last executing test programs: 6.713100359s ago: executing program 0 (id=2173): r0 = socket$pppl2tp(0x18, 0x1, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) connect$pppl2tp(r0, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x8, 0x0, 0x3, 0x0, {0xa, 0x0, 0x6, @rand_addr=' \x01\x00', 0x200000}}}, 0x32) 4.897269675s ago: executing program 0 (id=2176): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086a04270000000000000109022400010000000009040000010300000009210000000122450009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f00000001c0)=ANY=[@ANYBLOB="00004500000045003b651763da2333ddbb3c8e9187148f258ce1c51708e13e0962e15c69cc465ec4"], 0x0, 0x0, 0x0, 0x0}, 0x0) 3.319015205s ago: executing program 4 (id=2190): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, 0x0, 0x0) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0xc044) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18) r3 = syz_open_procfs(0x0, &(0x7f0000000300)='net/route\x00') pread64(r3, &(0x7f00000000c0)=""/169, 0xa9, 0x4fd9) 2.475173442s ago: executing program 2 (id=2198): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) sched_setscheduler(0x0, 0x1, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f0000fcb000), 0x4) 2.418300813s ago: executing program 4 (id=2199): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='cdg', 0x3) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='htcp', 0x4) 2.418212003s ago: executing program 2 (id=2200): bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000005880)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="17"], 0x20) 2.418148263s ago: executing program 2 (id=2201): r0 = socket$can_raw(0x1d, 0x3, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000300)={'vxcan1\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000000)={0x1d, r1}, 0x10) bind$can_raw(r0, &(0x7f00000000c0), 0x10) 2.418097273s ago: executing program 4 (id=2202): syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000100)='./file0\x00', 0x80, &(0x7f00000000c0)=ANY=[], 0xff, 0x14e1, &(0x7f0000002a80)="$eJzs3Al0VkW2KODaVXUgxIi/EZlr1z7wiwGKiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBhpREREZJJJoN7C7r7cbvsu7uvXt3nvZX9r1UrtnLP3X5Wd5D/nrJX81HVYjcY1qzYgIvHPUH+dwJ8/JAshYoQQA4UQtwkhAiFE2fiy8deO51KQ/E+9CPsf0jD1Zq+A3Uzc/+yN+5+9cf+zN+5/9sb9z964/9kb9z974/4zlq2lFbidR/YdN3j+n/NG3z78/P//Zfz+n71x/7M37n/2xv3P3rj/2Rv3P3vj/mdv3P//j8kbn8L9Zyxb+7/gGTSPmzgYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLF/gwv+Oi2E+Ov8Zq+LMcYYY4wxxhhj/zo+581eAWOMMcYYY4wxxv7ngZBCCS0CkUPkFDEil4gVt4g4cavILW4TEXG7iBd3iDziTpFX5BP5RQFRUBQShYURKKwgEYoioqiIirtEMXG3SBDFRQlRUjhRSiSKe0Rpca8oI+4TZcX9opx4QJQXFURFUUk8KCqLh0QV8bCoKh4R1UR1UUPUFI+KWuIxUVs8LuqIJ0Rd8aSoJ54S9cXTooFoKBqJZ0Rj8axoIpqKZqK5aCFailb/VP5bood4W/QUvUSy6C36iHdEX9FP9BcDxEDxrhgk3hODxftiiBgqhokPxHDxoRghPhIjxSgxWnwsxoixYpwYLyaIiSJFfCImiU/FZPGZmCKmimliukgVM0Sa+FzMFLPEbPGFmCO+FHPFPDFfLBDpYqFYJBaLDPGVWCK+FpliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLHWKn2CV2iz1ir9gn9osD4huRJb7938w//3f53UCAAAkSNGjIATkgBmIgFmIhDuIgN+SGCEQgHuIhD+SBvJAX8kN+KAgFoTAUBgQEAoIiUASiEIViUAwSIAFKQAlw4CAREqE03AtloAyUhbJQDspBeagAFaASVILKUBmqQBWoClWhGlSDGlADHoVH4TGoDbWhDtSBulAX6kE9qA/1oQE0gEbQCBpDY2gCTaAZNIMW0AJaQStoDa2hDbSBdtAO2kN76AAdIAmSoCN0hE7QCTpDZ+gCXaArdIVu8Ca8CW/BW/A2vA29oJrsDX2gD/SFvtAfBsAAeBcGwXvwHrwPQ2AoDIMP4AP4EEbAORgJo2A0jIbKciyMg/FAciKkQApMgkkwGSbDFJgKU2E6pMIMSIM0mAmzYBZ8AXPgS/gS5sE8WADpkA6LYDFkQAYsgfOQCUthGSyHFbASVsBqWAOrYR2sh3WwETbCZtgMW2ErbIftsBN2wm7YDXthL+yH/TAEsiALDsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcAJOwik4DafgLJyFc3AeLsAFuASX4DJchqtw9doPv7xGSy1zyBwyRsbIWBkr42SczC1zy4iMyHgZL/PIPDKvzCvzy/yyoCwoC8vCEiVKkqEsIovIqIzKYrKYTJAJsoQsIZ10MlEmytKytCwjy8iy8n5ZTj4gy8sKsq2rJCvJyrKdqyIfllVlVVlNVpc1ZE1ZU9aStWRtWVvWkXVkXVlX1pNPyfqyN/SHhvJaZxrLodBEDoNmsrlsIVvKD+E52VqOgDayrWwnX5CjYCR0kK1dknxZdpTjoJN8VY6H12QXORG6yjdkN/mm7C7fkj1kG9dT9pJToLfsI6dDX9lP9pcD5EyoLq91rIZ8Xw6RQ+Uw+YFcAB/KEfIjOVKOkqPlx3KMHCvHyfFygpwoU+QncpL8VE6Wn8kpcqqcJqfLVDlDpsnP5Uw5S86WX8g58ks5V86T8+UCmS4XykVyscyQX8kl8muZKZfKZXK5XCFXylVytVwj18p1cr3cIDfKTXKz3CK3ym1yu9whd8pdcrfcI/fKfXK/PCC/kVnyW3lQ/kkekt/Jw/J7eUT+II/KH+Ux+ZM8Ln+WJ+Qv8qQ8JU/LM/Ks/FWek+flBXlRXpK/ycvyirwqvRQKlFRKaRWoHCqnilG5VKy6RcWpW1VudZuKqNtVvLpD5VF3qrwqn8qvCqiCqpAqrIxCZRWpUBVRRVVU3aWKqbtVgiquSqiSyqlSKlHdo0qre1UZdZ8qq+5X5dQDqryqoCqqSupBVVk9pKqoh1VV9YiqpqqrGqqmelTVUo+p2upxVUc9oeqqJ1U99ZSqr55WDVRD1Ug9oxqrZ1UT1VQ1U81VC9VStVLPqdbqedVGtVXt1AuqvXpRdVAvqST1suqoXlGd1Kuqs3pNdVGvq67qDdVNvam6qyvqqvKqp+qlklVv1Ue9o/qqfqq/GqAGqnfVIPWeGqzeV0PUUDVMfaCGqw/VCPWRGqlGqdHqYzVGjVXj1Hg1QU1UKeoTNUl9qiarz9QUNVVNU9NVqpqh+v+l0uz/Rv6n/yB/8O+vvlltUVvVNrVd7VA71S61W+1Re9Q+tU8dUAdUlspSB9VBdUgdUofVYXVEHVFH1VF1TB1Tx9VxdUKdUCfVKXVRnVFn1a/qnDqvzquL6pK6pC7/5WsgNGipldY60Dl0Th2jc+lYfYuO07fq3Po2HdG363h9h86j79R5dT6dXxfQBXUhXVgbjdpq0qEuoovqqL5LF9N36wRdXJfQJbXTpXSivuf/OP9G62ulW+nWurVuo9vodrqdbq/b6w66g07SSbqj7qg76U66s+6su+guuqvuqrvpbrq77q576B66p+6pk3Wy7qPf0X11P91fD9AD9bt6kB6kB+vBeogeoofpYXq4Hq5H6BF6pB6pR+vReoweo8fpcXqCnqBTdIqepCfpyXqynqKn6Gl6mk7VqTpNp+mZeqaerWfrOXqOnqvn6vl6vk7X6XqRXqQzdIZeopfoTL1UL9XL9XK9Uq/Uq/VqvVav1ev1er1Rb9SZeoveorfpbXqH3qF36V16j96j9+l9+oA+oLN0lj6oD+pD+pA+rA/rI/qIPqqP6mP6mD6uj+sT+oQ+qU/q0/q0PqvP6nP6nL6gL+hL+pK+rC/rq/rqtcu+QAYy0IEOcgQ5gpggJogNYoO4IC7IHeQOIkEkiA/igzzBnUHeIF+QPygQFAwKBYUDE2BgAwrCoEhQNIgGdwXFgruDhKB4UCIoGbigVJAY3BOUDu4NygT3BWWD+4NywQNB+aBCUDGoFDwYVA4eCqoEDwdVg0eCakH1oEZQM3g0qBU8FtQOHg/qBE8EdYMng3rBU0H94OmgQdAwaBQ8EzQOng2aBE2DZkHzoEXQMmj1L63v/bl8z7ueppdJNr1NH/OO6Wv6mf5mgBlo3jWDzHtmsHnfDDFDzTDzgRluPjQjzEdmpBllRpuPzRgz1owz480EM9GkmE/MJPOpmWw+M1PMVDPNTDepZoZJM5+bmWaWmW2+MHPMl2aumWfmmwUm3Sw0i8xik2G+MkvM1ybTLDXLzHKzwqw0q8xqs8asNevMerPBbDSbzGazxWw128x2s8PsNLvMbrPH7DX7zH5zwHxjssy35qD5kzlkvjOHzffmiPnBHDU/mmPmJ3Pc/GxOmF/MSXPKnDZnzFnzqzlnzpsL5qK5ZH4zl80Vc9X4axf3197eUaPGHJgDYzAGYzEW4zAOc2NujGAE4zEe82AezIt5MT/mx4JYEAtjYbyGkLAIFsEoRrEYFsMETMASWAIdOkzERCyNpbEMlsGyWBbLYTksj+WxIlbEB/FBfAgfwofxYXwEH8HqWB1rYk2shbWwNtbGOlgH62JdrIf1sD7WxwbYABthI2yMjbEJNsFm2AxbYAtsha2wNbbGNtgG22E7bI/tsQN2wCRMwo7YETthJ+yMnbELdsGu2BW7YTfsjt2xB/bAntgTkzEZ+2Af7It9sT/2x4E4EAfhIByMg3EIDsFhOAyH43AcgSNwJI7C0fgxjsGxOA7H4wSciCmYgpNwEk7GyTgFp+A0nIapmIppmIYzcSbOxtk4B+fgXJyL83E+pmM6LsJFmIEZuASXYCZm4jJchitwBa7CVbgG1+A6XIcbcANuwk24BbfgNtyGO3AH7sJduAf34D7chwfwAGZhFh7Eg3gID+FhPIxH8AgexaN4DI/hcTyOJ/AEnsSTeBpP41k8i+fwHF7AC3gJf8PLeAWvoscYm8vG2ltsnL3V5ra32b+P89sCtqAtZAtbY/PafH8To7U2wRa3JWxJ62wpm2jv+UNc3lawFW0l+6CtbB+yVf4Q17KP2dr2cVvHPmFr2kf/Jq5rn7T17LO2vm1qG9jmtpFtaRvbZ20T29Q2s81tC9vStrcv2g72JZtkX7Yd7St/iBfZxXaNXWvX2fV2n91vL9iL9pj9yV6yv9metpcdaN+1g+x7drB93w6xQ/8Qj7Yf2zF2rB1nx9sJduIf4ml2uk21M2ya/dzOtLP+EKfbhXaOzbBz7Tw73y74Pb62pgz7lV1iv7aZdqldZpfbFXalXWVX/8dal9uNdpPdbPfYvXab3W532J12l939e3xtHwfsNzbLfmuP2h/tIfudPWyP2yP2h9/ja/s7bn+2J+wv9qQ9ZU/bM/as/dWes+d/3/+1vZ+xV+xV660gIEmKNAWUg3JSDOWiWLqF4uhWyk23UYRup3i6g/LQnZSX8lF+KkAFqRAVJkNIlohCKkJFKUp3UTG6mxKoOJWgkuSoFCXSPVSa7qUydB+VpfupHD1A5akCVaRK9CBVpoeoCj1MVekRqkbVqQbVpEepFj1GtelxqkNPUF16kurRU1SfnqYG1JAa0TPUmJ6lJtSUmlFzakEtqRU9R63peWpDbakdvUDt6UXqQC9REr1MHekV6kSvUmd6jbrQ69SV3qBu9CZ1p7eoB71NPakXJVNv6kPvUF/qR/1pAA2kd2kQvUeD6X0aQkNpGH1Aw+lDGkEf0UgaRaPpYxpDY2kcjacJNJFS6BOaRJ/SZPqMptBUmkbTKZVmUBp9TjNpFs2mL2gOfUlzaR7NpwWUTgtpES2mDPqKltDXlElLaRktpxW0klbRalpDa2kdracNtJE20WbaQltpG22nHbSTdtFu2kN7aR/tpwP0DWXRt3SQ/kSH6Ds6TN/TEfqBjtKPdIx+ouP0M52gX+gknaLTdIbO0q90js7TBbpIl+g3ukxX6Cp5EiGEMlShDoMwR5gzjAlzhbHhLWFceGuYO7wtjIS3h/HhHWGe8M4wb5gvzB8WCAuGhcLCoQkxtCGFYVgkLBpGw7vCYuHdYUJYPCwRlgxdWCpMDO8JS4f3hmXC+8Ky4f1hufCBsHxYIawYVgofDCuHD4VVwofDquEjYbWwelgjrBk+GtYKHwtrh4+HdcInwjLhk2G98Kmwfvh02CBsGDYKnwkbh8+GTcKmYbOwedgibBm2Cp8LW4fPh23CtmG78IWwffhi2CF8KUwKXw47hq/c8Hhy2DvsE74TvhN6/7iaH10QTY8ujC6KLo5mRL+KLol+Hc2MLo0uiy6ProiujK6Kro6uia6Nrouuj26Iboxuim6Oel8zp3DgpFNOu8DlcDldjMvlYt0tLs7d6nK721zE3e7i3R0uj7vT5XX5XH5XwBV0hVxhZxw668iFrogr6qLuLlfM3e0SXHFXwpV0zpVyia6la+VaudbuedfGtXXt3AvuBfeie9G95F5yL7uO7hXXyb3qOrvXXBf3unvdveG6uTddd/eW6+Hedj1dL5fskl0f18f1dX1df9ffDXQD3SA3yA12g90QN8QNc8PccDfcjXAj3Eg30o12o90YN8aNc+PcBDfBpbgUN8lNcpPdZDfFTXHT3DSX6lJdmktzM91MN9vNdnPcHDfXzXXz3XyX7tLdIrfIZbgMt8QtcZku0y1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73B63x+1z+9wBd8BluSx30B10h9whd9h97464H9xR96M75n5yx93P7oT7xZ10p9xpd8addb+6c+68u+AuukvuN3fZXXFXnXcpkU8ikyKfRiZHPotMiUyNTItMj6RGZkTSIp9HZkZmRWZHvojMiXwZmRuZF5kfWRBJjyyMLIosjmREvoosiXwdyYwsjSyLLI+siKyMeF9oW+iL+KI+6u/yxfzdPsEX9yV8Se98KZ/o7/Gl/b2+jL/Pl/X3+3L+AV/eV/AVfVPfzDf3LXxL38o/51v7530b39a38y/49v5F38G/5JP8y76jf8V38q/6zv4138W/7rv6N3w3/6bv7t/yPfzbvqfv5ZN9b9/Hv+P7+n6+vx/gB/p3/SD/nh/s3/dD/FA/zH/gh/sP/Qj/kR/pR/nR/mM/xo/14/x4P8FP9Cn+Ez/Jf+on+8/8FD/VT/PTfaqf4dP8536mn+Vn+y/8HP+ln+vn+fl+gU/3C/0iv9hn+K/8Ev+1z/RL/TK/3K/wK/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9Lr/b7/F7/T6/3x/w3/gs/60/6P/kD/nv/GH/vT/if/BH/Y/+mP/JH/c/+xP+F3/Sn/Kn/Rl/1v/qz/nz/oK/6C/53/xlf8Vf5b9ZY4wxxhj7b1E3ON77H3xO/mVc00cIcev2Akf+vuaGvH+e95P7OkaEEC/36trwr6Nhw+Tk5L+cm6lEUHSeECJyPT+HuB4vFe3EiyJJtBWl/+H6+smKQDeoH71fiNj/lBMj/hzH/E39e/+L+k0X3rD+PCESil7PySWux9frl/kv6u9uf4P6ub5LEaLNf8qJE9fj6/UTxfPiFZH0N2cyxhhjjDHGGGN/1k9e6naj+9tr9+cF9fWcnOJ6fKP7c8YYY4wxxhhjjN18r73Z/aXnkpLaduYJT3jCk/+Y3OzfTIwxxhhjjLF/tesX/Td7JYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPb17/h3Yjd7j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtjN9r8CAAD//3myaBA=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189) write$binfmt_format(r0, &(0x7f0000000000)='1\x00', 0x2400) 2.415451083s ago: executing program 2 (id=2203): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x41, &(0x7f00000003c0)={[{@nogrpid}, {@lazytime}, {@bh}, {@errors_continue}, {@noblock_validity}, {}, {@mblk_io_submit}, {@nodioread_nolock}, {@resgid}], [], 0x3d}, 0x1, 0x522, &(0x7f00000010c0)="$eJzs3UFsI1cZAOB/HHu72U2bFDhAJUqhRdkVrJ00tI16KEVCcKoElPsSEieK4sRR7LSbqIKsOHBEQgiQOJULFyROnJBQJS4cEVIlOIMAgRBs4YAEdCrb43Q3GSfZjWNn4++TJvPmeeb97zma8byZp5kARtZTEfFyRLybpun1iJjM8gvZFHudqbXeO3feWGxNSaTpq/9IIsnyumWlbY/E1WyzyxHxlS9GfD05HLexs7u2UKtVt7LlSnN9s9LY2b2xur6wUl2pbszNzT4//8L8c/MzfWnnRES89Pm/fP87P/nCS7/89Ot/vPm3a99Isvw40I77VDzqw07TS+3v4u4Nth4w2HlUbLcwM563xtihnNtnXCcAAHr7QER8IiKux2SMHX06CwAAADyE0s9OxP+S7r27Qy71yAcAAAAeIoX2GNikUM7G+05EoVAuR3sM74fiSqFWbzQ/tVzf3ljqjJWdilJhebVWncnGCk9FKWktz7bT7y8/e2B5LiIej4jvTY63l8uL9drSsC9+AAAAwIi4eqD//+/JTv8fAAAAuGCmhl0BAAAA4Mzp/wMAAMDFp/8PAAAAF9qXXnmlNaXd918vvbazvVZ/7cZStbFWXt9eLC/WtzbLK/X6SvuZfevHlVer1zc/ExvbtyrNaqNZaezs3lyvb280b67e8wpsAAAAYIAe/9hbv08iYu/F8fbUculkm55wNeC8Ku6nkmyes1v/4bHO/M8DqhQwEGPDrgAwNMVhVwAYmtKwKwAMXXLM5z0H7/wmm3+8v/UBAAD6b/oj+ff/j78uuFcYQPWAM+T+H4wu+z+MrvZ5/klH8jrjhwul5AwARt6p7/8fK03vq0IAAEDfTbSnpFDOLu9NRKFQLkc82n4tQClZXq1VZyLisYj43WTpkdbybHvL5Ng+AwAAAAAAAAAAAAAAAAAAAAAAAADQkaZJpAAAAMCFFlH4a/KrzrP8pyefmTh4feBS8p/JyF4R+vqPXv3BrYVmc2u2lf/P/fzmD7P8Z4dxBQMAAABGQvF+Vu7207v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADop3fuvLHYnQYZ9++fi4ipvPjFuNyeX45SRFz5VxLFu7ZLImKsD/HHW38+nBc/aVVrP2Re/PE3Tx9/7/aR8WMq+xby4l89fXgYaW+1jj8v5+1/hXiqPc/f/4oR9yw/qN7Hv9g//o312P8fPWGMJ97+WaVn/NsRTxTzjz/d+EmP+E/nFfjzbx/K+tpXd3d7xU/fjJjO/f1J7olVaa5vVho7uzdW1xdWqivVjbm52efnX5h/bn6msrxaq2Z/c2N896O/ePeo9l/pEX/qmPY/k1PepZy8/799684HO8lSXvxrT+fE//WPszUOxy9kv32fzNKtz6e76b1O+m5P/vS3Tx7V/qUe7T/u/3+tV6EHXP/yt/50wlUBgAFo7OyuLdRq1a3zkXgx+l5yq4c/9HY9fIn/pueiGmeb+GZfC0zTNG3tU6coJ4nBfQnJ0VUd9pEJAADot/dP+oddEwAAAAAAAAAAAAAAAAAAABhdg3jS2MGYe/uppB+P0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Iv3AgAA//8ZWuAG") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) mount(0x0, &(0x7f00000002c0)='.\x00', 0x0, 0xc22, 0x0) 2.335968105s ago: executing program 4 (id=2204): r0 = fsopen(&(0x7f0000000300)='tracefs\x00', 0x0) close(0xffffffffffffffff) r1 = gettid() timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=0x0) timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0) preadv2(r3, &(0x7f0000000480)=[{&(0x7f0000000840)=""/189, 0xbd}], 0x1, 0xfffffffe, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000001a40)=""/102392, 0x18ff8) write$cgroup_devices(0xffffffffffffffff, 0x0, 0xa) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f0000000580)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xeaEb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k\x00', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) 2.335794385s ago: executing program 1 (id=2205): bpf$MAP_CREATE(0x0, 0x0, 0x48) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = gettid() sendmsg$unix(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000007c0)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r0, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) recvmsg(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x160) 2.335642295s ago: executing program 1 (id=2206): timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x1d, 0x1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4040080) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000100)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r3, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) 2.252529876s ago: executing program 0 (id=2207): r0 = socket$packet(0x11, 0x3, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) listen(r5, 0xfffffffe) socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$tty1(0xc, 0x4, 0x3) setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffff7}, [@printk={@lx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x10}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r7, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) setsockopt$inet_msfilter(r7, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57) r8 = socket$netlink(0x10, 0x3, 0x0) writev(r8, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1) writev(r8, &(0x7f00000001c0)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1) setsockopt$inet_mreqsrc(r7, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x410, 0x0, 0x0, 0xffffff6a, 0x0, 0x0, 0x340, 0x258, 0x258, 0x340, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @local, [], [], 'wg2\x00', 'macvlan1\x00', {}, {}, 0x11}, 0x0, 0x118, 0x180, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x9}}, @common=@unspec=@connlimit={{0x40}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x180, 0x1c0, 0x0, {}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @mcast2, @empty, @private2}}, @common=@dst={{0x48}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x470) 2.131864688s ago: executing program 1 (id=2208): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x2000000, &(0x7f00000000c0)=ANY=[], 0x4, 0x2d7, &(0x7f0000000a40)="$eJzs3EtrE18Yx/Gn+feSprTJ4o+iIH3QjW6GNroWg7QgBiy1ES8gTNuJhoxJyYRKRKhduRVfhIvSZXcF7Rvoxp1u3LjrRnBhF+LIzGR6SVMamzTp5fuBMqc959c5J5mW54RMNh6+e5HPOkbWLEskqtIlIrIpkpCIhLqqx4jf7pWd3si1gZ9fLt1/9PhuKp0em1QdT01dT6rq0PDHl6/7q8NW+2Q98XTjR/L7+rn1Cxt/pp7nHM05WiiW1dTp4reyOW1bOptz8obqhG2ZjqW5gmOVgv5i0J+1i3NzFTULs4OxuZLlOGoWKpq3KlouarlUUfOZmSuoYRg6GBMcJLM0OWmmDhmeEfmvxfPBUSiVUqb3TPXv6cksdWRCAACgo2rr/4hX0reu/l++vFYeeLAyVK3/V3vr1f83vga/a1f9HxWR2vrfdV3XG3hg/e8NaqT+31sRnS1N1f84Ibz6P1b9+/UtPlke8RvU/wAAAAAAAAAAAAAAAAAAAAAAnASbrht3XTceHsOvPhGJikj4ff30aLunixZr7vnHSbd94173kIj9dj4znwmO1QFrImKLJSMSl9/+9VDltcN7AdWTkE/2QjW/MJ8JPhsilZWcnx+VuCRq8647fic9NqqB3fke/w6+rXxS4vJ//Xyybr5Xrl7ZkTckLp9npCi2zPrX9Xbem+nte+mafL8/DgAAAACA08DQLXX374axX3+Q39pf1319INhfj9Tdn3fLxe7Orh0AAAAAgLPCqbzKm7ZtlU5dI1xho6nwvQxNnDR26Hh48kYGL8oxeHgjDU21tjEsIrY2e/bwZaP9xshEi1Ya+ddL4vz7D79a9zjfXIkesNIja/S07z8QAAAAgHbZLvrDn9zq7IQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADiD2vFxYp1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBc/A0AAP//HaoM1g==") mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) read$FUSE(r1, &(0x7f00000024c0)={0x2020}, 0xfffffec1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) fdatasync(r0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ftruncate(r0, 0x0) 2.131661059s ago: executing program 2 (id=2209): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x0) r1 = eventfd2(0x0, 0x1) io_setup(0x6, &(0x7f0000000200)=0x0) io_submit(r2, 0x2, &(0x7f00000000c0)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0xfffd, r0, 0x0, 0x0, 0x0, 0x0, 0x3, r1}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) shutdown(r0, 0x0) 2.131501679s ago: executing program 4 (id=2210): openat$snapshot(0xffffffffffffff9c, 0x0, 0x40800, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TCFLSH(r0, 0x400455c8, 0x0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x3) 1.975989191s ago: executing program 2 (id=2212): r0 = syz_usb_connect$cdc_ncm(0x0, 0x8f, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109027d0002010080000904000001020d0000052406000105240000000d240f0103050000fd0000000406241aff072908241c0101090000142413099f33760bf14377323063f9c8a04d113905241510000905810300020800040904010000020d00000904010102020d0000090582020002e1ad00090503020002"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x8000000004) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000000)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x20, 0x80, 0x1c, {0x3, 0x2070, 0x1000, 0x9, 0x4, 0x6a, 0xfffd, 0x8, 0x400, 0xfffc, 0x3, 0xfb}}, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000900)={0x14, 0x0, &(0x7f00000008c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) 1.922456883s ago: executing program 1 (id=2213): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)) bind$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000100)=0x1d59, 0x4) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x2, 0x0, @multicast2}, 0x10) close_range(r3, 0xffffffffffffffff, 0x0) openat$ppp(0xffffffffffffff9c, 0x0, 0x10800, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x10000, 0x0, 0x0, 0x0, 0x2, 0x1}}) r6 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2}}) 1.338078724s ago: executing program 0 (id=2216): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000400)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x40, 0x0, 0xd0060) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x15) recvmmsg(r4, &(0x7f0000007e00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) writev(r4, &(0x7f0000000140)=[{&(0x7f0000000000)="3900000013000b4700bb65e1c3e4ffff0100000035000000560000022500000019000a00100000ad07fd17e5ffff080c38000000000000000a", 0x39}], 0xc) 1.01317809s ago: executing program 1 (id=2217): openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x4008, 