last executing test programs: 11.862974207s ago: executing program 0: openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000180), 0x8, 0x0) r2 = signalfd4(r1, &(0x7f00000000c0), 0x8, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x10042, 0x0) pwrite64(r3, &(0x7f0000000080)='=', 0x1, 0x800b5eb) sendfile(r2, r3, 0x0, 0x1000000000006) close(0x3) socket$nl_route(0x10, 0x3, 0x0) pselect6(0x40, &(0x7f0000000040)={0xa}, 0x0, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) 11.190939202s ago: executing program 4: mlockall(0x1) r0 = msgget$private(0x0, 0x0) semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000680)=""/160) 10.70822478s ago: executing program 0: mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mount$9p_virtio(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x40000, 0x0) openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) 7.363026843s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/262, 0x106}], 0x1}, 0x0) sendmsg(r3, &(0x7f00000009c0)={0x0, 0x0, 0x0}, 0x0) 6.441362355s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) writev(r2, &(0x7f0000000800)=[{&(0x7f0000000a40)="c03601e08ce091c1cb9b6c870b5712c18dcf", 0x12}, {0x0}], 0x2) 5.859817718s ago: executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0xcd, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f000000a3013528e2"], 0x0}, 0x0) 5.842806782s ago: executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001940)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000040000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = dup(r2) sendmsg$netlink(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)=[{0x0, 0x1b8}], 0x1}, 0x0) 5.750841574s ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) r1 = socket(0x10, 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10) write(r1, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) socket$inet6(0xa, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfed7) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x0, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x3ffffffffffffda, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x64000600) recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400}) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000407b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r7}, 0x10) pipe2$9p(&(0x7f0000000040), 0x0) 5.38029313s ago: executing program 4: timer_create(0x0, 0x0, 0x0) mlockall(0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) getcwd(&(0x7f0000000000)=""/145, 0x91) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) write$binfmt_misc(0xffffffffffffffff, 0x0, 0xfffffcdd) syz_open_procfs(0x0, &(0x7f0000000000)='net/unix\x00') sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xa9) timer_create(0x0, 0x0, &(0x7f0000000100)=0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x0, 0x0}) timer_settime(0x0, 0x0, 0x0, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0xfffffcdd) socketpair$nbd(0x1, 0x1, 0x0, 0x0) gettid() timer_settime(r0, 0x1, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) write$binfmt_misc(0xffffffffffffffff, 0x0, 0xfffffcdd) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100000000033) 3.308166249s ago: executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)={0x78, r3, 0xb7a006d1969b963b, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x59, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1}, {}, @device_b, @device_b}, 0x0, @default, 0x0, @void, @val, @void, @val={0x4, 0x6}, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @val={0x3c, 0x4}, @void, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}]}, 0x78}}, 0x0) 2.912449844s ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r0, 0x58, &(0x7f0000000240)}, 0x10) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) ioctl$SIOCSIFHWADDR(r1, 0x8b04, &(0x7f0000001200)={'wlan1\x00', @random="e1fffffffdfd"}) 2.859603805s ago: executing program 2: mkdir(0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) getegid() 2.852677946s ago: executing program 1: syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0xd5, 0xbb, 0x3f, 0x10, 0x403, 0xf850, 0x9981, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1f, 0x92, 0xfe}}]}}]}}, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 2.490327193s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000f40)=ANY=[@ANYBLOB="696f636861727365743d617363696900f1652c696f1e716b917365743d757466382c6e6f7672732c74000020acdc6ccf12fc2289215e4cf0690f9e7a280306dca93a9e0c471dcca261ecbfef7d2c689c923248fa9b4088a7ae1c236c0610e0d94663276aaad729233c1b8662d91bda299ad42d27bce2aaf403b00e01f9b18db781ff3c0e179108254e55b32dbedc4116bf5bf3179d05c6725190d783d5d996242d8e14ddb0d65017e6819f0264081c08d474216c5976e81757a9521f170a4fda7988bef80456155b5c7874a0806025ff017cc12aa9f4022ffb459047d400b694f592011b0a434741ebe55eb13ee21c2b4d6012211be0be85440646438465f71ba617c3cdf70e2436ac56ee186c66dff01181bf5bbecb2b386676fa6691ca7ad5276878e264f82cbcb33e48949bb7a132bbbe11cb4a7f2f0eb6fe1744f39baab9cd2eefc26500d0fc199810cd3dfdde4a37ef0bdc0d0f72baa7093d5e8e02f9f68e6d0d6ec9f15247880affc233ffcd9fb5168e62a3eeae33a1058afc2fff1216bcb998bc736307324ab146be1c2e5df28280b4e33e69c89f28e0ed16a470d41354698bf8bcfb0facce28c75ef863bf59210be9d4b1d2c2b623ec67e408fc872f5bef51c9d8d41f45b0cd1ff0787c29a4e0eb2ca772757e5f40a8c1988b514214217b5aa93f3f92d0db4a8b05364e5c5fe1692519d7e25ea9f3e40724b5de8e1649946162d3e77c09530e4277d5a392f5e2ac0493dc8fc120618c1166b24d865240c27551a349cc001ae3a56e522b1b3e4a2045075dff6f9514b24a000000000000000000", @ANYRESOCT, @ANYBLOB="0700000000000000bfd2696e6963622c7569643da02afa50cfaf7ef0b1136bb846c3dca93e00005965802071679add0000000000000000d1c3122f42ea96037a96b9522cba05114b1d06b523f39b61b9cf307b30998e0bf0d34de32a48605911737fe408577290a186e912c59fd4492df747f495da7617c456798a622dae5e5631a46fe76111dc37855e0295a34c646f4c3e54f149b16b056083c35865aa5d932539f0b4c9d952c2306bd4d41812d8d8f95b8eefb320bdfe0b82196d0208cd4a08f03410cf89160f62f28c8b77a10455ab7f06978896198c9c078dc983a02f769dc808dbe3c9443d0eb3ef9330d01d5d26e6672da4fcf4493833090c0dd12f35385f05c649716b76aada5a024358fe914c7fc1220b0bfb1a7ee91dab5cadd65fac8166ff005a56364fa5f4dcc9de1e0d78c5a30c57ba77ab113069b628ff5855abb3d1859bfcf71df7b1f734216f68479dee950c61b5177edafdb456f31e7365a6e26635d25fc2b7f38bf798d0ba69b1c871ea1a2c1c59a9ff24095410e61080ebd36bed60cb9438b9602aa1d46de30be0924278c8ca4acb4351f5221dfe3c2daceb15ebed45f3b477a42a53dbd58d1c2a4236a3f3a0ca0553a66645e00322bdbb29746c2bcd58f9e6fce46d46559d3865971a2cdec16fee7632907ac72cef45f95b74dcea95dfda5c83eb34385bc0b707639752eb7b0ede35acb809a2883236681ed543ab7fbff198511bcbf4df8ae460a958e4204f0500bf23676dfb0d8b7075219e8b79ede316e583cf69475f0d583ca73f62d019d49166605880d233eb3940327e265ecaf15fe74ab31a5f8f253de901881791e7589a9252b9", @ANYRES64, @ANYRESHEX], 0x9, 0xc56, &(0x7f0000001bc0)="$eJzs3U9sHNd9B/DfGy3FldzWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spC3TSw89BC2KHnIpgdYokKKB0RRBj0zrAsnFhyKnntgWNoKiB7YIEKBAwGJm34pLirRlkZQo+fOxqe/szHsz782sZ2RBb14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG/9fKFk6fSNhsOPYDGAAD3xaWxL588vd3zHwB4ZF3e6f//AQAAAAAAAAAAAACAgyJFEU9EirlLa2mi+txRv9juu3lrfHhk+2pHUlXzUFW+/KmfOn3m7BeeHzrXzYvtmfepv9c+Fa+OXb7QeGn2xtz81MLC1GRjfKZ9dXZy6q73sNv6Ww1WJ6Bx47Wbk9euLTROP3dm0+ZbA+/1P3Zs4PzQMyee7pYdHx4ZGdsoUu8tX7vnhnTsNMLjcBRxIlI8+50fp1ZEFLH7c1G/v9d+qyNVJwarTowPj1QdmW63ZhbLjaPdE1FENHoqNbvnaPtrEbW++9qHnTUjlsrmlw0eLLs3Nteab12ZnmqMtuYX24vt2ZnR1Glt2Z9GFHEuRSxHxGr/nbvriyJqkeJbj6+lK/mtH9V5+Hw1MHjndhT72Me7ULaz0RexXDwE1+wA648iXokUP3n7eFzN95nqXvO5iFfK/F7Em2W+GJHKL8bZiHe3+R7xcKpFEX9SXv/za2myuh907ysXv9L40sy12Z6y3fvKh3w+3HGneEDPhyNb8v444PemehTRqu74a+nef7MDAAAAAAAAAAAAAAAAwF47EkV8MlK8/K+/V40rjmpc+uPnh3574Od7x4w/9QH7Kcs+FxFLxd2NyT2cBwaOptGUdhxL/Kf/vunjARkz9yipRxG/n8f/feNBNwYAAAAAAAAAAAAAAAAAAOAjrYgfRYoX3jmelqN3TvH2zPXG5daV6c6ssN25f7tzpq+vr683UiebOSdyLuVczrmSczVnFLl+zmbOiZxLOZdzruRczRmHcv2czZwTOZdyLudcybmaM2q5fs5mzomcSzmXc67kXM3pPQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHuviCJ+Fim++bW1FCkimhET0cmV/gfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1J+K+G6kaPxO8/a6WkSk6t+O4+UvZ6N5uMyPR3OozBejeSFnq8pa8xsPoP3sTl8q4oeRor/+1u0Lnq9/X+fT7a9BvPn1jU+fqnXyUHfjwHv9jx17/PzQyGee2mk5bdeAwYvtmZu3GuPDIyNjPatr+egf71k3kI9b7E3XiYiF1994rTU9PTV/7wvlV2AX1R+ihVT7qPTUQrUQtQPRjAfT903qD+oGxb4qn//vRopff+ffug/8zvO/Hj/X+XT7CR8//YOItNJZfmHrju7y+V/bWi8//8tn+nbP/yd61r2QfzfSV4uoL96Y6zsWUV94/Y0T7Rut61PXp2bOnjz5xaGhL5452Xc4on6tPT3Vs7Q35wsAAAAAAAAAAAAAAADgvklF/GakaP1wLTUi4lY1Xmvg/NAzJ54+FIeq8Vabxm2/Onb5QuOl2Rtz81MLC1OTjfGZ9tXZyam7PVy9Gu41PjyyL535QEf2uf1H6i/Nzr0+377+u4vbbj9av3BlYXG+dXX7zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/vL5UxH9EiqtnG+mzeV0e/791hP+m8f9LW3e0h+P/P3N0Y/zfx3qKlsdMqYifRopf+7On4rNVO4/GHecsl/vrSDF47tO5XBwuy3Xb0HmvQGdkYFn2fyLF3/9sc9nueMgnNsqe+lAn9yFQXv/HI8V3//jb8ct53eb3P2x//Y9u3dE+vf/hyZ51Rze9r2DXXSdf/xOR4sUn3opfqdb83/u+/6P77o3jncIb7+fYp+v/iz3rBvJxf3WvOg8AAAAAAAAAAPAQ60tF/E2k+P5ILT2f193N3/+b3Lqjffr7X5/oWTe5N/MVfeDCrk8qAAAAABwQfamIH0WK64tv3R5DvXn8d8/4z9/YGP85nLZsrf6c7xeq9wbs5Z//9RrIx53YfbcBAAAAAAAAAAAAAAAAAADgQEmpiOfzfOoT3bd97jCf+kqkePm/nq3KpUjHynLdeeAHql/rl2ZnTlyYnp6tx2LryvRUY2yudXWqrPtkpFj7q0/nukU1v3p3vvnOHO8bc7HPR4qRv+2W7czF3p2b/MmNsqfKsh+LFP/5d5vL5qmp89zRVdnTZdm/iBRf/cftyx7bKHumLPvtSPGDrza6ZY+WZbvvR/3ERtnnrq6vr//h3l8WAAAAAAAAAAAAAAAAAAAAPmL6UhF/FCn++8ZyHsu/3t/dlLPWLfvm13vm+9/iVjXP/0A1//+tv4yI7nLP+nuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHU4oi3ogUc5fW0kp/+bmjfrE9c/PW+PDI9tWOpKrmoap8+VM/dfrM2S88P3Sum+9ff699Ml4du3yh8dLsjbn5qYWFqcnG+Ez76uzk1F3vYbf1txqsTkDjxms3J69dW2icfu7Mps23Bt7rf+zYwPmhZ0483S07PjwyMtZTptZ3z0e/Q9ph/eEo4s8jxbPf+XH6fn9EEbs/Fx/w3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RfbgWu9KMWCqbXzZ4sOze2FxrvnVleqox2ppfbC+2Z2dGU6e1ZX8aUcS5FLEcEav9d+6uL4p4LVJ86/G19E/9EYe65+Hzl8a+fPL0zu0o9rGPd6FsZ6MvYrl4CK7ZAdYfRfxDpPjJ28fjn/sjatH5ic9FvFLm9yLejM71TuUX42zEu9t8j3g41aKI/y2v//m19HZ/eT/o3lcufqXxpZlrsz1lu/eVh/75cD8d8HtTPYr4QXXHX0v/4r9rAAAAAAAAAAAAAAAAgAOkiF+KFC+8czxV44Nvjyluz1xvXG5dme4M6+uO/euOmV5fX19vpE42c07kXMq5nHMl52rOKHL9nM0y6+vrE/nzUs7lnCs5V3PGoVw/ZzPnRM6lnMs5V3Ku5oxarp+zmXMi51LO5ZwrOVdzxgEZuwcAAAAAAAAAAAAAAAAAADxaiuqfFN/82lpa7+/MLz0RnVwxH+gj7/8DAAD//6hz/pQ=") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.current\x00', 0x275a, 0x0) symlinkat(&(0x7f00000001c0)='./file2\x00', 0xffffffffffffff9c, &(0x7f0000000240)='./file6\x00') renameat2(0xffffffffffffff9c, &(0x7f0000000b80)='./file6\x00', 0xffffffffffffff9c, &(0x7f0000000bc0)='./file7\x00', 0x0) 2.387028212s ago: executing program 2: mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x0) 1.978945702s ago: executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0'}, 0xb) 1.753886263s ago: executing program 3: io_submit(0x0, 0x0, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}}) 1.459807496s ago: executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_RESET(r0, 0x5002, 0x0) 1.328506628s ago: executing program 2: openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) socket$pptp(0x18, 0x1, 0x2) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e05002720"], 0x8) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) 1.280383838s ago: executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@ipv6_delrule={0x38, 0x21, 0x1, 0x0, 0x0, {}, [@FRA_SRC={0x14, 0x2, @empty}, @FIB_RULE_POLICY=@FRA_FWMASK={0x8, 0x10, 0x2}]}, 0x38}}, 0x0) 988.238244ms ago: executing program 0: bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) chdir(0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) capset(0x0, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) pipe2$9p(0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) dup(0xffffffffffffffff) r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r1, &(0x7f0000000440)=""/247, 0x26) unshare(0x8000000) shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x840000088}, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x1, @time}) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0xc0a85320, &(0x7f0000000100)) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0xc08c5335, &(0x7f0000000180)) tkill(r0, 0x7) 828.557414ms ago: executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x8001ff, 0x2) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020"]) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x80045515, 0x0) 806.167314ms ago: executing program 2: r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x8001ff, 0x2) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020"]) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x80045515, 0x0) 650.319903ms ago: executing program 1: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000050000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) timer_getoverrun(0x0) 500.305316ms ago: executing program 4: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000050000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) timer_create(0x0, 0x0, &(0x7f00000011c0)) timer_getoverrun(0x0) 230.923822ms ago: executing program 2: r0 = syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/178, 0xb2}], 0x1}, 0x0, 0xc0012121}) io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0) write(r3, &(0x7f0000000200)='~', 0xb7) 218.981291ms ago: executing program 1: socket$nl_netfilter(0x10, 0x3, 0xc) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]}) syz_emit_ethernet(0x58, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000e8ffffffb702000008000000b7030000000000008500000006000000460000000000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r1}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 121.377609ms ago: executing program 0: r0 = socket$l2tp(0x2, 0x2, 0x73) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000280)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x4d}, {0x6}]}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) bind$l2tp(r0, &(0x7f00000001c0)={0x2, 0x0, @loopback}, 0x10) connect$l2tp(r0, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000140), 0x4) sendfile(r0, r2, &(0x7f0000000000), 0x7) 63.541052ms ago: executing program 3: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @remote, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10) write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0'}, 0xb) 0s ago: executing program 4: gettid() openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000030000000900010073797a30000000005c000000030a05000000000000000000030000000900010073797a30000000001400048008000240000000000800014000000000090003"], 0xa4}}, 0x0) setsockopt$MRT_PIM(0xffffffffffffffff, 0x0, 0xcf, &(0x7f00000000c0), 0x4) kernel console output (not intermixed with test programs): .271184][ T5763] fuse: Bad value for 'fd' [ 291.313946][ T5089] bcachefs (loop0): shutdown complete [ 291.380335][ T29] audit: type=1804 audit(1717234875.002:19): pid=5763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir2845660855/syzkaller.diYMRZ/21/file0" dev="sda1" ino=1959 res=1 errno=0 [ 291.880136][ T5766] loop3: detected capacity change from 0 to 512 [ 291.993062][ T5766] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 292.291707][ T5766] Quota error (device loop3): v2_read_file_info: Number of blocks too big for quota file size (2164663523328 > 4127201280). [ 292.305334][ T5766] EXT4-fs warning (device loop3): ext4_enable_quotas:7100: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 292.551810][ T5766] EXT4-fs (loop3): mount failed [ 292.738981][ T5770] loop4: detected capacity change from 0 to 32768 [ 292.937350][ T5770] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 292.953088][ T5770] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 293.183301][ T5770] bcachefs (loop4): alloc_read... done [ 293.189168][ T5770] bcachefs (loop4): stripes_read... done [ 293.195377][ T5770] bcachefs (loop4): snapshots_read... done [ 293.214227][ T5770] bcachefs (loop4): journal_replay... done [ 293.220538][ T5770] bcachefs (loop4): resume_logged_ops... done [ 293.227120][ T5770] bcachefs (loop4): going