last executing test programs: 2m33.51134832s ago: executing program 3 (id=75): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000180)=ANY=[@ANYBLOB="480100001000010000000000000000000000000000000000000000000000000000000000f8ff0000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000003200000000000000000000000000000000000000000000000000000000000000000000000000001eb900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000004c00120073657169762863636d28626c6f77666973682d61736d29290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000c0008"], 0x148}}, 0x0) 2m33.256926125s ago: executing program 3 (id=79): r0 = socket$caif_seqpacket(0x25, 0x5, 0x2) setsockopt$CAIFSO_LINK_SELECT(r0, 0x116, 0x7f, &(0x7f0000000100)=0x78, 0x4) connect$caif(r0, &(0x7f0000000140)=@rfm={0x25, 0x6f9, "40fb70d7d74702f97aba3d574422aa2b"}, 0x18) 2m33.019002108s ago: executing program 3 (id=84): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x8004}, 0x4) syz_emit_ethernet(0x4a, &(0x7f0000000b40)={@multicast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "010020", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x8000, 0xfffd, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 2m32.873949447s ago: executing program 3 (id=86): syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0xcc04, &(0x7f0000000200)=ANY=[], 0x1, 0x226, &(0x7f0000000300)="$eJzs3UFqE2EUAOA3bdok4qI7QRBGXOiqqCeoSAUxIFSyUNwUzKqzajZJN+0xvIKX8RQeQLrqQhmpM9OkSRrTmiZEv2/T13n/m/z//GQym7zkUfh273M0Gkms7cROnCWxFWtROYlRtbEjAMDqOMvz+J4Xrl/tOQAAVtEMn/8/FzwlAOCWvXv/4c2LVmt3L00bEacnvXavXfwt8q9et3afpr9tDapOe732+kX+WTr67HCe34g7Zf55UZ9epDcjor0ZTx4V+fPcy7et9HJ9PT5NmXdzTusHAAAAAAAAAAAAAAAAAAAAAIBleBBpZWJ/n+3t0XyzzBf/DfUHGunfU4v7VXvgQXug/HgRiwIAAAAAAAAAAAAAAAAAAIAV0+0fHexnWedwENQj4uLIVtapTRhzdZCUJ55p8ExBMqfzTAzW4mblzXKZWdb5+uN65Ul5if5y8h+Ht2k8aE7e3FmCqN3iBV9IkM7rhPVqm8dTzUimlOf5eXD5XRBlULXFiKvKNyNi+sQe7910XWd5nmdfHh52+5FPHTy4R9QXdTMCAAAAAAAAAAAAAAAAAID/3NC3vsc01pcxIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYvG7/qPqV/6OD/SzrHHb7MwfHEXE3/ji4eq2NaCxvoQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzTfgUAAP//jasagQ==") mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f0000000080)=ANY=[@ANYBLOB='nr_inodes=E']) mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x3440e2, &(0x7f0000000000)={[{@nr_inodes={'nr_inodes', 0x3d, [0x35]}}, {@size={'size', 0x3d, [0x74]}}]}) 2m32.533612947s ago: executing program 3 (id=90): r0 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e80)=@newlink={0x40, 0x10, 0x401, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x401c0}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r1}]}, 0x40}}, 0x24000840) 2m32.062219605s ago: executing program 3 (id=98): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./bus\x00', 0x0, &(0x7f0000000080)={[{@errors_remount}, {@resuid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@noblock_validity}]}, 0x3, 0x488, &(0x7f0000001340)="$eJzs3M1vFOUfAPDvTLuF/oBfq+ILL2oVjQ1qSwGVgwc1mnjAxEQPGk9NWwhSqKE1EUIUjMGTMSbejUf/BU96MUYvJl71bkiI6QXw4prZnWl3l90tLbtdYD+fZOB55qXP99uZZ/eZeXYbQN8ay/5JIrZHxB8RMVKt1u8wVv3v2vL5mevL52eSKJff+jup7Hd1+fxMsWtx3La8Mp5GpJ8lsadJu4tnz52cnp+fO5PXJ5dOfTC5ePbcsydOTR+fOz53+uCRI4cPTb3w/MHnmgc+tL48s5iu7v54Ye+u19/96o2jX9Tl35BHh4y12/hkudzh5nprR005GexhIKzLQERkp6tU6f8jMRCrJ28kXvu0p8EBXVUul8vbWm++UG6QNq4A7mBJ1Ndv6PLAXap4o8/uf4ulcRDwUveGHz135eXqDVCW97V8qW4ZjDTfp9Rwf9tJYxHxzoV/vsmW6M5zCACAOj9k459nmo3/0nigZr//53NDoxFxT0TcGxH3RcTOiLg/orLvgxHxUOXIWBk7raVxkuTG8U96+ZYSXEM2/nsxn9sazsZ/pZV2i8LoQF7bUcm/lBw7MT93IP+djEdpS1afatPGj6/+/mWrbbXjv2zJ4ijGgnkclwe31B8zO700vfGM6125GLF7sMi1dvybrMwEJBGxKyJ2b7CNE/u/29tq29r5t9GBeabytxFPVc//hViuz7+QtJ+fnNwa83MHJour4ka//HbpzVbtV/Lfv8H8OyA7///Lr/9rzfMfTWrnaxfX38alPz9veU+z0et/KHm7Ui6mgT+aXlo6MxUxlBytBl27/uDqsUW92D/Lf3xfs/zTymtc8ZvYExHZRfxwRDwSEY/msT8WEY9HxL42+f/8yhPvN92Q3uL13wFZ/rPrOv+rhaFoXNO8MHDyp+/rGh1dLeb5X29//g9XSuP5mpt5/buZuDZ2NQMAAMCdJ42I7ZGkEyvlNJ2YqH5efmdEOr+wuPT0sYUPT89WvyMwGqW0eNI1UvM8dCq/ra/WL0ZE9aMFxfZD+XPjrweGK/WJmYX52V4nD31uW4v+n/lroNfRAV3n+1rQv/R/6F/N+v/WHsQBbD7v/9C/mvT/4V7EAWy+Zu//n7Q/5N9uxQJsrob+b9oP+sj67/9/fa8rgQCbrmX/v5v/8g9Q4fk/9KXF4Vj7S/JtC8VP2uDht0shiYiO/sAo3RZ53XqhnDQ9uZFmhdLtEKFCFwq9fV0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADolP8CAAD//3fv18M=") r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000880)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x5, 0x900, 0xffffffffffffffff, 0x0, 0xa}, {0xffffffff, 0x4, 0x9, 0xa}]}) 2m31.880128505s ago: executing program 32 (id=98): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./bus\x00', 0x0, &(0x7f0000000080)={[{@errors_remount}, {@resuid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@noblock_validity}]}, 0x3, 0x488, &(0x7f0000001340)="$eJzs3M1vFOUfAPDvTLuF/oBfq+ILL2oVjQ1qSwGVgwc1mnjAxEQPGk9NWwhSqKE1EUIUjMGTMSbejUf/BU96MUYvJl71bkiI6QXw4prZnWl3l90tLbtdYD+fZOB55qXP99uZZ/eZeXYbQN8ay/5JIrZHxB8RMVKt1u8wVv3v2vL5mevL52eSKJff+jup7Hd1+fxMsWtx3La8Mp5GpJ8lsadJu4tnz52cnp+fO5PXJ5dOfTC5ePbcsydOTR+fOz53+uCRI4cPTb3w/MHnmgc+tL48s5iu7v54Ye+u19/96o2jX9Tl35BHh4y12/hkudzh5nprR005GexhIKzLQERkp6tU6f8jMRCrJ28kXvu0p8EBXVUul8vbWm++UG6QNq4A7mBJ1Ndv6PLAXap4o8/uf4ulcRDwUveGHz135eXqDVCW97V8qW4ZjDTfp9Rwf9tJYxHxzoV/vsmW6M5zCACAOj9k459nmo3/0nigZr//53NDoxFxT0TcGxH3RcTOiLg/orLvgxHxUOXIWBk7raVxkuTG8U96+ZYSXEM2/nsxn9sazsZ/pZV2i8LoQF7bUcm/lBw7MT93IP+djEdpS1afatPGj6/+/mWrbbXjv2zJ4ijGgnkclwe31B8zO700vfGM6125GLF7sMi1dvybrMwEJBGxKyJ2b7CNE/u/29tq29r5t9GBeabytxFPVc//hViuz7+QtJ+fnNwa83MHJour4ka//HbpzVbtV/Lfv8H8OyA7///Lr/9rzfMfTWrnaxfX38alPz9veU+z0et/KHm7Ui6mgT+aXlo6MxUxlBytBl27/uDqsUW92D/Lf3xfs/zTymtc8ZvYExHZRfxwRDwSEY/msT8WEY9HxL42+f/8yhPvN92Q3uL13wFZ/rPrOv+rhaFoXNO8MHDyp+/rGh1dLeb5X29//g9XSuP5mpt5/buZuDZ2NQMAAMCdJ42I7ZGkEyvlNJ2YqH5efmdEOr+wuPT0sYUPT89WvyMwGqW0eNI1UvM8dCq/ra/WL0ZE9aMFxfZD+XPjrweGK/WJmYX52V4nD31uW4v+n/lroNfRAV3n+1rQv/R/6F/N+v/WHsQBbD7v/9C/mvT/4V7EAWy+Zu//n7Q/5N9uxQJsrob+b9oP+sj67/9/fa8rgQCbrmX/v5v/8g9Q4fk/9KXF4Vj7S/JtC8VP2uDht0shiYiO/sAo3RZ53XqhnDQ9uZFmhdLtEKFCFwq9fV0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADolP8CAAD//3fv18M=") r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000880)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0x5, 0x900, 0xffffffffffffffff, 0x0, 0xa}, {0xffffffff, 0x4, 0x9, 0xa}]}) 2m22.069554029s ago: executing program 4 (id=169): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, &(0x7f00000004c0)="04", 0x1, 0xd1, 0x0, 0x0) recvfrom$unix(r1, 0x0, 0x0, 0x41, 0x0, 0x0) 2m21.88211726s ago: executing program 4 (id=170): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x1000004, 0x32, 0x0, 0xffffd000) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_udp_int(r0, 0x11, 0x67, 0x0, &(0x7f0000000000)) 2m21.640749664s ago: executing program 4 (id=173): landlock_create_ruleset(0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_usb_connect$uac1(0x69a90eab3db9c902, 0xa6, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x94, 0x3, 0x1, 0x5, 0xa0, 0x9, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xfff7, 0x7}, [@output_terminal={0x9, 0x24, 0x3, 0x3, 0x300, 0x3, 0x3, 0xb}, @selector_unit={0x5, 0x24, 0x5, 0x6, 0x2}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0x9, 0x24, 0x2, 0x1, 0x82, 0x4, 0x9, 0x10, "", "ca"}, @format_type_i_discrete={0xc, 0x24, 0x2, 0x1, 0x9, 0x4, 0x7, 0x6, "f7e04239"}]}, {{0x9, 0x5, 0x1, 0x9, 0x400, 0xff, 0xc8, 0x3, {0x7, 0x25, 0x1, 0x0, 0x4, 0x5}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xb, 0x24, 0x2, 0x1, 0x6, 0x1, 0x8, 0x1, "3a3882"}, @as_header={0x7, 0x24, 0x1, 0x1, 0xc0, 0x5}]}, {{0x9, 0x5, 0x82, 0x9, 0x50, 0x5, 0x8, 0x41, {0x7, 0x25, 0x1, 0x82, 0xfe, 0x7}}}}}}}]}}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}) 2m19.330659179s ago: executing program 4 (id=184): syz_mount_image$squashfs(&(0x7f00000000c0), &(0x7f0000000100)='./file2\x00', 0x210014, &(0x7f0000000040)=ANY=[], 0x5, 0x1c4, &(0x7f00000002c0)="$eJzsVc1u00AQ/tbexDEHxBWExAEEySGJY36ucEJ5AB6AKDEhwhEQR4JEHMwp74GQ8hocUF+hh1a9pIeqUg/ttapc7e74L4mU/ihNDvtJ9nzz7axn1mvPfg6+BxaACwNtvIOEifvYYwwcwBOmtPeWssdFZWvkH3FlK6T/IbtPNhiNv7R83xssJVEZyCsm5pXVJGZVXGtaSqwrBttqTbhBivUTtmQovNtSdywsbEEIYCvez+YJfT3ID8HYaGF2VjFW/rHrJYznFOu2D0zdt78NnMhetnv6qy3IRwBRFEVC66iLZWNEJ/qvYuR//4jLi5mIkhjR/ITzAsD53/63ejAaV3v9Vtfresx1X75xXjnOa7f+qed7jrqzTAqDPghhKwAsydPxAoADarD3sIi4fBpn9lz5McpPU84oXzw3IsLwL5lLvR3iGR/wHCUAP0J1Eti5CuSSmmAwwaXT4Jk8am0lOVBrf/U7EzAwinSm4DDiaTMUEsdNHJ5LNgEeitKekd8kOyU7E7diembFZxEXPQiH5JVDEfSzNRwOGkJSTGpxzUpzH4TIbJDIelbML+6xtWRXNDQ0NDQ0NDS2GpcBAAD//z7uSuY=") syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) link(&(0x7f00000000c0)='./file1\x00', 0x0) 2m18.749684693s ago: executing program 4 (id=192): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078008001240000000000500140008000000050005000a000000050001000600000011000300686173683a6970"], 0x60}}, 0x0) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x28, 0x4, 0x6, 0x3, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x40) 2m18.030423225s ago: executing program 4 (id=201): r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020) writev(r0, &(0x7f00000022c0)=[{&(0x7f0000002080)='T01\n', 0x4}, {&(0x7f0000002100)="fab1", 0x2}], 0x2) 2m17.878500384s ago: executing program 33 (id=201): r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020) writev(r0, &(0x7f00000022c0)=[{&(0x7f0000002080)='T01\n', 0x4}, {&(0x7f0000002100)="fab1", 0x2}], 0x2) 3.483154947s ago: executing program 5 (id=1820): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@msize={'msize', 0x3d, 0x20590e85}}, {@noextend}]}}) 2.555880871s ago: executing program 5 (id=1835): r0 = socket$inet6(0xa, 0x3, 0x88) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000980)={{{@in6=@empty, @in=@local, 0xee24, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0x87}, {0x0, 0x200000004, 0x40000000007, 0x20000a0e2, 0x100000000, 0x0, 0x200000003, 0x9}, {0x5}, 0x5, 0x0, 0x1, 0x0, 0x5, 0x3}, {{@in=@broadcast, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x3502, 0x3, 0x8, 0x0, 0x9075, 0x800, 0xc5e}}, 0xe8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x8}}, 0x7}, 0x1c) 2.442881988s ago: executing program 5 (id=1837): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@mpls_getroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, 0x1c}}, 0x0) 2.193263362s ago: executing program 5 (id=1841): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560aff820fffff5bab003a0000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c100000000000224e0000", 0x58}], 0x1) 1.940810107s ago: executing program 0 (id=1845): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000003000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f00000003c0)="7993ff01190000e5ffa53b00008f", 0x0, 0x400, 0x503, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff80fe}, 0x59) 1.88642909s ago: executing program 5 (id=1846): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x88440) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"}) ioctl$EVIOCSABS20(r0, 0x401845e0, 0x0) 1.258254827s ago: executing program 0 (id=1856): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088018000c8014000b"], 0x44}}, 0x20000810) 1.242378238s ago: executing program 6 (id=1857): unshare(0x2c020400) r0 = socket$l2tp6(0xa, 0x2, 0x73) connect$l2tp6(r0, &(0x7f0000000180)={0xa, 0x0, 0xffffffff, @mcast1, 0x6, 0x4}, 0x20) 1.107837176s ago: executing program 6 (id=1859): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x51, 0x4) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000001940), &(0x7f0000001980)=0x4) 1.095226626s ago: executing program 0 (id=1860): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96", 0xb, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) 978.540803ms ago: executing program 0 (id=1863): r0 = socket(0x1, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, @dev, @dev, 0x0, 0x0, 0x0, 0x200}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000300)={'syztnl1\x00', &(0x7f0000000280)={'syztnl2\x00', r1, 0x29, 0x0, 0x7, 0x3, 0x13, @dev={0xfe, 0x80, '\x00', 0x30}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20, 0x80, 0x6, 0x3}}) 957.016034ms ago: executing program 6 (id=1864): syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='umask=00000000000000000000000,decompose,nls=cp737,uid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f626172726965722c626172726965722c0086fb43a23b6008456d6a9910153cdb3531061926aeb6b32889f50c0a517181cd62fac0eeb6d1b4109c2ee77b2da377c812ff150786620ceda50f1707824f4a1bbe30530ea0caa76f6492494059e756bc99f5ca376910be8a061482ca49e4d32377e741850bc738781b58f2c499b21a8bf864d1"], 0x20, 0x6de, &(0x7f0000000840)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsZ3Esds4abvPR3p+v+f3+/N9X//es/3SygF8ai28FROtSGLh/Jub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJJxFXorPEZ9Mn8+6S/cZ54+HHH5y7/1Gjs1XJl6x+aVC7He0BI7TyJWYiopyvR1TZr79re/R3b6Suk+2404SdLRIHx629S2uU5kOct8DT7l5EeWKP5+sRJyJiKv8cEPnVoXTE4R26ka5yAAAA8HQqH1ThxUfxKDZj+mjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdD0vnNwCRfSkV5JpL89/+/n1fLVKvHG+4BvnzA/vdvHFEgAAAAAAAAAHD4JnaKZx7Fo9iM6WK7nWR/838t2ziZPb4Q78Z6LMVaXIjNWIyN2Ii1mIuYmO7qs7q5uLGxNre75W8ibdlut+/lLecjor6r5fyYjxkAAAAAAAAAnm8/jYWYPu4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgWxJR7qyy5WRRrkepEhFTEVFN67Ui/lKUn2V/Pe4AAAAAYPxq+Xo6+V+n0E6y7/yvZN/7p+LdWI2NWI6NaMZSXM/uBXS+9Zf+2Wo0H2w1VtJld8ff+vdIcWQ9RkQ53ttn5NmsxqntFgvx3fhBnI+ZuBprsRw/isXYiKWYiVp6ELEYSdRrnbsX9SLO3njLeVdXekK52h/bmb7t01kktbgRy1lsF+JateitlNVI4nTXaH+qRvRl6L00O8k3c0Pm6HrX6/Xr/L5Mrv3ikH2MRz078ontjMymuc+z8dLeuS+MOE/6R5qL0vY9qJM7o6Sb/SMVOf/hKDk/ka/TXP+iN+eHbcRbaf2ZmI9SPvsiXunN+e0v3H+5t/GX/vW3qzdLq7du3lg/P8ZDGquJotCfiUZXJl4dPPvyTDTTTLSGz8RE/xNTT3Ach6iaZ6NzYRvuavmdrLQYr3VNwXfieizFpZiNubgcs/H1mI9Gzww71ZPXSmOlNyfZuVbafX2rDQj+7Be7Kv3ygMpHK83LS1157b7S1bN9+TNXfhWzXVl6efDse5x3gcrn8kI6xs+233GeBj2ZyK/NRXTFG9Q+mfhtO31cb67eWru5eHvI8c7l6/S0fb/32vy7Jz6YJ5LOl/SKW8m2spzUivmS7vvMdrS9+armf3HptCvt2ndqe189pmM5vrfvmVrNP8Pt7qmz79U99zWyfae79vV8yol3opl9CukzczRZBWBoJ14/Ua09rP2j9mHt57WbtTenvj15efLz1Zj4e+XP5T+Ufl/6RvJ6fBg/ienjjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4H63fu3lpsNpfWxlioPuZYUTqwztYLw3UY9YjBYyV5oTrubDwFhf9MDcxGLcY0+h8jYkCd6hMPkYx/PqcT+VA6LH44LXumXR6heaVotXedSqxP7fcKTu687lG/tdj8b7unTi26ThngOXdxY+X2xfU7d7+yvLL49tLbS6vzly9dvtT42txXL95Ybi7Ndh6PO0pgHNbv3C0fdwwAAAAAAAAAAADAaPJ//b/x2P+ZoXJAnera+t4jnznqQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeUQtvxUQrkpibvTCbbj/YajTTpSjv1KxERCkikh9HJJ9EXInOEvWu7pL9xnnj4ccfnLv/UWOnr0pRvzSo3XBa+RIzEVHO1web3KOb3f1d6+qv9VjhJdtHmCbsbJE4OG7/DwAA//9tSfWT") mount$nfs(&(0x7f0000000080)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbb\x81\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000180)='./file0\x00', 0x0, 0x12110cc, 0x0) mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0) 835.963921ms ago: executing program 2 (id=1867): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000000)='./bus\x00', 0x8081, &(0x7f00000008c0)={[{}, {@type={'type', 0x3d, "0b4fb860"}}, {@force}, {@uid}, {@force}, {@creator={'creator', 0x3d, "f5e298ff"}}, {@nls={'nls', 0x3d, 'macturkish'}}, {@part={'part', 0x3d, 0x6}}, {@type={'type', 0x3d, "928fff1b"}}]}, 0x3d, 0x6e8, &(0x7f00000001c0)="$eJzs3U1sHGcZAOB31uu1N5XcbZu0BSHFakQEDSS2l5IgIREqhHyoUCQuvZrEaays3cjeIidCZAsUjnBCOfRQhMyhJ9QDUhEHRDkjIXFFuUfiHnFg0czO2Ptjr3cT/yTp80jj+Wbm+3nn9czn3dlEG8Dn1uLbMdmKJBbPvbWZbt/fqjfub9VXi3JETEVEKaLcWUWyFpF8FnE5Okt8Id2Zd5fsNc4bDz798Oy9j+udrXK+ZPVLw9rtaA8ZoZUvMRsRE/l6TOW9+rsabw70d3esrpNqEXeasDNF4uC4tQe0xmk+wn0LPOnuRkxM7rK/FnEiIqbz1wGRzw6lIw7vwI01ywEAAMCTaWK/Cs8/jIexGTNHEw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8G5LOdwYm+VIqyrORFN//X8n3pSqVY453uK/tc/yD60cUCAAAAAAAAAAcik/yD+5PP4yHsRkzxf52kn3m/1q2cTL7+Vy8FxuxHOtxPjZjKZrRjPWYj5ic6eqwsrnUbK7PD7b8baQt2+323bzlQkTUBlouHMFJAwAAAAAAAMCz62exGDPHHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRLIiY6q2w5WZRrUSpHxHREVNJ6rYi/FOWn2V+POwAAAAA4fNV8PZP8r1NoJ9l7/pez9/3T8V6sRTNWohmNWI5r2bOAzrv+0j9b9cb9rfpqugx2/N3/jBVH1mNETMT7e4w8l9U4td1iMb4fP4xzMRtXYj1W4sexFM1YjtmopicRS5FErdp5elEr4tw93ss9W1f6Yzvdt/1qFkk1rsdKFtv5uFqJzmOT7BzSMV/tGu1PlYi+Ed9Ps5N8Jzdijq51/b5+kz+XybWfH7GPw1HLznxyOyNzae7zbLwwPPdjXif9I81HafsZ1MmdUdLN/pGKnP9onJyfyNdprn/Zm/ODNuajtP5MLEQpv/oiXu7N+a0v33uxt/FX//W3KzdKazdvXN84d4in9Dhm96swWRT6M1HvysQrw6++PBONNBOt0TMx2b9jetSWh6uSZyObikacLb+XlZbita5L8N24FstxMeZiPi7FXHwrFqLec4Wd6slrub7am5PsXisNzm/VIcGf+UpXpV/tU/lopXl5oSuv3TNdLTuW77n865jrytKLw6++sf8KpON/MS+nY/x8+y/Ok6AnE/ncXET30vBM/K6d/txorN1cv7F0a8Txzubr9Lb9oHdu/v1BnM+jS6+XdMYtZ1tZTqrF9ZIee2k72t58VfJPXDrtSgPHTm0fq8VMrMQP9rxTK/lruMGeOsde6T72752Zs5K/vimO9bzKiXejkb0K6bPvVA3AETvx+olK9UH1H9WPqr+o3qi+Nf3m1KWpL1Vi8u/lP0/8sfSH0reT1+Oj+GnMHHekAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwLNi4fefmUqOxvL5diOn+PY9bqOw51vBClPats/XcaB1GLWL4WEleqBzsuT+NhWocUs+fRMSQOpXHHiIZ+xobu5BeyAfSYfHFadme9sQYzctFq93rlGNjeq/f4NTOXRC1m0uN/7Z76lSj65YBnnEXmqu3LmzcvvP1ldWld5bfWV5buHTx0sX6N+e/ceH6SmN5rvPzuKMEDsPG7TsTxx0DAAAAAAAAAAAAMJ78X/83H/k/M5T3qVNZ39h95NNHfaoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAU2rx7ZhsRRLzc+fn0u37W/VGuhTlnZrliChFRPKTiOSziMvRWaLW1V2y1zhvPPj0w7P3Pq7v9FUu6peGtRtNK19iNiIm8vX+pnbpZrC/q139tR4pvGT7DNOEnSkSB8ft/wEAAP//SE75+g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000001280)=""/4089, 0xff9) 820.877893ms ago: executing program 0 (id=1868): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000000)="d2ff03076003f1a6b89e08f09900", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 718.308418ms ago: executing program 1 (id=1869): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f0000000300)=0x208) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000180), 0x4) 715.667618ms ago: executing program 6 (id=1870): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x6, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"}) 711.014529ms ago: executing program 5 (id=1871): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2) r1 = socket$caif_stream(0x25, 0x1, 0x5) mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 597.252855ms ago: executing program 1 (id=1872): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) socket(0x2a, 0x2, 0x0) clock_adjtime(0xffffffd3, &(0x7f0000000000)={0x10000, 0x6, 0x2, 0x0, 0x7, 0xb, 0x651, 0xfffffffffffffff9, 0xe809, 0x1, 0x3, 0x0, 0x200, 0x2, 0x4, 0xcc0, 0x100000000000001, 0x1, 0x94d6, 0x400, 0x0, 0x80d, 0x0, 0xfffffffffffffffa, 0x3, 0x2000000000004}) 521.86545ms ago: executing program 2 (id=1873): capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) r0 = socket$netlink(0x10, 0x3, 0x4) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, 0x0, 0x0) 467.220653ms ago: executing program 1 (id=1874): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000240)={0x14, r1, 0x303, 0x0, 0x0, {0x13}}, 0x14}}, 0x0) 431.116546ms ago: executing program 2 (id=1875): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x2c0, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@unspec=@helper={{0x48}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x320) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)={0x0}) 392.267468ms ago: executing program 6 (id=1876): r0 = socket$inet(0x2, 0x3, 0x9) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 313.816143ms ago: executing program 1 (id=1877): r0 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x20000000) 300.179593ms ago: executing program 2 (id=1878): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_WOL_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfd}, 0x14}}, 0x4000010) 227.617427ms ago: executing program 2 (id=1879): r0 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x20080) syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000180)='./bus\x00', 0x1, &(0x7f0000000040)=ANY=[], 0xfd, 0x1fe, &(0x7f0000000580)="$eJzsmL2O00AQx/+7/kjuBEg0FDQgcRKHdOfYDqBrKI4XAOmOj3RExKCASZDjIomEIKKh4TF4BYpUKejoaKEAJCQKUiJKo/Vu7CVfioFAcfOTsv57drwzO/JOJIMgiCPL50/fP768une4A+CYtYWSsn81ch+u+X8oK/H+1ZvWiSfD6fWEL5NytGoOo30DsdJJkiT63Ja6HoJn+gY4Lih9CwyO0nfAcTOPj9pxeX0AhpqytTeUCAPnbjts3GuGgSsGTwy+GKp6fBPAeMDQAFBW+TFtvtPrP6yHYRClgucWK5nEiX71KS6W1c4EzPE+xxWtfiKL2y+eD8T9pDauVj8PHJ7SVTAcKL2HEhzHEa+ALIm2/9Nmvr6xcP+ZaPwAiu//mvXnxRLChhQnd5c57/yVWL8pbAD/MKg4lys5J5KnU1OD/1aoNQimWTaEEAc6s5waD9/OPvVlnYmdXe+WoXr2zNS7zdySndcCK9vqmbk+ef8ULfe81p9MmFn/qMSPHlc6vf5uUyR5P2j5fvWye9F1L/mVtDfLcUn/K6f9aVNb31rgazMb3XocR14XiCMvu/flqHXcg9ftb+kzPO1/HNvn5BriVUm3XZofg6mf/B8UattYmDxBEARBEARBEARBEARBEEQhzoBBfcVn8oMonsmZRMe/ntp+BgAA//+K8U+o") ioctl$EVIOCGLED(r0, 0x80284504, &(0x7f0000000000)=""/56) 196.376829ms ago: executing program 0 (id=1880): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey72WYTYzadmP18YHafZ+bZnee7z7w8+zy7AXStoewhidgREb9GxEAju7jAUOPp+tXzkzeunp9MYmHhtT+SvNy1q+cny6Ll67YXmeE0Iv0wKXay2OzZcycn6vXamSI/OnfqrdHZs+eeeOfUxInaidrp8SNHDh8ae/qp8Sc7EmcW17V978/s3/viG5denjx26c0fv87qu6PY3hxHpwxlgf+5kGvd9mind1axnU3ppLfCirAqPRGRNVdffv4PRE/caryBeOGDSisHrKvs3rSl/eb5BWATS6LqGgDVKG/02fffcrlDXY8N4cqzjS9AWdzXi6WxpTfSokxfy/fbThqKiGPzf32eLbFO4xAAAM0+nvzsaH9EvHfjq5eyvsdARJTjQffkj7/lj7uKOZTBiPh/ROyOiLsiYk9E3F2UvTci7ltjfW7v/6SX1/iWy8r6f88Uc1uL+39l7y8Ge4rczjz+vuT4dL12sPhMhqNvS5YfW2Yf3z7/yyfttjX3/7Il23/ZFyzqcbm3ZYBuamJuIu+UdsCVixH7epeKP7k5E5BExN6I2Le6t95VJqYf+3J/u0Irx7+MDswzLXyRhTefxT8fLfGXkub5yenb5idHt0a9dnC0PCpu99PPH73abv9rir8DrtQaz03t31pkMGmer53t7P7/5fGf9iev5/PM/cW6dyfm5s6MRfQnR/P8ovXjt15b5svy2fE/fGDp83938Zos/vsjIjuIH4iIByPioaLuD0fEIxFxYJkYf3hu5fgjraj9L0ZMLXn9u3n8t7T/6hM9J7//pt3+/1n7H85Tw8Wa/Pq3gqWqk10uWiu4ls8OAAAA/ivS/DfwSTpyM52mIyON3/Dvif+l9ZnZucePz7x9eqrxW/nB6EvLka6BYjy0Pl2vjSXzxTs2xkfHi7Hicrz0UDFu/GnPtjw/MjlTn6o4duh229uc/5nfe6quHbDOti25drz/jlcEqEDrPHq6OHvhlXAxgM3K/7Whe61w/jf/DwbYZNz/oXstdf5faMmbC4DNyf0fupfzH7pU+l3VNQAq5P4PXWkt/+tfx8TWjVGNahIbtVHyRESZSDdEfSTWKVH1lQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/g4AAP//K2Lmiw==") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000000100000000000000040000000000000010000000000000002000"], 0x24, 0x0) setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f0000000040)={{}, {}, [], {}, [], {}, {0x20, 0x4}}, 0x24, 0x0) 152.877412ms ago: executing program 1 (id=1881): r0 = socket$nl_generic(0x10, 0x3, 0x10) setuid(0xee00) ioctl$FITHAW(r0, 0xc0045878) 133.737072ms ago: executing program 6 (id=1882): r0 = syz_usbip_server_init(0x4) syz_usb_connect(0x1, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c00712152230000000010902"], 0x0) write$usbip_server(r0, &(0x7f0000000040)=@ret_submit={{0x3, 0x1, 0x0, 0x1, 0x8}, 0xfff, 0x0, 0x34, 0x3, 0x1, 0x0, "", [{0x2, 0x5, 0x2, 0x5961}, {0x1, 0x7fffffff, 0x7, 0x8}, {0x6, 0x8, 0x1, 0x7fffffff}]}, 0x60) 17.6452ms ago: executing program 1 (id=1883): syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x200001, &(0x7f0000000300)={[{@usrquota}, {@barrier}, {@nogrpid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1000}}]}, 0x1, 0x511, &(0x7f0000000f80)="$eJzs3U9vI2cZAPBnJvGSdFOSAodSqaWiRdkK1k4a2kYc2iIhbpWKyn2JEieK4sRR7LSbqEKpEGckhKASJ05ckPgASKgfAVVaCe4IEAjBLhw4AINmPNlNjL1JWP9Zkt9Pej3vjD3zPK8dj2fmncwEcGU9HxFvRsRERLwUEbPl9LQscdQp+evu3X1/NS9JZNk7f0kiKadFUTt+jLhezjbVGfTUOjjcWmk06nvleK29vVtrHRze3Nxe2ahv1HeWlhZfXX5t+ZXlhYG0M2/X61/7ww+/99Ovv/7LL73321t/uvHtPN+Z8vlOOwav855U8vfivsmI2BtGsDGYKNtTGXciAACcS7799qmI+Hyx/T8bE8XWXMEmHQAAAFwS2Rsz8c8kIgMAAAAurTeKc2CTtFqe7zsTaVqtds7h/Uw8kTaarfYX15v7O2udc2XnopKubzbqC+U5tXNRSfLxxaL+YPzlrvGliHgqIn4wO12MV1ebjbVxH/wAAACAK+J61/7/32c7+/8AAADAJTM37gQAAACAoeu3/5+MOA8AAABgeP7X/v/vDjgPAAAAYCjefuutvGTH979ee/dgf6v57s21emurur2/Wl1t7u1WN5rNjeKafdtnLa/RbO5+OXb2b9fa9Va71jo4vLXd3N9p39o8dQtsAAAAYISe+txHv0ki4ugr00XJXcsfJvrM4FoBcGmkF3nx74eXBzB6/X7mz+3tweQBjN7kuBMAxudo3AkA43bqUh89NgpOnrxz6pjBr4aXEwAAMFjzn+3d/5/vAlTGnRwwVBfq/wculUfu/wf+b12w///jYeUBjF7FFgBceWfd6qPvxTvO3f+fZWcuCwAAGKqZoiRptewLnIk0rVYjniz+1b+SrG826gsR8cmI+PVs5RP5+GIxZ+L2gAAAAAAAAAAAAAAAAAAAAAAAAABwTlmWRAYAAABcahHpH5Py/l/zsy/OdB8fuJb8Y7YYRsR7P37nR7dX2u29xXz6X+9Pb39YTn95HEcwAAAAgG7H++nH+/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMEj37r6/elxGGffPX42IuV7xJ2OqGE5FJSKe+FsSkyfmSyJiYgDxjz6IiKd7xU/ytGKuzKI7fhoR06OJ/2yWZT3jXx9AfLjKPsrXP2/2+v6l8Xwx7P39nyzLo+q//kvvr/8m+qz/njxnjGfu/LzWN/4HEc9M9l7/HMdP+sR/odcCe7wp3/rm4WG/+NlPIuZ7/v4kp2LV2tu7tdbB4c3N7ZWN+kZ9Z2lp8dXl15ZfWV6orW826uVjzxjff/YX/+6a9K+so2h/9Ik/d0b7X8wrlZON6Q5TBrtz++6nO9VK1yKK+Dde6P35P/2Q+PnfxBfK34H8+fnj+lGnftJzP/v4uQdj1049l8df69P+sz7/Gz1b+99e+sZ3fnfOlwIAI9A6ONxaaTTqe0OvfJhl2ahi9amkMc7oV70y9XikcdHK9OORxkgrgziyBQAAPG4ebPSPOxMAAAAAAAAAAAAAAAAAAAC4uloHkQ77cmLdMY/G01QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIf6TwAAAP//dE/h8w==") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) fsync(r0) 0s ago: executing program 2 (id=1884): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x1000083, &(0x7f0000000900), 0x3, 0x4f0, &(0x7f0000000940)="$eJzs3VFrHFsdAPD/TLL3pr25bi6KXAvee7GV9HLtbnLjbYNIrSD6VFDre4zJJoRssiG7qU0omuKrIIio4JNPvgh+AEH6EUQo6LtoUURbfVDQjuzubNukO0lK0q5ufj84nXPmzMz/nEl3dmbnMBPAqfVORFyLiJGIeDciyvn8NE9z7cJud7mHD24vtFMSWXbjr0kk+bzettrl0Yh4rbtKjEXEV78U8Y3k2bjN7Z3V+Xq9tpmXq621jWpze+fSytr8cm25tj4zM3159srsB7NTWe5Y/TwXEVe/cP+H3/vZF6/+6lPf/P3cny9+q92sz3602+6IWDhWgALdbZc6+6KnvY82X0SwARjJ/96lQTcEAIAjaZ+/nY+IT3TO/8sx0jk7BQAAAIZJ9rnx+HcSkQEAAABDK42I8UjSSj7edzzStFLpjun8SJxN641m672lxtb6YrsuYiJK6dJKvTaVjxWeiFLSLk938k/K7+8rz0TEGxHxg/KZTrmy0KgvDvrHDwAAADglXnt77/X/P8ppJw8AAAAMmYnCAgAAADAsXPIDAADA8HP9DwAAAEPty9evt1PWe4/34s3trdXGzUuLteZqZW1robLQ2NyoLDcay51n9q0VbOa7vUy90dj4dKxv3aq2as1Wtbm9M7fW2Fpvza3seQU2AAAA8BK98fbd3yURsfuZM50U+XMAAfb446AbAJykkUE3ABiY0UE3ABiY0qFLjD7HssD/o+SQ+sLBO78++bYAAAAvxuTHnr3//0pe53ofhpuxPgBw+rj/D6dXyQhAOPUudCevFtUf//5/lj13owAAgBM13klJWsnvBY5HmlYqEa93XgtQSpZW6rWpiPhQRPy2XHq1XZ7urJkcOmYYAAAAAAAAAAAAAAAAAAAAAAAAAOjKsiQyAAAAYKhFpH9KOk/zj5gsXxjf//vAK8k/y3E/L/zkxo9uzbdam9Pt+X8rd+ojovXjfP77mVcCAAAAwP+A7nV6Pp0edGsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDYPH9xe6KWXGfcvn4+IiX7xR2OsMx2LUkSc/XsSo0+tl0TEyAnE370TEW8+HT97HOFRlmUTeSv6xT/zQuL3+p+0d0vsiz/WWy89gdhw2t1tH3+u9fv8pfFOZ9r/8z+ap+MqPv6lj49/IwXHn9ePGOPcvV9UC+PfiTg32v/404ufFMQ/f8T4X//azk5RXfbTiMm+3z/JnljV1tpGtbm9c2llbX65tlxbn5mZvjx7ZfaD2anq0kq9lv/bN8b3P/7LRwf1/2xB/IlD+n+hYJv/em9v+T/3bj34cDdb6hf/4vn+379vFsRP8+++T+b5dv1kL7/bzT/trZ//5q2D+r9Y0P/D/v4Xiza6z7tf+c4fjrgoAPASNLd3Vufr9drmAZmxIywjI3OcTPbt7v/H423nmKs/k8kGvVsGmBn0kQkAADhpT076B90SAAAAAAAAAAAAAAAAAAAAOL1O7JlhpeKq/TF3B9NVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAD/TcAAP//cwHfsw==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x80) ioctl$FITRIM(r0, 0xc0185879, &(0x7f00000001c0)={0x1d80000000000, 0x1632, 0x7}) kernel console output (not intermixed with test programs): c value [ 141.189802][ T6633] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 141.341652][ T6651] netlink: 16 bytes leftover after parsing attributes in process `syz.5.722'. [ 141.470981][ T6633] F2FS-fs (loop1): Start checkpoint disabled! [ 141.545773][ T4292] wacom 0003:056A:0018.0009: unbalanced collection at end of report description [ 141.565525][ T6633] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 141.573827][ T1325] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 141.588557][ T4292] wacom 0003:056A:0018.0009: parse failed [ 141.590233][ T6657] netlink: 12 bytes leftover after parsing attributes in process `syz.5.726'. [ 141.598933][ T4292] wacom: probe of 0003:056A:0018.0009 failed with error -22 [ 141.787291][ T4620] attempt to access beyond end of device [ 141.787291][ T4620] loop1: rw=2049, want=45104, limit=40427 [ 141.814100][ T4292] usb 3-1: USB disconnect, device number 4 [ 142.024839][ T1325] usb 1-1: config 0 interface 0 has no altsetting 0 [ 142.033931][ T1325] usb 1-1: New USB device found, idVendor=056e, idProduct=00fd, bcdDevice= 0.00 [ 142.075106][ T1325] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.109946][ T1325] usb 1-1: config 0 descriptor?? [ 142.224410][ T6671] loop1: detected capacity change from 0 to 4096 [ 142.285627][ T4253] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 142.336296][ T6671] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 142.418195][ T6671] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 142.448983][ T6681] loop2: detected capacity change from 0 to 512 [ 142.557394][ T6683] loop5: detected capacity change from 0 to 4096 [ 142.602423][ T6684] overlayfs: upper fs does not support tmpfile. [ 142.604172][ T1325] elecom 0003:056E:00FD.000A: hidraw0: USB HID vc8.20 Device [HID 056e:00fd] on usb-dummy_hcd.0-1/input0 [ 142.623026][ T6681] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 142.638585][ T6681] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.646841][ T6684] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 142.702614][ T6684] overlayfs: failed to verify origin (/, ino=5, err=-2) [ 142.717188][ T26] audit: type=1800 audit(1770635413.787:8): pid=6681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.738" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 142.728691][ T6684] overlayfs: failed to verify upper root origin [ 142.857121][ T1108] usb 1-1: USB disconnect, device number 8 [ 142.863062][ T6683] NILFS error (device loop5): nilfs_check_page: bad entry in directory #2: rec_len is smaller than minimal - offset=4096, inode=0, rec_len=0, name_len=0 [ 142.898425][ T6683] NILFS error (device loop5): nilfs_readdir: bad page in #2 [ 142.910120][ T4253] usb 7-1: New USB device found, idVendor=0830, idProduct=0080, bcdDevice=d5.70 [ 142.921069][ T6689] fido_id[6689]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 142.947500][ T4253] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.977919][ T4253] usb 7-1: Product: syz [ 143.004489][ T4253] usb 7-1: Manufacturer: syz [ 143.020357][ T4253] usb 7-1: SerialNumber: syz [ 143.052718][ T4253] usb 7-1: config 0 descriptor?? [ 143.122054][ T4253] kl5kusb105 7-1:0.0: KL5KUSB105D / PalmConnect converter detected [ 143.149121][ T4253] usb 7-1: KL5KUSB105D / PalmConnect converter now attached to ttyUSB0 [ 143.305374][ T6699] netlink: 'syz.5.742': attribute type 8 has an invalid length. [ 143.358256][ T21] usb 7-1: USB disconnect, device number 2 [ 143.386883][ T21] kl5kusb105d ttyUSB0: KL5KUSB105D / PalmConnect converter now disconnected from ttyUSB0 [ 143.459156][ T21] kl5kusb105 7-1:0.0: device disconnected [ 143.503789][ T6706] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 143.523547][ T6708] loop0: detected capacity change from 0 to 512 [ 143.536646][ T6711] loop1: detected capacity change from 0 to 128 [ 143.543492][ T6709] CUSE: unknown device info "" [ 143.553589][ T6709] CUSE: unknown device info "P]FO" [ 143.578651][ T6709] CUSE: DEVNAME unspecified [ 143.616137][ T6711] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 143.648646][ T6711] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.715121][ T6708] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,grpquota,. Quota mode: writeback. [ 143.831799][ T6708] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.008203][ T6726] process 'syz.5.753' launched '/dev/fd/3' with NULL argv: empty string added [ 144.389524][ T6744] netlink: 'syz.1.761': attribute type 3 has an invalid length. [ 144.552727][ T6749] netdevsim netdevsim6: Direct firmware load for ./file0/file1 failed with error -2 [ 144.602277][ T6749] netdevsim netdevsim6: Falling back to sysfs fallback for: ./file0/file1 [ 144.971514][ T6762] loop0: detected capacity change from 0 to 512 [ 145.149196][ T6762] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 145.213920][ T6762] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.272510][ T6772] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d) [ 145.582674][ T6785] FAT-fs (loop5): Directory bread(block 64) failed [ 145.622366][ T6785] FAT-fs (loop5): Directory bread(block 65) failed [ 145.665043][ T6785] FAT-fs (loop5): Directory bread(block 66) failed [ 145.692749][ T6785] FAT-fs (loop5): Directory bread(block 67) failed [ 145.701417][ T6784] set_capacity_and_notify: 2 callbacks suppressed [ 145.701433][ T6784] loop6: detected capacity change from 0 to 4096 [ 145.762113][ T6785] FAT-fs (loop5): Directory bread(block 68) failed [ 145.781356][ T6798] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check. [ 145.821323][ T4195] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 145.830961][ T6785] FAT-fs (loop5): Directory bread(block 69) failed [ 145.848184][ T6785] FAT-fs (loop5): Directory bread(block 70) failed [ 145.866321][ T6784] ntfs3: loop6: Different NTFS' sector size (4096) and media sector size (512) [ 145.916683][ T6785] FAT-fs (loop5): Directory bread(block 71) failed [ 145.944124][ T6785] FAT-fs (loop5): Directory bread(block 72) failed [ 145.991988][ T6784] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 145.994066][ T6785] FAT-fs (loop5): Directory bread(block 73) failed [ 146.139447][ T6805] netlink: 224 bytes leftover after parsing attributes in process `syz.1.782'. [ 146.215859][ T6805] tipc: Enabling of bearer rejected, failed to enable media [ 146.230010][ T6784] overlayfs: upper fs does not support tmpfile. [ 146.287519][ T6784] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 146.308692][ T6784] overlayfs: failed to verify origin (/, ino=5, err=-2) [ 146.372169][ T6784] overlayfs: failed to verify upper root origin [ 146.748403][ T4243] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 147.122238][ T6834] netlink: 12 bytes leftover after parsing attributes in process `syz.1.795'. [ 147.183281][ T6793] loop2: detected capacity change from 0 to 40427 [ 147.237896][ T6832] loop5: detected capacity change from 0 to 4096 [ 147.239343][ T6793] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1ffff [ 147.278349][ T6793] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x2 [ 147.342609][ T6835] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 147.352170][ T6793] F2FS-fs (loop2): invalid crc value [ 147.395266][ T6832] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=12) [ 147.428946][ T6807] loop0: detected capacity change from 0 to 40427 [ 147.440190][ T6793] F2FS-fs (loop2): Found nat_bits in checkpoint [ 147.468618][ T6807] F2FS-fs (loop0): invalid crc value [ 147.506818][ T6832] Remounting filesystem read-only [ 147.508257][ T6807] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109) [ 147.592188][ T4520] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer [ 147.638524][ T6793] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 147.758854][ T4188] attempt to access beyond end of device [ 147.758854][ T4188] loop2: rw=2049, want=45104, limit=40427 [ 147.764052][ T6823] loop6: detected capacity change from 0 to 32768 [ 147.836039][ T6807] F2FS-fs (loop0): Start checkpoint disabled! [ 147.894949][ T6807] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 148.213694][ T4620] attempt to access beyond end of device [ 148.213694][ T4620] loop0: rw=2049, want=45104, limit=40427 [ 148.406790][ T6848] [U]  [ 149.008841][ T6867] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 149.031792][ T6867] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 149.080911][ T6867] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 149.102520][ T6867] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 149.239111][ T6873] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 149.817117][ T6893] loop6: detected capacity change from 0 to 256 [ 149.944431][ T6893] FAT-fs (loop6): Directory bread(block 64) failed [ 149.963484][ T6893] FAT-fs (loop6): Directory bread(block 65) failed [ 149.999638][ T6894] loop0: detected capacity change from 0 to 2048 [ 150.017139][ T6893] FAT-fs (loop6): Directory bread(block 66) failed [ 150.047398][ T6893] FAT-fs (loop6): Directory bread(block 67) failed [ 150.077763][ T6893] FAT-fs (loop6): Directory bread(block 68) failed [ 150.108139][ T6893] FAT-fs (loop6): Directory bread(block 69) failed [ 150.115033][ T6893] FAT-fs (loop6): Directory bread(block 70) failed [ 150.128083][ T6893] FAT-fs (loop6): Directory bread(block 71) failed [ 150.149248][ T6893] FAT-fs (loop6): Directory bread(block 72) failed [ 150.176507][ T6893] FAT-fs (loop6): Directory bread(block 73) failed [ 150.198990][ T6894] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,jqfmt=vfsv1,noquota,grpid,,errors=continue. Quota mode: none. [ 150.424793][ T6876] loop2: detected capacity change from 0 to 32768 [ 150.474510][ T6905] loop5: detected capacity change from 0 to 1024 [ 150.567096][ T6905] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 150.675795][ T6914] netlink: 16 bytes leftover after parsing attributes in process `syz.0.828'. [ 150.685219][ T6914] netlink: 20 bytes leftover after parsing attributes in process `syz.0.828'. [ 150.710476][ T6876] XFS (loop2): Mounting V5 Filesystem [ 150.851245][ T6876] XFS (loop2): Ending clean mount [ 150.963807][ T6876] XFS (loop2): Quotacheck needed: Please wait. [ 151.028786][ T6924] loop1: detected capacity change from 0 to 8192 [ 151.084484][ T6876] XFS (loop2): Quotacheck: Done. [ 151.107011][ T6924] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 151.130109][ T6924] REISERFS (device loop1): using ordered data mode [ 151.160565][ T6924] reiserfs: using flush barriers [ 151.185835][ T6924] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 151.315661][ T4188] XFS (loop2): Unmounting Filesystem [ 151.323598][ T6924] REISERFS (device loop1): checking transaction log (loop1) [ 151.371621][ T6924] REISERFS (device loop1): Using r5 hash to sort names [ 151.384340][ T6944] netlink: 4 bytes leftover after parsing attributes in process `syz.0.838'. [ 151.423447][ T6924] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 151.920421][ T6954] loop0: detected capacity change from 0 to 4096 [ 152.236482][ T6977] netlink: 8 bytes leftover after parsing attributes in process `syz.6.851'. [ 152.359947][ T6983] syz.1.854 uses obsolete (PF_INET,SOCK_PACKET) [ 152.462514][ T4184] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22. [ 152.462636][ T4184] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 152.683410][ T6992] netlink: 24 bytes leftover after parsing attributes in process `syz.6.858'. [ 152.683439][ T6992] netlink: 56 bytes leftover after parsing attributes in process `syz.6.858'. [ 152.683456][ T6992] netlink: 'syz.6.858': attribute type 10 has an invalid length. [ 152.772131][ T6997] netlink: 20 bytes leftover after parsing attributes in process `syz.0.860'. [ 152.951828][ T7006] loop1: detected capacity change from 0 to 1024 [ 153.163540][ T300] hfsplus: b-tree write err: -5, ino 4 [ 153.384179][ T7026] netlink: 'syz.0.874': attribute type 3 has an invalid length. [ 153.551616][ T7033] netlink: 8 bytes leftover after parsing attributes in process `syz.0.877'. [ 153.639605][ T7035] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 153.950981][ T7043] loop2: detected capacity change from 0 to 2048 [ 154.138401][ T7050] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 154.174629][ T7028] loop5: detected capacity change from 0 to 32768 [ 154.183510][ T7054] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 154.218519][ T7054] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 154.219472][ T7054] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 154.219500][ T7054] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 154.314815][ T7028] ialloc: diAlloc returned -17! [ 155.157802][ T7052] loop6: detected capacity change from 0 to 32768 [ 155.285929][ T7080] loop1: detected capacity change from 0 to 1024 [ 155.445979][ T7066] loop0: detected capacity change from 0 to 32768 [ 155.479850][ T7070] loop5: detected capacity change from 0 to 32768 [ 155.627875][ T7052] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 scanned by syz.6.887 (7052) [ 155.647148][ T7086] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 155.659720][ T7086] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 155.669834][ T7086] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 155.677396][ T7086] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 155.699276][ T7066] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.894 (7066) [ 155.725146][ T7070] XFS (loop5): Mounting V5 Filesystem [ 155.734071][ T7052] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm [ 155.837260][ T7052] BTRFS info (device loop6): enabling auto defrag [ 155.893560][ T7052] BTRFS info (device loop6): use no compression [ 155.901024][ T4314] hfsplus: b-tree write err: -5, ino 4 [ 155.910446][ T7052] BTRFS info (device loop6): force clearing of disk cache [ 155.917864][ T7052] BTRFS info (device loop6): max_inline at 4096 [ 155.946804][ T7052] BTRFS info (device loop6): disabling free space tree [ 155.968088][ T7052] BTRFS info (device loop6): has skinny extents [ 155.986045][ T7066] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 156.064953][ T7066] BTRFS info (device loop0): using free space tree [ 156.118921][ T7066] BTRFS info (device loop0): has skinny extents [ 156.125985][ T7070] XFS (loop5): Ending clean mount [ 156.244102][ T4520] XFS (loop5): Unmounting Filesystem [ 156.438498][ T7052] BTRFS info (device loop6): enabling ssd optimizations [ 156.452961][ T7052] BTRFS info (device loop6): clearing free space tree [ 156.545987][ T7066] BTRFS info (device loop0): enabling ssd optimizations [ 156.568407][ T7052] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 156.620532][ T7052] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 157.567674][ T7156] loop1: detected capacity change from 0 to 512 [ 157.610783][ T7157] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 157.742866][ T7156] EXT4-fs (loop1): Ignoring removed bh option [ 157.839802][ T7156] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,bsdgroups,bh,,errors=continue. Quota mode: writeback. [ 157.878695][ T7161] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 157.887458][ T7156] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 158.179565][ T7173] loop2: detected capacity change from 0 to 128 [ 158.299428][ T7173] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 158.299544][ T7173] ext4 filesystem being mounted at /220/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 158.388896][ T7161] usb 6-1: config 9 interface 0 altsetting 10 endpoint 0x7 has invalid maxpacket 1023, setting to 64 [ 158.428189][ T7173] EXT4-fs warning (device loop2): ext4_group_add:1696: No reserved GDT blocks, can't resize [ 158.447109][ T7189] loop6: detected capacity change from 0 to 64 [ 158.453593][ T7161] usb 6-1: config 9 interface 0 has no altsetting 0 [ 158.466414][ T7187] loop0: detected capacity change from 0 to 512 [ 158.583080][ T7187] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,usrquota,minixdf,nombcache,. Quota mode: writeback. [ 158.608552][ T7187] ext4 filesystem being mounted at /203/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 158.679100][ T7161] usb 6-1: New USB device found, idVendor=147a, idProduct=e03e, bcdDevice= 8.f4 [ 158.698051][ T7161] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.716730][ T7161] usb 6-1: Product: syz [ 158.721630][ T7161] usb 6-1: Manufacturer: syz [ 158.722876][ T7187] EXT4-fs warning (device loop0): ext4_group_extend:1823: can't shrink FS - resize aborted [ 158.736122][ T7161] usb 6-1: SerialNumber: syz [ 158.790852][ T7150] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 159.107630][ T7201] loop6: detected capacity change from 0 to 8192 [ 159.125124][ T7161] usb 6-1: USB disconnect, device number 7 [ 159.204847][ T7191] loop1: detected capacity change from 0 to 32768 [ 159.248712][ T23] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 159.258850][ T7191] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.922 (7191) [ 159.318144][ T7191] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 159.347770][ T7191] BTRFS info (device loop1): using free space tree [ 159.371448][ T7191] BTRFS info (device loop1): has skinny extents [ 159.508159][ T23] usb 1-1: Using ep0 maxpacket: 32 [ 159.631387][ T23] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 159.665097][ T7231] loop2: detected capacity change from 0 to 4096 [ 159.679118][ T23] usb 1-1: New USB device found, idVendor=046d, idProduct=c531, bcdDevice= 0.00 [ 159.698606][ T7191] BTRFS info (device loop1): enabling ssd optimizations [ 159.718505][ T7161] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 159.727601][ T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.791069][ T23] usb 1-1: config 0 descriptor?? [ 159.983071][ T7244] loop5: detected capacity change from 0 to 256 [ 159.989893][ T7161] usb 7-1: Using ep0 maxpacket: 32 [ 160.065466][ T7244] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 160.131148][ T7161] usb 7-1: config 0 has an invalid interface number: 51 but max is 0 [ 160.142639][ T7161] usb 7-1: config 0 has no interface number 0 [ 160.287246][ T23] logitech-djreceiver 0003:046D:C531.000B: item fetching failed at offset 0/1 [ 160.296962][ T23] logitech-djreceiver 0003:046D:C531.000B: logi_dj_probe: parse failed [ 160.306172][ T23] logitech-djreceiver: probe of 0003:046D:C531.000B failed with error -22 [ 160.358850][ T7161] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 160.375128][ T7161] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.384113][ T7161] usb 7-1: Product: syz [ 160.395975][ T7161] usb 7-1: Manufacturer: syz [ 160.403640][ T7161] usb 7-1: SerialNumber: syz [ 160.440539][ T7161] usb 7-1: config 0 descriptor?? [ 160.500057][ T7161] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 160.527841][ T5152] usb 1-1: USB disconnect, device number 9 [ 160.533534][ T7248] netlink: 316 bytes leftover after parsing attributes in process `syz.2.941'. [ 160.707169][ T7255] loop1: detected capacity change from 0 to 2048 [ 160.723824][ T7161] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 160.754350][ T7255] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=18881, location=18881 [ 160.774092][ T7161] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 160.922225][ T7260] netlink: 32 bytes leftover after parsing attributes in process `syz.1.947'. [ 161.189952][ C0] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 161.244783][ T5020] usb 7-1: USB disconnect, device number 3 [ 161.246561][ T7270] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 161.283491][ T5020] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 161.295364][ T7270] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 161.295461][ T7270] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 161.381664][ T5020] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 161.421255][ T5020] quatech2 7-1:0.51: device disconnected [ 161.542255][ T7284] loop1: detected capacity change from 0 to 512 [ 161.588579][ T7284] EXT4-fs (loop1): Ignoring removed nobh option [ 161.603952][ T7287] netlink: 32 bytes leftover after parsing attributes in process `syz.5.960'. [ 161.615709][ T7284] EXT4-fs (loop1): Test dummy encryption mode enabled [ 161.667486][ T7284] EXT4-fs error (device loop1): __ext4_iget:4912: inode #11: block 1: comm syz.1.959: invalid block [ 161.763561][ T7284] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.959: couldn't read orphan inode 11 (err -117) [ 161.804399][ T7295] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 161.813233][ T7284] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,nobh,max_dir_size_kb=0x0000000000000004,bsddf,nodiscard,sysvgroups,noauto_da_alloc,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none. [ 161.885990][ T7295] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 161.954379][ T7295] overlayfs: failed to create directory ./bus/work (errno: 28); mounting read-only [ 162.007122][ T7303] ntfs: volume version 3.1. [ 162.093567][ T7307] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xd22393c8, utbl_chksum : 0xe619d30d) [ 162.108891][ T7303] ntfs: (device loop2): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x43, attribute type 0x80, because this attribute type is not defined on the NTFS volume. Possible corruption! You should run chkdsk! [ 162.256072][ T7303] ntfs: (device loop2): ntfs_prepare_file_for_write(): Cannot perform write to inode 0x43, attribute type 0x80, because extending the allocation failed (error 5). [ 162.979673][ T7346] netlink: 32 bytes leftover after parsing attributes in process `syz.2.987'. [ 163.144397][ T7347] set_capacity_and_notify: 3 callbacks suppressed [ 163.144413][ T7347] loop1: detected capacity change from 0 to 4096 [ 163.341858][ T26] audit: type=1326 audit(1770635434.417:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7361 comm="syz.0.996" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f35259bef79 code=0x0 [ 163.370418][ T7313] loop5: detected capacity change from 0 to 32768 [ 163.372427][ T7347] ntfs3: loop1: ino=5, "/" directory corrupted [ 163.424548][ T7369] netlink: 48 bytes leftover after parsing attributes in process `syz.2.998'. [ 163.425622][ T7347] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 163.526412][ T7347] ntfs3: loop1: ino=5, "/" directory corrupted [ 163.799042][ T7377] loop6: detected capacity change from 0 to 512 [ 163.872104][ T7377] EXT4-fs (loop6): Ignoring removed nobh option [ 163.893455][ T7377] EXT4-fs (loop6): Test dummy encryption mode enabled [ 163.971806][ T7377] EXT4-fs error (device loop6): __ext4_iget:4912: inode #11: block 1: comm syz.6.1003: invalid block [ 163.989760][ T7377] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.1003: couldn't read orphan inode 11 (err -117) [ 164.052545][ T7377] EXT4-fs (loop6): mounted filesystem without journal. Opts: noauto_da_alloc,nobh,max_dir_size_kb=0x0000000000000004,bsddf,nodiscard,sysvgroups,noauto_da_alloc,noauto_da_alloc,test_dummy_encryption,,errors=continue. Quota mode: none. [ 164.053338][ T7391] sp0: Synchronizing with TNC [ 164.135782][ T7393] loop1: detected capacity change from 0 to 512 [ 164.140473][ T7389] loop5: detected capacity change from 0 to 2048 [ 164.183288][ T7393] EXT4-fs (loop1): Ignoring removed nobh option [ 164.205851][ T7389] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 164.221870][ T7393] EXT4-fs (loop1): inline encryption not supported [ 164.247853][ T7393] EXT4-fs (loop1): Test dummy encryption mode enabled [ 164.373408][ T7393] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 164.439440][ T7389] UDF-fs: error (device loop5): udf_rename: failed to find renamed entry again in directory (ino 1376) [ 164.444651][ T7402] loop6: detected capacity change from 0 to 64 [ 164.477776][ T7402] BFS-fs: bfs_fill_super(): loop6 is unclean, continuing [ 164.499808][ T7393] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1007: invalid indirect mapped block 2683928664 (level 1) [ 164.560555][ T7393] EXT4-fs (loop1): Remounting filesystem read-only [ 164.574358][ T7393] EXT4-fs (loop1): 1 truncate cleaned up [ 164.581090][ T7393] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,dioread_lock,nobh,errors=remount-ro,inlinecrypt,usrjquota=.sb=0x0000000000000007,nodiscard,jqfmt=vfsv0,noload,debug_want_extra_isize=0x0000000000000006,test_dummy_encryption,,. Quota mode: writeback. [ 164.735436][ T7405] loop6: detected capacity change from 0 to 512 [ 164.786550][ T7405] EXT4-fs (loop6): mounted filesystem without journal. Opts: i_version,nodiscard,min_batch_time=0x00000000000003ff,,errors=continue. Quota mode: none. [ 164.865612][ T7407] loop5: detected capacity change from 0 to 2048 [ 164.897697][ T7393] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 164.920462][ T7393] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:476: comm syz.1.1007: Invalid block bitmap block 3 in block_group 0 [ 164.930360][ T7413] loop0: detected capacity change from 0 to 128 [ 164.942978][ T7393] EXT4-fs (loop1): Remounting filesystem read-only [ 164.985713][ T7407] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 165.028397][ T7407] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 165.277457][ T7422] netlink: 192436 bytes leftover after parsing attributes in process `syz.6.1018'. [ 165.289690][ T7422] openvswitch: netlink: Tunnel attr 159 out of range max 16 [ 165.572543][ T7440] loop6: detected capacity change from 0 to 512 [ 165.581982][ T7438] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 165.627256][ T7440] EXT4-fs (loop6): Ignoring removed bh option [ 165.715316][ T7440] EXT4-fs (loop6): mounted filesystem without journal. Opts: i_version,bsdgroups,bh,,errors=continue. Quota mode: writeback. [ 165.770321][ T7440] ext4 filesystem being mounted at /139/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 165.818279][ T4235] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 165.825928][ T7442] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 166.198594][ T4235] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 166.209220][ T5028] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 166.238209][ T4235] usb 2-1: New USB device found, idVendor=056a, idProduct=00e6, bcdDevice= 0.00 [ 166.247528][ T4235] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.284481][ T4235] usb 2-1: config 0 descriptor?? [ 166.406873][ T7458] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.1038 (7458) [ 166.435992][ T7458] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm [ 166.445726][ T7458] BTRFS info (device loop5): enabling auto defrag [ 166.453414][ T7458] BTRFS info (device loop5): use no compression [ 166.464020][ T7458] BTRFS info (device loop5): force clearing of disk cache [ 166.471830][ T5028] usb 3-1: Using ep0 maxpacket: 16 [ 166.477288][ T7458] BTRFS info (device loop5): max_inline at 4096 [ 166.484265][ T7458] BTRFS info (device loop5): disabling free space tree [ 166.492589][ T7458] BTRFS info (device loop5): has skinny extents [ 166.512877][ T7161] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 166.588523][ T5028] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 166.600198][ T5028] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 166.616344][ T5028] usb 3-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00 [ 166.638625][ T7458] BTRFS info (device loop5): enabling ssd optimizations [ 166.649019][ T5028] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.658291][ T7458] BTRFS info (device loop5): clearing free space tree [ 166.665524][ T7458] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 166.682708][ T5028] usb 3-1: config 0 descriptor?? [ 166.691713][ T7458] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 166.735765][ T26] audit: type=1800 audit(1770635437.807:10): pid=7458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1038" name="file1" dev="loop5" ino=260 res=0 errno=0 [ 166.782904][ T4235] wacom 0003:056A:00E6.000C: hidraw0: USB HID v10.00 Device [HID 056a:00e6] on usb-dummy_hcd.1-1/input0 [ 166.930823][ T7161] usb 7-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 166.942069][ T7161] usb 7-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 166.959784][ T7161] usb 7-1: config 0 interface 0 has no altsetting 0 [ 166.970038][ T7161] usb 7-1: New USB device found, idVendor=16c0, idProduct=05e1, bcdDevice= 0.00 [ 166.986337][ T7161] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.998726][ T7161] usb 7-1: config 0 descriptor?? [ 167.026592][ T7491] EXT4-fs (loop0): inline encryption not supported [ 167.047171][ T5023] usb 2-1: USB disconnect, device number 7 [ 167.051903][ T7491] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 167.115299][ C1] vkms_vblank_simulate: vblank timer overrun [ 167.160764][ T7491] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,journal_dev=0x0000000000000d5b,data_err=ignore,nodiscard,user_xattr,grpquota,init_itable,user_xattr,mb_optimize_scan=0x0000000000000001,errors=remount-ro,lazytime,. Quota mode: writeback. [ 167.184946][ T5028] logitech 0003:046D:C623.000D: unexpected long global item [ 167.198937][ T5028] logitech 0003:046D:C623.000D: parse failed [ 167.232105][ T7491] EXT4-fs (loop0): old and new quota format mixing [ 167.240026][ T5028] logitech: probe of 0003:046D:C623.000D failed with error -22 [ 167.305869][ T7161] usb 7-1: string descriptor 0 read error: -71 [ 167.450772][ T5028] usb 3-1: USB disconnect, device number 5 [ 167.453467][ T7161] usbhid 7-1:0.0: can't add hid device: -71 [ 167.469984][ T7161] usbhid: probe of 7-1:0.0 failed with error -71 [ 167.490549][ T7495] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 167.497642][ T7161] usb 7-1: USB disconnect, device number 4 [ 167.527886][ T7495] EXT4-fs (loop5): orphan cleanup on readonly fs [ 167.580472][ T7495] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1041: bg 0: block 10: padding at end of block bitmap is not set [ 167.597851][ T7498] exfat: Deprecated parameter 'namecase' [ 167.621610][ T7495] Quota error (device loop5): write_blk: dquota write failed [ 167.631605][ T7495] Quota error (device loop5): find_free_dqentry: Can't remove block (3) from entry free list [ 167.654257][ T7498] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 167.669353][ T7495] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota [ 167.702278][ T7495] EXT4-fs error (device loop5): ext4_acquire_dquot:6234: comm syz.5.1041: Failed to acquire dquot type 0 [ 167.741785][ T7495] Quota error (device loop5): write_blk: dquota write failed [ 167.753157][ T7495] Quota error (device loop5): find_free_dqentry: Can't remove block (3) from entry free list [ 167.832311][ T7495] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota [ 167.865934][ T7495] EXT4-fs error (device loop5): ext4_acquire_dquot:6234: comm syz.5.1041: Failed to acquire dquot type 0 [ 167.903374][ T7495] EXT4-fs error (device loop5): ext4_free_blocks:6234: comm syz.5.1041: Freeing blocks not in datazone - block = 0, count = 4096 [ 167.967821][ T7495] Quota error (device loop5): write_blk: dquota write failed [ 167.995864][ T7495] Quota error (device loop5): find_free_dqentry: Can't remove block (3) from entry free list [ 168.048363][ T7495] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota [ 168.088461][ T7495] EXT4-fs error (device loop5): ext4_acquire_dquot:6234: comm syz.5.1041: Failed to acquire dquot type 0 [ 168.146310][ T7495] EXT4-fs (loop5): 1 orphan inode deleted [ 168.172094][ T7495] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 168.266458][ T7495] syz.5.1041 (7495) used greatest stack depth: 19832 bytes left [ 168.296428][ T7532] set_capacity_and_notify: 5 callbacks suppressed [ 168.296447][ T7532] loop2: detected capacity change from 0 to 1024 [ 168.384140][ T7538] genirq: Flags mismatch irq 4. 