last executing test programs: 8.428365597s ago: executing program 2 (id=703): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, 0x0, 0x0) 8.266713451s ago: executing program 3 (id=707): bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0) write$binfmt_aout(r0, &(0x7f0000000740)=ANY=[@ANYRESOCT=r0, @ANYBLOB="c5cfdab5c90e35badf10308892c8267ebe5d68f8b10208a0f6264660a8b8c453ca7eb4bb6d1c1b42b16c6afc5a98400d0b"], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x83, "00000000000000000000ffff00"}) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000080)={0x8000, 0xfffffffd, 0x0, 0x6, 0x7, "e315bc1cc24ff7b7cdb242e1ff0aa6905446b3"}) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) read$usbmon(r2, 0x0, 0x0) 7.81138104s ago: executing program 4 (id=709): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) unshare(0x22020600) mkdir(&(0x7f0000000540)='./file0\x00', 0x108) mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]}) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0xcb3e) 7.198138621s ago: executing program 2 (id=711): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x34, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x4}, @NL80211_ATTR_DISABLE_HT={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 7.032966314s ago: executing program 3 (id=713): r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000000000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) 6.979174905s ago: executing program 4 (id=714): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f0000000080)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4d1, &(0x7f0000000b80)="$eJzs3dFrW9cZAPDvynbiJM7sbHvIwpaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxraZ/61JdCn0uh5E9oC4H2vZTSEtokfWihrYrkqyZxZVsmlpVYvx8c33PuvfL3HQsd69x7uTeAjnUqIsYioisizkZEf7o+k5ZYWy/V/R7cvzVZLUlUKtc+TSJJ19V/V5Iuj6Qv642Iv/454h/J9+OWVlbnJgqF/FLazpXnF3OlldVzs/MTM/mZ/MLYyPDF0UujF0aHdq2vl//40f///eqfLr/1mxsfjH9y5p/VtPrSbY/3oxlrTe633vWe2t+irjsilnYS7BnWlfanp92JAADQlOp3/B9GxC8i4uFL7c4GAAAAaIXK7/viqySiAgAAAOxbmdo1sEkmm14L0BeZTDa7fg3vj+NwplAslX89XVxemFq/VnYgejLTs4X8UHqt8ED0JNX2cK3+qH1+Q3skIo5FxH/7D9Xa2cliYardBz8AAACgQxzZMP//vH99/g8AAADsMwPtTgAAAABoOfN/AAAA2P82nf8n3XubCAAAANAKf7lypVoq9edfT11fWZ4rXj83lS/NZeeXJ7OTxaXF7EyxOFO7Z9/8dr+vUCwu/jYWlm/myvlSOVdaWR2fLy4vlMdrz/Uez3tONAAAAOy9Yz+/834SEWu/O1QrVQfSbU3M1cdamx3QSpmd7Z60Kg9g73W1OwGgbba5wPedn+5VIsCecz4e2GZi/78N7R0eNgAAAJ4Fgz95qvP/zgfCc8xEHjqX8//QudzgCzqX8//Q4Q5uv0vvZhve3uVcAACAlumrlSSTTc8F9kUmk81GHK09FqAnmZ4t5Ici4gcR8V5/z8Fqe7jdSQMAAAAAAAAAAAAAAAAAAAAAAADAc6ZSSaICAAAA7GsRmY+T9EH+g/2n+zYeHziQfNFfW0bEjZevvXBzolxeGq6u/+y79eUX0/Xn23EEAwAAANioPk+vz+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDc9uH9rsl72Mu69P0TEQKP43dFbW/a+0R8Rhx8m0f3Y65KI6NqF+Gu3I+J4o/hJNa0YSLPYGD8TEYfaHP/ILsSHTnanOv6MNfr8ZeJUbdn489edlqd179Rm41+mPv7VxrlG49/RJmOcuPt6btP4tyNOdDcef+rxk6ccf//+t9XVzbZVXokYbPj/J3kiVq48v5grrayem52fmMnP5BdGRoYvjl4avTA6lJueLeTTnw1j/Odnb36zVf8PbxJ/YJv+n26y/1/fvXn/R1vEP/PLjfG/rL3/x7eIX/3b/yr9P1DdPlivr63XH3fytXdPbtX/qU36v937f6bJ/p+9+q8Pm9wVANgDpZXVuYlCIb+k8lxWeryDKltVrqYf9B2/vM0DEwAAsOsefelvdyYAAAAAAAAAAAAAAAAAAADQuVp+E7KDT95ZoLd9XQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2NK3AQAA///VO9QU") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x2000, 0x1) mkdirat(r0, &(0x7f0000000300)='./bus\x00', 0x0) 3.368811346s ago: executing program 2 (id=717): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x503, 0x70bd2a, 0x4, {0x0, 0x0, 0x0, 0x0, 0x8440, 0x800}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERY_RESPONSE_INTVL={0xc, 0x22, 0x8001}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4804}, 0x4000084) 3.071133491s ago: executing program 3 (id=719): syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x1a1, &(0x7f0000000440)="$eJzskLFrE1Ecxz+/d+/uUqG2UXGIoAGLMaWY3CkOTsEpgicOLoIFQxobMVHby6K0WAfpEqiTs051FAcnEQXn4iA46Ll0k2YIDiIiJ3d5/hV9H7j7vu+X93u/33vdeCX2gb/jtTYNchwO8glBA75MMqUm+sb4H0a3JsJF44dCvvOl8aXY406r1+usli+UKWbBg4cmAH6WSWcQTBSf4KhiJDSQL+O1dktuRqQN+mpp9jGz6GdXTL+SnuaIwiGtDLmkWBEXmKkN+vdr8Z80Tfut5c5y524Ynj1fP1f3CWuPnuaV4iOK56xTjfAjpqrruIs82dEHWBCk2lWJI/MjvEW2dpzTJxdGqOoeKcL7ygj/m+6W1TVOUbiRXajJYeEFTsTcZaYUmlu3e516E7mqXkugP+tfrqKw4Thn2vd6S5vXlfz2thuyV5BgF7cSEM4HZNOXOMQHNhPmEpoJ2wm73xF5m3UZmvfUG9n/lXHHOA4etAaD1cCDj1KJCLOvCNP5cSqbyy3CO1NjhK//FxaLxWKxWCwWi8Vi2Qf8CwAA//+GP1+J") 2.556805601s ago: executing program 4 (id=720): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000080)={[{@discard}, {@bh}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0406618, 0x0) 2.457505843s ago: executing program 1 (id=721): r0 = syz_open_dev$loop(&(0x7f0000000200), 0x2, 0x20000) ioctl$BLKSECTGET(r0, 0x1267, &(0x7f00000002c0)) 2.375068965s ago: executing program 0 (id=722): syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000140)='./file1\x00', 0x4000, &(0x7f0000000200)={[{@noadinicb}, {@umask}, {@undelete}, {@session={'session', 0x3d, 0x4}}, {@shortad}, {@uid_forget}, {@undelete}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@uid_forget}, {@uid_ignore}, {@shortad}, {}, {@session}, {@mode={'mode', 0x3d, 0xd9f}}]}, 0x2, 0xc34, &(0x7f0000000800)="$eJzs3U1sXNd9N+D/ueKIQ/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJFLqwBRJkFQjG2nBdNNFFwGKoousCLRGgRQNjKYIumRaF0g2XhRZdUW0sBEUXbBFgKwCFvfOGXFIkTYjkhJpP489+s3cOefOOfeM75UJnnsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj4vVcunzmbHncrAIBH6eroV8+cc/0HgI+V6/7/HwAAAAAAAAAAAAAADroURTwZKWavrqbx6nVH/Uq7dvfe2PDI1tUGUlXzSFW+fNTPnjt/4UsvDF3s5pX29AfU32ufjddGr19uvDxzZ3Zucn5+cqIxNt2+OTMxueM97Lb+ZqeqA9C48/rdiVu35hvnnj+/4e17g+/3P3Fi8NLQs6ef6ZYdGx4ZGV0vUt/y6UPabobH0SjidKR47ns/Ta2IKGL3x6L+aMd+s4GqE6eqTowNj1QdmWq3phfKN691D0QR0eip1Oweo63HIvpqj7QP22tGLJbNLxt8quze6GxrrnVjarJxrTW30F5oz0xfS53Wlv1pRBEXU8RSRKz0P7i7WhTRFym+c3w13YiII93j8MVqYvD27Sj2sY87ULazUYtYKg7BmB1g/VHEq5HiZ++cjJvlMcuP+ELEq2X+IOKtMl+KSOUX40LEe1t8jzic+qKIPy/H/9JqmqjOB93zypWvNb4yfWump2z3vPJLXh8eOFM8puvDwKZ8NA74uakeRbSqM/5qevi/7AAAAAAAAAAAAAAAAACw1waiiM9Eilf+7Y+qecVRzUs/fmno9wf/f++c8ac/ZD9l2ecjYrHY2Zzco3li4LV0LaWdziU273TP1aOIP87z/771uBsDAAAAAAAAAAAAAAAAAADwsVbETyLFi++eTEvRu6Z4e/p243rrxlRnVdju2r/dNdPX1tbWGqmTzZzjORdzLuVczrmSM4pcP2cz5/hAZ8eL+fVSzuWcKznjSK6fs5lzPOdizqWcyzlXckZfrp+zmXM852LOpZzLOVdyxgFZuxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KOkiCJ+ESm+/Y3VFCkimhHj0cnl/sfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1J+K+H6kaPxB8/62vohI1b8dJ8s/LkTzaJmfjOZQmS9F83LOVpV9zW89hvazO7VUxI8jRX/97fsDnse/1nl1/2sQb31z/dVn+zp5pPvm4Pv9T5w4fmlo5Nee3u552qoBp660p+/ea4wNj4yM9mzuy5/+yZ5tg/lzi73pOhEx/8abr7empibnHv5J+RXYRfVD9CT1Hfye1g58Cw/Rk+g7EM14PH3nY6C8/r8XKX773X/vXvA71/96/L/Oq/tX+Pj5n6xf/1/cvKMdXv/7NtfL1//ymr7V9f/Jnm0v5r+N1Poi6gt3ZmsnIurzb7x5un2ndXvy9uT0hTNnvjw09OXzZ2pHI+q32lOTPc/25HABAAAAAAAAAAAAAAAAPDqpiN+NFK0fr6ZGRNyr5msNXhp69vQzR+JINd9qw7zt10avX268PHNndm5yfn5yojE23b45MzG504+rV9O9xoZH9qUzH2pgn9s/UH95ZvaNufbtP1zY8v1j9cs35hfmWje3fjsGooho9m45VTV4bHikavRUuzVdVb225WT6X14tFfEfkeLmhUb6fN6W5/9vnuG/Yf7/4uYd7dP8/0/0bCs/M6Uifh4pfusvno7PV+08Fg8cs1zubyLFqYufy+XiaFmu24bOfQU6MwPLsv8TKf7hFxvLdudDPrle9uyOD+whUY7/8Ujx/T/7bvx63rbx/g9bj/+xzTvap/F/qmfbsQ33K9h118njfzpSvPTk2/EbedsH3f+je++Nk7nw/ftz7NP4f6pn22D+3N/cm64DAAAAAAAAAAAcarVUxN9Gih+O9KUX8rad/P7fxOYd7dPvf326Z9vE3qxX9KFPHvjdRgAAAAA4pGqpiJ9EitsLb9+fQ71x/nfP/M/fWZ//OZw2vVv9nO9XqvsG7OXP/3oN5s8d3323AQAAAAAAAAAAAAAAAAAA4EBJqYgX8nrq49V8/olt11NfjhSv/NdzuVw6UZbrrgM/WP1Zvzozffry1NTMzdZC68bUZGN0tnVzsqz7VKRY/evP5bpFtb56d735zhrv62uxz0WKkb/rlu2sxd5dm/yp9bJny7KfiBT/+fcby3bXsf7UetlzZdm/ihRf/6ety55YL3u+LPvdSPGjrze6ZY+VZbv3R/30etnnb84U+zAqAAAAAAAAAAAAAAAAAAAAfNzUUhF/Gin++87S/bn8ef3/Ws/Lylvf7Fnvf5N71Tr/g9X6/9s9f5j1/6v7Cixu96kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDRlKKINyPF7NXVtNxfvu6oX2lP3703NjyydbWBVNU8UpUvH/Wz585f+NILQxe7+cH199pn4rXR65cbL8/cmZ2bnJ+fnGiMTbdvzkxM7ngPu62/2anqADTuvH534tat+ca5589vePve4Pv9T5wYvDT07OlnumXHhkdGRnvK9NUe+tMfkLbZfjSK+MtI8dz3fpp+2B9RxO6PxYd8d/bbQNWJU1UnxoZHqo5MtVvTC+Wb17oHooho9FRqdo/RIxiLXWlGLJbNLxt8quze6GxrrnVjarJxrTW30F5oz0xfS53Wlv1pRBEXU8RSRKz0P7i7WhTxeqT4zvHV9M/9EUe6x+GLV0e/eubc9u0o9rGPO1C2s1GLWCoOwZgdYP1RxD9Gip+9czL+pT+iLzqP+ELEq2X+IOKt6Ix3Kr8YFyLe2+J7xOHUF0X8bzn+l1bTO/3l+aB7XrnytcZXpm/N9JTtnlcO/fXhUTrg56Z6FPGj6oy/mv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxopXnz3ZKrmB9+fU9yevt243rox1ZnW1537150zvba2ttZInWzmHM+5mHMp53LOlZxR5Po5m2XW19bG8+vFnEs5l3Ou5IwjuX7OZs7xnIs5l3Iu51zJGX25fs5mzvGcizmXci7nXMkZB2TuHgAAAAAAAAAAAAAAAAAA8NFSVP+k+PY3VtNaf2d96fHo5LL1QD/y/i8AAP//c9L2/A==") 2.320720355s ago: executing program 1 (id=723): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000840)='ns/pid\x00') ioctl$NS_GET_USERNS(r0, 0xb701, 0x0) 2.309382885s ago: executing program 2 (id=724): syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x13, 0x69, 0x1, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}}, 0x4000000) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5c, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001640)=@newtaction={0x14, 0x30, 0x1, 0x2, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x2000000) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'}) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x18, 0x68, 0x5fb9a818fb7378e9}, 0x18}, 0x1, 0x0, 0x0, 0x8010}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6(0x10, 0x3, 0x0) 2.219195567s ago: executing program 0 (id=725): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000e006"]) 2.188782128s ago: executing program 3 (id=726): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000e00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000d80)={0x1, &(0x7f0000000d40)=[{0x6, 0x6, 0x38, 0x7fffffff}]}) 2.124523989s ago: executing program 1 (id=727): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x62d81) write$sndseq(r0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0) readv(r1, &(0x7f00000038c0)=[{&(0x7f0000004980)=""/4096, 0x1000}], 0x1) 1.867198784s ago: executing program 4 (id=728): r0 = socket$inet6(0xa, 0x2, 0x3a) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e26, 0x41d, @dev={0xfe, 0x80, '\x00', 0x42}, 0x8}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x3e, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0) 1.867006414s ago: executing program 0 (id=729): mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, r0, {0x7, 0x1f, 0x6, 0x0, 0x40}}, 0x50) socket$key(0xf, 0x3, 0x2) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x16c, 0x10, 0x713, 0x70bd27, 0x25dfdbfc, {{@in6=@mcast1, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4e21, 0x0, 0x4e21, 0x2, 0xa, 0x0, 0x0, 0x3b, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0x1a}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x543}, {0x4, 0x7fffffffffffffff}, {}, 0x70bd28, 0x3500, 0x2, 0x1}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "217d66d38547aa140db8a200000000c538c7cb7a"}}, @encap={0x1c, 0x4, {0x2, 0x4e24, 0x4e24, @in6=@dev={0xfe, 0x80, '\x00', 0x2e}}}]}, 0x16c}, 0x1, 0x0, 0x0, 0x880}, 0x0) 1.821001355s ago: executing program 3 (id=730): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000000c0)={[{@delalloc}, {@errors_remount}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4005b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000003c0)=ANY=[@ANYBLOB="00fcffffff030000f4"]) 1.802997446s ago: executing program 1 (id=731): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec85000000750000000400000007"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/fscaps', 0x149a82, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write(r3, &(0x7f0000000000)="0a000000010021", 0x7) 776.180225ms ago: executing program 2 (id=732): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)={0x20, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x4}]]}, 0x20}}, 0x0) 469.005371ms ago: executing program 0 (id=733): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) getsockname(r0, 0x0, &(0x7f0000000040)) 462.140642ms ago: executing program 1 (id=734): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newnexthop={0x48, 0x68, 0x1, 0x100003, 0x7ffffffd, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x15}]}, @NHA_RES_GROUP={0x1c, 0xc, 0x0, 0x1, [@NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x3fd4}, @NHA_RES_GROUP_BUCKETS={0x6, 0x1, 0x2}, @NHA_RES_GROUP_IDLE_TIMER={0xd4, 0x2, 0x4}]}, @NHA_GROUP_TYPE={0x6, 0x3, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080) 407.212442ms ago: executing program 4 (id=735): r0 = syz_open_dev$loop(&(0x7f0000000000), 0x2, 0x141480) ioctl$BLKREPORTZONE(r0, 0xc0101282, 0x0) 343.498224ms ago: executing program 0 (id=736): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000c00)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_remount}, {@nombcache}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") truncate(&(0x7f0000000300)='./file0/file0\x00', 0x5) setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) setxattr$trusted_overlay_upper(0x0, 0x0, &(0x7f0000001400)=ANY=[], 0x835, 0x0) setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001b40)=ANY=[], 0x835, 0x2) 305.037744ms ago: executing program 4 (id=737): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000801, 0x0, 0x0) 183.186727ms ago: executing program 1 (id=738): syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="1201000000000020ac050f0222000182830109022400010100000009040000020301020009210005000122000009058103", @ANYRESHEX], 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x24000) 182.874727ms ago: executing program 2 (id=739): syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e2793b10d105012000040102030109021200"], 0x0) signalfd(0xffffffffffffffff, 0x0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000180)={0x0, 0x0, 0xfffffffd}) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) syz_clone(0x200000, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000001b40)="47a2ec275e48e0268e8e274b6afe6999578f90040959b7c2f0234888a1358e154b0d2181f557dbb6f77028755edd5af4de979154de32153fb0b929b001a1cb42e27bc9893e14554d9d8951a33ca700308d1af5c22e1d483baecbb0e5ac33821ee354facc2cd44a15f92a181bd4170b991cc4f79b45152696fdd8cb667065875c52887e801395ca22f115b76a42e68fb189a44fcec6ff26ba1a1f9a17bddae0fed1c290d12e1cdd7d23ff57cab50413c9ec839f74ec18fa827835c251294e93b65de3e1f18be38be8233ae6224b34ca67c004256080dac4426fc445c978c3d15233f9b032ddc971b2a27a5a72469680cf77c8a9cb43cadbcf723d769fa7a2b179b1a3b066170b88bb050e7b58fb23b6f5434ca582e5c965729d31f830652db9b4398bb32dffc0c25da18ddef872394875d2d6f81572b9a7cbd10c95f757bbc4707e90ffa78cd88a8c51ee4855138893e2cc9747cd2168d32b2a597d673520dabd9c261f318d53a8a2557809013a5cabbc28bf14a5b18fe59653a75ce9584ef2fe03c1d89134214a66250bf09978c6ce47804e1e72d1ec08a3b4ec84dc921f0e7f32881394c0a8e614aeb839b31c4eb236c1bf685903a4405377858f5809ab9c2b1e86e2fb8cafca36d1bb33aa0039c9be797146665c01d02cc2a315d62f8ade7840bd67f6e073a24208491f3e208743e9571dfd0d57f68aaac5a4dd6fe0e84f2f10b4db3a538d2f4ef3122ad0ee9e494340a9829ffb3b1897f4c984bd57d8ad2f5f84139a1bb100f098b33933eb79aa5086ee99bf23ffc0ccab46d5f9997ca84ff7c29ef902cb2ed141bf74675a60528bc0bae6b37d98787296f5c293099ae5db85b9bfa515018f61b951a5e8659eba314c2c2b288b451699c59d01ab37c972f7c94a4109fc8c46dd067c1cbbc7b242d0969515b7c44960fb204fbbf13b4308b1c349d85d872639a52d0690c084924f9c99284a41b208e394e05e9ee5e69f6d968abc8c942d4db9397e8fa063701545b8f016222811b246c80e9d22a30f87951b46f8f25afc2623c141790e57bcbf3b671d8f8c2df5072dbc62a360dc18018515abe8ef2b2a3473aea91d6f9274f4b23cb2af28c8534e10a884b663541e8255a727219a0e8387233cd1dbebd0f122406d3385e59374e0f470b5de7db2f6bccbde4a3620778895b2624605b81c8f1a4b1f18a08de1c3dd9ba00eb75e1c090cd9032f7120fdbe05537d80114dbdb6bf8f29272b3ca56f7a732c92b1810a151f53f3bcff5a2ae94da2b727a39673e47f3e45cec25fb3c2a35817ea9b7474768b23c161953ca2904fd6b1ea68a4ce7acf25d5490a16f9c55a5163ffaa6dc5e05e4febc2b959d8955aaa380dea60d842925b95559e613d2413e30de0db79f9b16214497ac8a856495c196bd3ff369a6adecf156a656ac34705cad7adc556a077ca3e6ef031244cd6dc1cdc759b567c2bcb3747d41441f2cf6a88eb333876793e1020d1c295abb5781e84e163b760648ee840ce196d88f70f53b4e6dfe7b11a5ad09b802a9b7cc5061623fcb9d41c9e3a3aa623fc4744786e123f770724759905df495bd4f3dae06ff32c8eb339884cba534f19acb2101c39d79c474605cfa59663eeefae3ac558566f6b0ce0cce56d83c070d9e256be7e2aa9194efdfc9d2fef8ccf35076cbc627ff17599d65e02ced4c917e37b4849ba3a08c16ca7acfbad685faaab8f08af2cfa54bc0bb5a492d3649a909c18eee2e41dabf370d60f9698a2b48a25e096a85eca6af1ea8afd9640acf433aade90806da0a95739ba8ff072dd728f925f43c2f2e980aaf7dd3e86db33c766d8963a73d655ba71fc3b13813d1b9861c20360a96f3f89a3077bd49ce68f83c910e8e4bdbc68bee6927f855b6fec230486c70bc8841e3214f660ed3f6ed99538b810b7c872cc34d385a019b0359fbf4f520beb736eade2c0e99476b7ea8db71bfc0bfdbb2e2e7f9cb044178da6ce0ffb763b47c094a45c136e2332d5c0c8d7d0227593ce3a384adf20ea5e7fdc294f9fba0f03ce4713dc0b6054b6182c493bace7d6954e80401a928351357a0cdaaecc46559c4508c08d85417ef56ab26cf888d2d6cbae1ea76e814fbc36afa8f3b78e4d9c7319cb32c0621a136c827a17e1fa58e83f4a6b022381db86fe720dcccfb5953f1b3210bc765b42a25e5e6b410348d89c763c874c3be4a9a24b03663a83b32992f0120831fff37ee79cecc4d0772eb661649ece83239784e2f4cd4e49a3cc43d8903b0619812ab991b620c54dbb396feb32ce0f8ae80ac2bcb78eb639180428ea35039f4ee9104921f696dc00d60724664ddd43d835cdf3220af0f5faad88de91b6b2344cb261ff68a47b1c8f0fde14e4c33ed0e75843f355d54c2f916357fbbdf159d4515b4799f507fcb917d0739b02537b3c5953531384ca501d0c939681dbb075bd736ca846bdd98235602ac879f865b87fdf5cd5cc464d9b00155be8360d9c23048e137b611ba2a33369639170a45bf143754c0f6017b19c7207e61602c4a4a2c95c77bc583a88cd46d6e3b331dd89d56d187de302ee9e0bc7caebafd7e14ca337db0846994e341e6701ca1fcb1874d530b4256fc98d7d348f795a9c0e4d09c36938750d2182783479427d4dabd458fedbb070bbe5488228fd37dd4e99b2ad24b89034e0e8004292c27da0f09a625d0c5859bfe54b5da334b27462990a8510bc1dcc7c3d48c7bef07f79c4be70c34e731af23245e185c314683f9395a61fad485c03fc4ea3e1954326c5c91c68b28663250925e1e7b2a63c9b7967227e8676c2281f193ce8893cb4ded5288fa27e97dea43d101ded5d4b8051455ba103c1b9f95cdcf3cbf8fe1b0e63d7e67e5dc9dbd75b4f6e3366c09b7ecd82081ea17372a2051f80ac63172fdde6aeb4ceed971324e2e3effb0e8eb595a8f5a32908cd239195fa9ebe61f8595078bf52bd85a38f6b4ba65d5703d0fddd111f8f18bc3f314007f11640833610f74b7073b2844d9774c58cba509320f5850148f8128dc60769ba520cb35d43a6ed690180b5eb0fee3570f475de823304a9cc4530ca828b75653e584c3ecce74a670429a219fa6f24de404063011f3d940d3a2246089701fe558c9c1cebd797a5886224790281d8eebdd2450dbf0b5a704b7c3ec9f1069eb625b10f196e02de49823d72808b89cc64b99a5eed0c5ef37932af8c5d06205930cb2b579f0f8592d9670f60247085c6ff89e1b51fe621ce4b4b9fc62fe13c4e22b028b79607296dbc55969ef6a421f5efaffb587394312e684dea794535a99e0cd1984f8c35b8e710ebf6d2bd1c226e86a271f2d06b05af935966d4a789ca22c693fa5e21bf73a674304675b000bc173174b55400775734d283ff3287757729f061d13c49138b1ced3c5ce4fb29f0169b748137350ea1fc4f6db854b0579637b22610793b0f2cb7526baa9765fce2f760a61963c815cb4a1bd9e15ec5b06603328d17b54d858497720d50b76ff1dcefffda06fd57013459bfa3c03f7212b52ffca74d0725f5c04ded32c91d2f645363aa0f7e70f464cba612fbf69f0c8b119a898185169c35d41de4f9ab734acec96fcc4bbd5d9c809548a741a7a3f6ca90320e5c8cde04