utbl_chksum : 0xe619d30d) [ 537.072533][ T9119] loop6: detected capacity change from 0 to 24 [ 537.156372][ T9119] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 537.739177][ T8835] veth0_vlan: entered promiscuous mode [ 537.935461][ T8835] veth1_vlan: entered promiscuous mode [ 538.501160][ T9131] netlink: 872 bytes leftover after parsing attributes in process `syz.6.1235'. [ 538.629850][ T9131] netlink: 872 bytes leftover after parsing attributes in process `syz.6.1235'. [ 538.866032][ T9133] netlink: 'syz.1.1236': attribute type 29 has an invalid length. [ 538.964586][ T8835] veth0_macvtap: entered promiscuous mode [ 538.970712][ T5771] Bluetooth: hci5: command 0x0406 tx timeout [ 539.066216][ T9135] netlink: 'syz.1.1236': attribute type 29 has an invalid length. [ 539.282371][ T8835] veth1_macvtap: entered promiscuous mode [ 539.715317][ T8835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 540.035406][ T8835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 540.231794][ T29] audit: type=1326 audit(1772463376.771:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9142 comm="syz.4.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 540.360312][ T29] audit: type=1326 audit(1772463376.771:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9142 comm="syz.4.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 540.409192][ T34] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 540.529452][ T29] audit: type=1326 audit(1772463376.901:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9142 comm="syz.4.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=290 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 540.607086][ T1124] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 540.662817][ T1124] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 540.712239][ T29] audit: type=1326 audit(1772463376.901:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9142 comm="syz.4.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 540.790987][ T1124] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 540.882698][ T29] audit: type=1326 audit(1772463376.921:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9142 comm="syz.4.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 541.008920][ T29] audit: type=1326 audit(1772463376.921:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9142 comm="syz.4.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 541.188185][ T29] audit: type=1326 audit(1772463376.961:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9142 comm="syz.4.1240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bc379c799 code=0x7ffc0000 [ 542.220296][ T9168] [U]  [ 542.901911][ T9174] mkiss: ax0: crc mode is auto. [ 543.457963][ T9185] sp0: Synchronizing with TNC [ 543.602824][ T9184] [U] è [ 544.111154][ T9190] openvswitch: netlink: Actions may not be safe on all matching packets [ 544.792942][ T9198] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1258'. [ 544.888925][ T9198] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1258'. [ 545.139900][ T9203] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1260'. [ 545.308062][ T9203] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1260'. [ 550.459632][ T9272] smc: net device bond0 applied user defined pnetid SYZ0 [ 551.233844][ T29] audit: type=1326 audit(1772463387.811:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 551.415887][ T29] audit: type=1326 audit(1772463387.811:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 551.584393][ T29] audit: type=1326 audit(1772463387.891:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 551.665716][ T29] audit: type=1326 audit(1772463387.901:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 551.715602][ T29] audit: type=1326 audit(1772463387.901:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 551.756821][ T29] audit: type=1326 audit(1772463387.901:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 551.817546][ T29] audit: type=1326 audit(1772463387.921:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 551.954844][ T1003] ===================================================== [ 551.962744][ T1003] BUG: KMSAN: uninit-value in n_tty_receive_buf_closing+0x77e/0xf00 [ 551.971865][ T1003] n_tty_receive_buf_closing+0x77e/0xf00 [ 551.977926][ T1003] n_tty_receive_buf_common+0x19c6/0x2610 [ 551.988410][ T1003] n_tty_receive_buf2+0x4c/0x60 [ 552.003525][ T1003] tty_ldisc_receive_buf+0xc6/0x2c0 [ 552.015068][ T1003] tty_port_default_receive_buf+0xd7/0x1a0 [ 552.025986][ T1003] flush_to_ldisc+0x43e/0xe40 [ 552.031559][ T1003] process_scheduled_works+0xb21/0x1e30 [ 552.037657][ T1003] worker_thread+0xede/0x1580 [ 552.042946][ T1003] kthread+0x53f/0x600 [ 552.047357][ T1003] ret_from_fork+0x20f/0x910 [ 552.056591][ T1003] ret_from_fork_asm+0x1a/0x30 [ 552.064322][ T1003] [ 552.066774][ T1003] Uninit was created at: [ 552.072120][ T1003] __kmalloc_noprof+0x486/0x1680 [ 552.077536][ T1003] __tty_buffer_request_room+0x3d4/0x7a0 [ 552.088189][ T1003] __tty_insert_flip_string_flags+0x157/0x6e0 [ 552.101155][ T1003] uart_insert_char+0x368/0x930 [ 552.106491][ T1003] serial8250_read_char+0x1ba/0x670 [ 552.118705][ T1003] serial8250_handle_irq+0x930/0x1110 [ 552.124666][ T1003] serial8250_default_handle_irq+0x116/0x370 [ 552.131943][ T1003] serial8250_interrupt+0xcb/0x420 [ 552.137305][ T1003] __handle_irq_event_percpu+0x13c/0xf90 [ 552.147359][ T29] audit: type=1326 audit(1772463387.921:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 552.148144][ T29] audit: type=1326 audit(1772463387.921:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 552.149241][ T29] audit: type=1326 audit(1772463387.921:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9278 comm="syz.1.1281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f774c79c799 code=0x7ffc0000 [ 552.178084][ T1003] handle_irq_event+0xe0/0x2a0 [ 552.236865][ T1003] handle_edge_irq+0x2a9/0xb30 [ 552.242372][ T1003] __common_interrupt+0x9d/0x180 [ 552.247938][ T1003] common_interrupt+0x94/0xb0 [ 552.254033][ T1003] asm_common_interrupt+0x2b/0x40 [ 552.264434][ T1003] [ 552.267052][ T1003] CPU: 1 UID: 0 PID: 1003 Comm: kworker/u8:7 Tainted: G W L syzkaller #0 PREEMPT(full) [ 552.279372][ T1003] Tainted: [W]=WARN, [L]=SOFTLOCKUP [ 552.284870][ T1003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 552.304964][ T1003] Workqueue: events_unbound flush_to_ldisc [ 552.313899][ T1003] ===================================================== [ 552.323978][ T1003] Disabling lock debugging due to kernel taint [ 552.381996][ T1003] Kernel panic - not syncing: kmsan.panic set ... [ 552.388638][ T1003] CPU: 0 UID: 0 PID: 1003 Comm: kworker/u8:7 Tainted: G B W L syzkaller #0 PREEMPT(full) [ 552.399932][ T1003] Tainted: [B]=BAD_PAGE, [W]=WARN, [L]=SOFTLOCKUP [ 552.406487][ T1003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 552.416737][ T1003] Workqueue: events_unbound flush_to_ldisc [ 552.422814][ T1003] Call Trace: [ 552.426220][ T1003] [ 552.429305][ T1003] __dump_stack+0x26/0x30 [ 552.433856][ T1003] dump_stack_lvl+0x50/0x1c0 [ 552.438746][ T1003] ? dump_stack+0x12/0x25 [ 552.443318][ T1003] dump_stack+0x1e/0x25 [ 552.447739][ T1003] vpanic+0x7b4/0x1430 [ 552.452049][ T1003] panic+0x15d/0x160 [ 552.456217][ T1003] kmsan_report+0x31a/0x320 [ 552.460947][ T1003] ? __msan_warning+0x1b/0x30 [ 552.465826][ T1003] ? n_tty_receive_buf_closing+0x77e/0xf00 [ 552.471825][ T1003] ? n_tty_receive_buf_common+0x19c6/0x2610 [ 552.477934][ T1003] ? n_tty_receive_buf2+0x4c/0x60 [ 552.483240][ T1003] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 552.488939][ T1003] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 552.495205][ T1003] ? flush_to_ldisc+0x43e/0xe40 [ 552.500308][ T1003] ? process_scheduled_works+0xb21/0x1e30 [ 552.506257][ T1003] ? worker_thread+0xede/0x1580 [ 552.511343][ T1003] ? kthread+0x53f/0x600 [ 552.515833][ T1003] ? ret_from_fork+0x20f/0x910 [ 552.520812][ T1003] ? ret_from_fork_asm+0x1a/0x30 [ 552.525970][ T1003] ? kmsan_get_metadata+0xf1/0x160 [ 552.531413][ T1003] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 552.537579][ T1003] ? rpm_suspend+0xa4/0x26d0 [ 552.542502][ T1003] ? kmsan_get_metadata+0xf1/0x160 [ 552.547884][ T1003] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 552.554450][ T1003] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 552.560758][ T1003] ? kmsan_get_metadata+0xf1/0x160 [ 552.566128][ T1003] __msan_warning+0x1b/0x30 [ 552.570935][ T1003] n_tty_receive_buf_closing+0x77e/0xf00 [ 552.576810][ T1003] n_tty_receive_buf_common+0x19c6/0x2610 [ 552.582829][ T1003] n_tty_receive_buf2+0x4c/0x60 [ 552.587915][ T1003] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 552.593717][ T1003] tty_ldisc_receive_buf+0xc6/0x2c0 [ 552.599196][ T1003] tty_port_default_receive_buf+0xd7/0x1a0 [ 552.605273][ T1003] flush_to_ldisc+0x43e/0xe40 [ 552.610225][ T1003] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 552.616922][ T1003] ? __pfx_flush_to_ldisc+0x10/0x10 [ 552.622437][ T1003] process_scheduled_works+0xb21/0x1e30 [ 552.628269][ T1003] worker_thread+0xede/0x1580 [ 552.633292][ T1003] kthread+0x53f/0x600 [ 552.637586][ T1003] ? __pfx_worker_thread+0x10/0x10 [ 552.642920][ T1003] ? __pfx_kthread+0x10/0x10 [ 552.647755][ T1003] ret_from_fork+0x20f/0x910 [ 552.652543][ T1003] ? __switch_to+0x51c/0x750 [ 552.657615][ T1003] ? __pfx_kthread+0x10/0x10 [ 552.662561][ T1003] ret_from_fork_asm+0x1a/0x30 [ 552.667582][ T1003] [ 552.671350][ T1003] Kernel Offset: disabled [ 552.675776][ T1003] Rebooting in 86400 seconds..