last executing test programs: 1m4.615223434s ago: executing program 3 (id=1007): mkdir(&(0x7f0000000200)='./file0\x00', 0x56) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x10, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80) getdents64(r0, &(0x7f0000002440)=""/4100, 0x1004) 1m3.780102141s ago: executing program 3 (id=1011): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0xa7e, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) r1 = syz_open_dev$vim2m(&(0x7f0000000440), 0x6, 0x2) ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000340)={0x0, 0x5, 0x4, {0x1, @win={{}, 0x0, 0x9, 0x0, 0xffffffff, 0x0}}}) 1m1.767220926s ago: executing program 3 (id=1020): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', 0x0}) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="5c0100001000130700000000fcdbdf25e0000001000000000000000000000000ff020000000000000000000000000001000400004e2100020000000021000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000004d632000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd70000035000002000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r2], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014) 1m0.765759751s ago: executing program 3 (id=1025): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x10840, &(0x7f00000001c0)=ANY=[@ANYBLOB='iocharset=utf8,shortname=winnt,shortname=win95,uni_xlate=1,shortname=winnt,shortname=winnt,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c73686f72746e616d653d77696e6e742c000000000000009e5fcf6469722c73687865d2068a008e48488cc8642c6e66733d6e6f73"], 0x1, 0x274, &(0x7f00000005c0)="$eJzs3cFrk2ccB/Bf2nRJCyM5DMrGYO/YZafQduyeMjoYC2xs5KAni01RmlpooaCHtrfi/6D/gh69Ch7Eq/+ACFIFL9ZTD0IkvmlNahIbbRqxn8+lP5739+V5nrcveemhTy79uLqytLaxvL+/F/l8JrLlKMdBJooxFuOR2gkA4Gty0GjEq0Zq1GsBAM6G9z8AnD/93v+ZnaOxf89+ZQDAsHzW3/9jQ1kSADBk/1+4+Pd8pbLwX5LkI1Z3N6ub1fRnen1+Oa5GPWoxE4V4E9E4ktZ//lVZmEmanhcjv7o9lua3N6vjnfnZKESxe342SUW1mTvMT8RUK/9kKmoxF4X4rnt+rmv+m/j1l7b5S1GIx5djLeqxFM1sms9FxNZskvzxT+VYPveuDwAAAAAAAAAAAAAAAAAAAAAAhqGUHCl2nn+Tnt9TKvW6nubbzwea7Hc+UGP72Pk62fghO9q9AwAAAAAAAAAAAAAAAAAAwJdi4/qNlcV6vbber7j26M6DvVwa+Ghz/yLTmnew1G7fnsmT7eJY8e3Pz251u5SL3KD359OKiYhoH0laU97/aYiTnlbxcO/K979tTP/eqyey7SM3m1vt6OnxIGWHdcNfFiI6RyZat7ter+UHfiDbi7uHRfn1Bz2Hj1JtfXLUv7jp2+XFe1tPX5w01edDozF+2h9DAAAAAAAAAAAAAAAAAABAx/+3j3olAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA677//f9AiFx0j+Z7NmZ1RbxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHPvbQAAAP//Th2Rtg==") openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x2afc0, 0x1c1, 0x6}, 0x18) r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000008c0), 0x1, 0x0) write$binfmt_register(r0, &(0x7f0000000440)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x9, 0x3a, '\xe2\xbf\xd9\xafk\xd3~a3\xd0\x94', 0x3a, '^', 0x3a, './file0', 0x3a, [0x43, 0x46, 0x50, 0x46, 0x4f, 0x43, 0x43]}, 0x3a) 59.878782692s ago: executing program 3 (id=1028): openat(0xffffffffffffff9c, &(0x7f0000000280)='./bus\x00', 0x4040, 0x0) chmod(&(0x7f0000000040)='.\x00', 0x35e) setuid(0xee01) unlink(&(0x7f0000003000)='./bus\x00') 53.473587627s ago: executing program 3 (id=1063): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) sendto$inet6(r0, 0x0, 0xfffffffffffffe33, 0x200c8084, &(0x7f0000000080)={0xa, 0x4e20, 0x800000, @empty, 0x9}, 0x1c) recvmmsg(r0, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x2000, 0x0) 53.025165332s ago: executing program 32 (id=1063): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1) sendto$inet6(r0, 0x0, 0xfffffffffffffe33, 0x200c8084, &(0x7f0000000080)={0xa, 0x4e20, 0x800000, @empty, 0x9}, 0x1c) recvmmsg(r0, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x2000, 0x0) 5.929741369s ago: executing program 4 (id=1261): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4) setsockopt$packet_int(r0, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4) 5.814077545s ago: executing program 4 (id=1264): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file2\x00', 0x0, &(0x7f0000000540), 0x1, 0x7a1, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbJKmSfu+yQsvvG89BQQNlG5Mja2Ch4oHESwU9GwbNttQs8mW7KY0IWCLCF4EFQ+CXnr2R7159cdV/wsP0lI1LVY8SGQ2s+222U1322Q3ms8HJvs8M7N5nu8+M888szPsBLBnjaV/chGHIuK9JGIkm59ExEAt1R9xYmO922urhXRKYn391V+S2jq31lYL0fCe1IEs8/+I+PbtiMO5zeVWllfmpkul4mKWn6jOn5+oLK8cOTc/PVucLS4cm5yaOnr8mePHti/W335YOXj9/Zee/OLEH2/97+q73yVxIg5myxrj2C5jMZZ9JgPpR3iPF7e7sB5Lms4d7no96Ey6a/Zt7OVxKEair5ZqYaibNQMAdso6ALAHJZ2OAd40aACAv7f69wC31lYL9am330h0140XImL/Rvz165sbS/qza3b7a9dBh28l91wZSSJidBvKH4uIT756/bN0iqwdml9LA9hely5HxJnRsc39f7LpnoVOPbXVwvXB2svYfbP32vEHeunrdPzzbLPxX+7O+CeajH8Gm+y7D+PB+3/uWpbo24biNknHf8833Nt2uyH+zGhflvtXbcw3kJw9Vyqmfdu/I2I8BgbT/GRt1eYjt/Gbf95sVX7j+O/XD974NC0/fb27Ru5a/+C975mZrk4/atx1Ny5HPNbfLP7kTvsnLca/p9os4+Xn3vm41bI0/jTe+rQ5/p21fiXiiabtf7ctky3vT5yobQ4T9Y3iPul28+WPH7W8Ea6x/dMpLb9+LtANafsPbx3/aNJ4v2al8zK+vzLyTatlD46/+fa/L3mtlt6Xzbs4Xa0uTkbsS17ZPP/o3ffW8/X10/jHH2++/28U23z7T88Jz7QZf//1nz9/+Ph3Vhr/TEft33ni6u25ln13e+0/VUuNZ3Pa6f/areCjfHYAAAAAAAAAAAAAAAAAAAAAAAAA0K5cRByMJJe/k87l8vmNZ3j/N4ZzpXKlevhseWlhJmrPyh6NgVz9py5HGn4PdTL7Pfx6/uh9+acj4j8R8eHgUC2fL5RLM70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB1o8/z/102CvawcA7Jj9va4AANB1jv8AsPd0dvwf2rF6AADd4/wfAPaeto//Z3a2HgBA93R6/t+3Q/UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgH+vUyZPptP772mohzc9cWF6aK184MlOszOXnlwr5QnnxfH62XJ4tFfOF8nzLf3Rp46VULp+fioWlixPVYqU6UVleOT1fXlqonj43Pz1bPF0c6FpkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANC+yvLK3HSpVFyU2DIxtDuqsWsS/fHAdSIuxW6oqsRDJRp7iaHedVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9xfAQAA//9Tfytg") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) lseek(r0, 0x104, 0x0) getdents64(r0, 0xfffffffffffffffe, 0x29) 5.053159074s ago: executing program 1 (id=1270): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001300)={0x0, 0x1, 0x0, 0xe000000}) 4.840505496s ago: executing program 4 (id=1271): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]}) add_key$fscrypt_provisioning(0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="030000"], 0x29, 0xfffffffffffffffe) unshare(0x22020400) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 4.684337512s ago: executing program 1 (id=1273): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = landlock_create_ruleset(&(0x7f0000000040)={0x2000}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) kcmp(r0, r0, 0x4, 0xffffffffffffffff, 0xffffffffffffffff) 4.432726539s ago: executing program 2 (id=1274): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x204, 0x3e) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'geneve1\x00', 0x0}) sendto$packet(r0, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 4.22382694s ago: executing program 1 (id=1275): syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000001100)='./file1\x00', 0x4400, &(0x7f0000001140)={[{@utf8no}, {@fat=@discard}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@shortname_winnt}, {@shortname_lower}, {@utf8no}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp852'}}, {@shortname_winnt}, {@shortname_win95}]}, 0x11, 0x23a, &(0x7f0000001580)="$eJzs3T1rU2EUB/CTNtVYkHQQiiJ4xcUptBUXp4goCAUFyeBmsS1KUwsWCjq0Ovkl9Cvo6Co4iKtfQASpgoN26yBE6o19CbdptL25or/f0kPz/O89TxLyBjm5dTLmphcWZ9fWVqNSKUW5HvVYL8VIDMRgpB4FAPAvWW+14lsrVXQvAEB/7Pn8X4m40PeuAIA89fj+/3ofWwIActbz5/8DfWsJAMjZjZutUlollYj5J0uNpUb6N/3vxdm4G82YibGoxveI1qa0vnJ18vJYsuHTSDTmV9r5laXG4M78eFRjJDs/nqR25odiuJ1/PxwzMRHVOJadn8jMH4qzZ7advxbVeHc7FqIZ07GR3covjyfJpWuTv17hpPlK/FwHAAAAAAAAAAAAAAAAAAAAAAB5qCWbMuf31Gq7XZ6ODUrn65Rj+3ygcsd8nbHM+TzlOFEuePMAAAAAAAAAAAAAAAAAAADwl1h88HBuqtmcud+tuPf2+eu91vRYlNrn3e9x9l8cPf3x6e5rHv/O9dNRHMlIDUXP8Ven8tt7/aAO+Gb1zvFzi6Pni7wFO4qhbnetL9WInM7+4s/iXw+mn41dH27vvOvi0Wf1qZfLHz73euQCHowAAAAAAAAAAAAAAAAAAOA/t/Wl36I7AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDibP3+f35F0XsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAfAQAA//+2rJSQ") write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xc, {"a2e3ad214fc752f91b25060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b305d0936cd3b78ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc0000000000000fadbfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e65f6f6619e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c0428918246d9e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c204000000880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff13d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c61a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1ccab2689bee59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bd0700000000000000319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807f9b33e7175ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae23034202210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ecdf5e08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4feb54578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000103300", 0x1000}}, 0x1006) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000a40)='memory.swap.current\x00', 0x275a, 0x0) 3.672477964s ago: executing program 1 (id=1276): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]}) close_range(r0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071104200000000001d400500000000004704000001ed00000703000000000000cd440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a107464ffffff7f00000000617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce963b0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c3f000000315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b47623028271722fb515f31e0dd115a292f1e68481a62cd15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffee9}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) 3.593443503s ago: executing program 2 (id=1277): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000001800000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) 3.506070602s ago: executing program 0 (id=1278): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'dummy0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="15020000000000002000128008000100687372001400028008000100", @ANYRES32=r2, @ANYBLOB="08000200", @ANYRES32=r0], 0x40}, 0x1, 0xba01, 0x0, 0x4000044}, 0x10) 3.203855657s ago: executing program 2 (id=1279): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000080)="2fe3e59bf3da62d53f56a583ccc7e88aaf2421ae76044d902f66fbe2918a1e1627bb0b68c00eb344c0c4c232e7d8c7053179bcae5ea72048e82fee875f71c5bf6a7022548d5c6391e481a6849d139cdf", 0x50}], 0x1, 0x0, 0x100}, 0x8001) r0 = socket$inet_mptcp(0x2, 0x1, 0x106) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x4008890) getsockopt$inet_mptcp_buf(r0, 0x11c, 0x4, &(0x7f00000000c0)=""/206, &(0x7f0000000080)=0xce) 3.154676917s ago: executing program 1 (id=1280): setregid(0xee00, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x4000, &(0x7f0000002300)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) 3.007400405s ago: executing program 4 (id=1281): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r1, 0x1, 0x0, 0x25dfdbfe, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x3c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x28, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140) 2.824882012s ago: executing program 2 (id=1282): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000480)=@framed, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@fallback=r0, r1, 0x2e, 0xc, r1, @void, @value=r1}, 0x20) 2.340294062s ago: executing program 0 (id=1283): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c00000010000104", @ANYBLOB="00000000000000001400128009000100766574680000000004000280080003"], 0x3c}}, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000004}, 0x8000) 2.338809381s ago: executing program 2 (id=1284): ioprio_set$pid(0x3, 0x0, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) io_submit(r2, 0x2, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2, r1}, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, r0}]) 2.046861641s ago: executing program 0 (id=1285): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448d4, &(0x7f0000000000)={0x0, 0x9, '\x00', 0x0, 0xfd}) openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) 2.018849797s ago: executing program 4 (id=1286): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000005940)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x381089a, &(0x7f00000010c0)=ANY=[], 0xfc, 0x2d2, &(0x7f00000005c0)="$eJzs3U9rY1UUAPDzkjRNdZEibhTBB7pwVaa6FKRVRhC6EuLGjcHpgCRloAMBR7TOar6ALkXwU7h159pvIOhScNdZVJ689+7LHyfpBGeakfr7bXLn3nvuvwOZVU4/eeVkdOtOFvfPf41eL4vWQRzEwyx2oxWNr+M8AIDr42FRxJ9FRGzV/84eG7GTPjutqz0ZAHBV6v//a8/6LADAZvz+w1tfHh4d3fwwz3vxUv/BZJBFxMmDyaAeP7wdn8U4juNG9OMiopiq2+9/cHQzOnlpN14/OZsMJgvrH/4RO1X8fvRjd3n8fl5L8YOI8nMrnos8Dm9vNUv148Xl8W8uiY9BN954be78e9GPXz6NOzGOW1HGzuK/2s/z94pvz7/4uNymjM9aMdiu5iU7EUV7Y0kBAAAAAAAAAAAAAAAAAAAAAODa28vzrC7fU9XvKbtS/Z32RTW+906aOa3vk8br3mm94Lo+UBGpRM9ZEd819XVu5HlepImz+E683InO5m8MAAAAAAAAAAAAAAAAAAAA/z13P783Go7Hx6dP3GiPhuOmGkDzs/5/u+DBXM+rcW80bK9ecHv9vearDZRnvXRydDrxFJ7l8Y34aac8z4o536fzpp72+q+6PUvuRym8ScxTvcUL705PmKeh5pFHw6zea/WZe83Qj/ND3Vhj91a1aZYtDFW5HR+fFtVDXRSLOe0tPOZsqLtqr2+y8hZrvUaZmu7zS4f+Kopivcd8+7c6R6knq0psrJeLrdRYesGy0Xs07z+vXnDlV0b7Sb9zAAAAAAAAAAAAAAAAAACA5RZ/OP0P9y8NbV3ZoQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgw2Z//79p9CJiseeRxlkKvmxOanTj9O4zviIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/A38HAAD//z6jQm0=") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000080)=""/49, 0x31) getdents(r0, 0xfffffffffffffffd, 0x58) 1.528144257s ago: executing program 2 (id=1287): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000106a05310300000000000109022400010000800009040002010300010009210000000122f80409058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f00000005c0)={0x44, &(0x7f00000002c0)={0x60, 0x1, 0x36, "6155eddc60887a156e164605c83840d2161617ada36952d6aba68e192f68ae4695ed521b9c68d71e289cadc4aaa4147c842a6aff7d34"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x20, 0x89, 0x2, 0x1}}) syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0) 1.512384826s ago: executing program 0 (id=1288): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000001c0)=0x5, 0x4) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e24, 0xb, @mcast2, 0x9}, 0x1c) sendto$inet6(r0, &(0x7f0000000040)="800037bbfa9ba1ce", 0xffe9, 0x0, 0x0, 0x0) 1.221077843s ago: executing program 4 (id=1289): syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000080)="d8df0f23b3b9ce000000b807000000ba000000000f301b8154fea900c1210680320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000400b9a6080000b80000010026b87aeabbc900bbc9000f302f300fc79d53bf0000c4b9e16dc30101220f01c3", 0x67}], 0x1, 0x14, 0x0, 0x0) syz_emit_ethernet(0x3a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c200000108004680002c0000000000069078ac141400ac1e000107"], 0x0) syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042406024424"], 0x0) syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0) 418.199984ms ago: executing program 0 (id=1290): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010400000000000000000100000a74000000060a0b04000000000000000002000008400004803c000180080001006c6f670030000280060004400001000008000340fffffffa0a0002407d5def2e21000000080003400000000806000140000100000900010073797a30000000000900020073797a320000000008000b400000000314000000110001"], 0x9c}, 0x1, 0x0, 0x0, 0x80}, 0x0) close(r0) 198.352921ms ago: executing program 1 (id=1291): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000400)={0x0, 0x1c, &(0x7f0000000340)=[@in6={0xa, 0x4e21, 0x800, @local, 0x9}]}, &(0x7f0000000480)=0x10) getsockopt$inet6_opts(r0, 0x29, 0x36, 0x0, &(0x7f0000000040)) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, 0x0, &(0x7f0000000140)) 0s ago: executing program 0 (id=1292): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd27, 0x25dfdbfc, {{@in6=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x1}, {0x0, 0x0, 0x200000000000}, 0x8002, 0x0, 0x1, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) syz_emit_ethernet(0x5a, &(0x7f00000002c0)={@local, @broadcast, @void, {@ipv4={0x800, @tipc={{0x8, 0x4, 0x0, 0x3c, 0x4c, 0x67, 0x0, 0x3, 0x6, 0x0, @rand_addr=0x64010100, @local, {[@ssrr={0x89, 0x7, 0x1e, [@multicast1]}, @lsrr={0x83, 0x3, 0x93}]}}, @payload_mcast={{{{{{0x2c, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1, 0x2, 0x5, 0x0, 0x1, 0x1, 0x0, 0x1, 0x800, 0x1, 0x1, 0x4e21, 0x4e22}, 0x1, 0x8000000}, 0x3, 0x3}, 0x1}}}}}}}, 0x0) kernel console output (not intermixed with test programs): 002: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.1-1/input0 [ 150.379753][ T6535] netlink: 'syz.0.260': attribute type 1 has an invalid length. [ 150.422510][ T5775] playstation 0003:054C:0DF2.0002: Invalid byte count transferred, expected 20 got 0 [ 150.422600][ T5775] playstation 0003:054C:0DF2.0002: Failed to retrieve DualSense pairing info: -22 [ 150.422640][ T5775] playstation 0003:054C:0DF2.0002: Failed to get MAC address from DualSense [ 150.422656][ T5775] playstation 0003:054C:0DF2.0002: Failed to create dualsense. [ 150.579454][ T6519] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 150.580064][ T6519] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 