c3c8b611721068e29894c2b148b94d987dbacfaa58cefdc1742b97b718ce15955c1d6ee247221209e7b4417db00fa96d7a93036861315173c0dedb67e37e65bec96a20bdf6314c520453a6f922e26892887f0e2542b34e9452742eb936943600648f8712b831b301740c8a4ed244c03757a141b29631ff0e04f713a8316e20f69606fb4dc82d0a1236fb25a3fdcc6ed13edf2a94648a3aaf213c1338689730a44c4cdc41674954114afefe78f719d106e1a5791d735648c9fdb7e359ba2c12b0b545db4728a540f45d22a3646d9cc3e5a729c4f6b977fae7b2f0c9c8e868cbaec14c150e172599b906fa3579c9c1e918bb73692b1e1bf27be1d0c7c459e8da4873173bd1096520a678a27fefe0a2999d0f1d38028eb0da59e8364ae86357d2bb9b5b0451e8ca4f894a418f505277bb21f34f97a092d380182a40e40ca807aeb8f20c6c6b77c255c2f987dd6549989e4cdf97b56c5dbc612e8f53765621da7970bbf63b64bbe0a9f2b54763deb58e08ca3292f8d4fd3276e9ab12195ce722d1f6f03fb12ca869ee1c30727db61a233f8bfb469a54b39dd594dd58c1b99d5cee2d44e5545bdbd93b3a6b386d88edbc98a8fc811e60419ad0ca8873ee5f493462e492fd93b579575272b9145357daf1612152b19549ff7d56988b95d5ca75e6d7d2125f7b30a051dcf6caa9506fe24c31e07a0b68eeef76eb491f0a2cc3907f0f6f9c53e5777bd58be358d1d0a1cb573fdc7dcdd7df9149d8335ba79f273de7c78f5e5d0b6acbabe03fad4be05a67d44c3787426e004788d6da9ae5ca10d66913f1f61134914c061e4fe2990d30ca05a42f4e3bb3ae121ab820522c953af1279d611495a9287dc69ff9c25205bf106f72f62b8aa09333b8a11e1d4cff7cadca2364e8a1753ff70f3b5e9dec8fca6b908f4b89f4a7135dfaddaffa0cda60357fe109f51c049086ffefdae78351e49c06ee76ac530a960e296d8dae9af2a31d24bdfc378393d791f59c44d613c1c1a40a6cba86d3af29e678655669cdbc84c6fae7f8284dfe5e770a8f8d93b038d396e3b716b23df4dfbbda00fe33dde1b80712f17d2d574dd038448735481e8324dd6185f014157058cdc39f889b3b2a8acedd07f5215815ff84d13d3555ff0b0cc300cd6fb82353c5e2c593922f7714c9c232830e849c508525e141ddd5d05e93d2c081ce655f3c52ac3e82ff20aa5e6718a44e1847890cbd1433c030c3d11c76dc8bc5ad7f4c9737d95720882f0d3a6816e22b0e5230db895e8241ec5fad9d51f369ec17b4804107127728659e82f837d21a498258f6601fd5b3bcd636d87123f9d3ccc0a1ab88614de72d7f2d5eda73bf1577a96ce8b8c576b81c23d41278a73225eef08f3058900908de4757f06fa8e475005df938005792d59496c8e683d7a70686e33ec2a2b2fb4c9f6de5556ad62f8510fcfb0698cfb9f6156c36a066cf759fbaedfe4bb78f6a080e10a8377dcc59404617eda8cbe9b02036599dee92057c2ffe5aa7b7a2147cdb6ac9ca2bc981f29ad3e0ce3453f416bebc5d3c7fe7f615f313fd1aec8a40fb112b61e80293ee12e1301d214ad6b8283822dad1f04c29be5880cbe51e689d06ec671cd762f85a5ea41b230a8ab763e3b996ced30f68a23d631ab250c0302311355ddcd129be74ba075ae229e8118d0e30c60affacb3c33d764997bd0ca572398ed40e03cc12634b9634e0564ad30527ece0f0d1321deae3310ca3330d7beb7e17d63a70d38f26715689d791046f4fa044667c33e6badb3873c18a51a14b5d526f848fa3a346b857890f7b00425228b2eb2686f0373a06dd1dfbbd50059ca7f92783c407284483f3329cf27192224984064de5236af821d6c5facdeb9dd1b16216769f265a735900642826a7a615191f0c68fe7a03fe6064aab1851dc3140ecf17bcef3b1e38ee090771405568bdc2848246737f6b27705098d1443392a3a47cc7c1be15fc7b1a06c54da224fa1eed6f4421bc1be36fbc5b2c13d4475e4f9928764bc545e8d82ad5c0729f4ea1455604521233ac2fbd90353bd5c041663bbdcc9030e6b45d") ioctl$MON_IOCH_MFLUSH(0xffffffffffffffff, 0x9208, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000880), 0x200, 0x0) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000140)) bpf$ENABLE_STATS(0x20, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, 0x0, 0x0) sendmsg$inet(r2, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x48c0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota}, {@data_ordered}, {@noload}, {@nombcache}, {@usrjquota, 0x22}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@noacl}, {@prjquota}]}, 0xfe, 0x451, &(0x7f00000016c0)="$eJzs3M9PHFUcAPDv7rK0tEWw/iy2ilYj8QcU+sMevNRo4kETEz3UeEKgDXZbTMHENkTRAx5NE+/Go4l/gRfrxagnE696NybEcLF6WjO7M3SBXVhgYWv380kG3tv3Nu99Z+btvn2zswF0rMHkTy7iUET8FhF91ezqCoPVf7eW5yf+WZ6fyEW5/OZfuUq9v5fnJ7Kq2fMOVjPl8gbtLr4TMV4qTV1N8yNzl98fmb12/fnpy+MXpy5OXRk7e/bUyWPdZ8ZOtyTO3qSvAx/NHD3y6ts3Xp84f+Pdn75J+nsoLa+No1UGq3u3rqda3Vib9dakc11t7AhbUoiI5HAVK+O/LwrRs1LWF6982tbOAbuqXM6X9zUuXigDd7Fkog50ouyNPvn8m217NPW4Iyydi5V1jFvpVi3pinxap5h+RtoNgxFxfuHfL5MtdmkdAgCg1s1zEfFcvflfPh6sqXdPem2oPyLujYjDEXFfRNwfEQ9EVOo+FBEPb7H9tVdI1s9/yn3bCqxJyfzvxfTa1ur5Xzb7i/5CmuutxF/MXZguTZ1I98lQFPcl+dEN2vj+5V8/b1RWO/9LtqT9bC6Y9uPPrjULdJPjc+M7ibnW0icRA1314s+tzHmT+fGRiBjYZhvTz3x9tFFZ/6bxb6AFk/LyVxFPV4//QqyJP5NreH1y9IUzY6dH9kdp6sRIdlas9/Mvi280an/z47+7lm6W40Dd838l/v7c/ojZa9cvVa7Xzm69jcXfP2v4mWa753937q1Kujt97MPxubmroxHdudfWPz52+7lZPqufnP9Dx+uP/8Nxe088EhHJSXwsIh6NiMfSvj8eEU9ExPEN4v/xpSff23r8G6zKt1AS/+Rmxz9qj//WE4VLP3xbt/Fis8f/VCU1lD7SzOtfsx3c4e4DAACA/4V85TvwufzwSjqfHx6OWKis7R7Il2Zm5569MPPBlcnqd+X7o5jPVrr6atZDR9O1vCw/tiZ/Ml03/qLQU8kPT8yUJtsdPHS4g9n4L6we/4k/Cu3uHbDr3K8Fncv4h85l/EPnMv6hcxn/0Lnqjf+P29APYO9t8v7fs1f9APae+T90LuMfOpfxDx2p4b3x+R3d8i/RpsR33Tv7rYbmE5G/Q0K+axLFqFvU1fSPWWwzsa9uUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrjvwAAAP//gk3jgQ==") 73.504479ms ago: executing program 3 (id=740): syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x20404a, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1dc, &(0x7f0000000440)="$eJzslr+PEkEUx78zu1nAaEwsbSwkUQuX3UWNjYk0VhYm/iAWJhJZCbJKAhRCYtC/wN7EwsLef8BE2/sjLtxV13DdNdfsZXZmd+cICxwcUNz7JDy+s8y8ffPe5A0gCOLCsr93NAqRj/RlFJFTzw+MdA7X5u/mD7/8f/qk+v3N753cyC5M8xmGi7/fBPCvYqCXrD29uqi+X4An+iU47ihdBYOt9FtwvFLaB8NrpT9oui3m2/b7ZuDb79pBXQhHGFcYT5jyZHzjbwx1LT6m/d7tD1q1IPA7axTz8jeucDzS4tPrZUNG62j5c8HhKl0Gw3OlHyIX50amRNv/dTP1b8zcv4V1Z0SEcoZV165klsoCsFwYAEsc/sRK28FXdWTXeYYyhIFIxBU9J8/GhnYhDvqcOTA3nlW2WjKXqcXfx3JN/CQcynE052qGw3C44CssLJONtD+Fvxhuaf1JtpIf0VUjSljq9gd3mx9rDb/hf/K88gPnnuPc90pRI5J2Rv8rRP3pUup/6p0ksJiFz7Ver+NKm4w9aad1XB71P47bN+VYFNea8JvXNFMfEyaY7L2tP5nREwRBbI8bYMehwoyFuk2g/dd9tsUYCYIgCIIgCIIgCIJYjZMAAAD//4U6Q1I=") socket$nl_sock_diag(0x10, 0x3, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={&(0x7f0000000940)="f984042039404cbcca51f84ec9099ae388f0578c6c3798003404ce978101751a37bebc93b96e34ca646fb01e1ac41bd7039406aac2a5a559216b127993dda869b4d4ed25a5d8ea3734bd691413855a8146d06e096f6a46ebda34091a0c2f9008c1c4c593f84b70c08c6c0700fa61ff429baab2dd362f437d71cc1fdfb6d5b6d022ab99c07c8ca452cde69fcebbc5f1bf00c0d7884b0c10baf062aaf4c44decd407e37d828bca15e115c920dcd581d41f7135adc922bd312efb3d5a758ec9052578f1b5", &(0x7f0000000840)="1198b96bfe8789a5865fc89ab07163f5c8cd3e9ce542b5a4081ec9e6465b59047790a9e04a8d8bd4a66e169b37c8a2b98a02dcb04b0294c89e818f6046cbc7416e86151464fb28a1e3c5f293c0763c2137187408be7c4287970be25284337d310ea03e78500c2b090e61ad90fe975996655d2f5ca485fd21d23977bcf936d5f30f66781eabd71e06b97bd3624dca8499aa33b36392f2cb25d344dbb77c56791186732061df842234"}}, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r2, 0x0, 0xa7, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x3000000, &(0x7f0000000200)=ANY=[@ANYRES32=0x0], 0xd, 0x6f5, &(0x7f0000001f80)="$eJzs3U9oZHcdAPDvm0ySmS1ms+12u0KhsYUqBnfzh1TjZaOIRChSVtBz6Ga7YWf/mKSS9uCmKnj14FWoh3jRkyKCICzUs96KeAmeCoKXnnZ78Mn7N5mJM8lk02Sy+vmU377fe7/3+73v+75/M0PDC+D/1vJ01B9GM5anX9/K5nd35lu7O/N3inqtFRHjEVGLqHf0Sj6IWIqixGezBVVDv+38fG3x+ocf735UzNXLUovin2ZEjPbuWB9kL7bLElMRMVJOj6FrvDefbLzxvWrSzkyWsFeqxMGwZVdd2uX7l/ZaeklHOmb6Xu/A0yMpnpsdiut/MuJcRDSqB9p20Vg7/QgPdaR70fbJxQEAAABnxvlHDyK2YmLYcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDTpHz/f1KWx1V9KpLq/f9jHe/YHxtyuP0dHFmjqjysnUYwAAAAAAAAAHCyXnoUv76ephPVfJpE7bsj5UyznL4dG7Faj7gSW7ESm7EZ6zEbEZMdA41trWxurs/Gy/ncxU/SNI1nip6x3tVzrmfPuQEDrmKK+jH2GgAAAAAAAAD+Z1xbGM+nP4rlmBh2MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CmJGCkmeblY1SejVo+IRkSMZettR/y1qp8h9aN2eHgycQAAAMCZcv5RPIqtmKjm0yT/zn8p/97fiLfjbmzGWmxGK1bjRv5bQPGtv7a7M9/a3Zm/k5WIGO0e92v/2qv/buLQMPIRo/jtofeWL+drNONmrOVLrsSbcS9acSNqec/M5Sqejrg6vJfFlFwrpGmMD5KgG+U02/OfldNT0Txshck8I6NZRv4esRozWWxJkccLB2ei8+gMoGNLee5no9b+5edi/y21f4ypcn7twK0k/07TonauWpLGM986MOf5+TJ6pJ05lv2ZmOs4+y4dnPOIz//+N9+71bp7+1ayPX1qp9ETean34vF/VEeoykRhO1ZjviMTL3RnIvpn4ubGGc9EX92/NNbi+XZ9Ob4Z34npmIo3Yj3W4gexEpuxGlPxjby2Up7P2b+TB58zS11zbxwW01h5XEb2xfS588X0oJhezvtOxFp8O+7FjViN1/L/5mI2vhwLsRCLHUf4+QHutLUeV/0f+gf/yhfKSnbj++neDfAUr+5+srxe6Mjr3vU/k+f7QteSWqTlk+XZIzyPDr43VvYeWdmR+HHHNTh87Uw0ov2UqKJ7rsrAaLNXJn6Z31Y2Wndvr99aub9v3GS79/Zeje7dPzs3kux8ebZ9j+g+O7K253q2zeZtF9tttf1tv2q22w67UsfKz3D/PdJc3vZCRPyijDZry2T38Kztcke/7PNWI2/7JE3T4vMWAGfeuS+eG2v+s/mX5vvNnzRvNV9vfH38K+MvjsXon0e/Wp8ZebX2YvLbeD9+GId/QwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA618c67t1dardX1fZU0TR/0aTqRStQjupb86Y8d6+TvGouIwQfM1l6qReRL6lFWjhbYgyfbnfeeNAl/K4/JqST8gEoy8MqNvudPWbn3mXJ3Hqdpeuq7U72r7cjd09LQDsGnXKlekXWUXkO5HQGn6OrmnftXN95590trd1beWn1r9e7iwsLizOLCa/NXb661GsMODzhB+bM+/5wz7EgAAAAAAAAAAACAQQ32xznJ7ZUoltSP+FcE/s9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4LiWp6P+MJKYnbkyk83v7sy3slLVs+lIvubjiKhFRDIVkXwQsRRFicmO4ZJ+29mOuP7hx7sfFXP1suTr146/F9tliaky3Kne6zV6LUwf9Bsvyce533+8ASVlGWkvWTrWePAp+U8AAAD//7ntC7U=") bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r3 = getpid() sched_setscheduler(r3, 0x1, &(0x7f00000000c0)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x1, 0x4, 0x401, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) 0s ago: executing program 0 (id=741): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none, 0x4, 0x1}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0) kernel console output (not intermixed with test programs): mmended to keep mac addresses unique to avoid problems! [ 77.651881][ T4276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.662429][ T4276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.672908][ T4276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.684219][ T4276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.694463][ T4276] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.706093][ T4276] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.717530][ T4276] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.727997][ T4276] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.736963][ T4276] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.746123][ T4276] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.754925][ T4276] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.765457][ T4400] netlink: 'syz.0.11': attribute type 4 has an invalid length. [ 77.789204][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.806248][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.956228][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.973218][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.012547][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.038666][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.056300][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.067088][ T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 78.094844][ T4406] loop3: detected capacity change from 0 to 4096 [ 78.120183][ T4406] ntfs3: Unknown parameter 'Q' [ 78.170587][ T4408] loop0: detected capacity change from 0 to 8192 [ 78.198293][ T4408] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 78.213024][ T4408] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 78.222680][ T4408] REISERFS (device loop0): using ordered data mode [ 78.229500][ T4314] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 78.235960][ T4408] reiserfs: using flush barriers [ 78.252570][ T4408] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 78.268809][ T4274] Bluetooth: hci1: command 0x0419 tx timeout [ 78.275814][ T4274] Bluetooth: hci0: command 0x0419 tx timeout [ 78.275867][ T4277] Bluetooth: hci4: command 0x0419 tx timeout [ 78.281855][ T4274] Bluetooth: hci3: command 0x0419 tx timeout [ 78.281887][ T4274] Bluetooth: hci2: command 0x0419 tx timeout [ 78.326294][ T4408] REISERFS (device loop0): checking transaction log (loop0) [ 78.407560][ T4408] REISERFS (device loop0): Using tea hash to sort names [ 78.428341][ T4314] usb 2-1: Using ep0 maxpacket: 8 [ 78.440313][ T4314] usb 2-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d [ 78.458243][ T4413] loop4: detected capacity change from 0 to 64 [ 78.464533][ T4408] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 78.480146][ T4314] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.538974][ T4413] hfs: unable to locate alternate MDB [ 78.544470][ T4413] hfs: continuing without an alternate MDB [ 78.555240][ T4314] usb 2-1: Product: syz [ 78.564825][ T4314] usb 2-1: Manufacturer: syz [ 78.581278][ T4314] usb 2-1: SerialNumber: syz [ 78.611113][ T27] audit: type=1800 audit(1758210159.003:2): pid=4413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.13" name="file1" dev="loop4" ino=18 res=0 errno=0 [ 78.644356][ T4314] usb 2-1: config 0 descriptor?? [ 78.674660][ T4314] gspca_main: sonixj-2.14.0 probing 0c45:613e [ 78.736017][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.806135][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 79.805452][ T4428] netlink: 32 bytes leftover after parsing attributes in process `syz.0.18'. [ 80.045894][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 80.255856][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 80.320376][ T4314] gspca_sonixj: i2c_w8 err -71 [ 80.352377][ T4314] sonixj: probe of 2-1:0.0 failed with error -71 [ 80.378973][ T4314] usb 2-1: USB disconnect, device number 2 [ 80.972383][ T4436] DRBG: could not allocate digest TFM handle: hmac(sha512) [ 80.974125][ T4454] process 'syz.2.24' launched './file2' with NULL argv: empty string added [ 81.387328][ T26] cfg80211: failed to load regulatory.db [ 81.407311][ T4473] netlink: 104 bytes leftover after parsing attributes in process `syz.1.29'. [ 81.607899][ T4476] loop7: detected capacity change from 0 to 16384 [ 81.772856][ T4481] loop3: detected capacity change from 0 to 1024 [ 82.287474][ T4496] loop3: detected capacity change from 0 to 8 [ 82.466726][ T4483] loop7: detected capacity change from 16384 to 16383 [ 82.806189][ T4510] Zero length message leads to an empty skb [ 83.131708][ T4497] tipc: Started in network mode [ 83.175158][ T4497] tipc: Node identity ac141413, cluster identity 4711 [ 83.185701][ T4497] tipc: New replicast peer: 10.1.1.2 [ 83.191757][ T4497] tipc: Enabled bearer , priority 10 [ 83.778182][ T4524] netlink: 16 bytes leftover after parsing attributes in process `syz.3.37'. [ 84.416839][ T22] tipc: Node number set to 2886997011 [ 85.587277][ T27] audit: type=1326 audit(1758210165.983:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 85.700157][ T4554] loop1: detected capacity change from 0 to 256 [ 85.715910][ T27] audit: type=1326 audit(1758210165.983:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 85.776408][ T4554] ======================================================= [ 85.776408][ T4554] WARNING: The mand mount option has been deprecated and [ 85.776408][ T4554] and is ignored by this kernel. Remove the mand [ 85.776408][ T4554] option from the mount to silence this warning. [ 85.776408][ T4554] ======================================================= [ 85.819243][ T27] audit: type=1326 audit(1758210166.013:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 85.911086][ T4549] loop2: detected capacity change from 0 to 8192 [ 85.941331][ T27] audit: type=1326 audit(1758210166.013:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 86.018761][ T4554] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 86.073123][ T4549] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 86.080894][ T27] audit: type=1326 audit(1758210166.013:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 86.125645][ T27] audit: type=1326 audit(1758210166.013:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 86.147591][ T26] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 86.155216][ T4549] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 86.254771][ T4549] REISERFS (device loop2): using ordered data mode [ 86.510753][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 86.535617][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 86.553747][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 86.565745][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 86.585647][ T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!! [ 86.595629][ T0] NOHZ tick-stop error: local softirq work is pending, handler #8a!!! [ 86.680061][ T27] audit: type=1326 audit(1758210166.013:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 86.702613][ T4549] reiserfs: using flush barriers [ 86.708222][ T27] audit: type=1326 audit(1758210166.013:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 86.826488][ T4549] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 86.875751][ T27] audit: type=1326 audit(1758210166.013:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 86.898304][ T26] usb 1-1: Using ep0 maxpacket: 8 [ 86.910452][ T26] usb 1-1: unable to get BOS descriptor or descriptor too short [ 86.932486][ T4549] REISERFS (device loop2): checking transaction log (loop2) [ 87.001904][ T4549] REISERFS warning (device loop2): reiserfs_fill_super: corrupt root inode, run fsck [ 87.110695][ T26] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 87.121732][ T26] usb 1-1: config 1 has no interface number 1 [ 87.130863][ T26] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 87.151980][ T27] audit: type=1326 audit(1758210166.013:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4548 comm="syz.2.44" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 87.177970][ T26] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.194825][ T26] usb 1-1: Product: syz [ 87.203323][ T26] usb 1-1: Manufacturer: syz [ 87.226099][ T26] usb 1-1: SerialNumber: syz [ 87.316985][ T4578] xt_l2tp: v2 doesn't support IP mode [ 87.491660][ T26] usb 1-1: 2:1: invalid format type 0x1002 is detected, processed as PCM [ 87.520295][ T26] usb 1-1: 2:1 : sample bitwidth 76 in over sample bytes 1 [ 87.534268][ T26] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 87.617911][ T26] usb 1-1: USB disconnect, device number 2 [ 87.845695][ T4584] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.44'. [ 88.009959][ T4287] udevd[4287]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 88.407127][ T4597] netlink: 4 bytes leftover after parsing attributes in process `syz.0.54'. [ 88.508154][ T4603] Driver unsupported XDP return value 0 on prog (id 10) dev N/A, expect packet loss! [ 88.518175][ T14] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 88.715862][ T14] usb 4-1: Using ep0 maxpacket: 16 [ 88.725717][ T14] usb 4-1: too many configurations: 123, using maximum allowed: 8 [ 88.762347][ T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 88.812495][ T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 88.863165][ T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 88.910595][ T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 88.948228][ T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 88.987856][ T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 89.016581][ T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 89.060368][ T14] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 89.097498][ T14] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 