last executing test programs: 9m2.145170771s ago: executing program 3 (id=744): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x8, 0x1, 'udp\x00'}, @NFTA_MATCH_INFO={0xe, 0x3, "7acc6338a90000b03bd9"}, @NFTA_MATCH_REV={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_COMPAT={0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x90}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 9m1.071287916s ago: executing program 3 (id=749): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r0) sendmsg$NFC_CMD_GET_SE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r1, 0x325, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x10) 8m59.629764349s ago: executing program 3 (id=753): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffd, 0x6, 0x9, @scatter={0x0, 0x0, 0x0}, &(0x7f00000000c0)="2918ef50291c", 0x0, 0xfffffffd, 0x0, 0xfffffffe, 0x0}) 8m58.696071426s ago: executing program 3 (id=757): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@lazytime}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=") syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c}) 8m57.240394882s ago: executing program 3 (id=765): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x14, 0x12, 0xa01, 0x0, 0x0, {0x80, 0x2}}, 0x14}}, 0x0) 8m54.855134757s ago: executing program 3 (id=769): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) close_range(r0, r1, 0x0) 8m51.914333988s ago: executing program 32 (id=769): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) close_range(r0, r1, 0x0) 5m13.190007445s ago: executing program 5 (id=1670): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x8001) open$dir(&(0x7f0000000080)='./file0\x00', 0x62a06, 0x0) open(&(0x7f0000000200)='./file0\x00', 0xa5941, 0x49) 5m12.506951053s ago: executing program 5 (id=1675): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000100)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, 0x0}, 0x68) 5m11.75968578s ago: executing program 5 (id=1679): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)={0xa0, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x44, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0xa0}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000001c0)={0xb4, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x44, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @local}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0xb4}}, 0x0) 5m11.09463767s ago: executing program 5 (id=1684): syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 5m9.933735023s ago: executing program 5 (id=1688): prlimit64(0x0, 0x2, &(0x7f0000000040)={0x0, 0xffffffffffffffff}, 0x0) r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x6000, 0x100000b, 0x8012, r0, 0x0) 5m8.617548355s ago: executing program 5 (id=1692): r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x1, @private=0xa010101}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0) sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x500}}], 0x1, 0x0) 5m5.581597423s ago: executing program 33 (id=1692): r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x1, @private=0xa010101}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0) sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x500}}], 0x1, 0x0) 7.388024339s ago: executing program 4 (id=2941): syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./bus\x00', 0x8081, &(0x7f000001f4c0)={[{}, {@gid}, {@gid}, {@uid}, {@force}, {@creator={'creator', 0x3d, "ea4c6dbf"}}, {@nodecompose}, {@part={'part', 0x3d, 0x6}}, {@part={'part', 0x3d, 0x7}}]}, 0x41, 0x6e8, &(0x7f00000008c0)="$eJzs3U1sHGf9B/DvrNcbbyq57kva/v9CitWICBpI7JiSICERKoRyqFAkLr2axGmsOGlkuyiJEHGBwhFOKIceilA49IR6QCrigChnJCSuKPdI3CMOGM3srL1rx2tvEttJ+Hyk8Twz87z85ueZx7uziTbA/6yz72R0JUXOHnv7erl9987Mwt07M1e65SQHkjSSZmeV4mpSfJ6cSWfJ/5U76+6KrcZ5895nHx29/clMZ6tZL1X9xqB261YHjLBSL5lMMlKvh9Tcqr/zeWtTf7eG6rpYi7tM2JFu4mC/rW6yMkzzHdy3wJPuVjIy+oD9E8nBJGP164DUs0Njj8N77Iaa5QAAAODJNLJdhefv536uZ3xvwgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnQ9H5zsCiXhrd8mSK7vf/t+p9pVZrn+Md7CvbHP/w4h4FAgAAAAAAAAC74tP6g/vD93M/1zPe3b9aVJ/5v15tvFz9fC7vZylzWczxXM9slrOcxUwno+M9Hbauzy4vL05vbvnrlC1XV1dv1S1PJpnY1PLkHpw0AAAAAAAAADy7fpKzGd/vIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoFeRjHRW1fJytzyRRjPJWJJWWW8l+VO3/DT7834HAAAAALuvXa/Hi/90CqtF9Z7/lep9/1jez9UsZz7LWchcLlTPAjrv+ht/X5lZuHtn5kq5bO742/8aKo6qxyQj+WCLkaeqGofWWpzNd/P9HMtkzmUx8/lhZrOcuUymXZ5EZlNkot15ejHRjfPB8Z7p2zq3MbbDG7ZfqyJp52Lmq9iO53wrnccm1TmUY77WM9ofWsmGET8os1N8q7bDHF3o+X39qn4uU1t9fod97I6J6sxH1zIyVea+zsYLg3M/5HWycaTpNNaeQb28Pkq5uXGkbs5/MEzOD9brMtc/78/54zbko7SNmTiZRn31Ja/05/zaF2+/2N/4y//4y7lLjauXL11cOraLp/QoJrerMNotbMzETE8mXh189dWZWCgzsbLzTIxu3DG205a7q1Vno5qKdjhbfqcqzeb1nkvwvVzIXE5lKtM5nal8Iycz03eFHerLa3PmSn9OqnutsXl+aw8I/siXeir9YpvKe6vMyws9ee2d6SaqY/WeM7/MVE+WXhx89Q39V6Ac///rcjnGT9f+4jwJ+jJRz83d6F4anInfrJY/lxauXl68NHtth+Mdrdflbfth/9z828dxPg+vvF7KGbdZbVU5aXevl/LYS2vR9uerVX/i0mnX2HTs0NqxiYxnPt/b8k5t1a/hNvfUOfZq77F/rs+crfr1TfdY36ucvJeF6lXIBttO1QDssYNvHGy177X/1v64/bP2pfbbY28dOH3gC62M/rX5x5HfN37X+GbxRj7OjzO+35ECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCzYOnGzcuzCwtzi2uFjG3c86iF1pZjDS6ksW2dO8/trMNMJIPHKupC6/Ge+9NYaGeXev40yYA6rUceohj6Ghu6UF7Ij6XD7henVXtWR4Zo3uy2enCdZpbGtvoNHli/CzJxeXbh36t9ddrpuWWAZ9yJ5SvXTizduPnV+Suz7869O3f15OlTp0/NfH36aycuzi/MTXV+7neUwG5YunFzZL9jAAAAAAAAAAAAAIZT/+v/5Yf+zwzNbeq0FpcePPLhvT5VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cl19p2MrqTI9NTxqXL77p2ZhXLpltdrNpM0khQ/SorPkzPpLJno6a7Yapw373320dHbn8ys99Xs1m8MarczK/WSySQj9Xp7Bx7Qzeb+zvf0t/JQ4RVrZ1gm7Eg3cbDf/hsAAP//dKz58Q==") mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\x8f\x98\xb9\x89Q\xa4Pxy0\x01\x8cC\x1f|\xad\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f00000000c0)='./file1\x00', 0x0, 0x1a29143, 0x0) mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\x8f\x98\xb9\x89Q\xa4Pxy0\x01\x8cC\x1f|\xad\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file1\x00', 0x0, 0x1a39143, 0x0) 6.622488822s ago: executing program 0 (id=2944): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_ACTIVATE(r0, 0x5601, 0xfffffffffffffffd) 6.115644631s ago: executing program 4 (id=2947): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_USERDATA={0x4}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x37d6a294f7882264}}}, 0x5c}, 0x1, 0x0, 0x0, 0x8001}, 0x40880) 5.758625786s ago: executing program 0 (id=2949): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[], 0x1, 0x1237, &(0x7f0000004b80)="$eJzs3E1rXFUYAOB3kon5qPlQ61cXeqgbV5cmC1eCBklBMgupRmgFcWonOOQ6E3KHQERtXbkV/Bfi0p0g/gE3/gWX3bjsQrjivZNk0qStlTJj6fNs7ptz3jfnXA4MnMs99/ab332+s11k2+1BTDUaMbUbke6kSDEVh17ZrK9Xr22ut1obV1K6vP7B6hsppaVXf/noyx8v/jo49+FPSz/Pxm8rH9/+cy0ibv2T/1m3SN0i9fqD1E7X+/1B+3remY5usZOl9F7eaRed1O0Vnb3R/rSd93d3D1K7d2NxYXevUxSp3TtIO52DNOin5nBKvZRlWVpcCO5p5lTLJ3c3bv1wpyzLiLKciaeiLMtyPhbiXDwdi7FULeIz8Ww8F+fj+XghXoyX4uUqa4x3AQAAAAAAAAAAAAAAAAAAAE+A+53/X44V5/8BAAAAAAAAAAAAAAAAAABgDN6/em1zvdXauJLSXET+7f7W/lZ9rfvXt6MbeXTiUizHX1Gd/q/V8eV3WxuXUmUlvslvDutv7m9Nn6xfrT4nMKxvVn2H9at1fTpZPxsLo/VrsRznzx5/7Yz6me8jXn9tpD6L5fj90+hHHjeqsY/rv15N6Z1b9ZziaPwLVd6xRjRG/2yOZ30AAADgUcjSkaP9+9sj+/csO91f74/r+od4PnDX/r4ZF+yhJ644+GKnneedvZPB3KmWBwWNiPjXyfcKGsNHLGfmxFzEf/7PYw2mHrZqerga908+/O7m5G/wcQvm/x/TeKyCif0kMUbHi36y/Y+LR+H8+GcFAAAAAAAAAADAgzyydwajcdb7v82o3yybHR3zrfgqm9wdAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpAAAAP//d+24Qg==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) write$FUSE_WRITE(r0, &(0x7f00000000c0)={0x18}, 0xfffffdef) 5.406273958s ago: executing program 1 (id=2951): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x50, 0x20}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6, 0x0, 0x5}]}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) 5.25644944s ago: executing program 4 (id=2953): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10) setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000000)=0x3, 0x4) 4.715020272s ago: executing program 1 (id=2954): r0 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={@loopback={0xfec0ffffffffffff, 0x3fc}, 0x0, r1}) 4.389860769s ago: executing program 2 (id=2955): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dddbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1, 0xd}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)=ANY=[@ANYBLOB="7000000018000500000000000000000002000000000200090000000006001500040000004c0016804800088044000180"], 0x70}}, 0x0) 4.17463329s ago: executing program 6 (id=2956): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000004c0)={0x14, r1, 0x303, 0x70bd2a, 0x25dfdbff}, 0x14}}, 0x80) 3.917966259s ago: executing program 1 (id=2957): openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) lseek(r0, 0x9, 0x0) 3.914959716s ago: executing program 4 (id=2958): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001040)={0xc, {"a2e3ad21ed0d52f90925090987f70e06d038e7ff7fc6e5539b3243078b089b3b333565090890e0878f0e1ac6e7049b334c959b4a9a240f5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d076d0936cd3b78130daa61d8e809ea02b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18809a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dce61a0b29aa328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 3.650980149s ago: executing program 2 (id=2959): r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01) setreuid(0x0, 0xee00) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[]) 3.019588656s ago: executing program 6 (id=2960): keyctl$set_reqkey_keyring(0xe, 0x3) add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd) request_key(&(0x7f0000000180)='id_resolver\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000080)='\x00\xb2\xd1)\xda\xff|\xd1\x85b\xad77\x00\fJ\xfc\xb4\x1e\xae\xe8:`\xe9\x9ew\xf5l\xee\x8dg\xc2\'\x88\xe9\xf3\x05\xe02\xe6\v_\xe9\x89\x86s\x8dh#$\xe4\xb1\xd0\x93\xceh\xfcsP)\xd9\xce\x19+?\xc6\xf7\xc0[G\x15\xde-x\xa9\xe5,\xec\xf6\xfb\xc9~2\xa1\xeb\xb3Pp\x93\x90\x17\xb2\x95\xe7\r\xae^\x92n\xbd\xf3\xb1\xac\xe3\x89f\xc9X\x05j:\xb6~\xa6#\xbf\x06t\xf2\xb5gd\xd7\xcc\"A_\xecu\xe8\x84\xe3\x92J\xaa!\xae\xa2\xd7\xf3\xc6J\xb9i\x9d\xb4{\xee\xf0|\xd9\x05\xaa\xbb\xfe\x12\xa0\xbb\xecY\x0f \xa3\xba?#\x90\x8c,nNQ\xa1\xed', 0x0) 2.952845492s ago: executing program 1 (id=2961): syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x200cc84, &(0x7f0000000880)=ANY=[], 0x1, 0x22d, &(0x7f0000000400)="$eJzs3c1qE1EUAOAzbdok4qI7URBGXOiqqOC+IhXEgFCJoLuCXTWrZJNk0z6Gr+Bz6QNIV92UkTgzzZhO2iD9MfX7Njm5556Ze2eSmUDITRa5H/e+RquVxMpWbMVxEhuxEqXDAABuk+Msi59ZrtLcWKx6wW4AwD9lzv2/6mRebeL2DwBL6cOnz+9edTrbO2naijg6HHaH3fwxz79529l+lv62Ma06Gg67q6f55+nsZ4dJfi3uFPkXeX16ml6PiO56PH2c5ye51+876Z/1zfgyd9S+kQAAAAAAAAAAAAAAAAAAAAAAYLk9jLRUu77P5uZsvl3k82eV9YFm1u9pxINyfcDp8kDZwXVMCgAAAAAAAAAAAAAAAAAAAJbMYDTe3+319vrToBkR1ZZGTZ/5QVJseKHOVxF8v//y42QAi1WttOtTycxBmA3axTQrqZMsd9FOk+IQXe3RaNef3EWCaNzIibvEIL2sDTbL03w21Y7knPIsmwT174JyWYy55esRcf7Anuz87byOJ6/Qb4/6g1Fk53aeXiOa13UxAgAAAAAAAAAAAAAAAACA/1zlV99ntFZvYkQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcP0Go3H5L//j/d1eb68/GI33d1tF27SlLjiIiLsX9NnrD8p9rUXrZiYJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArfcrAAD//8u5Gqc=") syz_mount_image$exfat(0x0, &(0x7f0000003bc0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x10a1000, 0x0, 0x0, 0x0, &(0x7f0000000000)) newfstatat(0xffffffffffffff9c, &(0x7f0000005e00)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x1000) 2.730659718s ago: executing program 0 (id=2962): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000140)=0xa80, 0x4) sendmmsg$inet6(r0, &(0x7f0000006b80)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @local}, 0x1c, 0x0}}, {{&(0x7f0000000340)={0xa, 0x4e24, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="e8020000000000002900000004"], 0x2e8}}], 0x2, 0x800) 2.730284337s ago: executing program 2 (id=2963): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, &(0x7f0000000080)) 2.146481313s ago: executing program 6 (id=2964): r0 = shmget$private(0x0, 0x2000, 0x54003f00, &(0x7f0000ffc000/0x2000)=nil) shmat(r0, &(0x7f0000000000/0x4000)=nil, 0x6000) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) 1.935900002s ago: executing program 2 (id=2965): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) cachestat(r0, &(0x7f0000000180)={0xffffffffffffffff, 0x9}, &(0x7f0000005a40), 0x0) 1.822238488s ago: executing program 0 (id=2966): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, 0x0, 0x0) 1.812111928s ago: executing program 1 (id=2967): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') exit(0x1ff) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 1.675318077s ago: executing program 4 (id=2968): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='fd/3\x00') 1.426296982s ago: executing program 6 (id=2969): r0 = io_uring_setup(0x5de1, &(0x7f0000000000)={0x0, 0x6cae, 0x1000, 0x1, 0x1e0}) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000001880)={0x2, 0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001500)=""/166, 0xa6}, {0x0}], &(0x7f0000001840)=[0x3, 0x1c0000000000]}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f00000060c0)={0x1, 0x0, 0x0, &(0x7f0000006000)=[{&(0x7f0000004c40)=""/4096, 0x1000}], 0x0}, 0x20) 1.105277935s ago: executing program 2 (id=2970): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48) 1.071838615s ago: executing program 0 (id=2971): capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0xe55f, 0x6}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) syz_io_uring_setup(0x3c0c, &(0x7f0000000400)={0x0, 0xc88d, 0x4086, 0x4}, 0x0, 0x0) 649.036633ms ago: executing program 6 (id=2972): r0 = add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, &(0x7f0000000540)="a7", 0x1, 0xfffffffffffffffb) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, r1, 0x0) 326.654161ms ago: executing program 1 (id=2973): r0 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) pipe2$watch_queue(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0xffffffffffffffff) 313.608524ms ago: executing program 0 (id=2974): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x2000000, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054) 285.901805ms ago: executing program 2 (id=2975): syz_usb_connect(0x0, 0x36, 0x0, 0x0) r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0) ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x92ff, 0x0, 0x0, 0x80000000}) 170.694691ms ago: executing program 4 (id=2976): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newlink={0x3c, 0x10, 0x1, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, 0x40810, 0x3}, [@IFLA_GROUP={0x8, 0x1b, 0x401}, @IFLA_IFNAME={0x14, 0x3, 'macsec0\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24040051}, 0x4000000) 0s ago: executing program 6 (id=2977): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) mlock2(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0) munlockall() kernel console output (not intermixed with test programs): 4.100378][T10209] 8021q: adding VLAN 0 to HW filter on device team0 [ 634.256681][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 634.264440][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 634.395624][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 634.403456][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 634.708991][T10356] loop2: detected capacity change from 0 to 2048 [ 634.884371][ T5866] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 635.097413][T10356] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 635.125861][ T5866] usb 1-1: Using ep0 maxpacket: 32 [ 635.147264][ T5866] usb 1-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 635.159017][ T5866] usb 1-1: config 0 interface 0 altsetting 128 endpoint 0x2 has invalid wMaxPacketSize 0 [ 635.170430][ T5866] usb 1-1: config 0 interface 0 has no altsetting 0 [ 635.178750][ T5866] usb 1-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00 [ 635.188282][ T5866] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 635.275896][T10370] loop4: detected capacity change from 0 to 8 [ 635.377316][ T5866] usb 1-1: config 0 descriptor?? [ 635.858682][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 636.037168][ T5866] corsair-cpro 0003:1B1C:0C10.0014: unknown main item tag 0x0 [ 636.046223][ T5866] corsair-cpro 0003:1B1C:0C10.0014: unknown main item tag 0x0 [ 