150.888293][ T9] kye 0003:0458:5010.0003: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 150.889109][ T9] kye 0003:0458:5010.0003: unknown main item tag 0x0 [ 150.889142][ T9] kye 0003:0458:5010.0003: unknown main item tag 0x4 [ 150.889213][ T9] kye 0003:0458:5010.0003: unknown main item tag 0x0 [ 150.889236][ T9] kye 0003:0458:5010.0003: unknown main item tag 0x0 [ 150.889260][ T9] kye 0003:0458:5010.0003: unknown main item tag 0x0 [ 150.891646][ T6539] loop0: detected capacity change from 0 to 16 [ 151.017486][ T5775] playstation 0003:054C:0DF2.0002: probe with driver playstation failed with error -22 [ 151.068014][ T5621] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 151.068125][ T5621] Bluetooth: hci4: Injecting HCI hardware error event [ 151.071342][ T5621] Bluetooth: hci4: hardware error 0x00 [ 151.130071][ T9] kye 0003:0458:5010.0003: hidraw0: USB HID v0.07 Device [HID 0458:5010] on usb-dummy_hcd.4-1/input0 [ 151.130102][ T9] kye 0003:0458:5010.0003: tablet-enabling feature report not found [ 151.130116][ T9] kye 0003:0458:5010.0003: tablet enabling failed [ 151.368773][ T5775] usb 2-1: USB disconnect, device number 3 [ 151.915539][ T6539] erofs (device loop0): mounted with root inode @ nid 36. [ 152.063084][ T9] usb 5-1: USB disconnect, device number 6 [ 153.108527][ T6569] vcan0: tx drop: invalid da for name 0x0000000000000033 [ 153.494187][ T6586] loop1: detected capacity change from 0 to 1024 [ 153.513340][ T6586] ext4: Bad value for 'max_batch_time' [ 153.639471][ T6593] netlink: 8 bytes leftover after parsing attributes in process `syz.4.280'. [ 153.709243][ T5841] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 153.870075][ T5841] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 153.870102][ T5841] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.002775][ T6593] macvlan2: entered allmulticast mode [ 154.002796][ T6593] hsr0: entered allmulticast mode [ 154.002810][ T6593] hsr_slave_0: entered allmulticast mode [ 154.002834][ T6593] hsr_slave_1: entered allmulticast mode [ 154.024113][ T5621] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 154.025371][ T5841] usb 1-1: config 0 descriptor?? [ 154.097455][ T5841] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 154.202467][ T6593] hsr0: entered promiscuous mode [ 154.814310][ T5348] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 155.061694][ T5275] veth1_macvtap: left promiscuous mode [ 155.092227][ T5841] usb 1-1: USB disconnect, device number 2 [ 155.149599][ T5348] usb 2-1: New USB device found, idVendor=0403, idProduct=bca4, bcdDevice=d7.23 [ 155.149630][ T5348] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.149648][ T5348] usb 2-1: Product: syz [ 155.149661][ T5348] usb 2-1: Manufacturer: syz [ 155.149674][ T5348] usb 2-1: SerialNumber: syz [ 155.487491][ T6615] loop4: detected capacity change from 0 to 4096 [ 155.506213][ T5348] usb 2-1: config 0 descriptor?? [ 155.520879][ T6615] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 155.572353][ T6615] ntfs3(loop4): ino=3, mi_enum_attr [ 155.779573][ T5348] usb 2-1: USB disconnect, device number 4 [ 156.164627][ T6615] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 156.164794][ T6615] ntfs3(loop4): ino=1a, mi_enum_attr [ 156.164913][ T6615] ntfs3(loop4): ino=1a, mi_enum_attr [ 156.164928][ T6615] ntfs3(loop4): Failed to initialize $Extend/$Reparse. [ 156.902460][ T6636] loop2: detected capacity change from 0 to 128 [ 157.165487][ T6643] loop4: detected capacity change from 0 to 128 [ 157.166156][ T6645] loop0: detected capacity change from 0 to 256 [ 157.629307][ T6652] loop3: detected capacity change from 0 to 32768 [ 157.645102][ T6652] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.299 (6652) [ 157.725622][ T6645] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7260acdb, utbl_chksum : 0xe619d30d) [ 157.784078][ T6652] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 157.784100][ T6652] BTRFS info (device loop3): using sha256 checksum algorithm [ 158.158307][ T6652] BTRFS info (device loop3): rebuilding free space tree [ 158.486236][ T6652] BTRFS info (device loop3): disabling free space tree [ 158.486355][ T6652] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 158.486379][ T6652] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 158.523553][ T6652] BTRFS info (device loop3): setting nodatasum [ 158.523575][ T6652] BTRFS info (device loop3): setting nodatacow [ 158.523590][ T6652] BTRFS info (device loop3): turning off barriers [ 158.523606][ T6652] BTRFS info (device loop3): force clearing of disk cache [ 158.643006][ T5616] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 158.805910][ T5616] usb 1-1: config 246 has an invalid interface number: 166 but max is 0 [ 158.805939][ T5616] usb 1-1: config 246 has no interface number 0 [ 158.805978][ T5616] usb 1-1: config 246 interface 166 altsetting 118 has an endpoint descriptor with address 0xAA, changing to 0x8A [ 158.806002][ T5616] usb 1-1: config 246 interface 166 altsetting 118 endpoint 0x8A has invalid wMaxPacketSize 0 [ 158.806023][ T5616] usb 1-1: config 246 interface 166 has no altsetting 0 [ 158.811041][ T5616] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 9.63 [ 158.811069][ T5616] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.811086][ T5616] usb 1-1: Product: syz [ 158.811099][ T5616] usb 1-1: Manufacturer: syz [ 158.811113][ T5616] usb 1-1: SerialNumber: syz [ 159.338589][ T6699] capability: warning: `syz.1.309' uses 32-bit capabilities (legacy support in use) [ 159.367080][ T6699] program syz.1.309 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 159.422396][ T6692] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.725128][ T5616] usb 1-1: Limiting number of CPorts to U8_MAX [ 159.767203][ T5616] usb 1-1: Unknown endpoint type found, address 0x0b [ 159.767229][ T5616] usb 1-1: Unknown endpoint type found, address 0x8a [ 159.767243][ T5616] usb 1-1: Not enough endpoints found in device, aborting! [ 159.973337][ T5841] usb 1-1: USB disconnect, device number 3 [ 160.288068][ T6708] loop1: detected capacity change from 0 to 1024 [ 160.290864][ T6708] EXT4-fs: Ignoring removed bh option [ 160.427910][ T6708] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 160.533478][ T6708] EXT4-fs (loop1): orphan cleanup on readonly fs [ 160.533500][ T6708] EXT4-fs error (device loop1): ext4_quota_enable:7221: comm syz.1.312: Bad quota inum: 4294934528, type: 0 [ 160.533524][ T6708] loop1: lost filesystem error report for type 5 error -117 [ 160.547640][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 160.547665][ C0] EXT4-fs (loop1): initial error at time 1777387593: ext4_quota_enable:7221 [ 160.547691][ C0] EXT4-fs (loop1): last error at time 1777387593: ext4_quota_enable:7221 [ 160.577743][ T6708] EXT4-fs (loop1): Remounting filesystem read-only [ 160.577764][ T6708] EXT4-fs warning (device loop1): ext4_enable_quotas:7269: Failed to enable quota tracking (type=0, err=-117, ino=4294934528). Please run e2fsck to fix. [ 160.577790][ T6708] EXT4-fs (loop1): Cannot turn on quotas: error -117 [ 160.639959][ T6708] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 161.014612][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.589304][ T5612] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 162.905728][ T6764] netlink: 'syz.3.307': attribute type 6 has an invalid length. [ 163.086001][ T6764] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 163.208813][ T6764] bridge0: port 2(bridge_slave_1) entered disabled state [ 163.261171][ T6764] bridge0: port 1(bridge_slave_0) entered disabled state [ 164.250998][ T6785] loop0: detected capacity change from 0 to 512 [ 164.275278][ T6784] loop4: detected capacity change from 0 to 256 [ 164.276297][ T6784] exfat: Deprecated parameter 'namecase' [ 164.276331][ T6784] exfat: Deprecated parameter 'namecase' [ 164.279432][ T6785] EXT4-fs: Ignoring removed mblk_io_submit option [ 164.335338][ T6784] exFAT-fs (loop4): error, no upcase table entry. Please run fsck [ 164.335692][ T6784] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 1538) [ 164.431417][ T6785] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 164.453378][ T6785] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e840e028, mo2=0002] [ 164.453483][ T6785] System zones: 1-12 [ 164.453704][ T6785] EXT4-fs (loop0): orphan cleanup on readonly fs [ 164.598167][ T6785] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.344: bg 0: block 361: padding at end of block bitmap is not set [ 164.598201][ T6785] loop0: lost filesystem error report for type 5 error -117 [ 164.695277][ C1] EXT4-fs (loop0): initial error at time 1777387597: ext4_validate_block_bitmap:441 [ 164.695312][ C1] EXT4-fs (loop0): last error at time 1777387597: ext4_validate_block_bitmap:441 [ 164.799158][ T6785] EXT4-fs (loop0): Remounting filesystem read-only [ 164.957122][ T6785] EXT4-fs (loop0): 1 truncate cleaned up [ 164.963952][ T6785] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 164.993645][ T6785] EXT4-fs warning (device loop0): dx_probe:791: inode #2: lblock 0: comm syz.0.344: error -117 reading directory block [ 164.993884][ T6785] EXT4-fs warning (device loop0): dx_probe:791: inode #2: lblock 0: comm syz.0.344: error -117 reading directory block [ 165.170002][ T5609] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 165.337729][ T6808] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 165.361695][ T6808] syzkaller1: linktype set to 825 [ 165.466819][ T6812] loop0: detected capacity change from 0 to 64 [ 165.575339][ T6799] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 165.575519][ T6799] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 165.817589][ T6818] loop2: detected capacity change from 0 to 512 [ 166.092626][ T6829] program syz.3.362 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 166.183142][ T5616] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 166.248407][ T6831] loop3: detected capacity change from 0 to 128 [ 166.249388][ T6831] vfat: Unknown parameter '0Sx>ߌߑh$+ft/Y'e  :7-񌕇FvNaWֵױyuk\/4}dj3AZ# ;TxSE@&i1#nuǦ2cQ' [ 166.284010][ T6818] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.357: invalid indirect mapped block 256 (level 2) [ 166.284046][ T6818] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 166.297257][ C1] EXT4-fs (loop2): error count since last fsck: 1 [ 166.297282][ C1] EXT4-fs (loop2): initial error at time 1777387598: ext4_free_branches:1023: inode 11 [ 166.297311][ C1] EXT4-fs (loop2): last error at time 1777387598: ext4_free_branches:1023: inode 11 [ 166.429726][ T5616] usb 5-1: unable to get BOS descriptor or descriptor too short [ 166.438379][ T5616] usb 5-1: not running at top speed; connect to a high speed hub [ 166.460632][ T6818] EXT4-fs (loop2): 2 truncates cleaned up [ 166.464542][ T5616] usb 5-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice=fa.4f [ 166.464570][ T5616] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.464586][ T5616] usb 5-1: Product: syz [ 166.464598][ T5616] usb 5-1: Manufacturer: syz [ 166.464611][ T5616] usb 5-1: SerialNumber: syz [ 166.518776][ T6818] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.694841][ T6836] loop1: detected capacity change from 0 to 256 [ 166.732444][ T6818] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.357: bg 0: block 5: invalid block bitmap [ 166.822598][ T5616] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state. [ 166.945298][ T6818] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 166.945329][ T6818] EXT4-fs (loop2): This should not happen!! Data will be lost [ 166.945329][ T6818] [ 166.945395][ T6818] EXT4-fs (loop2): Total free blocks count 0 [ 166.945408][ T6818] EXT4-fs (loop2): Free/Dirty block details [ 166.945454][ T6818] EXT4-fs (loop2): free_blocks=0 [ 166.945484][ T6818] EXT4-fs (loop2): dirty_blocks=66 [ 166.945495][ T6818] EXT4-fs (loop2): Block reservation details [ 166.945561][ T6818] EXT4-fs (loop2): i_reserved_data_blocks=66 [ 167.455991][ T5616] gp8psk: usb in 146 operation failed. [ 167.456009][ T5616] gp8psk: failed to get FW version [ 167.460341][ T5616] gp8psk: usb in 149 operation failed. [ 167.460359][ T5616] gp8psk: failed to get FPGA version [ 167.462616][ T5616] gp8psk: usb in 138 operation failed. [ 167.462649][ T5616] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 167.462691][ T5616] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver error while loading driver (-19) [ 167.589529][ T5616] usb 5-1: USB disconnect, device number 7 [ 167.699234][ T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28 [ 167.876019][ T5611] EXT4-fs warning (device loop2): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 168.298149][ T6861] loop3: detected capacity change from 0 to 512 [ 168.300914][ T6861] EXT4-fs: Ignoring removed mblk_io_submit option [ 168.303684][ T6861] EXT4-fs: journaled quota format not specified [ 168.463520][ T6863] loop1: detected capacity change from 0 to 1024 [ 168.542647][ T6863] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.587290][ T6870] loop0: detected capacity change from 0 to 128 [ 168.588559][ T6870] vfat: Unknown parameter '0Sx>ߌߑh$+ft/Y'e  :7-񌕇FvNaWֵױyuk\/4}dj3AZ# ;TxSE@&i1#nuǦ2cQ' [ 168.644175][ T6863] EXT4-fs error (device loop1): ext4_iget_extra_inode:5128: inode #15: comm syz.1.376: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 168.868163][ T6874] loop4: detected capacity change from 0 to 512 [ 168.871670][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.872090][ T6874] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 168.872104][ T6874] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 168.997287][ T6874] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz.4.379: bad orphan inode 131083 [ 168.997317][ T6874] loop4: lost filesystem error report for type 5 error -117 [ 169.005542][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 169.005570][ C1] EXT4-fs (loop4): initial error at time 1777387601: ext4_orphan_get:1423 [ 169.005594][ C1] EXT4-fs (loop4): last error at time 1777387601: ext4_orphan_get:1423 [ 169.209652][ T6874] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 170.958403][ T5608] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.264278][ T6917] loop2: detected capacity change from 0 to 2048 [ 171.316421][ T6917] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 171.362143][ T6917] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 171.523087][ T5628] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 171.644467][ T5611] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.712158][ T5628] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 171.712204][ T5628] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 171.712223][ T5628] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 171.712267][ T5628] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 35, changing to 9 [ 171.712289][ T5628] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26223, setting to 1024 [ 171.763068][ T5628] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 171.763096][ T5628] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 171.763121][ T5628] usb 1-1: Product: syz [ 171.763133][ T5628] usb 1-1: Manufacturer: syz [ 171.832817][ T6932] macvlan2: entered promiscuous mode [ 171.832837][ T6932] bridge0: entered promiscuous mode [ 171.835875][ T6918] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 171.868811][ T5628] cdc_wdm 1-1:1.0: skipping garbage [ 171.868831][ T5628] cdc_wdm 1-1:1.0: skipping garbage [ 171.949563][ T5628] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 171.949596][ T5628] cdc_wdm 1-1:1.0: Unknown control protocol [ 172.603519][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.603697][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 172.604054][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.604076][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 172.604330][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.604350][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 172.604601][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.604619][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 172.604870][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.604889][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 172.605140][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.605159][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 172.605405][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.605424][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 172.605677][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.605697][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 172.605960][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.605980][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 172.606233][ C0] cdc_wdm 1-1:1.0: nonzero urb status received: -71 [ 172.606251][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - 0 bytes [ 173.036954][ T6936] loop4: detected capacity change from 0 