last executing test programs: 8m55.444202602s ago: executing program 1 (id=3411): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000005c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d410000000000000002900000005000000", 0x30) 8m55.31868895s ago: executing program 1 (id=3414): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0x13, 0x0, 0x0) 8m55.175804438s ago: executing program 1 (id=3416): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x10\x00'}]}, 0x1c}}, 0x0) 8m55.068012084s ago: executing program 1 (id=3418): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000300)='./file0\x00', 0x2000004, &(0x7f0000000500)=ANY=[@ANYBLOB="00e3078fbb81fca067351e718b1742354077ee6bdefb8addaf7c0c235850b66dac0ba564a370a77264f1a57d44c84efc49fa6c64b9351ea8fd59a458a7791fedcc466b0eab6ca6dd32fcc642517fa3219450b91e3118bf2b9d3cfa562ea44c058252d29181c81c637c6ba7d179122eee61e5c9f68165b6abd469da8d90c0632f7265bb040411d5748c475bb33a7ce77afb2ea533f1653d8cb67dad989bb0a1c16881f0d91d6cbd3751c289aecf4a00"/185, @ANYBLOB="b12398658f5ec6488081d04c33b5a507b1cac8c4376c1895046a1e6e068e53d002eb4279796b4c014f4febee026f87bd0eea7d27598f7ff2687552fdd651", @ANYRESOCT=0x0, @ANYRES64], 0x1, 0x497, &(0x7f0000002480)="$eJzs281vG8Ufx/HPbGJnk/b3w31yC6qEJSSKiiix05I+gRRa0iL1gbYJAqEWhcYJVhMnitOqraCtxKFHoEggJA7l0AtCVZHgAgcOcOM/4MKtBy6YEycQms2sd+26JK0fEjfvl5R4vPv17uzM7OysdywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACC9/MpQf9Ysdy4AAEA7HTt1sj/H9R8AgFVlhPt/AACA1cTI0ycy+uHTsjkavF/gHykUz18cPThc/2O9JvhkVxBv//xsbmDnrhcGd4ev//35Zntcx0+NDGUOzEzPzuVLpfx4ZrRYODsznl/yFhr9fK3tQQFkps+dH5+YKGVyOwaqVl9M3e1Zk07tG0zvfzqMHT04PHwqFtOdeOi93+N+I/ykPF2XUfnj2+aYJE+Nl8UibafVeoOD2B4cxOjB4eBApgpjxXm70oQF4VWXSTIsozbURUM2SjZfJtmce7aEPJVktCldNscldYXl8GzwxfDiG/Cako0HZvN5WlJGHVBnK1iPPO2S0Y09Kb1myyys/27p/eXOHFquW55uy2jbS2VzIugP7Plku80jr2deLU7MxGKNcWdUp18f2mmF902+PB0LzviyObncmUHb2cHSaRntHLkQjCsUjEsf2zd46PBIfISxeZHt2NgdLr2Ua3IiNnQwyzSGAAAAAAAAAB51vvGC7+I+/8YP3mfcMyCsEsbT8zL683A5eDQen5fQFZvfUdHpz35am/9e/8DM7KW5wuS783XX9/lD75Tm58bO1l+tXnvyVX0dvtg8hgYljKfdMrr6z51ovylj064biHZ0a3+UN9/UrA3azf8X5rOEzxD2Dm+Op+tm+QGej6XcfumfgOYwxtOQjCa+3+LmfvTpnj7IxX0roz9ubnVxXtIGhadpKvjvTxSm8v029icZffl3GBtMM9MaF7shis3aWE9GHx2tjl3rYjdGsTkbe0hGP5+pH7spih2wsR/IaPb3TBjbZ2OfdLHpKHbH2Zmp8ZYV8Apn+/8rMlr/YsaEdenKy3WzXZXYW+9F/f212g3dp89vtP9PxZZdc+3wrm2vZ7YEbS9or1799npdRl9/t9XFLbSVpFu/Lvgftdc3ZDT5S3Vsn4tdH8Vml1ywHcLW/9syyhXvVMrG1b+rgdj1P1b/T9S2jhbV/7rYspTbb09zDh2SSpcunxubmsrPkSBBYgmJHq2IbCySCPvlh9/OMndMaAt7/f9MRm+e+LUy3nHXfzesjsZ/f12Jrv97azfUouv/+tiyvW40kuiW/Pnp2URa8kuXLj9XmB6bzE/miwO57J7+PTsHs4lkOLaLUg0X1SMp4e7VLnz4VeX+rHr8V3/831e7oRbV/waXzXCfUSfVlMNf9Wz9/yajt368U7mPtvV/sxJRPf4P77OeeWrhtXJ+tqj+N8aWpdx+/9eE4wYAAAAAAAAAAAAAAACATpcwnm7IyD/dbcLfRi1l/t89P5hq0fyvdGzZeJt+r9BwoQJAB/Dk6QsZbVPZXLUL1kpH4694pP0bAAD//3VdHM0=") mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x80, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 8m54.646363809s ago: executing program 1 (id=3421): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002f000b12d25a80648c2594f90124fc60100c034002000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) 8m53.902362372s ago: executing program 1 (id=3431): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_INC(r0, 0xc0105702, 0x0) 8m53.512510045s ago: executing program 32 (id=3431): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_INC(r0, 0xc0105702, 0x0) 8m22.523504046s ago: executing program 0 (id=3774): r0 = socket$inet(0x2b, 0x801, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x31, 0x0, 0x0) 8m22.352477806s ago: executing program 0 (id=3776): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000500)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7b}, @printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x14, 0xe80, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 8m22.087101941s ago: executing program 0 (id=3780): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi4\x00', 0x101000, 0x0) ioctl$COMEDI_CMD(r0, 0x80506409, &(0x7f0000000180)={0x0, 0x20, 0x2, 0x6dd, 0x10, 0x3e8, 0x2, 0x3, 0x20, 0x1, 0x1, 0x7, &(0x7f0000000240)=[0x4], 0x1, 0x0}) 8m21.922552741s ago: executing program 0 (id=3782): syz_mount_image$exfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002a00)={[{@dmask={'dmask', 0x3d, 0x8}}, {@namecase}, {@dmask={'dmask', 0x3d, 0x6}}, {@utf8}, {@dmask={'dmask', 0x3d, 0x80}}, {@keep_last_dots}, {@keep_last_dots}, {@sys_tz}, {@namecase}, {@keep_last_dots}]}, 0x1, 0x153b, &(0x7f0000000340)="$eJzs3AucTlXXAPC19t5nDImnSS7D3nsdnuSyTZLkkiSXJEmSJLeEpEleSUgMIUlDEpLLkMQQksvEpHG/3y8JSdIkSUhuyf5+E37qrb73/b73/fL+vln/3+/87DXnrH3WedZznuecg/m269BaTWpXb0RE8C/BC38kAUAsAAwEgLwAEABA+bjycYAB5JSY9K/thP17PZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/x1z/+Bn///x+Hv//9HMsuM/XJNmeu6AcT8sync/+yN+///VvDPbMT9z964/9lV7JUugP0H4PM/O8jxp2u4/9kb95+x7OxKP3++0gtE/sNegyM5LzTmrzp+xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsL3DaX6YA4NL4StfFGGOMMcYYY4yxfx+f40pXwBhjjDHGGGOMsf97CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgPGsD90BAegEbwIDSGh6AJPAxN4RFoBs2hBbSEVv+r/OehJ7wAvaA3JEEf6AsvQj/oDwPgJRgIL8MgeAUGw6uQDENgKLwGw+B1GA5vwAgYCaPgTRgNb8EYGAvjYDykwASYCG/DJHgHJsO7MAWmQipMg+nwHsyAmTAL3ofZ8AHMgbkwD+ZDGnwIC2AhpMNHsAg+hgxYDEtgKSyD5bACVsIqWA1rYC2sg/WwATbCJtgMW2ArbIPtsAM+gZ3wKeyC3bAHPoO98Pmv8gGSfunnf5d/6u/yuyEgoECBChXGYAzGYizmwlyYG3NjHsyDEYxgHMZhPsyH+TE/FsSCGI/xWASLoEGDhIRFsShGMYrFsTiWwBJYCkuhQ4cJmIBl8SYsh+WwPJbHClgBK2IlrIRVsApWxapYDathdayONbAG1sJaeBfehX2wLtbFelgP62P9S4+nsBE2wsbYGJtgE2yKTbEZNsMW2AJbYStsja2xDbbBdtgO22N77IAdMBETsSN2xE7YCTtjZ+yCXbArdsVu2B27Zz6fA/AFfAF7Yw3RB/tiX+yHyTkG4Ev4Er6Mg/AVfAVfxWQcgkPxNXwNX8fheBJH4EgchaOwqngLx+BYJDEeUzAFJ+JEnISTMKvQd3EqpuI0nI7TcQbOxJn4Ps7GD/ADnItzcT6mYRouwIWYjum4CE9hBi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+gAsBPcTfuxmTci3txH+7D/bgfD+ABzMRMPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hs/NeNPym5OhlEFiWUiBExIlbEilwil8gtcos8Io+IiIiIE3Ein8gn8ov8oqAoKOJFvCgiiggjjCARxgCAiIqoKC6KixKihCglSgknnEgQCaKsKCvKiXKivLhFVBC3ioqikmjrqogqoqpo56qJO0R1UV3UEDVFLVFb1BZ1RB1RV9QV9UQ9UV/UFw3E/aKh6IMD8EGR1ZkmYgg2FUOxmWgu5MVPsNZiOLYRbUU78bgYiSOwg2jtEsVToqMYg53E38RYfEZ0EeOxq3hOdBPdRQ/xvOgp2rheoreYjH1EXzEV+4n+YoB4SczAmuJ9nJ2zlnhVJIshYqh4TczH18Vw8YYYIUaKUeJNMVq8JcaIsWKcGC9SxAQxUbwtJol3xGTxrpgipopUMU1MF++JGWKmmCXeF7PFB2KOmCvmifkiTXwoFoiFIl18JBaJj0WGWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIT8RO8anYJXaLPeIzsVd8LvaJL8R+8aU4IL4SmeJrcVB8Iw6Jb8Vh8Z04Ir4XR8UxcVz8IE6IH8VJcUqcFmfEWfGTOCd+FueFFyBRCimlkoGMkTlkrMwpc8mrZG4ZXHx1r5Fx8lqZT14n88sCsqAsJONlYVlEammklSRDWVQWk1F5vSwub5AlZElZSpaWTpaRCfJGWVbeJMvJm2V5eYusIG+VFWUlWVlWkbfJqvJ2CZEL+6gha8pasra8SybB3bKuvEfWk/fK+vI+2UDeLxvKB2Qj+aBsLB+STeTDsql8RDaTzWUL2VK2ko/K1vIx2Ua2le3k47K9fEJ2kE/KRPmU7Cj9xbfIM7KLfFZ2lc/JbrK77CF/luell71kbwl9QPaVL8p+sr8cEAsA8mU5SL4iB8tXZbIcIofK1+Qw+bocLt+QI+RIOUq+KUfLt+QYOVaOk+NlipwgJ8q35ST5jpws35VT5FSZKqfJAXLgLzPNkvIf5r/9B/mDf9n7RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tzF1wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vvmFUKVVaOVVGJagb/yf5qri6QZVQJX+Tf6m+pD+pr5VqpVqr1qqNaqPaqXaqvWqvOqgOKlElqo6qo+qkOqnOqrPqorqorqqr6qa6qR6qh+qpeqpeqpdKUkmqr3pR9VP91QD1khqoXlaD1CA1WA1WySpZDVVD1TA1TA1Xw9UINUKNUqPUaDVajVFj1Dg1TqWoFDVRTVST1CQ1WU1WU9QUlapS1XQ1Xc1QM9QsNUvNVrPVHDVHzVPzVJpKUwvUApWu0tUitUhlqMVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpQm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVqTLVQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+ezLvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcF+QPCgQFg0JBfFA4KBLowAQ2EBebHg2uD4oHNwQlgpJBqaB04IIyQUJwY1A2uCkoF9wclA9uCSoEtwYVg0pB5aBKcFtQNbg9qBbcEVQP7gxqBDWDWkHt4K6gTnB3UDe4J6gX3BvUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjQPWgQtg1b/4vxZp/zl+b0/WeAx10v31km6j+6rX9T9dH89QL+kB+qX9SD9ih6sX9XJeogeql/Tw/Trerh+Q4/QI/Uo/aYerd/SY/RYPU6P1yl6gp6o39aT9Dt6sn5XT9FTdaqepqfr9/QMPVPP0u/r2foDPUfP1fP0fJ2mP9QL9EKdrj/Si/THOkMv1kv0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/Qneqf+VO/Su/Ue/Zneqz/X+/QXer/+Uh/QX+lM/bU+qL/Rh/S3+rD+Th/R3+uj+pg+rn/QJ/SP+qQ+pU/rM/qs/kmf0z/r89pnXdxnfb0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSafyWfym/ymoClo4k28KWKKmCxkyBQ1RU3URE1xU9yUMCVMKVPKOONMgkkwZU1ZU86UM+VNeVPBVDAVTUVT2VQ2t5nbzO3mdnOHucPcae40NU1NU9vUNnVMHVPX1DX1TD1T39Q3DUwD09A0NI1MI9PYNDZNTBPT1DQ1zUwz08K0MK1MK9PatDZtTBvTzrQz7U1708F0MIkm0XQ0HU0n08l0Np1NF9PFdDVdTTfTzfQwPUxP09P0Mr1MkkkyfU1f08/0MwPMADPQDDSDzCAz2Aw2ySbZDDVDzTAzzAw3w80IM9KMyrpQNW+ZMWasGWfGmxSTYiaaiWaSmWQmm8lmipliUk2qmW6mmxlmhpllZpnZZraZY+aYeWaeSTNpZoFZYNJNullkFpkMk2GWmCVmmVlmVpgVZpVZZdaYNWYdrDMbzAazyWwyW8wWs81sMzvMDrPT7DS7zC6zx+wxe81es8/sM/vNfnPAHDCZJtMcNAfNIXPIHDaHzRFzxBw1R81xc9ycMCfMSXPSnDanzVlT4OL3pTexNqfNZa+yue3VNo/Na/8+LmgL2Xhb2Bax2ua3BX4TG2ttCVvSlrKlrbNlbIK98XdxRVvJVrZV7G22qr3dVvtdXMfebevae2w9e6+tbe/6TVzf3mcb2IdtQ0QA29w2ti1tE/uwbWofsc1sc9vCtrTt7RO2g33SJtqnbEf79O/iBXahXWVX2zV2rd1ld9vT9ow9ZL+1Z+1PtpftbQfal+0g+4odbF+1yXbI7+JR9k072r5lx9ixdpwd/7t4ip1qU+00O92+Z2fYmb+L0+yHdrZNt3PsXDvPzv8lzqop3X5kF9mPbYYNYIldapfZ5XaFXXmpVp/Xrrcb7Ea7035qt9itdpvdbndcuhC2u+0e+5ndaz+3B+03dr/90h6wh22m/fqXOOv4Dtvv7BH7vT1qj9nj9gd7wv6oLmVnHfsP9md73noLhAQkSVFAMZSDYikn5aKrKDddTXkoL0XoGoqjaykfXUf5qQAVpEIUT4WpCGkyZIkopKJUjKJ0PV0qrxSVJkdlKIFupLJ0E5Wjm6k83UIV6FaqSJWoMlWh26gq3U7V6A6qTndSDapJtag23UV16G6qS/dQPbqX6tN91IDup4b0ADWiB6kxPURN6GFqSo9QM2pOLagltaJHqTU9Rm2oLbWjx6k9PUEd6ElKpKeoIz1Nnehv1JmeoS70LHWl56gbdace9Dz1pBeoF/WmJOpDfelF6kf9aQC9RAPpZRpEr9BgepWSaQgNpddoGL1Ow+kNGkEjaRS9SaPpLRpDY2kcjacUmkAT6W2aRO/QZHqXptBUSqVpNJ3eoxk0k2bR+zSbPqA5NJfm0XxKow9pAS2kdPqIFtHHlEGLaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtAntJM+pV20m/bQZ7SXPqd99AXtpy/pAH1FmfQ1HaRv6BB9S4fpO9+bvqejdIyO0w90gn6kk3SKTtMZOks/0Tn6mc6TJwgxFKEMVRiEMWGOMDbMGeYKrwpzh1eHecK8YSS8JowLrw3zhdeF+cMCYcGwUBgfFg6LhDo0oQ0pDMOiYbEwGl4fFg9vCEuEJcNSYenQhWXChPDGsGx4U1guvDksH94SVghvDSuGlcKH760S3hZWDW8Pq4V3hNXDO8MaYc2wVlg7vCusE94d1g3vCeuF94blwvvCBuH9YcPwgbBR+GDYOHwobBI+HDYNHwmbhc3DFmHLsFX4aNg6fCxsE7YN24WPh+3DJ8IO4ZNhYvhU2DF8+pf19y388/VJYZ+wb/hi+GLo/T1yXnR+NC36YXRBdGE0PfpRdFH042hGdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3Rj1PvaOcChE0465QIX43K4WJfT5XJXudzuapfH5XURd42Lc9e6fO46l98VcAVdIRfvCrsiTjvjrCMXuqKumIu6611xd4Mr4Uq6Uq60c66MS3AtXSvXyrV2j7k2rq1r5x53j7sn3BPuSfeke8p1dE+7Tu5vrrN7xnVxz7pn3XOum+vuerjnXU83Ic+FczLJ9XV9XT/Xzw1wA9xAN9ANcoPcYDfYJbtkN9QNdcPcMDfcDXcj3Ag3yo1yo91oN8aNcePcOJfiUtxEN9FNcpPcZDfZTXFTXKpLddPddDfDzXBVZ17Yyxw3x81z81yaS3MLXNY1Y7pb5Ba5DJfhlrglbplb5la4FW6VW+XWuDVunVvnNrgNbpPb5La4LW6b2+Z2uB1up9vpdvm8FyZ1e90+t8/td/vdAfeVy3Rfu4PuG3fIfesOu+/cEfe9O+qOuePuB3fC/ehOulPutDvjzrqf3Dn3szvvvEuJTIhMjLwdmRR5JzI58m5kSmRqJDUyLTI98l5kRmRmZFbk/cjsyAeROZG5kXmR+ZG0yIeRBZGFkfTIR5FFkY8jGZHFkSWRpZFlkeUR7wtvCX1RX8xH/fW+uL/Bl/AlfSlf2jtfxif4G31Zf5Mv52/25f0tvoK/1Vf0lXxl/4hv5pv7Fr6lb+Uf9a39Y76Nb+vb+cd9e/+E7+Cf9In+Kd/RP+07+b/5zv4Z38U/67v653w339338M/7nv4F38v39km+j+/rX/T9fH8/wL/kB/qX/SD/ih/sX/XJfogf6l/zw/zrfrh/w4/wI/2omDf96Eu3yDDep/gJfqJ/20/y7/jJ/l0/xU/1qX6an+7f8zP8TD/Lv+9n+w/8HD/Xz/PzfZr/0C/wC326/8gv8h/7DL/40kNlv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8dr/Df+J3+k/9Lr/b7/Gf+b3+c7/Pf+H3+y/9Af+Vz/Rf+4P+G3/If+sP++/8Ef+9P+qP+eP+B3/C/+hP+lP+tD/jz/qf/Dn/sz/P/2eNMcYYY+yfMuHyUPx2zYXH+X3+IEf8auO+AHD11kKZv16fdUW5Lv+FcX8R3z4CAE/17vrgpaVGjaSkpIvbZkgIis0FuPQ3QVli4HK8GNrBE5AIbaHsH9bfX3Q/S/9g/ugtALl+lRMLl+PL838BgEl/MP+jj49aUCE8HfffzD8XoESxyzk54XK8GNr98nylLZT7k/oLtP6T+vHi/Dm/TAFo86uc3HA5vlx/AjwGT0Pib7ZkjDHGGGOMMcYu6C8qd750/3npX3z+0f15vLqckwMux//o/pwxxhhjjDHGGGNX3jPdezz5aGJi287/80G1/1XWPz1oCv9XM/PgDwfeA1z6iQKAf3FCgKyB/CuPYvNfsq/ki6fO369adsYH8J/Ryn/H4Ap/MDHGGGOMMcb+7S5f9P/25+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVDf8WvE7vSx8gYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xdaf8VAAD//3aq+3A=") mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) 8m21.373039043s ago: executing program 0 (id=3788): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000001240)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}], [{@fowner_eq}, {@hash}, {@permit_directio}, {@subj_type={'subj_type', 0x3d, '/)/-:$//('}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ") renameat2(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x4) 8m20.872463792s ago: executing program 0 (id=3793): r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000100), 0x103902, 0x0) sendfile(r0, r0, 0x0, 0x20004) 8m20.23245717s ago: executing program 33 (id=3793): r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000100), 0x103902, 0x0) sendfile(r0, r0, 0x0, 0x20004) 1.2018003s ago: executing program 2 (id=10601): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, 0x0, 0x0) 1.102992836s ago: executing program 4 (id=10602): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0xe, 0x0, &(0x7f0000000080)="c1dfb080cd21d308098e00008100", 0x0, 0x8006, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.067622968s ago: executing program 3 (id=10603): r0 = socket$l2tp6(0xa, 0x2, 0x73) connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0xce26, @mcast1, 0x7, 0x1}, 0x20) 1.062355099s ago: executing program 2 (id=10604): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x40083, 0x1}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_6RD_RELAY_PREFIX={0x8}, @IFLA_IPTUN_6RD_PREFIXLEN={0x6, 0xd, 0x9}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast1}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x24008080}, 0x4040) 1.008193891s ago: executing program 5 (id=10605): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x14, 0x14, 0x1, 0x70bd2c, 0x25dfdbfc, {0x11, 0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x20040000) 896.549178ms ago: executing program 5 (id=10606): r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8927, &(0x7f0000000040)={'vxcan1\x00'}) 852.277171ms ago: executing program 3 (id=10607): syz_mount_image$minix(&(0x7f0000000180), &(0x7f0000000000)='./file2\x00', 0x2200050, &(0x7f0000000200)=ANY=[], 0x1, 0x1c6, &(0x7f00000024c0)="$eJzs282u0kAYxvGnlJ7i8fitG1cmLnTjQY9u3MkFeAPuCFRCLGrEDcRovBTvhDvxBiDRnStr+gEBMsCUgkX5/5JzeMP0mRmStsyEVACO1vXkvyNHXlJFUfTlnqRXLyVVDQHnL08QwN5E+h0BOFbuj7JnAKAck4abrANGjvT956fWOPvzLNcPk0YlLWqS5vIntvmv6YbiblUaz+X9rMuN65dvaf6BFvOXco5/upQ/3ZCbboMmdT95fXh/MX9Z0pmkK5KuSrqW7bVuSLppGL+9NP4dy/kDRcRn33nRfIEO4rvH624YPDY1upvzXpZ/Ym6eu4WMjAecZPkLy/muyj/dMu9n+fPWu7BtaK9s2S9go1Ly9e9Kv6Ll6/+Ffb66/voHsEZ/MHzTDMPgQ47CSwo/6yFHPD4851gUZRQ1Q5Nnd7Z8PktPiwP4FOYiXlTO3om/vmZN05+7yp7h6kI2M6ztdiwA/6v6x977en8wfNTtNTtBJ3h78ez5dNud7Mv9kicIYG8WF+cAAAAAAAAAAAAAAOBfdEvS7fwxR7YP+AEAAAA4GLt9PsmTZH7sDwAAAAAAAAAAAAAAAAAAAEBxfwIAAP//uA03tQ==") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x206803, 0x10) 840.676721ms ago: executing program 4 (id=10608): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, 0x0, 0x42024, 0x8d85}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_ERSPAN_DIR={0x5}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c014}, 0x4) 752.251617ms ago: executing program 2 (id=10609): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x99) 751.608127ms ago: executing program 5 (id=10610): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0000000206050000000000000000000700000014000780080008400000009808000640200000000500010006000000050005000200000005000400000000000900020073797a310000000010000300686173683a69702c6d6163"], 0x5c}}, 0x20000000) 690.83745ms ago: executing program 4 (id=10611): r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x10, 0x10b, 0xffff}, {0x10, 0x110, 0xd}], 0x20}, 0x44000) 646.192173ms ago: executing program 3 (id=10612): r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000600)=@multiplanar_userptr={0x101, 0x8, 0x4, 0x400, 0x3, {}, {0x5, 0xc, 0x4, 0xb, 0xb, 0x4, "95bf173d"}, 0x5, 0x2, {0x0}, 0x80000000}) 520.00707ms ago: executing program 2 (id=10613): r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xd, 0x101301) ioctl$USBDEVFS_RELEASE_PORT(r0, 0x80045519, &(0x7f0000000000)=0x7) 519.44524ms ago: executing program 5 (id=10614): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000f40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2b) 405.136907ms ago: executing program 3 (id=10615): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x303, 0xfff, 0x0, 0x400, 0x0}) 404.772587ms ago: executing program 4 (id=10616): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000f00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x50) 404.262677ms ago: executing program 5 (id=10617): r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$CAPI_MANUFACTURER_CMD(r0, 0xc0104320, &(0x7f0000001040)={0xa, &(0x7f0000000040)}) 358.6185ms ago: executing program 2 (id=10618): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x356, 0x3f, 0x6, 0x1, 0x0, 0x0, {}, {0x7, 0x0, 0x1}, {0x0, 0x4}, {0xffffffff}, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x2000, 0x0, 0x6, 0x3fff, 0x0, 0xfffffffc, 0x0, 0x4, 0x0, 0x2, 0x2}) 263.571265ms ago: executing program 3 (id=10619): r0 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000140)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x1000, 0x3a, '\x94l\\\xec\xd1\xcb\x9a}\xab7\x1f\xde\xb5\x83>\fG\\x00', 0x3a, '/dev\x14bus/usb/00#/00#\x00', 0x3a, './file0'}, 0x51) 234.815777ms ago: executing program 5 (id=10620): syz_mount_image$hfs(&(0x7f00000007c0), &(0x7f0000000000)='./file1\x00', 0x30008c0, &(0x7f0000000040)=ANY=[@ANYBLOB="66696c655f756d61736b3d30303030303030303030303030303030303030373737372c6469725f756d61736b3d30303030303030303030303030303030303030303030302c696f636861727365743d69736f383835392d362c636f6465706167653d63703835352c63726561746f723d4ddd71752c00eeabc72a9832436950c6116498dda8be60a94746ea68766f63d1d63944fbda2a9337439b37b6f2a694ba98f40070d09c3890bd28a2018f1adfe1e0a630020a9cac1a43800a70a9328ddb2a2f2e207da7cd3caf243b39eaff4966b7aa97cb6cc7d2cfc59e7a976de0a00d23c7ffaaa056cc4f8bc7b4c0f9a21db642b3e832e30a90ba1b9e7933b77c60f6a1b9ca9128f0a2d0e23373c9d15c79865bae97ddd82b98001b6aa9c5390e4deaf5f0ee492c6842b1c08486e479a889491459a257e9d4083634dac6cd58520f72e6c2f11bbd5b03655bb1863b16f3", @ANYBLOB="11f4579be01e435c584a33c63f8173f96bc4546035804d47be19163bd9e589bfdd0a9e6804495a4e4d83804e78ac5a72446295afd79de3fd6a02932a26ab4045133c371e56b0d48544db3c7db23a432f837b93f89b6f223cd1f6731d407ffdcedd9467f5cd2d6c4e8b3043614238ac91501a4bb780c4723929e22f55254546facc4f0284e644e6", @ANYRES8, @ANYRESDEC=0x0], 0x11, 