89.125670][ T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 89.141260][ T4621] loop0: detected capacity change from 0 to 4096 [ 89.155897][ T14] usb 4-1: SerialNumber: syz [ 89.162248][ T14] usb 4-1: config 0 descriptor?? [ 89.192586][ T14] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input6 [ 89.315345][ T4628] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 89.403359][ T4592] netlink: 20 bytes leftover after parsing attributes in process `syz.3.51'. [ 89.414683][ T3623] bcm5974 4-1:0.0: could not read from device [ 89.433761][ T3623] bcm5974 4-1:0.0: could not read from device [ 89.443067][ T14] usb 4-1: USB disconnect, device number 2 [ 89.632514][ T3623] bcm5974 4-1:0.0: could not read from device [ 90.636445][ T4646] binder: BINDER_SET_CONTEXT_MGR already set [ 90.643422][ T4646] binder: 4629:4646 ioctl 4018620d 200000004a80 returned -16 [ 90.967464][ T4653] loop4: detected capacity change from 0 to 512 [ 91.086812][ T4653] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 91.129917][ T4653] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.351409][ T4662] 8021q: VLANs not supported on ip6gre0 [ 91.425697][ T129] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 91.610642][ T129] usb 5-1: Using ep0 maxpacket: 16 [ 91.626838][ T129] usb 5-1: New USB device found, idVendor=0413, idProduct=6026, bcdDevice=18.aa [ 91.650435][ T129] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=190 [ 91.717697][ T4674] xt_l2tp: v2 doesn't support IP mode [ 91.755452][ T129] usb 5-1: Product: syz [ 91.835542][ T129] usb 5-1: Manufacturer: syz [ 91.949374][ T129] usb 5-1: SerialNumber: syz [ 92.309719][ T129] usb 5-1: config 0 descriptor?? [ 92.326364][ T129] dvb-usb: found a 'Leadtek - USB2.0 Winfast DTV dongle' in warm state. [ 92.335481][ T129] dvb-usb: bulk message failed: -22 (3/0) [ 92.411147][ T129] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 92.508170][ T129] dvbdev: DVB: registering new adapter (Leadtek - USB2.0 Winfast DTV dongle) [ 92.560137][ T129] usb 5-1: media controller created [ 92.604396][ T129] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 92.616518][ T4687] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 92.652684][ T129] dvb-usb: bulk message failed: -22 (6/0) [ 92.665117][ T129] dvb-usb: bulk message failed: -22 (6/0) [ 92.673603][ T129] dvb-usb: no frontend was attached by 'Leadtek - USB2.0 Winfast DTV dongle' [ 92.704386][ T129] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input7 [ 92.726847][ T129] dvb-usb: schedule remote query interval to 150 msecs. [ 92.733819][ T129] dvb-usb: Leadtek - USB2.0 Winfast DTV dongle successfully initialized and connected. [ 92.807442][ T4687] loop0: detected capacity change from 0 to 164 [ 92.886819][ T129] dvb-usb: bulk message failed: -22 (1/0) [ 92.893133][ T129] dvb-usb: error while querying for an remote control event. [ 93.095791][ T129] dvb-usb: bulk message failed: -22 (1/0) [ 93.101606][ T129] dvb-usb: error while querying for an remote control event. [ 93.307119][ T129] dvb-usb: bulk message failed: -22 (1/0) [ 93.313043][ T129] dvb-usb: error while querying for an remote control event. [ 93.371289][ T4706] capability: warning: `syz.3.77' uses deprecated v2 capabilities in a way that may be insecure [ 93.425784][ T4705] loop1: detected capacity change from 0 to 4096 [ 93.460395][ T4705] ntfs3: Unknown parameter '' [ 93.479366][ T4703] loop3: detected capacity change from 0 to 1024 [ 93.495804][ T129] dvb-usb: bulk message failed: -22 (1/0) [ 93.501923][ T129] dvb-usb: error while querying for an remote control event. [ 93.559231][ T4703] hfsplus: invalid xattr key length: 0 [ 93.695694][ T129] dvb-usb: bulk message failed: -22 (1/0) [ 93.701512][ T129] dvb-usb: error while querying for an remote control event. [ 93.772173][ T27] kauditd_printk_skb: 41 callbacks suppressed [ 93.772186][ T27] audit: type=1326 audit(1758210174.163:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 93.834259][ T27] audit: type=1326 audit(1758210174.163:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fee9ed8d510 code=0x7ffc0000 [ 93.868092][ T27] audit: type=1326 audit(1758210174.163:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fee9ed903d7 code=0x7ffc0000 [ 93.977682][ T4321] dvb-usb: bulk message failed: -22 (1/0) [ 93.983447][ T4321] dvb-usb: error while querying for an remote control event. [ 93.994524][ T27] audit: type=1326 audit(1758210174.163:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 94.050130][ T4321] usb 5-1: USB disconnect, device number 2 [ 94.086486][ T4276] EXT4-fs (loop4): unmounting filesystem. [ 94.097366][ T27] audit: type=1326 audit(1758210174.163:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fee9ed903d7 code=0x7ffc0000 [ 94.324752][ T4371] hfsplus: b-tree write err: -5, ino 8 [ 94.363462][ T27] audit: type=1326 audit(1758210174.163:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fee9ed8d80a code=0x7ffc0000 [ 94.414381][ T4722] xt_CT: You must specify a L4 protocol and not use inversions on it [ 94.438716][ T4722] loop1: detected capacity change from 0 to 164 [ 94.714074][ T4321] dvb-usb: Leadtek - USB2.0 Winfast DTV dongle successfully deinitialized and disconnected. [ 94.767167][ T4715] loop2: detected capacity change from 0 to 32768 [ 94.839332][ T27] audit: type=1326 audit(1758210174.163:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 94.888879][ T4715] XFS (loop2): Mounting V5 Filesystem [ 94.971126][ T27] audit: type=1326 audit(1758210174.163:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fee9ed8eba9 code=0x7ffc0000 [ 94.993133][ C1] vkms_vblank_simulate: vblank timer overrun [ 95.078047][ T4735] xt_l2tp: v2 doesn't support IP mode [ 95.359918][ T27] audit: type=1326 audit(1758210174.163:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fee9ed8ebe3 code=0x7ffc0000 [ 95.655832][ T27] audit: type=1326 audit(1758210174.463:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4714 comm="syz.2.84" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fee9ed8d65f code=0x7ffc0000 [ 95.677704][ C1] vkms_vblank_simulate: vblank timer overrun [ 95.697345][ T4715] XFS (loop2): Ending clean mount [ 95.881005][ T4741] loop1: detected capacity change from 0 to 512 [ 95.918980][ T4744] loop3: detected capacity change from 0 to 256 [ 95.979456][ T4741] EXT4-fs: inline encryption not supported [ 95.979703][ T4744] FAT-fs (loop3): Unrecognized mount option "shortname=mixedt=macgaelic" or missing value [ 96.025696][ T4741] EXT4-fs: Ignoring removed mblk_io_submit option [ 96.451436][ T4744] loop3: detected capacity change from 0 to 8192 [ 96.490686][ T4748] syz.0.90 uses obsolete (PF_INET,SOCK_PACKET) [ 96.521199][ T4744] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 96.602534][ T4727] loop4: detected capacity change from 0 to 32768 [ 96.619600][ T4744] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 96.655926][ T4744] REISERFS (device loop3): using ordered data mode [ 96.819447][ T4741] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 96.831420][ T4715] syz.2.84 (4715) used greatest stack depth: 20352 bytes left [ 96.991269][ T4744] reiserfs: using flush barriers [ 97.003699][ T4741] EXT4-fs (loop1): Test dummy encryption mode enabled [ 97.014661][ T4744] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 97.036098][ T4744] REISERFS (device loop3): checking transaction log (loop3) [ 97.046274][ T4279] XFS (loop2): Unmounting Filesystem [ 97.046592][ T4741] EXT4-fs (loop1): orphan cleanup on readonly fs [ 97.087795][ T4741] EXT4-fs error (device loop1): ext4_orphan_get:1400: comm syz.1.88: inode #13: comm syz.1.88: iget: illegal inode # [ 97.090118][ T4727] XFS (loop4): Mounting V5 Filesystem [ 97.101649][ T4741] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.88: couldn't read orphan inode 13 (err -117) [ 97.119646][ T4741] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 97.302460][ T4741] EXT4-fs (loop1): shut down requested (2) [ 97.307263][ T4727] XFS (loop4): Ending clean mount [ 97.391879][ T4266] EXT4-fs (loop1): unmounting filesystem. [ 97.401363][ T4727] XFS (loop4): Quotacheck needed: Please wait. [ 97.453790][ T4744] REISERFS (device loop3): Using tea hash to sort names [ 97.495511][ T4744] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 97.564923][ T4727] XFS (loop4): Quotacheck: Done. [ 97.977635][ T4276] XFS (loop4): Unmounting Filesystem [ 99.813910][ T4800] xt_l2tp: v2 doesn't support IP mode [ 100.260085][ T4803] loop1: detected capacity change from 0 to 256 [ 100.273912][ T4803] FAT-fs (loop1): Unrecognized mount option "rodirKrodir" or missing value [ 100.376628][ T4780] loop0: detected capacity change from 0 to 32768 [ 100.404248][ T4804] loop3: detected capacity change from 0 to 256 [ 100.473920][ T4804] exfat: Unknown parameter 'zero_size_dir' [ 100.548745][ T4780] JBD2: Ignoring recovery information on journal [ 100.685105][ T4780] JBD2: recovery failed [ 100.697528][ T4780] (syz.0.95,4780,1):ocfs2_journal_load:1134 ERROR: Failed to load journal! [ 100.732558][ T4780] (syz.0.95,4780,1):ocfs2_check_volume:2433 ERROR: ocfs2 journal load failed! -5 [ 100.791650][ T4780] (syz.0.95,4780,1):ocfs2_check_volume:2489 ERROR: status = -5 [ 100.836139][ T4780] (syz.0.95,4780,1):ocfs2_mount_volume:1821 ERROR: status = -5 [ 100.894159][ T4780] (syz.0.95,4780,1):ocfs2_fill_super:1176 ERROR: status = -5 [ 101.097189][ T4828] FAULT_INJECTION: forcing a failure. [ 101.097189][ T4828] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 101.144807][ T4828] CPU: 0 PID: 4828 Comm: syz.4.105 Not tainted syzkaller #0 [ 101.152116][ T4828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 101.162193][ T4828] Call Trace: [ 101.165467][ T4828] [ 101.168388][ T4828] dump_stack_lvl+0x168/0x22e [ 101.173068][ T4828] ? show_regs_print_info+0x12/0x12 [ 101.178273][ T4828] ? load_image+0x3b0/0x3b0 [ 101.182774][ T4828] ? __lock_acquire+0x7c50/0x7c50 [ 101.187802][ T4828] ? __kasan_slab_alloc+0x6b/0x80 [ 101.192854][ T4828] should_fail_ex+0x399/0x4d0 [ 101.197574][ T4828] strncpy_from_user+0x32/0x350 [ 101.202451][ T4828] getname_flags+0xf2/0x500 [ 101.206985][ T4828] user_path_at_empty+0x28/0x60 [ 101.211869][ T4828] __se_sys_mount+0x297/0x3c0 [ 101.216577][ T4828] ? __x64_sys_mount+0xc0/0xc0 [ 101.221370][ T4828] ? lockdep_hardirqs_on+0x94/0x140 [ 101.226603][ T4828] ? __x64_sys_mount+0x1c/0xc0 [ 101.231392][ T4828] do_syscall_64+0x4c/0xa0 [ 101.235823][ T4828] ? clear_bhb_loop+0x60/0xb0 [ 101.240523][ T4828] ? clear_bhb_loop+0x60/0xb0 [ 101.245225][ T4828] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 101.251128][ T4828] RIP: 0033:0x7fef5a58eba9 [ 101.255551][ T4828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.275168][ T4828] RSP: 002b:00007fef5b493038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 101.283587][ T4828] RAX: ffffffffffffffda RBX: 00007fef5a7d5fa0 RCX: 00007fef5a58eba9 [ 101.291557][ T4828] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 0000000000000000 [ 101.299547][ T4828] RBP: 00007fef5b493090 R08: 00002000000001c0 R09: 0000000000000000 [ 101.307526][ T4828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.315494][ T4828] R13: 00007fef5a7d6038 R14: 00007fef5a7d5fa0 R15: 00007fff212efe08 [ 101.323469][ T4828] [ 101.479196][ T4362] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 101.488097][ T4818] loop2: detected capacity change from 0 to 32768 [ 101.534571][ T4818] ocfs2: Slot 0 on device (7,2) was already allocated to this node! [ 102.416591][ T4362] usb 2-1: Using ep0 maxpacket: 8 [ 102.444906][ T4362] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 102.581975][ T4818] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 102.671619][ T4362] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 102.913085][ T4362] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 102.958782][ T4362] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 102.988050][ T4362] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 103.020467][ T4362] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 103.044947][ T4362] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.080883][ T4844] loop4: detected capacity change from 0 to 4096 [ 103.122220][ T4844] __ntfs_warning: 41 callbacks suppressed [ 103.122233][ T4844] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 103.241528][ T4844] ntfs: (device loop4): read_ntfs_boot_sector(): Primary boot sector is invalid. [ 103.288649][ T4279] ocfs2: Unmounting device (7,2) on (node local) [ 103.335126][ T4844] ntfs: (device loop4): read_ntfs_boot_sector(): Hot-fix: Recovering invalid primary boot sector from backup copy. [ 103.410882][ T4844] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 103.433159][ T4844] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 103.518321][ T4844] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 103.547486][ T4844] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x0, offset 0x200 because its location on disk could not be determined even after retrying (error code -5). [ 103.609984][ T4844] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 103.653604][ T4844] ntfs: (device loop4): ntfs_read_block(): Failed to read from inode 0xa, attribute type 0x80, vcn 0x1, offset 0x0 because its location on disk could not be determined even after retrying (error code -5). [ 103.695352][ T4321] usb 2-1: USB disconnect, device number 3 [ 103.764781][ T4844] ntfs: (device loop4): ntfs_mapping_pairs_decompress(): Corrupt attribute. [ 103.805388][ T4844] ntfs: volume version 3.1. [ 103.919132][ T4843] loop3: detected capacity change from 0 to 32768 [ 104.134448][ T4843] XFS (loop3): Mounting V5 Filesystem [ 104.433098][ T4870] loop0: detected capacity change from 0 to 2048 [ 104.452780][ T4843] XFS (loop3): Ending clean mount [ 104.492444][ T4843] XFS (loop3): Quotacheck needed: Please wait. [ 104.601707][ T4870] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 104.649798][ T4843] XFS (loop3): Quotacheck: Done. [ 104.756863][ T4870] NILFS (loop0): too large checkpoint size: 1741 bytes [ 104.780250][ T4872] loop2: detected capacity change from 0 to 4096 [ 104.786990][ T4870] NILFS (loop0): error -22 while loading super root [ 104.813004][ T4268] udevd[4268]: incorrect nilfs2 checksum on /dev/loop0 [ 104.869360][ T4872] ntfs: volume version 3.1. [ 104.874470][ T4878] comedi: valid board names for 8255 driver are: [ 104.923497][ T4878] 8255 [ 104.943599][ T4878] comedi: valid board names for vmk80xx driver are: [ 104.974939][ T4878] vmk80xx [ 104.978240][ T4878] comedi: valid board names for usbduxsigma driver are: [ 104.985741][ T4878] usbduxsigma [ 104.989137][ T4878] comedi: valid board names for usbduxfast driver are: [ 104.999246][ T4878] usbduxfast [ 105.002699][ T4878] comedi: valid board names for usbdux driver are: [ 105.010101][ T4878] usbdux [ 105.013075][ T4878] comedi: valid board names for ni6501 driver are: [ 105.020295][ T4878] ni6501 [ 105.023266][ T4878] comedi: valid board names for dt9812 driver are: [ 105.030792][ T4878] dt9812 [ 105.033764][ T4878] comedi: valid board names for ni_labpc_cs driver are: [ 105.041098][ T4878] ni_labpc_cs [ 105.044485][ T4878] comedi: valid board names for ni_daq_700 driver are: [ 105.062199][ T4878] ni_daq_700 [ 105.065514][ T4878] comedi: valid board names for labpc_pci driver are: [ 105.109813][ T4878] labpc_pci [ 105.113093][ T4878] comedi: valid board names for adl_pci9118 driver are: [ 105.137981][ T4878] pci9118dg [ 105.142597][ T4878] pci9118hg [ 105.186309][ T4878] pci9118hr [ 105.189628][ T4878] comedi: valid board names for 8255_pci driver are: [ 105.266722][ T4878] 8255_pci [ 105.281087][ T4878] comedi: valid board names for s526 driver are: [ 105.325707][ T4878] s526 [ 105.328667][ T4878] comedi: valid board names for multiq3 driver are: [ 105.374342][ T4878] multiq3 [ 105.398141][ T4878] comedi: valid board names for pcmuio driver are: [ 105.484688][ T4878] pcmuio48 [ 105.513987][ T4890] loop1: detected capacity change from 0 to 8192 [ 105.530766][ T4890] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 105.538679][ T4878] pcmuio96 [ 105.546045][ T4890] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 105.585872][ T4890] REISERFS (device loop1): using ordered data mode [ 105.645675][ T4890] reiserfs: using flush barriers [ 105.648488][ T4878] comedi: valid board names for pcmmio driver are: [ 105.657475][ T4878] pcmmio [ 105.660760][ T4878] comedi: valid board names for pcmda12 driver are: [ 105.667594][ T4878] pcmda12 [ 105.670641][ T4878] comedi: valid board names for pcmad driver are: [ 105.677146][ T4878] pcmad12 [ 105.678460][ T4890] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 105.680170][ T4878] pcmad16 [ 105.680180][ T4878] comedi: valid board names for ni_labpc driver are: [ 105.714887][ T4878] lab-pc-1200 [ 105.719149][ T4878] lab-pc-1200ai [ 105.722718][ T4878] lab-pc+ [ 105.731566][ T4878] comedi: valid board names for atmio16 driver are: [ 105.774466][ T4878] atmio16 [ 105.777689][ T4878] atmio16d [ 105.786717][ T4878] comedi: valid board names for ni_at_ao driver are: [ 105.808141][ T4878] at-ao-6 [ 105.811197][ T4878] at-ao-10 [ 105.834641][ T4878] comedi: valid board names for ni_at_a2150 driver are: [ 105.845157][ T4890] REISERFS (device loop1): checking transaction log (loop1) [ 105.852897][ T4878] ni_at_a2150 [ 105.887035][ T4890] REISERFS warning (device loop1): reiserfs_fill_super: corrupt root inode, run fsck [ 105.896742][ T4878] comedi: valid board names for adq12b driver are: [ 105.906743][ T4878] adq12b [ 105.909725][ T4878] comedi: valid board names for mpc624 driver are: [ 105.941527][ T4878] mpc624 [ 106.036160][ T4878] comedi: valid board names for c6xdigio driver are: [ 106.042881][ T4878] c6xdigio [ 106.054781][ T4878] comedi: valid board names for aio_iiro_16 driver are: [ 106.072168][ T4878] aio_iiro_16 [ 106.090288][ T4878] comedi: valid board names for aio_aio12_8 driver are: [ 106.132202][ T4267] XFS (loop3): Unmounting Filesystem [ 106.144043][ T4878] aio_aio12_8 [ 106.156678][ T4878] aio_ai12_8 [ 106.212869][ T4906] xt_l2tp: v2 doesn't support IP mode [ 106.314759][ T4878] aio_ao12_4 [ 106.551280][ T4878] comedi: valid board names for fl512 driver are: [ 106.762734][ T4878] fl512 [ 106.772838][ T4878] comedi: valid board names for dmm32at driver are: [ 106.835726][ T4878] dmm32at [ 106.838801][ T4878] comedi: valid board names for dt282x driver are: [ 106.845310][ T4878] dt2821 [ 106.890332][ T4878] dt2821-f [ 106.893497][ T4878] dt2821-g [ 106.924791][ T4878] dt2823 [ 106.928344][ T4878] dt2824-pgh [ 106.931653][ T4878] dt2824-pgl [ 106.934942][ T4878] dt2825 [ 106.945818][ T4878] dt2827 [ 106.948787][ T4878] dt2828 [ 106.951763][ T4878] dt2829 [ 106.954714][ T4878] dt21-ez [ 106.965607][ T4878] dt23-ez [ 106.968699][ T4878] dt24-ez [ 106.971741][ T4878] dt24-ez-pgl [ 107.004202][ T4878] comedi: valid board names for dt2817 driver are: [ 107.063093][ T4878] dt2817 [ 107.079422][ T4878] comedi: valid board names for dt2815 driver are: [ 107.099259][ T4878] dt2815 [ 107.102225][ T4878] comedi: valid board names for dt2814 driver are: [ 107.130483][ T4878] dt2814 [ 107.133460][ T4878] comedi: valid board names for dt2811 driver are: [ 107.143453][ T4878] dt2811-pgh [ 107.147575][ T4878] dt2811-pgl [ 107.150882][ T4878] comedi: valid board names for dt2801 driver are: [ 107.157533][ T4878] dt2801 [ 107.160487][ T4878] comedi: valid board names for das6402 driver are: [ 107.167410][ T4878] das6402-12 [ 107.170869][ T4878] das6402-16 [ 107.180967][ T4878] comedi: valid board names for das1800 driver are: [ 107.195843][ T26] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 107.202246][ T4878] das-1701st [ 107.207030][ T4878] das-1701st-da [ 107.210600][ T4878] das-1702st [ 107.213900][ T4878] das-1702st-da [ 107.222960][ T4878] das-1702hr [ 107.233748][ T4878] das-1702hr-da [ 107.237637][ T4878] das-1701ao [ 107.241041][ T4878] das-1702ao [ 107.244334][ T4878] das-1801st [ 107.247953][ T4878] das-1801st-da [ 107.251613][ T4878] das-1802st [ 107.254903][ T4878] das-1802st-da [ 107.259429][ T4878] das-1802hr [ 107.262850][ T4878] das-1802hr-da [ 107.271065][ T4878] das-1801hc [ 107.275140][ T4878] das-1802hc [ 107.278898][ T4878] das-1801ao [ 107.302414][ T4878] das-1802ao [ 107.313174][ T4878] comedi: valid board names for das800 driver are: [ 107.325263][ T4878] das-800 [ 107.325751][ T22] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 107.328837][ T4878] cio-das800 [ 107.355332][ T4902] loop2: detected capacity change from 0 to 40427 [ 107.368441][ T4878] das-801 [ 107.371504][ T4878] cio-das801 [ 107.377179][ T4902] F2FS-fs (loop2): Invalid log_blocksize (167772172), supports only 12 [ 107.385822][ T26] usb 1-1: Using ep0 maxpacket: 16 [ 107.392439][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 107.404986][ T4878] das-802 [ 107.405019][ T4902] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 107.412340][ T4878] cio-das802 [ 107.421719][ T4878] cio-das802/16 [ 107.426688][ T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 107.430634][ T4878] comedi: valid board names for isa-das08 driver are: [ 107.442124][ T4902] F2FS-fs (loop2): Invalid log sectors per block(393219) log sectorsize(9) [ 107.459340][ T26] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 107.460229][ T4878] isa-das08 [ 107.470264][ T4902] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 107.480250][ T4878] das08-pgm [ 107.483480][ T4878] das08-pgh [ 107.486750][ T4878] das08-pgl [ 107.489965][ T4878] das08-aoh [ 107.493211][ T4878] das08-aol [ 107.497587][ T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.497756][ T4878] das08-aom [ 107.535825][ T22] usb 2-1: Using ep0 maxpacket: 8 [ 107.541540][ T4878] das08/jr-ao [ 107.543641][ T26] usb 1-1: config 0 descriptor?? [ 107.548480][ T4878] das08jr-16-ao [ 107.552436][ T22] usb 2-1: config index 0 descriptor too short (expected 30, got 18) [ 107.596035][ T22] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 107.620728][ T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.620969][ T4878] pc104-das08 [ 107.629599][ T22] usb 2-1: Product: syz [ 107.639095][ T22] usb 2-1: Manufacturer: syz [ 107.644747][ T22] usb 2-1: SerialNumber: syz [ 107.743869][ T22] usb 2-1: config 0 descriptor?? [ 107.749810][ T4878] das08jr/16 [ 107.753712][ T4878] comedi: valid board names for das16m1 driver are: [ 107.766109][ T22] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 107.779595][ T4878] das16m1 [ 107.782667][ T4878] comedi: valid board names for dac02 driver are: [ 107.789702][ T22] usb 2-1: setting power ON [ 107.794645][ T22] dvb-usb: bulk message failed: -22 (2/0) [ 107.801165][ T4878] dac02 [ 107.804070][ T4878] comedi: valid board names for rti802 driver are: [ 107.878858][ T4878] rti802 [ 107.882430][ T4878] comedi: valid board names for rti800 driver are: [ 107.892653][ T22] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 107.913043][ T4878] rti800 [ 107.921643][ T22] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 107.930481][ T4878] rti815 [ 107.933630][ T4878] comedi: valid board names for pcm3724 driver are: [ 107.944578][ T22] usb 2-1: media controller created [ 107.946027][ T4878] pcm3724 [ 107.964963][ T4878] comedi: valid board names for pcl818 driver are: [ 108.002104][ T4911] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 108.037252][ T4911] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 108.062398][ T22] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 108.178269][ T22] usb 2-1: selecting invalid altsetting 6 [ 108.184416][ T22] usb 2-1: digital interface selection failed (-22) [ 108.194653][ T22] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 108.222787][ T22] usb 2-1: setting power OFF [ 108.223063][ T4911] dvb-usb: bulk message failed: -22 (3/0) [ 108.242076][ T4878] pcl818l [ 108.273609][ T4878] pcl818h [ 108.297918][ T26] corsair 0003:1B1C:1B02.0001: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0 [ 108.345707][ T4878] pcl818hd [ 108.348864][ T4878] pcl818hg [ 108.353826][ T4911] dvb-usb: bulk message failed: -22 (4/0) [ 108.362578][ T22] dvb-usb: bulk message failed: -22 (2/0) [ 108.369023][ T4911] cxusb: i2c read failed [ 108.373599][ T22] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 108.394081][ T4878] pcl818 [ 108.397586][ T4878] pcl718 [ 108.400586][ T4878] pcm3718 [ 108.403649][ T4878] comedi: valid board names for pcl816 driver are: [ 108.411133][ T22] (NULL device *): no alternate interface [ 108.411167][ T4924] cxusb: i2c wr: len=8192 is too big! [ 108.411167][ T4924] [ 108.440268][ T4878] pcl816 [ 108.450833][ T4878] pcl814b [ 108.453911][ T4878] comedi: valid board names for pcl812 driver are: [ 108.523267][ T4878] pcl812 [ 108.528658][ T22] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 108.559115][ T4878] pcl812pg [ 108.562258][ T4878] acl8112pg [ 108.565473][ T4878] acl8112dg [ 108.566058][ T22] usb 2-1: USB disconnect, device number 4 [ 108.603197][ T4878] acl8112hg [ 108.611299][ T4878] a821pgl [ 108.614405][ T4878] a821pglnda [ 108.617997][ T4878] a821pgh [ 108.621213][ T4878] a822pgl [ 108.624249][ T4878] a822pgh [ 108.705644][ T4878] a823pgl [ 108.708742][ T4878] a823pgh [ 108.711783][ T4878] pcl813 [ 108.714738][ T4878] pcl813b [ 108.743225][ T4321] usb 1-1: USB disconnect, device number 3 [ 108.763692][ T4878] acl8113 [ 108.771441][ T4878] iso813 [ 108.774690][ T4878] acl8216 [ 108.787250][ T4878] a826pg [ 108.790233][ T4878] comedi: valid board names for pcl730 driver are: [ 108.799691][ T4878] pcl730 [ 108.802671][ T4878] iso730 [ 108.820877][ T4878] acl7130 [ 108.852235][ T4878] pcm3730 [ 108.855303][ T4878] pcl725 [ 108.873276][ T4878] p8r8dio [ 108.879116][ T4878] acl7225b [ 108.882257][ T4878] p16r16dio [ 108.885498][ T4878] pcl733 [ 108.907374][ T4878] pcl734 [ 108.910399][ T4878] opmm-1616-xt [ 108.913888][ T4878] pearl-mm-p [ 108.926488][ T4878] ir104-pbf [ 108.929016][ T4926] fido_id[4926]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 108.929708][ T4878] comedi: valid board names for pcl726 driver are: [ 109.009587][ T4878] pcl726 [ 109.012652][ T4878] pcl727 [ 109.019924][ T4878] pcl728 [ 109.022953][ T4878] acl6126 [ 109.029277][ T4878] acl6128 [ 109.032517][ T4878] comedi: valid board names for pcl724 driver are: [ 109.041380][ T4878] pcl724 [ 109.044466][ T4878] pcl722 [ 109.050623][ T4878] pcl731 [ 109.053642][ T4878] acl7122 [ 109.156723][ T4878] acl7124 [ 109.166488][ T4878] pet48dio [ 109.195762][ T4878] pcmio48 [ 109.198890][ T4878] onyx-mm-dio [ 109.207038][ T4878] comedi: valid board names for pcl711 driver are: [ 109.217399][ T4878] pcl711 [ 109.221438][ T4878] pcl711b [ 109.233026][ T4878] acl8112hg [ 109.238504][ T4878] acl8112dg [ 109.241808][ T4878] comedi: valid board names for amplc_pc263 driver are: [ 109.251647][ T4878] pc263 [ 109.254599][ T4878] comedi: valid board names for amplc_pc236 driver are: [ 109.263559][ T4878] pc36at [ 109.272446][ T4878] comedi: valid board names for amplc_dio200 driver are: [ 109.285017][ T4878] pc212e [ 109.291586][ T4878] pc214e [ 109.294730][ T4878] pc215e [ 109.320258][ T4878] pc218e [ 109.323300][ T4878] pc272e [ 109.335711][ T4878] comedi: valid board names for comedi_parport driver are: [ 109.343114][ T4878] comedi_parport [ 109.348741][ T4878] comedi: valid board names for comedi_test driver are: [ 109.357012][ T4878] comedi_test [ 109.360575][ T4878] comedi: valid board names for comedi_bond driver are: [ 109.369563][ T4878] comedi_bond [ 110.090547][ T4949] xt_l2tp: v2 doesn't support IP mode [ 110.549208][ T4954] loop3: detected capacity change from 0 to 164 [ 110.604674][ T4954] Unable to read rock-ridge attributes [ 110.932055][ T4965] loop2: detected capacity change from 0 to 512 [ 111.912393][ T4965] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6 [ 112.038174][ T4993] netlink: 24 bytes leftover after parsing attributes in process `syz.4.146'. [ 112.731645][ T5009] xt_l2tp: v2 doesn't support IP mode [ 113.455813][ T26] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 113.777071][ T5011] loop3: detected capacity change from 0 to 4096 [ 113.806315][ T26] usb 3-1: Using ep0 maxpacket: 8 [ 113.829405][ T26] usb 3-1: unable to get BOS descriptor or descriptor too short [ 113.900204][ T26] usb 3-1: config 4 interface 0 has no altsetting 0 [ 113.932458][ T5011] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 113.944837][ T26] usb 3-1: string descriptor 0 read error: -22 [ 113.965178][ T26] usb 3-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 114.009293][ T5011] ntfs3: loop3: Failed to load $Extend. [ 114.039310][ T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.095270][ T26] usb 3-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 114.163166][ T26] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 114.206019][ T26] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 114.213163][ T26] usb 3-1: media controller created [ 114.273410][ T26] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 114.286180][ T4999] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.302906][ T4999] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.378161][ T26] zl10353_read_register: readreg error (reg=127, ret==0) [ 115.505807][ T26] usb 3-1: USB disconnect, device number 2 [ 115.793866][ T5038] loop3: detected capacity change from 0 to 64 [ 115.824724][ T5042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.839018][ T5042] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 116.145620][ T26] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 116.222213][ T5051] loop3: detected capacity change from 0 to 8 [ 116.637226][ T5051] SQUASHFS error: lzo decompression failed, data probably corrupt [ 116.645525][ T5051] SQUASHFS error: Failed to read block 0x144: -5 [ 116.652003][ T5051] SQUASHFS error: Unable to read metadata cache entry [142] [ 116.659506][ T5051] SQUASHFS error: Unable to read inode 0x11f [ 117.253186][ T5056] tmpfs: Unknown parameter 'nr_inode' [ 117.347123][ T26] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 117.439569][ T26] usb 5-1: config 0 interface 0 has no altsetting 0 [ 117.481561][ T26] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 117.591051][ T26] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 117.682051][ T26] usb 5-1: Product: syz [ 117.702814][ T26] usb 5-1: Manufacturer: syz [ 117.858420][ T26] usb 5-1: SerialNumber: syz [ 117.887377][ T26] usb 5-1: config 0 descriptor?? [ 117.983640][ T26] usb 5-1: selecting invalid altsetting 0 [ 118.162428][ T5062] block device autoloading is deprecated and will be removed. [ 118.173259][ T5042] netlink: 165 bytes leftover after parsing attributes in process `syz.4.162'. [ 118.487371][ T14] usb 5-1: USB disconnect, device number 3 [ 118.519482][ T5065] loop3: detected capacity change from 0 to 4096 [ 118.534122][ T5065] ntfs3: Unknown parameter '' [ 119.325956][ T5075] 9pnet_fd: Insufficient options for proto=fd [ 120.953250][ T5096] netlink: 8 bytes leftover after parsing attributes in process `syz.0.179'. [ 121.253471][ T5083] loop3: detected capacity change from 0 to 32768 [ 121.291319][ T5083] XFS: ikeep mount option is deprecated. [ 121.459729][ T26] XFS (loop3): Metadata CRC error detected at xfs_sb_read_verify+0x39a/0x480, xfs_sb_quiet block 0x0 [ 121.471377][ T26] XFS (loop3): Unmount and run xfs_repair [ 121.477201][ T26] XFS (loop3): First 128 bytes of corrupted metadata buffer: [ 121.485190][ T26] 00000000: 58 46 53 42 00 00 08 00 00 00 00 00 00 00 20 00 XFSB.......... . [ 121.487051][ T5102] netlink: 'syz.1.176': attribute type 12 has an invalid length. [ 121.494106][ T26] 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 121.510866][ T26] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 121.519809][ T26] 00000030: 00 00 00 00 00 00 00 20 00 00 00 00 00 00 24 40 ....... ......$@ [ 121.528724][ T26] 00000040: 00 00 00 00 00 00 24 41 00 00 00 00 00 00 24 42 ......$A......$B [ 121.551115][ T26] 00000050: 00 00 00 02 00 00 20 00 00 00 00 02 00 00 00 00 ...... ......... [ 121.560063][ T26] 00000060: 00 00 12 00 b4 b5 02 00 04 00 00 02 00 00 00 00 ................ [ 121.568968][ T26] 00000070: 00 00 00 00 00 00 00 00 0b 09 0a 01 0d 00 00 32 ...............2 [ 121.606599][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.176'. [ 121.642859][ T5102] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 121.652085][ T5102] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 121.660881][ T5102] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 121.669663][ T5102] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 121.790959][ T5102] netlink: 'syz.1.176': attribute type 12 has an invalid length. [ 122.517447][ T5110] tmpfs: Unknown parameter 'grpquota/#/msr' [ 122.545901][ T5102] netlink: 4 bytes leftover after parsing attributes in process `syz.1.176'. [ 122.580442][ T5110] sg_write: data in/out 1073741788/14 bytes for SCSI command 0x0-- guessing data in; [ 122.580442][ T5110] program syz.2.181 not setting count and/or reply_len properly [ 122.600286][ T5110] sg_write: data in/out 91/154 bytes for SCSI command 0x0-- guessing data in; [ 122.600286][ T5110] program syz.2.181 not setting count and/or reply_len properly [ 122.948183][ T5114] loop0: detected capacity change from 0 to 256 [ 123.023042][ T5114] exfat: Deprecated parameter 'utf8' [ 123.083741][ T5114] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 124.238607][ T5139] FAULT_INJECTION: forcing a failure. [ 124.238607][ T5139] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 124.253384][ T5139] CPU: 0 PID: 5139 Comm: syz.4.191 Not tainted syzkaller #0 [ 124.260709][ T5139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 124.270796][ T5139] Call Trace: [ 124.274110][ T5139] [ 124.277084][ T5139] dump_stack_lvl+0x168/0x22e [ 124.281792][ T5139] ? show_regs_print_info+0x12/0x12 [ 124.287013][ T5139] ? load_image+0x3b0/0x3b0 [ 124.291576][ T5139] ? __lock_acquire+0x7c50/0x7c50 [ 124.296629][ T5139] ? __virt_addr_valid+0x188/0x540 [ 124.301772][ T5139] should_fail_ex+0x399/0x4d0 [ 124.306481][ T5139] _copy_from_user+0x2c/0x170 [ 124.311178][ T5139] __se_sys_memfd_create+0x129/0x340 [ 124.316472][ T5139] do_syscall_64+0x4c/0xa0 [ 124.320893][ T5139] ? clear_bhb_loop+0x60/0xb0 [ 124.325576][ T5139] ? clear_bhb_loop+0x60/0xb0 [ 124.330260][ T5139] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 124.336169][ T5139] RIP: 0033:0x7fef5a58eba9 [ 124.340688][ T5139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.360309][ T5139] RSP: 002b:00007fef5b492e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 124.368734][ T5139] RAX: ffffffffffffffda RBX: 000000000000551b RCX: 00007fef5a58eba9 [ 124.376715][ T5139] RDX: 00007fef5b492ef0 RSI: 0000000000000000 RDI: 00007fef5a6127e8 [ 124.384781][ T5139] RBP: 00002000000079c0 R08: 00007fef5b492bb7 R09: 00007fef5b492e40 [ 124.392763][ T5139] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000 [ 124.400742][ T5139] R13: 00007fef5b492ef0 R14: 00007fef5b492eb0 R15: 0000200000000040 [ 124.408730][ T5139] [ 125.023978][ T5155] netlink: 'syz.2.196': attribute type 3 has an invalid length. [ 125.916226][ T5141] loop0: detected capacity change from 0 to 32768 [ 125.969323][ T5141] XFS (loop0): Mounting V5 Filesystem [ 126.172660][ T5177] loop3: detected capacity change from 0 to 1024 [ 126.290606][ T5141] XFS (loop0): Ending clean mount [ 126.308067][ T5141] XFS (loop0): Quotacheck needed: Please wait. [ 126.385077][ T5141] XFS (loop0): Quotacheck: Done. [ 126.406026][ T4287] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 126.557203][ T5181] netlink: 4 bytes leftover after parsing attributes in process `syz.2.201'. [ 126.612889][ T5182] loop2: detected capacity change from 0 to 7 [ 126.705444][ T4694] Dev loop2: unable to read RDB block 7 [ 126.714406][ T4694] loop2: unable to read partition table [ 126.753750][ T4694] loop2: partition table beyond EOD, truncated [ 126.773961][ T4275] XFS (loop0): Unmounting Filesystem [ 126.834143][ T5182] Dev loop2: unable to read RDB block 7 [ 126.863336][ T5182] loop2: unable to read partition table [ 126.908848][ T5182] loop2: partition table beyond EOD, truncated [ 126.949374][ T5182] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 127.718154][ T5198] xt_l2tp: v2 doesn't support IP mode [ 128.522643][ T5202] loop2: detected capacity change from 0 to 512 [ 128.573424][ T5202] EXT4-fs: Ignoring removed nobh option [ 128.675927][ T5202] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 128.741518][ T5202] EXT4-fs (loop2): Test dummy encryption mode enabled [ 128.836990][ T5209] syz.0.212 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 129.006367][ T5202] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.209: iget: bad i_size value: 38620345925642 [ 129.137241][ T5202] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.209: couldn't read orphan inode 15 (err -117) [ 129.196980][ T5202] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 129.251325][ T5221] netlink: 132 bytes leftover after parsing attributes in process `syz.4.217'. [ 129.765006][ T5202] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.209: iget: bad i_size value: 38620345925642 [ 130.253461][ T5202] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.209: iget: bad i_size value: 38620345925642 [ 130.539757][ T5243] xt_l2tp: v2 doesn't support IP mode [ 131.122258][ T5241] loop0: detected capacity change from 0 to 4096 [ 131.225832][ T5241] __ntfs_error: 58 callbacks suppressed [ 131.225846][ T5241] ntfs: (device