636.054827][ T5866] corsair-cpro 0003:1B1C:0C10.0014: unknown main item tag 0x0 [ 636.062669][ T5866] corsair-cpro 0003:1B1C:0C10.0014: unknown main item tag 0x0 [ 636.070804][ T5866] corsair-cpro 0003:1B1C:0C10.0014: unknown main item tag 0x0 [ 636.357871][ T5866] corsair-cpro 0003:1B1C:0C10.0014: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.0-1/input0 [ 636.524445][ T5866] corsair-cpro 0003:1B1C:0C10.0014: probe with driver corsair-cpro failed with error -90 [ 636.797566][ T5866] usb 1-1: USB disconnect, device number 13 [ 637.740532][T10383] fido_id[10383]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 638.005042][T10396] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 638.050655][T10209] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 638.601261][T10404] loop2: detected capacity change from 0 to 16 [ 641.361644][T10430] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 641.368917][T10430] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 641.396392][T10431] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 641.402862][T10431] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 641.540312][T10431] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 641.548485][T10431] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 641.607281][T10430] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 641.613534][T10430] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 641.654333][T10209] veth0_vlan: entered promiscuous mode [ 641.723746][T10209] veth1_vlan: entered promiscuous mode [ 641.771313][T10431] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 641.771830][T10430] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 641.778951][T10431] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 641.784890][T10430] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 641.826092][T10431] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 641.832448][T10431] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 641.905507][T10430] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 641.911963][T10430] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 641.976034][T10431] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 642.001711][T10209] veth0_macvtap: entered promiscuous mode [ 642.034991][T10209] veth1_macvtap: entered promiscuous mode [ 642.102707][T10430] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 642.109974][T10430] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 642.151620][T10209] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 642.185489][T10209] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 642.305780][ T3706] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 642.325621][ T3706] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 642.418367][T10173] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 642.426745][ T3706] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 642.506414][ T58] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 642.594543][T10173] usb 5-1: Using ep0 maxpacket: 8 [ 642.641868][T10173] usb 5-1: config 0 has no interfaces? [ 642.728178][T10173] usb 5-1: New USB device found, idVendor=058f, idProduct=3820, bcdDevice=e0.0e [ 642.738245][T10173] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 642.747389][T10173] usb 5-1: Product: syz [ 642.751893][T10173] usb 5-1: Manufacturer: syz [ 642.757824][T10173] usb 5-1: SerialNumber: syz [ 642.921433][T10173] usb 5-1: config 0 descriptor?? [ 643.217346][T10173] usb 5-1: USB disconnect, device number 10 [ 643.325837][T10451] loop0: detected capacity change from 0 to 2048 [ 643.566511][T10451] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 643.874906][T10451] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.1781: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 643.994520][T10451] EXT4-fs (loop0): Remounting filesystem read-only [ 644.506524][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 644.612953][T10474] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1786'. [ 645.251324][T10483] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1789'. [ 646.928829][T10505] netlink: 'syz.2.1797': attribute type 2 has an invalid length. [ 648.515581][T10525] loop4: detected capacity change from 0 to 1024 [ 648.975916][T10528] loop0: detected capacity change from 0 to 2048 [ 649.025878][T10528] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 649.042026][T10528] NILFS (loop0): mounting unchecked fs [ 649.155056][ T3706] hfsplus: b-tree write err: -5, ino 4 [ 649.273276][T10528] NILFS (loop0): recovery complete [ 649.346322][T10537] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 649.688098][T10541] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1809'. [ 649.698872][T10541] netlink: 'syz.4.1809': attribute type 6 has an invalid length. [ 650.124968][T10546] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1811'. [ 650.135558][T10546] netlink: 152 bytes leftover after parsing attributes in process `syz.1.1811'. [ 650.218304][T10546] A link change request failed with some changes committed already. Interface macvlan1 may have been left with an inconsistent configuration, please check. [ 650.609297][T10551] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1813'. [ 651.336678][T10562] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 651.343579][T10562] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 651.350861][T10562] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 651.358016][T10562] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 651.365655][T10562] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 651.372417][T10562] comedi comedi3: 8255: I/O port conflict (0x3ff,4) [ 651.379641][T10562] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 651.444151][ T5867] usb 2-1: new full-speed USB device number 11 using dummy_hcd [ 651.678520][ T5867] usb 2-1: not running at top speed; connect to a high speed hub [ 651.742076][ T5867] usb 2-1: config 1 interface 0 altsetting 6 endpoint 0x1 has invalid maxpacket 1024, setting to 64 [ 651.753347][ T5867] usb 2-1: config 1 interface 0 has no altsetting 0 [ 651.784938][ T5866] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 651.844255][ T5867] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 651.853615][ T5867] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 651.862209][ T5867] usb 2-1: Product: syz [ 651.866800][ T5867] usb 2-1: Manufacturer: syz [ 651.871733][ T5867] usb 2-1: SerialNumber: syz [ 652.055491][T10559] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 652.126242][ T5866] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 652.136019][ T5866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 652.144819][ T5866] usb 1-1: Product: syz [ 652.149216][ T5866] usb 1-1: Manufacturer: syz [ 652.156634][ T5866] usb 1-1: SerialNumber: syz [ 652.328812][ T5866] usb 1-1: config 0 descriptor?? [ 652.555171][ T5867] usb 2-1: USB disconnect, device number 11 [ 652.745454][ T5866] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 652.877197][ T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 652.886775][ T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 653.036758][ T5866] gspca_sq905c: sq905c_read: usb_control_msg failed (-71) [ 653.044594][ T5866] sq905c 1-1:0.0: Reading version command failed [ 653.051411][ T5866] sq905c 1-1:0.0: probe with driver sq905c failed with error -71 [ 653.148255][ T5866] usb 1-1: USB disconnect, device number 14 [ 653.309617][ T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 653.318787][ T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 654.274230][T10590] netlink: 364 bytes leftover after parsing attributes in process `syz.6.1694'. [ 654.284071][T10590] sch_tbf: burst 0 is lower than device veth1_virt_wifi mtu (1514) ! [ 654.722615][T10597] netlink: 'syz.4.1826': attribute type 10 has an invalid length. [ 656.154387][ T5867] usb 7-1: new low-speed USB device number 2 using dummy_hcd [ 656.424749][ T5867] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 656.436034][ T5867] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 656.445608][ T5867] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 656.609587][ T5867] usb 7-1: string descriptor 0 read error: -22 [ 656.616730][ T5867] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 656.629888][ T5867] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 656.764859][T10623] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1838'. [ 656.774319][T10623] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1838'. [ 656.835869][T10611] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 656.866826][ T5867] usb 7-1: 0:2 : does not exist [ 657.046762][T10628] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1839'. [ 657.205303][ T5867] usb 7-1: USB disconnect, device number 2 [ 658.174061][T10644] loop2: detected capacity change from 0 to 256 [ 658.453161][T10648] sock: sock_timestamping_bind_phc: sock not bind to device [ 659.259705][T10029] udevd[10029]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 659.943551][T10670] loop1: detected capacity change from 0 to 8 [ 660.044635][T10673] loop2: detected capacity change from 0 to 512 [ 660.101396][T10670] SQUASHFS error: zstd decompression error: 10 [ 660.108413][T10670] SQUASHFS error: zstd decompression failed, data probably corrupt [ 660.117031][T10670] SQUASHFS error: Failed to read block 0x60: -5 [ 660.128103][T10670] SQUASHFS error: zstd decompression error: 10 [ 660.135630][T10670] SQUASHFS error: zstd decompression failed, data probably corrupt [ 660.144497][T10670] SQUASHFS error: Failed to read block 0x60: -5 [ 660.320100][T10674] loop6: detected capacity change from 0 to 1024 [ 660.410016][T10673] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 660.423569][T10673] ext4 filesystem being mounted at /354/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 660.526245][T10674] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 660.829665][T10674] EXT4-fs: Ignoring sb option on remount [ 660.837647][T10674] EXT4-fs: Ignoring removed orlov option [ 660.844158][T10674] EXT4-fs: Ignoring removed nomblk_io_submit option [ 660.851101][T10674] EXT4-fs: Remounting file system with no journal so ignoring journalled data option [ 660.861288][T10674] EXT4-fs: Remounting fs w/o journal so ignoring data_err option [ 660.869527][T10674] EXT4-fs: can't change dax mount option while remounting [ 660.970463][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 661.375320][T10209] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 662.557209][T10708] loop4: detected capacity change from 0 to 64 [ 662.876300][T10701] loop1: detected capacity change from 0 to 4096 [ 664.526143][T10722] loop6: detected capacity change from 0 to 32768 [ 664.536650][T10722] ocfs2: Unexpected value for 'acl' [ 664.984478][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 664.991403][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 665.018797][T10739] loop0: detected capacity change from 0 to 256 [ 665.029641][T10739] exfat: Deprecated parameter 'namecase' [ 665.351116][T10739] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d) [ 665.945167][T10755] loop2: detected capacity change from 0 to 256 [ 666.961179][T10764] loop1: detected capacity change from 0 to 32768 [ 667.025470][T10764] (syz.1.1884,10764,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 667.039943][T10764] (syz.1.1884,10764,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 667.245635][T10755] FAT-fs (loop2): Directory bread(block 64) failed [ 667.252648][T10755] FAT-fs (loop2): Directory bread(block 65) failed [ 667.270454][T10755] FAT-fs (loop2): Directory bread(block 66) failed [ 667.280669][T10755] FAT-fs (loop2): Directory bread(block 67) failed [ 667.288099][T10755] FAT-fs (loop2): Directory bread(block 68) failed [ 667.295056][T10755] FAT-fs (loop2): Directory bread(block 69) failed [ 667.302155][T10755] FAT-fs (loop2): Directory bread(block 70) failed [ 667.309118][T10755] FAT-fs (loop2): Directory bread(block 71) failed [ 667.316227][T10755] FAT-fs (loop2): Directory bread(block 72) failed [ 667.323042][T10755] FAT-fs (loop2): Directory bread(block 73) failed [ 668.028419][T10788] netlink: 'syz.1.1890': attribute type 1 has an invalid length. [ 668.347076][T10793] ieee802154 phy0 wpan0: encryption failed: -22 [ 668.878570][T10806] loop1: detected capacity change from 0 to 512 [ 669.057077][T10806] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 669.400082][T10819] loop0: detected capacity change from 0 to 256 [ 669.443521][T10819] exfat: Deprecated parameter 'namecase' [ 669.450156][T10819] exfat: Deprecated parameter 'namecase' [ 669.601132][T10819] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xdf1a9a6c, utbl_chksum : 0xe619d30d) [ 669.836522][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 671.092184][T10857] loop4: detected capacity change from 0 to 128 [ 671.174687][T10857] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 671.726376][T10870] netlink: 204 bytes leftover after parsing attributes in process `syz.6.1909'. [ 671.736561][T10870] netlink: 'syz.6.1909': attribute type 1 has an invalid length. [ 672.578367][T10890] loop6: detected capacity change from 0 to 128 [ 672.632436][T10886] loop1: detected capacity change from 0 to 1024 [ 672.696177][T10890] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 672.819533][T10886] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 672.832426][T10886] ext4 filesystem being mounted at /405/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 673.679542][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 673.901237][T10913] netlink: 18316 bytes leftover after parsing attributes in process `syz.0.1920'. [ 673.927022][T10903] loop4: detected capacity change from 0 to 32768 [ 673.938866][T10903] XFS (loop4): Invalid device [./file0], error=-15 [ 677.279991][T10942] loop0: detected capacity change from 0 to 40427 [ 677.388728][T10942] F2FS-fs (loop0): invalid crc value [ 678.532681][T10945] loop4: detected capacity change from 0 to 2048 [ 679.214600][T10948] loop1: detected capacity change from 0 to 40427 [ 679.229347][T10948] F2FS-fs (loop1): build fault injection rate: 17008 [ 679.236536][T10948] F2FS-fs (loop1): build fault injection type: 0x3bfe8d [ 679.247240][T10948] F2FS-fs (loop1): build fault injection rate: 25 [ 679.274873][T10948] F2FS-fs (loop1): invalid crc value [ 679.280462][T10948] F2FS-fs (loop1): Wrong cp_pack_start_sum: 1 [ 679.288836][T10948] F2FS-fs (loop1): Failed to get valid F2FS checkpoint [ 679.318940][T10945] EXT4-fs warning (device loop4): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop4. [ 680.905910][T10987] [U]  [ 680.911409][T10985] loop6: detected capacity change from 0 to 2048 [ 681.055099][T10985] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 681.201128][T10998] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 682.057344][T11010] loop0: detected capacity change from 0 to 64 [ 682.764174][ T30] audit: type=1800 audit(1754404418.985:84): pid=11027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1942" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0 [ 683.255244][ T5810] hfs: node 4:3 still has 1 user(s)! [ 684.379612][T11052] tipc: Enabled bearer , priority 10 [ 684.419116][T11049] loop0: detected capacity change from 0 to 32768 [ 684.429623][T11049] bcachefs: bch2_fs_parse_param() Error parsing option move_bytes_in_flight: option_value [ 685.600651][T11074] loop4: detected capacity change from 0 to 256 [ 685.937405][T11081] netlink: 'syz.1.1955': attribute type 1 has an invalid length. [ 686.077654][T11074] FAT-fs (loop4): Directory bread(block 64) failed [ 686.085859][T11074] FAT-fs (loop4): Directory bread(block 65) failed [ 686.092840][T11074] FAT-fs (loop4): Directory bread(block 66) failed [ 686.102176][T11074] FAT-fs (loop4): Directory bread(block 67) failed [ 686.110035][T11074] FAT-fs (loop4): Directory bread(block 68) failed [ 686.117076][T11074] FAT-fs (loop4): Directory bread(block 69) failed [ 686.124162][T11074] FAT-fs (loop4): Directory bread(block 70) failed [ 686.131086][T11074] FAT-fs (loop4): Directory