last executing test programs: 2.482454225s ago: executing program 4 (id=7423): syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x8000, &(0x7f0000000180)={[{@resuid}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000100)='system.posix_acl_access\x00', 0x0, 0x0, 0x0) 1.322861255s ago: executing program 3 (id=7440): r0 = open(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', 0x121342, 0x0) write$tcp_mem(r0, &(0x7f0000000080)={0xfffffffffffffffc, 0x2d, 0x5, 0x3a, 0x2, 0x2c}, 0x48) 1.153333161s ago: executing program 3 (id=7445): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000000c0)={@map, 0xffffffffffffffff, 0x5}, 0x10) 1.055008484s ago: executing program 0 (id=7448): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) getegid() 1.029819715s ago: executing program 3 (id=7449): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$BLKZEROOUT(r0, 0x127f, 0x0) 939.830928ms ago: executing program 0 (id=7452): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="021800001800000000000000000000000300060000000000020000000000000000000000000000000800120010000a0000000000000000000681a2fd619f418e6a0000000000000000000000000000000000000000000000fe880000000000000000000000000001030005000000000002000000000000000000000000000000080019"], 0xc0}}, 0x0) 884.39413ms ago: executing program 3 (id=7454): r0 = socket(0x23, 0x805, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000740), r0) 803.040593ms ago: executing program 1 (id=7455): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61128c000000000061138c0000000000bf2000000000000015000000081400002d0301000000000095000000000000006916600000000000bf67000000000000260600000fff07906706000007000000170300000ee60060bf050000000000001d360000000000006507f9ff01000000a70700004c000000cc75000000000000bf54000000000000070400000400f9ffad4301000000000095000023000000000500000000000000950000000000000032ff7f5be95e09b67754bb12feffffff8ecf264e0f84f9f17d3c51e3c7bdd2d17f2f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703d6c4f6f3be5b369289aa6812b8e007e733a9a4f16d0abbd5ad9381806ef08513e3d3778a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad5b803306b17cf4ef3f1d45f65727546e7c955ccefa1f6ab689fde4de4e63edf10271a5144ddc8da3aa5b0ab733a1b901627b562ed04ae76002d4519af619e3a2a4d69e0dee5eb106774a8f3e6916dfec88b5634ef79b02d2ca8ff54c158f0200000000eafb735fd552bdc206004aeb0743eb2dc819cf5c8ac86d8a297dff0445a13d00dce431e56723888fb126a163f16fb2ad9bc1172ba7cbebe174cecac4d03723f1c932b3faffffffffffffff5fc998e13b670e373e3e5897f7ad2e99e0e67a993716dbf580469f0f53acbb40b401e3738270b315d362ed834f2a0700000096649a462e7ee4bcf8b07a101c879730beb4000000000000000000000000000000bc00f674629709e7e78f4ddc3d1bc3ebf0bd9d42ca019dd5d022cf7468659fbe2562671cd47840a7afaab43176e65ec1118d46d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7eab04871bc47287cd313f3bea788ea2bcdc340ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d7039dd21be3f3767ce603c9d48cac052ca363f601ae899a53f67b63d20a268bb9f15a0a6e66ce4660fbee91629ab028acfc1d9260e9659a0f6a5480a55c22fe3ae5f562d0ae520c38d2bab6528000000596fb73a96b33c81cdbbd421a27f7f1db054cc7a0a4d372849c99a98822103b9851d924b85b1ca4b21b187db00000000000000066dead3b9670a7604a5ddd0fd2e4fb8a5749a8a8ad78454ba1eebeff1b528da294247d294d2487babb176fdfafeb3d492a325671e6b91afb41f87feda4ce2f468a3758750c0b8f151d4d8574bbbe027687a0e12311cdf3384a26ee3f6f2424b92e5be98ef1f8f2db9a4991e234f9f447e1730ceaf54cf25c0e3ad7cbb0de06d55db89d154c9d3fcd01c551b0ef5d5305845b9a8763b264e8f0bcd0f606fe92e511f122325ebc5fef1b67845d0eb8b8a4f97f83424221e94a5c4623feb8496ccdbc55b27773bfeffe6a91a20e0c27fc80262647f88d8d1123d199b2c7729bb7700e887ea963f00004a1d0851dbfb9308d16cadcc7b477c9a84e3d6bd82526898735552a203c4797228533b1a73ab44aa115136353964648abcc4adbe765556643842290a92eafea0ec2c000000000000000000000000000000e1f3518dc3fc2bbefe043804ac1b6b1c8b7e3afed045a3a808700bca61a39d5bfa83877803013e2d145e642253632f3a283c6eee0e22cb69fe7f94786220c31e9b2a82a9856e947bace74923e4740bf1c17cb41ef19161c3d417655517c28bd08dee32d77a40b834ba7a12223354e9321b8300f7d5d63fa0e8f074adc176285a8f41609ce040cec99943792f5443ca5292447b0f0f240743c4b2b8142ce0b43d4d1731ce11533f61ef241c83557f5aae58a848b5ccce86b8b0fb21fe369c90f06e2d9680003df72f3f0060e6c3415cc1026d342003bece09fbfd062efdd9b48377335903f3b4e87386915e3ac429a4db646da1cc6e29ad8650f4da326cbfdce12c8d5deba32549d6aefe422e0d665d62325c737fe76ec1f3c3670ed96f86738a2cf1c59b5f9b84ffd068f7b4509f53617910a41b811a3f7cd6251f8100008133af11a4db2d00c0ad86ce9f40f3e06b41b45f72"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff15, 0x10, &(0x7f0000000000), 0xf000000}, 0x48) 802.557143ms ago: executing program 3 (id=7456): r0 = socket(0x10, 0x80002, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000440)={'syztnl1\x00', 0x0, 0x2f, 0x9d, 0x3, 0x1, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8000, 0x7, 0x7ff, 0x7f}}) 771.825904ms ago: executing program 0 (id=7458): r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r0, 0x10d, 0xe8, &(0x7f0000000000), &(0x7f00000000c0)=0x4) 683.614847ms ago: executing program 3 (id=7459): syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1080c, &(0x7f00000007c0)=ANY=[@ANYRES64=0x0, @ANYRES8, @ANYRESOCT, @ANYBLOB="d1794da8c0ccda034276e28a25c45c8e1eb8b595a37ffdfe7d2a8c3972a6931d2cbb0d8dc920bbde15d8790d46ccb3a5f36ff412236251d86334f17545ccae88", @ANYRES8=0x0, @ANYRES32, @ANYBLOB="e5f0986a95b4a041c6140884aa3ee1b8a51aa12c4e1790181917f9b22d45f7d86339c33c4a5e4f7224ec1900"/54, @ANYRESOCT=0x0, @ANYRESDEC=0x0, @ANYRESOCT, @ANYRESOCT], 0x1, 0xa8f, &(0x7f0000001400)="$eJzs3UuMHEfdAPCe3Z31M5/H+WxinJDYBJIIyG68a8zDgjiKL1gx4hYp4mI5TrBwDMKRQqJI2D5xI5FlboiHOOUSAUIiF2TlxCUSscQlp8CBA5aRInGABHvQzlbNzvw9k57ZV+/s/H5ST013VXdVz3b39quqCmBsTbQ+663Pq29dOf6Ph/6+beH74+0UjdbnVMfYQupaGp8Ky3t/cjG89cGrp3uFtWKu9ZnHJzvm3VEUxcXiQHGtaBT7r15//Z25p05eOnH54LtvHL2xBqsOAABj51vXjh7e+9c/37v7wzfvP1ZsaU/P5+eNNL4znfcfSyf+C8FULV8/LF0P1DqGTtMh3VQaJkK6yR7pio509Zxua/d8Mf/psNx6n3RbSvKfDNcotVAeGGV5O24UtYmZrvGJiZmZxWvyonVdP12bOX/23HMXKioosOr+9UBRFAcMhnEbmrvaO0HlZalu6PgVACoVnxfe4WK8s7Ay7aVNDZb/zScmes/frb6aZWR8rPf2L/+4/O5yrHf+Zev/60trvP6MlcG3pq1rWo7Vltcr70c703h8jhDfXxr2+JOXNxmWN+gJQL/nCKPyfKFfOSfXuRzL1a/8cbvYrL6Wwvw7fD3Ed+4/8W86Kn9joLd/b7j7/9uWCld5WQyGzT00qzz4ANUquayP7801kxwf3+uL8VtK4reWxG8rid++OLX9Gl+M31EyP4yz3734k+K1WtGzPl6xeP3f2lkGvR+W77PdlcL/G7I88X7ksPfj4nu/w1pp/vF9YtjI/nDq6TNffvaZ64vv/9fa2//ttL0fSOONtG9dSwny/cJ4X7397n+jO5+JPunuDuW5q0f61vc93elqe5aWU3QcZ+4ox77u+Xb1S3dfd7pGSLctDfF0KZ6fbA/z5fOPfFzNv9dUWN96WI/pUI58XNmdwtF6GsNGlbfHfu//5+1zX1GvPXf23JnH0njeTv80Wd+yMP3QOpcbWLlB6//sK7rr/+xsT69PdB4Xdi1Nr3UeFxph+lyf6fNpPP+f+87kttb0mdPfO/fsaq88jLkLL7/y3VPnzp35gS+++OJL+0vVRyZgrc2++ML3Zy+8/MqjZ1849fyZ58+cnz9yZH5u7shX5g/Pts7rZzvP7oHNZOmf/tCzetQFAAAAAAAAAAAAFXnpxPHrf3n7S+8t1v9fqv+X6//nN39z/f8fh/r/sZ58rgef6wHu7hHfShMaWJ0O6epp+P9Q3j0hn71hvk+ksN2PX6r/n7OL7brm8twTpsf2e3O60JzAHe2lTIc2SGJ/gZ9O4eUU/qqACtV+1ntyCsvat87ben4ZWLsUoyn/3XJ7Jrkdk1z/u1+7Tvn4v7v3Yn+02uVkda1HdcKq1xHo7Z8brv3vNRmWGvysvCwdVwyVl8Ww0YZbzWZzPfNrNj+uFw99TQHrp+r+P/N9zxye/+M3ti4MOdnNJ7qPl7H9UliJqvu/rCz/fGNxXNd/wPxXu//Pdv93Ax//Qo95jeXl+5+f33ivI9tif9/8txRd+cf1z+1A7xku/w9T/nltHi765d+9/s1fhvzjA6EBfRTy3z5g/nH9rwybccrwvyn//LM98uCg+S8uoDbRXY543zg//4v3jbNbYf1z257Drv9yO2q8nfKHcTYq/cwOq6v/30vN9e//d4U9DMX3ML6YxvOBML/nEPs7ubW1GKr8+f2K/H9gb1h+reT/m/5/R9tXU1i2P+T+f/P22OgxPtExXu/x227WYw2MqvdX7flfxxtzG+A5ymYYXtpVfRlGYajZ5pY9NJvNSh/yecJYrap//6qvE6rOv+rfv0zs/zeew8f+f2N87P83xsf+f2N8677iR0ud9sbfa3uYP8bH/n9j/D0h39g/8L6S+E+WxO8vib+3JP6+kvhPlcQfLIm/vyT+gZL4u0viHyyJ/0z4i8f4z5bM/1BJ/CMfHz//w5L5N7tcH2Vc1x/GWayfd+f+v8wHvMCGl5//9Nv/95TEA6Prp28eevKZ3367sVj/f7p9PyQ/xzuWxuvp2jleL8X7J5Mp7u00/rcQv9Hvd8A4ie1nxP/vD5fEA6Mrv+dl/4YxVOvdYs+g7Vb1O89ntHwuhZ9P4RdS+GgKZ1I4m8JDKZxbp/KxNp78ze+PvlZbut7fFeIHfR8+1geK7UTND1ieeH9g2PfxYzt+w1pp/susDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZidbn4cP7akVx9a0rx58+eXZ2Ycrj7RSN1udUx1i9PV9RPJbCyRT+In259cGrpzvD2ymsFXNFrai1pxffvNnOaUdRFBeLA8W1olHsv3r99Xfmnjp56cTlg+++cfTG2v0CAAAAsPn9LwAA//+1ThxH") truncate(&(0x7f0000000080)='./file2\x00', 0x42da) 671.218407ms ago: executing program 4 (id=7461): socketpair(0x1e, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'veth0_to_batadv\x00', &(0x7f0000000500)=@ethtool_cmd={0x50, 0x0, 0x2, 0xc21, 0x8, 0x4, 0x3, 0x3a, 0x5, 0x9, 0x3, 0x9, 0xaf44, 0x94, 0x0, 0x2, [0x6, 0x9eb]}}) 667.176657ms ago: executing program 0 (id=7462): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x14, 0xb, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x4040000) 644.926488ms ago: executing program 1 (id=7463): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newsa={0x154, 0x10, 0x713, 0xfffffffc, 0x0, {{@in=@private, @in6=@remote}, {@in6=@remote, 0x0, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @mark={0xc, 0x15, {0x350759, 0x6}}, @XFRMA_SET_MARK={0x8}, @XFRMA_SET_MARK_MASK={0x8}]}, 0x154}}, 0x20000880) 567.754111ms ago: executing program 0 (id=7464): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000240)={0x140000, 0x3, 0x1, "3c5d07fc3dafae9a966739e7727dc429ff3d53fd4e3f7ccc7f9be6a898098384", 0xb5315241}) 559.186701ms ago: executing program 2 (id=7465): r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x8042) write$UHID_INPUT(r0, &(0x7f0000000640)={0x8, {"179c4f014d5876c3e4fa4858113c67be813637500fce388e37e40fe6caf6a8ab9fc1cea8e2fcd16a3b5acde00efe8a7d7b70a535ae5f340be5bf60748b0ac30b62af7dcf60cf8d3fcfb114b6d1f9fb8b1e8aef18382d4a02753336ab7502c9892b8fdf9aec72a2039b9a51cb0ac50a9405849e2c0dfb2f2789ae9e51b59c4d4e72ecf4591d8f01a127d5395f0d99eebddea945b4297ab24a98c891f789a65c73dad8fb44eb39bf16cb1d5f31fee042b96cd65871557a30c4bedf9a3ba6c17e29554530fda4058f25b48059b02f084faa4f91e4cf0191b80074786b4d3756059d420a1f86271ea5ccc3269f6b353502fc804d94c5b3fb23156bee74a71add4880bb19133c11acee211a9f1668bf4f3934ae9be20fef0d13239d0a4c70d90c08b8b02c4f0f3b778f86322f80151ea4226fef27ca2be21fdcf48a48167fc9ac0c3b2402be32aba0d9846b4183c00de6a70c2e15f62ac166d5573d29d23d00d26af731345a5ccf20eea009e405decb055845a56d8ab1ce9b5382325993ce12d444a2acbbdc15af24765fc618af889171d224c7b5ebdc2477d6ed6d85fd9c01f79b0e5a4e1517f6eff2ec1f19b19936b084828249285813f082416ee19a66fca34b6dd41833445edfb9ffc8b39a1e47aba48692f26d7f85f1d37097a51907670c421287cba70f3f0c72d30ace0060c846f509f7fae8b552a9a7f2e8a2b484c45b70fccaf9246249c06a56dbb11029ea821b67fde0dbe1a04a4af06a414265f6890229ef46488a78cf689ba3f72ec5067eeaf62e3a6a793a9c1a0cfe27f9ce9fc9e9a86111657662996240821f476be942664ef82489944847478d1ea7741ddfe0c9bea87e1743823729ba528682e47a6891ec2e6985692b07af258418cbcfd473b1f80673156dae9f058edcff3aa2cc9c52c01352f18a74e32f5c1f268c3a92557c35d344844bacb2b7a59f813bce96fc83ba984a664d4440f2671f56c4279b003ab01262e415cab5f41ddbc0aca42b073751f27344403f8e0742ad67054fba95f91773864b8b0e8693fb46d00426a055c921bbcd7fd18af2570a9b9cc58a0724bad0e2f33fd4ee12bf721047d3b3650714ddd2226b7adc7a85293576edb7eb68ab71ac2ede80e72f70fe70c4f2716d453451bad3164a1c31d0dd140e44661c0b1c2d004dc09298df68dd329d922e04a2c569f6f5d6187286aecd2ff7c6614932c321680c609b403769612c340f346d1914775a8b8e0651965bc7c59ef65bf0822042187d78c0e0ba8ee255052eea74f7e3a01fd09ff78d8a9390d7f37f034ed9d876c3d1849c2b4e689b9da3e69a213a61ab4ac96e45b28209f5cf71bf3ca100f4b5eef2a7356e32e1fb4c2434902cf445df1d9d13b2b01d3726766f8ebf7970a9e40cce88f364b6edcd5b5def96c08dbac0cc5f627002e4730180436c061e3c64246fd1e576c17cde76244d35fb3a8ca73d1a0a4b53c470532d53aaaed056b174e9f50666ca5996794edcd095356290ef3d6319ad6372bba007a389cb597db057bb1d62e355568e05dbac146f0cad11141427e903133b3fd25180e6225789749e8f631b5820d9dddd8a7f3f21b1e46599c10244ee00e58a27d4a26e9a05bd6f4203bea31607d6b932febef464fcdada794e7c82f7b25cfac68c094ed4cdb35da044b184460191efcb16af1f5e6945b527d09b4c66cde472db864212c0c67aeaf90a29610df17ddb3c5c7b515539a433ec221e735cd23d1d58661418f40903ddec4b53330ac152b6ac1426b0115a5bcb31bc36fd59fdd694120cf4e79882ec3dc28d0551aa0f22ba8a1282bc120202a1f6fd6fd61e29b7b3e3fdcde974d1fc753cb99ffe1f1608b88e2fed004fdad78e02675c3946a65861d827b5e21f50ca5ca762c3afa5bce905b7e6d7a8b06cae47d213899c346d47ad99a177719f763168e1f70767bdf226fab1e299549a875e9e5171b1cf95359a5e0613016cf70c198fd645efe0c4d6305589989894e0084bf1c1fdd7d4ed3238a797460d035b8007f6077a9c3d158f92c5d8f9299c7dd86f78c79739889db98840bdfa0d7681a79b09d78fddfbe7a6044ed308bb51462ee08f625396b7685e87d9a302fa71ac45bcc47504a097343c8cccffad6b42026801e77e0b1bf22a974ce5468307a5b35f333341f48ebb9a844b3f2fb0b0da82b9bd4ee80d5774975c912caf598442f8b403f756e5f0160c8d5c98af30220179a1c541545957b3b1d03440df049f7bbfc84a81720f35e42dab5c462e3485a579e0dd851d74c2261fa7a05d06382a43aecfa9136b41e46e13f5ea2524beeead6dda02d9a6fc0253ba82627928058c4724f039d38847771899efcb14ace3e396a15a9d08cc3a5f9d443691d05d2d2164ee5db8a2adde60ba2943c13e83435b7c0f08911c0b2f639f5050ce641658e04bf3074d0e082bb292a8769666cb3c3a2e27650c34cad9d3cbfccd312b2376775557049e229320f7acbf3f18b9d761f65e6e86203513f18798499137535809fc3f10b5c6a22b309062f4bc8717fcf6a3660ff9155b04dc41f4887ff726c571c270a1fca4b658126e65651438cd882aabd97b9de7ef1975594ce849abb5fec448170b7d7eb18ca78c61750486e05405b5b0d61b937b3da90d8ee104406f53221b1e28651da01222c56c3542622a7089f43d45b1709f10db170398caa9cd23f1a7637e694f3e9345fa226ac33af1a91505db21fc7e3c3ae480bebff250a43c62c503e66cb6456b90ea04592e3c48b734d5d2d09da58bb5377b942871f15bdffbb5faf34171731413972191764b8046afac7ad352a69f7fb9fa48c743d59c79cca8313b41f4e37ababa98a22d23bac3bb0b575da2f65f206bf5e4dff7e6af00e56451df767d28b0af2f9c27dc570f4c81a57918802e8d3965b92d1b7dfc4412096d240daa03ecebe2d8299a8dcdcb2f80c3099f818c070aeecad7c3ededdcd0839c581f37615cf4ba0c8d887415aa636a064a800c64fdbda79ab7f9c1e9cd645cab68100a4fd570cc65a7132c43701f03fd9ed7e5b306ad6a975cc9c66e1184f4cbedf148a8c78500f12390f56259fe46f3200444aba398eaf9acf29e041af64891c5a36c7df04c70c9ae6a1c387fd8c1083ee3c4f1d4b92db609acf98b4280e17784a179b011cd99a58e8a12961519cda823d4f61b176f166652a3f4f07385d3f7d16a0c262ee6f7d29437925782805c63498cd849c11ed957fece33fd80e7e51ff9b51645a43d80251e28a03569f35b62745a70938958144f80ecf6406d672ccd9981658e36b9ebf761a4b1e3c7804c38958a1adfcdc5beaed5f6ccb8f041a6d61b0d3da42027019b8916dba7c53dc6e20bdf3f6d754e7c52551fbfc76eb460aa170047ae8f2e4d0a8e7480d9e5c408c2ba62266554b2b1c0ee270a5308e2e2749e9a7c9c0c181ccffc710294f73c30ce478bd938c23cde4cd96d3baa611d465efe9d83f5374b254b6eb0797f581fabf968e036e8ba9a59feaab2aa8b8ca2f4df30a4016503f67e9aec4b0e24fccc751fbd361219c0ece49d3e5833dfba07c131278d2434ae5d6a38d116dee699898aae19cde949601267b59286883694e5455f4ab5431eb45108ddb02c0a7cb4b4bcb8ef975ba2fadbb8144d9019fc1565a95655b6cce4a79cef35e1f63777871d14a7a0eb27040ef0b334bea57a4e5c94287e73d67efd59877f5750021a867cac4dfe34be049cc48b1ce67a81fd8ba7aaa218c1815c681d257d187a3276cf14ef5adac2972fd4e8f4e77b250b70c4ebef312cd065651250368bda5b7bf4d68289a5eb13202783a7fbe2f493ea5fde647ad988ed7eec362d7c486cd54e83e60ecc2491de0b0180b2dfe5dd44309a46e3b5cb130a732f0b5886ff0112d7f51aab8f9f92b7165807126e8edb64b2ba20a9f197631106dfd99ec1dd082d33bb8cde00fae1356b38c7cd9856172a6f1af8dce21a4f51854ad995d0db151faebf070e55ed84430fa717d7e108118aa9b84dfd962c415969476c6f9481479e5f272f16e30dcd2a4bd1e354bd0342d9d6e7abfc5a15e511ad1155ea05c3476b51fdfcceb8f8720a4c1f401c32de7e2584009a6d62cb47b44b03a8da44b13b0e1bb7677f030d17733214e6c03174fd057173e33641bdf35b2826668dd4eb491fd7ee38443827c7b6ea4432d70fe460d12733e517295fc1f950c447aba9966c0a6f91241c2b5de4672dec6284a9cf9e8b9416f19a6e763b9225ba91ae00e97351c40a800aeb77857630d883be0a47ed281d2bfefc8d033e2c34b2641f2f3e8a4c6647b15dd9bfdfeeea3fa1157d0db77669de1da9245ff97fb8617013f3e4c5c7a4ee721787db8330886d0574efcf86c7ca3a4baa02351d284474aa0e567cf45d99ceb51972b5ea776c8208585431bfa0d23fe136d714355a4e807f41bff5d458b7bc813487082eb2faf6726851ba55cdf38791e1141843284e6ad49124108eab3000b54f2a1abbde0fedfe839359ffcc2718cccc285962cd3f16bb82af6756f43de8fa014ae85ddf822c34574108aaee9a254acc6db79b9d35e89eba57663463ebadb0926528947ffdec88d3c88f11ed07fa39cfbe441e66c4950a8702c249d001642ae1f54839d3c1faa285967b0e7fc289f66f3c1847eadb4229ba49e5a2681df3ae87a279175f54b75a600223d175ab45ac2c3762ad5eda206c1e5ee9e205fa4fece9cdb63d048139134ff8d029f661ead227e29be6f65f94c68c74f0e25ebce4e5da4a94ed33804b87199c31e0a717b977a6b1d5c6f0574521c9365c5ff35b5e1ee231b949a193164e1898d6204372af99634fd75ab4fdd48c434467da038dfb96e7ce985b52cf6542b69a369b38647dfe4b7c6b7425267c5c9305daf85ff3572eafdaf583ae9f226b7986f2402ddbe9e5551630fa0bf0d717391a8973fceb96f403c5e0c2e7bd7604d199d58cb963861b125eacdddf83a5c7cd84049d2ca46e793cddd6b7507aaa563cfbffc8ba43e59a6b9ee8a362f928887671df9ae66dfacd2e9603cf322f0e1a399ea9b6ca9c030bd7e7647267239b6303f76e2d4006d061d8891cc9db4a3da516eefc74771becea5b60094863bf12e813386c22ed00e1f5be9f681116cfe352d0d36219ff89bae173de89c121e6e56bb657277d47efc817516591c3b12ff95b9ed7edd3c8d1790842412b380202032941fc5d9ec432e5c7203fd207e32102497b13ca2ea43ed8a5991cecc19fc77a7398328e9334061997700166e3e0a72ed4b0c5c47aca9fd48d05c40f50d22f1f642a6e5a4af8ea5d1d6c5e45e2f402634069f3705767847c78081b08081052920829e22881bcba19d6452d198beccc81295a2683d0c545713ba2953fa4f667362d06a352f406a33ee7e553fcc7268e2d7fc97e1ccd340bb8c73ae631a1051acdc872a0d30da2774d9570007be36f54ac6f2b93085c353b3fa0201ca7828e7154c4a7d837cd76db45cddfa39adc095d61987e8f47ebe476f75132d7e653ec59f99d9bb576ca36f3374284ecf5e816d940456dd9299c298c9bf54eb313ef9ed29c17b987baf2ce18be63d6f87f2fb93b16522211255400af050caabc26c96777e88ebd6cf529eb8924b2ef2e0a2042ea4e9410ca1236aaee7ebf4946c8573a26c9f80a0d24b7d629bdb7bfbe0db1e3e97d37fc018f9ebca783c06c43b9f9dfc98ea684d0cd74e4631a6347a0775ad8759448a25f7d60e53ab86452b1a13fb16928142f341ee3c31c7320159819ee4319d2afb3f8e47fd0ef8893fe154d08b8fea6669a52f2", 0x1000}}, 0x1006) 548.658851ms ago: executing program 1 (id=7466): mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1c0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'interleave', '', @val={0x3a, [0x37, 0x2d, 0x30, 0x3a]}}}, 0x4e}]}) 471.948134ms ago: executing program 4 (id=7467): r0 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r0, &(0x7f0000000340)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x2, 0x3}}, 0x10, 0x0}, 0x200440c0) 455.598235ms ago: executing program 0 (id=7468): syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@nojournal_checksum}]}, 0x1, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==") open(&(0x7f0000000c40)='./file2\x00', 0x46342, 0x0) 408.100876ms ago: executing program 1 (id=7469): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newtaction={0x14, 0x1d, 0x1, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x2400085d}, 0x24048040) 391.748867ms ago: executing program 2 (id=7470): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x5, 0x4, 0x3f0, 0x220, 0x0, 0x220, 0x220, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private, @empty}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @private}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440) 316.391259ms ago: executing program 4 (id=7471): r0 = socket$inet_udp(0x2, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0x2, 0x4e33, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private=0xa010100}}}], 0x20}}, {{&(0x7f00000000c0)={0x2, 0x4e21, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000140)=[@ip_retopts={{0x18, 0x0, 0x7, {[@lsrr={0x83, 0x7, 0x4, [@initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}], 0x18}}], 0x2, 0x0) 315.845149ms ago: executing program 4 (id=7472): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="020d00001000000000000000000000000800120002000200fefffffff8ffffff2f00320002000000000000000000000002000000000000000000000000000000fc020000000000000000000000000004030005000000000002000000ac1414aa0000000000000000030006000000000002"], 0x80}}, 0x0) 266.759121ms ago: executing program 1 (id=7473): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=@newtaction={0x214, 0x30, 0x9, 0x70bd25, 0x0, {}, [{0x200, 0x1, [@m_xt={0x1fc, 0x1, 0x0, 0x0, {{0x7}, {0xe7, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0x2a, 0x6, {0x26, 'raw\x00'}}, @TCA_IPT_INDEX={0x8, 0x3, 0x9}, @TCA_IPT_TARG={0xdb, 0x6, {0x0, 'filter\x00', 0xf, 0x7, "b7c230b18e3a60860ad4048b3d2669ac64bd13aa542b737366ebf690505190ffcbbbcfb321ba21a30854d2d8d259c1907d3c556a831a784c77c5fbe5dc69483ebf98e9dc6c112756d540aefd82002655a2ec02ef0cf6af250d994c2b786af642ca25c26c0a998df97c32ca6e9a483d669a472bbc1b110a52d576928c406a1354cc3037bead3d4b65be8c974c597853724542754e59ab6166e7680d324b26a21efb5680694465f6eb5d67d1d438cd2ef957"}}, @TCA_IPT_INDEX={0x8, 0x3, 0x7ffffffc}]}, {0xbc, 0x6, "a7f999ecbad8d23aecaba471cb28b77fe07548287a087e2f64edd4a5424a0513b5a914e93c2f4a8519a76a54d4d75a1e649a4b3e3d229fb7832b2bdab581ef95ecad93c7a8abac5a0f5deac9a2b110208977b9472fb3d5742491d43b984463cd365006946b0eb170e4bbeccfdf93c16edd8f6e533b0b0b963bf57e4889114f48f6897c90429a1aa539c06573f31f81184b6d58e2bffc4106c46ac297481bba3670512ca9ce543d883961d235db84a301ffec09857fe38cbf"}, {0xc}, {0xc}}}]}]}, 0x214}}, 0x0) 181.015214ms ago: executing program 1 (id=7474): capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40}) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000ff020100bfa30000000000000703000018feffff720aa9fff8ffffff71a4a9ff0000000072030200000000131d400500000000004704000001ed00006b030000000000001d440000000000007a0a00fe00ffffffc303000051000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7109000000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074649c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c0dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6acdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e50002a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de5c028d6112a0c2d21b2dc98814106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c53218294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb118888876b617398d00a7526103ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fed000000007baa5b6a686b50f0937f778af083e08b7ab6cd9c65ba55f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddc42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293d364b9effa9a9406ac2683e231d4774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479517dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a79e59e1712c8c546768e5722da19fcdb4c2890cda1f96b952511e3a49d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767987d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca485683252b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c32040098e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a0032f37ff559be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1be62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee07751532d5e7d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070f66b2b388f0f744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e2fa3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef907000000f01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e015cb56119df72c7533a48d028a3a981463f25c068d4410dad0c74e2a9478fa3be18a1a27bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb581012fd7a8139166fd5e59c84f4ab07001b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe293308b2a146f12a4c205235924cee765d94b1cc06641247c773ab8d1abbeb03ea68"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff11, 0x0, 0xffffffffffffffff, 0xfffffffffffffea5}, 0x48) 175.210314ms ago: executing program 2 (id=7475): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90324fc60100c034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 146.632705ms ago: executing program 4 (id=7476): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001"], 0x118}}, 0x0) 124.571046ms ago: executing program 2 (id=7477): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) setsockopt$X25_QBITINCL(r0, 0x106, 0x1, &(0x7f0000000040), 0x4) 83.508327ms ago: executing program 2 (id=7478): r0 = syz_open_dev$video(&(0x7f0000000580), 0x20100009, 0xe8480) ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f000001f980)={0x3, {0xf790, 0x9, 0x7ff}, {0x100, 0xf9a, 0xffffffff, 0x8}, {0xf0c0, 0x75cb}}) 0s ago: executing program 2 (id=7479): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='./file0\x00', 0x80, &(0x7f0000000340)=ANY=[], 0x1, 0x374, &(0x7f0000000f80)="$eJzs3c9rI2UYwPEnbX5MWrbJQRQF6YNe9DK01bMaZBfEgEt3I+4Kwux2oiFjUmZCJCK2N6/izX9AcNnjgocF9R/oxdt68eLJXgRBFxFH5leapJMfjSmb7n4/0OZJ3veZed/84nkDeXP83pcfN+ueWbc6smKoZEREHoqUZUUSmegiLykO5eX1Px48f+3Gzbcr1erlXdUrleuv7Kjqxub3n3xWjLvdL8hR+YNjMX49evro2eN/r3/U8LThaavdUUtvtX/pWLccW/caXtNUverYlmdro+XZbtTejtrrTnt/v6dWa+/S2r5re55arZ427Z522tpxe2p9aDVaapqmXlpLG+5jzJgjp3Znd9eqzHnC23PmYdH+9n1/QrPrVqxVEbN4qqV251zHBQAAltJI/f91UiOUZaVfUGbitUA+jIeXAUH9n8Rh/R8sFk7q/7sv/NhZf/feRlz/38+n1f+v/hzlD9X/wdkXXv9/O3L9dEV04R2cpfP/qv+xHDaHX5G/nazYY0H9H7wa+iv63Pt3t8KA+h8AAAAAAAAAAAAAAAAAAAAAgIvgoe+XfN8vJZfJ38lXCOLrybVJXzTGhTPu8S/EOwr0nw94LF27cVOM8It72Q0R54turVuLLuP2pOOWlOSf8PkQizacOAwbNVCWH5yDbi0XJ6yG/ysiKo7Ysi0lKQ/lh/GVt6qXtzUS5YfnP+jWMtm1IL8ujTB/R0ryVHr+Tmp+Xl56cSDflJL8dFva4she/D6W5H++rfrmO9WR/GLYL83r5/uQAAAAAACwcKaqES+fy8Pr32j9bpqqae3BWl4G1+enPx/or6+3Utfn2dJz2Uc7dwAAAAAAnhRe/tOm5Ti26/XGBkWZ1qcQH22kKStTjhwE2Rn6DAUPwiA3qc/qwAxnPXI+/gWNWYfhej2ZecxJ8GdBUu/MZAvXoSYj/V6dMUjmP0Nn46wPgeutnH3ututtBuPRuaYzECQfG43rI1fnPfK4INk5d1rnZ7765q/5TpGJd+0dbHrtnjFlpmGQGbnlcMqT9nffD17UE8eTS3+3+G6eH5kBAAAAsCSSor/oJbe8MSVj/fwHBQAAAAAAAAAAAAAAAAAAAAAAAAAAAADAE2ah26SNCR71HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBl8V8AAAD//1f39NU=") mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) kernel console output (not intermixed with test programs): remainder of the config [ 632.462359][ T4222] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 632.620791][T17759] loop4: detected capacity change from 0 to 4096 [ 632.693317][T17759] ntfs3: loop4: Failed to load $AttrDef -> 0 [ 632.762146][ T4222] usb 3-1: string descriptor 0 read error: -22 [ 632.768444][ T4222] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 632.810002][ T4222] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 632.859490][ T4222] usb 3-1: config 0 descriptor?? [ 632.920019][T17749] loop1: detected capacity change from 0 to 32768 [ 632.925520][ T4222] hub 3-1:0.0: bad descriptor, ignoring hub [ 632.932423][ T4222] hub: probe of 3-1:0.0 failed with error -5 [ 633.035314][T17749] XFS (loop1): Mounting V5 Filesystem [ 633.099721][T17783] loop4: detected capacity change from 0 to 8 [ 633.160079][T17783] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 633.217204][T17763] loop0: detected capacity change from 0 to 32768 [ 633.276046][ T6053] usb 3-1: USB disconnect, device number 32 [ 633.298522][T17749] XFS (loop1): Tail block (0x80) overwrite detected. Updated to 0x100 [ 633.300158][T17763] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.6071 (17763) [ 633.336553][T17749] XFS (loop1): Starting recovery (logdev: internal) [ 633.368271][T17749] XFS (loop1): Ending recovery (logdev: internal) [ 633.450282][T17763] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 633.498627][T17763] BTRFS info (device loop0): using free space tree [ 633.509982][T17763] BTRFS info (device loop0): has skinny extents [ 633.625460][ T4233] XFS (loop1): Unmounting Filesystem [ 633.795855][T17801] loop2: detected capacity change from 0 to 128 [ 633.818807][T17785] loop4: detected capacity change from 0 to 40427 [ 633.861223][T17769] loop3: detected capacity change from 0 to 32768 [ 633.878053][T17763] BTRFS info (device loop0): enabling ssd optimizations [ 633.886920][T17785] F2FS-fs (loop4): invalid crc value [ 633.937588][T17769] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by syz.3.6075 (17769) [ 633.940095][T17785] F2FS-fs (loop4): Found nat_bits in checkpoint [ 634.053143][T17769] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 634.072106][T17769] BTRFS info (device loop3): using free space tree [ 634.094684][T17769] BTRFS info (device loop3): has skinny extents [ 634.263879][T17785] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 634.561064][T17769] BTRFS info (device loop3): enabling ssd optimizations [ 634.739523][T12784] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 634.747911][T17835] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 634.778627][T17835] EXT4-fs (loop0): group descriptors corrupted! [ 634.863925][ T4362] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 9 /dev/loop3 scanned by udevd (4362) [ 634.952659][ T21] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 635.016793][T12784] usb 3-1: Using ep0 maxpacket: 32 [ 635.145144][T12784] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 635.165194][T12784] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 635.176259][T12784] usb 3-1: config 1 interface 2 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7 [ 635.189160][T12784] usb 3-1: Duplicate descriptor for config 1 interface 2 altsetting 0, skipping [ 635.219879][ T21] usb 2-1: Using ep0 maxpacket: 16 [ 635.360522][ T21] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 635.378601][T12784] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 635.399747][T12784] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 635.410318][ T21] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 635.421245][T12784] usb 3-1: Product: syz [ 635.428038][ T21] usb 2-1: config 1 has no interface number 0 [ 635.443812][T12784] usb 3-1: Manufacturer: syz [ 635.449407][ T21] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0 [ 635.459810][T12784] usb 3-1: SerialNumber: syz [ 635.465837][ T5677] usb 4-1: new full-speed USB device number 19 using dummy_hcd [ 635.636884][ T21] usb 2-1: New USB device found, idVendor=0582, idProduct=00a3, bcdDevice= 0.40 [ 635.651511][T17844] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.6087 (17844) [ 635.660934][ T21] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 635.684079][ T21] usb 2-1: Product: syz [ 635.688955][ T21] usb 2-1: Manufacturer: syz [ 635.695193][ T21] usb 2-1: SerialNumber: syz [ 635.719647][T17844] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 635.745905][T17844] BTRFS info (device loop4): using free space tree [ 635.752546][T17844] BTRFS info (device loop4): has skinny extents [ 635.798680][T17844] BTRFS info (device loop4): enabling ssd optimizations [ 635.805023][T17850] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512) [ 635.876843][T12784] usb 3-1: USB disconnect, device number 33 [ 635.935056][T17850] ntfs3: loop0: Failed to load $BadClus. [ 636.013930][ T21] usb 2-1: unknown sample rate [ 636.032563][ T5677] usb 4-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=c2.f4 [ 636.050166][ T5677] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 636.061209][ T5677] usb 4-1: Product: syz [ 636.069724][ T21] usb 2-1: USB disconnect, device number 29 [ 636.076521][ T5677] usb 4-1: Manufacturer: syz [ 636.096649][ T5677] usb 4-1: SerialNumber: syz [ 636.111883][ T5677] usb 4-1: config 0 descriptor?? [ 636.306255][ T4560] udevd[4560]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 636.476710][T17872] EXT4-fs (loop0): Unsupported blocksize for fs-verity [ 636.476769][ T5678] usb 4-1: USB disconnect, device number 19 [ 636.583156][T17875] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 636.670304][T17883] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 636.800932][T17886] set_capacity_and_notify: 7 callbacks suppressed [ 636.800950][T17886] loop2: detected capacity change from 0 to 512 [ 636.941595][T17886] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 637.111706][T17878] loop4: detected capacity change from 0 to 32768 [ 637.135098][T17878] BTRFS: device fsid afd29e67-b8c6-49b0-b0d7-0efab618e2f3 devid 1 transid 8 /dev/loop4 scanned by syz.4.6091 (17878) [ 637.205670][T17897] loop3: detected capacity change from 0 to 17 [ 637.207777][ T6053] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 637.237096][T17878] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 637.247969][T17878] BTRFS info (device loop4): using free space tree [ 637.270495][T17878] BTRFS info (device loop4): has skinny extents [ 637.279163][T17897] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop3 [ 637.376770][T17906] loop3: detected capacity change from 0 to 16 [ 637.409885][T17906] erofs: (device loop3): mounted with root inode @ nid 36. [ 637.507057][ T6053] usb 2-1: Using ep0 maxpacket: 32 [ 637.518249][T17878] BTRFS info (device loop4): enabling ssd optimizations [ 637.646031][ T6053] usb 2-1: config 8 has an invalid interface association descriptor of length 5, skipping [ 637.663091][ T6053] usb 2-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 637.686545][ T6053] usb 2-1: config 8 has 0 interfaces, different from the descriptor's value: 1 [ 637.764493][T17896] loop2: detected capacity change from 0 to 32768 [ 637.795105][T17896] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.6099 (17896) [ 637.822651][T17920] loop3: detected capacity change from 0 to 4096 [ 637.846502][T17896] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 637.877026][T17896] BTRFS info (device loop2): using free space tree [ 637.908387][T17896] BTRFS info (device loop2): has skinny extents [ 637.913391][T17920] ntfs: (device loop3): parse_options(): Unrecognized mount option disab|e_sparse. [ 637.930604][ T6053] usb 2-1: New USB device found, idVendor=16ca, idProduct=1502, bcdDevice=4b.99 [ 637.946064][ T6053] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 637.983693][ T6053] usb 2-1: Product: syz [ 638.000167][ T6053] usb 2-1: Manufacturer: syz [ 638.004810][ T6053] usb 2-1: SerialNumber: syz [ 638.219548][T17896] BTRFS info (device loop2): enabling ssd optimizations [ 638.397394][ T6053] usb 2-1: USB disconnect, device number 30 [ 638.518542][T17948] loop4: detected capacity change from 0 to 2048 [ 638.595709][ T4560] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 9 /dev/loop2 scanned by udevd (4560) [ 638.626496][T17948] hpfs: hpfs_map_sector(): read error [ 638.849267][T17951] loop4: detected capacity change from 0 to 512 [ 638.991538][T17951] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 639.057313][T17959] loop1: detected capacity change from 0 to 512 [ 639.090477][T17961] loop2: detected capacity change from 0 to 2048 [ 639.152738][T17946] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.6106 (17946) [ 639.188689][T17961] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 639.247559][T17959] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 639.248173][T17961] ext4 filesystem being mounted at /1148/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 639.352860][T17946] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 639.408143][T17946] BTRFS info (device loop3): using free space tree [ 639.466064][T17946] BTRFS info (device loop3): has skinny extents [ 639.816290][T17966] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 8 /dev/loop4 scanned by syz.4.6112 (17966) [ 639.936137][ T1261] BTRFS warning (device loop3): checksum verify failed on 5287936 wanted 0x10870a5f found 0x52c9fede level 0 [ 639.975053][T17966] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 639.998318][T17946] BTRFS warning (device loop3): failed to read root (objectid=7): -5 [ 640.034139][T17966] BTRFS info (device loop4): using free space tree [ 640.059564][T17966] BTRFS info (device loop4): has skinny extents [ 640.336981][T17976] (syz.1.6114,17976,1):ocfs2_journal_init:900 ERROR: Journal file size (0) is too small! [ 640.349119][T17976] (syz.1.6114,17976,0):ocfs2_check_volume:2408 ERROR: Could not initialize journal! [ 640.360264][T17976] (syz.1.6114,17976,0):ocfs2_check_volume:2493 ERROR: status = -22 [ 640.381627][T17976] (syz.1.6114,17976,1):ocfs2_mount_volume:1824 ERROR: status = -22 [ 640.417091][T17976] (syz.1.6114,17976,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 640.468070][T17946] BTRFS error (device loop3): open_ctree failed: -22 [ 640.468973][T17980] BTRFS: device fsid d09153a9-5497-4f31-8e52-d2d02bbdf7fc devid 1 transid 8 /dev/loop2 scanned by syz.2.6115 (17980) [ 640.521015][ T4362] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by udevd (4362) [ 640.557654][T17980] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 640.591716][T17980] BTRFS info (device loop2): using free space tree [ 640.626431][T17966] BTRFS info (device loop4): enabling ssd optimizations [ 640.633134][T17980] BTRFS info (device loop2): has skinny extents [ 640.946503][T17980] BTRFS info (device loop2): enabling ssd optimizations [ 641.178612][ T4560] BTRFS: device fsid db05bf05-c4f4-4d41-ba1f-eb57295b561b devid 1 transid 9 /dev/loop4 scanned by udevd (4560) [ 641.246663][T18036] EXT4-fs (loop1): Unsupported blocksize for fs-verity [ 641.531259][T18023] BTRFS: device fsid 8f67342e-760a-4d9f-bdfe-dfdef307742f devid 1 transid 8 /dev/loop3 scanned by syz.3.6117 (18023) [ 641.644422][T18041] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 641.718700][T18023] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 641.727402][T18023] BTRFS info (device loop3): using free space tree [ 641.793625][T18023] BTRFS info (device loop3): has skinny extents [ 642.429833][T18070] set_capacity_and_notify: 9 callbacks suppressed [ 642.429851][T18070] loop2: detected capacity change from 0 to 4096 [ 642.463307][T18065] loop1: detected capacity change from 0 to 4096 [ 642.590223][T18023] BTRFS info (device loop3): enabling ssd optimizations [ 642.599233][T18070] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 642.640726][T18065] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 642.673539][T18047] loop4: detected capacity change from 0 to 32768 [ 642.794859][T18047] BTRFS: device fsid 17bca515-437c-4bbd-9eb0-5eb74df1971f devid 1 transid 8 /dev/loop4 scanned by syz.4.6122 (18047) [ 642.957861][T18059] loop0: detected capacity change from 0 to 32768 [ 643.301433][ T4559] BTRFS: device fsid 8f67342e-760a-4d9f-bdfe-dfdef307742f devid 1 transid 9 /dev/loop3 scanned by udevd (4559) [ 643.302502][T18047] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 643.335395][T18059] BTRFS: device fsid 97240a68-9a28-4597-b04c-66b27e1182f2 devid 1 transid 8 /dev/loop0 scanned by syz.0.6124 (18059) [ 643.379004][T18047] BTRFS info (device loop4): using free space tree [ 643.406297][T18047] BTRFS info (device loop4): has skinny extents [ 643.420217][T18059] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 643.459890][T18059] BTRFS info (device loop0): using free space tree [ 643.489600][T18059] BTRFS info (device loop0): has skinny extents [ 643.684237][T18047] BTRFS info (device loop4): enabling ssd optimizations [ 643.833796][T18082] loop1: detected capacity change from 0 to 32768 [ 643.917971][T18082] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 643.958108][T18082] dlm: no local IP address has been set [ 643.964464][T18082] dlm: cannot start dlm midcomms -107 [ 643.973005][T18082] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 643.990668][T18059] BTRFS info (device loop0): enabling ssd optimizations [ 644.120689][ T4306] BTRFS: device fsid 17bca515-437c-4bbd-9eb0-5eb74df1971f devid 1 transid 9 /dev/loop4 scanned by udevd (4306) [ 645.051667][T18080] loop2: detected capacity change from 0 to 65536 [ 645.324693][T18086] loop3: detected capacity change from 0 to 32768 [ 645.374881][T18080] XFS (loop2): Mounting V5 Filesystem [ 645.377760][T18086] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 645.397925][T18086] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 645.542783][T18086] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 645.546786][T18080] XFS (loop2): Ending clean mount [ 645.619966][ T5675] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 645.634128][ T5675] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 645.672040][T18127] loop1: detected capacity change from 0 to 32768 [ 645.697172][ T4234] XFS (loop2): Unmounting Filesystem [ 645.754999][T18127] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 645.773368][T18127] CPU: 0 PID: 18127 Comm: syz.1.6130 Not tainted syzkaller #0 [ 645.780892][T18127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 645.791244][T18127] Call Trace: [ 645.794554][T18127] [ 645.797510][T18127] dump_stack_lvl+0x188/0x250 [ 645.802400][T18127] ? show_regs_print_info+0x20/0x20 [ 645.807727][T18127] ? load_image+0x400/0x400 [ 645.812280][T18127] sysfs_create_dir_ns+0x26a/0x290 [ 645.817639][T18127] ? sysfs_warn_dup+0xa0/0xa0 [ 645.822436][T18127] ? do_raw_spin_unlock+0x11d/0x230 [ 645.827769][T18127] kobject_add_internal+0x6e0/0xd90 [ 645.833011][T18127] kobject_init_and_add+0x128/0x190 [ 645.838251][T18127] ? lockdep_softirqs_off+0x430/0x430 [ 645.843663][T18127] ? kobject_add+0x230/0x230 [ 645.848288][T18127] ? __init_swait_queue_head+0xa5/0x150 [ 645.853877][T18127] gfs2_sys_fs_add+0x24f/0x4b0 [ 645.858674][T18127] ? gfs2_recover_set+0x240/0x240 [ 645.863748][T18127] ? snprintf+0xe5/0x140 [ 645.868017][T18127] ? __free_pages+0x95/0x1a0 [ 645.872735][T18127] ? vscnprintf+0x80/0x80 [ 645.877126][T18127] gfs2_fill_super+0x120f/0x1f00 [ 645.882106][T18127] ? gfs2_reconfigure+0xd30/0xd30 [ 645.883408][ T5675] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 233ms [ 645.887250][T18127] ? sb_set_blocksize+0xa5/0xe0 [ 645.887278][T18127] get_tree_bdev+0x3f1/0x610 [ 645.887305][T18127] ? gfs2_reconfigure+0xd30/0xd30 [ 645.910295][T18127] gfs2_get_tree+0x4d/0x1e0 [ 645.914865][T18127] vfs_get_tree+0x88/0x270 [ 645.919306][T18127] do_new_mount+0x24a/0xa40 [ 645.923868][T18127] __se_sys_mount+0x2e3/0x3d0 [ 645.928853][T18127] ? __x64_sys_mount+0xc0/0xc0 [ 645.929855][ T5675] gfs2: fsid=syz:syz.0: jid=0: Done [ 645.933649][T18127] ? lockdep_hardirqs_on+0x94/0x140 [ 645.944139][T18127] ? __x64_sys_mount+0x1c/0xc0 [ 645.949020][T18127] do_syscall_64+0x4c/0xa0 [ 645.953467][T18127] ? clear_bhb_loop+0x30/0x80 [ 645.958170][T18127] ? clear_bhb_loop+0x30/0x80 [ 645.961759][T18086] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 645.962869][T18127] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 645.975952][T18127] RIP: 0033:0x7f659d6bca8a [ 645.980398][T18127] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 646.000342][T18127] RSP: 002b:00007f659b914e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 646.008981][T18127] RAX: ffffffffffffffda RBX: 00007f659b914ee0 RCX: 00007f659d6bca8a [ 646.017006][T18127] RDX: 00002000000124c0 RSI: 0000200000012500 RDI: 00007f659b914ea0 [ 646.025566][T18127] RBP: 00002000000124c0 R08: 00007f659b914ee0 R09: 0000000000000000 [ 646.033580][T18127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000012500 [ 646.041587][T18127] R13: 00007f659b914ea0 R14: 0000000000012493 R15: 0000200000012540 [ 646.049609][T18127] [ 646.057343][T18127] kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 646.075552][T18127] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 646.337845][T18138] loop0: detected capacity change from 0 to 32768 [ 646.435387][T18138] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.6131 (18138) [ 646.504113][T18138] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm [ 646.545452][T18138] BTRFS info (device loop0): using free space tree [ 646.601584][T18138] BTRFS info (device loop0): has skinny extents [ 646.913930][T18138] BTRFS info (device loop0): enabling ssd optimizations [ 647.803820][T18145] loop1: detected capacity change from 0 to 32768 [ 647.906358][T18145] gfs2: fsid=syz:syz: Trying to join cluster "lock_dlm", "syz:syz" [ 647.948386][T18145] dlm: no local IP address has been set [ 647.955606][T18145] dlm: cannot start dlm midcomms -107 [ 647.981900][T18145] gfs2: fsid=syz:syz: dlm_new_lockspace error -107 [ 648.594567][T18168] loop0: detected capacity change from 0 to 32768 [ 648.672623][T18168] BTRFS: device fsid 384aeb47-f1c2-4293-8350-e6dffa96895f devid 1 transid 8 /dev/loop0 scanned by syz.0.6134 (18168) [ 648.708489][T18168] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm [ 648.738640][T18168] BTRFS info (device loop0): using free space tree [ 648.771185][T18168] BTRFS info (device loop0): has skinny extents [ 649.113366][T18168] BTRFS info (device loop0): enabling ssd optimizations [ 649.141372][T18170] loop4: detected capacity change from 0 to 32768 [ 649.171654][T18172] loop1: detected capacity change from 0 to 32768 [ 649.307977][T18170] BTRFS: device fsid f8fbafda-0237-42f9-bd6b-a83e6ac3fc88 devid 1 transid 8 /dev/loop4 scanned by syz.4.6136 (18170) [ 649.642580][T18172] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 scanned by syz.1.6137 (18172) [ 649.673666][T18170] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 649.696804][T18172] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 649.701361][T18170] BTRFS info (device loop4): using free space tree [ 649.712680][T18172] BTRFS info (device loop1): using free space tree [ 649.759636][T18172] BTRFS info (device loop1): has skinny extents [ 649.783343][T18170] BTRFS info (device loop4): has skinny extents [ 649.810235][T18165] loop2: detected capacity change from 0 to 131072 [ 649.945978][T18165] F2FS-fs (loop2): Found nat_bits in checkpoint [ 650.089146][T18234] loop0: detected capacity change from 0 to 512 [ 650.170644][T18170] BTRFS info (device loop4): enabling ssd optimizations [ 650.225518][T18172] BTRFS info (device loop1): enabling ssd optimizations [ 650.232806][T18234] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 650.256371][T18234] ext4 filesystem being mounted at /1187/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 651.148186][T18247] loop0: detected capacity change from 0 to 732 [ 651.484390][T18242] loop2: detected capacity change from 0 to 32768 [ 651.549363][T18249] loop1: detected capacity change from 0 to 1024 [ 651.598847][T18242] BTRFS: device fsid 16bad5ef-498e-43ba-8a30-25ddcaa179c7 devid 1 transid 8 /dev/loop2 scanned by syz.2.6139 (18242) [ 651.624815][ T5682] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 651.653831][T18251] loop0: detected capacity change from 0 to 2048 [ 651.668474][T18242] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 651.677177][T18242] BTRFS info (device loop2): using free space tree [ 651.713306][T18242] BTRFS info (device loop2): has skinny extents [ 651.764815][T18251] EXT4-fs (loop0): Unsupported blocksize for fs-verity [ 652.103360][T18263] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 652.131595][T18242] BTRFS info (device loop2): enabling ssd optimizations [ 652.202030][ T5682] usb 5-1: New USB device found, idVendor=2040, idProduct=d853, bcdDevice=f8.f6 [ 652.222040][ T5682] usb 5-1: New USB device strings: Mfr=65, Product=2, SerialNumber=3 [ 652.230456][ T5682] usb 5-1: Product: syz [ 652.235021][ T5682] usb 5-1: Manufacturer: syz [ 652.244944][ T5682] usb 5-1: SerialNumber: syz [ 652.300143][ T5682] usb 5-1: dvb_usb_v2: found a 'Hauppauge Mercury' in warm state [ 652.340893][ T5682] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 652.383201][ T5682] dvbdev: DVB: registering new adapter (Hauppauge Mercury) [ 652.405358][ T5682] usb 5-1: media controller created [ 652.444196][ T5682] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 652.507226][ T5682] usb 5-1: selecting invalid altsetting 1 [ 652.533361][ T5682] set interface failed [ 652.533789][ T5682] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 652.587567][ T5682] error writing reg: 0xff, val: 0x00 [ 652.648618][ T5682] dvb_usb_mxl111sf: probe of 5-1:2.0 failed with error -22 [ 652.697633][ T5682] usb 5-1: USB disconnect, device number 14 [ 652.744771][T18269] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 scanned by syz.0.6145 (18269) [ 652.868279][T18269] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 652.909635][T18269] BTRFS info (device loop0): using free space tree [ 652.931214][T18269] BTRFS info (device loop0): has skinny extents [ 653.044412][T18274] BTRFS: device fsid ed4422de-dbc1-4dc1-8d60-3583f36c24cc devid 1 transid 8 /dev/loop3 scanned by syz.3.6146 (18274) [ 653.185069][T18269] BTRFS info (device loop0): enabling ssd optimizations [ 653.221947][T18274] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 653.396713][T18305] set_capacity_and_notify: 4 callbacks suppressed [ 653.396731][T18305] loop4: detected capacity change from 0 to 128 [ 653.434095][T18274] BTRFS info (device loop3): using free space tree [ 653.473272][T18274] BTRFS info (device loop3): has skinny extents [ 653.820958][T18280] loop1: detected capacity change from 0 to 32768 [ 653.854282][T18280] BTRFS: device fsid cd9941ec-5f77-48ee-8e7d-6f6f8a5e5a08 devid 1 transid 8 /dev/loop1 scanned by syz.1.6148 (18280) [ 653.919716][T18274] BTRFS info (device loop3): enabling ssd optimizations [ 654.060652][T18280] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 654.136258][T18280] BTRFS info (device loop1): using free space tree [ 654.142887][T18280] BTRFS info (device loop1): has skinny extents [ 654.367609][ T4362] BTRFS: device fsid ed4422de-dbc1-4dc1-8d60-3583f36c24cc devid 1 transid 9 /dev/loop3 scanned by udevd (4362) [ 654.558523][T18280] BTRFS info (device loop1): enabling ssd optimizations [ 654.569488][T18303] loop2: detected capacity change from 0 to 32768 [ 654.628620][T18303] BTRFS: device fsid 4c645aab-a6bb-4c7f-acba-f49e7dbd8268 devid 1 transid 8 /dev/loop2 scanned by syz.2.6149 (18303) [ 654.693665][T18353] loop0: detected capacity change from 0 to 1024 [ 654.768657][T18353] EXT4-fs (loop0): Unsupported blocksize for fs-verity [ 654.875246][T18303] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 654.938833][T18303] BTRFS info (device loop2): using free space tree [ 654.969852][T18303] BTRFS info (device loop2): has skinny extents [ 655.030297][T18361] loop0: detected capacity change from 0 to 128 [ 655.335488][T18374] loop0: detected capacity change from 0 to 128 [ 655.517405][T18356] loop3: detected capacity change from 0 to 32768 [ 655.538206][T18303] BTRFS info (device loop2): enabling ssd optimizations [ 655.589720][T18356] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.6154 (18356) [ 655.691186][T18383] loop0: detected capacity change from 0 to 512 [ 655.715021][T18356] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 655.763496][T18356] BTRFS info (device loop3): using free space tree [ 655.770164][T18356] BTRFS info (device loop3): has skinny extents [ 655.881419][T18383] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 656.144292][T18356] BTRFS info (device loop3): enabling ssd optimizations [ 656.176870][T18409] loop1: detected capacity change from 0 to 1164 [ 656.677610][T18411] loop1: detected capacity change from 0 to 2364 [ 656.750450][ T4362] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 9 /dev/loop3 scanned by udevd (4362) [ 656.812584][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 656.819032][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 658.054810][T18420] BTRFS: device fsid 9399ba92-402c-46cb-a272-9c4c6c4f62f5 devid 1 transid 8 /dev/loop1 scanned by syz.1.6167 (18420) [ 658.129923][T18420] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 658.156658][T18420] BTRFS info (device loop1): using free space tree [ 658.184911][T18420] BTRFS info (device loop1): has skinny extents [ 658.364939][T18428] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 scanned by syz.3.6170 (18428) [ 658.509986][T18428] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 658.519714][T18420] BTRFS info (device loop1): enabling ssd optimizations [ 658.532146][T18428] BTRFS info (device loop3): using free space tree [ 658.572225][T18428] BTRFS info (device loop3): has skinny extents [ 658.727294][T18426] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 658.737755][T18424] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz' [ 658.763757][T18424] CPU: 0 PID: 18424 Comm: syz.4.6168 Not tainted syzkaller #0 [ 658.771290][T18424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 658.781461][T18424] Call Trace: [ 658.784772][T18424] [ 658.787736][T18424] dump_stack_lvl+0x188/0x250 [ 658.792447][T18424] ? show_regs_print_info+0x20/0x20 [ 658.797680][T18424] ? load_image+0x400/0x400 [ 658.802255][T18424] sysfs_create_dir_ns+0x26a/0x290 [ 658.807400][T18424] ? sysfs_warn_dup+0xa0/0xa0 [ 658.812119][T18424] ? do_raw_spin_unlock+0x11d/0x230 [ 658.817353][T18424] kobject_add_internal+0x6e0/0xd90 [ 658.822589][T18424] kobject_init_and_add+0x128/0x190 [ 658.827807][T18424] ? lockdep_softirqs_off+0x430/0x430 [ 658.833317][T18424] ? kobject_add+0x230/0x230 [ 658.838070][T18424] ? __init_swait_queue_head+0xa5/0x150 [ 658.843655][T18424] gfs2_sys_fs_add+0x24f/0x4b0 [ 658.848455][T18424] ? gfs2_recover_set+0x240/0x240 [ 658.853513][T18424] ? snprintf+0xe5/0x140 [ 658.857784][T18424] ? __free_pages+0x95/0x1a0 [ 658.862519][T18424] ? vscnprintf+0x80/0x80 [ 658.866974][T18424] gfs2_fill_super+0x120f/0x1f00 [ 658.871950][T18424] ? gfs2_reconfigure+0xd30/0xd30 [ 658.877017][T18424] ? sb_set_blocksize+0xa5/0xe0 [ 658.881898][T18424] get_tree_bdev+0x3f1/0x610 [ 658.886525][T18424] ? gfs2_reconfigure+0xd30/0xd30 [ 658.891592][T18424] gfs2_get_tree+0x4d/0x1e0 [ 658.896127][T18424] vfs_get_tree+0x88/0x270 [ 658.900581][T18424] do_new_mount+0x24a/0xa40 [ 658.905123][T18424] __se_sys_mount+0x2e3/0x3d0 [ 658.909849][T18424] ? __x64_sys_mount+0xc0/0xc0 [ 658.914647][T18424] ? lockdep_hardirqs_on+0x94/0x140 [ 658.919878][T18424] ? __x64_sys_mount+0x1c/0xc0 [ 658.922099][T18426] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 658.924812][T18424] do_syscall_64+0x4c/0xa0 [ 658.924845][T18424] ? clear_bhb_loop+0x30/0x80 [ 658.924866][T18424] ? clear_bhb_loop+0x30/0x80 [ 658.924890][T18424] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 658.924911][T18424] RIP: 0033:0x7f853c792a8a [ 658.924933][T18424] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 658.924952][T18424] RSP: 002b:00007f853a9eae58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 658.924977][T18424] RAX: ffffffffffffffda RBX: 00007f853a9eaee0 RCX: 00007f853c792a8a [ 658.946737][T18426] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 658.951882][T18424] RDX: 000020000003b2c0 RSI: 000020000003b300 RDI: 00007f853a9eaea0 [ 658.963349][T12784] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 658.976304][T18424] RBP: 000020000003b2c0 R08: 00007f853a9eaee0 R09: 0000000000000000 [ 658.976330][T18424] R10: 0000000000000000 R11: 0000000000000246 R12: 000020000003b300 [ 658.976345][T18424] R13: 00007f853a9eaea0 R14: 000000000003b281 R15: 000020000003b340 [ 658.976377][T18424] [ 659.081170][T12784] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 659.241726][T12784] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 150ms [ 659.252197][T12784] gfs2: fsid=syz:syz.0: jid=0: Done [ 659.262240][T18426] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 659.269464][T18424] kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory. [ 659.269488][T18424] gfs2: fsid=syz:syz: error -17 adding sysfs files [ 659.292488][ T4306] BTRFS: device fsid 9399ba92-402c-46cb-a272-9c4c6c4f62f5 devid 1 transid 9 /dev/loop1 scanned by udevd (4306) [ 659.363163][T18428] BTRFS info (device loop3): enabling ssd optimizations [ 660.058631][T18473] set_capacity_and_notify: 6 callbacks suppressed [ 660.058653][T18473] loop4: detected capacity change from 0 to 4096 [ 660.292341][ T1111] usb 2-1: new full-speed USB device number 31 using dummy_hcd [ 660.344691][T18473] ntfs: volume version 3.1. [ 660.716885][T18480] loop0: detected capacity change from 0 to 64 [ 660.901370][ T1111] usb 2-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=c2.f4 [ 660.910556][ T1111] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 660.954702][ T1111] usb 2-1: Product: syz [ 660.958928][ T1111] usb 2-1: Manufacturer: syz [ 660.982651][ T1111] usb 2-1: SerialNumber: syz [ 661.018416][ T1111] usb 2-1: config 0 descriptor?? [ 661.082150][T18484] loop0: detected capacity change from 0 to 2048 [ 661.246749][T18487] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 661.339725][ T5687] usb 2-1: USB disconnect, device number 31 [ 661.994927][T18486] loop2: detected capacity change from 0 to 32768 [ 663.235259][T18493] loop2: detected capacity change from 0 to 32768 [ 663.356011][T18493] (syz.2.6181,18493,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 663.374463][T18493] (syz.2.6181,18493,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 664.515102][T18495] loop2: detected capacity change from 0 to 32768 [ 666.668144][T18501] loop3: detected capacity change from 0 to 65536 [ 666.710681][T18501] (syz.3.6185,18501,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 666.747009][T18501] (syz.3.6185,18501,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 666.915828][T18503] loop1: detected capacity change from 0 to 65536 [ 666.993935][T18503] (syz.1.6186,18503,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 667.049887][T18503] (syz.1.6186,18503,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 667.977942][T18507] loop3: detected capacity change from 0 to 32768 [ 668.077952][T18507] (syz.3.6188,18507,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 668.114606][T18507] (syz.3.6188,18507,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 668.360414][T18513] loop3: detected capacity change from 0 to 2048 [ 668.564332][T18515] loop2: detected capacity change from 0 to 8192 [ 668.652753][T18515] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal [ 668.703748][T18515] REISERFS (device loop2): using ordered data mode [ 668.757051][T18515] reiserfs: using flush barriers [ 668.827831][T18515] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 668.830460][T18505] loop0: detected capacity change from 0 to 131072 [ 668.889145][T18515] REISERFS (device loop2): checking transaction log (loop2) [ 669.252870][T18515] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[1 2 0(1) DIR], item_len 35, item_location 4029, free_space(entry_count) 2 [ 669.290147][T18515] REISERFS error (device loop2): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 669.331496][T18518] loop3: detected capacity change from 0 to 16384 [ 669.333329][T18515] REISERFS (device loop2): Remounting filesystem read-only [ 669.376108][T18515] REISERFS error (device loop2): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 669.416802][T18518] REISERFS warning (device loop3): sh-2011 read_super_block: can't find a reiserfs filesystem on (dev loop3, block 16, size 4096) [ 669.433313][T18515] REISERFS warning (device loop2): reiserfs_fill_super: corrupt root inode, run fsck [ 669.444548][T18518] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 [ 669.916577][T18511] loop4: detected capacity change from 0 to 65536 [ 670.008328][T18511] (syz.4.6190,18511,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 670.038966][T18511] (syz.4.6190,18511,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 672.180468][T18529] loop1: detected capacity change from 0 to 65536 [ 672.232762][T18529] (syz.1.6198,18529,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options [ 672.281660][T18529] (syz.1.6198,18529,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 672.881902][T18533] loop0: detected capacity change from 0 to 4096 [ 672.925325][T18533] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512) [ 672.939532][T18531] loop1: detected capacity change from 0 to 16384 [ 672.994428][T18531] REISERFS warning (device loop1): sh-2011 read_super_block: can't find a reiserfs filesystem on (dev loop1, block 16, size 4096) [ 673.012110][T18531] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1 [ 673.372721][T18538] loop1: detected capacity change from 0 to 1 [ 673.449875][T18538] attempt to access beyond end of device [ 673.449875][T18538] loop1: rw=2048, want=8, limit=1 [ 673.501671][T18538] SQUASHFS error: Failed to read block 0x0: -5 [ 673.507972][T18538] unable to read squashfs_super_block [ 673.627341][T18544] loop0: detected capacity change from 0 to 128 [ 673.651511][T18542] loop3: detected capacity change from 0 to 4096 [ 673.709897][T18544] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 673.751060][T18542] ntfs: volume version 3.1. [ 673.799966][T18544] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 674.074403][T18554] loop4: detected capacity change from 0 to 256 [ 674.085237][T18553] loop0: detected capacity change from 0 to 256 [ 674.150450][T18554] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 674.225375][T18553] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 674.246779][T18554] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 674.292901][T18553] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512 [ 674.298965][T18554] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 674.324882][T18553] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 674.332623][T18553] UDF-fs: Scanning with blocksize 512 failed [ 674.375162][T18556] loop3: detected capacity change from 0 to 4096 [ 674.377877][T18554] UDF-fs: Scanning with blocksize 512 failed [ 674.394381][T18553] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 674.417019][T18554] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 674.443088][T18553] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 674.459403][T18554] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 674.533104][T18556] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 674.573851][T18556] UDF-fs: Scanning with blocksize 512 failed [ 674.678156][T18556] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 674.770946][T18560] loop4: detected capacity change from 0 to 2048 [ 674.898842][T18560] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 674.936626][T18560] UDF-fs: Scanning with blocksize 512 failed [ 674.959849][T18560] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 675.001863][T18559] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 675.015435][T18563] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 675.029082][T18562] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 675.049686][T18562] UDF-fs: Scanning with blocksize 512 failed [ 675.056530][T18559] UDF-fs: Scanning with blocksize 512 failed [ 675.141162][T18559] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 675.163833][T18562] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 675.311387][T18565] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 675.466603][T18566] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 675.499972][T18566] UDF-fs: Scanning with blocksize 512 failed [ 675.537409][T18566] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 675.894758][T18575] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 675.916129][T18575] UDF-fs: Scanning with blocksize 512 failed [ 675.938766][T18575] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 675.965669][T18578] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 675.976570][T18578] UDF-fs: Scanning with blocksize 512 failed [ 676.000554][T18575] UDF-fs: Scanning with blocksize 1024 failed [ 676.051220][T18575] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 676.051351][T18578] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 676.090380][T18575] UDF-fs: Scanning with blocksize 2048 failed [ 676.104787][T18578] UDF-fs: Scanning with blocksize 1024 failed [ 676.148677][T18578] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 676.162523][T18578] UDF-fs: Scanning with blocksize 2048 failed [ 676.163718][T18575] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 676.237586][T18578] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 676.277684][T18582] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 676.299668][T18575] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 676.319312][T18578] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 676.380030][T18582] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 676.744791][T18588] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 676.790656][T18588] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 676.900265][T18584] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 676.909612][T18584] REISERFS (device loop4): using ordered data mode [ 676.916468][T18584] reiserfs: using flush barriers [ 676.938117][T18584] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 676.954952][T18584] REISERFS (device loop4): checking transaction log (loop4) [ 677.199070][T18584] REISERFS (device loop4): Using tea hash to sort names [ 677.206462][T18584] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 677.900175][T18605] set_capacity_and_notify: 14 callbacks suppressed [ 677.900194][T18605] loop1: detected capacity change from 0 to 8192 [ 677.960404][T18609] loop4: detected capacity change from 0 to 512 [ 678.027150][T18605] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 678.037872][T18605] UDF-fs: Scanning with blocksize 512 failed [ 678.079027][T18605] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 678.113631][T18605] UDF-fs: Scanning with blocksize 1024 failed [ 678.147931][T18605] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 678.184042][T18605] UDF-fs: Scanning with blocksize 2048 failed [ 678.206193][T18605] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 678.562147][T18612] loop1: detected capacity change from 0 to 128 [ 678.572255][T18613] loop4: detected capacity change from 0 to 128 [ 679.004449][T18619] loop1: detected capacity change from 0 to 2048 [ 679.035666][T18617] loop4: detected capacity change from 0 to 8192 [ 679.148661][T18621] loop2: detected capacity change from 0 to 128 [ 679.382104][T18627] loop2: detected capacity change from 0 to 128 [ 679.623690][T18624] loop1: detected capacity change from 0 to 8192 [ 679.640281][T18615] loop0: detected capacity change from 0 to 32768 [ 680.013162][T18615] XFS (loop0): Mounting V5 Filesystem [ 680.178393][T18642] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 680.262205][T18642] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 680.298551][T18642] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 680.341208][T18642] UDF-fs: Scanning with blocksize 512 failed [ 680.352138][T18642] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 680.397000][T18642] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 680.413415][T18615] XFS (loop0): Tail block (0x80) overwrite detected. Updated to 0x100 [ 680.483145][T18615] XFS (loop0): Starting recovery (logdev: internal) [ 680.532111][T18615] XFS (loop0): Ending recovery (logdev: internal) [ 680.722754][ T4227] XFS (loop0): Unmounting Filesystem [ 681.810202][T18657] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 681.908099][T18657] REISERFS (device loop0): using ordered data mode [ 681.951295][T18657] reiserfs: using flush barriers [ 681.990844][T18657] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 682.040768][T18657] REISERFS (device loop0): checking transaction log (loop0) [ 682.265974][T18657] REISERFS (device loop0): Using r5 hash to sort names [ 682.284170][T18657] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 682.542922][T18632] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal [ 682.553827][T18632] REISERFS (device loop2): using ordered data mode [ 682.588301][T18632] reiserfs: using flush barriers [ 682.672915][T18632] REISERFS (device loop2): journal params: device loop2, size 15748, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30 [ 682.764126][T18632] REISERFS (device loop2): checking transaction log (loop2) [ 683.807923][T18661] set_capacity_and_notify: 6 callbacks suppressed [ 683.807940][T18661] loop0: detected capacity change from 0 to 32768 [ 685.161059][ T5687] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 685.417584][ T5687] usb 4-1: Using ep0 maxpacket: 8 [ 685.546093][ T5687] usb 4-1: config 0 has an invalid interface number: 143 but max is 0 [ 685.566746][ T5687] usb 4-1: config 0 has no interface number 0 [ 685.587055][ T5687] usb 4-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b [ 685.616769][ T5687] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 685.667208][ T5687] usb 4-1: config 0 descriptor?? [ 685.866509][ T5687] viperboard 4-1:0.143: version 0.00 found at bus 004 address 020 [ 685.930683][ T5687] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100 [ 685.975985][ T5687] viperboard-i2c: probe of viperboard-i2c.2.auto failed with error -5 [ 686.032595][ T5687] usb 4-1: USB disconnect, device number 20 [ 686.849617][ T6051] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 687.288067][ T6051] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 687.307937][ T6051] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 687.580806][ T6051] usb 4-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40 [ 687.601796][ T6051] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 687.629814][ T6051] usb 4-1: Product: syz [ 687.645075][ T6051] usb 4-1: Manufacturer: syz [ 687.649734][ T6051] usb 4-1: SerialNumber: syz [ 687.887981][T18673] loop4: detected capacity change from 0 to 32768 [ 688.079092][ T6051] usb 4-1: 0:1 : does not exist [ 688.087916][T18673] XFS (loop4): Mounting V5 Filesystem [ 688.090222][ T6051] usb 4-1: BAAD SPEAKER p_chmask mismatch [ 688.133651][ T6051] snd-usb-audio: probe of 4-1:1.0 failed with error -22 [ 688.145046][ T6051] usb 4-1: USB disconnect, device number 21 [ 688.253264][T18673] XFS (loop4): Ending clean mount [ 688.289811][ T4232] XFS (loop4): Unmounting Filesystem [ 688.401795][ T4362] udevd[4362]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 688.677502][T18632] REISERFS (device loop2): Using r5 hash to sort names [ 688.696254][T18632] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage. [ 688.846488][T18685] loop3: detected capacity change from 0 to 8192 [ 688.887921][T18685] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 688.902246][T18685] REISERFS (device loop3): using ordered data mode [ 688.909827][T18685] reiserfs: using flush barriers [ 688.973500][T18685] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 689.083700][T18685] REISERFS (device loop3): checking transaction log (loop3) [ 689.195071][T18690] loop4: detected capacity change from 0 to 128 [ 689.271545][T18690] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 689.319627][T18690] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 689.417751][T18685] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[1 2 0(1) DIR], item_len 35, item_location 4029, free_space(entry_count) 2 [ 689.471888][T18685] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 531. Fsck? [ 689.525886][T18685] REISERFS (device loop3): Remounting filesystem read-only [ 689.534053][T18683] loop0: detected capacity change from 0 to 65536 [ 689.569288][T18685] REISERFS error (device loop3): vs-13070 reiserfs_read_locked_inode: i/o failure occurred trying to find stat data of [1 2 0x0 SD] [ 689.669351][T18683] XFS (loop0): Mounting V5 Filesystem [ 689.692498][T18685] REISERFS warning (device loop3): reiserfs_fill_super: corrupt root inode, run fsck [ 689.822458][T18683] XFS (loop0): Ending clean mount [ 689.906716][ T4227] XFS (loop0): Unmounting Filesystem [ 690.167363][T18692] loop4: detected capacity change from 0 to 32768 [ 690.255344][T18692] XFS (loop4): Mounting V5 Filesystem [ 690.479781][T18692] XFS (loop4): Ending clean mount [ 690.676125][ T4232] XFS (loop4): Unmounting Filesystem [ 691.323075][T18714] loop4: detected capacity change from 0 to 512 [ 691.393231][T18714] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 691.401098][T18714] UDF-fs: Scanning with blocksize 512 failed [ 691.504575][T18714] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 691.517986][T18714] UDF-fs: Scanning with blocksize 1024 failed [ 691.563010][T18714] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found [ 691.563898][T18716] loop2: detected capacity change from 0 to 2048 [ 691.588730][T18714] UDF-fs: Scanning with blocksize 2048 failed [ 691.617695][T18714] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 691.655171][T18716] loop2: p1 p2 p3 [ 691.659765][T18714] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 691.834585][ T4559] udevd[4559]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 691.847164][ T4306] udevd[4306]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 691.864864][ T4560] udevd[4560]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 692.089931][T18724] loop4: detected capacity change from 0 to 256 [ 692.225342][ T6051] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 692.691120][ T6051] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0xCE, skipping [ 692.900040][ T6051] usb 3-1: New USB device found, idVendor=2a39, idProduct=3fd4, bcdDevice= 0.40 [ 692.935537][ T6051] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 692.954881][ T6051] usb 3-1: Product: syz [ 692.959136][ T6051] usb 3-1: Manufacturer: syz [ 692.981612][ T6051] usb 3-1: SerialNumber: syz [ 693.458854][T18733] loop4: detected capacity change from 0 to 32768 [ 693.475873][ T6051] usb 3-1: MIDIStreaming interface descriptor not found [ 693.508710][T18710] loop3: detected capacity change from 0 to 131072 [ 693.537169][ T6051] usb 3-1: USB disconnect, device number 34 [ 693.581305][T18733] XFS (loop4): Mounting V5 Filesystem [ 693.677830][T18735] loop1: detected capacity change from 0 to 32768 [ 693.730942][T18733] XFS (loop4): Ending clean mount [ 693.892065][T18735] XFS (loop1): Mounting V5 Filesystem [ 693.936831][ T4232] XFS (loop4): Unmounting Filesystem [ 694.012035][ T6854] udevd[6854]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 694.123379][T18735] XFS (loop1): Ending clean mount [ 694.289730][ T4233] XFS (loop1): Unmounting Filesystem [ 694.757105][T18749] loop3: detected capacity change from 0 to 32768 [ 694.967125][T18749] XFS (loop3): Mounting V5 Filesystem [ 695.109121][T18749] XFS (loop3): Ending clean mount [ 695.254578][ T4241] XFS (loop3): Unmounting Filesystem [ 696.151804][T18837] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6316'. [ 696.199654][T18837] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6316'. [ 696.322500][T18843] loop0: detected capacity change from 0 to 64 [ 696.440471][T18853] program syz.2.6326 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 696.751409][T18870] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6332'. [ 696.800897][T18870] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6332'. [ 696.926913][T18879] loop1: detected capacity change from 0 to 164 [ 697.081111][T18879] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 697.483653][T18910] netlink: 'syz.2.6350': attribute type 9 has an invalid length. [ 697.520165][T18910] netlink: 'syz.2.6350': attribute type 7 has an invalid length. [ 697.562431][T18910] netlink: 'syz.2.6350': attribute type 8 has an invalid length. [ 697.582233][T18910] netlink: 'syz.2.6350': attribute type 13 has an invalid length. [ 697.597538][T18916] netlink: 88 bytes leftover after parsing attributes in process `syz.4.6353'. [ 697.832481][T18891] loop3: detected capacity change from 0 to 32768 [ 697.956252][T18939] loop0: detected capacity change from 0 to 16 [ 698.016855][T18939] erofs: (device