loop0): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk. [ 131.236641][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 131.317834][ T5241] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing. [ 131.384138][ T5241] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0x1 as bad. Run chkdsk. [ 131.488468][ T5241] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr. Will not be able to remount read-write. Run ntfsfix and/or chkdsk. [ 131.574976][ T5241] ntfs: volume version 3.1. [ 131.687453][ T5262] netlink: 40 bytes leftover after parsing attributes in process `syz.2.222'. [ 131.941192][ T5264] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 132.556601][ T5258] loop4: detected capacity change from 0 to 40427 [ 132.578212][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.584719][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.619796][ T5275] loop0: detected capacity change from 0 to 64 [ 133.006968][ T5258] F2FS-fs (loop4): invalid crc value [ 133.075529][ T5258] F2FS-fs (loop4): Found nat_bits in checkpoint [ 133.595419][ T5258] F2FS-fs (loop4): Start checkpoint disabled! [ 133.860287][ T5258] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 134.111496][ T5290] loop3: detected capacity change from 0 to 512 [ 134.247430][ T5290] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 134.275941][ T5290] ext4 filesystem being mounted at /49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 134.307551][ C1] vkms_vblank_simulate: vblank timer overrun [ 134.604506][ T5300] xt_l2tp: v2 doesn't support IP mode [ 135.240874][ T5290] EXT4-fs error (device loop3): ext4_map_blocks:635: inode #2: block 18: comm syz.3.232: lblock 23 mapped to illegal pblock 18 (length 1) [ 135.340869][ T5290] EXT4-fs (loop3): Remounting filesystem read-only [ 135.518560][ T4267] EXT4-fs (loop3): unmounting filesystem. [ 135.580537][ T5322] netlink: 'syz.1.242': attribute type 3 has an invalid length. [ 135.588431][ T5322] netlink: 'syz.1.242': attribute type 3 has an invalid length. [ 135.682222][ T5324] loop3: detected capacity change from 0 to 64 [ 135.745859][ T126] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 135.951005][ T126] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 135.971343][ T126] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 136.000151][ T126] usb 3-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 136.021731][ T126] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.051072][ T126] usb 3-1: config 0 descriptor?? [ 136.134524][ T5336] xt_l2tp: missing protocol rule (udp|l2tpip) [ 136.140222][ T129] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 136.337429][ T129] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 136.363630][ T129] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 136.388812][ T129] usb 4-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 136.414056][ T129] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.474275][ T129] usb 4-1: config 0 descriptor?? [ 136.556205][ T5315] loop2: detected capacity change from 0 to 8192 [ 136.931032][ T129] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 137.009692][ T129] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 137.078599][ T129] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 137.149981][ T129] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 137.218849][ T129] playstation 0003:054C:0DF2.0002: unknown main item tag 0x0 [ 137.323307][ T129] playstation 0003:054C:0DF2.0002: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.3-1/input0 [ 137.366809][ T5315] loop2: AHDI p2 p3 p4 [ 137.401115][ T5315] loop2: p2 size 26776835 extends beyond EOD, truncated [ 137.447862][ T129] playstation 0003:054C:0DF2.0002: Invalid byte count transferred, expected 20 got 0 [ 137.452674][ T5315] loop2: p4 size 101122048 extends beyond EOD, truncated [ 137.466336][ T129] playstation 0003:054C:0DF2.0002: Failed to retrieve DualSense pairing info: -22 [ 137.496614][ T126] Bluetooth: Can't get state to change to load configuration err [ 137.506854][ T129] playstation 0003:054C:0DF2.0002: Failed to get MAC address from DualSense [ 137.512796][ T126] Bluetooth: Loading sysconfig file failed [ 137.525682][ T126] ath3k: probe of 3-1:0.0 failed with error -16 [ 137.535535][ T129] playstation 0003:054C:0DF2.0002: Failed to create dualsense. [ 137.542770][ T126] usb 3-1: USB disconnect, device number 3 [ 137.558530][ T5321] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.566670][ T5321] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.601616][ T129] playstation: probe of 0003:054C:0DF2.0002 failed with error -22 [ 137.654338][ T22] usb 4-1: USB disconnect, device number 3 [ 137.778074][ T5349] fido_id[5349]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 138.138626][ T5353] xt_l2tp: v2 doesn't support IP mode [ 138.951215][ T5355] netlink: 'syz.0.251': attribute type 1 has an invalid length. [ 138.959369][ T5355] netlink: 24 bytes leftover after parsing attributes in process `syz.0.251'. [ 139.682929][ T5072] udevd[5072]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 139.704159][ T4287] udevd[4287]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 140.189912][ T5321] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 140.288590][ T5321] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 140.945342][ T5397] binder_alloc: 5391: binder_alloc_buf, no vma [ 141.544849][ T5321] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.553923][ T5321] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.569104][ T5321] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.581165][ T5321] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.614106][ T5400] netlink: 20 bytes leftover after parsing attributes in process `syz.2.259'. [ 141.761043][ T5362] tun0: tun_chr_ioctl cmd 1074025681 [ 141.775675][ T5363] netlink: 4 bytes leftover after parsing attributes in process `syz.0.251'. [ 142.050103][ T5406] tipc: Enabling of bearer rejected, failed to enable media [ 142.215840][ T5330] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 142.252348][ T5412] FAULT_INJECTION: forcing a failure. [ 142.252348][ T5412] name failslab, interval 1, probability 0, space 0, times 1 [ 142.299427][ T5412] CPU: 1 PID: 5412 Comm: syz.4.264 Not tainted syzkaller #0 [ 142.306752][ T5412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 142.316801][ T5412] Call Trace: [ 142.320081][ T5412] [ 142.323016][ T5412] dump_stack_lvl+0x168/0x22e [ 142.327703][ T5412] ? show_regs_print_info+0x12/0x12 [ 142.332913][ T5412] ? load_image+0x3b0/0x3b0 [ 142.337425][ T5412] ? __might_sleep+0xd0/0xd0 [ 142.342021][ T5412] ? __lock_acquire+0x7c50/0x7c50 [ 142.347046][ T5412] should_fail_ex+0x399/0x4d0 [ 142.351727][ T5412] should_failslab+0x5/0x20 [ 142.356233][ T5412] slab_pre_alloc_hook+0x59/0x310 [ 142.361257][ T5412] kmem_cache_alloc+0x56/0x2f0 [ 142.366021][ T5412] ? ep_insert+0x267/0x1970 [ 142.370531][ T5412] ep_insert+0x267/0x1970 [ 142.374873][ T5412] ? ep_loop_check+0x1b0/0x1b0 [ 142.379635][ T5412] ? do_epoll_ctl+0x403/0xf50 [ 142.384331][ T5412] ? mutex_lock_nested+0x10/0x10 [ 142.389271][ T5412] ? __fget_files+0x44a/0x4d0 [ 142.393951][ T5412] ? __fdget+0x17c/0x200 [ 142.398192][ T5412] ? do_epoll_ctl+0x38/0xf50 [ 142.402779][ T5412] do_epoll_ctl+0x8a1/0xf50 [ 142.407286][ T5412] __x64_sys_epoll_ctl+0x160/0x1a0 [ 142.412398][ T5412] ? ep_modify+0xa20/0xa20 [ 142.416814][ T5412] ? lockdep_hardirqs_on+0x94/0x140 [ 142.422035][ T5412] do_syscall_64+0x4c/0xa0 [ 142.426462][ T5412] ? clear_bhb_loop+0x60/0xb0 [ 142.431137][ T5412] ? clear_bhb_loop+0x60/0xb0 [ 142.435815][ T5412] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 142.441719][ T5412] RIP: 0033:0x7fef5a58eba9 [ 142.446135][ T5412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.465741][ T5412] RSP: 002b:00007fef5b493038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 142.474154][ T5412] RAX: ffffffffffffffda RBX: 00007fef5a7d5fa0 RCX: 00007fef5a58eba9 [ 142.482144][ T5412] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000005 [ 142.490114][ T5412] RBP: 00007fef5b493090 R08: 0000000000000000 R09: 0000000000000000 [ 142.498087][ T5412] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001 [ 142.506050][ T5412] R13: 00007fef5a7d6038 R14: 00007fef5a7d5fa0 R15: 00007fff212efe08 [ 142.514028][ T5412] [ 142.615686][ T5330] usb 3-1: Using ep0 maxpacket: 16 [ 142.636291][ T5330] usb 3-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82 [ 142.665738][ T5330] usb 3-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10 [ 142.674016][ T5330] usb 3-1: Product: syz [ 142.695840][ T5330] usb 3-1: Manufacturer: syz [ 142.706587][ T5330] usb 3-1: SerialNumber: syz [ 142.718399][ T5330] usb 3-1: config 0 descriptor?? [ 142.745499][ T5330] usb 3-1: selecting invalid altsetting 1 [ 142.786832][ T5330] snd-usb-audio: probe of 3-1:0.0 failed with error -22 [ 142.865683][ T4321] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 142.903686][ T5072] udevd[5072]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 143.010402][ T5330] usb 3-1: USB disconnect, device number 4 [ 143.071275][ T4321] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 143.094046][ T4321] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.913284][ T4321] usb 1-1: config 0 descriptor?? [ 143.936853][ T4321] cp210x 1-1:0.0: cp210x converter detected [ 144.110845][ T5430] loop4: detected capacity change from 0 to 4096 [ 144.138289][ T5414] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 144.146895][ T5414] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 145.212029][ T4321] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -71 [ 145.224883][ T4321] cp210x 1-1:0.0: querying part number failed [ 145.236746][ T4321] usb 1-1: cp210x converter now attached to ttyUSB0 [ 145.273506][ T5437] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 145.279886][ T4321] usb 1-1: USB disconnect, device number 4 [ 145.362508][ T4321] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 145.467938][ T4321] cp210x 1-1:0.0: device disconnected [ 145.715666][ T26] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 146.135648][ T26] usb 4-1: Using ep0 maxpacket: 8 [ 146.146803][ T26] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 146.165603][ T26] usb 4-1: config 0 has no interfaces? [ 146.174334][ T26] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16 [ 146.193762][ T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.215140][ T26] usb 4-1: Product: syz [ 146.223764][ T26] usb 4-1: Manufacturer: syz [ 146.233957][ T26] usb 4-1: SerialNumber: syz [ 146.244920][ T26] usb 4-1: config 0 descriptor?? [ 146.522881][ T5450] netlink: 176 bytes leftover after parsing attributes in process `syz.3.271'. [ 146.535107][ T5450] device ip6gretap0 entered promiscuous mode [ 146.552192][ T5450] netlink: 176 bytes leftover after parsing attributes in process `syz.3.271'. [ 147.228622][ T5456] xt_l2tp: v2 doesn't support IP mode [ 147.987546][ T5461] tipc: Enabled bearer , priority 0 [ 148.000182][ T5461] device syzkaller0 entered promiscuous mode [ 148.058782][ T5461] tipc: Resetting bearer [ 148.091468][ T5460] tipc: Resetting bearer [ 148.131678][ T5460] tipc: Disabling bearer [ 148.285491][ T14] usb 4-1: USB disconnect, device number 4 [ 149.346857][ T5473] netlink: 88 bytes leftover after parsing attributes in process `syz.4.280'. [ 149.582561][ T5473] netlink: 'syz.4.280': attribute type 21 has an invalid length. [ 149.604924][ T5473] netlink: 128 bytes leftover after parsing attributes in process `syz.4.280'. [ 149.671141][ T5473] netlink: 'syz.4.280': attribute type 4 has an invalid length. [ 149.680996][ T5473] netlink: 3 bytes leftover after parsing attributes in process `syz.4.280'. [ 149.955868][ T5463] loop0: detected capacity change from 0 to 32768 [ 150.055235][ T5463] XFS (loop0): Mounting V5 Filesystem [ 150.162862][ T5463] XFS (loop0): Ending clean mount [ 150.202597][ T5463] XFS (loop0): Quotacheck needed: Please wait. [ 150.281826][ T5463] XFS (loop0): Quotacheck: Done. [ 150.294137][ T5465] overlayfs: unrecognized mount option "\']*=[\1\" or missing value [ 150.394794][ T5489] loop2: detected capacity change from 0 to 4096 [ 150.630178][ T5500] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 150.649154][ T4275] XFS (loop0): Unmounting Filesystem [ 151.185180][ T5499] loop3: detected capacity change from 0 to 1024 [ 151.289153][ T5509] loop0: detected capacity change from 0 to 4096 [ 151.376300][ T5510] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 151.680035][ T5516] loop3: detected capacity change from 0 to 256 [ 151.689390][ T5517] xt_l2tp: v2 doesn't support IP mode [ 151.848188][ T5516] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 152.012116][ T5516] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 152.217801][ T5516] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 152.592992][ T5528] netlink: 12 bytes leftover after parsing attributes in process `syz.4.291'. [ 153.834723][ T5540] loop4: detected capacity change from 0 to 64 [ 153.930864][ T5540] hfs: unable to locate alternate MDB [ 153.955919][ T5540] hfs: continuing without an alternate MDB [ 154.043597][ T27] audit: type=1800 audit(1758210234.433:133): pid=5540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.298" name="file1" dev="loop4" ino=18 res=0 errno=0 [ 154.713176][ T5545] loop2: detected capacity change from 0 to 1024 [ 154.751507][ T5547] loop0: detected capacity change from 0 to 512 [ 154.832259][ T5547] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 154.856282][ T5547] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 155.027879][ T5547] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 155.097130][ T5547] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28 [ 155.141615][ T5547] EXT4-fs (loop0): This should not happen!! Data will be lost [ 155.141615][ T5547] [ 155.158451][ T5547] EXT4-fs (loop0): Total free blocks count 0 [ 155.180883][ T5547] EXT4-fs (loop0): Free/Dirty block details [ 155.195509][ T5547] EXT4-fs (loop0): free_blocks=65280 [ 155.211997][ T5547] EXT4-fs (loop0): dirty_blocks=33 [ 155.229915][ T5547] EXT4-fs (loop0): Block reservation details [ 155.241255][ T5552] loop2: detected capacity change from 0 to 256 [ 155.247760][ T5547] EXT4-fs (loop0): i_reserved_data_blocks=33 [ 155.287160][ T5552] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 155.341269][ T5552] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 155.468115][ T5552] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 155.482682][ T4275] EXT4-fs (loop0): unmounting filesystem. [ 155.590612][ T5531] loop3: detected capacity change from 0 to 65536 [ 155.666490][ T5531] xfs: Unknown parameter 'mtpt' [ 155.704222][ T5072] I/O error, dev loop3, sector 65408 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 155.995844][ T22] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 156.197788][ T22] usb 1-1: unable to get BOS descriptor or descriptor too short [ 156.216745][ T22] usb 1-1: not running at top speed; connect to a high speed hub [ 156.224551][ T22] usb 1-1: too many configurations: 23, using maximum allowed: 8 [ 156.289333][ T22] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 181 [ 156.300940][ T5562] netlink: 28 bytes leftover after parsing attributes in process `syz.4.307'. [ 156.305661][ T22] usb 1-1: can't read configurations, error -22 [ 156.320260][ T5562] netlink: 24 bytes leftover after parsing attributes in process `syz.4.307'. [ 156.345702][ T5562] netlink: 28 bytes leftover after parsing attributes in process `syz.4.307'. [ 156.406498][ T5562] netlink: 24 bytes leftover after parsing attributes in process `syz.4.307'. [ 156.485659][ T22] usb 1-1: new full-speed USB device number 6 using dummy_hcd [ 156.674700][ T5573] kernel read not supported for file /z (pid: 5573 comm: syz.2.312) [ 156.689465][ T22] usb 1-1: unable to get BOS descriptor or descriptor too short [ 156.708835][ T22] usb 1-1: not running at top speed; connect to a high speed hub [ 156.719835][ T27] audit: type=1800 audit(1758210237.113:134): pid=5573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.312" name=7ABF17 dev="mqueue" ino=36985 res=0 errno=0 [ 156.739564][ C1] vkms_vblank_simulate: vblank timer overrun [ 156.755694][ T22] usb 1-1: too many configurations: 23, using maximum allowed: 8 [ 156.775043][ T22] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 181 [ 156.797081][ T22] usb 1-1: can't read configurations, error -22 [ 156.813628][ T22] usb usb1-port1: attempt power cycle [ 156.987694][ T5566] loop3: detected capacity change from 0 to 32768 [ 157.020304][ T5566] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.309 (5566) [ 157.073681][ T5566] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 157.094570][ T5566] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 157.125813][ T5566] BTRFS info (device loop3): use no compression [ 157.145665][ T5566] BTRFS info (device loop3): using free space tree [ 157.235681][ T22] usb 1-1: new full-speed USB device number 7 using dummy_hcd [ 157.391950][ T22] usb 1-1: unable to get BOS descriptor or descriptor too short [ 157.430995][ T22] usb 1-1: not running at top speed; connect to a high speed hub [ 157.486343][ T22] usb 1-1: too many configurations: 23, using maximum allowed: 8 [ 157.516190][ T22] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 181 [ 157.524856][ T22] usb 1-1: can't read configurations, error -22 [ 157.540907][ T5598] netlink: 40 bytes leftover after parsing attributes in process `syz.2.317'. [ 157.660191][ T5566] BTRFS info (device loop3): enabling ssd optimizations [ 157.715655][ T22] usb 1-1: new full-speed USB device number 8 using dummy_hcd [ 157.754544][ T22] usb 1-1: unable to get BOS descriptor or descriptor too short [ 157.766143][ T22] usb 1-1: not running at top speed; connect to a high speed hub [ 157.784231][ T22] usb 1-1: too many configurations: 23, using maximum allowed: 8 [ 157.803718][ T22] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 181 [ 157.822564][ T22] usb 1-1: can't read configurations, error -22 [ 157.839421][ T22] usb usb1-port1: unable to enumerate USB device [ 157.865616][ T14] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 158.035734][ T14] usb 3-1: device descriptor read/64, error -71 [ 158.097686][ T4267] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8 [ 158.325766][ T14] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 158.484654][ T5626] loop3: detected capacity change from 0 to 128 [ 158.493320][ T5626] UDF-fs: bad mount option "" or missing value [ 158.505798][ T14] usb 3-1: device descriptor read/64, error -71 [ 158.625784][ T14] usb usb3-port1: attempt power cycle [ 158.713910][ T5632] loop4: detected capacity change from 0 to 64 [ 158.764414][ T5632] hfs: unable to locate alternate MDB [ 158.772175][ T5632] hfs: continuing without an alternate MDB [ 158.849322][ T27] audit: type=1800 audit(1758210239.243:135): pid=5632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.321" name="file1" dev="loop4" ino=18 res=0 errno=0 [ 159.035939][ T14] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 159.077423][ T14] usb 3-1: device descriptor read/8, error -71 [ 159.319066][ T5644] loop3: detected capacity change from 0 to 64 [ 159.355809][ T14] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 159.399422][ T14] usb 3-1: device descriptor read/8, error -71 [ 159.423398][ T5641] loop0: detected capacity change from 0 to 8192 [ 159.526533][ T14] usb usb3-port1: unable to enumerate USB device [ 160.044083][ T27] audit: type=1326 audit(1758210240.433:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1b0b8eba9 code=0x7ffc0000 [ 160.121007][ T27] audit: type=1326 audit(1758210240.433:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1b0b8eba9 code=0x7ffc0000 [ 160.143341][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.195494][ T27] audit: type=1326 audit(1758210240.433:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fc1b0b8eba9 code=0x7ffc0000 [ 160.218230][ T27] audit: type=1326 audit(1758210240.433:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1b0b8eba9 code=0x7ffc0000 [ 160.240402][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.320771][ T27] audit: type=1326 audit(1758210240.433:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1b0b8eba9 code=0x7ffc0000 [ 160.342972][ C0] vkms_vblank_simulate: vblank timer overrun [ 160.430619][ T5657] loop0: detected capacity change from 0 to 512 [ 160.525395][ T27] audit: type=1326 audit(1758210240.433:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7fc1b0b8eba9 code=0x7ffc0000 [ 160.557396][ T5657] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 160.574251][ T5657] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 160.602552][ T5657] System zones: 0-1, 15-15, 18-18, 34-34 [ 160.621344][ T5657] EXT4-fs (loop0): orphan cleanup on readonly fs [ 160.631441][ T27] audit: type=1326 audit(1758210240.433:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1b0b8eba9 code=0x7ffc0000 [ 160.680241][ T5657] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 160.704700][ T5657] EXT4-fs warning (device loop0): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 160.741719][ T27] audit: type=1326 audit(1758210240.433:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1b0b8eba9 code=0x7ffc0000 [ 160.793406][ T5657] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 160.834260][ T5657] EXT4-fs (loop0): 1 truncate cleaned up [ 160.870479][ T5657] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 160.882872][ T27] audit: type=1326 audit(1758210240.433:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.0.329" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc1b0b8eba9 code=0x7ffc0000 [ 160.905082][ C0] vkms_vblank_simulate: vblank timer overrun [ 161.051675][ T5667] comedi comedi1: dt2801: I/O port conflict (0x9e1,2) [ 161.575364][ T4275] EXT4-fs (loop0): unmounting filesystem. [ 161.682044][ T5669] loop3: detected capacity change from 0 to 512 [ 161.719678][ T5665] loop2: detected capacity change from 0 to 4096 [ 161.842526][ T5669] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 161.915803][ T5669] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 162.021574][ T5665] ntfs: volume version 3.1. [ 162.023266][ T5669] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 162.095722][ T5669] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28 [ 162.135720][ T5669] EXT4-fs (loop3): This should not happen!! Data will be lost [ 162.135720][ T5669] [ 162.166037][ T5669] EXT4-fs (loop3): Total free blocks count 0 [ 162.187490][ T5669] EXT4-fs (loop3): Free/Dirty block details [ 162.213379][ T5669] EXT4-fs (loop3): free_blocks=65280 [ 162.235680][ T5669] EXT4-fs (loop3): dirty_blocks=33 [ 162.255634][ T5669] EXT4-fs (loop3): Block reservation details [ 162.275621][ T5669] EXT4-fs (loop3): i_reserved_data_blocks=33 [ 162.462709][ T5675] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 162.473964][ T4267] EXT4-fs (loop3): unmounting filesystem. [ 162.561766][ T5675] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 163.524301][ T129] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 163.725716][ T129] usb 5-1: Using ep0 maxpacket: 32 [ 163.747556][ T129] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.786285][ T129] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 163.815695][ T129] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 163.845085][ T129] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 163.855192][ T129] usb 5-1: Product: syz [ 163.875410][ T129] usb 5-1: Manufacturer: syz [ 163.889869][ T129] hub 5-1:4.0: USB hub found [ 164.081899][ T5710] netlink: 4 bytes leftover after parsing attributes in process `syz.3.342'. [ 164.090801][ T129] hub 5-1:4.0: 2 ports detected [ 164.344207][ T5715] loop0: detected capacity change from 0 to 32768 [ 164.496248][ T129] hub 5-1:4.0: set hub depth failed [ 164.516960][ T129] usb 5-1: USB disconnect, device number 4 [ 164.575097][ T5735] 9pnet_fd: Insufficient options for proto=fd [ 165.602491][ T5751] loop4: detected capacity change from 0 to 2048 [ 166.235668][ T5761] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 166.483441][ T5761] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 166.527500][ T5761] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4) [ 166.596918][ T5761] Remounting filesystem read-only [ 166.602341][ T5751] NILFS (loop4): mounting fs with errors [ 166.621902][ T5771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.352'. [ 166.638593][ T5771] netlink: 44 bytes leftover after parsing attributes in process `syz.0.352'. [ 166.754300][ T5761] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 166.805757][ T5761] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4) [ 166.830902][ T5761] Remounting filesystem read-only [ 166.853831][ T5751] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer [ 166.950084][ T5782] loop3: detected capacity change from 0 to 128 [ 166.986929][ T5782] EXT4-fs (loop3): Test dummy encryption mode enabled [ 167.024074][ T5782] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 167.040311][ T5788] loop4: detected capacity change from 0 to 64 [ 167.047063][ T5782] ext4 filesystem being mounted at /77/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 167.134506][ T5788] hfs: unable to locate alternate MDB [ 167.208484][ T5788] hfs: continuing without an alternate MDB [ 167.266729][ T27] kauditd_printk_skb: 3 callbacks suppressed [ 167.266742][ T27] audit: type=1800 audit(1758210247.663:147): pid=5788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.356" name="file1" dev="loop4" ino=18 res=0 errno=0 [ 167.582238][ T5782] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 167.642685][ T5782] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 168.885003][ T4267] EXT4-fs (loop3): unmounting filesystem. [ 169.124819][ T5779] loop0: detected capacity change from 0 to 65536 [ 169.244368][ T5779] XFS (loop0): Mounting V5 Filesystem [ 169.347920][ T5779] XFS (loop0): Ending clean mount [ 169.354225][ T5779] XFS (loop0): Quotacheck needed: Please wait. [ 169.368264][ T5840] netlink: 'syz.4.361': attribute type 3 has an invalid length. [ 169.415737][ T5840] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.361'. [ 169.447587][ T5779] XFS (loop0): Quotacheck: Done. [ 169.607350][ T4275] XFS (loop0): Unmounting Filesystem [ 171.460398][ T5893] loop3: detected capacity change from 0 to 2048 [ 171.789432][ T5893] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 172.075747][ T14] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 172.192287][ T5624] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 172.305711][ T14] usb 5-1: Using ep0 maxpacket: 32 [ 172.333274][ T14] usb 5-1: config 0 interface 0 has no altsetting 0 [ 172.371470][ T14] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 172.385667][ T5624] usb 4-1: Using ep0 maxpacket: 8 [ 172.398007][ T5624] usb 4-1: unable to get BOS descriptor or descriptor too short [ 172.405650][ T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.405673][ T14] usb 5-1: Product: syz [ 172.405687][ T14] usb 5-1: Manufacturer: syz [ 172.405700][ T14] usb 5-1: SerialNumber: syz [ 172.426433][ T14] usb 5-1: config 0 descriptor?? [ 172.546306][ T5624] usb 4-1: config 1 interface 0 has no altsetting 0 [ 172.586715][ T5624] usb 4-1: New USB device found, idVendor=0b0e, idProduct=ffff, bcdDevice= 0.40 [ 172.631096][ T5624] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.668091][ T5935] loop0: detected capacity change from 0 to 64 [ 172.674325][ T5624] usb 4-1: Product: syz [ 172.710976][ T5624] usb 4-1: Manufacturer: syz [ 172.756489][ T5624] usb 4-1: SerialNumber: syz [ 172.761479][ T5935] hfs: unable to locate alternate MDB [ 172.782269][ T5935] hfs: continuing without an alternate MDB [ 172.849491][ T14] gs_usb 5-1:0.0: Configuring for 62 interfaces [ 172.857021][ T27] audit: type=1800 audit(1758210253.253:148): pid=5935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.372" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 172.879120][ T14] gs_usb 5-1:0.0: Driver cannot handle more that 3 CAN interfaces [ 172.927289][ T14] gs_usb: probe of 5-1:0.0 failed with error -22 [ 174.256915][ T5624] usbhid 4-1:1.0: can't add hid device: -71 [ 174.262946][ T5624] usbhid: probe of 4-1:1.0 failed with error -71 [ 174.302704][ T4545] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 174.352232][ T5624] usb 4-1: USB disconnect, device number 5 [ 174.368414][ T4545] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 174.406291][ T4545] EXT4-fs (loop3): This should not happen!! Data will be lost [ 174.406291][ T4545] [ 174.416488][ T4545] EXT4-fs (loop3): Total free blocks count 0 [ 174.422553][ T4545] EXT4-fs (loop3): Free/Dirty block details [ 174.428965][ T4545] EXT4-fs (loop3): free_blocks=2415919104 [ 174.434799][ T4545] EXT4-fs (loop3): dirty_blocks=7040 [ 174.441027][ T4545] EXT4-fs (loop3): Block reservation details [ 174.449228][ T4545] EXT4-fs (loop3): i_reserved_data_blocks=440 [ 174.540568][ T4545] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 175.141661][ T5979] overlayfs: failed to clone lowerpath [ 175.351344][ T4321] usb 5-1: USB disconnect, device number 5 [ 175.672803][ T5974] loop0: detected capacity change from 0 to 32768 [ 175.740996][ T5974] (syz.0.381,5974,0):ocfs2_verify_heartbeat:835 ERROR: Heartbeat has to be started to mount a read-write clustered device. [ 175.820763][ T5974] (syz.0.381,5974,0):ocfs2_fill_super:1176 ERROR: status = -22 [ 176.091487][ T6001] sctp: failed to load transform for md5: -2 [ 178.203561][ T6085] loop4: detected capacity change from 0 to 64 [ 178.786139][ T6078] sctp: failed to load transform for md5: -4 [ 178.815083][ T6077] sctp: failed to load transform for md5: -4 [ 179.006905][ T6094] loop2: detected capacity change from 0 to 1024 [ 179.716689][ T6062] loop3: detected capacity change from 0 to 40427 [ 179.760160][ T6094] hfsplus: invalid xattr key length: 0 [ 179.776830][ T5072] I/O error, dev loop3, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 179.938882][ T41] hfsplus: b-tree write err: -5, ino 8 [ 180.140281][ T6114] netlink: 'syz.2.407': attribute type 3 has an invalid length. [ 180.171044][ T6114] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.407'. [ 180.502395][ T6146] loop0: detected capacity change from 0 to 4096 [ 180.546403][ T6145] tipc: Started in network mode [ 180.551319][ T6145] tipc: Node identity ac141413, cluster identity 4711 [ 180.610322][ T6145] tipc: New replicast peer: 10.1.1.2 [ 180.649416][ T6145] tipc: Enabled bearer , priority 10 [ 180.804242][ T6164] netlink: 'syz.0.413': attribute type 8 has an invalid length. [ 181.818942][ T14] tipc: Node number set to 2886997011 [ 182.814443][ T6203] loop0: detected capacity change from 0 to 256 [ 182.848928][ T6201] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=948558466 (15176935456 ns) > initial count (9158453856 ns). Using initial count to start timer. [ 182.856433][ T6203] exfat: Deprecated parameter 'utf8' [ 182.932280][ T6203] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 183.500580][ T6225] xt_l2tp: v2 doesn't support IP mode [ 184.277666][ T6235] loop0: detected capacity change from 0 to 64 [ 184.318847][ T6235] hfs: unable to locate alternate MDB [ 184.354639][ T6235] hfs: continuing without an alternate MDB [ 184.401821][ T27] audit: type=1800 audit(1758210264.793:149): pid=6235 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.425" name="file1" dev="loop0" ino=18 res=0 errno=0 [ 184.545236][ T27] audit: type=1326 audit(1758210264.923:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6240 comm="syz.2.424" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fee9ed8eba9 code=0x0 [ 184.787675][ T6249] mkiss: ax0: crc mode is auto. [ 185.485794][ T6275] atomic_op ffff88807d053998 conn xmit_atomic 0000000000000000 [ 187.101781][ T6291] fuse: Unknown parameter 'g(K/:9Fqroup_id' [ 187.636414][ T14] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 187.651097][ T6317] loop3: detected capacity change from 0 to 4096 [ 187.714746][ T6317] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512) [ 187.827396][ T14] usb 5-1: Using ep0 maxpacket: 8 [ 187.836296][ T14] usb 5-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=7a.1a [ 187.865660][ T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 187.874207][ T14] usb 5-1: Product: syz [ 187.904338][ T14] usb 5-1: Manufacturer: syz [ 187.915904][ T14] usb 5-1: SerialNumber: syz [ 187.939462][ T14] usb 5-1: config 0 descriptor?? [ 187.969888][ T14] gspca_main: sn9c2028-2.14.0 probing 0458:7003 [ 188.075624][ T5624] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 188.265627][ T5624] usb 1-1: Using ep0 maxpacket: 32 [ 188.272617][ T5624] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.303983][ T5624] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.495821][ T14] gspca_sn9c2028: read1 error -110 [ 188.502485][ T14] gspca_sn9c2028: read1 error -32 [ 188.515168][ T6323] loop2: detected capacity change from 0 to 4096 [ 188.520738][ T5624] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 188.522380][ T14] gspca_sn9c2028: read1 error -32 [ 188.584169][ T14] sn9c2028: probe of 5-1:0.0 failed with error -32 [ 188.646919][ T5624] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 188.746292][ T5624] usb 1-1: config 0 descriptor?? [ 188.763103][ T6357] FAULT_INJECTION: forcing a failure. [ 188.763103][ T6357] name failslab, interval 1, probability 0, space 0, times 0 [ 188.775928][ T6357] CPU: 0 PID: 6357 Comm: syz.3.444 Not tainted syzkaller #0 [ 188.783231][ T6357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 188.793303][ T6357] Call Trace: [ 188.796600][ T6357] [ 188.799550][ T6357] dump_stack_lvl+0x168/0x22e [ 188.804267][ T6357] ? show_regs_print_info+0x12/0x12 [ 188.809484][ T6357] ? load_image+0x3b0/0x3b0 [ 188.814001][ T6357] ? __lock_acquire+0x7c50/0x7c50 [ 188.819038][ T6357] should_fail_ex+0x399/0x4d0 [ 188.823813][ T6357] should_failslab+0x5/0x20 [ 188.828345][ T6357] slab_pre_alloc_hook+0x59/0x310 [ 188.833380][ T6357] kmem_cache_alloc_node+0x5a/0x320 [ 188.838580][ T6357] ? __alloc_skb+0xfc/0x7e0 [ 188.843089][ T6357] __alloc_skb+0xfc/0x7e0 [ 188.847514][ T6357] sctp_packet_transmit+0x2f3/0x29c0 [ 188.852798][ T6357] ? __sctp_packet_append_chunk+0x913/0xd00 [ 188.858702][ T6357] ? sctp_packet_append_chunk+0x9ae/0xfd0 [ 188.864421][ T6357] sctp_packet_singleton+0x230/0x330 [ 188.869718][ T6357] ? sctp_outq_select_transport+0x570/0x570 [ 188.875623][ T6357] ? sctp_outq_select_transport+0x45d/0x570 [ 188.881512][ T6357] ? sctp_transport_burst_limited+0x193/0x280 [ 188.887676][ T6357] sctp_outq_flush+0x48f/0x3100 [ 188.892545][ T6357] ? rcu_is_watching+0x11/0xa0 [ 188.897319][ T6357] ? sctp_outq_tail+0x8a0/0x8a0 [ 188.902175][ T6357] ? sctp_outq_tail+0x600/0x8a0 [ 188.907041][ T6357] ? sctp_outq_uncork+0x49/0xa0 [ 188.911905][ T6357] sctp_do_sm+0x4e61/0x5500 [ 188.916418][ T6357] ? sctp_generate_t3_rtx_event+0x340/0x340 [ 188.922307][ T6357] ? do_syscall_64+0x4c/0xa0 [ 188.926928][ T6357] ? __sk_mem_raise_allocated+0xac8/0x13f0 [ 188.932740][ T6357] sctp_primitive_ASSOCIATE+0x91/0xc0 [ 188.938124][ T6357] sctp_sendmsg_to_asoc+0x1018/0x17e0 [ 188.943507][ T6357] ? sctp_assoc_add_peer+0xeb7/0x1640 [ 188.948980][ T6357] ? sctp_sendmsg_check_sflags+0x2d0/0x2d0 [ 188.954792][ T6357] ? __sctp_connect+0xd20/0xd20 [ 188.959641][ T6357] ? __local_bh_enable_ip+0x12a/0x1b0 [ 188.965037][ T6357] ? _local_bh_enable+0xa0/0xa0 [ 188.969897][ T6357] ? sctp_endpoint_lookup_assoc+0x77/0x260 [ 188.975729][ T6357] ? sctp_endpoint_lookup_assoc+0x77/0x260 [ 188.981539][ T6357] ? bpf_lsm_sctp_bind_connect+0x5/0x10 [ 188.987082][ T6357] ? security_sctp_bind_connect+0x85/0xb0 [ 188.992812][ T6357] sctp_sendmsg+0x19df/0x2980 [ 188.997502][ T6357] ? sctp_getsockopt+0x8a0/0x8a0 [ 189.002442][ T6357] ? aa_af_perm+0x2b0/0x2b0 [ 189.006942][ T6357] ? tomoyo_socket_sendmsg_permission+0x1dd/0x2f0 [ 189.013370][ T6357] ? inet_sendmsg+0x78/0x2f0 [ 189.017963][ T6357] ? bpf_lsm_socket_sendmsg+0x5/0x10 [ 189.023246][ T6357] ? security_socket_sendmsg+0x7c/0xa0 [ 189.028712][ T6357] __sys_sendto+0x44f/0x5c0 [ 189.033218][ T6357] ? file_end_write+0x156/0x250 [ 189.038076][ T6357] ? __ia32_sys_getpeername+0x80/0x80 [ 189.043456][ T6357] ? __fget_files+0x44a/0x4d0 [ 189.048145][ T6357] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 189.054130][ T6357] ? lock_chain_count+0x20/0x20 [ 189.058984][ T6357] __x64_sys_sendto+0xda/0xf0 [ 189.063666][ T6357] do_syscall_64+0x4c/0xa0 [ 189.068603][ T6357] ? clear_bhb_loop+0x60/0xb0 [ 189.073283][ T6357] ? clear_bhb_loop+0x60/0xb0 [ 189.077964][ T6357] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 189.083890][ T6357] RIP: 0033:0x7fc20338eba9 [ 189.088308][ T6357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.107917][ T6357] RSP: 002b:00007fc20425a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 189.116335][ T6357] RAX: ffffffffffffffda RBX: 00007fc2035d5fa0 RCX: 00007fc20338eba9 [ 189.124303][ T6357] RDX: 0000000000034000 RSI: 0000200000847fff RDI: 0000000000000003 [ 189.132271][ T6357] RBP: 00007fc20425a090 R08: 000020000005ffe4 R09: 000000000000001c [ 189.140249][ T6357] R10: 0000000000000600 R11: 0000000000000246 R12: 0000000000000002 [ 189.148244][ T6357] R13: 00007fc2035d6038 R14: 00007fc2035d5fa0 R15: 00007fff416dc5f8 [ 189.156223][ T6357] [ 189.381700][ T5624] usbhid 1-1:0.0: can't add hid device: -71 [ 189.390625][ T5624] usbhid: probe of 1-1:0.0 failed with error -71 [ 189.421280][ T5624] usb 1-1: USB disconnect, device number 9 [ 189.807983][ T6382] xt_l2tp: v2 doesn't support IP mode [ 190.638812][ T5623] usb 5-1: USB disconnect, device number 6 [ 191.305721][ T6388] netlink: 48 bytes leftover after parsing attributes in process `syz.0.450'. [ 192.345323][ T6435] FAULT_INJECTION: forcing a failure. [ 192.345323][ T6435] name failslab, interval 1, probability 0, space 0, times 0 [ 192.381652][ T6435] CPU: 1 PID: 6435 Comm: syz.0.459 Not tainted syzkaller #0 [ 192.388974][ T6435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 192.399129][ T6435] Call Trace: [ 192.402409][ T6435] [ 192.405342][ T6435] dump_stack_lvl+0x168/0x22e [ 192.410037][ T6435] ? show_regs_print_info+0x12/0x12 [ 192.415243][ T6435] ? load_image+0x3b0/0x3b0 [ 192.419773][ T6435] ? __might_sleep+0xd0/0xd0 [ 192.424377][ T6435] ? __lock_acquire+0x7c50/0x7c50 [ 192.429408][ T6435] ? __mutex_unlock_slowpath+0x19e/0x6a0 [ 192.435048][ T6435] should_fail_ex+0x399/0x4d0 [ 192.439741][ T6435] should_failslab+0x5/0x20 [ 192.444263][ T6435] slab_pre_alloc_hook+0x59/0x310 [ 192.449286][ T6435] ? __se_sys_memfd_create+0xee/0x340 [ 192.454656][ T6435] __kmem_cache_alloc_node+0x4f/0x260 [ 192.460032][ T6435] ? __se_sys_memfd_create+0xee/0x340 [ 192.465409][ T6435] __kmalloc+0xa0/0x240 [ 192.469568][ T6435] __se_sys_memfd_create+0xee/0x340 [ 192.474768][ T6435] do_syscall_64+0x4c/0xa0 [ 192.479183][ T6435] ? clear_bhb_loop+0x60/0xb0 [ 192.483854][ T6435] ? clear_bhb_loop+0x60/0xb0 [ 192.488530][ T6435] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 192.494428][ T6435] RIP: 0033:0x7fc1b0b8eba9 [ 192.498843][ T6435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.518448][ T6435] RSP: 002b:00007fc1b1993e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 192.526952][ T6435] RAX: ffffffffffffffda RBX: 0000000000009dc3 RCX: 00007fc1b0b8eba9 [ 192.534932][ T6435] RDX: 00007fc1b1993ef0 RSI: 0000000000000000 RDI: 00007fc1b0c127e8 [ 192.542905][ T6435] RBP: 0000200000009ec0 R08: 00007fc1b1993bb7 R09: 00007fc1b1993e40 [ 192.550912][ T6435] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000009e40 [ 192.558879][ T6435] R13: 00007fc1b1993ef0 R14: 00007fc1b1993eb0 R15: 0000200000000140 [ 192.567196][ T6435] [ 192.869042][ T6420] loop4: detected capacity change from 0 to 32768 [ 192.898810][ T6420] (syz.4.457,6420,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 192.936611][ T6420] (syz.4.457,6420,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 193.000909][ T6420] JBD2: Ignoring recovery information on journal [ 193.111780][ T6420] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 193.132853][ T6452] netlink: 'syz.1.464': attribute type 11 has an invalid length. [ 193.145845][ T6420] (syz.4.457,6420,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x78b62c9b, computed 0xa52c75e4. Applying ECC. [ 193.165605][ T6420] (syz.4.457,6420,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x78b62c9b, computed 0xdb9a09d0 [ 193.185916][ T6420] (syz.4.457,6420,0):ocfs2_read_virt_blocks:1013 ERROR: status = -5 [ 193.248149][ T6420] (syz.4.457,6420,0):ocfs2_read_quota_block:150 ERROR: status = -5 [ 193.264734][ T6420] (syz.4.457,6420,0):ocfs2_local_check_quota_file:209 ERROR: status = -5 [ 193.294297][ T6420] (syz.4.457,6420,0):ocfs2_local_check_quota_file:211 ERROR: failed to read global quota file header (type=0) [ 193.342450][ T6420] (syz.4.457,6420,0):ocfs2_enable_quotas:939 ERROR: status = -22 [ 193.397252][ T6420] (syz.4.457,6420,0):ocfs2_fill_super:1143 ERROR: status = -22 [ 193.444750][ T6420] ocfs2: Unmounting device (7,4) on (node local) [ 193.583234][ T6461] loop3: detected capacity change from 0 to 4096 [ 193.651850][ T6463] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 193.671768][ T27] audit: type=1800 audit(1758210274.063:151): pid=6461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.467" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 193.723772][ T6461] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 648518346341351424 [ 193.755676][ T6461] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=12) [ 193.788289][ T6461] Remounting filesystem read-only [ 193.798083][ T6461] NILFS (loop3): error -5 truncating bmap (ino=12) [ 194.019399][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.027557][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.192849][ T6448] loop0: detected capacity change from 0 to 32768 [ 194.526900][ T5622] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 194.739342][ T27] audit: type=1800 audit(1758210275.133:152): pid=6448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.462" name="file1" dev="loop0" ino=4 res=0 errno=0 [ 194.752576][ T6448] ERROR: (device loop0): dbAllocAG: unable to allocate blocks [ 194.752576][ T6448] [ 194.770725][ T4267] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer [ 194.778517][ T5622] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 194.794100][ T5622] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.820872][ T5622] usb 5-1: config 0 descriptor?? [ 194.832494][ T6448] ERROR: (device loop0): dbDiscardAG: -EIO [ 194.832494][ T6448] [ 194.856230][ T5622] cp210x 5-1:0.0: cp210x converter detected [ 195.019476][ T6487] loop3: detected capacity change from 0 to 164 [ 195.032129][ T6487] ISOFS: Unable to identify CD-ROM format. [ 195.260510][ T5622] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 195.295619][ T5622] usb 5-1: cp210x converter now attached to ttyUSB0 [ 195.355635][ T5624] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 195.547871][ T5624] usb 4-1: config 0 has an invalid interface number: 107 but max is 0 [ 195.565576][ T5624] usb 4-1: config 0 has no interface number 0 [ 195.577619][ T5624] usb 4-1: New USB device found, idVendor=08fd, idProduct=0002, bcdDevice=ca.fd [ 195.610460][ T5624] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 195.611365][ T6440] loop2: detected capacity change from 0 to 40427 [ 195.618541][ T5624] usb 4-1: Product: syz [ 195.618559][ T5624] usb 4-1: Manufacturer: syz [ 195.618578][ T5624] usb 4-1: SerialNumber: syz [ 195.632433][ T5624] usb 4-1: config 0 descriptor?? [ 195.651176][ T6499] could not allocate digest TFM handle sha1-ce [ 195.763720][ T6500] loop0: detected capacity change from 0 to 32768 [ 195.835710][ T6500] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 195.864458][ T6500] syz.0.472 sent an empty control message without MSG_MORE. [ 195.889783][ T6500] (syz.0.472,6500,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=288, inode=0, rec_len=0, name_len=0 [ 196.067887][ T4275] ocfs2: Unmounting device (7,0) on (node local) [ 196.193826][ T6526] mmap: syz.2.475 (6526): VmData 37597184 exceed data ulimit 1. Update limits or use boot option ignore_rlimit_data. [ 196.874776][ T14] usb 5-1: USB disconnect, device number 7 [ 196.894190][ T14] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 196.915022][ T14] cp210x 5-1:0.0: device disconnected [ 197.490381][ T6563] loop4: detected capacity change from 0 to 2048 [ 197.541214][ T6563] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 197.932778][ T6567] loop4: detected capacity change from 0 to 32768 [ 197.990573][ T4314] usb 4-1: USB disconnect, device number 6 [ 198.026315][ T6567] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 198.131247][ T6567] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 198.158722][ T6567] (syz.4.483,6567,0):ocfs2_read_blocks_sync:112 ERROR: status = -12 [ 198.175839][ T6567] (syz.4.483,6567,1):update_backups:188 ERROR: status = -12 [ 198.183191][ T6567] ocfs2: Failed to update super blocks on 7,4 during fs resize. This condition is not fatal, but fsck.ocfs2 should be run to fix it [ 198.362344][ T27] audit: type=1326 audit(1758210278.753:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20338eba9 code=0x7ffc0000 [ 198.546256][ T4276] ocfs2: Unmounting device (7,4) on (node local) [ 198.611823][ T27] audit: type=1326 audit(1758210278.753:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20338eba9 code=0x7ffc0000 [ 198.712195][ T27] audit: type=1326 audit(1758210278.753:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc20338d510 code=0x7ffc0000 [ 198.826318][ T27] audit: type=1326 audit(1758210278.753:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fc2033903d7 code=0x7ffc0000 [ 198.912758][ T27] audit: type=1326 audit(1758210278.753:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc20338eba9 code=0x7ffc0000 [ 199.003459][ T27] audit: type=1326 audit(1758210278.753:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fc2033903d7 code=0x7ffc0000 [ 199.111867][ T27] audit: type=1326 audit(1758210278.753:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc20338d80a code=0x7ffc0000 [ 199.190942][ T6587] loop3: detected capacity change from 0 to 32768 [ 199.202458][ T27] audit: type=1326 audit(1758210278.763:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20338eba9 code=0x7ffc0000 [ 199.257029][ T27] audit: type=1326 audit(1758210278.763:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc20338eba9 code=0x7ffc0000 [ 199.296828][ T6587] XFS (loop3): Mounting V5 Filesystem [ 199.361760][ T27] audit: type=1326 audit(1758210278.763:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc20338eba9 code=0x7ffc0000 [ 199.406555][ T6587] XFS (loop3): Ending clean mount [ 199.816666][ T27] audit: type=1326 audit(1758210278.763:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc20338ebe3 code=0x7ffc0000 [ 199.985662][ T27] audit: type=1326 audit(1758210279.073:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6586 comm="syz.3.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc20338d65f code=0x7ffc0000 [ 200.169768][ T6612] Invalid option length (1048372) for dns_resolver key [ 200.519110][ T4267] XFS (loop3): Unmounting Filesystem [ 201.565612][ T4321] usb 1-1: new full-speed USB device number 10 using dummy_hcd [ 202.775535][ C0] sched: RT throttling activated [ 203.097126][ T4321] usb 1-1: config 0 has an invalid interface number: 52 but max is 0 [ 203.111091][ T4321] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 203.130383][ T4321] usb 1-1: config 0 has no interface number 0 [ 203.140999][ T4321] usb 1-1: config 0 interface 52 has no altsetting 0 [ 203.166101][ T4321] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00 [ 203.187442][ T4321] usb 1-1: New USB device strings: Mfr=0, Product=234, SerialNumber=34 [ 203.211782][ T4321] usb 1-1: Product: syz [ 203.224487][ T4321] usb 1-1: SerialNumber: syz [ 203.253179][ T4321] usb 1-1: config 0 descriptor?? [ 203.435998][ T6654] loop3: detected capacity change from 0 to 4096 [ 203.545041][ T6654] ntfs: volume version 3.1. [ 203.778671][ T14] usb 1-1: USB disconnect, device number 10 [ 204.110024][ T6673] __ntfs_error: 70 callbacks suppressed [ 204.110046][ T6673] ntfs: (device loop3): map_mft_record(): Failed with error code 4. [ 204.124194][ T6673] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -4. Marking corrupt inode 0x44 as bad. Run chkdsk. [ 204.427083][ T4267] ntfs: (device loop3): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 206.670533][ T6723] loop3: detected capacity change from 0 to 256 [ 206.680188][ T6720] loop2: detected capacity change from 0 to 2048 [ 206.707829][ T6723] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 206.918544][ T6720] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 207.922441][ T6763] netlink: 60 bytes leftover after parsing attributes in process `syz.0.530'. [ 207.965090][ T6762] loop2: detected capacity change from 0 to 1024 [ 207.970035][ T6763] netlink: 60 bytes leftover after parsing attributes in process `syz.0.530'. [ 207.992868][ T6766] loop3: detected capacity change from 0 to 256 [ 208.018013][ T6766] UDF-fs: bad mount option "" or missing value [ 208.070501][ T6762] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 208.392675][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 208.632549][ T6813] loop3: detected capacity change from 0 to 128 [ 208.674684][ T6813] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 208.715619][ T6813] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 209.088810][ T6826] loop2: detected capacity change from 0 to 164 [ 209.614535][ T6828] loop0: detected capacity change from 0 to 512 [ 209.622784][ T6828] EXT4-fs: Ignoring removed nobh option [ 209.659048][ T6822] Bluetooth: MGMT ver 1.22 [ 209.844309][ T6828] fscrypt (loop0, inode 2): Error -61 getting encryption context [ 209.912523][ T6828] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -61 [ 209.955657][ T6828] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #13: comm syz.0.541: casefold flag without casefold feature [ 209.955721][ T6843] loop3: detected capacity change from 0 to 8 [ 209.985993][ T6828] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.541: couldn't read orphan inode 13 (err -117) [ 210.037786][ T6828] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 210.049657][ T6843] SQUASHFS error: zlib decompression failed, data probably corrupt [ 210.091645][ T6828] EXT4-fs (loop0): re-mounted. Quota mode: writeback. [ 210.098681][ T6843] SQUASHFS error: Failed to read block 0x9b: -5 [ 210.123298][ T6843] SQUASHFS error: Unable to read metadata cache entry [99] [ 210.151271][ T6843] SQUASHFS error: Unable to read inode 0x127 [ 210.389877][ T4275] EXT4-fs (loop0): unmounting filesystem. [ 211.190531][ T6871] xt_hashlimit: size too large, truncated to 1048576 [ 211.281280][ T6878] netlink: 'syz.4.550': attribute type 25 has an invalid length. [ 211.298750][ T6878] netlink: 'syz.4.550': attribute type 7 has an invalid length. [ 211.972015][ T6847] loop2: detected capacity change from 0 to 32768 [ 212.121257][ T6847] XFS (loop2): Mounting V5 Filesystem [ 212.195706][ T4314] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 212.342071][ T6847] XFS (loop2): Ending clean mount [ 212.353614][ T6847] XFS (loop2): Quotacheck needed: Please wait. [ 212.378253][ T6924] loop4: detected capacity change from 0 to 512 [ 212.445795][ T4314] usb 1-1: Using ep0 maxpacket: 8 [ 212.459135][ T6924] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 212.474035][ T6847] XFS (loop2): Quotacheck: Done. [ 212.485629][ T4314] usb 1-1: unable to get BOS descriptor or descriptor too short [ 212.552095][ T6924] EXT4-fs (loop4): orphan cleanup on readonly fs [ 212.590253][ T4314] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 212.610375][ T6924] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #16: comm syz.4.559: casefold flag without casefold feature [ 212.631617][ T4314] usb 1-1: can't read configurations, error -71 [ 212.660914][ T6924] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.559: couldn't read orphan inode 16 (err -117) [ 212.693700][ T6924] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 212.812530][ T4279] XFS (loop2): Unmounting Filesystem [ 212.860010][ T4276] EXT4-fs (loop4): unmounting filesystem. [ 213.118696][ T6943] loop0: detected capacity change from 0 to 256 [ 213.215635][ T129] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 213.422700][ T129] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 213.464262][ T129] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64 [ 213.494752][ T129] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 213.524219][ T129] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.555924][ T129] usb 5-1: Product: syz [ 213.570320][ T129] usb 5-1: Manufacturer: syz [ 213.574958][ T129] usb 5-1: SerialNumber: syz [ 213.599467][ T6937] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 213.792775][ T6967] netlink: 'syz.0.568': attribute type 7 has an invalid length. [ 214.153714][ T6971] loop2: detected capacity change from 0 to 1024 [ 214.967721][ T129] cdc_ncm 5-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 214.974219][ T129] cdc_ncm 5-1:1.0: dwNtbInMaxSize=1023 is too small. Using 2048 [ 215.005595][ T129] cdc_ncm 5-1:1.0: setting rx_max = 2048 [ 215.198175][ T129] cdc_ncm 5-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.4-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 215.249288][ T129] usb 5-1: USB disconnect, device number 8 [ 215.269760][ T129] cdc_ncm 5-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.4-1, CDC NCM (NO ZLP) [ 215.542224][ T7018] loop3: detected capacity change from 0 to 1024 [ 215.626280][ T7018] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 215.654229][ T7018] ext4 filesystem being mounted at /117/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.765169][ T7018] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 3: comm syz.3.578: lblock 3 mapped to illegal pblock 3 (length 3) [ 215.784236][ T7031] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: comm syz.3.578: lblock 0 mapped to illegal pblock 0 (length 3) [ 215.845729][ T7018] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 215.908826][ T7018] EXT4-fs (loop3): This should not happen!! Data will be lost [ 215.908826][ T7018] [ 216.436171][ T41] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:2: lblock 8 mapped to illegal pblock 8 (length 8) [ 216.464683][ T7041] netlink: 8 bytes leftover after parsing attributes in process `syz.2.583'. [ 216.505598][ T41] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 216.580105][ T41] EXT4-fs (loop3): This should not happen!! Data will be lost [ 216.580105][ T41] [ 216.613946][ T7045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.586'. [ 216.624997][ T4267] EXT4-fs (loop3): unmounting filesystem. [ 217.062033][ T7079] Invalid option length (626) for dns_resolver key [ 217.405055][ T7105] loop4: detected capacity change from 0 to 256 [ 217.434679][ T7105] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 217.526702][ T5621] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 217.795600][ T5621] usb 3-1: Using ep0 maxpacket: 8 [ 217.803132][ T5621] usb 3-1: unable to get BOS descriptor or descriptor too short [ 217.818812][ T5621] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 217.834549][ T5621] usb 3-1: config 1 has no interface number 1 [ 217.845217][ T5621] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 217.870445][ T5621] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 61, changing to 7 [ 217.897400][ T5621] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 217.913187][ T5621] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.931365][ T5621] usb 3-1: Product: syz [ 217.944054][ T5621] usb 3-1: Manufacturer: syz [ 217.956175][ T5621] usb 3-1: SerialNumber: syz [ 218.331944][ T5621] usb 3-1: 2:1 : unsupported sample bitwidth 8 in 5 bytes [ 218.471406][ T5621] usb 3-1: USB disconnect, device number 9 [ 218.589288][ T7158] loop4: detected capacity change from 0 to 512 [ 218.616342][ T7158] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 218.649577][ T7158] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 218.710998][ T7158] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 218.726088][ T7158] EXT4-fs (loop4): 1 truncate cleaned up [ 218.737271][ T5072] udevd[5072]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 218.754531][ T7158] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 218.814091][ T7158] EXT4-fs error (device loop4): ext4_lookup:1858: inode #16: comm syz.4.605: iget: bad i_size value: 5497558147880 [ 218.828867][ T7171] 9pnet_fd: Insufficient options for proto=fd [ 218.835768][ T14] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 218.937471][ T7158] EXT4-fs error (device loop4): ext4_lookup:1858: inode #16: comm syz.4.605: iget: bad i_size value: 5497558147880 [ 219.213648][ T14] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 219.225964][ T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.279157][ T14] usb 4-1: config 0 descriptor?? [ 219.291354][ T14] cp210x 4-1:0.0: cp210x converter detected [ 219.563807][ T7157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 219.572392][ T7157] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.472212][ T4276] EXT4-fs (loop4): unmounting filesystem. [ 220.788659][ T14] cp210x 4-1:0.0: failed to get vendor val 0x370b size 1: -71 [ 220.796297][ T14] cp210x 4-1:0.0: querying part number failed [ 220.806677][ T14] usb 4-1: cp210x converter now attached to ttyUSB0 [ 220.821483][ T14] usb 4-1: USB disconnect, device number 7 [ 220.881245][ T14] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 220.904569][ T14] cp210x 4-1:0.0: device disconnected [ 222.714498][ T7266] loop2: detected capacity change from 0 to 1024 [ 223.046875][ T7266] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 223.577881][ T7284] loop4: detected capacity change from 0 to 8 [ 224.187502][ T7284] SQUASHFS error: lzo decompression failed, data probably corrupt [ 224.195422][ T7284] SQUASHFS error: Failed to read block 0x91: -5 [ 224.201734][ T7284] SQUASHFS error: Unable to read metadata cache entry [8f] [ 224.209011][ T7284] SQUASHFS error: Unable to read inode 0x107 [ 224.325803][ T7266] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 224.415234][ T7294] 9pnet_fd: Insufficient options for proto=fd [ 226.099508][ T4279] EXT4-fs (loop2): unmounting filesystem. [ 226.123577][ T7327] netlink: 76 bytes leftover after parsing attributes in process `syz.1.648'. [ 226.485787][ T5622] usb 4-1: new full-speed USB device number 8 using dummy_hcd [ 226.712845][ T5622] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 226.733245][ T5622] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 226.770821][ T5622] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 226.782764][ T5622] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 226.795781][ T5622] usb 4-1: SerialNumber: syz [ 226.823308][ T5622] usb 4-1: 0:2 : does not exist [ 227.035622][ T4327] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 227.267040][ T4327] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 227.294693][ T4327] usb 3-1: New USB device found, idVendor=046d, idProduct=ca03, bcdDevice= 0.00 [ 227.333528][ T4327] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.344826][ T4327] usb 3-1: config 0 descriptor?? [ 227.534427][ T4322] usb 4-1: USB disconnect, device number 8 [ 227.687443][ T7383] loop4: detected capacity change from 0 to 1024 [ 228.432419][ T4327] logitech 0003:046D:CA03.0003: nested delimiters [ 228.446176][ T4327] logitech 0003:046D:CA03.0003: item 0 1 2 10 parsing failed [ 228.456082][ T4327] logitech 0003:046D:CA03.0003: parse failed [ 228.462133][ T4327] logitech: probe of 0003:046D:CA03.0003 failed with error -22 [ 228.673049][ T4327] usb 3-1: USB disconnect, device number 10 [ 228.791100][ T7415] 9pnet_fd: Insufficient options for proto=fd [ 228.813775][ T7416] loop4: detected capacity change from 0 to 16 [ 228.868554][ T7416] erofs: (device loop4): mounted with root inode @ nid 36. [ 228.990823][ T7427] loop3: detected capacity change from 0 to 512 [ 229.010473][ T7427] EXT4-fs: Ignoring removed bh option [ 229.051712][ T7427] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 229.118903][ T7427] EXT4-fs (loop3): 1 truncate cleaned up [ 229.143421][ T7427] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 229.421161][ T4267] EXT4-fs (loop3): unmounting filesystem. [ 229.624916][ T7449] Bluetooth: MGMT ver 1.22 [ 230.343169][ T7452] loop3: detected capacity change from 0 to 512 [ 230.527654][ T7452] EXT4-fs (loop3): 1 orphan inode deleted [ 230.533502][ T7452] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 230.561042][ T4545] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 230.571960][ T7452] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 230.581007][ T4545] EXT4-fs error (device loop3): ext4_release_dquot:6852: comm kworker/u4:9: Failed to release dquot type 1 [ 230.599850][ T7466] netlink: 12 bytes leftover after parsing attributes in process `syz.0.678'. [ 230.674386][ T7452] EXT4-fs (loop3): unmounting filesystem. [ 231.264876][ T7500] loop3: detected capacity change from 0 to 8 [ 231.315316][ T7500] SQUASHFS error: lzo decompression failed, data probably corrupt [ 231.323469][ T7500] SQUASHFS error: Failed to read block 0x91: -5 [ 231.329832][ T7500] SQUASHFS error: Unable to read metadata cache entry [8f] [ 231.337130][ T7500] SQUASHFS error: Unable to read inode 0x107 [ 232.336424][ T7533] fuse: Bad value for 'fd' [ 232.383064][ T7537] loop3: detected capacity change from 0 to 8 [ 232.511600][ T7546] loop4: detected capacity change from 0 to 8 [ 232.585991][ T7546] SQUASHFS error: lzo decompression failed, data probably corrupt [ 232.626550][ T7546] SQUASHFS error: Failed to read block 0x91: -5 [ 232.632843][ T7546] SQUASHFS error: Unable to read metadata cache entry [8f] [ 232.687668][ T7546] SQUASHFS error: Unable to read inode 0x107 [ 233.931496][ T7585] loop4: detected capacity change from 0 to 512 [ 233.997970][ T7585] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 237.496135][ T7585] EXT4-fs: error -4 creating inode table initialization thread [ 237.660654][ T7585] EXT4-fs (loop4): mount failed [ 238.305290][ T7615] loop3: detected capacity change from 0 to 8 [ 238.372538][ T7615] SQUASHFS error: lzo decompression failed, data probably corrupt [ 238.440245][ T7615] SQUASHFS error: Failed to read block 0x91: -5 [ 238.471331][ T7615] SQUASHFS error: Unable to read metadata cache entry [8f] [ 238.482856][ T7615] SQUASHFS error: Unable to read inode 0x107 [ 238.524352][ T7621] loop4: detected capacity change from 0 to 2048 [ 238.588928][ T7621] EXT4-fs: Ignoring removed bh option [ 238.768938][ T7621] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 238.950784][ T4276] EXT4-fs (loop4): unmounting filesystem. [ 240.218089][ T7665] loop3: detected capacity change from 0 to 1024 [ 240.310293][ T7665] EXT4-fs: Ignoring removed nobh option [ 240.365581][ T7665] EXT4-fs: Ignoring removed bh option [ 240.447763][ T7665] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 240.582103][ T7665] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 240.632984][ T7686] loop4: detected capacity change from 0 to 512 [ 240.762243][ T7686] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 240.789843][ T4267] EXT4-fs (loop3): unmounting filesystem. [ 240.791713][ T7686] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 240.928812][ T7686] [ 240.931192][ T7686] ====================================================== [ 240.938307][ T7686] WARNING: possible circular locking dependency detected [ 240.945350][ T7686] syzkaller #0 Not tainted [ 240.949805][ T7686] ------------------------------------------------------ [ 240.956831][ T7686] syz.4.737/7686 is trying to acquire lock: [ 240.962714][ T7686] ffff888054f10c90 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x903/0x1b60 [ 240.972208][ T7686] [ 240.972208][ T7686] but task is already holding lock: [ 240.979562][ T7686] ffff888077c1a208 (&s->s_dquot.dqio_sem){++++}-{3:3}, at: v2_write_dquot+0x12b/0x190 [ 240.989129][ T7686] [ 240.989129][ T7686] which lock already depends on the new lock. [ 240.989129][ T7686] [ 240.999525][ T7686] [ 240.999525][ T7686] the existing dependency chain (in reverse order) is: [ 241.008534][ T7686] [ 241.008534][ T7686] -> #2 (&s->s_dquot.dqio_sem){++++}-{3:3}: [ 241.016611][ T7686] down_read+0x42/0x2d0 [ 241.021301][ T7686] v2_read_dquot+0x4a/0x110 [ 241.026326][ T7686] dquot_acquire+0x152/0x520 [ 241.031433][ T7686] ext4_acquire_dquot+0x2d9/0x4a0 [ 241.036974][ T7686] dqget+0x778/0xeb0 [ 241.041390][ T7686] __dquot_initialize+0x3b6/0xcb0 [ 241.046930][ T7686] ext4_mknod+0x91/0x4a0 [ 241.051691][ T7686] vfs_mknod+0x424/0x4c0 [ 241.056446][ T7686] unix_bind+0x5bd/0xec0 [ 241.061208][ T7686] __sys_bind+0x2f4/0x3f0 [ 241.066054][ T7686] __x64_sys_bind+0x76/0x80 [ 241.071074][ T7686] do_syscall_64+0x4c/0xa0 [ 241.076006][ T7686] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 241.082427][ T7686] [ 241.082427][ T7686] -> #1 (&dquot->dq_lock){+.+.}-{3:3}: [ 241.090065][ T7686] __mutex_lock+0x120/0xaf0 [ 241.095095][ T7686] dquot_commit+0x5a/0x410 [ 241.100027][ T7686] ext4_write_dquot+0x1f0/0x360 [ 241.105399][ T7686] mark_all_dquot_dirty+0x1e3/0x400 [ 241.111113][ T7686] __dquot_free_space+0x7ec/0xbc0 [ 241.116655][ T7686] ext4_free_blocks+0x1bab/0x2640 [ 241.122204][ T7686] ext4_ext_remove_space+0x1f0d/0x4490 [ 241.128180][ T7686] ext4_ext_truncate+0x211/0x370 [ 241.133635][ T7686] ext4_truncate+0xa0b/0x1230 [ 241.138831][ T7686] ext4_evict_inode+0xb35/0x1100 [ 241.144291][ T7686] evict+0x485/0x870 [ 241.148710][ T7686] ext4_orphan_cleanup+0xbd3/0x1400 [ 241.154429][ T7686] ext4_fill_super+0x7bc2/0x8150 [ 241.159886][ T7686] get_tree_bdev+0x3f1/0x610 [ 241.165080][ T7686] vfs_get_tree+0x88/0x270 [ 241.170021][ T7686] do_new_mount+0x24a/0xa40 [ 241.175045][ T7686] __se_sys_mount+0x2d6/0x3c0 [ 241.180243][ T7686] do_syscall_64+0x4c/0xa0 [ 241.185181][ T7686] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 241.191597][ T7686] [ 241.191597][ T7686] -> #0 (&ei->i_data_sem/2){++++}-{3:3}: [ 241.199417][ T7686] __lock_acquire+0x2cf8/0x7c50 [ 241.204790][ T7686] lock_acquire+0x1b4/0x490 [ 241.209818][ T7686] down_write+0x36/0x60 [ 241.214498][ T7686] ext4_map_blocks+0x903/0x1b60 [ 241.219875][ T7686] ext4_getblk+0x1ab/0x6d0 [ 241.224821][ T7686] ext4_bread+0x26/0x170 [ 241.229596][ T7686] ext4_quota_write+0x230/0x570 [ 241.234969][ T7686] find_free_dqentry+0x673/0xc20 [ 241.240433][ T7686] do_insert_tree+0x70d/0x1040 [ 241.245730][ T7686] do_insert_tree+0x9ae/0x1040 [ 241.251010][ T7686] do_insert_tree+0x9ae/0x1040 [ 241.256318][ T7686] do_insert_tree+0x9ae/0x1040 [ 241.261613][ T7686] qtree_write_dquot+0x48d/0x5b0 [ 241.267074][ T7686] v2_write_dquot+0x108/0x190 [ 241.272276][ T7686] dquot_acquire+0x2d5/0x520 [ 241.277380][ T7686] ext4_acquire_dquot+0x2d9/0x4a0 [ 241.282920][ T7686] dqget+0x778/0xeb0 [ 241.287330][ T7686] __dquot_initialize+0x328/0xcb0 [ 241.292872][ T7686] ext4_create+0x8c/0x460 [ 241.297725][ T7686] path_openat+0x1187/0x2e70 [ 241.302829][ T7686] do_filp_open+0x1c1/0x3c0 [ 241.307846][ T7686] do_sys_openat2+0x142/0x490 [ 241.313038][ T7686] __x64_sys_openat+0x135/0x160 [ 241.318405][ T7686] do_syscall_64+0x4c/0xa0 [ 241.323339][ T7686] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 241.329764][ T7686] [ 241.329764][ T7686] other info that might help us debug this: [ 241.329764][ T7686] [ 241.339991][ T7686] Chain exists of: [ 241.339991][ T7686] &ei->i_data_sem/2 --> &dquot->dq_lock --> &s->s_dquot.dqio_sem [ 241.339991][ T7686] [ 241.353642][ T7686] Possible unsafe locking scenario: [ 241.353642][ T7686] [ 241.361079][ T7686] CPU0 CPU1 [ 241.366433][ T7686] ---- ---- [ 241.371795][ T7686] lock(&s->s_dquot.dqio_sem); [ 241.376649][ T7686] lock(&dquot->dq_lock); [ 241.383587][ T7686] lock(&s->s_dquot.dqio_sem); [ 241.390960][ T7686] lock(&ei->i_data_sem/2); [ 241.395576][ T7686] [ 241.395576][ T7686] *** DEADLOCK *** [ 241.395576][ T7686] [ 241.403721][ T7686] 4 locks held by syz.4.737/7686: [ 241.408747][ T7686] #0: ffff888077c1a460 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 241.418447][ T7686] #1: ffff888054f14030 (&type->i_mutex_dir_key#3){++++}-{3:3}, at: path_openat+0x7c2/0x2e70 [ 241.428661][ T7686] #2: ffff888054f3e968 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_acquire+0x63/0x520 [ 241.438063][ T7686] #3: ffff888077c1a208 (&s->s_dquot.dqio_sem){++++}-{3:3}, at: v2_write_dquot+0x12b/0x190 [ 241.448078][ T7686] [ 241.448078][ T7686] stack backtrace: [ 241.453965][ T7686] CPU: 1 PID: 7686 Comm: syz.4.737 Not tainted syzkaller #0 [ 241.461267][ T7686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 241.471364][ T7686] Call Trace: [ 241.474651][ T7686] [ 241.477584][ T7686] dump_stack_lvl+0x168/0x22e [ 241.482280][ T7686] ? load_image+0x3b0/0x3b0 [ 241.486793][ T7686] ? show_regs_print_info+0x12/0x12 [ 241.491995][ T7686] ? print_circular_bug+0x12b/0x1a0 [ 241.497196][ T7686] check_noncircular+0x274/0x310 [ 241.502139][ T7686] ? add_chain_block+0x940/0x940 [ 241.507082][ T7686] ? lockdep_lock+0xdc/0x1e0 [ 241.511673][ T7686] ? __lock_acquire+0x13c0/0x7c50 [ 241.516695][ T7686] ? _find_first_zero_bit+0xcf/0x100 [ 241.521983][ T7686] __lock_acquire+0x2cf8/0x7c50 [ 241.526851][ T7686] ? verify_lock_unused+0x140/0x140 [ 241.532054][ T7686] ? verify_lock_unused+0x140/0x140 [ 241.537267][ T7686] lock_acquire+0x1b4/0x490 [ 241.541768][ T7686] ? ext4_map_blocks+0x903/0x1b60 [ 241.546800][ T7686] ? __might_sleep+0xd0/0xd0 [ 241.551391][ T7686] ? read_lock_is_recursive+0x10/0x10 [ 241.556761][ T7686] ? percpu_counter_add_batch+0x13b/0x160 [ 241.562497][ T7686] ? rcu_is_watching+0x11/0xa0 [ 241.567273][ T7686] ? ext4_es_lookup_extent+0x443/0xb20 [ 241.572730][ T7686] down_write+0x36/0x60 [ 241.576885][ T7686] ? ext4_map_blocks+0x903/0x1b60 [ 241.581918][ T7686] ext4_map_blocks+0x903/0x1b60 [ 241.586779][ T7686] ? ext4_es_lookup_extent+0x443/0xb20 [ 241.592240][ T7686] ? ext4_issue_zeroout+0x250/0x250 [ 241.597440][ T7686] ? kasan_set_track+0x4b/0x70 [ 241.602213][ T7686] ? find_free_dqentry+0x55/0xc20 [ 241.607247][ T7686] ? do_insert_tree+0x70d/0x1040 [ 241.612191][ T7686] ? do_insert_tree+0x9ae/0x1040 [ 241.617139][ T7686] ? ext4_issue_zeroout+0x250/0x250 [ 241.622353][ T7686] ? v2_write_dquot+0x108/0x190 [ 241.627213][ T7686] ext4_getblk+0x1ab/0x6d0 [ 241.631633][ T7686] ? __x64_sys_openat+0x135/0x160 [ 241.636656][ T7686] ? do_syscall_64+0x4c/0xa0 [ 241.641247][ T7686] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 241.647319][ T7686] ? ext4_get_block_unwritten+0x100/0x100 [ 241.653038][ T7686] ? ext4_getblk+0x2a8/0x6d0 [ 241.657628][ T7686] ? ext4_get_block_unwritten+0x100/0x100 [ 241.663348][ T7686] ext4_bread+0x26/0x170 [ 241.667593][ T7686] ext4_quota_write+0x230/0x570 [ 241.672446][ T7686] ? ext4_quota_read+0x380/0x380 [ 241.677386][ T7686] ? ext4_quota_read+0x305/0x380 [ 241.682320][ T7686] ? check_dquot_block_header+0x212/0x2f0 [ 241.688059][ T7686] ? ext4_quota_read+0x380/0x380 [ 241.692996][ T7686] find_free_dqentry+0x673/0xc20 [ 241.697944][ T7686] do_insert_tree+0x70d/0x1040 [ 241.702712][ T7686] do_insert_tree+0x9ae/0x1040 [ 241.707484][ T7686] do_insert_tree+0x9ae/0x1040 [ 241.712257][ T7686] do_insert_tree+0x9ae/0x1040 [ 241.717024][ T7686] qtree_write_dquot+0x48d/0x5b0 [ 241.721960][ T7686] ? qtree_entry_unused+0xe0/0xe0 [ 241.726982][ T7686] ? rwsem_write_trylock+0x12f/0x1b0 [ 241.732264][ T7686] ? trace_contention_end+0x5f/0x170 [ 241.737549][ T7686] ? preempt_count_add+0x8d/0x190 [ 241.742570][ T7686] v2_write_dquot+0x108/0x190 [ 241.747244][ T7686] dquot_acquire+0x2d5/0x520 [ 241.751830][ T7686] ext4_acquire_dquot+0x2d9/0x4a0 [ 241.756854][ T7686] dqget+0x778/0xeb0 [ 241.760751][ T7686] __dquot_initialize+0x328/0xcb0 [ 241.765780][ T7686] ? dquot_initialize+0x20/0x20 [ 241.770633][ T7686] ? d_splice_alias+0x110/0x320 [ 241.775506][ T7686] ? ext4_lookup+0x2ce/0x6d0 [ 241.780106][ T7686] ext4_create+0x8c/0x460 [ 241.784451][ T7686] ? ext4_lookup+0x6d0/0x6d0 [ 241.789047][ T7686] ? inode_permission+0xef/0x480 [ 241.793991][ T7686] ? bpf_lsm_inode_create+0x5/0x10 [ 241.799105][ T7686] ? security_inode_create+0xb3/0x100 [ 241.804478][ T7686] ? ext4_lookup+0x6d0/0x6d0 [ 241.809068][ T7686] path_openat+0x1187/0x2e70 [ 241.813663][ T7686] ? do_filp_open+0x3c0/0x3c0 [ 241.818344][ T7686] do_filp_open+0x1c1/0x3c0 [ 241.822844][ T7686] ? vfs_tmpfile+0x480/0x480 [ 241.827438][ T7686] ? _raw_spin_unlock+0x24/0x40 [ 241.832298][ T7686] ? alloc_fd+0x58f/0x630 [ 241.836630][ T7686] do_sys_openat2+0x142/0x490 [ 241.841318][ T7686] ? do_sys_open+0xe0/0xe0 [ 241.845739][ T7686] ? lockdep_hardirqs_on_prepare+0x3fc/0x760 [ 241.851722][ T7686] ? lock_chain_count+0x20/0x20 [ 241.856578][ T7686] __x64_sys_openat+0x135/0x160 [ 241.861433][ T7686] do_syscall_64+0x4c/0xa0 [ 241.865868][ T7686] ? clear_bhb_loop+0x60/0xb0 [ 241.870547][ T7686] ? clear_bhb_loop+0x60/0xb0 [ 241.875231][ T7686] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 241.881136][ T7686] RIP: 0033:0x7fef5a58eba9 [ 241.885563][ T7686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.905166][ T7686] RSP: 002b:00007fef5b493038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 241.913581][ T7686] RAX: ffffffffffffffda RBX: 00007fef5a7d5fa0 RCX: 00007fef5a58eba9 [ 241.921552][ T7686] RDX: 0000000000000040 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 241.929522][ T7686] RBP: 00007fef5a611e19 R08: 0000000000000000 R09: 0000000000000000 [ 241.937486][ T7686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.945451][ T7686] R13: 00007fef5a7d6038 R14: 00007fef5a7d5fa0 R15: 00007fff212efe08 [ 241.953427][ T7686] [ 241.963432][ T7705] loop3: detected capacity change from 0 to 16 [ 242.021265][ T7705] erofs: (device loop3): mounted with root inode @ nid 36. [ 242.040323][ T5622] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 242.287009][ T4276] EXT4-fs (loop4): unmounting filesystem. [ 242.485635][ T5622] usb 3-1: Using ep0 maxpacket: 16 [ 242.559056][ T5622] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 242.722973][ T5622] usb 3-1: config 0 has no interfaces? [ 242.801412][ T5622] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 4.00 [ 242.852300][ T5622] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 242.903170][ T5622] usb 3-1: Product: syz [ 242.930878][ T5622] usb 3-1: Manufacturer: syz [ 242.960521][ T5622] usb 3-1: SerialNumber: syz [ 243.072431][ T5622] usb 3-1: config 0 descriptor?? [ 243.432050][ T7695] loop2: detected capacity change from 0 to 512 [ 243.445934][ T7695] ext4: Unknown parameter 'noacl' [ 243.601864][ T5622] usb 3-1: USB disconnect, device number 11