00000000 (pcl812) vs. 00000000 (ttyS0) [ 168.453757][ T7545] ax25_connect(): syz.1.1063 uses autobind, please contact jreuter@yaina.de [ 168.483877][ T7532] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 168.516620][ T7532] EXT4-fs (loop2): orphan cleanup on readonly fs [ 168.681187][ T7532] EXT4-fs error (device loop2): __ext4_get_inode_loc:4327: comm syz.2.1057: Invalid inode table block 0 in block_group 0 [ 168.790645][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 168.801360][ T7532] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 168.812773][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 168.822965][ T7532] EXT4-fs error (device loop2): ext4_quota_write:6646: inode #3: comm syz.2.1057: mark_inode_dirty error [ 168.842238][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 168.849241][ T7532] Quota error (device loop2): write_blk: dquota write failed [ 168.861829][ T7532] EXT4-fs error (device loop2): ext4_acquire_dquot:6234: comm syz.2.1057: Failed to acquire dquot type 0 [ 168.906433][ T7564] loop6: detected capacity change from 0 to 512 [ 168.938351][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 168.952986][ T7532] EXT4-fs error (device loop2): __ext4_get_inode_loc:4327: comm syz.2.1057: Invalid inode table block 0 in block_group 0 [ 168.986972][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 169.033229][ T7532] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 169.072871][ T7571] loop0: detected capacity change from 0 to 256 [ 169.104429][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 169.141905][ T7532] EXT4-fs error (device loop2): ext4_ext_truncate:4456: inode #15: comm syz.2.1057: mark_inode_dirty error [ 169.144182][ T7564] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 169.188072][ T7571] FAT-fs (loop0): Directory bread(block 64) failed [ 169.195079][ T7571] FAT-fs (loop0): Directory bread(block 65) failed [ 169.202484][ T7571] FAT-fs (loop0): Directory bread(block 66) failed [ 169.209789][ T7571] FAT-fs (loop0): Directory bread(block 67) failed [ 169.216527][ T7571] FAT-fs (loop0): Directory bread(block 68) failed [ 169.224662][ T7571] FAT-fs (loop0): Directory bread(block 69) failed [ 169.234831][ T7571] FAT-fs (loop0): Directory bread(block 70) failed [ 169.241731][ T7571] FAT-fs (loop0): Directory bread(block 71) failed [ 169.242063][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 169.249900][ T7571] FAT-fs (loop0): Directory bread(block 72) failed [ 169.262430][ T7571] FAT-fs (loop0): Directory bread(block 73) failed [ 169.289572][ T7564] EXT4-fs (loop6): re-mounted. Opts: (null). Quota mode: writeback. [ 169.306607][ T7581] loop5: detected capacity change from 0 to 1024 [ 169.320224][ T7532] EXT4-fs error (device loop2): __ext4_get_inode_loc:4327: comm syz.2.1057: Invalid inode table block 0 in block_group 0 [ 169.393653][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 169.472113][ T7532] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 169.493705][ T7582] EXT4-fs (loop6): re-mounted. Opts: . Quota mode: writeback. [ 169.522511][ T7587] loop1: detected capacity change from 0 to 512 [ 169.533698][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 169.535831][ T7589] loop0: detected capacity change from 0 to 64 [ 169.573099][ T7532] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem [ 169.606033][ T7587] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nodiscard,min_batch_time=0x00000000000003ff,,errors=continue. Quota mode: none. [ 169.660789][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 169.710200][ T7532] EXT4-fs error (device loop2): __ext4_get_inode_loc:4327: comm syz.2.1057: Invalid inode table block 0 in block_group 0 [ 169.830500][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 169.837693][ T7532] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 169.890324][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 169.896997][ T7532] EXT4-fs error (device loop2): ext4_truncate:4279: inode #15: comm syz.2.1057: mark_inode_dirty error [ 169.942054][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 169.994640][ T7532] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem [ 170.043277][ T7532] EXT4-fs (loop2): Remounting filesystem read-only [ 170.059001][ T7532] EXT4-fs (loop2): 1 truncate cleaned up [ 170.065056][ T7532] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000000015,stripe=0x0000000000000000,grpid,errors=remount-ro,data_err=ignore,noblock_validity,minixdf,min_batch_time=0x0000000000000013,. Quota mode: writeback. [ 170.201973][ T7607] loop5: detected capacity change from 0 to 128 [ 170.328108][ T7596] ax25_connect(): syz.6.1083 uses autobind, please contact jreuter@yaina.de [ 170.356770][ T7609] loop1: detected capacity change from 0 to 512 [ 170.390937][ T7613] loop2: detected capacity change from 0 to 764 [ 170.562246][ T7613] blk_update_request: I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 170.590922][ T7609] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback. [ 170.724365][ T7613] blk_update_request: I/O error, dev loop2, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 170.760783][ T7609] ext4 filesystem being mounted at /212/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 170.846066][ T7628] loop0: detected capacity change from 0 to 128 [ 170.860996][ T7613] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 170.943338][ T7613] blk_update_request: I/O error, dev loop2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 171.015801][ T7613] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 171.066001][ T7626] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 171.075834][ T7626] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 171.107762][ T7626] gfs2: fsid=syz:syz.s: fatal: invalid metadata block [ 171.107762][ T7626] bh = 52 (type: exp=5, found=8) [ 171.107762][ T7626] function = gfs2_meta_buffer, file = fs/gfs2/meta_io.c, line = 493 [ 171.129486][ T7626] gfs2: fsid=syz:syz.s: about to withdraw this file system [ 171.135887][ T7613] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 171.137650][ T7626] gfs2: fsid=syz:syz.s: Journal recovery skipped for jid 0 until next mount. [ 171.154633][ T7626] gfs2: fsid=syz:syz.s: Glock dequeues delayed: 0 [ 171.164901][ T7626] gfs2: fsid=syz:syz.s: File system withdrawn [ 171.165375][ T7628] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002] [ 171.171177][ T7626] CPU: 0 PID: 7626 Comm: syz.6.1097 Not tainted syzkaller #0 [ 171.171203][ T7626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 171.171214][ T7626] Call Trace: [ 171.171223][ T7626] [ 171.171232][ T7626] dump_stack_lvl+0x188/0x250 [ 171.208243][ T7626] ? kobject_uevent_env+0x371/0x890 [ 171.213459][ T7626] ? show_regs_print_info+0x20/0x20 [ 171.218842][ T7626] ? load_image+0x400/0x400 [ 171.223359][ T7626] ? kobject_uevent_env+0x371/0x890 [ 171.228571][ T7626] gfs2_withdraw+0x1149/0x1490 [ 171.233359][ T7626] ? gfs2_lm+0x240/0x240 [ 171.237611][ T7626] ? gfs2_meta_read+0x8a9/0xa60 [ 171.242734][ T7626] ? gfs2_meta_new+0x160/0x160 [ 171.247602][ T7626] gfs2_metatype_check_ii+0x74/0x90 [ 171.252895][ T7626] gfs2_meta_buffer+0x262/0x310 [ 171.257872][ T7626] __fillup_metapath+0x14d/0x340 [ 171.262820][ T7626] __gfs2_iomap_get+0x709/0x1400 [ 171.267979][ T7626] ? gfs2_alloc_extent+0x580/0x580 [ 171.273190][ T7626] ? rcu_is_watching+0x11/0xa0 [ 171.277963][ T7626] gfs2_block_map+0x2a0/0x740 [ 171.282667][ T7626] ? gfs2_iomap_end+0x6b0/0x6b0 [ 171.287533][ T7626] ? mark_lock+0x94/0x320 [ 171.291870][ T7626] ? verify_lock_unused+0x140/0x140 [ 171.297084][ T7626] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 171.303181][ T7626] ? lockdep_hardirqs_on+0x94/0x140 [ 171.308440][ T7626] gfs2_write_alloc_required+0x3ae/0x680 [ 171.314092][ T7626] ? gfs2_map_journal_extents+0xb10/0xb10 [ 171.319933][ T7626] ? _raw_spin_unlock+0x24/0x40 [ 171.325225][ T7626] ? gfs2_glock_nq+0xcb0/0x1550 [ 171.330119][ T7626] gfs2_jdesc_check+0x1c3/0x290 [ 171.335006][ T7626] check_journal_clean+0x186/0x360 [ 171.340254][ T7626] ? gfs2_trans_remove_revoke+0x370/0x370 [ 171.345999][ T7626] ? check_journal_clean+0x142/0x360 [ 171.351293][ T7626] ? __rwlock_init+0x140/0x140 [ 171.356165][ T7626] ? do_raw_spin_unlock+0x11d/0x230 [ 171.361465][ T7626] ? _raw_spin_unlock+0x24/0x40 [ 171.366415][ T7626] ? gfs2_jdesc_find+0xa7/0xc0 [ 171.371280][ T7626] init_journal+0x17a5/0x22f0 [ 171.376148][ T7626] ? end_bio_io_page+0x100/0x100 [ 171.381182][ T7626] ? vsnprintf+0x1b21/0x1c20 [ 171.385991][ T7626] ? snprintf+0xe5/0x140 [ 171.390429][ T7626] ? init_journal+0x74d/0x22f0 [ 171.395496][ T7626] ? vscnprintf+0x80/0x80 [ 171.399843][ T7626] ? gfs2_glock_nq_num+0x17a/0x1b0 [ 171.405076][ T7626] init_inodes+0xdb/0x320 [ 171.409413][ T7626] gfs2_fill_super+0x16b2/0x1f00 [ 171.414504][ T7626] ? gfs2_reconfigure+0xd30/0xd30 [ 171.419629][ T7626] ? gfs2_glock_nq_num+0x82/0x1b0 [ 171.424711][ T7626] ? sb_set_blocksize+0xa5/0xe0 [ 171.429574][ T7626] get_tree_bdev+0x3f1/0x610 [ 171.434439][ T7626] ? gfs2_reconfigure+0xd30/0xd30 [ 171.439555][ T7626] gfs2_get_tree+0x4d/0x1e0 [ 171.444080][ T7626] vfs_get_tree+0x88/0x270 [ 171.448593][ T7626] do_new_mount+0x24a/0xa40 [ 171.453200][ T7626] __se_sys_mount+0x2e3/0x3d0 [ 171.457994][ T7626] ? __x64_sys_mount+0xc0/0xc0 [ 171.462860][ T7626] ? lockdep_hardirqs_on+0x94/0x140 [ 171.468072][ T7626] ? __x64_sys_mount+0x1c/0xc0 [ 171.472841][ T7626] do_syscall_64+0x4c/0xa0 [ 171.477383][ T7626] ? clear_bhb_loop+0x30/0x80 [ 171.482286][ T7626] ? clear_bhb_loop+0x30/0x80 [ 171.487054][ T7626] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 171.492965][ T7626] RIP: 0033:0x7f41e454b20a [ 171.497387][ T7626] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 171.517431][ T7626] RSP: 002b:00007f41e27a4e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 171.525853][ T7626] RAX: ffffffffffffffda RBX: 00007f41e27a4ee0 RCX: 00007f41e454b20a [ 171.533940][ T7626] RDX: 000020000001f680 RSI: 000020000001f6c0 RDI: 00007f41e27a4ea0 [ 171.542205][ T7626] RBP: 000020000001f680 R08: 00007f41e27a4ee0 R09: 0000000000000084 [ 171.550373][ T7626] R10: 0000000000000084 R11: 0000000000000246 R12: 000020000001f6c0 [ 171.558529][ T7626] R13: 00007f41e27a4ea0 R14: 000000000001f707 R15: 00002000000000c0 [ 171.566619][ T7626] [ 171.571004][ T7626] gfs2: fsid=syz:syz.s: Error checking journal for spectator mount. [ 171.620489][ T7628] System zones: 1-3, 19-19, 35-36 [ 171.639091][ T7613] UDF-fs: Scanning with blocksize 512 failed [ 171.642980][ T7633] IPVS: ip_vs_edit_dest(): server weight less than zero [ 171.655629][ T7613] blk_update_request: I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 171.667944][ T7613] blk_update_request: I/O error, dev loop2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 171.679578][ T7613] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 171.686672][ T7628] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none. [ 171.689443][ T7613] blk_update_request: I/O error, dev loop2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 171.715478][ T7613] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 171.725613][ T7613] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 171.733751][ T7628] ext4 filesystem being mounted at /239/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 171.784381][ T7613] UDF-fs: Scanning with blocksize 1024 failed [ 171.888626][ T7613] blk_update_request: I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 171.916968][ T7613] blk_update_request: I/O error, dev loop2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 171.943458][ T7613] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 171.963341][ T7613] blk_update_request: I/O error, dev loop2, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.035001][ T7613] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 172.069835][ T7613] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 172.095798][ T7613] UDF-fs: Scanning with blocksize 2048 failed [ 172.113518][ T7613] blk_update_request: I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 172.145820][ T7613] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 172.161139][ T7613] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 172.188128][ T7613] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 172.195827][ T7613] UDF-fs: Scanning with blocksize 4096 failed [ 172.212835][ T7613] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1) [ 172.330114][ T7648] mmap: syz.2.1106 (7648) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 172.358818][ T5152] usb 2-1: new full-speed USB device number 8 using dummy_hcd [ 172.760833][ T5152] usb 2-1: config 0 has an invalid interface number: 41 but max is 0 [ 172.784066][ T5152] usb 2-1: config 0 has no interface number 0 [ 172.801782][ T5152] usb 2-1: config 0 interface 41 has no altsetting 0 [ 172.964012][ T7659] EXT4-fs (loop2): Ignoring removed orlov option [ 173.010859][ T5152] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 173.029489][ T5152] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 173.059246][ T5152] usb 2-1: Product: syz [ 173.059284][ T5152] usb 2-1: Manufacturer: syz [ 173.059300][ T5152] usb 2-1: SerialNumber: syz [ 173.061753][ T5152] usb 2-1: config 0 descriptor?? [ 173.132922][ T7659] EXT4-fs (loop2): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 173.216865][ T7659] EXT4-fs (loop2): resizing filesystem from 512 to 0 blocks [ 173.216899][ T7659] EXT4-fs warning (device loop2): ext4_resize_fs:2004: can't shrink FS - resize aborted [ 173.554100][ T7685] set_capacity_and_notify: 4 callbacks suppressed [ 173.554118][ T7685] loop0: detected capacity change from 0 to 512 [ 173.624910][ T7650] syz.6.1107 (7650): drop_caches: 2 [ 173.664612][ T7685] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1) [ 173.754590][ T7690] netlink: 65039 bytes leftover after parsing attributes in process `syz.5.1126'. [ 173.778254][ T5152] CoreChips: probe of 2-1:0.41 failed with error -71 [ 173.796594][ T5152] usb 2-1: USB disconnect, device number 8 [ 173.804758][ T7685] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 173.958258][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 174.030010][ T7699] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1130'. [ 174.100723][ T7703] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1133'. [ 174.195258][ T7701] loop5: detected capacity change from 0 to 4096 [ 174.250496][ T7701] __ntfs_warning: 1 callbacks suppressed [ 174.250513][ T7701] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 174.405290][ T7701] ntfs: volume version 3.1. [ 174.493100][ T7701] ntfs: (device loop5): ntfs_ucstonls(): Unicode name contains characters that cannot be converted to character set iso8859-6. You might want to try to use the mount option nls=utf8. [ 174.511150][ T7710] loop2: detected capacity change from 0 to 8192 [ 174.598463][ T7701] ntfs: (device loop5): ntfs_filldir(): Skipping unrepresentable inode 0x4. [ 174.625482][ T7720] loop0: detected capacity change from 0 to 512 [ 174.637065][ T7715] loop1: detected capacity change from 0 to 4096 [ 174.737277][ T7715] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 174.806889][ T7715] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 174.824135][ T7723] loop5: detected capacity change from 0 to 512 [ 174.839653][ T7720] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 174.891626][ T7720] System zones: 0-2, 18-18, 34-34 [ 174.908919][ T7715] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 174.926255][ T7720] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1141: bg 0: block 248: padding at end of block bitmap is not set [ 174.969531][ T7727] tipc: Enabling of bearer rejected, failed to enable media [ 174.991354][ T7723] EXT4-fs (loop5): 1 truncate cleaned up [ 174.997282][ T7723] EXT4-fs (loop5): mounted filesystem without journal. Opts: quota,bsdgroups,nouid32,errors=remount-ro,jqfmt=vfsv1,errors=remount-ro,jqfmt=vfsv0,. Quota mode: writeback. [ 175.019467][ T7715] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 175.034646][ T7720] Quota error (device loop0): write_blk: dquota write failed [ 175.036486][ T7715] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 175.055676][ T7715] ntfs: volume version 3.1. [ 175.059426][ T7720] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 175.092652][ T7723] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1142: invalid indirect mapped block 234881024 (level 0) [ 175.130107][ T7723] EXT4-fs (loop5): Remounting filesystem read-only [ 175.144998][ T7720] EXT4-fs error (device loop0): ext4_acquire_dquot:6234: comm syz.0.1141: Failed to acquire dquot type 1 [ 175.247165][ T7720] EXT4-fs (loop0): 1 truncate cleaned up [ 175.298617][ T7720] EXT4-fs (loop0): mounted filesystem without journal. Opts: discard,noload,,errors=continue. Quota mode: writeback. [ 175.342319][ T7720] ext4 filesystem being mounted at /252/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 175.376825][ T7735] loop5: detected capacity change from 0 to 1024 [ 175.432932][ T7735] EXT4-fs (loop5): Ignoring removed orlov option [ 175.567222][ T7735] EXT4-fs (loop5): mounted filesystem without journal. Opts: delalloc,errors=remount-ro,quota,noauto_da_alloc,debug_want_extra_isize=0x0000000000000080,nodelalloc,noauto_da_alloc,stripe=0x0000000000000005,orlov,. Quota mode: writeback. [ 175.706614][ T7735] EXT4-fs error (device loop5): ext4_find_dest_de:2115: inode #12: block 7: comm syz.5.1147: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 175.743304][ T7735] EXT4-fs (loop5): Remounting filesystem read-only [ 175.755210][ T7747] loop0: detected capacity change from 0 to 2048 [ 175.808523][ T7747] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 176.166745][ T7761] netlink: 536 bytes leftover after parsing attributes in process `syz.0.1157'. [ 176.277777][ T7765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1159'. [ 176.494435][ T7777] loop6: detected capacity change from 0 to 64 [ 176.720881][ T5028] usb 2-1: new full-speed USB device number 9 using dummy_hcd [ 177.108261][ T5028] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64 [ 177.128134][ T5028] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 177.180616][ T5028] usb 2-1: New USB device found, idVendor=046d, idProduct=c298, bcdDevice= 0.00 [ 177.210531][ T5028] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.267428][ T5028] usb 2-1: config 0 descriptor?? [ 177.298417][ T7773] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 177.423772][ T7802] loop6: detected capacity change from 0 to 32768 [ 177.507826][ T7802] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 scanned by syz.6.1176 (7802) [ 177.532727][ T7802] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm [ 177.543154][ T7802] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 177.555023][ T7802] BTRFS info (device loop6): use zstd compression, level 3 [ 177.563194][ T7802] BTRFS info (device loop6): using free space tree [ 177.571043][ T7802] BTRFS info (device loop6): has skinny extents [ 177.654157][ T7771] non-latin1 character 0xffff found in JFS file name [ 177.665123][ T7771] mount with iocharset=utf8 to access [ 177.760403][ T5028] logitech 0003:046D:C298.000E: unbalanced collection at end of report description [ 177.784645][ T5028] logitech 0003:046D:C298.000E: parse failed [ 177.838356][ T5028] logitech: probe of 0003:046D:C298.000E failed with error -22 [ 177.839907][ T7802] BTRFS info (device loop6): enabling ssd optimizations [ 177.861283][ T300] BTRFS warning (device loop6): checksum verify failed on 5267456 wanted 0xbf82b992d7a5ee92cc36a174676fd1e8aa0607ff5fb0b85d1488be038f134163 found 0x7aa2366b8bf86346e4e05e648cfed104614f91025cc3811fa8986f229705b560 level 0 [ 177.982629][ T7161] usb 2-1: USB disconnect, device number 9 [ 177.991609][ T7802] BTRFS warning (device loop6): failed to read fs tree: -5 [ 178.021772][ T7802] BTRFS error (device loop6): open_ctree failed: -5 [ 178.232190][ T7834] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 178.295562][ T4524] udevd[4524]: incorrect nilfs2 checksum on /dev/loop5 [ 178.382178][ T7841] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 178.400611][ T4524] udevd[4524]: incorrect nilfs2 checksum on /dev/loop5 [ 178.656624][ T4177] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 scanned by udevd (4177) [ 178.694040][ T7812] XFS (loop0): Mounting V5 Filesystem [ 178.849357][ T7812] XFS (loop0): Ending clean mount [ 178.986638][ T7812] xfs: Unexpected value for 'quota' [ 179.103923][ T4184] XFS (loop0): Unmounting Filesystem [ 179.118263][ T5025] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 179.485402][ T7885] set_capacity_and_notify: 3 callbacks suppressed [ 179.485420][ T7885] loop1: detected capacity change from 0 to 512 [ 179.508251][ T5025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 179.528195][ T5025] usb 6-1: New USB device found, idVendor=056a, idProduct=033b, bcdDevice= 0.00 [ 179.557036][ T5025] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.613228][ T5025] usb 6-1: config 0 descriptor?? [ 179.624651][ T7885] __quota_error: 11 callbacks suppressed [ 179.624671][ T7885] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated! [ 179.649252][ T7885] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 179.671629][ T7887] loop6: detected capacity change from 0 to 4096 [ 179.698158][ T7885] EXT4-fs error (device loop1): ext4_acquire_dquot:6234: comm syz.1.1200: Failed to acquire dquot type 0 [ 179.698428][ T5152] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 179.764853][ T7885] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated! [ 179.797727][ T7887] ntfs3: loop6: Mark volume as dirty due to NTFS errors [ 179.817397][ T7887] ntfs3: loop6: Failed to load $Extend. [ 179.820640][ T7885] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 179.869030][ T7885] EXT4-fs error (device loop1): ext4_acquire_dquot:6234: comm syz.1.1200: Failed to acquire dquot type 0 [ 179.892790][ T7885] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1200: bg 0: block 64: padding at end of block bitmap is not set [ 179.927273][ T7885] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6194: Corrupt filesystem [ 179.966386][ T7885] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated! [ 179.985360][ T7885] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota [ 179.991705][ T7894] loop0: detected capacity change from 0 to 8 [ 179.996395][ T5152] usb 3-1: Using ep0 maxpacket: 16 [ 180.010516][ T7885] EXT4-fs error (device loop1): ext4_acquire_dquot:6234: comm syz.1.1200: Failed to acquire dquot type 0 [ 180.048931][ T7885] EXT4-fs (loop1): 1 orphan inode deleted [ 180.055023][ T7885] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000003,nolazytime,,errors=continue. Quota mode: writeback. [ 180.068776][ T7894] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 180.085968][ T4177] udevd[4177]: incorrect cramfs checksum on /dev/loop0 [ 180.141126][ T5152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 180.151327][ T7885] ext4 filesystem being mounted at /223/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 180.160533][ T5152] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 180.187397][ T4177] udevd[4177]: incorrect cramfs checksum on /dev/loop0 [ 180.211802][ T5025] wacom 0003:056A:033B.000F: unknown main item tag 0x0 [ 180.229031][ T5152] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 180.231368][ T5025] wacom 0003:056A:033B.000F: Unknown device_type for 'HID 056a:033b'. Assuming pen. [ 180.281980][ T5152] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 180.307570][ T5025] wacom 0003:056A:033B.000F: hidraw0: USB HID v0.00 Device [HID 056a:033b] on usb-dummy_hcd.5-1/input0 [ 180.339164][ T5152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.370112][ T5152] usb 3-1: config 0 descriptor?? [ 180.384652][ T5025] input: Wacom Intuos S 2 Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:033B.000F/input/input12 [ 180.498691][ T5025] usb 6-1: USB disconnect, device number 8 [ 180.556031][ T7904] loop6: detected capacity change from 0 to 2048 [ 180.666510][ T7906] loop1: detected capacity change from 0 to 4096 [ 180.683809][ T7907] fido_id[7907]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory [ 180.724255][ T4177] Alternate GPT is invalid, using primary GPT. [ 180.740397][ T4177] loop6: p1 p2 p3 [ 180.755564][ T4177] loop6: partition table partially beyond EOD, truncated [ 180.780773][ T7906] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 2) do not match. Run ntfsfix or chkdsk. [ 180.815178][ T7906] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 180.856904][ T7906] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing. [ 180.871192][ T5152] microsoft 0003:045E:07DA.0010: unknown main item tag 0x0 [ 180.875428][ T7906] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 180.905268][ T5152] microsoft 0003:045E:07DA.0010: ignoring exceeding usage max [ 180.917174][ T7906] ntfs: volume version 3.1. [ 180.933740][ T7904] Alternate GPT is invalid, using primary GPT. [ 180.950723][ T5152] microsoft 0003:045E:07DA.0010: ignoring exceeding usage max [ 180.961987][ T7904] loop6: p1 p2 p3 [ 180.975738][ T7904] loop6: partition table partially beyond EOD, truncated [ 181.003282][ T5152] microsoft 0003:045E:07DA.0010: No inputs registered, leaving [ 181.034441][ T5152] microsoft 0003:045E:07DA.0010: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 181.054663][ T5152] microsoft 0003:045E:07DA.0010: no inputs found [ 181.091915][ T5152] microsoft 0003:045E:07DA.0010: could not initialize ff, continuing anyway [ 181.115789][ T5152] usb 3-1: USB disconnect, device number 6 [ 181.148491][ T5025] Bluetooth: hci4: command 0x0406 tx timeout [ 181.149965][ T3561] Alternate GPT is invalid, using primary GPT. [ 181.157003][ T5025] Bluetooth: hci0: command 0x0406 tx timeout [ 181.161906][ T5149] Bluetooth: hci1: command 0x0406 tx timeout [ 181.216954][ T3561] loop6: p1 p2 p3 [ 181.220876][ T3561] loop6: partition table partially beyond EOD, truncated [ 181.239520][ T7918] loop1: detected capacity change from 0 to 512 [ 181.267456][ T7920] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1214'. [ 181.315567][ T7918] EXT4-fs error (device loop1): __ext4_iget:4912: inode #11: block 1: comm syz.1.1213: invalid block [ 181.350307][ T7923] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1215'. [ 181.363950][ T7920] device netdevsim0 entered promiscuous mode [ 181.418102][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory [ 181.430083][ T7923] netlink: 212 bytes leftover after parsing attributes in process `syz.5.1215'. [ 181.432220][ T7918] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1213: couldn't read orphan inode 11 (err -117) [ 181.444651][ T7923] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1215'. [ 181.463366][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 181.476220][ T7920] device netdevsim0 left promiscuous mode [ 181.477435][ T4174] udevd[4174]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 181.556475][ T7918] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,minixdf,max_dir_size_kb=0x0000000000000009,data_err=abort,grpquota,noinit_itable,inode_readahead_blks=0x0000000000400000,i_version,acl,,errors=continue. Quota mode: writeback. [ 181.647103][ T7930] tipc: Started in network mode [ 181.667764][ T7930] tipc: Node identity aaaaaaaaaa3, cluster identity 4711 [ 181.707385][ T7930] tipc: Enabled bearer , priority 10 [ 181.733655][ T4524] udevd[4524]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory [ 181.752012][ T4176] udevd[4176]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 181.765731][ T4174] udevd[4174]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 181.835814][ T7931] fido_id[7931]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 181.953298][ T7946] hub 8-0:1.0: USB hub found [ 181.974100][ T7946] hub 8-0:1.0: 1 port detected [ 182.148797][ T7958] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1229'. [ 182.358493][ T7972] loop2: detected capacity change from 0 to 512 [ 182.465098][ T7972] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 182.520229][ T7983] loop0: detected capacity change from 0 to 256 [ 182.556409][ T7991] loop5: detected capacity change from 0 to 64 [ 182.563686][ T7972] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 182.680656][ T7983] FAT-fs (loop0): Directory bread(block 64) failed [ 182.700925][ T7983] FAT-fs (loop0): Directory bread(block 65) failed [ 182.707598][ T7983] FAT-fs (loop0): Directory bread(block 66) failed [ 182.749111][ T7983] FAT-fs (loop0): Directory bread(block 67) failed [ 182.760629][ T7983] FAT-fs (loop0): Directory bread(block 68) failed [ 182.785855][ T7983] FAT-fs (loop0): Directory bread(block 69) failed [ 182.803946][ T7983] FAT-fs (loop0): Directory bread(block 70) failed [ 182.823041][ T5025] tipc: Node number set to 10136234 [ 182.830035][ T7983] FAT-fs (loop0): Directory bread(block 71) failed [ 182.842681][ T7983] FAT-fs (loop0): Directory bread(block 72) failed [ 182.865084][ T7983] FAT-fs (loop0): Directory bread(block 73) failed [ 182.983085][ T8005] loop2: detected capacity change from 0 to 256 [ 183.302022][ T4184] sysv_free_block: flc_count > flc_size [ 183.376387][ T4184] sysv_free_block: flc_count > flc_size [ 183.387449][ T7993] F2FS-fs (loop6): build fault injection attr: rate: 771, type: 0x1ffff [ 183.397601][ T4184] sysv_free_block: flc_count > flc_size [ 183.410736][ T4184] sysv_free_block: flc_count > flc_size [ 183.426947][ T4184] sysv_free_block: flc_count > flc_size [ 183.436005][ T8023] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 183.436109][ T7993] F2FS-fs (loop6): invalid crc value [ 183.455481][ T4184] sysv_free_block: flc_count > flc_size [ 183.455530][ T4184] sysv_free_block: flc_count > flc_size [ 183.455540][ T4184] sysv_free_block: flc_count > flc_size [ 183.455548][ T4184] sysv_free_block: flc_count > flc_size [ 183.455557][ T4184] sysv_free_block: flc_count > flc_size [ 183.456020][ T4184] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 183.530032][ T7993] F2FS-fs (loop6): Found nat_bits in checkpoint [ 183.618996][ T4524] udevd[4524]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory [ 183.735344][ T4524] udevd[4524]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 183.741626][ T7993] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 183.930417][ T4524] udevd[4524]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 184.190370][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 184.896690][ T8051] set_capacity_and_notify: 4 callbacks suppressed [ 184.896706][ T8051] loop1: detected capacity change from 0 to 32768 [ 184.948695][ T8036] syz.5.1264 (8036): drop_caches: 2 [ 184.957849][ T8049] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 184.990241][ T26] kauditd_printk_skb: 4 callbacks suppressed [ 184.990258][ T26] audit: type=1800 audit(1770635456.067:11): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1267" name="file1" dev="loop2" ino=5 res=0 errno=0 [ 185.038436][ T8049] EXT4-fs (loop0): 1 orphan inode deleted [ 185.044312][ T8049] EXT4-fs (loop0): 1 truncate cleaned up [ 185.143240][ T8051] XFS (loop1): Mounting V5 Filesystem [ 185.171067][ T8049] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodelalloc,debug_want_extra_isize=0x000000000000002e,inode_readahead_blks=0x0000000004000000,jqfmt=vfsv0,quota,. Quota mode: writeback. [ 185.329764][ T8068] loop5: detected capacity change from 0 to 512 [ 185.343888][ T8051] XFS (loop1): Ending clean mount [ 185.377108][ T8068] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 185.393338][ T8068] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c816e02c, mo2=0002] [ 185.435251][ T8068] EXT4-fs (loop5): orphan cleanup on readonly fs [ 185.451724][ T8068] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.1271: bad orphan inode 267 [ 185.463382][ T8068] EXT4-fs (loop5): Remounting filesystem read-only [ 185.507686][ T8068] EXT4-fs (loop5): mounted filesystem without journal. Opts: nojournal_checksum,noblock_validity,discard,errors=remount-ro,grpquota. Quota mode: writeback. [ 185.545818][ T8051] xfs: Unexpected value for 'quota' [ 185.780492][ T8068] System zones: 1-12 [ 185.781921][ T4190] XFS (loop1): Unmounting Filesystem [ 185.791654][ T8068] EXT4-fs (loop5): re-mounted. Opts: quota,noload,block_validity,. Quota mode: writeback. [ 185.922802][ T8080] loop6: detected capacity change from 0 to 64 [ 186.046222][ T8071] syz.2.1272 (8071) used greatest stack depth: 18512 bytes left [ 186.660959][ T8096] loop5: detected capacity change from 0 to 128 [ 186.766277][ T8094] loop2: detected capacity change from 0 to 32768 [ 186.837938][ T8096] FAT-fs (loop5): Directory bread(block 162) failed [ 186.844913][ T8096] FAT-fs (loop5): Directory bread(block 163) failed [ 186.952745][ T8096] FAT-fs (loop5): Directory bread(block 164) failed [ 186.958500][ T8082] loop0: detected capacity change from 0 to 40427 [ 186.973931][ T8094] XFS (loop2): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent. [ 186.983487][ T8096] FAT-fs (loop5): Directory bread(block 165) failed [ 187.011801][ T4262] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x192/0x250, xfs_agf block 0x1 [ 187.013473][ T8096] FAT-fs (loop5): Directory bread(block 166) failed [ 187.028690][ T8082] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504) [ 187.037288][ T8082] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 187.046710][ T4262] XFS (loop2): Unmount and run xfs_repair [ 187.053172][ T4262] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 187.060687][ T8082] F2FS-fs (loop0): build fault injection attr: rate: 17008, type: 0x1ffff [ 187.060754][ T8082] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x1f8 [ 187.062630][ T8082] F2FS-fs (loop0): invalid crc value [ 187.071254][ T4262] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 10 00 XAGF............ [ 187.094414][ T4262] 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 10 00 ................ [ 187.103875][ T4262] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04 ................ [ 187.113501][ T4262] 00000030: 00 00 00 04 00 00 0b a2 00 00 0b a0 00 00 00 00 ................ [ 187.122970][ T4262] 00000040: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb ...^T.Lr......N. [ 187.132760][ T8096] FAT-fs (loop5): Directory bread(block 167) failed [ 187.136274][ T8110] loop1: detected capacity change from 0 to 1024 [ 187.139876][ T4262] 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01 ................ [ 187.156006][ T8096] FAT-fs (loop5): Directory bread(block 168) failed [ 187.163925][ T8096] FAT-fs (loop5): Directory bread(block 169) failed [ 187.172459][ T4262] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 187.194736][ T8096] FAT-fs (loop5): Directory bread(block 162) failed [ 187.203553][ T4262] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 187.216212][ T8082] F2FS-fs (loop0): Found nat_bits in checkpoint [ 187.233635][ T8096] FAT-fs (loop5): Directory bread(block 163) failed [ 187.247928][ T8094] XFS (loop2): metadata I/O error in "xfs_read_agf+0x252/0x510" at daddr 0x1 len 1 error 74 [ 187.299799][ T8096] attempt to access beyond end of device [ 187.299799][ T8096] loop5: rw=3, want=232, limit=128 [ 187.398952][ T8096] attempt to access beyond end of device [ 187.398952][ T8096] loop5: rw=2051, want=234, limit=128 [ 187.415195][ T8082] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 187.444450][ T8082] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 187.454189][ T4619] hfsplus: b-tree write err: -5, ino 4 [ 187.468470][ T5021] Bluetooth: hci0: command 0x041f tx timeout [ 187.586881][ T8088] loop6: detected capacity change from 0 to 32768 [ 187.801850][ T4184] attempt to access beyond end of device [ 187.801850][ T4184] loop0: rw=2049, want=45104, limit=40427 [ 187.889562][ T8119] loop1: detected capacity change from 0 to 4096 [ 188.044822][ T8119] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512) [ 188.230645][ T8119] ntfs3: loop1: ino=5, "/" directory corrupted [ 188.820765][ T8165] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1311'. [ 188.838896][ T8165] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1311'. [ 188.852981][ T8165] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1311'. [ 188.863838][ T8169] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1313'. [ 189.130094][ T8182] loop0: detected capacity change from 0 to 512 [ 189.231655][ T8182] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,nojournal_checksum,,errors=continue. Quota mode: writeback. [ 189.252502][ T8182] ext4 filesystem being mounted at /292/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 189.288746][ T5152] usb 3-1: new full-speed USB device number 7 using dummy_hcd [ 189.701650][ T5152] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 189.738068][ T5152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.781915][ T5152] usb 3-1: config 0 descriptor?? [ 189.833010][ T5152] cp210x 3-1:0.0: cp210x converter detected [ 190.071811][ T8226] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1340'. [ 190.264814][ T5152] usb 3-1: cp210x converter now attached to ttyUSB0 [ 190.439637][ T8250] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1352'. [ 190.477913][ T5152] usb 3-1: USB disconnect, device number 7 [ 190.506079][ T5152] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 190.566926][ T5152] cp210x 3-1:0.0: device disconnected [ 190.762497][ T8258] snd_dummy snd_dummy.0: control 0:0:0:syz0:0: value out of range 0 (89/830110067) at count 0 [ 190.771557][ T8256] team0 (unregistering): Port device team_slave_0 removed [ 190.801460][ T8258] snd_dummy snd_dummy.0: control 0:0:0:syz0:0: access overflow [ 190.848618][ T8256] team0 (unregistering): Port device team_slave_1 removed [ 190.968169][ T8232] loop0: detected capacity change from 0 to 32768 [ 191.015991][ T8246] loop6: detected capacity change from 0 to 32768 [ 191.122024][ T8246] JBD2: Ignoring recovery information on journal [ 191.142302][ T8232] ERROR: (device loop0): dbAllocAG: unable to allocate blocks [ 191.142302][ T8232] [ 191.207147][ T8271] device ip6_vti0 entered promiscuous mode [ 191.245267][ T8246] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 191.266655][ T8274] loop5: detected capacity change from 0 to 1024 [ 191.348081][ T8274] hfsplus: trying to free free bnode 0(1) [ 191.383328][ T4904] ocfs2: Unmounting device (7,6) on (node local) [ 191.511640][ T8279] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1365'. [ 191.613352][ T300] hfsplus: b-tree write err: -5, ino 4 [ 191.948877][ T8299] loop5: detected capacity change from 0 to 1024 [ 191.993982][ T8299] EXT4-fs (loop5): inline encryption not supported [ 192.020296][ T8299] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 192.144632][ T8299] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,journal_dev=0x0000000000000d5b,data_err=ignore,nodiscard,user_xattr,grpquota,init_itable,user_xattr,mb_optimize_scan=0x0000000000000001,errors=remount-ro,lazytime,. Quota mode: writeback. [ 192.326175][ T8315] loop1: detected capacity change from 0 to 2048 [ 192.364560][ T8317] loop2: detected capacity change from 0 to 256 [ 192.420829][ T8311] loop6: detected capacity change from 0 to 4096 [ 192.460761][ T8315] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 192.482189][ T8317] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 192.502032][ T8317] FAT-fs (loop2): Filesystem has been set read-only [ 192.516671][ T8317] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 192.529475][ T8317] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 192.540622][ T26] audit: type=1800 audit(1770635463.617:12): pid=8317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1383" name="file1" dev="loop2" ino=1048790 res=0 errno=0 [ 192.583513][ T8321] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 192.881378][ T8329] tipc: Failed to obtain node identity [ 192.898731][ T8329] tipc: Enabling of bearer rejected, failed to enable media [ 192.991368][ T8327] loop6: detected capacity change from 0 to 4096 [ 193.083158][ T8334] loop5: detected capacity change from 0 to 64 [ 193.085070][ T8286] loop0: detected capacity change from 0 to 40427 [ 193.147422][ T8336] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 193.148495][ T8327] NILFS error (device loop6): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 193.173638][ T144] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 193.196802][ T8327] Remounting filesystem read-only [ 193.201915][ T8286] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 193.201946][ T8286] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 193.205106][ T8286] F2FS-fs (loop0): invalid crc value [ 193.257494][ T8334] attempt to access beyond end of device [ 193.257494][ T8334] loop5: rw=0, want=234881064, limit=64 [ 193.269736][ T144] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 193.283599][ T8334] Buffer I/O error on dev loop5, logical block 117440531, async page read [ 193.294355][ T144] EXT4-fs (loop1): This should not happen!! Data will be lost [ 193.294355][ T144] [ 193.313127][ T8286] F2FS-fs (loop0): Found nat_bits in checkpoint [ 193.321745][ T8334] attempt to access beyond end of device [ 193.321745][ T8334] loop5: rw=0, want=8548515842, limit=64 [ 193.348363][ T144] EXT4-fs (loop1): Total free blocks count 0 [ 193.354863][ T144] EXT4-fs (loop1): Free/Dirty block details [ 193.393619][ T26] audit: type=1804 audit(1770635464.457:13): pid=8342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1390" name="/newroot/251/file2/file2" dev="loop5" ino=6 res=1 errno=0 [ 193.428149][ T144] EXT4-fs (loop1): free_blocks=4096 [ 193.433734][ T144] EXT4-fs (loop1): dirty_blocks=848 [ 193.442690][ T8334] Buffer I/O error on dev loop5, logical block 4274257920, async page read [ 193.481001][ T144] EXT4-fs (loop1): Block reservation details [ 193.487156][ T144] EXT4-fs (loop1): i_reserved_data_blocks=53 [ 193.523422][ T8342] Trying to free block not in datazone [ 193.537745][ T144] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 816 with error 28 [ 193.558101][ T8286] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 193.565317][ T8286] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 193.579565][ T8342] Trying to free block not in datazone [ 193.585091][ T8342] Trying to free block not in datazone [ 193.588216][ T26] audit: type=1800 audit(1770635464.657:14): pid=8334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1390" name="file2" dev="loop5" ino=6 res=0 errno=0 [ 193.610266][ T144] EXT4-fs (loop1): This should not happen!! Data will be lost [ 193.610266][ T144] [ 193.656609][ T8342] Trying to free block not in datazone [ 194.093563][ T8353] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 194.160711][ T8368] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 194.296016][ T8371] rdma_op ffff888076d5c9f0 conn xmit_rdma 0000000000000000 [ 194.445833][ T1422] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.452556][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.826682][ T8390] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,noblock_validity,,errors=continue. Quota mode: writeback. [ 194.829521][ T8392] vivid-001: disconnect [ 194.884033][ T8391] vivid-001: reconnect [ 194.999697][ T8390] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 195.378515][ T5152] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 195.400975][ T26] audit: type=1800 audit(1770635466.477:15): pid=8408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1422" name="bus" dev="loop5" ino=1048792 res=0 errno=0 [ 195.541015][ T8415] netlink: 'syz.6.1425': attribute type 1 has an invalid length. [ 195.668980][ T5152] usb 3-1: Using ep0 maxpacket: 32 [ 195.808567][ T5152] usb 3-1: config 0 has an invalid interface number: 191 but max is 0 [ 195.817450][ T5152] usb 3-1: config 0 has no interface number 0 [ 195.834541][ T5152] usb 3-1: config 0 interface 191 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 24 [ 196.028831][ T4262] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 196.037450][ T8406] set_capacity_and_notify: 5 callbacks suppressed [ 196.037467][ T8406] loop0: detected capacity change from 0 to 32768 [ 196.047632][ T8433] loop1: detected capacity change from 0 to 4096 [ 196.058654][ T5152] usb 3-1: New USB device found, idVendor=0789, idProduct=0160, bcdDevice=2c.d1 [ 196.077926][ T5152] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 196.086985][ T5152] usb 3-1: Product: syz [ 196.092752][ T5152] usb 3-1: Manufacturer: syz [ 196.097835][ T5152] usb 3-1: SerialNumber: syz [ 196.107787][ T5152] usb 3-1: config 0 descriptor?? [ 196.128911][ T8400] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 196.172277][ T8433] EXT4-fs (loop1): mounted filesystem without journal. Opts: lazytime,journal_ioprio=0x0000000000000001,resgid=0x0000000000000000,init_itable,data_err=abort,quota,errors=remount-ro,. Quota mode: writeback. [ 196.206769][ T8406] XFS (loop0): Mounting V5 Filesystem [ 196.325274][ T8433] EXT4-fs error (device loop1): ext4_get_first_dir_block:3617: inode #12: block 80: comm syz.1.1434: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 196.360963][ T8400] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 196.387723][ T8406] XFS (loop0): Ending clean mount [ 196.458670][ T4262] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.470454][ T8433] EXT4-fs (loop1): Remounting filesystem read-only [ 196.478953][ T8433] EXT4-fs error (device loop1): ext4_get_first_dir_block:3619: inode #12: comm syz.1.1434: directory missing '..' [ 196.492618][ T4262] usb 6-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 196.502665][ T4262] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.513596][ T8433] EXT4-fs (loop1): Remounting filesystem read-only [ 196.514386][ T4262] usb 6-1: config 0 descriptor?? [ 196.534324][ T4184] XFS (loop0): Unmounting Filesystem [ 196.831004][ T5152] asix 3-1:0.191 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 196.861183][ T5152] asix 3-1:0.191 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 196.872599][ T5152] asix: probe of 3-1:0.191 failed with error -71 [ 196.901811][ T5152] usb 3-1: USB disconnect, device number 8 [ 196.975535][ T8463] loop1: detected capacity change from 0 to 1764 [ 197.079268][ T4262] logitech 0003:046D:C295.0011: hidraw0: USB HID v0.02 Device [HID 046d:c295] on usb-dummy_hcd.5-1/input0 [ 197.123184][ T4262] logitech 0003:046D:C295.0011: no inputs found [ 197.332331][ T5025] usb 6-1: USB disconnect, device number 9 [ 197.876370][ T8502] loop2: detected capacity change from 0 to 8 [ 197.983818][ T8508] loop6: detected capacity change from 0 to 1024 [ 198.235809][ T8508] hfsplus: inconsistency in B*Tree (4,0,1,0,1) [ 198.261645][ T8508] hfsplus: inconsistency in B*Tree (4,0,1,0,1) [ 198.318315][ T9] hfsplus: b-tree write err: -5, ino 4 [ 198.478173][ T8532] netlink: 'syz.5.1476': attribute type 3 has an invalid length. [ 198.626616][ T8544] loop6: detected capacity change from 0 to 512 [ 198.692949][ T8544] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 198.728747][ T8549] loop5: detected capacity change from 0 to 2048 [ 198.758783][ T8544] EXT4-fs (loop6): 1 truncate cleaned up [ 198.764489][ T8544] EXT4-fs (loop6): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000004000,errors=remount-ro,max_batch_time=0x0000000000000004,. Quota mode: none. [ 198.862086][ T8549] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 198.929345][ T4176] udevd[4176]: incorrect nilfs2 checksum on /dev/loop5 [ 198.982363][ T8561] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 199.037746][ T8557] loop0: detected capacity change from 0 to 4096 [ 199.084238][ T8557] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 199.209075][ T8566] loop5: detected capacity change from 0 to 512 [ 199.235571][ T8557] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 199.308608][ T8566] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 199.361143][ T8566] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 199.407411][ T8566] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 199.428388][ T8566] System zones: 0-2, 18-18, 34-35 [ 199.436034][ T8566] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 199.646815][ T8578] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1495'. [ 199.659109][ T8578] tipc: Started in network mode [ 199.666815][ T8566] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended [ 199.688967][ T8578] tipc: Node identity fff50000000000000000000000000001, cluster identity 4711 [ 199.712676][ T8578] tipc: Enabling of bearer rejected, failed to enable media [ 199.722635][ T8566] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 199.749205][ T8566] EXT4-fs (loop5): re-mounted. Opts: . Quota mode: none. [ 199.833018][ T8566] EXT4-fs (loop5): re-mounted. Opts: (null). Quota mode: none. [ 199.986460][ T8560] loop2: detected capacity change from 0 to 32768 [ 199.986860][ T8589] use of bytesused == 0 is deprecated and will be removed in the future, [ 200.081074][ T8597] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1504'. [ 200.081516][ T8589] use the actual size instead. [ 200.093446][ T8597] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1504'. [ 200.165785][ T8560] ERROR: (device loop2): dbAllocAG: unable to allocate blocks [ 200.165785][ T8560] [ 200.616812][ T8613] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 200.660008][ T8619] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 200.686659][ T8613] NILFS (loop5): corrupt root inode [ 200.689136][ T4177] udevd[4177]: incorrect nilfs2 checksum on /dev/loop5 [ 200.887898][ T8629] sp0: Synchronizing with TNC [ 200.926571][ T8628] FAT-fs (loop6): Directory bread(block 64) failed [ 200.929536][ T8629] sp0: Found TNC [ 200.940383][ T8628] FAT-fs (loop6): Directory bread(block 65) failed [ 200.947161][ T8628] FAT-fs (loop6): Directory bread(block 66) failed [ 200.996687][ T8628] FAT-fs (loop6): Directory bread(block 67) failed [ 201.019521][ T5026] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 201.068472][ T8628] FAT-fs (loop6): Directory bread(block 68) failed [ 201.106241][ T8628] FAT-fs (loop6): Directory bread(block 69) failed [ 201.157553][ T8628] FAT-fs (loop6): Directory bread(block 70) failed [ 201.167094][ T8628] FAT-fs (loop6): Directory bread(block 71) failed [ 201.185852][ T8628] FAT-fs (loop6): Directory bread(block 72) failed [ 201.203026][ T8628] FAT-fs (loop6): Directory bread(block 73) failed [ 201.342521][ T8639] set_capacity_and_notify: 2 callbacks suppressed [ 201.342539][ T8639] loop2: detected capacity change from 0 to 64 [ 201.358058][ T5021] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 201.398680][ T5026] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 201.407639][ T5026] usb 2-1: config 0 has no interface number 0 [ 201.431337][ T8639] attempt to access beyond end of device [ 201.431337][ T8639] loop2: rw=0, want=234881064, limit=64 [ 201.431937][ T8609] loop0: detected capacity change from 0 to 40427 [ 201.449319][ T5026] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 201.461031][ T5026] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 201.471653][ T5026] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 201.482487][ T26] audit: type=1804 audit(1770635472.557:16): pid=8640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1525" name="/newroot/332/file2/file2" dev="loop2" ino=6 res=1 errno=0 [ 201.483017][ T5026] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 201.513031][ T8639] Buffer I/O error on dev loop2, logical block 117440531, async page read [ 201.523534][ T8640] Trying to free block not in datazone [ 201.529601][ T26] audit: type=1800 audit(1770635472.607:17): pid=8639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1525" name="file2" dev="loop2" ino=6 res=0 errno=0 [ 201.539635][ T8609] F2FS-fs (loop0): invalid crc value [ 201.557149][ T5026] usb 2-1: config 0 descriptor?? [ 201.583192][ T8640] Trying to free block not in datazone [ 201.612408][ T8609] F2FS-fs (loop0): Found nat_bits in checkpoint [ 201.617584][ T8640] Trying to free block not in datazone [ 201.638154][ T5025] Bluetooth: hci2: command 0x0406 tx timeout [ 201.644610][ T5021] usb 6-1: Using ep0 maxpacket: 16 [ 201.645921][ T8640] Trying to free block not in datazone [ 201.657239][ T8644] netlink: 'syz.6.1526': attribute type 2 has an invalid length. [ 201.691706][ T8609] F2FS-fs (loop0): Start checkpoint disabled! [ 201.724059][ T8609] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 201.768572][ T5021] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 201.784607][ T8647] loop6: detected capacity change from 0 to 512 [ 201.798679][ T5021] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 201.875354][ T8647] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 201.883040][ T300] attempt to access beyond end of device [ 201.883040][ T300] loop0: rw=2049, want=40976, limit=40427 [ 201.929873][ T8647] EXT4-fs (loop6): orphan cleanup on readonly fs [ 201.950876][ T8647] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:510: comm syz.6.1527: Block bitmap for bg 0 marked uninitialized [ 201.966629][ T8652] loop2: detected capacity change from 0 to 1024 [ 201.973716][ T5021] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 201.990989][ T5021] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 202.002270][ T5021] usb 6-1: Product: syz [ 202.006701][ T5021] usb 6-1: Manufacturer: syz [ 202.014386][ T5021] usb 6-1: SerialNumber: syz [ 202.050990][ T8647] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6194: Corrupt filesystem [ 202.071589][ T8652] hfsplus: bad catalog entry type [ 202.073755][ T5026] uclogic 0003:256C:006D.0012: unknown main item tag 0x0 [ 202.087468][ T5026] uclogic 0003:256C:006D.0012: unknown main item tag 0x0 [ 202.115487][ T5026] uclogic 0003:256C:006D.0012: unknown main item tag 0x0 [ 202.124265][ T4619] hfsplus: b-tree write err: -5, ino 4 [ 202.125277][ T5026] uclogic 0003:256C:006D.0012: unknown main item tag 0x0 [ 202.148078][ T5026] uclogic 0003:256C:006D.0012: unknown main item tag 0x0 [ 202.152729][ T8647] EXT4-fs (loop6): 1 orphan inode deleted [ 202.155706][ T5026] uclogic 0003:256C:006D.0012: No inputs registered, leaving [ 202.178250][ T8647] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 202.225735][ T8647] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended [ 202.298551][ T8647] EXT4-fs (loop6): re-mounted. Opts: . Quota mode: none. [ 202.334420][ T8647] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:510: comm syz.6.1527: Block bitmap for bg 0 marked uninitialized [ 202.393904][ T8647] EXT4-fs error (device loop6): ext4_xattr_block_set:2195: inode #15: comm syz.6.1527: bad block 0 [ 202.443510][ T8654] loop2: detected capacity change from 0 to 32768 [ 202.451651][ T5026] uclogic 0003:256C:006D.0012: hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.1-1/input1 [ 202.470189][ T5026] usb 2-1: USB disconnect, device number 10 [ 202.523218][ T5021] usb 6-1: 0:2 : does not exist [ 202.558580][ T8659] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1529'. [ 202.572894][ T5021] usb 6-1: USB disconnect, device number 10 [ 202.591958][ T8654] XFS (loop2): Mounting V5 Filesystem [ 202.666527][ T5152] XFS (loop2): Metadata CRC error detected at xfs_agf_read_verify+0x192/0x250, xfs_agf block 0x1 [ 202.678855][ T5152] XFS (loop2): Unmount and run xfs_repair [ 202.684614][ T5152] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 202.693273][ T5152] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 20 00 XAGF.......... . [ 202.703373][ T5152] 00000010: 00 00 00 01 00 00 00 02 00 00 00 05 00 00 00 01 ................ [ 202.725669][ T5152] 00000020: 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 06 ................ [ 202.736173][ T5152] 00000030: 00 00 00 06 00 00 13 e3 00 00 13 e0 00 00 00 00 ................ [ 202.746429][ T5152] 00000040: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d ..BNy.B..... ... [ 202.756623][ T5152] 00000050: 00 00 00 01 00 00 00 01 00 00 00 06 00 00 00 3f ...............? [ 202.766812][ T5152] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 202.776578][ T5152] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ [ 202.796851][ T8654] XFS (loop2): metadata I/O error in "xfs_read_agf+0x252/0x510" at daddr 0x1 len 1 error 74 [ 202.808165][ T8654] XFS (loop2): Error -117 reserving per-AG metadata reserve pool. [ 202.817166][ T8654] XFS (loop2): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x1bf/0x1f0 (fs/xfs/xfs_fsops.c:577). Shutting down filesystem. [ 202.832973][ T8654] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 202.835947][ T8670] fido_id[8670]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 202.842528][ T8654] XFS (loop2): Ending clean mount [ 202.862855][ T8654] XFS (loop2): Failed to initialize disk quotas. [ 202.869627][ T8654] XFS (loop2): Error -5 reserving per-AG metadata reserve pool. [ 202.902206][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 203.557927][ T8700] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1547'. [ 203.640827][ T8706] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1550'. [ 203.706530][ T8706] netem: invalid attributes len -17 [ 203.730099][ T8706] netem: change failed [ 203.732347][ T8708] option changes via remount are deprecated (pid=8707 comm=syz.5.1551) [ 203.832337][ T8714] loop2: detected capacity change from 0 to 256 [ 203.864379][ T8712] loop0: detected capacity change from 0 to 1764 [ 203.877095][ T8720] loop5: detected capacity change from 0 to 256 [ 203.917705][ T8714] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 203.936059][ T8722] loop1: detected capacity change from 0 to 256 [ 203.944345][ T8712] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 203.957863][ T8714] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 203.982092][ T8720] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 204.008242][ T8720] exFAT-fs (loop5): Medium has reported failures. Some data may be lost. [ 204.014270][ T8722] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 204.054894][ T8720] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 204.055275][ T8714] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 204.134682][ T26] audit: type=1800 audit(1770635475.207:18): pid=8722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1558" name="file2" dev="loop1" ino=1048810 res=0 errno=0 [ 204.506832][ T8730] loop0: detected capacity change from 0 to 4096 [ 204.600884][ T8730] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 204.603876][ T8749] netlink: 822 bytes leftover after parsing attributes in process `syz.1.1571'. [ 204.610079][ T8740] exfat: Deprecated parameter 'utf8' [ 204.693802][ T8730] ntfs3: loop0: Failed to load $Extend. [ 204.740910][ T8740] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 205.529672][ T144] hfsplus: b-tree write err: -5, ino 4 [ 206.038331][ T8752] XFS (loop2): Mounting V5 Filesystem [ 206.153031][ T8752] XFS (loop2): Ending clean mount [ 206.163935][ T8752] XFS (loop2): Quotacheck needed: Please wait. [ 206.255691][ T8750] XFS (loop5): Mounting V5 Filesystem [ 206.276318][ T8754] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 206.301932][ T8754] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 206.477540][ T8752] XFS (loop2): Quotacheck: Done. [ 206.493821][ T8754] F2FS-fs (loop1): Found nat_bits in checkpoint [ 206.502791][ T8750] XFS (loop5): Ending clean mount [ 206.549400][ T8750] XFS (loop5): Quotacheck needed: Please wait. [ 206.651055][ T4188] XFS (loop2): Unmounting Filesystem [ 206.684140][ T8750] XFS (loop5): Quotacheck: Done. [ 206.740047][ T8754] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 206.741037][ T8809] comedi: No check for data length of config insn id 1003 is implemented [ 206.747352][ T8754] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 206.890648][ T8809] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c [ 206.919910][ T8809] comedi: Assuming n=15 is correct [ 206.920979][ T4520] XFS (loop5): Unmounting Filesystem [ 207.249408][ T8818] set_capacity_and_notify: 5 callbacks suppressed [ 207.249426][ T8818] loop2: detected capacity change from 0 to 1024 [ 207.260988][ T8819] loop6: detected capacity change from 0 to 1024 [ 207.297651][ T4190] attempt to access beyond end of device [ 207.297651][ T4190] loop1: rw=2049, want=45104, limit=40427 [ 207.469183][ T8819] hfsplus: bad catalog entry type [ 207.510251][ T8823] loop0: detected capacity change from 0 to 4096 [ 207.552639][ T8823] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 207.553555][ T4619] hfsplus: b-tree write err: -5, ino 4 [ 207.808675][ T8830] loop2: detected capacity change from 0 to 8 [ 207.846354][ T8831] loop5: detected capacity change from 0 to 1024 [ 207.903922][ T8830] SQUASHFS error: lzo decompression failed, data probably corrupt [ 207.940908][ T4184] ntfs3: loop0: ntfs_sync_fs r=1a failed, -22. [ 207.982652][ T8830] SQUASHFS error: Failed to read block 0x91: -5 [ 207.990280][ T4184] ntfs3: loop0: ntfs_evict_inode r=1a failed, -22. [ 208.014410][ T8830] SQUASHFS error: Unable to read metadata cache entry [8f] [ 208.038190][ T4184] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 208.052423][ T8830] SQUASHFS error: Unable to read inode 0x11f [ 208.162980][ T8833] loop5: detected capacity change from 0 to 136 [ 208.419268][ T8841] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 208.425937][ T8841] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 208.469334][ T8841] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 208.486330][ T8841] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 208.524325][ T8841] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 208.559168][ T8841] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 208.587223][ T8841] comedi comedi3: 8255: I/O port conflict (0x3ff,4) [ 208.630690][ T8847] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 208.693080][ T8847] tipc: Enabled bearer , priority 10 [ 208.727512][ T8827] loop6: detected capacity change from 0 to 32768 [ 208.773645][ T8851] loop1: detected capacity change from 0 to 1024 [ 208.884175][ T8855] loop5: detected capacity change from 0 to 512 [ 208.925389][ T8855] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 208.998713][ T4619] hfsplus: b-tree write err: -5, ino 4 [ 209.117185][ T8855] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 548) [ 209.206238][ T26] audit: type=1326 audit(1770635480.277:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.262454][ T8839] loop2: detected capacity change from 0 to 32768 [ 209.268471][ T26] audit: type=1326 audit(1770635480.287:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.361527][ T8839] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.1606 (8839) [ 209.377541][ T26] audit: type=1326 audit(1770635480.287:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.430817][ T8839] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 209.457001][ T26] audit: type=1326 audit(1770635480.307:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.476398][ T8839] BTRFS info (device loop2): using free space tree [ 209.504780][ T8839] BTRFS info (device loop2): has skinny extents [ 209.516267][ T8869] EXT4-fs (loop1): Ignoring removed orlov option [ 209.638894][ T8869] EXT4-fs (loop1): mounted filesystem without journal. Opts: nouid32,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,bsddf,norecovery,,errors=continue. Quota mode: none. [ 209.673124][ T26] audit: type=1326 audit(1770635480.307:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.702479][ T26] audit: type=1326 audit(1770635480.307:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.726441][ T26] audit: type=1326 audit(1770635480.307:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.752921][ T26] audit: type=1326 audit(1770635480.307:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.776109][ T26] audit: type=1326 audit(1770635480.307:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.809149][ T26] audit: type=1326 audit(1770635480.307:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8862 comm="syz.6.1618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41e4549f79 code=0x7ffc0000 [ 209.879353][ T8853] XFS (loop0): Mounting V5 Filesystem [ 209.954442][ T8839] BTRFS info (device loop2): enabling ssd optimizations [ 210.116396][ T8853] XFS (loop0): Ending clean mount [ 210.347293][ T4184] XFS (loop0): Unmounting Filesystem [ 210.504145][ T8917] EXT4-fs (loop1): Ignoring removed bh option [ 210.516183][ T8917] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 210.543103][ T8917] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 210.580427][ T8871] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 210.831059][ T8917] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:476: comm syz.1.1631: Invalid block bitmap block 0 in block_group 0 [ 210.859708][ T8917] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6194: Corrupt filesystem [ 210.895861][ T8917] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #11: comm syz.1.1631: attempt to clear invalid blocks 983261 len 1 [ 210.948192][ T8917] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm syz.1.1631: Invalid inode table block 0 in block_group 0 [ 210.985115][ T8917] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 211.024398][ T8917] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem [ 211.042139][ T8917] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm syz.1.1631: Invalid inode table block 0 in block_group 0 [ 211.056965][ T4904] ocfs2: Unmounting device (7,6) on (node local) [ 211.121237][ T8917] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 211.150480][ T8917] EXT4-fs error (device loop1): ext4_truncate:4279: inode #11: comm syz.1.1631: mark_inode_dirty error [ 211.217346][ T8917] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem [ 211.258311][ T8917] EXT4-fs error (device loop1): __ext4_get_inode_loc:4327: comm syz.1.1631: Invalid inode table block 0 in block_group 0 [ 211.296651][ T8917] EXT4-fs (loop1): 1 truncate cleaned up [ 211.328226][ T8917] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,grpquota,bh,noblock_validity,,errors=continue. Quota mode: writeback. [ 211.705848][ T8938] ntfs: volume version 3.1. [ 211.878306][ T4262] Bluetooth: hci3: command 0x0406 tx timeout [ 211.918111][ T8949] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 212.388852][ T8969] set_capacity_and_notify: 7 callbacks suppressed [ 212.388870][ T8969] loop2: detected capacity change from 0 to 1024 [ 212.469528][ T8969] hfsplus: uid requires an argument [ 212.485642][ T8969] hfsplus: unable to parse mount options [ 212.487716][ T8972] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1653'. [ 212.534961][ T8934] loop5: detected capacity change from 0 to 40427 [ 212.648234][ T8934] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 212.656585][ T8934] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 212.697030][ T8976] loop2: detected capacity change from 0 to 512 [ 212.709302][ T8934] F2FS-fs (loop5): invalid crc value [ 212.739881][ T8934] F2FS-fs (loop5): Found nat_bits in checkpoint [ 212.763639][ T8981] xt_HMARK: proto mask must be zero with L3 mode [ 212.801026][ T8976] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 212.853353][ T8976] EXT4-fs (loop2): 1 truncate cleaned up [ 212.900303][ T8976] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,jqfmt=vfsold,minixdf,quota,,errors=continue. Quota mode: writeback. [ 212.911249][ T8934] F2FS-fs (loop5): recover fsync data on readonly fs [ 213.058769][ T8934] F2FS-fs (loop5): Try to recover 1th superblock, ret: -30 [ 213.110339][ T8934] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 213.424574][ T8999] loop2: detected capacity change from 0 to 512 [ 213.431915][ T8997] loop0: detected capacity change from 0 to 1024 [ 213.510543][ T8997] hfsplus: bad catalog entry type [ 213.581209][ T9] hfsplus: b-tree write err: -5, ino 4 [ 213.597370][ T8999] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 213.651086][ T8999] ext4 filesystem being mounted at /352/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 213.688299][ T5027] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 213.715909][ T8974] loop6: detected capacity change from 0 to 32768 [ 213.983320][ T8974] XFS (loop6): Mounting V5 Filesystem [ 214.038341][ T5028] usb 6-1: new full-speed USB device number 11 using dummy_hcd [ 214.058890][ T5027] usb 2-1: config 0 interface 0 altsetting 10 endpoint 0x6 has invalid wMaxPacketSize 0 [ 214.083481][ T5027] usb 2-1: config 0 interface 0 altsetting 10 endpoint 0xB has invalid wMaxPacketSize 0 [ 214.114018][ T5027] usb 2-1: config 0 interface 0 altsetting 10 bulk endpoint 0xB has invalid maxpacket 0 [ 214.133261][ T8974] XFS (loop6): Ending clean mount [ 214.138251][ T5027] usb 2-1: config 0 interface 0 has no altsetting 0 [ 214.163092][ T8974] XFS (loop6): Quotacheck needed: Please wait. [ 214.263464][ T8974] XFS (loop6): Quotacheck: Done. [ 214.308519][ T5027] usb 2-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=4c.b3 [ 214.317651][ T5027] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.348452][ T5027] usb 2-1: Product: syz [ 214.352681][ T5027] usb 2-1: Manufacturer: syz [ 214.357307][ T5027] usb 2-1: SerialNumber: syz [ 214.400071][ T5027] usb 2-1: config 0 descriptor?? [ 214.412853][ T5028] usb 6-1: config 0 interface 0 altsetting 255 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 214.428921][ T4904] XFS (loop6): Unmounting Filesystem [ 214.441033][ T5028] usb 6-1: config 0 interface 0 has no altsetting 0 [ 214.449894][ T5027] ir_toy 2-1:0.0: required endpoints not found [ 214.458143][ T5028] usb 6-1: New USB device found, idVendor=04b3, idProduct=3105, bcdDevice= 0.00 [ 214.467310][ T5028] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.478404][ T5028] usb 6-1: config 0 descriptor?? [ 214.490840][ T9042] loop2: detected capacity change from 0 to 16 [ 214.498598][ T9007] raw-gadget.1 gadget: fail, usb_ep_enable returned -22 [ 214.534031][ T9042] erofs: (device loop2): mounted with root inode @ nid 36. [ 214.566717][ T9042] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 214.575053][ T9044] loop0: detected capacity change from 0 to 2048 [ 214.603752][ T9042] erofs: (device loop2): z_erofs_lz4_decompress: failed to decompress -46 in[60, 4036] out[1851] [ 214.617478][ T9044] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 214.663946][ T9044] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 214.669354][ T9042] erofs: (device loop2): z_erofs_readpage: failed to read, err [-117] [ 214.754973][ T9044] UDF-fs: error (device loop0): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned lenght of impUse field [ 214.953884][ T5028] lenovo 0003:04B3:3105.0013: hidraw0: USB HID v1.01 Device [HID 04b3:3105] on usb-dummy_hcd.5-1/input0 [ 215.082094][ T9052] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1686'. [ 215.092841][ T9052] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1686'. [ 215.190588][ T5028] usb 6-1: USB disconnect, device number 11 [ 215.358466][ T9063] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 215.387121][ T9063] tipc: Enabled bearer , priority 10 [ 215.406091][ T9064] loop2: detected capacity change from 0 to 4096 [ 215.462895][ T9064] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512) [ 215.536972][ T9064] ntfs3: loop2: ntfs_sync_fs r=1a failed, -22. [ 215.576935][ T9064] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 215.620545][ T9064] ntfs3: loop2: ntfs_sync_fs r=1a failed, -22. [ 215.674759][ T4188] ntfs3: loop2: ntfs_sync_fs r=1a failed, -22. [ 215.698684][ T4188] ntfs3: loop2: ntfs_evict_inode r=1a failed, -22. [ 216.488211][ T5028] tipc: Node number set to 4294246401 [ 216.544712][ T9107] sock: sock_timestamping_bind_phc: sock not bind to device [ 216.561015][ T5028] usb 2-1: USB disconnect, device number 11 [ 216.838853][ T9122] netlink: 260 bytes leftover after parsing attributes in process `syz.6.1720'. [ 216.873798][ T9124] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1721'. [ 217.034314][ T9120] loop0: detected capacity change from 0 to 8192 [ 217.066248][ T9120] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 217.101243][ T9120] REISERFS (device loop0): using journaled data mode [ 217.142344][ T9120] reiserfs: using flush barriers [ 217.180428][ T9120] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 217.198445][ T9120] REISERFS (device loop0): checking transaction log (loop0) [ 217.210558][ T9120] REISERFS (device loop0): Using r5 hash to sort names [ 217.218485][ T9120] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 217.233930][ T9120] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 217.406697][ T9146] loop5: detected capacity change from 0 to 256 [ 217.490083][ T9146] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 217.622544][ T9160] loop0: detected capacity change from 0 to 1024 [ 217.635538][ T9160] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 217.711654][ T9160] EXT4-fs (loop0): mounted filesystem without journal. Opts: resgid=0x000000000000ee01,abort,discard,max_batch_time=0x0000000000000003,data=ordered,mblk_io_submit,usrquota,init_itable,errors=remount-ro,bsddf,auto_da_alloc,. Quota mode: writeback. [ 217.765052][ T9162] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1733'. [ 217.778275][ T9162] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1733'. [ 218.411137][ T9187] autofs4:pid:9187:autofs_fill_super: called with bogus options [ 218.486041][ T9165] loop2: detected capacity change from 0 to 32768 [ 218.530303][ T9194] loop0: detected capacity change from 0 to 256 [ 218.601155][ T9194] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x1d73664b, utbl_chksum : 0xe619d30d) [ 218.639642][ T9165] XFS (loop2): Mounting V5 Filesystem [ 218.716238][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.724693][ T9194] exFAT-fs (loop0): Filesystem has been set read-only [ 218.735413][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 0, err : -5) [ 218.753779][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.761497][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 0, err : -5) [ 218.788419][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.803824][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 1, err : -5) [ 218.812778][ T9165] XFS (loop2): Ending clean mount [ 218.816166][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.822639][ T9165] XFS (loop2): Quotacheck needed: Please wait. [ 218.826403][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 2, err : -5) [ 218.861047][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.867505][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 3, err : -5) [ 218.878281][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.892833][ T9165] XFS (loop2): Quotacheck: Done. [ 218.892844][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 4, err : -5) [ 218.897900][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.897926][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 5, err : -5) [ 218.898021][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.898037][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 6, err : -5) [ 218.898063][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.956024][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 7, err : -5) [ 218.966649][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.975172][ T9194] exFAT-fs (loop0): error, failed to bmap (inode : ffff888073d594e0 iblock : 0, err : -5) [ 218.985716][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 