0x31b, &(0x7f0000000240)="$eJzs3T1rFE8cB/Dv7F5yl3+O/FcTESxEogHTiMZGbE7CvQgrUXMXCC4naoIPCEaxEjG9vaWtr0FsFME6VlZiYRULGZmHvX3e2+jt3UW/H/DY3dmZ/e3NzlMwWRDRP2u1vfvq/Bf1TwAuXODZRcAB0ABqAI7gaGOrt7mx6Xc7RQW5OF43uQRMTpE6Z63XzcragM1heWqvhmb0GFVDSnnp87iDoLHTrV+6we6M/jyhe4K6bZ06sTHGGLM83n+Wb+rmtqsIZqIU15TYwx7uNZsjC4eIiCaSMOO7Y8f5pp2/Ow6wZAcTlTZx4//v2ht3AJWThalm/MdcsPKSQtX7/zopXO/pJZxKd4JVYlZZrxP7U4n9aZinx40FMGhVqWNxZtY3/O6ZtZt+x8ETtKzIaQv6s2MfTysWbT1V9GLG2rRAv7SZ3FNE9oxyVt/DlLqHFRP/XQCx+OcLr1gB8U58EFeEh5fo6PpXalKoatI15SVqysR/Nr9EfZeeOgu222i1Wk7slEP6IsfsFawBd9mIhxE1bcuM/YDAGxSnznU4kcvc3bkBueYzc63o7WU4ObkWYrnU3axv+G/zLzUS4oW4LBbxFW/Q7te/aj6u6eqTLTPy0IetRiyZoUB/46p1xms2orZkeyI9cmx92n1ojqebS/9bTDdY60dxn0b78BzXcQFzd+4/uOH6fve22rjmq8dVb/SP3GraDb879RSIJk3KBrbDI3VILXVyMCiNMrDloRao+o+MJNWwet+DI6qVDSrw0Z/Go/qBSr+62RJ3sb+NoOsaToHt98N5kIJpQyzpp5RyhI1ox07Ykklj65lohMJKL3d+xlSHDjZVpcKs/8L1Ss1M9tSHlzlPL/mDAFuiVHPs/gouzCvNjBzAfwUruKxic1dw6TVXas2o11wnTwOnyl/Rs3H+JUQbH3E1Mv8nIiIiIiIiIiIiIiIiIiIiIiIiIqIDodpfMKih/P8sJyIiIiIiIiIiIiIiIiIiIiIiIiIiIiKiPKsNmL97jeD9vyj3/t/kq1hc8yfBh/L+350e+P5four9CgAA//8sNHMW") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x20020c0, 0x0, 0x1, 0x0, &(0x7f0000001a00)) 234.521167ms ago: executing program 4 (id=10621): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_int(r0, 0x6, 0x24, &(0x7f0000000c00), &(0x7f0000002000)=0x2) 196.223259ms ago: executing program 2 (id=10622): syz_mount_image$msdos(&(0x7f00000011c0), &(0x7f0000001200)='./file0\x00', 0x2000010, &(0x7f0000000340)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303035353135342c00c332850ede7d9c989296c94482f69c40d45b67c39e83f6f5a7b8bfed661b7e13e5e5790e180052992d23d2799d11518690c0cb7d0607dd72c144a037000000"], 0x1, 0x11aa, &(0x7f0000001240)="$eJzs201LfFUcB/DfXy1tTLMnSzcdalObS7poEW0kFMKBQp1Ag+CKYw0zzQxzZzETLVy36nVEy3ZB9QZ8F+0kiNq46sY4pim2sAcH6vPZ3C9874FzuHDgXO49e+uLT5rHRXac92Pq0aOY6kak8xQppuJ3J/Had2/+8vnu/sH2RrW6uZPS1sbe2hsppcWXvv3gs69e/r4///7Xi9/MxunSh2c/rf9wuny6cvbr3seNIjWK1O70U54OO51+ftiqp6NG0cxSeq9Vz4t6arSLeu9Gf9zqdLvDlLePFirdXr0oUt4epmZ9mPqd1O8NU/5R3minLMvSQiX4O2pfnpdlGVGWj8XjUZZl+URUYj6ejIVYjKdiKZ6OZ+LZeC6ej+WYvhw1GgEAAAAAAAAAAAAAAAAAAAD8c+7z//8L8WKsXNw16VkDAAAAAAAAAAAAAAAAAADAf8vu/sH2RrW6uZPSXMSPJ4PaoDa+jvutd6qbr6cLS9ejfh4MatNX/dq4Tzf72ahc9ut39nPx6ivjftS9/W71Vr8aR//+8gEAAOB/IUtX7jzfZ9mf9eP0h/cDt87vM7E682DL4C8qhp8281ar3hMEQWiNNu1RmPTOxEO4fvqTngkAAAAAAAAAAAD38RDfFU56jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAb+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+CoAAP//IvZ0LA==") unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200) 70.974126ms ago: executing program 3 (id=10623): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x7, 0x4, 0x3e0, 0x210, 0x210, 0x110, 0x110, 0x2f8, 0x2f8, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="18357951fb1e", @mac=@multicast, @loopback, @rand_addr=0x64010102, 0x1, 0xffffffff}}}, {{@arp={@empty, @private=0xa010100, 0xff, 0xffffff00, 0xc, 0xb, {@empty, {[0xff, 0x0, 0xff, 0xff, 0x0, 0xbe9240b8a223bba0]}}, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x2, 0x6, 0x23b0, 0x9dd7, 0x80, 0x9, 'veth1_vlan\x00', 'macvtap0\x00', {0xff}, {}, 0x0, 0x12}, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "716ebd2e1aa0cc683e62f312359594df00da56317f76121697127951fdba"}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0xfffe}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x430) 0s ago: executing program 4 (id=10624): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000500)="7c5331fc9356b5b1000600008100", 0x0, 0xd5a2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x31) kernel console output (not intermixed with test programs): 3 while decompressing! [ 866.303607][T26630] cramfs: ffffffff973f439c(16)->ffff888052a43000(4096) [ 866.323413][T26630] cramfs: Error -3 while decompressing! [ 866.329001][T26630] cramfs: ffffffff973f4368(26)->ffff88805289c000(4096) [ 866.350863][ T6010] udevd[6010]: incorrect cramfs checksum on /dev/loop3 [ 866.426493][ T6010] udevd[6010]: incorrect cramfs checksum on /dev/loop3 [ 866.492211][ T5837] usb 3-1: Using ep0 maxpacket: 16 [ 866.498535][T26636] netlink: 32 bytes leftover after parsing attributes in process `syz.4.9016'. [ 866.531187][ T5837] usb 3-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 866.551556][ T5837] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 866.581222][ T5837] usb 3-1: Product: syz [ 866.590748][ T5837] usb 3-1: Manufacturer: syz [ 866.595394][ T5837] usb 3-1: SerialNumber: syz [ 866.622034][ T5837] usb 3-1: config 0 descriptor?? [ 866.839999][ T5837] speedtch 3-1:0.0: speedtch_bind: wrong device class 68 [ 866.861266][ T5837] speedtch 3-1:0.0: usbatm_usb_probe: bind failed: -19! [ 867.092547][ T5856] usb 3-1: USB disconnect, device number 84 [ 867.338062][T26665] loop3: detected capacity change from 0 to 64 [ 867.426265][T26667] loop4: detected capacity change from 0 to 512 [ 867.459163][T26667] EXT4-fs: Ignoring removed nomblk_io_submit option [ 867.505216][T26667] EXT4-fs: Ignoring removed bh option [ 867.544279][T26667] EXT4-fs error (device loop4): mb_free_blocks:1954: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 867.613512][T26675] dlm: plock device version mismatch: kernel (1.2.0), user (1.8192.0) [ 867.668047][T26673] netlink: 36 bytes leftover after parsing attributes in process `syz.5.9033'. [ 867.679371][T26667] EXT4-fs error (device loop4): ext4_do_update_inode:5248: inode #11: comm syz.4.9032: corrupted inode contents [ 867.740009][T26667] EXT4-fs error (device loop4): ext4_dirty_inode:6124: inode #11: comm syz.4.9032: mark_inode_dirty error [ 867.789852][T26667] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.9032: invalid indirect mapped block 1 (level 1) [ 867.853704][T26667] EXT4-fs error (device loop4): ext4_do_update_inode:5248: inode #11: comm syz.4.9032: corrupted inode contents [ 867.904393][T26667] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 867.971100][T26667] EXT4-fs error (device loop4): ext4_do_update_inode:5248: inode #11: comm syz.4.9032: corrupted inode contents [ 868.024972][T26667] EXT4-fs error (device loop4): ext4_truncate:4294: inode #11: comm syz.4.9032: mark_inode_dirty error [ 868.071280][T26667] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 868.102040][T26688] loop5: detected capacity change from 0 to 1764 [ 868.111057][T26667] EXT4-fs (loop4): 1 truncate cleaned up [ 868.118132][T26667] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 868.180038][T26667] EXT4-fs error (device loop4): ext4_find_dest_de:2115: inode #2: block 13: comm syz.4.9032: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0 [ 868.203876][T26691] comedi comedi0: dt2815: I/O port conflict (0x3,2) [ 868.305811][T13909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 868.444289][T26689] loop2: detected capacity change from 0 to 4096 [ 868.494386][T26689] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 868.526255][T26697] loop5: detected capacity change from 0 to 128 [ 868.566338][T26697] VFS: Found a Xenix FS (block size = 1024) on device loop5 [ 868.741399][T14925] sysv_free_block: flc_count > flc_size [ 868.764500][T14925] sysv_free_block: flc_count > flc_size [ 868.771500][T14925] sysv_free_block: flc_count > flc_size [ 868.790668][T14925] sysv_free_block: flc_count > flc_size [ 868.796350][T14925] sysv_free_block: flc_count > flc_size [ 868.810845][T14925] sysv_free_block: flc_count > flc_size [ 868.826856][T14925] sysv_free_block: flc_count > flc_size [ 868.847108][T14925] sysv_free_block: flc_count > flc_size [ 868.867559][T14925] sysv_free_block: flc_count > flc_size [ 868.877709][T14925] sysv_free_block: flc_count > flc_size [ 868.911111][T14925] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 869.415268][T26718] loop5: detected capacity change from 0 to 4096 [ 869.436843][T26718] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 869.654563][T26718] ntfs3: loop5: failed to convert "c46c" to cp775 [ 869.666668][T26700] loop3: detected capacity change from 0 to 32768 [ 869.778943][T26700] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 869.990816][T26700] XFS (loop3): Ending clean mount [ 870.026707][T26700] XFS (loop3): Quotacheck needed: Please wait. [ 870.133371][T26700] XFS (loop3): Quotacheck: Done. [ 870.246244][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.266763][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.309373][ T5772] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 870.354765][T26748] loop2: detected capacity change from 0 to 1024 [ 870.891952][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 870.891967][ T28] audit: type=1326 audit(2000000361.341:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26755 comm="syz.2.9073" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efe4b19bf79 code=0x0 [ 870.964311][T26734] loop4: detected capacity change from 0 to 40427 [ 871.035812][T26734] F2FS-fs (loop4): invalid crc value [ 871.160809][T26766] usb usb8: usbfs: process 26766 (syz.2.9075) did not claim interface 0 before use [ 871.291167][T26734] F2FS-fs (loop4): Start checkpoint disabled! [ 871.342681][T26734] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 871.503729][T26734] F2FS-fs (loop4): disabling checkpoint not compatible with read-only [ 871.655029][T26781] loop2: detected capacity change from 0 to 256 [ 871.735157][T26785] loop3: detected capacity change from 0 to 256 [ 871.754661][T26784] loop5: detected capacity change from 0 to 128 [ 871.787940][T26781] FAT-fs (loop2): Directory bread(block 64) failed [ 871.803944][T26785] FAT-fs (loop3): Directory bread(block 64) failed [ 871.829233][T26784] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256 [ 871.829271][T26781] FAT-fs (loop2): Directory bread(block 65) failed [ 871.847949][T26785] FAT-fs (loop3): Directory bread(block 65) failed [ 871.870759][T26785] FAT-fs (loop3): Directory bread(block 66) failed [ 871.877352][T26785] FAT-fs (loop3): Directory bread(block 67) failed [ 871.908652][T26781] FAT-fs (loop2): Directory bread(block 66) failed [ 871.918834][T26785] FAT-fs (loop3): Directory bread(block 68) failed [ 871.928840][T26781] FAT-fs (loop2): Directory bread(block 67) failed [ 871.937637][T26784] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 871.949209][T26785] FAT-fs (loop3): Directory bread(block 69) failed [ 871.959594][T26781] FAT-fs (loop2): Directory bread(block 68) failed [ 871.979696][T26785] FAT-fs (loop3): Directory bread(block 70) failed [ 871.986725][T26781] FAT-fs (loop2): Directory bread(block 69) failed [ 872.001050][T26785] FAT-fs (loop3): Directory bread(block 71) failed [ 872.007810][T26781] FAT-fs (loop2): Directory bread(block 70) failed [ 872.029484][T26785] FAT-fs (loop3): Directory bread(block 72) failed [ 872.049614][T26781] FAT-fs (loop2): Directory bread(block 71) failed [ 872.066450][T26785] FAT-fs (loop3): Directory bread(block 73) failed [ 872.079698][T26781] FAT-fs (loop2): Directory bread(block 72) failed [ 872.094145][T26781] FAT-fs (loop2): Directory bread(block 73) failed [ 872.942166][T26809] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9096'. [ 873.149391][T26818] loop3: detected capacity change from 0 to 1024 [ 873.151873][T26822] netlink: 24 bytes leftover after parsing attributes in process `syz.5.9101'. [ 873.158318][T26821] loop4: detected capacity change from 0 to 512 [ 873.183165][T26818] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 873.205509][T26821] EXT4-fs warning (device loop4): dx_probe:893: inode #2: comm syz.4.9102: dx entry: limit 0 != root limit 125 [ 873.238987][T26821] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.9102: Corrupt directory, running e2fsck is recommended [ 873.258355][T26818] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 873.282924][T26827] loop2: detected capacity change from 0 to 64 [ 873.300141][T26821] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 873.304891][T26818] EXT4-fs (loop3): orphan cleanup on readonly fs [ 873.315663][T26818] EXT4-fs error (device loop3): ext4_free_blocks:6692: comm syz.3.9100: Freeing blocks not in datazone - block = 0, count = 4096 [ 873.344062][T26821] EXT4-fs error (device loop4): ext4_iget_extra_inode:4732: inode #15: comm syz.4.9102: corrupted in-inode xattr: invalid ea_ino [ 873.386151][T26818] EXT4-fs (loop3): 1 orphan inode deleted [ 873.426204][T26829] VFS: Found a Xenix FS (block size = 1024) on device loop5 [ 873.434707][T26818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 873.482001][T26821] EXT4-fs (loop4): Remounting filesystem read-only [ 873.521351][T14925] sysv_free_block: flc_count > flc_size [ 873.531673][T26821] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 873.556750][T14925] sysv_free_block: flc_count > flc_size [ 873.571501][T14925] sysv_free_block: flc_count > flc_size [ 873.587000][T14925] sysv_free_block: flc_count > flc_size [ 873.605178][T14925] sysv_free_block: flc_count > flc_size [ 873.616106][T14925] sysv_free_block: flc_count > flc_size [ 873.647970][T14925] sysv_free_block: flc_count > flc_size [ 873.657634][T26821] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000. [ 873.670671][T14925] sysv_free_block: flc_count > flc_size [ 873.676308][T14925] sysv_free_block: flc_count > flc_size [ 873.697142][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 873.698916][T14925] sysv_free_block: flc_count > flc_size [ 873.736912][T14925] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 873.743964][T26831] bridge0: port 4(netdevsim2) entered blocking state [ 873.780002][T13909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 873.800451][T26831] bridge0: port 4(netdevsim2) entered disabled state [ 873.838493][T26831] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 873.888409][T26833] netlink: 'syz.3.9107': attribute type 1 has an invalid length. [ 873.891761][T26831] netdevsim netdevsim2 netdevsim2: entered promiscuous mode [ 873.919445][T26831] bridge0: port 4(netdevsim2) entered blocking state [ 873.926352][T26831] bridge0: port 4(netdevsim2) entered forwarding state [ 873.951772][T26835] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9105'. [ 873.980968][T26835] netdevsim netdevsim5 netdevsim0: entered allmulticast mode [ 874.216023][T26840] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 874.290883][T26840] ext4 filesystem being mounted at /1385/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 874.430742][ T5856] usb 3-1: new high-speed USB device number 85 using dummy_hcd [ 874.452744][T13909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 874.475302][ T28] audit: type=1326 audit(2000000364.921:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26852 comm="syz.5.9114" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x0 [ 874.619147][T26856] netlink: 'syz.4.9116': attribute type 2 has an invalid length. [ 874.621404][ T5856] usb 3-1: Using ep0 maxpacket: 32 [ 874.649081][T26856] netlink: 'syz.4.9116': attribute type 3 has an invalid length. [ 874.659611][ T5856] usb 3-1: config 0 has an invalid interface number: 244 but max is 0 [ 874.670727][ T5856] usb 3-1: config 0 has no interface number 0 [ 874.676969][T26856] netlink: 132 bytes leftover after parsing attributes in process `syz.4.9116'. [ 874.679368][ T5856] usb 3-1: config 0 interface 244 has no altsetting 0 [ 874.715171][ T5856] usb 3-1: New USB device found, idVendor=0e41, idProduct=4750, bcdDevice=26.9c [ 874.730867][ T5856] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 874.748954][ T5856] usb 3-1: Product: syz [ 874.760661][ T5856] usb 3-1: Manufacturer: syz [ 874.777606][ T5856] usb 3-1: SerialNumber: syz [ 874.812282][ T5856] usb 3-1: config 0 descriptor?? [ 874.843408][ T5856] snd_usb_toneport 3-1:0.244: Line 6 GuitarPort found [ 875.066531][ T5856] snd_usb_toneport 3-1:0.244: cannot get proper max packet size [ 875.115561][ T5856] snd_usb_toneport 3-1:0.244: Line 6 GuitarPort now disconnected [ 875.137789][ T5856] snd_usb_toneport: probe of 3-1:0.244 failed with error -22 [ 875.191349][T26870] netlink: 128 bytes leftover after parsing attributes in process `syz.5.9123'. [ 875.205948][T26870] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9123'. [ 875.286051][ T5837] usb 3-1: USB disconnect, device number 85 [ 875.309835][T26853] set_capacity_and_notify: 2 callbacks suppressed [ 875.309850][T26853] loop3: detected capacity change from 0 to 32768 [ 875.370137][T26853] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 875.400725][ T5834] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 875.447956][T26853] XFS (loop3): Ending clean mount [ 875.502986][ T5772] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 875.630832][ T5834] usb 5-1: Using ep0 maxpacket: 8 [ 875.639199][ T5834] usb 5-1: unable to get BOS descriptor or descriptor too short [ 875.651309][ T5834] usb 5-1: config 1 has an invalid interface number: 6 but max is 2 [ 875.660669][ T5834] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 875.669441][ T5834] usb 5-1: config 1 has 4 interfaces, different from the descriptor's value: 3 [ 875.734275][ T5834] usb 5-1: config 1 has no interface number 3 [ 875.740493][ T5834] usb 5-1: too many endpoints for config 1 interface 6 altsetting 29: 147, using maximum allowed: 30 [ 875.794180][ T5834] usb 5-1: config 1 interface 6 altsetting 29 has an invalid endpoint descriptor of length 4, skipping [ 875.841523][ T5834] usb 5-1: config 1 interface 6 altsetting 29 has 1 endpoint descriptor, different from the interface descriptor's value: 147 [ 875.885321][ T5834] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 202, changing to 7 [ 875.916572][ T5834] usb 5-1: config 1 interface 6 has no altsetting 0 [ 875.943818][ T5834] usb 5-1: config 1 interface 1 has no altsetting 0 [ 875.985730][ T5834] usb 5-1: string descriptor 0 read error: -22 [ 875.992381][ T5834] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 876.016047][ T5834] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 876.067513][ T5834] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor [ 876.093713][ T5834] usb 5-1: 2:1: invalid format type 0x1001 is detected, processed as PCM [ 