bread(block 71) failed [ 686.138192][T11074] FAT-fs (loop4): Directory bread(block 72) failed [ 686.145098][T11074] FAT-fs (loop4): Directory bread(block 73) failed [ 686.402318][T11088] loop0: detected capacity change from 0 to 256 [ 687.199403][T11088] FAT-fs (loop0): Directory bread(block 64) failed [ 687.206822][T11088] FAT-fs (loop0): Directory bread(block 65) failed [ 687.213990][T11088] FAT-fs (loop0): Directory bread(block 66) failed [ 687.220760][T11088] FAT-fs (loop0): Directory bread(block 67) failed [ 687.236240][T11088] FAT-fs (loop0): Directory bread(block 68) failed [ 687.243016][T11088] FAT-fs (loop0): Directory bread(block 69) failed [ 687.252787][T11088] FAT-fs (loop0): Directory bread(block 70) failed [ 687.259834][T11088] FAT-fs (loop0): Directory bread(block 71) failed [ 687.267486][T11088] FAT-fs (loop0): Directory bread(block 72) failed [ 687.274485][T11088] FAT-fs (loop0): Directory bread(block 73) failed [ 687.389671][ T30] audit: type=1326 audit(1754404423.615:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11101 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 687.412805][ T30] audit: type=1326 audit(1754404423.625:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11101 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 687.437695][ T30] audit: type=1326 audit(1754404423.625:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11101 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 687.805989][ T5866] IPVS: starting estimator thread 0... [ 687.914981][T11116] IPVS: using max 192 ests per chain, 9600 per kthread [ 691.011654][T11155] loop6: detected capacity change from 0 to 512 [ 691.516910][T11155] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #3: comm syz.6.1974: corrupted inode contents [ 691.623068][T11155] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #3: comm syz.6.1974: mark_inode_dirty error [ 691.873419][T11155] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #3: comm syz.6.1974: corrupted inode contents [ 691.889120][T11155] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #3: comm syz.6.1974: mark_inode_dirty error [ 691.904823][T11155] Quota error (device loop6): write_blk: dquota write failed [ 691.905431][T11155] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 691.905661][T11155] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.1974: Failed to acquire dquot type 0 [ 691.945198][T11155] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1974: corrupted inode contents [ 691.954994][T11155] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #16: comm syz.6.1974: mark_inode_dirty error [ 691.988255][T11155] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1974: corrupted inode contents [ 691.994460][T11155] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #16: comm syz.6.1974: mark_inode_dirty error [ 692.009560][T11155] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1974: corrupted inode contents [ 692.028846][T11155] EXT4-fs error (device loop6) in ext4_orphan_del:305: Corrupt filesystem [ 692.035409][T11155] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #16: comm syz.6.1974: corrupted inode contents [ 692.049348][T11155] EXT4-fs error (device loop6): ext4_truncate:4666: inode #16: comm syz.6.1974: mark_inode_dirty error [ 692.075203][T11155] EXT4-fs error (device loop6) in ext4_process_orphan:347: Corrupt filesystem [ 692.105955][T11155] EXT4-fs (loop6): 1 truncate cleaned up [ 692.108192][T11155] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 692.108576][T11155] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 692.161461][T11155] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 692.802729][T11155] syz.6.1974 (11155) used greatest stack depth: 4320 bytes left [ 693.638838][ T30] audit: type=1326 audit(1754404429.855:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11188 comm="syz.6.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf49d8eb69 code=0x7ffc0000 [ 693.665604][ T30] audit: type=1326 audit(1754404429.905:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11188 comm="syz.6.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf49d8eb69 code=0x7ffc0000 [ 693.962232][ T30] audit: type=1326 audit(1754404429.995:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11188 comm="syz.6.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fcf49d8eb69 code=0x7ffc0000 [ 693.962497][ T30] audit: type=1326 audit(1754404429.995:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11188 comm="syz.6.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf49d8eb69 code=0x7ffc0000 [ 693.962743][ T30] audit: type=1326 audit(1754404430.055:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11188 comm="syz.6.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcf49d8eb69 code=0x7ffc0000 [ 693.962984][ T30] audit: type=1326 audit(1754404430.055:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11188 comm="syz.6.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf49d8eb69 code=0x7ffc0000 [ 693.963225][ T30] audit: type=1326 audit(1754404430.085:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11188 comm="syz.6.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf49d8eb69 code=0x7ffc0000 [ 695.262163][T11197] loop6: detected capacity change from 0 to 2048 [ 695.396711][T11197] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024) [ 695.521181][T11207] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 696.639304][T11215] loop2: detected capacity change from 0 to 2048 [ 696.877643][T11215] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 697.130831][T11215] UDF-fs: error (device loop2): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 698.753503][T11253] loop4: detected capacity change from 0 to 64 [ 699.030942][T11257] loop0: detected capacity change from 0 to 64 [ 699.560191][T11245] loop1: detected capacity change from 0 to 4096 [ 699.812741][T11265] loop2: detected capacity change from 0 to 512 [ 699.916210][T11265] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 700.190443][T11265] EXT4-fs (loop2): 1 truncate cleaned up [ 700.199170][T11265] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 700.659104][T11284] loop0: detected capacity change from 0 to 64 [ 700.795356][T11284] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 701.288633][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 703.587552][T11322] loop4: detected capacity change from 0 to 512 [ 703.930820][T11322] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 703.944287][T11322] ext4 filesystem being mounted at /431/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 704.646850][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 704.899346][T11352] loop1: detected capacity change from 0 to 512 [ 705.236253][T11352] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.2026: bad orphan inode 11862016 [ 705.318608][T11352] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 705.332181][T11352] ext4 filesystem being mounted at /427/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 705.596112][T11366] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2029'. [ 705.605924][T11366] bond0: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0) [ 705.635804][T11359] loop4: detected capacity change from 0 to 2048 [ 705.856972][T11359] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 706.268724][T11359] EXT4-fs: can't change dax mount option while remounting [ 706.280454][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 706.888934][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 708.076248][T11408] loop2: detected capacity change from 0 to 1024 [ 708.275161][T11408] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 708.517855][T11408] hfsplus: filesystem is marked journaled, leaving read-only. [ 709.466746][ T5867] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 709.601882][T11445] loop2: detected capacity change from 0 to 256 [ 709.686784][T11445] exfat: Deprecated parameter 'utf8' [ 709.694712][ T5867] usb 5-1: Using ep0 maxpacket: 16 [ 709.747065][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 709.760710][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 709.771757][ T5867] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 709.781344][ T5867] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 709.806590][ T5867] usb 5-1: config 0 descriptor?? [ 710.014832][T11445] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d) [ 710.461050][ T5867] corsair 0003:1B1C:1B02.0015: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.4-1/input0 [ 710.586657][ T5867] corsair 0003:1B1C:1B02.0015: Failed to get K90 initial state (error -71). [ 710.684517][ T5867] usb 5-1: USB disconnect, device number 11 [ 710.839156][T11476] loop6: detected capacity change from 0 to 1024 [ 711.068783][T11476] EXT4-fs (loop6): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 711.620583][T10209] EXT4-fs (loop6): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 712.189758][T11515] loop2: detected capacity change from 0 to 256 [ 712.252441][T11518] loop6: detected capacity change from 0 to 256 [ 712.300887][T11518] exfat: Deprecated parameter 'namecase' [ 712.301327][T11518] exfat: Deprecated parameter 'utf8' [ 712.575053][T11518] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d) [ 712.758885][T11515] FAT-fs (loop2): Directory bread(block 64) failed [ 712.784491][T11515] FAT-fs (loop2): Directory bread(block 65) failed [ 712.785025][T11515] FAT-fs (loop2): Directory bread(block 66) failed [ 712.785147][T11515] FAT-fs (loop2): Directory bread(block 67) failed [ 712.785400][T11515] FAT-fs (loop2): Directory bread(block 68) failed [ 712.785515][T11515] FAT-fs (loop2): Directory bread(block 69) failed [ 712.785762][T11515] FAT-fs (loop2): Directory bread(block 70) failed [ 712.785880][T11515] FAT-fs (loop2): Directory bread(block 71) failed [ 712.786147][T11515] FAT-fs (loop2): Directory bread(block 72) failed [ 712.786264][T11515] FAT-fs (loop2): Directory bread(block 73) failed [ 713.033471][T11523] loop1: detected capacity change from 0 to 4096 [ 713.127802][T11523] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 713.927618][T11540] loop4: detected capacity change from 0 to 512 [ 714.292920][T11534] fido_id[11534]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 714.308204][T11540] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 714.308632][T11540] ext4 filesystem being mounted at /439/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 715.203175][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 718.010616][T11606] loop2: detected capacity change from 0 to 256 [ 718.199326][T11609] loop4: detected capacity change from 0 to 256 [ 718.272385][T11609] exfat: Deprecated parameter 'utf8' [ 718.570799][T11609] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 719.500357][T11635] loop6: detected capacity change from 0 to 64 [ 719.912593][T11645] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2092'. [ 721.643592][T11664] loop2: detected capacity change from 0 to 4096 [ 721.835121][ T30] audit: type=1326 audit(1754404458.045:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11680 comm="syz.4.2100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 721.915448][ T30] audit: type=1326 audit(1754404458.145:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11680 comm="syz.4.2100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 721.945797][ T30] audit: type=1326 audit(1754404458.145:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11680 comm="syz.4.2100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 721.967340][T11664] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 721.974992][ T30] audit: type=1326 audit(1754404458.145:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11680 comm="syz.4.2100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 722.006886][ T30] audit: type=1326 audit(1754404458.155:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11680 comm="syz.4.2100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 722.029619][ T30] audit: type=1326 audit(1754404458.155:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11680 comm="syz.4.2100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 722.058994][ T30] audit: type=1326 audit(1754404458.215:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11680 comm="syz.4.2100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 722.426964][T11664] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 722.436059][T11664] EXT4-fs (loop2): stripe (248) is not aligned with cluster size (16), stripe is disabled [ 722.504723][T11664] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000. [ 723.075058][ T5866] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 723.112163][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.285455][ T5866] usb 5-1: Using ep0 maxpacket: 32 [ 723.327149][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 723.339168][ T5866] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 723.353285][ T5866] usb 5-1: New USB device found, idVendor=04f2, idProduct=1236, bcdDevice= 0.00 [ 723.362933][ T5866] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 723.599682][ T5866] usb 5-1: config 0 descriptor?? [ 723.969468][T11722] loop0: detected capacity change from 0 to 8 [ 724.182088][ T5866] chicony 0003:04F2:1236.0016: hidraw0: USB HID v0.00 Device [HID 04f2:1236] on usb-dummy_hcd.4-1/input0 [ 724.194986][ T5867] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 724.336493][ T5866] usb 5-1: USB disconnect, device number 12 [ 724.363602][ T5867] usb 3-1: Using ep0 maxpacket: 32 [ 724.430322][ T5867] usb 3-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 724.444089][ T5867] usb 3-1: config 0 interface 0 has no altsetting 0 [ 724.450993][ T5867] usb 3-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00 [ 724.460682][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 724.488300][ T5867] usb 3-1: config 0 descriptor?? [ 725.034861][ T5867] kye 0003:0458:0138.0017: unknown global tag 0xc [ 725.041538][ T5867] kye 0003:0458:0138.0017: item 0 1 1 12 parsing failed [ 725.134558][ T5867] kye 0003:0458:0138.0017: parse failed [ 725.140610][ T5867] kye 0003:0458:0138.0017: probe with driver kye failed with error -22 [ 725.275703][ T5867] usb 3-1: USB disconnect, device number 13 [ 726.150214][T11777] fido_id[11777]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory [ 726.453950][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 726.460642][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 726.885767][T11799] autofs: Bad value for 'fd' [ 729.476261][T11823] loop4: detected capacity change from 0 to 8192 [ 731.285552][T11868] loop1: detected capacity change from 0 to 32768 [ 731.296718][T11872] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2142'. [ 731.341866][T11868] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section replicas: invalid device 1 in entry (unknown data_type 122): 119/246 [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 5 5 6 7 8 9 9 10 11 14 24 27 31 35 43 47 47 51 56 65 80 89 96 102 128 132 172 173 174 179 205 222 235 245] [ 731.341866][T11868] replicas (size 64): [ 731.341866][T11868] (unknown data_type 122): 119/246 [43 0 222 65 89 132 205 31 174 173 5 172 235 128 0 0 0 0 0 0 0 0 0 0 1 8 0 0 0 179 245 51 102 0 0 0 0 0 0 14 96 0 0 0 0 0 0 0 0 0 0 0 0 5 0 0 0 9 0 0 0 9 0 0 0 0 0 0 0 7 0 0 0 0 0 0 0 24 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 80 0 0 0 10 0 0 0 0 0 0 0 0 0 0 0 56 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 [ 731.342862][T11868] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry [ 731.866630][T11881] tmpfs: Bad value for 'mpol' [ 732.778879][T11896] loop4: detected capacity change from 0 to 2048 [ 732.946939][T11896] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 732.973058][T11905] loop0: detected capacity change from 0 to 64 [ 733.092565][T11905] hfs: Unknown parameter 'i' [ 733.581362][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 734.044138][T11933] sctp: [Deprecated]: syz.1.2156 (pid 11933) Use of struct sctp_assoc_value in delayed_ack socket option. [ 