to 131072 [ 173.038030][ T6936] xfs: Deprecated parameter 'ikeep' [ 173.038047][ T6936] XFS: ikeep mount option is deprecated. [ 173.245746][ T6936] XFS (loop4): Mounting V5 Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846 [ 173.497899][ T6954] netlink: 20 bytes leftover after parsing attributes in process `syz.1.401'. [ 173.521995][ T6957] loop2: detected capacity change from 0 to 1024 [ 173.625904][ T6957] EXT4-fs (loop2): stripe (97) is not aligned with cluster size (16), stripe is disabled [ 173.662653][ T6936] XFS (loop4): Starting recovery (logdev: internal) [ 173.741949][ T6957] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 174.016420][ T6936] XFS (loop4): Ending recovery (logdev: internal) [ 174.289020][ C0] cdc_wdm 1-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 174.363063][ T5775] usb 1-1: USB disconnect, device number 4 [ 174.487718][ T38] kauditd_printk_skb: 22 callbacks suppressed [ 174.487755][ T38] audit: type=1804 audit(1777387607.074:66): pid=6965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.402" name="/newroot/78/file1/file1" dev="loop2" ino=15 res=1 errno=0 [ 174.594623][ T5608] XFS (loop4): Unmounting Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846 [ 174.827010][ T6965] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 174.878807][ T6975] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 175.096160][ T5611] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.642067][ T6994] netlink: 4 bytes leftover after parsing attributes in process `syz.2.414'. [ 175.710699][ T6996] loop3: detected capacity change from 0 to 512 [ 177.555953][ T7011] loop3: detected capacity change from 0 to 2048 [ 177.707524][ T7011] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=2362, location=2362 [ 177.809686][ T7011] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 177.913009][ T7011] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 177.950149][ T7011] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 178.362458][ T7019] loop2: detected capacity change from 0 to 512 [ 178.737757][ T7019] EXT4-fs (loop2): 1 truncate cleaned up [ 178.752136][ T7019] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 178.950133][ T38] audit: type=1800 audit(1777387611.594:67): pid=7019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.424" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 179.144152][ T7028] loop1: detected capacity change from 0 to 128 [ 179.324577][ T7028] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 179.326592][ T7028] ext4 filesystem being mounted at /93/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 179.484377][ T5611] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 180.240096][ T7045] netlink: 204 bytes leftover after parsing attributes in process `syz.0.430'. [ 180.392741][ T5610] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 180.730841][ T7050] capability: warning: `syz.2.434' uses deprecated v2 capabilities in a way that may be insecure [ 181.046728][ T7054] 9p: Bad value for 'rfdno' [ 181.764519][ T7065] loop2: detected capacity change from 0 to 256 [ 181.838330][ T7070] process 'syz.4.439' launched './file0' with NULL argv: empty string added [ 181.923144][ T7072] netlink: 24 bytes leftover after parsing attributes in process `syz.0.440'. [ 181.993161][ T7074] netlink: 24 bytes leftover after parsing attributes in process `syz.0.440'. [ 182.096548][ T7069] tap0: tun_chr_ioctl cmd 1074025677 [ 182.096912][ T7069] tap0: linktype set to 780 [ 182.936861][ T7076] erspan0: entered promiscuous mode [ 183.416561][ T7089] loop0: detected capacity change from 0 to 256 [ 183.432999][ T5743] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 183.487099][ T7088] C: renamed from veth1_to_team (while UP) [ 183.605020][ T5743] usb 2-1: Using ep0 maxpacket: 8 [ 183.657326][ T5743] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 183.657359][ T5743] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 183.657378][ T5743] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 183.657398][ T5743] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 183.657436][ T5743] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 183.657458][ T5743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.046512][ T5743] usb 2-1: GET_CAPABILITIES returned 0 [ 184.046567][ T5743] usbtmc 2-1:16.0: can't read capabilities [ 184.197124][ T7089] FAT-fs (loop0): Directory bread(block 64) failed [ 184.197161][ T7089] FAT-fs (loop0): Directory bread(block 65) failed [ 184.197268][ T7089] FAT-fs (loop0): Directory bread(block 66) failed [ 184.197288][ T7089] FAT-fs (loop0): Directory bread(block 67) failed [ 184.197382][ T7089] FAT-fs (loop0): Directory bread(block 68) failed [ 184.197402][ T7089] FAT-fs (loop0): Directory bread(block 69) failed [ 184.197492][ T7089] FAT-fs (loop0): Directory bread(block 70) failed [ 184.197512][ T7089] FAT-fs (loop0): Directory bread(block 71) failed [ 184.197619][ T7089] FAT-fs (loop0): Directory bread(block 72) failed [ 184.197643][ T7089] FAT-fs (loop0): Directory bread(block 73) failed [ 184.345053][ T7088] netlink: 'syz.2.445': attribute type 8 has an invalid length. [ 184.345074][ T7088] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 184.649043][ T5743] usb 2-1: USB disconnect, device number 5 [ 184.743214][ T7097] loop2: detected capacity change from 0 to 512 [ 184.744258][ T7097] EXT4-fs: Ignoring removed bh option [ 184.855733][ T7097] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended [ 184.879897][ T7097] EXT4-fs (loop2): 1 truncate cleaned up [ 184.901951][ T7097] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.176850][ T7102] loop3: detected capacity change from 0 to 64 [ 185.249718][ T5611] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.019582][ T7102] hfs: unable to locate alternate MDB [ 186.019595][ T7102] hfs: continuing without an alternate MDB [ 186.982913][ T7127] netlink: 20 bytes leftover after parsing attributes in process `syz.4.464'. [ 187.461686][ T7127] Zero length message leads to an empty skb [ 187.461763][ T200] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 187.461808][ T200] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 187.461839][ T200] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 187.461870][ T200] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 187.768907][ T7137] loop3: detected capacity change from 0 to 2048 [ 187.827691][ T7137] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 187.960761][ T7140] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 188.184413][ T7135] loop0: detected capacity change from 0 to 32768 [ 188.295655][ T7119] loop1: detected capacity change from 0 to 32768 [ 188.512070][ T7145] Bluetooth: MGMT ver 1.23 [ 188.532008][ T7119] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 188.870867][ T7135] add_index: next_index = 0. Resetting! [ 188.870886][ T7135] find_entry called with index >= next_index [ 188.870895][ T7135] find_entry called with index >= next_index [ 188.870902][ T7135] find_entry called with index >= next_index [ 188.870909][ T7135] find_entry called with index >= next_index [ 188.928218][ T7119] XFS (loop1): Ending clean mount [ 188.999317][ T38] audit: type=1800 audit(1777387621.674:68): pid=7135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.468" name="bus" dev="loop0" ino=7 res=0 errno=0 [ 189.276678][ T5610] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 190.158389][ T7168] loop3: detected capacity change from 0 to 128 [ 190.253374][ T7165] loop2: detected capacity change from 0 to 256 [ 190.843379][ T7168] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 190.908941][ T7168] ext4 filesystem being mounted at /94/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 191.112338][ T7165] FAT-fs (loop2): Directory bread(block 64) failed [ 191.112371][ T7165] FAT-fs (loop2): Directory bread(block 65) failed [ 191.112463][ T7165] FAT-fs (loop2): Directory bread(block 66) failed [ 191.112484][ T7165] FAT-fs (loop2): Directory bread(block 67) failed [ 191.112708][ T7165] FAT-fs (loop2): Directory bread(block 68) failed [ 191.112730][ T7165] FAT-fs (loop2): Directory bread(block 69) failed [ 191.112832][ T7165] FAT-fs (loop2): Directory bread(block 70) failed [ 191.112853][ T7165] FAT-fs (loop2): Directory bread(block 71) failed [ 191.123275][ T7165] FAT-fs (loop2): Directory bread(block 72) failed [ 191.123303][ T7165] FAT-fs (loop2): Directory bread(block 73) failed [ 191.525947][ T5612] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 191.742825][ T7181] netlink: 60 bytes leftover after parsing attributes in process `syz.4.482'. [ 192.364931][ T7191] netlink: 48 bytes leftover after parsing attributes in process `syz.4.486'. [ 193.533397][ T7209] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.508115][ T1337] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.525415][ T1337] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.619474][ T7224] loop2: detected capacity change from 0 to 128 [ 194.893581][ T7228] loop4: detected capacity change from 0 to 64 [ 195.582486][ T7224] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; going on - but anything won't be destroyed because it's read-only [ 195.584492][ T7224] hpfs: filesystem error: improperly stopped [ 195.584513][ T7224] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 195.584526][ T7224] hpfs: Proceeding, but your filesystem could be corrupted if you delete files or directories [ 195.584535][ T7224] hpfs: You really don't want any checks? You are crazy... [ 195.727040][ T7224] hpfs: hpfs_map_sector(): read error [ 195.727057][ T7224] hpfs: code page support is disabled [ 195.819733][ T7239] netlink: 'syz.3.506': attribute type 83 has an invalid length. [ 195.932481][ T7224] hpfs: hpfs_map_4sectors(): unaligned read [ 195.933613][ T7224] hpfs: hpfs_map_4sectors(): unaligned read [ 195.933628][ T7224] hpfs: filesystem error: unable to find root dir [ 196.985141][ T32] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 197.168567][ T32] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 197.168599][ T32] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 197.168631][ T32] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 197.168653][ T32] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.251363][ T32] usb 4-1: config 0 descriptor?? [ 197.586426][ T5743] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 197.743027][ T5743] usb 3-1: Using ep0 maxpacket: 32 [ 197.753600][ T5743] usb 3-1: config 0 has an invalid interface number: 184 but max is 0 [ 197.753628][ T5743] usb 3-1: config 0 has no interface number 0 [ 197.753677][ T5743] usb 3-1: config 0 interface 184 has no altsetting 0 [ 197.790105][ T5743] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 197.790133][ T5743] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 197.790151][ T5743] usb 3-1: Product: syz [ 197.790164][ T5743] usb 3-1: Manufacturer: syz [ 197.790178][ T5743] usb 3-1: SerialNumber: syz [ 197.837830][ T32] hid_parser_main: 33 callbacks suppressed [ 197.837852][ T32] isku 0003:1E7D:319C.0004: unknown main item tag 0x0 [ 197.837881][ T32] isku 0003:1E7D:319C.0004: unknown main item tag 0x0 [ 197.837912][ T32] isku 0003:1E7D:319C.0004: unknown main item tag 0x0 [ 197.837938][ T32] isku 0003:1E7D:319C.0004: unknown main item tag 0x0 [ 197.837963][ T32] isku 0003:1E7D:319C.0004: unknown main item tag 0x0 [ 197.837988][ T32] isku 0003:1E7D:319C.0004: unknown main item tag 0x0 [ 197.838010][ T32] isku 0003:1E7D:319C.0004: unknown main item tag 0x0 [ 197.841509][ T32] isku 0003:1E7D:319C.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.3-1/input0 [ 197.847408][ T5743] usb 3-1: config 0 descriptor?? [ 198.177185][ T5628] usb 4-1: USB disconnect, device number 3 [ 198.940429][ T7248] loop1: detected capacity change from 0 to 32768 [ 198.956344][ T7258] loop3: detected capacity change from 0 to 64 [ 199.004846][ T5743] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71 [ 199.004873][ T5743] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 199.005438][ T5743] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 199.005452][ T5743] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71 [ 199.005461][ T5743] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset [ 199.005470][ T5743] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71 [ 199.005644][ T5743] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71 [ 199.094882][ T7258] hfs: unable to locate alternate MDB [ 199.094895][ T7258] hfs: continuing without an alternate MDB [ 199.205314][ T38] audit: type=1800 audit(1777387631.884:69): pid=7258 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.514" name="file1" dev="loop3" ino=22 res=0 errno=0 [ 199.436330][ T200] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 199.436380][ T200] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 199.436414][ T200] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 199.436447][ T200] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 199.547282][ T7248] [ 199.547282][ T7248] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 199.547282][ T7248] [ 199.547591][ T7248] read_mapping_page failed! [ 199.547601][ T7248] diRead: diIAGRead returned -5 [ 199.705686][ T5743] usb 3-1: USB disconnect, device number 5 [ 200.859401][ T7273] netlink: 'syz.3.519': attribute type 12 has an invalid length. [ 200.859421][ T7273] netlink: 'syz.3.519': attribute type 29 has an invalid length. [ 200.859431][ T7273] netlink: 148 bytes leftover after parsing attributes in process `syz.3.519'. [ 200.859465][ T7273] netlink: 'syz.3.519': attribute type 1 has an invalid length. [ 200.859475][ T7273] netlink: 'syz.3.519': attribute type 2 has an invalid length. [ 201.856960][ T7284] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 202.224050][ T7288] loop0: detected capacity change from 0 to 40427 [ 202.224927][ T7288] F2FS-fs: heap/no_heap options were deprecated [ 202.236729][ T7288] F2FS-fs (loop0): build fault injection rate: 19 [ 202.236755][ T7288] F2FS-fs (loop0): build fault injection type: 0x77e8c [ 202.238780][ T7288] F2FS-fs (loop0): invalid crc value [ 202.259835][ T7288] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21c/0xd60 [ 202.270313][ T7288] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x18f/0xb00 [ 202.299485][ C0] F2FS-fs (loop0): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60 [ 202.354638][ T7288] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 202.374536][ T7288] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 202.388529][ T7288] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of write_normal_summaries+0x120/0x3f0 [ 202.532667][ T7288] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x5e2/0x24f0 [ 202.532715][ T7288] F2FS-fs (loop0): invalid blkaddr: 513, type: 10, run fsck to fix. [ 202.711394][ T7288] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x681/0x24f0 [ 202.711441][ T7288] F2FS-fs (loop0): invalid blkaddr: 1027, type: 10, run fsck to fix. [ 203.417002][ T7308] loop3: detected capacity change from 0 to 16 [ 203.560007][ T7308] erofs (device loop3): invalid ishare xattr prefix id 0 [ 203.807683][ T7317] netlink: 56 bytes leftover after parsing attributes in process `syz.0.537'. [ 204.765788][ T5882] usb 3-1: new full-speed USB device number 6 using dummy_hcd [ 205.025023][ T5882] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 205.025054][ T5882] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 205.025089][ T5882] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 205.025110][ T5882] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.098568][ T5882] usb 3-1: config 0 descriptor?? [ 205.552165][ T38] audit: type=1326 audit(1777387644.220:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 205.567623][ T38] audit: type=1326 audit(1777387644.230:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 205.567685][ T38] audit: type=1326 audit(1777387644.230:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 205.567788][ T38] audit: type=1326 audit(1777387644.230:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 205.572760][ T38] audit: type=1326 audit(1777387644.240:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 205.594826][ T38] audit: type=1326 audit(1777387644.270:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 205.598838][ T38] audit: type=1326 audit(1777387644.270:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 205.598885][ T38] audit: type=1326 audit(1777387644.270:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 205.598922][ T38] audit: type=1326 audit(1777387644.270:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 205.605967][ T5882] elan 0003:04F3:0755.0005: unknown main item tag 0x0 [ 205.606002][ T5882] elan 0003:04F3:0755.0005: unknown main item tag 0x0 [ 205.606027][ T5882] elan 0003:04F3:0755.0005: unknown main item tag 0x0 [ 205.606052][ T5882] elan 0003:04F3:0755.0005: unknown main item tag 0x0 [ 205.606077][ T5882] elan 0003:04F3:0755.0005: unknown main item