read-write [ 293.342962][ T5770] bcachefs (loop4): done starting filesystem [ 293.457741][ T5788] bcachefs (loop4): going read-only [ 293.463397][ T5788] bcachefs (loop4): finished waiting for writes to stop [ 293.570985][ T29] audit: type=1326 audit(1717234877.082:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5768 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff23dc7cee9 code=0x0 [ 293.674956][ T5788] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 293.847506][ T5788] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 293.895610][ T5784] loop2: detected capacity change from 0 to 32768 [ 293.992025][ T5788] bcachefs (loop4): shutdown complete, journal seq 11 [ 293.999725][ T5788] bcachefs (loop4): marking filesystem clean [ 294.563172][ T5784] loop2: detected capacity change from 0 to 2048 [ 294.593867][ T5784] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 294.605198][ T5784] NILFS (loop2): unrecognized mount option "nob" [ 294.851277][ T5080] bcachefs (loop4): shutting down [ 295.206757][ T5791] loop3: detected capacity change from 0 to 32768 [ 295.264449][ T5080] bcachefs (loop4): shutdown complete [ 295.402534][ T5791] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 295.978908][ T5791] XFS (loop3): Ending clean mount [ 296.022239][ T5804] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 296.029378][ T5803] loop0: detected capacity change from 0 to 512 [ 296.053936][ T5791] XFS (loop3): Quotacheck needed: Please wait. [ 296.177856][ T5803] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino [ 296.282233][ T5803] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 296.302328][ T5791] XFS (loop3): Quotacheck: Done. [ 296.437085][ T5803] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 296.533084][ T5085] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 296.790818][ T29] audit: type=1800 audit(1717234880.432:21): pid=5810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1964 res=0 errno=0 [ 297.392875][ T5089] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.650329][ T5815] fuse: Bad value for 'fd' [ 297.789095][ T29] audit: type=1804 audit(1717234881.362:22): pid=5815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir1692032383/syzkaller.OBGxHI/25/file0" dev="sda1" ino=1954 res=1 errno=0 [ 298.137597][ T5813] loop1: detected capacity change from 0 to 32768 [ 298.369930][ T5813] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 298.384610][ T5813] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 298.576444][ T5813] bcachefs (loop1): alloc_read... done [ 298.582436][ T5813] bcachefs (loop1): stripes_read... done [ 298.588434][ T5813] bcachefs (loop1): snapshots_read... done [ 298.606416][ T5813] bcachefs (loop1): journal_replay... done [ 298.612671][ T5813] bcachefs (loop1): resume_logged_ops... done [ 298.619208][ T5813] bcachefs (loop1): going read-write [ 298.693165][ T5813] bcachefs (loop1): done starting filesystem [ 298.921140][ T29] audit: type=1326 audit(1717234882.542:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd6fbe7cee9 code=0x0 [ 299.578963][ T5076] bcachefs (loop1): shutting down [ 299.588884][ T5076] bcachefs (loop1): going read-only [ 299.595773][ T5076] bcachefs (loop1): finished waiting for writes to stop [ 299.670368][ T5829] loop0: detected capacity change from 0 to 32768 [ 299.697438][ T5829] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (5829) [ 299.709450][ T5076] bcachefs (loop1): flushing journal and stopping allocators, journal seq 10 [ 299.722003][ T5076] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 10 [ 299.784922][ T5076] bcachefs (loop1): shutdown complete, journal seq 11 [ 299.797522][ T5076] bcachefs (loop1): marking filesystem clean [ 300.339348][ T5829] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 300.351044][ T5829] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 300.361457][ T5829] BTRFS info (device loop0): using free-space-tree [ 300.825219][ T5076] bcachefs (loop1): shutdown complete [ 301.663215][ T5089] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 303.820435][ T29] audit: type=1326 audit(1717234887.322:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5859 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f90d507cee9 code=0x0 [ 303.851862][ T5864] loop3: detected capacity change from 0 to 32768 [ 304.097048][ T5868] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 304.547584][ T5864] loop3: detected capacity change from 0 to 2048 [ 304.574959][ T5864] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 304.585258][ T5864] NILFS (loop3): unrecognized mount option "nob" [ 305.641515][ T5872] loop0: detected capacity change from 0 to 32768 [ 305.770321][ T5877] loop3: detected capacity change from 0 to 512 [ 305.809635][ T5872] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 305.926953][ T5877] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 305.997713][ T5877] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 306.090627][ T5877] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 306.358314][ T29] audit: type=1800 audit(1717234889.952:25): pid=5889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1952 res=0 errno=0 [ 306.907805][ T29] audit: type=1804 audit(1717234890.522:26): pid=5893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir2845660855/syzkaller.diYMRZ/26/file0" dev="sda1" ino=1948 res=1 errno=0 [ 307.038078][ T5872] XFS (loop0): Ending clean mount [ 307.098670][ T5872] XFS (loop0): Quotacheck needed: Please wait. [ 307.222842][ T5872] XFS (loop0): Quotacheck: Done. [ 307.551504][ T5089] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 307.612770][ T5899] loop1: detected capacity change from 0 to 512 [ 307.707059][ T5899] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 307.936897][ T5899] Quota error (device loop1): v2_read_file_info: Number of blocks too big for quota file size (2164663523328 > 4127201280). [ 307.950510][ T5899] EXT4-fs warning (device loop1): ext4_enable_quotas:7100: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 308.195774][ T5899] EXT4-fs (loop1): mount failed [ 308.247335][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.436372][ T5904] loop4: detected capacity change from 0 to 32768 [ 308.464266][ T5904] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (5904) [ 308.484009][ T5904] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 308.500970][ T5904] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 308.511183][ T5904] BTRFS info (device loop4): using free-space-tree [ 309.592178][ T5080] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 310.297236][ T5932] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 312.616032][ T5942] loop3: detected capacity change from 0 to 32768 [ 313.188235][ T5942] loop3: detected capacity change from 0 to 2048 [ 313.331474][ T5942] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 313.341630][ T5942] NILFS (loop3): unrecognized mount option "nob" [ 313.547701][ T5947] loop4: detected capacity change from 0 to 32768 [ 313.737101][ T5947] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 313.751523][ T5947] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 314.014005][ T5947] bcachefs (loop4): alloc_read... done [ 314.019868][ T5947] bcachefs (loop4): stripes_read... done [ 314.030666][ T5947] bcachefs (loop4): snapshots_read... done [ 314.050231][ T5947] bcachefs (loop4): journal_replay... done [ 314.056387][ T5947] bcachefs (loop4): resume_logged_ops... done [ 314.063003][ T5947] bcachefs (loop4): going read-write [ 314.107462][ T29] audit: type=1800 audit(1717234897.732:27): pid=5958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1952 res=0 errno=0 [ 314.132767][ T5947] bcachefs (loop4): done starting filesystem [ 314.218512][ T29] audit: type=1326 audit(1717234897.862:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5946 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff23dc7cee9 code=0x0 [ 314.260666][ T5963] bcachefs (loop4): going read-only [ 314.266181][ T5963] bcachefs (loop4): finished waiting for writes to stop [ 314.315735][ T5963] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 314.369605][ T5963] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 314.424876][ T5963] bcachefs (loop4): shutdown complete, journal seq 11 [ 314.436791][ T5963] bcachefs (loop4): marking filesystem clean [ 314.728959][ T5969] loop2: detected capacity change from 0 to 512 [ 314.797571][ T5080] bcachefs (loop4): shutting down [ 314.924843][ T5080] bcachefs (loop4): shutdown complete [ 314.972899][ T5969] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino [ 315.075182][ T5969] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 315.107514][ T5969] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 315.116351][ T5967] "syz-executor.3" (5967) uses obsolete ecb(arc4) skcipher [ 315.728892][ T5978] loop1: detected capacity change from 0 to 512 [ 316.079153][ T5978] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 316.177034][ T5084] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 316.206537][ T5978] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 316.324061][ T5978] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 316.559021][ T5977] loop3: detected capacity change from 0 to 32768 [ 316.973168][ T5977] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (5977) [ 317.361747][ T5977] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 317.374460][ T5977] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 317.384686][ T5977] BTRFS info (device loop3): using free-space-tree [ 318.423345][ T6003] ptrace attach of "/root/syz-executor.2 exec"[5084] was attempted by ""[6003] [ 318.542170][ T5078] Bluetooth: hci3: Ignoring connect complete event for invalid link type [ 318.883061][ T5085] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 319.413391][ T5076] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.676592][ T6012] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 320.691623][ T6016] loop1: detected capacity change from 0 to 32768 [ 320.704712][ T5078] Bluetooth: hci3: command tx timeout [ 320.816245][ T6018] loop4: detected capacity change from 0 to 32768 [ 321.075681][ T6018] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 321.224378][ T29] audit: type=1800 audit(1717234904.852:29): pid=6028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1949 res=0 errno=0 [ 322.150697][ T6018] XFS (loop4): Ending clean mount [ 322.200241][ T6018] XFS (loop4): Quotacheck needed: Please wait. [ 322.448888][ T6018] XFS (loop4): Quotacheck: Done. [ 322.544785][ T6031] loop2: detected capacity change from 0 to 32768 [ 322.651213][ T6037] loop3: detected capacity change from 0 to 512 [ 322.764813][ T6037] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 322.791282][ T5080] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 322.803160][ T5078] Bluetooth: hci3: command tx timeout [ 322.925059][ T6037] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 322.968311][ T6031] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 322.982772][ T6031] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 323.002038][ T6037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.227536][ T6031] bcachefs (loop2): alloc_read... done [ 323.233651][ T6031] bcachefs (loop2): stripes_read... done [ 323.244420][ T6031] bcachefs (loop2): snapshots_read... done [ 323.264032][ T6031] bcachefs (loop2): journal_replay... done [ 323.270376][ T6031] bcachefs (loop2): resume_logged_ops... done [ 323.276926][ T6031] bcachefs (loop2): going read-write [ 323.351237][ T6031] bcachefs (loop2): done starting filesystem [ 323.503693][ T29] audit: type=1326 audit(1717234907.082:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6030 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff1f3e7cee9 code=0x0 [ 323.527495][ T6054] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_rx_wq": -EINTR [ 323.543774][ T6060] bcachefs (loop2): going read-only [ 323.564164][ T6060] bcachefs (loop2): finished waiting for writes to stop [ 323.706130][ T6060] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 323.745118][ T6037] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 323.791923][ T6060] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 323.829340][ T6060] bcachefs (loop2): shutdown complete, journal seq 11 [ 323.837110][ T6060] bcachefs (loop2): marking filesystem clean [ 324.174905][ T5084] bcachefs (loop2): shutting down [ 324.372086][ T5084] bcachefs (loop2): shutdown complete [ 324.387094][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.566876][ T6072] loop1: detected capacity change from 0 to 512 [ 324.720766][ T6072] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 324.819086][ T6072] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 324.910925][ T6072] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 325.502244][ T6076] loop3: detected capacity change from 0 to 32768 [ 325.667487][ T6076] loop3: detected capacity change from 0 to 2048 [ 325.701437][ T6076] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 325.711545][ T6076] NILFS (loop3): unrecognized mount option "nob" [ 326.010214][ T29] audit: type=1800 audit(1717234909.582:31): pid=6080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1964 res=0 errno=0 [ 326.292608][ T5076] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 327.343421][ T6084] loop0: detected capacity change from 0 to 32768 [ 327.515625][ T6089] loop1: detected capacity change from 0 to 1024 [ 327.537353][ T6084] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 328.015365][ T61] hfsplus: b-tree write err: -5, ino 4 [ 328.764260][ T6108] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 329.131549][ T6103] loop4: detected capacity change from 0 to 32768 [ 329.170699][ T6084] XFS (loop0): Ending clean mount [ 329.320720][ T6084] XFS (loop0): Quotacheck needed: Please wait. [ 329.396307][ T6103] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 329.410770][ T6103] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 329.650783][ T6103] bcachefs (loop4): alloc_read... done [ 329.656668][ T6103] bcachefs (loop4): stripes_read... done [ 329.662919][ T6103] bcachefs (loop4): snapshots_read... done [ 329.681104][ T6103] bcachefs (loop4): journal_replay... done [ 329.681231][ T6084] XFS (loop0): Quotacheck: Done. [ 329.687170][ T6103] bcachefs (loop4): resume_logged_ops... done [ 329.704595][ T6103] bcachefs (loop4): going read-write [ 329.779207][ T5089] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 329.820785][ T6103] bcachefs (loop4): done starting filesystem [ 329.853862][ T29] audit: type=1326 audit(1717234913.532:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6102 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff23dc7cee9 code=0x0 [ 329.967421][ T6124] bcachefs (loop4): going read-only [ 329.974058][ T6124] bcachefs (loop4): finished waiting for writes to stop [ 330.043482][ T6124] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 330.054320][ T6123] loop1: detected capacity change from 0 to 512 [ 330.092996][ T6124] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10 [ 330.176545][ T6124] bcachefs (loop4): shutdown complete, journal seq 11 [ 330.184976][ T6124] bcachefs (loop4): marking filesystem clean [ 330.247727][ T6123] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 330.295785][ T6123] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 330.363111][ T6129] loop2: detected capacity change from 0 to 512 [ 330.382044][ T6123] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.439632][ T6129] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino [ 330.518692][ T6129] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 330.554233][ T5080] bcachefs (loop4): shutting down [ 330.680849][ T6129] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.834385][ T6123] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 330.844205][ T5080] bcachefs (loop4): shutdown complete [ 331.630216][ T5076] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.812079][ T29] audit: type=1800 audit(1717234915.402:33): pid=6134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1945 res=0 errno=0 [ 332.475476][ T5084] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.079163][ T6150] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 333.182634][ T6147] loop2: detected capacity change from 0 to 1024 [ 333.805206][ T5081] Bluetooth: hci1: command 0x0406 tx timeout [ 333.815611][ T5091] Bluetooth: hci0: command 0x0406 tx timeout [ 333.826534][ T5081] Bluetooth: hci3: command 0x0406 tx timeout [ 333.833449][ T5091] Bluetooth: hci2: command 0x0406 tx timeout [ 333.842612][ T5081] Bluetooth: hci4: command 0x0406 tx timeout [ 333.985646][ T3622] hfsplus: b-tree write err: -5, ino 4 [ 334.408622][ T6153] loop0: detected capacity change from 0 to 32768 [ 335.233284][ T6162] loop4: detected capacity change from 0 to 32768 [ 335.334855][ T6164] loop1: detected capacity change from 0 to 32768 [ 335.382025][ T6153] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 335.785256][ T6164] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 335.799709][ T6164] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 335.948924][ T6162] loop4: detected capacity change from 0 to 2048 [ 335.963059][ T6162] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 335.973031][ T6162] NILFS (loop4): unrecognized mount option "nob" [ 336.152831][ T6178] loop3: detected capacity change from 0 to 512 [ 336.208148][ T6164] bcachefs (loop1): alloc_read... done [ 336.214701][ T6164] bcachefs (loop1): stripes_read... done [ 336.220947][ T6164] bcachefs (loop1): snapshots_read... done [ 336.238942][ T6164] bcachefs (loop1): journal_replay... done [ 336.251261][ T6164] bcachefs (loop1): resume_logged_ops... done [ 336.257837][ T6164] bcachefs (loop1): going read-write [ 336.308538][ T6164] bcachefs (loop1): done starting filesystem [ 336.361767][ T6178] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 336.376808][ T6178] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 336.392281][ T6178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.406611][ T6187] bcachefs (loop1): going read-only [ 336.413232][ T6187] bcachefs (loop1): finished waiting for writes to stop [ 336.426428][ T29] audit: type=1326 audit(1717234920.032:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6156 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd6fbe7cee9 code=0x0 [ 336.453455][ T29] audit: type=1800 audit(1717234920.052:35): pid=6184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1971 res=0 errno=0 [ 336.507600][ T6187] bcachefs (loop1): flushing journal and stopping allocators, journal seq 10 [ 336.534448][ T6153] XFS (loop0): Ending clean mount [ 336.547570][ T6187] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 10 [ 336.579542][ T6153] XFS (loop0): Quotacheck needed: Please wait. [ 336.694905][ T6187] bcachefs (loop1): shutdown complete, journal seq 11 [ 336.702684][ T6187] bcachefs (loop1): marking filesystem clean [ 336.765285][ T6153] XFS (loop0): Quotacheck: Done. [ 336.873669][ T6178] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 336.954417][ T5089] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 337.135627][ T5076] bcachefs (loop1): shutting down [ 337.236781][ T5076] bcachefs (loop1): shutdown complete [ 337.812464][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.405644][ T6202] loop4: detected capacity change from 0 to 1024 [ 339.035440][ T4407] hfsplus: b-tree write err: -5, ino 4 [ 340.045271][ T6210] loop3: detected capacity change from 0 to 32768 [ 340.455419][ T6214] loop4: detected capacity change from 0 to 32768 [ 340.600487][ T29] audit: type=1800 audit(1717234923.302:36): pid=6213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 340.720833][ T6210] loop3: detected capacity change from 0 to 2048 [ 340.746329][ T6210] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 340.761024][ T6210] NILFS (loop3): unrecognized mount option "nob" [ 341.191374][ T6214] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 341.266849][ T6216] loop2: detected capacity change from 0 to 32768 [ 341.994910][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 342.001718][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 342.093538][ T6214] XFS (loop4): Ending clean mount [ 342.193778][ T6216] loop2: detected capacity change from 0 to 2048 [ 342.223349][ T6216] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 342.233420][ T6216] NILFS (loop2): unrecognized mount option "nob" [ 342.480292][ T6214] XFS (loop4): Quotacheck needed: Please wait. [ 342.666405][ T6229] loop3: detected capacity change from 0 to 512 [ 342.775226][ T6227] loop0: detected capacity change from 0 to 32768 [ 342.884566][ T6214] XFS (loop4): Quotacheck: Done. [ 342.962022][ T6229] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 343.053741][ T6227] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 343.083091][ T6227] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 343.139954][ T5080] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 343.186515][ T6229] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 343.282163][ T6227] bcachefs (loop0): alloc_read... done [ 343.288011][ T6227] bcachefs (loop0): stripes_read... done [ 343.294157][ T6227] bcachefs (loop0): snapshots_read... done [ 343.317866][ T6227] bcachefs (loop0): journal_replay... done [ 343.325465][ T6227] bcachefs (loop0): resume_logged_ops... done [ 343.333000][ T6229] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 343.347241][ T6227] bcachefs (loop0): going read-write [ 343.394115][ T6227] bcachefs (loop0): done starting filesystem [ 343.521328][ T29] audit: type=1326 audit(1717234927.152:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6226 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f90d507cee9 code=0x0 [ 343.569644][ T6250] bcachefs (loop0): going read-only [ 343.575970][ T6250] bcachefs (loop0): finished waiting for writes to stop [ 343.640802][ T6229] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 343.676139][ T6250] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10 [ 343.728139][ T6250] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10 [ 343.779183][ T6250] bcachefs (loop0): shutdown complete, journal seq 11 [ 343.788983][ T6250] bcachefs (loop0): marking filesystem clean [ 344.172293][ T5089] bcachefs (loop0): shutting down [ 344.240429][ T6256] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 344.266196][ T6256] loop1: detected capacity change from 0 to 64 [ 344.315688][ T5089] bcachefs (loop0): shutdown complete [ 344.407962][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.266842][ T29] audit: type=1800 audit(1717234928.892:38): pid=6262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 346.647606][ T6272] loop1: detected capacity change from 0 to 32768 [ 346.914323][ T6273] loop2: detected capacity change from 0 to 32768 [ 347.233529][ T6273] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 347.340405][ T6272] loop1: detected capacity change from 0 to 2048 [ 347.363961][ T6272] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 347.374414][ T6272] NILFS (loop1): unrecognized mount option "nob" [ 348.204064][ T6273] XFS (loop2): Ending clean mount [ 348.219457][ T6273] XFS (loop2): Quotacheck needed: Please wait. [ 348.306949][ T5078] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 348.318669][ T5078] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 348.342172][ T5078] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 348.369613][ T5078] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 348.436815][ T5078] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 348.449127][ T5078] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 348.521077][ T6273] XFS (loop2): Quotacheck: Done. [ 348.856062][ T5084] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 348.859574][ T6289] loop4: detected capacity change from 0 to 512 [ 349.197342][ T6289] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino [ 349.255712][ T6289] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 349.319426][ T6289] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 349.866401][ T3432] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.895517][ T6289] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 350.354840][ T3432] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.522170][ T5078] Bluetooth: hci5: command tx timeout [ 350.726185][ T3432] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.948059][ T5080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.021790][ T6309] loop1: detected capacity change from 0 to 40427 [ 351.039412][ T6309] F2FS-fs (loop1): Invalid log blocks per segment (5) [ 351.046636][ T6309] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 351.076390][ T3432] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.344842][ T6286] chnl_net:caif_netlink_parms(): no params data found [ 351.724309][ T3432] bridge_slave_1: left allmulticast mode [ 351.730434][ T3432] bridge_slave_1: left promiscuous mode [ 351.737065][ T3432] bridge0: port 2(bridge_slave_1) entered disabled state [ 351.857755][ T3432] bridge_slave_0: left allmulticast mode [ 351.863876][ T3432] bridge_slave_0: left promiscuous mode [ 351.870609][ T3432] bridge0: port 1(bridge_slave_0) entered disabled state [ 351.952671][ T29] audit: type=1800 audit(1717234935.522:39): pid=6318 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1942 res=0 errno=0 [ 352.624319][ T5078] Bluetooth: hci5: command tx timeout [ 352.891586][ T3432] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 352.976740][ T3432] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 353.094715][ T3432] bond0 (unregistering): Released all slaves [ 353.630450][ T6326] loop4: detected capacity change from 0 to 32768 [ 354.271962][ T6329] loop1: detected capacity change from 0 to 32768 [ 354.431051][ T6326] loop4: detected capacity change from 0 to 2048 [ 354.449537][ T6326] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 354.450458][ T6329] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 354.459449][ T6326] NILFS (loop4): unrecognized mount option "nob" [ 354.684280][ T5078] Bluetooth: hci5: command tx timeout [ 355.248237][ T3432] hsr_slave_0: left promiscuous mode [ 355.338761][ T3432] hsr_slave_1: left promiscuous mode [ 355.389881][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 355.405244][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 355.446962][ T6347] loop0: detected capacity change from 0 to 512 [ 355.506109][ T3432] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 355.515433][ T3432] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 355.555441][ T6329] XFS (loop1): Ending clean mount [ 355.609550][ T6329] XFS (loop1): Quotacheck needed: Please wait. [ 355.668160][ T6347] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino [ 355.704533][ T3432] veth1_macvtap: left promiscuous mode [ 355.710456][ T3432] veth0_macvtap: left promiscuous mode [ 355.716340][ T3432] veth1_vlan: left promiscuous mode [ 355.722314][ T3432] veth0_vlan: left promiscuous mode [ 355.792763][ T6347] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 355.948014][ T6347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.049287][ T6329] XFS (loop1): Quotacheck: Done. [ 356.352605][ T6362] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 356.423079][ T5076] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 356.773855][ T5078] Bluetooth: hci5: command tx timeout [ 356.875539][ T3432] team0 (unregistering): Port device team_slave_1 removed [ 357.043262][ T3432] team0 (unregistering): Port device team_slave_0 removed [ 357.221775][ T5089] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.104211][ T6377] loop0: detected capacity change from 0 to 64 [ 358.316168][ T6286] bridge0: port 1(bridge_slave_0) entered blocking state [ 358.324084][ T6286] bridge0: port 1(bridge_slave_0) entered disabled state [ 358.332047][ T6286] bridge_slave_0: entered allmulticast mode [ 358.340983][ T6286] bridge_slave_0: entered promiscuous mode [ 358.488386][ T6286] bridge0: port 2(bridge_slave_1) entered blocking state [ 358.496265][ T6286] bridge0: port 2(bridge_slave_1) entered disabled state [ 358.504145][ T6286] bridge_slave_1: entered allmulticast mode [ 358.513228][ T6286] bridge_slave_1: entered promiscuous mode [ 358.635832][ T29] audit: type=1800 audit(1717234942.242:40): pid=6383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1939 res=0 errno=0 [ 359.019835][ T6286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 359.121258][ T6286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 359.501629][ T6286] team0: Port device team_slave_0 added [ 359.560787][ T6286] team0: Port device team_slave_1 added [ 360.385703][ T6396] loop4: detected capacity change from 0 to 32768 [ 360.552407][ T6399] loop0: detected capacity change from 0 to 32768 [ 360.624643][ T6396] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 361.143919][ T6286] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 361.151311][ T6286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 361.179638][ T6286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 361.275328][ T6399] loop0: detected capacity change from 0 to 2048 [ 361.317063][ T6399] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 361.327087][ T6399] NILFS (loop0): unrecognized mount option "nob" [ 361.445252][ T6286] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 361.452496][ T6286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 361.479175][ T6286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 361.496506][ T6396] XFS (loop4): Ending clean mount [ 361.513593][ T6396] XFS (loop4): Quotacheck needed: Please wait. [ 361.640595][ T6413] loop1: detected capacity change from 0 to 512 [ 361.695815][ T6413] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 361.715029][ T6413] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 361.738952][ T6413] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 361.749313][ T6396] XFS (loop4): Quotacheck: Done. [ 361.789561][ T6417] syz-executor.2 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 362.086492][ T5080] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 362.292970][ T6286] hsr_slave_0: entered promiscuous mode [ 362.308477][ T6286] hsr_slave_1: entered promiscuous mode [ 362.324103][ T6286] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 362.332717][ T6286] Cannot create hsr debugfs directory [ 362.517440][ T5076] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.186722][ T6431] loop2: detected capacity change from 0 to 32768 [ 364.220938][ T29] audit: type=1800 audit(1717234947.882:41): pid=6435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1959 res=0 errno=0 [ 364.378209][ T43] usb 5-1: new low-speed USB device number 2 using dummy_hcd [ 364.449460][ T6431] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 364.463946][ T6431] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 364.643110][ T43] usb 5-1: device descriptor read/64, error -71 [ 364.674357][ T6431] bcachefs (loop2): alloc_read... done [ 364.680436][ T6431] bcachefs (loop2): stripes_read... done [ 364.686435][ T6431] bcachefs (loop2): snapshots_read... done [ 364.704538][ T6431] bcachefs (loop2): journal_replay... done [ 364.714230][ T6431] bcachefs (loop2): resume_logged_ops... done [ 364.720893][ T6431] bcachefs (loop2): going read-write [ 364.786263][ T6431] bcachefs (loop2): done starting filesystem [ 364.930699][ T43] usb 5-1: new low-speed USB device number 3 using dummy_hcd [ 364.939451][ T6447] bcachefs (loop2): going read-only [ 364.945288][ T6447] bcachefs (loop2): finished waiting for writes to stop [ 364.961130][ T29] audit: type=1326 audit(1717234948.542:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6430 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff1f3e7cee9 code=0x0 [ 365.088557][ T6447] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 365.181044][ T43] usb 5-1: device descriptor read/64, error -71 [ 365.340990][ T6447] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 365.449475][ T43] usb usb5-port1: attempt power cycle [ 365.802084][ T6447] bcachefs (loop2): shutdown complete, journal seq 11 [ 365.809775][ T6447] bcachefs (loop2): marking filesystem clean [ 365.885199][ T6450] loop1: detected capacity change from 0 to 32768 [ 365.916889][ T6286] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 365.951310][ T6286] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 365.977884][ T6286] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 366.018311][ T6286] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 366.045777][ T43] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 366.092619][ T6450] bcachefs (076a1832-646e-4f3c-b13d-b3e266154efd): filesystem UUID already open [ 366.102492][ T6450] bcachefs (076a1832-646e-4f3c-b13d-b3e266154efd): shutdown complete [ 366.680840][ T43] usb 5-1: device descriptor read/8, error -71 [ 366.732790][ T29] audit: type=1326 audit(1717234950.282:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6446 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd6fbe7cee9 code=0x0 [ 366.771608][ T5084] bcachefs (loop2): shutting down [ 366.975836][ T6449] loop0: detected capacity change from 0 to 4096 [ 366.996041][ T5084] bcachefs (loop2): shutdown complete [ 367.037317][ T6449] ntfs3: loop0: Primary boot: invalid bytes per MFT record 126976 (31). [ 367.101340][ T6449] ntfs3: loop0: try to read out of volume at offset 0x1ffe00 [ 368.061369][ T6465] loop1: detected capacity change from 0 to 1024 [ 368.085945][ T6462] loop4: detected capacity change from 0 to 32768 [ 368.432135][ T6465] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 368.450418][ T6465] IPv6: sit1: Disabled Multicast RS [ 368.452515][ T6462] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 368.458983][ T6465] sit1: entered allmulticast mode [ 368.645246][ T6286] 8021q: adding VLAN 0 to HW filter on device bond0 [ 369.008658][ T6286] 8021q: adding VLAN 0 to HW filter on device team0 [ 369.071564][ T6480] loop0: detected capacity change from 0 to 512 [ 369.102628][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 369.110464][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 369.248728][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 369.256512][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 369.321153][ T6480] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino [ 369.470616][ T6480] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 369.551732][ T6480] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 369.571231][ T6462] XFS (loop4): Ending clean mount [ 369.682513][ T6462] XFS (loop4): Quotacheck needed: Please wait. [ 369.870319][ T6462] XFS (loop4): Quotacheck: Done. [ 369.927104][ T6487] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 370.399482][ T5080] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 370.801351][ T5089] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.816394][ T29] audit: type=1800 audit(1717234954.432:44): pid=6495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1949 res=0 errno=0 [ 372.573461][ T6507] loop1: detected capacity change from 0 to 32768 [ 372.633112][ T6506] loop2: detected capacity change from 0 to 32768 [ 372.872749][ T6286] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 372.930524][ T6507] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 372.944972][ T6507] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 373.188034][ T6507] bcachefs (loop1): alloc_read... done [ 373.194203][ T6507] bcachefs (loop1): stripes_read... done [ 373.202230][ T6507] bcachefs (loop1): snapshots_read... done [ 373.224221][ T6507] bcachefs (loop1): journal_replay... done [ 373.230581][ T6507] bcachefs (loop1): resume_logged_ops... done [ 373.237109][ T6507] bcachefs (loop1): going read-write [ 373.255486][ T8] usb 1-1: new low-speed USB device number 3 using dummy_hcd [ 373.352772][ T6507] bcachefs (loop1): done starting filesystem [ 373.486059][ T29] audit: type=1326 audit(1717234957.082:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6505 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd6fbe7cee9 code=0x0 [ 373.528972][ T6521] bcachefs (loop1): going read-only [ 373.534582][ T6521] bcachefs (loop1): finished waiting for writes to stop [ 373.625764][ T6521] bcachefs (loop1): flushing journal and stopping allocators, journal seq 10 [ 373.695804][ T6286] veth0_vlan: entered promiscuous mode [ 373.714479][ T6521] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 10 [ 373.742330][ T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 373.752944][ T8] usb 1-1: config 0 has no interfaces? [ 373.758678][ T8] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 373.768097][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.820834][ T6521] bcachefs (loop1): shutdown complete, journal seq 11 [ 373.832684][ T6521] bcachefs (loop1): marking filesystem clean [ 373.856931][ T8] usb 1-1: config 0 descriptor?? [ 373.894413][ T6286] veth1_vlan: entered promiscuous mode [ 374.251778][ T10] usb 1-1: USB disconnect, device number 3 [ 374.285363][ T5076] bcachefs (loop1): shutting down [ 374.448509][ T6286] veth0_macvtap: entered promiscuous mode [ 374.503814][ T5076] bcachefs (loop1): shutdown complete [ 374.504384][ T6286] veth1_macvtap: entered promiscuous mode [ 374.532546][ T8] usb 3-1: new low-speed USB device number 2 using dummy_hcd [ 374.666568][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.678849][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.690160][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.700919][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.711384][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.722178][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.732423][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 374.743123][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 374.764308][ T6286] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 375.051638][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 375.069065][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.082779][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 375.093735][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.103828][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 375.114616][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.124752][ T6286] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 375.135537][ T6286] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 375.150311][ T6286] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 375.222432][ T8] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 375.232007][ T8] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 375.241107][ T8] usb 3-1: config 0 has no interface number 0 [ 375.247435][ T8] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 375.262213][ T8] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 375.273614][ T8] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 375.283790][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 375.402664][ T6286] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.411855][ T6286] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.421268][ T6286] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.430500][ T6286] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 375.477561][ T8] usb 3-1: config 0 descriptor?? [ 376.412491][ T6538] loop4: detected capacity change from 0 to 32768 [ 376.476370][ T8] usb 3-1: USB disconnect, device number 2 [ 376.639136][ T6538] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 377.137435][ T6538] XFS (loop4): Ending clean mount [ 377.155521][ T6538] XFS (loop4): Quotacheck needed: Please wait. [ 377.219210][ T6557] loop0: detected capacity change from 0 to 512 [ 377.374459][ T6538] XFS (loop4): Quotacheck: Done. [ 377.621982][ T6557] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino [ 377.701258][ T5080] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 377.720423][ T6557] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 377.804833][ T6557] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 378.135816][ T6557] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 378.707293][ T5089] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 379.431946][ T6575] loop1: detected capacity change from 0 to 4096 [ 379.544030][ T6575] ntfs3: loop1: Primary boot: invalid bytes per MFT record 126976 (31). [ 379.929655][ T6579] loop0: detected capacity change from 0 to 32768 [ 379.950690][ T6575] ntfs3: loop1: try to read out of volume at offset 0x1ffe00 [ 380.371933][ T6583] loop2: detected capacity change from 0 to 32768 [ 380.778537][ T6583] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 380.798899][ T6583] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 381.064758][ T6583] bcachefs (loop2): alloc_read... done [ 381.070771][ T6583] bcachefs (loop2): stripes_read... done [ 381.076779][ T6583] bcachefs (loop2): snapshots_read... done [ 381.101691][ T6583] bcachefs (loop2): journal_replay... done [ 381.107855][ T6583] bcachefs (loop2): resume_logged_ops... done [ 381.114948][ T6583] bcachefs (loop2): going read-write [ 381.174331][ T6583] bcachefs (loop2): done starting filesystem [ 381.327850][ T6599] bcachefs (loop2): going read-only [ 381.333520][ T6599] bcachefs (loop2): finished waiting for writes to stop [ 381.369739][ T29] audit: type=1326 audit(1717234964.912:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6581 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff1f3e7cee9 code=0x0 [ 381.465940][ T6599] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 381.522756][ T6599] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 381.617998][ T6599] bcachefs (loop2): shutdown complete, journal seq 11 [ 381.625719][ T6599] bcachefs (loop2): marking filesystem clean [ 381.878112][ T29] audit: type=1800 audit(1717234965.492:47): pid=6607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1960 res=0 errno=0 [ 381.902509][ T5149] usb 1-1: new low-speed USB device number 4 using dummy_hcd [ 382.133629][ T5084] bcachefs (loop2): shutting down [ 382.267661][ T5084] bcachefs (loop2): shutdown complete [ 382.311435][ T5149] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 382.322045][ T5149] usb 1-1: config 0 has no interfaces? [ 382.331293][ T5149] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 382.341128][ T5149] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.380910][ T5149] usb 1-1: config 0 descriptor?? [ 382.701893][ T781] usb 1-1: USB disconnect, device number 4 [ 382.923790][ T8] usb 5-1: new low-speed USB device number 6 using dummy_hcd [ 383.381233][ T8] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 383.389899][ T8] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 383.398433][ T8] usb 5-1: config 0 has no interface number 0 [ 383.404830][ T8] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 383.415158][ T8] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 383.425443][ T8] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 383.434827][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 383.594973][ T8] usb 5-1: config 0 descriptor?? [ 383.814275][ T6620] loop1: detected capacity change from 0 to 32768 [ 383.893625][ T6620] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 384.127534][ T8] usb 5-1: USB disconnect, device number 6 [ 384.810839][ T6620] XFS (loop1): Ending clean mount [ 384.851360][ T6620] XFS (loop1): Quotacheck needed: Please wait. [ 385.028511][ T6620] XFS (loop1): Quotacheck: Done. [ 385.268080][ T6643] loop4: detected capacity change from 0 to 512 [ 385.432839][ T5076] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 385.472411][ T6643] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino [ 385.565223][ T6643] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 385.596262][ T6643] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 385.788257][ T6643] overlayfs: failed to resolve './file2': -2 [ 385.911055][ T2995] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 385.918994][ T2995] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.173606][ T25] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 386.181810][ T25] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 386.332265][ T6648] loop0: detected capacity change from 0 to 4096 [ 386.372329][ T6648] ntfs3: loop0: Primary boot: invalid bytes per MFT record 126976 (31). [ 386.390645][ T6648] ntfs3: loop0: try to read out of volume at offset 0x1ffe00 [ 386.664527][ T5080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 387.410312][ T6654] loop3: detected capacity change from 0 to 32768 [ 387.487653][ T6655] loop2: detected capacity change from 0 to 32768 [ 387.842338][ T6655] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names [ 387.861322][ T6655] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 388.078253][ T6654] loop3: detected capacity change from 0 to 2048 [ 388.099933][ T6654] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 388.109912][ T6654] NILFS (loop3): unrecognized mount option "nob" [ 388.120778][ T6655] bcachefs (loop2): alloc_read... done [ 388.126626][ T6655] bcachefs (loop2): stripes_read... done [ 388.132939][ T6655] bcachefs (loop2): snapshots_read... done [ 388.151145][ T6655] bcachefs (loop2): journal_replay... done [ 388.157304][ T6655] bcachefs (loop2): resume_logged_ops... done [ 388.169826][ T6655] bcachefs (loop2): going read-write [ 388.246189][ T6655] bcachefs (loop2): done starting filesystem [ 388.287963][ T29] audit: type=1326 audit(1717234971.962:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff1f3e7cee9 code=0x0 [ 388.380752][ T6670] bcachefs (loop2): going read-only [ 388.386270][ T6670] bcachefs (loop2): finished waiting for writes to stop [ 388.428059][ T29] audit: type=1800 audit(1717234972.082:49): pid=6667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1966 res=0 errno=0 [ 388.528581][ T6670] bcachefs (loop2): flushing journal and stopping allocators, journal seq 10 [ 388.586937][ T6670] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 10 [ 388.669179][ T6670] bcachefs (loop2): shutdown complete, journal seq 11 [ 388.686280][ T6670] bcachefs (loop2): marking filesystem clean [ 389.130935][ T5084] bcachefs (loop2): shutting down [ 389.381593][ T5084] bcachefs (loop2): shutdown complete [ 389.597357][ T781] usb 4-1: new low-speed USB device number 2 using dummy_hcd [ 389.609276][ T6675] loop1: detected capacity change from 0 to 32768 [ 389.986298][ T781] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 389.996781][ T781] usb 4-1: config 0 has no interfaces? [ 390.006825][ T781] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 390.017445][ T781] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 390.174185][ T781] usb 4-1: config 0 descriptor?? [ 390.659555][ T780] usb 4-1: USB disconnect, device number 2 [ 391.210979][ T6686] loop4: detected capacity change from 0 to 32768 [ 391.264763][ T6686] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 391.579272][ T6700] loop1: detected capacity change from 0 to 256 [ 391.883692][ T6686] XFS (loop4): Ending clean mount [ 391.929782][ T6700] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 391.946692][ T6703] loop3: detected capacity change from 0 to 512 [ 391.958289][ T6704] loop0: detected capacity change from 0 to 64 [ 392.009226][ T6686] XFS (loop4): Quotacheck needed: Please wait. [ 392.127600][ T6703] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 392.151827][ T6686] XFS (loop4): Quotacheck: Done. [ 392.203403][ T6703] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 392.220522][ T6703] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 392.502574][ T6708] overlayfs: failed to resolve './file2': -2 [ 392.747097][ T5080] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 393.343350][ T6286] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 393.899232][ T6710] loop1: detected capacity change from 0 to 32768 [ 394.463729][ T29] audit: type=1800 audit(1717234978.132:50): pid=6718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 394.644976][ T6710] loop1: detected capacity change from 0 to 2048 [ 394.663854][ T6710] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 394.674020][ T6710] NILFS (loop1): unrecognized mount option "nob" [ 394.863539][ T43] usb 3-1: new low-speed USB device number 3 using dummy_hcd [ 395.302642][ T43] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 395.311466][ T43] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 395.319805][ T43] usb 3-1: config 0 has no interface number 0 [ 395.326526][ T43] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 395.341162][ T43] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 395.352671][ T43] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 395.362156][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 396.199943][ T6724] loop1: detected capacity change from 0 to 32768 [ 396.215839][ T43] usb 3-1: config 0 descriptor?? [ 396.524156][ T780] usb 4-1: new low-speed USB device number 3 using dummy_hcd [ 396.777210][ T43] usb 3-1: USB disconnect, device number 3 [ 396.920873][ T780] usb 4-1: config index 0 descriptor too short (expected 6427, got 27) [ 396.929422][ T780] usb 4-1: config 0 has an invalid interface number: 21 but max is 0 [ 396.938183][ T780] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 396.948599][ T780] usb 4-1: config 0 has no interface number 0 [ 396.955068][ T780] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 396.964562][ T780] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.041429][ T780] usb 4-1: config 0 descriptor?? [ 397.883518][ T6736] loop1: detected capacity change from 0 to 32768 [ 397.895391][ T6742] loop0: detected capacity change from 0 to 256 [ 397.897294][ T6740] loop4: detected capacity change from 0 to 512 [ 398.010270][ T780] usb 4-1: USB disconnect, device number 3 [ 398.064227][ T6736] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 398.147345][ T6740] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino [ 398.213921][ T6742] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 398.227809][ T6740] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 398.331882][ T6754] loop2: detected capacity change from 0 to 512 [ 398.345015][ T6740] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 398.592666][ T6759] overlayfs: failed to resolve './file2': -2 [ 398.702520][ T6761] loop3: detected capacity change from 0 to 24 [ 398.806045][ T6761] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 398.865535][ T6736] XFS (loop1): Ending clean mount [ 398.906351][ T6736] XFS (loop1): Quotacheck needed: Please wait. [ 399.043495][ T6736] XFS (loop1): Quotacheck: Done. [ 399.263044][ T5076] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 399.397654][ T29] audit: type=1800 audit(1717234983.032:51): pid=6763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1953 res=0 errno=0 [ 399.590684][ T5268] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 400.642325][ T5080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.993110][ T6773] loop2: detected capacity change from 0 to 32768 [ 401.560954][ T43] usb 1-1: new low-speed USB device number 5 using dummy_hcd [ 401.622333][ T6773] loop2: detected capacity change from 0 to 2048 [ 401.641258][ T6773] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 401.651220][ T6773] NILFS (loop2): unrecognized mount option "nob" [ 401.952534][ T43] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 401.962282][ T43] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 401.970790][ T43] usb 1-1: config 0 has no interface number 0 [ 401.977122][ T43] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 401.991699][ T43] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 402.004032][ T43] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 402.013734][ T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.107342][ T43] usb 1-1: config 0 descriptor?? [ 402.252266][ T780] usb 2-1: new low-speed USB device number 2 using dummy_hcd [ 402.625313][ T6793] loop2: detected capacity change from 0 to 256 [ 402.662347][ T43] usb 1-1: USB disconnect, device number 5 [ 402.681180][ T780] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 402.689714][ T780] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 402.699443][ T780] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 402.714125][ T780] usb 2-1: config 0 has no interface number 0 [ 402.721786][ T780] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 402.731290][ T780] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.868818][ T780] usb 2-1: config 0 descriptor?? [ 402.952953][ T6793] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 403.135285][ T780] usb 2-1: USB disconnect, device number 2 [ 403.453789][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.460684][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 404.013976][ T6795] loop3: detected capacity change from 0 to 32768 [ 404.185299][ T6795] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 404.245580][ T6802] loop0: detected capacity change from 0 to 2048 [ 404.473175][ T6810] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 404.588353][ T6809] loop1: detected capacity change from 0 to 512 [ 404.690838][ T29] audit: type=1800 audit(1717234988.302:52): pid=6813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1964 res=0 errno=0 [ 404.775228][ T6809] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 404.795944][ T6809] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 404.856641][ T6802] NILFS (loop0): unrecognized mount option "01777777777777777777777ÿ00000000000000000000000ñ¼ÊíXc¥vÌ:ýQºòœÞ"¨C’ôæo÷ï"ªš÷'ήŠŽÉ_Á·0ƒÞ-è% Ë+ çtý³6P×ÚÎ'ÁkÂ;/|·%…T‰9i(Š©%ZŠ’@øG~‚ºͱý\¢ñ«œâÌÄÒÚøÚÇ%S:UVTúõà’OvO7MfO­Jj²NÀè"çùBnŽ]áþXZ [ 404.856641][ T6802] èoÐ*‹“e–4Ôb¹ûL±¡ú–*‹" [ 404.907934][ T6809] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 404.927062][ T6795] XFS (loop3): Ending clean mount [ 404.963606][ T6795] XFS (loop3): Quotacheck needed: Please wait. [ 405.039304][ T6795] XFS (loop3): Quotacheck: Done. [ 405.349940][ T6286] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 405.509294][ T6822] loop4: detected capacity change from 0 to 164 [ 405.656389][ T6822] syz-executor.4: attempt to access beyond end of device [ 405.656389][ T6822] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 405.677691][ T6822] syz-executor.4: attempt to access beyond end of device [ 405.677691][ T6822] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 405.760340][ T29] audit: type=1800 audit(1717234989.382:53): pid=6822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="file0" dev="loop4" ino=1862 res=0 errno=0 [ 406.010560][ T5076] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 406.725342][ T6827] loop0: detected capacity change from 0 to 32768 [ 406.748771][ T6827] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6827) [ 406.791361][ T6827] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 406.807860][ T6827] BTRFS info (device loop0): using sha256 (sha256-generic) checksum algorithm [ 406.819259][ T6827] BTRFS info (device loop0): using free-space-tree [ 407.081632][ T25] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 408.091273][ T25] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 408.099918][ T25] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 408.108492][ T25] usb 5-1: config 0 has no interface number 0 [ 408.114993][ T25] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 408.125416][ T25] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 408.141293][ T25] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 408.150755][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.323554][ T25] usb 5-1: config 0 descriptor?? [ 408.349593][ T6857] loop2: detected capacity change from 0 to 256 [ 408.492759][ T6853] BTRFS info (device loop0 state M): max_inline set to 1398 [ 408.830494][ T6857] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 408.882628][ T25] usb 5-1: USB disconnect, device number 7 [ 409.188446][ T5089] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 409.690345][ T6859] loop3: detected capacity change from 0 to 32768 [ 410.329774][ T43] usb 2-1: new low-speed USB device number 3 using dummy_hcd [ 410.407831][ T29] audit: type=1800 audit(1717234994.072:54): pid=6868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1967 res=0 errno=0 [ 410.711602][ T43] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 410.720504][ T43] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 410.728837][ T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 410.739393][ T43] usb 2-1: config 0 has no interface number 0 [ 410.745869][ T43] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 410.755434][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.818491][ T43] usb 2-1: config 0 descriptor?? [ 411.122940][ T25] usb 2-1: USB disconnect, device number 3 [ 411.190806][ T6877] loop2: detected capacity change from 0 to 512 [ 411.371861][ T6872] loop3: detected capacity change from 0 to 2048 [ 411.542567][ T6877] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino [ 411.641726][ T6882] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 411.699180][ T6877] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 411.882884][ T6877] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 412.079619][ T6884] NILFS (loop3): unrecognized mount option "01777777777777777777777ÿ00000000000000000000000ñ¼ÊíXc¥vÌ:ýQºòœÞ"¨C’ôæo÷ï"ªš÷'ήŠŽÉ_Á·0ƒÞ-è% Ë+ çtý³6P×ÚÎ'ÁkÂ;/|·%…T‰9i(Š©%ZŠ’@øG~‚ºͱý\¢ñ«œâÌÄÒÚøÚÇ%S:UVTúõà’OvO7MfO­Jj²NÀè"çùBnŽ]áþXZ [ 412.079619][ T6884] èoÐ*‹“e–4Ôb¹ûL±¡ú–*‹" [ 412.117478][ T6878] loop4: detected capacity change from 0 to 32768 [ 412.159941][ T780] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 412.238205][ T6878] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 412.461642][ T780] usb 1-1: Using ep0 maxpacket: 16 [ 412.617277][ T6877] overlayfs: failed to resolve './file0': -2 [ 412.930683][ T780] usb 1-1: config 0 has an invalid interface number: 8 but max is 0 [ 412.939071][ T780] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 412.952634][ T780] usb 1-1: config 0 has no interface number 1 [ 412.958995][ T780] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 412.971819][ T780] usb 1-1: too many endpoints for config 0 interface 8 altsetting 238: 162, using maximum allowed: 30 [ 412.983246][ T780] usb 1-1: config 0 interface 8 altsetting 238 has 0 endpoint descriptors, different from the interface descriptor's value: 162 [ 412.996839][ T780] usb 1-1: config 0 interface 8 has no altsetting 0 [ 413.307622][ T6878] XFS (loop4): Ending clean mount [ 413.387464][ T6878] XFS (loop4): Quotacheck needed: Please wait. [ 413.650231][ T780] usb 1-1: New USB device found, idVendor=0547, idProduct=0080, bcdDevice=5e.08 [ 413.663575][ T780] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 413.673160][ T780] usb 1-1: Product: syz [ 413.677548][ T780] usb 1-1: Manufacturer: syz [ 413.682455][ T780] usb 1-1: SerialNumber: syz [ 413.798670][ T780] usb 1-1: config 0 descriptor?? [ 413.893815][ T780] hub 1-1:0.0: bad descriptor, ignoring hub [ 413.899968][ T780] hub 1-1:0.0: probe with driver hub failed with error -5 [ 413.912141][ T780] usbtest 1-1:0.0: EZ-USB device [ 413.917317][ T780] usbtest 1-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt) [ 413.973107][ T6878] XFS (loop4): Quotacheck: Done. [ 414.283172][ T5084] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.293722][ T5080] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 414.308150][ T6883] bridge0: port 1(bridge_slave_0) entered disabled state [ 414.654521][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.662390][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 414.751622][ T6883] loop0: detected capacity change from 0 to 512 [ 414.823807][ T6883] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 414.894248][ T6883] EXT4-fs error (device loop0): __ext4_fill_super:5464: inode #2: comm syz-executor.0: casefold flag without casefold feature [ 414.973437][ T6883] EXT4-fs (loop0): get root inode failed [ 414.979375][ T6883] EXT4-fs (loop0): mount failed [ 415.396810][ T780] usbtest 1-1:0.8: EZ-USB device [ 415.409735][ T780] usbtest 1-1:0.8: high-speed {control bulk-in bulk-out} tests (+alt) [ 415.521722][ T780] usb 1-1: USB disconnect, device number 6 [ 416.443612][ T6920] loop1: detected capacity change from 0 to 16 [ 416.520288][ T6920] erofs: (device loop1): mounted with root inode @ nid 36. [ 416.548543][ T29] audit: type=1800 audit(1717235000.182:55): pid=6921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1962 res=0 errno=0 [ 416.616235][ T6920] syz-executor.1: attempt to access beyond end of device [ 416.616235][ T6920] loop1: rw=0, sector=32, nr_sectors = 16 limit=16 [ 416.635413][ T6920] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 416.697721][ T6920] syz-executor.1: attempt to access beyond end of device [ 416.697721][ T6920] loop1: rw=0, sector=32, nr_sectors = 16 limit=16 [ 416.712131][ T6920] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 417.484074][ T6928] loop4: detected capacity change from 0 to 256 [ 417.673395][ T6928] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 417.715358][ T6934] loop0: detected capacity change from 0 to 512 [ 417.797830][ T6932] loop3: detected capacity change from 0 to 2048 [ 417.830937][ T780] usb 2-1: new low-speed USB device number 4 using dummy_hcd [ 417.843961][ T6934] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino [ 417.894447][ T6934] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 417.909934][ T6934] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 418.022061][ T6937] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 418.078638][ T6934] overlayfs: failed to resolve './file0': -2 [ 418.231294][ T780] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 418.245102][ T780] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 418.253624][ T780] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 418.264118][ T780] usb 2-1: config 0 has no interface number 0 [ 418.274607][ T780] usb 2-1: config 0 interface 21 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 418.289226][ T780] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 418.299029][ T780] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.346546][ T780] usb 2-1: config 0 descriptor?? [ 418.556328][ T6932] NILFS (loop3): unrecognized mount option "01777777777777777777777ÿ00000000000000000000000ñ¼ÊíXc¥vÌ:ýQºòœÞ"¨C’ôæo÷ï"ªš÷'ήŠŽÉ_Á·0ƒÞ-è% Ë+ çtý³6P×ÚÎ'ÁkÂ;/|·%…T‰9i(Š©%ZŠ’@øG~‚ºͱý\¢ñ«œâÌÄÒÚøÚÇ%S:UVTúõà’OvO7MfO­Jj²NÀè"çùBnŽ]áþXZ [ 418.556328][ T6932] èoÐ*‹“e–4Ôb¹ûL±¡ú–*‹" [ 418.630625][ T43] usb 2-1: USB disconnect, device number 4 [ 419.271875][ T5089] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 419.653770][ T6940] loop4: detected capacity change from 0 to 32768 [ 419.754359][ T6940] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 420.299933][ T6940] XFS (loop4): Ending clean mount [ 420.327957][ T6940] XFS (loop4): Quotacheck needed: Please wait. [ 420.411382][ T6940] XFS (loop4): Quotacheck: Done. [ 420.502352][ T6950] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 420.616742][ T5080] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 