734.044138][T11933] Use struct sctp_sack_info instead [ 734.495935][T11939] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 734.508443][T11939] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 734.618324][T11942] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 734.629931][T11942] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 735.391672][T11958] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 735.398486][T11958] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 735.406990][T11958] vhci_hcd vhci_hcd.0: Device attached [ 735.616078][T11960] vhci_hcd: connection closed [ 735.622126][ T3727] vhci_hcd: stop threads [ 735.631990][ T3727] vhci_hcd: release socket [ 735.637124][ T3727] vhci_hcd: disconnect device [ 737.029308][T11996] loop6: detected capacity change from 0 to 64 [ 737.119799][T12002] loop1: detected capacity change from 0 to 128 [ 737.121351][T11996] MINIX-fs: mounting file system with errors, running fsck is recommended [ 737.381223][ T30] audit: type=1800 audit(1754404473.575:102): pid=12002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2175" name="file2" dev="loop1" ino=1048834 res=0 errno=0 [ 737.952673][T12018] tipc: Enabling of bearer rejected, failed to enable media [ 739.740510][T12050] autofs: Bad value for 'uid' [ 739.746292][T12050] autofs: Bad value for 'uid' [ 740.006909][T12056] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2189'. [ 740.315177][T12046] loop2: detected capacity change from 0 to 32768 [ 740.365084][T12046] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 740.375452][T12046] gfs2: fsid=syz:syz: Now mounting FS (format 1802)... [ 740.491322][T12046] gfs2: fsid=syz:syz.s: fatal: filesystem consistency error - inode = 1 19, function = gfs2_jdesc_check, file = fs/gfs2/super.c, line = 119 [ 740.507255][T12046] gfs2: fsid=syz:syz.s: G: s:SH n:2/13 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:6 [ 740.516812][T12046] gfs2: fsid=syz:syz.s: H: s:SH f:eEcH e:0 p:12046 [syz.2.2185] init_journal+0x332e/0x3a30 [ 740.527411][T12046] gfs2: fsid=syz:syz.s: I: n:1/19 t:8 f:0x00 d:0x00000200 s:33554432 p:0 [ 740.536412][T12046] gfs2: fsid=syz:syz.s: about to withdraw this file system [ 740.544083][T12046] gfs2: fsid=syz:syz.s: Journal recovery skipped for jid 0 until next mount. [ 740.553317][T12046] gfs2: fsid=syz:syz.s: Glock dequeues delayed: 0 [ 740.561441][T12046] gfs2: fsid=syz:syz.s: File system withdrawn [ 740.568042][T12046] CPU: 1 UID: 0 PID: 12046 Comm: syz.2.2185 Not tainted 6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(none) [ 740.568212][T12046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 740.568312][T12046] Call Trace: [ 740.568374][T12046] [ 740.568430][T12046] __dump_stack+0x26/0x30 [ 740.568619][T12046] dump_stack_lvl+0x1df/0x270 [ 740.568818][T12046] dump_stack+0x1e/0x25 [ 740.568980][T12046] gfs2_withdraw+0x1182/0x2050 [ 740.569221][T12046] gfs2_consist_inode_i+0x1b2/0x250 [ 740.569432][T12046] gfs2_jdesc_check+0x170/0x440 [ 740.569651][T12046] check_journal_clean+0x1b6/0x4c0 [ 740.569846][T12046] ? init_journal+0x332e/0x3a30 [ 740.570030][T12046] ? kmsan_get_metadata+0xfb/0x160 [ 740.570194][T12046] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 740.570381][T12046] init_journal+0x332e/0x3a30 [ 740.570603][T12046] ? init_inodes+0x124/0x510 [ 740.570797][T12046] ? init_inodes+0x124/0x510 [ 740.570979][T12046] ? kmsan_get_metadata+0xfb/0x160 [ 740.571144][T12046] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 740.571336][T12046] init_inodes+0x124/0x510 [ 740.571530][T12046] gfs2_fill_super+0x384d/0x3f50 [ 740.571720][T12046] ? init_locking+0xed/0x500 [ 740.571961][T12046] get_tree_bdev_flags+0x6e3/0x920 [ 740.572148][T12046] ? __pfx_gfs2_fill_super+0x10/0x10 [ 740.572340][T12046] ? __pfx_gfs2_fill_super+0x10/0x10 [ 740.572519][T12046] ? __pfx_gfs2_get_tree+0x10/0x10 [ 740.572707][T12046] get_tree_bdev+0x38/0x50 [ 740.572884][T12046] gfs2_get_tree+0x57/0x350 [ 740.573070][T12046] ? __pfx_gfs2_get_tree+0x10/0x10 [ 740.573257][T12046] vfs_get_tree+0xb0/0x5c0 [ 740.573431][T12046] ? mount_capable+0x99/0x100 [ 740.573584][T12046] do_new_mount+0x733/0x1420 [ 740.573760][T12046] ? apparmor_capable+0x32d/0x410 [ 740.573925][T12046] ? kmsan_get_metadata+0xfb/0x160 [ 740.574120][T12046] path_mount+0x6db/0x1e90 [ 740.574296][T12046] ? user_path_at+0x32d/0x3d0 [ 740.574460][T12046] __se_sys_mount+0x6eb/0x7d0 [ 740.574642][T12046] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 740.574908][T12046] __x64_sys_mount+0xe4/0x150 [ 740.575106][T12046] x64_sys_call+0x3604/0x3e20 [ 740.575305][T12046] do_syscall_64+0xd9/0x210 [ 740.575464][T12046] ? irqentry_exit+0x16/0x60 [ 740.575600][T12046] ? clear_bhb_loop+0x40/0x90 [ 740.575771][T12046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.575951][T12046] RIP: 0033:0x7ff8ed59030a [ 740.576076][T12046] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 740.576211][T12046] RSP: 002b:00007ff8ee3a1e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 740.576360][T12046] RAX: ffffffffffffffda RBX: 00007ff8ee3a1ef0 RCX: 00007ff8ed59030a [ 740.576472][T12046] RDX: 0000200000000180 RSI: 0000200000012500 RDI: 00007ff8ee3a1eb0 [ 740.576598][T12046] RBP: 0000200000000180 R08: 00007ff8ee3a1ef0 R09: 0000000000200001 [ 740.576703][T12046] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500 [ 740.576810][T12046] R13: 00007ff8ee3a1eb0 R14: 00000000000125bc R15: 0000200000000440 [ 740.576956][T12046] [ 740.883550][T12046] gfs2: fsid=syz:syz.s: Error checking journal for spectator mount. [ 742.355414][T12091] lo speed is unknown, defaulting to 1000 [ 742.361618][T12091] lo speed is unknown, defaulting to 1000 [ 742.369178][T12091] lo speed is unknown, defaulting to 1000 [ 742.388055][T12091] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 742.432204][T12091] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 742.569729][T12091] lo speed is unknown, defaulting to 1000 [ 742.579983][T12091] lo speed is unknown, defaulting to 1000 [ 742.679077][T12091] lo speed is unknown, defaulting to 1000 [ 742.688078][T12091] lo speed is unknown, defaulting to 1000 [ 742.887066][T12091] lo speed is unknown, defaulting to 1000 [ 742.911926][T12100] loop1: detected capacity change from 0 to 512 [ 743.152849][T12100] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 743.454625][T12100] EXT4-fs (loop1): 1 truncate cleaned up [ 743.462896][T12100] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 743.858018][ T5867] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 744.125814][ T5867] usb 3-1: New USB device found, idVendor=056a, idProduct=0003, bcdDevice= 0.00 [ 744.135751][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 744.239897][ T5867] usb 3-1: config 0 descriptor?? [ 744.584109][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 744.966227][ T5867] wacom 0003:056A:0003.0018: Unknown device_type for 'HID 056a:0003'. Assuming pen. [ 745.086756][ T5867] wacom 0003:056A:0003.0018: hidraw0: USB HID v0.00 Device [HID 056a:0003] on usb-dummy_hcd.2-1/input0 [ 745.103112][ T5867] input: Wacom Cintiq Partner Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0003.0018/input/input16 [ 745.419611][ T5867] usb 3-1: USB disconnect, device number 14 [ 745.648628][T12144] loop0: detected capacity change from 0 to 512 [ 746.942555][T12163] fido_id[12163]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 747.195854][ T5867] usb 5-1: new full-speed USB device number 13 using dummy_hcd [ 747.446306][ T5867] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 747.457001][ T5867] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 747.466577][ T5867] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 747.476435][ T5867] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 747.707249][ T5867] usb 5-1: config 0 descriptor?? [ 747.807437][ T5867] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 747.816082][ T5867] dvb-usb: bulk message failed: -22 (3/0) [ 747.998863][ T5867] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 748.100997][ T5867] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 748.108762][ T5867] usb 5-1: media controller created [ 748.177062][T12201] netlink: 71 bytes leftover after parsing attributes in process `syz.0.2216'. [ 748.225890][ T5867] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 748.380765][ T5867] dvb-usb: bulk message failed: -22 (6/0) [ 748.387912][ T5867] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 748.449821][ T5867] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input19 [ 748.611681][ T5867] dvb-usb: schedule remote query interval to 150 msecs. [ 748.619097][ T5867] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 748.734111][ T5867] usb 5-1: USB disconnect, device number 13 [ 748.968878][ T5867] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 749.535308][T12235] vivid-004: disconnect [ 749.599356][T12233] vivid-004: reconnect [ 749.795208][ T5867] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 750.080005][ T5867] usb 7-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02 [ 750.089869][ T5867] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 750.100060][ T5867] usb 7-1: Product: syz [ 750.105340][ T5867] usb 7-1: Manufacturer: syz [ 750.110167][ T5867] usb 7-1: SerialNumber: syz [ 750.351696][ T5867] usb 7-1: config 0 descriptor?? [ 750.469586][ T5867] gspca_main: sunplus-2.14.0 probing 04fc:504a [ 751.364631][T12254] loop4: detected capacity change from 0 to 32768 [ 751.381179][T12254] (syz.4.2225,12254,1):ocfs2_read_virt_blocks:1007 ERROR: Inode #66 contains a hole at offset 0 [ 751.392199][T12254] (syz.4.2225,12254,1):ocfs2_read_dir_block:511 ERROR: status = -5 [ 751.400783][T12254] (syz.4.2225,12254,1):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 751.410225][T12254] (syz.4.2225,12254,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs? [ 751.410420][T12254] (syz.4.2225,12254,1):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 751.435831][T12254] (syz.4.2225,12254,1):ocfs2_initialize_super:2198 ERROR: status = -22 [ 751.445589][T12254] (syz.4.2225,12254,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 751.488177][T12263] loop1: detected capacity change from 0 to 256 [ 751.554928][ T9711] usb 1-1: new full-speed USB device number 15 using dummy_hcd [ 751.809601][ T9711] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 751.821540][ T9711] usb 1-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00 [ 751.831840][ T9711] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 752.064426][ T5867] gspca_sunplus: reg_r err -71 [ 752.069735][ T5867] sunplus 7-1:0.0: probe with driver sunplus failed with error -71 [ 752.105583][ T5867] usb 7-1: USB disconnect, device number 3 [ 752.210390][ T9711] usb 1-1: config 0 descriptor?? [ 752.220546][T12261] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 752.426963][T12263] FAT-fs (loop1): Directory bread(block 64) failed [ 752.434294][T12263] FAT-fs (loop1): Directory bread(block 65) failed [ 752.441221][T12263] FAT-fs (loop1): Directory bread(block 66) failed [ 752.448209][T12263] FAT-fs (loop1): Directory bread(block 67) failed [ 752.457413][T12263] FAT-fs (loop1): Directory bread(block 68) failed [ 752.465199][T12263] FAT-fs (loop1): Directory bread(block 69) failed [ 752.472219][T12263] FAT-fs (loop1): Directory bread(block 70) failed [ 752.479237][T12263] FAT-fs (loop1): Directory bread(block 71) failed [ 752.486336][T12263] FAT-fs (loop1): Directory bread(block 72) failed [ 752.493282][T12263] FAT-fs (loop1): Directory bread(block 73) failed [ 752.937037][ T9711] belkin 0003:050D:3201.0019: hiddev0,hidraw0: USB HID v1.01 Device [HID 050d:3201] on usb-dummy_hcd.0-1/input0 [ 753.065626][T12293] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2231'. [ 753.085867][ T9711] usb 1-1: USB disconnect, device number 15 [ 753.554424][T12288] loop4: detected capacity change from 0 to 4096 [ 753.587459][T12288] EXT4-fs: Ignoring removed mblk_io_submit option [ 753.665615][T12288] EXT4-fs (loop4): Test dummy encryption mode enabled [ 753.831455][T12288] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 754.259259][T12328] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2234'. [ 754.675327][T12288] Process accounting resumed [ 754.847782][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 755.421162][T12336] fido_id[12336]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 755.671555][T12351] netlink: 192 bytes leftover after parsing attributes in process `syz.0.2241'. [ 756.359891][T12364] loop2: detected capacity change from 0 to 164 [ 756.466098][T12364] ISOFS: unable to read i-node block [ 756.471643][T12364] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 756.611607][T12364] isofs_fill_super: get root inode failed [ 756.774139][ T9711] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 756.982219][ T9711] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 756.992143][ T9711] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 757.071549][ T9711] usb 1-1: config 0 descriptor?? [ 757.147201][ T9711] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 757.235567][T12383] loop6: detected capacity change from 0 to 256 [ 757.376555][T12383] exfat: Deprecated parameter 'namecase' [ 757.383070][T12383] exfat: Deprecated parameter 'utf8' [ 757.454234][T12383] exFAT-fs (loop6): Medium has reported failures. Some data may be lost. [ 757.671700][T12392] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 757.678504][T12392] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 757.689405][T12392] vhci_hcd vhci_hcd.0: Device attached [ 757.790823][ T9711] gspca_cpia1: usb_control_msg 01, error -71 [ 757.793424][T12383] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d) [ 757.797537][ T9711] cpia1 1-1:0.0: only firmware version 1 is supported (got: 0) [ 757.909606][ T9711] usb 1-1: USB disconnect, device number 16 [ 758.005176][ T5867] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 758.275102][ T5866] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 758.516741][ T5866] usb 3-1: Using ep0 maxpacket: 16 [ 758.584626][ T5866] usb 3-1: config 0 has no interfaces? [ 758.590412][ T5866] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 758.607279][ T5866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 758.727141][ T5866] usb 3-1: config 0 descriptor?? [ 759.118885][ T32] usb 3-1: USB disconnect, device number 15 [ 759.287011][T12393] usbip_core: unknown command [ 759.292444][T12393] vhci_hcd: unknown pdu 0 [ 759.297745][T12393] usbip_core: unknown command [ 759.381032][ T14] vhci_hcd: stop threads [ 759.385811][ T14] vhci_hcd: release socket [ 759.390670][ T14] vhci_hcd: disconnect device [ 762.683190][T12445] loop1: detected capacity change from 0 to 4096 [ 762.916593][T12465] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 762.954964][T12463] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2262'. [ 763.119585][ T5867] vhci_hcd: vhci_device speed not set [ 764.075128][T12485] netlink: 'syz.1.2268': attribute type 5 has an invalid length. [ 764.888545][T12500] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2272'. [ 764.898323][T12500] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2272'. [ 765.204257][ T5866] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 765.441509][ T5866] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 765.452217][ T5866] usb 2-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 765.470435][ T5866] usb 2-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0 [ 765.483153][ T5866] usb 2-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 765.496694][ T5866] usb 2-1: config 0 interface 0 has no altsetting 0 [ 765.503990][ T5866] usb 2-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00 [ 765.513317][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 765.832517][ T5866] usb 2-1: config 0 descriptor?? [ 765.972939][T12518] loop0: detected capacity change from 0 to 1024 [ 766.196381][T12518] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 766.313622][ T5866] logitech 0003:046D:C20E.001A: rdesc size test failed for formula gp [ 766.406020][ T5866] logitech 0003:046D:C20E.001A: unknown main item tag 0x0 [ 766.415950][ T5866] logitech 0003:046D:C20E.001A: unknown main item tag 0x0 [ 766.423404][ T5866] logitech 0003:046D:C20E.001A: unknown main item tag 0x0 [ 766.431323][ T5866] logitech 0003:046D:C20E.001A: unknown main item tag 0x0 [ 766.439004][ T5866] logitech 0003:046D:C20E.001A: unknown main item tag 0x0 [ 766.446730][ T5866] logitech 0003:046D:C20E.001A: unknown main item tag 0x0 [ 766.454407][ T5866] logitech 0003:046D:C20E.001A: unknown main item tag 0x0 [ 766.641955][T12532] loop4: detected capacity change from 0 to 512 [ 766.731172][ T5866] logitech 0003:046D:C20E.001A: hidraw0: USB HID v0.2f Device [HID 046d:c20e] on usb-dummy_hcd.1-1/input0 [ 766.771791][T12532] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 766.846609][ T5866] usb 2-1: USB disconnect, device number 12 [ 767.009340][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 767.011911][T12532] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 767.035129][T12532] ext4 filesystem being mounted at /480/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 767.631397][T12539] loop2: detected capacity change from 0 to 4096 [ 767.771633][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 767.965938][T12574] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 768.361758][T12566] fido_id[12566]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 770.183583][T12608] loop2: detected capacity change from 0 to 64 [ 770.306083][T12608] syz.2.2293: attempt to access beyond end of device [ 770.306083][T12608] loop2: rw=0, sector=268435468, nr_sectors = 2 limit=64 [ 770.320213][T12608] Buffer I/O error on dev loop2, logical block 134217734, async page read [ 772.214992][ T5866] usb 3-1: new high-speed USB device number 16 using dummy_hcd [ 772.541757][ T5866] usb 3-1: Using ep0 maxpacket: 8 [ 772.646864][T12639] loop0: detected capacity change from 0 to 32768 [ 772.670477][ T5866] usb 3-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00 [ 772.680604][ T5866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 772.689281][ T5866] usb 3-1: Product: syz [ 772.693860][ T5866] usb 3-1: Manufacturer: syz [ 772.698693][ T5866] usb 3-1: SerialNumber: syz [ 772.704865][T12639] (syz.0.2300,12639,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #66: rec_len is smaller than minimal - offset=56, inode=56294995342131268, rec_len=0, name_len=18 [ 772.724927][T12639] (syz.0.2300,12639,1):ocfs2_init_global_system_inodes:465 ERROR: status = -22 [ 772.736838][T12639] (syz.0.2300,12639,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs? [ 772.737028][T12639] (syz.0.2300,12639,1):ocfs2_init_global_system_inodes:476 ERROR: status = -22 [ 772.759221][T12639] (syz.0.2300,12639,1):ocfs2_initialize_super:2198 ERROR: status = -22 [ 772.768541][T12639] (syz.0.2300,12639,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 772.991205][T12656] loop6: detected capacity change from 0 to 128 [ 773.298118][ T5866] usb 3-1: config 0 descriptor?? [ 773.400091][ T5866] radio-usb-si4713 3-1:0.0: Si4713 development board discovered: (10C4:8244) [ 773.441379][T12656] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 773.577673][T12656] ext4 filesystem being mounted at /97/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 774.189666][ T5821] Bluetooth: hci0: unexpected event for opcode 0x0c58 [ 774.414200][T10209] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 774.861324][T12672] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 775.134065][T12674] loop1: detected capacity change from 0 to 40427 [ 775.156130][T12674] F2FS-fs (loop1): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288) [ 775.165919][T12674] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 775.201258][T12674] F2FS-fs (loop1): Wrong SIT boundary, start(1536) end(2130708992) blocks(1024) [ 775.210719][T12674] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock [ 775.302214][ T5866] radio-usb-si4713 3-1:0.0: probe with driver radio-usb-si4713 failed with error -71 [ 775.312978][ T5866] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 775.331216][ T5866] usb 3-1: USB disconnect, device number 16 [ 776.283473][T12706] loop4: detected capacity change from 0 to 1024 [ 777.275563][ T58] hfsplus: b-tree write err: -5, ino 4 [ 777.832097][T12733] loop6: detected capacity change from 0 to 128 [ 777.919153][T12728] loop2: detected capacity change from 0 to 2048 [ 777.997745][T12733] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 778.144145][T12728] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 778.176614][T12733] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 778.236356][T12728] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 778.344228][T12728] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 778.526638][T12748] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2320'. [ 778.536777][T12748] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2320'. [ 778.945154][T12752] loop1: detected capacity change from 0 to 256 [ 779.026526][T12752] exfat: Deprecated parameter 'utf8' [ 779.147082][T10209] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 779.450237][T12752] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 779.768312][T12754] loop4: detected capacity change from 0 to 32768 [ 780.069464][T12754] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 780.223249][ T5815] (syz-executor,5815,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72 [ 780.351286][ T5815] ocfs2: Unmounting device (7,4) on (node local) [ 781.039895][T12777] loop6: detected capacity change from 0 to 2048 [ 782.325935][T12809] vim2m vim2m.0: vidioc_s_fmt queue busy [ 783.222024][T12817] loop1: detected capacity change from 0 to 1024 [ 783.352743][T12810] loop6: detected capacity change from 0 to 4096 [ 783.443187][T12810] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 783.606149][T12817] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 784.110126][T12810] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 784.230673][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 784.619282][T12846] loop2: detected capacity change from 0 to 1024 [ 785.774941][T12866] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2346'. [ 785.985240][ T5866] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 786.195191][ T5866] usb 1-1: Using ep0 maxpacket: 16 [ 786.238341][ T5866] usb 1-1: config 0 has an invalid interface number: 105 but max is 0 [ 786.255212][ T5866] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 786.268397][ T5866] usb 1-1: config 0 has no interface number 0 [ 786.426559][ T5866] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 786.436503][ T5866] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 786.448778][ T5866] usb 1-1: Product: syz [ 786.460089][ T5866] usb 1-1: Manufacturer: syz [ 786.467665][ T5866] usb 1-1: SerialNumber: syz [ 786.610527][T12881] loop4: detected capacity change from 0 to 16 [ 786.648492][ T5866] usb 1-1: config 0 descriptor?? [ 786.708543][T12881] erofs (device loop4): mounted with root inode @ nid 36. [ 786.721382][ T5866] usb 1-1: Found UVC 0.00 device syz (046d:08f3) [ 786.728324][ T5866] usb 1-1: No valid video chain found. [ 786.751873][T12875] loop6: detected capacity change from 0 to 4096 [ 786.929477][ T5867] usb 1-1: USB disconnect, device number 17 [ 787.017430][T12893] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 787.786452][T12906] loop2: detected capacity change from 0 to 128 [ 787.876115][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 787.883067][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 787.927797][T12906] EXT4-fs: Ignoring removed nobh option [ 788.146653][T12906] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 788.161378][T12911] loop6: detected capacity change from 0 to 256 [ 788.217398][T12906] ext4 filesystem being mounted at /446/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 788.232634][T12911] exfat: Deprecated parameter 'utf8' [ 788.239080][T12911] exfat: Deprecated parameter 'namecase' [ 788.245782][T12911] exfat: Deprecated parameter 'namecase' [ 788.251738][T12911] exfat: Deprecated parameter 'utf8' [ 788.445236][ T30] audit: type=1800 audit(1754404524.675:103): pid=12906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2353" name="file1" dev="loop2" ino=12 res=0 errno=0 [ 788.548862][T12911] exFAT-fs (loop6): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d) [ 789.193056][ T5816] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 789.568465][ T5867] kernel write not supported for file /input/event2 (pid: 5867 comm: kworker/1:3) [ 789.964397][ T5867] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 790.194472][ T5867] usb 7-1: Using ep0 maxpacket: 32 [ 790.245974][ T5867] usb 7-1: config 0 has an invalid interface number: 12 but max is 0 [ 790.254778][ T5867] usb 7-1: config 0 has no interface number 0 [ 790.261124][ T5867] usb 7-1: config 0 interface 12 has no altsetting 0 [ 790.404423][ T5867] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 790.415734][ T5867] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 790.424404][ T5867] usb 7-1: Product: syz [ 790.428889][ T5867] usb 7-1: Manufacturer: syz [ 790.433942][ T5867] usb 7-1: SerialNumber: syz [ 790.614100][ T5867] usb 7-1: config 0 descriptor?? [ 791.342854][ T5867] f81534 7-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 791.352170][ T5867] f81534 7-1:0.12: f81534_find_config_idx: read failed: -71 [ 791.359955][ T5867] f81534 7-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 791.371596][ T5867] f81534 7-1:0.12: probe with driver f81534 failed with error -71 [ 791.454643][T12957] loop2: detected capacity change from 0 to 4096 [ 791.546984][ T5867] usb 7-1: USB disconnect, device number 4 [ 791.583590][T12957] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 792.476417][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 792.770779][T12997] loop4: detected capacity change from 0 to 164 [ 792.983025][T12997] rock: directory entry would overflow storage [ 792.991405][T12997] rock: sig=0x66, size=4, remaining=3 [ 793.138451][T12997] rock: directory entry would overflow storage [ 793.146390][T12997] rock: sig=0x66, size=4, remaining=3 [ 793.152559][T12997] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 794.621627][T13030] loop0: detected capacity change from 0 to 1024 [ 794.700830][T13030] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 794.929875][T13030] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #3: block 1: comm syz.0.2377: lblock 1 mapped to illegal pblock 1 (length 1) [ 795.011873][T13030] Quota error (device loop0): write_blk: dquota write failed [ 795.021058][T13030] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 795.032528][T13030] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2377: Failed to acquire dquot type 0 [ 795.122154][T13030] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.2377: Freeing blocks not in datazone - block = 0, count = 4096 [ 795.205290][T13030] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.2377: Invalid inode bitmap blk 0 in block_group 0 [ 795.248551][ T58] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 795.324933][T13030] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 795.345517][ T58] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 795.354467][ T58] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0 [ 795.424234][T13030] EXT4-fs (loop0): 1 orphan inode deleted [ 795.507209][T13030] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 795.698462][T13030] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 796.166326][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 798.843229][T13115] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2404'. [ 798.853270][T13115] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2404'. [ 799.720866][T13135] loop0: detected capacity change from 0 to 64 [ 799.804131][T13135] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 800.325085][T10173] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 800.536317][T10173] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 800.548487][T10173] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 800.558456][T10173] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 800.717381][T10173] usb 7-1: config 0 descriptor?? [ 800.727373][T13144] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 800.865446][ T5866] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 801.084648][ T5866] usb 3-1: Using ep0 maxpacket: 32 [ 801.142358][ T5866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 801.154164][ T5866] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 801.164672][ T5866] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 801.174809][ T5866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 801.446575][T10173] pyra 0003:1E7D:2CF6.001B: hidraw0: USB HID v1.01 Device [HID 1e7d:2cf6] on usb-dummy_hcd.6-1/input0 [ 801.488536][ T5866] usb 3-1: config 0 descriptor?? [ 801.601169][ T5867] usb 7-1: USB disconnect, device number 5 [ 802.001000][ T5866] koneplus 0003:1E7D:2D51.001C: unknown main item tag 0x0 [ 802.008963][ T5866] koneplus 0003:1E7D:2D51.001C: unknown main item tag 0x0 [ 802.027895][ T5866] koneplus 0003:1E7D:2D51.001C: unknown main item tag 0x0 [ 802.038581][ T5866] koneplus 0003:1E7D:2D51.001C: unknown main item tag 0x0 [ 802.046300][ T5866] koneplus 0003:1E7D:2D51.001C: unknown main item tag 0x0 [ 802.647318][ T5866] koneplus 0003:1E7D:2D51.001C: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.2-1/input0 [ 802.774638][ T5866] koneplus 0003:1E7D:2D51.001C: couldn't init struct koneplus_device [ 802.783630][ T5866] koneplus 0003:1E7D:2D51.001C: couldn't install mouse [ 802.819707][T13191] loop1: detected capacity change from 0 to 32768 [ 802.874281][T13191] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2429 (13191) [ 802.924807][T13191] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 802.935602][T13191] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm [ 802.947251][T13191] BTRFS error (device loop1): superblock checksum mismatch [ 802.955672][T13191] BTRFS error (device loop1): open_ctree failed: -22 [ 802.973212][ T5866] koneplus 0003:1E7D:2D51.001C: probe with driver koneplus failed with error -71 [ 803.211223][ T5866] usb 3-1: USB disconnect, device number 17 [ 803.622235][T13199] fido_id[13199]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory [ 803.876969][ T6138] udevd[6138]: incorrect btrfs checksum on /dev/loop1 [ 805.331241][T13252] loop1: detected capacity change from 0 to 256 [ 806.142488][T13263] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 806.149898][T13263] comedi comedi3: 8255: I/O port conflict (0x2,4) [ 806.157417][T13263] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 806.164311][T13263] comedi comedi3: 8255: I/O port conflict (0x5c952399,4) [ 806.171742][T13263] comedi comedi3: 8255: I/O port conflict (0x5,4) [ 806.178890][T13263] comedi comedi3: 8255: I/O port conflict (0x3ff,4) [ 806.186090][T13263] comedi comedi3: 8255: I/O port conflict (0x1,4) [ 806.248701][T13253] fido_id[13253]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 807.516584][T13289] loop1: detected capacity change from 0 to 256 [ 807.587097][T13289] exfat: Deprecated parameter 'namecase' [ 807.593581][T13289] exfat: Deprecated parameter 'namecase' [ 807.804001][T13289] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xdf1a9a6c, utbl_chksum : 0xe619d30d) [ 808.020060][T13299] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 809.621523][T13320] loop4: detected capacity change from 0 to 256 [ 810.177960][T13319] loop2: detected capacity change from 0 to 32768 [ 810.237565][T13319] (syz.2.2450,13319,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options [ 810.251867][T13319] (syz.2.2450,13319,1):ocfs2_fill_super:1177 ERROR: status = -22 [ 810.580974][T13332] loop0: detected capacity change from 0 to 512 [ 810.808921][T13332] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 811.618051][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 811.692131][T13352] loop1: detected capacity change from 0 to 128 [ 