tag 0x0 [ 205.607034][ T5882] elan 0003:04F3:0755.0005: failed to start in urb: -90 [ 205.626460][ T38] audit: type=1326 audit(1777387644.290:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7337 comm="syz.4.548" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbed45ee159 code=0x7ffc0000 [ 206.100156][ T5882] elan 0003:04F3:0755.0005: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.2-1/input0 [ 206.155753][ T5882] usb 3-1: USB disconnect, device number 6 [ 206.426109][ T7345] fido_id[7345]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory [ 206.824317][ T5621] Bluetooth: hci3: command 0x0406 tx timeout [ 206.938237][ T5621] Bluetooth: hci2: command 0x0406 tx timeout [ 206.938275][ T5621] Bluetooth: hci0: command 0x0406 tx timeout [ 206.938318][ T5621] Bluetooth: hci1: command 0x0406 tx timeout [ 208.081728][ T7370] loop2: detected capacity change from 0 to 1024 [ 208.409443][ T7370] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 208.536970][ T7370] gfs2: path_lookup on c::: returned error -2 [ 208.555724][ T7375] loop3: detected capacity change from 0 to 64 [ 208.885572][ T7378] loop0: detected capacity change from 0 to 512 [ 208.909033][ T7378] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 209.312287][ T7388] netlink: 52 bytes leftover after parsing attributes in process `syz.4.568'. [ 209.625301][ T7378] EXT4-fs (loop0): 1 orphan inode deleted [ 209.625325][ T7378] EXT4-fs (loop0): 1 truncate cleaned up [ 209.676635][ T7378] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 209.943146][ T7381] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 210.097532][ T7394] netlink: 'syz.2.571': attribute type 1 has an invalid length. [ 210.097554][ T7394] netlink: 'syz.2.571': attribute type 2 has an invalid length. [ 210.471478][ T5609] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.400384][ T7409] loop9: detected capacity change from 0 to 524287936 [ 212.043039][ T32] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 212.209767][ T32] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 212.209795][ T32] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.209815][ T32] usb 4-1: Product: syz [ 212.209826][ T32] usb 4-1: Manufacturer: syz [ 212.209839][ T32] usb 4-1: SerialNumber: syz [ 212.399139][ T7409] Dev loop9: unable to read RDB block 8 [ 212.399495][ T7409] loop9: unable to read partition table [ 212.399882][ T7409] loop_reread_partitions: partition scan of loop9 (3 ) failed (rc=-5) [ 212.934813][ T32] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 212.934871][ T32] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 213.088204][ T32] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 213.120758][ T7422] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 213.120773][ T7422] IPv6: NLM_F_CREATE should be set when creating new route [ 213.120980][ T7422] IPv6: NLM_F_CREATE should be set when creating new route [ 213.121012][ T7422] IPv6: NLM_F_CREATE should be set when creating new route [ 213.210571][ T32] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71 [ 213.241418][ T32] usb 4-1: USB disconnect, device number 4 [ 213.397905][ T7431] loop0: detected capacity change from 0 to 128 [ 213.405702][ T7431] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 213.415132][ T7431] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 214.576108][ T7444] loop3: detected capacity change from 0 to 2048 [ 214.811040][ T7446] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 215.328998][ T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 215.385082][ T7433] loop1: detected capacity change from 0 to 32768 [ 215.431945][ T7433] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 215.809502][ T7444] NILFS error (device loop3): nilfs_readdir: zero-length directory entry [ 215.906138][ T7433] XFS (loop1): Ending clean mount [ 216.364948][ T5610] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 216.460612][ T7444] Remounting filesystem read-only [ 216.597706][ T7469] netlink: 36 bytes leftover after parsing attributes in process `syz.2.598'. [ 220.263834][ T823] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 220.435371][ T823] usb 5-1: Using ep0 maxpacket: 16 [ 220.440358][ T823] usb 5-1: config index 0 descriptor too short (expected 52, got 36) [ 220.440385][ T823] usb 5-1: config 0 has an invalid interface number: 251 but max is 0 [ 220.440404][ T823] usb 5-1: config 0 has no interface number 0 [ 220.440448][ T823] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 220.440471][ T823] usb 5-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 220.514822][ T823] usb 5-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 220.514851][ T823] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.514870][ T823] usb 5-1: Product: syz [ 220.514883][ T823] usb 5-1: Manufacturer: syz [ 220.514896][ T823] usb 5-1: SerialNumber: syz [ 220.550749][ T7529] loop0: detected capacity change from 0 to 512 [ 220.567871][ T823] usb 5-1: config 0 descriptor?? [ 220.568906][ T7520] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 220.569076][ T7520] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 220.589084][ T7529] FAT-fs (loop0): bogus logical sector size 0 [ 220.589106][ T7529] FAT-fs (loop0): Can't find a valid FAT filesystem [ 220.605975][ T7529] netlink: 8 bytes leftover after parsing attributes in process `syz.0.622'. [ 220.798696][ T7520] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 220.800828][ T7520] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 221.421003][ T823] asix 5-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 221.421033][ T823] asix 5-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 221.421325][ T823] asix 5-1:0.251: probe with driver asix failed with error -71 [ 221.524674][ T823] usb 5-1: USB disconnect, device number 8 [ 222.029085][ T7533] loop3: detected capacity change from 0 to 131072 [ 222.061037][ T7533] F2FS-fs (loop3): Test dummy encryption mode enabled [ 222.189272][ T7533] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 222.229495][ T7533] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b [ 223.393839][ T7553] loop4: detected capacity change from 0 to 512 [ 223.411980][ T7553] EXT4-fs: Ignoring removed nomblk_io_submit option [ 223.474522][ T7553] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 223.474545][ T7553] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002] [ 223.474867][ T7553] EXT4-fs (loop4): orphan cleanup on readonly fs [ 223.474978][ T7553] __quota_error: 569 callbacks suppressed [ 223.474989][ T7553] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 223.475076][ T7553] EXT4-fs warning (device loop4): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 223.475100][ T7553] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 223.591309][ T7553] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.630: bg 0: block 40: padding at end of block bitmap is not set [ 223.591340][ T7553] loop4: lost filesystem error report for type 5 error -117 [ 223.603935][ C1] EXT4-fs (loop4): initial error at time 1777387662: ext4_validate_block_bitmap:441 [ 223.603965][ C1] EXT4-fs (loop4): last error at time 1777387662: ext4_validate_block_bitmap:441 [ 223.661199][ T7553] EXT4-fs (loop4): Remounting filesystem read-only [ 223.661340][ T7553] EXT4-fs (loop4): 1 truncate cleaned up [ 223.686762][ T7553] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 223.787183][ T7553] EXT4-fs (loop4): shut down requested (2) [ 223.991362][ T5608] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 224.415625][ T7561] netlink: 71 bytes leftover after parsing attributes in process `syz.0.633'. [ 224.491075][ T7559] loop1: detected capacity change from 0 to 256 [ 224.492017][ T7559] exfat: Deprecated parameter 'utf8' [ 224.762930][ T7559] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 224.897835][ T7566] loop4: detected capacity change from 0 to 32768 [ 225.339597][ T7566] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 226.562702][ T7577] loop0: detected capacity change from 0 to 4096 [ 227.069627][ T7583] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 228.549754][ T7594] netlink: 8 bytes leftover after parsing attributes in process `syz.3.626'. [ 229.035142][ T5608] ocfs2: Unmounting device (7,4) on (node local) [ 229.511380][ T7605] netlink: 8 bytes leftover after parsing attributes in process `syz.0.651'. [ 230.550050][ T7601] loop3: detected capacity change from 0 to 32768 [ 230.829994][ T7623] loop1: detected capacity change from 0 to 1024 [ 231.653095][ T7623] hfsplus: bad catalog entry type [ 231.818005][ T7626] loop4: detected capacity change from 0 to 32768 [ 231.914861][ T7626] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 231.914881][ T7626] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 232.135965][ T7626] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 232.217385][ T5628] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 232.217406][ T5628] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 232.717391][ T7619] loop2: detected capacity change from 0 to 32768 [ 232.789873][ T7619] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 232.884194][ T7619] XFS (loop2): Ending clean mount [ 232.938975][ T7634] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.454110][ T7652] netlink: 16 bytes leftover after parsing attributes in process `syz.0.666'. [ 233.506849][ T7650] loop1: detected capacity change from 0 to 256 [ 233.509801][ T7650] exfat: Deprecated parameter 'namecase' [ 233.509926][ T7650] exfat: Deprecated parameter 'namecase' [ 233.619041][ T7650] exFAT-fs (loop1): failed to load upcase table (idx : 0x00000c00, chksum : 0x54b6a122, utbl_chksum : 0xe619d30d) [ 233.899558][ T5628] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 1682ms [ 234.240724][ T5628] gfs2: fsid=syz:syz.0: jid=0: Done [ 234.248113][ T7626] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 234.382703][ T7626] syz.4.660: attempt to access beyond end of device [ 234.382703][ T7626] loop4: rw=12288, sector=103079232192, nr_sectors = 8 limit=32768 [ 234.382830][ T7626] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 12884904024 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1431 [ 234.382913][ T7626] CPU: 0 UID: 0 PID: 7626 Comm: syz.4.660 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 234.382940][ T7626] Tainted: [L]=SOFTLOCKUP [ 234.382947][ T7626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 234.382960][ T7626] Call Trace: [ 234.382966][ T7626] [ 234.382974][ T7626] dump_stack_lvl+0xe8/0x150 [ 234.383007][ T7626] gfs2_withdraw+0xc3/0x1b0 [ 234.383038][ T7626] gfs2_quota_init+0x10fe/0x1220 [ 234.383061][ T7626] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 234.383106][ T7626] ? __pfx_gfs2_quota_init+0x10/0x10 [ 234.383128][ T7626] ? __pfx_wake_up_bit+0x10/0x10 [ 234.383157][ T7626] ? rt_spin_unlock+0x160/0x200 [ 234.383182][ T7626] ? inode_go_inval+0x2a0/0x360 [ 234.383210][ T7626] gfs2_make_fs_rw+0x143/0x230 [ 234.383231][ T7626] gfs2_fill_super+0x1bfd/0x2220 [ 234.383274][ T7626] ? __pfx_gfs2_fill_super+0x10/0x10 [ 234.383300][ T7626] ? rt_spin_unlock+0x14f/0x200 [ 234.383324][ T7626] ? init_locking+0xb8/0x210 [ 234.383351][ T7626] ? sb_set_blocksize+0x11b/0x210 [ 234.383382][ T7626] ? setup_bdev_super+0x4c1/0x5b0 [ 234.383412][ T7626] get_tree_bdev_flags+0x431/0x4f0 [ 234.383438][ T7626] ? __pfx_gfs2_fill_super+0x10/0x10 [ 234.383466][ T7626] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 234.383490][ T7626] ? __pfx_vfs_parse_comma_sep+0x10/0x10 [ 234.383527][ T7626] gfs2_get_tree+0x51/0x1e0 [ 234.383559][ T7626] vfs_get_tree+0x92/0x2a0 [ 234.383597][ T7626] do_new_mount+0x341/0xd30 [ 234.383616][ T7626] ? apparmor_capable+0x126/0x170 [ 234.383659][ T7626] ? __pfx_do_new_mount+0x10/0x10 [ 234.383680][ T7626] ? ns_capable+0x89/0xe0 [ 234.383710][ T7626] ? user_path_at+0xd4/0x160 [ 234.383738][ T7626] ? user_path_at+0xd4/0x160 [ 234.383763][ T7626] __se_sys_mount+0x31d/0x420 [ 234.383791][ T7626] ? __pfx___se_sys_mount+0x10/0x10 [ 234.383819][ T7626] ? __x64_sys_mount+0x20/0xc0 [ 234.383837][ T7626] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.383860][ T7626] do_syscall_64+0x15f/0xf80 [ 234.383886][ T7626] ? trace_irq_disable+0x3b/0x140 [ 234.383912][ T7626] ? clear_bhb_loop+0x40/0x90 [ 234.383937][ T7626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.383957][ T7626] RIP: 0033:0x7fbed464e04a [ 234.383977][ T7626] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 234.383994][ T7626] RSP: 002b:00007fbed289de58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 234.384015][ T7626] RAX: ffffffffffffffda RBX: 00007fbed289dee0 RCX: 00007fbed464e04a [ 234.384031][ T7626] RDX: 00002000000124c0 RSI: 0000200000012500 RDI: 00007fbed289dea0 [ 234.384045][ T7626] RBP: 00002000000124c0 R08: 00007fbed289dee0 R09: 0000000000000000 [ 234.384059][ T7626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000012500 [ 234.384072][ T7626] R13: 00007fbed289dea0 R14: 00000000000125f2 R15: 0000200000000180 [ 234.384105][ T7626] [ 234.384615][ T7626] gfs2: fsid=syz:syz.0: can't make FS RW: -5 [ 234.975743][ T5611] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 235.195077][ T7663] loop3: detected capacity change from 0 to 4096 [ 235.572552][ T7663] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.935821][ T5612] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 236.324415][ T7679] loop1: detected capacity change from 0 to 512 [ 236.601237][ T7679] EXT4-fs error (device loop1): ext4_iget_extra_inode:5128: inode #15: comm syz.1.670: corrupted in-inode xattr: invalid ea_ino [ 236.601272][ T7679] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 236.603046][ C1] EXT4-fs (loop1): error count since last fsck: 1 [ 236.603067][ C1] EXT4-fs (loop1): initial error at time 1777453211: ext4_iget_extra_inode:5128: inode 15 [ 236.603095][ C1] EXT4-fs (loop1): last error at time 1777453211: ext4_iget_extra_inode:5128: inode 15 [ 236.621056][ T7679] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.670: couldn't read orphan inode 15 (err -117) [ 236.621088][ T7679] loop1: lost filesystem error report for type 5 error -117 [ 236.811344][ T7679] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 237.250800][ T7690] netlink: 12 bytes leftover after parsing attributes in process `syz.2.688'. [ 237.250825][ T7690] netlink: 12 bytes leftover after parsing attributes in process `syz.2.688'. [ 237.549306][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.167288][ T7709] loop4: detected capacity change from 0 to 256 [ 238.224131][ T7709] exfat: Deprecated parameter 'utf8' [ 238.382062][ T7709] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 239.477703][ T7723] loop3: detected capacity change from 0 to 512 [ 239.721830][ T7723] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.692: corrupted in-inode xattr: invalid ea_ino [ 239.721852][ T7723] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 239.726824][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 239.726850][ C1] EXT4-fs (loop3): initial error at time 1777453214: ext4_iget_extra_inode:5128: inode 15 [ 239.726875][ C1] EXT4-fs (loop3): last error at time 1777453214: ext4_iget_extra_inode:5128: inode 15 [ 239.738157][ T7734] IPVS: lblc: FWM 3 0x00000003 - no destination available [ 239.825349][ T7723] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.692: couldn't read orphan inode 15 (err -117) [ 239.825384][ T7723] loop3: lost filesystem error report for type 5 error -117 [ 239.890436][ T5628] IPVS: starting estimator thread 0... [ 239.955637][ T7723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 239.973035][ T7735] IPVS: using max 15 ests per chain, 36000 per kthread [ 240.268497][ T5612] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.465833][ T7744] netlink: 20 bytes leftover after parsing attributes in process `syz.2.701'. [ 240.465856][ T7744] netlink: 12 bytes leftover after parsing attributes in process `syz.2.701'. [ 240.498953][ T7744] netlink: 20 bytes leftover after parsing attributes in process `syz.2.701'. [ 240.498974][ T7744] netlink: 12 bytes leftover after parsing attributes in process `syz.2.701'. [ 240.802985][ T32] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 240.954169][ T32] usb 4-1: Using ep0 maxpacket: 16 [ 240.961314][ T32] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 240.961344][ T32] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.961380][ T32] usb 4-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00 [ 240.961400][ T32] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.990072][ T32] usb 4-1: config 0 descriptor?? [ 241.739665][ T7771] netlink: 4 bytes leftover after parsing attributes in process `syz.4.710'. [ 241.770363][ T32] usb 4-1: string descriptor 0 read error: -71 [ 241.794219][ T7771] veth1_macvtap: left promiscuous mode [ 241.805828][ T32] usb 4-1: Max retries (5) exceeded reading string descriptor 200 [ 241.805912][ T32] letsketch 0003:6161:4D15.0006: probe with driver letsketch failed with error -32 [ 241.955943][ T32] usb 4-1: USB disconnect, device number 5 [ 243.013984][ T7787] loop4: detected capacity change from 0 to 4096 [ 243.031330][ T7793] loop0: detected capacity change from 0 to 512 [ 243.046028][ T7793] EXT4-fs: inline encryption not supported [ 243.139490][ T7793] EXT4-fs error (device loop0): ext4_orphan_get:1423: comm syz.0.719: bad orphan inode 15 [ 243.139520][ T7793] loop0: lost filesystem error report for type 5 error -117 [ 243.148222][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 243.148245][ C1] EXT4-fs (loop0): initial error at time 1777453217: ext4_orphan_get:1423 [ 243.148262][ C1] EXT4-fs (loop0): last error at time 1777453217: ext4_orphan_get:1423 [ 243.157581][ T7793] ext4_test_bit(bit=14, block=5) = 0 [ 243.357930][ T7793] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 243.437934][ T7793] EXT4-fs (loop0): shut down requested (1) [ 243.701549][ T5609] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.051401][ T7815] program syz.0.725 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 245.202151][ T7841] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 245.503058][ T5348] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 245.856388][ T5348] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 245.856417][ T5348] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 245.974605][ T5348] usb 3-1: config 0 descriptor?? [ 246.018411][ T5348] cp210x 3-1:0.0: cp210x converter detected [ 246.277154][ T3515] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting [ 246.515943][ T5348] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 246.543526][ T7860] netlink: 27 bytes leftover after parsing attributes in process `syz.3.745'. [ 246.871369][ T3515] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID [ 246.992525][ T7871] loop4: detected capacity change from 0 to 64 [ 247.082324][ T5348] usb 3-1: cp210x converter now attached to ttyUSB0 [ 247.149287][ T7872] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 247.242718][ T5348] usb 3-1: USB disconnect, device number 7 [ 247.448563][ T5348] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 247.604794][ T5348] cp210x 3-1:0.0: device disconnected [ 248.435288][ T7897] loop4: detected capacity change from 0 to 512 [ 248.763185][ T7897] EXT4-fs (loop4): 1 truncate cleaned up [ 248.791383][ T7897] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 248.862420][ T7897] EXT4-fs (loop4): shut down requested (2) [ 249.119181][ T5608] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.496554][ T7916] netlink: 24 bytes leftover after parsing attributes in process `syz.0.768'. [ 250.078049][ T7927] loop2: detected capacity change from 0 to 4096 [ 250.093019][ T32] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 250.151594][ T7927] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 250.253000][ T32] usb 5-1: Using ep0 maxpacket: 16 [ 250.255330][ T32] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 250.255362][ T32] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 250.257680][ T32] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 250.257704][ T32] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.257720][ T32] usb 5-1: Product: syz [ 250.257732][ T32] usb 5-1: Manufacturer: syz [ 250.257744][ T32] usb 5-1: SerialNumber: syz [ 250.347623][ T32] usb 5-1: config 0 descriptor?? [ 250.369105][ T32] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 250.369139][ T32] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class) [ 250.913783][ T7927] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 251.085942][ T32] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 251.454759][ T32] em28xx 5-1:0.0: Config register raw data: 0xfffffffb [ 251.525230][ T32] em28xx 5-1:0.0: AC97 chip type couldn't be determined [ 251.525251][ T32] em28xx 5-1:0.0: No AC97 audio processor [ 251.563280][ T32] usb 5-1: USB disconnect, device number 9 [ 251.570700][ T32] em28xx 5-1:0.0: Disconnecting em28xx [ 251.759141][ T32] em28xx 5-1:0.0: Freeing device [ 252.151916][ T7948] netlink: 12 bytes leftover after parsing attributes in process `syz.0.782'. [ 252.152041][ T7948] netlink: 12 bytes leftover after parsing attributes in process `syz.0.782'. [ 253.211867][ T7967] netlink: 16 bytes leftover after parsing attributes in process `syz.1.789'. [ 253.232304][ T7967] netlink: 16 bytes leftover after parsing attributes in process `syz.1.789'. [ 253.476273][ T7973] loop1: detected capacity change from 0 to 512 [ 253.769041][ T7973] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 222 vs 220 free clusters [ 253.778461][ C0] EXT4-fs (loop1): initial error at time 1777453228: ext4_mb_generate_buddy:1317 [ 253.778492][ C0] EXT4-fs (loop1): last error at time 1777453228: ext4_mb_generate_buddy:1317 [ 254.083029][ T32] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 254.116198][ T7973] EXT4-fs (loop1): Remounting filesystem read-only [ 254.149358][ T7983] netlink: 844 bytes leftover after parsing attributes in process `syz.2.795'. [ 254.168388][ T7973] EXT4-fs warning (device loop1): ext4_evict_inode:270: couldn't mark inode dirty (err -30) [ 254.168454][ T7973] EXT4-fs (loop1): 1 orphan inode deleted [ 254.172787][ T7973] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.263064][ T32] usb 5-1: Using ep0 maxpacket: 16 [ 254.283345][ T32] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 254.283399][ T32] usb 5-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 254.283425][ T32] usb 5-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 25 [ 254.283451][ T32] usb 5-1: config 0 interface 0 has no altsetting 0 [ 254.283483][ T32] usb 5-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00 [ 254.283505][ T32] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.416128][ T32] usb 5-1: config 0 descriptor?? [ 254.449900][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.957911][ T32] zeroplus 0003:0C12:0030.0007: ignoring exceeding usage max [ 254.959486][ T32] zeroplus 0003:0C12:0030.0007: reserved main item tag 0xd [ 254.959525][ T32] zeroplus 0003:0C12:0030.0007: unknown main item tag 0x5 [ 254.959603][ T32] zeroplus 0003:0C12:0030.0007: reserved main item tag 0xd [ 254.959673][ T32] zeroplus 0003:0C12:0030.0007: unknown main item tag 0x5 [ 254.961637][ T32] zeroplus 0003:0C12:0030.0007: global environment stack underflow [ 254.961657][ T32] zeroplus 0003:0C12:0030.0007: item 0 2 1 11 parsing failed [ 254.962588][ T32] zeroplus 0003:0C12:0030.0007: parse failed [ 254.962656][ T32] zeroplus 0003:0C12:0030.0007: probe with driver zeroplus failed with error -22 [ 255.150283][ T5882] usb 5-1: USB disconnect, device number 10 [ 255.760501][ T8005] tipc: Started in network mode [ 255.760531][ T8005] tipc: Node identity ac14140f, cluster identity 4711 [ 255.881430][ T8005] tipc: New replicast peer: 255.255.255.255 [ 255.967205][ T1337] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.967313][ T1337] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.218455][ T8005] tipc: Enabled bearer , priority 10 [ 256.238559][ T8011] netlink: 12 bytes leftover after parsing attributes in process `syz.3.806'. [ 256.238576][ T8011] tipc: Disabling bearer [ 256.547878][ T8020] loop0: detected capacity change from 0 to 2048 [ 256.603551][ T37] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 256.708810][ T8020] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d [ 256.731293][ T8020] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 256.763032][ T37] usb 2-1: Using ep0 maxpacket: 16 [ 256.773162][ T37] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 256.773192][ T37] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 256.773211][ T37] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 256.773252][ T37] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 256.773275][ T37] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.860778][ T37] usb 2-1: config 0 descriptor?? [ 257.728566][ T37] shield 0003:0955:7214.0008: unknown main item tag 0x0 [ 257.728603][ T37] shield 0003:0955:7214.0008: unknown main item tag 0x0 [ 257.728627][ T37] shield 0003:0955:7214.0008: item fetching failed at offset 2/5 [ 257.729410][ T37] shield 0003:0955:7214.0008: Parse failed [ 257.729494][ T37] shield 0003:0955:7214.0008: probe with driver shield failed with error -22 [ 257.839299][ T37] usb 2-1: USB disconnect, device number 6 [ 259.852505][ T8051] netlink: 4 bytes leftover after parsing attributes in process `syz.3.822'. [ 264.857887][ T8089] loop0: detected capacity change from 0 to 4096 [ 264.864177][ T8089] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 265.248894][ T8086] loop2: detected capacity change from 0 to 131072 [ 265.268201][ T8086] F2FS-fs (loop2): Test dummy encryption mode enabled [ 265.282082][ T8086] F2FS-fs (loop2): invalid crc value [ 265.655176][ T8092] loop1: detected capacity change from 0 to 2048 [ 265.659160][ T8086] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 265.681250][ T8086] F2FS-fs (loop2): Start checkpoint disabled! [ 265.742554][ T8086] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0 [ 265.773640][ T8086] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6 [ 265.874968][ T8086] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 266.067361][ T8089] ntfs3(loop0): Failed to initialize $Extend/$ObjId. [ 266.305725][ T8092] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.403315][ T8092] EXT4-fs (loop1): shut down requested (2) [ 266.529937][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.418032][ T8119] vcan0: tx drop: invalid da for name 0x00000000000000f5 [ 268.642210][ T8140] loop0: detected capacity change from 0 to 2048 [ 268.766519][ T8140] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 268.924117][ T8144] loop3: detected capacity change from 0 to 256 [ 269.376480][ T8150] netlink: 84 bytes leftover after parsing attributes in process `syz.4.862'. [ 269.504405][ T8152] netlink: 332 bytes leftover after parsing attributes in process `syz.3.861'. [ 269.504494][ T8152] netlink: 'syz.3.861': attribute type 9 has an invalid length. [ 269.908486][ T38] audit: type=1326 audit(1777453244.576:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8163 comm="syz.0.863" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26e302cdd9 code=0x0 [ 270.199444][ T8172] loop3: detected capacity change from 0 to 256 [ 270.268607][ T8173] loop4: detected capacity change from 0 to 512 [ 270.471437][ T8173] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 270.471778][ T8173] EXT4-fs (loop4): orphan cleanup on readonly fs [ 270.471890][ T8173] EXT4-fs error (device loop4): ext4_ext_check_inode:521: inode #4: comm syz.4.869: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 2052(4), depth 0(0) [ 270.471928][ T8173] loop4: lost file I/O error report for ino 4 type 5 pos 0x0 len 0x0 error -117 [ 270.473875][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 270.473896][ C1] EXT4-fs (loop4): last error at time 1777453245: ext4_ext_check_inode:521: inode 4 [ 270.498605][ T8173] EXT4-fs error (device loop4): ext4_quota_enable:7228: comm syz.4.869: Bad quota inode: 4, type: 1 [ 270.498637][ T8173] loop4: lost filesystem error report for type 5 error -117 [ 270.525781][ T8173] EXT4-fs warning (device loop4): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 270.545729][ T8173] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 270.582693][ T8173] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 270.756136][ T8172] FAT-fs (loop3): Directory bread(block 64) failed [ 270.756171][ T8172] FAT-fs (loop3): Directory bread(block 65) failed [ 270.756387][ T8172] FAT-fs (loop3): Directory bread(block 66) failed [ 270.756413][ T8172] FAT-fs (loop3): Directory bread(block 67) failed [ 270.756507][ T8172] FAT-fs (loop3): Directory bread(block 68) failed [ 270.756528][ T8172] FAT-fs (loop3): Directory bread(block 69) failed [ 270.756618][ T8172] FAT-fs (loop3): Directory bread(block 70) failed [ 270.756641][ T8172] FAT-fs (loop3): Directory bread(block 71) failed [ 270.756742][ T8172] FAT-fs (loop3): Directory bread(block 72) failed [ 270.756762][ T8172] FAT-fs (loop3): Directory bread(block 73) failed [ 271.187140][ T5608] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.211539][ T8179] loop0: detected capacity change from 0 to 256 [ 271.495343][ T8184] netlink: 24 bytes leftover after parsing attributes in process `syz.3.874'. [ 271.501047][ T8185] loop1: detected capacity change from 0 to 16 [ 271.516792][ T8185] erofs (device loop1): mounted with root inode @ nid 36. [ 272.670619][ T8206] netlink: 'syz.0.884': attribute type 5 has an invalid length. [ 273.208796][ T8195] mmap: syz.2.879 (8195) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 274.020462][ T8222] batman_adv: batadv0: Adding interface: macvtap1 [ 274.020480][ T8222] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 274.020507][ T8222] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active [ 275.038503][ T8249] loop3: detected capacity change from 0 to 128 [ 275.093687][ T8249] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 275.132622][ T8249] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 275.144651][ T5348] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 275.309123][ T5348] usb 5-1: Using ep0 maxpacket: 16 [ 275.318669][ T5348] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 275.318734][ T5348] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 275.318760][ T5348] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 275.318781][ T5348] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 275.318803][ T5348] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 275.365498][ T5348] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 275.365528][ T5348] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 275.365547][ T5348] usb 5-1: Manufacturer: syz [ 275.442200][ T5348] usb 5-1: config 0 descriptor?? [ 275.591662][ T8254] loop0: detected capacity change from 0 to 64 [ 275.854304][ T5348] rc_core: IR keymap rc-hauppauge not found [ 275.854323][ T5348] Registered IR keymap rc-empty [ 275.854500][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 275.896383][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 275.929692][ T5348] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 275.963176][ T5348] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input6 [ 276.528206][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.543158][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.573224][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.583231][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.605135][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.623231][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.643070][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.663111][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.683246][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.713174][ T5348] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 276.773969][ T5348] mceusb 5-1:0.0: Registered with mce emulator interface version 1 [ 276.773995][ T5348] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 276.810515][ T5348] usb 5-1: USB disconnect, device number 11 [ 278.092090][ T8290] loop0: detected capacity change from 0 to 256 [ 278.114366][ T8290] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 278.155921][ T8290] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 278.267139][ T8294] netlink: 12 bytes leftover after parsing attributes in process `syz.4.920'. [ 278.673019][ T8297] block nbd1: NBD_DISCONNECT [ 278.770558][ T8295] block nbd1: Disconnected due to user request. [ 278.770580][ T8295] block nbd1: shutting down sockets [ 279.208239][ T5882] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 279.296985][ T8316] loop3: detected capacity change from 0 to 128 [ 279.374692][ T5882] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 279.374717][ T5882] usb 1-1: config 0 has no interface number 0 [ 279.374759][ T5882] usb 1-1: config 0 interface 1 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 279.374784][ T5882] usb 1-1: config 0 interface 1 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0 [ 279.374804][ T5882] usb 1-1: config 0 interface 1 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 279.374829][ T5882] usb 1-1: config 0 interface 1 has no altsetting 0 [ 279.376391][ T5882] usb 1-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00 [ 279.376418][ T5882] usb 1-1: New USB device strings: Mfr=93, Product=0, SerialNumber=0 [ 279.376514][ T5882] usb 1-1: Manufacturer: syz [ 279.420142][ T5882] usb 1-1: config 0 descriptor?? [ 280.095390][ T5882] uclogic 0003:145F:0212.0009: pen parameters not found [ 280.095424][ T5882] uclogic 0003:145F:0212.0009: interface is invalid, ignoring [ 280.158356][ T5882] usb 1-1: USB disconnect, device number 5 [ 280.422219][ T8333] Bluetooth: MGMT ver 1.23 [ 281.631905][ T8365] loop2: detected capacity change from 0 to 64 [ 281.806385][ T8365] hfs: unable to locate alternate MDB [ 281.806399][ T8365] hfs: continuing without an alternate MDB [ 282.989978][ T8386] faux_driver vgem: [drm] Unknown color mode 127; guessing buffer size. [ 283.859044][ T8398] loop0: detected capacity change from 0 to 4096 [ 284.112267][ T8404] loop2: detected capacity change from 0 to 128 [ 284.256743][ T8407] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 284.707807][ T38] audit: type=1326 audit(1777453259.366:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 284.707861][ T38] audit: type=1326 audit(1777453259.366:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 284.720929][ T38] audit: type=1326 audit(1777453259.396:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 284.720985][ T38] audit: type=1326 audit(1777453259.396:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 284.721024][ T38] audit: type=1326 audit(1777453259.396:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 284.721062][ T38] audit: type=1326 audit(1777453259.396:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 284.735753][ T38] audit: type=1326 audit(1777453259.406:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 284.735805][ T38] audit: type=1326 audit(1777453259.406:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 284.735844][ T38] audit: type=1326 audit(1777453259.406:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 284.735881][ T38] audit: type=1326 audit(1777453259.406:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f241632cdd9 code=0x7ffc0000 [ 286.003042][ T5348] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 286.208491][ T5348] usb 2-1: Using ep0 maxpacket: 8 [ 286.214527][ T5348] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 286.214559][ T5348] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 286.214581][ T5348] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 286.214604][ T5348] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 286.214643][ T5348] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 286.214665][ T5348] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.499444][ T5348] usb 2-1: GET_CAPABILITIES returned 0 [ 286.499490][ T5348] usbtmc 2-1:16.0: can't read capabilities [ 286.813019][ T5348] usb 2-1: USB disconnect, device number 7 [ 287.714771][ T8457] loop0: detected capacity change from 0 to 512 [ 287.752599][ T8457] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 287.753036][ T8457] EXT4-fs (loop0): orphan cleanup on readonly fs [ 287.756908][ T8457] EXT4-fs warning (device loop0): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix. [ 287.757068][ T8457] EXT4-fs (loop0): Cannot turn on quotas: error -5 [ 287.784997][ T8458] loop1: detected capacity change from 0 to 1024 [ 287.785984][ T8458] EXT4-fs: Ignoring removed bh option [ 287.787038][ T8458] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 287.838856][ T8457] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #16: comm syz.0.984: corrupted inode contents [ 287.838891][ T8457] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 287.842948][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 287.842966][ C1] EXT4-fs (loop0): initial error at time 1777453262: ext4_do_update_inode:5690: inode 16 [ 287.842994][ C1] EXT4-fs (loop0): last error at time 1777453262: ext4_do_update_inode:5690: inode 16 [ 287.866630][ T8457] EXT4-fs error (device loop0): ext4_dirty_inode:6587: inode #16: comm syz.0.984: mark_inode_dirty error [ 287.866663][ T8457] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 287.873015][ T8457] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #16: comm syz.0.984: corrupted inode contents [ 287.873047][ T8457] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 288.025270][ T8457] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #16: comm syz.0.984: mark_inode_dirty error [ 288.025304][ T8457] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 288.103905][ T8458] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.123099][ T8457] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #16: comm syz.0.984: corrupted inode contents [ 288.123132][ T8457] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 288.126494][ T8457] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem [ 288.126519][ T8457] loop0: lost filesystem error report for type 5 error -117 [ 288.128356][ T8457] EXT4-fs error (device loop0): ext4_do_update_inode:5690: inode #16: comm syz.0.984: corrupted inode contents [ 288.128385][ T8457] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 288.132178][ T8457] EXT4-fs error (device loop0): ext4_truncate:4690: inode #16: comm syz.0.984: mark_inode_dirty error [ 288.132209][ T8457] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 288.132609][ T8457] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem [ 288.132630][ T8457] loop0: lost filesystem error report for type 5 error -117 [ 288.142039][ T8457] EXT4-fs (loop0): 1 truncate cleaned up [ 288.150171][ T8457] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 288.153152][ T5882] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 288.410048][ T8471] loop3: detected capacity change from 0 to 512 [ 288.424708][ T5882] usb 5-1: Using ep0 maxpacket: 8 [ 288.443641][ T5882] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 288.443660][ T5882] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 288.443677][ T5882] usb 5-1: Product: syz [ 288.443683][ T5882] usb 5-1: Manufacturer: syz [ 288.443691][ T5882] usb 5-1: SerialNumber: syz [ 288.613419][ T5609] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.629419][ T5882] usb 5-1: config 0 descriptor?? [ 289.022590][ T8471] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.022825][ T8471] ext4 filesystem being mounted at /210/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 289.055636][ T5882] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 289.056857][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.613640][ T5882] input: gspca_zc3xx as /devices/platform/dummy_hcd.4/usb5/5-1/input/input7 [ 290.565803][ T5882] usb 5-1: USB disconnect, device number 12 [ 290.798744][ T5612] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 290.857308][ T8510] loop2: detected capacity change from 0 to 2048 [ 291.088479][ T8510] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.171668][ T8510] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 291.874381][ T5611] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 294.717626][ T8561] loop1: detected capacity change from 0 to 256 [ 294.867184][ T8561] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 294.891476][ T5743] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 294.923046][ T8564] loop0: detected capacity change from 0 to 256 [ 294.980688][ T8564] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 295.027781][ T8564] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 295.077948][ T5743] usb 3-1: Using ep0 maxpacket: 16 [ 295.081431][ T5743] usb 3-1: config index 0 descriptor too short (expected 52, got 36) [ 295.081457][ T5743] usb 3-1: config 0 has an invalid interface number: 251 but max is 0 [ 295.081475][ T5743] usb 3-1: config 0 has no interface number 0 [ 295.081517][ T5743] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 295.081540][ T5743] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 295.120332][ T5743] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 295.120362][ T5743] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.120379][ T5743] usb 3-1: Product: syz [ 295.120391][ T5743] usb 3-1: Manufacturer: syz [ 295.120403][ T5743] usb 3-1: SerialNumber: syz [ 295.296048][ T5743] usb 3-1: config 0 descriptor?? [ 295.346726][ T8560] netdevsim netdevsim3 netdevsim0: IPsec offload requires 128 bit authentication [ 295.491893][ T8555] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 295.492064][ T8555] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 295.590363][ T8575] loop3: detected capacity change from 0 to 256 [ 295.643278][ T8575] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 295.705951][ T8555] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 295.706083][ T8555] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 296.330963][ T5743] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 296.330993][ T5743] asix 3-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 296.331276][ T5743] asix 3-1:0.251: probe with driver asix failed with error -71 [ 296.435128][ T5743] usb 3-1: USB disconnect, device number 8 [ 296.764040][ T8587] loop1: detected capacity change from 0 to 512 [ 296.844870][ T8587] fscrypt (loop1, inode 2): Error -61 getting encryption context [ 297.100314][ T8587] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -61 [ 297.100462][ T8587] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #13: comm syz.1.1031: iget: bad i_size value: 12154757448730 [ 297.100500][ T8587] loop1: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 297.101738][ T8587] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.1031: couldn't read orphan inode 13 (err -117) [ 297.101767][ T8587] loop1: lost filesystem error report for type 5 error -117 [ 297.105436][ T8587] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.267228][ T5610] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.851415][ T38] kauditd_printk_skb: 9 callbacks suppressed [ 297.851431][ T38] audit: type=1326 audit(1777453272.516:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 297.851469][ T38] audit: type=1326 audit(1777453272.516:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 297.933702][ T38] audit: type=1326 audit(1777453272.596:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 297.933748][ T38] audit: type=1326 audit(1777453272.596:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 297.933780][ T38] audit: type=1326 audit(1777453272.596:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 297.934651][ T38] audit: type=1326 audit(1777453272.596:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 297.934694][ T38] audit: type=1326 audit(1777453272.596:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 297.935837][ T38] audit: type=1326 audit(1777453272.596:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 297.935886][ T38] audit: type=1326 audit(1777453272.596:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 297.935925][ T38] audit: type=1326 audit(1777453272.616:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8600 comm="syz.4.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fbed464cdd9 code=0x7ffc0000 [ 298.738721][ T8616] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1043'. [ 300.741613][ T8642] block nbd0: not configured, cannot reconfigure [ 301.758978][ T8644] loop4: detected capacity change from 0 to 8192 [ 302.123837][ T5348] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 302.298639][ T5348] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11 [ 302.298674][ T5348] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 302.298713][ T5348] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 302.298736][ T5348] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.394175][ T5348] usb 1-1: config 0 descriptor?? [ 302.854293][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.854335][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.854361][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.854385][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.854408][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.854432][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.854456][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.854479][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.854504][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.854527][ T5348] kovaplus 0003:1E7D:2D50.000A: unknown main item tag 0x0 [ 302.856566][ T5348] kovaplus 0003:1E7D:2D50.000A: item fetching failed at offset 140/235 [ 302.860616][ T5348] kovaplus 0003:1E7D:2D50.000A: parse failed [ 302.860695][ T5348] kovaplus 0003:1E7D:2D50.000A: probe with driver kovaplus failed with error -22 [ 303.058311][ T5348] usb 1-1: USB disconnect, device number 6 [ 303.590683][ T60] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 303.775693][ T60] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 303.777815][ T60] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 303.813373][ T60] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 303.815149][ T60] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 304.056522][ T8686] loop2: detected capacity change from 0 to 2048 [ 304.089569][ T8686] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d [ 304.116060][ T8686] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 304.259354][ T88] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.916738][ T8712] loop1: detected capacity change from 0 to 32768 [ 305.944213][ T5626] Bluetooth: hci3: command tx timeout [ 305.969412][ T8712] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 305.969431][ T8712] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 306.117679][ T8712] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 306.133523][ T37] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 306.133543][ T37] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 306.232102][ T37] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 98ms [ 306.232333][ T37] gfs2: fsid=syz:syz.0: jid=0: Done [ 306.232434][ T8712] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 306.279772][ T5624] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 306.323243][ T8712] syz.1.1079: attempt to access beyond end of device [ 306.323243][ T8712] loop1: rw=12288, sector=103079232192, nr_sectors = 8 limit=32768 [ 306.323322][ T8712] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 12884904024 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1431 [ 306.323371][ T8712] CPU: 1 UID: 0 PID: 8712 Comm: syz.1.1079 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 306.323402][ T8712] Tainted: [L]=SOFTLOCKUP [ 306.323410][ T8712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 306.323429][ T8712] Call Trace: [ 306.323436][ T8712] [ 306.323445][ T8712] dump_stack_lvl+0xe8/0x150 [ 306.323478][ T8712] gfs2_withdraw+0xc3/0x1b0 [ 306.323509][ T8712] gfs2_quota_init+0x10fe/0x1220 [ 306.323535][ T8712] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 306.323582][ T8712] ? __pfx_gfs2_quota_init+0x10/0x10 [ 306.323614][ T8712] ? __pfx_wake_up_bit+0x10/0x10 [ 306.323638][ T8712] ? rt_spin_unlock+0x160/0x200 [ 306.323662][ T8712] ? inode_go_inval+0x2a0/0x360 [ 306.323689][ T8712] gfs2_make_fs_rw+0x143/0x230 [ 306.323709][ T8712] gfs2_fill_super+0x1bfd/0x2220 [ 306.323751][ T8712] ? __pfx_gfs2_fill_super+0x10/0x10 [ 306.323777][ T8712] ? rt_spin_unlock+0x14f/0x200 [ 306.323800][ T8712] ? init_locking+0xb8/0x210 [ 306.323826][ T8712] ? sb_set_blocksize+0x11b/0x210 [ 306.323856][ T8712] ? setup_bdev_super+0x4c1/0x5b0 [ 306.323885][ T8712] get_tree_bdev_flags+0x431/0x4f0 [ 306.323911][ T8712] ? __pfx_gfs2_fill_super+0x10/0x10 [ 306.323939][ T8712] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 306.323963][ T8712] ? __pfx_vfs_parse_comma_sep+0x10/0x10 [ 306.323999][ T8712] gfs2_get_tree+0x51/0x1e0 [ 306.324031][ T8712] vfs_get_tree+0x92/0x2a0 [ 306.324057][ T8712] do_new_mount+0x341/0xd30 [ 306.324076][ T8712] ? apparmor_capable+0x126/0x170 [ 306.324111][ T8712] ? __pfx_do_new_mount+0x10/0x10 [ 306.324130][ T8712] ? ns_capable+0x89/0xe0 [ 306.324156][ T8712] ? user_path_at+0xd4/0x160 [ 306.324180][ T8712] ? user_path_at+0xd4/0x160 [ 306.324201][ T8712] __se_sys_mount+0x31d/0x420 [ 306.324222][ T8712] ? __pfx___se_sys_mount+0x10/0x10 [ 306.324247][ T8712] ? __x64_sys_mount+0x20/0xc0 [ 306.324264][ T8712] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.324283][ T8712] do_syscall_64+0x15f/0xf80 [ 306.324309][ T8712] ? trace_irq_disable+0x3b/0x140 [ 306.324332][ T8712] ? clear_bhb_loop+0x40/0x90 [ 306.324352][ T8712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.324371][ T8712] RIP: 0033:0x7fe63c6de04a [ 306.324391][ T8712] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 306.324407][ T8712] RSP: 002b:00007fe63a935e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 306.324427][ T8712] RAX: ffffffffffffffda RBX: 00007fe63a935ee0 RCX: 00007fe63c6de04a [ 306.324441][ T8712] RDX: 00002000000124c0 RSI: 0000200000012500 RDI: 00007fe63a935ea0 [ 306.324455][ T8712] RBP: 00002000000124c0 R08: 00007fe63a935ee0 R09: 0000000000000000 [ 306.324467][ T8712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000012500 [ 306.324479][ T8712] R13: 00007fe63a935ea0 R14: 00000000000125f2 R15: 0000200000000180 [ 306.324508][ T8712] [ 306.324547][ T8712] gfs2: fsid=syz:syz.0: can't make FS RW: -5 [ 306.466547][ T5624] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 306.466580][ T5624] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 306.466616][ T5624] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 306.466637][ T5624] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.568544][ T5624] usb 5-1: config 0 descriptor?? [ 307.229148][ T5624] keytouch 0003:0926:3333.000B: fixing up Keytouch IEC report descriptor [ 307.302211][ T88] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.897665][ T5624] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.000B/input/input9 [ 308.033870][ T5626] Bluetooth: hci3: command tx timeout [ 308.591207][ T88] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 308.631914][ T8755] program syz.1.1093 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 309.411848][ T5624] keytouch 0003:0926:3333.000B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0 [ 309.526819][ T5624] usb 5-1: USB disconnect, device number 13 [ 309.591806][ T8771] loop2: detected capacity change from 0 to 4096 [ 309.688826][ T8773] loop1: detected capacity change from 0 to 4096 [ 309.746965][ T8773] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 310.009284][ T8771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 310.107032][ T5626] Bluetooth: hci3: command tx timeout [ 310.251249][ T8773] ntfs3(loop1): ino=19, mi_enum_attr [ 310.251279][ T8773] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 310.378805][ T88] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.484048][ T5611] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.183668][ T5626] Bluetooth: hci3: command tx timeout [ 312.603156][ T32] IPVS: starting estimator thread 0... [ 312.693037][ T8807] IPVS: using max 9 ests per chain, 21600 per kthread [ 313.915719][ T8815] loop2: detected capacity change from 0 to 131072 [ 313.955771][ T8815] F2FS-fs (loop2): Test dummy encryption mode enabled [ 313.964715][ T8815] F2FS-fs (loop2): invalid crc value [ 314.133059][ T8815] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 314.180873][ T8815] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 314.496953][ T5275] 8021q: adding VLAN 0 to HW filter on device eth1 [ 314.676459][ T8837] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 314.676491][ T8837] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 314.803086][ T32] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 314.999490][ T32] usb 5-1: Using ep0 maxpacket: 16 [ 315.006649][ T32] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 315.006682][ T32] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 315.006693][ T32] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 315.006717][ T32] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 315.006736][ T32] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 315.078216][ T32] usb 5-1: config 0 descriptor?? [ 315.492225][ T88] bridge_slave_1: left allmulticast mode [ 315.557948][ T32] hid_parser_main: 114 callbacks suppressed [ 315.557973][ T32] shield 0003:0955:7214.000C: unknown main item tag 0x0 [ 315.558005][ T32] shield 0003:0955:7214.000C: unknown main item tag 0x0 [ 315.558031][ T32] shield 0003:0955:7214.000C: item fetching failed at offset 2/5 [ 315.558687][ T32] shield 0003:0955:7214.000C: Parse failed [ 315.558761][ T32] shield 0003:0955:7214.000C: probe with driver shield failed with error -22 [ 315.572428][ T88] bridge_slave_1: left promiscuous mode [ 315.661119][ T88] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.719782][ T5348] usb 5-1: USB disconnect, device number 14 [ 315.922462][ T88] bridge_slave_0: left allmulticast mode [ 315.922498][ T88] bridge_slave_0: left promiscuous mode [ 315.946086][ T88] bridge0: port 1(bridge_slave_0) entered disabled state [ 317.396286][ T1337] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.396379][ T1337] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.123714][ T88] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 318.184401][ T88] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 318.263872][ T88] bond0 (unregistering): (slave bond1): Releasing backup interface [ 318.283833][ T88] bond0 (unregistering): Released all slaves [ 318.304122][ T88] bond1 (unregistering): Released all slaves [ 318.917727][ T8871] loop0: detected capacity change from 0 to 32768 [ 319.032827][ T8871] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 319.032839][ T8871] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 319.248050][ T8871] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 319.446296][ T5348] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 319.446318][ T5348] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 320.084768][ T5348] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 638ms [ 320.124762][ T5348] gfs2: fsid=syz:syz.0: jid=0: Done [ 320.124873][ T8871] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 320.272004][ T8885] loop1: detected capacity change from 0 to 1024 [ 320.305242][ T8871] syz.0.1125: attempt to access beyond end of device [ 320.305242][ T8871] loop0: rw=12288, sector=103079232192, nr_sectors = 8 limit=32768 [ 320.305342][ T8871] gfs2: fsid=syz:syz.0: fatal: invalid metadata block - bh = 12884904024 (bad magic number), function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1431 [ 320.305376][ T8871] CPU: 0 UID: 0 PID: 8871 Comm: syz.0.1125 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 320.305404][ T8871] Tainted: [L]=SOFTLOCKUP [ 320.305411][ T8871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 320.305423][ T8871] Call Trace: [ 320.305431][ T8871] [ 320.305440][ T8871] dump_stack_lvl+0xe8/0x150 [ 320.305474][ T8871] gfs2_withdraw+0xc3/0x1b0 [ 320.305506][ T8871] gfs2_quota_init+0x10fe/0x1220 [ 320.305532][ T8871] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 320.305580][ T8871] ? __pfx_gfs2_quota_init+0x10/0x10 [ 320.305604][ T8871] ? __pfx_wake_up_bit+0x10/0x10 [ 320.305631][ T8871] ? rt_spin_unlock+0x160/0x200 [ 320.305658][ T8871] ? inode_go_inval+0x2a0/0x360 [ 320.305687][ T8871] gfs2_make_fs_rw+0x143/0x230 [ 320.305710][ T8871] gfs2_fill_super+0x1bfd/0x2220 [ 320.305754][ T8871] ? __pfx_gfs2_fill_super+0x10/0x10 [ 320.305780][ T8871] ? rt_spin_unlock+0x14f/0x200 [ 320.305803][ T8871] ? init_locking+0xb8/0x210 [ 320.305829][ T8871] ? sb_set_blocksize+0x11b/0x210 [ 320.305859][ T8871] ? setup_bdev_super+0x4c1/0x5b0 [ 320.305886][ T8871] get_tree_bdev_flags+0x431/0x4f0 [ 320.305913][ T8871] ? __pfx_gfs2_fill_super+0x10/0x10 [ 320.305940][ T8871] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 320.305964][ T8871] ? __pfx_vfs_parse_comma_sep+0x10/0x10 [ 320.306001][ T8871] gfs2_get_tree+0x51/0x1e0 [ 320.306034][ T8871] vfs_get_tree+0x92/0x2a0 [ 320.306061][ T8871] do_new_mount+0x341/0xd30 [ 320.306080][ T8871] ? apparmor_capable+0x126/0x170 [ 320.306115][ T8871] ? __pfx_do_new_mount+0x10/0x10 [ 320.306134][ T8871] ? ns_capable+0x89/0xe0 [ 320.306162][ T8871] ? user_path_at+0xd4/0x160 [ 320.306190][ T8871] ? user_path_at+0xd4/0x160 [ 320.306215][ T8871] __se_sys_mount+0x31d/0x420 [ 320.306241][ T8871] ? __pfx___se_sys_mount+0x10/0x10 [ 320.306277][ T8871] ? __x64_sys_mount+0x20/0xc0 [ 320.306297][ T8871] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.306320][ T8871] do_syscall_64+0x15f/0xf80 [ 320.306346][ T8871] ? trace_irq_disable+0x3b/0x140 [ 320.306372][ T8871] ? clear_bhb_loop+0x40/0x90 [ 320.306397][ T8871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.306416][ T8871] RIP: 0033:0x7f26e302e04a [ 320.306436][ T8871] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 320.306452][ T8871] RSP: 002b:00007f26e127de58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 320.306474][ T8871] RAX: ffffffffffffffda RBX: 00007f26e127dee0 RCX: 00007f26e302e04a [ 320.306487][ T8871] RDX: 00002000000124c0 RSI: 0000200000012500 RDI: 00007f26e127dea0 [ 320.306502][ T8871] RBP: 00002000000124c0 R08: 00007f26e127dee0 R09: 0000000000000000 [ 320.306515][ T8871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000012500 [ 320.306528][ T8871] R13: 00007f26e127dea0 R14: 00000000000125f2 R15: 0000200000000180 [ 320.306561][ T8871] [ 320.306599][ T8871] gfs2: fsid=syz:syz.0: can't make FS RW: -5 [ 320.381633][ T8881] loop2: detected capacity change from 0 to 131072 [ 320.397433][ T8881] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0) [ 320.397461][ T8881] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 320.435646][ T8881] F2FS-fs (loop2): invalid crc value [ 320.574355][ T8881] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 320.625050][ T88] tipc: Left network mode [ 320.788300][ T8881] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 320.788329][ T8881] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4 [ 321.116695][ T8672] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.117025][ T8672] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.117342][ T8672] bridge_slave_0: entered allmulticast mode [ 321.129012][ T8672] bridge_slave_0: entered promiscuous mode [ 321.144105][ T8672] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.144465][ T8672] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.144760][ T8672] bridge_slave_1: entered allmulticast mode [ 321.158115][ T8672] bridge_slave_1: entered promiscuous mode [ 321.427817][ T8901] loop0: detected capacity change from 0 to 512 [ 321.680709][ T8901] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.1136: invalid indirect mapped block 256 (level 2) [ 321.680750][ T8901] loop0: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 321.690664][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 321.690683][ C1] EXT4-fs (loop0): initial error at time 1777453296: ext4_free_branches:1023: inode 11 [ 321.690705][ C1] EXT4-fs (loop0): last error at time 1777453296: ext4_free_branches:1023: inode 11 [ 321.732343][ T8901] EXT4-fs (loop0): 2 truncates cleaned up [ 321.781782][ T8901] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 322.054411][ T8672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 322.149631][ T8672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 322.406107][ T5609] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.043832][ T8926] loop0: detected capacity change from 0 to 131072 [ 324.054883][ T8926] F2FS-fs (loop0): invalid crc value [ 324.310731][ T8926] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0 [ 324.347620][ T8926] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 325.290286][ T8941] netlink: 'syz.1.1147': attribute type 20 has an invalid length. [ 326.989335][ T8672] team0: Port device team_slave_0 added [ 327.102491][ T5275] 8021q: adding VLAN 0 to HW filter on device eth2 [ 327.154467][ T8672] team0: Port device team_slave_1 added [ 328.479559][ T8672] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 328.479576][ T8672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 328.479600][ T8672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 328.559562][ T8672] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 328.559578][ T8672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 328.559606][ T8672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 328.718014][ T8970] loop0: detected capacity change from 0 to 512 [ 328.738035][ T8970] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 328.763027][ T10] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 328.881946][ T8970] EXT4-fs (loop0): 1 truncate cleaned up [ 328.913010][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 328.918978][ T10] usb 2-1: config 0 has an invalid interface number: 34 but max is 0 [ 328.919006][ T10] usb 2-1: config 0 has no interface number 0 [ 328.919047][ T10] usb 2-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023 [ 328.919069][ T10] usb 2-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80 [ 328.920345][ T8970] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 328.923386][ T10] usb 2-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73 [ 328.923411][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.923431][ T10] usb 2-1: Product: syz [ 328.923444][ T10] usb 2-1: Manufacturer: syz [ 328.923457][ T10] usb 2-1: SerialNumber: syz [ 329.060646][ T10] usb 2-1: config 0 descriptor?? [ 329.063987][ T8965] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 329.064143][ T8965] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 329.305278][ T8965] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 329.305379][ T8965] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 329.395931][ T5609] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.738077][ T10] asix 2-1:0.34 (unnamed net_device) (uninitialized): invalid PHY address: 123 [ 329.965871][ T5624] usb 2-1: USB disconnect, device number 8 [ 330.513865][ T8996] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1162'. [ 330.513898][ T8996] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1162'. [ 330.658369][ T8999] loop1: detected capacity change from 0 to 16 [ 331.022118][ T8999] erofs (device loop1): mounted with root inode @ nid 36. [ 331.084495][ T8672] hsr_slave_0: entered promiscuous mode [ 331.134052][ T9005] loop0: detected capacity change from 0 to 8192 [ 331.173535][ T8672] hsr_slave_1: entered promiscuous mode [ 331.263500][ T8672] debugfs: 'hsr0' already exists in 'hsr' [ 331.263519][ T8672] Cannot create hsr debugfs directory [ 331.540694][ T9009] 8021q: adding VLAN 0 to HW filter on device bond1 [ 331.585223][ T5275] 8021q: adding VLAN 0 to HW filter on device eth3 [ 331.623452][ T9005] loop0: AHDI p1 p2 [ 331.624975][ T9005] loop0: p1 size 65535 extends beyond EOD, truncated [ 331.692747][ T4980] loop0: AHDI p1 p2 [ 331.693020][ T4980] loop0: p1 size 65535 extends beyond EOD, truncated [ 331.811827][ T4980] loop0: AHDI p1 p2 [ 331.812140][ T4980] loop0: p1 size 65535 extends beyond EOD, truncated [ 332.102592][ T5711] udevd[5711]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 332.204893][ T88] hsr_slave_0: left promiscuous mode [ 332.223251][ T6160] udevd[6160]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 332.272186][ T8983] syz.4.1160 (8983): drop_caches: 2 [ 332.291940][ T6160] udevd[6160]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 333.100510][ T88] hsr_slave_1: left promiscuous mode [ 333.116613][ T88] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 333.116747][ T88] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 333.438226][ T9023] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1170'. [ 333.438256][ T9023] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1170'. [ 333.509233][ T88] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 333.509262][ T88] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 333.567658][ T8985] syz.4.1160 (8985): drop_caches: 2 [ 334.032022][ T88] veth0_macvtap: left promiscuous mode [ 334.043364][ T88] veth1_vlan: left promiscuous mode [ 334.054880][ T88] veth0_vlan: left promiscuous mode [ 334.091180][ T9038] loop0: detected capacity change from 0 to 256 [ 334.109127][ T9038] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d) [ 335.367769][ T88] team0 (unregistering): Port device team_slave_1 removed [ 335.504195][ T88] team0 (unregistering): Port device team_slave_0 removed [ 335.880311][ T9018] tap0: tun_chr_ioctl cmd 1074025680 [ 338.323725][ T9094] loop1: detected capacity change from 0 to 256 [ 338.324720][ T9094] exfat: Bad value for 'gid' [ 338.324735][ T9094] exfat: Bad value for 'gid' [ 339.332009][ T9117] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1207'. [ 340.144454][ T9117] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1207'. [ 340.165487][ T5275] 8021q: adding VLAN 0 to HW filter on device eth4 [ 340.692566][ T9141] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1214'. [ 340.707315][ T9140] loop2: detected capacity change from 0 to 1024 [ 341.152246][ T9152] loop9: detected capacity change from 0 to 524287935 [ 341.174453][ T88] IPVS: stop unused estimator thread 0... [ 341.481594][ T8672] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 341.593864][ T8672] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 341.802368][ T8672] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 342.052389][ T8672] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 342.176236][ T8672] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 342.237402][ T8672] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 342.269934][ T8672] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 342.463078][ T5775] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 342.473818][ T9145] loop4: detected capacity change from 0 to 32768 [ 342.557835][ T9145] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 342.576592][ T8672] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 342.764021][ T5775] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 342.764075][ T5775] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 342.764113][ T5775] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af [ 342.764136][ T5775] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 342.816158][ T5775] usb 3-1: config 0 descriptor?? [ 343.067635][ T9145] XFS (loop4): Ending clean mount [ 343.186673][ T9192] loop0: detected capacity change from 0 to 256 [ 343.188001][ T9145] XFS (loop4): User initiated shutdown received. [ 343.339006][ T9145] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:466). Shutting