218.994402][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 219.000932][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 219.007165][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 219.017395][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 219.026741][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 219.035678][ T9194] exFAT-fs (loop0): error, broken FAT chain. [ 219.044228][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 219.044244][ T26] audit: type=1800 audit(1770635490.117:32): pid=9194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1748" name="file0" dev="loop0" ino=1048813 res=0 errno=0 [ 219.081666][ T4188] XFS (loop2): Unmounting Filesystem [ 219.187292][ T9206] sg_write: process 655 (syz.5.1750) changed security contexts after opening file descriptor, this is not allowed. [ 219.700153][ T9226] loop6: detected capacity change from 0 to 2048 [ 219.826133][ T9226] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpquota,errors=remount-ro,max_dir_size_kb=0x0000000000000004,grpjquota=,. Quota mode: writeback. [ 219.871016][ T9226] EXT4-fs error (device loop6): ext4_find_extent:929: inode #2: comm syz.6.1760: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 219.900815][ T9226] EXT4-fs (loop6): Remounting filesystem read-only [ 219.934017][ T9243] loop1: detected capacity change from 0 to 512 [ 220.077869][ T9243] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,nojournal_checksum,,errors=continue. Quota mode: writeback. [ 220.099085][ T9243] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 220.191421][ T9243] EXT4-fs error (device loop1): ext4_xattr_block_find:1855: inode #12: comm syz.1.1766: corrupted xattr block 6 [ 220.351395][ T9257] delete_channel: no stack [ 220.432684][ T9259] loop6: detected capacity change from 0 to 256 [ 220.526059][ T9259] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d) [ 220.640784][ T9270] loop1: detected capacity change from 0 to 128 [ 220.771592][ T9270] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 220.774955][ T9279] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 220.817468][ T9270] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 220.827734][ T9279] CIFS mount error: No usable UNC path provided in device string! [ 220.827734][ T9279] [ 220.856587][ T9281] loop6: detected capacity change from 0 to 512 [ 220.893709][ T9279] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 220.960324][ T9281] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,sysvgroups,minixdf,nombcache,. Quota mode: writeback. [ 220.995392][ T9281] ext4 filesystem being mounted at /305/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 221.366286][ T9307] loop0: detected capacity change from 0 to 2048 [ 221.444990][ T9307] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 221.476090][ T9307] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 221.539727][ T9310] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 221.559960][ T9311] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 221.582107][ T9310] ntfs: (device loop1): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 221.593878][ T9310] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 221.612211][ T9310] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 221.625642][ T9310] ntfs: volume version 3.1. [ 221.698171][ T9] ntfs: (device loop1): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry. [ 221.754117][ T4190] ntfs: (device loop1): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 222.017866][ T9330] atomic_op ffff88805fcf7198 conn xmit_atomic 0000000000000000 [ 222.415552][ T9350] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1815'. [ 222.567772][ T9346] set_capacity_and_notify: 2 callbacks suppressed [ 222.567794][ T9346] loop1: detected capacity change from 0 to 4096 [ 222.616200][ T9360] loop2: detected capacity change from 0 to 64 [ 222.688518][ T9346] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 222.933510][ T9346] ntfs3: loop1: ntfs_sync_fs r=1a failed, -22. [ 222.993853][ T9346] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 223.045648][ T9346] ntfs3: loop1: ntfs_sync_fs r=1a failed, -22. [ 223.132082][ T4190] ntfs3: loop1: ntfs_sync_fs r=1a failed, -22. [ 223.148773][ T4190] ntfs3: loop1: ntfs_evict_inode r=1a failed, -22. [ 223.384624][ T9383] loop2: detected capacity change from 0 to 4096 [ 223.394621][ T9381] loop6: detected capacity change from 0 to 4096 [ 223.461517][ T9365] loop0: detected capacity change from 0 to 32768 [ 223.525129][ T9383] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 223.555547][ T9365] JBD2: Ignoring recovery information on journal [ 223.646192][ T9365] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 223.721511][ T9383] EXT4-fs error (device loop2): ext4_empty_dir:3154: inode #12: block 80: comm syz.2.1831: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 223.858937][ T9383] EXT4-fs warning (device loop2): ext4_empty_dir:3156: inode #12: comm syz.2.1831: directory missing '..' [ 224.046399][ T9408] netlink: 144 bytes leftover after parsing attributes in process `syz.6.1842'. [ 224.164094][ T4184] ocfs2: Unmounting device (7,0) on (node local) [ 224.234584][ T9410] loop1: detected capacity change from 0 to 2048 [ 224.411466][ T9422] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 224.563868][ T9410] NILFS error (device loop1): nilfs_dotdot: directory #12 missing '..' [ 224.659141][ T9410] Remounting filesystem read-only [ 224.777739][ T4190] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer [ 224.842506][ T9438] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1856'. [ 225.159236][ T9453] loop6: detected capacity change from 0 to 1024 [ 225.274561][ T9460] loop2: detected capacity change from 0 to 1024 [ 225.329509][ T9] hfsplus: b-tree write err: -5, ino 4 [ 225.387833][ T9460] hfsplus: bad catalog entry type [ 225.864938][ T9486] loop2: detected capacity change from 0 to 16 [ 225.899250][ T9488] loop0: detected capacity change from 0 to 512 [ 225.912735][ T9486] erofs: (device loop2): mounted with root inode @ nid 36. [ 225.985374][ T9492] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3) [ 225.992562][ T9492] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 226.040404][ T9488] [ 226.042939][ T9488] ====================================================== [ 226.050371][ T9488] WARNING: possible circular locking dependency detected [ 226.058052][ T9488] syzkaller #0 Not tainted [ 226.062575][ T9488] ------------------------------------------------------ [ 226.070311][ T9488] syz.0.1880/9488 is trying to acquire lock: [ 226.076407][ T9488] ffff8880616eebd8 (&sbi->s_writepages_rwsem){.+.+}-{0:0}, at: ext4_writepages+0x20f/0x2df0 [ 226.086959][ T9488] [ 226.086959][ T9488] but task is already holding lock: [ 226.094587][ T9488] ffff8880259994b8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 226.099264][ T9492] vhci_hcd vhci_hcd.0: Device attached [ 226.104794][ T9488] [ 226.104794][ T9488] which lock already depends on the new lock. [ 226.104794][ T9488] [ 226.104806][ T9488] [ 226.104806][ T9488] the existing dependency chain (in reverse order) is: [ 226.104813][ T9488] [ 226.104813][ T9488] -> #1 (&ei->xattr_sem){++++}-{3:3}: [ 226.104847][ T9488] down_write+0x38/0x60 [ 226.143787][ T9488] ext4_destroy_inline_data+0x24/0xe0 [ 226.149894][ T9488] ext4_writepages+0x670/0x2df0 [ 226.155297][ T9488] do_writepages+0x476/0x6e0 [ 226.160616][ T9488] __writeback_single_inode+0x153/0xda0 [ 226.166696][ T9488] writeback_sb_inodes+0xa4e/0x1680 [ 226.172869][ T9488] wb_writeback+0x45d/0xbe0 [ 226.178366][ T9488] wb_workfn+0x43a/0xf20 [ 226.183250][ T9488] process_one_work+0x85f/0x1010 [ 226.188855][ T9488] worker_thread+0xaa6/0x1290 [ 226.194070][ T9488] kthread+0x436/0x520 [ 226.198808][ T9488] ret_from_fork+0x1f/0x30 [ 226.203878][ T9488] [ 226.203878][ T9488] -> #0 (&sbi->s_writepages_rwsem){.+.+}-{0:0}: [ 226.212975][ T9488] __lock_acquire+0x2c42/0x7d10 [ 226.218553][ T9488] lock_acquire+0x19e/0x400 [ 226.223598][ T9488] percpu_down_read+0x46/0x1b0 [ 226.229618][ T9488] ext4_writepages+0x20f/0x2df0 [ 226.235100][ T9488] do_writepages+0x476/0x6e0 [ 226.240314][ T9488] __writeback_single_inode+0x153/0xda0 [ 226.246480][ T9488] writeback_single_inode+0x3cb/0x8e0 [ 226.252839][ T9488] write_inode_now+0x23b/0x2c0 [ 226.258168][ T9488] iput+0x5ab/0x8a0 [ 226.262713][ T9488] ext4_xattr_set_entry+0x34f4/0x3ea0 [ 226.268755][ T9488] ext4_xattr_block_set+0x4fd/0x2d20 [ 226.274694][ T9488] ext4_expand_extra_isize_ea+0xf3f/0x19b0 [ 226.281044][ T9488] __ext4_expand_extra_isize+0x301/0x3e0 [ 226.287220][ T9488] __ext4_mark_inode_dirty+0x469/0x700 [ 226.293226][ T9488] ext4_evict_inode+0xa8d/0x1090 [ 226.298799][ T9488] evict+0x4c9/0x8d0 [ 226.303241][ T9488] ext4_orphan_cleanup+0xad2/0x1320 [ 226.308975][ T9488] ext4_fill_super+0x8e25/0x95a0 [ 226.314829][ T9488] mount_bdev+0x287/0x3c0 [ 226.319979][ T9488] legacy_get_tree+0xe6/0x180 [ 226.325714][ T9488] vfs_get_tree+0x88/0x270 [ 226.330928][ T9488] do_new_mount+0x24a/0xa40 [ 226.336256][ T9488] __se_sys_mount+0x2e3/0x3d0 [ 226.341579][ T9488] do_syscall_64+0x4c/0xa0 [ 226.346623][ T9488] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 226.353579][ T9488] [ 226.353579][ T9488] other info that might help us debug this: [ 226.353579][ T9488] [ 226.364075][ T9488] Possible unsafe locking scenario: [ 226.364075][ T9488] [ 226.372339][ T9488] CPU0 CPU1 [ 226.378444][ T9488] ---- ---- [ 226.383896][ T9488] lock(&ei->xattr_sem); [ 226.388389][ T9488] lock(&sbi->s_writepages_rwsem); [ 226.396686][ T9488] lock(&ei->xattr_sem); [ 226.403905][ T9488] lock(&sbi->s_writepages_rwsem); [ 226.409197][ T9488] [ 226.409197][ T9488] *** DEADLOCK *** [ 226.409197][ T9488] [ 226.417623][ T9488] 3 locks held by syz.0.1880/9488: [ 226.422830][ T9488] #0: ffff8880616ec0e0 (&type->s_umount_key#28/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950 [ 226.433204][ T9488] #1: ffff8880616ec650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x44a/0x1090 [ 226.443045][ T9488] #2: ffff8880259994b8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3e8/0x700 [ 226.453484][ T9488] [ 226.453484][ T9488] stack backtrace: [ 226.459379][ T9488] CPU: 1 PID: 9488 Comm: syz.0.1880 Not tainted syzkaller #0 [ 226.466920][ T9488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 226.477458][ T9488] Call Trace: [ 226.481134][ T9488] [ 226.484081][ T9488] dump_stack_lvl+0x188/0x250 [ 226.489089][ T9488] ? load_image+0x400/0x400 [ 226.493622][ T9488] ? show_regs_print_info+0x20/0x20 [ 226.498834][ T9488] ? print_circular_bug+0x12b/0x1a0 [ 226.504036][ T9488] check_noncircular+0x296/0x330 [ 226.509098][ T9488] ? look_up_lock_class+0x71/0x110 [ 226.514618][ T9488] ? add_chain_block+0x940/0x940 [ 226.519840][ T9488] ? lockdep_lock+0xf1/0x1f0 [ 226.524477][ T9488] ? mark_lock+0x94/0x320 [ 226.528995][ T9488] __lock_acquire+0x2c42/0x7d10 [ 226.533949][ T9488] ? mark_lock+0x94/0x320 [ 226.538368][ T9488] ? verify_lock_unused+0x140/0x140 [ 226.543944][ T9488] ? verify_lock_unused+0x140/0x140 [ 226.549319][ T9488] ? __lock_acquire+0x13bc/0x7d10 [ 226.554358][ T9488] ? 0xffffffffa0034000 [ 226.558653][ T9488] lock_acquire+0x19e/0x400 [ 226.563188][ T9488] ? ext4_writepages+0x20f/0x2df0 [ 226.568235][ T9488] ? check_noncircular+0x189/0x330 [ 226.573353][ T9488] ? __might_sleep+0xf0/0xf0 [ 226.577950][ T9488] ? read_lock_is_recursive+0x10/0x10 [ 226.583589][ T9488] ? mark_lock+0x94/0x320 [ 226.588189][ T9488] ? __lock_acquire+0x13bc/0x7d10 [ 226.593305][ T9488] percpu_down_read+0x46/0x1b0 [ 226.598073][ T9488] ? ext4_writepages+0x20f/0x2df0 [ 226.603200][ T9488] ext4_writepages+0x20f/0x2df0 [ 226.608261][ T9488] ? mark_lock+0x94/0x320 [ 226.612717][ T9488] ? verify_lock_unused+0x140/0x140 [ 226.617970][ T9488] ? mark_lock+0x94/0x320 [ 226.622390][ T9488] ? ext4_readpage+0x2e0/0x2e0 [ 226.627253][ T9488] ? __lock_acquire+0x13bc/0x7d10 [ 226.632365][ T9488] ? rcu_lock_release+0x5/0x20 [ 226.637411][ T9488] ? __lock_acquire+0x7d10/0x7d10 [ 226.642612][ T9488] ? do_raw_spin_lock+0x128/0x2f0 [ 226.647821][ T9488] ? do_raw_spin_unlock+0x11d/0x230 [ 226.653108][ T9488] ? ext4_readpage+0x2e0/0x2e0 [ 226.658458][ T9488] do_writepages+0x476/0x6e0 [ 226.663544][ T9488] ? __writepage+0x130/0x130 [ 226.669401][ T9488] ? writeback_single_inode+0x3c0/0x8e0 [ 226.675236][ T9488] ? __lock_acquire+0x7d10/0x7d10 [ 226.680645][ T9488] ? do_raw_spin_lock+0x128/0x2f0 [ 226.685871][ T9488] __writeback_single_inode+0x153/0xda0 [ 226.691544][ T9488] writeback_single_inode+0x3cb/0x8e0 [ 226.697410][ T9488] ? write_inode_now+0x2c0/0x2c0 [ 226.702638][ T9488] write_inode_now+0x23b/0x2c0 [ 226.707805][ T9488] ? bdi_split_work_to_wbs+0x8a0/0x8a0 [ 226.713417][ T9488] ? do_raw_spin_unlock+0x11d/0x230 [ 226.718757][ T9488] iput+0x5ab/0x8a0 [ 226.722945][ T9488] ext4_xattr_set_entry+0x34f4/0x3ea0 [ 226.728510][ T9488] ? ext4_xattr_ibody_set+0x330/0x330 [ 226.734340][ T9488] ? rcu_is_watching+0x11/0xa0 [ 226.739167][ T9488] ? kmem_cache_free+0x14c/0x210 [ 226.744432][ T9488] ? mb_cache_entry_delete_or_get+0x1bd/0x1e0 [ 226.750565][ T9488] ext4_xattr_block_set+0x4fd/0x2d20 [ 226.755906][ T9488] ? ext4_get_inode_loc+0x120/0x120 [ 226.761443][ T9488] ? __ext4_xattr_check_block+0x7d8/0x8d0 [ 226.767539][ T9488] ? ext4_xattr_block_find+0x500/0x500 [ 226.773108][ T9488] ? ext4_xattr_block_find+0x433/0x500 [ 226.778769][ T9488] ext4_expand_extra_isize_ea+0xf3f/0x19b0 [ 226.784688][ T9488] __ext4_expand_extra_isize+0x301/0x3e0 [ 226.790327][ T9488] __ext4_mark_inode_dirty+0x469/0x700 [ 226.795892][ T9488] ext4_evict_inode+0xa8d/0x1090 [ 226.801022][ T9488] ? _raw_spin_unlock+0x24/0x40 [ 226.806132][ T9488] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 226.812163][ T9488] ? do_raw_spin_unlock+0x11d/0x230 [ 226.817575][ T9488] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 226.823943][ T9488] evict+0x4c9/0x8d0 [ 226.828128][ T9488] ? proc_nr_inodes+0x320/0x320 [ 226.833435][ T9488] ? do_raw_spin_unlock+0x11d/0x230 [ 226.838845][ T9488] ? _raw_spin_unlock+0x24/0x40 [ 226.844333][ T9488] ? iput+0x706/0x8a0 [ 226.849072][ T9488] ext4_orphan_cleanup+0xad2/0x1320 [ 226.854406][ T9488] ? ext4_orphan_del+0xbf0/0xbf0 [ 226.859669][ T9488] ? errseq_check_and_advance+0x62/0x120 [ 226.866292][ T9488] ext4_fill_super+0x8e25/0x95a0 [ 226.872712][ T9488] ? ext4_mount+0x40/0x40 [ 226.877502][ T9488] ? set_blocksize+0x1f3/0x370 [ 226.883072][ T9488] ? sb_set_blocksize+0xa5/0xe0 [ 226.888200][ T9488] mount_bdev+0x287/0x3c0 [ 226.892803][ T9488] ? ext4_mount+0x40/0x40 [ 226.897137][ T9488] legacy_get_tree+0xe6/0x180 [ 226.902014][ T9488] ? ext4_errno_to_code+0x160/0x160 [ 226.907563][ T9488] vfs_get_tree+0x88/0x270 [ 226.911986][ T9488] do_new_mount+0x24a/0xa40 [ 226.916939][ T9488] __se_sys_mount+0x2e3/0x3d0 [ 226.921803][ T9488] ? __x64_sys_mount+0xc0/0xc0 [ 226.926662][ T9488] ? lockdep_hardirqs_on+0x94/0x140 [ 226.932057][ T9488] ? __x64_sys_mount+0x1c/0xc0 [ 226.936844][ T9488] do_syscall_64+0x4c/0xa0 [ 226.941366][ T9488] ? clear_bhb_loop+0x30/0x80 [ 226.946046][ T9488] ? clear_bhb_loop+0x30/0x80 [ 226.950812][ T9488] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 226.957248][ T9488] RIP: 0033:0x7f35259c020a [ 226.961679][ T9488] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.982088][ T9488] RSP: 002b:00007f3523c19e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 226.990678][ T9488] RAX: ffffffffffffffda RBX: 00007f3523c19ee0 RCX: 00007f35259c020a [ 226.998910][ T9488] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f3523c19ea0 [ 227.007056][ T9488] RBP: 0000200000000180 R08: 00007f3523c19ee0 R09: 0000000000800700 [ 227.015521][ T9488] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 227.024051][ T9488] R13: 00007f3523c19ea0 R14: 000000000000046f R15: 00002000000007c0 [ 227.032654][ T9488] [ 227.041655][ T9466] caif:caif_disconnect_client(): nothing to disconnect [ 227.048974][ T9488] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: inode #11: comm syz.0.1880: iget: bad extra_isize 90 (inode size 256) [ 227.058348][ T9499] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 227.064563][ T9488] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.1880: error while reading EA inode 11 err=-117 [ 227.106897][ T9488] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: inode #11: comm syz.0.1880: iget: bad extra_isize 90 (inode size 256) [ 227.124437][ T9488] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.1880: error while reading EA inode 11 err=-117 [ 227.124931][ T9499] EXT4-fs (loop1): orphan cleanup on readonly fs [ 227.138645][ T9488] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: inode #18: comm syz.0.1880: iget: bad extra_isize 90 (inode size 256) [ 227.143852][ T4262] vhci_hcd: vhci_device speed not set [ 227.161263][ T9488] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.1880: error while reading EA inode 18 err=-117 [ 227.173157][ T9499] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1883: iget: bad i_size value: 360287970189639680 [ 227.176937][ T9488] EXT4-fs error (device loop0): ext4_xattr_inode_iget:401: inode #18: comm syz.0.1880: iget: bad extra_isize 90 (inode size 256) [ 227.203655][ T9499] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1883: couldn't read orphan inode 15 (err -117) [ 227.204448][ T9488] EXT4-fs error (device loop0): ext4_xattr_inode_iget:406: comm syz.0.1880: error while reading EA inode 18 err=-117 [ 227.227692][ T9499] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,barrier,nogrpid,max_dir_size_kb=0x0000000000001000,,errors=continue. Quota mode: writeback. [ 227.231508][ T9488] EXT4-fs (loop0): 1 orphan inode deleted [ 227.248759][ T4262] usb 45-1: new full-speed USB device number 2 using vhci_hcd [ 227.252179][ T9488] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,nodiscard,debug_want_extra_isize=0x000000000000005a,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000000003,,errors=continue. Quota mode: none. [ 227.260759][ T13] usb 7-1: new low-speed USB device number 5 using dummy_hcd [ 227.294673][ T9501] EXT4-fs (loop2): orphan cleanup on readonly fs [ 227.302768][ T9501] EXT4-fs error (device loop2): ext4_quota_enable:6438: comm syz.2.1884: Bad quota inum: 11, type: 1 [ 227.334376][ T9501] EXT4-fs warning (device loop2): ext4_enable_quotas:6486: Failed to enable quota tracking (type=1, err=-117, ino=11). Please run e2fsck to fix. [ 227.375240][ T9501] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 227.388699][ T9501] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 227.728154][ T13] usb 7-1: config 0 has no interfaces? [ 227.734147][ T13] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 227.743781][ T13] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 227.753214][ T13] usb 7-1: config 0 descriptor?? [ 228.030295][ T9493] vhci_hcd: unknown pdu 2 [ 228.035099][ T4279] vhci_hcd: stop threads [ 228.036373][ T13] usb 7-1: USB disconnect, device number 5 [ 228.040411][ T4279] vhci_hcd: release socket [ 228.054059][ T4279] vhci_hcd: disconnect device [ 228.110154][ T4262] vhci_hcd: vhci_device speed not set