811.806345][T13352] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 812.445018][T13366] tipc: Failed to obtain node identity [ 812.450748][T13366] tipc: Enabling of bearer rejected, failed to enable media [ 813.020023][T13378] loop4: detected capacity change from 0 to 8 [ 813.028771][T13379] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2463'. [ 813.159144][T13378] SQUASHFS error: zstd decompression error: 10 [ 813.165906][T13378] SQUASHFS error: zstd decompression failed, data probably corrupt [ 813.174450][T13378] SQUASHFS error: Failed to read block 0x60: -5 [ 813.190040][T13378] SQUASHFS error: zstd decompression error: 10 [ 813.199145][T13378] SQUASHFS error: zstd decompression failed, data probably corrupt [ 813.207955][T13378] SQUASHFS error: Failed to read block 0x60: -5 [ 814.094758][T13398] netlink: 'syz.2.2470': attribute type 1 has an invalid length. [ 814.992828][T13400] loop6: detected capacity change from 0 to 32768 [ 815.003579][T13400] bcachefs: bch2_fs_parse_param() Error parsing option move_bytes_in_flight: option_value [ 815.832220][ T30] audit: type=1326 audit(1754404552.055:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 816.012100][ T30] audit: type=1326 audit(1754404552.145:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 816.036074][ T30] audit: type=1326 audit(1754404552.145:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 816.061108][ T30] audit: type=1326 audit(1754404552.155:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 816.084622][ T30] audit: type=1326 audit(1754404552.155:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 816.107739][ T30] audit: type=1326 audit(1754404552.165:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 816.131199][ T30] audit: type=1326 audit(1754404552.165:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13423 comm="syz.2.2481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8ed58eb69 code=0x7ffc0000 [ 816.297618][T13424] loop0: detected capacity change from 0 to 2048 [ 816.465697][T13424] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 816.519704][T13424] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 816.528038][T13424] UDF-fs: Scanning with blocksize 512 failed [ 816.858518][T13424] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 816.950770][T13441] loop2: detected capacity change from 0 to 1024 [ 816.998367][T13441] EXT4-fs: Ignoring removed oldalloc option [ 816.998856][T13441] EXT4-fs: Ignoring removed orlov option [ 817.023553][T13441] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 817.120786][T13441] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 817.436641][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 820.164245][ T5867] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 820.279804][T13505] loop6: detected capacity change from 0 to 16 [ 820.335033][T13505] erofs (device loop6): mounted with root inode @ nid 36. [ 820.374203][ T5867] usb 1-1: Using ep0 maxpacket: 16 [ 820.410311][ T5867] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 820.421755][ T5867] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 820.436797][ T5867] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 820.446723][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 820.540181][T13505] syz.6.2504: attempt to access beyond end of device [ 820.540181][T13505] loop6: rw=524288, sector=34359738360, nr_sectors = 1976 limit=16 [ 820.636634][ T5867] usb 1-1: config 0 descriptor?? [ 820.902836][T13519] loop2: detected capacity change from 0 to 64 [ 821.188615][ T5867] corsair 0003:1B1C:1B02.001D: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0 [ 821.361908][ T5867] corsair 0003:1B1C:1B02.001D: Failed to get K90 initial state (error -71). [ 821.486291][ T5867] usb 1-1: USB disconnect, device number 18 [ 822.109789][T13555] loop2: detected capacity change from 0 to 1024 [ 822.237069][T13555] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 822.763530][T13575] loop6: detected capacity change from 0 to 4096 [ 822.798068][T13575] NILFS (loop6): mounting unchecked fs [ 822.814067][T13575] NILFS (loop6): recovery required for readonly filesystem [ 822.821685][T13575] NILFS (loop6): write access will be enabled during recovery [ 822.838676][T13575] NILFS (loop6): invalid segment: Checksum error in segment payload [ 822.847694][T13575] NILFS (loop6): trying rollback from an earlier position [ 822.890334][T13575] NILFS (loop6): norecovery option specified, skipping roll-forward recovery [ 822.903323][T13575] NILFS (loop6): The specified checkpoint is not a snapshot (checkpoint number=2) [ 823.709414][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 823.972064][T13592] autofs: Bad value for 'fd' [ 824.381789][T13586] fido_id[13586]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 825.322700][T13611] sctp: [Deprecated]: syz.2.2526 (pid 13611) Use of struct sctp_assoc_value in delayed_ack socket option. [ 825.322700][T13611] Use struct sctp_sack_info instead [ 825.441731][T13614] loop6: detected capacity change from 0 to 128 [ 825.642702][ T30] audit: type=1800 audit(1754404561.865:111): pid=13614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2528" name="file2" dev="loop6" ino=1048861 res=0 errno=0 [ 827.970400][T13659] loop2: detected capacity change from 0 to 512 [ 828.111063][T13659] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 828.294500][T13659] EXT4-fs (loop2): 1 truncate cleaned up [ 828.302457][T13659] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 828.817160][T13679] siw: device registration error -23 [ 828.959325][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 829.280478][T13691] loop1: detected capacity change from 0 to 512 [ 831.454062][ T5867] usb 2-1: new full-speed USB device number 13 using dummy_hcd [ 831.694342][ T5867] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 831.705314][ T5867] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 831.716667][ T5867] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 831.726705][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 831.857928][ T5867] usb 2-1: config 0 descriptor?? [ 831.914225][ T5867] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 831.924352][ T5867] dvb-usb: bulk message failed: -22 (3/0) [ 832.003118][ T5867] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 832.023899][T13730] loop6: detected capacity change from 0 to 4096 [ 832.105407][T13730] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512). [ 832.126131][ T5867] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 832.133804][ T5867] usb 2-1: media controller created [ 832.220322][ T5867] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 832.386050][T13740] loop0: detected capacity change from 0 to 4096 [ 832.393600][ T5867] dvb-usb: bulk message failed: -22 (6/0) [ 832.400310][ T5867] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 832.450786][T13740] EXT4-fs: Ignoring removed mblk_io_submit option [ 832.509628][ T5867] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input21 [ 832.549433][ T5867] dvb-usb: schedule remote query interval to 150 msecs. [ 832.557521][ T5867] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 832.622593][T13740] EXT4-fs (loop0): Test dummy encryption mode enabled [ 832.677161][ T5867] usb 2-1: USB disconnect, device number 13 [ 832.802817][ T5867] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 832.836715][T13740] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 833.637540][T13740] Process accounting resumed [ 834.002704][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 836.288902][T13823] loop2: detected capacity change from 0 to 512 [ 836.354692][T13824] loop6: detected capacity change from 0 to 8192 [ 836.555978][T13825] loop0: detected capacity change from 0 to 2048 [ 836.693367][T13825] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 836.708060][T13825] ext4 filesystem being mounted at /532/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 837.297316][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 839.143653][T13878] binder: 13875:13878 ioctl c0306201 2000000003c0 returned -22 [ 840.236150][T13885] loop1: detected capacity change from 0 to 32768 [ 840.335266][T13885] JBD2: Ignoring recovery information on journal [ 840.341856][T13885] JBD2: corrupted journal superblock [ 840.347557][T13885] JBD2: error -117 scanning journal [ 840.353031][T13885] (syz.1.2595,13885,0):ocfs2_journal_wipe:1216 ERROR: status = -117 [ 840.364042][T13885] (syz.1.2595,13885,0):ocfs2_check_volume:2363 ERROR: status = -117 [ 840.372327][T13885] (syz.1.2595,13885,0):ocfs2_check_volume:2432 ERROR: status = -117 [ 840.380720][T13885] (syz.1.2595,13885,0):ocfs2_mount_volume:1764 ERROR: status = -117 [ 840.426861][T13885] (syz.1.2595,13885,0):ocfs2_fill_super:1177 ERROR: status = -117 [ 841.165376][T13905] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2600'. [ 841.327236][T13910] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2601'. [ 842.677734][ T5866] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 842.934440][ T5866] usb 3-1: Using ep0 maxpacket: 8 [ 842.997598][ T5866] usb 3-1: config 179 has an invalid interface number: 65 but max is 0 [ 843.008331][ T5866] usb 3-1: config 179 has no interface number 0 [ 843.015278][ T5866] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 843.027318][ T5866] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 843.039747][ T5866] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 843.051351][ T5866] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 843.063522][ T5866] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 843.084854][ T5866] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 843.096838][ T5866] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 843.480883][T13933] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 843.666969][T13953] usb usb8: usbfs: process 13953 (syz.1.2616) did not claim interface 0 before use [ 843.954189][T13933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 843.967424][T13933] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 844.288653][ T5867] usb 3-1: USB disconnect, device number 18 [ 844.289168][ C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 844.304390][ C0] dummy_hcd dummy_hcd.2: timer fired with no URBs pending? [ 844.335518][T13964] program syz.6.2618 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 845.991212][T14005] loop1: detected capacity change from 0 to 512 [ 846.044083][T14005] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 846.286567][T14005] EXT4-fs (loop1): 1 truncate cleaned up [ 846.382596][T14005] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 846.595871][T14027] loop2: detected capacity change from 0 to 512 [ 846.696329][T14027] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 846.759341][T14028] loop4: detected capacity change from 0 to 1024 [ 846.953073][T14028] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 846.965414][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 846.977449][T14028] ext4 filesystem being mounted at /559/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 847.359263][ T5816] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 847.697429][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 848.524398][T14059] loop4: detected capacity change from 0 to 512 [ 848.597872][T14064] tmpfs: Cannot retroactively limit inodes [ 848.656365][T14059] EXT4-fs: Ignoring removed bh option [ 848.736191][T14059] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 848.824850][T14059] EXT4-fs (loop4): 1 truncate cleaned up [ 848.833152][T14059] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 849.052839][T14059] EXT4-fs (loop4): shut down requested (0) [ 849.295145][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 849.302050][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 849.502803][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 849.676079][T14054] loop2: detected capacity change from 0 to 8192 [ 851.565086][T14108] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2656'. [ 852.065234][ T5867] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 854.050202][T14138] netlink: 204 bytes leftover after parsing attributes in process `syz.4.2664'. [ 854.059900][T14138] netlink: 'syz.4.2664': attribute type 1 has an invalid length. [ 855.454015][ T5867] usb 3-1: Using ep0 maxpacket: 16 [ 855.647959][ T5867] usb 3-1: device descriptor read/all, error -71 [ 856.331050][T14149] loop0: detected capacity change from 0 to 4096 [ 859.426253][T14228] loop4: detected capacity change from 0 to 512 [ 859.484652][T14228] EXT4-fs (loop4): Test dummy encryption mode enabled [ 859.491699][T14228] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 859.723483][T14228] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.2688: bad orphan inode 131083 [ 859.793475][T14228] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 860.029043][T14245] loop6: detected capacity change from 0 to 64 [ 860.082652][T14245] BFS-fs: bfs_fill_super(): loop6 is unclean, continuing [ 860.406963][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 861.574142][ T5866] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 861.796822][ T5866] usb 3-1: Using ep0 maxpacket: 32 [ 861.835099][ T5866] usb 3-1: config 0 has an invalid interface number: 12 but max is 0 [ 861.844191][ T5866] usb 3-1: config 0 has no interface number 0 [ 861.850697][ T5866] usb 3-1: config 0 interface 12 has no altsetting 0 [ 862.072972][ T5866] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 862.083086][ T5866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 862.091628][ T5866] usb 3-1: Product: syz [ 862.096158][ T5866] usb 3-1: Manufacturer: syz [ 862.100977][ T5866] usb 3-1: SerialNumber: syz [ 862.463262][T14282] loop4: detected capacity change from 0 to 32768 [ 862.640699][T14282] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2704 (14282) [ 862.998928][T14291] loop6: detected capacity change from 0 to 1024 [ 863.059584][T14291] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 863.145675][T14291] EXT4-fs error (device loop6): ext4_map_blocks:814: inode #3: block 1: comm syz.6.2707: lblock 1 mapped to illegal pblock 1 (length 1) [ 863.242219][T14291] Quota error (device loop6): write_blk: dquota write failed [ 863.254231][T14291] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 863.265806][T14291] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.2707: Failed to acquire dquot type 0 [ 863.278516][ T5866] usb 3-1: config 0 descriptor?? [ 863.289814][T14282] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 863.300701][T14282] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm [ 863.309757][T14282] BTRFS error (device loop4): superblock checksum mismatch [ 863.317894][T14282] BTRFS error (device loop4): open_ctree failed: -22 [ 863.468660][T14291] EXT4-fs error (device loop6): ext4_free_blocks:6696: comm syz.6.2707: Freeing blocks not in datazone - block = 0, count = 4096 [ 863.525822][T14285] loop1: detected capacity change from 0 to 40427 [ 863.565625][T14285] F2FS-fs (loop1): build fault injection rate: 14 [ 863.573360][T14285] F2FS-fs (loop1): Image doesn't support compression [ 863.583237][T14285] F2FS-fs (loop1): journaled quota format not specified [ 863.732288][T14291] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.2707: Invalid inode bitmap blk 0 in block_group 0 [ 863.751683][ T9844] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 863.849225][ T9844] Quota error (device loop6): remove_tree: Can't read quota data block 1 [ 863.859056][ T9844] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:2: Failed to release dquot type 0 [ 863.912568][T14291] EXT4-fs error (device loop6) in ext4_free_inode:361: Corrupt filesystem [ 864.001229][T14291] EXT4-fs (loop6): 1 orphan inode deleted [ 864.011612][T14291] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 864.215702][ T5866] f81534 3-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 864.223948][ T5866] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71 [ 864.231593][ T5866] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 