876.120854][ T5834] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 876.282773][T26893] loop2: detected capacity change from 0 to 16 [ 876.319990][T26893] erofs: (device loop2): mounted with root inode @ nid 36. [ 876.595150][ T5856] usb 5-1: USB disconnect, device number 23 [ 876.766842][T26885] loop3: detected capacity change from 0 to 32768 [ 876.818136][T26885] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 877.081192][T26885] XFS (loop3): Ending clean mount [ 877.357822][ T5772] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 877.486109][T26927] loop2: detected capacity change from 0 to 512 [ 877.518452][T26927] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 877.597401][T26927] EXT4-fs (loop2): 1 truncate cleaned up [ 877.662657][T26927] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 877.900915][ T28] audit: type=1326 audit(2000000368.331:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26935 comm="syz.3.9145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 877.944632][T26933] bond1: entered allmulticast mode [ 877.970429][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 877.990095][ T28] audit: type=1326 audit(2000000368.331:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26935 comm="syz.3.9145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 878.100178][ T28] audit: type=1326 audit(2000000368.341:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26935 comm="syz.3.9145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 878.184954][ T28] audit: type=1326 audit(2000000368.341:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26935 comm="syz.3.9145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 878.268201][ T28] audit: type=1326 audit(2000000368.341:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26935 comm="syz.3.9145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 878.347453][ T28] audit: type=1326 audit(2000000368.341:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26935 comm="syz.3.9145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 878.464616][ T28] audit: type=1326 audit(2000000368.341:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26935 comm="syz.3.9145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 878.471209][T26947] netlink: 64985 bytes leftover after parsing attributes in process `syz.4.9150'. [ 878.532346][T26949] loop3: detected capacity change from 0 to 128 [ 878.553479][ T28] audit: type=1326 audit(2000000368.341:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26935 comm="syz.3.9145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 878.652096][T26949] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 878.668114][T26956] netlink: 20 bytes leftover after parsing attributes in process `syz.4.9154'. [ 878.678168][T26949] ext4 filesystem being mounted at /2283/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 878.688518][ T28] audit: type=1326 audit(2000000368.341:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26935 comm="syz.3.9145" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 878.913320][ T5772] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 878.950775][ T28] audit: type=1326 audit(2000000369.391:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26961 comm="syz.5.9157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 879.134981][T26968] netlink: 132 bytes leftover after parsing attributes in process `syz.2.9162'. [ 879.204452][T26970] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9161'. [ 879.417600][T26978] loop5: detected capacity change from 0 to 1024 [ 879.551113][ T5776] usb 3-1: new high-speed USB device number 86 using dummy_hcd [ 879.569510][T16675] hfsplus: b-tree write err: -5, ino 4 [ 879.760896][ T5776] usb 3-1: Using ep0 maxpacket: 16 [ 879.776850][ T5776] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=81.0c [ 879.807930][ T5776] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 879.826497][ T5776] usb 3-1: Product: syz [ 879.840526][ T5776] usb 3-1: Manufacturer: syz [ 879.856912][ T5776] usb 3-1: SerialNumber: syz [ 879.873066][ T5776] r8152-cfgselector 3-1: config 0 descriptor?? [ 879.996948][T26994] loop3: detected capacity change from 0 to 1024 [ 880.331121][ T5776] r8152-cfgselector 3-1: Unknown version 0x0000 [ 880.351184][ T5776] r8152-cfgselector 3-1: USB disconnect, device number 86 [ 880.633331][T26984] loop4: detected capacity change from 0 to 40427 [ 880.659534][T26984] F2FS-fs (loop4): invalid crc value [ 880.685724][T26984] F2FS-fs (loop4): Found nat_bits in checkpoint [ 880.850954][T26984] F2FS-fs (loop4): Start checkpoint disabled! [ 880.922222][T26984] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 880.940682][T27011] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 0 [ 881.622806][T27028] netlink: 'syz.5.9189': attribute type 27 has an invalid length. [ 881.652975][T27028] netlink: 'syz.5.9189': attribute type 3 has an invalid length. [ 881.670693][T27028] netlink: 132 bytes leftover after parsing attributes in process `syz.5.9189'. [ 881.730853][T27030] netlink: 'syz.3.9190': attribute type 1 has an invalid length. [ 882.398631][T27060] loop5: detected capacity change from 0 to 256 [ 882.497870][T27066] netlink: 'syz.2.9205': attribute type 3 has an invalid length. [ 882.682935][T27065] bond3: entered allmulticast mode [ 883.138602][T27089] netlink: 666 bytes leftover after parsing attributes in process `syz.5.9218'. [ 883.170902][ T5837] usb 4-1: new high-speed USB device number 85 using dummy_hcd [ 883.180853][ T27] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 883.330863][T27093] loop5: detected capacity change from 0 to 16 [ 883.354165][T27093] erofs: (device loop5): mounted with root inode @ nid 36. [ 883.373371][ T5837] usb 4-1: Using ep0 maxpacket: 8 [ 883.387046][ T27] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 883.405590][ T27] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 883.414933][ T5837] usb 4-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76 [ 883.426122][T27093] syz.5.9220: attempt to access beyond end of device [ 883.426122][T27093] loop5: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 883.442456][ T5837] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 883.451839][ T27] usb 5-1: config 0 descriptor?? [ 883.465241][ T5837] usb 4-1: Product: syz [ 883.472546][ T27] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 883.474476][T27093] syz.5.9220: attempt to access beyond end of device [ 883.474476][T27093] loop5: rw=0, sector=1342177272, nr_sectors = 32 limit=16 [ 883.490291][ T5837] usb 4-1: Manufacturer: syz [ 883.497702][ T5837] usb 4-1: SerialNumber: syz [ 883.510455][ T5837] usb 4-1: config 0 descriptor?? [ 883.519552][ T28] kauditd_printk_skb: 8 callbacks suppressed [ 883.519564][ T28] audit: type=1800 audit(2000000373.971:324): pid=27093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.9220" name="file1" dev="loop5" ino=86 res=0 errno=0 [ 883.550068][ T5837] gspca_main: ALi m5602-2.14.0 probing 0402:5602 [ 883.827802][T27097] bond5: entered allmulticast mode [ 883.875649][ T27] gspca_stv06xx: I2C: Read error writing address: -71 [ 883.931050][ T27] usb 5-1: USB disconnect, device number 24 [ 883.992596][ T5837] gspca_m5602: Failed to find a sensor [ 884.021810][ T5837] ALi m5602 4-1:0.0: ALi m5602 webcam failed [ 884.046747][ T5837] usb 4-1: USB disconnect, device number 85 [ 884.162155][T27108] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9227'. [ 884.171996][T27108] netlink: del zone limit has 8 unknown bytes [ 884.526283][T27122] xt_SECMARK: mode already set to 1 cannot mix with rules for mode 2 [ 884.698131][T27129] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9238'. [ 884.874356][T27138] netlink: 'syz.4.9242': attribute type 11 has an invalid length. [ 885.243858][T27156] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9251'. [ 885.453904][T27161] loop5: detected capacity change from 0 to 4096 [ 885.471597][T27164] @0Ù: renamed from dummy0 [ 885.485509][T27161] ntfs: (device loop5): ntfs_read_locked_inode(): Corrupt standard information attribute in inode. [ 885.511047][T27161] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 885.567336][T27161] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 885.632514][T27161] ntfs: volume version 3.1. [ 885.676791][T27161] ntfs: (device loop5): ntfs_put_super(): Volume has errors. Leaving volume marked dirty. Run chkdsk. [ 885.696788][T27171] loop3: detected capacity change from 0 to 256 [ 885.763104][T27171] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d) [ 885.850742][T27171] exFAT-fs (loop3): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 5, cur_clu : 5) [ 885.890846][T27171] exFAT-fs (loop3): Filesystem has been set read-only [ 886.715596][T27210] netlink: 'syz.3.9278': attribute type 1 has an invalid length. [ 886.757936][T27210] netlink: 232 bytes leftover after parsing attributes in process `syz.3.9278'. [ 886.882860][T27211] loop5: detected capacity change from 0 to 4096 [ 886.948583][T27221] loop2: detected capacity change from 0 to 256 [ 887.004079][T27218] netlink: 24 bytes leftover after parsing attributes in process `syz.4.9282'. [ 887.041431][T27211] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 887.123985][T27211] ntfs3: loop5: ino=9, ntfs_sync_fs failed, -22. [ 887.273624][T14925] ntfs3: loop5: ino=9, ntfs_sync_fs failed, -22. [ 888.096979][T27223] loop3: detected capacity change from 0 to 32768 [ 888.190687][T27223] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 888.284338][T27223] (syz.3.9285,27223,0):ocfs2_find_entry:1086 ERROR: status = -117 [ 888.301028][T27223] (syz.3.9285,27223,0):ocfs2_find_entry:1086 ERROR: status = -117 [ 888.319160][T27223] (syz.3.9285,27223,0):ocfs2_symlink:2068 ERROR: status = -117 [ 888.455791][ T5772] (syz-executor,5772,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 76 [ 888.569990][ T5772] ocfs2: Unmounting device (7,3) on (node local) [ 888.833619][T27275] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on [ 889.601035][ T27] usb 3-1: new full-speed USB device number 87 using dummy_hcd [ 889.782663][ T27] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 889.804422][ T27] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 889.839408][ T27] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 889.859455][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 889.882176][T27300] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 889.899967][T27300] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 889.952656][ T27] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 890.199015][T27329] loop3: detected capacity change from 0 to 512 [ 890.211225][ T8] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 890.233140][T27331] x_tables: duplicate entry at hook 2 [ 890.268961][T27329] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 890.304366][ T27] usb 3-1: USB disconnect, device number 87 [ 890.331978][T27329] ext4 filesystem being mounted at /2322/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 890.412886][ T8] usb 6-1: config 0 has no interfaces? [ 890.426140][ T8] usb 6-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d [ 890.444140][T27329] EXT4-fs error (device loop3): ext4_validate_inode_bitmap:106: comm syz.3.9334: Corrupt inode bitmap - block_group = 0, inode_bitmap = 20 [ 890.459429][T27335] netlink: 36 bytes leftover after parsing attributes in process `syz.4.9337'. [ 890.474823][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 890.490715][ T8] usb 6-1: Product: syz [ 890.496101][ T8] usb 6-1: Manufacturer: syz [ 890.499929][T27329] EXT4-fs error (device loop3) in ext4_free_inode:363: Filesystem failed CRC [ 890.505327][ T8] usb 6-1: SerialNumber: syz [ 890.529191][ T8] r8152-cfgselector 6-1: config 0 descriptor?? [ 890.594863][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 890.762038][ T8] usbip-host 6-1: 6-1 is not in match_busid table... skip! [ 890.980307][ T8] usb 6-1: USB disconnect, device number 19 [ 891.452830][T27369] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.9354'. [ 892.009885][T27388] netlink: 'syz.3.9363': attribute type 46 has an invalid length. [ 892.029656][T27388] netlink: 44 bytes leftover after parsing attributes in process `syz.3.9363'. [ 892.073846][T27388] bridge0: port 1(bridge_slave_0) entered disabled state [ 892.120997][T27388] bridge0: port 3(veth0_to_bridge) entered disabled state [ 892.222462][T27395] netlink: 'syz.4.9366': attribute type 3 has an invalid length. [ 892.234954][T27388] bridge_slave_0 (unregistering): left allmulticast mode [ 892.250791][T27388] bridge_slave_0 (unregistering): left promiscuous mode [ 892.268615][T27388] bridge0: port 1(bridge_slave_0) entered disabled state [ 892.276780][T27395] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.9366'. [ 892.343555][T27388] veth0_to_bridge (unregistering): left allmulticast mode [ 892.352198][T27388] veth0_to_bridge (unregistering): left promiscuous mode [ 892.359572][T27388] bridge0: port 3(veth0_to_bridge) entered disabled state [ 892.405221][T27375] loop2: detected capacity change from 0 to 32768 [ 892.459889][T27375] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 892.638513][T27412] loop5: detected capacity change from 0 to 16 [ 892.652644][T27412] erofs: (device loop5): mounted with root inode @ nid 36. [ 892.670488][T27412] erofs: (device loop5): z_erofs_readahead: readahead error at folio 2 @ nid 89 [ 892.691759][ T5778] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 892.704962][T27412] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress 6887 in[4096, 0] out[8192] [ 892.732113][ T28] audit: type=1800 audit(2000000383.171:325): pid=27412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.9370" name="file3" dev="loop5" ino=89 res=0 errno=0 [ 892.857370][T27375] XFS (loop2): Ending clean mount [ 892.879860][T27375] XFS (loop2): Quotacheck needed: Please wait. [ 892.942970][ T5856] usb 4-1: new high-speed USB device number 86 using dummy_hcd [ 893.005102][T27375] XFS (loop2): Quotacheck: Done. [ 893.048078][T27421] loop4: detected capacity change from 0 to 256 [ 893.145242][ T5856] usb 4-1: config 0 has an invalid interface number: 238 but max is 0 [ 893.168747][ T5856] usb 4-1: config 0 has no interface number 0 [ 893.187634][ T5780] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 893.199186][T27421] FAT-fs (loop4): Directory bread(block 64) failed [ 893.210814][ T5856] usb 4-1: config 0 interface 238 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 893.243210][T27421] FAT-fs (loop4): Directory bread(block 65) failed [ 893.249882][T27421] FAT-fs (loop4): Directory bread(block 66) failed [ 893.258943][ T5856] usb 4-1: config 0 interface 238 altsetting 0 endpoint 0x88 has invalid maxpacket 47698, setting to 1024 [ 893.282084][T27421] FAT-fs (loop4): Directory bread(block 67) failed [ 893.288749][T27421] FAT-fs (loop4): Directory bread(block 68) failed [ 893.296684][ T5856] usb 4-1: config 0 interface 238 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 1024 [ 893.309273][T27421] FAT-fs (loop4): Directory bread(block 69) failed [ 893.318477][T27421] FAT-fs (loop4): Directory bread(block 70) failed [ 893.326142][T27421] FAT-fs (loop4): Directory bread(block 71) failed [ 893.333449][ T5856] usb 4-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=76.6a [ 893.346454][ T5856] usb 4-1: New USB device strings: Mfr=7, Product=2, SerialNumber=3 [ 893.357716][T27421] FAT-fs (loop4): Directory bread(block 72) failed [ 893.379803][ T5856] usb 4-1: Product: syz [ 893.386358][ T5856] usb 4-1: Manufacturer: syz [ 893.391296][T27421] FAT-fs (loop4): Directory bread(block 73) failed [ 893.397979][ T5856] usb 4-1: SerialNumber: syz [ 893.411262][ T5856] usb 4-1: config 0 descriptor?? [ 893.425394][T27413] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 893.447189][ T5856] ni6501 4-1:0.238: driver 'ni6501' failed to auto-configure device. [ 893.699019][ T5856] usb 4-1: USB disconnect, device number 86 [ 895.297818][T27482] tmpfs: Bad value for 'mpol' [ 895.611770][T27494] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9409'. [ 896.018071][T27510] netlink: 'syz.2.9416': attribute type 21 has an invalid length. [ 896.036783][T27510] netlink: 132 bytes leftover after parsing attributes in process `syz.2.9416'. [ 896.299018][T27522] loop2: detected capacity change from 0 to 256 [ 896.336904][T27522] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 896.350248][T27522] FAT-fs (loop2): Filesystem has been set read-only [ 896.365453][T27522] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 896.378375][T27522] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 896.395232][ T28] audit: type=1800 audit(2000000386.841:326): pid=27522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.9422" name="file1" dev="loop2" ino=1048700 res=0 errno=0 [ 896.398110][T27522] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 896.963196][T27545] loop5: detected capacity change from 0 to 256 [ 897.399341][T27559] loop2: detected capacity change from 0 to 2048 [ 897.448262][T27562] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 897.542497][T27559] NILFS error (device loop2): nilfs_lookup: deleted inode referenced: 12 [ 897.615644][T27559] Remounting filesystem read-only [ 897.867787][T27572] loop2: detected capacity change from 0 to 256 [ 897.961468][T27572] FAT-fs (loop2): Directory bread(block 64) failed [ 897.978316][T27572] FAT-fs (loop2): Directory bread(block 65) failed [ 897.996784][T27572] FAT-fs (loop2): Directory bread(block 66) failed [ 898.014117][T27572] FAT-fs (loop2): Directory bread(block 67) failed [ 898.037848][T27572] FAT-fs (loop2): Directory bread(block 68) failed [ 898.060389][T27572] FAT-fs (loop2): Directory bread(block 69) failed [ 898.100825][T27572] FAT-fs (loop2): Directory bread(block 70) failed [ 898.107423][T27572] FAT-fs (loop2): Directory bread(block 71) failed [ 898.129638][T27572] FAT-fs (loop2): Directory bread(block 72) failed [ 898.153345][T27572] FAT-fs (loop2): Directory bread(block 