420.626530][ T25] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 420.871665][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 420.992604][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 421.003720][ T25] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0 [ 421.406016][ T25] usb 4-1: New USB device found, idVendor=1b3d, idProduct=931e, bcdDevice=d1.78 [ 421.415902][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.424326][ T25] usb 4-1: Product: syz [ 421.428718][ T25] usb 4-1: Manufacturer: syz [ 421.433805][ T25] usb 4-1: SerialNumber: syz [ 421.980520][ T29] audit: type=1800 audit(1717235004.742:56): pid=6964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1963 res=0 errno=0 [ 422.116795][ T25] usb 4-1: config 0 descriptor?? [ 422.233323][ T25] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected [ 422.244307][ T25] ftdi_sio ttyUSB0: unknown device type: 0xd178 [ 422.498159][ T25] usb 4-1: USB disconnect, device number 4 [ 422.507950][ T25] ftdi_sio 4-1:0.0: device disconnected [ 423.063853][ T6978] loop0: detected capacity change from 0 to 256 [ 423.354287][ T6978] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 423.482255][ T6980] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 423.941269][ T43] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 424.160508][ T781] usb 3-1: new low-speed USB device number 4 using dummy_hcd [ 424.416794][ T43] usb 2-1: unable to get BOS descriptor or descriptor too short [ 424.526361][ T6987] loop4: detected capacity change from 0 to 47 [ 424.553625][ T6984] loop3: detected capacity change from 0 to 32768 [ 424.581451][ T43] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 424.589428][ T43] usb 2-1: can't read configurations, error -71 [ 424.630731][ T781] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 424.639259][ T781] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 424.647782][ T781] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 424.658691][ T781] usb 3-1: config 0 has no interface number 0 [ 424.665172][ T781] usb 3-1: config 0 interface 21 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 424.678586][ T781] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 424.688262][ T781] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.779364][ T6984] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 424.853566][ T781] usb 3-1: config 0 descriptor?? [ 425.271794][ T25] usb 3-1: USB disconnect, device number 4 [ 425.352507][ T6994] loop0: detected capacity change from 0 to 32768 [ 425.564248][ T6984] XFS (loop3): Ending clean mount [ 425.678813][ T6984] XFS (loop3): Quotacheck needed: Please wait. [ 425.955136][ T6994] loop0: detected capacity change from 0 to 2048 [ 425.974503][ T6994] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 425.975136][ T6984] XFS (loop3): Quotacheck: Done. [ 425.984492][ T6994] NILFS (loop0): unrecognized mount option "nob" [ 426.177465][ T29] audit: type=1326 audit(1717235009.812:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6999 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd6fbe7cee9 code=0x0 [ 426.378361][ T6286] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 426.509077][ T781] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 426.770323][ T781] usb 5-1: Using ep0 maxpacket: 32 [ 426.940486][ T781] usb 5-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=80.7e [ 426.949866][ T781] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.043380][ T781] usb 5-1: config 0 descriptor?? [ 427.196975][ T29] audit: type=1800 audit(1717235010.842:58): pid=7011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1946 res=0 errno=0 [ 427.228507][ T781] usb 5-1: selecting invalid altsetting 1 [ 427.234656][ T781] comedi comedi0: could not switch to alternate setting 1 [ 427.242210][ T781] usbduxfast 5-1:0.0: driver 'usbduxfast' failed to auto-configure device. [ 427.410851][ T781] usb 5-1: USB disconnect, device number 8 [ 428.061521][ T7017] Restarting kernel threads ... done. [ 428.231935][ T7017] loop2: detected capacity change from 0 to 512 [ 428.382678][ T7017] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.2: corrupted in-inode xattr: overlapping e_value [ 428.511349][ T7017] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 428.599066][ T7031] loop1: detected capacity change from 0 to 256 [ 428.632372][ T7017] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 428.865474][ T7031] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 429.361812][ T5084] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 430.038784][ T7040] loop4: detected capacity change from 0 to 32768 [ 430.120613][ T780] usb 1-1: new low-speed USB device number 7 using dummy_hcd [ 430.158918][ T7040] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 430.541365][ T780] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 430.549926][ T780] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 430.563498][ T780] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 430.575287][ T780] usb 1-1: config 0 has no interface number 0 [ 430.582773][ T780] usb 1-1: config 0 interface 21 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 430.597169][ T780] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 430.606563][ T780] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 430.719633][ T780] usb 1-1: config 0 descriptor?? [ 430.961285][ T7040] XFS (loop4): Ending clean mount [ 430.992470][ T780] usb 1-1: USB disconnect, device number 7 [ 431.013943][ T7040] XFS (loop4): Quotacheck needed: Please wait. [ 431.165125][ T7040] XFS (loop4): Quotacheck: Done. [ 431.493102][ T29] audit: type=1800 audit(1717235015.142:59): pid=7067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1943 res=0 errno=0 [ 431.524885][ T5080] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 431.711100][ T7069] loop1: detected capacity change from 0 to 256 [ 432.174038][ T7076] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 432.279242][ T7069] loop1: detected capacity change from 0 to 2048 [ 432.775408][ T7075] loop2: detected capacity change from 0 to 32768 [ 432.797774][ T7075] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (7075) [ 432.846925][ T7075] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 432.857514][ T7075] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 432.867755][ T7075] BTRFS info (device loop2): using free-space-tree [ 433.084663][ T7069] iocharset  ê¸`Ï not found [ 433.145864][ T7095] loop0: detected capacity change from 0 to 256 [ 433.285620][ T7095] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 433.712949][ T7106] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 433.937474][ T25] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 434.311346][ T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 434.482044][ T25] usb 3-1: New USB device found, idVendor=0caa, idProduct=3001, bcdDevice=a8.e9 [ 434.491755][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 434.500157][ T25] usb 3-1: Product: syz [ 434.504549][ T25] usb 3-1: Manufacturer: syz [ 434.509370][ T25] usb 3-1: SerialNumber: syz [ 434.589854][ T25] usb 3-1: config 0 descriptor?? [ 434.691954][ T25] pl2303 3-1:0.0: required endpoints missing [ 434.786540][ T7121] usb usb8: usbfs: process 7121 (syz-executor.0) did not claim interface 0 before use [ 435.013268][ T7121] syz-executor.0[7121] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 435.013819][ T7121] syz-executor.0[7121] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 435.226299][ T7121] input: syz0 as /devices/virtual/input/input10 [ 435.484542][ T7126] loop4: detected capacity change from 0 to 256 [ 435.527264][ T781] usb 3-1: USB disconnect, device number 5 [ 435.760151][ T29] audit: type=1800 audit(1717235019.332:60): pid=7132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1965 res=0 errno=0 [ 435.893738][ T5084] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 436.946979][ T7155] loop0: detected capacity change from 0 to 256 [ 436.990384][ T4745] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 437.040411][ T25] usb 3-1: new low-speed USB device number 6 using dummy_hcd [ 437.242589][ T7155] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 437.315726][ T4745] usb 2-1: Using ep0 maxpacket: 8 [ 437.471424][ T4745] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 437.471467][ T25] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 437.471608][ T25] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 437.480163][ T4745] usb 2-1: config 179 has no interface number 0 [ 437.480306][ T4745] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 437.488581][ T25] usb 3-1: config 0 has no interface number 0 [ 437.497066][ T4745] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 437.503256][ T25] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 437.514306][ T4745] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 437.524935][ T25] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 437.536947][ T4745] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 437.546865][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.558126][ T4745] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 437.599881][ T4745] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 437.609369][ T4745] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 437.681643][ T7151] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 437.735108][ T4745] xpad 2-1:179.65: probe with driver xpad failed with error -5 [ 438.139286][ T7159] loop3: detected capacity change from 0 to 2048 [ 438.386958][ T7159] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 438.489514][ T7158] loop4: detected capacity change from 0 to 32768 [ 438.515120][ T25] usb 3-1: config 0 descriptor?? [ 438.874570][ T25] usb 3-1: USB disconnect, device number 6 [ 438.909234][ T781] usb 2-1: USB disconnect, device number 7 [ 438.967072][ T7158] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 439.548466][ T7158] XFS (loop4): Ending clean mount [ 439.819867][ T5080] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 440.002100][ T7174] loop0: detected capacity change from 0 to 32768 [ 440.018578][ T7174] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (7174) [ 440.063389][ T7174] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 440.074278][ T7174] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 440.090585][ T7174] BTRFS info (device loop0): using free-space-tree [ 440.842522][ T29] audit: type=1800 audit(1717235024.322:61): pid=7196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1957 res=0 errno=0 [ 441.003890][ T7184] loop1: detected capacity change from 0 to 32768 [ 441.259645][ T7184] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 441.465329][ T43] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 441.661025][ T7184] XFS (loop1): Ending clean mount [ 441.850548][ T7184] syz-executor.1 (7184) used greatest stack depth: 5112 bytes left [ 441.882342][ T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 442.008240][ T5076] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 442.150972][ T43] usb 1-1: New USB device found, idVendor=0caa, idProduct=3001, bcdDevice=a8.e9 [ 442.160520][ T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 442.168768][ T43] usb 1-1: Product: syz [ 442.178814][ T43] usb 1-1: Manufacturer: syz [ 442.350926][ T43] usb 1-1: config 0 descriptor?? [ 442.410841][ T43] usb 1-1: can't set config #0, error -71 [ 442.457308][ T43] usb 1-1: USB disconnect, device number 8 [ 442.807658][ T5089] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 442.816392][ T7219] loop2: detected capacity change from 0 to 256 [ 443.202284][ T7219] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 444.286286][ T7227] warning: `syz-executor.3' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 444.824922][ T7223] loop4: detected capacity change from 0 to 4096 [ 444.841892][ T7225] loop0: detected capacity change from 0 to 64 [ 444.860506][ T7225] hfs: unable to parse mount options [ 444.943163][ T7227] loop3: detected capacity change from 0 to 256 [ 445.141283][ T7223] ntfs3: loop4: Failed to load $MFT (-22). [ 445.332872][ T29] audit: type=1800 audit(1717235028.942:62): pid=7227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1964 res=0 errno=0 [ 445.371828][ T25] usb 3-1: new low-speed USB device number 7 using dummy_hcd [ 446.218329][ T7236] loop1: detected capacity change from 0 to 32768 [ 446.917629][ T7236] loop1: detected capacity change from 0 to 2048 [ 446.946008][ T7236] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 446.956293][ T7236] NILFS (loop1): unrecognized mount option "nob" [ 446.965794][ T25] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 446.974497][ T25] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 446.983250][ T25] usb 3-1: config 0 has no interface number 0 [ 446.989586][ T25] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 446.999831][ T25] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 447.009254][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.121493][ T25] usb 3-1: config 0 descriptor?? [ 447.227398][ T7242] loop0: detected capacity change from 0 to 512 [ 447.333374][ T29] audit: type=1800 audit(1717235030.972:63): pid=7245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1958 res=0 errno=0 [ 447.402818][ T43] usb 3-1: USB disconnect, device number 7 [ 447.637511][ T7242] EXT4-fs error (device loop0): __ext4_iget:4913: inode #15: block 1803188595: comm syz-executor.0: invalid block [ 447.764132][ T7242] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 447.876494][ T7242] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 448.035311][ T7251] capability: warning: `syz-executor.1' uses deprecated v2 capabilities in a way that may be insecure [ 448.236893][ T7242] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor.0: invalid indirect mapped block 234881024 (level 0) [ 448.243519][ T7248] loop4: detected capacity change from 0 to 32768 [ 448.344281][ T7248] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 448.409600][ T7256] netlink: 108 bytes leftover after parsing attributes in process `syz-executor.3'. [ 448.432587][ T5089] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 448.561020][ T7248] XFS (loop4): Ending clean mount [ 448.957665][ T7272] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 449.033774][ T5080] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 449.264055][ T7280] loop1: detected capacity change from 0 to 256 [ 449.426340][ T7280] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 449.598093][ T7282] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 450.724006][ T29] audit: type=1800 audit(1717235034.322:64): pid=7292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1956 res=0 errno=0 [ 451.030796][ T4745] usb 1-1: new low-speed USB device number 9 using dummy_hcd [ 451.261765][ T7293] loop1: detected capacity change from 0 to 32768 [ 451.488950][ T5239] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 451.610642][ T4745] usb 1-1: config index 0 descriptor too short (expected 6427, got 27) [ 451.619247][ T4745] usb 1-1: config 0 has an invalid interface number: 21 but max is 0 [ 451.627978][ T4745] usb 1-1: config 0 has no interface number 0 [ 451.634420][ T4745] usb 1-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 451.644637][ T4745] usb 1-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 451.658025][ T4745] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 451.867665][ T7301] loop2: detected capacity change from 0 to 256 [ 451.918062][ T4745] usb 1-1: config 0 descriptor?? [ 451.979511][ T7293] loop1: detected capacity change from 0 to 2048 [ 452.010796][ T7293] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 452.020855][ T7293] NILFS (loop1): unrecognized mount option "nob" [ 452.272205][ T4745] usb 1-1: USB disconnect, device number 9 [ 453.449088][ T7310] loop4: detected capacity change from 0 to 32768 [ 453.475788][ T7310] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (7310) [ 454.021125][ T780] usb 3-1: new low-speed USB device number 8 using dummy_hcd [ 454.096474][ T7319] loop0: detected capacity change from 0 to 512 [ 454.120626][ T7312] loop1: detected capacity change from 0 to 32768 [ 454.165313][ T7319] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 454.171817][ T7310] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 454.184963][ T7310] BTRFS info (device loop4): using sha256 (sha256-generic) checksum algorithm [ 454.196484][ T7310] BTRFS info (device loop4): using free-space-tree [ 454.239460][ T7312] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 454.451811][ T7319] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #17: comm syz-executor.0: iget: bad i_size value: -6917529027641081756 [ 454.490817][ T780] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 454.499362][ T780] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 454.507960][ T780] usb 3-1: config 0 has no interface number 0 [ 454.518920][ T780] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 454.530512][ T780] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 454.540927][ T780] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 454.550320][ T780] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 454.563669][ T7319] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 17 (err -117) [ 454.651047][ T7319] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 454.755894][ T29] audit: type=1800 audit(1717235038.352:65): pid=7310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 454.779226][ T29] audit: type=1800 audit(1717235038.362:66): pid=7310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 454.805568][ T780] usb 3-1: config 0 descriptor?? [ 454.862356][ T7312] XFS (loop1): Ending clean mount [ 454.932734][ T7352] Quota error (device loop0): do_check_range: Getting block 144 out of range 0-5 [ 455.179154][ T780] usb 3-1: USB disconnect, device number 8 [ 455.431681][ T5080] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 455.514756][ T7357] loop3: detected capacity change from 0 to 256 [ 455.529208][ T5089] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.582688][ T5076] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 455.720404][ T7357] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 456.383168][ T29] audit: type=1800 audit(1717235039.992:67): pid=7362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1942 res=0 errno=0 [ 457.521675][ T7372] loop0: detected capacity change from 0 to 32768 [ 458.256795][ T7381] loop4: detected capacity change from 0 to 1024 [ 458.282588][ T7379] syzkaller0: entered promiscuous mode [ 458.288291][ T7379] syzkaller0: entered allmulticast mode [ 458.355761][ T7381] EXT4-fs: Ignoring removed nobh option [ 458.445227][ T7372] loop0: detected capacity change from 0 to 2048 [ 458.459031][ T7372] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 458.469159][ T7372] NILFS (loop0): unrecognized mount option "nob" [ 458.823278][ T7381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 458.871156][ T780] usb 2-1: new low-speed USB device number 8 using dummy_hcd [ 459.410584][ T780] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 459.419145][ T780] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 459.427723][ T780] usb 2-1: config 0 has no interface number 0 [ 459.438209][ T780] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 459.449932][ T780] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 459.452301][ T7396] loop0: detected capacity change from 0 to 256 [ 459.460150][ T780] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 459.475815][ T780] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 459.566430][ T780] usb 2-1: config 0 descriptor?? [ 459.583732][ T5080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 459.895954][ T780] usb 2-1: USB disconnect, device number 8 [ 460.023428][ T7398] loop3: detected capacity change from 0 to 64 [ 460.372859][ T25] usb 3-1: new low-speed USB device number 9 using dummy_hcd [ 460.562492][ T7405] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 460.567672][ T5268] udevd[5268]: failed to send result of seq 11455 to main daemon: Connection refused [ 460.570838][ T7405] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 460.570895][ T7405] IPv6: NLM_F_CREATE should be set when creating new route [ 460.850867][ T25] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 460.859437][ T25] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 460.872387][ T25] usb 3-1: config 0 has no interface number 0 [ 460.878726][ T25] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 460.890504][ T25] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 460.900908][ T25] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 460.910456][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.993530][ T25] usb 3-1: config 0 descriptor?? [ 461.078359][ T7413] loop0: detected capacity change from 0 to 256 [ 461.150495][ T29] audit: type=1800 audit(1717235044.792:68): pid=7411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1964 res=0 errno=0 [ 461.260343][ T7413] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 461.348019][ T25] usb 3-1: USB disconnect, device number 9 [ 462.443130][ T7422] loop1: detected capacity change from 0 to 32768 [ 463.488818][ T7422] loop1: detected capacity change from 0 to 2048 [ 463.563610][ T7422] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 463.573606][ T7422] NILFS (loop1): unrecognized mount option "nob" [ 464.088561][ T7431] loop4: detected capacity change from 0 to 1024 [ 464.152159][ T780] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 464.274595][ T7431] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 464.541094][ T780] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 464.556500][ T780] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 464.568348][ T780] usb 1-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 464.579780][ T780] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.632113][ T780] usb 1-1: config 0 descriptor?? [ 464.708102][ T7431] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 464.879082][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 464.886436][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 [ 464.904175][ T7438] loop1: detected capacity change from 0 to 64 [ 465.140823][ T5080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 465.189326][ T780] itetech 0003:06CB:73F5.0001: unknown main item tag 0x0 [ 465.197535][ T780] itetech 0003:06CB:73F5.0001: unknown main item tag 0x3 [ 465.205030][ T780] itetech 0003:06CB:73F5.0001: unknown main item tag 0x0 [ 465.212415][ T780] itetech 0003:06CB:73F5.0001: unbalanced collection at end of report description [ 465.315594][ T780] itetech 0003:06CB:73F5.0001: probe with driver itetech failed with error -22 [ 465.419861][ T25] usb 1-1: USB disconnect, device number 10 [ 465.505854][ T4745] usb 4-1: new low-speed USB device number 5 using dummy_hcd [ 465.556261][ T7448] input: syz0 as /devices/virtual/input/input14 [ 465.920856][ T4745] usb 4-1: config index 0 descriptor too short (expected 6427, got 27) [ 465.929429][ T4745] usb 4-1: config 0 has an invalid interface number: 21 but max is 0 [ 465.938037][ T4745] usb 4-1: config 0 has no interface number 0 [ 465.944546][ T4745] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 465.954792][ T4745] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 465.964268][ T4745] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 465.981165][ T29] audit: type=1800 audit(1717235049.652:69): pid=7456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1950 res=0 errno=0 [ 466.001992][ C0] vkms_vblank_simulate: vblank timer overrun [ 466.015538][ T4745] usb 4-1: config 0 descriptor?? [ 466.235182][ T7461] loop1: detected capacity change from 0 to 256 [ 466.300326][ T43] usb 4-1: USB disconnect, device number 5 [ 466.431375][ T7461] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 466.631797][ T7463] loop0: detected capacity change from 0 to 2048 [ 466.718023][ T7466] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 466.824470][ T25] usb 5-1: new low-speed USB device number 9 using dummy_hcd [ 467.127445][ T7466] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 467.138920][ T7466] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4) [ 467.177370][ T7466] Remounting filesystem read-only [ 467.183119][ T3703] NILFS (loop0): discard dirty page: offset=0, ino=6 [ 467.190241][ T3703] NILFS (loop0): discard dirty block: blocknr=35, size=1024 [ 467.197770][ T3703] NILFS (loop0): discard dirty block: blocknr=36, size=1024 [ 467.205505][ T3703] NILFS (loop0): discard dirty block: blocknr=37, size=1024 [ 467.217809][ T3703] NILFS (loop0): discard dirty block: blocknr=38, size=1024 [ 467.226881][ T3703] NILFS (loop0): discard dirty page: offset=4096, ino=6 [ 467.234179][ T3703] NILFS (loop0): discard dirty block: blocknr=39, size=1024 [ 467.241844][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.251069][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.260246][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.367895][ T7470] loop3: detected capacity change from 0 to 1024 [ 467.446699][ T7470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 467.459490][ T7470] ext4 filesystem being mounted at /root/syzkaller-testdir1436952386/syzkaller.abUkuH/48/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 467.484331][ T3703] NILFS (loop0): discard dirty page: offset=0, ino=3 [ 467.491531][ T3703] NILFS (loop0): discard dirty block: blocknr=42, size=1024 [ 467.499071][ T3703] NILFS (loop0): discard dirty block: blocknr=43, size=1024 [ 467.506845][ T3703] NILFS (loop0): discard dirty block: blocknr=44, size=1024 [ 467.514471][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.528318][ T3703] NILFS (loop0): discard dirty page: offset=65536, ino=3 [ 467.536968][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.546168][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.555563][ T3703] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 467.563101][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.574544][ T3703] NILFS (loop0): discard dirty page: offset=196608, ino=3 [ 467.582046][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.591249][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.600470][ T3703] NILFS (loop0): discard dirty block: blocknr=49, size=1024 [ 467.607991][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.666200][ T7468] loop1: detected capacity change from 0 to 32768 [ 467.701448][ T3703] NILFS (loop0): discard dirty page: offset=0, ino=18 [ 467.708459][ T3703] NILFS (loop0): discard dirty block: blocknr=0, size=1024 [ 467.716493][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.718444][ T7470] overlay: ./file1 is not a directory [ 467.730203][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.730334][ T3703] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.791571][ T5089] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 467.801010][ T5089] NILFS (loop0): discard dirty page: offset=0, ino=2 [ 467.807929][ T5089] NILFS (loop0): discard dirty block: blocknr=18, size=1024 [ 467.815797][ T5089] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.825014][ T5089] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.839627][ T5089] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.889214][ T5089] NILFS (loop0): discard dirty page: offset=0, ino=5 [ 467.896565][ T5089] NILFS (loop0): discard dirty block: blocknr=41, size=1024 [ 467.904332][ T5089] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.913519][ T5089] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.922719][ T5089] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.956439][ T5089] NILFS (loop0): discard dirty page: offset=0, ino=4 [ 467.963794][ T5089] NILFS (loop0): discard dirty block: blocknr=40, size=1024 [ 467.971829][ T5089] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.981030][ T5089] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 467.990239][ T5089] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 468.100435][ T4745] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 468.278648][ T7468] loop1: detected capacity change from 0 to 2048 [ 468.301789][ T7468] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 468.311863][ T7468] NILFS (loop1): unrecognized mount option "nob" [ 468.516336][ T25] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 468.525071][ T25] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 468.533625][ T25] usb 5-1: config 0 has no interface number 0 [ 468.539944][ T25] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt [ 468.554781][ T25] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 468.566265][ T25] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 468.575702][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 468.735522][ T25] usb 5-1: config 0 descriptor?? [ 469.045116][ T25] usb 5-1: USB disconnect, device number 9 [ 469.286745][ T7475] loop0: detected capacity change from 0 to 40427 [ 469.313970][ T7475] F2FS-fs (loop0): invalid crc value [ 469.357453][ T7475] F2FS-fs (loop0): Found nat_bits in checkpoint [ 469.868919][ T4745] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 470.148818][ T7475] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 470.868029][ T6286] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 470.961640][ T5089] syz-executor.0: attempt to access beyond end of device [ 470.961640][ T5089] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 471.380696][ T4745] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 471.391278][ T4745] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 471.550773][ T4745] usb 4-1: can't set config #1, error -71 [ 471.601231][ T4745] usb 4-1: USB disconnect, device number 6 [ 472.074892][ T7504] loop1: detected capacity change from 0 to 256 [ 472.121100][ T5094] Bluetooth: hci5: command 0x0406 tx timeout [ 472.227454][ T7505] loop3: detected capacity change from 0 to 64 [ 472.250596][ T29] audit: type=1800 audit(1717235055.842:70): pid=7507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1959 res=0 errno=0 [ 472.343781][ T7504] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 472.794949][ T7511] loop2: detected capacity change from 0 to 256 [ 472.831116][ T780] usb 5-1: new low-speed USB device number 10 using dummy_hcd [ 473.243497][ T43] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 473.531642][ T43] usb 3-1: Using ep0 maxpacket: 16 [ 473.613359][ T7517] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.3'. [ 473.682327][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 473.693880][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 473.704097][ T43] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 473.717340][ T43] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 473.719420][ T7515] loop1: detected capacity change from 0 to 32768 [ 473.726658][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.801251][ T43] usb 3-1: config 0 descriptor?? [ 474.165918][ T781] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 474.328636][ T7515] loop1: detected capacity change from 0 to 2048 [ 474.348990][ T7515] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 474.359382][ T7515] NILFS (loop1): unrecognized mount option "nob" [ 474.437348][ T780] usb 5-1: config index 0 descriptor too short (expected 6427, got 27) [ 474.446039][ T780] usb 5-1: config 0 has an invalid interface number: 21 but max is 0 [ 474.455177][ T780] usb 5-1: config 0 has no interface number 0 [ 474.461585][ T780] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 