0x40000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x40, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x40}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x1, 0x803, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x4c}}, 0x0) 977.886331ms ago: executing program 3 (id=2219): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x4, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) 921.344972ms ago: executing program 3 (id=2220): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x58}}, 0x0) 921.251832ms ago: executing program 3 (id=2221): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='scalable', 0x8) sendto$inet(r0, &(0x7f0000000580)="17", 0x501, 0x10008095, 0x0, 0x0) 921.145872ms ago: executing program 3 (id=2222): r0 = epoll_create1(0x0) r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x11f) close(r1) syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) 861.311463ms ago: executing program 3 (id=2223): mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socket$nl_xfrm(0x10, 0x3, 0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2182, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10) sendfile(r2, r3, 0x0, 0x20000023896) 486.88446ms ago: executing program 0 (id=2224): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x800001c, @multicast1}, {0x0, 0x17c1, 0x8}}}}}, 0x0) close(r1) socket(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x280) 405.204652ms ago: executing program 1 (id=2225): syz_usb_connect(0x0, 0x2d2, &(0x7f0000000340)=ANY=[@ANYBLOB="120100008b216740420709204661010203010902c002010000000009047500efd08de70009050201"], 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) 404.910842ms ago: executing program 0 (id=2226): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket(0x28, 0x5, 0x0) r2 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r2, 0x0) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, 0x0) sendto$packet(r2, &(0x7f0000000100)="a0199e519f0ad5c55682f85de696d5a1077f1eb3e36cf8e28c9a92a0721bf390fa78e81d1d30739ec81bc08211b1db0c79b06f42f16a6e726e3e87a6", 0x3c, 0xc1, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x31, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x10}}}}}}, 0x0) r3 = accept4$unix(r2, 0x0, 0x0, 0x0) recvfrom$unix(r3, &(0x7f0000001040)=""/259, 0x103, 0x0, 0x0, 0x0) 9.0603ms ago: executing program 3 (id=2227): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, &(0x7f0000000200)}) open(&(0x7f00000000c0)='./bus\x00', 0x147c7c, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x9, 0x7, 0x8, 0x40, 0x0, 0x1}, 0x50) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) accept4(0xffffffffffffffff, &(0x7f0000000040)=@alg, &(0x7f00000000c0)=0x80, 0x80800) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010003b15fd07", @ANYRES32=0x0, @ANYBLOB="0000000000b401002400128009000100626f6e640000000014000280050011790000000005000d"], 0x44}}, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 4 (id=2228): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) ioctl$USBDEVFS_RESETEP(r0, 0x80045503, &(0x7f0000000080)={0x1, 0x1}) kernel console output (not intermixed with test programs): 563.045445][ T6325] EXT4-fs (loop4): orphan cleanup on readonly fs [ 563.105657][ T6325] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1496: bg 0: block 248: padding at end of block bitmap is not set [ 563.147957][ T6325] Quota error (device loop4): write_blk: dquota write failed [ 563.156220][ T6325] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 563.166264][ T6325] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.1496: Failed to acquire dquot type 1 [ 563.521985][ T6325] EXT4-fs (loop4): 1 truncate cleaned up [ 563.532167][ T6325] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 563.611061][ T6324] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 563.621587][ T6324] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 563.631007][ T6324] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.1495: Failed to acquire dquot type 1 [ 563.646867][ T6325] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1496'. [ 563.674260][ T6324] EXT4-fs (loop3): 1 truncate cleaned up [ 563.681185][ T6324] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 563.773986][ T283] EXT4-fs (loop3): unmounting filesystem. [ 564.407137][ T286] EXT4-fs (loop4): unmounting filesystem. [ 567.453176][ T6356] syz.4.1503[6356] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 567.454707][ T6356] syz.4.1503[6356] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 567.637618][ T6355] loop3: detected capacity change from 0 to 512 [ 570.060217][ T6355] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 570.068457][ T6355] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 570.079313][ T6355] EXT4-fs (loop3): 1 truncate cleaned up [ 570.085048][ T6355] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 570.403408][ T6364] loop1: detected capacity change from 0 to 512 [ 570.428907][ T6364] EXT4-fs (loop1): #blocks per group too big: 466944 [ 571.037249][ T6372] loop0: detected capacity change from 0 to 256 [ 571.050247][ T283] EXT4-fs (loop3): unmounting filesystem. [ 573.478527][ T6394] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1511'. [ 573.503366][ T3626] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 574.401070][ T6406] loop0: detected capacity change from 0 to 512 [ 574.606675][ T6406] EXT4-fs (loop0): orphan cleanup on readonly fs [ 574.615035][ T6406] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 574.625530][ T6406] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 574.634955][ T6406] EXT4-fs error (device loop0): ext4_acquire_dquot:6803: comm syz.0.1516: Failed to acquire dquot type 1 [ 574.649136][ T6406] EXT4-fs (loop0): 1 truncate cleaned up [ 575.259259][ T6415] netlink: 'syz.1.1520': attribute type 4 has an invalid length. [ 575.264245][ T3626] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 575.267088][ T6415] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1520'. [ 575.519830][ T6406] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 575.554563][ T3626] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 575.569681][ T3626] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 575.582667][ T3626] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 575.761371][ T3626] usb 5-1: string descriptor 0 read error: -71 [ 575.775945][ T3626] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 575.792400][ T285] EXT4-fs (loop0): unmounting filesystem. [ 575.923299][ T3626] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 575.941533][ T3626] usb 5-1: config 0 descriptor?? [ 575.946999][ T3626] usb 5-1: can't set config #0, error -71 [ 575.957577][ T3626] usb 5-1: USB disconnect, device number 20 [ 575.991194][ T6408] loop3: detected capacity change from 0 to 40427 [ 576.017998][ T6408] F2FS-fs (loop3): fault_injection options not supported [ 576.025345][ T6408] F2FS-fs (loop3): fault_type options not supported [ 576.037782][ T6408] F2FS-fs (loop3): invalid crc value [ 576.065016][ T6408] F2FS-fs (loop3): Found nat_bits in checkpoint [ 576.149224][ T6408] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 576.333506][ T6421] loop0: detected capacity change from 0 to 40427 [ 576.347128][ T6421] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 576.356449][ T6421] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 576.387671][ T6421] F2FS-fs (loop0): invalid crc value [ 576.521640][ T6421] F2FS-fs (loop0): Found nat_bits in checkpoint [ 576.790055][ T6435] loop4: detected capacity change from 0 to 256 [ 576.842054][ T6435] exfat: Deprecated parameter 'namecase' [ 576.869723][ T6435] exfat: Deprecated parameter 'utf8' [ 576.893318][ T6435] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 576.946190][ T6421] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 576.966210][ T6421] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 577.496548][ T6446] overlayfs: failed to resolve './file0': -2 [ 577.533085][ T6448] loop2: detected capacity change from 0 to 256 [ 578.284226][ T6454] loop1: detected capacity change from 0 to 512 [ 578.322939][ T6457] loop0: detected capacity change from 0 to 4096 [ 578.333943][ T6454] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 578.342013][ T6454] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 578.350525][ T6457] EXT4-fs (loop0): Test dummy encryption mode enabled [ 578.357456][ T6457] EXT4-fs (loop0): unsupported descriptor size 255 [ 578.364752][ T6454] EXT4-fs (loop1): 1 truncate cleaned up [ 578.370489][ T6454] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 578.492192][ T6462] loop4: detected capacity change from 0 to 512 [ 578.594682][ T6462] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 578.602845][ T6462] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 578.614025][ T6462] EXT4-fs (loop4): 1 truncate cleaned up [ 578.619734][ T6462] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 579.062823][ T284] EXT4-fs (loop1): unmounting filesystem. [ 579.652341][ T286] EXT4-fs (loop4): unmounting filesystem. [ 579.782365][ T6474] loop3: detected capacity change from 0 to 512 [ 579.894953][ T6475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1532'. [ 579.903930][ T6475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1532'. [ 580.433374][ T6474] EXT4-fs (loop3): orphan cleanup on readonly fs [ 580.441322][ T6474] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 580.451838][ T6474] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 580.461300][ T6474] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.1533: Failed to acquire dquot type 1 [ 580.474959][ T6474] EXT4-fs (loop3): 1 truncate cleaned up [ 580.481695][ T6474] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 581.250697][ T283] EXT4-fs (loop3): unmounting filesystem. [ 581.376689][ T6481] loop4: detected capacity change from 0 to 4096 [ 581.473331][ T6481] EXT4-fs (loop4): Test dummy encryption mode enabled [ 581.475132][ T6485] loop3: detected capacity change from 0 to 512 [ 581.480149][ T6481] EXT4-fs (loop4): unsupported descriptor size 255 [ 581.527571][ T6485] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.1536: corrupted inode contents [ 581.548818][ T6485] EXT4-fs (loop3): Remounting filesystem read-only [ 581.562763][ T6485] EXT4-fs error (device loop3): ext4_dirty_inode:6121: inode #16: comm syz.3.1536: mark_inode_dirty error [ 581.583343][ T6485] EXT4-fs (loop3): Remounting filesystem read-only [ 581.589961][ T6485] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.1536: corrupted inode contents [ 581.622338][ T6485] EXT4-fs (loop3): Remounting filesystem read-only [ 581.629212][ T6485] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.1536: mark_inode_dirty error [ 581.650863][ T6485] EXT4-fs (loop3): Remounting filesystem read-only [ 581.661933][ T6485] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.1536: corrupted inode contents [ 581.674620][ T6485] EXT4-fs (loop3): Remounting filesystem read-only [ 581.681154][ T6485] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 581.690119][ T6485] EXT4-fs (loop3): Remounting filesystem read-only [ 581.696810][ T6485] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.1536: corrupted inode contents [ 581.709019][ T6485] EXT4-fs (loop3): Remounting filesystem read-only [ 581.715687][ T6485] EXT4-fs error (device loop3): ext4_truncate:4314: inode #16: comm syz.3.1536: mark_inode_dirty error [ 581.727198][ T6485] EXT4-fs (loop3): Remounting filesystem read-only [ 581.733982][ T6485] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 581.744602][ T6485] EXT4-fs (loop3): Remounting filesystem read-only [ 581.751303][ T6485] EXT4-fs (loop3): 1 truncate cleaned up [ 581.757542][ T6485] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 581.767955][ T2664] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 581.777937][ T6485] ext4 filesystem being mounted at /300/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 581.796828][ T2664] EXT4-fs error (device loop3): ext4_release_dquot:6839: comm kworker/u4:8: Failed to release dquot type 1 [ 581.815860][ T2664] EXT4-fs (loop3): Remounting filesystem read-only [ 582.021095][ T6499] loop2: detected capacity change from 0 to 512 [ 582.213342][ T288] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 582.245991][ T6499] EXT4-fs (loop2): 1 orphan inode deleted [ 582.251810][ T6499] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 582.262802][ T6499] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 582.533192][ T288] usb 1-1: Using ep0 maxpacket: 32 [ 583.063492][ T8] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 583.084579][ T8] EXT4-fs error (device loop2): ext4_release_dquot:6839: comm kworker/u4:0: Failed to release dquot type 1 [ 583.097419][ T283] EXT4-fs (loop3): unmounting filesystem. [ 583.136028][ T287] EXT4-fs (loop2): unmounting filesystem. [ 583.204550][ T3626] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 583.239888][ T288] usb 1-1: unable to get BOS descriptor or descriptor too short [ 583.248197][ T288] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 583.255951][ T288] usb 1-1: can't read configurations, error -71 [ 583.592797][ T6512] syz.3.1540[6512] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 583.592876][ T6512] syz.3.1540[6512] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 583.703364][ T805] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 583.785157][ T3626] usb 2-1: Using ep0 maxpacket: 16 [ 583.836139][ T3626] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 583.846438][ T3626] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 583.855556][ T3626] usb 2-1: Product: syz [ 583.860820][ T3626] usb 2-1: Manufacturer: syz [ 583.866537][ T3626] usb 2-1: SerialNumber: syz [ 583.938104][ T805] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 584.080349][ T3626] r8152-cfgselector 2-1: config 0 descriptor?? [ 584.132735][ T6516] loop0: detected capacity change from 0 to 256 [ 584.156820][ T805] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 584.168515][ T805] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 584.178309][ T805] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 584.314379][ T805] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 584.333171][ T805] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 584.341395][ T805] usb 5-1: Manufacturer: syz [ 584.739480][ T805] usb 5-1: config 0 descriptor?? [ 584.975553][ T6504] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 584.984295][ T6504] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 585.000708][ T3626] r8152-cfgselector 2-1: Unknown version 0x0000 [ 585.013216][ T3626] r8152-cfgselector 2-1: bad CDC descriptors [ 585.345390][ T805] appleir 0003:05AC:8243.0019: unknown main item tag 0x0 [ 585.443037][ T805] appleir 0003:05AC:8243.0019: No inputs registered, leaving [ 585.464633][ T3626] r8152-cfgselector 2-1: Unknown version 0x0000 [ 585.471572][ T3626] r8152-cfgselector 2-1: USB disconnect, device number 31 [ 585.485305][ T6531] loop0: detected capacity change from 0 to 256 [ 585.492481][ T805] appleir 0003:05AC:8243.0019: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 587.550850][ T6544] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1551'. [ 587.843167][ T2923] usb 1-1: new full-speed USB device number 27 using dummy_hcd [ 587.952621][ T6550] device syzkaller0 entered promiscuous mode [ 587.983635][ T6553] loop2: detected capacity change from 0 to 256 [ 588.000533][ T6553] exfat: Deprecated parameter 'namecase' [ 588.010085][ T6553] exfat: Deprecated parameter 'utf8' [ 588.068593][ T2923] usb 1-1: New USB device found, idVendor=1e7d, idProduct=3264, bcdDevice= 0.00 [ 588.096334][ T6558] loop4: detected capacity change from 0 to 512 [ 588.109485][ T6558] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 588.185366][ T2923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 588.211797][ T6553] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 588.334124][ T6558] EXT4-fs (loop4): 1 truncate cleaned up [ 588.339912][ T6558] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 588.474205][ T2923] usb 1-1: config 0 descriptor?? [ 588.960592][ T6564] loop1: detected capacity change from 0 to 512 [ 588.993999][ T6564] EXT4-fs (loop1): orphan cleanup on readonly fs [ 589.000877][ T6564] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 589.011343][ T6564] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 589.019239][ T347] usb 5-1: USB disconnect, device number 21 [ 589.020779][ T6564] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.1556: Failed to acquire dquot type 1 [ 589.044425][ T6564] EXT4-fs (loop1): 1 truncate cleaned up [ 589.050234][ T6564] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 589.062516][ T2923] isku 0003:1E7D:3264.001A: hidraw0: USB HID v0.00 Device [HID 1e7d:3264] on usb-dummy_hcd.0-1/input0 [ 589.074155][ T286] EXT4-fs (loop4): unmounting filesystem. [ 589.574216][ T347] usb 1-1: USB disconnect, device number 27 [ 589.627313][ T6571] fido_id[6571]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 589.692188][ T284] EXT4-fs (loop1): unmounting filesystem. [ 590.788164][ T6585] loop1: detected capacity change from 0 to 512 [ 590.897637][ T6585] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1561: casefold flag without casefold feature [ 591.839739][ T6589] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1562'. [ 591.848722][ T6589] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1562'. [ 591.862963][ T6585] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1561: couldn't read orphan inode 15 (err -117) [ 591.905077][ T6585] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 592.807493][ T416] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 592.941805][ T284] EXT4-fs (loop1): unmounting filesystem. [ 593.204490][ T416] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 593.223142][ T416] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 593.283145][ T416] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 593.292920][ T416] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 593.307996][ T416] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 593.317657][ T416] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 593.325919][ T416] usb 1-1: Manufacturer: syz [ 593.331247][ T416] usb 1-1: config 0 descriptor?? [ 593.651151][ T6600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 593.664824][ T6600] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 593.676272][ T6620] loop1: detected capacity change from 0 to 16 [ 593.711060][ T6620] erofs: (device loop1): erofs_read_superblock: cannot find valid erofs superblock [ 593.894728][ T416] appleir 0003:05AC:8243.001B: unknown main item tag 0x0 [ 593.907042][ T416] appleir 0003:05AC:8243.001B: No inputs registered, leaving [ 593.933977][ T416] appleir 0003:05AC:8243.001B: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 594.161894][ T6622] loop2: detected capacity change from 0 to 40427 [ 594.211362][ T6622] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 594.219398][ T6622] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 594.230397][ T6622] F2FS-fs (loop2): invalid crc value [ 595.220150][ T6637] loop1: detected capacity change from 0 to 256 [ 595.323511][ T6639] device syzkaller0 entered promiscuous mode [ 595.335983][ T6622] F2FS-fs (loop2): Found nat_bits in checkpoint [ 595.722037][ T6622] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 595.758763][ T6622] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 596.256277][ T6658] loop0: detected capacity change from 0 to 256 [ 596.263027][ T6658] exfat: Deprecated parameter 'namecase' [ 596.281336][ T6658] exfat: Deprecated parameter 'utf8' [ 596.289217][ T6658] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 596.362340][ T347] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 597.458985][ T347] usb 5-1: Using ep0 maxpacket: 16 [ 597.494597][ T347] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 597.503796][ T347] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 597.512217][ T347] usb 5-1: Product: syz [ 597.560663][ T6671] loop3: detected capacity change from 0 to 512 [ 597.797937][ T347] usb 5-1: Manufacturer: syz [ 597.823712][ T347] usb 5-1: SerialNumber: syz [ 597.844267][ T6671] EXT4-fs (loop3): orphan cleanup on readonly fs [ 597.857962][ T6671] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 597.868956][ T6671] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 597.869452][ T347] r8152-cfgselector 5-1: config 0 descriptor?? [ 597.878432][ T6671] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.1582: Failed to acquire dquot type 1 [ 597.896125][ T24] usb 1-1: reset high-speed USB device number 28 using dummy_hcd [ 597.935474][ T6671] EXT4-fs (loop3): 1 truncate cleaned up [ 597.959065][ T6671] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 598.115026][ T24] usb 1-1: device firmware changed [ 598.124659][ T19] usb 1-1: USB disconnect, device number 28 [ 598.225526][ T283] EXT4-fs (loop3): unmounting filesystem. [ 598.317933][ T347] r8152-cfgselector 5-1: Unknown version 0x0000 [ 598.324594][ T347] r8152-cfgselector 5-1: bad CDC descriptors [ 598.350773][ T19] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 598.360012][ T347] r8152-cfgselector 5-1: Unknown version 0x0000 [ 598.369367][ T347] r8152-cfgselector 5-1: USB disconnect, device number 22 [ 598.804209][ T19] usb 1-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 598.814421][ T19] usb 1-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 598.824607][ T19] usb 1-1: config 1 interface 0 has no altsetting 0 [ 598.832811][ T19] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 598.842136][ T19] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 598.850318][ T19] usb 1-1: Product: syz [ 598.854893][ T19] usb 1-1: Manufacturer: syz [ 598.859585][ T19] usb 1-1: SerialNumber: syz [ 598.869817][ T6669] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 598.877277][ T6669] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 600.186328][ T6711] loop1: detected capacity change from 0 to 256 [ 600.202521][ T6711] exfat: Deprecated parameter 'namecase' [ 600.710980][ T6711] exfat: Deprecated parameter 'utf8' [ 600.804014][ T6716] syz.3.1594[6716] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 600.804090][ T6716] syz.3.1594[6716] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 600.855914][ T19] (unnamed net_device) (uninitialized): Assigned a random MAC address: be:d0:f2:cc:8f:d8 [ 601.316650][ T6719] syz.2.1596[6719] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 601.316731][ T6719] syz.2.1596[6719] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 602.313307][ T6711] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 602.355933][ T6723] loop2: detected capacity change from 0 to 256 [ 602.362547][ T6723] exfat: Deprecated parameter 'namecase' [ 602.368303][ T6723] exfat: Deprecated parameter 'utf8' [ 602.384334][ T19] rtl8150 1-1:1.0: eth1: rtl8150 is detected [ 602.392271][ T19] usb 1-1: USB disconnect, device number 29 [ 602.404334][ T6723] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 602.743806][ T6732] netlink: 'syz.4.1597': attribute type 4 has an invalid length. [ 602.751759][ T6732] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1597'. [ 604.556141][ T6752] loop3: detected capacity change from 0 to 512 [ 604.784540][ T6752] EXT4-fs (loop3): orphan cleanup on readonly fs [ 604.791493][ T6752] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 604.802011][ T6752] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 604.811420][ T6752] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.1605: Failed to acquire dquot type 1 [ 604.824420][ T6752] EXT4-fs (loop3): 1 truncate cleaned up [ 604.830206][ T6752] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 604.995835][ T6764] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1607'. [ 606.221633][ T283] EXT4-fs (loop3): unmounting filesystem. [ 606.379985][ T6772] device syzkaller0 entered promiscuous mode [ 607.509262][ T6776] syz.4.1610[6776] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 607.511026][ T6776] syz.4.1610[6776] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 608.529284][ T6780] loop1: detected capacity change from 0 to 512 [ 608.574681][ T6780] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1613: casefold flag without casefold feature [ 608.588254][ T6780] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1613: couldn't read orphan inode 15 (err -117) [ 608.603808][ T6780] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 610.556217][ T6790] loop0: detected capacity change from 0 to 256 [ 610.562925][ T6790] exfat: Deprecated parameter 'namecase' [ 610.568825][ T6790] exfat: Deprecated parameter 'utf8' [ 610.576849][ T6790] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 610.601327][ T6794] loop2: detected capacity change from 0 to 512 [ 610.620207][ T6794] EXT4-fs (loop2): #blocks per group too big: 466944 [ 610.715697][ T6791] loop3: detected capacity change from 0 to 512 [ 610.744170][ T284] EXT4-fs (loop1): unmounting filesystem. [ 610.750770][ T6791] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 610.830383][ T6794] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 610.933722][ T6791] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 611.013217][ T6791] EXT4-fs (loop3): 1 truncate cleaned up [ 611.018979][ T6791] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 611.293564][ T6807] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1619'. [ 611.302624][ T6807] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1619'. [ 611.604451][ T283] EXT4-fs (loop3): unmounting filesystem. [ 611.731359][ T6813] loop0: detected capacity change from 0 to 512 [ 611.903778][ T6816] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1622'. [ 611.912927][ T6816] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1622'. [ 612.460507][ T6813] EXT4-fs (loop0): orphan cleanup on readonly fs [ 612.537779][ T6813] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 612.548228][ T6813] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 612.557663][ T6813] EXT4-fs error (device loop0): ext4_acquire_dquot:6803: comm syz.0.1620: Failed to acquire dquot type 1 [ 612.569879][ T6813] EXT4-fs (loop0): 1 truncate cleaned up [ 612.592743][ T6813] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 614.512434][ T285] EXT4-fs (loop0): unmounting filesystem. [ 616.192578][ T6851] loop3: detected capacity change from 0 to 512 [ 616.342839][ T6851] EXT4-fs (loop3): orphan cleanup on readonly fs [ 616.351214][ T6851] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 616.361756][ T6851] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 616.371275][ T6851] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.1630: Failed to acquire dquot type 1 [ 616.386134][ T6851] EXT4-fs (loop3): 1 truncate cleaned up [ 616.641049][ T6857] loop0: detected capacity change from 0 to 256 [ 617.052062][ T6857] exfat: Deprecated parameter 'namecase' [ 617.108946][ T6857] exfat: Deprecated parameter 'utf8' [ 617.192670][ T6857] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 617.331456][ T6851] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 617.530661][ T283] EXT4-fs (loop3): unmounting filesystem. [ 617.536090][ T6866] loop1: detected capacity change from 0 to 256 [ 619.200954][ T6874] loop4: detected capacity change from 0 to 256 [ 619.208072][ T6874] exfat: Deprecated parameter 'namecase' [ 619.214015][ T6874] exfat: Deprecated parameter 'utf8' [ 619.233417][ T6874] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 620.257315][ T6887] loop1: detected capacity change from 0 to 512 [ 621.289869][ T6887] EXT4-fs (loop1): orphan cleanup on readonly fs [ 621.297501][ T6887] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 621.308053][ T6887] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 621.317502][ T6887] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.1639: Failed to acquire dquot type 1 [ 621.330198][ T6887] EXT4-fs (loop1): 1 truncate cleaned up [ 621.336088][ T6887] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 621.358383][ T6898] loop4: detected capacity change from 0 to 512 [ 621.402640][ T6898] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1643: casefold flag without casefold feature [ 621.418811][ T6898] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1643: couldn't read orphan inode 15 (err -117) [ 621.433835][ T6898] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 621.493817][ T284] EXT4-fs (loop1): unmounting filesystem. [ 621.558119][ T6903] loop2: detected capacity change from 0 to 16 [ 621.606899][ T6903] erofs: (device loop2): erofs_read_superblock: cannot find valid erofs superblock [ 623.050104][ T286] EXT4-fs (loop4): unmounting filesystem. [ 623.205620][ T6916] loop3: detected capacity change from 0 to 512 [ 624.114873][ T6916] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 624.372908][ T6916] EXT4-fs (loop3): 1 truncate cleaned up [ 624.378639][ T6916] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 624.755597][ T283] EXT4-fs (loop3): unmounting filesystem. [ 624.757762][ T6930] loop2: detected capacity change from 0 to 256 [ 624.782520][ T6930] exfat: Deprecated parameter 'namecase' [ 624.802903][ T6930] exfat: Deprecated parameter 'utf8' [ 624.814715][ T6930] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 625.062444][ T6936] loop4: detected capacity change from 0 to 512 [ 627.559899][ T6945] loop0: detected capacity change from 0 to 512 [ 627.604234][ T6945] EXT4-fs (loop0): orphan cleanup on readonly fs [ 627.611040][ T6945] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 627.621470][ T6945] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 627.623509][ T6950] loop2: detected capacity change from 0 to 256 [ 627.631709][ T6945] EXT4-fs error (device loop0): ext4_acquire_dquot:6803: comm syz.0.1652: Failed to acquire dquot type 1 [ 627.638152][ T6950] exfat: Deprecated parameter 'namecase' [ 627.649922][ T6945] EXT4-fs (loop0): 1 truncate cleaned up [ 627.654790][ T6950] exfat: Deprecated parameter 'utf8' [ 627.665881][ T6936] EXT4-fs (loop4): 1 orphan inode deleted [ 627.671690][ T6936] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 627.677935][ T6950] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 627.681053][ T6945] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 627.692886][ T6936] ext4 filesystem being mounted at /327/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 627.748175][ T8] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 627.777177][ T8] EXT4-fs error (device loop4): ext4_release_dquot:6839: comm kworker/u4:0: Failed to release dquot type 1 [ 627.905452][ T286] EXT4-fs (loop4): unmounting filesystem. [ 628.735599][ T285] EXT4-fs (loop0): unmounting filesystem. [ 628.742211][ T6954] loop3: detected capacity change from 0 to 256 [ 631.107300][ T6988] syz.3.1660[6988] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 631.107665][ T6988] syz.3.1660[6988] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 631.495554][ T6987] loop2: detected capacity change from 0 to 512 [ 632.172722][ T6990] loop4: detected capacity change from 0 to 512 [ 632.293164][ T6987] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 632.824842][ T6990] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 632.833020][ T6990] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 632.843307][ T6990] EXT4-fs (loop4): 1 truncate cleaned up [ 632.848997][ T6990] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 632.908589][ T6994] loop3: detected capacity change from 0 to 256 [ 633.352658][ T6994] exfat: Deprecated parameter 'namecase' [ 633.370287][ T6994] exfat: Deprecated parameter 'utf8' [ 633.377994][ T6994] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 633.720091][ T6987] EXT4-fs (loop2): 1 truncate cleaned up [ 633.725861][ T6987] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 634.074132][ T286] EXT4-fs (loop4): unmounting filesystem. [ 634.080396][ T287] EXT4-fs (loop2): unmounting filesystem. [ 635.073759][ T7018] netlink: 'syz.1.1670': attribute type 4 has an invalid length. [ 635.081603][ T7018] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1670'. [ 636.364991][ T805] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 636.604902][ T805] usb 1-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 636.842509][ T805] usb 1-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 636.852927][ T805] usb 1-1: config 1 interface 0 has no altsetting 0 [ 636.862192][ T805] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 636.871732][ T805] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 636.879932][ T805] usb 1-1: Product: syz [ 636.911647][ T805] usb 1-1: Manufacturer: syz [ 636.935569][ T805] usb 1-1: SerialNumber: syz [ 636.975737][ T7045] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 636.989617][ T7045] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 637.082285][ T7059] loop2: detected capacity change from 0 to 256 [ 637.090281][ T7059] exfat: Deprecated parameter 'namecase' [ 637.096093][ T7059] exfat: Deprecated parameter 'utf8' [ 637.104275][ T7059] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 638.205375][ T7074] loop2: detected capacity change from 0 to 4096 [ 638.221635][ T7074] EXT4-fs (loop2): Test dummy encryption mode enabled [ 638.235123][ T7074] EXT4-fs (loop2): unsupported descriptor size 255 [ 638.252734][ T7075] loop3: detected capacity change from 0 to 16 [ 638.264907][ T7075] erofs: (device loop3): erofs_read_superblock: cannot find valid erofs superblock [ 639.643116][ T805] rtl8150 1-1:1.0: couldn't reset the device [ 639.649282][ T805] rtl8150: probe of 1-1:1.0 failed with error -5 [ 639.659924][ T805] usb 1-1: USB disconnect, device number 30 [ 640.484807][ T7099] loop4: detected capacity change from 0 to 512 [ 640.492372][ T7099] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 640.624576][ T7099] EXT4-fs (loop4): 1 truncate cleaned up [ 640.630328][ T7099] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 640.642220][ T7099] EXT4-fs error (device loop4): __ext4_iget:5079: inode #12: block 2: comm syz.4.1691: invalid block [ 640.660078][ T7099] EXT4-fs (loop4): Remounting filesystem read-only [ 641.124393][ T7105] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1693'. [ 641.499110][ T7110] loop0: detected capacity change from 0 to 256 [ 641.506362][ T286] EXT4-fs (loop4): unmounting filesystem. [ 641.533547][ T7110] exfat: Deprecated parameter 'namecase' [ 641.559477][ T7110] exfat: Deprecated parameter 'utf8' [ 641.610421][ T7110] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 642.655703][ T7121] loop4: detected capacity change from 0 to 512 [ 642.693774][ T7121] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 642.734981][ T7121] EXT4-fs (loop4): 1 truncate cleaned up [ 642.740727][ T7121] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 643.308108][ T286] EXT4-fs (loop4): unmounting filesystem. [ 644.231515][ T7136] loop2: detected capacity change from 0 to 16 [ 644.989133][ T7136] erofs: (device loop2): erofs_read_superblock: cannot find valid erofs superblock [ 645.125561][ T7146] loop4: detected capacity change from 0 to 512 [ 645.999869][ T344] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 646.237712][ T7146] EXT4-fs (loop4): 1 orphan inode deleted [ 646.243514][ T7146] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 646.252967][ T7146] ext4 filesystem being mounted at /336/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 646.263555][ T6973] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 646.273321][ T6973] EXT4-fs error (device loop4): ext4_release_dquot:6839: comm kworker/u4:7: Failed to release dquot type 1 [ 646.330471][ T7155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1706'. [ 646.573311][ T286] EXT4-fs (loop4): unmounting filesystem. [ 646.764493][ T7158] loop3: detected capacity change from 0 to 512 [ 646.775888][ T7162] loop4: detected capacity change from 0 to 512 [ 646.790156][ T7158] EXT4-fs (loop3): orphan cleanup on readonly fs [ 646.796987][ T7158] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 646.807412][ T7158] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 646.817004][ T7158] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.1708: Failed to acquire dquot type 1 [ 646.829363][ T7162] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1709: casefold flag without casefold feature [ 646.829408][ T7158] EXT4-fs (loop3): 1 truncate cleaned up [ 646.848435][ T7158] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 646.864382][ T7162] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1709: couldn't read orphan inode 15 (err -117) [ 646.876429][ T7162] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 646.894425][ T283] EXT4-fs (loop3): unmounting filesystem. [ 647.344159][ T7174] loop2: detected capacity change from 0 to 256 [ 647.353487][ T7174] exfat: Deprecated parameter 'namecase' [ 647.359164][ T7174] exfat: Deprecated parameter 'utf8' [ 647.402142][ T7174] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 647.810018][ T286] EXT4-fs (loop4): unmounting filesystem. [ 648.096834][ T7171] loop1: detected capacity change from 0 to 40427 [ 648.111580][ T7171] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 648.267208][ T7181] overlayfs: failed to resolve './file0': -2 [ 648.363352][ T7171] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 648.397090][ T7171] F2FS-fs (loop1): invalid crc value [ 648.485239][ T7171] F2FS-fs (loop1): Found nat_bits in checkpoint [ 648.682675][ T7171] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 648.713431][ T7171] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 649.643639][ T7198] overlayfs: failed to resolve './file0': -2 [ 650.095397][ T7204] loop3: detected capacity change from 0 to 512 [ 650.165929][ T7204] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.1718: corrupted inode contents [ 650.207946][ T7204] EXT4-fs (loop3): Remounting filesystem read-only [ 650.218076][ T7204] EXT4-fs error (device loop3): ext4_dirty_inode:6121: inode #16: comm syz.3.1718: mark_inode_dirty error [ 650.233278][ T7204] EXT4-fs (loop3): Remounting filesystem read-only [ 650.242979][ T7204] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.1718: corrupted inode contents [ 650.274690][ T7204] EXT4-fs (loop3): Remounting filesystem read-only [ 650.294748][ T7204] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.1718: mark_inode_dirty error [ 650.312973][ T7204] EXT4-fs (loop3): Remounting filesystem read-only [ 650.319840][ T7204] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.1718: corrupted inode contents [ 650.332195][ T7204] EXT4-fs (loop3): Remounting filesystem read-only [ 650.339467][ T7204] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 650.348272][ T7204] EXT4-fs (loop3): Remounting filesystem read-only [ 650.354829][ T7204] EXT4-fs error (device loop3): ext4_do_update_inode:5256: inode #16: comm syz.3.1718: corrupted inode contents [ 650.373384][ T7204] EXT4-fs (loop3): Remounting filesystem read-only [ 650.386913][ T7204] EXT4-fs error (device loop3): ext4_truncate:4314: inode #16: comm syz.3.1718: mark_inode_dirty error [ 650.444448][ T7204] EXT4-fs (loop3): Remounting filesystem read-only [ 650.451235][ T7204] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 650.463852][ T7209] loop0: detected capacity change from 0 to 512 [ 650.475026][ T7204] EXT4-fs (loop3): Remounting filesystem read-only [ 650.485548][ T7209] EXT4-fs (loop0): orphan cleanup on readonly fs [ 650.492230][ T7209] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 650.502682][ T7209] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 650.512104][ T7209] EXT4-fs error (device loop0): ext4_acquire_dquot:6803: comm syz.0.1720: Failed to acquire dquot type 1 [ 650.520430][ T7204] EXT4-fs (loop3): 1 truncate cleaned up [ 650.529099][ T7204] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 650.548895][ T6973] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 650.564119][ T7209] EXT4-fs (loop0): 1 truncate cleaned up [ 650.569893][ T7204] ext4 filesystem being mounted at /343/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 650.573185][ T6973] EXT4-fs error (device loop3): ext4_release_dquot:6839: comm kworker/u4:7: Failed to release dquot type 1 [ 650.623369][ T6973] EXT4-fs (loop3): Remounting filesystem read-only [ 650.653747][ T7209] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 650.677024][ T285] EXT4-fs (loop0): unmounting filesystem. [ 650.833329][ T7215] syz.0.1721[7215] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 650.833446][ T7215] syz.0.1721[7215] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 650.976568][ T283] EXT4-fs (loop3): unmounting filesystem. [ 651.233189][ T416] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 651.423107][ T416] usb 2-1: Using ep0 maxpacket: 32 [ 651.502459][ T416] usb 2-1: unable to get BOS descriptor or descriptor too short [ 651.514980][ T416] usb 2-1: unable to read config index 0 descriptor/start: -71 [ 651.603862][ T416] usb 2-1: can't read configurations, error -71 [ 652.250225][ T349] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 652.616116][ T349] usb 1-1: Using ep0 maxpacket: 16 [ 652.626601][ T349] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 652.647272][ T349] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 652.668745][ T7242] loop1: detected capacity change from 0 to 16 [ 652.675868][ T7242] erofs: (device loop1): erofs_read_superblock: cannot find valid erofs superblock [ 652.798120][ T349] usb 1-1: Product: syz [ 652.802413][ T349] usb 1-1: Manufacturer: syz [ 652.864574][ T349] usb 1-1: SerialNumber: syz [ 652.872968][ T349] r8152-cfgselector 1-1: config 0 descriptor?? [ 652.883150][ T344] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 654.273667][ T7258] loop3: detected capacity change from 0 to 512 [ 654.293186][ T7258] EXT4-fs (loop3): orphan cleanup on readonly fs [ 654.323683][ T7258] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 654.334153][ T7258] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 654.343576][ T7258] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.1733: Failed to acquire dquot type 1 [ 654.357579][ T7258] EXT4-fs (loop3): 1 truncate cleaned up [ 654.363967][ T7258] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 654.385924][ T283] EXT4-fs (loop3): unmounting filesystem. [ 654.401990][ T349] r8152-cfgselector 1-1: Unknown version 0x0000 [ 654.428624][ T349] r8152-cfgselector 1-1: bad CDC descriptors [ 654.572956][ T349] r8152-cfgselector 1-1: Unknown version 0x0000 [ 654.593997][ T349] r8152-cfgselector 1-1: USB disconnect, device number 31 [ 654.621872][ T7268] syz.3.1736[7268] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 654.622147][ T7268] syz.3.1736[7268] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 654.667856][ T7269] syz.2.1734[7269] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 654.679794][ T7269] syz.2.1734[7269] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 655.732736][ T7276] loop0: detected capacity change from 0 to 256 [ 655.782214][ T7276] exfat: Deprecated parameter 'namecase' [ 655.790687][ T7276] exfat: Deprecated parameter 'utf8' [ 655.864050][ T7279] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1739'. [ 655.872975][ T7279] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1739'. [ 656.127858][ T7284] loop1: detected capacity change from 0 to 512 [ 656.142527][ T7276] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 656.232829][ T7284] EXT4-fs (loop1): orphan cleanup on readonly fs [ 656.313607][ T7284] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 656.348201][ T7284] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 656.481181][ T7284] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.1740: Failed to acquire dquot type 1 [ 657.406069][ T7284] EXT4-fs (loop1): 1 truncate cleaned up [ 657.463278][ T7284] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 657.507164][ T7298] loop0: detected capacity change from 0 to 256 [ 658.639639][ T284] EXT4-fs (loop1): unmounting filesystem. [ 658.978894][ T7296] loop2: detected capacity change from 0 to 40427 [ 658.996086][ T7310] device syzkaller0 entered promiscuous mode [ 658.998675][ T7296] F2FS-fs (loop2): fault_injection options not supported [ 659.013426][ T7296] F2FS-fs (loop2): fault_type options not supported [ 659.039501][ T7296] F2FS-fs (loop2): invalid crc value [ 659.074522][ T7315] loop0: detected capacity change from 0 to 512 [ 659.103091][ T7315] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 659.159804][ T7296] F2FS-fs (loop2): Found nat_bits in checkpoint [ 659.199373][ T7315] EXT4-fs (loop0): 1 truncate cleaned up [ 659.205213][ T7315] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 659.586315][ T7296] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 659.858543][ T7324] loop4: detected capacity change from 0 to 512 [ 660.042013][ T285] EXT4-fs (loop0): unmounting filesystem. [ 660.081078][ T7324] EXT4-fs (loop4): #blocks per group too big: 466944 [ 660.771150][ T7337] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 661.112023][ T7341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1754'. [ 661.120962][ T7341] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1754'. [ 661.606206][ T7348] loop2: detected capacity change from 0 to 256 [ 662.461179][ T7349] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1755'. [ 662.498702][ T7359] loop1: detected capacity change from 0 to 512 [ 662.616598][ T7359] EXT4-fs (loop1): orphan cleanup on readonly fs [ 662.623603][ T7359] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 662.634132][ T7359] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 662.644479][ T7359] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.1758: Failed to acquire dquot type 1 [ 662.669469][ T7359] EXT4-fs (loop1): 1 truncate cleaned up [ 662.675336][ T7359] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 663.329712][ T7367] loop2: detected capacity change from 0 to 512 [ 665.849606][ T284] EXT4-fs (loop1): unmounting filesystem. [ 665.950589][ T7367] EXT4-fs (loop2): 1 orphan inode deleted [ 665.956444][ T7367] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 665.966239][ T7367] ext4 filesystem being mounted at /360/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 666.012677][ T8] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 666.615269][ T7378] loop0: detected capacity change from 0 to 512 [ 667.495192][ T7378] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 667.676734][ T8] EXT4-fs error (device loop2): ext4_release_dquot:6839: comm kworker/u4:0: Failed to release dquot type 1 [ 667.708964][ T7378] EXT4-fs (loop0): 1 truncate cleaned up [ 667.714730][ T7378] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 667.753285][ T7382] device syzkaller0 entered promiscuous mode [ 667.757102][ T287] EXT4-fs (loop2): unmounting filesystem. [ 667.889871][ T285] EXT4-fs (loop0): unmounting filesystem. [ 668.607592][ T7401] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1767'. [ 669.013640][ T7408] loop0: detected capacity change from 0 to 512 [ 669.055800][ T7408] EXT4-fs (loop0): #blocks per group too big: 466944 [ 669.496070][ T7413] loop1: detected capacity change from 0 to 512 [ 669.506014][ T7413] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 669.586669][ T7413] EXT4-fs (loop1): 1 truncate cleaned up [ 669.592439][ T7413] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 669.647150][ T7413] EXT4-fs error (device loop1): __ext4_iget:5079: inode #12: block 2: comm syz.1.1769: invalid block [ 669.658971][ T7413] EXT4-fs (loop1): Remounting filesystem read-only [ 671.203005][ T7419] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 671.246672][ T284] EXT4-fs (loop1): unmounting filesystem. [ 672.366460][ T7446] loop4: detected capacity change from 0 to 512 [ 672.444059][ T7447] netlink: 'syz.1.1780': attribute type 4 has an invalid length. [ 672.451968][ T7447] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1780'. [ 673.384883][ T7446] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 673.599446][ T7446] EXT4-fs (loop4): 1 truncate cleaned up [ 673.605250][ T7446] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 673.866843][ T7455] loop0: detected capacity change from 0 to 512 [ 673.944075][ T7455] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.1784: casefold flag without casefold feature [ 674.016696][ T7455] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.1784: couldn't read orphan inode 15 (err -117) [ 674.028786][ T7455] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 674.069594][ T286] EXT4-fs (loop4): unmounting filesystem. [ 675.576061][ T285] EXT4-fs (loop0): unmounting filesystem. [ 675.734882][ T7474] loop3: detected capacity change from 0 to 512 [ 675.742458][ T7474] EXT4-fs (loop3): #blocks per group too big: 466944 [ 676.236992][ T7479] incfs: Backing dir is not set, filesystem can't be mounted. [ 676.316895][ T344] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 676.396037][ T7479] incfs: mount failed -2 [ 677.118474][ T7491] loop1: detected capacity change from 0 to 512 [ 677.133848][ T7491] EXT4-fs (loop1): orphan cleanup on readonly fs [ 677.140615][ T7491] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 677.144556][ T7492] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 677.159305][ T7491] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 677.168914][ T7491] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.1792: Failed to acquire dquot type 1 [ 677.211503][ T7491] EXT4-fs (loop1): 1 truncate cleaned up [ 677.217943][ T7491] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 677.852097][ T284] EXT4-fs (loop1): unmounting filesystem. [ 678.301284][ T7516] device syzkaller0 entered promiscuous mode [ 679.557125][ T7537] loop2: detected capacity change from 0 to 256 [ 679.576339][ T7539] loop3: detected capacity change from 0 to 512 [ 679.903011][ T7539] EXT4-fs (loop3): #blocks per group too big: 466944 [ 682.098243][ T7555] loop4: detected capacity change from 0 to 512 [ 683.283911][ T7555] EXT4-fs (loop4): orphan cleanup on readonly fs [ 683.290763][ T7555] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 683.301465][ T7555] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 683.310938][ T7555] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.1808: Failed to acquire dquot type 1 [ 683.334182][ T7563] loop0: detected capacity change from 0 to 512 [ 683.346563][ T7555] EXT4-fs (loop4): 1 truncate cleaned up [ 683.407838][ T7563] EXT4-fs error (device loop0): ext4_do_update_inode:5256: inode #16: comm syz.0.1812: corrupted inode contents [ 683.466724][ T7563] EXT4-fs (loop0): Remounting filesystem read-only [ 683.499990][ T7563] EXT4-fs error (device loop0): ext4_dirty_inode:6121: inode #16: comm syz.0.1812: mark_inode_dirty error [ 683.502324][ T7555] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 683.528035][ T7563] EXT4-fs (loop0): Remounting filesystem read-only [ 683.537825][ T7563] EXT4-fs error (device loop0): ext4_do_update_inode:5256: inode #16: comm syz.0.1812: corrupted inode contents [ 683.558277][ T7569] device syzkaller0 entered promiscuous mode [ 683.562366][ T7563] EXT4-fs (loop0): Remounting filesystem read-only [ 683.570921][ T7563] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #16: comm syz.0.1812: mark_inode_dirty error [ 683.582623][ T7563] EXT4-fs (loop0): Remounting filesystem read-only [ 683.589435][ T7563] EXT4-fs error (device loop0): ext4_do_update_inode:5256: inode #16: comm syz.0.1812: corrupted inode contents [ 683.603280][ T7563] EXT4-fs (loop0): Remounting filesystem read-only [ 683.609880][ T7563] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 683.618892][ T7563] EXT4-fs (loop0): Remounting filesystem read-only [ 683.625616][ T7563] EXT4-fs error (device loop0): ext4_do_update_inode:5256: inode #16: comm syz.0.1812: corrupted inode contents [ 683.641539][ T7563] EXT4-fs (loop0): Remounting filesystem read-only [ 683.648370][ T7563] EXT4-fs error (device loop0): ext4_truncate:4314: inode #16: comm syz.0.1812: mark_inode_dirty error [ 683.659858][ T7563] EXT4-fs (loop0): Remounting filesystem read-only [ 683.666587][ T7563] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 683.676656][ T7563] EXT4-fs (loop0): Remounting filesystem read-only [ 683.683655][ T7563] EXT4-fs (loop0): 1 truncate cleaned up [ 683.689509][ T7563] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 683.698813][ T286] EXT4-fs (loop4): unmounting filesystem. [ 683.703912][ T7563] ext4 filesystem being mounted at /350/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 683.717905][ T8] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 683.736719][ T8] EXT4-fs error (device loop0): ext4_release_dquot:6839: comm kworker/u4:0: Failed to release dquot type 1 [ 683.750218][ T8] EXT4-fs (loop0): Remounting filesystem read-only [ 684.569766][ T285] EXT4-fs (loop0): unmounting filesystem. [ 684.763279][ T7597] loop3: detected capacity change from 0 to 512 [ 684.913514][ T7600] overlayfs: failed to resolve './file1': -2 [ 685.268041][ T7597] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 685.287862][ T7597] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 685.430846][ T7597] EXT4-fs (loop3): 1 truncate cleaned up [ 685.439890][ T7597] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 689.999139][ T7607] loop4: detected capacity change from 0 to 512 [ 690.009062][ T7607] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 690.020990][ T283] EXT4-fs (loop3): unmounting filesystem. [ 690.057790][ T7607] EXT4-fs (loop4): orphan cleanup on readonly fs [ 690.066706][ T7607] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.1823: bg 0: block 248: padding at end of block bitmap is not set [ 690.082422][ T7607] Quota error (device loop4): write_blk: dquota write failed [ 690.090042][ T7607] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 690.100055][ T7607] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.1823: Failed to acquire dquot type 1 [ 690.113766][ T7607] EXT4-fs (loop4): 1 truncate cleaned up [ 690.120325][ T7607] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 691.072702][ T7611] loop0: detected capacity change from 0 to 512 [ 691.092191][ T286] EXT4-fs (loop4): unmounting filesystem. [ 691.098460][ T7611] EXT4-fs (loop0): #blocks per group too big: 466944 [ 691.136022][ T7617] device syzkaller0 entered promiscuous mode [ 691.179709][ T344] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 691.262852][ T7623] loop2: detected capacity change from 0 to 512 [ 691.277652][ T7624] loop1: detected capacity change from 0 to 512 [ 691.301297][ T7624] EXT4-fs (loop1): orphan cleanup on readonly fs [ 691.308197][ T7624] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 691.318744][ T7624] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 691.328150][ T7624] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.1825: Failed to acquire dquot type 1 [ 691.346602][ T7624] EXT4-fs (loop1): 1 truncate cleaned up [ 691.372375][ T7623] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #16: comm syz.2.1829: corrupted inode contents [ 691.415051][ T7629] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 691.426809][ T7623] EXT4-fs (loop2): Remounting filesystem read-only [ 691.442994][ T7623] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #16: comm syz.2.1829: mark_inode_dirty error [ 691.475533][ T7623] EXT4-fs (loop2): Remounting filesystem read-only [ 691.782212][ T7623] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #16: comm syz.2.1829: corrupted inode contents [ 691.796765][ T7623] EXT4-fs (loop2): Remounting filesystem read-only [ 691.804191][ T7623] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.1829: mark_inode_dirty error [ 691.817102][ T7623] EXT4-fs (loop2): Remounting filesystem read-only [ 691.824462][ T7623] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #16: comm syz.2.1829: corrupted inode contents [ 691.837971][ T7623] EXT4-fs (loop2): Remounting filesystem read-only [ 691.845189][ T7623] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 691.855123][ T7623] EXT4-fs (loop2): Remounting filesystem read-only [ 691.861967][ T7623] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #16: comm syz.2.1829: corrupted inode contents [ 691.897240][ T7623] EXT4-fs (loop2): Remounting filesystem read-only [ 691.909163][ T7624] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 691.911735][ T7623] EXT4-fs error (device loop2): ext4_truncate:4314: inode #16: comm syz.2.1829: mark_inode_dirty error [ 691.973321][ T7623] EXT4-fs (loop2): Remounting filesystem read-only [ 691.982730][ T7623] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 691.991953][ T7623] EXT4-fs (loop2): Remounting filesystem read-only [ 691.998878][ T7623] EXT4-fs (loop2): 1 truncate cleaned up [ 692.008874][ T7623] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 692.018111][ T6973] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 692.032116][ T6973] EXT4-fs error (device loop2): ext4_release_dquot:6839: comm kworker/u4:7: Failed to release dquot type 1 [ 692.051534][ T7623] ext4 filesystem being mounted at /371/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 692.096280][ T284] EXT4-fs (loop1): unmounting filesystem. [ 692.102202][ T6973] EXT4-fs (loop2): Remounting filesystem read-only [ 692.125223][ T7640] loop1: detected capacity change from 0 to 512 [ 692.141571][ T7640] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1832: casefold flag without casefold feature [ 692.347154][ T7640] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1832: couldn't read orphan inode 15 (err -117) [ 692.417762][ T7640] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 692.920342][ T287] EXT4-fs (loop2): unmounting filesystem. [ 693.038394][ T284] EXT4-fs (loop1): unmounting filesystem. [ 694.188852][ T7675] loop0: detected capacity change from 0 to 256 [ 694.224802][ T7675] exfat: Deprecated parameter 'namecase' [ 694.240232][ T7675] exfat: Deprecated parameter 'utf8' [ 694.328951][ T7675] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 695.355659][ T7691] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1842'. [ 696.657860][ T7695] loop4: detected capacity change from 0 to 512 [ 697.129407][ T7695] EXT4-fs (loop4): orphan cleanup on readonly fs [ 697.148474][ T7695] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 697.159066][ T7695] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 697.168519][ T7695] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.1844: Failed to acquire dquot type 1 [ 697.180735][ T7695] EXT4-fs (loop4): 1 truncate cleaned up [ 697.186832][ T7695] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 698.198929][ T286] EXT4-fs (loop4): unmounting filesystem. [ 698.442669][ T7708] netlink: 'syz.1.1847': attribute type 4 has an invalid length. [ 698.450566][ T7708] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1847'. [ 700.683295][ T2923] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 700.843878][ T7727] loop2: detected capacity change from 0 to 256 [ 700.850530][ T7727] exfat: Deprecated parameter 'namecase' [ 700.859289][ T7727] exfat: Deprecated parameter 'utf8' [ 700.876836][ T7727] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 701.822797][ T2923] usb 5-1: Using ep0 maxpacket: 16 [ 702.927279][ T2923] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 703.031908][ T2923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 703.050290][ T2923] usb 5-1: Product: syz [ 703.057847][ T7748] loop4: detected capacity change from 0 to 512 [ 703.078878][ T2923] usb 5-1: Manufacturer: syz [ 703.084915][ T7744] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1857'. [ 703.098680][ T7748] EXT4-fs (loop4): #blocks per group too big: 466944 [ 703.118435][ T2923] usb 5-1: SerialNumber: syz [ 703.133839][ T2923] r8152-cfgselector 5-1: config 0 descriptor?? [ 703.141066][ T2923] r8152-cfgselector 5-1: can't set config #0, error -71 [ 703.155649][ T2923] r8152-cfgselector 5-1: Unknown version 0x0000 [ 703.280155][ T2923] r8152-cfgselector 5-1: USB disconnect, device number 23 [ 703.381441][ T7754] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 703.999300][ T7768] loop4: detected capacity change from 0 to 256 [ 704.025896][ T7769] loop2: detected capacity change from 0 to 512 [ 705.534348][ T7769] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 707.099189][ T7789] loop4: detected capacity change from 0 to 256 [ 707.130122][ T7769] EXT4-fs: failed to create workqueue [ 707.162582][ T7789] exfat: Deprecated parameter 'namecase' [ 707.186279][ T7769] EXT4-fs (loop2): mount failed [ 707.193628][ T7789] exfat: Deprecated parameter 'utf8' [ 707.204444][ T7789] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 707.291871][ T7794] loop0: detected capacity change from 0 to 512 [ 707.301793][ T7794] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 708.334177][ T7794] EXT4-fs (loop0): orphan cleanup on readonly fs [ 708.343700][ T7794] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.1870: bg 0: block 248: padding at end of block bitmap is not set [ 708.359091][ T7794] Quota error (device loop0): write_blk: dquota write failed [ 708.366679][ T7794] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 708.376686][ T7794] EXT4-fs error (device loop0): ext4_acquire_dquot:6803: comm syz.0.1870: Failed to acquire dquot type 1 [ 708.390379][ T7794] EXT4-fs (loop0): 1 truncate cleaned up [ 708.396896][ T7794] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 708.470459][ T7794] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1870'. [ 709.358771][ T285] EXT4-fs (loop0): unmounting filesystem. [ 709.416343][ T7805] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1872'. [ 709.749755][ T7807] loop0: detected capacity change from 0 to 40427 [ 709.771325][ T7807] F2FS-fs (loop0): fault_injection options not supported [ 709.795358][ T7807] F2FS-fs (loop0): fault_type options not supported [ 709.810389][ T7807] F2FS-fs (loop0): invalid crc value [ 709.840222][ T7807] F2FS-fs (loop0): Found nat_bits in checkpoint [ 709.856919][ T7815] loop4: detected capacity change from 0 to 512 [ 709.886336][ T7815] EXT4-fs (loop4): #blocks per group too big: 466944 [ 709.919712][ T7807] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 709.991451][ T7817] loop3: detected capacity change from 0 to 512 [ 710.161073][ T7822] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 710.169925][ T7817] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 711.024327][ T7817] EXT4-fs (loop3): 1 truncate cleaned up [ 711.054335][ T7817] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 711.255956][ T7817] EXT4-fs error (device loop3): __ext4_iget:5079: inode #12: block 2: comm syz.3.1874: invalid block [ 711.303476][ T7817] EXT4-fs (loop3): Remounting filesystem read-only [ 713.658853][ T7849] loop4: detected capacity change from 0 to 512 [ 713.686075][ T7851] loop1: detected capacity change from 0 to 256 [ 714.762179][ T7849] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1882: casefold flag without casefold feature [ 714.784353][ T7849] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1882: couldn't read orphan inode 15 (err -117) [ 715.083624][ T7849] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 716.279957][ T7872] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1887'. [ 716.289024][ T7872] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1887'. [ 717.341625][ T286] EXT4-fs (loop4): unmounting filesystem. [ 717.441168][ T7881] loop1: detected capacity change from 0 to 512 [ 717.463631][ T7881] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 717.635514][ T7881] EXT4-fs (loop1): 1 truncate cleaned up [ 717.641273][ T7881] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 718.444760][ T284] EXT4-fs (loop1): unmounting filesystem. [ 719.018417][ T283] EXT4-fs (loop3): unmounting filesystem. [ 721.124938][ T7915] netlink: 'syz.1.1896': attribute type 4 has an invalid length. [ 721.132723][ T7915] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1896'. [ 721.674864][ T7925] overlayfs: failed to resolve './file1': -2 [ 723.481106][ T7940] device syzkaller0 entered promiscuous mode [ 723.635777][ T7949] loop0: detected capacity change from 0 to 256 [ 723.643689][ T7949] exfat: Deprecated parameter 'namecase' [ 723.682577][ T7949] exfat: Deprecated parameter 'utf8' [ 723.702125][ T7949] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 723.857547][ T28] audit: type=1400 audit(1758719737.125:210): avc: denied { mounton } for pid=7953 comm="syz.2.1908" path="/384/file0" dev="tmpfs" ino=2223 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 724.277815][ T7944] loop3: detected capacity change from 0 to 40427 [ 724.279901][ T7960] loop4: detected capacity change from 0 to 256 [ 724.285400][ T7944] F2FS-fs (loop3): fault_injection options not supported [ 724.345085][ T7951] loop1: detected capacity change from 0 to 40427 [ 724.353346][ T7944] F2FS-fs (loop3): fault_type options not supported [ 724.370538][ T7951] F2FS-fs (loop1): fault_injection options not supported [ 724.383255][ T7951] F2FS-fs (loop1): fault_type options not supported [ 724.396478][ T7951] F2FS-fs (loop1): invalid crc value [ 724.414198][ T7944] F2FS-fs (loop3): invalid crc value [ 724.419181][ T7951] F2FS-fs (loop1): Found nat_bits in checkpoint [ 724.428979][ T7944] F2FS-fs (loop3): Found nat_bits in checkpoint [ 724.461142][ T7951] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 724.809112][ T7944] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 725.279404][ T288] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 725.363135][ T39] usb 1-1: new full-speed USB device number 32 using dummy_hcd [ 725.484158][ T288] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 725.503153][ T288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 725.533098][ T288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 725.554199][ T39] usb 1-1: New USB device found, idVendor=1e7d, idProduct=3264, bcdDevice= 0.00 [ 725.563664][ T288] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 725.583070][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 725.593162][ T2923] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 725.615085][ T39] usb 1-1: config 0 descriptor?? [ 725.621026][ T288] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 725.650072][ T288] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 725.667086][ T288] usb 3-1: Manufacturer: syz [ 725.686841][ T288] usb 3-1: config 0 descriptor?? [ 725.796423][ T2923] usb 5-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 725.830047][ T2923] usb 5-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 725.850426][ T2923] usb 5-1: config 1 interface 0 has no altsetting 0 [ 725.872124][ T2923] usb 5-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 725.891710][ T2923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 725.901891][ T7973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 725.913217][ T7973] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 725.920788][ T2923] usb 5-1: Product: syz [ 725.926827][ T2923] usb 5-1: Manufacturer: syz [ 725.941885][ T2923] usb 5-1: SerialNumber: syz [ 725.955378][ T7982] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 725.962577][ T7982] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 726.066212][ T7986] loop1: detected capacity change from 0 to 512 [ 726.312456][ T7986] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 726.320736][ T7986] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 726.332014][ T7986] EXT4-fs (loop1): 1 truncate cleaned up [ 726.337760][ T7986] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 728.359850][ T288] appleir 0003:05AC:8243.001D: unknown main item tag 0x0 [ 728.384298][ T284] EXT4-fs (loop1): unmounting filesystem. [ 728.384888][ T39] isku 0003:1E7D:3264.001C: hidraw0: USB HID v0.00 Device [HID 1e7d:3264] on usb-dummy_hcd.0-1/input0 [ 728.401401][ T288] appleir 0003:05AC:8243.001D: No inputs registered, leaving [ 728.410685][ T288] appleir 0003:05AC:8243.001D: hiddev96,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 728.423369][ T39] isku 0003:1E7D:3264.001C: couldn't init struct isku_device [ 728.431094][ T39] isku 0003:1E7D:3264.001C: couldn't install keyboard [ 728.443850][ T39] isku: probe of 0003:1E7D:3264.001C failed with error -71 [ 728.470503][ T39] usb 1-1: USB disconnect, device number 32 [ 728.517652][ T2923] rtl8150 5-1:1.0: couldn't reset the device [ 728.525232][ T2923] rtl8150: probe of 5-1:1.0 failed with error -5 [ 728.543116][ T2923] usb 5-1: USB disconnect, device number 24 [ 729.203201][ T418] usb 3-1: USB disconnect, device number 22 [ 729.231751][ T8012] loop2: detected capacity change from 0 to 256 [ 729.238982][ T8007] fido_id[8007]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 732.884404][ T8035] netlink: 'syz.3.1924': attribute type 4 has an invalid length. [ 732.892307][ T8035] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1924'. [ 733.604510][ T8036] loop1: detected capacity change from 0 to 16 [ 734.386566][ T8036] erofs: (device loop1): erofs_read_superblock: cannot find valid erofs superblock [ 734.868095][ T8055] loop3: detected capacity change from 0 to 512 [ 735.154990][ T8055] EXT4-fs (loop3): 1 orphan inode deleted [ 735.160974][ T8055] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 735.172449][ T8055] ext4 filesystem being mounted at /384/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 735.944580][ T8] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 735.957122][ T8] EXT4-fs error (device loop3): ext4_release_dquot:6839: comm kworker/u4:0: Failed to release dquot type 1 [ 735.970164][ T283] EXT4-fs (loop3): unmounting filesystem. [ 735.988080][ T8065] loop2: detected capacity change from 0 to 512 [ 736.000022][ T8065] EXT4-fs (loop2): orphan cleanup on readonly fs [ 736.007780][ T8065] Quota error (device loop2): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 736.018959][ T8065] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 736.028964][ T8065] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm syz.2.1932: Failed to acquire dquot type 1 [ 736.060421][ T8065] EXT4-fs (loop2): 1 truncate cleaned up [ 736.092920][ T8068] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1931'. [ 736.101981][ T8068] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1931'. [ 736.311450][ T8065] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 736.332247][ T287] EXT4-fs (loop2): unmounting filesystem. [ 736.911418][ T3929] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 737.515603][ T1958] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 737.592056][ T8098] loop4: detected capacity change from 0 to 512 [ 737.742809][ T8098] EXT4-fs (loop4): 1 orphan inode deleted [ 737.748729][ T8098] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 737.759992][ T6819] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 737.771888][ T8098] ext4 filesystem being mounted at /379/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 737.894161][ T1958] usb 2-1: Using ep0 maxpacket: 16 [ 737.920580][ T6819] EXT4-fs error (device loop4): ext4_release_dquot:6839: comm kworker/u4:2: Failed to release dquot type 1 [ 738.063015][ T1958] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 738.074222][ T1958] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 738.601482][ T8053] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 738.607912][ T3929] Bluetooth: hci1: command 0x1003 tx timeout [ 738.687483][ T1958] usb 2-1: Product: syz [ 738.691724][ T1958] usb 2-1: Manufacturer: syz [ 738.702662][ T286] EXT4-fs (loop4): unmounting filesystem. [ 738.702680][ T8106] loop2: detected capacity change from 0 to 256 [ 738.727474][ T1958] usb 2-1: SerialNumber: syz [ 738.732919][ T1958] r8152-cfgselector 2-1: config 0 descriptor?? [ 739.658905][ T8112] overlayfs: failed to resolve './file1': -2 [ 740.558681][ T1958] r8152-cfgselector 2-1: Unknown version 0x0000 [ 740.566137][ T1958] r8152-cfgselector 2-1: Unknown version 0x0000 [ 740.574138][ T1958] r8152-cfgselector 2-1: bad CDC descriptors [ 740.582330][ T1958] r8152-cfgselector 2-1: Unknown version 0x0000 [ 740.589218][ T1958] r8152-cfgselector 2-1: USB disconnect, device number 34 [ 741.035700][ T8141] loop0: detected capacity change from 0 to 512 [ 741.043946][ T8141] EXT4-fs (loop0): #blocks per group too big: 466944 [ 741.152551][ T8142] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1950'. [ 741.215024][ T8144] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 741.581601][ T8154] loop4: detected capacity change from 0 to 512 [ 741.968864][ T8154] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1956: casefold flag without casefold feature [ 742.005181][ T8154] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1956: couldn't read orphan inode 15 (err -117) [ 742.020133][ T8154] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 743.477058][ T8171] loop3: detected capacity change from 0 to 256 [ 743.647694][ T286] EXT4-fs (loop4): unmounting filesystem. [ 745.212034][ T8186] loop2: detected capacity change from 0 to 512 [ 745.318863][ T8186] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 745.327161][ T8186] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 745.337409][ T8186] EXT4-fs (loop2): 1 truncate cleaned up [ 745.343128][ T8186] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 746.013110][ T3626] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 746.123808][ T287] EXT4-fs (loop2): unmounting filesystem. [ 746.153633][ T8199] loop0: detected capacity change from 0 to 512 [ 746.203105][ T3626] usb 4-1: Using ep0 maxpacket: 16 [ 746.208389][ T8199] EXT4-fs (loop0): #blocks per group too big: 466944 [ 746.218548][ T3626] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 746.270227][ T3626] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 746.278536][ T3626] usb 4-1: Product: syz [ 746.282730][ T3626] usb 4-1: Manufacturer: syz [ 746.287588][ T3626] usb 4-1: SerialNumber: syz [ 746.296311][ T3626] r8152-cfgselector 4-1: config 0 descriptor?? [ 747.184132][ T3626] r8152-cfgselector 4-1: Unknown version 0x0000 [ 747.192369][ T3626] r8152-cfgselector 4-1: Unknown version 0x0000 [ 747.198720][ T3626] r8152-cfgselector 4-1: bad CDC descriptors [ 747.213068][ T3626] r8152-cfgselector 4-1: Unknown version 0x0000 [ 747.219942][ T3626] r8152-cfgselector 4-1: USB disconnect, device number 26 [ 747.509824][ T8218] loop4: detected capacity change from 0 to 512 [ 747.572468][ T8220] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 747.581542][ T8218] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 747.717203][ T8218] EXT4-fs (loop4): 1 truncate cleaned up [ 747.722973][ T8218] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 747.783118][ T8218] EXT4-fs error (device loop4): __ext4_iget:5079: inode #12: block 2: comm syz.4.1970: invalid block [ 747.810268][ T8218] EXT4-fs (loop4): Remounting filesystem read-only [ 748.586235][ T286] EXT4-fs (loop4): unmounting filesystem. [ 748.701349][ T8245] loop2: detected capacity change from 0 to 256 [ 748.709553][ T8245] exfat: Deprecated parameter 'namecase' [ 748.715425][ T8245] exfat: Deprecated parameter 'utf8' [ 748.725863][ T8245] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 749.422275][ T1958] usb 5-1: new full-speed USB device number 25 using dummy_hcd [ 749.875848][ T8259] loop2: detected capacity change from 0 to 512 [ 749.883800][ T8259] EXT4-fs (loop2): #blocks per group too big: 466944 [ 750.029234][ T8261] syz.3.1983[8261] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 750.029514][ T8261] syz.3.1983[8261] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 750.044784][ T1958] usb 5-1: New USB device found, idVendor=1e7d, idProduct=3264, bcdDevice= 0.00 [ 750.077938][ T1958] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 750.086840][ T1958] usb 5-1: config 0 descriptor?? [ 750.240836][ T8266] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 750.334354][ T8267] loop0: detected capacity change from 0 to 512 [ 750.421985][ T8267] EXT4-fs (loop0): 1 orphan inode deleted [ 750.427884][ T8267] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 750.438302][ T6973] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 750.450416][ T8267] ext4 filesystem being mounted at /383/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 750.901695][ T6973] EXT4-fs error (device loop0): ext4_release_dquot:6839: comm kworker/u4:7: Failed to release dquot type 1 [ 752.220430][ T285] EXT4-fs (loop0): unmounting filesystem. [ 752.222156][ T1958] usbhid 5-1:0.0: can't add hid device: -71 [ 752.236645][ T1958] usbhid: probe of 5-1:0.0 failed with error -71 [ 752.251997][ T1958] usb 5-1: USB disconnect, device number 25 [ 752.350398][ T8273] loop3: detected capacity change from 0 to 40427 [ 752.373680][ T8273] F2FS-fs (loop3): fault_injection options not supported [ 752.381870][ T8273] F2FS-fs (loop3): fault_type options not supported [ 752.393934][ T8273] F2FS-fs (loop3): invalid crc value [ 752.436131][ T8273] F2FS-fs (loop3): Found nat_bits in checkpoint [ 752.988546][ T8295] loop0: detected capacity change from 0 to 512 [ 753.149967][ T8295] EXT4-fs (loop0): orphan cleanup on readonly fs [ 753.225184][ T8295] Quota error (device loop0): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 753.235830][ T8295] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0 [ 753.245370][ T8295] EXT4-fs error (device loop0): ext4_acquire_dquot:6803: comm syz.0.1993: Failed to acquire dquot type 1 [ 753.260081][ T8295] EXT4-fs (loop0): 1 truncate cleaned up [ 753.550310][ T8299] loop4: detected capacity change from 0 to 256 [ 753.580805][ T8273] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 753.636078][ T8300] loop1: detected capacity change from 0 to 512 [ 753.707863][ T8299] exfat: Deprecated parameter 'namecase' [ 753.835784][ T8299] exfat: Deprecated parameter 'utf8' [ 753.871866][ T8300] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1995: casefold flag without casefold feature [ 754.196561][ T8295] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 754.212884][ T8300] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1995: couldn't read orphan inode 15 (err -117) [ 754.226636][ T8299] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 754.236449][ T8300] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 756.576638][ T285] EXT4-fs (loop0): unmounting filesystem. [ 756.712830][ T284] EXT4-fs (loop1): unmounting filesystem. [ 757.389576][ T8318] syz.2.1999[8318] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 757.389658][ T8318] syz.2.1999[8318] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 758.621308][ T8351] fuse: Unknown parameter 'group_i00000000000000000000' [ 758.915968][ T8356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2008'. [ 758.924943][ T8356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2008'. [ 759.338244][ T8363] loop1: detected capacity change from 0 to 512 [ 759.805531][ T8363] EXT4-fs (loop1): orphan cleanup on readonly fs [ 759.814180][ T8363] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 759.824756][ T8363] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 759.834253][ T8363] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.2009: Failed to acquire dquot type 1 [ 759.854557][ T8363] EXT4-fs (loop1): 1 truncate cleaned up [ 759.993443][ T8367] loop2: detected capacity change from 0 to 256 [ 760.038162][ T8363] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 760.341117][ T8367] exfat: Deprecated parameter 'namecase' [ 760.371152][ T8367] exfat: Deprecated parameter 'utf8' [ 760.409986][ T8367] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 760.636579][ T284] EXT4-fs (loop1): unmounting filesystem. [ 760.824499][ T8375] loop4: detected capacity change from 0 to 256 [ 761.408796][ T8388] netlink: 'syz.0.2016': attribute type 4 has an invalid length. [ 761.416746][ T8388] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2016'. [ 762.456201][ T2923] usb 2-1: new full-speed USB device number 35 using dummy_hcd [ 763.413962][ T8408] loop0: detected capacity change from 0 to 4096 [ 763.427008][ T8408] EXT4-fs (loop0): Test dummy encryption mode enabled [ 763.434041][ T8408] EXT4-fs (loop0): unsupported descriptor size 255 [ 763.466075][ T2923] usb 2-1: New USB device found, idVendor=1e7d, idProduct=3264, bcdDevice= 0.00 [ 763.517489][ T2923] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 763.685271][ T2923] usb 2-1: config 0 descriptor?? [ 763.839290][ T8418] device syzkaller0 entered promiscuous mode [ 764.120459][ T8424] syz.4.2026[8424] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 764.120540][ T8424] syz.4.2026[8424] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 764.154084][ T2923] isku 0003:1E7D:3264.001E: hidraw0: USB HID v0.00 Device [HID 1e7d:3264] on usb-dummy_hcd.1-1/input0 [ 764.551961][ T19] usb 2-1: USB disconnect, device number 35 [ 765.873136][ T8447] netlink: 'syz.4.2030': attribute type 4 has an invalid length. [ 765.880899][ T8447] netlink: 17 bytes leftover after parsing attributes in process `syz.4.2030'. [ 766.728338][ T8455] loop4: detected capacity change from 0 to 512 [ 766.764485][ T8455] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 766.895695][ T19] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 766.949263][ T8455] EXT4-fs (loop4): orphan cleanup on readonly fs [ 767.033074][ T8455] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.2035: bg 0: block 248: padding at end of block bitmap is not set [ 767.072530][ T8455] Quota error (device loop4): write_blk: dquota write failed [ 767.080460][ T8455] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 767.090630][ T8455] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.2035: Failed to acquire dquot type 1 [ 767.347657][ T8455] EXT4-fs (loop4): 1 truncate cleaned up [ 767.384433][ T8455] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 767.491722][ T8455] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2035'. [ 767.714700][ T19] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 768.253969][ T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 768.285411][ T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 768.322287][ T19] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 768.378935][ T19] usb 1-1: string descriptor 0 read error: -71 [ 768.406694][ T19] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 768.694601][ T8477] loop0: detected capacity change from 0 to 512 [ 770.394779][ T286] EXT4-fs (loop4): unmounting filesystem. [ 770.596011][ T8477] EXT4-fs (loop0): 1 orphan inode deleted [ 770.601834][ T8477] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 770.612600][ T8477] ext4 filesystem being mounted at /394/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 771.212653][ T19] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 771.224024][ T10] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 771.234885][ T10] EXT4-fs error (device loop0): ext4_release_dquot:6839: comm kworker/u4:1: Failed to release dquot type 1 [ 771.253220][ T19] usb 1-1: config 0 descriptor?? [ 771.261049][ T19] usb 1-1: can't set config #0, error -71 [ 771.273671][ T19] usb 1-1: USB disconnect, device number 33 [ 771.295843][ T285] EXT4-fs (loop0): unmounting filesystem. [ 773.238342][ T8502] loop4: detected capacity change from 0 to 512 [ 773.276945][ T8502] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 773.690483][ T8502] EXT4-fs (loop4): 1 truncate cleaned up [ 773.696366][ T8502] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 773.739387][ T8502] EXT4-fs error (device loop4): __ext4_iget:5079: inode #12: block 2: comm syz.4.2045: invalid block [ 773.751455][ T8502] EXT4-fs (loop4): Remounting filesystem read-only [ 775.425044][ T286] EXT4-fs (loop4): unmounting filesystem. [ 775.609204][ T39] usb 2-1: new full-speed USB device number 36 using dummy_hcd [ 776.532945][ T39] usb 2-1: New USB device found, idVendor=1e7d, idProduct=3264, bcdDevice= 0.00 [ 776.597651][ T39] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 776.701839][ T39] usb 2-1: config 0 descriptor?? [ 776.960883][ T8533] loop3: detected capacity change from 0 to 40427 [ 776.977822][ T8533] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 776.993091][ T8533] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 777.002217][ T8533] F2FS-fs (loop3): invalid crc value [ 777.009297][ T8533] F2FS-fs (loop3): Found nat_bits in checkpoint [ 777.130777][ T8548] overlayfs: failed to resolve './file0': -2 [ 777.229060][ T39] isku 0003:1E7D:3264.001F: hidraw0: USB HID v0.00 Device [HID 1e7d:3264] on usb-dummy_hcd.1-1/input0 [ 778.092135][ T8533] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 778.101484][ T8533] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 778.768227][ T352] usb 2-1: USB disconnect, device number 36 [ 779.413057][ T3626] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 779.503351][ T8582] syz.1.2064[8582] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 779.503432][ T8582] syz.1.2064[8582] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 779.624188][ T3626] usb 5-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 779.655807][ T3626] usb 5-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 779.672248][ T3626] usb 5-1: config 1 interface 0 has no altsetting 0 [ 779.684509][ T3626] usb 5-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 779.698775][ T3626] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 779.710987][ T3626] usb 5-1: Product: syz [ 779.718331][ T3626] usb 5-1: Manufacturer: syz [ 779.726076][ T3626] usb 5-1: SerialNumber: syz [ 779.737608][ T8572] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 779.746963][ T8572] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 779.854603][ T8585] loop0: detected capacity change from 0 to 512 [ 779.866309][ T8585] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.2065: casefold flag without casefold feature [ 779.879653][ T8585] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.2065: couldn't read orphan inode 15 (err -117) [ 779.892237][ T8585] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 780.949996][ T8593] loop2: detected capacity change from 0 to 512 [ 781.091647][ T8593] EXT4-fs (loop2): 1 orphan inode deleted [ 781.097576][ T8593] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 781.171819][ T8593] ext4 filesystem being mounted at /421/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 781.960594][ T2664] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 781.980920][ T2664] EXT4-fs error (device loop2): ext4_release_dquot:6839: comm kworker/u4:8: Failed to release dquot type 1 [ 782.003735][ T287] EXT4-fs (loop2): unmounting filesystem. [ 782.015661][ T285] EXT4-fs (loop0): unmounting filesystem. [ 782.187135][ T3626] (unnamed net_device) (uninitialized): Assigned a random MAC address: be:06:0d:e9:a2:90 [ 782.204634][ T3626] rtl8150 5-1:1.0: eth1: rtl8150 is detected [ 783.942717][ T3626] usb 5-1: USB disconnect, device number 26 [ 785.801876][ T8647] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2078'. [ 786.699172][ T8651] device syzkaller0 entered promiscuous mode [ 787.101774][ T8666] loop3: detected capacity change from 0 to 256 [ 787.123432][ T8666] exfat: Deprecated parameter 'namecase' [ 787.154320][ T8666] exfat: Deprecated parameter 'utf8' [ 787.276095][ T8675] loop1: detected capacity change from 0 to 512 [ 788.361495][ T8666] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 788.571056][ T8675] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 788.579277][ T8675] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 788.589686][ T8675] EXT4-fs (loop1): 1 truncate cleaned up [ 788.595414][ T8675] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 790.522547][ T284] EXT4-fs (loop1): unmounting filesystem. [ 790.621252][ T8696] loop0: detected capacity change from 0 to 512 [ 790.644963][ T8696] EXT4-fs (loop0): #blocks per group too big: 466944 [ 791.953074][ T1780] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 792.183185][ T1780] usb 5-1: Using ep0 maxpacket: 32 [ 792.495614][ T1780] usb 5-1: unable to get BOS descriptor or descriptor too short [ 792.510952][ T1780] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 792.524166][ T1780] usb 5-1: can't read configurations, error -71 [ 792.574289][ T8725] fuse: Unknown parameter 'f0000000000000000000000000000000000000000' [ 792.792524][ T8732] device syzkaller0 entered promiscuous mode [ 793.596870][ T4266] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 793.764705][ T8750] loop1: detected capacity change from 0 to 256 [ 793.782052][ T8750] exfat: Deprecated parameter 'namecase' [ 793.797904][ T8750] exfat: Deprecated parameter 'utf8' [ 793.809749][ T8750] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012366, chksum : 0x6ab66362, utbl_chksum : 0xe619d30d) [ 793.823093][ T4266] usb 4-1: Using ep0 maxpacket: 32 [ 794.282783][ T4266] usb 4-1: unable to get BOS descriptor or descriptor too short [ 794.291098][ T4266] usb 4-1: unable to read config index 0 descriptor/start: -71 [ 794.298725][ T4266] usb 4-1: can't read configurations, error -71 [ 794.347411][ T8761] loop4: detected capacity change from 0 to 256 [ 794.430834][ T3626] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 794.844569][ T8767] loop0: detected capacity change from 0 to 512 [ 794.857874][ T8767] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 794.870136][ T8767] EXT4-fs (loop0): orphan cleanup on readonly fs [ 794.881221][ T8767] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2103: bg 0: block 248: padding at end of block bitmap is not set [ 794.896102][ T3626] usb 3-1: Using ep0 maxpacket: 16 [ 794.902796][ T8767] Quota error (device loop0): write_blk: dquota write failed [ 794.910477][ T8767] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 794.920541][ T8767] EXT4-fs error (device loop0): ext4_acquire_dquot:6803: comm syz.0.2103: Failed to acquire dquot type 1 [ 794.938022][ T8767] EXT4-fs (loop0): 1 truncate cleaned up [ 794.944894][ T8767] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 794.965688][ T3626] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 795.054524][ T8767] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2103'. [ 795.166706][ T3626] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 795.770080][ T3626] usb 3-1: Product: syz [ 795.832362][ T3626] usb 3-1: Manufacturer: syz [ 795.899433][ T3626] usb 3-1: SerialNumber: syz [ 796.072469][ T3626] r8152-cfgselector 3-1: config 0 descriptor?? [ 796.325631][ T285] EXT4-fs (loop0): unmounting filesystem. [ 796.336317][ T3626] r8152-cfgselector 3-1: Unknown version 0x0000 [ 796.403067][ T352] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 796.478048][ T8790] loop1: detected capacity change from 0 to 512 [ 796.663598][ T8790] EXT4-fs (loop1): orphan cleanup on readonly fs [ 796.672827][ T8790] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 796.683437][ T8790] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0 [ 796.692881][ T8790] EXT4-fs error (device loop1): ext4_acquire_dquot:6803: comm syz.1.2108: Failed to acquire dquot type 1 [ 796.708810][ T8790] EXT4-fs (loop1): 1 truncate cleaned up [ 797.462195][ T3626] r8152-cfgselector 3-1: Unknown version 0x0000 [ 797.795518][ T3626] r8152-cfgselector 3-1: bad CDC descriptors [ 797.804330][ T8790] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 797.805649][ T3626] r8152-cfgselector 3-1: Unknown version 0x0000 [ 797.823597][ T3626] r8152-cfgselector 3-1: USB disconnect, device number 23 [ 797.836277][ T8797] loop0: detected capacity change from 0 to 512 [ 797.856815][ T8797] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 797.899706][ T8797] EXT4-fs (loop0): 1 truncate cleaned up [ 797.908571][ T8797] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 797.920726][ T8797] EXT4-fs error (device loop0): __ext4_iget:5079: inode #12: block 2: comm syz.0.2109: invalid block [ 797.951672][ T8797] EXT4-fs (loop0): Remounting filesystem read-only [ 797.983790][ T352] usb 5-1: Using ep0 maxpacket: 16 [ 797.989885][ T284] EXT4-fs (loop1): unmounting filesystem. [ 797.991788][ T352] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 798.024519][ T352] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 798.037784][ T352] usb 5-1: Product: syz [ 798.048355][ T352] usb 5-1: Manufacturer: syz [ 798.056125][ T352] usb 5-1: SerialNumber: syz [ 798.070575][ T352] r8152-cfgselector 5-1: config 0 descriptor?? [ 798.527896][ T352] r8152-cfgselector 5-1: Unknown version 0x0000 [ 798.635225][ T1912] usb 4-1: new full-speed USB device number 29 using dummy_hcd [ 798.725822][ T352] r8152-cfgselector 5-1: Unknown version 0x0000 [ 798.761456][ T8810] loop2: detected capacity change from 0 to 512 [ 798.818589][ T8810] EXT4-fs (loop2): 1 orphan inode deleted [ 798.824544][ T8810] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 798.836693][ T8810] ext4 filesystem being mounted at /432/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 798.879366][ T1912] usb 4-1: New USB device found, idVendor=1e7d, idProduct=3264, bcdDevice= 0.00 [ 798.960774][ T1912] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 799.321492][ T1912] usb 4-1: config 0 descriptor?? [ 799.769594][ T352] r8152-cfgselector 5-1: bad CDC descriptors [ 799.777586][ T352] r8152-cfgselector 5-1: Unknown version 0x0000 [ 799.786957][ T352] r8152-cfgselector 5-1: USB disconnect, device number 29 [ 799.803255][ T10] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 799.842956][ T10] EXT4-fs error (device loop2): ext4_release_dquot:6839: comm kworker/u4:1: Failed to release dquot type 1 [ 800.002953][ T287] EXT4-fs (loop2): unmounting filesystem. [ 800.206020][ T8826] device syzkaller0 entered promiscuous mode [ 800.291856][ T8829] syz.1.2117[8829] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 800.291974][ T8829] syz.1.2117[8829] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 800.453484][ T1912] isku 0003:1E7D:3264.0020: hidraw0: USB HID v0.00 Device [HID 1e7d:3264] on usb-dummy_hcd.3-1/input0 [ 800.518548][ T8831] device syzkaller0 entered promiscuous mode [ 800.772605][ T285] EXT4-fs (loop0): unmounting filesystem. [ 800.778609][ T8835] loop2: detected capacity change from 0 to 256 [ 800.941238][ T352] usb 4-1: USB disconnect, device number 29 [ 804.758158][ T8876] loop1: detected capacity change from 0 to 512 [ 804.768510][ T8876] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 804.912599][ T8876] EXT4-fs (loop1): 1 truncate cleaned up [ 804.918448][ T8876] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 804.991098][ T8876] EXT4-fs error (device loop1): __ext4_iget:5079: inode #12: block 2: comm syz.1.2128: invalid block [ 805.003486][ T8876] EXT4-fs (loop1): Remounting filesystem read-only [ 805.131766][ T8879] loop3: detected capacity change from 0 to 512 [ 805.365887][ T8879] EXT4-fs (loop3): orphan cleanup on readonly fs [ 805.804013][ T284] EXT4-fs (loop1): unmounting filesystem. [ 805.814517][ T8879] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 805.845576][ T8879] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0 [ 805.882924][ T8879] EXT4-fs error (device loop3): ext4_acquire_dquot:6803: comm syz.3.2126: Failed to acquire dquot type 1 [ 806.384608][ T8879] EXT4-fs (loop3): 1 truncate cleaned up [ 806.455045][ T8879] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 808.760200][ T8908] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2137'. [ 808.769419][ T8908] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2137'. [ 808.853787][ T1912] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 809.094155][ T1912] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 809.105204][ T1912] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 809.116313][ T1912] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 809.126203][ T1912] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 809.200892][ T1912] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 809.212786][ T1912] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 809.221403][ T1912] usb 5-1: Manufacturer: syz [ 809.307316][ T1912] usb 5-1: config 0 descriptor?? [ 809.483963][ T283] EXT4-fs (loop3): unmounting filesystem. [ 809.514829][ T8905] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 809.524020][ T8905] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 809.689095][ T8928] loop2: detected capacity change from 0 to 40427 [ 809.704139][ T8928] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 809.719257][ T8928] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 809.728808][ T8928] F2FS-fs (loop2): invalid crc value [ 809.735429][ T1912] appleir 0003:05AC:8243.0021: unknown main item tag 0x0 [ 809.744884][ T1912] appleir 0003:05AC:8243.0021: No inputs registered, leaving [ 809.759783][ T1912] appleir 0003:05AC:8243.0021: hiddev96,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 809.760282][ T8928] F2FS-fs (loop2): Found nat_bits in checkpoint [ 809.839936][ T8928] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 809.847225][ T8928] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 811.863253][ T8960] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2148'. [ 812.769836][ T8969] loop1: detected capacity change from 0 to 256 [ 814.211927][ T3626] usb 5-1: USB disconnect, device number 30 [ 815.327535][ T8980] loop0: detected capacity change from 0 to 512 [ 816.190764][ T8980] EXT4-fs (loop0): 1 orphan inode deleted [ 816.196611][ T8980] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 816.206971][ T8980] ext4 filesystem being mounted at /417/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 816.253890][ T6819] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 816.278660][ T6819] EXT4-fs error (device loop0): ext4_release_dquot:6839: comm kworker/u4:2: Failed to release dquot type 1 [ 816.475380][ T8993] device syzkaller0 entered promiscuous mode [ 816.520919][ T285] EXT4-fs (loop0): unmounting filesystem. [ 817.358261][ T8995] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2160'. [ 817.367230][ T8995] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2160'. [ 817.370084][ T9002] loop0: detected capacity change from 0 to 16 [ 817.383694][ T9002] erofs: (device loop0): erofs_read_superblock: cannot find valid erofs superblock [ 817.851544][ T9009] loop2: detected capacity change from 0 to 512 [ 817.892327][ T9012] loop4: detected capacity change from 0 to 512 [ 817.949390][ T9009] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #16: comm syz.2.2165: corrupted inode contents [ 818.009205][ T9018] loop0: detected capacity change from 0 to 512 [ 818.024606][ T9018] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 818.064161][ T9009] EXT4-fs (loop2): Remounting filesystem read-only [ 818.078974][ T9012] EXT4-fs (loop4): orphan cleanup on readonly fs [ 818.088189][ T9018] EXT4-fs (loop0): orphan cleanup on readonly fs [ 818.097315][ T9018] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2164: bg 0: block 248: padding at end of block bitmap is not set [ 818.113441][ T9018] Quota error (device loop0): write_blk: dquota write failed [ 818.120987][ T9018] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 818.130990][ T9018] EXT4-fs error (device loop0): ext4_acquire_dquot:6803: comm syz.0.2164: Failed to acquire dquot type 1 [ 818.144752][ T9018] EXT4-fs (loop0): 1 truncate cleaned up [ 818.151773][ T9018] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 818.213326][ T9018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2164'. [ 818.229867][ T9009] EXT4-fs error (device loop2): ext4_dirty_inode:6121: inode #16: comm syz.2.2165: mark_inode_dirty error [ 818.478092][ T9009] EXT4-fs (loop2): Remounting filesystem read-only [ 818.577389][ T9009] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #16: comm syz.2.2165: corrupted inode contents [ 818.608654][ T9012] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0 [ 818.651201][ T9009] EXT4-fs (loop2): Remounting filesystem read-only [ 819.061374][ T4266] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 819.113113][ T9009] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.2165: mark_inode_dirty error [ 819.192398][ T9009] EXT4-fs (loop2): Remounting filesystem read-only [ 819.201425][ T9012] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 819.221203][ T9009] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #16: comm syz.2.2165: corrupted inode contents [ 819.235277][ T9027] device syzkaller0 entered promiscuous mode [ 819.243710][ T9009] EXT4-fs (loop2): Remounting filesystem read-only [ 819.263023][ T4266] usb 4-1: Using ep0 maxpacket: 16 [ 819.264840][ T9012] EXT4-fs error (device loop4): ext4_acquire_dquot:6803: comm syz.4.2158: Failed to acquire dquot type 1 [ 819.268854][ T9009] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 819.289281][ T9012] EXT4-fs (loop4): 1 truncate cleaned up [ 819.289350][ T9009] EXT4-fs (loop2): Remounting filesystem read-only [ 819.301935][ T9009] EXT4-fs error (device loop2): ext4_do_update_inode:5256: inode #16: comm syz.2.2165: corrupted inode contents [ 819.317497][ T9012] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 819.328278][ T4266] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 819.331102][ T9009] EXT4-fs (loop2): Remounting filesystem read-only [ 819.338174][ T285] EXT4-fs (loop0): unmounting filesystem. [ 819.343893][ T9009] EXT4-fs error (device loop2): ext4_truncate:4314: inode #16: comm syz.2.2165: mark_inode_dirty error [ 819.353210][ T4266] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 819.361358][ T9009] EXT4-fs (loop2): Remounting filesystem read-only [ 819.378961][ T9009] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 819.390050][ T9009] EXT4-fs (loop2): Remounting filesystem read-only [ 819.396962][ T9009] EXT4-fs (loop2): 1 truncate cleaned up [ 819.404570][ T28] audit: type=1400 audit(1758719832.675:211): avc: denied { create } for pid=9028 comm="syz.0.2169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 819.411714][ T9009] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 819.440974][ T28] audit: type=1400 audit(1758719832.675:212): avc: denied { setopt } for pid=9028 comm="syz.0.2169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 819.447591][ T4266] usb 4-1: Product: syz [ 819.472901][ T9009] ext4 filesystem being mounted at /444/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 819.485882][ T28] audit: type=1400 audit(1758719832.745:213): avc: denied { create } for pid=9031 comm="syz.1.2171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 819.502549][ T4266] usb 4-1: Manufacturer: syz [ 819.515054][ T9035] loop1: detected capacity change from 0 to 512 [ 819.521406][ T28] audit: type=1400 audit(1758719832.745:214): avc: denied { write } for pid=9030 comm="syz.0.2170" name="anycast6" dev="proc" ino=4026532523 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 819.533267][ T4266] usb 4-1: SerialNumber: syz [ 819.553677][ T4266] r8152-cfgselector 4-1: config 0 descriptor?? [ 819.561731][ T10] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 819.573877][ T10] EXT4-fs error (device loop2): ext4_release_dquot:6839: comm kworker/u4:1: Failed to release dquot type 1 [ 819.585776][ T10] EXT4-fs (loop2): Remounting filesystem read-only [ 819.654879][ T9035] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 819.672294][ T9035] ext4 filesystem being mounted at /449/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 819.851011][ T284] EXT4-fs (loop1): unmounting filesystem. [ 819.989733][ T4266] r8152-cfgselector 4-1: Unknown version 0x0000 [ 819.998814][ T4266] r8152-cfgselector 4-1: bad CDC descriptors [ 820.014510][ T4266] r8152-cfgselector 4-1: Unknown version 0x0000 [ 820.034574][ T4266] r8152-cfgselector 4-1: USB disconnect, device number 30 [ 820.108570][ T287] EXT4-fs (loop2): unmounting filesystem. [ 820.203071][ T1958] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 821.304086][ T1958] usb 2-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00 [ 821.313297][ T1958] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 821.324950][ T1958] usb 2-1: config 0 descriptor?? [ 821.455808][ T9052] loop2: detected capacity change from 0 to 256 [ 821.471464][ T9052] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 821.485349][ T9052] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 821.509090][ T9052] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 821.593959][ T4773] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 821.611915][ T286] EXT4-fs (loop4): unmounting filesystem. [ 822.344355][ T1958] wacom 0003:056A:00D0.0022: Unknown device_type for 'HID 056a:00d0'. Assuming pen. [ 822.356249][ T1958] wacom 0003:056A:00D0.0022: hidraw0: USB HID v1.01 Device [HID 056a:00d0] on usb-dummy_hcd.1-1/input0 [ 822.487694][ T1958] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00D0.0022/input/input4 [ 822.504472][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 822.504636][ T28] audit: type=1400 audit(1758719835.775:216): avc: denied { write } for pid=287 comm="syz-executor" name="file0" dev="loop2" ino=1048705 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 822.533611][ T4773] usb 1-1: Using ep0 maxpacket: 8 [ 822.571434][ T28] audit: type=1400 audit(1758719835.775:217): avc: denied { remove_name } for pid=287 comm="syz-executor" name="file0" dev="loop2" ino=1048710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 822.576384][ T4773] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 822.614341][ T1958] usb 2-1: USB disconnect, device number 37 [ 822.623320][ T28] audit: type=1400 audit(1758719835.775:218): avc: denied { unlink } for pid=287 comm="syz-executor" name="file0" dev="loop2" ino=1048710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 822.656564][ T9072] loop2: detected capacity change from 0 to 256 [ 822.663807][ T9072] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 822.674627][ T4773] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 822.684502][ T28] audit: type=1400 audit(1758719835.775:219): avc: denied { rmdir } for pid=287 comm="syz-executor" name="file0" dev="loop2" ino=1048705 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 822.707293][ T4773] usb 1-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00 [ 822.733049][ T4773] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 822.748716][ T9072] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 822.767160][ T4773] usb 1-1: config 0 descriptor?? [ 822.773678][ T9071] fido_id[9071]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 822.803611][ T9072] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 822.839614][ T28] audit: type=1400 audit(1758719836.105:220): avc: denied { add_name } for pid=9070 comm="syz.2.2182" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 822.865681][ T28] audit: type=1400 audit(1758719836.105:221): avc: denied { create } for pid=9070 comm="syz.2.2182" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 822.886376][ T28] audit: type=1400 audit(1758719836.105:222): avc: denied { associate } for pid=9070 comm="syz.2.2182" name="file1" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 822.908998][ T28] audit: type=1400 audit(1758719836.105:223): avc: denied { read write } for pid=9070 comm="syz.2.2182" name="file1" dev="loop2" ino=1048714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 822.934155][ T28] audit: type=1400 audit(1758719836.105:224): avc: denied { open } for pid=9070 comm="syz.2.2182" path="/447/file0/file1" dev="loop2" ino=1048714 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 822.961842][ T28] audit: type=1400 audit(1758719836.165:225): avc: denied { read } for pid=9083 comm="syz.2.2189" name="ppp" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 822.970447][ T9090] loop2: detected capacity change from 0 to 512 [ 823.006978][ T9090] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps superblock [ 823.033176][ T9090] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock [ 823.043309][ T9090] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 1 not in group (block 0)! [ 823.053699][ T9090] EXT4-fs (loop2): group descriptors corrupted! [ 823.103039][ T2923] usb 4-1: new full-speed USB device number 31 using dummy_hcd [ 823.122836][ T9096] loop2: detected capacity change from 0 to 2048 [ 823.144109][ T9096] loop2: p4 < > [ 823.204802][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x2 [ 823.211885][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x6 [ 823.219053][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.228257][ T9099] loop2: detected capacity change from 0 to 128 [ 823.237950][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.245102][ T9099] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 823.254754][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.261708][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.269737][ T9099] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 823.279803][ T9099] EXT4-fs (loop2): ext4_remount: Checksum for group 0 failed (30846!=65535) [ 823.288708][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.295840][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.302807][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.310030][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.310223][ T287] EXT4-fs (loop2): unmounting filesystem. [ 823.317022][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.324070][ T2923] usb 4-1: config 1 has an invalid interface number: 105 but max is 0 [ 823.329727][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.344940][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.348033][ T2923] usb 4-1: config 1 has no interface number 0 [ 823.351964][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.365321][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.368999][ T2923] usb 4-1: config 1 interface 105 has no altsetting 0 [ 823.372314][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.386136][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.393180][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.393257][ T2923] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d [ 823.400155][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.400193][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.409328][ T2923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 823.423900][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.434975][ T2923] usb 4-1: Product: syz [ 823.442914][ T2923] usb 4-1: Manufacturer: syz [ 823.447273][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.448735][ T2923] usb 4-1: SerialNumber: syz [ 823.457811][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.466141][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.473300][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.480336][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.487510][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.494673][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.501678][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.508956][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.516039][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.523153][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.530149][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.537290][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.544397][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.551408][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.558593][ T4773] cherry 0003:046A:0027.0023: unknown main item tag 0x0 [ 823.567351][ T4773] cherry 0003:046A:0027.0023: hidraw0: USB HID v0.00 Device [HID 046a:0027] on usb-dummy_hcd.0-1/input0 [ 823.591524][ T4773] usb 1-1: USB disconnect, device number 34 [ 823.614673][ T9103] fido_id[9103]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 823.664741][ T2923] aqc111: probe of 4-1:1.105 failed with error -22 [ 823.675800][ T2923] usb 4-1: USB disconnect, device number 31 [ 823.805135][ T9118] loop4: detected capacity change from 0 to 256 [ 823.820634][ T9120] loop2: detected capacity change from 0 to 512 [ 823.840709][ T9120] EXT4-fs: Ignoring removed bh option [ 823.851135][ T9120] EXT4-fs: Ignoring removed mblk_io_submit option [ 823.859049][ T9120] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 823.869429][ T9120] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 823.884609][ T9120] EXT4-fs (loop2): orphan cleanup on readonly fs [ 823.894133][ T9120] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm syz.2.2203: Failed to acquire dquot type 1 [ 823.905732][ T9120] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.2203: Invalid block bitmap block 0 in block_group 0 [ 823.920522][ T9120] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm syz.2.2203: Failed to acquire dquot type 1 [ 823.932753][ T9120] EXT4-fs error (device loop2): ext4_acquire_dquot:6803: comm syz.2.2203: Failed to acquire dquot type 1 [ 823.944508][ T9120] EXT4-fs (loop2): 1 orphan inode deleted [ 823.965401][ T9120] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 824.016835][ T9120] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 824.032664][ T9132] process 'syz.0.2207' launched './file0' with NULL argv: empty string added [ 824.058716][ T287] EXT4-fs (loop2): unmounting filesystem. [ 824.073073][ T9120] syz.2.2203 (9120) used greatest stack depth: 20560 bytes left [ 824.106776][ T334] Bluetooth: hci0: Frame reassembly failed (-84) [ 824.120063][ T9136] loop1: detected capacity change from 0 to 128 [ 824.207681][ T9141] netlink: 'syz.0.2207': attribute type 4 has an invalid length. [ 824.229477][ T9141] netlink: 'syz.0.2207': attribute type 4 has an invalid length. [ 824.236911][ T9142] syz.1.2208: attempt to access beyond end of device [ 824.236911][ T9142] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128 [ 824.259780][ T9141] xt_CT: No such helper "snmp_trap" [ 824.431307][ T334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 824.743042][ T4773] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 824.925778][ T4773] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 824.934898][ T4773] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 824.942926][ T4773] usb 3-1: Product: syz [ 824.947506][ T4773] usb 3-1: Manufacturer: syz [ 824.952147][ T4773] usb 3-1: SerialNumber: syz [ 825.216099][ T9160] device gretap1 entered promiscuous mode [ 825.350843][ T805] kernel read not supported for file /usbmon0 (pid: 805 comm: kworker/1:7) [ 825.978275][ T4773] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42 [ 825.984872][ T4773] cdc_ncm 3-1:1.0: setting tx_max = 184 [ 826.053040][ T60] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 826.181340][ T4773] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42 [ 826.183069][ T8053] Bluetooth: hci0: command 0x1003 tx timeout [ 826.198303][ T8071] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 826.204249][ T4773] usb 3-1: USB disconnect, device number 24 [ 826.239686][ T4773] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP) [ 826.258470][ T60] usb 2-1: config 0 has an invalid interface number: 117 but max is 0 [ 826.272197][ T60] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 826.289242][ T60] usb 2-1: config 0 has no interface number 0 [ 826.295896][ T60] usb 2-1: too many endpoints for config 0 interface 117 altsetting 0: 239, using maximum allowed: 30 [ 826.307149][ T60] usb 2-1: config 0 interface 117 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 826.331156][ T60] usb 2-1: config 0 interface 117 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 239 [ 826.344724][ T1958] ================================================================== [ 826.352824][ T1958] BUG: KASAN: use-after-free in worker_thread+0x9ff/0x11f0 [ 826.360066][ T1958] Read of size 8 at addr ffff88813408cce0 by task kworker/0:9/1958 [ 826.367975][ T1958] [ 826.370308][ T1958] CPU: 0 PID: 1958 Comm: kworker/0:9 Not tainted syzkaller #0 [ 826.377784][ T1958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 826.387848][ T1958] Workqueue: 0x0 (events) [ 826.392316][ T1958] Call Trace: [ 826.395611][ T1958] [ 826.398569][ T1958] __dump_stack+0x21/0x24 [ 826.402998][ T1958] dump_stack_lvl+0xee/0x150 [ 826.407606][ T1958] ? __cfi_dump_stack_lvl+0x8/0x8 [ 826.412650][ T1958] ? __cfi__printk+0x8/0x8 [ 826.417148][ T1958] ? __schedule+0xb8f/0x14e0 [ 826.421819][ T1958] ? worker_thread+0x9ff/0x11f0 [ 826.426682][ T1958] print_address_description+0x71/0x200 [ 826.432253][ T1958] print_report+0x4a/0x60 [ 826.436602][ T1958] kasan_report+0x122/0x150 [ 826.441198][ T1958] ? worker_thread+0x9ff/0x11f0 [ 826.446060][ T1958] __asan_report_load8_noabort+0x14/0x20 [ 826.451715][ T1958] worker_thread+0x9ff/0x11f0 [ 826.456418][ T1958] ? _raw_spin_lock_irqsave+0xb0/0x110 [ 826.461916][ T1958] kthread+0x281/0x320 [ 826.466013][ T1958] ? __cfi_worker_thread+0x10/0x10 [ 826.471136][ T1958] ? __cfi_kthread+0x10/0x10 [ 826.475756][ T1958] ret_from_fork+0x1f/0x30 [ 826.480195][ T1958] [ 826.483229][ T1958] [ 826.485574][ T1958] Allocated by task 4773: [ 826.489914][ T1958] kasan_set_track+0x4b/0x70 [ 826.494530][ T1958] kasan_save_alloc_info+0x25/0x30 [ 826.499659][ T1958] __kasan_kmalloc+0x95/0xb0 [ 826.504268][ T1958] __kmalloc_node+0xb2/0x1e0 [ 826.508968][ T1958] kvmalloc_node+0x294/0x480 [ 826.513609][ T1958] alloc_netdev_mqs+0x8d/0xf90 [ 826.518473][ T1958] alloc_etherdev_mqs+0x37/0x40 [ 826.523416][ T1958] usbnet_probe+0x20c/0x2780 [ 826.528093][ T1958] usb_probe_interface+0x610/0xaf0 [ 826.533240][ T1958] really_probe+0x2cb/0x960 [ 826.537788][ T1958] __driver_probe_device+0x198/0x280 [ 826.543081][ T1958] driver_probe_device+0x54/0x3e0 [ 826.548113][ T1958] __device_attach_driver+0x2e9/0x4a0 [ 826.553476][ T1958] bus_for_each_drv+0x183/0x210 [ 826.558387][ T1958] __device_attach+0x2a2/0x400 [ 826.563148][ T1958] device_initial_probe+0x1a/0x20 [ 826.568177][ T1958] bus_probe_device+0xc0/0x1f0 [ 826.572938][ T1958] device_add+0xb4d/0xef0 [ 826.577334][ T1958] usb_set_configuration+0x19c2/0x1f10 [ 826.582792][ T1958] usb_generic_driver_probe+0x91/0x150 [ 826.588301][ T1958] usb_probe_device+0x159/0x270 [ 826.593171][ T1958] really_probe+0x2cb/0x960 [ 826.597665][ T1958] __driver_probe_device+0x198/0x280 [ 826.602940][ T1958] driver_probe_device+0x54/0x3e0 [ 826.607964][ T1958] __device_attach_driver+0x2e9/0x4a0 [ 826.613322][ T1958] bus_for_each_drv+0x183/0x210 [ 826.618169][ T1958] __device_attach+0x2a2/0x400 [ 826.622934][ T1958] device_initial_probe+0x1a/0x20 [ 826.627965][ T1958] bus_probe_device+0xc0/0x1f0 [ 826.632744][ T1958] device_add+0xb4d/0xef0 [ 826.637086][ T1958] usb_new_device+0xa70/0x1520 [ 826.641962][ T1958] hub_event+0x2850/0x4350 [ 826.646407][ T1958] process_one_work+0x71f/0xc40 [ 826.651267][ T1958] worker_thread+0xa29/0x11f0 [ 826.655957][ T1958] kthread+0x281/0x320 [ 826.660036][ T1958] ret_from_fork+0x1f/0x30 [ 826.664460][ T1958] [ 826.666781][ T1958] Freed by task 4773: [ 826.670752][ T1958] kasan_set_track+0x4b/0x70 [ 826.675385][ T1958] kasan_save_free_info+0x31/0x50 [ 826.680402][ T1958] ____kasan_slab_free+0x132/0x180 [ 826.685515][ T1958] __kasan_slab_free+0x11/0x20 [ 826.690292][ T1958] slab_free_freelist_hook+0xc2/0x190 [ 826.695663][ T1958] __kmem_cache_free+0xb7/0x1b0 [ 826.700509][ T1958] kfree+0x6f/0xf0 [ 826.704230][ T1958] kvfree+0x35/0x40 [ 826.708092][ T1958] netdev_freemem+0x3f/0x60 [ 826.712588][ T1958] netdev_release+0x7f/0xb0 [ 826.717125][ T1958] device_release+0xa4/0x1d0 [ 826.721705][ T1958] kobject_put+0x19d/0x280 [ 826.726169][ T1958] put_device+0x1f/0x30 [ 826.730322][ T1958] free_netdev+0x392/0x490 [ 826.734737][ T1958] usbnet_disconnect+0x25a/0x3b0 [ 826.739668][ T1958] usb_unbind_interface+0x223/0x8d0 [ 826.744864][ T1958] device_release_driver_internal+0x508/0x820 [ 826.750926][ T1958] device_release_driver+0x19/0x20 [ 826.756032][ T1958] bus_remove_device+0x2ee/0x350 [ 826.760959][ T1958] device_del+0x6a4/0xeb0 [ 826.765268][ T1958] usb_disable_device+0x3a8/0x750 [ 826.770280][ T1958] usb_disconnect+0x31e/0x860 [ 826.774950][ T1958] hub_event+0x1a78/0x4350 [ 826.779369][ T1958] process_one_work+0x71f/0xc40 [ 826.784217][ T1958] worker_thread+0xd2e/0x11f0 [ 826.788887][ T1958] kthread+0x281/0x320 [ 826.792958][ T1958] ret_from_fork+0x1f/0x30 [ 826.797368][ T1958] [ 826.799697][ T1958] Last potentially related work creation: [ 826.805407][ T1958] kasan_save_stack+0x3a/0x60 [ 826.810071][ T1958] __kasan_record_aux_stack+0xb6/0xc0 [ 826.815443][ T1958] kasan_record_aux_stack_noalloc+0xb/0x10 [ 826.821250][ T1958] insert_work+0x51/0x300 [ 826.825576][ T1958] __queue_work+0x9b1/0xd30 [ 826.830087][ T1958] queue_work_on+0xd2/0x140 [ 826.834595][ T1958] usbnet_link_change+0x189/0x1b0 [ 826.839614][ T1958] usbnet_probe+0x1d55/0x2780 [ 826.844287][ T1958] usb_probe_interface+0x610/0xaf0 [ 826.849385][ T1958] really_probe+0x2cb/0x960 [ 826.853885][ T1958] __driver_probe_device+0x198/0x280 [ 826.859157][ T1958] driver_probe_device+0x54/0x3e0 [ 826.864168][ T1958] __device_attach_driver+0x2e9/0x4a0 [ 826.869542][ T1958] bus_for_each_drv+0x183/0x210 [ 826.874386][ T1958] __device_attach+0x2a2/0x400 [ 826.879147][ T1958] device_initial_probe+0x1a/0x20 [ 826.884162][ T1958] bus_probe_device+0xc0/0x1f0 [ 826.888917][ T1958] device_add+0xb4d/0xef0 [ 826.893253][ T1958] usb_set_configuration+0x19c2/0x1f10 [ 826.898699][ T1958] usb_generic_driver_probe+0x91/0x150 [ 826.904144][ T1958] usb_probe_device+0x159/0x270 [ 826.908988][ T1958] really_probe+0x2cb/0x960 [ 826.913477][ T1958] __driver_probe_device+0x198/0x280 [ 826.918744][ T1958] driver_probe_device+0x54/0x3e0 [ 826.923764][ T1958] __device_attach_driver+0x2e9/0x4a0 [ 826.929119][ T1958] bus_for_each_drv+0x183/0x210 [ 826.933961][ T1958] __device_attach+0x2a2/0x400 [ 826.938719][ T1958] device_initial_probe+0x1a/0x20 [ 826.943729][ T1958] bus_probe_device+0xc0/0x1f0 [ 826.948481][ T1958] device_add+0xb4d/0xef0 [ 826.952804][ T1958] usb_new_device+0xa70/0x1520 [ 826.957563][ T1958] hub_event+0x2850/0x4350 [ 826.961975][ T1958] process_one_work+0x71f/0xc40 [ 826.966810][ T1958] worker_thread+0xa29/0x11f0 [ 826.971471][ T1958] kthread+0x281/0x320 [ 826.975524][ T1958] ret_from_fork+0x1f/0x30 [ 826.979929][ T1958] [ 826.982242][ T1958] The buggy address belongs to the object at ffff88813408c000 [ 826.982242][ T1958] which belongs to the cache kmalloc-4k of size 4096 [ 826.996284][ T1958] The buggy address is located 3296 bytes inside of [ 826.996284][ T1958] 4096-byte region [ffff88813408c000, ffff88813408d000) [ 827.009731][ T1958] [ 827.012052][ T1958] The buggy address belongs to the physical page: [ 827.018469][ T1958] page:ffffea0004d02200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x134088 [ 827.028723][ T1958] head:ffffea0004d02200 order:3 compound_mapcount:0 compound_pincount:0 [ 827.037034][ T1958] flags: 0x4000000000010200(slab|head|zone=1) [ 827.043104][ T1958] raw: 4000000000010200 0000000000000000 dead000000000001 ffff888100043380 [ 827.051675][ T1958] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 827.060255][ T1958] page dumped because: kasan: bad access detected [ 827.066665][ T1958] page_owner tracks the page as allocated [ 827.072366][ T1958] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 103, tgid 103 (udevd), ts 608564498593, free_ts 608518050184 [ 827.094503][ T1958] post_alloc_hook+0x1f5/0x210 [ 827.099334][ T1958] prep_new_page+0x1c/0x110 [ 827.103851][ T1958] get_page_from_freelist+0x2c7b/0x2cf0 [ 827.109394][ T1958] __alloc_pages+0x1c3/0x450 [ 827.113978][ T1958] alloc_slab_page+0x6e/0xf0 [ 827.118558][ T1958] new_slab+0x98/0x3d0 [ 827.122619][ T1958] ___slab_alloc+0x6bd/0xb20 [ 827.127198][ T1958] __slab_alloc+0x5e/0xa0 [ 827.131520][ T1958] __kmem_cache_alloc_node+0x203/0x2c0 [ 827.136977][ T1958] __kmalloc_node+0xa1/0x1e0 [ 827.141568][ T1958] kvmalloc_node+0x294/0x480 [ 827.146157][ T1958] seq_read_iter+0x1fc/0xdd0 [ 827.150785][ T1958] kernfs_fop_read_iter+0x147/0x480 [ 827.155999][ T1958] vfs_read+0x41e/0x8c0 [ 827.160169][ T1958] ksys_read+0x140/0x240 [ 827.164410][ T1958] __x64_sys_read+0x7b/0x90 [ 827.168907][ T1958] page last free stack trace: [ 827.173561][ T1958] free_unref_page_prepare+0x742/0x750 [ 827.179011][ T1958] free_unref_page+0x8f/0x530 [ 827.183685][ T1958] __free_pages+0x67/0x100 [ 827.188105][ T1958] __free_slab+0xca/0x1a0 [ 827.192428][ T1958] __unfreeze_partials+0x160/0x190 [ 827.197536][ T1958] put_cpu_partial+0xa9/0x100 [ 827.202217][ T1958] __slab_free+0x1c4/0x280 [ 827.206632][ T1958] ___cache_free+0xbf/0xd0 [ 827.211054][ T1958] qlist_free_all+0xc6/0x140 [ 827.215635][ T1958] kasan_quarantine_reduce+0x14a/0x170 [ 827.221102][ T1958] __kasan_slab_alloc+0x24/0x80 [ 827.225952][ T1958] slab_post_alloc_hook+0x4f/0x2d0 [ 827.231057][ T1958] __kmem_cache_alloc_node+0x192/0x2c0 [ 827.236503][ T1958] kmalloc_node_trace+0x26/0xb0 [ 827.241345][ T1958] __get_vm_area_node+0x12c/0x360 [ 827.246358][ T1958] __vmalloc_node_range+0x326/0x13d0 [ 827.251625][ T1958] [ 827.253945][ T1958] Memory state around the buggy address: [ 827.259574][ T1958] ffff88813408cb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 827.267634][ T1958] ffff88813408cc00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 827.275684][ T1958] >ffff88813408cc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 827.283735][ T1958] ^ [ 827.290935][ T1958] ffff88813408cd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 827.298978][ T1958] ffff88813408cd80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 827.307025][ T1958] ================================================================== [ 827.315068][ T1958] Disabling lock debugging due to kernel taint [ 827.325491][ T60] usb 2-1: New USB device found, idVendor=0742, idProduct=2009, bcdDevice=61.46 [ 827.338881][ T60] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 827.347031][ T60] usb 2-1: Product: syz [ 827.351287][ T60] usb 2-1: Manufacturer: syz [ 827.355997][ T60] usb 2-1: SerialNumber: syz [ 827.364157][ T60] usb 2-1: config 0 descriptor?? [ 827.372783][ T9216] usb usb8: usbfs: process 9216 (syz.4.2228) did not claim interface 0 before use [ 827.588697][ T805] usb 2-1: USB disconnect, device number 38