loop0): mounted with root inode @ nid 36. [ 698.025631][T18891] XFS (loop3): Mounting V5 Filesystem [ 698.121731][T18891] XFS (loop3): Ending clean mount [ 698.178520][ T4241] XFS (loop3): Unmounting Filesystem [ 698.605796][T18963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6373'. [ 698.626964][T18963] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6373'. [ 698.801050][T18969] netlink: 'syz.1.6376': attribute type 21 has an invalid length. [ 698.851452][T18969] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6376'. [ 699.052718][T18975] netlink: 'syz.1.6378': attribute type 1 has an invalid length. [ 699.515524][T18995] tipc: Can't bind to reserved service type 2 [ 699.712621][T19005] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6393'. [ 699.755110][T19005] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6393'. [ 699.788953][T19007] netlink: 'syz.3.6394': attribute type 5 has an invalid length. [ 699.947747][T19014] netlink: 'syz.1.6397': attribute type 21 has an invalid length. [ 700.410141][T18955] loop2: detected capacity change from 0 to 65536 [ 700.502465][T19033] loop3: detected capacity change from 0 to 1024 [ 700.524314][T18957] loop0: detected capacity change from 0 to 65536 [ 700.598919][T18955] XFS (loop2): Mounting V5 Filesystem [ 700.681449][T19033] EXT4-fs (loop3): mounted filesystem without journal. Opts: nouid32,nodioread_nolock,noquota,jqfmt=vfsv1,journal_dev=0x0000000000000009,barrier,,errors=continue. Quota mode: none. [ 700.733272][T19033] ext4 filesystem being mounted at /1380/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 700.818685][T19033] EXT4-fs error (device loop3): ext4_xattr_block_find:1855: inode #15: comm syz.3.6406: corrupted xattr block 128 [ 700.832844][T18957] XFS (loop0): Mounting V5 Filesystem [ 700.983374][T18955] XFS (loop2): Ending clean mount [ 701.031675][T18957] XFS (loop0): Ending clean mount [ 701.160614][ T4234] XFS (loop2): Unmounting Filesystem [ 701.202574][ T4227] XFS (loop0): Unmounting Filesystem [ 701.587647][T19087] IPv6: Can't replace route, no match found [ 701.940082][T19099] netlink: 'syz.1.6432': attribute type 3 has an invalid length. [ 702.367886][T19125] loop3: detected capacity change from 0 to 64 [ 702.459627][T19125] attempt to access beyond end of device [ 702.459627][T19125] loop3: rw=2049, want=268435470, limit=64 [ 702.510794][T19125] Buffer I/O error on dev loop3, logical block 134217734, lost async page write [ 702.665038][T19137] loop2: detected capacity change from 0 to 1024 [ 702.696528][T19140] __nla_validate_parse: 3 callbacks suppressed [ 702.696548][T19140] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6451'. [ 702.768553][T19143] loop3: detected capacity change from 0 to 64 [ 702.813515][T19147] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6454'. [ 702.867500][T19151] ufs: You didn't specify the type of your ufs filesystem [ 702.867500][T19151] [ 702.867500][T19151] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 702.867500][T19151] [ 702.867500][T19151] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 702.975033][T19151] ufs: ufstype=old is supported read-only [ 702.989775][T19151] ufs: ufs_fill_super(): bad magic number [ 703.065573][T19162] libceph: resolve '0.0' (ret=-3): failed [ 703.099446][T19165] loop4: detected capacity change from 0 to 256 [ 703.284874][T19165] FAT-fs (loop4): error, corrupted directory (invalid entries) [ 703.303574][T19165] FAT-fs (loop4): Filesystem has been set read-only [ 703.332060][T19167] loop0: detected capacity change from 0 to 8192 [ 703.399946][T19181] libceph: resolve '0..' (ret=-3): failed [ 703.401523][T19186] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6472'. [ 703.424552][T19167] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 703.444516][T19167] REISERFS (device loop0): using ordered data mode [ 703.453355][T19186] netlink: 76 bytes leftover after parsing attributes in process `syz.3.6472'. [ 703.476357][T19167] reiserfs: using flush barriers [ 703.498816][T19167] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 703.518981][T19167] REISERFS (device loop0): checking transaction log (loop0) [ 703.569929][T19167] REISERFS (device loop0): Using tea hash to sort names [ 703.603268][T19167] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 703.650795][T19199] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6477'. [ 703.956566][T19216] x_tables: unsorted underflow at hook 1 [ 704.558348][ T1111] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 704.776171][T19252] loop1: detected capacity change from 0 to 64 [ 704.836237][ T1111] usb 1-1: Using ep0 maxpacket: 8 [ 705.039367][ T1111] usb 1-1: unable to get BOS descriptor or descriptor too short [ 705.125018][T19266] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6511'. [ 705.157002][ T1111] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 705.164350][T19266] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6511'. [ 705.188758][ T1111] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 705.248105][T19271] loop1: detected capacity change from 0 to 64 [ 705.441183][ T1111] usb 1-1: New USB device found, idVendor=2466, idProduct=8010, bcdDevice= 0.40 [ 705.481457][ T1111] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 705.505692][ T1111] usb 1-1: Product: syz [ 705.527874][ T1111] usb 1-1: Manufacturer: syz [ 705.546958][ T1111] usb 1-1: SerialNumber: syz [ 705.749220][T19302] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6528'. [ 705.940170][T19314] bad cache= option: nonw [ 705.940170][T19314] [ 705.963381][T19314] CIFS: VFS: bad cache= option: nonw [ 706.204418][ T1111] usb 1-1: cannot find UAC_HEADER [ 706.262028][ T1111] snd-usb-audio: probe of 1-1:1.0 failed with error -22 [ 706.297909][ T1111] usb 1-1: USB disconnect, device number 18 [ 706.310417][ T4306] udevd[4306]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 706.476069][T19344] loop1: detected capacity change from 0 to 8 [ 706.694660][T19357] loop3: detected capacity change from 0 to 128 [ 706.755736][T19361] netlink: 'syz.4.6557': attribute type 32 has an invalid length. [ 706.799950][T19357] EXT4-fs (loop3): Test dummy encryption mode enabled [ 706.853383][T19357] EXT4-fs (loop3): mounted filesystem without journal. Opts: discard,dioread_lock,test_dummy_encryption,,errors=continue. Quota mode: none. [ 706.869830][T19357] ext4 filesystem being mounted at /1418/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 706.901959][ C0] vkms_vblank_simulate: vblank timer overrun [ 706.920819][ T4275] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 707.066520][T19357] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 707.202534][T19390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6567'. [ 707.311090][ T4275] usb 3-1: config 0 has an invalid interface number: 120 but max is 0 [ 707.325807][ T4275] usb 3-1: config 0 has no interface number 0 [ 707.351010][ T4275] usb 3-1: config 0 interface 120 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 707.392985][ T4275] usb 3-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58 [ 707.430110][ T4275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 707.483735][ T4275] usb 3-1: config 0 descriptor?? [ 707.573376][ T4275] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.120/input/input47 [ 707.679149][T12784] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 707.824329][ T5687] usb 3-1: USB disconnect, device number 35 [ 707.877693][T19422] netlink: 'syz.3.6582': attribute type 11 has an invalid length. [ 707.912857][T19422] netlink: 140 bytes leftover after parsing attributes in process `syz.3.6582'. [ 708.064035][T12784] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 708.105811][T12784] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 708.126124][T12784] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping [ 708.320479][T12784] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 708.346539][ T6051] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 708.351127][T12784] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 708.388217][T19451] netlink: 180 bytes leftover after parsing attributes in process `syz.3.6596'. [ 708.394999][T12784] usb 1-1: Product: syz [ 708.404879][T19451] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6596'. [ 708.410911][T12784] usb 1-1: Manufacturer: syz [ 708.424606][T19451] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6596'. [ 708.437781][T12784] usb 1-1: SerialNumber: syz [ 708.455778][T19451] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6596'. [ 708.579653][T19461] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6601'. [ 708.790737][T12784] usb 1-1: 0:2 : does not exist [ 708.833347][ T6051] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 708.857723][ T6051] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 708.858568][T12784] usb 1-1: USB disconnect, device number 19 [ 708.891772][ T6051] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 708.925545][ T4306] udevd[4306]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 708.951448][ T6051] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 708.971295][ T6051] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 709.007541][ T6051] usb 2-1: config 0 descriptor?? [ 709.091612][ T6051] hub 2-1:0.0: USB hub found [ 709.178805][T19489] loop4: detected capacity change from 0 to 128 [ 709.244918][T19489] EXT4-fs (loop4): Test dummy encryption mode enabled [ 709.302515][T19489] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,dioread_lock,test_dummy_encryption,,errors=continue. Quota mode: none. [ 709.334730][T19489] ext4 filesystem being mounted at /1319/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 709.367736][ T6051] hub 2-1:0.0: 14 ports detected [ 709.399724][ T6051] hub 2-1:0.0: insufficient power available to use all downstream ports [ 709.507904][T19503] loop0: detected capacity change from 0 to 512 [ 709.522324][T19503] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 709.569399][T19507] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6620'. [ 709.593834][T19507] netlink: 17 bytes leftover after parsing attributes in process `syz.4.6620'. [ 709.604022][ T6051] hub 2-1:0.0: hub_hub_status failed (err = -71) [ 709.607594][T19503] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.6621: casefold flag without casefold feature [ 709.610976][ T6051] hub 2-1:0.0: config failed, can't get hub status (err -71) [ 709.700189][ T6051] usb 2-1: USB disconnect, device number 32 [ 709.709125][T19503] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.6621: couldn't read orphan inode 15 (err -117) [ 709.714979][ T5680] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 709.739458][T19503] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 709.797421][T19503] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #2: block 4: comm syz.0.6621: lblock 0 mapped to illegal pblock 4 (length 1) [ 709.998440][ T5680] usb 3-1: Using ep0 maxpacket: 8 [ 710.126363][ T5680] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 710.147655][ T5680] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 710.157463][ T5680] usb 3-1: New USB device found, idVendor=07c0, idProduct=1504, bcdDevice=30.22 [ 710.201055][ T5680] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 710.217890][ T5687] usb 5-1: new full-speed USB device number 15 using dummy_hcd [ 710.227161][ T5680] usb 3-1: config 0 descriptor?? [ 710.266780][ T5680] iowarrior 3-1:0.0: no interrupt-out endpoint found [ 710.618130][ T5687] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 710.628552][ T5687] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xE2, skipping [ 710.821432][ T5687] usb 5-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1 [ 710.830537][ T5687] usb 5-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3 [ 710.871274][ T5687] usb 5-1: Product: syz [ 710.875933][ T5687] usb 5-1: Manufacturer: syz [ 710.882955][ T5687] usb 5-1: SerialNumber: syz [ 710.902962][ T5687] usb 5-1: config 0 descriptor?? [ 710.967720][ T5687] imon_raw 5-1:0.0: IR endpoint missing [ 711.206317][ T5687] usb 5-1: USB disconnect, device number 15 [ 711.278236][T19566] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 711.294648][T19566] bond0: (slave lo): Error: Device can not be enslaved while up [ 711.303022][T19569] netlink: 64 bytes leftover after parsing attributes in process `syz.0.6652'. [ 711.568371][T19581] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6656'. [ 711.644085][T19581] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6656'. [ 711.830752][T19594] bridge2: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms) [ 711.921580][T19594] bridge2: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms) [ 711.965473][T19594] device bridge2 entered promiscuous mode [ 712.283798][T19625] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 712.674893][T12784] usb 3-1: USB disconnect, device number 36 [ 712.830293][ T4275] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 713.115494][T19678] device hsr_slave_0 left promiscuous mode [ 713.172899][T19678] device hsr_slave_1 left promiscuous mode [ 713.386244][ T4275] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 713.428754][T12784] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 713.436602][ T4275] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 713.455779][ T4275] usb 2-1: Product: syz [ 713.470623][T19697] device gtp0 entered promiscuous mode [ 713.470891][ T4275] usb 2-1: Manufacturer: syz [ 713.498552][ T4275] usb 2-1: SerialNumber: syz [ 713.568749][ T4275] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 713.866980][T12784] usb 3-1: unable to get BOS descriptor or descriptor too short [ 713.952575][T12784] usb 3-1: config 66 has an invalid interface number: 168 but max is 0 [ 713.961116][T12784] usb 3-1: config 66 has an invalid descriptor of length 30, skipping remainder of the config [ 713.980898][T12784] usb 3-1: config 66 has no interface number 0 [ 713.991817][T12784] usb 3-1: config 66 interface 168 altsetting 131 has 0 endpoint descriptors, different from the interface descriptor's value: 20 [ 714.058832][T12784] usb 3-1: config 66 interface 168 has no altsetting 0 [ 714.192421][T19742] netlink: 'syz.0.6723': attribute type 2 has an invalid length. [ 714.230300][T12784] usb 3-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=a4.95 [ 714.239394][T12784] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 714.262909][ T5687] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 714.288252][T12784] usb 3-1: Product: syz [ 714.292961][T12784] usb 3-1: Manufacturer: syz [ 714.309410][T12784] usb 3-1: SerialNumber: syz [ 714.410639][T19754] loop3: detected capacity change from 0 to 8 [ 714.466154][T19754] SQUASHFS error: Unable to read inode 0xe3 [ 714.662238][T12784] usb 3-1: USB disconnect, device number 37 [ 714.711113][ T21] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 714.738936][ T6051] usb 2-1: USB disconnect, device number 33 [ 715.095939][ T21] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 715.095939][ T4272] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 715.113135][ T21] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 715.123768][ T21] usb 1-1: config 0 descriptor?? [ 715.168768][T19781] __nla_validate_parse: 8 callbacks suppressed [ 715.168788][T19781] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6743'. [ 715.209278][T19781] device hsr_slave_0 left promiscuous mode [ 715.216178][T19781] device hsr_slave_1 left promiscuous mode [ 715.376106][ T5687] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 715.392914][ T5687] ath9k_htc: Failed to initialize the device [ 715.415136][ T6051] usb 2-1: ath9k_htc: USB layer deinitialized [ 715.673445][ T21] usb 1-1: Cannot set MAC address [ 715.679510][ T21] MOSCHIP usb-ethernet driver: probe of 1-1:0.0 failed with error -71 [ 715.705193][ T21] usb 1-1: USB disconnect, device number 20 [ 715.715987][ T4272] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 715.725112][ T4272] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 715.756063][ T4272] usb 4-1: Product: syz [ 715.779913][ T4272] usb 4-1: Manufacturer: syz [ 715.784598][ T4272] usb 4-1: SerialNumber: syz [ 715.810103][ T4272] usb 4-1: config 0 descriptor?? [ 715.816065][T19816] netlink: 14 bytes leftover after parsing attributes in process `syz.1.6761'. [ 715.855382][T19816] device hsr_slave_0 left promiscuous mode [ 715.862025][T19816] device hsr_slave_1 left promiscuous mode [ 715.888075][ T4272] ch341 4-1:0.0: ch341-uart converter detected [ 716.028296][T19826] libceph: resolve '0' (ret=-3): failed [ 716.132727][ T4272] usb 4-1: short control message received (0 < 2) [ 716.139927][ T4272] usb 4-1: failed to receive control message: -5 [ 716.165518][ T4272] ch341-uart: probe of ttyUSB0 failed with error -5 [ 716.175574][T19832] netlink: 'syz.2.6769': attribute type 1 has an invalid length. [ 716.183437][T19832] netlink: 224 bytes leftover after parsing attributes in process `syz.2.6769'. [ 716.250166][T19832] NCSI netlink: No device for ifindex 0 [ 716.349710][ T4272] usb 4-1: USB disconnect, device number 22 [ 716.356630][ T4272] ch341 4-1:0.0: device disconnected [ 716.373838][T19842] ieee802154 phy0 wpan0: encryption failed: -22 [ 716.513949][T19854] netlink: 'syz.2.6779': attribute type 10 has an invalid length. [ 716.548501][T19854] netlink: 40 bytes leftover after parsing attributes in process `syz.2.6779'. [ 716.569162][T19854] device team0 entered promiscuous mode [ 716.587757][T19854] device team_slave_0 entered promiscuous mode [ 716.602952][T19854] device team_slave_1 entered promiscuous mode [ 716.616447][T19854] bridge0: port 3(team0) entered blocking state [ 716.622922][T19854] bridge0: port 3(team0) entered disabled state [ 716.631233][T19854] bridge0: port 3(team0) entered blocking state [ 716.638234][T19854] bridge0: port 3(team0) entered forwarding state [ 716.647989][T19856] device sit0 entered promiscuous mode [ 716.668420][T19856] netlink: 'syz.4.6781': attribute type 1 has an invalid length. [ 716.682317][ T21] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 716.691866][T19856] netlink: 1 bytes leftover after parsing attributes in process `syz.4.6781'. [ 717.073127][ T21] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 717.083378][ T21] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 717.115676][ T21] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 717.166632][T19882] loop3: detected capacity change from 0 to 4096 [ 717.171676][T19878] loop4: detected capacity change from 0 to 