73) failed [ 898.257344][T27557] loop3: detected capacity change from 0 to 32768 [ 898.307890][T27557] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.9438 (27557) [ 898.353007][T27557] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 898.401848][T27557] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 898.436749][T27557] BTRFS info (device loop3): turning off barriers [ 898.462354][T27557] BTRFS info (device loop3): max_inline at 0 [ 898.483793][T27557] BTRFS info (device loop3): enabling all of the rescue options [ 898.484062][T27583] vlan0: left promiscuous mode [ 898.500834][T27557] BTRFS info (device loop3): ignoring data csums [ 898.511043][T27557] BTRFS info (device loop3): ignoring bad roots [ 898.533552][T27557] BTRFS info (device loop3): disabling log replay at mount time [ 898.571166][T27557] BTRFS info (device loop3): force zlib compression, level 3 [ 898.604551][T27557] BTRFS info (device loop3): enabling ssd optimizations [ 898.630705][T27557] BTRFS info (device loop3): using spread ssd allocation scheme [ 898.638425][T27557] BTRFS info (device loop3): allowing degraded mounts [ 898.659093][T27587] netlink: 'syz.5.9452': attribute type 26 has an invalid length. [ 898.678836][T27557] BTRFS info (device loop3): using free space tree [ 898.700855][T27557] workqueue: max_active 2097161 requested for btrfs-worker is out of range, clamping between 1 and 512 [ 898.749216][T27557] workqueue: max_active 2097161 requested for btrfs-delalloc is out of range, clamping between 1 and 512 [ 898.892638][T27557] workqueue: max_active 2097161 requested for btrfs-endio is out of range, clamping between 1 and 512 [ 898.927978][T27557] workqueue: max_active 2097161 requested for btrfs-endio-meta is out of range, clamping between 1 and 512 [ 898.940292][T27557] workqueue: max_active 2097161 requested for btrfs-rmw is out of range, clamping between 1 and 512 [ 898.952393][T27557] workqueue: max_active 2097161 requested for btrfs-endio-write is out of range, clamping between 1 and 512 [ 898.964908][T27557] workqueue: max_active 2097161 requested for btrfs-compressed-write is out of range, clamping between 1 and 512 [ 899.042852][ T11] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0x752e265ca9724eb47c3236b0e85f876d1222941063a0a0afe40232d9dc9ca6dd level 0 [ 899.125100][T27557] BTRFS error (device loop3): failed to load root extent [ 899.141495][ T11] BTRFS warning (device loop3: state C): checksum verify failed on logical 5328896 mirror 1 wanted 0xe27e479340067083b74b333c1de55c530774f48d9bb4dbb5f2229db663324412 found 0x95f62be744ba79d2c7edda0b7f35c3ed250500c283e6cfbf6ba5d84a2ae65a3d level 1 [ 899.181986][T27612] loop4: detected capacity change from 0 to 2048 [ 899.231957][T27557] BTRFS info (device loop3: state C): auto enabling async discard [ 899.274251][T27612] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 899.414714][ T5772] BTRFS info (device loop3: state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 899.933319][T27638] loop3: detected capacity change from 0 to 64 [ 900.042293][T27638] syz.3.9468: attempt to access beyond end of device [ 900.042293][T27638] loop3: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 900.108237][T27638] Buffer I/O error on dev loop3, logical block 32767, async page read [ 900.131436][T27638] syz.3.9468: attempt to access beyond end of device [ 900.131436][T27638] loop3: rw=0, sector=65534, nr_sectors = 2 limit=64 [ 900.225116][T27638] Buffer I/O error on dev loop3, logical block 32767, async page read [ 900.433343][T27653] netlink: 36 bytes leftover after parsing attributes in process `syz.5.9476'. [ 900.621397][T27658] netlink: 'syz.5.9478': attribute type 21 has an invalid length. [ 900.629284][T27658] netlink: 'syz.5.9478': attribute type 15 has an invalid length. [ 900.647733][T27658] netlink: 156 bytes leftover after parsing attributes in process `syz.5.9478'. [ 900.668964][T27658] IPv6: NLM_F_CREATE should be specified when creating new route [ 900.677182][T27658] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 900.684497][T27658] IPv6: NLM_F_CREATE should be set when creating new route [ 900.691819][T27658] IPv6: NLM_F_CREATE should be set when creating new route [ 900.699059][T27658] IPv6: NLM_F_CREATE should be set when creating new route [ 900.862965][T27666] loop3: detected capacity change from 0 to 16 [ 900.899146][T27666] erofs: (device loop3): mounted with root inode @ nid 36. [ 900.951404][T27666] syz.3.9483: attempt to access beyond end of device [ 900.951404][T27666] loop3: rw=0, sector=34359736320, nr_sectors = 8 limit=16 [ 901.849709][T27705] loop3: detected capacity change from 0 to 22 [ 901.889849][T27705] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 901.946208][T27705] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 902.177085][T27713] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9506'. [ 902.280802][ T23] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 902.308184][T27696] loop4: detected capacity change from 0 to 32768 [ 902.358783][T27696] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 902.475871][ T23] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 902.540066][ T23] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 902.556294][ T23] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 902.561380][T27730] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9510'. [ 902.571780][ T23] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 902.587820][ T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 902.598831][T27730] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 902.605141][ T23] usb 6-1: config 0 descriptor?? [ 902.616041][ T23] hub 6-1:0.0: USB hub found [ 902.690465][T27696] XFS (loop4): Ending clean mount [ 902.822048][T27737] overlayfs: conflicting options: verity=on,redirect_dir=nofollow [ 902.840239][ T23] hub 6-1:0.0: 9 ports detected [ 902.851103][ T23] hub 6-1:0.0: insufficient power available to use all downstream ports [ 902.879228][T27738] loop3: detected capacity change from 0 to 1024 [ 902.932936][T13909] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 902.984241][T27738] hfsplus: cannot replace xattr [ 903.060910][ T23] hub 6-1:0.0: hub_hub_status failed (err = -71) [ 903.067335][ T23] hub 6-1:0.0: config failed, can't get hub status (err -71) [ 903.167375][ T23] usb 6-1: USB disconnect, device number 20 [ 903.172434][T27740] program syz.2.9516 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 903.346562][T27742] loop3: detected capacity change from 0 to 2048 [ 903.385171][T27742] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 904.096384][T27744] loop2: detected capacity change from 0 to 32768 [ 904.185945][T27744] [ 904.185945][T27744] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 904.185945][T27744] [ 904.332447][ T5780] [ 904.332447][ T5780] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 904.332447][ T5780] [ 904.363652][ T5780] [ 904.363652][ T5780] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 904.363652][ T5780] [ 904.657513][T27784] netlink: 3 bytes leftover after parsing attributes in process `syz.4.9537'. [ 904.963720][T27796] netlink: 209844 bytes leftover after parsing attributes in process `syz.2.9543'. [ 905.587635][T27820] loop3: detected capacity change from 0 to 256 [ 905.739014][T27824] netlink: 209844 bytes leftover after parsing attributes in process `syz.5.9557'. [ 906.296508][T27843] netlink: 'syz.4.9567': attribute type 1 has an invalid length. [ 906.560863][T27847] xt_CT: No such helper "netbios-ns" [ 907.390857][T27884] netlink: 32 bytes leftover after parsing attributes in process `syz.4.9586'. [ 908.021283][ T23] usb 6-1: new full-speed USB device number 21 using dummy_hcd [ 908.195081][T27920] loop2: detected capacity change from 0 to 512 [ 908.221850][ T6010] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 908.232683][ T23] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 908.273205][ T23] usb 6-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb [ 908.300921][ T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 908.319612][ T23] usb 6-1: Product: syz [ 908.341062][ T23] usb 6-1: Manufacturer: syz [ 908.345701][ T23] usb 6-1: SerialNumber: syz [ 908.389039][ T23] usb 6-1: config 0 descriptor?? [ 908.415308][ T23] usbtouchscreen: probe of 6-1:0.0 failed with error -12 [ 908.630008][ T5856] usb 6-1: USB disconnect, device number 21 [ 909.078110][ T28] audit: type=1326 audit(2000000399.521:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27955 comm="syz.3.9621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 909.107285][ T28] audit: type=1326 audit(2000000399.521:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27955 comm="syz.3.9621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 909.139412][ T28] audit: type=1326 audit(2000000399.581:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27955 comm="syz.3.9621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 909.214187][ T28] audit: type=1326 audit(2000000399.581:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27955 comm="syz.3.9621" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f64b279bf79 code=0x7ffc0000 [ 909.427089][T27965] ieee802154 phy0 wpan0: encryption failed: -22 [ 909.463759][T27966] bridge9: entered promiscuous mode [ 909.641625][T27968] loop3: detected capacity change from 0 to 2048 [ 909.703305][T27968] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 909.876594][T27954] loop4: detected capacity change from 0 to 32768 [ 909.886176][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 909.941816][T27954] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.9620 (27954) [ 909.957253][T27954] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 909.969263][T27954] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 909.978146][T27954] BTRFS info (device loop4): using free space tree [ 910.157239][T27954] BTRFS info (device loop4): enabling ssd optimizations [ 910.170650][T27954] BTRFS info (device loop4): auto enabling async discard [ 910.440991][T13909] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 911.111485][ T23] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 911.215577][T28028] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled [ 911.301426][ T23] usb 5-1: Using ep0 maxpacket: 32 [ 911.320856][ T23] usb 5-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b [ 911.358824][ T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 911.380669][ T23] usb 5-1: Product: syz [ 911.391977][ T23] usb 5-1: Manufacturer: syz [ 911.397771][ T23] usb 5-1: SerialNumber: syz [ 911.558422][T28037] netlink: 300 bytes leftover after parsing attributes in process `syz.3.9652'. [ 911.631098][ T23] visor 5-1:1.0: Handspring Visor / Palm OS converter detected [ 911.654110][ T23] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 911.694323][ T23] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 911.863734][ T23] usb 5-1: USB disconnect, device number 25 [ 911.873302][ T23] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 911.905482][ T23] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 911.941515][ T23] visor 5-1:1.0: device disconnected [ 913.169338][T28089] loop3: detected capacity change from 0 to 4096 [ 913.239321][T28089] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 913.352494][T28089] ntfs3: loop3: Failed to initialize $Extend/$ObjId. [ 913.655986][ T28] audit: type=1326 audit(2000000404.101:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28110 comm="syz.4.9689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 913.760749][ T28] audit: type=1326 audit(2000000404.101:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28110 comm="syz.4.9689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 913.839761][ T28] audit: type=1326 audit(2000000404.131:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28110 comm="syz.4.9689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 913.910924][ T28] audit: type=1326 audit(2000000404.131:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28110 comm="syz.4.9689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 914.006331][ T28] audit: type=1326 audit(2000000404.131:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28110 comm="syz.4.9689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 914.738520][ T28] audit: type=1326 audit(2000000405.171:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28147 comm="syz.4.9708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 914.799291][ T28] audit: type=1326 audit(2000000405.171:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28147 comm="syz.4.9708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 914.799342][ T28] audit: type=1326 audit(2000000405.181:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28147 comm="syz.4.9708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 914.799387][ T28] audit: type=1326 audit(2000000405.181:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28147 comm="syz.4.9708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4d1419bce2 code=0x7ffc0000 [ 914.799434][ T28] audit: type=1326 audit(2000000405.181:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28147 comm="syz.4.9708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4d1419bce2 code=0x7ffc0000 [ 914.799488][ T28] audit: type=1326 audit(2000000405.211:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28147 comm="syz.4.9708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 914.799531][ T28] audit: type=1326 audit(2000000405.231:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28147 comm="syz.4.9708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 914.889502][T28123] loop3: detected capacity change from 0 to 40427 [ 915.074725][T28123] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 915.074756][T28123] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 915.104832][T28123] F2FS-fs (loop3): Found nat_bits in checkpoint [ 915.202633][T28156] loop4: detected capacity change from 0 to 4096 [ 915.260928][T28156] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing. [ 915.293979][T28123] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 915.310754][T28156] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 915.320903][T28123] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 915.354889][T28156] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 915.441116][T28156] ntfs: volume version 3.1. [ 915.486342][T28123] syz.3.9693: attempt to access beyond end of device [ 915.486342][T28123] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 915.546790][T28164] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 915.672605][ T5772] syz-executor: attempt to access beyond end of device [ 915.672605][ T5772] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 915.740955][ T5772] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 915.968267][T28172] loop5: detected capacity change from 0 to 4096 [ 916.034235][T28172] ntfs: volume version 3.1. [ 916.843737][T28204] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 917.012016][T28210] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9736'. [ 917.684017][T28240] loop4: detected capacity change from 0 to 256 [ 917.862444][T28240] FAT-fs (loop4): Directory bread(block 64) failed [ 917.869134][T28240] FAT-fs (loop4): Directory bread(block 65) failed [ 917.928976][T28240] FAT-fs (loop4): Directory bread(block 66) failed [ 917.936584][T28240] FAT-fs (loop4): Directory bread(block 67) failed [ 917.966898][T28240] FAT-fs (loop4): Directory bread(block 68) failed [ 917.986225][T28240] FAT-fs (loop4): Directory bread(block 69) failed [ 918.006731][T28240] FAT-fs (loop4): Directory bread(block 70) failed [ 918.028386][T28240] FAT-fs (loop4): Directory bread(block 71) failed [ 918.047592][T28240] FAT-fs (loop4): Directory bread(block 72) failed [ 918.064449][T28240] FAT-fs (loop4): Directory bread(block 73) failed [ 918.322443][T28265] binder: BC_ACQUIRE_RESULT not supported [ 918.349549][T28265] binder: 28264:28265 ioctl c0306201 200000000040 returned -22 [ 918.374329][T28267] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9760'. [ 918.850217][T28285] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 918.857542][T28285] IPv6: NLM_F_CREATE should be set when creating new route [ 918.864912][T28285] IPv6: NLM_F_CREATE should be set when creating new route [ 919.191191][T28299] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9775'. [ 919.200396][T28302] loop3: detected capacity change from 0 to 512 [ 919.247494][T28302] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 919.258218][T28297] xt_CT: No such helper "pptp" [ 919.442103][ T27] usb 3-1: new high-speed USB device number 88 using dummy_hcd [ 919.510081][T28309] tmpfs: Bad value for 'nr_inodes' [ 919.633452][ T27] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 919.666550][ T27] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 919.688898][ T27] usb 3-1: config 0 descriptor?? [ 919.814100][T28324] netlink: 40 bytes leftover after parsing attributes in process `syz.3.9786'. [ 920.129051][ T27] ath6kl: Failed to read usb control message: -71 [ 920.141553][ T27] ath6kl: Unable to read the bmi data from the device: -71 [ 920.149129][ T27] ath6kl: Unable to recv target info: -71 [ 920.182294][ T27] ath6kl: Failed to init ath6kl core: -71 [ 920.189375][ T27] ath6kl_usb: probe of 3-1:0.0 failed with error -71 [ 920.249306][ T27] usb 3-1: USB disconnect, device number 88 [ 920.385382][T28340] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 920.439488][T28345] netlink: 'syz.4.9797': attribute type 15 has an invalid length. [ 921.949607][T28373] loop3: detected capacity change from 0 to 32768 [ 921.975721][T28373] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by syz.3.9811 (28373) [ 921.997521][T28373] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 922.015854][T28373] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 922.027140][T28373] BTRFS info (device loop3): enabling disk space caching [ 922.047327][T28373] BTRFS info (device loop3): force clearing of disk cache [ 922.067925][T28373] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 922.079409][T28373] BTRFS info (device loop3): use zstd compression, level 3 [ 922.087567][T28373] BTRFS info (device loop3): disk space caching is enabled [ 922.160124][T28420] netlink: 'syz.2.9828': attribute type 1 has an invalid length. [ 922.194952][T28244] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 922.203274][T28373] BTRFS info (device loop3): enabling ssd optimizations [ 922.210260][T28373] BTRFS info (device loop3): auto enabling async discard [ 922.264731][T28373] BTRFS info (device loop3): rebuilding free space tree [ 922.335908][T28373] BTRFS info (device loop3): disabling free space tree [ 922.346961][T28373] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 922.381224][T28373] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 922.438519][T28244] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 922.470903][T28244] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 922.488551][T28244] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 922.498571][T28244] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 922.523922][T28244] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 922.559920][T28244] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 922.579786][T28244] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 922.608619][T28244] usb 5-1: Product: syz [ 922.626702][T28244] usb 5-1: Manufacturer: syz [ 922.645641][T28244] cdc_wdm 5-1:1.0: skipping garbage [ 922.667640][T28244] cdc_wdm 5-1:1.0: skipping garbage [ 922.683564][T28244] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 922.703641][T28244] cdc_wdm 5-1:1.0: Unknown control protocol [ 922.710932][ T5772] BTRFS info (device loop3): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 922.919077][T28402] cdc_wdm 5-1:1.0: Error submitting int urb - -90 [ 922.975462][T28241] usb 5-1: USB disconnect, device number 26 [ 923.111205][ T5837] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 923.323247][ T5837] usb 6-1: New USB device found, idVendor=249c, idProduct=9002, bcdDevice=5e.ad [ 923.340795][ T5837] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 923.379655][ T5837] usb 6-1: config 0 descriptor?? [ 923.633749][ T5837] snd-usb-hiface: probe of 6-1:0.0 failed with error -22 [ 923.854913][ T5856] usb 6-1: USB disconnect, device number 22 [ 923.969168][T28471] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9852'. [ 924.018079][T28473] loop4: detected capacity change from 0 to 2048 [ 924.053261][T28473] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 924.061135][ T5837] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 924.123204][T28475] loop2: detected capacity change from 0 to 4096 [ 924.139223][T28473] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh [ 924.183565][T28476] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 924.250776][ T5837] usb 4-1: Using ep0 maxpacket: 16 [ 924.273353][ T5837] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 924.319543][ T5837] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 924.333060][ T5837] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 924.350784][ T5837] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 924.376798][ T5837] usb 4-1: Product: syz [ 924.386310][ T5837] usb 4-1: Manufacturer: syz [ 924.391188][T28478] vim2m vim2m.0: Fourcc format (0x56595559) invalid. [ 924.401162][ T5837] usb 4-1: SerialNumber: syz [ 924.530205][T28480] binfmt_misc: register: failed to install interpreter file ./bus [ 924.689251][ T5837] usb 4-1: cannot find UAC_HEADER [ 924.733354][ T5837] snd-usb-audio: probe of 4-1:1.0 failed with error -22 [ 924.789329][ T5762] udevd[5762]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 924.801326][ T5837] usb 4-1: USB disconnect, device number 87 [ 924.822279][T28488] cifs: Unknown parameter 'ÿÿITäŒ&¬æ:ÅèÙ"‚Õëï1:ºÃÃÓ­'Ä4,Zz-#FÇ<æõ]%gCžÊ [ 924.822279][T28488] SÃȘØÈžZ§6ŸÂ' [ 925.007182][T28494] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9863'. [ 925.694552][T28524] loop3: detected capacity change from 0 to 736 [ 925.952075][ T27] usb 5-1: new low-speed USB device number 27 using dummy_hcd [ 926.047698][T28535] loop2: detected capacity change from 0 to 128 [ 926.090797][T28535] EXT4-fs (loop2): Test dummy encryption mode enabled [ 926.127590][T28535] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 926.205782][ T27] usb 5-1: config index 0 descriptor too short (expected 1307, got 27) [ 926.220678][ T27] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 926.242407][T28535] ext4 filesystem being mounted at /2472/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 926.270706][ T27] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 926.310717][ T27] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 926.342619][ T27] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 926.380399][ T27] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 926.408976][ T27] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 926.435590][ T5780] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 926.445607][ T27] usb 5-1: string descriptor 0 read error: -22 [ 926.452778][ T27] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 926.456779][T28547] __vm_enough_memory: pid: 28547, comm: syz.5.9888, not enough memory for the allocation [ 926.471485][ T27] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 926.503162][ T27] usb 5-1: config 0 descriptor?? [ 926.538756][ T27] hub 5-1:0.0: bad descriptor, ignoring hub [ 926.557870][T28549] loop3: detected capacity change from 0 to 512 [ 926.564962][ T27] hub: probe of 5-1:0.0 failed with error -5 [ 926.598586][ T27] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input43 [ 926.663578][T28549] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a000c018, mo2=0002] [ 926.690937][T28549] System zones: 0-2, 18-18, 34-35 [ 926.723404][ T28] kauditd_printk_skb: 26 callbacks suppressed [ 926.723419][ T28] audit: type=1326 audit(2000000417.171:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28554 comm="syz.5.9891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 926.753309][T28549] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 926.774931][ T28] audit: type=1326 audit(2000000417.201:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28554 comm="syz.5.9891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 926.816048][T28549] ext4 filesystem being mounted at /2447/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 926.860089][ T5856] usb 5-1: USB disconnect, device number 27 [ 926.890980][ T28] audit: type=1326 audit(2000000417.201:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28554 comm="syz.5.9891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 926.928477][T28549] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz.3.9889: invalid size [ 926.997237][ T28] audit: type=1326 audit(2000000417.201:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28554 comm="syz.5.9891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 927.102209][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 927.167099][T28563] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9896'. [ 927.257885][T28563] veth5: entered allmulticast mode [ 927.497288][T28573] loop4: detected capacity change from 0 to 64 [ 927.607931][T28571] loop3: detected capacity change from 0 to 4096 [ 927.652803][T28571] ntfs3: loop3: ino=3, Correct links count -> 2. [ 927.819765][T28583] netlink: 'syz.2.9905': attribute type 5 has an invalid length. [ 928.145781][T28593] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9909'. [ 928.194015][T28597] netlink: 'syz.2.9912': attribute type 2 has an invalid length. [ 928.220833][T28597] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9912'. [ 928.427993][T28595] loop5: detected capacity change from 0 to 8192 [ 928.430341][T28603] loop2: detected capacity change from 0 to 764 [ 928.500873][T28595] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 928.525496][T28595] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 928.542116][T28595] REISERFS (device loop5): using ordered data mode [ 928.547465][T28603] rock: directory entry would overflow storage [ 928.548717][T28595] reiserfs: using flush barriers [ 928.568401][T28595] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 928.586912][T28595] REISERFS (device loop5): checking transaction log (loop5) [ 928.594734][T28603] rock: sig=0x4654, size=5, remaining=4 [ 928.611751][T28595] REISERFS (device loop5): Using r5 hash to sort names [ 928.618989][T28595] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage. [ 928.662981][T28610] loop3: detected capacity change from 0 to 1024 [ 928.747352][T28610] hfsplus: inconsistency in B*Tree (128,1,255,1,0) [ 928.762489][T28610] syz.3.9918: attempt to access beyond end of device [ 928.762489][T28610] loop3: rw=0, sector=917504, nr_sectors = 2 limit=1024 [ 928.815595][T28610] Buffer I/O error on dev loop3, logical block 458752, async page read [ 928.909810][T28610] syz.3.9918: attempt to access beyond end of device [ 928.909810][T28610] loop3: rw=0, sector=917504, nr_sectors = 2 limit=1024 [ 928.934472][T28610] Buffer I/O error on dev loop3, logical block 458752, async page read [ 930.037401][ T28] audit: type=1326 audit(2000000420.481:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28659 comm="syz.4.9943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 930.123597][ T28] audit: type=1326 audit(2000000420.481:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28659 comm="syz.4.9943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 930.192680][ T28] audit: type=1326 audit(2000000420.511:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28659 comm="syz.4.9943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 930.268916][ T28] audit: type=1326 audit(2000000420.511:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28659 comm="syz.4.9943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d1419bf79 code=0x7ffc0000 [ 930.347134][ T28] audit: type=1326 audit(2000000420.701:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28665 comm="syz.5.9946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 930.445154][ T28] audit: type=1326 audit(2000000420.701:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28665 comm="syz.5.9946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 930.613450][T28679] loop4: detected capacity change from 0 to 1024 [ 930.676259][T28679] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 930.728898][T28688] loop5: detected capacity change from 0 to 256 [ 930.739531][T28688] exfat: Deprecated parameter 'utf8' [ 930.750267][T28688] exfat: Deprecated parameter 'utf8' [ 930.786318][T28688] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d) [ 930.828162][T28688] exFAT-fs (loop5): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 5, cur_clu : 5) [ 930.961247][T13909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 931.193850][T28694] loop2: detected capacity change from 0 to 4096 [ 931.207137][T28693] loop3: detected capacity change from 0 to 8192 [ 931.240842][T28694] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 931.257275][T28693] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 931.311328][T28693] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal [ 931.348838][T28694] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 931.370852][T28693] REISERFS (device loop3): using ordered data mode [ 931.377797][T28693] reiserfs: using flush barriers [ 931.385898][T28694] ntfs3: loop2: Failed to load $Extend (-22). [ 931.393231][T28694] ntfs3: loop2: Failed to initialize $Extend. [ 931.434420][T28693] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 931.462427][T28703] loop4: detected capacity change from 0 to 8 [ 931.479542][T28705] comedi comedi4: bad chanlist[0]=0x00000008 chan=8 range length=2 [ 931.482119][T28693] REISERFS (device loop3): checking transaction log (loop3) [ 931.512070][T28703] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 931.536892][ T5760] udevd[5760]: incorrect cramfs checksum on /dev/loop4 [ 931.576904][T28693] REISERFS (device loop3): Using r5 hash to sort names [ 931.601401][T28693] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 931.644728][ T5762] udevd[5762]: incorrect cramfs checksum on /dev/loop4 [ 931.690120][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.696610][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.341093][T28725] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 932.388869][T28725] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 932.674504][T13909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 932.687525][T28739] program syz.5.9979 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 932.857653][T28745] netlink: 'syz.4.9981': attribute type 46 has an invalid length. [ 932.882949][T28745] netlink: 'syz.4.9981': attribute type 28 has an invalid length. [ 933.186794][T28754] set_capacity_and_notify: 1 callbacks suppressed [ 933.186811][T28754] loop3: detected capacity change from 0 to 4096 [ 933.256406][T28754] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512). [ 933.894891][T28756] loop4: detected capacity change from 0 to 32768 [ 933.920551][T28756] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.9987 (28756) [ 934.009665][T28756] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 934.061064][T28756] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 934.096591][T28756] BTRFS info (device loop4): enabling disk space caching [ 934.111146][T28756] BTRFS info (device loop4): force clearing of disk cache [ 934.128520][T28756] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 934.177255][T28756] BTRFS info (device loop4): use zstd compression, level 3 [ 934.199366][T28756] BTRFS info (device loop4): disk space caching is enabled [ 934.366678][T28756] BTRFS info (device loop4): enabling ssd optimizations [ 934.390917][T28756] BTRFS info (device loop4): auto enabling async discard [ 934.420936][T28756] BTRFS info (device loop4): rebuilding free space tree [ 934.451911][T28756] BTRFS info (device loop4): disabling free space tree [ 934.458875][T28756] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 934.494662][T28796] loop3: detected capacity change from 0 to 4096 [ 934.517045][T28756] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 934.529719][T28796] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 934.625344][T28796] ntfs3: loop3: Failed to load $Extend (-22). [ 934.650756][T28796] ntfs3: loop3: Failed to initialize $Extend. [ 934.900867][T13909] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 935.250220][T28816] loop5: detected capacity change from 0 to 4096 [ 935.271298][T28816] __ntfs_error: 2 callbacks suppressed [ 935.271312][T28816] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 935.357542][T28816] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 935.383237][T28816] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 935.414618][T28816] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 935.456782][T28816] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 935.502482][T28816] ntfs: volume version 3.1. [ 935.509991][T28816] ntfs: (device loop5): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 935.580937][T28816] ntfs: (device loop5): load_system_files(): Failed to load $LogFile. Will not be able to remount read-write. Mount in Windows. [ 935.641237][T28816] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5. [ 935.679338][T28816] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys. [ 935.728355][T28834] loop4: detected capacity change from 0 to 512 [ 935.768158][T28834] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 935.771272][T28816] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated. Will not be able to remount read-write. Run chkdsk. [ 935.799925][T28834] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 936.051647][T27581] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 936.189702][T28842] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 936.684741][T28838] loop2: detected capacity change from 0 to 32768 [ 936.778158][T28838] JBD2: Ignoring recovery information on journal [ 936.948560][T28838] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 937.105013][T28838] (syz.2.10020,28838,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: directory entry overrun - offset=16, inode=7755761508285415489, rec_len=30044, name_len=0 [ 937.154163][T28838] (syz.2.10020,28838,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2 [ 937.203089][T28838] (syz.2.10020,28838,0):ocfs2_mknod:298 ERROR: status = -2 [ 937.268074][T28838] (syz.2.10020,28838,0):ocfs2_mknod:502 ERROR: status = -2 [ 937.299021][T28838] (syz.2.10020,28838,0):ocfs2_create:676 ERROR: status = -2 [ 937.437506][ T5780] ocfs2: Unmounting device (7,2) on (node local) [ 937.829137][T28887] netlink: 4768 bytes leftover after parsing attributes in process `syz.3.10044'. [ 937.841082][T28892] netlink: 'syz.4.10045': attribute type 1 has an invalid length. [ 938.042844][T28901] netlink: 40 bytes leftover after parsing attributes in process `syz.3.10049'. [ 938.191723][T28906] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.10051'. [ 938.228255][T28906] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16) [ 938.255198][T28906] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 938.373104][T28913] netlink: 36 bytes leftover after parsing attributes in process `syz.3.10055'. [ 938.426525][T28913] netlink: 6 bytes leftover after parsing attributes in process `syz.3.10055'. [ 938.458259][T28913] netlink: 6 bytes leftover after parsing attributes in process `syz.3.10055'. [ 938.655123][T28927] netlink: 16 bytes leftover after parsing attributes in process `syz.5.10061'. [ 938.696060][T28921] loop4: detected capacity change from 0 to 4096 [ 938.736625][T28921] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 938.890147][T28921] ntfs3: loop4: failed to convert "c46c" to cp866 [ 939.131499][T28940] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10069'. [ 939.189643][T28941] loop5: detected capacity change from 0 to 4096 [ 939.201476][T28244] usb 4-1: new high-speed USB device number 88 using dummy_hcd [ 939.218659][T28941] ntfs: volume version 3.1. [ 939.418744][T28244] usb 4-1: Using ep0 maxpacket: 32 [ 939.452773][T28244] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 939.497275][T28244] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 939.526371][T28244] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 939.583043][T28244] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 939.592683][T28244] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 939.602062][T28244] usb 4-1: Product: syz [ 939.606358][T28244] usb 4-1: Manufacturer: syz [ 939.611797][T28244] usb 4-1: SerialNumber: syz [ 939.638170][T28244] cdc_ncm 4-1:1.0: skipping garbage [ 939.657055][T28244] cdc_ncm 4-1:1.0: skipping garbage [ 939.697008][T28244] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found [ 939.721655][T28244] cdc_ncm 4-1:1.0: bind() failure [ 939.766151][T28957] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10077'. [ 939.887164][ T5856] usb 4-1: USB disconnect, device number 88 [ 939.910942][ T5837] usb 3-1: new high-speed USB device number 89 using dummy_hcd [ 940.119951][ T5837] usb 3-1: unable to get BOS descriptor or descriptor too short [ 940.140382][ T5837] usb 3-1: config 129 has an invalid interface number: 135 but max is 0 [ 940.170700][ T5837] usb 3-1: config 129 has an invalid interface number: 5 but max is 0 [ 940.178917][ T5837] usb 3-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 940.207204][ T5837] usb 3-1: config 129 has no interface number 0 [ 940.220748][ T5837] usb 3-1: config 129 has no interface number 1 [ 940.234356][ T5837] usb 3-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 940.255432][T28970] veth3: entered promiscuous mode [ 940.260683][ T5837] usb 3-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30 [ 940.260741][ T5837] usb 3-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37 [ 940.260769][ T5837] usb 3-1: config 129 interface 135 has no altsetting 0 [ 940.260790][ T5837] usb 3-1: config 129 interface 5 has no altsetting 0 [ 940.280471][ T5837] usb 3-1: string descriptor 0 read error: -22 [ 940.308256][T28970] veth3: entered allmulticast mode [ 940.321162][ T5837] usb 3-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00 [ 940.330281][ T5837] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 940.377401][ T5837] usb 3-1: Quirk or no altest; falling back to MIDI 1.0 [ 940.390650][ T5837] usb 3-1: MIDIStreaming interface descriptor not found [ 940.753531][T28241] usb 3-1: USB disconnect, device number 89 [ 940.792151][T28966] loop4: detected capacity change from 0 to 32768 [ 940.873207][T28966] ea_get: invalid extended attribute [ 940.890810][T28966] ffff888058857230: 04 00 00 00 .... [ 941.486158][ T27] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 941.681834][ T27] usb 5-1: Using ep0 maxpacket: 32 [ 941.693424][ T27] usb 5-1: config 0 has an invalid interface number: 66 but max is 1 [ 941.715069][ T27] usb 5-1: config 0 has no interface number 1 [ 941.732602][ T27] usb 5-1: too many endpoints for config 0 interface 0 altsetting 5: 69, using maximum allowed: 30 [ 941.776943][ T27] usb 5-1: config 0 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 69 [ 941.824017][ T27] usb 5-1: too many endpoints for config 0 interface 66 altsetting 107: 137, using maximum allowed: 30 [ 941.865901][ T27] usb 5-1: config 0 interface 66 altsetting 107 has 0 endpoint descriptors, different from the interface descriptor's value: 137 [ 941.894321][ T27] usb 5-1: config 0 interface 0 has no altsetting 0 [ 941.907865][ T27] usb 5-1: config 0 interface 66 has no altsetting 0 [ 941.931881][ T27] usb 5-1: New USB device found, idVendor=152d, idProduct=0539, bcdDevice= 0.00 [ 941.957672][ T27] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 941.970606][ T27] usb 5-1: SerialNumber: syz [ 941.986621][ T27] usb 5-1: config 0 descriptor?? [ 942.008449][ T27] usb-storage 5-1:0.0: USB Mass Storage device detected [ 942.043427][ T27] usb-storage 5-1:0.0: Quirks match for vid 152d pid 0539: 4000000 [ 942.144565][T28995] loop5: detected capacity change from 0 to 32768 [ 942.212818][T28995] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop5 scanned by syz.5.10093 (28995) [ 942.241869][ T27] usb-storage 5-1:0.66: USB Mass Storage device detected [ 942.282765][ T27] usb-storage 5-1:0.66: Quirks match for vid 152d pid 0539: 4000000 [ 942.327655][T28995] BTRFS info (device loop5): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 942.380760][T28995] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 942.389531][T28995] BTRFS info (device loop5): enabling disk space caching [ 942.410768][T28995] BTRFS info (device loop5): force clearing of disk cache [ 942.446672][ T27] usb 5-1: USB disconnect, device number 28 [ 942.459916][T28995] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10) [ 942.529517][T28995] BTRFS info (device loop5): use zstd compression, level 3 [ 942.546178][T29020] loop2: detected capacity change from 0 to 4096 [ 942.560845][T28995] BTRFS info (device loop5): disk space caching is enabled [ 942.686495][T29020] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 942.711717][T29020] ntfs3: loop2: Failed to initialize $Extend/$ObjId. [ 942.815420][T28995] BTRFS info (device loop5): enabling ssd optimizations [ 942.840696][T28995] BTRFS info (device loop5): auto enabling async discard [ 942.891359][T28995] BTRFS info (device loop5): rebuilding free space tree [ 943.013266][T28995] BTRFS info (device loop5): disabling free space tree [ 943.020259][T28995] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 943.046692][T28995] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 943.065389][T29044] loop4: detected capacity change from 0 to 512 [ 943.091468][T29044] EXT4-fs: Ignoring removed mblk_io_submit option [ 943.158804][T29044] EXT4-fs (loop4): orphan cleanup on readonly fs [ 943.175610][T29044] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13 [ 943.204542][T29044] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.10108: attempt to clear invalid blocks 2 len 1 [ 943.320654][T29044] EXT4-fs (loop4): Remounting filesystem read-only [ 943.328136][T29044] EXT4-fs (loop4): 1 truncate cleaned up [ 943.373212][T29044] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 943.406979][T29051] ip6gre2: entered promiscuous mode [ 943.441594][T14925] BTRFS info (device loop5): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 943.650879][T13909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 944.363362][T29079] netlink: 72 bytes leftover after parsing attributes in process `syz.3.10125'. [ 944.380817][T29079] netlink: 'syz.3.10125': attribute type 1 has an invalid length. [ 944.399233][T29079] netlink: 'syz.3.10125': attribute type 2 has an invalid length. [ 944.412842][T29079] netlink: 116 bytes leftover after parsing attributes in process `syz.3.10125'. [ 944.817504][T29098] loop2: detected capacity change from 0 to 512 [ 944.852532][T29098] EXT4-fs (loop2): orphan cleanup on readonly fs [ 944.860899][T29098] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 944.899005][T29098] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 944.971571][T29098] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.10133: attempt to clear invalid blocks 2 len 1 [ 944.989850][T29098] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.10133: invalid indirect mapped block 1819239214 (level 0) [ 945.006581][T29098] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.10133: invalid indirect mapped block 1819239214 (level 1) [ 945.021718][T29098] EXT4-fs (loop2): 1 truncate cleaned up [ 945.029442][T29098] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 945.105164][T29098] EXT4-fs error (device loop2): ext4_lookup:1855: inode #2: comm syz.2.10133: 'file1' linked to parent dir [ 945.118296][T29105] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10135'. [ 945.223026][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 945.902785][T29138] ipt_ECN: cannot use operation on non-tcp rule [ 946.087661][T29144] loop5: detected capacity change from 0 to 512 [ 946.113691][T29144] EXT4-fs: Ignoring removed mblk_io_submit option [ 946.158798][T29144] EXT4-fs (loop5): orphan cleanup on readonly fs [ 946.169999][T29144] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13 [ 946.181048][T29144] EXT4-fs error (device loop5): ext4_clear_blocks:883: inode #13: comm syz.5.10151: attempt to clear invalid blocks 2 len 1 [ 946.202429][T29144] EXT4-fs (loop5): Remounting filesystem read-only [ 946.209534][T29144] EXT4-fs (loop5): 1 truncate cleaned up [ 946.217092][T29144] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 946.291550][T14925] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 946.340666][T28244] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 946.550749][T28244] usb 5-1: Using ep0 maxpacket: 8 [ 946.565003][T28244] usb 5-1: config 2 has an invalid interface number: 31 but max is 0 [ 946.573576][T28244] usb 5-1: config 2 has no interface number 0 [ 946.579725][T28244] usb 5-1: config 2 interface 31 has no altsetting 0 [ 946.604839][T28244] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f [ 946.618639][T28244] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 946.649376][T28244] usb 5-1: Product: syz [ 946.660822][T28244] usb 5-1: Manufacturer: syz [ 946.665491][T28244] usb 5-1: SerialNumber: syz [ 946.894693][T29174] netlink: 'syz.3.10166': attribute type 3 has an invalid length. [ 946.911380][T29174] netlink: 201372 bytes leftover after parsing attributes in process `syz.3.10166'. [ 947.066354][T29179] loop3: detected capacity change from 0 to 64 [ 947.098396][T29179] Trying to free block not in datazone [ 947.130674][T29179] Trying to free block not in datazone [ 947.136184][T29179] Trying to free block not in datazone [ 947.163289][T29179] Trying to free block not in datazone [ 947.171869][T28244] ch9200: probe of 5-1:2.31 failed with error -22 [ 947.197528][T29179] Trying to free block not in datazone [ 947.209585][T28244] usb 5-1: USB disconnect, device number 29 [ 947.220857][T29179] Trying to free block not in datazone [ 947.235519][T29179] Trying to free block not in datazone [ 947.257396][T29179] Trying to free block not in datazone [ 947.285352][T29179] Trying to free block not in datazone [ 947.298168][T29179] Trying to free block not in datazone [ 947.304363][T29179] Trying to free block not in datazone [ 947.309970][T29179] Trying to free block not in datazone [ 947.315586][T29179] Trying to free block not in datazone [ 947.321613][T29179] Trying to free block not in datazone [ 947.331736][T29179] Trying to free block not in datazone [ 947.338822][T29179] Trying to free block not in datazone [ 947.348982][T29179] Trying to free block not in datazone [ 947.359101][T29179] Trying to free block not in datazone [ 947.377769][T29179] Trying to free block not in datazone [ 947.390878][T29179] Trying to free block not in datazone [ 947.405922][T29179] Trying to free block not in datazone [ 947.420756][T29179] Trying to free block not in datazone [ 947.436753][T29179] Trying to free block not in datazone [ 947.450327][T29179] Trying to free block not in datazone [ 947.457988][T29179] Trying to free block not in datazone [ 947.464023][T29179] Trying to free block not in datazone [ 947.481874][T29179] Trying to free block not in datazone [ 947.491276][T29179] Trying to free block not in datazone [ 947.500868][T29179] Trying to free block not in datazone [ 947.518043][T29179] Trying to free block not in datazone [ 947.540846][T29179] Trying to free block not in datazone [ 947.566432][T29179] Trying to free block not in datazone [ 947.580872][T29179] Trying to free block not in datazone [ 947.590340][T29179] Trying to free block not in datazone [ 947.596625][T29179] Trying to free block not in datazone [ 947.612371][T29179] Trying to free block not in datazone [ 947.628860][T29179] Trying to free block not in datazone [ 947.634903][T29179] Trying to free block not in datazone [ 947.640454][T29179] Trying to free block not in datazone [ 947.652687][T29179] Trying to free block not in datazone [ 947.659439][T29179] Trying to free block not in datazone [ 947.670768][T29179] Trying to free block not in datazone [ 947.678704][T29179] Trying to free block not in datazone [ 947.691214][T29179] Trying to free block not in datazone [ 947.705185][T29179] Trying to free block not in datazone [ 947.743283][T29179] Trying to free block not in datazone [ 947.748826][T29179] Trying to free block not in datazone [ 947.758806][T29179] Trying to free block not in datazone [ 947.768320][T29179] Trying to free block not in datazone [ 947.775796][T29179] Trying to free block not in datazone [ 947.788010][T29179] Trying to free block not in datazone [ 947.813795][T29179] Trying to free block not in datazone [ 947.826349][T29179] Trying to free block not in datazone [ 947.844414][T29179] Trying to free block not in datazone [ 947.849919][T29179] Trying to free block not in datazone [ 947.871185][T29179] Trying to free block not in datazone [ 947.876688][T29179] Trying to free block not in datazone [ 947.892886][T29179] Trying to free block not in datazone [ 947.899214][T29179] Trying to free block not in datazone [ 947.920881][T29179] Trying to free block not in datazone [ 947.926387][T29179] Trying to free block not in datazone [ 947.980715][T29179] Trying to free block not in datazone [ 947.998302][T29179] Trying to free block not in datazone [ 948.013831][T29179] Trying to free block not in datazone [ 948.019748][T29179] Trying to free block not in datazone [ 948.056800][T29179] Trying to free block not in datazone [ 948.070741][T29179] Trying to free block not in datazone [ 948.076260][T29179] Trying to free block not in datazone [ 948.121988][T29179] Trying to free block not in datazone [ 948.127515][T29179] Trying to free block not in datazone [ 948.153414][T29179] Trying to free block not in datazone [ 948.159092][T29179] Trying to free block not in datazone [ 948.175958][T29179] Trying to free block not in datazone [ 948.181670][T29179] Trying to free block not in datazone [ 948.187155][T29179] Trying to free block not in datazone [ 948.199814][T29179] Trying to free block not in datazone [ 948.206209][T29179] Trying to free block not in datazone [ 948.219141][T29179] Trying to free block not in datazone [ 948.226547][T29179] Trying to free block not in datazone [ 948.251752][T29179] Trying to free block not in datazone [ 948.277050][T29179] Trying to free block not in datazone [ 948.286475][T29179] Trying to free block not in datazone [ 948.294741][T29179] Trying to free block not in datazone [ 948.300686][T29179] Trying to free block not in datazone [ 948.306945][T29179] Trying to free block not in datazone [ 948.324362][T29179] Trying to free block not in datazone [ 948.329944][T29179] Trying to free block not in datazone [ 948.360767][T29179] Trying to free block not in datazone [ 948.367441][T29179] Trying to free block not in datazone [ 948.381212][T28244] usb 5-1: new full-speed USB device number 30 using dummy_hcd [ 948.390089][T29179] Trying to free block not in datazone [ 948.400798][T29179] Trying to free block not in datazone [ 948.406296][T29179] Trying to free block not in datazone [ 948.420027][T29179] Trying to free block not in datazone [ 948.426303][T29179] Trying to free block not in datazone [ 948.441695][T29179] Trying to free block not in datazone [ 948.448496][T29179] Trying to free block not in datazone [ 948.462442][T29179] Trying to free block not in datazone [ 948.462846][T29213] netlink: 220 bytes leftover after parsing attributes in process `syz.2.10185'. [ 948.473018][T29179] Trying to free block not in datazone [ 948.488114][T29213] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10185'. [ 948.499236][T29179] Trying to free block not in datazone [ 948.509509][T29179] Trying to free block not in datazone [ 948.517817][T29179] Trying to free block not in datazone [ 948.518948][T29213] tc_dump_action: action bad kind [ 948.528256][T29179] Trying to free block not in datazone [ 948.539226][T29179] Trying to free block not in datazone [ 948.546077][T29179] Trying to free block not in datazone [ 948.560645][T29179] Trying to free block not in datazone [ 948.576442][T29179] Trying to free block not in datazone [ 948.581664][T29215] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10186'. [ 948.590244][T28244] usb 5-1: config 0 has an invalid interface number: 40 but max is 0 [ 948.599356][T29179] Trying to free block not in datazone [ 948.624515][T28244] usb 5-1: config 0 has no interface number 0 [ 948.630950][T29179] Trying to free block not in datazone [ 948.636448][T29179] Trying to free block not in datazone [ 948.650826][T28244] usb 5-1: New USB device found, idVendor=0403, idProduct=a951, bcdDevice=c0.f8 [ 948.660204][T29179] Trying to free block not in datazone [ 948.671858][T28244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 948.680208][T29179] Trying to free block not in datazone [ 948.691019][T29179] Trying to free block not in datazone [ 948.697511][T28244] usb 5-1: config 0 descriptor?? [ 948.703063][T29179] Trying to free block not in datazone [ 948.708567][T29179] Trying to free block not in datazone [ 948.736516][T28244] hub 5-1:0.40: bad descriptor, ignoring hub [ 948.748816][T28244] hub: probe of 5-1:0.40 failed with error -5 [ 948.757872][T29179] Trying to free block not in datazone [ 948.779424][T28244] ftdi_sio 5-1:0.40: FTDI USB Serial Device converter detected [ 948.790843][T29179] Trying to free block not in datazone [ 948.796382][T29179] Trying to free block not in datazone [ 948.810092][T28244] ftdi_sio ttyUSB0: unknown device type: 0xc0f8 [ 948.817847][T29179] Trying to free block not in datazone [ 948.834269][T29179] Trying to free block not in datazone [ 948.839774][T29179] Trying to free block not in datazone [ 948.853235][T29179] Trying to free block not in datazone [ 948.858819][T29179] Trying to free block not in datazone [ 948.869561][T29179] Trying to free block not in datazone [ 948.878603][T29179] Trying to free block not in datazone [ 948.890498][T29179] Trying to free block not in datazone [ 948.899659][T29179] Trying to free block not in datazone [ 948.908674][T29179] Trying to free block not in datazone [ 948.934017][T29179] Trying to free block not in datazone [ 948.959653][T29179] Trying to free block not in datazone [ 948.976775][T29179] Trying to free block not in datazone [ 948.983421][T29179] Trying to free block not in datazone [ 948.988994][T29179] Trying to free block not in datazone [ 949.006365][T29179] Trying to free block not in datazone [ 949.017482][T29221] loop5: detected capacity change from 0 to 16 [ 949.030747][T29179] Trying to free block not in datazone [ 949.041064][T29179] Trying to free block not in datazone [ 949.049036][T29221] erofs: (device loop5): mounted with root inode @ nid 36. [ 949.060774][T29179] Trying to free block not in datazone [ 949.066277][T29179] Trying to free block not in datazone [ 949.100640][T29179] Trying to free block not in datazone [ 949.106161][T29179] Trying to free block not in datazone [ 949.121889][T29221] erofs: (device loop5): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768 [ 949.124047][ T27] usb 5-1: USB disconnect, device number 30 [ 949.132926][T29179] Trying to free block not in datazone [ 949.151019][T29221] erofs: (device loop5): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 32768 [ 949.168249][T29179] Trying to free block not in datazone [ 949.180089][ T27] ftdi_sio 5-1:0.40: device disconnected [ 949.183714][T29179] Trying to free block not in datazone [ 949.194078][T29221] erofs: (device loop5): z_erofs_read_folio: read error -117 @ 32811 of nid 36 [ 949.204093][T29179] Trying to free block not in datazone [ 949.209585][T29179] Trying to free block not in datazone [ 949.215909][T29179] Trying to free block not in datazone [ 949.230721][T29179] Trying to free block not in datazone [ 949.246856][T29179] Trying to free block not in datazone [ 949.259441][T29179] Trying to free block not in datazone [ 949.273603][T29179] Trying to free block not in datazone [ 949.282544][T29179] Trying to free block not in datazone [ 949.288109][T29179] Trying to free block not in datazone [ 949.293829][T29179] Trying to free block not in datazone [ 949.299318][T29179] Trying to free block not in datazone [ 949.317242][T29179] Trying to free block not in datazone [ 949.331543][T29179] Trying to free block not in datazone [ 949.337056][T29179] Trying to free block not in datazone [ 949.342898][T29179] Trying to free block not in datazone [ 949.357483][T29179] Trying to free block not in datazone [ 949.371568][T29179] Trying to free block not in datazone [ 949.377076][T29179] Trying to free block not in datazone [ 949.410827][T29179] Trying to free block not in datazone [ 949.416356][T29179] Trying to free block not in datazone [ 949.435700][T29179] Trying to free block not in datazone [ 949.459626][T29179] Trying to free block not in datazone [ 949.480898][T29179] Trying to free block not in datazone [ 949.497779][T29179] Trying to free block not in datazone [ 949.504258][T29179] Trying to free block not in datazone [ 949.509900][T29179] Trying to free block not in datazone [ 949.518677][T29179] Trying to free block not in datazone [ 949.525694][T29179] Trying to free block not in datazone [ 949.531624][T29179] Trying to free block not in datazone [ 949.550677][T29179] Trying to free block not in datazone [ 949.556221][T29179] Trying to free block not in datazone [ 949.572311][T29179] Trying to free block not in datazone [ 949.577800][T29179] Trying to free block not in datazone [ 949.601172][T29179] Trying to free block not in datazone [ 949.606679][T29179] Trying to free block not in datazone [ 949.623232][T29179] Trying to free block not in datazone [ 949.628731][T29179] Trying to free block not in datazone [ 949.670730][T29179] Trying to free block not in datazone [ 949.676234][T29179] Trying to free block not in datazone [ 949.704101][T29179] Trying to free block not in datazone [ 949.727243][T29179] Trying to free block not in datazone [ 949.745927][T29179] Trying to free block not in datazone [ 949.752803][T29179] Trying to free block not in datazone [ 949.759517][T29179] Trying to free block not in datazone [ 949.778631][T29179] Trying to free block not in datazone [ 949.795289][T29179] Trying to free block not in datazone [ 949.850669][T29179] Trying to free block not in datazone [ 949.856202][T29179] Trying to free block not in datazone [ 949.871734][T29179] Trying to free block not in datazone [ 949.877242][T29179] Trying to free block not in datazone [ 949.916563][T29179] Trying to free block not in datazone [ 949.938362][T29179] Trying to free block not in datazone [ 949.950700][T29179] Trying to free block not in datazone [ 949.956203][T29179] Trying to free block not in datazone [ 949.980733][T29179] Trying to free block not in datazone [ 949.986281][T29179] Trying to free block not in datazone [ 950.012824][T29179] Trying to free block not in datazone [ 950.026034][T29179] Trying to free block not in datazone [ 950.048921][T29179] Trying to free block not in datazone [ 950.069529][T29179] Trying to free block not in datazone [ 950.091302][T29179] Trying to free block not in datazone [ 950.096827][T29179] Trying to free block not in datazone [ 950.112628][T29179] Trying to free block not in datazone [ 950.118133][T29179] Trying to free block not in datazone [ 950.160915][T29179] Trying to free block not in datazone [ 950.166431][T29179] Trying to free block not in datazone [ 950.220681][T29179] Trying to free block not in datazone [ 950.226198][T29179] Trying to free block not in datazone [ 950.278737][T29179] Trying to free block not in datazone [ 950.326431][T29179] Trying to free block not in datazone [ 950.333122][T29179] Trying to free block not in datazone [ 950.338621][T29179] Trying to free block not in datazone [ 950.351393][T29179] Trying to free block not in datazone [ 950.357247][T29179] Trying to free block not in datazone [ 950.370006][T29179] Trying to free block not in datazone [ 950.375920][T29256] netlink: 'syz.5.10206': attribute type 1 has an invalid length. [ 950.383829][T29179] Trying to free block not in datazone [ 950.389324][T29179] Trying to free block not in datazone [ 950.397161][T29256] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10206'. [ 950.418563][T29179] Trying to free block not in datazone [ 950.427769][T29179] Trying to free block not in datazone [ 950.440838][T29179] Trying to free block not in datazone [ 950.446325][T29179] Trying to free block not in datazone [ 950.470477][T29179] Trying to free block not in datazone [ 950.476335][T29179] Trying to free block not in datazone [ 950.482019][T29179] Trying to free block not in datazone [ 950.487497][T29179] Trying to free block not in datazone [ 950.501289][ T27] usb 3-1: new high-speed USB device number 90 using dummy_hcd [ 950.518842][T29179] Trying to free block not in datazone [ 950.529793][T29179] Trying to free block not in datazone [ 950.545307][T29179] Trying to free block not in datazone [ 950.554292][T29179] Trying to free block not in datazone [ 950.560332][T29179] Trying to free block not in datazone [ 950.575109][T29179] Trying to free block not in datazone [ 950.581808][T29179] Trying to free block not in datazone [ 950.587300][T29179] Trying to free block not in datazone [ 950.601586][T29179] Trying to free block not in datazone [ 950.607091][T29179] Trying to free block not in datazone [ 950.620837][T29179] Trying to free block not in datazone [ 950.626343][T29179] Trying to free block not in datazone [ 950.635069][T29179] Trying to free block not in datazone [ 950.640820][T29179] Trying to free block not in datazone [ 950.646322][T29179] Trying to free block not in datazone [ 950.651118][T29262] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10209'. [ 950.653566][T29179] Trying to free block not in datazone [ 950.667166][T29179] Trying to free block not in datazone [ 950.686793][T29179] Trying to free block not in datazone [ 950.700731][ T27] usb 3-1: Using ep0 maxpacket: 16 [ 950.710795][T29179] Trying to free block not in datazone [ 950.716296][T29179] Trying to free block not in datazone [ 950.724423][ T27] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 950.738751][ T27] usb 3-1: config 0 has no interface number 0 [ 950.746904][T29179] Trying to free block not in datazone [ 950.757892][T29179] Trying to free block not in datazone [ 950.765481][ T27] usb 3-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88 [ 950.785089][T29179] Trying to free block not in datazone [ 950.799437][ T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 950.807902][T29179] Trying to free block not in datazone [ 950.820950][T29179] Trying to free block not in datazone [ 950.826448][T29179] Trying to free block not in datazone [ 950.832343][ T27] usb 3-1: Product: syz [ 950.836559][ T27] usb 3-1: Manufacturer: syz [ 950.849316][ T27] usb 3-1: SerialNumber: syz [ 950.854340][T29179] Trying to free block not in datazone [ 950.862619][ T27] usb 3-1: config 0 descriptor?? [ 950.868255][T29179] Trying to free block not in datazone [ 950.877617][T29179] Trying to free block not in datazone [ 950.891830][T29179] Trying to free block not in datazone [ 951.093907][ T27] usb 3-1: selecting invalid altsetting 1 [ 951.100068][ T27] speedtch 3-1:0.1: speedtch_bind: setting interface to 1 failed (-22)! [ 951.150722][ T27] speedtch 3-1:0.1: usbatm_usb_probe: bind failed: -22! [ 951.157814][ T27] speedtch: probe of 3-1:0.1 failed with error -22 [ 951.178621][ T27] usb 3-1: USB disconnect, device number 90 [ 951.356971][T29282] loop4: detected capacity change from 0 to 512 [ 951.382101][T29282] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 951.392299][T29282] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 951.423553][T29282] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 951.479747][T29282] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 951.510988][T29282] System zones: 0-2, 18-18, 34-35 [ 951.547225][T29282] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 951.748756][T13909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 952.380109][T29315] loop2: detected capacity change from 0 to 1024 [ 952.571664][T16675] hfsplus: b-tree write err: -5, ino 4 [ 952.730304][T29329] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 952.737717][T29329] mac80211_hwsim hwsim4 wlan0: left allmulticast mode [ 952.890817][T29334] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6tnl0, syncid = 786440, id = 0 [ 953.127633][T29340] loop2: detected capacity change from 0 to 512 [ 953.201057][T29340] EXT4-fs error (device loop2): ext4_orphan_get:1424: comm syz.2.10245: bad orphan inode 15 [ 953.263265][T29340] ext4_test_bit(bit=14, block=5) = 0 [ 953.293264][T29340] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 953.433634][ T5780] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 953.520919][T28244] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 953.700769][T28244] usb 4-1: Using ep0 maxpacket: 8 [ 953.731779][T28244] usb 4-1: config 0 has an invalid interface number: 52 but max is 0 [ 953.740308][T28244] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 953.761703][T28244] usb 4-1: config 0 has no interface number 0 [ 953.767978][T28244] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 953.781640][T28244] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 953.796787][T28244] usb 4-1: config 0 interface 52 has no altsetting 0 [ 953.805568][T28244] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00 [ 953.826140][T28244] usb 4-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0 [ 953.840884][T28244] usb 4-1: Manufacturer: syz [ 953.861858][T28244] usb 4-1: config 0 descriptor?? [ 953.878331][T28244] hub 4-1:0.52: bad descriptor, ignoring hub [ 953.903067][T28244] hub: probe of 4-1:0.52 failed with error -5 [ 953.976669][T29360] binder: 29359:29360 unknown command 1074553619 [ 954.022674][T29360] binder: 29359:29360 ioctl c0306201 200000000640 returned -22 [ 954.105797][T28244] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input44 [ 954.216748][T29368] SET target dimension over the limit! [ 954.369939][T29372] loop4: detected capacity change from 0 to 64 [ 954.433415][T29375] binder: 29374:29375 ioctl c00c620f 0 returned -14 [ 954.611151][T28244] usb 4-1: USB disconnect, device number 89 [ 955.000815][ T5837] usb 3-1: new full-speed USB device number 91 using dummy_hcd [ 955.243831][ T5837] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43 [ 955.261941][ T5837] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 955.300063][ T5837] usb 3-1: config 0 descriptor?? [ 955.319472][T29410] netlink: 'syz.3.10278': attribute type 1 has an invalid length. [ 955.327577][ T5837] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 955.550889][T29417] loop3: detected capacity change from 0 to 2048 [ 955.579741][T29417] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 955.645248][T29420] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 955.733107][ T5837] gp8psk: usb in 137 operation failed. [ 955.738687][ T5837] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 955.767662][T29419] loop4: detected capacity change from 0 to 4096 [ 955.781702][ T5837] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 955.811792][T29419] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 955.841246][ T5837] usb 3-1: USB disconnect, device number 91 [ 955.893645][T29419] ntfs3: loop4: $AttrDef is corrupted. [ 956.147644][T29426] usb usb8: usbfs: interface 0 claimed by hub while 'syz.4.10286' sets config #0 [ 956.538663][T29443] Process accounting resumed [ 956.691561][ T5837] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 956.863913][T29461] loop4: detected capacity change from 0 to 16 [ 956.887494][ T5837] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 956.903452][T29461] erofs: (device loop4): mounted with root inode @ nid 36. [ 956.913514][ T5837] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 956.935380][ T5837] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 956.977318][ T5837] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 957.001549][T29461] erofs: (device loop4): z_erofs_readahead: readahead error at folio 2 @ nid 89 [ 957.006261][ T5837] usb 4-1: SerialNumber: syz [ 957.038544][T29461] erofs: (device loop4): z_erofs_readahead: readahead error at folio 1 @ nid 89 [ 957.049171][T29461] erofs: (device loop4): z_erofs_readahead: readahead error at folio 0 @ nid 89 [ 957.058598][T29461] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 0 of nid 89 [ 957.074334][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 957.074346][ T28] audit: type=1800 audit(2000000447.521:360): pid=29461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.10302" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 957.112073][T29466] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10304'. [ 957.250391][ T5837] usb 4-1: 0:2 : does not exist [ 957.273732][ T5837] usb 4-1: USB disconnect, device number 90 [ 957.360447][ T5762] udevd[5762]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 957.444428][T29472] comedi comedi0: no devices specified [ 957.854275][T29490] netlink: 'syz.5.10315': attribute type 33 has an invalid length. [ 958.218479][T29504] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10323'. [ 958.249378][T29504] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10323'. [ 958.276159][T29505] loop4: detected capacity change from 0 to 1024 [ 958.316363][T29508] netlink: 'syz.2.10324': attribute type 1 has an invalid length. [ 958.327682][T29505] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 958.407164][T29505] EXT4-fs error (device loop4): ext4_generic_delete_entry:2729: inode #2: block 16: comm syz.4.10322: bad entry in directory: inode out of bounds - offset=0, inode=1538, rec_len=12, size=1024 fake=1 [ 958.468671][T29505] EXT4-fs error (device loop4) in ext4_delete_entry:2800: Corrupt filesystem [ 958.511753][T29505] EXT4-fs warning (device loop4): ext4_rename_delete:3778: inode #2: comm syz.4.10322: Deleting old file: nlink 1, error=-117 [ 958.648533][T13909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 959.167371][T29538] loop4: detected capacity change from 0 to 4096 [ 959.235643][T29538] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 959.308472][T29538] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 959.358888][T29549] loop3: detected capacity change from 0 to 4096 [ 959.474572][T29549] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 2) do not match. Run ntfsfix or chkdsk. [ 959.477862][T13909] ntfs3: loop4: ino=1a, ntfs_sync_fs failed, -22. [ 959.507315][T29549] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 959.591348][T29549] ntfs: (device loop3): ntfs_is_extended_system_file(): Inode hard link count doesn't match number of name attributes. You should run chkdsk. [ 959.631309][T29549] ntfs: (device loop3): ntfs_read_locked_inode(): $DATA attribute is missing. [ 959.660494][T29549] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -2. Marking corrupt inode 0xa as bad. Run chkdsk. [ 959.718954][T29549] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 959.754724][T29549] ntfs: volume version 3.1. [ 959.772132][T29549] ntfs: (device loop3): ntfs_attr_find(): Inode is corrupt. Run chkdsk. [ 959.795146][T29549] ntfs: (device loop3): ntfs_read_locked_inode(): Failed to lookup attribute list attribute. [ 959.836095][T29549] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0x2 as bad. Run chkdsk. [ 960.159956][T29570] netlink: 'syz.4.10353': attribute type 13 has an invalid length. [ 960.524190][T29588] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10362'. [ 960.708070][T29595] x_tables: unsorted entry at hook 3 [ 960.721524][T28241] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 960.943103][T28241] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 960.971772][T28241] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 960.995069][T28241] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 961.036789][T28241] usb 6-1: config 1 has no interface number 0 [ 961.068217][T28241] usb 6-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30 [ 961.091248][T28241] usb 6-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32 [ 961.108448][T28241] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 961.130647][T28241] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 961.169646][T28241] usb 6-1: Product: syz [ 961.188185][T28241] usb 6-1: Manufacturer: syz [ 961.197516][T28241] usb 6-1: SerialNumber: syz [ 961.642504][T29624] loop2: detected capacity change from 0 to 4096 [ 961.689178][T29624] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 961.697081][T29624] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 961.733787][ T5837] usb 6-1: USB disconnect, device number 23 [ 962.301057][T29651] netlink: 'syz.3.10394': attribute type 5 has an invalid length. [ 962.335620][T29647] loop2: detected capacity change from 0 to 4096 [ 962.387319][T29647] __ntfs_error: 14 callbacks suppressed [ 962.387337][T29647] ntfs: (device loop2): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match. Run ntfsfix or chkdsk. [ 962.436651][T29647] ntfs: (device loop2): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 962.528753][T29647] ntfs: volume version 3.1. [ 962.565690][T29647] ntfs: (device loop2): ntfs_read_locked_attr_inode(): Failed with error code -2 while reading attribute inode (mft_no 0x1a, type 0x80, name_len 4). Marking corrupt inode and base inode 0x1a as bad. Run chkdsk. [ 962.609902][T29661] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10399'. [ 962.614094][T29647] ntfs: (device loop2): load_and_init_usnjrnl(): Failed to load $UsnJrnl/$DATA/$Max attribute. [ 962.644170][T29659] loop4: detected capacity change from 0 to 2048 [ 962.680906][T29647] ntfs: (device loop2): load_system_files(): Failed to load $UsnJrnl. Will not be able to remount read-write. Run chkdsk. [ 962.700722][T29659] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 962.778875][T29659] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 963.065533][T29670] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 963.147761][T29676] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10406'. [ 963.172904][T29678] loop4: detected capacity change from 0 to 128 [ 963.603213][T29694] netlink: 16 bytes leftover after parsing attributes in process `syz.5.10415'. [ 963.799733][T29702] Unsupported ieee802154 address type: 0 [ 963.926803][T29708] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 45177 - 0 [ 963.953404][T29708] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 45177 - 0 [ 963.973103][T29708] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 45177 - 0 [ 963.994934][T29708] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 45177 - 0 [ 964.027098][T29708] netdevsim netdevsim5 netdevsim0: set [1, 2] type 2 family 0 port 37448 - 0 [ 964.040684][T29708] netdevsim netdevsim5 netdevsim1: set [1, 2] type 2 family 0 port 37448 - 0 [ 964.059916][T29708] netdevsim netdevsim5 netdevsim2: set [1, 2] type 2 family 0 port 37448 - 0 [ 964.078954][T29708] netdevsim netdevsim5 netdevsim3: set [1, 2] type 2 family 0 port 37448 - 0 [ 964.088054][T29708] geneve4: entered promiscuous mode [ 964.100633][T29708] geneve4: entered allmulticast mode [ 964.470838][T29729] C: renamed from team_slave_0 [ 964.478584][T29729] netlink: 'syz.4.10432': attribute type 1 has an invalid length. [ 964.496951][T29729] netlink: 152 bytes leftover after parsing attributes in process `syz.4.10432'. [ 964.514318][T29729] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 964.913378][T29750] netlink: 'syz.2.10443': attribute type 6 has an invalid length. [ 965.611347][T29782] netlink: 32 bytes leftover after parsing attributes in process `syz.4.10459'. [ 965.747739][T29786] overlay: Bad value for 'metacopy' [ 965.770102][T29790] loop4: detected capacity change from 0 to 512 [ 965.829770][T29789] loop3: detected capacity change from 0 to 2048 [ 965.872164][T29790] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 965.942762][T29789] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 965.960790][T29790] ext4 filesystem being mounted at /1709/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 965.999155][ T28] audit: type=1326 audit(2000000456.421:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29798 comm="syz.5.10466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 966.040194][ T28] audit: type=1326 audit(2000000456.421:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29798 comm="syz.5.10466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 966.068473][ T28] audit: type=1326 audit(2000000456.421:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29798 comm="syz.5.10466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 966.072765][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 966.092569][ T28] audit: type=1326 audit(2000000456.431:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29798 comm="syz.5.10466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 966.133220][ T28] audit: type=1326 audit(2000000456.421:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29798 comm="syz.5.10466" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346c99bf79 code=0x7ffc0000 [ 966.212551][T29790] EXT4-fs error (device loop4): ext4_ext_remove_space:2929: inode #15: comm syz.4.10462: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0) [ 966.301309][T29803] mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains [ 966.312009][T29790] EXT4-fs (loop4): Remounting filesystem read-only [ 966.429286][T13909] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 966.494150][T29809] comedi comedi0: multiq3: I/O port conflict (0x3,16) [ 967.259781][T29842] netlink: 'syz.3.10486': attribute type 13 has an invalid length. [ 967.300769][T29842] netlink: 'syz.3.10486': attribute type 12 has an invalid length. [ 967.362965][T29846] loop4: detected capacity change from 0 to 1024 [ 967.725750][T29862] netlink: zone id is out of range [ 967.741355][T29862] netlink: zone id is out of range [ 967.746528][T29862] netlink: zone id is out of range [ 967.764416][T29862] netlink: zone id is out of range [ 967.769572][T29862] netlink: zone id is out of range [ 967.784445][T29862] netlink: get zone limit has 4 unknown bytes [ 968.007171][T29871] trusted_key: encrypted_key: master key parameter '' is invalid [ 968.630065][T29894] loop5: detected capacity change from 0 to 2048 [ 968.787330][T29903] loop3: detected capacity change from 0 to 16 [ 968.817264][T29903] erofs: (device loop3): mounted with root inode @ nid 36. [ 968.855537][T29903] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 968.902702][T29903] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -10 in[58, 4038] out[1851] [ 968.930608][T29903] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 968.959627][T29908] bond0: (slave bond0): Error: Device is in use and cannot be enslaved [ 969.038679][T29910] netlink: 'syz.4.10520': attribute type 1 has an invalid length. [ 969.073894][T29910] netlink: 220 bytes leftover after parsing attributes in process `syz.4.10520'. [ 970.121458][T29962] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0) [ 970.316753][T29970] netlink: 84 bytes leftover after parsing attributes in process `syz.3.10548'. [ 970.570726][ T5837] usb 5-1: new full-speed USB device number 31 using dummy_hcd [ 970.711223][T29960] loop2: detected capacity change from 0 to 32768 [ 970.762105][T29960] read_mapping_page failed! [ 970.768059][T29960] diRead: read_metapage failed [ 970.769154][ T5837] usb 5-1: config 0 has an invalid interface number: 29 but max is 0 [ 970.779627][T29960] jfs_lookup: iget failed on inum 32 [ 970.817303][ T5837] usb 5-1: config 0 has no interface number 0 [ 970.851235][ T5837] usb 5-1: config 0 interface 29 has no altsetting 0 [ 970.874915][ T5837] usb 5-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac [ 970.900148][ T5837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 970.930901][ T5837] usb 5-1: Product: syz [ 970.935133][ T5837] usb 5-1: Manufacturer: syz [ 970.940249][ T5837] usb 5-1: SerialNumber: syz [ 970.972498][ T5837] usb 5-1: config 0 descriptor?? [ 971.197917][ T5837] peak_usb 5-1:0.29: PEAK-System PCAN-USB X6 v184 fw v210.0.0 (2 channels) [ 971.413983][ T5837] peak_usb 5-1:0.29 can0: unable to request usb[type=2 value=5] err=-71 [ 971.445239][ T5837] peak_usb 5-1:0.29: unable to tell PCAN-USB X6 driver is loaded (err -71) [ 971.542408][ T5837] peak_usb: probe of 5-1:0.29 failed with error -71 [ 971.563911][ T5837] usb 5-1: USB disconnect, device number 31 [ 971.923402][T30000] loop5: detected capacity change from 0 to 32768 [ 972.179063][ T5762] udevd[5762]: incorrect btrfs checksum on /dev/loop5 [ 972.437870][T30034] program syz.4.10579 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 972.472543][T30034] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 972.606858][T30039] loop2: detected capacity change from 0 to 256 [ 972.783846][T30039] FAT-fs (loop2): Directory bread(block 64) failed [ 972.790476][T30039] FAT-fs (loop2): Directory bread(block 65) failed [ 972.814126][T30039] FAT-fs (loop2): Directory bread(block 66) failed [ 972.821271][T30046] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10586'. [ 972.843204][T30039] FAT-fs (loop2): Directory bread(block 67) failed [ 972.881491][T30039] FAT-fs (loop2): Directory bread(block 68) failed [ 972.888092][T30039] FAT-fs (loop2): Directory bread(block 69) failed [ 972.933188][T30039] FAT-fs (loop2): Directory bread(block 70) failed [ 972.939807][T30039] FAT-fs (loop2): Directory bread(block 71) failed [ 972.984320][T30039] FAT-fs (loop2): Directory bread(block 72) failed [ 973.005508][T30039] FAT-fs (loop2): Directory bread(block 73) failed [ 973.884615][T30090] loop3: detected capacity change from 0 to 64 [ 974.496962][T30116] loop5: detected capacity change from 0 to 64 [ 974.519115][T30116] hfs: unable to locate alternate MDB [ 974.568073][T30116] hfs: continuing without an alternate MDB [ 974.690402][T30120] loop2: detected capacity change from 0 to 8192 [ 974.748421][T14131] [ 974.750796][T14131] ====================================================== [ 974.757846][T14131] WARNING: possible circular locking dependency detected [ 974.764894][T14131] syzkaller #0 Not tainted [ 974.769339][T14131] ------------------------------------------------------ [ 974.776381][T14131] kworker/u4:2/14131 is trying to acquire lock: [ 974.782668][T14131] ffff88807967b4f8 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xff/0x1380 [ 974.793504][T14131] [ 974.793504][T14131] but task is already holding lock: [ 974.800879][T14131] ffff888040c880b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 974.810411][T14131] [ 974.810411][T14131] which lock already depends on the new lock. [ 974.810411][T14131] [ 974.820831][T14131] [ 974.820831][T14131] the existing dependency chain (in reverse order) is: [ 974.829867][T14131] [ 974.829867][T14131] -> #1 (&tree->tree_lock#2/1){+.+.}-{3:3}: [ 974.837999][T14131] __mutex_lock+0x136/0xcc0 [ 974.843061][T14131] hfs_find_init+0x17e/0x1f0 [ 974.848210][T14131] hfs_extend_file+0x361/0x1380 [ 974.853682][T14131] hfs_bmap_reserve+0x107/0x430 [ 974.859080][T14131] hfs_cat_create+0x1fe/0x6b0 [ 974.864297][T14131] hfs_mkdir+0x6c/0xe0 [ 974.868897][T14131] vfs_mkdir+0x296/0x440 [ 974.873674][T14131] do_mkdirat+0x1dc/0x450 [ 974.878550][T14131] __x64_sys_mkdirat+0x89/0xa0 [ 974.883874][T14131] do_syscall_64+0x55/0xa0 [ 974.888845][T14131] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 974.895281][T14131] [ 974.895281][T14131] -> #0 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 974.904506][T14131] __lock_acquire+0x2df1/0x7d40 [ 974.909898][T14131] lock_acquire+0x19e/0x420 [ 974.914933][T14131] __mutex_lock+0x136/0xcc0 [ 974.919981][T14131] hfs_extend_file+0xff/0x1380 [ 974.925333][T14131] hfs_bmap_reserve+0x107/0x430 [ 974.930731][T14131] __hfs_ext_write_extent+0x1fa/0x470 [ 974.936639][T14131] hfs_ext_write_extent+0x17f/0x210 [ 974.942374][T14131] hfs_write_inode+0xdc/0x880 [ 974.947588][T14131] __writeback_single_inode+0x705/0xec0 [ 974.953688][T14131] writeback_sb_inodes+0x7cd/0xf50 [ 974.959352][T14131] wb_writeback+0x46a/0xbf0 [ 974.964400][T14131] wb_workfn+0x400/0xe60 [ 974.969186][T14131] process_scheduled_works+0xa5d/0x15d0 [ 974.975270][T14131] worker_thread+0xa55/0xfc0 [ 974.980397][T14131] kthread+0x2fa/0x390 [ 974.985015][T14131] ret_from_fork+0x48/0x80 [ 974.989974][T14131] ret_from_fork_asm+0x11/0x20 [ 974.995288][T14131] [ 974.995288][T14131] other info that might help us debug this: [ 974.995288][T14131] [ 975.005789][T14131] Possible unsafe locking scenario: [ 975.005789][T14131] [ 975.013250][T14131] CPU0 CPU1 [ 975.018642][T14131] ---- ---- [ 975.024017][T14131] lock(&tree->tree_lock#2/1); [ 975.028904][T14131] lock(&HFS_I(tree->inode)->extents_lock); [ 975.037429][T14131] lock(&tree->tree_lock#2/1); [ 975.044837][T14131] lock(&HFS_I(tree->inode)->extents_lock); [ 975.050838][T14131] [ 975.050838][T14131] *** DEADLOCK *** [ 975.050838][T14131] [ 975.059021][T14131] 3 locks held by kworker/u4:2/14131: [ 975.064401][T14131] #0: ffff88801aa42138 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 975.075649][T14131] #1: ffffc90003a57d00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0 [ 975.088126][T14131] #2: ffff888040c880b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x17e/0x1f0 [ 975.098077][T14131] [ 975.098077][T14131] stack backtrace: [ 975.103976][T14131] CPU: 1 PID: 14131 Comm: kworker/u4:2 Not tainted syzkaller #0 [ 975.111627][T14131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 975.121721][T14131] Workqueue: writeback wb_workfn (flush-7:5) [ 975.127823][T14131] Call Trace: [ 975.131119][T14131] [ 975.134070][T14131] dump_stack_lvl+0x18c/0x250 [ 975.138786][T14131] ? load_image+0x400/0x400 [ 975.143307][T14131] ? show_regs_print_info+0x20/0x20 [ 975.148533][T14131] ? print_circular_bug+0x12b/0x1a0 [ 975.153853][T14131] check_noncircular+0x2fc/0x400 [ 975.158812][T14131] ? look_up_lock_class+0x75/0x140 [ 975.163959][T14131] ? print_deadlock_bug+0x5d0/0x5d0 [ 975.169190][T14131] ? lockdep_lock+0xf5/0x230 [ 975.173886][T14131] ? _find_first_zero_bit+0xd3/0x100 [ 975.179191][T14131] __lock_acquire+0x2df1/0x7d40 [ 975.184069][T14131] ? arch_stack_walk+0x16e/0x190 [ 975.189027][T14131] ? ret_from_fork_asm+0x11/0x20 [ 975.193981][T14131] ? verify_lock_unused+0x140/0x140 [ 975.199190][T14131] ? stack_trace_save+0xaa/0x100 [ 975.204140][T14131] ? stack_trace_snprint+0xf0/0xf0 [ 975.209295][T14131] ? check_noncircular+0x18a/0x400 [ 975.214440][T14131] ? print_deadlock_bug+0x5d0/0x5d0 [ 975.219702][T14131] lock_acquire+0x19e/0x420 [ 975.224314][T14131] ? hfs_extend_file+0xff/0x1380 [ 975.229262][T14131] ? __might_sleep+0xe0/0xe0 [ 975.233877][T14131] ? read_lock_is_recursive+0x20/0x20 [ 975.239272][T14131] __mutex_lock+0x136/0xcc0 [ 975.243796][T14131] ? hfs_extend_file+0xff/0x1380 [ 975.248758][T14131] ? verify_lock_unused+0x140/0x140 [ 975.253985][T14131] ? hfs_extend_file+0xff/0x1380 [ 975.258940][T14131] ? mutex_lock_nested+0x20/0x20 [ 975.263914][T14131] hfs_extend_file+0xff/0x1380 [ 975.268693][T14131] ? hfs_ext_write_extent+0x152/0x210 [ 975.274080][T14131] ? hfs_write_inode+0xdc/0x880 [ 975.278955][T14131] ? hfs_get_block+0xc50/0xc50 [ 975.283738][T14131] ? trace_raw_output_contention_end+0xd0/0xd0 [ 975.289906][T14131] ? rcu_is_watching+0x15/0xb0 [ 975.294694][T14131] ? trace_contention_end+0x39/0xe0 [ 975.299911][T14131] ? __asan_memset+0x22/0x40 [ 975.304517][T14131] ? hfs_brec_find+0x19b/0x500 [ 975.309299][T14131] ? hfs_find_init+0x17e/0x1f0 [ 975.314079][T14131] hfs_bmap_reserve+0x107/0x430 [ 975.318951][T14131] __hfs_ext_write_extent+0x1fa/0x470 [ 975.324334][T14131] hfs_ext_write_extent+0x17f/0x210 [ 975.329547][T14131] ? verify_lock_unused+0x140/0x140 [ 975.334773][T14131] ? hfs_ext_find_block+0x190/0x190 [ 975.339993][T14131] ? blk_start_plug+0x51/0x1a0 [ 975.344779][T14131] hfs_write_inode+0xdc/0x880 [ 975.349499][T14131] ? hfs_inode_write_fork+0x1a0/0x1a0 [ 975.354894][T14131] ? __writeback_single_inode+0x48d/0xec0 [ 975.360640][T14131] ? __lock_acquire+0x7d40/0x7d40 [ 975.365690][T14131] ? do_raw_spin_lock+0x11f/0x2c0 [ 975.370746][T14131] ? __rwlock_init+0x150/0x150 [ 975.375536][T14131] __writeback_single_inode+0x705/0xec0 [ 975.381154][T14131] writeback_sb_inodes+0x7cd/0xf50 [ 975.386303][T14131] ? queue_io+0x550/0x550 [ 975.390658][T14131] ? rcu_is_watching+0x15/0xb0 [ 975.395449][T14131] wb_writeback+0x46a/0xbf0 [ 975.399979][T14131] ? queue_io+0x351/0x550 [ 975.404337][T14131] ? percpu_ref_tryget+0x250/0x250 [ 975.409482][T14131] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 975.415503][T14131] ? _raw_spin_unlock_irq+0x23/0x50 [ 975.420736][T14131] wb_workfn+0x400/0xe60 [ 975.425179][T14131] ? inode_wait_for_writeback+0x230/0x230 [ 975.430937][T14131] ? lockdep_hardirqs_on_prepare+0x40d/0x770 [ 975.436937][T14131] ? read_lock_is_recursive+0x20/0x20 [ 975.442325][T14131] ? _raw_spin_unlock_irq+0x23/0x50 [ 975.447542][T14131] ? process_scheduled_works+0x96f/0x15d0 [ 975.453305][T14131] ? process_scheduled_works+0x96f/0x15d0 [ 975.459048][T14131] process_scheduled_works+0xa5d/0x15d0 [ 975.464631][T14131] ? assign_work+0x430/0x430 [ 975.469237][T14131] ? assign_work+0x3d0/0x430 [ 975.473848][T14131] worker_thread+0xa55/0xfc0 [ 975.478478][T14131] kthread+0x2fa/0x390 [ 975.482559][T14131] ? pr_cont_work+0x560/0x560 [ 975.487262][T14131] ? kthread_blkcg+0xd0/0xd0 [ 975.491875][T14131] ret_from_fork+0x48/0x80 [ 975.496389][T14131] ? kthread_blkcg+0xd0/0xd0 [ 975.501018][T14131] ret_from_fork_asm+0x11/0x20 [ 975.505815][T14131]