864.239932][ T5866] f81534 3-1:0.12: probe with driver f81534 failed with error -71 [ 864.362234][T14291] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000. [ 864.539683][ T5866] usb 3-1: USB disconnect, device number 21 [ 864.656136][T10029] udevd[10029]: incorrect btrfs checksum on /dev/loop4 [ 865.140444][T10209] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 865.519371][T14328] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2722'. [ 865.577224][T14330] loop2: detected capacity change from 0 to 256 [ 865.646314][T14330] exfat: Deprecated parameter 'utf8' [ 865.652173][T14330] exfat: Deprecated parameter 'namecase' [ 865.659156][T14330] exfat: Deprecated parameter 'namecase' [ 865.665780][T14330] exfat: Deprecated parameter 'utf8' [ 865.994523][ T5867] kernel write not supported for file /input/event2 (pid: 5867 comm: kworker/1:3) [ 866.181425][T14330] exFAT-fs (loop2): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d) [ 867.411696][T14353] vim2m vim2m.0: vidioc_s_fmt queue busy [ 867.680441][T14363] [U]  [ 867.683434][T14363] [U] K{ [ 867.687182][T14363] [U] t 1ŠFfˊ`GJgo/mC [ 867.694982][T14363] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 867.711580][T14363] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 867.723182][T14363] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 867.765063][T14363] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 867.790197][T14363] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 867.802068][T14363] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 867.814376][T14363] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 867.970066][T14363] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 867.979725][T14363] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 867.993792][T14363] [U] 22Ʃx?0;3u [ 867.998446][T14363] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 868.024260][T14363] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 868.033994][T14363] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 868.042980][T14363] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 868.049955][T14363] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 868.064881][T14363] [U] ec [ 868.068275][T14363] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 868.134052][ T30] audit: type=1326 audit(1754404604.345:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa48238eb69 code=0x7ffc0000 [ 868.157587][ T30] audit: type=1326 audit(1754404604.345:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7fa48238eb69 code=0x7ffc0000 [ 868.182151][ T30] audit: type=1326 audit(1754404604.345:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14366 comm="syz.0.2721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa48238eb69 code=0x7ffc0000 [ 868.264256][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 868.277941][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 868.289037][ T5867] usb 5-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00 [ 868.298466][ T5867] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 868.359124][T14362] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 868.527171][ T5867] usb 5-1: config 0 descriptor?? [ 868.992500][ T5867] samsung 0003:0419:0001.001E: item 0 2 0 8 parsing failed [ 869.109046][ T5867] samsung 0003:0419:0001.001E: parse failed [ 869.115992][ T5867] samsung 0003:0419:0001.001E: probe with driver samsung failed with error -22 [ 869.202908][ T5867] usb 5-1: USB disconnect, device number 14 [ 871.504951][T14422] loop1: detected capacity change from 0 to 1024 [ 871.596160][T14426] loop6: detected capacity change from 0 to 1024 [ 871.645810][T14426] EXT4-fs: Ignoring removed nobh option [ 871.659428][T14426] EXT4-fs: inline encryption not supported [ 871.725154][T14422] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 871.783499][T14426] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 872.241576][ T5820] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 872.476684][T10209] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 873.225642][T14463] AppArmor: change_hat: Invalid input, NULL hat and NULL magic [ 873.339882][T14467] netlink: 'syz.6.2746': attribute type 5 has an invalid length. [ 873.570636][T14457] loop1: detected capacity change from 0 to 4096 [ 873.789072][T14476] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 874.406404][T14483] CUSE: unknown device info "M" [ 874.414633][T14483] CUSE: unknown device info "" [ 874.419962][T14483] CUSE: unknown device info "," [ 874.426905][T14483] CUSE: unknown device info "" [ 874.432032][T14483] CUSE: DEVNAME unspecified [ 874.646548][T14486] cifs: Bad value for 'cache' [ 874.974047][ T5867] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 875.145562][T14499] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2757'. [ 875.271973][ T5867] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 875.283532][ T5867] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 875.294520][ T5867] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00 [ 875.304067][ T5867] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 875.396946][T14504] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2759'. [ 875.406587][T14504] hsr0: entered promiscuous mode [ 875.477535][ T5867] usb 1-1: config 0 descriptor?? [ 876.026499][ T5867] kone 0003:1E7D:2CED.001F: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.0-1/input0 [ 876.167537][ T5867] usb 1-1: USB disconnect, device number 19 [ 877.041296][T14547] loop2: detected capacity change from 0 to 128 [ 877.394269][T14546] loop4: detected capacity change from 0 to 2048 [ 877.447707][T14539] fido_id[14539]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 877.597897][T14546] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 878.336537][T14562] netlink: 128 bytes leftover after parsing attributes in process `syz.6.2772'. [ 879.480743][T14572] loop0: detected capacity change from 0 to 4096 [ 879.819269][T14595] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 879.936618][T14597] IPVS: Error connecting to the multicast addr [ 880.585869][T14602] sctp: [Deprecated]: syz.4.2782 (pid 14602) Use of int in maxseg socket option. [ 880.585869][T14602] Use struct sctp_assoc_value instead [ 880.622935][T14589] loop1: detected capacity change from 0 to 4096 [ 880.724855][T14589] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 880.964402][ T5866] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 881.244071][ T5866] usb 7-1: Using ep0 maxpacket: 32 [ 881.265182][T14589] ntfs3(loop1): ino=19, mi_enum_attr [ 881.270848][T14589] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 881.295817][ T5866] usb 7-1: config 0 has an invalid interface number: 35 but max is 0 [ 881.304784][ T5866] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 881.315254][ T5866] usb 7-1: config 0 has no interface number 0 [ 881.321708][ T5866] usb 7-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 881.460486][T14589] ntfs3(loop1): failed to convert "c46c" to macturkish [ 881.499809][T14589] ntfs3(loop1): ino=20, mi_enum_attr [ 881.538553][ T5866] usb 7-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad [ 881.548869][ T5866] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 881.557621][ T5866] usb 7-1: Product: syz [ 881.562102][ T5866] usb 7-1: Manufacturer: syz [ 881.567183][ T5866] usb 7-1: SerialNumber: syz [ 881.737295][ T5866] usb 7-1: config 0 descriptor?? [ 881.763321][T14618] loop4: detected capacity change from 0 to 2048 [ 881.883008][ T5866] radio-si470x 7-1:0.35: could not find interrupt in endpoint [ 881.902264][ T5866] radio-si470x 7-1:0.35: probe with driver radio-si470x failed with error -5 [ 882.058718][T14618] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 882.076025][ T5866] radio-raremono 7-1:0.35: Thanko's Raremono connected: (10C4:818A) [ 882.314818][ T5866] radio-raremono 7-1:0.35: V4L2 device registered as radio48 [ 882.512802][ T5866] usb 7-1: USB disconnect, device number 6 [ 882.520152][ T5866] radio-raremono 7-1:0.35: Thanko's Raremono disconnected [ 882.890030][ T5815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 883.705302][T14666] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2795'. [ 883.714975][T14666] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2795'. [ 883.724370][T14666] netlink: 'syz.6.2795': attribute type 14 has an invalid length. [ 883.740182][T14666] netlink: 'syz.6.2795': attribute type 13 has an invalid length. [ 885.186156][T14691] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2804'. [ 885.195907][T14691] netlink: 80 bytes leftover after parsing attributes in process `syz.4.2804'. [ 886.847282][T14711] loop4: detected capacity change from 0 to 32768 [ 887.137049][T14724] loop1: detected capacity change from 0 to 256 [ 887.178463][T14724] exfat: Deprecated parameter 'namecase' [ 887.185678][T14724] exfat: Deprecated parameter 'namecase' [ 887.323871][ T5867] kernel write not supported for file /input/mice (pid: 5867 comm: kworker/1:3) [ 887.414733][T14724] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 888.671740][T14753] loop6: detected capacity change from 0 to 1024 [ 888.934641][T14753] syz.6.2821: attempt to access beyond end of device [ 888.934641][T14753] loop6: rw=0, sector=201326592, nr_sectors = 2 limit=1024 [ 888.949194][T14753] Buffer I/O error on dev loop6, logical block 100663296, async page read [ 888.967210][T14753] hfsplus: unable to mark blocks free: error -5 [ 888.976393][T14753] hfsplus: can't free extent [ 889.477102][T14770] loop4: detected capacity change from 0 to 256 [ 889.816839][T14780] loop0: detected capacity change from 0 to 512 [ 890.016195][T14780] EXT4-fs error (device loop0): ext4_xattr_inode_iget:433: comm syz.0.2828: Parent and EA inode have the same ino 15 [ 890.055840][T14770] FAT-fs (loop4): Directory bread(block 64) failed [ 890.062801][T14770] FAT-fs (loop4): Directory bread(block 65) failed [ 890.070114][T14770] FAT-fs (loop4): Directory bread(block 66) failed [ 890.077517][T14770] FAT-fs (loop4): Directory bread(block 67) failed [ 890.092777][T14770] FAT-fs (loop4): Directory bread(block 68) failed [ 890.102187][T14770] FAT-fs (loop4): Directory bread(block 69) failed [ 890.109447][T14770] FAT-fs (loop4): Directory bread(block 70) failed [ 890.116397][T14770] FAT-fs (loop4): Directory bread(block 71) failed [ 890.123480][T14770] FAT-fs (loop4): Directory bread(block 72) failed [ 890.130421][T14770] FAT-fs (loop4): Directory bread(block 73) failed [ 890.177838][T14780] EXT4-fs (loop0): 1 orphan inode deleted [ 890.196761][T14780] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 890.424906][T14786] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 3: invalid block bitmap [ 890.453527][T14780] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.2828: bg 0: block 3: invalid block bitmap [ 890.525826][T14780] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2828: invalid indirect mapped block 234881024 (level 0) [ 890.948490][ T5810] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 891.432936][T14804] loop4: detected capacity change from 0 to 8 [ 891.561223][T14804] SQUASHFS error: lzo decompression failed, data probably corrupt [ 891.569863][T14804] SQUASHFS error: Failed to read block 0x91: -5 [ 891.576772][T14804] SQUASHFS error: Unable to read metadata cache entry [8f] [ 891.584548][T14804] SQUASHFS error: Unable to read inode 0x11f [ 891.904819][T14813] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2837'. [ 892.329829][ T30] audit: type=1326 audit(1754404628.555:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14816 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c0d8eb69 code=0x7ffc0000 [ 892.514162][ T30] audit: type=1326 audit(1754404628.645:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14816 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f09c0d8eb69 code=0x7ffc0000 [ 892.544103][ T30] audit: type=1326 audit(1754404628.645:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14816 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c0d8eb69 code=0x7ffc0000 [ 892.570001][ T30] audit: type=1326 audit(1754404628.645:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14816 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c0d8eb69 code=0x7ffc0000 [ 892.593203][ T30] audit: type=1326 audit(1754404628.655:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14816 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7f09c0d8eb69 code=0x7ffc0000 [ 892.616523][ T30] audit: type=1326 audit(1754404628.655:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14816 comm="syz.1.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09c0d8eb69 code=0x7ffc0000 [ 893.105390][T14829] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2843'. [ 893.115385][T14829] netlink: 'syz.1.2843': attribute type 30 has an invalid length. [ 893.123406][T14829] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2843'. [ 893.775785][T14839] ieee802154 phy0 wpan0: encryption failed: -126 [ 894.189502][T14833] loop0: detected capacity change from 0 to 32768 [ 894.203600][T14833] bcachefs (/dev/loop0): error validating superblock: Invalid superblock: optional field extends past end of superblock (type 1) [ 894.218199][T14833] bcachefs: bch2_fs_get_tree() error: invalid_sb_field_size [ 894.303072][T14844] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2848'. [ 895.766574][T14856] loop2: detected capacity change from 0 to 4096 [ 895.869882][T14856] ntfs3(loop2): ino=3, Correct links count -> 2. [ 896.035725][T14873] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 896.045673][T14873] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 896.074828][T14878] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2855'. [ 896.084703][T14878] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2855'. [ 896.094333][T14878] netlink: 'syz.4.2855': attribute type 19 has an invalid length. [ 896.773590][T14856] ntfs3(loop2): failed to convert "0080" to cp874 [ 896.865330][T14856] ntfs3(loop2): failed to convert name for inode 1e. [ 896.907311][T14856] ntfs3(loop2): ino=1f, mi_enum_attr [ 896.913108][T14856] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 897.986043][T14893] loop1: detected capacity change from 0 to 4096 [ 898.541377][T14918] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2867'. [ 898.824848][T14893] ntfs3(loop1): ino=b, mi_enum_attr [ 898.830566][T14893] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 898.875232][T14893] ntfs3(loop1): Failed to load $Extend (-22). [ 898.881693][T14893] ntfs3(loop1): Failed to initialize $Extend. [ 899.070894][T14926] erofs (device nullb0): cannot find valid erofs superblock [ 899.270458][T14893] ntfs3(loop1): ino=1e, "file1" attr_set_size [ 900.079520][T14941] loop2: detected capacity change from 0 to 256 [ 900.149524][T14941] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 900.162099][T14941] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 900.394625][T14941] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x226242d1, utbl_chksum : 0xe619d30d) [ 902.909180][T14984] loop4: detected capacity change from 0 to 32768 [ 902.987132][T14984] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 902.999052][T14984] gfs2: fsid=syz:syz: Now mounting FS (format 1802)... [ 903.031166][T15001] loop1: detected capacity change from 0 to 16 [ 903.056119][T14984] gfs2: fsid=syz:syz.s: fatal: invalid metadata block - bh = 19 (type: exp=4, found=1), function = gfs2_meta_buffer, file = fs/gfs2/meta_io.c, line = 499 [ 903.072180][T14984] gfs2: fsid=syz:syz.s: about to withdraw this file system [ 903.082576][T14984] gfs2: fsid=syz:syz.s: Journal recovery skipped for jid 0 until next mount. [ 903.094171][T14984] gfs2: fsid=syz:syz.s: Glock dequeues delayed: 0 [ 903.102271][T14984] gfs2: fsid=syz:syz.s: File system withdrawn [ 903.109385][T14984] CPU: 1 UID: 0 PID: 14984 Comm: syz.4.2882 Not tainted 6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(none) [ 903.109553][T14984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 903.109655][T14984] Call Trace: [ 903.109707][T14984] [ 903.109761][T14984] __dump_stack+0x26/0x30 [ 903.109944][T14984] dump_stack_lvl+0x1df/0x270 [ 903.110132][T14984] dump_stack+0x1e/0x25 [ 903.110312][T14984] gfs2_withdraw+0x1182/0x2050 [ 903.110561][T14984] gfs2_metatype_check_ii+0x11e/0x160 [ 903.110759][T14984] gfs2_meta_buffer+0x4c7/0x600 [ 903.110948][T14984] inode_go_instantiate+0xda/0x1e90 [ 903.111152][T14984] ? queue_delayed_work_on+0x21d/0x350 [ 903.111315][T14984] ? kmsan_get_metadata+0xfb/0x160 [ 903.111483][T14984] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 903.111696][T14984] ? kmsan_get_metadata+0xfb/0x160 [ 903.111867][T14984] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 903.112064][T14984] ? __pfx_inode_go_instantiate+0x10/0x10 [ 903.112259][T14984] gfs2_instantiate+0x24c/0x4b0 [ 903.112469][T14984] gfs2_glock_wait+0x26a/0x3b0 [ 903.112684][T14984] gfs2_glock_nq+0x28cf/0x34a0 [ 903.112938][T14984] check_journal_clean+0xc1/0x4c0 [ 903.113120][T14984] ? init_journal+0x332e/0x3a30 [ 903.113315][T14984] ? kmsan_get_metadata+0xfb/0x160 [ 903.113482][T14984] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 903.113679][T14984] init_journal+0x332e/0x3a30 [ 903.113900][T14984] ? init_inodes+0x124/0x510 [ 903.114089][T14984] ? init_inodes+0x124/0x510 [ 903.114257][T14984] ? kmsan_get_metadata+0xfb/0x160 [ 903.114423][T14984] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 903.114607][T14984] init_inodes+0x124/0x510 [ 903.114798][T14984] gfs2_fill_super+0x384d/0x3f50 [ 903.114982][T14984] ? init_locking+0xed/0x500 [ 903.115206][T14984] get_tree_bdev_flags+0x6e3/0x920 [ 903.115385][T14984] ? __pfx_gfs2_fill_super+0x10/0x10 [ 903.115568][T14984] ? __pfx_gfs2_fill_super+0x10/0x10 [ 903.115745][T14984] ? __pfx_gfs2_get_tree+0x10/0x10 [ 903.115932][T14984] get_tree_bdev+0x38/0x50 [ 903.116104][T14984] gfs2_get_tree+0x57/0x350 [ 903.116291][T14984] ? __pfx_gfs2_get_tree+0x10/0x10 [ 903.116477][T14984] vfs_get_tree+0xb0/0x5c0 [ 903.116657][T14984] ? mount_capable+0x99/0x100 [ 903.116808][T14984] do_new_mount+0x733/0x1420 [ 903.116974][T14984] ? apparmor_capable+0x32d/0x410 [ 903.117155][T14984] ? kmsan_get_metadata+0xfb/0x160 [ 903.117357][T14984] path_mount+0x6db/0x1e90 [ 903.117542][T14984] ? user_path_at+0x32d/0x3d0 [ 903.117714][T14984] __se_sys_mount+0x6eb/0x7d0 [ 903.117900][T14984] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 903.118188][T14984] __x64_sys_mount+0xe4/0x150 [ 903.118385][T14984] x64_sys_call+0x3604/0x3e20 [ 903.118585][T14984] do_syscall_64+0xd9/0x210 [ 903.118745][T14984] ? irqentry_exit+0x16/0x60 [ 903.118875][T14984] ? clear_bhb_loop+0x40/0x90 [ 903.119033][T14984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 903.119289][T14984] RIP: 0033:0x7f86b719030a [ 903.119387][T14984] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 903.119512][T14984] RSP: 002b:00007f86b4ff5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 903.119654][T14984] RAX: ffffffffffffffda RBX: 00007f86b4ff5ef0 RCX: 00007f86b719030a [ 903.119758][T14984] RDX: 0000200000000180 RSI: 0000200000012500 RDI: 00007f86b4ff5eb0 [ 903.119859][T14984] RBP: 0000200000000180 R08: 00007f86b4ff5ef0 R09: 0000000000200001 [ 903.119953][T14984] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500 [ 903.120043][T14984] R13: 00007f86b4ff5eb0 R14: 00000000000125bc R15: 0000200000000440 [ 903.120172][T14984] [ 903.163210][T15001] erofs (device loop1): mounted with root inode @ nid 36. [ 903.167784][T14984] gfs2: fsid=syz:syz.s: Error -5 locking journal for spectator mount. [ 903.474897][ T30] audit: type=1800 audit(1754404639.685:121): pid=15001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2888" name="file1" dev="loop1" ino=86 res=0 errno=0 [ 904.597691][T15024] loop4: detected capacity change from 0 to 1024 [ 904.802048][T15024] hfsplus: bad catalog entry type [ 905.170453][ T12] hfsplus: b-tree write err: -5, ino 4 [ 905.465824][T15043] loop2: detected capacity change from 0 to 2048 [ 906.238515][T15048] loop6: detected capacity change from 0 to 32768 [ 906.327338][T15048] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2896 (15048) [ 906.355521][T15048] BTRFS info (device loop6 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 906.374435][T15048] BTRFS info (device loop6 state S): using crc32c (crc32c-lib) checksum algorithm [ 906.386778][T15048] BTRFS info (device loop6 state S): using free-space-tree [ 906.475522][T15043] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 906.511007][T15043] Remounting filesystem read-only [ 906.524036][T15074] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 906.534222][T15043] NILFS (loop2): mounting fs with errors [ 906.601663][T15043] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 906.612238][T15043] Remounting filesystem read-only [ 906.617953][T15043] NILFS (loop2): error -5 reading inode: ino=15 [ 906.666422][ T3727] BTRFS warning (device loop6 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xbeadaddc level 0, ignored [ 906.694721][ T4097] BTRFS warning (device loop6 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored [ 906.743282][ T14] BTRFS warning (device loop6 state S): checksum verify failed on logical 5328896 mirror 1 wanted 0x51ec978b found 0x31515604 level 0, ignored [ 906.823011][T15048] BTRFS error (device loop6 state S): dev extent physical offset 6881280 devid 2 has no corresponding chunk [ 906.840016][T15048] BTRFS error (device loop6 state S): failed to find devid 2 [ 906.848018][T15048] BTRFS error (device loop6 state S): failed to verify dev extents against chunks: -117 [ 906.896111][T15048] BTRFS error (device loop6 state S): open_ctree failed: -117 [ 907.803171][T15099] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (virtio1-input.0) [ 907.878932][T15101] loop2: detected capacity change from 0 to 2048 [ 908.067715][T15101] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 908.075634][T15111] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 908.116227][T15101] Remounting filesystem read-only [ 908.370508][T15115] loop0: detected capacity change from 0 to 256 [ 908.438599][T15115] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 908.450172][T15115] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 908.728120][T15115] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 909.082386][T15130] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2912'. [ 909.682828][T15142] loop1: detected capacity change from 0 to 256 [ 909.942603][T15149] loop2: detected capacity change from 0 to 256 [ 910.518138][T15149] FAT-fs (loop2): Directory bread(block 64) failed [ 910.525682][T15149] FAT-fs (loop2): Directory bread(block 65) failed [ 910.532602][T15149] FAT-fs (loop2): Directory bread(block 66) failed [ 910.539602][T15149] FAT-fs (loop2): Directory bread(block 67) failed [ 910.546688][T15149] FAT-fs (loop2): Directory bread(block 68) failed [ 910.553536][T15149] FAT-fs (loop2): Directory bread(block 69) failed [ 910.563110][T15149] FAT-fs (loop2): Directory bread(block 70) failed [ 910.570894][T15149] FAT-fs (loop2): Directory bread(block 71) failed [ 910.578321][T15149] FAT-fs (loop2): Directory bread(block 72) failed [ 910.585422][T15149] FAT-fs (loop2): Directory bread(block 73) failed [ 910.738321][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 910.745366][ T1284] ieee802154 phy1 wpan1: encryption failed: -22 [ 911.056108][T15169] loop6: detected capacity change from 0 to 1024 [ 911.723361][ T5867] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 911.910953][ T58] hfsplus: b-tree write err: -5, ino 4 [ 911.978671][ T5867] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 911.991246][ T5867] usb 2-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00 [ 912.002732][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 912.057867][ T5867] usb 2-1: config 0 descriptor?? [ 912.772468][ T5867] hid_mf 0003:0079:1846.0020: hidraw0: USB HID v0.00 Device [HID 0079:1846] on usb-dummy_hcd.1-1/input0 [ 912.786788][ T5867] hid_mf 0003:0079:1846.0020: Invalid report, this should never happen! [ 912.795769][ T5867] hid_mf 0003:0079:1846.0020: Force feedback init failed. [ 913.105067][ T5867] usb 2-1: USB disconnect, device number 14 [ 914.122793][T15203] fido_id[15203]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory [ 914.625876][ T5866] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 914.792298][ T30] audit: type=1326 audit(1754404651.025:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15231 comm="syz.4.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 914.815868][ T30] audit: type=1326 audit(1754404651.055:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15231 comm="syz.4.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 914.855070][ T5866] usb 2-1: Using ep0 maxpacket: 32 [ 914.940797][ T5866] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 914.952759][ T5866] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 915.038850][ T30] audit: type=1326 audit(1754404651.115:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15231 comm="syz.4.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 915.062339][ T30] audit: type=1326 audit(1754404651.115:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15231 comm="syz.4.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 915.087237][ T30] audit: type=1326 audit(1754404651.125:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15231 comm="syz.4.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 915.111128][ T30] audit: type=1326 audit(1754404651.125:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15231 comm="syz.4.2937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86b718eb69 code=0x7ffc0000 [ 915.114378][ T5866] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 915.143334][ T5866] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 915.152409][ T5866] usb 2-1: Product: syz [ 915.157710][ T5866] usb 2-1: Manufacturer: syz [ 915.462207][ T5866] hub 2-1:4.0: USB hub found [ 915.697065][ T5866] hub 2-1:4.0: config failed, hub has too many ports! (err -19) [ 916.053951][T15248] loop4: detected capacity change from 0 to 1024 [ 916.057406][ T5866] usb 2-1: USB disconnect, device number 15 [ 917.072732][T15269] mkiss: ax0: crc mode is auto. [ 917.610787][ T30] audit: type=1326 audit(1754404653.825:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15286 comm="syz.6.2950" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcf49d8eb69 code=0x0 [ 918.789095][T15304] netlink: 'syz.2.2955': attribute type 2 has an invalid length. [ 919.025524][T15285] loop0: detected capacity change from 0 to 8192 [ 919.156351][T15285] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 919.703635][T15317] program syz.2.2959 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 920.357046][T15323] loop1: detected capacity change from 0 to 256 [ 921.552088][ T30] audit: type=1326 audit(1754404657.785:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15347 comm="syz.4.2968" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f86b718eb69 code=0x0 [ 922.192227][ C1] hrtimer: interrupt took 255874 ns [ 922.984977][T15368] bond_slave_0: entered promiscuous mode [ 922.991187][T15368] bond_slave_1: entered promiscuous mode [ 923.003664][T15368] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 923.047367][T15377] ===================================================== [ 923.062280][T15377] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 [ 923.072263][T15377] _copy_to_user+0xcc/0x120 [ 923.077276][T15377] do_insn_ioctl+0x59c/0x6d0 [ 923.082106][T15377] comedi_unlocked_ioctl+0xa5e/0x1f60 [ 923.088341][T15377] __se_sys_ioctl+0x23c/0x400 [ 923.093454][T15377] __x64_sys_ioctl+0x97/0xe0 [ 923.098339][T15377] x64_sys_call+0x1cbc/0x3e20 [ 923.103570][T15377] do_syscall_64+0xd9/0x210 [ 923.108366][T15377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 923.115153][T15377] [ 923.117603][T15377] Uninit was created at: [ 923.122128][T15377] ___kmalloc_large_node+0x310/0x3b0 [ 923.128096][T15377] __kmalloc_large_node_noprof+0x3f/0x1f0 [ 923.134368][T15377] __kmalloc_noprof+0xbad/0x1310 [ 923.139532][T15377] do_insn_ioctl+0x108/0x6d0 [ 923.145168][T15377] comedi_unlocked_ioctl+0xa5e/0x1f60 [ 923.150898][T15377] __se_sys_ioctl+0x23c/0x400 [ 923.163675][T15377] __x64_sys_ioctl+0x97/0xe0 [ 923.168600][T15377] x64_sys_call+0x1cbc/0x3e20 [ 923.177634][T15377] do_syscall_64+0xd9/0x210 [ 923.182485][T15377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 923.189115][T15377] [ 923.191661][T15377] Bytes 4-150523 of 150524 are uninitialized [ 923.197978][T15377] Memory access of size 150524 starts at ffff88805e700000 [ 923.205496][T15377] [ 923.207949][T15377] CPU: 0 UID: 0 PID: 15377 Comm: syz.2.2975 Not tainted 6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(none) [ 923.220228][T15377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 923.230616][T15377] ===================================================== [ 923.238628][T15377] Disabling lock debugging due to kernel taint [ 923.245130][T15377] Kernel panic - not syncing: kmsan.panic set ... [ 923.251823][T15377] CPU: 0 UID: 0 PID: 15377 Comm: syz.2.2975 Tainted: G B 6.16.0-syzkaller-11568-gd632ab86aff2 #0 PREEMPT(none) [ 923.265654][T15377] Tainted: [B]=BAD_PAGE [ 923.270151][T15377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 923.280630][T15377] Call Trace: [ 923.284059][T15377] [ 923.287105][T15377] __dump_stack+0x26/0x30 [ 923.291681][T15377] dump_stack_lvl+0x53/0x270 [ 923.296641][T15377] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 923.302717][T15377] dump_stack+0x1e/0x25 [ 923.307178][T15377] vpanic+0x361/0xc50 [ 923.311586][T15377] panic+0x15d/0x160 [ 923.315766][T15377] kmsan_report+0x31c/0x320 [ 923.320510][T15377] ? kmsan_internal_check_memory+0x1e1/0x230 [ 923.326726][T15377] ? kmsan_copy_to_user+0xf1/0x190 [ 923.332068][T15377] ? _copy_to_user+0xcc/0x120 [ 923.336996][T15377] ? do_insn_ioctl+0x59c/0x6d0 [ 923.342179][T15377] ? comedi_unlocked_ioctl+0xa5e/0x1f60 [ 923.348068][T15377] ? __se_sys_ioctl+0x23c/0x400 [ 923.353490][T15377] ? __x64_sys_ioctl+0x97/0xe0 [ 923.358466][T15377] ? x64_sys_call+0x1cbc/0x3e20 [ 923.363572][T15377] ? do_syscall_64+0xd9/0x210 [ 923.368481][T15377] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 923.374810][T15377] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 923.381171][T15377] ? kmsan_get_metadata+0xfb/0x160 [ 923.386526][T15377] ? kmsan_get_metadata+0xfb/0x160 [ 923.391872][T15377] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 923.398502][T15377] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 923.404875][T15377] ? irqentry_enter+0x30/0x60 [ 923.409748][T15377] ? sysvec_apic_timer_interrupt+0x52/0x90 [ 923.415989][T15377] ? __pfx_parport_data_reg_insn_bits+0x10/0x10 [ 923.422517][T15377] kmsan_internal_check_memory+0x1e1/0x230 [ 923.428589][T15377] kmsan_copy_to_user+0xf1/0x190 [ 923.433863][T15377] _copy_to_user+0xcc/0x120 [ 923.438636][T15377] do_insn_ioctl+0x59c/0x6d0 [ 923.443511][T15377] comedi_unlocked_ioctl+0xa5e/0x1f60 [ 923.449204][T15377] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 923.455371][T15377] __se_sys_ioctl+0x23c/0x400 [ 923.460368][T15377] __x64_sys_ioctl+0x97/0xe0 [ 923.465191][T15377] x64_sys_call+0x1cbc/0x3e20 [ 923.470208][T15377] do_syscall_64+0xd9/0x210 [ 923.474939][T15377] ? irqentry_exit+0x16/0x60 [ 923.479757][T15377] ? clear_bhb_loop+0x40/0x90 [ 923.484699][T15377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 923.490944][T15377] RIP: 0033:0x7ff8ed58eb69 [ 923.495526][T15377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 923.515372][T15377] RSP: 002b:00007ff8ee3a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 923.524103][T15377] RAX: ffffffffffffffda RBX: 00007ff8ed7b5fa0 RCX: 00007ff8ed58eb69 [ 923.532264][T15377] RDX: 0000200000000000 RSI: 000000008028640c RDI: 0000000000000003 [ 923.540528][T15377] RBP: 00007ff8ed611df1 R08: 0000000000000000 R09: 0000000000000000 [ 923.548676][T15377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 923.557179][T15377] R13: 0000000000000000 R14: 00007ff8ed7b5fa0 R15: 00007ffc26b0bcd8 [ 923.565459][T15377] [ 923.569039][T15377] Kernel Offset: disabled [ 923.573442][T15377] Rebooting in 86400 seconds..