4096 [ 717.203619][ T21] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 717.217099][T19882] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512) [ 717.255104][T19878] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 717.450584][T19878] ntfs3: loop4: failed to convert "c46c" to macroman [ 717.823797][T19916] netlink: 'syz.4.6811': attribute type 1 has an invalid length. [ 717.836004][T19916] netlink: 228 bytes leftover after parsing attributes in process `syz.4.6811'. [ 717.915032][T19920] loop4: detected capacity change from 0 to 512 [ 718.057680][T19920] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 718.090797][T19920] ext4 filesystem being mounted at /1370/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 718.262417][T19914] loop3: detected capacity change from 0 to 32768 [ 718.281611][T19920] fs-verity (loop4, inode 15): Unrecognized descriptor size: 0 bytes [ 718.336230][T19914] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.6810 (19914) [ 718.409052][ T21] stv0680 2-1:4.0: STV(e): camera ping failed!! [ 718.456964][T19914] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 718.498249][T19914] BTRFS info (device loop3): force clearing of disk cache [ 718.512629][T19914] BTRFS info (device loop3): use no compression [ 718.523783][T19914] BTRFS info (device loop3): setting nodatacow, compression disabled [ 718.542393][T19947] netlink: 72 bytes leftover after parsing attributes in process `syz.0.6826'. [ 718.555701][T19914] BTRFS info (device loop3): enabling disk space caching [ 718.582965][T19914] BTRFS info (device loop3): disk space caching is enabled [ 718.633443][T19914] BTRFS info (device loop3): has skinny extents [ 718.644323][ T21] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 718.660072][ T21] stv0680 2-1:4.0: last error: 28, command = 0x81 [ 718.680895][ T21] usb 2-1: USB disconnect, device number 34 [ 718.955952][T19982] loop4: detected capacity change from 0 to 512 [ 718.986488][T19982] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 719.013813][T19914] BTRFS info (device loop3): enabling ssd optimizations [ 719.023369][T19914] BTRFS info (device loop3): clearing free space tree [ 719.033468][T19914] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 719.043675][T19914] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 719.044067][T19982] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 719.060323][T19914] BTRFS info (device loop3): checking UUID tree [ 719.098771][ T6051] usb 3-1: new full-speed USB device number 38 using dummy_hcd [ 719.153453][T19982] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.6833: bg 0: block 248: padding at end of block bitmap is not set [ 719.248229][T19982] Quota error (device loop4): write_blk: dquota write failed [ 719.270943][T19982] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 719.288477][T19982] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.6833: Failed to acquire dquot type 1 [ 719.331821][T19982] EXT4-fs (loop4): 1 truncate cleaned up [ 719.357133][T19982] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,,errors=continue. Quota mode: writeback. [ 719.474244][T19982] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 719.541004][ T6051] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 719.584652][T19982] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 719.649136][T19982] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.6833: Failed to acquire dquot type 1 [ 719.787941][ T6051] usb 3-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55 [ 719.797122][ T6051] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 719.827519][ T1261] Quota error (device loop4): remove_tree: Getting block too big (0 >= 6) [ 719.836457][ T6051] usb 3-1: Product: syz [ 719.840699][ T6051] usb 3-1: Manufacturer: syz [ 719.849048][ T1261] EXT4-fs error (device loop4): ext4_release_dquot:6270: comm kworker/u4:4: Failed to release dquot type 1 [ 719.867215][ T6051] usb 3-1: SerialNumber: syz [ 719.890267][ T6051] usb 3-1: config 0 descriptor?? [ 720.025399][T20019] sctp: [Deprecated]: syz.1.6850 (pid 20019) Use of int in maxseg socket option. [ 720.025399][T20019] Use struct sctp_assoc_value instead [ 720.189095][ T6051] cdc_subset: probe of 3-1:0.0 failed with error -22 [ 720.269799][T20035] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6856'. [ 720.414065][ T6051] usb 3-1: USB disconnect, device number 38 [ 720.487078][T20049] loop3: detected capacity change from 0 to 512 [ 720.671702][T20049] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 720.701570][T20049] ext4 filesystem being mounted at /1484/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 720.791513][T20049] fs-verity (loop3, inode 15): Unrecognized descriptor size: 0 bytes [ 720.811069][T20072] netlink: 748 bytes leftover after parsing attributes in process `syz.1.6874'. [ 720.938275][T20079] blk_update_request: I/O error, dev loop4, sector 128 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0 [ 720.963065][T20079] gfs2: error 10 reading superblock [ 721.118142][T20082] XFS (nullb0): Invalid superblock magic number [ 721.281664][T20094] loop4: detected capacity change from 0 to 4096 [ 721.396474][T20094] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 721.430553][T20094] ntfs3: loop4: Failed to load $Extend. [ 721.535160][T20113] netlink: 'syz.0.6891': attribute type 10 has an invalid length. [ 721.615494][T20113] device syz_tun entered promiscuous mode [ 721.655303][T20113] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 721.702752][T20122] netlink: 'syz.2.6896': attribute type 1 has an invalid length. [ 721.813165][T20127] netlink: 132 bytes leftover after parsing attributes in process `syz.3.6898'. [ 721.980773][T20137] netlink: 'syz.1.6903': attribute type 5 has an invalid length. [ 722.019820][T20137] device ip6erspan0 entered promiscuous mode [ 722.041940][T20140] libceph: resolve 'cc' (ret=-3): failed [ 722.085765][T20142] xt_CT: You must specify a L4 protocol and not use inversions on it [ 722.305240][T20155] tmpfs: Bad value for 'mpol' [ 722.471864][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 722.478336][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 722.485077][ T21] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 722.540583][T20172] tmpfs: Bad value for 'mpol' [ 722.948988][T20198] netlink: 52 bytes leftover after parsing attributes in process `syz.1.6933'. [ 722.972379][ T1111] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 722.980152][T20202] misc userio: Invalid payload size [ 723.030508][T20204] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.6936'. [ 723.053337][ T21] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 723.079516][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 723.111367][ T21] usb 1-1: Product: syz [ 723.115694][ T21] usb 1-1: Manufacturer: syz [ 723.120400][ T21] usb 1-1: SerialNumber: syz [ 723.187211][ T21] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 723.349791][T20220] netlink: 100 bytes leftover after parsing attributes in process `syz.2.6944'. [ 723.370272][T20222] netlink: 'syz.1.6945': attribute type 9 has an invalid length. [ 723.399848][T20222] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.6945'. [ 723.443442][ T1111] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 723.454712][ T1111] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 723.461152][T20226] loop4: detected capacity change from 0 to 512 [ 723.477019][ T1111] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 723.506699][ T1111] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 723.528289][T20226] EXT4-fs (loop4): Ignoring removed bh option [ 723.534891][T20226] EXT4-fs (loop4): inline encryption not supported [ 723.541814][ T1111] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 723.560480][T20226] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 723.582314][ T1111] usb 4-1: config 0 descriptor?? [ 723.613139][T20230] loop1: detected capacity change from 0 to 1024 [ 723.626851][T20226] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 723.661651][T20226] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.6946: bg 0: block 248: padding at end of block bitmap is not set [ 723.679214][T20226] Quota error (device loop4): write_blk: dquota write failed [ 723.687090][T20226] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 723.699596][T20226] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.6946: Failed to acquire dquot type 1 [ 723.717916][T20230] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 723.735152][T20230] EXT4-fs error (device loop1): ext4_get_journal_inode:5185: inode #32: comm syz.1.6949: iget: special inode unallocated [ 723.759342][T20230] EXT4-fs (loop1): no journal found [ 723.766207][T20226] EXT4-fs (loop4): 1 truncate cleaned up [ 723.771923][T20226] EXT4-fs (loop4): mounted filesystem without journal. Opts: bh,inlinecrypt,nombcache,,errors=continue. Quota mode: writeback. [ 723.785252][T20230] EXT4-fs (loop1): can't get journal size [ 723.802368][T20230] EXT4-fs (loop1): filesystem is read-only [ 723.808567][ T5680] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 723.847126][T20230] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,noload,noblock_validity,bsdgroups,resuid=0x0000000000000000,. Quota mode: none. [ 723.887092][ T1111] usb 4-1: USB disconnect, device number 23 [ 723.943220][ T1261] Quota error (device loop4): remove_tree: Getting block too big (0 >= 6) [ 723.960833][ T1261] EXT4-fs error (device loop4): ext4_release_dquot:6270: comm kworker/u4:4: Failed to release dquot type 1 [ 724.062172][T20248] --map-set only usable from mangle table [ 724.287094][ T21] usb 1-1: USB disconnect, device number 21 [ 724.764267][T20289] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6976'. [ 724.797322][T20289] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6976'. [ 724.955296][ T5680] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 724.968033][ T5680] ath9k_htc: Failed to initialize the device [ 725.009448][ T21] usb 1-1: ath9k_htc: USB layer deinitialized [ 725.137919][T20315] comedi comedi1: ni_at_a2150: I/O port conflict (0x28,28) [ 725.713284][T20349] netlink: 798 bytes leftover after parsing attributes in process `syz.3.7007'. [ 725.742885][T20346] loop4: detected capacity change from 0 to 4096 [ 725.836633][ T1111] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 725.874144][T20346] ntfs: (device loop4): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 725.897167][T20346] ntfs: (device loop4): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 725.940544][T20346] ntfs: (device loop4): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 725.949527][T20359] netlink: 'syz.2.7011': attribute type 15 has an invalid length. [ 725.964707][T20346] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 725.968637][T20359] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7011'. [ 725.997069][T20346] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 726.042102][T20346] ntfs: volume version 3.1. [ 726.042385][T20361] loop3: detected capacity change from 0 to 512 [ 726.060543][T20346] ntfs: (device loop4): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 726.092997][T20346] ntfs: (device loop4): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 726.118650][T20361] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 726.156776][T20346] ntfs: (device loop4): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 726.203629][T20361] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 726.222907][T20346] ntfs: (device loop4): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is corrupt. [ 726.243359][T20346] ntfs: (device loop4): ntfs_read_locked_index_inode(): Failed with error code -5 while reading index inode (mft_no 0x18, name_len 2. [ 726.296331][ T1111] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 726.313086][T20361] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.7012: bg 0: block 248: padding at end of block bitmap is not set [ 726.314416][ T1111] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 726.338767][ T1111] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 726.352575][T20367] netlink: 'syz.1.7013': attribute type 19 has an invalid length. [ 726.366863][T20361] EXT4-fs error (device loop3): ext4_acquire_dquot:6234: comm syz.3.7012: Failed to acquire dquot type 1 [ 726.396415][T20361] EXT4-fs (loop3): 1 truncate cleaned up [ 726.407879][T20367] netlink: 5 bytes leftover after parsing attributes in process `syz.1.7013'. [ 726.413997][T20361] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,,errors=continue. Quota mode: writeback. [ 726.455282][T20371] device bridge1 entered promiscuous mode [ 726.559635][T20361] EXT4-fs error (device loop3): ext4_acquire_dquot:6234: comm syz.3.7012: Failed to acquire dquot type 1 [ 726.606218][ T1111] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 726.615314][ T1111] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 726.633122][ T1111] usb 1-1: Product: syz [ 726.642118][ T1111] usb 1-1: Manufacturer: syz [ 726.646755][ T1111] usb 1-1: SerialNumber: syz [ 726.690816][ T1284] EXT4-fs error (device loop3): ext4_release_dquot:6270: comm kworker/u4:5: Failed to release dquot type 1 [ 726.714749][ T1111] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found [ 726.721680][ T1111] cdc_ncm 1-1:1.0: bind() failure [ 727.060502][ T1111] usb 1-1: USB disconnect, device number 22 [ 727.306487][T20403] netlink: 176 bytes leftover after parsing attributes in process `syz.4.7032'. [ 727.343631][T20403] IPv6: NLM_F_CREATE should be specified when creating new route [ 727.372001][T20403] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 727.379327][T20403] IPv6: NLM_F_CREATE should be set when creating new route [ 727.491459][T20373] loop2: detected capacity change from 0 to 32768 [ 727.715344][T20373] XFS (loop2): Mounting V5 Filesystem [ 727.807260][T20441] loop1: detected capacity change from 0 to 256 [ 727.876584][T20373] XFS (loop2): Ending clean mount [ 728.142558][ T4234] XFS (loop2): Unmounting Filesystem [ 728.178782][T20454] netlink: 56 bytes leftover after parsing attributes in process `syz.0.7053'. [ 728.325459][T20450] loop4: detected capacity change from 0 to 4096 [ 728.428121][T20450] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512) [ 728.462074][T20464] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 728.753345][T20474] xt_ipcomp: unknown flags 12 [ 728.965281][T20484] netlink: 'syz.1.7068': attribute type 10 has an invalid length. [ 729.061283][T20486] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7070'. [ 729.232042][T20496] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7075'. [ 729.438371][T20510] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 729.621828][T20521] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:11d2:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 729.737391][ T5680] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 729.774421][T20528] loop0: detected capacity change from 0 to 1024 [ 729.981337][T20528] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 730.004676][ T5680] usb 4-1: Using ep0 maxpacket: 16 [ 730.132989][ T5680] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 730.154549][ T5680] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 730.209312][T20554] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7102'. [ 730.250520][T20554] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 730.349161][ T5680] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 730.373663][ T5680] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 730.407325][ T5680] usb 4-1: Product: syz [ 730.422084][ T5680] usb 4-1: Manufacturer: syz [ 730.438271][ T5680] usb 4-1: SerialNumber: syz [ 730.685504][T20586] loop4: detected capacity change from 0 to 256 [ 730.765444][T20590] netlink: 'syz.0.7119': attribute type 27 has an invalid length. [ 730.806203][ T5680] usb 4-1: 0:2 : does not exist [ 730.838322][ T5680] usb 4-1: USB disconnect, device number 24 [ 730.843374][T20593] device geneve2 entered promiscuous mode [ 730.892585][T20593] IPv6: ADDRCONF(NETDEV_CHANGE): geneve2: link becomes ready [ 731.193853][T20617] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app [ 731.336224][T20625] ieee802154 phy0 wpan0: encryption failed: -22 [ 731.351748][T20627] nftables ruleset with unbound chain [ 731.515918][ T4306] udevd[4306]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 731.580100][T20641] loop1: detected capacity change from 0 to 2048 [ 731.682291][T20641] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 731.725190][ T21] usb 3-1: new full-speed USB device number 39 using dummy_hcd [ 731.778844][ T5680] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 731.839282][T20630] loop3: detected capacity change from 0 to 32768 [ 731.928325][ T5675] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 731.960726][T20630] XFS (loop3): Mounting V5 Filesystem [ 732.035279][ T21] usb 3-1: too many configurations: 129, using maximum allowed: 8 [ 732.043259][ T5680] usb 1-1: Using ep0 maxpacket: 8 [ 732.120839][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 732.172177][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 14336, setting to 64 [ 732.195502][ T5680] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 732.237153][ T5680] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid wMaxPacketSize 0 [ 732.273059][ T5680] usb 1-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 732.304678][ T5680] usb 1-1: config 0 interface 0 has no altsetting 0 [ 732.327897][T20630] XFS (loop3): Ending clean mount [ 732.335090][ T5675] usb 5-1: config 0 has an invalid interface number: 83 but max is 0 [ 732.343504][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 732.367219][ T5675] usb 5-1: config 0 has no interface number 0 [ 732.373381][ T5675] usb 5-1: config 0 interface 83 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 732.384567][ T4241] XFS (loop3): Unmounting Filesystem [ 732.387894][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 14336, setting to 64 [ 732.416125][ T5675] usb 5-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61 [ 732.430901][ T5675] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 732.471676][ T5675] usb 5-1: config 0 descriptor?? [ 732.498588][ T5680] usb 1-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 732.508199][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 732.526411][ T5680] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 732.536893][ T5675] ttusbir 5-1:0.83: cannot find expected altsetting [ 732.545848][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 14336, setting to 64 [ 732.568467][ T5680] usb 1-1: Product: syz [ 732.573442][ T5680] usb 1-1: Manufacturer: syz [ 732.578539][ T5680] usb 1-1: SerialNumber: syz [ 732.592641][ T5680] usb 1-1: config 0 descriptor?? [ 732.636549][ T5680] snd_usb_toneport 1-1:0.0: Line 6 TonePort UX2 found [ 732.665722][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 732.678382][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 14336, setting to 64 [ 732.763611][ T5675] usb 5-1: USB disconnect, device number 16 [ 732.774022][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 732.815539][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 14336, setting to 64 [ 732.870426][ T5680] snd_usb_toneport 1-1:0.0: cannot get proper max packet size [ 732.891526][ T5680] snd_usb_toneport 1-1:0.0: Line 6 TonePort UX2 now disconnected [ 732.912476][ T5680] snd_usb_toneport: probe of 1-1:0.0 failed with error -22 [ 732.943670][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 732.982848][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 14336, setting to 64 [ 733.095364][T20693] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7164'. [ 733.115548][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 733.124333][ T6048] usb 1-1: USB disconnect, device number 23 [ 733.146066][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 14336, setting to 64 [ 733.169907][T20695] netlink: 'syz.1.7165': attribute type 5 has an invalid length. [ 733.243092][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10 [ 733.264810][ T21] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 14336, setting to 64 [ 733.279545][T20699] loop1: detected capacity change from 0 to 4096 [ 733.363344][T20699] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 733.371028][ T5675] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 733.446143][ T21] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 733.456589][T20703] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.7169'. [ 733.467369][ T21] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 733.475491][ T21] usb 3-1: Product: syz [ 733.501367][ T21] usb 3-1: Manufacturer: syz [ 733.506497][T20699] ntfs3: loop1: failed to convert "c46c" to cp437 [ 733.512022][ T21] usb 3-1: SerialNumber: syz [ 733.539227][ T21] usb 3-1: config 0 descriptor?? [ 733.587414][ T21] hub 3-1:0.0: Invalid hub with more than one config or interface [ 733.611930][ T21] hub: probe of 3-1:0.0 failed with error -22 [ 733.638413][ T21] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input50 [ 733.648777][ T5675] usb 4-1: Using ep0 maxpacket: 16 [ 733.778028][ T5675] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 192, changing to 11 [ 733.817996][T20711] loop1: detected capacity change from 0 to 2048 [ 733.824477][ T5675] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8 [ 733.862488][ T5675] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 733.898913][T20717] loop0: detected capacity change from 0 to 8 [ 733.946887][ T21] usb 3-1: USB disconnect, device number 39 [ 733.952915][ C1] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 733.984294][T20717] SQUASHFS error: Unable to read directory block [1d0:0] [ 734.001654][ T5675] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 734.018064][ T5675] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 734.037458][ T5675] usb 4-1: SerialNumber: syz [ 734.044232][T20711] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 734.082891][T20691] raw-gadget.2 gadget: fail, usb_ep_enable returned -22 [ 734.150076][T20727] netlink: 88 bytes leftover after parsing attributes in process `syz.4.7182'. [ 734.332919][ T5675] cdc_ether: probe of 4-1:1.0 failed with error -71 [ 734.357133][ T5675] usb 4-1: USB disconnect, device number 25 [ 734.756099][T20758] netlink: 'syz.4.7196': attribute type 1 has an invalid length. [ 734.929971][T20764] loop4: detected capacity change from 0 to 2048 [ 735.013599][T20764] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 735.083211][T20772] binder: 20769:20772 ioctl c018620c 200000000a80 returned -1 [ 735.102706][ T4306] udevd[4306]: incorrect nilfs2 checksum on /dev/loop4 [ 735.133622][T20775] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 735.238352][T20780] loop0: detected capacity change from 0 to 512 [ 735.281649][T20780] EXT4-fs (loop0): Ignoring removed bh option [ 735.303541][T20780] EXT4-fs (loop0): inline encryption not supported [ 735.354855][T20780] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 735.479179][T20780] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 735.551912][T20780] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.7206: bg 0: block 248: padding at end of block bitmap is not set [ 735.594325][T20798] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (2049) [ 735.635834][T20780] __quota_error: 9 callbacks suppressed [ 735.635856][T20780] Quota error (device loop0): write_blk: dquota write failed [ 735.707108][T20780] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 735.757411][T20780] EXT4-fs error (device loop0): ext4_acquire_dquot:6234: comm syz.0.7206: Failed to acquire dquot type 1 [ 735.823469][T20780] EXT4-fs (loop0): 1 truncate cleaned up [ 735.835244][T20780] EXT4-fs (loop0): mounted filesystem without journal. Opts: bh,inlinecrypt,nombcache,,errors=continue. Quota mode: writeback. [ 736.053686][ T6048] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 736.076219][ T144] Quota error (device loop0): remove_tree: Getting block too big (0 >= 6) [ 736.084841][ T144] EXT4-fs error (device loop0): ext4_release_dquot:6270: comm kworker/u4:1: Failed to release dquot type 1 [ 736.239396][T20837] xt_CT: You must specify a L4 protocol and not use inversions on it [ 736.331256][ T6048] usb 3-1: Using ep0 maxpacket: 8 [ 736.383987][T20843] openvswitch: netlink: Actions may not be safe on all matching packets [ 736.481334][ T6048] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 256, setting to 64 [ 736.510386][ T6048] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0 [ 736.541094][ T6048] usb 3-1: config 0 interface 0 has no altsetting 0 [ 736.595534][T20858] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7243'. [ 736.645452][T20860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7244'. [ 736.769720][ T6048] usb 3-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e [ 736.788158][ T6048] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 736.818856][ T6048] usb 3-1: Product: syz [ 736.829029][ T6048] usb 3-1: Manufacturer: syz [ 736.850751][ T6048] usb 3-1: SerialNumber: syz [ 736.884385][ T6048] usb 3-1: config 0 descriptor?? [ 736.954120][ T6048] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 found [ 737.177738][ T6048] snd_usb_toneport 3-1:0.0: cannot get proper max packet size [ 737.196456][ T6048] snd_usb_toneport 3-1:0.0: Line 6 TonePort UX2 now disconnected [ 737.207693][ T5675] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 737.225662][ T6048] snd_usb_toneport: probe of 3-1:0.0 failed with error -22 [ 737.239880][ T21] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 737.327841][T20901] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7263'. [ 737.438130][ T6048] usb 3-1: USB disconnect, device number 40 [ 737.496316][ T21] usb 1-1: Using ep0 maxpacket: 8 [ 737.534473][T20909] loop3: detected capacity change from 0 to 8192 [ 737.566769][T20909] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 737.583577][T20909] REISERFS (device loop3): using ordered data mode [ 737.612096][T20909] reiserfs: using flush barriers [ 737.617430][ T5675] usb 2-1: New USB device found, idVendor=041e, idProduct=400c, bcdDevice=af.98 [ 737.627086][ T21] usb 1-1: config 7 has an invalid interface number: 184 but max is 0 [ 737.635400][T20909] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 737.635618][ T21] usb 1-1: config 7 has no interface number 0 [ 737.658270][ T5675] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 737.667533][ T21] usb 1-1: config 7 interface 184 has no altsetting 0 [ 737.675314][ T5675] usb 2-1: config 0 descriptor?? [ 737.684270][T20909] REISERFS (device loop3): checking transaction log (loop3) [ 737.706712][T20909] REISERFS (device loop3): Using r5 hash to sort names [ 737.723180][ T5675] pwc: Creative Labs Webcam 5 detected. [ 737.729348][T20909] REISERFS warning (device loop3): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 737.753030][T20909] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 737.849093][ T21] usb 1-1: New USB device found, idVendor=12d1, idProduct=2f7b, bcdDevice=de.da [ 737.858222][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 737.868193][ T21] usb 1-1: Product: syz [ 737.873146][ T21] usb 1-1: Manufacturer: syz [ 737.877866][ T21] usb 1-1: SerialNumber: syz [ 737.914699][T20914] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7271'. [ 737.963742][T20914] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7271'. [ 738.050506][T20920] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.7272'. [ 738.190930][ T5675] pwc: send_video_command error -71 [ 738.196789][ T5675] pwc: Failed to set video mode VGA@30 fps; return code = -71 [ 738.231241][ T5675] Philips webcam: probe of 2-1:0.0 failed with error -71 [ 738.251428][ T5675] usb 2-1: USB disconnect, device number 35 [ 738.260902][T20932] netlink: 32 bytes leftover after parsing attributes in process `syz.4.7279'. [ 738.266400][ T21] huawei_cdc_ncm 1-1:7.184: CDC Union missing and no IAD found [ 738.280522][ T21] huawei_cdc_ncm 1-1:7.184: bind() failure [ 738.311150][ T21] usb 1-1: USB disconnect, device number 24 [ 738.465387][T20938] loop4: detected capacity change from 0 to 1024 [ 738.540741][T20938] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 2: comm syz.4.7282: lblock 2 mapped to illegal pblock 2 (length 1) [ 738.591945][T20938] Quota error (device loop4): qtree_write_dquot: dquota write failed [ 738.608570][T20938] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 48: comm syz.4.7282: lblock 0 mapped to illegal pblock 48 (length 1) [ 738.639821][T20938] Quota error (device loop4): v2_write_file_info: Can't write info structure [ 738.669085][T20938] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.7282: Failed to acquire dquot type 0 [ 738.713672][T20938] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 738.763544][T20938] EXT4-fs error (device loop4): ext4_evict_inode:282: inode #11: comm syz.4.7282: mark_inode_dirty error [ 738.785063][T20938] EXT4-fs warning (device loop4): ext4_evict_inode:285: couldn't mark inode dirty (err -117) [ 738.785151][T20938] EXT4-fs (loop4): 1 orphan inode deleted [ 738.824363][T20947] (unnamed net_device) (uninitialized): ARP monitoring cannot be used with MII monitoring [ 738.828208][T13979] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 738.853876][T20938] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,data_err=ignore,delalloc,nodiscard,stripe=0x0000000000000004,noauto_da_alloc,,errors=continue. Quota mode: none. [ 738.893320][T13979] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 738.960828][T13979] EXT4-fs error (device loop4): ext4_release_dquot:6270: comm kworker/u4:8: Failed to release dquot type 0 [ 739.108422][T20934] loop3: detected capacity change from 0 to 40427 [ 739.178693][T13979] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 739.196651][T20934] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 739.204601][T20934] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 739.230999][T13979] Quota error (device loop4): remove_tree: Can't read quota data block 1 [ 739.251090][T20934] F2FS-fs (loop3): invalid crc value [ 739.256617][T13979] EXT4-fs error (device loop4): ext4_release_dquot:6270: comm kworker/u4:8: Failed to release dquot type 0 [ 739.269354][ T4232] EXT4-fs error (device loop4): __ext4_get_inode_loc:4327: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 739.305852][T20934] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 9809626597) [ 739.353452][ T4232] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5854: Corrupt filesystem [ 739.418205][ T4232] EXT4-fs error (device loop4): ext4_quota_off:6540: inode #3: comm syz-executor: mark_inode_dirty error [ 739.482482][T20934] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 739.489962][T20934] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 739.539181][ T21] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 739.631309][T20934] fscrypt (loop3, inode 3): Error -61 getting encryption context [ 739.800008][ T21] usb 1-1: Using ep0 maxpacket: 32 [ 739.871894][T20993] __nla_validate_parse: 1 callbacks suppressed [ 739.871914][T20993] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7307'. [ 739.896998][T20993] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7307'. [ 739.933211][ T21] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 26, changing to 7 [ 740.114796][ T21] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b1, bcdDevice= 0.40 [ 740.124544][ T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 740.169501][ T21] usb 1-1: Product: syz [ 740.173759][ T21] usb 1-1: Manufacturer: syz [ 740.180557][ T21] usb 1-1: SerialNumber: syz [ 740.222057][T21005] netlink: 'syz.4.7314': attribute type 1 has an invalid length. [ 740.231249][T21005] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7314'. [ 740.520957][ T21] snd-usb-audio: probe of 1-1:1.0 failed with error -71 [ 740.551218][ T21] usb 1-1: USB disconnect, device number 25 [ 740.637491][T21029] loop4: detected capacity change from 0 to 256 [ 740.728527][T21035] loop2: detected capacity change from 0 to 512 [ 740.757316][T21029] FAT-fs (loop4): Directory bread(block 64) failed [ 740.782537][T21029] FAT-fs (loop4): Directory bread(block 65) failed [ 740.801188][T21029] FAT-fs (loop4): Directory bread(block 66) failed [ 740.829417][T21029] FAT-fs (loop4): Directory bread(block 67) failed [ 740.874225][T21029] FAT-fs (loop4): Directory bread(block 68) failed [ 740.903263][T21029] FAT-fs (loop4): Directory bread(block 69) failed [ 740.913204][T21029] FAT-fs (loop4): Directory bread(block 70) failed [ 740.922784][T21029] FAT-fs (loop4): Directory bread(block 71) failed [ 740.941285][T21029] FAT-fs (loop4): Directory bread(block 72) failed [ 740.964722][T21029] FAT-fs (loop4): Directory bread(block 73) failed [ 741.134010][T21041] device xfrm0 entered promiscuous mode [ 741.423868][T21055] SET target dimension over the limit! [ 741.815303][T21063] loop1: detected capacity change from 0 to 4096 [ 741.875421][T21072] loop2: detected capacity change from 0 to 2048 [ 741.911246][T21063] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 741.957940][T21072] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 741.989706][T21063] ntfs3: loop1: mft corrupted [ 741.994480][T21063] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 742.026287][T21063] ntfs3: loop1: Failed to load $BadClus. [ 742.056152][T21080] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 742.134549][T21072] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 742.229433][T21047] loop0: detected capacity change from 0 to 32768 [ 742.230866][T21072] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 742.357908][T21097] loop1: detected capacity change from 0 to 256 [ 742.417887][T21072] Remounting filesystem read-only [ 742.426169][T21072] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 742.439272][T21072] NILFS error (device loop2): nilfs_bmap_last_key: broken bmap (inode number=16) [ 742.453192][T21072] NILFS (loop2): error -5 truncating bmap (ino=16) [ 742.490294][T21047] XFS (loop0): Mounting V5 Filesystem [ 742.607110][T21047] XFS (loop0): Ending clean mount [ 742.617318][ T4234] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 742.746942][ T4227] XFS (loop0): Unmounting Filesystem [ 743.267267][T21135] openvswitch: netlink: Actions may not be safe on all matching packets [ 743.303777][T21130] xt_CT: No such helper "snmp_trap" [ 743.312157][T21137] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 743.846730][T21166] netlink: 44 bytes leftover after parsing attributes in process `syz.3.7388'. [ 743.856229][T21165] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7387'. [ 743.876103][T21165] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7387'. [ 744.497725][T21142] loop1: detected capacity change from 0 to 32768 [ 744.522719][T21202] netlink: 'syz.2.7406': attribute type 12 has an invalid length. [ 745.029186][T21228] loop3: detected capacity change from 0 to 764 [ 745.059053][T21230] syz.2.7420: vmalloc error: size 9007199254740992, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz2,mems_allowed=0-1 [ 745.094898][T21230] CPU: 0 PID: 21230 Comm: syz.2.7420 Not tainted syzkaller #0 [ 745.102640][T21230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 745.112930][T21230] Call Trace: [ 745.116219][T21230] [ 745.119170][T21230] dump_stack_lvl+0x188/0x250 [ 745.123869][T21230] ? rcu_lock_release+0x5/0x20 [ 745.128635][T21230] ? show_regs_print_info+0x20/0x20 [ 745.133867][T21230] ? load_image+0x400/0x400 [ 745.138405][T21230] warn_alloc+0x243/0x320 [ 745.142771][T21230] ? rcu_lock_release+0x20/0x20 [ 745.147621][T21230] ? zone_watermark_ok_safe+0x240/0x240 [ 745.153332][T21230] ? dvb_demux_do_ioctl+0x313/0x530 [ 745.158556][T21230] ? kfree+0xef/0x2a0 [ 745.162555][T21230] __vmalloc_node_range+0x2b1/0x8b0 [ 745.167866][T21230] ? mutex_lock_io_nested+0x60/0x60 [ 745.173078][T21230] ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0 [ 745.178891][T21230] vmalloc+0x75/0x80 [ 745.182802][T21230] ? dvb_dmxdev_set_buffer_size+0xbe/0x1f0 [ 745.188635][T21230] dvb_dmxdev_set_buffer_size+0xbe/0x1f0 [ 745.194297][T21230] dvb_demux_do_ioctl+0x450/0x530 [ 745.199527][T21230] dvb_usercopy+0x191/0x2b0 [ 745.204122][T21230] ? dvb_dmxdev_buffer_read+0x4c0/0x4c0 [ 745.209747][T21230] ? dvb_generic_ioctl+0xb0/0xb0 [ 745.214697][T21230] ? dvb_demux_poll+0x210/0x210 [ 745.219633][T21230] dvb_demux_ioctl+0x25/0x30 [ 745.224223][T21230] __se_sys_ioctl+0xfa/0x170 [ 745.228852][T21230] do_syscall_64+0x4c/0xa0 [ 745.233289][T21230] ? clear_bhb_loop+0x30/0x80 [ 745.237994][T21230] ? clear_bhb_loop+0x30/0x80 [ 745.242756][T21230] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 745.248751][T21230] RIP: 0033:0x7f460ff8d819 [ 745.253384][T21230] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 745.273210][T21230] RSP: 002b:00007f460e1e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 745.281634][T21230] RAX: ffffffffffffffda RBX: 00007f4610206fa0 RCX: 00007f460ff8d819 [ 