down filesystem. [ 343.339054][ T9145] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 343.582737][ T5775] playstation 0003:054C:0DF2.000D: unknown main item tag 0x0 [ 343.582776][ T5775] playstation 0003:054C:0DF2.000D: unknown main item tag 0x0 [ 343.582803][ T5775] playstation 0003:054C:0DF2.000D: unknown main item tag 0x0 [ 343.582830][ T5775] playstation 0003:054C:0DF2.000D: unknown main item tag 0x0 [ 343.583407][ T5775] playstation 0003:054C:0DF2.000D: unknown main item tag 0x0 [ 343.642534][ T5775] playstation 0003:054C:0DF2.000D: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.2-1/input0 [ 343.701818][ T5775] playstation 0003:054C:0DF2.000D: Invalid reportID received, expected 9 got 0 [ 343.701845][ T5775] playstation 0003:054C:0DF2.000D: Failed to retrieve DualSense pairing info: -22 [ 343.701895][ T5775] playstation 0003:054C:0DF2.000D: Failed to get MAC address from DualSense [ 343.701910][ T5775] playstation 0003:054C:0DF2.000D: Failed to create dualsense. [ 343.718616][ T5775] playstation 0003:054C:0DF2.000D: probe with driver playstation failed with error -22 [ 343.922244][ T5608] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 343.959495][ T5841] usb 3-1: USB disconnect, device number 9 [ 344.079468][ T9201] fido_id[9201]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 344.441622][ T8672] 8021q: adding VLAN 0 to HW filter on device bond0 [ 344.732197][ T8672] 8021q: adding VLAN 0 to HW filter on device team0 [ 344.898118][ T9216] loop2: detected capacity change from 0 to 256 [ 344.931579][ T1131] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.931734][ T1131] bridge0: port 1(bridge_slave_0) entered forwarding state [ 345.288700][ T1446] bridge0: port 2(bridge_slave_1) entered blocking state [ 345.289736][ T1446] bridge0: port 2(bridge_slave_1) entered forwarding state [ 345.407291][ T9225] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1234'. [ 345.408413][ T9225] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1234'. [ 346.730945][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805fb01c00: rx timeout, send abort [ 347.234838][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805fb01c00: abort rx timeout. Force session deactivation [ 348.441671][ T9300] loop0: detected capacity change from 0 to 256 [ 348.443120][ T9300] exfat: Deprecated parameter 'utf8' [ 348.443215][ T9300] exfat: Deprecated parameter 'utf8' [ 348.506070][ T9300] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 348.598799][ T9300] syz.0.1250 uses obsolete (PF_INET,SOCK_PACKET) [ 348.698307][ T8672] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 350.109475][ T9337] program syz.1.1259 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 350.109558][ T8672] veth0_vlan: entered promiscuous mode [ 350.322404][ T8672] veth1_vlan: entered promiscuous mode [ 350.419195][ T9346] loop4: detected capacity change from 0 to 2048 [ 350.743736][ T8672] veth0_macvtap: entered promiscuous mode [ 350.777316][ T9346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 350.898214][ T9364] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1266'. [ 350.898249][ T9364] netlink: 'syz.2.1266': attribute type 30 has an invalid length. [ 350.898265][ T9364] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1266'. [ 351.116601][ T8672] veth1_macvtap: entered promiscuous mode [ 351.193091][ T32] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 351.334114][ T5608] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.349508][ T32] usb 1-1: Using ep0 maxpacket: 8 [ 351.351332][ T32] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 351.351358][ T32] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 351.351379][ T32] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 351.351399][ T32] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 351.351437][ T32] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 351.351457][ T32] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.460068][ T8672] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 351.660746][ T8672] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 351.722503][ T32] usb 1-1: GET_CAPABILITIES returned 0 [ 351.722547][ T32] usbtmc 1-1:16.0: can't read capabilities [ 352.015200][ T32] usb 1-1: USB disconnect, device number 7 [ 352.128070][ T9387] loop1: detected capacity change from 0 to 256 [ 352.248878][ T1124] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.249114][ T1124] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.250092][ T1124] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 352.306641][ T1124] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 353.015301][ T9402] dummy0: entered promiscuous mode [ 353.228959][ T9402] dummy0: left promiscuous mode [ 353.475725][ T9408] overlayfs: overlapping lowerdir path [ 353.693557][ T9413] tipc: Started in network mode [ 353.693587][ T9413] tipc: Node identity ac14140f, cluster identity 4711 [ 353.693944][ T9413] tipc: New replicast peer: 172.20.20.187 [ 353.807156][ T9413] tipc: Enabled bearer , priority 10 [ 353.903138][ T9418] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1283'. [ 354.333056][ T9424] loop4: detected capacity change from 0 to 256 [ 354.779820][ T3515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 354.779841][ T3515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 354.846421][ T5841] tipc: Node number set to 2886997007 [ 355.202393][ T5841] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 355.385624][ T146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 355.385641][ T146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 355.490563][ T5841] usb 3-1: Using ep0 maxpacket: 16 [ 355.547163][ T5841] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 355.547194][ T5841] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 355.547215][ T5841] usb 3-1: config 0 interface 0 has no altsetting 0 [ 355.547245][ T5841] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 355.547263][ T5841] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 355.552442][ T5841] usb 3-1: config 0 descriptor?? [ 356.070051][ T5841] hid (null): unknown global tag 0xd [ 356.096152][ T5841] hid (null): report_id 0 is invalid [ 356.274380][ T9442] ------------[ cut here ]------------ [ 356.274395][ T9442] 1 [ 356.274408][ T9442] WARNING: net/ipv4/route.c:1275 at ip_rt_bug+0x2d/0x140, CPU#1: syz.0.1292/9442 [ 356.274455][ T9442] Modules linked in: [ 356.274477][ T9442] CPU: 1 UID: 0 PID: 9442 Comm: syz.0.1292 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 356.274504][ T9442] Tainted: [L]=SOFTLOCKUP [ 356.274510][ T9442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 356.274523][ T9442] RIP: 0010:ip_rt_bug+0x2d/0x140 [ 356.274552][ T9442] Code: fa 55 41 57 41 56 41 55 41 54 53 48 89 d3 e8 ea 51 36 f8 66 90 e8 e3 51 36 f8 31 ff 48 89 de ba 02 00 00 00 e8 a4 cb 68 ff 90 <0f> 0b 90 31 c0 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 49 [ 356.274567][ T9442] RSP: 0018:ffffc90004d77160 EFLAGS: 00010286 [ 356.274582][ T9442] RAX: 8a34530715595c00 RBX: ffff88801f6e0dc0 RCX: 0000000000000046 [ 356.274595][ T9442] RDX: 0000000000000002 RSI: ffffffff8d62160e RDI: ffffffff8ba85de0 [ 356.274608][ T9442] RBP: ffffc90004d77460 R08: ffffffff8f8a6ff7 R09: 1ffffffff1f14dfe [ 356.274621][ T9442] R10: dffffc0000000000 R11: fffffbfff1f14dff R12: dffffc0000000000 [ 356.274634][ T9442] R13: 0000000000000000 R14: ffff88801f6e0dc0 R15: dffffc0000000000 [ 356.274646][ T9442] FS: 00007f26e127e6c0(0000) GS:ffff88812602d000(0000) knlGS:0000000000000000 [ 356.274661][ T9442] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 356.274672][ T9442] CR2: 0000001b33522ff8 CR3: 000000004249c000 CR4: 00000000003526f0 [ 356.274689][ T9442] Call Trace: [ 356.274697][ T9442] [ 356.274712][ T9442] ip_push_pending_frames+0x8b/0x110 [ 356.274747][ T9442] __icmp_send+0x11e4/0x1690 [ 356.274777][ T9442] ? __icmp_send+0x22b/0x1690 [ 356.274821][ T9442] ? __pfx___icmp_send+0x10/0x10 [ 356.274875][ T9442] ? ip_route_input_noref+0xad/0x270 [ 356.274909][ T9442] ? __pfx_ip_route_input_noref+0x10/0x10 [ 356.274945][ T9442] ? tcp_v4_early_demux+0x2e4/0x9c0 [ 356.274970][ T9442] ip_options_compile+0x80/0xb0 [ 356.275005][ T9442] ip_rcv_finish_core+0xaa2/0x1c00 [ 356.275042][ T9442] ip_rcv_finish+0x14c/0x2a0 [ 356.275067][ T9442] NF_HOOK+0x336/0x3c0 [ 356.275088][ T9442] ? sock_wfree+0x26e/0x750 [ 356.275115][ T9442] ? __pfx_ip_rcv_finish+0x10/0x10 [ 356.275135][ T9442] ? NF_HOOK+0x9e/0x3c0 [ 356.275154][ T9442] ? __pfx_NF_HOOK+0x10/0x10 [ 356.275175][ T9442] ? __pfx_ip_rcv_finish+0x10/0x10 [ 356.275201][ T9442] ? netif_receive_skb+0x102/0xbf0 [ 356.275230][ T9442] ? __pfx_ip_rcv+0x10/0x10 [ 356.275250][ T9442] netif_receive_skb+0x45b/0xbf0 [ 356.275295][ T9442] ? __pfx_netif_receive_skb+0x10/0x10 [ 356.275323][ T9442] ? rcu_is_watching+0x15/0xb0 [ 356.275342][ T9442] ? __local_bh_disable_ip+0x3c/0x420 [ 356.275366][ T9442] ? tun_rx_batched+0x191/0x760 [ 356.275391][ T9442] ? tun_rx_batched+0x191/0x760 [ 356.275418][ T9442] tun_rx_batched+0x1ee/0x760 [ 356.275450][ T9442] ? __pfx_tun_rx_batched+0x10/0x10 [ 356.275484][ T9442] ? tun_get_user+0x278d/0x4400 [ 356.275508][ T9442] ? tun_get_user+0x278d/0x4400 [ 356.275534][ T9442] ? __local_bh_enable_ip+0x1ae/0x2b0 [ 356.275554][ T9442] ? lockdep_hardirqs_on+0x7a/0x110 [ 356.275586][ T9442] tun_get_user+0x2bd1/0x4400 [ 356.275611][ T9442] ? __pfx_snprintf+0x10/0x10 [ 356.275641][ T9442] ? tun_get_user+0x278d/0x4400 [ 356.275675][ T9442] ? __pfx_trim_netdev_trace+0x10/0x10 [ 356.275700][ T9442] ? stack_trace_save+0xa9/0x100 [ 356.275725][ T9442] ? __pfx_tun_get_user+0x10/0x10 [ 356.275770][ T9442] ? ref_tracker_alloc+0x332/0x4a0 [ 356.275789][ T9442] ? tun_get+0x157/0x2f0 [ 356.275810][ T9442] ? vfs_write+0x629/0xba0 [ 356.275832][ T9442] ? ksys_write+0x156/0x270 [ 356.275855][ T9442] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 356.275880][ T9442] ? tun_get+0x1c/0x2f0 [ 356.275908][ T9442] ? tun_get+0x1c/0x2f0 [ 356.275928][ T9442] ? tun_get+0x1c/0x2f0 [ 356.275954][ T9442] tun_chr_write_iter+0x119/0x210 [ 356.275982][ T9442] vfs_write+0x629/0xba0 [ 356.276024][ T9442] ? __pfx_vfs_write+0x10/0x10 [ 356.276061][ T9442] ? __fget_files+0x2a/0x420 [ 356.276090][ T9442] ksys_write+0x156/0x270 [ 356.276116][ T9442] ? __pfx_ksys_write+0x10/0x10 [ 356.276148][ T9442] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.276170][ T9442] do_syscall_64+0x15f/0xf80 [ 356.276195][ T9442] ? trace_irq_disable+0x3b/0x140 [ 356.276221][ T9442] ? clear_bhb_loop+0x40/0x90 [ 356.276245][ T9442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.276266][ T9442] RIP: 0033:0x7f26e2fed60e [ 356.276285][ T9442] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 356.276302][ T9442] RSP: 002b:00007f26e127dfb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 356.276323][ T9442] RAX: ffffffffffffffda RBX: 00007f26e127e6c0 RCX: 00007f26e2fed60e [ 356.276338][ T9442] RDX: 000000000000005a RSI: 00002000000002c0 RDI: 00000000000000c8 [ 356.276351][ T9442] RBP: 00007f26e30c2d69 R08: 0000000000000000 R09: 0000000000000000 [ 356.276363][ T9442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.276375][ T9442] R13: 00007f26e32a6038 R14: 00007f26e32a5fa0 R15: 00007ffc5305fad8 [ 356.276412][ T9442] [ 356.276433][ T9442] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 356.276451][ T9442] CPU: 1 UID: 0 PID: 9442 Comm: syz.0.1292 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 356.276480][ T9442] Tainted: [L]=SOFTLOCKUP [ 356.276487][ T9442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 356.276499][ T9442] Call Trace: [ 356.276507][ T9442] [ 356.276515][ T9442] vpanic+0x56c/0xa60 [ 356.276545][ T9442] ? __pfx__printk+0x10/0x10 [ 356.276565][ T9442] ? __pfx_vpanic+0x10/0x10 [ 356.276589][ T9442] ? is_bpf_text_address+0x292/0x2b0 [ 356.276621][ T9442] ? is_bpf_text_address+0x26/0x2b0 [ 356.276662][ T9442] panic+0xc5/0xd0 [ 356.276688][ T9442] ? __pfx_panic+0x10/0x10 [ 356.276737][ T9442] __warn+0x315/0x4c0 [ 356.276761][ T9442] ? ip_rt_bug+0x2d/0x140 [ 356.276792][ T9442] ? ip_rt_bug+0x2d/0x140 [ 356.276822][ T9442] __report_bug+0x29a/0x540 [ 356.276854][ T9442] ? NF_HOOK+0x336/0x3c0 [ 356.276874][ T9442] ? netif_receive_skb+0x45b/0xbf0 [ 356.276904][ T9442] ? tun_rx_batched+0x1ee/0x760 [ 356.276935][ T9442] ? ip_rt_bug+0x2d/0x140 [ 356.276964][ T9442] ? __pfx___report_bug+0x10/0x10 [ 356.277018][ T9442] ? ip_rt_bug+0x2d/0x140 [ 356.277047][ T9442] report_bug+0x16a/0x220 [ 356.277072][ T9442] ? ip_rt_bug+0x2d/0x140 [ 356.277099][ T9442] ? ip_rt_bug+0x2f/0x140 [ 356.277126][ T9442] handle_bug+0x9c/0x200 [ 356.277159][ T9442] exc_invalid_op+0x1a/0x50 [ 356.277189][ T9442] asm_exc_invalid_op+0x1a/0x20 [ 356.277209][ T9442] RIP: 0010:ip_rt_bug+0x2d/0x140 [ 356.277238][ T9442] Code: fa 55 41 57 41 56 41 55 41 54 53 48 89 d3 e8 ea 51 36 f8 66 90 e8 e3 51 36 f8 31 ff 48 89 de ba 02 00 00 00 e8 a4 cb 68 ff 90 <0f> 0b 90 31 c0 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 49 [ 356.277255][ T9442] RSP: 0018:ffffc90004d77160 EFLAGS: 00010286 [ 356.277273][ T9442] RAX: 8a34530715595c00 RBX: ffff88801f6e0dc0 RCX: 0000000000000046 [ 356.277288][ T9442] RDX: 0000000000000002 RSI: ffffffff8d62160e RDI: ffffffff8ba85de0 [ 356.277302][ T9442] RBP: ffffc90004d77460 R08: ffffffff8f8a6ff7 R09: 1ffffffff1f14dfe [ 356.277317][ T9442] R10: dffffc0000000000 R11: fffffbfff1f14dff R12: dffffc0000000000 [ 356.277332][ T9442] R13: 0000000000000000 R14: ffff88801f6e0dc0 R15: dffffc0000000000 [ 356.277374][ T9442] ip_push_pending_frames+0x8b/0x110 [ 356.277406][ T9442] __icmp_send+0x11e4/0x1690 [ 356.277438][ T9442] ? __icmp_send+0x22b/0x1690 [ 356.277484][ T9442] ? __pfx___icmp_send+0x10/0x10 [ 356.277539][ T9442] ? ip_route_input_noref+0xad/0x270 [ 356.277574][ T9442] ? __pfx_ip_route_input_noref+0x10/0x10 [ 356.277608][ T9442] ? tcp_v4_early_demux+0x2e4/0x9c0 [ 356.277633][ T9442] ip_options_compile+0x80/0xb0 [ 356.277659][ T9442] ip_rcv_finish_core+0xaa2/0x1c00 [ 356.277689][ T9442] ip_rcv_finish+0x14c/0x2a0 [ 356.277711][ T9442] NF_HOOK+0x336/0x3c0 [ 356.277731][ T9442] ? sock_wfree+0x26e/0x750 [ 356.277759][ T9442] ? __pfx_ip_rcv_finish+0x10/0x10 [ 356.277779][ T9442] ? NF_HOOK+0x9e/0x3c0 [ 356.277798][ T9442] ? __pfx_NF_HOOK+0x10/0x10 [ 356.277817][ T9442] ? __pfx_ip_rcv_finish+0x10/0x10 [ 356.277845][ T9442] ? netif_receive_skb+0x102/0xbf0 [ 356.277875][ T9442] ? __pfx_ip_rcv+0x10/0x10 [ 356.277894][ T9442] netif_receive_skb+0x45b/0xbf0 [ 356.277929][ T9442] ? __pfx_netif_receive_skb+0x10/0x10 [ 356.277958][ T9442] ? rcu_is_watching+0x15/0xb0 [ 356.277977][ T9442] ? __local_bh_disable_ip+0x3c/0x420 [ 356.278013][ T9442] ? tun_rx_batched+0x191/0x760 [ 356.278037][ T9442] ? tun_rx_batched+0x191/0x760 [ 356.278064][ T9442] tun_rx_batched+0x1ee/0x760 [ 356.278099][ T9442] ? __pfx_tun_rx_batched+0x10/0x10 [ 356.278135][ T9442] ? tun_get_user+0x278d/0x4400 [ 356.278161][ T9442] ? tun_get_user+0x278d/0x4400 [ 356.278190][ T9442] ? __local_bh_enable_ip+0x1ae/0x2b0 [ 356.278215][ T9442] ? lockdep_hardirqs_on+0x7a/0x110 [ 356.278248][ T9442] tun_get_user+0x2bd1/0x4400 [ 356.278271][ T9442] ? __pfx_snprintf+0x10/0x10 [ 356.278301][ T9442] ? tun_get_user+0x278d/0x4400 [ 356.278335][ T9442] ? __pfx_trim_netdev_trace+0x10/0x10 [ 356.278363][ T9442] ? stack_trace_save+0xa9/0x100 [ 356.278386][ T9442] ? __pfx_tun_get_user+0x10/0x10 [ 356.278433][ T9442] ? ref_tracker_alloc+0x332/0x4a0 [ 356.278455][ T9442] ? tun_get+0x157/0x2f0 [ 356.278476][ T9442] ? vfs_write+0x629/0xba0 [ 356.278499][ T9442] ? ksys_write+0x156/0x270 [ 356.278525][ T9442] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 356.278555][ T9442] ? tun_get+0x1c/0x2f0 [ 356.278585][ T9442] ? tun_get+0x1c/0x2f0 [ 356.278609][ T9442] ? tun_get+0x1c/0x2f0 [ 356.278639][ T9442] tun_chr_write_iter+0x119/0x210 [ 356.278667][ T9442] vfs_write+0x629/0xba0 [ 356.278704][ T9442] ? __pfx_vfs_write+0x10/0x10 [ 356.278742][ T9442] ? __fget_files+0x2a/0x420 [ 356.278775][ T9442] ksys_write+0x156/0x270 [ 356.278805][ T9442] ? __pfx_ksys_write+0x10/0x10 [ 356.278842][ T9442] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.278865][ T9442] do_syscall_64+0x15f/0xf80 [ 356.278890][ T9442] ? trace_irq_disable+0x3b/0x140 [ 356.278918][ T9442] ? clear_bhb_loop+0x40/0x90 [ 356.278950][ T9442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.278970][ T9442] RIP: 0033:0x7f26e2fed60e [ 356.278996][ T9442] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 356.279014][ T9442] RSP: 002b:00007f26e127dfb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 356.279035][ T9442] RAX: ffffffffffffffda RBX: 00007f26e127e6c0 RCX: 00007f26e2fed60e [ 356.279050][ T9442] RDX: 000000000000005a RSI: 00002000000002c0 RDI: 00000000000000c8 [ 356.279064][ T9442] RBP: 00007f26e30c2d69 R08: 0000000000000000 R09: 0000000000000000 [ 356.279077][ T9442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.279090][ T9442] R13: 00007f26e32a6038 R14: 00007f26e32a5fa0 R15: 00007ffc5305fad8 [ 356.279127][ T9442] [ 356.281049][ T9442] Kernel Offset: disabled