474.472172][ T780] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 474.481582][ T780] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.512891][ T780] usb 5-1: config 0 descriptor?? [ 474.561621][ T781] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 474.573206][ T781] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 474.583543][ T781] usb 1-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 474.597012][ T781] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.609257][ T7511] loop2: detected capacity change from 0 to 24 [ 474.721359][ T7511] romfs: bad initial checksum on dev loop2. [ 474.845797][ T780] usb 5-1: USB disconnect, device number 10 [ 474.946537][ T7511] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 475.036083][ T7511] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.142521][ T7511] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.480693][ T7525] loop3: detected capacity change from 0 to 40427 [ 475.518969][ T781] usb 1-1: config 0 descriptor?? [ 475.549927][ T43] usbhid 3-1:0.0: can't add hid device: -71 [ 475.557050][ T43] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 475.571959][ T7525] F2FS-fs (loop3): invalid crc value [ 475.579556][ T43] usb 3-1: USB disconnect, device number 10 [ 476.274000][ T7525] F2FS-fs (loop3): Found nat_bits in checkpoint [ 476.643767][ T7525] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 477.301056][ T6286] syz-executor.3: attempt to access beyond end of device [ 477.301056][ T6286] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 477.389792][ T781] itetech 0003:06CB:73F5.0002: unknown main item tag 0x0 [ 477.397585][ T781] itetech 0003:06CB:73F5.0002: unknown main item tag 0x3 [ 477.405511][ T781] itetech 0003:06CB:73F5.0002: unknown main item tag 0x0 [ 477.413002][ T781] itetech 0003:06CB:73F5.0002: unknown main item tag 0x0 [ 477.420407][ T781] itetech 0003:06CB:73F5.0002: unbalanced collection at end of report description [ 477.796829][ T781] itetech 0003:06CB:73F5.0002: probe with driver itetech failed with error -22 [ 477.831230][ T781] usb 1-1: USB disconnect, device number 11 [ 478.502831][ T29] audit: type=1800 audit(1717235062.122:71): pid=7542 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1947 res=0 errno=0 [ 478.748654][ T7547] loop2: detected capacity change from 0 to 256 [ 478.917692][ T7547] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 479.063878][ T7548] loop0: detected capacity change from 0 to 64 [ 479.760484][ T7554] Bluetooth: MGMT ver 1.22 [ 479.765175][ T7554] Bluetooth: hci3: unsupported parameter 65535 [ 479.771778][ T7554] Bluetooth: hci3: invalid length 0, exp 2 for type 0 [ 479.853662][ T7554] input: syz0 as /devices/virtual/input/input16 [ 480.332333][ T4745] usb 3-1: new low-speed USB device number 11 using dummy_hcd [ 480.752975][ T7560] loop0: detected capacity change from 0 to 32768 [ 480.808389][ T4745] usb 3-1: config index 0 descriptor too short (expected 6427, got 27) [ 480.817016][ T4745] usb 3-1: config 0 has an invalid interface number: 21 but max is 0 [ 480.825493][ T4745] usb 3-1: config 0 has no interface number 0 [ 480.836032][ T4745] usb 3-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 480.847515][ T4745] usb 3-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 480.857009][ T4745] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 480.871523][ T4745] usb 3-1: config 0 descriptor?? [ 480.905115][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:172.20.20.170]:2. Sending cookies. [ 481.198280][ T4745] usb 3-1: USB disconnect, device number 11 [ 481.385688][ T7560] loop0: detected capacity change from 0 to 2048 [ 481.400516][ T7560] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 481.410678][ T7560] NILFS (loop0): unrecognized mount option "nob" [ 482.738114][ T43] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 482.802570][ T29] audit: type=1326 audit(1717235066.482:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7591 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff1f3e7cee9 code=0x0 [ 483.020581][ T43] usb 4-1: Using ep0 maxpacket: 8 [ 483.162078][ T43] usb 4-1: config 0 has no interfaces? [ 483.168081][ T43] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 483.177658][ T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 483.227298][ T43] usb 4-1: config 0 descriptor?? [ 483.655021][ T781] usb 4-1: USB disconnect, device number 7 [ 486.310274][ T7643] loop1: detected capacity change from 0 to 128 [ 486.386157][ T7643] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x61417272 (sector = 1) [ 486.933660][ T3432] FAT-fs (loop1): Invalid FSINFO signature: 0x00000000, 0x61417272 (sector = 1) [ 488.931024][ T5132] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 489.335259][ T5132] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 489.346540][ T5132] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 489.359949][ T5132] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 489.369361][ T5132] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 489.448847][ T5132] usb 2-1: config 0 descriptor?? [ 489.789753][ T7682] Error parsing options; rc = [-22] [ 489.977038][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 489.985137][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 489.992979][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 490.000711][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 490.008394][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 490.016240][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 490.023992][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 490.031815][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 490.039487][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 490.054186][ T5132] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 490.063621][ T5132] plantronics 0003:047F:FFFF.0003: unbalanced collection at end of report description [ 490.145315][ T5132] plantronics 0003:047F:FFFF.0003: parse failed [ 490.159345][ T5132] plantronics 0003:047F:FFFF.0003: probe with driver plantronics failed with error -22 [ 490.292988][ T5132] usb 2-1: USB disconnect, device number 9 [ 490.991582][ T7690] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 491.931202][ T781] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 492.147816][ T7703] loop3: detected capacity change from 0 to 2048 [ 492.191066][ T781] usb 2-1: Using ep0 maxpacket: 16 [ 492.193480][ T7703] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 492.580887][ T781] usb 2-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=99.81 [ 492.590463][ T781] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 492.598721][ T781] usb 2-1: Product: syz [ 492.603372][ T781] usb 2-1: Manufacturer: syz [ 492.611245][ T781] usb 2-1: SerialNumber: syz [ 492.655160][ T781] usb 2-1: config 0 descriptor?? [ 492.718524][ T781] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 492.728811][ T781] ftdi_sio ttyUSB0: unknown device type: 0x9981 [ 492.968271][ T781] usb 2-1: USB disconnect, device number 10 [ 492.976807][ T781] ftdi_sio 2-1:0.0: device disconnected [ 493.362844][ T4435] Bluetooth: hci3: unexpected cc 0x2027 length: 2 > 1 [ 493.370163][ T4435] Bluetooth: hci3: unexpected event for opcode 0x2027 [ 493.522685][ T7717] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 493.768707][ T7723] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 494.291553][ T29] audit: type=1326 audit(1717235077.912:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd6fbe7cee9 code=0x0 [ 494.365888][ T7735] ===================================================== [ 494.373134][ T7735] BUG: KMSAN: uninit-value in strnchr+0x90/0xd0 [ 494.379574][ T7735] strnchr+0x90/0xd0 [ 494.383649][ T7735] bpf_bprintf_prepare+0x1c2/0x23c0 [ 494.389053][ T7735] bpf_trace_printk+0xec/0x3e0 [ 494.394004][ T7735] ___bpf_prog_run+0x13fe/0xe0f0 [ 494.399115][ T7735] __bpf_prog_run32+0xb2/0xe0 [ 494.403957][ T7735] bpf_trace_run2+0x116/0x300 [ 494.408787][ T7735] __bpf_trace_tlb_flush+0x2c/0x40 [ 494.414092][ T7735] switch_mm_irqs_off+0x9d2/0x1010 [ 494.419449][ T7735] __text_poke+0xb4e/0xfb0 [ 494.424062][ T7735] text_poke_bp_batch+0x17f/0x960 [ 494.429282][ T7735] text_poke_finish+0x7d/0xd0 [ 494.434145][ T7735] arch_jump_label_transform_apply+0x23/0x40 [ 494.440297][ T7735] __jump_label_update+0x6af/0x6d0 [ 494.445608][ T7735] jump_label_update+0x6a0/0x7a0 [ 494.450728][ T7735] static_key_enable_cpuslocked+0x229/0x260 [ 494.456828][ T7735] static_key_enable+0x23/0x30 [ 494.461769][ T7735] tracepoint_add_func+0x1084/0x1280 [ 494.467257][ T7735] tracepoint_probe_register_prio_may_exist+0xa8/0xf0 [ 494.474242][ T7735] bpf_probe_register+0x201/0x250 [ 494.479437][ T7735] bpf_raw_tp_link_attach+0x627/0x8a0 [ 494.485000][ T7735] bpf_raw_tracepoint_open+0x485/0x8a0 [ 494.490633][ T7735] __sys_bpf+0x5a6/0xd90 [ 494.495029][ T7735] __x64_sys_bpf+0xa0/0xe0 [ 494.499595][ T7735] x64_sys_call+0x96b/0x3b50 [ 494.504367][ T7735] do_syscall_64+0xcf/0x1e0 [ 494.509065][ T7735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 494.515148][ T7735] [ 494.517560][ T7735] Local variable stack created at: [ 494.522762][ T7735] __bpf_prog_run32+0x43/0xe0 [ 494.527604][ T7735] bpf_trace_run2+0x116/0x300 [ 494.532429][ T7735] [ 494.534879][ T7735] CPU: 0 PID: 7735 Comm: syz-executor.1 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 494.545045][ T7735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 494.555225][ T7735] ===================================================== [ 494.562251][ T7735] Disabling lock debugging due to kernel taint [ 494.568504][ T7735] Kernel panic - not syncing: kmsan.panic set ... [ 494.575038][ T7735] CPU: 0 PID: 7735 Comm: syz-executor.1 Tainted: G B 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 494.586617][ T7735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 494.596773][ T7735] Call Trace: [ 494.600124][ T7735] [ 494.603126][ T7735] dump_stack_lvl+0x216/0x2d0 [ 494.607960][ T7735] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 494.613918][ T7735] dump_stack+0x1e/0x30 [ 494.618213][ T7735] panic+0x4e2/0xcd0 [ 494.622257][ T7735] ? kmsan_get_metadata+0xf1/0x1d0 [ 494.627512][ T7735] kmsan_report+0x2d5/0x2e0 [ 494.632149][ T7735] ? __msan_warning+0x95/0x120 [ 494.637039][ T7735] ? strnchr+0x90/0xd0 [ 494.641247][ T7735] ? bpf_bprintf_prepare+0x1c2/0x23c0 [ 494.646785][ T7735] ? bpf_trace_printk+0xec/0x3e0 [ 494.651868][ T7735] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 494.657122][ T7735] ? __bpf_prog_run32+0xb2/0xe0 [ 494.662102][ T7735] ? bpf_trace_run2+0x116/0x300 [ 494.667076][ T7735] ? __bpf_trace_tlb_flush+0x2c/0x40 [ 494.672499][ T7735] ? switch_mm_irqs_off+0x9d2/0x1010 [ 494.677916][ T7735] ? __text_poke+0xb4e/0xfb0 [ 494.682655][ T7735] ? text_poke_bp_batch+0x17f/0x960 [ 494.688003][ T7735] ? text_poke_finish+0x7d/0xd0 [ 494.693006][ T7735] ? arch_jump_label_transform_apply+0x23/0x40 [ 494.699294][ T7735] ? __jump_label_update+0x6af/0x6d0 [ 494.704735][ T7735] ? jump_label_update+0x6a0/0x7a0 [ 494.709989][ T7735] ? static_key_enable_cpuslocked+0x229/0x260 [ 494.716215][ T7735] ? static_key_enable+0x23/0x30 [ 494.721308][ T7735] ? tracepoint_add_func+0x1084/0x1280 [ 494.726925][ T7735] ? tracepoint_probe_register_prio_may_exist+0xa8/0xf0 [ 494.734038][ T7735] ? bpf_probe_register+0x201/0x250 [ 494.739367][ T7735] ? bpf_raw_tp_link_attach+0x627/0x8a0 [ 494.745066][ T7735] ? bpf_raw_tracepoint_open+0x485/0x8a0 [ 494.750842][ T7735] ? __sys_bpf+0x5a6/0xd90 [ 494.755413][ T7735] ? __x64_sys_bpf+0xa0/0xe0 [ 494.760153][ T7735] ? x64_sys_call+0x96b/0x3b50 [ 494.765065][ T7735] ? do_syscall_64+0xcf/0x1e0 [ 494.769893][ T7735] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 494.776146][ T7735] ? kmsan_get_metadata+0x146/0x1d0 [ 494.781483][ T7735] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 494.787425][ T7735] ? bpf_bprintf_prepare+0x193/0x23c0 [ 494.792963][ T7735] ? filter_irq_stacks+0x60/0x1a0 [ 494.798148][ T7735] ? kmsan_get_metadata+0x146/0x1d0 [ 494.803476][ T7735] ? kmsan_get_metadata+0x146/0x1d0 [ 494.808810][ T7735] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 494.814748][ T7735] __msan_warning+0x95/0x120 [ 494.819452][ T7735] strnchr+0x90/0xd0 [ 494.823497][ T7735] bpf_bprintf_prepare+0x1c2/0x23c0 [ 494.828860][ T7735] ? kmsan_get_metadata+0x146/0x1d0 [ 494.834193][ T7735] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 494.840615][ T7735] ? __msan_memcpy+0x108/0x1c0 [ 494.845538][ T7735] bpf_trace_printk+0xec/0x3e0 [ 494.850448][ T7735] ? __bpf_prog_run32+0x5c/0xe0 [ 494.855432][ T7735] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 494.861387][ T7735] ___bpf_prog_run+0x13fe/0xe0f0 [ 494.866458][ T7735] ? kmsan_get_metadata+0x146/0x1d0 [ 494.871800][ T7735] __bpf_prog_run32+0xb2/0xe0 [ 494.876619][ T7735] ? __pfx___bpf_prog_run32+0x10/0x10 [ 494.882124][ T7735] bpf_trace_run2+0x116/0x300 [ 494.886932][ T7735] ? kmsan_get_metadata+0x146/0x1d0 [ 494.892262][ T7735] __bpf_trace_tlb_flush+0x2c/0x40 [ 494.897521][ T7735] switch_mm_irqs_off+0x9d2/0x1010 [ 494.902775][ T7735] __text_poke+0xb4e/0xfb0 [ 494.907336][ T7735] ? __pfx_text_poke_memcpy+0x10/0x10 [ 494.912862][ T7735] ? switch_mm_irqs_off+0x920/0x1010 [ 494.918302][ T7735] ? switch_mm_irqs_off+0x920/0x1010 [ 494.923718][ T7735] text_poke_bp_batch+0x17f/0x960 [ 494.928893][ T7735] ? kmsan_get_metadata+0x146/0x1d0 [ 494.934215][ T7735] ? kmsan_get_metadata+0x146/0x1d0 [ 494.939542][ T7735] ? kmsan_get_shadow_origin_ptr+0x16/0xb0 [ 494.945486][ T7735] text_poke_finish+0x7d/0xd0 [ 494.950312][ T7735] arch_jump_label_transform_apply+0x23/0x40 [ 494.956423][ T7735] __jump_label_update+0x6af/0x6d0 [ 494.961715][ T7735] jump_label_update+0x6a0/0x7a0 [ 494.966803][ T7735] ? kmsan_report+0x2a0/0x2e0 [ 494.971601][ T7735] static_key_enable_cpuslocked+0x229/0x260 [ 494.977670][ T7735] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 494.983617][ T7735] static_key_enable+0x23/0x30 [ 494.988523][ T7735] ? __SCT__tp_func_exit_mmap+0x8/0x8 [ 494.994014][ T7735] tracepoint_add_func+0x1084/0x1280 [ 494.999464][ T7735] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 495.005881][ T7735] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 495.011829][ T7735] tracepoint_probe_register_prio_may_exist+0xa8/0xf0 [ 495.018761][ T7735] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 495.024711][ T7735] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 495.030656][ T7735] bpf_probe_register+0x201/0x250 [ 495.035824][ T7735] bpf_raw_tp_link_attach+0x627/0x8a0 [ 495.041360][ T7735] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 495.047596][ T7735] ? kmsan_get_metadata+0x146/0x1d0 [ 495.052927][ T7735] bpf_raw_tracepoint_open+0x485/0x8a0 [ 495.058540][ T7735] __sys_bpf+0x5a6/0xd90 [ 495.062939][ T7735] __x64_sys_bpf+0xa0/0xe0 [ 495.067480][ T7735] x64_sys_call+0x96b/0x3b50 [ 495.072249][ T7735] do_syscall_64+0xcf/0x1e0 [ 495.076900][ T7735] ? clear_bhb_loop+0x25/0x80 [ 495.081736][ T7735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 495.087819][ T7735] RIP: 0033:0x7fd6fbe7cee9 [ 495.092346][ T7735] Code: Unable to access opcode bytes at 0x7fd6fbe7cebf. [ 495.099443][ T7735] RSP: 002b:00007fd6fcb3d0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 495.107983][ T7735] RAX: ffffffffffffffda RBX: 00007fd6fbfb4070 RCX: 00007fd6fbe7cee9 [ 495.116062][ T7735] RDX: 0000000000000010 RSI: 0000000020000080 RDI: 0000000000000011 [ 495.124127][ T7735] RBP: 00007fd6fbec947f R08: 0000000000000000 R09: 0000000000000000 [ 495.132201][ T7735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 495.140277][ T7735] R13: 000000000000006e R14: 00007fd6fbfb4070 R15: 00007ffed214bdc8 [ 495.148394][ T7735] [ 496.518203][ T7735] Shutting down cpus with NMI [ 496.523200][ T7735] Kernel Offset: disabled [ 496.527589][ T7735] Rebooting in 86400 seconds..