745.289635][T21230] RDX: 0020000000000000 RSI: 0000000000006f2d RDI: 0000000000000003 [ 745.297766][T21230] RBP: 00007f4610023c91 R08: 0000000000000000 R09: 0000000000000000 [ 745.305767][T21230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.313755][T21230] R13: 00007f4610207038 R14: 00007f4610206fa0 R15: 00007ffd02aadc98 [ 745.321768][T21230] [ 745.324980][ C0] vkms_vblank_simulate: vblank timer overrun [ 745.340617][T21230] Mem-Info: [ 745.344066][T21230] active_anon:332 inactive_anon:11558 isolated_anon:0 [ 745.344066][T21230] active_file:16225 inactive_file:45248 isolated_file:0 [ 745.344066][T21230] unevictable:768 dirty:532 writeback:0 [ 745.344066][T21230] slab_reclaimable:21187 slab_unreclaimable:97708 [ 745.344066][T21230] mapped:30887 shmem:5831 pagetables:757 bounce:0 [ 745.344066][T21230] kernel_misc_reclaimable:0 [ 745.344066][T21230] free:1360127 free_pcp:3265 free_cma:0 [ 745.405424][T21230] Node 0 active_anon:1296kB inactive_anon:45724kB active_file:64704kB inactive_file:180992kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:123548kB dirty:2128kB writeback:0kB shmem:21248kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:11404kB pagetables:3028kB all_unreclaimable? no [ 745.445450][T21230] Node 1 active_anon:32kB inactive_anon:508kB active_file:196kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:2076kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB all_unreclaimable? no [ 745.487402][T21230] Node 0 DMA free:15344kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 745.684119][T21236] loop4: detected capacity change from 0 to 512 [ 745.715817][T21230] lowmem_reserve[]: 0 2539 2540 2540 2540 [ 745.737265][T21230] Node 0 DMA32 free:1494156kB min:34784kB low:43480kB high:52176kB reserved_highatomic:0KB active_anon:1296kB inactive_anon:35424kB active_file:64704kB inactive_file:180992kB unevictable:1536kB writepending:2128kB present:3129332kB managed:2606552kB mlocked:0kB bounce:0kB free_pcp:31996kB local_pcp:20328kB free_cma:0kB [ 745.806455][T21230] lowmem_reserve[]: 0 0 0 0 0 [ 745.821636][T21230] Node 0 Normal free:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:660kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 745.847375][ C0] vkms_vblank_simulate: vblank timer overrun [ 745.854352][T21230] lowmem_reserve[]: 0 0 0 0 0 [ 745.859489][T21230] Node 1 Normal free:3927860kB min:55108kB low:68884kB high:82660kB reserved_highatomic:0KB active_anon:32kB inactive_anon:508kB active_file:196kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194304kB managed:4119672kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 745.888982][T21230] lowmem_reserve[]: 0 0 0 0 0 [ 745.893777][T21230] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15344kB [ 745.897210][T21244] loop0: detected capacity change from 0 to 512 [ 745.908725][T21230] Node 0 DMA32: 947*4kB (ME) 1732*8kB (UME) 1303*16kB (UME) 954*32kB (UME) 551*64kB (UME) 294*128kB (UME) 129*256kB (UME) 57*512kB (UM) 21*1024kB (UM) 10*2048kB (UM) 306*4096kB (UM) = 1499484kB [ 745.935489][T21230] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 745.936903][T21236] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #3: comm syz.4.7423: corrupted inode contents [ 745.947893][T21230] Node 1 Normal: 243*4kB (UME) 53*8kB (UME) 30*16kB (UME) 187*32kB (UME) 82*64kB (UME) 24*128kB (UE) 12*256kB (UM) 8*512kB (UE) 1*1024kB (E) 2*2048kB (ME) 952*4096kB (M) = 3927860kB [ 745.979171][T21230] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 745.989015][T21230] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 746.006787][T21230] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 746.029439][T21236] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #3: comm syz.4.7423: mark_inode_dirty error [ 746.051752][T21244] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 746.061854][T21230] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 746.086199][T21244] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock [ 746.092473][T21236] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #3: comm syz.4.7423: corrupted inode contents [ 746.118153][T21244] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock [ 746.137099][T21230] 63116 total pagecache pages [ 746.153868][T21236] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #3: comm syz.4.7423: mark_inode_dirty error [ 746.156019][T21244] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 746.179470][T21244] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000] [ 746.194432][T21230] 0 pages in swap cache [ 746.198388][T21244] EXT4-fs (loop0): failed to initialize system zone (-117) [ 746.199305][T21230] Swap cache stats: add 30, delete 30, find 6/9 [ 746.206051][T21244] EXT4-fs (loop0): mount failed [ 746.212263][T21230] Free swap = 124728kB [ 746.212278][T21230] Total swap = 124996kB [ 746.229752][T21230] 2097051 pages RAM [ 746.233600][T21230] 0 pages HighMem/MovableOnly [ 746.239872][T21236] Quota error (device loop4): write_blk: dquota write failed [ 746.248355][T21230] 411490 pages reserved [ 746.308087][T21236] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 746.321024][T21236] EXT4-fs error (device loop4): ext4_acquire_dquot:6234: comm syz.4.7423: Failed to acquire dquot type 0 [ 746.355813][T21230] 0 pages cma reserved [ 746.457077][T21236] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #16: comm syz.4.7423: corrupted inode contents [ 746.567995][T21236] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #16: comm syz.4.7423: mark_inode_dirty error [ 746.600048][T21266] xt_recent: hitcount (262144) is larger than allowed maximum (255) [ 746.616313][T21236] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #16: comm syz.4.7423: corrupted inode contents [ 746.704147][T21236] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #16: comm syz.4.7423: mark_inode_dirty error [ 746.751968][T21236] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #16: comm syz.4.7423: corrupted inode contents [ 746.781456][T21236] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 746.808291][T21276] netlink: 'syz.0.7441': attribute type 1 has an invalid length. [ 746.840070][T21236] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #16: comm syz.4.7423: corrupted inode contents [ 746.855943][T21281] netlink: 'syz.1.7443': attribute type 1 has an invalid length. [ 746.903287][T21236] EXT4-fs error (device loop4): ext4_truncate:4279: inode #16: comm syz.4.7423: mark_inode_dirty error [ 746.958618][T21236] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 747.018771][T21236] EXT4-fs (loop4): 1 truncate cleaned up [ 747.024472][T21236] EXT4-fs (loop4): mounted filesystem without journal. Opts: resuid=0x0000000000000000,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: writeback. [ 747.095972][T21236] ext4 filesystem being mounted at /1522/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 747.543047][T21317] loop3: detected capacity change from 0 to 2048 [ 747.593739][T21327] tmpfs: Bad value for 'mpol' [ 747.622475][T21317] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 747.686765][T21331] loop0: detected capacity change from 0 to 512 [ 747.693246][T21332] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 747.743309][T21317] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 747.756770][T21338] x_tables: duplicate entry at hook 2 [ 747.780356][T21317] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16) [ 747.784102][T21331] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,,errors=continue. Quota mode: writeback. [ 747.810716][T21317] Remounting filesystem read-only [ 747.835187][T21342] netlink: 264 bytes leftover after parsing attributes in process `syz.1.7473'. [ 747.845346][T21342] netlink: 264 bytes leftover after parsing attributes in process `syz.1.7473'. [ 747.859592][T21342] netlink: 175 bytes leftover after parsing attributes in process `syz.1.7473'. [ 747.863960][T21317] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157 [ 747.909712][T21346] netlink: 'syz.2.7475': attribute type 3 has an invalid length. [ 747.918512][T21346] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.7475'. [ 747.977301][T21317] NILFS error (device loop3): nilfs_bmap_last_key: broken bmap (inode number=16) [ 748.031121][ T26] audit: type=1800 audit(2000001083.239:32): pid=21331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.7468" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 748.032982][T21317] NILFS (loop3): error -5 truncating bmap (ino=16) [ 748.085954][T21331] [ 748.088337][T21331] ====================================================== [ 748.095461][T21331] WARNING: possible circular locking dependency detected [ 748.102605][T21331] syzkaller #0 Not tainted [ 748.107122][T21331] ------------------------------------------------------ [ 748.113162][T21356] loop2: detected capacity change from 0 to 128 [ 748.114244][T21331] syz.0.7468/21331 is trying to acquire lock: [ 748.114260][T21331] ffff88805e952b28 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x5a/0x410 [ 748.135588][T21331] [ 748.135588][T21331] but task is already holding lock: [ 748.142972][T21331] ffff88805e9e2060 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0x97f/0x10f0 [ 748.152505][T21331] [ 748.152505][T21331] which lock already depends on the new lock. [ 748.152505][T21331] [ 748.163348][T21331] [ 748.163348][T21331] the existing dependency chain (in reverse order) is: [ 748.172606][T21331] [ 748.172606][T21331] -> #2 (&ei->i_data_sem/2){++++}-{3:3}: [ 748.180474][T21331] down_write+0x38/0x60 [ 748.185215][T21331] ext4_map_blocks+0x8bf/0x1b30 [ 748.190607][T21331] ext4_getblk+0x176/0x670 [ 748.195783][T21331] ext4_bread+0x26/0x180 [ 748.200652][T21331] ext4_quota_write+0x236/0x580 [ 748.206063][T21331] remove_free_dqentry+0x318/0xd70 [ 748.211717][T21331] do_insert_tree+0xe94/0x1970 [ 748.217000][T21331] do_insert_tree+0x5b1/0x1970 [ 748.222285][T21331] do_insert_tree+0x5b1/0x1970 [ 748.227568][T21331] do_insert_tree+0x5b1/0x1970 [ 748.232850][T21331] qtree_write_dquot+0x361/0x4b0 [ 748.238353][T21331] v2_write_dquot+0x108/0x190 [ 748.243633][T21331] dquot_acquire+0x2d5/0x520 [ 748.248748][T21331] ext4_acquire_dquot+0x2d9/0x4a0 [ 748.254290][T21331] dqget+0x778/0xeb0 [ 748.258704][T21331] __dquot_initialize+0x3c3/0xcd0 [ 748.264248][T21331] ext4_process_orphan+0x54/0x300 [ 748.269788][T21331] ext4_orphan_cleanup+0xad2/0x1320 [ 748.275501][T21331] ext4_fill_super+0x8e25/0x95a0 [ 748.280955][T21331] mount_bdev+0x287/0x3c0 [ 748.285802][T21331] legacy_get_tree+0xe6/0x180 [ 748.291007][T21331] vfs_get_tree+0x88/0x270 [ 748.296056][T21331] do_new_mount+0x24a/0xa40 [ 748.301092][T21331] __se_sys_mount+0x2e3/0x3d0 [ 748.306296][T21331] do_syscall_64+0x4c/0xa0 [ 748.311332][T21331] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 748.317760][T21331] [ 748.317760][T21331] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}: [ 748.325839][T21331] down_read+0x44/0x2e0 [ 748.330525][T21331] v2_read_dquot+0x4a/0x110 [ 748.335545][T21331] dquot_acquire+0x152/0x520 [ 748.340654][T21331] ext4_acquire_dquot+0x2d9/0x4a0 [ 748.346196][T21331] dqget+0x778/0xeb0 [ 748.350705][T21331] __dquot_initialize+0x3c3/0xcd0 [ 748.356281][T21331] ext4_process_orphan+0x54/0x300 [ 748.361852][T21331] ext4_orphan_cleanup+0xad2/0x1320 [ 748.367591][T21331] ext4_fill_super+0x8e25/0x95a0 [ 748.373056][T21331] mount_bdev+0x287/0x3c0 [ 748.377900][T21331] legacy_get_tree+0xe6/0x180 [ 748.383136][T21331] vfs_get_tree+0x88/0x270 [ 748.388078][T21331] do_new_mount+0x24a/0xa40 [ 748.393107][T21331] __se_sys_mount+0x2e3/0x3d0 [ 748.398302][T21331] do_syscall_64+0x4c/0xa0 [ 748.403258][T21331] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 748.409776][T21331] [ 748.409776][T21331] -> #0 (&dquot->dq_lock){+.+.}-{3:3}: [ 748.417435][T21331] __lock_acquire+0x2c42/0x7d10 [ 748.422839][T21331] lock_acquire+0x19e/0x400 [ 748.427882][T21331] __mutex_lock_common+0x1e3/0x2400 [ 748.433623][T21331] mutex_lock_nested+0x17/0x20 [ 748.438919][T21331] dquot_commit+0x5a/0x410 [ 748.444031][T21331] ext4_write_dquot+0x1f0/0x360 [ 748.449406][T21331] mark_all_dquot_dirty+0xf9/0x400 [ 748.455042][T21331] __dquot_free_space+0x7ca/0xb90 [ 748.460587][T21331] ext4_free_blocks+0x1b2b/0x24d0 [ 748.466134][T21331] ext4_clear_blocks+0x37f/0x3f0 [ 748.471588][T21331] ext4_ind_truncate+0x43b/0xbe0 [ 748.477041][T21331] ext4_truncate+0x9d8/0x10f0 [ 748.482237][T21331] ext4_setattr+0xffe/0x19e0 [ 748.487340][T21331] notify_change+0xbcd/0xee0 [ 748.492447][T21331] do_truncate+0x1ac/0x240 [ 748.497477][T21331] path_openat+0x2922/0x2fa0 [ 748.502684][T21331] do_filp_open+0x1e2/0x410 [ 748.507705][T21331] do_sys_openat2+0x150/0x4b0 [ 748.512910][T21331] __x64_sys_open+0x11b/0x140 [ 748.518190][T21331] do_syscall_64+0x4c/0xa0 [ 748.523131][T21331] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 748.529543][T21331] [ 748.529543][T21331] other info that might help us debug this: [ 748.529543][T21331] [ 748.539767][T21331] Chain exists of: [ 748.539767][T21331] &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2 [ 748.539767][T21331] [ 748.553418][T21331] Possible unsafe locking scenario: [ 748.553418][T21331] [ 748.560859][T21331] CPU0 CPU1 [ 748.566227][T21331] ---- ---- [ 748.571670][T21331] lock(&ei->i_data_sem/2); [ 748.576261][T21331] lock(&s->s_dquot.dqio_sem); [ 748.583627][T21331] lock(&ei->i_data_sem/2); [ 748.590743][T21331] lock(&dquot->dq_lock); [ 748.595156][T21331] [ 748.595156][T21331] *** DEADLOCK *** [ 748.595156][T21331] [ 748.603288][T21331] 5 locks held by syz.0.7468/21331: [ 748.608478][T21331] #0: ffff888079b58460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90 [ 748.617709][T21331] #1: ffff88805e9e21d8 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: do_truncate+0x198/0x240 [ 748.628072][T21331] #2: ffff88805e9e2378 (mapping.invalidate_lock){++++}-{3:3}, at: ext4_setattr+0xdb6/0x19e0 [ 748.638259][T21331] #3: ffff88805e9e2060 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0x97f/0x10f0 [ 748.648002][T21331] #4: ffffffff8c441538 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x5/0x30 [ 748.657050][T21331] [ 748.657050][T21331] stack backtrace: [ 748.662932][T21331] CPU: 1 PID: 21331 Comm: syz.0.7468 Not tainted syzkaller #0 [ 748.670496][T21331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 748.680548][T21331] Call Trace: [ 748.683871][T21331] [ 748.686805][T21331] dump_stack_lvl+0x188/0x250 [ 748.691577][T21331] ? load_image+0x400/0x400 [ 748.696076][T21331] ? show_regs_print_info+0x20/0x20 [ 748.701276][T21331] ? print_circular_bug+0x12b/0x1a0 [ 748.706475][T21331] check_noncircular+0x296/0x330 [ 748.711415][T21331] ? rcu_lock_release+0x5/0x20 [ 748.716273][T21331] ? add_chain_block+0x940/0x940 [ 748.721296][T21331] ? lockdep_lock+0xf1/0x1f0 [ 748.725894][T21331] ? mark_lock+0x94/0x320 [ 748.730310][T21331] __lock_acquire+0x2c42/0x7d10 [ 748.735340][T21331] ? __bfs+0x2a3/0x5c0 [ 748.739411][T21331] ? verify_lock_unused+0x140/0x140 [ 748.744609][T21331] ? check_noncircular+0x189/0x330 [ 748.749726][T21331] ? add_chain_block+0x940/0x940 [ 748.754687][T21331] ? lockdep_lock+0xf1/0x1f0 [ 748.759453][T21331] ? lockdep_unlock+0x143/0x2e0 [ 748.764480][T21331] lock_acquire+0x19e/0x400 [ 748.768984][T21331] ? dquot_commit+0x5a/0x410 [ 748.773790][T21331] ? __might_sleep+0xf0/0xf0 [ 748.778395][T21331] ? read_lock_is_recursive+0x10/0x10 [ 748.783767][T21331] ? mark_lock+0x94/0x320 [ 748.788200][T21331] ? dquot_commit+0x5a/0x410 [ 748.792810][T21331] __mutex_lock_common+0x1e3/0x2400 [ 748.798008][T21331] ? dquot_commit+0x5a/0x410 [ 748.802600][T21331] ? __might_sleep+0xf0/0xf0 [ 748.807188][T21331] ? mutex_lock_io_nested+0x60/0x60 [ 748.812386][T21331] ? crypto_shash_update+0x216/0x300 [ 748.817845][T21331] mutex_lock_nested+0x17/0x20 [ 748.822608][T21331] dquot_commit+0x5a/0x410 [ 748.827030][T21331] ? __ext4_journal_start_sb+0x1bd/0x360 [ 748.832667][T21331] ext4_write_dquot+0x1f0/0x360 [ 748.837532][T21331] mark_all_dquot_dirty+0xf9/0x400 [ 748.842731][T21331] __dquot_free_space+0x7ca/0xb90 [ 748.847764][T21331] ext4_free_blocks+0x1b2b/0x24d0 [ 748.852979][T21331] ? ext4_mb_discard_preallocations_should_retry+0x690/0x690 [ 748.860456][T21331] ? __ext4_journal_ensure_credits+0x2c/0x450 [ 748.866527][T21331] ? ext4_ind_truncate_ensure_credits+0x29a/0x750 [ 748.873028][T21331] ext4_clear_blocks+0x37f/0x3f0 [ 748.878064][T21331] ext4_ind_truncate+0x43b/0xbe0 [ 748.883088][T21331] ? ext4_ind_trans_blocks+0x70/0x70 [ 748.888374][T21331] ? mb_test_and_clear_bits+0x240/0x240 [ 748.894006][T21331] ? __ext4_journal_start_sb+0x1bd/0x360 [ 748.899655][T21331] ext4_truncate+0x9d8/0x10f0 [ 748.904592][T21331] ? __ext4_mark_inode_dirty+0x700/0x700 [ 748.910314][T21331] ext4_setattr+0xffe/0x19e0 [ 748.914918][T21331] ? ext4_write_inode+0x5f0/0x5f0 [ 748.919942][T21331] notify_change+0xbcd/0xee0 [ 748.924583][T21331] do_truncate+0x1ac/0x240 [ 748.929008][T21331] ? rcu_lock_release+0x20/0x20 [ 748.933868][T21331] ? ima_bprm_check+0x200/0x200 [ 748.938742][T21331] ? bpf_lsm_path_truncate+0x5/0x10 [ 748.943938][T21331] path_openat+0x2922/0x2fa0 [ 748.948626][T21331] ? do_filp_open+0x410/0x410 [ 748.953401][T21331] do_filp_open+0x1e2/0x410 [ 748.957906][T21331] ? vfs_tmpfile+0x300/0x300 [ 748.962517][T21331] ? _raw_spin_unlock+0x24/0x40 [ 748.967367][T21331] ? alloc_fd+0x598/0x630 [ 748.971700][T21331] do_sys_openat2+0x150/0x4b0 [ 748.976377][T21331] ? do_sys_open+0xe0/0xe0 [ 748.980790][T21331] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 748.987045][T21331] ? lock_chain_count+0x20/0x20 [ 748.991903][T21331] ? vtime_user_exit+0x2c8/0x3e0 [ 748.997032][T21331] __x64_sys_open+0x11b/0x140 [ 749.001707][T21331] do_syscall_64+0x4c/0xa0 [ 749.006124][T21331] ? clear_bhb_loop+0x30/0x80 [ 749.010802][T21331] ? clear_bhb_loop+0x30/0x80 [ 749.015490][T21331] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 749.021563][T21331] RIP: 0033:0x7f7e336c6819 [ 749.026087][T21331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 749.045930][T21331] RSP: 002b:00007f7e31920028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 749.054535][T21331] RAX: ffffffffffffffda RBX: 00007f7e3393ffa0 RCX: 00007f7e336c6819 [ 749.062680][T21331] RDX: 0000000000000000 RSI: 0000000000046342 RDI: 0000200000000c40 [ 749.070655][T21331] RBP: 00007f7e3375cc91 R08: 0000000000000000 R09: 0000000000000000 [ 749.078809][T21331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 749.086777][T21331] R13: 00007f7e33940038 R14: 00007f7e3393ffa0 R15: 00007ffe4dc96cf8 [ 749.094872][T21331] [ 749.275405][ T4241] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer